From 64b487bb36fea1ddbfadb63edb7e425803eece74 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 3 Apr 2024 14:18:18 +0200 Subject: cie-middleware-linux: 1.5.0 -> 1.5.2 --- .../security/cie-middleware-linux/default.nix | 41 +-- .../cie-middleware-linux/use-system-podofo.patch | 343 +++++++++++++++++++++ 2 files changed, 352 insertions(+), 32 deletions(-) create mode 100644 pkgs/tools/security/cie-middleware-linux/use-system-podofo.patch diff --git a/pkgs/tools/security/cie-middleware-linux/default.nix b/pkgs/tools/security/cie-middleware-linux/default.nix index 9982da5ae8966..d882959150945 100644 --- a/pkgs/tools/security/cie-middleware-linux/default.nix +++ b/pkgs/tools/security/cie-middleware-linux/default.nix @@ -1,13 +1,12 @@ { stdenv , lib , fetchFromGitHub -, fetchpatch , makeWrapper -, strip-nondeterminism +, stripJavaArchivesHook , meson , ninja , pkg-config -, gradle_7 +, gradle_8 , curl , cryptopp , fontconfig @@ -21,16 +20,16 @@ let pname = "cie-middleware-linux"; - version = "1.5.0"; + version = "1.5.2"; src = fetchFromGitHub { owner = "M0rf30"; repo = pname; rev = version; - sha256 = "sha256-Z8K2Ibg5bBfSql5HEapKgdfiCf/EIKTTD15oVeysQGk="; + sha256 = "sha256-M3Xwg3G2ZZhPRV7uhFVXQPyvuuY4zI5Z+D/Dt26KVM0="; }; - gradle = gradle_7; + gradle = gradle_8; # Shared libraries needed by the Java application libraries = lib.makeLibraryPath [ ghostscript ]; @@ -45,7 +44,6 @@ let buildPhase = '' # Run the fetchDeps task export GRADLE_USER_HOME=$(mktemp -d) - ls -l gradle --no-daemon -b cie-java/build.gradle fetchDeps ''; @@ -62,7 +60,7 @@ let outputHashAlgo = "sha256"; outputHashMode = "recursive"; - outputHash = "sha256-jtaH8dBpnx8KMJe+jzJfkvcx1NO4nL5jsRO4+GI+d0c="; + outputHash = "sha256-fxrjo4iduXzTgMqmQGwdI1vLMA4EZLObsHyKGZ6b14I="; }; in @@ -72,44 +70,31 @@ stdenv.mkDerivation { hardeningDisable = [ "format" ]; - outputs = [ "out" "dev" ]; - nativeBuildInputs = [ makeWrapper + stripJavaArchivesHook meson ninja pkg-config gradle - strip-nondeterminism ]; buildInputs = [ cryptopp fontconfig - podofo.dev + podofo openssl pcsclite curl libxml2 ]; - patches = [ - # Fix gcc-13 build by adding missing include. - (fetchpatch { - name = "gcc-13.patch"; - url = "https://github.com/M0Rf30/cie-middleware-linux/commit/1da1196152f7a3bbe92ba3ce993ebb6785ff049e.patch"; - hash = "sha256-aM23A1ZX8kebgX6RXVS78SEa+to93glUmIYO+lfUzfg="; - }) - ]; + patches = [ ./use-system-podofo.patch ]; postPatch = '' # substitute the cieid command with this $out/bin/cieid substituteInPlace libs/pkcs11/src/CSP/AbilitaCIE.cpp \ --replace 'file = "cieid"' 'file = "'$out'/bin/cieid"' - - # revert https://github.com/M0Rf30/cie-middleware-linux/commit/1a389d8 - sed -i libs/meson.build \ - -e "s@podofo_dep = .\+@podofo_dep = dependency('libpodofo')@g" ''; # Note: we use pushd/popd to juggle between the @@ -159,14 +144,6 @@ stdenv.mkDerivation { install -Dm644 LICENSE "$out/share/licenses/cieid/LICENSE" ''; - postFixup = '' - # Move static libraries to the dev output - mv -t "$dev/lib" "$out/lib/"*.a - - # Make the jar deterministic (mainly, sorting its files) - strip-nondeterminism "$out/share/cieid/cieid.jar" - ''; - passthru = { inherit javaDeps; }; meta = with lib; { diff --git a/pkgs/tools/security/cie-middleware-linux/use-system-podofo.patch b/pkgs/tools/security/cie-middleware-linux/use-system-podofo.patch new file mode 100644 index 0000000000000..52806d4f96e8c --- /dev/null +++ b/pkgs/tools/security/cie-middleware-linux/use-system-podofo.patch @@ -0,0 +1,343 @@ +commit c9ac4243a6def08790bbf5552bb31894169596ca +Author: rnhmjoj +Date: Wed Apr 3 12:54:58 2024 +0200 + + use system podofo + +diff --git a/libs/meson.build b/libs/meson.build +index 3ee31c1..5022ba8 100644 +--- a/libs/meson.build ++++ b/libs/meson.build +@@ -16,21 +16,15 @@ curl_dep = dependency('libcurl') + fontconfig_dep = dependency('fontconfig') + freetype_dep = dependency('freetype2') + png_dep = dependency('libpng') +-podofo_dep = cpp.find_library('libpodofo', dirs: libdir) ++podofo_dep = dependency('libpodofo') + libxml2_dep = dependency('libxml-2.0', required: false) + xml2_dep = dependency('xml2', required: false) + zlib_dep = dependency('zlib') + + inc_so = include_directories('pkcs11/src/.', 'shared/src/') + +-inc_a = include_directories( +- 'sign-sdk/include', +- 'sign-sdk/include/podofo', +- 'sign-sdk/include/podofo/include', +- 'sign-sdk/include/podofo/include/podofo', +- 'sign-sdk/src', +- 'shared/src/', +-) ++inc_a = include_directories('sign-sdk/include', 'sign-sdk/src', 'shared/src/') ++ + cie_pkcs11_sources = [ + 'shared/src/Util/log.cpp', + 'shared/src/Util/funccallinfo.cpp', +diff --git a/libs/sign-sdk/include/PdfSignatureGenerator.h b/libs/sign-sdk/include/PdfSignatureGenerator.h +index 93ab445..65d438f 100644 +--- a/libs/sign-sdk/include/PdfSignatureGenerator.h ++++ b/libs/sign-sdk/include/PdfSignatureGenerator.h +@@ -10,9 +10,7 @@ + #ifndef _PDFSIGNATUREGENERATOR_H_ + #define _PDFSIGNATUREGENERATOR_H_ + #include "Util/UUCByteArray.h" +-#include "podofo/doc/PdfSignOutputDevice.h" +-#include "podofo/doc/PdfSignatureField.h" +-#include "podofo/podofo.h" ++#include + + using namespace PoDoFo; + using namespace std; +@@ -60,7 +58,11 @@ class PdfSignatureGenerator { + const double getHeight(int pageIndex); + + private: +- PdfMemDocument* m_pPdfDocument; ++ PdfDocument* m_pPdfDocument; ++ ++ PdfMemDocument* m_pPdfMemDocument; ++ ++ PdfWriter* m_pPdfWriter; + + PdfSignatureField* m_pSignatureField; + +diff --git a/libs/sign-sdk/src/PdfSignatureGenerator.cpp b/libs/sign-sdk/src/PdfSignatureGenerator.cpp +index 44ef54a..e8b8c8e 100644 +--- a/libs/sign-sdk/src/PdfSignatureGenerator.cpp ++++ b/libs/sign-sdk/src/PdfSignatureGenerator.cpp +@@ -27,7 +27,7 @@ int GetNumberOfSignatures(PdfMemDocument* pPdfDocument); + USE_LOG; + + PdfSignatureGenerator::PdfSignatureGenerator() +- : m_pPdfDocument(NULL), ++ : m_pPdfMemDocument(NULL), + m_pSignatureField(NULL), + m_pSignOutputDevice(NULL), + m_pFinalOutDevice(NULL), +@@ -37,7 +37,7 @@ PdfSignatureGenerator::PdfSignatureGenerator() + } + + PdfSignatureGenerator::~PdfSignatureGenerator() { +- if (m_pPdfDocument) delete m_pPdfDocument; ++ if (m_pPdfMemDocument) delete m_pPdfMemDocument; + + if (m_pSignatureField) delete m_pSignatureField; + +@@ -51,21 +51,21 @@ PdfSignatureGenerator::~PdfSignatureGenerator() { + } + + int PdfSignatureGenerator::Load(const char* pdf, int len) { +- if (m_pPdfDocument) delete m_pPdfDocument; ++ if (m_pPdfMemDocument) delete m_pPdfMemDocument; + + try { + printf("PDF LENGTH"); + printf("%i", len); + printf("STOP"); + +- m_pPdfDocument = new PdfMemDocument(); +- m_pPdfDocument->Load(pdf, len); +- printf("OK m_pPdfDocument"); +- int nSigns = PDFVerifier::GetNumberOfSignatures(m_pPdfDocument); ++ m_pPdfMemDocument = new PdfMemDocument(); ++ m_pPdfMemDocument->Load(pdf); ++ printf("OK m_pPdfMemDocument"); ++ int nSigns = PDFVerifier::GetNumberOfSignatures(m_pPdfMemDocument); + printf("OK nSigns: %d", nSigns); + + if (nSigns > 0) { +- m_pPdfDocument->SetIncrementalUpdates(true); ++ m_pPdfWriter->PdfWriter::SetIncrementalUpdate(true); + } + m_actualLen = len; + +@@ -82,14 +82,8 @@ void PdfSignatureGenerator::AddFont(const char* szFontName, + // printf(szFontName); + // printf(szFontPath); + +- m_pPdfDocument->CreateFont( +- szFontName, false, false, +- PdfEncodingFactory::GlobalWinAnsiEncodingInstance(), +- PdfFontCache::eFontCreationFlags_AutoSelectBase14, true, szFontPath); +- m_pPdfDocument->CreateFont( +- szFontName, true, false, +- PdfEncodingFactory::GlobalWinAnsiEncodingInstance(), +- PdfFontCache::eFontCreationFlags_AutoSelectBase14, true, szFontPath); ++ m_pPdfDocument->PoDoFo::PdfDocument::CreateFont( szFontName, false, PdfEncodingFactory::GlobalWinAnsiEncodingInstance(), PdfFontCache::eFontCreationFlags_AutoSelectBase14, true); ++ m_pPdfDocument->PoDoFo::PdfDocument::CreateFont( szFontName, true, PdfEncodingFactory::GlobalWinAnsiEncodingInstance(), PdfFontCache::eFontCreationFlags_AutoSelectBase14, true); + } + + void PdfSignatureGenerator::InitSignature( +@@ -130,7 +124,7 @@ void PdfSignatureGenerator::InitSignature( + + if (m_pSignatureField) delete m_pSignatureField; + +- PdfPage* pPage = m_pPdfDocument->GetPage(pageIndex); ++ PdfPage* pPage = m_pPdfMemDocument->GetPage(pageIndex); + PdfRect cropBox = pPage->GetCropBox(); + + float left0 = left * cropBox.GetWidth(); +@@ -145,15 +139,14 @@ void PdfSignatureGenerator::InitSignature( + + LOG_DBG((0, "InitSignature", "PdfSignatureField")); + +- m_pSignatureField = new PdfSignatureField( +- pPage, rect, m_pPdfDocument, PdfString(szFieldName), szSubFilter); ++ m_pSignatureField = new PdfSignatureField(pPage, rect, m_pPdfMemDocument); + + LOG_DBG((0, "InitSignature", "PdfSignatureField OK")); + + if (szReason && szReason[0]) { + PdfString reason(szReason); + PdfString reasonLabel(szReasonLabel); +- m_pSignatureField->SetSignatureReason(reasonLabel, reason); ++ m_pSignatureField->SetSignatureReason(reason); + } + + LOG_DBG((0, "InitSignature", "szReason OK")); +@@ -161,7 +154,7 @@ void PdfSignatureGenerator::InitSignature( + if (szLocation && szLocation[0]) { + PdfString location(szLocation); + PdfString locationLabel(szLocationLabel); +- m_pSignatureField->SetSignatureLocation(locationLabel, location); ++ m_pSignatureField->SetSignatureLocation(location); + } + + LOG_DBG((0, "InitSignature", "szLocation OK")); +@@ -171,54 +164,42 @@ void PdfSignatureGenerator::InitSignature( + + LOG_DBG((0, "InitSignature", "Date OK")); + +- if (szName && szName[0]) { +- PdfString name(szName); +- PdfString nameLabel(szNameLabel); +- m_pSignatureField->SetSignatureName(nameLabel, name); +- } +- +- LOG_DBG((0, "InitSignature", "szName OK")); +- +- m_pSignatureField->SetSignatureSize(SIGNATURE_SIZE); ++ m_pSignOutputDevice->PdfSignOutputDevice::SetSignatureSize(SIGNATURE_SIZE); + + LOG_DBG((0, "InitSignature", "SIGNATURE_SIZE OK")); + +- // if((szImagePath && szImagePath[0]) || (szDescription && szDescription[0])) +- if (width * height > 0) { +- try { +- // m_pSignatureField->SetFontSize(5); +- m_pSignatureField->SetAppearance(szImagePath, szDescription); +- LOG_DBG((0, "InitSignature", "SetAppearance OK")); +- } catch (PdfError& error) { +- LOG_ERR((0, "InitSignature", "SetAppearance error: %s, %s", +- PdfError::ErrorMessage(error.GetError()), error.what())); +- } catch (PdfError* perror) { +- LOG_ERR((0, "InitSignature", "SetAppearance error2: %s, %s", +- PdfError::ErrorMessage(perror->GetError()), perror->what())); +- } catch (std::exception& ex) { +- LOG_ERR( +- (0, "InitSignature", "SetAppearance std exception, %s", ex.what())); +- } catch (std::exception* pex) { +- LOG_ERR((0, "InitSignature", "SetAppearance std exception2, %s", +- pex->what())); +- } catch (...) { +- LOG_ERR((0, "InitSignature", "SetAppearance unknown error")); +- } +- } ++ // if (width * height > 0) { ++ // try { ++ // m_pSignatureField->SetAppearance(szImagePath, szDescription); ++ // LOG_DBG((0, "InitSignature", "SetAppearance OK")); ++ // } catch (PdfError& error) { ++ // LOG_ERR((0, "InitSignature", "SetAppearance error: %s, %s", ++ // PdfError::ErrorMessage(error.GetError()), error.what())); ++ // } catch (PdfError* perror) { ++ // LOG_ERR((0, "InitSignature", "SetAppearance error2: %s, %s", ++ // PdfError::ErrorMessage(perror->GetError()), perror->what())); ++ // } catch (std::exception& ex) { ++ // LOG_ERR( ++ // (0, "InitSignature", "SetAppearance std exception, %s", ++ // ex.what())); ++ // } catch (std::exception* pex) { ++ // LOG_ERR((0, "InitSignature", "SetAppearance std exception2, %s", ++ // pex->what())); ++ // } catch (...) { ++ // LOG_ERR((0, "InitSignature", "SetAppearance unknown error")); ++ // } ++ // } + +- if (szGraphometricData && szGraphometricData[0]) +- m_pSignatureField->SetGraphometricData( +- PdfString("Aruba_Sign_Biometric_Data"), PdfString(szGraphometricData), +- PdfString(szVersion)); ++ // if (szGraphometricData && szGraphometricData[0]) ++ // m_pSignatureField->SetGraphometricData( ++ // PdfString("Aruba_Sign_Biometric_Data"), ++ // PdfString(szGraphometricData), PdfString(szVersion)); + +- LOG_DBG((0, "InitSignature", "szGraphometricData OK")); ++ // LOG_DBG((0, "InitSignature", "szGraphometricData OK")); + + LOG_DBG((0, "InitSignature", "m_actualLen %d", m_actualLen)); + // crea il nuovo doc con il campo di firma +- int fulllen = m_actualLen * 2 + SIGNATURE_SIZE * 2 + +- (szGraphometricData +- ? (strlen(szGraphometricData) + strlen(szVersion) + 100) +- : 0); ++ int fulllen = m_actualLen * 2 + SIGNATURE_SIZE * 2; + + int mainDoclen = 0; + m_pMainDocbuffer = NULL; +@@ -227,7 +208,7 @@ void PdfSignatureGenerator::InitSignature( + LOG_DBG((0, "InitSignature", "fulllen %d", fulllen)); + m_pMainDocbuffer = new char[fulllen]; + PdfOutputDevice pdfOutDevice(m_pMainDocbuffer, fulllen); +- m_pPdfDocument->Write(&pdfOutDevice); ++ m_pPdfMemDocument->Write(&pdfOutDevice); + mainDoclen = pdfOutDevice.GetLength(); + } catch (::PoDoFo::PdfError err) { + if (m_pMainDocbuffer) { +@@ -301,32 +282,32 @@ void PdfSignatureGenerator::GetSignedPdf(UUCByteArray& signedPdf) { + } + + const double PdfSignatureGenerator::getWidth(int pageIndex) { +- if (m_pPdfDocument) { +- PdfPage* pPage = m_pPdfDocument->GetPage(pageIndex); ++ if (m_pPdfMemDocument) { ++ PdfPage* pPage = m_pPdfMemDocument->GetPage(pageIndex); + return pPage->GetPageSize().GetWidth(); + } + return 0; + } + + const double PdfSignatureGenerator::getHeight(int pageIndex) { +- if (m_pPdfDocument) { +- PdfPage* pPage = m_pPdfDocument->GetPage(pageIndex); ++ if (m_pPdfMemDocument) { ++ PdfPage* pPage = m_pPdfMemDocument->GetPage(pageIndex); + return pPage->GetPageSize().GetHeight(); + } + return 0; + } + + const double PdfSignatureGenerator::lastSignatureY(int left, int bottom) { +- if (!m_pPdfDocument) return -1; ++ if (!m_pPdfMemDocument) return -1; + /// Find the document catalog dictionary +- const PdfObject* const trailer = m_pPdfDocument->GetTrailer(); ++ const PdfObject* const trailer = m_pPdfMemDocument->GetTrailer(); + if (!trailer->IsDictionary()) return -1; + const PdfObject* const catalogRef = + trailer->GetDictionary().GetKey(PdfName("Root")); + if (catalogRef == 0 || !catalogRef->IsReference()) + return -2; // throw std::invalid_argument("Invalid /Root entry"); + const PdfObject* const catalog = +- m_pPdfDocument->GetObjects().GetObject(catalogRef->GetReference()); ++ m_pPdfMemDocument->GetObjects().GetObject(catalogRef->GetReference()); + if (catalog == 0 || !catalog->IsDictionary()) + return -3; // throw std::invalid_argument("Invalid or non-dictionary + // referenced by /Root entry"); +@@ -336,8 +317,8 @@ const double PdfSignatureGenerator::lastSignatureY(int left, int bottom) { + catalog->GetDictionary().GetKey(PdfName("AcroForm")); + if (acroFormValue == 0) return bottom; + if (acroFormValue->IsReference()) +- acroFormValue = +- m_pPdfDocument->GetObjects().GetObject(acroFormValue->GetReference()); ++ acroFormValue = m_pPdfMemDocument->GetObjects().GetObject( ++ acroFormValue->GetReference()); + + if (!acroFormValue->IsDictionary()) return bottom; + +@@ -346,8 +327,8 @@ const double PdfSignatureGenerator::lastSignatureY(int left, int bottom) { + if (fieldsValue == 0) return bottom; + + if (fieldsValue->IsReference()) +- fieldsValue = +- m_pPdfDocument->GetObjects().GetObject(acroFormValue->GetReference()); ++ fieldsValue = m_pPdfMemDocument->GetObjects().GetObject( ++ acroFormValue->GetReference()); + + if (!fieldsValue->IsArray()) return bottom; + +@@ -360,8 +341,8 @@ const double PdfSignatureGenerator::lastSignatureY(int left, int bottom) { + + for (unsigned int i = 0; i < array.size(); i++) { + const PdfObject* pObj = +- m_pPdfDocument->GetObjects().GetObject(array[i].GetReference()); +- if (IsSignatureField(m_pPdfDocument, pObj)) { ++ m_pPdfMemDocument->GetObjects().GetObject(array[i].GetReference()); ++ if (IsSignatureField(m_pPdfMemDocument, pObj)) { + const PdfObject* const keyRect = + pObj->GetDictionary().GetKey(PdfName("Rect")); + if (keyRect == 0) { +diff --git a/libs/sign-sdk/src/disigonsdk.cpp b/libs/sign-sdk/src/disigonsdk.cpp +index 250c93f..84e1b0b 100644 +--- a/libs/sign-sdk/src/disigonsdk.cpp ++++ b/libs/sign-sdk/src/disigonsdk.cpp +@@ -5,6 +5,7 @@ + + #include + #include ++#include + #include + #include + -- cgit 1.4.1