From d9c8becff0ad349ffb13a8abf55f71c1fa7ed2b5 Mon Sep 17 00:00:00 2001 From: Hatter Jiang Date: Tue, 31 Oct 2023 07:25:00 +0800 Subject: [PATCH] feat: reflect code --- .../hatter/tool/signpdf/main/SignPdfMain.java | 80 ++++++++++++------- 1 file changed, 52 insertions(+), 28 deletions(-) diff --git a/src/main/java/me/hatter/tool/signpdf/main/SignPdfMain.java b/src/main/java/me/hatter/tool/signpdf/main/SignPdfMain.java index 58fe715..f1fbe4d 100644 --- a/src/main/java/me/hatter/tool/signpdf/main/SignPdfMain.java +++ b/src/main/java/me/hatter/tool/signpdf/main/SignPdfMain.java @@ -12,6 +12,7 @@ import me.hatter.tools.commons.security.cert.X509CertUtil; import me.hatter.tools.commons.security.key.KeyUtil; import me.hatter.tools.commons.string.StringUtil; import org.bouncycastle.operator.ContentSigner; +import org.bouncycastle.operator.OperatorCreationException; import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; import java.io.File; @@ -26,6 +27,37 @@ public class SignPdfMain { if (signPdfArgs == null) { return; } + checkSginPdfArgs(signPdfArgs); + + final SignOptions signOptions = buildSignOptions(signPdfArgs); + + final File inFile = new File(signPdfArgs.in); + final File outFile = new File(signPdfArgs.out); + + checkFiles(inFile, outFile); + + final List certs = X509CertUtil.parseX509CertificateList( + RFile.from(signPdfArgs.certs).string()); + final X509Certificate[] certificateChain = certs.toArray(new X509Certificate[0]); + + final ContentSigner contentSigner = buildContentSigner(signPdfArgs, certificateChain); + final CreateSignature signing = new CreateSignature(certificateChain, contentSigner, signOptions); + // signing.setExternalSigning(true); + + final String tsaUrl = StringUtil.def(signOptions.getTsaUrl(), TSAClient.DEFAULT_TSA_URL); + signing.signDetached(inFile, outFile, tsaUrl); + } + + private static void checkFiles(File inFile, File outFile) { + if (!inFile.exists()) { + throw new RuntimeException("PDF file in not exists."); + } + if (outFile.exists()) { + throw new RuntimeException("PDF file out exists."); + } + } + + private static void checkSginPdfArgs(SignPdfArgs signPdfArgs) { if (StringUtil.isEmpty(signPdfArgs.in) || StringUtil.isEmpty(signPdfArgs.out)) { throw new RuntimeException("PDF file in/out cannot be empty."); } @@ -41,45 +73,37 @@ public class SignPdfMain { if (StringUtil.isNotEmpty(signPdfArgs.slot) && StringUtil.isEmpty(signPdfArgs.pin)) { throw new RuntimeException("PIN cannot be empty"); } + } + private static SignOptions buildSignOptions(SignPdfArgs signPdfArgs) { final SignOptions signOptions = new SignOptions(); signOptions.setName(signPdfArgs.name); signOptions.setLocation(signPdfArgs.location); signOptions.setReason(signPdfArgs.reason); signOptions.setContactInfo(signPdfArgs.contactInfo); + return signOptions; + } - final File inFile = new File(signPdfArgs.in); - final File outFile = new File(signPdfArgs.out); - - if (!inFile.exists()) { - throw new RuntimeException("PDF file in not exists."); - } - if (outFile.exists()) { - throw new RuntimeException("PDF file out exists."); - } - - final List certs = X509CertUtil.parseX509CertificateList( - RFile.from(signPdfArgs.certs).string()); - final X509Certificate[] certificateChain = certs.toArray(new X509Certificate[0]); - - final ContentSigner contentSigner; + private static ContentSigner buildContentSigner(SignPdfArgs signPdfArgs, X509Certificate[] certificateChain) throws OperatorCreationException { if (StringUtil.isNotEmpty(signPdfArgs.key)) { - final PrivateKey privateKey = KeyUtil.parsePrivateKeyPEM( - RFile.from(signPdfArgs.key).string()); - final String signatureAlgorithm = SigUtils.getSignatureAlgorithm(certificateChain[0]); - contentSigner = new JcaContentSignerBuilder(signatureAlgorithm).build(privateKey); + return buildPrivateKeyContentSigner(signPdfArgs, certificateChain); } else { - final String cardCliCmd = CardCliUtil.getCardCliCmd(); - final PivMeta signPivMeta = CardCliUtil.getPivPublicKey(signPdfArgs.slot); - final CardCliPivCustomerSigner cardCliPivCustomerSigner = new CardCliPivCustomerSigner( - signPdfArgs.pin, signPdfArgs.slot, signPivMeta.getAlgorithm(), cardCliCmd); - contentSigner = cardCliPivCustomerSigner.getContentSigner(); + return buildPivContentSigner(signPdfArgs); } + } - final CreateSignature signing = new CreateSignature(certificateChain, contentSigner, signOptions); - // signing.setExternalSigning(true); + private static ContentSigner buildPivContentSigner(SignPdfArgs signPdfArgs) { + final String cardCliCmd = CardCliUtil.getCardCliCmd(); + final PivMeta signPivMeta = CardCliUtil.getPivPublicKey(signPdfArgs.slot); + final CardCliPivCustomerSigner cardCliPivCustomerSigner = new CardCliPivCustomerSigner( + signPdfArgs.pin, signPdfArgs.slot, signPivMeta.getAlgorithm(), cardCliCmd); + return cardCliPivCustomerSigner.getContentSigner(); + } - final String tsaUrl = StringUtil.def(signOptions.getTsaUrl(), TSAClient.DEFAULT_TSA_URL); - signing.signDetached(inFile, outFile, tsaUrl); + private static ContentSigner buildPrivateKeyContentSigner(SignPdfArgs signPdfArgs, X509Certificate[] certificateChain) throws OperatorCreationException { + final PrivateKey privateKey = KeyUtil.parsePrivateKeyPEM( + RFile.from(signPdfArgs.key).string()); + final String signatureAlgorithm = SigUtils.getSignatureAlgorithm(certificateChain[0]); + return new JcaContentSignerBuilder(signatureAlgorithm).build(privateKey); } }