hexapdf 0.45.0 → 0.46.0

data/test/hexapdf/digital_signature/common.rb

@@ -12,26 +12,10 @@ module HexaPDF
       def ca_certificate
         @ca_certificate ||=
           begin
-            ca_name = OpenSSL::X509::Name.parse('/C=AT/O=HexaPDF/CN=HexaPDF Test Root CA')
-
-            ca_cert = OpenSSL::X509::Certificate.new
-            ca_cert.serial = 0
-            ca_cert.version = 2
-            ca_cert.not_before = Time.now - 86400
-            ca_cert.not_after = Time.now + 86400
-            ca_cert.public_key = ca_key.public_key
-            ca_cert.subject = ca_name
-            ca_cert.issuer = ca_name
-
-            extension_factory = OpenSSL::X509::ExtensionFactory.new
-            extension_factory.subject_certificate = ca_cert
-            extension_factory.issuer_certificate = ca_cert
-            ca_cert.add_extension(extension_factory.create_extension('subjectKeyIdentifier', 'hash'))
-            ca_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:TRUE', true))
-            ca_cert.add_extension(extension_factory.create_extension('keyUsage', 'cRLSign,keyCertSign', true))
-            ca_cert.sign(ca_key, OpenSSL::Digest.new('SHA1'))
-
-            ca_cert
+            cert = create_cert(name: '/C=AT/O=HexaPDF/CN=HexaPDF Test Root CA', serial: 0,
+                               public_key: ca_key.public_key)
+            add_extensions(cert, cert, ca_key, is_ca: true, key_usage: 'cRLSign,keyCertSign')
+            cert
           end
       end
 
@@ -39,88 +23,86 @@ module HexaPDF
         @signer_key ||= OpenSSL::PKey::RSA.new(2048)
       end
 
-      def dsa_signer_key
-        @dsa_signer_key ||= OpenSSL::PKey::DSA.new(2048)
-      end
-
       def signer_certificate
         @signer_certificate ||=
           begin
-            name = OpenSSL::X509::Name.parse('/CN=RSA signer/DC=gettalong')
-
-            signer_cert = OpenSSL::X509::Certificate.new
-            signer_cert.serial = 2
-            signer_cert.version = 2
-            signer_cert.not_before = Time.now - 86400
-            signer_cert.not_after = Time.now + 86400
-            signer_cert.public_key = signer_key.public_key
-            signer_cert.subject = name
-            signer_cert.issuer = ca_certificate.subject
-
-            extension_factory = OpenSSL::X509::ExtensionFactory.new
-            extension_factory.subject_certificate = signer_cert
-            extension_factory.issuer_certificate = ca_certificate
-            signer_cert.add_extension(extension_factory.create_extension('subjectKeyIdentifier', 'hash'))
-            signer_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:FALSE'))
-            signer_cert.add_extension(extension_factory.create_extension('keyUsage', 'digitalSignature'))
-            signer_cert.sign(ca_key, OpenSSL::Digest.new('SHA1'))
-
-            signer_cert
+            cert = create_cert(name: '/CN=RSA signer/DC=gettalong', serial: 2,
+                               public_key: signer_key.public_key, issuer: ca_certificate)
+            add_extensions(cert, ca_certificate, ca_key, key_usage: 'digitalSignature')
+            cert
+          end
+      end
+
+      def non_repudiation_signer_certificate
+        @non_repudiation_signer_certificate ||=
+          begin
+            cert = create_cert(name: '/CN=Non repudiation signer/DC=gettalong', serial: 2,
+                               public_key: signer_key.public_key, issuer: ca_certificate)
+            add_extensions(cert, ca_certificate, ca_key, key_usage: 'nonRepudiation')
+            cert
           end
       end
 
+      def dsa_signer_key
+        @dsa_signer_key ||= OpenSSL::PKey::DSA.new(2048)
+      end
+
       def dsa_signer_certificate
         @dsa_signer_certificate ||=
           begin
-            signer_cert = OpenSSL::X509::Certificate.new
-            signer_cert.serial = 3
-            signer_cert.version = 2
-            signer_cert.not_before = Time.now - 86400
-            signer_cert.not_after = Time.now + 86400
-            signer_cert.public_key = dsa_signer_key.public_key
-            signer_cert.subject = OpenSSL::X509::Name.parse('/CN=DSA signer/DC=gettalong')
-            signer_cert.issuer = ca_certificate.subject
-
-            extension_factory = OpenSSL::X509::ExtensionFactory.new
-            extension_factory.subject_certificate = signer_cert
-            extension_factory.issuer_certificate = ca_certificate
-            signer_cert.add_extension(extension_factory.create_extension('subjectKeyIdentifier', 'hash'))
-            signer_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:FALSE'))
-            signer_cert.add_extension(extension_factory.create_extension('keyUsage', 'digitalSignature'))
-            signer_cert.sign(ca_key, OpenSSL::Digest.new('SHA1'))
-
-            signer_cert
+            cert = create_cert(name: '/CN=DSA signer/DC=gettalong', serial: 3,
+                               public_key: dsa_signer_key.public_key, issuer: ca_certificate)
+            add_extensions(cert, ca_certificate, ca_key, key_usage: 'digitalSignature')
+            cert
           end
       end
 
       def timestamp_certificate
         @timestamp_certificate ||=
           begin
-            name = OpenSSL::X509::Name.parse('/CN=timestamp/DC=gettalong')
-
-            signer_cert = OpenSSL::X509::Certificate.new
-            signer_cert.serial = 3
-            signer_cert.version = 2
-            signer_cert.not_before = Time.now - 86400
-            signer_cert.not_after = Time.now + 86400
-            signer_cert.public_key = signer_key.public_key
-            signer_cert.subject = name
-            signer_cert.issuer = ca_certificate.subject
-
-            extension_factory = OpenSSL::X509::ExtensionFactory.new
-            extension_factory.subject_certificate = signer_cert
-            extension_factory.issuer_certificate = ca_certificate
-            signer_cert.add_extension(extension_factory.create_extension('subjectKeyIdentifier', 'hash'))
-            signer_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:FALSE'))
-            signer_cert.add_extension(extension_factory.create_extension('keyUsage', 'digitalSignature'))
-            signer_cert.add_extension(extension_factory.create_extension('extendedKeyUsage',
-                                                                         'timeStamping', true))
-            signer_cert.sign(ca_key, OpenSSL::Digest.new('SHA1'))
-
-            signer_cert
+            cert = create_cert(name: '/CN=timestamp/DC=gettalong', serial: 3,
+                               public_key: signer_key.public_key, issuer: ca_certificate)
+            add_extensions(cert, ca_certificate, ca_key, key_usage: 'digitalSignature',
+                           extended_key_usage: 'timeStamping')
+            cert
           end
       end
 
+      def create_cert(name:, serial:, public_key:, issuer: nil)
+        name = OpenSSL::X509::Name.parse(name)
+        cert = OpenSSL::X509::Certificate.new
+        cert.serial = serial
+        cert.version = 2
+        cert.not_before = Time.now - 86400
+        cert.not_after = Time.now + 86400
+        cert.public_key = public_key
+        cert.subject = name
+        cert.issuer = (issuer ? issuer.subject : name)
+        cert
+      end
+
+      def add_extensions(subject_cert, issuer_cert, signing_key, is_ca: false, key_usage: nil,
+                         extended_key_usage: nil)
+        extension_factory = OpenSSL::X509::ExtensionFactory.new
+        extension_factory.subject_certificate = subject_cert
+        extension_factory.issuer_certificate = issuer_cert
+        subject_cert.add_extension(extension_factory.create_extension('subjectKeyIdentifier', 'hash'))
+        if is_ca
+          subject_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:TRUE', true))
+        else
+          subject_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:FALSE'))
+        end
+        if key_usage
+          subject_cert.add_extension(extension_factory.create_extension('keyUsage', key_usage, true))
+        end
+        if extended_key_usage
+          subject_cert.add_extension(extension_factory.create_extension('extendedKeyUsage',
+                                                                        extended_key_usage, true))
+        end
+        subject_cert.sign(signing_key, OpenSSL::Digest.new('SHA1'))
+      end
+      private :add_extensions
+
       def start_tsa_server
         return if defined?(@tsa_server)
         require 'webrick'

data/test/hexapdf/digital_signature/signing/test_default_handler.rb

@@ -133,6 +133,13 @@ describe HexaPDF::DigitalSignature::Signing::DefaultHandler do
       assert_equal(['Reason', 'Location', 'Contact'], @obj.value.values_at(:Reason, :Location, :ContactInfo))
     end
 
+    it "sets the signing time" do
+      time = Time.now
+      @handler.signing_time = time
+      @handler.finalize_objects(@field, @obj)
+      assert_equal(time, @obj[:M])
+    end
+
     it "fills the build properties dictionary with appropriate application information" do
       @handler.finalize_objects(@field, @obj)
       assert_equal(:HexaPDF, @obj[:Prop_Build][:App][:Name])

data/test/hexapdf/digital_signature/signing/test_signed_data_creator.rb

@@ -214,6 +214,15 @@ describe HexaPDF::DigitalSignature::Signing::SignedDataCreator do
         assert_equal(Time.now.utc, attr.value[1].value[0].value)
       end
     end
+
+    it "can use a user-defined time as signing time" do
+      current_time = Time.now
+      @signed_data.signing_time = current_time
+      asn1 = OpenSSL::ASN1.decode(@signed_data.create("data"))
+      attr = asn1.value[1].value[0].value[4].value[0].value[3].value.
+        find {|obj| obj.value[0].value == 'signingTime' }
+      assert_equal(current_time.floor.utc, attr.value[1].value[0].value)
+    end
   end
 
   describe "pades signature" do

data/test/hexapdf/digital_signature/test_cms_handler.rb

@@ -22,7 +22,7 @@ describe HexaPDF::DigitalSignature::CMSHandler do
     assert_equal("RSA signer", @handler.signer_name)
   end
 
-  it "returns the signing time" do
+  it "returns the signing time from the signed attributes" do
     assert_equal(@pkcs7.signers.first.signed_time, @handler.signing_time)
   end
 
@@ -86,6 +86,18 @@ describe HexaPDF::DigitalSignature::CMSHandler do
       assert_match(/key usage is missing 'Digital Signature'/, result.messages.first.content)
     end
 
+    it "provides info for a non-repudiation signature" do
+      @pkcs7 = OpenSSL::PKCS7.sign(CERTIFICATES.non_repudiation_signer_certificate,
+                                   CERTIFICATES.signer_key,
+                                   @data, [CERTIFICATES.ca_certificate],
+                                   OpenSSL::PKCS7::DETACHED)
+      @dict.contents = @pkcs7.to_der
+      @handler = HexaPDF::DigitalSignature::CMSHandler.new(@dict)
+      result = @handler.verify(@store)
+      assert_equal(:info, result.messages.first.type)
+      assert_match(/Certificate used for non-repudiation/, result.messages.first.content)
+    end
+
     it "verifies the signature itself" do
       result = @handler.verify(@store)
       assert_equal(:info, result.messages.last.type)
@@ -117,4 +129,32 @@ describe HexaPDF::DigitalSignature::CMSHandler do
       assert_match(/Signature valid/, result.messages.last.content)
     end
   end
+
+  describe "with embedded TSA signature" do
+    before do
+      CERTIFICATES.start_tsa_server
+      tsh = HexaPDF::DigitalSignature::Signing::TimestampHandler.new(
+        signature_size: 10_000, tsa_url: 'http://127.0.0.1:34567'
+      )
+      cms = HexaPDF::DigitalSignature::Signing::SignedDataCreator.create(
+        @data, type: :pades, certificate: CERTIFICATES.signer_certificate,
+        key: CERTIFICATES.signer_key, timestamp_handler: tsh,
+        certificates: [CERTIFICATES.ca_certificate]
+      )
+      @dict.contents = cms.to_der
+      @dict.signed_data = @data
+      @handler = HexaPDF::DigitalSignature::CMSHandler.new(@dict)
+    end
+
+    it "returns the signing time from the TSA signature" do
+      assert_equal(@handler.embedded_tsa_signature.signers.first.signed_time, @handler.signing_time)
+    end
+
+    it "provides informational output if the time is from a TSA signature" do
+      store = OpenSSL::X509::Store.new
+      result = @handler.verify(store)
+      assert_equal(:info, result.messages.first.type)
+      assert_match(/Signing time.*timestamp authority/, result.messages.first.content)
+    end
+  end
 end

data/test/hexapdf/digital_signature/test_handler.rb

@@ -5,6 +5,7 @@ require 'hexapdf/digital_signature'
 require 'hexapdf/document'
 require 'time'
 require 'ostruct'
+require 'openssl'
 
 describe HexaPDF::DigitalSignature::Handler do
   before do
@@ -36,7 +37,7 @@ describe HexaPDF::DigitalSignature::Handler do
     end
 
     it "can allow self-signed certificates" do
-      [OpenSSL::X509::V_ERR_SELF_SIGNED_CERT_IN_CHAIN,
+      [OpenSSL::X509::V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
        OpenSSL::X509::V_ERR_SELF_SIGNED_CERT_IN_CHAIN].each do |error|
         [true, false].each do |allow_self_signed|
           @result.messages.clear

data/test/hexapdf/document/test_layout.rb

@@ -35,11 +35,11 @@ describe HexaPDF::Document::Layout::ChildrenCollector do
   end
 
   it "allows appending boxes created by the Layout class" do
-    @collector.lorem_ipsum
-    @collector.lorem_ipsum_box
-    @collector.column
-    @collector.column_box
-    assert_equal(4, @collector.children.size)
+    box1 = @collector.lorem_ipsum
+    box2 = @collector.lorem_ipsum_box
+    box3 = @collector.column
+    box4 = @collector.column_box
+    assert_equal([box1, box2, box3, box4], @collector.children)
     assert_kind_of(HexaPDF::Layout::TextBox, @collector.children[0])
     assert_kind_of(HexaPDF::Layout::TextBox, @collector.children[1])
     assert_kind_of(HexaPDF::Layout::ColumnBox, @collector.children[2])
@@ -95,6 +95,11 @@ describe HexaPDF::Document::Layout::CellArgumentCollector do
       @args[-3..-1, -5..-2] = {key: :value}
       check_argument_info(@args.argument_infos.first, 17..19, 5..8, {key: :value})
     end
+
+    it "allows using stepped ranges" do
+      @args[(0..-1).step(2)] = {key: :value}
+      check_argument_info(@args.argument_infos.first, (0..19).step(2), 0..9, {key: :value})
+    end
   end
 
   describe "retrieve_arguments_for" do
@@ -157,6 +162,24 @@ describe HexaPDF::Document::Layout do
     end
   end
 
+  describe "private retrieve_style" do
+    it "resolves a font name to a font wrapper" do
+      style = @layout.send(:retrieve_style, {font: 'Helvetica'})
+      assert_kind_of(HexaPDF::Font::Type1Wrapper, style.font)
+    end
+
+    it "sets the :base style's font if no font is set" do
+      @layout.style(:base, font: 'Helvetica')
+      style = @layout.send(:retrieve_style, {})
+      assert_equal('Helvetica', style.font.wrapped_font.font_name)
+    end
+
+    it "sets the font specified in the config option font.default as fallback" do
+      style = @layout.send(:retrieve_style, {})
+      assert_equal('Times-Roman', style.font.wrapped_font.font_name)
+    end
+  end
+
   describe "inline_box" do
     it "takes a box as argument" do
       box = HexaPDF::Layout::Box.create(width: 10, height: 10)

data/test/hexapdf/layout/test_box.rb

@@ -148,29 +148,36 @@ describe HexaPDF::Layout::Box do
       assert_equal(49.9999996, box.height)
     end
 
-    it "fails if the box doesn't fit, position != :flow and its width is greater than the available width" do
+    it "works for boxes with no space for the content" do
+      box = create_box(height: 1, style: {border: {width: [1, 0, 0]}})
+      assert(box.fit(100, 100, @frame).success?)
+      assert_equal(1, box.height)
+      assert_equal(100, box.width)
+    end
+
+    it "fails if position != :flow and its width is greater than the available width" do
       box = create_box(width: 101)
       assert(box.fit(100, 100, @frame).failure?)
     end
 
-    it "fails if the box doesn't fit, position != :flow and its width is greater than the available width" do
+    it "fails if position != :flow and its width is greater than the available width" do
       box = create_box(height: 101)
       assert(box.fit(100, 100, @frame).failure?)
     end
 
-    it "fails if its content width is zero" do
+    it "fails if position != :flow and the reserved width is greater than the width" do
       box = create_box(height: 100)
       box.style.padding = [0, 100]
       assert(box.fit(150, 150, @frame).failure?)
     end
 
-    it "fails if its content height is zero" do
+    it "fails if position != :flow and the reserved height is greater than the height" do
       box = create_box(width: 100)
       box.style.padding = [100, 0]
       assert(box.fit(150, 150, @frame).failure?)
     end
 
-    it "can use the #content_width/#content_height helper methods" do
+    it "can use the #update_content_width/#update_content_height helper methods" do
       box = create_box
       box.define_singleton_method(:fit_content) do |_aw, _ah, _frame|
         update_content_width { 10 }

data/test/hexapdf/layout/test_frame.rb

@@ -316,10 +316,20 @@ describe HexaPDF::Layout::Frame do
 
     describe "flowing boxes" do
       it "flows inside the frame's outline" do
+        remove_area(:left)
         check_box({width: 10, height: 20, margin: 10, position: :flow},
-                  [0, 90],
+                  [10, 90],
                   [10, 80, 110, 110],
-                  [[[10, 10], [110, 10], [110, 80], [10, 80]]])
+                  [[[20, 10], [110, 10], [110, 80], [20, 80]]])
+        assert_equal(10, @box.fit_result.x)
+      end
+
+      it "doesn't overwrite fit_result.x" do
+        box = HexaPDF::Layout::Box.create(position: :flow) {}
+        box.define_singleton_method(:supports_position_flow?) { true }
+        box.define_singleton_method(:fit_content) {|*args| fit_result.x = 30; super(*args) }
+        fit_result = @frame.fit(box)
+        assert_equal(30, fit_result.x)
       end
 
       it "uses position=default if the box indicates it doesn't support flowing contents" do

data/test/hexapdf/layout/test_inline_box.rb

@@ -23,47 +23,36 @@ describe HexaPDF::Layout::InlineBox do
       ibox = inline_box(box, valign: :top)
       assert_equal(:top, ibox.valign)
     end
-
-    it "fails if the wrapped box has not width set" do
-      box = HexaPDF::Document.new.layout.text("test is not going good")
-      assert_raises(HexaPDF::Error) { inline_box(box) }
-    end
   end
 
   describe "fit_wrapped_box" do
-    it "automatically fits the provided box into the given frame" do
-      ibox = inline_box(HexaPDF::Document.new.layout.text("test is going good", width: 20))
+    it "automatically fits the provided box when given a frame" do
+      ibox = inline_box(HexaPDF::Document.new.layout.text("test is going good", margin: [5, 10]))
       ibox.fit_wrapped_box(HexaPDF::Layout::Frame.new(0, 0, 50, 50))
-      assert_equal(20, ibox.width)
-      assert_equal(45, ibox.height)
-    end
-
-    it "automatically fits the provided box into a custom frame" do
-      ibox = inline_box(HexaPDF::Document.new.layout.text("test is going good", width: 20))
-      ibox.fit_wrapped_box(nil)
-      assert_equal(20, ibox.width)
-      assert_equal(45, ibox.height)
-    end
-
-    it "fails if the wrapped box could not be fit" do
-      box = HexaPDF::Document.new.layout.text("test is not going good", width: 1)
-      assert_raises(HexaPDF::Error) { inline_box(box).fit_wrapped_box(nil) }
+      assert_equal(90.84, ibox.width)
+      assert_equal(19, ibox.height)
+      fit_result = ibox.instance_variable_get(:@fit_result)
+      assert_equal(10, fit_result.x)
+      assert_equal(5, fit_result.y)
+      assert_equal(70.84 + 2 * 10, fit_result.mask.width)
+      assert_equal(9 + 2 * 5, fit_result.mask.height)
     end
 
-    it "fails if the height is not set explicitly and during fitting" do
-      assert_raises(HexaPDF::Error) do
-        inline_box(HexaPDF::Layout::Box.create(width: 10)).fit_wrapped_box(nil)
-      end
+    it "automatically fits the provided box without a given frame" do
+      ibox = inline_box(HexaPDF::Document.new.layout.text("test is going good"))
+      ibox.fit_wrapped_box
+      assert_equal(70.84, ibox.width)
+      assert_equal(9, ibox.height)
     end
   end
 
   it "draws the wrapped box at the correct position" do
     doc = HexaPDF::Document.new
     canvas = doc.pages.add.canvas
-    box = inline_box(doc.layout.text("", width: 20, margin: [15, 10]))
-    box.fit_wrapped_box(nil)
+    box = HexaPDF::Layout::InlineBox.create(width: 10, margin: [15, 10]) {}
+    box.fit_wrapped_box
     box.draw(canvas, 100, 200)
-    assert_equal("q\n1 0 0 1 110 -99785 cm\nQ\n", canvas.contents)
+    assert_equal("q\n1 0 0 1 110 215 cm\nQ\n", canvas.contents)
   end
 
   it "returns true if the inline box is empty with no drawing operations" do

data/test/hexapdf/layout/test_list_box.rb

@@ -65,13 +65,13 @@ describe HexaPDF::Layout::ListBox do
   describe "fit" do
     [:default, :flow].each do |position|
       it "respects the set initial width, position #{position}" do
-        box = create_box(children: @text_boxes[0, 2], width: 50, style: {position: position})
-        check_box(box, 50, 80)
+        box = create_box(children: @text_boxes[0, 2], width: 55, style: {position: position})
+        check_box(box, 55, 80)
       end
 
       it "respects the set initial height, position #{position}" do
-        box = create_box(children: @text_boxes[0, 2], height: 50, style: {position: position})
-        check_box(box, 100, 40)
+        box = create_box(children: @text_boxes[0, 2], height: 55, style: {position: position})
+        check_box(box, 100, 55)
       end
 
       it "respects the set initial height even when it doesn't fit completely" do
@@ -123,7 +123,7 @@ describe HexaPDF::Layout::ListBox do
 
     it "fails if not even a part of the first list item fits" do
       box = create_box(children: @text_boxes[0, 2], height: 5)
-      check_box(box, 100, 0, status: :failure)
+      check_box(box, 100, 5, status: :failure)
     end
 
     it "fails for unknown marker types" do

data/test/hexapdf/layout/test_page_style.rb

@@ -44,8 +44,13 @@ describe HexaPDF::Layout::PageStyle do
 
     it "works when no template is set" do
       style = HexaPDF::Layout::PageStyle.new
-      page = style.create_page(@doc)
-      assert_equal("", page.contents)
+      page1 = style.create_page(@doc)
+      frame1 = style.frame
+      assert_equal("", page1.contents)
+      assert_equal(523.275591, style.frame.width)
+
+      page2 = style.create_page(@doc)
+      refute_same(frame1, style.frame)
     end
 
     it "creates a default frame if none is set beforehand or during template execution" do

data/test/hexapdf/layout/test_text_box.rb

@@ -178,15 +178,12 @@ describe HexaPDF::Layout::TextBox do
       assert_operators(@canvas.contents, [[:save_graphics_state],
                                           [:restore_graphics_state],
                                           [:save_graphics_state],
-                                          [:concatenate_matrix, [1, 0, 0, 1, 5, 10]],
-                                          [:save_graphics_state],
-                                          [:append_rectangle, [0, 0, 10, 10]],
+                                          [:append_rectangle, [5, 10, 10, 10]],
                                           [:clip_path_non_zero],
                                           [:end_path],
-                                          [:append_rectangle, [0.5, 0.5, 9.0, 9.0]],
+                                          [:append_rectangle, [5.5, 10.5, 9.0, 9.0]],
                                           [:stroke_path],
                                           [:restore_graphics_state],
-                                          [:restore_graphics_state],
                                           [:save_graphics_state],
                                           [:restore_graphics_state]])
     end
@@ -195,7 +192,7 @@ describe HexaPDF::Layout::TextBox do
       @frame.remove_area(Geom2D::Rectangle(0, 0, 40, 100))
       box = create_box([@inline_box], style: {position: :flow, border: {width: 1}})
       box.fit(60, 100, @frame)
-      box.draw(@canvas, 0, 88)
+      box.draw(@canvas, 40, 88)
       assert_operators(@canvas.contents, [[:save_graphics_state],
                                           [:append_rectangle, [40, 88, 12, 12]],
                                           [:clip_path_non_zero],
@@ -207,9 +204,6 @@ describe HexaPDF::Layout::TextBox do
                                           [:restore_graphics_state],
                                           [:save_graphics_state],
                                           [:concatenate_matrix, [1, 0, 0, 1, 41, 89]],
-                                          [:save_graphics_state],
-                                          [:concatenate_matrix, [1, 0, 0, 1, 0, 0]],
-                                          [:restore_graphics_state],
                                           [:restore_graphics_state],
                                           [:save_graphics_state],
                                           [:restore_graphics_state]])

data/test/hexapdf/layout/test_text_layouter.rb

@@ -812,11 +812,8 @@ describe HexaPDF::Layout::TextLayouter do
                                           [:restore_graphics_state],
                                           [:save_graphics_state],
                                           [:concatenate_matrix, [1, 0, 0, 1, 10, -40]],
-                                          [:save_graphics_state],
-                                          [:concatenate_matrix, [1, 0, 0, 1, 0, 0]],
                                           [:set_line_width, [2]],
                                           [:restore_graphics_state],
-                                          [:restore_graphics_state],
                                           [:save_graphics_state],
                                           [:restore_graphics_state]])
     end

data/test/hexapdf/test_document.rb

@@ -568,4 +568,31 @@ describe HexaPDF::Document do
   it "can be inspected and the output is not too large" do
     assert_match(/HexaPDF::Document:\d+/, @doc.inspect)
   end
+
+  describe "duplicate" do
+    it "creates an in-memory copy" do
+      doc = HexaPDF::Document.new
+      doc.pages.add.canvas.line_width(10)
+      doc.trailer.info[:Author] = 'HexaPDF'
+      doc.dispatch_message(:complete_objects)
+
+      dupped = doc.duplicate
+      assert_equal('HexaPDF', dupped.trailer.info[:Author])
+      doc.pages[0].canvas.line_cap_style(:round)
+      assert_equal("10 w\n", dupped.pages[0].contents)
+    end
+
+    it "doesn't copy the encryption state" do
+      doc = HexaPDF::Document.new
+      doc.pages.add.canvas.line_width(10)
+      doc.encrypt
+      io = StringIO.new
+      doc.write(io)
+
+      doc = HexaPDF::Document.new(io: io)
+      dupped = doc.duplicate
+      assert_equal("10 w\n", dupped.pages[0].contents)
+      refute(dupped.encrypted?)
+    end
+  end
 end

data/test/hexapdf/test_importer.rb

@@ -47,6 +47,13 @@ describe HexaPDF::Importer do
       refute_same(obj1, obj2)
       refute_same(obj1[:ref], obj2[:ref])
     end
+
+    it "duplicates the whole document" do
+      trailer = HexaPDF::Importer.copy(@dest, @source.trailer, allow_all: true)
+      refute_same(@source.catalog, trailer[:Root])
+      refute_same(@source.pages.root, trailer[:Root][:Pages])
+      assert_equal(90, trailer[:Root][:Pages][:Kids][0][:Rotate])
+    end
   end
 
   describe "import" do
@@ -121,6 +128,16 @@ describe HexaPDF::Importer do
       refute_same(dst_obj.data.stream, src_obj.data.stream)
     end
 
+    it "duplicates the stream if it is a FiberDoubleForString, e.g. when using Canvas" do
+      src_page = @source.pages[0]
+      src_page.canvas.line_width(10)
+      dst_page = @importer.import(src_page)
+      refute_same(dst_page, src_page)
+      refute_same(dst_page[:Contents].data.stream, src_page[:Contents].data.stream)
+      src_page.canvas.line_width(20)
+      assert_equal("10 w\n", dst_page.contents)
+    end
+
     it "does not import objects of type Catalog or Pages" do
       @obj[:catalog] = @source.catalog
       @obj[:pages] = @source.catalog.pages