hexapdf 0.19.0 → 0.20.0

data/test/hexapdf/type/signature/test_handler.rb

@@ -0,0 +1,76 @@
+# -*- encoding: utf-8 -*-
+
+require 'test_helper'
+require 'hexapdf/type/signature'
+require 'time'
+require 'ostruct'
+
+describe HexaPDF::Type::Signature::Handler do
+  before do
+    @time = Time.parse("2021-11-14 7:00")
+    @dict = {Name: "handler", M: @time}
+    @handler = HexaPDF::Type::Signature::Handler.new(@dict)
+  end
+
+  it "returns the signer name" do
+    assert_equal("handler", @handler.signer_name)
+  end
+
+  it "returns the signing time" do
+    assert_equal(@time, @handler.signing_time)
+  end
+
+  it "needs an implementation of certificate_chain" do
+    assert_raises(RuntimeError) { @handler.certificate_chain }
+  end
+
+  it "needs an implementation of signer_certificate" do
+    assert_raises(RuntimeError) { @handler.signer_certificate }
+  end
+
+  describe "store_verification_callback" do
+    before do
+      @result = HexaPDF::Type::Signature::VerificationResult.new
+      @context = OpenStruct.new
+    end
+
+    it "can allow self-signed certificates" do
+      [OpenSSL::X509::V_ERR_SELF_SIGNED_CERT_IN_CHAIN,
+       OpenSSL::X509::V_ERR_SELF_SIGNED_CERT_IN_CHAIN].each do |error|
+        [true, false].each do |allow_self_signed|
+          @result.messages.clear
+          @context.error = error
+          @handler.store_verification_callback(@result, allow_self_signed: allow_self_signed).
+            call(false, @context)
+          assert_equal(1, @result.messages.size)
+          assert_match(/self-signed certificate/i, @result.messages[0].content)
+          assert_equal(allow_self_signed ? :info : :error, @result.messages[0].type)
+        end
+      end
+    end
+  end
+
+  it "verifies the signing time" do
+    result = HexaPDF::Type::Signature::VerificationResult.new
+    [
+      [true, '6:00', '8:00'],
+      [false, '7:30', '8:00'],
+      [false, '5:00', '6:00'],
+    ].each do |success, not_before, not_after|
+      result.messages.clear
+      @handler.define_singleton_method(:signer_certificate) do
+        OpenStruct.new.tap do |struct|
+          struct.not_before = Time.parse("2021-11-14 #{not_before}")
+          struct.not_after = Time.parse("2021-11-14 #{not_after}")
+        end
+      end
+      @handler.send(:verify_signing_time, result)
+      if success
+        assert(result.messages.empty?)
+      else
+        assert_equal(1, result.messages.size)
+      end
+      @handler.singleton_class.remove_method(:signer_certificate)
+    end
+  end
+end

data/test/hexapdf/type/signature/test_verification_result.rb

@@ -0,0 +1,47 @@
+# -*- encoding: utf-8 -*-
+
+require 'test_helper'
+require 'hexapdf/type/signature'
+
+describe HexaPDF::Type::Signature::VerificationResult do
+  describe "Message" do
+    it "accepts a type and a content argument on creation" do
+      m = HexaPDF::Type::Signature::VerificationResult::Message.new(:type, 'content')
+      assert_equal(:type, m.type)
+      assert_equal('content', m.content)
+    end
+
+    it "allows sorting by type" do
+      info =  HexaPDF::Type::Signature::VerificationResult::Message.new(:info, 'c')
+      warning = HexaPDF::Type::Signature::VerificationResult::Message.new(:warning, 'c')
+      error = HexaPDF::Type::Signature::VerificationResult::Message.new(:error, 'c')
+      assert_equal([error, warning, info], [info, error, warning].sort)
+    end
+  end
+
+  before do
+    @result = HexaPDF::Type::Signature::VerificationResult.new
+  end
+
+  it "can add new messages" do
+    @result.log(:error, "content")
+    assert_equal(1, @result.messages.size)
+    assert_equal(:error, @result.messages[0].type)
+    assert_equal('content', @result.messages[0].content)
+  end
+
+  it "reports success if no error messages have been logged" do
+    assert(@result.success?)
+    @result.log(:info, 'content')
+    assert(@result.success?)
+    @result.log(:error, 'failure')
+    refute(@result.success?)
+  end
+
+  it "reports failure if there is at least one error message" do
+    @result.log(:info, 'content')
+    refute(@result.failure?)
+    @result.log(:error, 'failure')
+    assert(@result.failure?)
+  end
+end

data/test/hexapdf/type/test_annotation.rb

@@ -25,12 +25,33 @@ describe HexaPDF::Type::Annotation::AppearanceDictionary do
     @ap.delete(:D)
     assert_equal(:n, @ap.down_appearance)
   end
+
+  describe "set_appearance" do
+    it "sets the appearance for the given type" do
+      @ap.set_appearance(1, type: :normal)
+      @ap.set_appearance(2, type: :rollover)
+      @ap.set_appearance(3, type: :down)
+
+      assert_equal(1, @ap.normal_appearance)
+      assert_equal(2, @ap.rollover_appearance)
+      assert_equal(3, @ap.down_appearance)
+    end
+
+    it "respects the provided state name" do
+      @ap.set_appearance(1, state_name: :X)
+      assert_equal(1, @ap.normal_appearance[:X])
+    end
+
+    it "fails if an invalid appearance type is specified" do
+      assert_raises(ArgumentError) { @ap.set_appearance(5, type: :other) }
+    end
+  end
 end
 
 describe HexaPDF::Type::Annotation do
   before do
     @doc = HexaPDF::Document.new
-    @annot = @doc.add({Type: :Annot, F: 0b100011})
+    @annot = @doc.add({Type: :Annot, F: 0b100011, Rect: [10, 10, 110, 60]})
   end
 
   it "must always be indirect" do
@@ -66,7 +87,24 @@ describe HexaPDF::Type::Annotation do
     assert_same(stream.data, @annot.appearance.data)
 
     @annot[:AP][:D] = {X: stream}
-    assert_same(stream.data, @annot.appearance(:down).data)
+    assert_same(stream.data, @annot.appearance(type: :down).data)
+    assert_same(stream.data, @annot.appearance(type: :down, state_name: :X).data)
+  end
+
+  describe "create_appearance" do
+    it "creates the appearance stream directly underneath /AP" do
+      stream = @annot.create_appearance
+      assert_same(stream, @annot.appearance_dict.normal_appearance)
+    end
+
+    it "respects the state name when creating the appearance" do
+      stream = @annot.create_appearance(type: :down, state_name: :X)
+      assert_same(stream, @annot.appearance_dict.down_appearance[:X])
+
+      @annot[:AS] = :X
+      stream = @annot.create_appearance(type: :down)
+      assert_same(stream, @annot.appearance_dict.down_appearance[:X])
+    end
   end
 
   describe "flags" do

data/test/hexapdf/type/test_font.rb

@@ -64,4 +64,8 @@ describe HexaPDF::Type::Font do
       assert_equal(5, @font.font_file)
     end
   end
+
+  it "returns the glyph scaling factor" do
+    assert_equal(0.001, @font.glyph_scaling_factor)
+  end
 end

data/test/hexapdf/type/test_font_simple.rb

@@ -25,7 +25,7 @@ describe HexaPDF::Type::FontSimple do
   describe "encoding" do
     it "fails if /Encoding is absent because encoding_from_font is not implemented" do
       @font.delete(:Encoding)
-      assert_raises(NotImplementedError) { @font.encoding }
+      assert_raises(RuntimeError) { @font.encoding }
     end
 
     describe "/Encoding is a name" do
@@ -35,7 +35,7 @@ describe HexaPDF::Type::FontSimple do
 
       it "fails if /Encoding is an invalid name because encoding_from_font is not implemented" do
         @font[:Encoding] = :SomethingUnknown
-        assert_raises(NotImplementedError) { @font.encoding }
+        assert_raises(RuntimeError) { @font.encoding }
       end
     end
 
@@ -47,12 +47,12 @@ describe HexaPDF::Type::FontSimple do
       describe "no /BaseEncoding is specified" do
         it "fails if the font is embedded because encoding_from_font is not implemented" do
           @font[:FontDescriptor][:FontFile] = 5
-          assert_raises(NotImplementedError) { @font.encoding }
+          assert_raises(RuntimeError) { @font.encoding }
         end
 
         it "fails for a symbolic non-embedded font because encoding_from_font is not implemented" do
           @font[:FontDescriptor].flag(:symbolic, clear_existing: true)
-          assert_raises(NotImplementedError) { @font.encoding }
+          assert_raises(RuntimeError) { @font.encoding }
         end
 
         it "returns the StandardEncoding for a non-symbolic non-embedded font" do
@@ -68,7 +68,7 @@ describe HexaPDF::Type::FontSimple do
 
       it "fails if /BaseEncoding is invalid because encoding_from_font is not implemented" do
         @font[:Encoding] = {BaseEncoding: :SomethingUnknown}
-        assert_raises(NotImplementedError) { @font.encoding }
+        assert_raises(RuntimeError) { @font.encoding }
       end
 
       it "returns a difference encoding if /Differences is specified" do

data/test/hexapdf/type/test_font_type3.rb

@@ -9,10 +9,25 @@ describe HexaPDF::Type::FontType3 do
     @doc = HexaPDF::Document.new
     @font = @doc.add({Type: :Font, Subtype: :Type3, Encoding: :WinAnsiEncoding,
                       FirstChar: 32, LastChar: 34, Widths: [600, 0, 700],
-                      FontBBox: [0, 0, 100, 100], FontMatrix: [1, 0, 0, 1, 0, 0],
+                      FontBBox: [0, 100, 100, 0], FontMatrix: [0.002, 0, 0, 0.002, 0, 0],
                       CharProcs: {}})
   end
 
+  describe "bounding_box" do
+    it "returns the font's bounding box" do
+      assert_equal([0, 0, 100, 100], @font.bounding_box)
+    end
+
+    it "inverts the y-values if necessary based on /FontMatrix" do
+      @font[:FontMatrix][3] *= -1
+      assert_equal([0, -100, 100, 0], @font.bounding_box)
+    end
+  end
+
+  it "returns the glyph scaling factor" do
+    assert_equal(0.002, @font.glyph_scaling_factor)
+  end
+
   describe "validation" do
     it "works for valid objects" do
       assert(@font.validate)

data/test/hexapdf/type/test_object_stream.rb

@@ -104,6 +104,15 @@ describe HexaPDF::Type::ObjectStream do
       assert_equal(0, @obj.value[:First])
       assert_equal("", @obj.stream)
     end
+
+    it "doesn't allow signature dictionaries to be compressed" do
+      @obj.add_object(HexaPDF::Dictionary.new({Type: :Sig}, oid: 1))
+      @obj.add_object(HexaPDF::Dictionary.new({Type: :DocTimeStamp}, oid: 2))
+      @obj.add_object(HexaPDF::Dictionary.new({ByteRange: [], Contents: ''}, oid: 3))
+      @obj.write_objects(@revision)
+      assert_equal(0, @obj.value[:N])
+      assert_equal("", @obj.stream)
+    end
   end
 
   it "fails validation if gen != 0" do

data/test/hexapdf/type/test_signature.rb

@@ -0,0 +1,131 @@
+# -*- encoding: utf-8 -*-
+
+require 'test_helper'
+require 'hexapdf/document'
+require 'hexapdf/type/signature'
+require_relative 'signature/common'
+require 'stringio'
+
+describe HexaPDF::Type::Signature::TransformParams do
+  before do
+    @doc = HexaPDF::Document.new
+    @params = @doc.add({Type: :TransformParams})
+  end
+
+  describe "validation" do
+    it "checks the /Annots field for valid values" do
+      @params[:Annots] = [:Create, :Other, :Delete, :Other, :New]
+      refute(@params.validate(auto_correct: false))
+      @params.validate
+      assert_equal([:Create, :Delete], @params[:Annots].value)
+    end
+
+    it "checks the /Form field for valid values" do
+      @params[:Form] = [:Add, :Other, :Delete, :Other, :New]
+      refute(@params.validate(auto_correct: false))
+      @params.validate
+      assert_equal([:Add, :Delete], @params[:Form].value)
+    end
+
+    it "checks the /EF field for valid values" do
+      @params[:EF] = [:Create, :Other, :Delete, :Other, :New]
+      refute(@params.validate(auto_correct: false))
+      @params.validate
+      assert_equal([:Create, :Delete], @params[:EF].value)
+    end
+  end
+end
+
+describe HexaPDF::Type::Signature::SignatureReference do
+  before do
+    @doc = HexaPDF::Document.new
+    @sigref = @doc.add({Type: :SigRef})
+  end
+
+  describe "validation" do
+    it "checks the existence of the /Data field for FieldMDP transforms" do
+      @sigref[:TransformMethod] = :FieldMDP
+      refute(@sigref.validate)
+      @sigref[:Data] = HexaPDF::Object.new('data', oid: 1)
+      assert(@sigref.validate)
+    end
+  end
+end
+
+describe HexaPDF::Type::Signature do
+  before do
+    @doc = HexaPDF::Document.new
+    @sig = @doc.add({Type: :Sig, Filter: :'Adobe.PPKLite', SubFilter: :'ETSI.CAdES.detached'})
+
+    @pdf_data = 'Some data'
+    @pkcs7 = OpenSSL::PKCS7.sign(CERTIFICATES.signer_certificate, CERTIFICATES.signer_key,
+                                 @pdf_data, [CERTIFICATES.ca_certificate],
+                                 OpenSSL::PKCS7::DETACHED)
+    @sig[:Contents] = @pkcs7.to_der
+  end
+
+  it "returns the signer name" do
+    assert_equal('signer', @sig.signer_name)
+  end
+
+  it "returns the signing time" do
+    assert_equal(@sig.signature_handler.signing_time, @sig.signing_time)
+  end
+
+  it "returns the signing reason" do
+    @sig[:Reason] = 'reason'
+    assert_equal('reason', @sig.signing_reason)
+  end
+
+  it "returns the signing location" do
+    @sig[:Location] = 'location'
+    assert_equal('location', @sig.signing_location)
+  end
+
+  it "returns the signature type" do
+    assert_equal('ETSI.CAdES.detached', @sig.signature_type)
+  end
+
+  describe "signature_handler" do
+    it "returns the signature handler" do
+      assert_kind_of(HexaPDF::Type::Signature::Handler, @sig.signature_handler)
+    end
+
+    it "fails if the required handler is not available" do
+      @sig[:SubFilter] = :Unknown
+      assert_raises(HexaPDF::Error) { @sig.signature_handler }
+    end
+  end
+
+  it "returns the signature contents" do
+    @sig[:Contents] = 'hallo'
+    assert_equal('hallo', @sig.contents)
+  end
+
+  describe "signed_data" do
+    it "reads the specified portions of the document" do
+      io = StringIO.new(MINIMAL_PDF)
+      doc = HexaPDF::Document.new(io: io)
+      @sig.document = doc
+      @sig[:ByteRange] = [0, 400, 500, 333]
+      assert_equal((MINIMAL_PDF[0, 400] << MINIMAL_PDF[500, 333]).b, @sig.signed_data)
+    end
+
+    it "fails if the document isn't associated with an existing PDF file" do
+      assert_raises(HexaPDF::Error) { @sig.signed_data }
+    end
+  end
+
+  it "invokes the signature handler for verification" do
+    handler = Object.new
+    store, kwargs = nil
+    handler.define_singleton_method(:verify) do |in_store, in_kwargs|
+      store, kwargs = in_store, in_kwargs
+      :result
+    end
+    @sig.define_singleton_method(:signature_handler) { handler }
+    assert_equal(:result, @sig.verify(allow_self_signed: true))
+    assert_kind_of(OpenSSL::X509::Store, store)
+    assert(kwargs[:allow_self_signed])
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hexapdf
 version: !ruby/object:Gem::Version
-  version: 0.19.0
+  version: 0.20.0
 platform: ruby
 authors:
 - Thomas Leitner
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-11-24 00:00:00.000000000 Z
+date: 2021-12-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cmdparse
@@ -124,6 +124,11 @@ files:
 - data/hexapdf/afm/Times-Italic.afm
 - data/hexapdf/afm/Times-Roman.afm
 - data/hexapdf/afm/ZapfDingbats.afm
+- data/hexapdf/cert/demo_cert.rb
+- data/hexapdf/cert/root-ca.crt
+- data/hexapdf/cert/signing.crt
+- data/hexapdf/cert/signing.key
+- data/hexapdf/cert/sub-ca.crt
 - data/hexapdf/cmap/83pv-RKSJ-H
 - data/hexapdf/cmap/90ms-RKSJ-H
 - data/hexapdf/cmap/90ms-RKSJ-V
@@ -254,6 +259,7 @@ files:
 - lib/hexapdf/document/fonts.rb
 - lib/hexapdf/document/images.rb
 - lib/hexapdf/document/pages.rb
+- lib/hexapdf/document/signatures.rb
 - lib/hexapdf/encryption.rb
 - lib/hexapdf/encryption/aes.rb
 - lib/hexapdf/encryption/arc4.rb
@@ -396,6 +402,11 @@ files:
 - lib/hexapdf/type/page.rb
 - lib/hexapdf/type/page_tree_node.rb
 - lib/hexapdf/type/resources.rb
+- lib/hexapdf/type/signature.rb
+- lib/hexapdf/type/signature/adbe_pkcs7_detached.rb
+- lib/hexapdf/type/signature/adbe_x509_rsa_sha1.rb
+- lib/hexapdf/type/signature/handler.rb
+- lib/hexapdf/type/signature/verification_result.rb
 - lib/hexapdf/type/trailer.rb
 - lib/hexapdf/type/viewer_preferences.rb
 - lib/hexapdf/type/xref_stream.rb
@@ -434,36 +445,6 @@ files:
 - test/data/aes-test-vectors/CBCVarTxt-192-encrypt.data.gz
 - test/data/aes-test-vectors/CBCVarTxt-256-decrypt.data.gz
 - test/data/aes-test-vectors/CBCVarTxt-256-encrypt.data.gz
-- test/data/cert/create.sh
-- test/data/cert/root-ca/certs/84E66B6F4C359E741C0AFA014790DF39.pem
-- test/data/cert/root-ca/certs/84E66B6F4C359E741C0AFA014790DF3A.pem
-- test/data/cert/root-ca/db/crlnumber
-- test/data/cert/root-ca/db/index
-- test/data/cert/root-ca/db/index.attr
-- test/data/cert/root-ca/db/index.attr.old
-- test/data/cert/root-ca/db/index.old
-- test/data/cert/root-ca/db/serial
-- test/data/cert/root-ca/db/serial.old
-- test/data/cert/root-ca/private/root-ca.key
-- test/data/cert/root-ca/root-ca.conf
-- test/data/cert/root-ca/root-ca.crt
-- test/data/cert/root-ca/root-ca.csr
-- test/data/cert/signature-1-pkcs7-detached.pdf
-- test/data/cert/sub-ca/certs/453FF080E3EDCD6A388D5368DFC320D9.pem
-- test/data/cert/sub-ca/db/crlnumber
-- test/data/cert/sub-ca/db/index
-- test/data/cert/sub-ca/db/index.attr
-- test/data/cert/sub-ca/db/index.old
-- test/data/cert/sub-ca/db/serial
-- test/data/cert/sub-ca/db/serial.old
-- test/data/cert/sub-ca/private/signing.key
-- test/data/cert/sub-ca/private/sub-ca.key
-- test/data/cert/sub-ca/signing.crt
-- test/data/cert/sub-ca/signing.csr
-- test/data/cert/sub-ca/signing.p12
-- test/data/cert/sub-ca/sub-ca.conf
-- test/data/cert/sub-ca/sub-ca.crt
-- test/data/cert/sub-ca/sub-ca.csr
 - test/data/fonts/Ubuntu-Title.ttf
 - test/data/images/cmyk.jpg
 - test/data/images/fillbytes.jpg
@@ -527,6 +508,7 @@ files:
 - test/hexapdf/document/test_fonts.rb
 - test/hexapdf/document/test_images.rb
 - test/hexapdf/document/test_pages.rb
+- test/hexapdf/document/test_signatures.rb
 - test/hexapdf/encryption/common.rb
 - test/hexapdf/encryption/test_aes.rb
 - test/hexapdf/encryption/test_arc4.rb
@@ -635,6 +617,11 @@ files:
 - test/hexapdf/type/annotations/test_markup_annotation.rb
 - test/hexapdf/type/annotations/test_text.rb
 - test/hexapdf/type/annotations/test_widget.rb
+- test/hexapdf/type/signature/common.rb
+- test/hexapdf/type/signature/test_adbe_pkcs7_detached.rb
+- test/hexapdf/type/signature/test_adbe_x509_rsa_sha1.rb
+- test/hexapdf/type/signature/test_handler.rb
+- test/hexapdf/type/signature/test_verification_result.rb
 - test/hexapdf/type/test_annotation.rb
 - test/hexapdf/type/test_catalog.rb
 - test/hexapdf/type/test_cid_font.rb
@@ -653,6 +640,7 @@ files:
 - test/hexapdf/type/test_page.rb
 - test/hexapdf/type/test_page_tree_node.rb
 - test/hexapdf/type/test_resources.rb
+- test/hexapdf/type/test_signature.rb
 - test/hexapdf/type/test_trailer.rb
 - test/hexapdf/type/test_xref_stream.rb
 - test/hexapdf/utils/test_bit_field.rb
@@ -683,7 +671,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
+rubygems_version: 3.2.32
 signing_key: 
 specification_version: 4
 summary: HexaPDF - A Versatile PDF Creation and Manipulation Library For Ruby