Support MAC integrity protection for different signing modes

DEVSIX-8627

Author: Eugene Bochilo

bouncy-castle-connector/src/main/java/com/itextpdf/bouncycastleconnector/BouncyCastleFactoryCreator.java

@@ -43,7 +43,7 @@ public final class BouncyCastleFactoryCreator {
 
     private static IBouncyCastleFactory factory;
 
-    private static Map<String, Supplier<IBouncyCastleFactory>> factories = new LinkedHashMap<>();
+    private static final Map<String, Supplier<IBouncyCastleFactory>> FACTORIES = new LinkedHashMap<>();
 
     private static final String FACTORY_ENVIRONMENT_VARIABLE_NAME = "ITEXT_BOUNCY_CASTLE_FACTORY_NAME";
 
@@ -53,12 +53,12 @@ public final class BouncyCastleFactoryCreator {
         populateFactoriesMap();
 
         String factoryName = SystemUtil.getPropertyOrEnvironmentVariable(FACTORY_ENVIRONMENT_VARIABLE_NAME);
-        Supplier<IBouncyCastleFactory> systemVariableFactoryCreator = factories.get(factoryName);
+        Supplier<IBouncyCastleFactory> systemVariableFactoryCreator = FACTORIES.get(factoryName);
         if (systemVariableFactoryCreator != null) {
             tryCreateFactory(systemVariableFactoryCreator);
         }
 
-        for (Supplier<IBouncyCastleFactory> factorySupplier : factories.values()) {
+        for (Supplier<IBouncyCastleFactory> factorySupplier : FACTORIES.values()) {
             if (factory != null) {
                 break;
             }
@@ -106,7 +106,7 @@ private static void createFactory(Supplier<IBouncyCastleFactory> factoryCreator)
     }
 
     private static void populateFactoriesMap() {
-        factories.put("bouncy-castle", () -> new BouncyCastleFactory());
-        factories.put("bouncy-castle-fips", () -> new BouncyCastleFipsFactory()); // Android-Conversion-Skip-Line (BC FIPS isn't supported on Android)
+        FACTORIES.put("bouncy-castle", () -> new BouncyCastleFactory());
+        FACTORIES.put("bouncy-castle-fips", () -> new BouncyCastleFipsFactory()); // Android-Conversion-Skip-Line (BC FIPS isn't supported on Android)
     }
 }

kernel/src/main/java/com/itextpdf/kernel/mac/IMacContainerLocator.java

@@ -37,6 +37,13 @@ public interface IMacContainerLocator {
      */
     void locateMacContainer(AbstractMacIntegrityProtector macIntegrityProtector);
 
+    /**
+     * Indicates, if MAC container was already located.
+     *
+     * @return {@code true} if MAC container was already located, {@code false} otherwise
+     */
+    boolean isMacContainerLocated();
+
     /**
      * Creates {@link AbstractMacIntegrityProtector} from explicitly provided MAC properties.
      *

kernel/src/main/java/com/itextpdf/kernel/mac/StandaloneMacContainerLocator.java

@@ -29,12 +29,23 @@ This file is part of the iText (R) project.
  * Default {@link AbstractMacIntegrityProtector} location strategy, which locates MAC container in document's trailer.
  */
 public class StandaloneMacContainerLocator implements IMacContainerLocator {
+    private boolean macContainerLocated = false;
+
     /**
      * {@inheritDoc}.
      */
     @Override
     public void locateMacContainer(AbstractMacIntegrityProtector macIntegrityProtector) {
         ((StandaloneMacIntegrityProtector) macIntegrityProtector).prepareDocument();
+        macContainerLocated = true;
+    }
+
+    /**
+     * {@inheritDoc}.
+     */
+    @Override
+    public boolean isMacContainerLocated() {
+        return macContainerLocated;
     }
 
     /**

kernel/src/main/java/com/itextpdf/kernel/pdf/PdfWriter.java

@@ -200,10 +200,12 @@ protected void initCryptoIfSpecified(PdfVersion version) {
         final int encryptionAlgorithm = crypto == null ?
                 (encryptProps.encryptionAlgorithm & EncryptionConstants.ENCRYPTION_MASK) :
                 crypto.getEncryptionAlgorithm();
+        if (document.properties.disableMac) {
+            encryptProps.macProperties = null;
+        }
         if (encryptProps.macProperties == EncryptionProperties.DEFAULT_MAC_PROPERTIES) {
-            if ((version == null || version.compareTo(PdfVersion.PDF_2_0) < 0) ||
-                    (encryptionAlgorithm != EncryptionConstants.ENCRYPTION_AES_256 &&
-                            encryptionAlgorithm != EncryptionConstants.ENCRYPTION_AES_GCM)) {
+            if (version == null || version.compareTo(PdfVersion.PDF_2_0) < 0 ||
+                    encryptionAlgorithm < EncryptionConstants.ENCRYPTION_AES_256) {
                 encryptProps.macProperties = null;
             }
         }

kernel/src/main/java/com/itextpdf/kernel/pdf/StampingProperties.java

@@ -24,8 +24,6 @@ This file is part of the iText (R) project.
 
 
 public class StampingProperties extends DocumentProperties {
-
-
     protected boolean appendMode = false;
     protected boolean preserveEncryption = false;
     protected boolean disableMac = false;
@@ -37,6 +35,7 @@ public StampingProperties(StampingProperties other) {
         super(other);
         this.appendMode = other.appendMode;
         this.preserveEncryption = other.preserveEncryption;
+        this.disableMac = other.disableMac;
     }
 
     StampingProperties(DocumentProperties documentProperties) {

kernel/src/test/java/com/itextpdf/kernel/mac/MacIntegrityProtectorCreationTest.java

@@ -243,6 +243,27 @@ public void addMacOnAppendModeTest() throws IOException, InterruptedException {
                 outputFileName, cmpFileName, DESTINATION_FOLDER, "diff", PASSWORD, PASSWORD));
     }
 
+    @Test
+    @LogMessages(messages = @LogMessage(messageTemplate = KernelLogMessageConstant.MD5_IS_NOT_FIPS_COMPLIANT,
+            ignore = true))
+    public void addMacWithDisableMacPropertyTest() throws IOException, InterruptedException {
+        // MAC should not be added in disable MAC mode even if it was provided with writer properties
+        String fileName = "addMacWithDisableMacPropertyTest.pdf";
+        String outputFileName = DESTINATION_FOLDER + fileName;
+        String cmpFileName = SOURCE_FOLDER + "cmp_" + fileName;
+
+        MacProperties macProperties = new MacProperties(MacDigestAlgorithm.SHA_384);
+        WriterProperties writerProperties = new WriterProperties().setPdfVersion(PdfVersion.PDF_2_0)
+                .setStandardEncryption(PASSWORD, PASSWORD, 0, EncryptionConstants.ENCRYPTION_AES_256, macProperties);
+        try (PdfDocument pdfDoc = new PdfDocument(
+                new PdfReader(SOURCE_FOLDER + "noMacProtectionDocument.pdf", new ReaderProperties().setPassword(PASSWORD)),
+                new PdfWriter(outputFileName, writerProperties), new StampingProperties().disableMac())) {
+            pdfDoc.addNewPage().addAnnotation(new PdfTextAnnotation(new Rectangle(100, 100, 100, 100)));
+        }
+        Assertions.assertNull(new CompareTool().enableEncryptionCompare().compareByContent(
+                outputFileName, cmpFileName, DESTINATION_FOLDER, "diff", PASSWORD, PASSWORD));
+    }
+
     @Test
     @LogMessages(messages = @LogMessage(messageTemplate = KernelLogMessageConstant.MD5_IS_NOT_FIPS_COMPLIANT,
             ignore = true))

kernel/src/test/resources/com/itextpdf/kernel/mac/MacIntegrityProtectorCreationTest/cmp_addMacWithDisableMacPropertyTest.pdf

@@ -657,6 +657,14 @@
             <file path="com/itextpdf/signatures/sign/TimestampSigTest/cmp_timestampTest01.pdf"/>
             <file path="com/itextpdf/signatures/PKCS7ExternalSignatureContainerTest/cmp_testTroughPdfSignerWithTsaClient.pdf"/>
             <file path="com/itextpdf/signatures/PKCS7ExternalSignatureContainerTest/cmp_testTroughPdfSignerWithTsaClient_FIPS.pdf"/>
+
+            <file path="com/itextpdf/signatures/mac/SignedDocumentWithMacTest/cmp_signMacProtectedDocInAppendModeTest_timestamping.pdf"/>
+            <file path="com/itextpdf/signatures/mac/SignedDocumentWithMacTest/cmp_signMacProtectedDocTest_timestamping.pdf"/>
+            <file path="com/itextpdf/signatures/mac/SignedDocumentWithMacTest/cmp_signMacProtectedDocWithSHA3_384Test_timestamping.pdf"/>
+            <file path="com/itextpdf/signatures/mac/SignedDocumentWithMacTest/cmp_signMacPublicEncryptionDocTest_timestamping.pdf"/>
+            <file path="com/itextpdf/signatures/mac/SignedDocumentWithMacTest/cmp_signNotMacProtectedDoc17Test_timestamping.pdf"/>
+            <file path="com/itextpdf/signatures/mac/SignedDocumentWithMacTest/cmp_signNotMacProtectedDocInAppendModeTest_timestamping.pdf"/>
+            <file path="com/itextpdf/signatures/mac/SignedDocumentWithMacTest/cmp_signNotMacProtectedDocTest_timestamping.pdf"/>
         </fileset>
         <fileset reason="Bug in java version, not in sharp version, therefor a separate reference file is needed see DEVSIX-6752">
             <file path="com/itextpdf/kernel/pdf/xobject/GetImageBytesTest/grayImages.png" />

sharpenConfiguration.xml

@@ -23,6 +23,9 @@ This file is part of the iText (R) project.
 package com.itextpdf.signatures;
 
 import com.itextpdf.bouncycastleconnector.BouncyCastleFactoryCreator;
+import com.itextpdf.commons.bouncycastle.IBouncyCastleFactory;
+import com.itextpdf.commons.bouncycastle.asn1.IASN1EncodableVector;
+import com.itextpdf.commons.bouncycastle.asn1.IASN1Sequence;
 import com.itextpdf.commons.bouncycastle.asn1.esf.ISignaturePolicyIdentifier;
 import com.itextpdf.commons.utils.FileUtil;
 import com.itextpdf.commons.utils.MessageFormatUtil;
@@ -46,6 +49,8 @@ This file is part of the iText (R) project.
 import com.itextpdf.kernel.font.PdfFont;
 import com.itextpdf.kernel.geom.Rectangle;
 import com.itextpdf.kernel.mac.IMacContainerLocator;
+import com.itextpdf.signatures.cms.CMSContainer;
+import com.itextpdf.signatures.cms.CmsAttribute;
 import com.itextpdf.signatures.mac.SignatureContainerGenerationEvent;
 import com.itextpdf.kernel.pdf.PdfArray;
 import com.itextpdf.kernel.pdf.PdfDate;
@@ -104,7 +109,9 @@ This file is part of the iText (R) project.
  * Takes care of the cryptographic options and appearances that form a signature.
  */
 public class PdfSigner {
-    private static final int MAXIMUM_MAC_SIZE = 788;
+    static final int MAXIMUM_MAC_SIZE = 788;
+    private static final IBouncyCastleFactory FACTORY = BouncyCastleFactoryCreator.getFactory();
+    private static final String ID_ATTR_PDF_MAC_DATA = "1.0.32004.1.2";
 
     /**
      * Enum containing the Cryptographic Standards. Possible values are "CMS" and "CADES".
@@ -598,8 +605,8 @@ public void signDetached(IExternalDigest externalDigest, IExternalSignature exte
             if (tsaClient != null) {
                 estimatedSize += tsaClient.getTokenSizeEstimate() + 96;
             }
-            if (document.getTrailer().getAsDictionary(PdfName.AuthCode) != null) {
-                // if AuthCode is found in trailer, we assume MAC will be embedded and allocate additional space.
+            if (document.getDiContainer().getInstance(IMacContainerLocator.class).isMacContainerLocated()) {
+                // If MAC container was located, we presume MAC will be embedded and allocate additional space.
                 estimatedSize += MAXIMUM_MAC_SIZE;
             }
         }
@@ -700,12 +707,18 @@ public void signExternalContainer(IExternalSignatureContainer externalSignatureC
         externalSignatureContainer.modifySigningDictionary(dic.getPdfObject());
         cryptoDictionary = dic;
 
+        if (document.getDiContainer().getInstance(IMacContainerLocator.class).isMacContainerLocated()) {
+            // If MAC container was located, we presume MAC will be embedded and allocate additional space.
+            estimatedSize += MAXIMUM_MAC_SIZE;
+        }
+
         Map<PdfName, Integer> exc = new HashMap<>();
         exc.put(PdfName.Contents, estimatedSize * 2 + 2);
         preClose(exc);
 
         InputStream data = getRangeStream();
         byte[] encodedSig = externalSignatureContainer.sign(data);
+        encodedSig = embedMacTokenIntoSignatureContainer(encodedSig);
 
         if (estimatedSize < encodedSig.length) {
             throw new IOException(SignExceptionMessageConstant.NOT_ENOUGH_SPACE);
@@ -744,6 +757,10 @@ public void timestamp(ITSAClient tsa, String signatureName) throws IOException,
         }
 
         int contentEstimated = tsa.getTokenSizeEstimate();
+        if (document.getDiContainer().getInstance(IMacContainerLocator.class).isMacContainerLocated()) {
+            // If MAC container was located, we presume MAC will be embedded and allocate additional space.
+            contentEstimated += MAXIMUM_MAC_SIZE;
+        }
         if (!isDocumentPdf2()) {
             addDeveloperExtension(PdfDeveloperExtension.ESIC_1_7_EXTENSIONLEVEL5);
         }
@@ -771,6 +788,8 @@ public void timestamp(ITSAClient tsa, String signatureName) throws IOException,
             throw new GeneralSecurityException(e.getMessage(), e);
         }
 
+        tsToken = embedMacTokenIntoSignatureContainer(tsToken);
+
         if (contentEstimated + 2 < tsToken.length) {
             throw new IOException(MessageFormatUtil.format(
                     SignExceptionMessageConstant.TOKEN_ESTIMATION_SIZE_IS_NOT_LARGE_ENOUGH,
@@ -1308,6 +1327,19 @@ protected int getWidgetPageNumber(PdfWidgetAnnotation widget) {
         return pageNumber;
     }
 
+    PdfSignature createSignatureDictionary(boolean includeDate) {
+        PdfSignature dic = new PdfSignature();
+        dic.setReason(this.signerProperties.getReason());
+        dic.setLocation(this.signerProperties.getLocation());
+        dic.setSignatureCreator(this.signerProperties.getSignatureCreator());
+        dic.setContact(this.signerProperties.getContact());
+        Calendar claimedSignDate = this.signerProperties.getClaimedSignDate();
+        if (includeDate && claimedSignDate != TimestampConstants.UNDEFINED_TIMESTAMP_DATE) {
+            dic.setDate(new PdfDate(claimedSignDate)); // time-stamp will over-rule this
+        }
+        return dic;
+    }
+
     private static String getSignerName(X509Certificate certificate) {
         String name = null;
         CertificateInfo.X500Name x500name = CertificateInfo.getSubjectFields(certificate);
@@ -1355,20 +1387,6 @@ private boolean isDocumentPdf2() {
         return document.getPdfVersion().compareTo(PdfVersion.PDF_2_0) >= 0;
     }
 
-    PdfSignature createSignatureDictionary(boolean includeDate) {
-        PdfSignature dic = new PdfSignature();
-        dic.setReason(this.signerProperties.getReason());
-        dic.setLocation(this.signerProperties.getLocation());
-        dic.setSignatureCreator(this.signerProperties.getSignatureCreator());
-        dic.setContact(this.signerProperties.getContact());
-        Calendar claimedSignDate = this.signerProperties.getClaimedSignDate();
-        if (includeDate && claimedSignDate != TimestampConstants.UNDEFINED_TIMESTAMP_DATE) {
-            dic.setDate(new PdfDate(claimedSignDate)); // time-stamp will over-rule this
-        }
-        return dic;
-    }
-
-
     protected void applyAccessibilityProperties(PdfFormField formField, IAccessibleElement modelElement,
                                                 PdfDocument pdfDocument) {
         if (!pdfDocument.isTagged()) {
@@ -1381,6 +1399,30 @@ protected void applyAccessibilityProperties(PdfFormField formField, IAccessibleE
         }
     }
 
+    private byte[] embedMacTokenIntoSignatureContainer(byte[] signatureContainer) {
+        if (document.getDiContainer().getInstance(IMacContainerLocator.class).isMacContainerLocated()) {
+            try {
+                CMSContainer cmsContainer = new CMSContainer(signatureContainer);
+                // If MAC is in the signature already, we regenerate it anyway.
+                cmsContainer.getSignerInfo().removeUnSignedAttribute(ID_ATTR_PDF_MAC_DATA);
+                IASN1EncodableVector unsignedVector = FACTORY.createASN1EncodableVector();
+                document.dispatchEvent(new SignatureContainerGenerationEvent(unsignedVector,
+                        cmsContainer.getSignerInfo().getSignatureData(), getRangeStream()));
+                if (FACTORY.createDERSequence(unsignedVector).size() != 0) {
+                    IASN1Sequence sequence =
+                            FACTORY.createASN1Sequence(FACTORY.createDERSequence(unsignedVector).getObjectAt(0));
+                    cmsContainer.getSignerInfo().addUnSignedAttribute(new CmsAttribute(
+                            FACTORY.createASN1ObjectIdentifier(sequence.getObjectAt(0)).getId(),
+                            sequence.getObjectAt(1).toASN1Primitive()));
+                    return cmsContainer.serialize();
+                }
+            } catch (Exception exception) {
+                throw new PdfException(SignExceptionMessageConstant.NOT_POSSIBLE_TO_EMBED_MAC_TO_SIGNATURE, exception);
+            }
+        }
+        return signatureContainer;
+    }
+
     private void applyDefaultPropertiesForTheNewField(PdfSignatureFormField sigField) {
         SignatureFieldAppearance formFieldElement = getSignatureAppearance();
         PdfFormAnnotation annotation = sigField.getFirstFormAnnotation();

sign/src/main/java/com/itextpdf/signatures/PdfSigner.java

@@ -24,6 +24,7 @@ This file is part of the iText (R) project.
 
 import com.itextpdf.kernel.crypto.DigestAlgorithms;
 import com.itextpdf.kernel.exceptions.PdfException;
+import com.itextpdf.kernel.mac.IMacContainerLocator;
 import com.itextpdf.kernel.pdf.PdfDeveloperExtension;
 import com.itextpdf.kernel.pdf.PdfDictionary;
 import com.itextpdf.kernel.pdf.PdfDocument;
@@ -166,15 +167,17 @@ PdfSigner createPdfSigner(SignerProperties signerProperties) throws IOException
 
     private byte[] prepareDocumentForSignature(SignerProperties signerProperties, MessageDigest messageDigest,
                                                PdfName filter, PdfName subFilter, int estimatedSize,
-                                               boolean includeDate)
-            throws IOException {
+                                               boolean includeDate) throws IOException {
         if (closed) {
             throw new PdfException(SignExceptionMessageConstant.THIS_INSTANCE_OF_PDF_SIGNER_ALREADY_CLOSED);
         }
         PdfSigner pdfSigner = createPdfSigner(signerProperties);
 
 
         PdfDocument document = pdfSigner.getDocument();
+        if (document.getDiContainer().getInstance(IMacContainerLocator.class).isMacContainerLocated()) {
+            throw new PdfException(SignExceptionMessageConstant.NOT_POSSIBLE_TO_EMBED_MAC_TO_SIGNATURE);
+        }
         if (document.getPdfVersion().compareTo(PdfVersion.PDF_2_0) < 0) {
             document.getCatalog().addDeveloperExtension(PdfDeveloperExtension.ESIC_1_7_EXTENSIONLEVEL2);
         }