hexapdf 0.28.0 → 0.30.0

data/lib/hexapdf/digital_signature.rb

@@ -0,0 +1,56 @@
+# -*- encoding: utf-8; frozen_string_literal: true -*-
+#
+#--
+# This file is part of HexaPDF.
+#
+# HexaPDF - A Versatile PDF Creation and Manipulation Library For Ruby
+# Copyright (C) 2014-2022 Thomas Leitner
+#
+# HexaPDF is free software: you can redistribute it and/or modify it
+# under the terms of the GNU Affero General Public License version 3 as
+# published by the Free Software Foundation with the addition of the
+# following permission added to Section 15 as permitted in Section 7(a):
+# FOR ANY PART OF THE COVERED WORK IN WHICH THE COPYRIGHT IS OWNED BY
+# THOMAS LEITNER, THOMAS LEITNER DISCLAIMS THE WARRANTY OF NON
+# INFRINGEMENT OF THIRD PARTY RIGHTS.
+#
+# HexaPDF is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
+# License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with HexaPDF. If not, see <http://www.gnu.org/licenses/>.
+#
+# The interactive user interfaces in modified source and object code
+# versions of HexaPDF must display Appropriate Legal Notices, as required
+# under Section 5 of the GNU Affero General Public License version 3.
+#
+# In accordance with Section 7(b) of the GNU Affero General Public
+# License, a covered work must retain the producer line in every PDF that
+# is created or manipulated using HexaPDF.
+#
+# If the GNU Affero General Public License doesn't fit your need,
+# commercial licenses are available at <https://gettalong.at/hexapdf/>.
+#++
+
+module HexaPDF
+
+  # PDF documents can be signed using digital signatures. Such a signature can be used to
+  # authenticate the identity of the signer and the contents of the documents.
+  #
+  # This module contains all code related to digital signatures in PDF.
+  #
+  # See: PDF1.7/2.0 s12.8
+  module DigitalSignature
+
+    autoload(:Signatures, 'hexapdf/digital_signature/signatures')
+    autoload(:Signature, "hexapdf/digital_signature/signature")
+    autoload(:Handler, 'hexapdf/digital_signature/handler')
+    autoload(:CMSHandler, "hexapdf/digital_signature/cms_handler")
+    autoload(:PKCS1Handler, "hexapdf/digital_signature/pkcs1_handler")
+    autoload(:VerificationResult, 'hexapdf/digital_signature/verification_result')
+    autoload(:Signing, 'hexapdf/digital_signature/signing')
+
+  end
+end

data/lib/hexapdf/document/pages.rb

@@ -75,28 +75,45 @@ module HexaPDF
         @document.catalog.pages
       end
 
-      # :call-seq:
-      #   pages.add                                     -> new_page
-      #   pages.add(media_box, orientation: :portrait)  -> new_page
-      #   pages.add(page)                               -> page
+      # Creates a page object and returns it *without* adding it to the page tree.
+      #
+      # +media_box+::
+      #     If this argument is +nil+/not specified, the value is taken from the configuration
+      #     option 'page.default_media_box'.
+      #
+      #     If the resulting value is an array with four numbers (specifying the media box), the new
+      #     page will have these exact dimensions.
       #
-      # Adds the page or a new empty page at the end and returns it.
+      #     If the value is a symbol, it is taken as a reference to a pre-defined media box in
+      #     HexaPDF::Type::Page::PAPER_SIZE. The +orientation+ can then be used to specify the page
+      #     orientation.
       #
-      # If no argument is given, a new page with the default dimensions (see configuration option
-      # 'page.default_media_box') is used.
+      # +orientation+::
+      #     If this argument is not specified, it is taken from 'page.default_media_orientation'. It
+      #     is only used if +media_box+ is a symbol and not an array.
+      def create(media_box: nil, orientation: nil)
+        media_box ||= @document.config['page.default_media_box']
+        orientation ||= @document.config['page.default_media_orientation']
+        box = if media_box.kind_of?(Array)
+                media_box
+              else
+                Type::Page.media_box(media_box, orientation: orientation)
+              end
+        @document.add({Type: :Page, MediaBox: box})
+      end
+
+      # :call-seq:
+      #   pages.add                               -> new_page
+      #   pages.add(page)                         -> page
+      #   pages.add(media_box, orientation: nil)  -> new_page
       #
-      # If the single argument is an array with four numbers (specifying the media box), the new
-      # page will have these dimensions.
+      # Adds the given page or a new empty page at the end and returns it.
       #
-      # If the single argument is a symbol, it is taken as referencing a pre-defined media box in
-      # HexaPDF::Type::Page::PAPER_SIZE for the new page. The optional argument +orientation+ can be
-      # used to change the orientation to :landscape if needed.
-      def add(page = nil, orientation: :portrait)
-        if page.kind_of?(Array)
-          page = @document.add({Type: :Page, MediaBox: page})
-        elsif page.kind_of?(Symbol)
-          box = Type::Page.media_box(page, orientation: orientation)
-          page = @document.add({Type: :Page, MediaBox: box})
+      # If called with a page object as argument, that page object is used. Otherwise #create is
+      # called with the arguments +media_box+ and +orientation+ to create a new page.
+      def add(page = nil, orientation: nil)
+        unless page.kind_of?(HexaPDF::Type::Page)
+          page = create(media_box: page, orientation: orientation)
         end
         @document.catalog.pages.add_page(page)
       end

data/lib/hexapdf/document.rb

@@ -52,6 +52,7 @@ require 'hexapdf/importer'
 require 'hexapdf/image_loader'
 require 'hexapdf/font_loader'
 require 'hexapdf/layout'
+require 'hexapdf/digital_signature'
 
 begin
   require 'hexapdf/cext'
@@ -105,7 +106,6 @@ module HexaPDF
     autoload(:Fonts, 'hexapdf/document/fonts')
     autoload(:Images, 'hexapdf/document/images')
     autoload(:Files, 'hexapdf/document/files')
-    autoload(:Signatures, 'hexapdf/document/signatures')
     autoload(:Destinations, 'hexapdf/document/destinations')
     autoload(:Layout, 'hexapdf/document/layout')
 
@@ -152,15 +152,19 @@ module HexaPDF
     #
     # Options:
     #
-    # io:: If an IO object is provided, then this document can read PDF objects from this IO
-    #      object, otherwise it can only contain created PDF objects.
+    # io::
+    #     If an IO object is provided, then this document can read PDF objects from this IO object,
+    #     otherwise it can only contain created PDF objects.
     #
-    # decryption_opts:: A hash with options for decrypting the PDF objects loaded from the IO.
+    # decryption_opts::
+    #     A hash with options for decrypting the PDF objects loaded from the IO. The PDF standard
+    #     security handler expects a :password key to be set to either the user or owner password of
+    #     the PDF file.
     #
-    # config:: A hash with configuration options that is deep-merged into the default configuration
-    #          (see
-    #          HexaPDF::DefaultDocumentConfiguration[../index.html#DefaultDocumentConfiguration],
-    #          meaning that direct sub-hashes are merged instead of overwritten.
+    # config::
+    #     A hash with configuration options that is deep-merged into the default configuration (see
+    #     HexaPDF::DefaultDocumentConfiguration[../index.html#DefaultDocumentConfiguration], meaning
+    #     that direct sub-hashes are merged instead of overwritten.
     def initialize(io: nil, decryption_opts: {}, config: {})
       @config = Configuration.with_defaults(config)
       @version = '1.2'
@@ -585,25 +589,28 @@ module HexaPDF
       acro_form&.signature_flag?(:signatures_exist)
     end
 
-    # Returns an array with the digital signatures of this document.
+    # Returns a DigitalSignature::Signatures object that allows working with the digital signatures
+    # of this document.
     def signatures
-      @signatures ||= Signatures.new(self)
+      @signatures ||= DigitalSignature::Signatures.new(self)
     end
 
     # Signs the document and writes it to the given file or IO object.
     #
     # For details on the arguments +file_or_io+, +signature+ and +write_options+ see
-    # HexaPDF::Document::Signatures#add.
+    # HexaPDF::DigitalSignature::Signatures#add.
     #
     # The signing handler to be used is determined by the +handler+ argument together with the rest
-    # of the keyword arguments (see HexaPDF::Document::Signatures#handler for details).
+    # of the keyword arguments (see HexaPDF::DigitalSignature::Signatures#signing_handler for
+    # details).
     #
-    # If not changed, the default signing handler is HexaPDF::Document::Signatures::DefaultHandler.
+    # If not changed, the default signing handler is
+    # HexaPDF::DigitalSignature::Signing::DefaultHandler.
     #
     # *Note*: Once signing is done the document cannot be changed anymore since it was written. If a
     # document needs to be signed multiple times, it needs to be loaded again after writing.
     def sign(file_or_io, handler: :default, signature: nil, write_options: {}, **handler_options)
-      handler = signatures.handler(name: handler, **handler_options)
+      handler = signatures.signing_handler(name: handler, **handler_options)
       signatures.add(file_or_io, handler, signature: signature, write_options: write_options)
     end
 

data/lib/hexapdf/encryption/standard_security_handler.rb

@@ -97,7 +97,8 @@ module HexaPDF
     # a user is allowed to do with a PDF file.
     #
     # When a user or owner password is specified, a PDF file can only be opened when the correct
-    # password is supplied.
+    # password is supplied. To open such an encrypted PDF file, the +decryption_opts+ provided to
+    # HexaPDF::Document.new needs to contain a :password key with the password.
     #
     # See: PDF1.7 s7.6.3, PDF2.0 s7.6.3
     class StandardSecurityHandler < SecurityHandler
@@ -323,10 +324,10 @@ module HexaPDF
       def prepare_decryption(password: '', check_permissions: true)
         if dict[:Filter] != :Standard
           raise(HexaPDF::UnsupportedEncryptionError,
-                "Invalid /Filter value for standard security handler")
+                "Invalid /Filter value #{dict[:Filter]} for standard security handler")
         elsif ![2, 3, 4, 6].include?(dict[:R])
           raise(HexaPDF::UnsupportedEncryptionError,
-                "Invalid /R value for standard security handler")
+                "Invalid /R value #{dict[:R]} for standard security handler")
         elsif dict[:R] <= 4 && !document.trailer[:ID].kind_of?(PDFArray)
           document.trailer[:ID] = ['', '']
         end

data/lib/hexapdf/type/font_simple.rb

@@ -171,9 +171,21 @@ module HexaPDF
           yield("Required field #{field} is not set", false) if self[field].nil?
         end
 
+        widths = self[:Widths]
         if key?(:Widths) && key?(:LastChar) && key?(:FirstChar) &&
-            self[:Widths].length != (self[:LastChar] - self[:FirstChar] + 1)
-          yield("Invalid number of entries in field Widths", false)
+            widths.length != (self[:LastChar] - self[:FirstChar] + 1)
+          yield("Invalid number of entries in field Widths", true)
+          difference = self[:LastChar] - self[:FirstChar] + 1 - widths.length
+          if difference > 0
+            missing_value = if widths.count(widths[0]) == widths.length
+                              widths[0]
+                            else
+                              self[:FontDescriptor]&.[](:MissingWidth) || 0
+                            end
+            difference.times { widths << missing_value }
+          else
+            widths.slice!(difference, -difference)
+          end
         end
       end
 

data/lib/hexapdf/type.rb

@@ -72,7 +72,6 @@ module HexaPDF
     autoload(:FontType3, 'hexapdf/type/font_type3')
     autoload(:IconFit, 'hexapdf/type/icon_fit')
     autoload(:AcroForm, 'hexapdf/type/acro_form')
-    autoload(:Signature, 'hexapdf/type/signature')
     autoload(:Outline, 'hexapdf/type/outline')
     autoload(:OutlineItem, 'hexapdf/type/outline_item')
     autoload(:PageLabel, 'hexapdf/type/page_label')

data/lib/hexapdf/version.rb

@@ -37,6 +37,6 @@
 module HexaPDF
 
   # The version of HexaPDF.
-  VERSION = '0.28.0'
+  VERSION = '0.30.0'
 
 end

data/test/hexapdf/{type/signature → digital_signature}/common.rb

@@ -6,7 +6,7 @@ module HexaPDF
     class Certificates
 
       def ca_key
-        @ca_key ||= OpenSSL::PKey::RSA.new(512)
+        @ca_key ||= OpenSSL::PKey::RSA.new(2048)
       end
 
       def ca_certificate
@@ -36,13 +36,17 @@ module HexaPDF
       end
 
       def signer_key
-        @signer_key ||= OpenSSL::PKey::RSA.new(512)
+        @signer_key ||= OpenSSL::PKey::RSA.new(2048)
+      end
+
+      def dsa_signer_key
+        @dsa_signer_key ||= OpenSSL::PKey::DSA.new(2048)
       end
 
       def signer_certificate
         @signer_certificate ||=
           begin
-            name = OpenSSL::X509::Name.parse('/CN=signer/DC=gettalong')
+            name = OpenSSL::X509::Name.parse('/CN=RSA signer/DC=gettalong')
 
             signer_cert = OpenSSL::X509::Certificate.new
             signer_cert.serial = 2
@@ -65,6 +69,30 @@ module HexaPDF
           end
       end
 
+      def dsa_signer_certificate
+        @dsa_signer_certificate ||=
+          begin
+            signer_cert = OpenSSL::X509::Certificate.new
+            signer_cert.serial = 3
+            signer_cert.version = 2
+            signer_cert.not_before = Time.now - 86400
+            signer_cert.not_after = Time.now + 86400
+            signer_cert.public_key = dsa_signer_key.public_key
+            signer_cert.subject = OpenSSL::X509::Name.parse('/CN=DSA signer/DC=gettalong')
+            signer_cert.issuer = ca_certificate.subject
+
+            extension_factory = OpenSSL::X509::ExtensionFactory.new
+            extension_factory.subject_certificate = signer_cert
+            extension_factory.issuer_certificate = ca_certificate
+            signer_cert.add_extension(extension_factory.create_extension('subjectKeyIdentifier', 'hash'))
+            signer_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:FALSE'))
+            signer_cert.add_extension(extension_factory.create_extension('keyUsage', 'digitalSignature'))
+            signer_cert.sign(ca_key, OpenSSL::Digest.new('SHA1'))
+
+            signer_cert
+          end
+      end
+
       def timestamp_certificate
         @timestamp_certificate ||=
           begin

data/test/hexapdf/digital_signature/signing/test_default_handler.rb

@@ -0,0 +1,162 @@
+# -*- encoding: utf-8 -*-
+
+require 'test_helper'
+require 'hexapdf/document'
+require_relative '../common'
+
+describe HexaPDF::DigitalSignature::Signing::DefaultHandler do
+  before do
+    @doc = HexaPDF::Document.new
+    @handler = HexaPDF::DigitalSignature::Signing::DefaultHandler.new(
+      certificate: CERTIFICATES.signer_certificate,
+      key: CERTIFICATES.signer_key,
+      certificate_chain: [CERTIFICATES.ca_certificate]
+    )
+  end
+
+  it "defaults to standard CMS signatures" do
+    assert_equal(:cms, @handler.signature_type)
+  end
+
+  it "returns the size of serialized signature" do
+    assert(@handler.signature_size > 1000)
+    @handler.signature_size = 100
+    assert_equal(100, @handler.signature_size)
+  end
+
+  it "allows setting the DocMDP permissions" do
+    assert_nil(@handler.doc_mdp_permissions)
+
+    @handler.doc_mdp_permissions = :no_changes
+    assert_equal(1, @handler.doc_mdp_permissions)
+    @handler.doc_mdp_permissions = 1
+    assert_equal(1, @handler.doc_mdp_permissions)
+
+    @handler.doc_mdp_permissions = :form_filling
+    assert_equal(2, @handler.doc_mdp_permissions)
+    @handler.doc_mdp_permissions = 2
+    assert_equal(2, @handler.doc_mdp_permissions)
+
+    @handler.doc_mdp_permissions = :form_filling_and_annotations
+    assert_equal(3, @handler.doc_mdp_permissions)
+    @handler.doc_mdp_permissions = 3
+    assert_equal(3, @handler.doc_mdp_permissions)
+
+    @handler.doc_mdp_permissions = nil
+    assert_nil(@handler.doc_mdp_permissions)
+
+    assert_raises(ArgumentError) { @handler.doc_mdp_permissions = :other }
+  end
+
+  describe "sign" do
+    it "can sign the data using the provided certificate and key" do
+      data = StringIO.new("data")
+      signed_data = @handler.sign(data, [0, data.string.size, 0, 0])
+
+      pkcs7 = OpenSSL::PKCS7.new(signed_data)
+      assert(pkcs7.detached?)
+      assert_equal([CERTIFICATES.signer_certificate, CERTIFICATES.ca_certificate],
+                   pkcs7.certificates)
+      store = OpenSSL::X509::Store.new
+      store.add_cert(CERTIFICATES.ca_certificate)
+      assert(pkcs7.verify([], store, data.string, OpenSSL::PKCS7::DETACHED | OpenSSL::PKCS7::BINARY))
+    end
+
+    it "can change the used digest algorithm" do
+      @handler.digest_algorithm = 'sha384'
+      asn1 = OpenSSL::ASN1.decode(@handler.sign(StringIO.new('data'), [0, 4, 0, 0]))
+      assert_equal('SHA384', asn1.value[1].value[0].value[1].value[0].value[0].value)
+    end
+
+    it "can embed a timestamp token" do
+      @handler.timestamp_handler = tsh = Object.new
+      tsh.define_singleton_method(:sign) {|_, _| OpenSSL::ASN1::OctetString.new("signed-tsh") }
+      signed = @handler.sign(StringIO.new('data'), [0, 4, 0, 0])
+      asn1 = OpenSSL::ASN1.decode(signed)
+      assert_equal('signed-tsh', asn1.value[1].value[0].value[4].value[0].
+                   value[6].value[0].value[1].value[0].value)
+    end
+
+    it "creates PAdES compatible signatures" do
+      @handler.signature_type = :pades
+      signed = @handler.sign(StringIO.new('data'), [0, 4, 0, 0])
+      asn1 = OpenSSL::ASN1.decode(signed)
+      # check by absence of signing-time signed attribute
+      refute(asn1.value[1].value[0].value[4].value[0].value[3].value.
+             find {|obj| obj.value[0].value == 'signingTime' })
+    end
+
+    it "can use external signing without certificate set" do
+      @handler.certificate = nil
+      @handler.external_signing = proc { "hallo" }
+      assert_equal("hallo", @handler.sign(StringIO.new, [0, 0, 0, 0]))
+    end
+
+    it "can use external signing with certificate set but not the key" do
+      @handler.key = nil
+      @handler.external_signing = proc do |algorithm, _hash|
+        assert_equal('sha256', algorithm)
+        "hallo"
+      end
+      result = @handler.sign(StringIO.new, [0, 0, 0, 0])
+      asn1 = OpenSSL::ASN1.decode(result)
+      assert_equal("hallo", asn1.value[1].value[0].value[4].value[0].value[5].value)
+    end
+  end
+
+  describe "finalize_objects" do
+    before do
+      @field = @doc.wrap({})
+      @obj = @doc.wrap({})
+    end
+
+    it "only sets the mandatory values if no concrete finalization tasks need to be done" do
+      @handler.finalize_objects(@field, @obj)
+      assert(@field.empty?)
+      assert_equal(:'Adobe.PPKLite', @obj[:Filter])
+      assert_equal(:'adbe.pkcs7.detached', @obj[:SubFilter])
+      assert_kind_of(Time, @obj[:M])
+    end
+
+    it "adjust the /SubFilter if signature type is pades" do
+      @handler.signature_type = :pades
+      @handler.finalize_objects(@field, @obj)
+      assert_equal(:'ETSI.CAdES.detached', @obj[:SubFilter])
+    end
+
+    it "sets the reason, location and contact info fields" do
+      @handler.reason = 'Reason'
+      @handler.location = 'Location'
+      @handler.contact_info = 'Contact'
+      @handler.finalize_objects(@field, @obj)
+      assert(@field.empty?)
+      assert_equal(['Reason', 'Location', 'Contact'], @obj.value.values_at(:Reason, :Location, :ContactInfo))
+    end
+
+    it "fills the build properties dictionary with appropriate application information" do
+      @handler.finalize_objects(@field, @obj)
+      assert_equal(:HexaPDF, @obj[:Prop_Build][:App][:Name])
+      assert_equal(HexaPDF::VERSION, @obj[:Prop_Build][:App][:REx])
+    end
+
+    it "applies the specified DocMDP permissions" do
+      @handler.doc_mdp_permissions = :no_changes
+      @handler.finalize_objects(@field, @obj)
+      ref = @obj[:Reference][0]
+      assert_equal(:DocMDP, ref[:TransformMethod])
+      assert_equal(:SHA256, ref[:DigestMethod])
+      assert_equal(1, ref[:TransformParams][:P])
+      assert_equal(:'1.2', ref[:TransformParams][:V])
+      assert_same(@obj, @doc.catalog[:Perms][:DocMDP])
+    end
+
+    it "fails if DocMDP should be set but there is already a signature" do
+      @handler.doc_mdp_permissions = :no_changes
+      2.times do
+        field = @doc.acro_form(create: true).create_signature_field('test')
+        field.field_value = :something
+      end
+      assert_raises(HexaPDF::Error) { @handler.finalize_objects(@field, @obj) }
+    end
+  end
+end