diff options
| author | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2013-06-19 10:29:33 +0200 |
|---|---|---|
| committer | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2013-06-19 10:33:04 +0200 |
| commit | ed0667e0873d4103f1385dcbc8be3c46fe0ae2d8 (patch) | |
| tree | ee7cc23a96a5499bf798c8ac72518b1997de4bfd /pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java | |
| parent | 65aa38cdfbc9715fd016f54d2ef3daaa4e6e9406 (diff) | |
| download | pdf-as-3-ed0667e0873d4103f1385dcbc8be3c46fe0ae2d8.tar.gz pdf-as-3-ed0667e0873d4103f1385dcbc8be3c46fe0ae2d8.tar.bz2 pdf-as-3-ed0667e0873d4103f1385dcbc8be3c46fe0ae2d8.zip | |
Added SHA256 hash calculation of original document do prevent application document injection
Diffstat (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java')
| -rw-r--r-- | pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java index 60c5d41..234640b 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java @@ -66,6 +66,8 @@ public class ProvidePDFServlet extends HttpServlet { public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String pdfIdString = request.getParameter(FormFields.FIELD_PDF_ID);
+ String plainPDFDigest = request.getParameter(FormFields.FIELD_ORIGINAL_DIGEST);
+
HttpSession session = request.getSession();
if (pdfIdString == null) {
@@ -85,6 +87,14 @@ public class ProvidePDFServlet extends HttpServlet { // Popup-Blocker, Link-Prefetching, IE 9 SmartScreen-Filter...???
// session.removeAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT);
log.debug("Returning signed pdf to browser.");
+ if(plainPDFDigest != null) {
+ if(!plainPDFDigest.equalsIgnoreCase(si.plainPDFDigest)) {
+ log.error("PDF Digests don't match!");
+ log.error("Requested digest: " + plainPDFDigest);
+ log.error("Saved digest: " + si.plainPDFDigest);
+ return;
+ }
+ }
SignServletHelper.returnSignResponse(si, request, response);
log.debug("Removing free text (if any) from session.");
session.removeAttribute(UpdateFormServlet.UPLOADFORM_FREETEXT_KEY);
@@ -93,32 +103,38 @@ public class ProvidePDFServlet extends HttpServlet { } else {
long pdfId = Long.parseLong(pdfIdString);
- byte[] pdf = null;
-
+ PDFContainer pdf = null;
synchronized (signedDocuments) {
Iterator it = signedDocuments.iterator();
while (it.hasNext() && pdf == null) {
PDFContainer current = (PDFContainer) it.next();
if (current.id == pdfId) {
- pdf = current.pdf;
+ pdf = current;
signedDocuments.remove(current);
}
}
}
- if (pdf != null) {
+ if (pdf != null && pdf.pdf != null) {
try {
-
+ if(plainPDFDigest != null) {
+ if(!plainPDFDigest.equalsIgnoreCase(pdf.originalDigest)) {
+ log.error("PDF Digests don't match! 1");
+ log.error("Requested digest: " + plainPDFDigest);
+ log.error("Saved digest: " + pdf.originalDigest);
+ return;
+ }
+ }
SignServletHelper.disableBrowserCacheForResponse(response);
response.setContentType("application/pdf");
- response.setContentLength(pdf.length);
+ response.setContentLength(pdf.pdf.length);
//SignSessionInformation si = (SignSessionInformation)session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION);
String filename = (String)session.getAttribute(SignServlet.SUBMITFORM_FILENAME_KEY);
response.setHeader("Content-disposition", "attachment; filename=\""+filename+"\"");
- InputStream is = new ByteArrayInputStream(pdf);
+ InputStream is = new ByteArrayInputStream(pdf.pdf);
final int bufferSize = 1024;
byte[] buffer = new byte[bufferSize];
int len = -1;
|