feat: reflect code
This commit is contained in:
@@ -12,6 +12,7 @@ import me.hatter.tools.commons.security.cert.X509CertUtil;
|
||||
import me.hatter.tools.commons.security.key.KeyUtil;
|
||||
import me.hatter.tools.commons.string.StringUtil;
|
||||
import org.bouncycastle.operator.ContentSigner;
|
||||
import org.bouncycastle.operator.OperatorCreationException;
|
||||
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
|
||||
|
||||
import java.io.File;
|
||||
@@ -26,6 +27,37 @@ public class SignPdfMain {
|
||||
if (signPdfArgs == null) {
|
||||
return;
|
||||
}
|
||||
checkSginPdfArgs(signPdfArgs);
|
||||
|
||||
final SignOptions signOptions = buildSignOptions(signPdfArgs);
|
||||
|
||||
final File inFile = new File(signPdfArgs.in);
|
||||
final File outFile = new File(signPdfArgs.out);
|
||||
|
||||
checkFiles(inFile, outFile);
|
||||
|
||||
final List<X509Certificate> certs = X509CertUtil.parseX509CertificateList(
|
||||
RFile.from(signPdfArgs.certs).string());
|
||||
final X509Certificate[] certificateChain = certs.toArray(new X509Certificate[0]);
|
||||
|
||||
final ContentSigner contentSigner = buildContentSigner(signPdfArgs, certificateChain);
|
||||
final CreateSignature signing = new CreateSignature(certificateChain, contentSigner, signOptions);
|
||||
// signing.setExternalSigning(true);
|
||||
|
||||
final String tsaUrl = StringUtil.def(signOptions.getTsaUrl(), TSAClient.DEFAULT_TSA_URL);
|
||||
signing.signDetached(inFile, outFile, tsaUrl);
|
||||
}
|
||||
|
||||
private static void checkFiles(File inFile, File outFile) {
|
||||
if (!inFile.exists()) {
|
||||
throw new RuntimeException("PDF file in not exists.");
|
||||
}
|
||||
if (outFile.exists()) {
|
||||
throw new RuntimeException("PDF file out exists.");
|
||||
}
|
||||
}
|
||||
|
||||
private static void checkSginPdfArgs(SignPdfArgs signPdfArgs) {
|
||||
if (StringUtil.isEmpty(signPdfArgs.in) || StringUtil.isEmpty(signPdfArgs.out)) {
|
||||
throw new RuntimeException("PDF file in/out cannot be empty.");
|
||||
}
|
||||
@@ -41,45 +73,37 @@ public class SignPdfMain {
|
||||
if (StringUtil.isNotEmpty(signPdfArgs.slot) && StringUtil.isEmpty(signPdfArgs.pin)) {
|
||||
throw new RuntimeException("PIN cannot be empty");
|
||||
}
|
||||
}
|
||||
|
||||
private static SignOptions buildSignOptions(SignPdfArgs signPdfArgs) {
|
||||
final SignOptions signOptions = new SignOptions();
|
||||
signOptions.setName(signPdfArgs.name);
|
||||
signOptions.setLocation(signPdfArgs.location);
|
||||
signOptions.setReason(signPdfArgs.reason);
|
||||
signOptions.setContactInfo(signPdfArgs.contactInfo);
|
||||
return signOptions;
|
||||
}
|
||||
|
||||
final File inFile = new File(signPdfArgs.in);
|
||||
final File outFile = new File(signPdfArgs.out);
|
||||
|
||||
if (!inFile.exists()) {
|
||||
throw new RuntimeException("PDF file in not exists.");
|
||||
}
|
||||
if (outFile.exists()) {
|
||||
throw new RuntimeException("PDF file out exists.");
|
||||
}
|
||||
|
||||
final List<X509Certificate> certs = X509CertUtil.parseX509CertificateList(
|
||||
RFile.from(signPdfArgs.certs).string());
|
||||
final X509Certificate[] certificateChain = certs.toArray(new X509Certificate[0]);
|
||||
|
||||
final ContentSigner contentSigner;
|
||||
private static ContentSigner buildContentSigner(SignPdfArgs signPdfArgs, X509Certificate[] certificateChain) throws OperatorCreationException {
|
||||
if (StringUtil.isNotEmpty(signPdfArgs.key)) {
|
||||
final PrivateKey privateKey = KeyUtil.parsePrivateKeyPEM(
|
||||
RFile.from(signPdfArgs.key).string());
|
||||
final String signatureAlgorithm = SigUtils.getSignatureAlgorithm(certificateChain[0]);
|
||||
contentSigner = new JcaContentSignerBuilder(signatureAlgorithm).build(privateKey);
|
||||
return buildPrivateKeyContentSigner(signPdfArgs, certificateChain);
|
||||
} else {
|
||||
final String cardCliCmd = CardCliUtil.getCardCliCmd();
|
||||
final PivMeta signPivMeta = CardCliUtil.getPivPublicKey(signPdfArgs.slot);
|
||||
final CardCliPivCustomerSigner cardCliPivCustomerSigner = new CardCliPivCustomerSigner(
|
||||
signPdfArgs.pin, signPdfArgs.slot, signPivMeta.getAlgorithm(), cardCliCmd);
|
||||
contentSigner = cardCliPivCustomerSigner.getContentSigner();
|
||||
return buildPivContentSigner(signPdfArgs);
|
||||
}
|
||||
}
|
||||
|
||||
final CreateSignature signing = new CreateSignature(certificateChain, contentSigner, signOptions);
|
||||
// signing.setExternalSigning(true);
|
||||
private static ContentSigner buildPivContentSigner(SignPdfArgs signPdfArgs) {
|
||||
final String cardCliCmd = CardCliUtil.getCardCliCmd();
|
||||
final PivMeta signPivMeta = CardCliUtil.getPivPublicKey(signPdfArgs.slot);
|
||||
final CardCliPivCustomerSigner cardCliPivCustomerSigner = new CardCliPivCustomerSigner(
|
||||
signPdfArgs.pin, signPdfArgs.slot, signPivMeta.getAlgorithm(), cardCliCmd);
|
||||
return cardCliPivCustomerSigner.getContentSigner();
|
||||
}
|
||||
|
||||
final String tsaUrl = StringUtil.def(signOptions.getTsaUrl(), TSAClient.DEFAULT_TSA_URL);
|
||||
signing.signDetached(inFile, outFile, tsaUrl);
|
||||
private static ContentSigner buildPrivateKeyContentSigner(SignPdfArgs signPdfArgs, X509Certificate[] certificateChain) throws OperatorCreationException {
|
||||
final PrivateKey privateKey = KeyUtil.parsePrivateKeyPEM(
|
||||
RFile.from(signPdfArgs.key).string());
|
||||
final String signatureAlgorithm = SigUtils.getSignatureAlgorithm(certificateChain[0]);
|
||||
return new JcaContentSignerBuilder(signatureAlgorithm).build(privateKey);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user