aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authortknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c>2008-06-11 12:09:06 +0000
committertknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c>2008-06-11 12:09:06 +0000
commit046cb5b235866e66ca9d2c55bd20ed7ec85ef12d (patch)
treee13d9e2394d62945656c2b3309094bb37317c3c7 /src
parentbe7c4af867e8f9144fdf88cb84ea92268d82f8ec (diff)
downloadpdf-as-3-046cb5b235866e66ca9d2c55bd20ed7ec85ef12d.tar.gz
pdf-as-3-046cb5b235866e66ca9d2c55bd20ed7ec85ef12d.tar.bz2
pdf-as-3-046cb5b235866e66ca9d2c55bd20ed7ec85ef12d.zip
Serious bug solved. Method storeCertificate tried to fetch a certificate from store before storing it. If not found (within the store resp. via ldap) the certificate was not stored.
git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@282 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c
Diffstat (limited to 'src')
-rw-r--r--src/main/java/at/gv/egiz/pdfas/commandline/Main.java3
-rw-r--r--src/main/java/at/gv/egiz/pdfas/impl/api/PdfAsObject.java3
-rw-r--r--src/main/java/at/gv/egiz/pdfas/utils/ConfigUtils.java64
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java2
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java52
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/commandline/Main.java11
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java14
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/X509Cert.java21
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java10
-rw-r--r--src/main/resources/DefaultConfiguration.zipbin190303 -> 190303 bytes
-rw-r--r--src/site/changes.xml4
11 files changed, 135 insertions, 49 deletions
diff --git a/src/main/java/at/gv/egiz/pdfas/commandline/Main.java b/src/main/java/at/gv/egiz/pdfas/commandline/Main.java
index dea19b6..8330238 100644
--- a/src/main/java/at/gv/egiz/pdfas/commandline/Main.java
+++ b/src/main/java/at/gv/egiz/pdfas/commandline/Main.java
@@ -28,7 +28,6 @@ import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.log4j.PropertyConfigurator;
import at.gv.egiz.pdfas.PdfAsFactory;
import at.gv.egiz.pdfas.api.PdfAs;
@@ -192,7 +191,7 @@ public abstract class Main
}
SettingsReader.initializeForCommandLine();
- PropertyConfigurator.configure(SettingsReader.CONFIG_PATH + "log4j.properties");
+ ConfigUtils.initializeLogger();
// printUsage(System.out);
diff --git a/src/main/java/at/gv/egiz/pdfas/impl/api/PdfAsObject.java b/src/main/java/at/gv/egiz/pdfas/impl/api/PdfAsObject.java
index 0450a50..635ef89 100644
--- a/src/main/java/at/gv/egiz/pdfas/impl/api/PdfAsObject.java
+++ b/src/main/java/at/gv/egiz/pdfas/impl/api/PdfAsObject.java
@@ -46,6 +46,7 @@ import at.gv.egiz.pdfas.impl.api.sign.SignResultImpl;
import at.gv.egiz.pdfas.impl.api.verify.VerifyResultAdapter;
import at.gv.egiz.pdfas.impl.api.verify.VerifyResultsImpl;
import at.gv.egiz.pdfas.impl.vfilter.VerificationFilterParametersImpl;
+import at.gv.egiz.pdfas.utils.ConfigUtils;
import at.knowcenter.wag.egov.egiz.PdfAS;
import at.knowcenter.wag.egov.egiz.PdfASID;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
@@ -106,7 +107,7 @@ public class PdfAsObject implements PdfAs
*/
public void reloadConfig() throws PdfAsException
{
- PropertyConfigurator.configure(SettingsReader.CONFIG_PATH + "log4j.properties");
+ ConfigUtils.initializeLogger();
SettingsReader.createInstance();
SignatureTypes.createInstance();
}
diff --git a/src/main/java/at/gv/egiz/pdfas/utils/ConfigUtils.java b/src/main/java/at/gv/egiz/pdfas/utils/ConfigUtils.java
index 0e606d7..627e611 100644
--- a/src/main/java/at/gv/egiz/pdfas/utils/ConfigUtils.java
+++ b/src/main/java/at/gv/egiz/pdfas/utils/ConfigUtils.java
@@ -9,11 +9,16 @@ import java.io.OutputStream;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang.SystemUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.log4j.PropertyConfigurator;
import at.gv.egiz.pdfas.api.commons.Constants;
import at.gv.egiz.pdfas.api.exceptions.ConfigUtilsException;
+import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
+import at.knowcenter.wag.egov.egiz.pdf.Utils;
/**
* @author <a href="mailto:thomas.knall@egiz.gv.at">Thomas Knall</a>
@@ -179,4 +184,63 @@ public final class ConfigUtils {
outputStream.flush();
}
+ public static String assertFileSeparator(String path) {
+ if (path == null) {
+ throw new NullPointerException("Path must not be null.");
+ }
+ if (path.endsWith(File.separator) || path.endsWith("/") || path.endsWith("\\")) {
+ return path;
+ } else {
+ return (path + File.separator);
+ }
+ }
+
+ public static void initializeLogger() {
+ String loggerConfiguration = System.getProperty("log4j.configuration");
+ if (loggerConfiguration != null) {
+ logger_.info("No PDF-AS logger configured because a configuration has already been set via system property \"log4j.configuration\" (=\"" + loggerConfiguration + "\").");
+ return;
+ }
+ loggerConfiguration = assertFileSeparator(SettingsReader.CONFIG_PATH) + "log4j.properties";
+ File loggerConfigFile = new File(loggerConfiguration);
+ if (!loggerConfigFile.exists()) {
+ logger_.info("No PDF-AS logger configured because there is no log4j.properties within the pdf-as work dir. Maybe the logger configuration is handled by an outside application (e.g. a web aplication).");
+ return;
+ }
+ logger_.info("Initializing PDF-AS logger (configuration = \"" + loggerConfiguration + "\").");
+ PropertyConfigurator.configure(loggerConfiguration);
+ }
+
+ public static void printConfigInfo(Log logger) {
+ int length = Utils.max(new int[] { SettingsReader.RESOURCES_PATH.length(), SettingsReader.TMP_PATH.length(), SettingsReader.CONFIG_PATH.length(), SettingsReader.CERT_PATH.length() });
+
+ String separator = StringUtils.repeat("*", length + 25);
+ String infoResources = " resources path = \"" + SettingsReader.RESOURCES_PATH + "\"";
+ String infoConfiguration = " configuration path = \"" + SettingsReader.CONFIG_PATH + "\"";
+ String infoCertStore = " certstore path = \"" + SettingsReader.CERT_PATH + "\"";
+ String infoTempPath = " temporary path = \"" + SettingsReader.TMP_PATH + "\"";
+
+ if (logger != null) {
+ logger.info(separator);
+ logger.info(infoResources);
+ logger.info(infoConfiguration);
+ logger.info(infoCertStore);
+ logger.info(infoTempPath);
+ logger.info(separator);
+ } else {
+ StringBuffer buffer = new StringBuffer();
+ buffer.append(separator).append(SystemUtils.LINE_SEPARATOR);
+ buffer.append(infoResources).append(SystemUtils.LINE_SEPARATOR);
+ buffer.append(infoConfiguration).append(SystemUtils.LINE_SEPARATOR);
+ buffer.append(infoCertStore).append(SystemUtils.LINE_SEPARATOR);
+ buffer.append(infoTempPath).append(SystemUtils.LINE_SEPARATOR);
+ buffer.append(separator);
+ System.out.println(buffer.toString());
+ }
+ }
+
+ public static void printConfigInfo() {
+ printConfigInfo(null);
+ }
+
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java b/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
index 7def267..f6b74be 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
@@ -96,7 +96,7 @@ public abstract class PdfAS
* The current version of the pdf-as library. This version string is logged on every invocation
* of the api or the web application.
*/
- public static final String PDFAS_VERSION = "3.0.5-20080610";
+ public static final String PDFAS_VERSION = "3.0.5-20080611";
/**
* The key of the strict mode setting.
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java b/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java
index 31ca5e1..c7e5933 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java
@@ -152,11 +152,6 @@ public class SettingsReader implements Serializable
// private static final String TEMP_FILE_PATH =
// System.getProperty("java.io.tmpdir");
- /**
- * The current user path
- */
- private static final String USER_DIR = System.getProperty("user.dir");
-
// /**
// * The home path of the tomcat webaplication
// */
@@ -400,7 +395,14 @@ public class SettingsReader implements Serializable
logger_.info(" certstore path = \"" + CERT_PATH + "\"");
logger_.info(" temporary path = \"" + TMP_PATH + "\"");
logger_.info(StringUtils.repeat("*", length + 25));
- instance_ = new SettingsReader(settingsFile);
+
+ IAIK.addAsProvider();
+ ECCProvider.addAsProvider();
+ // Does not conform with PKIX, but is used by belgium citizen card
+// log.info("Registering RDN \"SERIALNUMBER\" as " + ObjectID.serialNumber + ".");
+ RFC2253NameParser.register("SERIALNUMBER", ObjectID.serialNumber);
+
+ instance_ = new SettingsReader(settingsFile);
}
return instance_;
}
@@ -681,17 +683,6 @@ public class SettingsReader implements Serializable
TempDirHelper.clearTemporaryDirectory();
}
- private static String assertFileSeparator(String path) {
- if (path == null) {
- throw new NullPointerException("Path must not be null.");
- }
- if (path.endsWith(File.separator) || path.endsWith("/") || path.endsWith("\\")) {
- return path;
- } else {
- return (path + File.separator);
- }
- }
-
public static synchronized void initialize(String configdir, String tmpdir) {
String defaultConfigDeployedTo = null;
@@ -710,7 +701,7 @@ public class SettingsReader implements Serializable
if (userHome == null || userHome.length() == 0) {
throw new RuntimeException("Unable to resolve user's home directory.");
}
- configdir = assertFileSeparator(userHome) + Constants.USERHOME_CONFIG_FOLDER;
+ configdir = ConfigUtils.assertFileSeparator(userHome) + Constants.USERHOME_CONFIG_FOLDER;
try {
defaultConfigDeployedTo = ConfigUtils.deployDefaultConfiguration(configdir, false);
} catch (ConfigUtilsException e) {
@@ -732,9 +723,9 @@ public class SettingsReader implements Serializable
}
File configdirFile = new File(StrSubstitutor.replaceSystemProperties(configdir));
try {
- configdir = assertFileSeparator(configdirFile.getCanonicalPath());
+ configdir = ConfigUtils.assertFileSeparator(configdirFile.getCanonicalPath());
} catch (IOException e) {
- configdir = assertFileSeparator(configdirFile.getPath());
+ configdir = ConfigUtils.assertFileSeparator(configdirFile.getPath());
}
if (!configdirFile.isDirectory())
{
@@ -752,26 +743,20 @@ public class SettingsReader implements Serializable
} else {
logger_.debug("Temporary directory explicitely set.");
}
- File tmpdirFile = new File(StrSubstitutor.replaceSystemProperties(assertFileSeparator(tmpdir) + Constants.TEMP_DIR_NAME));
+ File tmpdirFile = new File(StrSubstitutor.replaceSystemProperties(ConfigUtils.assertFileSeparator(tmpdir) + Constants.TEMP_DIR_NAME));
try {
- tmpdir = assertFileSeparator(tmpdirFile.getCanonicalPath());
+ tmpdir = ConfigUtils.assertFileSeparator(tmpdirFile.getCanonicalPath());
} catch (IOException e) {
- tmpdir = assertFileSeparator(tmpdirFile.getPath());
+ tmpdir = ConfigUtils.assertFileSeparator(tmpdirFile.getPath());
}
RESOURCES_PATH = configdir;
TMP_PATH = tmpdir;
CONFIG_PATH = RESOURCES_PATH + CFG + FILE_SEP;
CERT_PATH = RESOURCES_PATH + CERT + FILE_SEP;
+
+// ConfigUtils.printConfigInfo(logger_);
- int length = Utils.max(new int[] { RESOURCES_PATH.length(), TMP_PATH.length(), CONFIG_PATH.length(), CERT_PATH.length() });
-
- logger_.debug(StringUtils.repeat("*", length + 25));
- logger_.debug(" resources path = \"" + RESOURCES_PATH + "\"");
- logger_.debug(" configuration path = \"" + CONFIG_PATH + "\"");
- logger_.debug(" certstore path = \"" + CERT_PATH + "\"");
- logger_.debug(" temporary path = \"" + TMP_PATH + "\"");
- logger_.debug(StringUtils.repeat("*", length + 25));
if (defaultConfigDeployedTo != null) {
logger_.debug("** Default configuration successfully deployed to \"" + defaultConfigDeployedTo + "\" **");
}
@@ -805,11 +790,6 @@ public class SettingsReader implements Serializable
}
static {
- IAIK.addAsProvider();
- ECCProvider.addAsProvider();
- // Does not conform with PKIX, but is used by belgium citizen card
-// log.info("Registering RDN \"SERIALNUMBER\" as " + ObjectID.serialNumber + ".");
- RFC2253NameParser.register("SERIALNUMBER", ObjectID.serialNumber);
String versionString = "* PDF-AS library version " + PdfAS.PDFAS_VERSION + " *";
String paddingString = StringUtils.repeat("*", versionString.length());
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/commandline/Main.java b/src/main/java/at/knowcenter/wag/egov/egiz/commandline/Main.java
index 76159ec..9e45469 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/commandline/Main.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/commandline/Main.java
@@ -24,7 +24,6 @@ import java.io.PrintStream;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
-import java.util.Date;
import java.util.Iterator;
import java.util.List;
@@ -45,7 +44,6 @@ import at.gv.egiz.pdfas.framework.vfilter.VerificationFilterParameters;
import at.gv.egiz.pdfas.impl.input.FileBasedPdfDataSourceImpl;
import at.gv.egiz.pdfas.impl.input.TextDataSourceImpl;
import at.gv.egiz.pdfas.impl.output.FileBasedDataSink;
-import at.gv.egiz.pdfas.impl.vfilter.VerificationFilterParametersImpl;
import at.knowcenter.wag.egov.egiz.PdfAS;
import at.knowcenter.wag.egov.egiz.PdfASID;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
@@ -57,8 +55,6 @@ import at.knowcenter.wag.egov.egiz.exceptions.SettingNotFoundException;
import at.knowcenter.wag.egov.egiz.exceptions.SignatureException;
import at.knowcenter.wag.egov.egiz.exceptions.SignatureTypesException;
import at.knowcenter.wag.egov.egiz.framework.SignatorFactory;
-import at.knowcenter.wag.egov.egiz.framework.signators.BinarySignator_1_0_0;
-import at.knowcenter.wag.egov.egiz.framework.signators.TextualSignator_1_0_0;
import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder;
import at.knowcenter.wag.egov.egiz.pdf.TablePos;
import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory;
@@ -159,6 +155,12 @@ public abstract class Main
*
* @deprecated use {@link at.gv.egiz.pdfas.commandline.Main} instead
*/
+ public static void main(String[] args) throws IOException {
+ System.out.println("\nWarning: The entry point at.knowcenter.wag.egov.egiz.commandline.Main is deprecated. Use at.gv.egiz.pdfas.commandline.Main instead.\n");
+ at.gv.egiz.pdfas.commandline.Main.main(args);
+ }
+
+ /*
public static void main(String[] args) throws IOException
{
// ConfigLogger.setLevel(Level.DEBUG);
@@ -420,6 +422,7 @@ public abstract class Main
SettingsReader.clearTemporaryDirectory();
}
}
+ */
protected static void carryOutCommand(final String mode, final String signature_mode, final String connector, final String signature_type, final String user_name, final String user_password,
final int verify_which, final String input, String output, final String pos_string) throws PresentableException
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
index b4818cd..1b9b6a6 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
@@ -696,9 +696,12 @@ public class SignatureObject implements Serializable
{
try
{
- byte [] der = cert.getEncoded();
- String certStr = CodingHelper.encodeBase64(der);
- setX509Certificate(certStr);
+// byte [] der = cert.getEncoded();
+// String certStr = CodingHelper.encodeBase64(der);
+// setX509Certificate(certStr);
+ X509Cert knowcenterCert = X509Cert.initByX509Certificate(cert);
+ setSigValue(SIG_CER, knowcenterCert.getCertString());
+ storeCertificate(cert.getSerialNumber().toString(), knowcenterCert.getIssuerName(), knowcenterCert.getCertString(), knowcenterCert.getCertDigest());
}
catch (CertificateEncodingException e)
{
@@ -1322,17 +1325,20 @@ public class SignatureObject implements Serializable
boolean store_complete = false;
if (issuer != null && serialNumber != null)
{
+ logger_.debug("Storing certificate.");
// String issuer_b64 = CodingHelper.encodeBase64(issuer.getBytes());
String iss_hash = getIssuerFileHash(issuer);
File cert_path_dir = new File(certPath_);
if (!cert_path_dir.exists())
{
+ logger_.debug("Certstore path \"" + cert_path_dir + "\" does not exist. Creating.");
cert_path_dir.mkdir();
}
String cert_store_path = certPath_ + iss_hash;
File cert_store_dir = new File(cert_store_path);
if (!cert_store_dir.exists())
{
+ logger_.debug("Certstore dir \"" + cert_store_dir + "\" does not exist. Creating.");
cert_store_dir.mkdir();
}
if (cert_store_dir.isDirectory())
@@ -1344,6 +1350,8 @@ public class SignatureObject implements Serializable
}
boolean store_cert_file = FileHelper.writeToFile(cert_file_name, x509Certificate);
store_complete = store_cert_file;// && store_cert_meta;
+ } else {
+ logger_.warn("Certstore dir \"" + cert_store_dir + "\" is not a directory. Skipping storage.");
}
}
return store_complete;
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/X509Cert.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/X509Cert.java
index 71ca754..148ac41 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/X509Cert.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/X509Cert.java
@@ -166,6 +166,27 @@ public class X509Cert implements Serializable
}
return x509_cert;
}
+
+ public static X509Cert initByX509Certificate(X509Certificate cert) throws CertificateEncodingException {
+ X509Cert x509_cert = new X509Cert();
+ x509_cert.setX509Cert(cert);
+ x509_cert.setCertString(CodingHelper.encodeBase64(cert.getEncoded()));
+
+ String serial_num = cert.getSerialNumber().toString();
+ String issuer = cert.getIssuerDN().getName();
+ issuer = issuer.replaceAll(", ", ",");
+ String subject_name = cert.getSubjectDN().getName();
+ x509_cert.setSerialNumber(serial_num);
+ x509_cert.setIssuerName(issuer);
+ x509_cert.setSubjectName(subject_name);
+ if (logger_.isDebugEnabled())
+ {
+ logger_.debug("Serial number from certificate:" + serial_num);
+ logger_.debug("Issuer name from certificate :" + issuer);
+ logger_.debug("Subject name from certificate :" + subject_name);
+ }
+ return x509_cert;
+ }
public static X509Cert initByByteArray(byte[] data)
{
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java
index 219fec2..95cb041 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java
@@ -21,11 +21,12 @@ import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import org.apache.log4j.Logger;
-import org.apache.log4j.PropertyConfigurator;
import at.gv.egiz.pdfas.api.commons.Constants;
+import at.gv.egiz.pdfas.utils.ConfigUtils;
import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
+import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
/**
* The ServletContextListener is notified when the webapplication starts up and shuts down.
@@ -93,7 +94,12 @@ public class PdfASServletContextListener implements ServletContextListener
SettingsReader.initializeForWeb(work_dir);
- PropertyConfigurator.configure(SettingsReader.CONFIG_PATH + "log4j.properties");
+ ConfigUtils.initializeLogger();
+ try {
+ SettingsReader.getInstance();
+ } catch (SettingsException e) {
+ logger.error(e);
+ }
SettingsReader.clearTemporaryDirectory();
}
diff --git a/src/main/resources/DefaultConfiguration.zip b/src/main/resources/DefaultConfiguration.zip
index a8a9a06..4682add 100644
--- a/src/main/resources/DefaultConfiguration.zip
+++ b/src/main/resources/DefaultConfiguration.zip
Binary files differ
diff --git a/src/site/changes.xml b/src/site/changes.xml
index 25e5838..fc2b488 100644
--- a/src/site/changes.xml
+++ b/src/site/changes.xml
@@ -13,6 +13,10 @@
</release>
-->
+ <release version="3.0.5" date="2008-06-11" description="subsequent release">
+ <action dev="tknall" type="fix">Serious bug solved. Method storeCertificate tried to fetch a certificate from store before storing it. If not found (within the store resp. via ldap) the certificate was not stored!!!</action>
+ </release>
+
<release version="3.0.5" date="2008-06-10" description="subsequent release">
<action dev="tknall" type="update">Manual deployment of pdf-as configuration (commandline parameter -ddc) considers the system property pdf-as.work-dir.</action>
<action dev="tknall" type="update">Internal default configuration updated.</action>