aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authortknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c>2010-01-11 10:58:48 +0000
committertknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c>2010-01-11 10:58:48 +0000
commit4ce2fbc415f2fae57842b2e13a0817bb63594434 (patch)
tree709565a905002f7d02f474d46ce7bf548b3e6fc8 /src
parent511fcf7604d754475860a85834af43eecc44d61f (diff)
downloadpdf-as-3-4ce2fbc415f2fae57842b2e13a0817bb63594434.tar.gz
pdf-as-3-4ce2fbc415f2fae57842b2e13a0817bb63594434.tar.bz2
pdf-as-3-4ce2fbc415f2fae57842b2e13a0817bb63594434.zip
- check implemented: responses are validated upon valid SL content (ErrorResponse, Create|VerifyXMLSignatureResponse) (ErrorCode 340)
- new errorcode added (340: unable to receive suitable response) - default signature validation links changed (-> http://www.signaturpruefung.gv.at) - recognition of non-textual objects: static switch implemented allowing to configure behaviour (at compile time) in case of signatures (default behaviour: skip detection of all signatures as non-textual objects) - minor bug fixed: invalid evaluation of response charset resulting in invalid warn debug message - configuration updated - Default configuration updated git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@542 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c
Diffstat (limited to 'src')
-rw-r--r--src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java1
-rw-r--r--src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java2
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/pdf/AdobeSignatureHelper.java13
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/pdf/ObjectExtractor.java17
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java19
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java9
-rw-r--r--src/main/resources/DefaultConfiguration.zipbin635263 -> 635349 bytes
-rw-r--r--src/main/resources/config/help_text.properties1
8 files changed, 47 insertions, 15 deletions
diff --git a/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java b/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java
index 04cf779..f9616cf 100644
--- a/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java
+++ b/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java
@@ -53,6 +53,7 @@ public final class ErrorCode
public static final int BKU_NOT_SUPPORTED = 373;
public static final int WEB_EXCEPTION = 330;
+ public static final int UNABLE_TO_RECEIVE_SUITABLE_RESPONSE = 340;
public static final int NORMALIZER_EXCEPTION = 400;
diff --git a/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java b/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java
index 47f217a..34b461e 100644
--- a/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java
+++ b/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java
@@ -511,7 +511,7 @@ public class VerificationFilterImpl implements VerificationFilter
protected String extractText(PdfDataSource pdf, int endOfDocument, String encoding) throws PresentableException
{
- log.debug("EXTRACTING TEXT... end index = " + endOfDocument);
+ log.debug("EXTRACTING TEXT (" + encoding + ")... end index = " + endOfDocument);
DelimitedPdfDataSource dds = new DelimitedPdfDataSource(pdf, endOfDocument);
//DelimitedInputStream dis = new DelimitedInputStream(pdf.createInputStream(), endOfDocument);
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/AdobeSignatureHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/AdobeSignatureHelper.java
index db5b082..1db1de0 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/AdobeSignatureHelper.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/AdobeSignatureHelper.java
@@ -110,7 +110,14 @@ public class AdobeSignatureHelper {
// Standard filter
// sig.setLocation("location is not visible");
// sig.setReason("reason is not visible");
- sig.setContact(getVerifyUrl(profileId));
+
+ // contact field is used to embed signature verification url for adobe handler
+ String verifyURL = getVerifyUrl(profileId);
+ if (!StringUtils.isEmpty(verifyURL)) {
+ sig.setContact(getVerifyUrl(profileId));
+ } else {
+ logger.debug("No verify URL set -> verify URL is not embedded.");
+ }
// sig.setDate(new PdfDate());
String reason = getAdobeReasonName(profileId);
@@ -166,11 +173,11 @@ public class AdobeSignatureHelper {
}
private static String getAdobeReasonName(String sigProfile) {
- return getDefaultableConfigProperty(sigProfile, ADOBE_SIGN_REASONNAME_KEY, null);
+ return getDefaultableConfigProperty(sigProfile, ADOBE_SIGN_REASONNAME_KEY, "Informationen zur Prüfung finden Sie unter http://www.signaturpruefung.gv.at");
}
private static String getVerifyUrl(String sigProfile) {
- return getDefaultableConfigProperty(sigProfile, ADOBE_VERIFY_URL_KEY, "https://www.buergerkarte.at/signature-verification");
+ return getDefaultableConfigProperty(sigProfile, ADOBE_VERIFY_URL_KEY, "http://www.signaturpruefung.gv.at");
}
private static String getDefaultableConfigProperty(String sigProfile, String propName, String defaultValue) {
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/ObjectExtractor.java b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/ObjectExtractor.java
index cd6d449..4516b6b 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/ObjectExtractor.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/ObjectExtractor.java
@@ -26,6 +26,12 @@ import at.gv.egiz.pdfas.framework.input.PdfDataSource;
*/
public class ObjectExtractor {
private static Logger log = Logger.getLogger(ObjectExtractor.class);
+
+ /*
+ * If set <code>true</code> signature annotations are not extracted otherwise
+ * all signatures except PDF-AS signatures are extracted.
+ */
+ private final static boolean SKIP_SIGNATURES = true;
/**
* Find annotation objects in pdf documents
@@ -50,10 +56,15 @@ public class ObjectExtractor {
}
String ft = anno.getDictionary().getNameAsString("FT");
if (ft != null && ft.equals("Sig")) { // skip signature widgets
- COSDictionary sigDict = (COSDictionary) anno.getDictionary().getDictionaryObject("V");
- if (sigDict != null && AdobeSignatureHelper.ADOBE_SIG_FILTER.equals(sigDict.getNameAsString("Filter"))) {
- log.debug("found PDF-AS signature widged, skip further extraction");
+ if (SKIP_SIGNATURES) {
+ log.debug("found signature widged, skip extraction");
continue;
+ } else {
+ COSDictionary sigDict = (COSDictionary) anno.getDictionary().getDictionaryObject("V");
+ if (sigDict != null && AdobeSignatureHelper.ADOBE_SIG_FILTER.equals(sigDict.getNameAsString("Filter"))) {
+ log.debug("found PDF-AS signature widged, skip extraction");
+ continue;
+ }
}
}
NonTextObjectInfo objInfo = new NonTextObjectInfo();
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java
index 3b262c3..ac6e221 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java
@@ -20,11 +20,11 @@ import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-
import at.gv.egiz.pdfas.algorithmSuite.AlgorithmMapper;
import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject;
import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil;
import at.gv.egiz.pdfas.api.commons.Constants;
+import at.gv.egiz.pdfas.exceptions.ErrorCode;
import at.gv.egiz.pdfas.exceptions.external.ExternalErrorException;
import at.gv.egiz.pdfas.impl.input.helper.DataSourceHelper;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
@@ -44,6 +44,8 @@ import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
public final class BKUHelper
{
+ private static final Pattern ALLOWED_SL_RESPONSE_PATTERN = Pattern.compile("^.*<[\\w]*:?(CreateXMLSignatureResponse|VerifyXMLSignatureResponse)[^>]*>(.*)</[\\w]*:?(CreateXMLSignatureResponse|VerifyXMLSignatureResponse)>.*$", Pattern.DOTALL);
+
/**
* The log.
*/
@@ -119,7 +121,10 @@ public final class BKUHelper
*/
public static void checkResponseForError(String response_string) throws ConnectorException
{
- log.debug("Checking response for error: " + response_string);
+ if (StringUtils.isEmpty(response_string)) {
+ throw new ConnectorException(ErrorCode.UNABLE_TO_RECEIVE_SUITABLE_RESPONSE, "No suitable response received.");
+ }
+ log.debug("Checking response for error: " + response_string);
Pattern erc_p_s = Pattern.compile("<[\\w]*:?ErrorCode>"); //$NON-NLS-1$
Pattern erc_p_e = Pattern.compile("</[\\w]*:?ErrorCode>"); //$NON-NLS-1$
Matcher erc_m_s = erc_p_s.matcher(response_string);
@@ -141,6 +146,14 @@ public final class BKUHelper
}
throw new ExternalErrorException(error_code, error_mess);
}
+ log.debug("No error found. Assuring that CreateXMLSignatureResponse or VerifyXMLSignatureResponse elements are available.");
+
+ // assure that a CreateXMLSignatureResponse or a VerifyXMLSignatureResponse is available
+ Matcher slMatcher = ALLOWED_SL_RESPONSE_PATTERN.matcher(response_string);
+ if (!slMatcher.matches()) {
+ throw new ConnectorException(ErrorCode.UNABLE_TO_RECEIVE_SUITABLE_RESPONSE, "No suitable response received: " + response_string);
+ }
+
}
/**
@@ -629,7 +642,7 @@ public final class BKUHelper
}
if (bkuSignatureLayout != null && result != null) {
- log.info("BKU response header \"" + Constants.BKU_HEADER_SIGNATURE_LAYOUT + "\" found.");
+ log.debug("BKU response header \"" + Constants.BKU_HEADER_SIGNATURE_LAYOUT + "\" found.");
String signatureLayoutData = " " + Constants.BKU_HEADER_SIGNATURE_LAYOUT + "/" + bkuSignatureLayout;
if (!result.endsWith(signatureLayoutData)) {
log.debug("Appending signature layout value \"" + bkuSignatureLayout + "\" to bku identifier.");
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java
index 6ea8ced..5fa1877 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java
@@ -142,11 +142,10 @@ public final class BKUPostConnection
if (signatureLayoutHeader != null) {
response_properties.setProperty(BKU_SIGNATURE_LAYOUT_HEADER_KEY, signatureLayoutHeader.getValue());
}
-
- log.debug(post_method.getResponseCharSet());
- if (!post_method.getResponseCharSet().equals("UTF-8")) //$NON-NLS-1$
- {
- log.warn("BKU response charset is not UTF-8!"); //$NON-NLS-1$
+
+ String responseCharSet = post_method.getResponseCharSet();
+ if (!"UTF8".equalsIgnoreCase(responseCharSet) && !"UTF-8".equalsIgnoreCase(responseCharSet)) {
+ log.warn("BKU response charset is not UTF-8!"); //$NON-NLS-1$
}
String response_string = post_method.getResponseBodyAsString();
diff --git a/src/main/resources/DefaultConfiguration.zip b/src/main/resources/DefaultConfiguration.zip
index 3abe355..b5cc858 100644
--- a/src/main/resources/DefaultConfiguration.zip
+++ b/src/main/resources/DefaultConfiguration.zip
Binary files differ
diff --git a/src/main/resources/config/help_text.properties b/src/main/resources/config/help_text.properties
index 96823ef..0a0c793 100644
--- a/src/main/resources/config/help_text.properties
+++ b/src/main/resources/config/help_text.properties
@@ -62,6 +62,7 @@ error.code.318=Die binäre Signatur kann nicht geprüft werden. Die Signatur enthä
error.code.320=Es kann keine Verbindung zur Bürgerkartenumgebung hergestellt werden.
error.code.330=Es kann keine Verbindung zu MOA hergestellt werden oder MOA hat den Request zurückgewiesen.
+error.code.340=Die Antwort des Signaturgeräts enthielt weder eine Signatur noch ein Verifikationsergebnis.
# TODO remove this when MOA detached is ready
error.code.370=Eine detached Signature kann zur Zeit mit MOA nicht überprüft werden.