diff --git a/src/app/document/controllers/CertificateSignatureController.php b/src/app/document/controllers/CertificateSignatureController.php
index dc9d44f2c5da428e03313b5d1aa3a65cde4df23f..e44ee5ae9deee57dd94127c0e41817568c825cef 100755
--- a/src/app/document/controllers/CertificateSignatureController.php
+++ b/src/app/document/controllers/CertificateSignatureController.php
@@ -14,12 +14,18 @@
namespace Document\controllers;
+use Docserver\models\AdrModel;
+use Docserver\models\DocserverModel;
+use SrcCore\models\CoreConfigModel;
+
class CertificateSignatureController
{
public static $signatureLength = 30000;
public static function getHashedCertificate(array $args)
{
+ $libDir = CoreConfigModel::getLibrariesDirectory();
+ require_once($libDir . 'SetaPDF-Signer/library/SetaPDF/Autoload.php');
$document = \SetaPDF_Core_Document::loadByString($args['document']);
$signer = new \SetaPDF_Signer($document);
@@ -69,4 +75,89 @@ class CertificateSignatureController
'signatureContentLength' => $signatureContentLength
];
}
+
+ public static function signDocument($args = [])
+ {
+ $libDir = CoreConfigModel::getLibrariesDirectory();
+ require_once($libDir . 'SetaPDF-Signer/library/SetaPDF/Autoload.php');
+ $certificateSignature = \SetaPDF_Core_Type_HexString::hex2str($args['hashSignature']);
+ $signatureContentLength = $args['signatureContentLength'];
+ $certificate = $args['certificate'];
+
+ $adr = AdrModel::getDocumentsAdr([
+ 'select' => ['path', 'filename'],
+ 'where' => ['main_document_id = ?', 'type = ?'],
+ 'data' => [$args['id'], 'ESIGN']
+ ]);
+ $docserver = DocserverModel::getByType(['type' => 'ESIGN', 'select' => ['path']]);
+ $pathToDocument = $docserver['path'] . $adr[0]['path'] . $adr[0]['filename'];
+ $tmpPath = CoreConfigModel::getTmpPath();
+ $signedDocumentPath = $tmpPath . $GLOBALS['id'] . '_' . rand() . '_signedDocument.pdf';
+ $writer = new \SetaPDF_Core_Writer_File($signedDocumentPath);
+ $document = \SetaPDF_Core_Document::loadByFilename($pathToDocument, $writer);
+ $signer = new \SetaPDF_Signer($document);
+
+ // create a module instance
+ $module = new \SetaPDF_Signer_Signature_Module_Pades();
+ // create a certificate instance
+ $certificate = new \SetaPDF_Signer_X509_Certificate($certificate);
+ // pass the user certificate to the module
+ $module->setCertificate($certificate);
+ // setup information resolver manager
+ $informationResolverManager = new \SetaPDF_Signer_InformationResolver_Manager();
+ $informationResolverManager->addResolver(new \SetaPDF_Signer_InformationResolver_HttpCurlResolver());
+ $extraCerts = new \SetaPDF_Signer_X509_Collection();
+
+ $certificates = [$certificate];
+ while (count($certificates) > 0) {
+ $currentCertificate = array_pop($certificates);
+ $aia = $currentCertificate->getExtensions()->get(\SetaPDF_Signer_X509_Extension_AuthorityInformationAccess::OID);
+ if ($aia instanceof \SetaPDF_Signer_X509_Extension_AuthorityInformationAccess) {
+ foreach ($aia->fetchIssuers($informationResolverManager)->getAll() as $issuer) {
+ $extraCerts->add($issuer);
+ $certificates[] = $issuer;
+ }
+ }
+ }
+
+ $module->setExtraCertificates($extraCerts);
+
+ foreach ($extraCerts->getAll() as $extraCert) {
+ $signatureContentLength += (strlen($extraCert->get(\SetaPDF_Signer_X509_Format::DER)) * 2);
+ }
+ $signer->setSignatureContentLength($signatureContentLength);
+
+ // pass the signature to the signature module
+ $module->setSignatureValue($certificateSignature);
+ // get the CMS structur from the signature module
+ $cms = (string)$module->getCms();
+
+ $ts = $certificate->getExtensions()->get(\SetaPDF_Signer_X509_Extension_TimeStamp::OID);
+ if ($ts && $ts->getVersion() === 1 && $ts->requiresAuth() === false) {
+ $tsLocation = $ts->getLocation();
+ }
+
+ if (isset($tsLocation)) {
+ $tsModule = new \SetaPDF_Signer_Timestamp_Module_Rfc3161_Curl($tsLocation);
+ $signer->setTimestampModule($tsModule);
+ $cms = $signer->addTimeStamp($cms, $tmpDocument);
+ }
+
+ $tempPath = \SetaPDF_Core_Writer_TempFile::createTempPath();
+ $tmpDocument = $signer->preSign(
+ new \SetaPDF_Core_Writer_File($tempPath),
+ $module
+ );
+
+ // save the signature to the temporary document
+ $signer->saveSignature($tmpDocument, $cms);
+ try {
+ $signer->saveSignature($tmpDocument, $cms);
+ unlink($tmpDocument->getWriter()->getPath());
+ } catch (\SetaPDF_Signer_Exception_ContentLength $e) {
+ unlink($tmpDocument->getWriter()->getPath());
+ $signatureContentLength = $signatureContentLength + 1000;
+ return ['errors' => 'Not enought space for signature', 'newSignatureLength' => $signatureContentLength];
+ }
+ }
}
diff --git a/src/app/document/controllers/DocumentController.php b/src/app/document/controllers/DocumentController.php
index 44611742e75155812694ca76de0095ce575c5dc3..0e9fb6f990c37ddfe28e25cb4950d440f74c1aea 100755
--- a/src/app/document/controllers/DocumentController.php
+++ b/src/app/document/controllers/DocumentController.php
@@ -659,7 +659,7 @@ class DocumentController
exec("php src/app/convert/scripts/ThumbnailScript.php '{$configPath}' {$args['id']} 'document' '{$GLOBALS['id']}' {$page} > /dev/null &");
}
- if ($workflow['signature_mode'] == 'rgs_2stars' ) {
+ if ($workflow['signature_mode'] == 'rgs_2stars') {
$hashInformations = CertificateSignatureController::getHashedCertificate(['document' => $fileContent, 'certificate' => $body['certificate']]);
return $response->withJson($hashInformations);
}
@@ -767,6 +767,16 @@ class DocumentController
} elseif (DocumentController::ACTIONS[$args['actionId']] == 'REF' && $workflow['mode'] == 'sign') {
DigitalSignatureController::abort(['signatureId' => $workflow['digital_signature_id'], 'documentId' => $args['id']]);
}
+ } elseif ($workflow['signature_mode'] == 'rgs_2stars') {
+ $return = CertificateSignatureController::signDocument([
+ 'id' => $args['id'],
+ 'certificate' => $args['certificate'],
+ 'signatureContentLength' => $args['signatureContentLength'],
+ 'hashSignature' => $args['hashSignature']
+ ]);
+ if (!empty($return['errors'])) {
+ return $response->withStatus(400)->withJson($return);
+ }
}
$set = ['process_date' => 'CURRENT_TIMESTAMP', 'status' => DocumentController::ACTIONS[$args['actionId']]];