commit 64b487bb36fea1ddbfadb63edb7e425803eece74 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

cie-middleware-linux: 1.5.0 -> 1.5.2

rnhmjoj 2 years ago 64b487bb d9bb2c01

+352 -32

2 changed files

expand all

unified split

pkgs

tools

security

cie-middleware-linux

default.nix

use-system-podofo.patch

+9 -32

pkgs/tools/security/cie-middleware-linux/default.nix

··· 1 1 { stdenv 2 2 , lib 3 3 , fetchFromGitHub 4 - , fetchpatch 5 4 , makeWrapper 6 - , strip-nondeterminism 5 + , stripJavaArchivesHook 7 6 , meson 8 7 , ninja 9 8 , pkg-config 10 - , gradle_7 9 + , gradle_8 11 10 , curl 12 11 , cryptopp 13 12 , fontconfig ··· 21 20 22 21 let 23 22 pname = "cie-middleware-linux"; 24 - version = "1.5.0"; 23 + version = "1.5.2"; 25 24 26 25 src = fetchFromGitHub { 27 26 owner = "M0rf30"; 28 27 repo = pname; 29 28 rev = version; 30 - sha256 = "sha256-Z8K2Ibg5bBfSql5HEapKgdfiCf/EIKTTD15oVeysQGk="; 29 + sha256 = "sha256-M3Xwg3G2ZZhPRV7uhFVXQPyvuuY4zI5Z+D/Dt26KVM0="; 31 30 }; 32 31 33 - gradle = gradle_7; 32 + gradle = gradle_8; 34 33 35 34 # Shared libraries needed by the Java application 36 35 libraries = lib.makeLibraryPath [ ghostscript ]; ··· 45 44 buildPhase = '' 46 45 # Run the fetchDeps task 47 46 export GRADLE_USER_HOME=$(mktemp -d) 48 - ls -l 49 47 gradle --no-daemon -b cie-java/build.gradle fetchDeps 50 48 ''; 51 49 ··· 62 60 63 61 outputHashAlgo = "sha256"; 64 62 outputHashMode = "recursive"; 65 - outputHash = "sha256-jtaH8dBpnx8KMJe+jzJfkvcx1NO4nL5jsRO4+GI+d0c="; 63 + outputHash = "sha256-fxrjo4iduXzTgMqmQGwdI1vLMA4EZLObsHyKGZ6b14I="; 66 64 }; 67 65 68 66 in ··· 71 69 inherit pname src version; 72 70 73 71 hardeningDisable = [ "format" ]; 74 - 75 - outputs = [ "out" "dev" ]; 76 72 77 73 nativeBuildInputs = [ 78 74 makeWrapper 75 + stripJavaArchivesHook 79 76 meson 80 77 ninja 81 78 pkg-config 82 79 gradle 83 - strip-nondeterminism 84 80 ]; 85 81 86 82 buildInputs = [ 87 83 cryptopp 88 84 fontconfig 89 - podofo.dev 85 + podofo 90 86 openssl 91 87 pcsclite 92 88 curl 93 89 libxml2 94 90 ]; 95 91 96 - patches = [ 97 - # Fix gcc-13 build by adding missing include. 98 - (fetchpatch { 99 - name = "gcc-13.patch"; 100 - url = "https://github.com/M0Rf30/cie-middleware-linux/commit/1da1196152f7a3bbe92ba3ce993ebb6785ff049e.patch"; 101 - hash = "sha256-aM23A1ZX8kebgX6RXVS78SEa+to93glUmIYO+lfUzfg="; 102 - }) 103 - ]; 92 + patches = [ ./use-system-podofo.patch ]; 104 93 105 94 postPatch = '' 106 95 # substitute the cieid command with this $out/bin/cieid 107 96 substituteInPlace libs/pkcs11/src/CSP/AbilitaCIE.cpp \ 108 97 --replace 'file = "cieid"' 'file = "'$out'/bin/cieid"' 109 - 110 - # revert https://github.com/M0Rf30/cie-middleware-linux/commit/1a389d8 111 - sed -i libs/meson.build \ 112 - -e "s@podofo_dep = .\+@podofo_dep = dependency('libpodofo')@g" 113 98 ''; 114 99 115 100 # Note: we use pushd/popd to juggle between the ··· 157 142 install -Dm644 data/cieid.desktop "$out/share/applications/cieid.desktop" 158 143 install -Dm755 data/logo.png "$out/share/pixmaps/cieid.png" 159 144 install -Dm644 LICENSE "$out/share/licenses/cieid/LICENSE" 160 - ''; 161 - 162 - postFixup = '' 163 - # Move static libraries to the dev output 164 - mv -t "$dev/lib" "$out/lib/"*.a 165 - 166 - # Make the jar deterministic (mainly, sorting its files) 167 - strip-nondeterminism "$out/share/cieid/cieid.jar" 168 145 ''; 169 146 170 147 passthru = { inherit javaDeps; };

+343

pkgs/tools/security/cie-middleware-linux/use-system-podofo.patch

··· 1 + commit c9ac4243a6def08790bbf5552bb31894169596ca 2 + Author: rnhmjoj <rnhmjoj@inventati.org> 3 + Date: Wed Apr 3 12:54:58 2024 +0200 4 + 5 + use system podofo 6 + 7 + diff --git a/libs/meson.build b/libs/meson.build 8 + index 3ee31c1..5022ba8 100644 9 + --- a/libs/meson.build 10 + +++ b/libs/meson.build 11 + @@ -16,21 +16,15 @@ curl_dep = dependency('libcurl') 12 + fontconfig_dep = dependency('fontconfig') 13 + freetype_dep = dependency('freetype2') 14 + png_dep = dependency('libpng') 15 + -podofo_dep = cpp.find_library('libpodofo', dirs: libdir) 16 + +podofo_dep = dependency('libpodofo') 17 + libxml2_dep = dependency('libxml-2.0', required: false) 18 + xml2_dep = dependency('xml2', required: false) 19 + zlib_dep = dependency('zlib') 20 + 21 + inc_so = include_directories('pkcs11/src/.', 'shared/src/') 22 + 23 + -inc_a = include_directories( 24 + - 'sign-sdk/include', 25 + - 'sign-sdk/include/podofo', 26 + - 'sign-sdk/include/podofo/include', 27 + - 'sign-sdk/include/podofo/include/podofo', 28 + - 'sign-sdk/src', 29 + - 'shared/src/', 30 + -) 31 + +inc_a = include_directories('sign-sdk/include', 'sign-sdk/src', 'shared/src/') 32 + + 33 + cie_pkcs11_sources = [ 34 + 'shared/src/Util/log.cpp', 35 + 'shared/src/Util/funccallinfo.cpp', 36 + diff --git a/libs/sign-sdk/include/PdfSignatureGenerator.h b/libs/sign-sdk/include/PdfSignatureGenerator.h 37 + index 93ab445..65d438f 100644 38 + --- a/libs/sign-sdk/include/PdfSignatureGenerator.h 39 + +++ b/libs/sign-sdk/include/PdfSignatureGenerator.h 40 + @@ -10,9 +10,7 @@ 41 + #ifndef _PDFSIGNATUREGENERATOR_H_ 42 + #define _PDFSIGNATUREGENERATOR_H_ 43 + #include "Util/UUCByteArray.h" 44 + -#include "podofo/doc/PdfSignOutputDevice.h" 45 + -#include "podofo/doc/PdfSignatureField.h" 46 + -#include "podofo/podofo.h" 47 + +#include <podofo/podofo.h> 48 + 49 + using namespace PoDoFo; 50 + using namespace std; 51 + @@ -60,7 +58,11 @@ class PdfSignatureGenerator { 52 + const double getHeight(int pageIndex); 53 + 54 + private: 55 + - PdfMemDocument* m_pPdfDocument; 56 + + PdfDocument* m_pPdfDocument; 57 + + 58 + + PdfMemDocument* m_pPdfMemDocument; 59 + + 60 + + PdfWriter* m_pPdfWriter; 61 + 62 + PdfSignatureField* m_pSignatureField; 63 + 64 + diff --git a/libs/sign-sdk/src/PdfSignatureGenerator.cpp b/libs/sign-sdk/src/PdfSignatureGenerator.cpp 65 + index 44ef54a..e8b8c8e 100644 66 + --- a/libs/sign-sdk/src/PdfSignatureGenerator.cpp 67 + +++ b/libs/sign-sdk/src/PdfSignatureGenerator.cpp 68 + @@ -27,7 +27,7 @@ int GetNumberOfSignatures(PdfMemDocument* pPdfDocument); 69 + USE_LOG; 70 + 71 + PdfSignatureGenerator::PdfSignatureGenerator() 72 + - : m_pPdfDocument(NULL), 73 + + : m_pPdfMemDocument(NULL), 74 + m_pSignatureField(NULL), 75 + m_pSignOutputDevice(NULL), 76 + m_pFinalOutDevice(NULL), 77 + @@ -37,7 +37,7 @@ PdfSignatureGenerator::PdfSignatureGenerator() 78 + } 79 + 80 + PdfSignatureGenerator::~PdfSignatureGenerator() { 81 + - if (m_pPdfDocument) delete m_pPdfDocument; 82 + + if (m_pPdfMemDocument) delete m_pPdfMemDocument; 83 + 84 + if (m_pSignatureField) delete m_pSignatureField; 85 + 86 + @@ -51,21 +51,21 @@ PdfSignatureGenerator::~PdfSignatureGenerator() { 87 + } 88 + 89 + int PdfSignatureGenerator::Load(const char* pdf, int len) { 90 + - if (m_pPdfDocument) delete m_pPdfDocument; 91 + + if (m_pPdfMemDocument) delete m_pPdfMemDocument; 92 + 93 + try { 94 + printf("PDF LENGTH"); 95 + printf("%i", len); 96 + printf("STOP"); 97 + 98 + - m_pPdfDocument = new PdfMemDocument(); 99 + - m_pPdfDocument->Load(pdf, len); 100 + - printf("OK m_pPdfDocument"); 101 + - int nSigns = PDFVerifier::GetNumberOfSignatures(m_pPdfDocument); 102 + + m_pPdfMemDocument = new PdfMemDocument(); 103 + + m_pPdfMemDocument->Load(pdf); 104 + + printf("OK m_pPdfMemDocument"); 105 + + int nSigns = PDFVerifier::GetNumberOfSignatures(m_pPdfMemDocument); 106 + printf("OK nSigns: %d", nSigns); 107 + 108 + if (nSigns > 0) { 109 + - m_pPdfDocument->SetIncrementalUpdates(true); 110 + + m_pPdfWriter->PdfWriter::SetIncrementalUpdate(true); 111 + } 112 + m_actualLen = len; 113 + 114 + @@ -82,14 +82,8 @@ void PdfSignatureGenerator::AddFont(const char* szFontName, 115 + // printf(szFontName); 116 + // printf(szFontPath); 117 + 118 + - m_pPdfDocument->CreateFont( 119 + - szFontName, false, false, 120 + - PdfEncodingFactory::GlobalWinAnsiEncodingInstance(), 121 + - PdfFontCache::eFontCreationFlags_AutoSelectBase14, true, szFontPath); 122 + - m_pPdfDocument->CreateFont( 123 + - szFontName, true, false, 124 + - PdfEncodingFactory::GlobalWinAnsiEncodingInstance(), 125 + - PdfFontCache::eFontCreationFlags_AutoSelectBase14, true, szFontPath); 126 + + m_pPdfDocument->PoDoFo::PdfDocument::CreateFont( szFontName, false, PdfEncodingFactory::GlobalWinAnsiEncodingInstance(), PdfFontCache::eFontCreationFlags_AutoSelectBase14, true); 127 + + m_pPdfDocument->PoDoFo::PdfDocument::CreateFont( szFontName, true, PdfEncodingFactory::GlobalWinAnsiEncodingInstance(), PdfFontCache::eFontCreationFlags_AutoSelectBase14, true); 128 + } 129 + 130 + void PdfSignatureGenerator::InitSignature( 131 + @@ -130,7 +124,7 @@ void PdfSignatureGenerator::InitSignature( 132 + 133 + if (m_pSignatureField) delete m_pSignatureField; 134 + 135 + - PdfPage* pPage = m_pPdfDocument->GetPage(pageIndex); 136 + + PdfPage* pPage = m_pPdfMemDocument->GetPage(pageIndex); 137 + PdfRect cropBox = pPage->GetCropBox(); 138 + 139 + float left0 = left * cropBox.GetWidth(); 140 + @@ -145,15 +139,14 @@ void PdfSignatureGenerator::InitSignature( 141 + 142 + LOG_DBG((0, "InitSignature", "PdfSignatureField")); 143 + 144 + - m_pSignatureField = new PdfSignatureField( 145 + - pPage, rect, m_pPdfDocument, PdfString(szFieldName), szSubFilter); 146 + + m_pSignatureField = new PdfSignatureField(pPage, rect, m_pPdfMemDocument); 147 + 148 + LOG_DBG((0, "InitSignature", "PdfSignatureField OK")); 149 + 150 + if (szReason && szReason[0]) { 151 + PdfString reason(szReason); 152 + PdfString reasonLabel(szReasonLabel); 153 + - m_pSignatureField->SetSignatureReason(reasonLabel, reason); 154 + + m_pSignatureField->SetSignatureReason(reason); 155 + } 156 + 157 + LOG_DBG((0, "InitSignature", "szReason OK")); 158 + @@ -161,7 +154,7 @@ void PdfSignatureGenerator::InitSignature( 159 + if (szLocation && szLocation[0]) { 160 + PdfString location(szLocation); 161 + PdfString locationLabel(szLocationLabel); 162 + - m_pSignatureField->SetSignatureLocation(locationLabel, location); 163 + + m_pSignatureField->SetSignatureLocation(location); 164 + } 165 + 166 + LOG_DBG((0, "InitSignature", "szLocation OK")); 167 + @@ -171,54 +164,42 @@ void PdfSignatureGenerator::InitSignature( 168 + 169 + LOG_DBG((0, "InitSignature", "Date OK")); 170 + 171 + - if (szName && szName[0]) { 172 + - PdfString name(szName); 173 + - PdfString nameLabel(szNameLabel); 174 + - m_pSignatureField->SetSignatureName(nameLabel, name); 175 + - } 176 + - 177 + - LOG_DBG((0, "InitSignature", "szName OK")); 178 + - 179 + - m_pSignatureField->SetSignatureSize(SIGNATURE_SIZE); 180 + + m_pSignOutputDevice->PdfSignOutputDevice::SetSignatureSize(SIGNATURE_SIZE); 181 + 182 + LOG_DBG((0, "InitSignature", "SIGNATURE_SIZE OK")); 183 + 184 + - // if((szImagePath && szImagePath[0]) || (szDescription && szDescription[0])) 185 + - if (width * height > 0) { 186 + - try { 187 + - // m_pSignatureField->SetFontSize(5); 188 + - m_pSignatureField->SetAppearance(szImagePath, szDescription); 189 + - LOG_DBG((0, "InitSignature", "SetAppearance OK")); 190 + - } catch (PdfError& error) { 191 + - LOG_ERR((0, "InitSignature", "SetAppearance error: %s, %s", 192 + - PdfError::ErrorMessage(error.GetError()), error.what())); 193 + - } catch (PdfError* perror) { 194 + - LOG_ERR((0, "InitSignature", "SetAppearance error2: %s, %s", 195 + - PdfError::ErrorMessage(perror->GetError()), perror->what())); 196 + - } catch (std::exception& ex) { 197 + - LOG_ERR( 198 + - (0, "InitSignature", "SetAppearance std exception, %s", ex.what())); 199 + - } catch (std::exception* pex) { 200 + - LOG_ERR((0, "InitSignature", "SetAppearance std exception2, %s", 201 + - pex->what())); 202 + - } catch (...) { 203 + - LOG_ERR((0, "InitSignature", "SetAppearance unknown error")); 204 + - } 205 + - } 206 + + // if (width * height > 0) { 207 + + // try { 208 + + // m_pSignatureField->SetAppearance(szImagePath, szDescription); 209 + + // LOG_DBG((0, "InitSignature", "SetAppearance OK")); 210 + + // } catch (PdfError& error) { 211 + + // LOG_ERR((0, "InitSignature", "SetAppearance error: %s, %s", 212 + + // PdfError::ErrorMessage(error.GetError()), error.what())); 213 + + // } catch (PdfError* perror) { 214 + + // LOG_ERR((0, "InitSignature", "SetAppearance error2: %s, %s", 215 + + // PdfError::ErrorMessage(perror->GetError()), perror->what())); 216 + + // } catch (std::exception& ex) { 217 + + // LOG_ERR( 218 + + // (0, "InitSignature", "SetAppearance std exception, %s", 219 + + // ex.what())); 220 + + // } catch (std::exception* pex) { 221 + + // LOG_ERR((0, "InitSignature", "SetAppearance std exception2, %s", 222 + + // pex->what())); 223 + + // } catch (...) { 224 + + // LOG_ERR((0, "InitSignature", "SetAppearance unknown error")); 225 + + // } 226 + + // } 227 + 228 + - if (szGraphometricData && szGraphometricData[0]) 229 + - m_pSignatureField->SetGraphometricData( 230 + - PdfString("Aruba_Sign_Biometric_Data"), PdfString(szGraphometricData), 231 + - PdfString(szVersion)); 232 + + // if (szGraphometricData && szGraphometricData[0]) 233 + + // m_pSignatureField->SetGraphometricData( 234 + + // PdfString("Aruba_Sign_Biometric_Data"), 235 + + // PdfString(szGraphometricData), PdfString(szVersion)); 236 + 237 + - LOG_DBG((0, "InitSignature", "szGraphometricData OK")); 238 + + // LOG_DBG((0, "InitSignature", "szGraphometricData OK")); 239 + 240 + LOG_DBG((0, "InitSignature", "m_actualLen %d", m_actualLen)); 241 + // crea il nuovo doc con il campo di firma 242 + - int fulllen = m_actualLen * 2 + SIGNATURE_SIZE * 2 + 243 + - (szGraphometricData 244 + - ? (strlen(szGraphometricData) + strlen(szVersion) + 100) 245 + - : 0); 246 + + int fulllen = m_actualLen * 2 + SIGNATURE_SIZE * 2; 247 + 248 + int mainDoclen = 0; 249 + m_pMainDocbuffer = NULL; 250 + @@ -227,7 +208,7 @@ void PdfSignatureGenerator::InitSignature( 251 + LOG_DBG((0, "InitSignature", "fulllen %d", fulllen)); 252 + m_pMainDocbuffer = new char[fulllen]; 253 + PdfOutputDevice pdfOutDevice(m_pMainDocbuffer, fulllen); 254 + - m_pPdfDocument->Write(&pdfOutDevice); 255 + + m_pPdfMemDocument->Write(&pdfOutDevice); 256 + mainDoclen = pdfOutDevice.GetLength(); 257 + } catch (::PoDoFo::PdfError err) { 258 + if (m_pMainDocbuffer) { 259 + @@ -301,32 +282,32 @@ void PdfSignatureGenerator::GetSignedPdf(UUCByteArray& signedPdf) { 260 + } 261 + 262 + const double PdfSignatureGenerator::getWidth(int pageIndex) { 263 + - if (m_pPdfDocument) { 264 + - PdfPage* pPage = m_pPdfDocument->GetPage(pageIndex); 265 + + if (m_pPdfMemDocument) { 266 + + PdfPage* pPage = m_pPdfMemDocument->GetPage(pageIndex); 267 + return pPage->GetPageSize().GetWidth(); 268 + } 269 + return 0; 270 + } 271 + 272 + const double PdfSignatureGenerator::getHeight(int pageIndex) { 273 + - if (m_pPdfDocument) { 274 + - PdfPage* pPage = m_pPdfDocument->GetPage(pageIndex); 275 + + if (m_pPdfMemDocument) { 276 + + PdfPage* pPage = m_pPdfMemDocument->GetPage(pageIndex); 277 + return pPage->GetPageSize().GetHeight(); 278 + } 279 + return 0; 280 + } 281 + 282 + const double PdfSignatureGenerator::lastSignatureY(int left, int bottom) { 283 + - if (!m_pPdfDocument) return -1; 284 + + if (!m_pPdfMemDocument) return -1; 285 + /// Find the document catalog dictionary 286 + - const PdfObject* const trailer = m_pPdfDocument->GetTrailer(); 287 + + const PdfObject* const trailer = m_pPdfMemDocument->GetTrailer(); 288 + if (!trailer->IsDictionary()) return -1; 289 + const PdfObject* const catalogRef = 290 + trailer->GetDictionary().GetKey(PdfName("Root")); 291 + if (catalogRef == 0 || !catalogRef->IsReference()) 292 + return -2; // throw std::invalid_argument("Invalid /Root entry"); 293 + const PdfObject* const catalog = 294 + - m_pPdfDocument->GetObjects().GetObject(catalogRef->GetReference()); 295 + + m_pPdfMemDocument->GetObjects().GetObject(catalogRef->GetReference()); 296 + if (catalog == 0 || !catalog->IsDictionary()) 297 + return -3; // throw std::invalid_argument("Invalid or non-dictionary 298 + // referenced by /Root entry"); 299 + @@ -336,8 +317,8 @@ const double PdfSignatureGenerator::lastSignatureY(int left, int bottom) { 300 + catalog->GetDictionary().GetKey(PdfName("AcroForm")); 301 + if (acroFormValue == 0) return bottom; 302 + if (acroFormValue->IsReference()) 303 + - acroFormValue = 304 + - m_pPdfDocument->GetObjects().GetObject(acroFormValue->GetReference()); 305 + + acroFormValue = m_pPdfMemDocument->GetObjects().GetObject( 306 + + acroFormValue->GetReference()); 307 + 308 + if (!acroFormValue->IsDictionary()) return bottom; 309 + 310 + @@ -346,8 +327,8 @@ const double PdfSignatureGenerator::lastSignatureY(int left, int bottom) { 311 + if (fieldsValue == 0) return bottom; 312 + 313 + if (fieldsValue->IsReference()) 314 + - fieldsValue = 315 + - m_pPdfDocument->GetObjects().GetObject(acroFormValue->GetReference()); 316 + + fieldsValue = m_pPdfMemDocument->GetObjects().GetObject( 317 + + acroFormValue->GetReference()); 318 + 319 + if (!fieldsValue->IsArray()) return bottom; 320 + 321 + @@ -360,8 +341,8 @@ const double PdfSignatureGenerator::lastSignatureY(int left, int bottom) { 322 + 323 + for (unsigned int i = 0; i < array.size(); i++) { 324 + const PdfObject* pObj = 325 + - m_pPdfDocument->GetObjects().GetObject(array[i].GetReference()); 326 + - if (IsSignatureField(m_pPdfDocument, pObj)) { 327 + + m_pPdfMemDocument->GetObjects().GetObject(array[i].GetReference()); 328 + + if (IsSignatureField(m_pPdfMemDocument, pObj)) { 329 + const PdfObject* const keyRect = 330 + pObj->GetDictionary().GetKey(PdfName("Rect")); 331 + if (keyRect == 0) { 332 + diff --git a/libs/sign-sdk/src/disigonsdk.cpp b/libs/sign-sdk/src/disigonsdk.cpp 333 + index 250c93f..84e1b0b 100644 334 + --- a/libs/sign-sdk/src/disigonsdk.cpp 335 + +++ b/libs/sign-sdk/src/disigonsdk.cpp 336 + @@ -5,6 +5,7 @@ 337 + 338 + #include <libxml/tree.h> 339 + #include <libxml/xmlmemory.h> 340 + +#include <podofo/podofo.h> 341 + #include <stdlib.h> 342 + #include <string.h> 343 +