From 15c1a4715be0d358d4449c77bd71aa7eb926fe54 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 12 Jan 2023 16:55:34 +0100 Subject: feat(sigblock): validate signature-profile information provided by QR-code placeholder Issue: #64 --- .../pdfbox2/configuration/ProfileValidator.java | 59 +++++++++++----------- .../impl/signing/pdfbox2/PADESPDFBOXSigner.java | 38 +++++++------- 2 files changed, 49 insertions(+), 48 deletions(-) (limited to 'pdf-as-pdfbox-2/src/main/java/at/gv/egiz/pdfas') diff --git a/pdf-as-pdfbox-2/src/main/java/at/gv/egiz/pdfas/lib/impl/pdfbox2/configuration/ProfileValidator.java b/pdf-as-pdfbox-2/src/main/java/at/gv/egiz/pdfas/lib/impl/pdfbox2/configuration/ProfileValidator.java index 1c57605b..ee828705 100644 --- a/pdf-as-pdfbox-2/src/main/java/at/gv/egiz/pdfas/lib/impl/pdfbox2/configuration/ProfileValidator.java +++ b/pdf-as-pdfbox-2/src/main/java/at/gv/egiz/pdfas/lib/impl/pdfbox2/configuration/ProfileValidator.java @@ -1,5 +1,20 @@ package at.gv.egiz.pdfas.lib.impl.pdfbox2.configuration; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.util.ArrayList; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +import org.apache.pdfbox.pdmodel.PDDocument; +import org.apache.pdfbox.pdmodel.PDPage; +import org.apache.pdfbox.pdmodel.common.PDRectangle; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.pdfas.common.exceptions.PDFASError; import at.gv.egiz.pdfas.common.exceptions.PdfAsSettingsValidationException; import at.gv.egiz.pdfas.common.settings.ISettings; import at.gv.egiz.pdfas.common.settings.SignatureProfileSettings; @@ -11,19 +26,6 @@ import at.gv.egiz.pdfas.lib.impl.status.OperationStatus; import iaik.asn1.ObjectID; import iaik.asn1.structures.Name; import iaik.x509.X509Certificate; -import org.apache.pdfbox.pdmodel.PDDocument; -import org.apache.pdfbox.pdmodel.PDPage; -import org.apache.pdfbox.pdmodel.common.PDRectangle; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.util.ArrayList; -import java.util.HashSet; -import java.util.Iterator; -import java.util.Set; public class ProfileValidator implements ConfigurationValidator{ @@ -82,23 +84,20 @@ public class ProfileValidator implements ConfigurationValidator{ } - for(String id:profileIds){ - SignatureProfileSettings profileSetting = new SignatureProfileSettings(id, settings); - profileSettings.add(profileSetting); - if(profileSetting.getValue("isvisible")!=null){ - if(profileSetting.getValue("isvisible").equals("false")){ - continue; - } - } - /*Table t; - try { - t = TableFactory.createSigTable(profileSetting, "main", opState, certProvider); - new PDFBoxTable(t, null, settings, pdfBoxObject); - } catch (Exception e) { - logger.info("Configuration Validation for profile "+id+" failed!"); - throw new PdfAsSettingsValidationException("Configuration Validation for profile "+id+" failed!", e); - }*/ - } + for(String id:profileIds){ + try { + SignatureProfileSettings profileSetting = new SignatureProfileSettings(id, settings); + profileSettings.add(profileSetting); + if(profileSetting.getValue("isvisible")!=null){ + if(profileSetting.getValue("isvisible").equals("false")){ + continue; + } + } + } catch (PDFASError e) { + logger.error("Find suspect signature-profile configuration. Ignore it", e); + + } + } } @Override diff --git a/pdf-as-pdfbox-2/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox2/PADESPDFBOXSigner.java b/pdf-as-pdfbox-2/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox2/PADESPDFBOXSigner.java index c6499bc9..ef1f14b2 100644 --- a/pdf-as-pdfbox-2/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox2/PADESPDFBOXSigner.java +++ b/pdf-as-pdfbox-2/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox2/PADESPDFBOXSigner.java @@ -40,9 +40,7 @@ import javax.activation.DataSource; import org.apache.commons.io.IOUtils; import org.apache.pdfbox.cos.COSArray; -import org.apache.pdfbox.cos.COSBase; import org.apache.pdfbox.cos.COSDictionary; -import org.apache.pdfbox.cos.COSDocument; import org.apache.pdfbox.cos.COSInteger; import org.apache.pdfbox.cos.COSName; import org.apache.pdfbox.cos.COSString; @@ -148,8 +146,7 @@ public class PADESPDFBOXSigner implements IPdfSigner, IConfigurationConstants { String pdfaVersion = null; PDDocument doc = null; - final SignatureOptions options = new SignatureOptions(); - COSDocument visualSignatureDocumentGuard = null; + SignatureOptions options = new SignatureOptions(); try { doc = pdfObject.getDocument(); @@ -221,8 +218,8 @@ public class PADESPDFBOXSigner implements IPdfSigner, IConfigurationConstants { logger.debug("Placeholder Position set to: " + tablePos.toString()); } } - final SignatureProfileSettings signatureProfileSettings = TableFactory - .createProfile(requestedSignature.getSignatureProfileID(), pdfObject.getStatus().getSettings()); + final SignatureProfileSettings signatureProfileSettings = TableFactory.createProfile( + requestedSignature.getSignatureProfileID(), pdfObject.getStatus().getSettings()); // Check if input document is PDF-A conform if (signatureProfileSettings.isPDFA()) { @@ -404,7 +401,6 @@ public class PADESPDFBOXSigner implements IPdfSigner, IConfigurationConstants { if (signatureProfileSettings.isPDFA() || signatureProfileSettings.isPDFA3()) { final PDDocumentCatalog root = doc.getDocumentCatalog(); - final COSBase base = root.getCOSObject().getItem(COSName.OUTPUT_INTENTS); InputStream colorProfile = null; // colorProfile = this.getClass().getResourceAsStream("/icm/sRGB.icm"); @@ -434,8 +430,6 @@ public class PADESPDFBOXSigner implements IPdfSigner, IConfigurationConstants { options.setVisualSignature(properties.getVisibleSignature()); } - visualSignatureDocumentGuard = options.getVisualSignature(); - doc.addSignature(signature, signer, options); if (sigFieldName == null) { @@ -648,17 +642,10 @@ public class PADESPDFBOXSigner implements IPdfSigner, IConfigurationConstants { } } catch (final IOException e1) { - e1.printStackTrace(); - } + logger.error("Can not save incremental update", e1); - finally { - if (options != null) { - if (options.getVisualSignature() != null) { - options.getVisualSignature().close(); - } - } } - + System.gc(); logger.debug("Signature done!"); @@ -666,7 +653,22 @@ public class PADESPDFBOXSigner implements IPdfSigner, IConfigurationConstants { logger.warn(MessageResolver.resolveMessage("error.pdf.sig.01"), e); throw new PdfAsException("error.pdf.sig.01", e); + } catch (PDFASError e2) { + logger.warn(e2.getInfo()); + throw new PdfAsException("error.pdf.sig.01", e2); + } finally { + if (options != null) { + if (options.getVisualSignature() != null) { + try { + options.getVisualSignature().close(); + options.close(); + } catch (IOException e) { + logger.debug("Failed to close VisualSignature!", e); + } + } + } + if (doc != null) { try { doc.close(); -- cgit v1.2.3