Skip to content

Refactor Core API to Fluent Model & Functionality Extension #126

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
vanbroup wants to merge 33 commits into
base: main
Choose a base branch
from
Open

Refactor Core API to Fluent Model & Functionality Extension #126

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
33 commits
Select commit Hold shift + click to select a range
64fb638
feat: core refactoring and new features
vanbroup Jan 17, 2026
436eb0a
feat: logic improvements
vanbroup Jan 17, 2026
50d5b2f
feat: external signer integrations
vanbroup Jan 17, 2026
d6964d6
chore: scripts
vanbroup Jan 17, 2026
e892b46
feat: cli and config updates
vanbroup Jan 17, 2026
8ec4431
chore: cleanups and revocations
vanbroup Jan 17, 2026
3ad628d
feat: signer modules
vanbroup Jan 17, 2026
6365670
test: unit tests and fixtures
vanbroup Jan 17, 2026
5ee488e
fix: remove .DS_Store and update .gitignore
vanbroup Jan 17, 2026
12041dc
fix: lint issues
vanbroup Jan 17, 2026
6ef92b8
fix(tests): add missing testfiles/images/digitorus-icon.pdf for TestI…
vanbroup Jan 17, 2026
13bc706
fix(verify): resolve message digest mismatches and enforce strict ver…
vanbroup Jan 17, 2026
00e5804
test(sign): add dedicated test for appending to multi-signature file
vanbroup Jan 18, 2026
3bfd345
fix(verify): ensure verification constraints are enforced and tested
vanbroup Jan 18, 2026
400381a
fix: rename CurrentTime to AtTime and resolve lint errors
vanbroup Jan 18, 2026
9bf1839
fix(ci): update VeraPDF URL and make DSS validation non-blocking
vanbroup Jan 18, 2026
681e28d
fix(test): exclude testfile30.pdf from tests due to malformed CRLs
vanbroup Jan 18, 2026
7ab88c4
fix(ci): temporarily disable corpus-test job due to installer changes
vanbroup Jan 18, 2026
91ecbd9
fix(ci): update VeraPDF installation logic for installer zip
vanbroup Jan 18, 2026
e0641b2
refactor: consistently use atTime for verification and update CI desc…
vanbroup Jan 18, 2026
cf2168e
fix(ci): use absolute path for verapdf auto-install.xml
vanbroup Jan 18, 2026
02dbf43
fix(ci): use setup-dss.sh for robust DSS setup and fix verapdf pathing
vanbroup Jan 18, 2026
36d50b1
fix(ci): robust VeraPDF installation and optimized DSS startup
vanbroup Jan 18, 2026
9b30ad1
Refactor verification API to idiomatic Go errors and restructure tests
vanbroup Jan 18, 2026
13c29f0
Fix empty PDF output in verbose tests by preventing copyFile self-cop…
vanbroup Jan 18, 2026
7092a24
Revert copyFile to os.Rename and fix multi-stage tests
vanbroup Jan 18, 2026
33a2932
Fix DSS service startup hang in GHA
vanbroup Jan 18, 2026
ddaafbc
Enhance DSS startup observability in GHA
vanbroup Jan 18, 2026
e04eb04
Revert Dockerfile.dss to use original mvn spring-boot:run command
vanbroup Jan 18, 2026
3303b8f
Remove redundant v2 DSS health check endpoint
vanbroup Jan 18, 2026
545da56
Robustness: improve DSS health check to accept app-level errors as 'r…
vanbroup Jan 18, 2026
c24c262
Fix DSS script error and correct test name in CI
vanbroup Jan 18, 2026
445d607
fix: address all PR review comments (revocation, forms escaping, veri…
Copilot Apr 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 71 additions & 2 deletions .github/workflows/go.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,13 @@ jobs:
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: ^1.23
go-version: '1.24.x'

- name: Set up Java (for external validation tools)
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'

- name: Build
run: go build -v ./...
Expand All @@ -32,7 +38,7 @@ jobs:
- name: Install pdfcpu
run: go install github.com/pdfcpu/pdfcpu/cmd/pdfcpu@latest

- name: Run PDF Validation
- name: Validate signed PDFs with pdfcpu
run: |
# Ensure pdfcpu is in PATH
export PATH=$PATH:$(go env GOPATH)/bin
Expand Down Expand Up @@ -107,6 +113,19 @@ jobs:
echo "✅ All PDF validations passed!"
fi

- name: Run DSS Validation
run: |
# Use the local setup script which uses Docker to avoid dependency issues
chmod +x scripts/setup-dss.sh
./scripts/setup-dss.sh

# Run validation test
echo "### DSS Signature Validation Results"
DSS_API_URL=http://localhost:8080/services/rest/validation/validateSignature go test -v ./sign -run TestValidateDSSValidation

# Container is started with --rm, so stopping it is enough
docker stop dss-validator || true

- name: Upload coverage report
if: always()
uses: codecov/codecov-action@v4
Expand All @@ -122,3 +141,53 @@ jobs:
name: test-pdf-artifacts
path: testfiles/success/
retention-days: 7

corpus-test:
name: Corpus Test
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6

- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: '1.24.x'

- name: Set up Java (for external validation tools)
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'

- name: Install validators (pdfcpu, Ghostscript, veraPDF)
run: |
sudo apt-get update
sudo apt-get install -y ghostscript
go install github.com/pdfcpu/pdfcpu/cmd/pdfcpu@latest

# Install veraPDF greenfield
curl -L https://software.verapdf.org/rel/1.28/verapdf-greenfield-1.28.2-installer.zip -o verapdf.zip
unzip verapdf.zip

# Create auto-install.xml for headless installation
printf '<?xml version="1.0" encoding="UTF-8" standalone="no"?>\n<AutomatedInstallation langpack="eng">\n <com.izforge.izpack.panels.htmlhello.HTMLHelloPanel id="welcome"/>\n <com.izforge.izpack.panels.target.TargetPanel id="install_dir">\n <installpath>%s/verapdf</installpath>\n </com.izforge.izpack.panels.target.TargetPanel>\n <com.izforge.izpack.panels.packs.PacksPanel id="sdk_pack_select">\n <pack index="0" name="veraPDF GUI" selected="true"/>\n <pack index="1" name="veraPDF Mac and *nix Scripts" selected="true"/>\n <pack index="2" name="veraPDF Corpus and Validation model" selected="false"/>\n <pack index="3" name="veraPDF Documentation" selected="true"/>\n <pack index="4" name="veraPDF Sample Plugins" selected="false"/>\n </com.izforge.izpack.panels.packs.PacksPanel>\n <com.izforge.izpack.panels.install.InstallPanel id="install"/>\n <com.izforge.izpack.panels.finish.FinishPanel id="finish"/>\n</AutomatedInstallation>\n' "$PWD" > "$PWD/auto-install.xml"

# Run installer
INSTALLER_DIR=$(find . -maxdepth 1 -type d -name "verapdf-greenfield-*" | head -n 1)
$INSTALLER_DIR/verapdf-install "$PWD/auto-install.xml"

echo "VERAPDF_DIR=verapdf" >> $GITHUB_ENV
echo "$PWD/verapdf" >> $GITHUB_PATH

- name: Cache corpus downloads
uses: actions/cache@v4
with:
path: /tmp/pdf-corpus
key: pdf-corpus-v1

- name: Run corpus security tests
run: |
export PATH=$PATH:$(go env GOPATH)/bin:$PWD/$VERAPDF_DIR
# veraPDF script name is usually 'verapdf'
PDF_CORPUS_CACHE=/tmp/pdf-corpus go test -v ./sign -run TestSignCorpus -download-corpus -timeout 30m
33 changes: 31 additions & 2 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,39 @@
# Binaries
#-------------
pdfsign
*.exe
*.test
*.prof

# OS specific checks
#-------------------
.DS_Store
.AppleDouble
.LSOverride
Thumbs.db

# IDEs
#-----
.idea
.vscode
*.swp

# Go
#---
vendor/
go.work
go.work.sum

# Certificates
#-------------
certs/*

# Test files
#-----------
*.pdf
*.pdf.*
!testfile*.pdf
testfiles/*_signed.pdf
testfiles/failed/*
testfiles/success/*
pdfsign
certs/*
tmp/
Loading
Loading