Merge pull request #4 from agelostsal/tl-ts

ET-29 TL source trust source

Jenkinsfile

@@ -0,0 +1,50 @@
+
+pipeline {
+    agent none
+    options {
+        checkoutToSubdirectory('gr.grnet.eseal')
+        newContainerPerStage()
+    }
+    environment {
+        PROJECT_DIR='gr.grnet.eseal'
+    }
+    stages {
+        stage('Library Testing & Packaging') {
+            agent {
+                docker {
+                    image 'argo.registry:5000/epel-7-java18'
+                    args '-u jenkins:jenkins'
+                }
+            }
+            steps {
+                echo 'Eseal library Packaging & Testing' 
+                sh """
+                mvn clean package cobertura:cobertura -Dcobertura.report.format=xml -f ${PROJECT_DIR}/eseal/pom.xml
+                """
+                junit '**/target/surefire-reports/*.xml'
+                cobertura coberturaReportFile: '**/target/site/cobertura/coverage.xml'
+            }
+            post {
+                always {
+                    cleanWs()
+                }
+            }
+        }
+    }
+    post {
+        success {
+            script{
+                if ( env.BRANCH_NAME == 'master' || env.BRANCH_NAME == 'devel' ) {
+                    slackSend( message: ":rocket: New version for <$BUILD_URL|$PROJECT_DIR>:$BRANCH_NAME Job: $JOB_NAME !")
+                }
+            }
+        }
+        failure {
+            script{
+                if ( env.BRANCH_NAME == 'master' || env.BRANCH_NAME == 'devel' ) {
+                    slackSend( message: ":rain_cloud: Build Failed for <$BUILD_URL|$PROJECT_DIR>:$BRANCH_NAME Job: $JOB_NAME")
+                }
+            }
+        }
+    }
+}

README.md

@@ -1,2 +1,112 @@
 # gr.grnet.eseal
 E-signature library
+
+### PDF Validation using an X509 certificate
+
+```java
+import gr.grnet.eseal.PDFValidator;
+import gr.grnet.eseal.ValidationLevel;
+import gr.grnet.eseal.ValidationReport;
+import gr.grnet.eseal.X509CertificateTrustSource;
+
+public class Example 
+{
+    public static void main( String[] args ) {
+
+        // Initialise the pdf validator from a file source
+        PDFValidator pdf = new PDFValidator("/path/to/pdf/file");
+
+
+        try {
+
+            // Initialise the x509 trust source from a file source
+            X509CertificateTrustSource x509CertificateTrustSource = new X509CertificateTrustSource("/path/to/cert");
+
+            // Validate the document based on the provided trust source(x509 cert) and the validation severity
+            ValidationReport r =  pdf.validate(ValidationLevel.BASIC_SIGNATURES, x509CertificateTrustSource);
+
+            // get the result of the validation process
+            System.out.println(r.getValidationResult());
+
+        } catch (Exception e) {
+            System.out.println(e.getMessage());
+        }
+    }
+}
+```
+
+### PDF Validation using a Java trustore
+
+```java
+import gr.grnet.eseal.KeyStoreType;
+import gr.grnet.eseal.KeystoreTrustSource;
+import gr.grnet.eseal.PDFValidator;
+import gr.grnet.eseal.ValidationReport;
+import gr.grnet.eseal.ValidationLevel;
+
+public class Example2
+{
+    public static void main( String[] args ) {
+
+        // Initialise the pdf validator from a file source
+        PDFValidator pdf = new PDFValidator("/path/to/pdf");
+
+
+        try {
+
+            String keystorePath = "/path/to/trustore";
+            String password = "eseal12345";
+
+            // Initialise the trustore trust source from a file source
+            KeystoreTrustSource keystoreTrustSource = new KeystoreTrustSource(keystorePath, password, KeyStoreType.JKS);
+
+            // Validate the document based on the provided trust source(trustore) and the validation severity
+            ValidationReport r =  pdf.validate(ValidationLevel.BASIC_SIGNATURES, keystoreTrustSource);
+
+            // get the result of the validation process
+            System.out.println(r.getValidationResult());
+
+        } catch (Exception e) {
+            System.out.println(e.getMessage());
+        }
+    }
+}
+
+```
+
+### PDF Validation using a Trusted List
+
+```java
+import gr.grnet.eseal.PDFValidator;
+import gr.grnet.eseal.TLTrustSource;
+import gr.grnet.eseal.ValidationLevel;
+import gr.grnet.eseal.ValidationReport;
+import gr.grnet.eseal.TrustedListURL;
+
+public class Example3 {
+
+    public static void main( String[] args ) {
+
+        // Initialise the pdf validator from a file source
+        PDFValidator pdf = new PDFValidator("/path/to/pdf");
+
+
+        try {
+
+             // Initialise the trusted list source with the greek trusted list( https://www.eett.gr/tsl/EL-TSL.xml)
+            TLTrustSource tlTrustSource = new TLTrustSource(TrustedListURL.GREECE);
+
+            // Validate the document based on the provided trust source(trusted list) and the validation severity
+            ValidationReport r =  pdf.validate(ValidationLevel.BASIC_SIGNATURES, tlTrustSource);
+
+            // get the result of the validation process
+            System.out.println(r.getValidationResult());
+
+        } catch (Exception e) {
+            System.out.println(e.getMessage());
+        }
+    }
+}
+
+```
+

eseal/.gitignore

@@ -0,0 +1,4 @@
+*.iml
+/target/
+dependency-reduced-pom.xml
+.idea

eseal/pom.xml

@@ -0,0 +1,108 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>gr.grnet.eseal</groupId>
+    <artifactId>eseal</artifactId>
+    <packaging>jar</packaging>
+    <version>0.1</version>
+    <name>eseal</name>
+    <description> A wrapper library for the DSS framework</description>
+    <url>http://maven.apache.org</url>
+
+    <properties>
+        <!-- https://maven.apache.org/general.html#encoding-warning -->
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <maven.compiler.source>1.8</maven.compiler.source>
+        <maven.compiler.target>1.8</maven.compiler.target>
+    </properties>
+
+
+    <dependencies>
+        <!-- https://mvnrepository.com/artifact/junit/junit -->
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>4.13</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.hamcrest</groupId>
+            <artifactId>hamcrest-all</artifactId>
+            <version>1.3</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>eu.europa.ec.joinup.sd-dss</groupId>
+            <artifactId>dss-tsl-validation</artifactId>
+            <version>5.7</version>
+        </dependency>
+        <dependency>
+            <groupId>eu.europa.ec.joinup.sd-dss</groupId>
+            <artifactId>dss-pades</artifactId>
+            <version>5.7</version>
+        </dependency>
+        <dependency>
+            <groupId>eu.europa.ec.joinup.sd-dss</groupId>
+            <artifactId>dss-pades-pdfbox</artifactId>
+            <version>5.7</version>
+        </dependency>
+        <dependency>
+            <groupId>eu.europa.ec.joinup.sd-dss</groupId>
+            <artifactId>dss-utils-apache-commons</artifactId>
+            <version>5.7</version>
+        </dependency>
+        <dependency>
+            <groupId>eu.europa.ec.joinup.sd-dss</groupId>
+            <artifactId>dss-model</artifactId>
+            <version>5.7</version>
+        </dependency>
+        <dependency>
+            <groupId>eu.europa.ec.joinup.sd-dss</groupId>
+            <artifactId>dss-service</artifactId>
+            <version>5.7</version>
+        </dependency>
+    </dependencies>
+
+    <repositories>
+        <repository>
+            <id>cefdigital</id>
+            <name>cefdigital</name>
+            <url>https://ec.europa.eu/cefdigital/artifact/content/repositories/esignaturedss/</url>
+        </repository>
+    </repositories>
+
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-shade-plugin</artifactId>
+                <version>3.2.0</version>
+                <executions>
+                    <!-- Attach the shade into the package phase -->
+                    <execution>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>shade</goal>
+                        </goals>
+                        <configuration>
+                            <filters>
+                                <filter>
+                                    <!-- Do not copy the signatures in the META-INF folder. Otherwise,
+                                        this might cause SecurityExceptions when using the JAR. -->
+                                    <artifact>*:*</artifact>
+                                    <excludes>
+                                        <exclude>META-INF/*.SF</exclude>
+                                        <exclude>META-INF/*.DSA</exclude>
+                                        <exclude>META-INF/*.RSA</exclude>
+                                        <exclude>META-INF/*.DES</exclude>
+                                    </excludes>
+                                </filter>
+                            </filters>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+</project>

eseal/src/main/java/gr/grnet/eseal/KeyStoreType.java

@@ -0,0 +1,9 @@
+package gr.grnet.eseal;
+
+public enum KeyStoreType {
+    JKS,
+    PKCS12;
+
+    private KeyStoreType() {
+    }
+}

eseal/src/main/java/gr/grnet/eseal/KeystoreTrustSource.java

@@ -0,0 +1,54 @@
+package gr.grnet.eseal;
+
+import eu.europa.esig.dss.spi.x509.CommonTrustedCertificateSource;
+import eu.europa.esig.dss.spi.x509.KeyStoreCertificateSource;
+import java.io.File;
+import java.io.IOException;
+
+/**
+ * <p>
+ *     Trust source that will be supplied to the pdf validation process based on a Java keystore.
+ * </p>
+ */
+public class KeystoreTrustSource {
+
+    private KeyStoreCertificateSource truststore;
+    private CommonTrustedCertificateSource commonTrustedCertificateSource;
+
+    /** Creates a keystore trust source validator from the given keystore(path to keystore).
+     * @param filepath path to the keystore file.
+     * @param password password for the keystore
+     * @param type of the keystore
+     */
+    public KeystoreTrustSource(String filepath, String password, KeyStoreType type) throws IOException{
+        this.truststore = new KeyStoreCertificateSource(filepath, type.name(), password);
+        this.buildSource();
+    }
+
+    /** Creates a keystore trust source validator from the given keystore(path to keystore).
+     * @param file representing the keystore file.
+     * @param password password for the keystore
+     * @param type of the keystore
+     */
+    public KeystoreTrustSource(File file, String password, KeyStoreType type) throws IOException{
+        this.truststore = new KeyStoreCertificateSource(file, type.name(), password);
+        this.buildSource();
+    }
+
+    /**
+     * Builds the dss common trusted certificate source with the present keystore
+     */
+    private void buildSource() {
+        this.commonTrustedCertificateSource = new CommonTrustedCertificateSource();
+        this.commonTrustedCertificateSource.importAsTrusted(this.truststore);
+    }
+
+    public CommonTrustedCertificateSource getCommonTrustedCertificateSource() {
+        return commonTrustedCertificateSource;
+    }
+
+    public KeyStoreCertificateSource getTruststore() {
+        return truststore;
+    }
+}
+