Process SignMetaInfo to ignore multiple document creation events per …

…one signing operation

Make sure that it is possible to pass metainfo to the newly added sign classes
Introduce isEventCountingMetaInfoSet check

DEVSIX-8216

Autoported commit.
Original commit hash: [daafb5686]

itext.tests/itext.kernel.tests/itext/kernel/pdf/DocumentPropertiesUnitTest.cs

@@ -0,0 +1,45 @@
+/*
+This file is part of the iText (R) project.
+Copyright (c) 1998-2024 Apryse Group NV
+Authors: Apryse Software.
+
+This program is offered under a commercial and under the AGPL license.
+For commercial licensing, contact us at https://itextpdf.com/sales.  For AGPL licensing, see below.
+
+AGPL licensing:
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+using iText.Commons.Actions.Contexts;
+using iText.Test;
+
+namespace iText.Kernel.Pdf {
+    [NUnit.Framework.Category("UnitTest")]
+    public class DocumentPropertiesUnitTest : ExtendedITextTest {
+        [NUnit.Framework.Test]
+        public virtual void SetEventCountingMetaInfoTest() {
+            DocumentProperties documentProperties = new DocumentProperties();
+            documentProperties.SetEventCountingMetaInfo(new DocumentPropertiesUnitTest.TestMetaInfo());
+            NUnit.Framework.Assert.IsTrue(documentProperties.IsEventCountingMetaInfoSet());
+        }
+
+        [NUnit.Framework.Test]
+        public virtual void MetaInfoIsNotSetTest() {
+            DocumentProperties documentProperties = new DocumentProperties();
+            NUnit.Framework.Assert.IsFalse(documentProperties.IsEventCountingMetaInfoSet());
+        }
+
+        private class TestMetaInfo : IMetaInfo {
+        }
+    }
+}

itext/itext.commons/itext/commons/actions/ProductNameConstant.cs

@@ -30,6 +30,9 @@ public sealed class ProductNameConstant {
         /// <summary>itext-core constant.</summary>
         public const String ITEXT_CORE = "itext-core";
 
+        /// <summary>itext-core sign module constant.</summary>
+        public const String ITEXT_CORE_SIGN = "itext-core-sign";
+
         /// <summary>pdfhtml constant.</summary>
         public const String PDF_HTML = "pdfHtml";
 

itext/itext.commons/itext/commons/actions/contexts/AbstractContextManagerConfigurationEvent.cs

@@ -42,7 +42,7 @@ protected internal virtual void RegisterGenericContext(ICollection<String> names
         }
 
         /// <summary>Unregisters certain namespaces.</summary>
-        /// <param name="namespaces">the namespaces to be unregisted</param>
+        /// <param name="namespaces">the namespaces to be unregistered</param>
         protected internal virtual void UnregisterContext(ICollection<String> namespaces) {
             ContextManager.GetInstance().UnregisterContext(namespaces);
         }

itext/itext.commons/itext/commons/actions/contexts/ContextManager.cs

@@ -37,6 +37,8 @@ static ContextManager() {
             iText.Commons.Actions.Contexts.ContextManager local = new iText.Commons.Actions.Contexts.ContextManager();
             local.RegisterGenericContext(NamespaceConstant.ITEXT_CORE_NAMESPACES, JavaCollectionsUtil.Singleton(ProductNameConstant
                 .ITEXT_CORE));
+            local.RegisterGenericContext(JavaCollectionsUtil.Singleton(NamespaceConstant.CORE_SIGN), JavaCollectionsUtil
+                .Singleton(ProductNameConstant.ITEXT_CORE_SIGN));
             local.RegisterGenericContext(JavaCollectionsUtil.SingletonList(NamespaceConstant.PDF_HTML), JavaCollectionsUtil
                 .Singleton(ProductNameConstant.PDF_HTML));
             local.RegisterGenericContext(JavaCollectionsUtil.SingletonList(NamespaceConstant.PDF_SWEEP), JavaCollectionsUtil

itext/itext.kernel/itext/kernel/pdf/DocumentProperties.cs

@@ -58,5 +58,11 @@ public virtual iText.Kernel.Pdf.DocumentProperties SetEventCountingMetaInfo(IMet
             this.metaInfo = metaInfo;
             return this;
         }
+
+        /// <summary>Checks if the document event counting meta info was already set.</summary>
+        /// <returns>true if the document event counting meta info is set, false otherwise.</returns>
+        public virtual bool IsEventCountingMetaInfoSet() {
+            return this.metaInfo != null;
+        }
     }
 }

itext/itext.sign/itext/signatures/PadesTwoPhaseSigningHelper.cs

@@ -62,6 +62,9 @@ public class PadesTwoPhaseSigningHelper {
 
         private StampingProperties stampingProperties = new StampingProperties().UseAppendMode();
 
+        private StampingProperties stampingPropertiesWithMetaInfo = (StampingProperties)new StampingProperties().UseAppendMode
+            ().SetEventCountingMetaInfo(new SignMetaInfo());
+
         private IIssuingCertificateRetriever issuingCertificateRetriever = new IssuingCertificateRetriever();
 
         private int estimatedSize = -1;
@@ -299,6 +302,9 @@ public virtual iText.Signatures.PadesTwoPhaseSigningHelper SetTimestampSignature
         public virtual iText.Signatures.PadesTwoPhaseSigningHelper SetStampingProperties(StampingProperties stampingProperties
             ) {
             this.stampingProperties = stampingProperties;
+            if (stampingProperties.IsEventCountingMetaInfoSet()) {
+                this.stampingPropertiesWithMetaInfo = stampingProperties;
+            }
             return this;
         }
 
@@ -326,6 +332,7 @@ public virtual CMSContainer CreateCMSContainerWithoutSignature(IX509Certificate[
             IX509Certificate[] fullChain = issuingCertificateRetriever.RetrieveMissingCertificates(certificates);
             IX509Certificate[] x509FullChain = JavaUtil.ArraysAsList(fullChain).ToArray(new IX509Certificate[0]);
             PdfTwoPhaseSigner pdfTwoPhaseSigner = new PdfTwoPhaseSigner(inputDocument, outputStream);
+            pdfTwoPhaseSigner.SetStampingProperties(stampingProperties);
             CMSContainer cms = new CMSContainer();
             SignerInfo signerInfo = new SignerInfo();
             String digestAlgorithmOid = DigestAlgorithms.GetAllowedDigest(digestAlgorithm);
@@ -360,7 +367,7 @@ public virtual void SignCMSContainerWithBaselineBProfile(IExternalSignature exte
             , Stream outputStream, String signatureFieldName, CMSContainer cmsContainer) {
             SetSignatureAlgorithmAndSignature(externalSignature, cmsContainer);
             try {
-                using (PdfDocument document = new PdfDocument(inputDocument)) {
+                using (PdfDocument document = new PdfDocument(inputDocument, stampingProperties)) {
                     PdfTwoPhaseSigner.AddSignatureToPreparedDocument(document, signatureFieldName, outputStream, cmsContainer);
                 }
             }
@@ -394,7 +401,7 @@ public virtual void SignCMSContainerWithBaselineTProfile(IExternalSignature exte
                 cmsContainer.GetSignerInfo().AddUnSignedAttribute(timestampAttribute);
             }
             try {
-                using (PdfDocument document = new PdfDocument(inputDocument)) {
+                using (PdfDocument document = new PdfDocument(inputDocument, stampingProperties)) {
                     PdfTwoPhaseSigner.AddSignatureToPreparedDocument(document, signatureFieldName, outputStream, cmsContainer);
                 }
             }
@@ -423,7 +430,7 @@ public virtual void SignCMSContainerWithBaselineLTProfile(IExternalSignature ext
                         );
                     using (Stream inputStream = padesSigner.CreateInputStream()) {
                         using (PdfDocument pdfDocument = new PdfDocument(new PdfReader(inputStream), new PdfWriter(outputStream), 
-                            new StampingProperties().UseAppendMode())) {
+                            stampingPropertiesWithMetaInfo)) {
                             padesSigner.PerformLtvVerification(pdfDocument, JavaCollectionsUtil.SingletonList(signatureFieldName), LtvVerification.RevocationDataNecessity
                                 .REQUIRED_FOR_SIGNING_CERTIFICATE);
                         }
@@ -455,7 +462,7 @@ public virtual void SignCMSContainerWithBaselineLTAProfile(IExternalSignature ex
                         );
                     using (Stream inputStream = padesSigner.CreateInputStream()) {
                         using (PdfDocument pdfDocument = new PdfDocument(new PdfReader(inputStream), new PdfWriter(padesSigner.CreateOutputStream
-                            ()), new StampingProperties().UseAppendMode())) {
+                            ()), stampingPropertiesWithMetaInfo)) {
                             padesSigner.PerformLtvVerification(pdfDocument, JavaCollectionsUtil.SingletonList(signatureFieldName), LtvVerification.RevocationDataNecessity
                                 .REQUIRED_FOR_SIGNING_CERTIFICATE);
                             padesSigner.PerformTimestamping(pdfDocument, outputStream, tsaClient);

itext/itext.sign/itext/signatures/PdfPadesSigner.cs

@@ -61,6 +61,9 @@ public class PdfPadesSigner {
 
         private StampingProperties stampingProperties = new StampingProperties().UseAppendMode();
 
+        private StampingProperties stampingPropertiesWithMetaInfo = (StampingProperties)new StampingProperties().UseAppendMode
+            ().SetEventCountingMetaInfo(new SignMetaInfo());
+
         private MemoryStream tempOutputStream;
 
         private FileInfo tempFile;
@@ -213,7 +216,7 @@ public virtual void SignWithBaselineLTProfile(SignerProperties signerProperties,
                 PerformSignDetached(signerProperties, false, externalSignature, chain, tsaClient);
                 using (Stream inputStream = CreateInputStream()) {
                     using (PdfDocument pdfDocument = new PdfDocument(new PdfReader(inputStream), new PdfWriter(outputStream), 
-                        new StampingProperties().UseAppendMode())) {
+                        stampingPropertiesWithMetaInfo)) {
                         PerformLtvVerification(pdfDocument, JavaCollectionsUtil.SingletonList(signerProperties.GetFieldName()), LtvVerification.RevocationDataNecessity
                             .REQUIRED_FOR_SIGNING_CERTIFICATE);
                     }
@@ -279,7 +282,7 @@ public virtual void SignWithBaselineLTAProfile(SignerProperties signerProperties
                 PerformSignDetached(signerProperties, false, externalSignature, chain, tsaClient);
                 using (Stream inputStream = CreateInputStream()) {
                     using (PdfDocument pdfDocument = new PdfDocument(new PdfReader(inputStream), new PdfWriter(CreateOutputStream
-                        ()), new StampingProperties().UseAppendMode())) {
+                        ()), stampingPropertiesWithMetaInfo)) {
                         PerformLtvVerification(pdfDocument, JavaCollectionsUtil.SingletonList(signerProperties.GetFieldName()), LtvVerification.RevocationDataNecessity
                             .REQUIRED_FOR_SIGNING_CERTIFICATE);
                         PerformTimestamping(pdfDocument, outputStream, tsaClient);
@@ -330,8 +333,8 @@ public virtual void SignWithBaselineLTAProfile(SignerProperties signerProperties
         /// </param>
         public virtual void ProlongSignatures(ITSAClient tsaClient) {
             Stream documentOutputStream = tsaClient == null ? outputStream : CreateOutputStream();
-            using (PdfDocument pdfDocument = new PdfDocument(reader, new PdfWriter(documentOutputStream), new StampingProperties
-                ().UseAppendMode())) {
+            using (PdfDocument pdfDocument = new PdfDocument(reader, new PdfWriter(documentOutputStream), stampingProperties
+                )) {
                 SignatureUtil signatureUtil = new SignatureUtil(pdfDocument);
                 IList<String> signatureNames = signatureUtil.GetSignatureNames();
                 if (signatureNames.IsEmpty()) {
@@ -415,6 +418,9 @@ public virtual iText.Signatures.PdfPadesSigner SetTimestampSignatureName(String
         public virtual iText.Signatures.PdfPadesSigner SetStampingProperties(StampingProperties stampingProperties
             ) {
             this.stampingProperties = stampingProperties;
+            if (stampingProperties.IsEventCountingMetaInfoSet()) {
+                this.stampingPropertiesWithMetaInfo = stampingProperties;
+            }
             return this;
         }
 

itext/itext.sign/itext/signatures/PdfTwoPhaseSigner.cs

@@ -29,6 +29,21 @@ You should have received a copy of the GNU Affero General Public License
 using iText.Signatures.Exceptions;
 
 namespace iText.Signatures {
+    /// <summary>
+    /// Class that prepares document and adds the signature to it while performing signing operation in two steps
+    /// (see
+    /// <see cref="PadesTwoPhaseSigningHelper"/>
+    /// for more info).
+    /// </summary>
+    /// <remarks>
+    /// Class that prepares document and adds the signature to it while performing signing operation in two steps
+    /// (see
+    /// <see cref="PadesTwoPhaseSigningHelper"/>
+    /// for more info).
+    /// <para />
+    /// Firstly, this class allows to prepare the document for signing and calculate the document digest to sign.
+    /// Secondly, it adds an existing signature to a PDF where space was already reserved.
+    /// </remarks>
     public class PdfTwoPhaseSigner {
         private readonly PdfReader reader;
 
@@ -40,6 +55,21 @@ public class PdfTwoPhaseSigner {
 
         private bool closed;
 
+        /// <summary>
+        /// Creates new
+        /// <see cref="PdfTwoPhaseSigner"/>
+        /// instance.
+        /// </summary>
+        /// <param name="reader">
+        /// 
+        /// <see cref="iText.Kernel.Pdf.PdfReader"/>
+        /// instance to read the original PDF file
+        /// </param>
+        /// <param name="outputStream">
+        /// 
+        /// <see cref="System.IO.Stream"/>
+        /// output stream to write the resulting PDF file into
+        /// </param>
         public PdfTwoPhaseSigner(PdfReader reader, Stream outputStream) {
             this.reader = reader;
             this.outputStream = outputStream;

itext/itext.sign/itext/signatures/SignMetaInfo.cs

@@ -0,0 +1,28 @@
+/*
+This file is part of the iText (R) project.
+Copyright (c) 1998-2024 Apryse Group NV
+Authors: Apryse Software.
+
+This program is offered under a commercial and under the AGPL license.
+For commercial licensing, contact us at https://itextpdf.com/sales.  For AGPL licensing, see below.
+
+AGPL licensing:
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+using iText.Commons.Actions.Contexts;
+
+namespace iText.Signatures {
+    internal class SignMetaInfo : IMetaInfo {
+    }
+}

itext/itext.sign/itext/signatures/validation/DocumentRevisionsValidator.cs

@@ -24,6 +24,7 @@ You should have received a copy of the GNU Affero General Public License
 using System.Collections.Generic;
 using System.IO;
 using System.Linq;
+using iText.Commons.Actions.Contexts;
 using iText.Commons.Utils;
 using iText.IO.Source;
 using iText.Kernel.Pdf;
@@ -48,16 +49,31 @@ internal class DocumentRevisionsValidator {
 
         internal const String UNEXPECTED_ENTRY_IN_XREF = "New PDF document revision contains unexpected entry \"{0}\" in XREF table.";
 
+        private IMetaInfo metaInfo;
+
         internal DocumentRevisionsValidator() {
         }
 
         // Empty constructor.
+        /// <summary>
+        /// Sets the
+        /// <see cref="iText.Commons.Actions.Contexts.IMetaInfo"/>
+        /// that will be used during
+        /// <see cref="iText.Kernel.Pdf.PdfDocument"/>
+        /// creation.
+        /// </summary>
+        /// <param name="metaInfo">meta info to set</param>
+        public virtual void SetEventCountingMetaInfo(IMetaInfo metaInfo) {
+            this.metaInfo = metaInfo;
+        }
+
         internal virtual ValidationReport ValidateRevision(PdfDocument originalDocument, PdfDocument documentWithoutRevision
             , DocumentRevision revision) {
             ValidationReport validationReport = new ValidationReport();
             using (Stream inputStream = CreateInputStreamFromRevision(originalDocument, revision)) {
                 using (PdfReader newReader = new PdfReader(inputStream)) {
-                    using (PdfDocument documentWithRevision = new PdfDocument(newReader)) {
+                    using (PdfDocument documentWithRevision = new PdfDocument(newReader, new DocumentProperties().SetEventCountingMetaInfo
+                        (metaInfo))) {
                         ICollection<PdfIndirectReference> indirectReferences = revision.GetModifiedObjects();
                         if (!CompareCatalogs(documentWithoutRevision, documentWithRevision, validationReport)) {
                             return validationReport;

port-hash

@@ -1 +1 @@
-ee1e118580ab3623b1d1c3bc4adcb713e883b405
+daafb56864e655e3de3fbf76865c017b57edb51d