Skip to content
Snippets Groups Projects
Verified Commit fb5f9fef authored by Florian Azizian's avatar Florian Azizian
Browse files

FIX #14565 TIME 0:00 Sign document with certificate

parent 048fc96f
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/app/document/controllers/CertificateSignatureController.php
+ 91
0
View file @ fb5f9fef
...@@ -14,12 +14,18 @@ ...@@ -14,12 +14,18 @@
namespace Document\controllers; namespace Document\controllers;
use Docserver\models\AdrModel;
use Docserver\models\DocserverModel;
use SrcCore\models\CoreConfigModel;
class CertificateSignatureController class CertificateSignatureController
{ {
public static $signatureLength = 30000; public static $signatureLength = 30000;
public static function getHashedCertificate(array $args) public static function getHashedCertificate(array $args)
{ {
$libDir = CoreConfigModel::getLibrariesDirectory();
require_once($libDir . 'SetaPDF-Signer/library/SetaPDF/Autoload.php');
$document = \SetaPDF_Core_Document::loadByString($args['document']); $document = \SetaPDF_Core_Document::loadByString($args['document']);
$signer = new \SetaPDF_Signer($document); $signer = new \SetaPDF_Signer($document);
...@@ -69,4 +75,89 @@ class CertificateSignatureController ...@@ -69,4 +75,89 @@ class CertificateSignatureController
'signatureContentLength' => $signatureContentLength 'signatureContentLength' => $signatureContentLength
]; ];
} }
public static function signDocument($args = [])
{
$libDir = CoreConfigModel::getLibrariesDirectory();
require_once($libDir . 'SetaPDF-Signer/library/SetaPDF/Autoload.php');
$certificateSignature = \SetaPDF_Core_Type_HexString::hex2str($args['hashSignature']);
$signatureContentLength = $args['signatureContentLength'];
$certificate = $args['certificate'];
$adr = AdrModel::getDocumentsAdr([
'select' => ['path', 'filename'],
'where' => ['main_document_id = ?', 'type = ?'],
'data' => [$args['id'], 'ESIGN']
]);
$docserver = DocserverModel::getByType(['type' => 'ESIGN', 'select' => ['path']]);
$pathToDocument = $docserver['path'] . $adr[0]['path'] . $adr[0]['filename'];
$tmpPath = CoreConfigModel::getTmpPath();
$signedDocumentPath = $tmpPath . $GLOBALS['id'] . '_' . rand() . '_signedDocument.pdf';
$writer = new \SetaPDF_Core_Writer_File($signedDocumentPath);
$document = \SetaPDF_Core_Document::loadByFilename($pathToDocument, $writer);
$signer = new \SetaPDF_Signer($document);
// create a module instance
$module = new \SetaPDF_Signer_Signature_Module_Pades();
// create a certificate instance
$certificate = new \SetaPDF_Signer_X509_Certificate($certificate);
// pass the user certificate to the module
$module->setCertificate($certificate);
// setup information resolver manager
$informationResolverManager = new \SetaPDF_Signer_InformationResolver_Manager();
$informationResolverManager->addResolver(new \SetaPDF_Signer_InformationResolver_HttpCurlResolver());
$extraCerts = new \SetaPDF_Signer_X509_Collection();
$certificates = [$certificate];
while (count($certificates) > 0) {
$currentCertificate = array_pop($certificates);
$aia = $currentCertificate->getExtensions()->get(\SetaPDF_Signer_X509_Extension_AuthorityInformationAccess::OID);
if ($aia instanceof \SetaPDF_Signer_X509_Extension_AuthorityInformationAccess) {
foreach ($aia->fetchIssuers($informationResolverManager)->getAll() as $issuer) {
$extraCerts->add($issuer);
$certificates[] = $issuer;
}
}
}
$module->setExtraCertificates($extraCerts);
foreach ($extraCerts->getAll() as $extraCert) {
$signatureContentLength += (strlen($extraCert->get(\SetaPDF_Signer_X509_Format::DER)) * 2);
}
$signer->setSignatureContentLength($signatureContentLength);
// pass the signature to the signature module
$module->setSignatureValue($certificateSignature);
// get the CMS structur from the signature module
$cms = (string)$module->getCms();
$ts = $certificate->getExtensions()->get(\SetaPDF_Signer_X509_Extension_TimeStamp::OID);
if ($ts && $ts->getVersion() === 1 && $ts->requiresAuth() === false) {
$tsLocation = $ts->getLocation();
}
if (isset($tsLocation)) {
$tsModule = new \SetaPDF_Signer_Timestamp_Module_Rfc3161_Curl($tsLocation);
$signer->setTimestampModule($tsModule);
$cms = $signer->addTimeStamp($cms, $tmpDocument);
}
$tempPath = \SetaPDF_Core_Writer_TempFile::createTempPath();
$tmpDocument = $signer->preSign(
new \SetaPDF_Core_Writer_File($tempPath),
$module
);
// save the signature to the temporary document
$signer->saveSignature($tmpDocument, $cms);
try {
$signer->saveSignature($tmpDocument, $cms);
unlink($tmpDocument->getWriter()->getPath());
} catch (\SetaPDF_Signer_Exception_ContentLength $e) {
unlink($tmpDocument->getWriter()->getPath());
$signatureContentLength = $signatureContentLength + 1000;
return ['errors' => 'Not enought space for signature', 'newSignatureLength' => $signatureContentLength];
}
}
} }
src/app/document/controllers/DocumentController.php
+ 11
1
View file @ fb5f9fef
...@@ -659,7 +659,7 @@ class DocumentController ...@@ -659,7 +659,7 @@ class DocumentController
exec("php src/app/convert/scripts/ThumbnailScript.php '{$configPath}' {$args['id']} 'document' '{$GLOBALS['id']}' {$page} > /dev/null &"); exec("php src/app/convert/scripts/ThumbnailScript.php '{$configPath}' {$args['id']} 'document' '{$GLOBALS['id']}' {$page} > /dev/null &");
} }
if ($workflow['signature_mode'] == 'rgs_2stars' ) { if ($workflow['signature_mode'] == 'rgs_2stars') {
$hashInformations = CertificateSignatureController::getHashedCertificate(['document' => $fileContent, 'certificate' => $body['certificate']]); $hashInformations = CertificateSignatureController::getHashedCertificate(['document' => $fileContent, 'certificate' => $body['certificate']]);
return $response->withJson($hashInformations); return $response->withJson($hashInformations);
} }
...@@ -767,6 +767,16 @@ class DocumentController ...@@ -767,6 +767,16 @@ class DocumentController
} elseif (DocumentController::ACTIONS[$args['actionId']] == 'REF' && $workflow['mode'] == 'sign') { } elseif (DocumentController::ACTIONS[$args['actionId']] == 'REF' && $workflow['mode'] == 'sign') {
DigitalSignatureController::abort(['signatureId' => $workflow['digital_signature_id'], 'documentId' => $args['id']]); DigitalSignatureController::abort(['signatureId' => $workflow['digital_signature_id'], 'documentId' => $args['id']]);
} }
} elseif ($workflow['signature_mode'] == 'rgs_2stars') {
$return = CertificateSignatureController::signDocument([
'id' => $args['id'],
'certificate' => $args['certificate'],
'signatureContentLength' => $args['signatureContentLength'],
'hashSignature' => $args['hashSignature']
]);
if (!empty($return['errors'])) {
return $response->withStatus(400)->withJson($return);
}
} }
$set = ['process_date' => 'CURRENT_TIMESTAMP', 'status' => DocumentController::ACTIONS[$args['actionId']]]; $set = ['process_date' => 'CURRENT_TIMESTAMP', 'status' => DocumentController::ACTIONS[$args['actionId']]];
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment