more logging

new errorcode for invalid signature dictionary (232)
detect invalid signature dictionary
detect errors (invalid glyph mappings) when extracting text
remove useless certificate digest calculation
remove invocation of erroneous getCertDigest method
webapp: hotfix for NPE
adjustments for new mocca (applet) version (layout)
POM: removed deprecated maven elements

git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@587 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c

1 files changed, 53 insertions, 8 deletions

diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
index 66daf57..0b39a5b 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
@@ -570,7 +570,7 @@ public class SignatureObject implements Serializable
     {

       setSigValue(SignatureTypes.SIG_ISSUER, cert.getIssuerName());

       setSigValue(SIG_CER, cert.getCertString());

-      setSigValue(SIG_CER_DIG, cert.getCertDigest());

+      // setSigValue(SIG_CER_DIG, cert.getCertDigest());

       x509Cert_ = cert;

     }

     issuer = getSigValue(SignatureTypes.SIG_ISSUER);

@@ -670,13 +670,13 @@ public class SignatureObject implements Serializable
     {

       setSigValue(SignatureTypes.SIG_ISSUER, cert.getIssuerName());

       setSigValue(SIG_CER, cert.getCertString());

-      setSigValue(SIG_CER_DIG, cert.getCertDigest());

+      // setSigValue(SIG_CER_DIG, cert.getCertDigest());

       x509Cert_ = cert;

     }

   }

 

   /**

-   * @return the current X509CertificateDigest value.

+   * @return the current X509CertificateDigest value (as SHA1 digest).

    */

   public String getX509CertificateDigest()

   {

@@ -684,7 +684,10 @@ public class SignatureObject implements Serializable
     if (dig == null)

     {

       loadCurrentCert();

-      dig = getSigValue(SIG_CER_DIG);

+      byte[] cert_b64 = CodingHelper.decodeBase64(x509Cert_.getCertString());

+      byte[] cert_hash = CodingHelper.buildDigest(cert_b64, "SHA");

+      dig = new String(CodingHelper.encodeBase64(cert_hash));

+      setSigValue(SIG_CER_DIG, dig);

     }

     return dig;

   }

@@ -710,7 +713,7 @@ public class SignatureObject implements Serializable
   public void setX509Certificate(String x509Certificate)

   {

     setSigValue(SIG_CER, x509Certificate);

-    storeCertificate(getSignationSerialNumber(), getSignationIssuer(), x509Certificate, getX509CertificateDigest());

+    storeCertificate(getSignationSerialNumber(), getSignationIssuer(), x509Certificate);

   }

   

   public void setX509Certificate(X509Certificate cert)

@@ -722,7 +725,7 @@ public class SignatureObject implements Serializable
 //      setX509Certificate(certStr);

       X509Cert knowcenterCert = X509Cert.initByX509Certificate(cert);

       setSigValue(SIG_CER, knowcenterCert.getCertString());

-      storeCertificate(cert.getSerialNumber().toString(), knowcenterCert.getIssuerName(), knowcenterCert.getCertString(), knowcenterCert.getCertDigest());

+      storeCertificate(cert.getSerialNumber().toString(), knowcenterCert.getIssuerName(), knowcenterCert.getCertString());

     }

     catch (CertificateEncodingException e)

     {

@@ -1339,9 +1342,51 @@ public class SignatureObject implements Serializable
    * @param x509Digest

    *          the digest value of the given x509Certificate

    * @return true the certificate is stored completely, false otherwise

+   * @deprecated Use {@link #storeCertificate(String, String, String)} instead.

    */

   private boolean storeCertificate(String serialNumber, String issuer,

-      String x509Certificate, String x509Digest)

+		  String x509Certificate, String x509Digest)

+  {

+	  return storeCertificate(serialNumber, issuer, x509Certificate);

+  }

+  

+  /**

+   * This method stores a X509v3 certificate to the filesystem. The reference to

+   * the stored certificate is build by the serialNumber and the issuer string.

+   * The issuer string is normalized because if getting this value from a pdf

+   * extraction it can be splited into more sections or necessary spaces are

+   * removed. The real issuer value is stored in the certificates meta file. The

+   * certficate is devided into two files: certificate.der (the binary value)

+   * and the meta information used in SignatureObjects as well in

+   * SignatureImages of a signed pdf-document. The storing path of the

+   * certificate is build by:

+   * <ol>

+   * <li>normalize the issuer string</li>

+   * <li>reduce all white spaces in the normalized issuer string</li>

+   * <li>build a hash value of this reduced string</li>

+   * <li>code this hash value as base64 value</li>

+   * <li>add the base64 normalized issuer hash value to the certificate base

+   * store path</li>

+   * <li>add the serialNumber to the cert path</li>

+   * <li>add the <code>.der</code> extension to get the certificate binary</li>

+   * <li>add the <code>.txt</code> extension to get the meta information of

+   * the certificate</li>

+   * </ol>

+   * 

+   * The certificate meta file is build by the base64 coded issuer string and

+   * the cert digest value devided by the <code>@</code> char.

+   * 

+   * @param serialNumber

+   *          the file name of the certificate .der|.txt

+   * @param issuer

+   *          the issuer string for the file path value of the certificate and

+   *          for metainformation

+   * @param x509Certificate

+   *          the x509v3 binary string

+   * @return true the certificate is stored completely, false otherwise

+   */

+  private boolean storeCertificate(String serialNumber, String issuer,

+      String x509Certificate)

   {

     boolean store_complete = false;

     if (issuer != null && serialNumber != null)

@@ -1377,7 +1422,7 @@ public class SignatureObject implements Serializable
     }

     return store_complete;

   }

-

+  

   /**

    * @return Returns the AbstractTable.

    * @see at.knowcenter.wag.egov.egiz.table.Table