hatter/sign-pdf
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: use pinentry-cli

Browse Source
This commit is contained in:
Hatter Jiang
2024-06-30 20:22:29 +08:00
parent 6c96bb33cd
commit 39fc1baf57
4 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
build.json
View File

@@ -14,7 +14,8 @@
"dependencies": [
"info.picocli:picocli:4.6.1",
"me.hatter:crypto:1.12",
"me.hatter:commons:3.68",
"me.hatter:commons:3.71",
"me.hatter:pinentry-cli-java:1.1",
"org.bouncycastle:bcprov-ext-jdk15on:1.70",
"org.bouncycastle:bcpkix-jdk15on:1.70",
"org.bouncycastle:bcprov-jdk15on:1.70",

4
src/main/java/me/hatter/tool/signpdf/main/SignPdfArgs.java
View File

@@ -21,11 +21,11 @@ public class SignPdfArgs {
String reason;
@CommandLine.Option(names = {"--contact-info"}, description = "Contact info")
String contactInfo;
@CommandLine.Option(names = {"--certs"}, description = "Certification chain")
@CommandLine.Option(names = {"--certs"}, description = "Certifications chain, DEFAULT for default certificates chain")
String certs;
@CommandLine.Option(names = {"--slot"}, description = "Sign key slot")
String slot;
@CommandLine.Option(names = {"--pin"}, description = "Sign key PIN")
@CommandLine.Option(names = {"--pin"}, description = "[Optional] Sign key PIN")
String pin;
@CommandLine.Option(names = {"--key"}, description = "Sign private key")
String key;

2
src/main/java/me/hatter/tool/signpdf/main/SignPdfConstant.java
View File

@@ -2,7 +2,7 @@ package me.hatter.tool.signpdf.main;
public interface SignPdfConstant {
String NAME = "sign-pdf";
String VERSION = "0.1.2";
String VERSION = "0.1.3";
String DEFAULT_CERTS = "-----BEGIN CERTIFICATE-----\n" +
"MIIB+DCCAX6gAwIBAgIVALe/Gyof7wdOqA5Hw+BfxLKsKctUMAoGCCqGSM49BAMC\n" +

7
src/main/java/me/hatter/tool/signpdf/main/SignPdfMain.java
View File

@@ -14,6 +14,7 @@ import me.hatter.tools.commons.log.LogTools;
import me.hatter.tools.commons.security.cert.X509CertUtil;
import me.hatter.tools.commons.security.key.KeyUtil;
import me.hatter.tools.commons.string.StringUtil;
import me.hatter.tools.pinentry.PinEntryTool;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
@@ -86,9 +87,6 @@ public class SignPdfMain {
if (StringUtil.isNotEmpty(signPdfArgs.slot) && StringUtil.isNotEmpty(signPdfArgs.key)) {
throw new JumpOutException("Sign key file and slot cannot both provided.");
}
if (StringUtil.isNotEmpty(signPdfArgs.slot) && StringUtil.isEmpty(signPdfArgs.pin)) {
throw new JumpOutException("PIN cannot be empty");
}
}
private static SignOptions buildSignOptions(SignPdfArgs signPdfArgs) {
@@ -112,7 +110,8 @@ public class SignPdfMain {
final String cardCliCmd = CardCliUtil.getCardCliCmd();
final PivMeta signPivMeta = CardCliUtil.getPivPublicKey(signPdfArgs.slot);
final CardCliPivCustomerSigner cardCliPivCustomerSigner = new CardCliPivCustomerSigner(
signPdfArgs.pin, signPdfArgs.slot, signPivMeta.getAlgorithm(), cardCliCmd);
PinEntryTool.instance().getDefaultPinOrInputWithoutThrows(signPdfArgs.pin),
signPdfArgs.slot, signPivMeta.getAlgorithm(), cardCliCmd);
return cardCliPivCustomerSigner.getContentSigner();
}