diff options
author | tknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c> | 2010-01-11 10:58:48 +0000 |
---|---|---|
committer | tknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c> | 2010-01-11 10:58:48 +0000 |
commit | 4ce2fbc415f2fae57842b2e13a0817bb63594434 (patch) | |
tree | 709565a905002f7d02f474d46ce7bf548b3e6fc8 /src | |
parent | 511fcf7604d754475860a85834af43eecc44d61f (diff) | |
download | pdf-as-3-4ce2fbc415f2fae57842b2e13a0817bb63594434.tar.gz pdf-as-3-4ce2fbc415f2fae57842b2e13a0817bb63594434.tar.bz2 pdf-as-3-4ce2fbc415f2fae57842b2e13a0817bb63594434.zip |
- check implemented: responses are validated upon valid SL content (ErrorResponse, Create|VerifyXMLSignatureResponse) (ErrorCode 340)
- new errorcode added (340: unable to receive suitable response)
- default signature validation links changed (-> http://www.signaturpruefung.gv.at)
- recognition of non-textual objects: static switch implemented allowing to configure behaviour (at compile time) in case of signatures (default behaviour: skip detection of all signatures as non-textual objects)
- minor bug fixed: invalid evaluation of response charset resulting in invalid warn debug message
- configuration updated
- Default configuration updated
git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@542 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c
Diffstat (limited to 'src')
8 files changed, 47 insertions, 15 deletions
diff --git a/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java b/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java index 04cf779..f9616cf 100644 --- a/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java +++ b/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java @@ -53,6 +53,7 @@ public final class ErrorCode public static final int BKU_NOT_SUPPORTED = 373;
public static final int WEB_EXCEPTION = 330;
+ public static final int UNABLE_TO_RECEIVE_SUITABLE_RESPONSE = 340;
public static final int NORMALIZER_EXCEPTION = 400;
diff --git a/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java b/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java index 47f217a..34b461e 100644 --- a/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java +++ b/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java @@ -511,7 +511,7 @@ public class VerificationFilterImpl implements VerificationFilter protected String extractText(PdfDataSource pdf, int endOfDocument, String encoding) throws PresentableException
{
- log.debug("EXTRACTING TEXT... end index = " + endOfDocument);
+ log.debug("EXTRACTING TEXT (" + encoding + ")... end index = " + endOfDocument);
DelimitedPdfDataSource dds = new DelimitedPdfDataSource(pdf, endOfDocument);
//DelimitedInputStream dis = new DelimitedInputStream(pdf.createInputStream(), endOfDocument);
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/AdobeSignatureHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/AdobeSignatureHelper.java index db5b082..1db1de0 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/AdobeSignatureHelper.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/AdobeSignatureHelper.java @@ -110,7 +110,14 @@ public class AdobeSignatureHelper { // Standard filter
// sig.setLocation("location is not visible");
// sig.setReason("reason is not visible");
- sig.setContact(getVerifyUrl(profileId));
+
+ // contact field is used to embed signature verification url for adobe handler
+ String verifyURL = getVerifyUrl(profileId);
+ if (!StringUtils.isEmpty(verifyURL)) {
+ sig.setContact(getVerifyUrl(profileId));
+ } else {
+ logger.debug("No verify URL set -> verify URL is not embedded.");
+ }
// sig.setDate(new PdfDate());
String reason = getAdobeReasonName(profileId);
@@ -166,11 +173,11 @@ public class AdobeSignatureHelper { }
private static String getAdobeReasonName(String sigProfile) {
- return getDefaultableConfigProperty(sigProfile, ADOBE_SIGN_REASONNAME_KEY, null);
+ return getDefaultableConfigProperty(sigProfile, ADOBE_SIGN_REASONNAME_KEY, "Informationen zur Prüfung finden Sie unter http://www.signaturpruefung.gv.at");
}
private static String getVerifyUrl(String sigProfile) {
- return getDefaultableConfigProperty(sigProfile, ADOBE_VERIFY_URL_KEY, "https://www.buergerkarte.at/signature-verification");
+ return getDefaultableConfigProperty(sigProfile, ADOBE_VERIFY_URL_KEY, "http://www.signaturpruefung.gv.at");
}
private static String getDefaultableConfigProperty(String sigProfile, String propName, String defaultValue) {
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/ObjectExtractor.java b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/ObjectExtractor.java index cd6d449..4516b6b 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/ObjectExtractor.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/ObjectExtractor.java @@ -26,6 +26,12 @@ import at.gv.egiz.pdfas.framework.input.PdfDataSource; */
public class ObjectExtractor {
private static Logger log = Logger.getLogger(ObjectExtractor.class);
+
+ /*
+ * If set <code>true</code> signature annotations are not extracted otherwise
+ * all signatures except PDF-AS signatures are extracted.
+ */
+ private final static boolean SKIP_SIGNATURES = true;
/**
* Find annotation objects in pdf documents
@@ -50,10 +56,15 @@ public class ObjectExtractor { }
String ft = anno.getDictionary().getNameAsString("FT");
if (ft != null && ft.equals("Sig")) { // skip signature widgets
- COSDictionary sigDict = (COSDictionary) anno.getDictionary().getDictionaryObject("V");
- if (sigDict != null && AdobeSignatureHelper.ADOBE_SIG_FILTER.equals(sigDict.getNameAsString("Filter"))) {
- log.debug("found PDF-AS signature widged, skip further extraction");
+ if (SKIP_SIGNATURES) {
+ log.debug("found signature widged, skip extraction");
continue;
+ } else {
+ COSDictionary sigDict = (COSDictionary) anno.getDictionary().getDictionaryObject("V");
+ if (sigDict != null && AdobeSignatureHelper.ADOBE_SIG_FILTER.equals(sigDict.getNameAsString("Filter"))) {
+ log.debug("found PDF-AS signature widged, skip extraction");
+ continue;
+ }
}
}
NonTextObjectInfo objInfo = new NonTextObjectInfo();
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java index 3b262c3..ac6e221 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java @@ -20,11 +20,11 @@ import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-
import at.gv.egiz.pdfas.algorithmSuite.AlgorithmMapper;
import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject;
import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil;
import at.gv.egiz.pdfas.api.commons.Constants;
+import at.gv.egiz.pdfas.exceptions.ErrorCode;
import at.gv.egiz.pdfas.exceptions.external.ExternalErrorException;
import at.gv.egiz.pdfas.impl.input.helper.DataSourceHelper;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
@@ -44,6 +44,8 @@ import at.knowcenter.wag.egov.egiz.tools.CodingHelper; public final class BKUHelper
{
+ private static final Pattern ALLOWED_SL_RESPONSE_PATTERN = Pattern.compile("^.*<[\\w]*:?(CreateXMLSignatureResponse|VerifyXMLSignatureResponse)[^>]*>(.*)</[\\w]*:?(CreateXMLSignatureResponse|VerifyXMLSignatureResponse)>.*$", Pattern.DOTALL);
+
/**
* The log.
*/
@@ -119,7 +121,10 @@ public final class BKUHelper */
public static void checkResponseForError(String response_string) throws ConnectorException
{
- log.debug("Checking response for error: " + response_string);
+ if (StringUtils.isEmpty(response_string)) {
+ throw new ConnectorException(ErrorCode.UNABLE_TO_RECEIVE_SUITABLE_RESPONSE, "No suitable response received.");
+ }
+ log.debug("Checking response for error: " + response_string);
Pattern erc_p_s = Pattern.compile("<[\\w]*:?ErrorCode>"); //$NON-NLS-1$
Pattern erc_p_e = Pattern.compile("</[\\w]*:?ErrorCode>"); //$NON-NLS-1$
Matcher erc_m_s = erc_p_s.matcher(response_string);
@@ -141,6 +146,14 @@ public final class BKUHelper }
throw new ExternalErrorException(error_code, error_mess);
}
+ log.debug("No error found. Assuring that CreateXMLSignatureResponse or VerifyXMLSignatureResponse elements are available.");
+
+ // assure that a CreateXMLSignatureResponse or a VerifyXMLSignatureResponse is available
+ Matcher slMatcher = ALLOWED_SL_RESPONSE_PATTERN.matcher(response_string);
+ if (!slMatcher.matches()) {
+ throw new ConnectorException(ErrorCode.UNABLE_TO_RECEIVE_SUITABLE_RESPONSE, "No suitable response received: " + response_string);
+ }
+
}
/**
@@ -629,7 +642,7 @@ public final class BKUHelper }
if (bkuSignatureLayout != null && result != null) {
- log.info("BKU response header \"" + Constants.BKU_HEADER_SIGNATURE_LAYOUT + "\" found.");
+ log.debug("BKU response header \"" + Constants.BKU_HEADER_SIGNATURE_LAYOUT + "\" found.");
String signatureLayoutData = " " + Constants.BKU_HEADER_SIGNATURE_LAYOUT + "/" + bkuSignatureLayout;
if (!result.endsWith(signatureLayoutData)) {
log.debug("Appending signature layout value \"" + bkuSignatureLayout + "\" to bku identifier.");
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java index 6ea8ced..5fa1877 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java @@ -142,11 +142,10 @@ public final class BKUPostConnection if (signatureLayoutHeader != null) {
response_properties.setProperty(BKU_SIGNATURE_LAYOUT_HEADER_KEY, signatureLayoutHeader.getValue());
}
-
- log.debug(post_method.getResponseCharSet());
- if (!post_method.getResponseCharSet().equals("UTF-8")) //$NON-NLS-1$
- {
- log.warn("BKU response charset is not UTF-8!"); //$NON-NLS-1$
+
+ String responseCharSet = post_method.getResponseCharSet();
+ if (!"UTF8".equalsIgnoreCase(responseCharSet) && !"UTF-8".equalsIgnoreCase(responseCharSet)) {
+ log.warn("BKU response charset is not UTF-8!"); //$NON-NLS-1$
}
String response_string = post_method.getResponseBodyAsString();
diff --git a/src/main/resources/DefaultConfiguration.zip b/src/main/resources/DefaultConfiguration.zip Binary files differindex 3abe355..b5cc858 100644 --- a/src/main/resources/DefaultConfiguration.zip +++ b/src/main/resources/DefaultConfiguration.zip diff --git a/src/main/resources/config/help_text.properties b/src/main/resources/config/help_text.properties index 96823ef..0a0c793 100644 --- a/src/main/resources/config/help_text.properties +++ b/src/main/resources/config/help_text.properties @@ -62,6 +62,7 @@ error.code.318=Die binäre Signatur kann nicht geprüft werden. Die Signatur enthä error.code.320=Es kann keine Verbindung zur Bürgerkartenumgebung hergestellt werden.
error.code.330=Es kann keine Verbindung zu MOA hergestellt werden oder MOA hat den Request zurückgewiesen.
+error.code.340=Die Antwort des Signaturgeräts enthielt weder eine Signatur noch ein Verifikationsergebnis.
# TODO remove this when MOA detached is ready
error.code.370=Eine detached Signature kann zur Zeit mit MOA nicht überprüft werden.
|