diff options
68 files changed, 1245 insertions, 1045 deletions
diff --git a/lib-maven_repository/maven2-repository.zip b/lib-maven_repository/maven2-repository.zip Binary files differindex 347de5d..acc6c80 100644 --- a/lib-maven_repository/maven2-repository.zip +++ b/lib-maven_repository/maven2-repository.zip @@ -9,7 +9,7 @@ <groupId>knowcenter</groupId>
<artifactId>pdf-as</artifactId>
<name>PDF-AS</name>
- <version>3.0.6-20080715</version>
+ <version>3.0.7-20080923</version>
<!-- don't forget to set the version string at.knowcenter.wag.egov.egiz.PdfAS.PDFAS_VERSION accordingly -->
<description>Amtssignatur fuer elektronische Aktenfuehrung</description>
@@ -120,7 +120,7 @@ <descriptor>src/main/assembly/assemble_distribution_ws.xml</descriptor>
<descriptor>src/main/assembly/assemble_repository.xml</descriptor>
-->
- <descriptor>src/main/assembly/assemble_libraries.xml</descriptor>
+ <descriptor>src/main/assembly/assemble_repository.xml</descriptor>
</descriptors>
</configuration>
</plugin>
diff --git a/src/main/java/at/gv/egiz/pdfas/api/commons/Constants.java b/src/main/java/at/gv/egiz/pdfas/api/commons/Constants.java index f9a3c03..a7bc776 100644 --- a/src/main/java/at/gv/egiz/pdfas/api/commons/Constants.java +++ b/src/main/java/at/gv/egiz/pdfas/api/commons/Constants.java @@ -50,6 +50,16 @@ public final class Constants public static String SIGNATURE_DEVICE_BKU = "bku";
/**
+ * The signature device a1.
+ */
+ public static String SIGNATURE_DEVICE_A1 = "a1";
+
+ /**
+ * The signature device MOCCA (online bku).
+ */
+ public static final String SIGNATURE_DEVICE_MOC = "moc";
+
+ /**
* Only binary signatures are verified.
*/
public static String VERIFY_MODE_BINARY_ONLY = "binaryOnly";
diff --git a/src/main/java/at/gv/egiz/pdfas/commandline/Main.java b/src/main/java/at/gv/egiz/pdfas/commandline/Main.java index c84b417..44a472b 100644 --- a/src/main/java/at/gv/egiz/pdfas/commandline/Main.java +++ b/src/main/java/at/gv/egiz/pdfas/commandline/Main.java @@ -490,7 +490,7 @@ public abstract class Main public static void carryOutSign(String input, String connector, String signature_mode, String signature_type, String pos_string, String user_name, String user_password, String output,
PrintWriter messageOutput) throws PdfAsException
{
- messageOutput.println("Signing...");
+ messageOutput.println("Signing " + input + "...");
// for performance measurement
long startTime = 0;
@@ -537,12 +537,12 @@ public abstract class Main logger_.info(toReport);
}
- messageOutput.println("Signing was successful.");
+ messageOutput.println("Signing was successful (" + output + ").");
}
public static void carryOutVerify(String input, String connector, int verify_which, PrintWriter messageOutput) throws PdfAsException
{
- messageOutput.println("Verifying...");
+ messageOutput.println("Verifying " + input + "...");
// for performance measurement
long startTime = 0;
diff --git a/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java b/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java index 7566c41..062ff6b 100644 --- a/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java +++ b/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java @@ -40,6 +40,9 @@ public final class ErrorCode public static final int MODIFIED_AFTER_SIGNATION = 316;
public static final int NON_BINARY_SIGNATURES_PRESENT = 317;
+
+ public static final int SIGNATURE_VERIFICATION_NOT_SUPPORTED = 371;
+ public static final int INVALID_SIGNING_TIME = 372;
public static final int WEB_EXCEPTION = 330;
diff --git a/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java b/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java index 3ca497b..d9549b0 100644 --- a/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java +++ b/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java @@ -413,11 +413,12 @@ public class VerificationFilterImpl implements VerificationFilter {
assert partitionResult.size() >= prevPartitionResult.size();
- for (int i = prevPartitionResult.size(); i < partitionResult.size(); i++)
- {
- SignatureHolder sh = (SignatureHolder) partitionResult.get(i);
- extractedSignatures.add(sh);
- }
+// for (int i = prevPartitionResult.size(); i < partitionResult.size(); i++)
+// {
+// SignatureHolder sh = (SignatureHolder) partitionResult.get(i);
+// extractedSignatures.add(sh);
+// }
+ mergeSignatures(prevPartitionResult, partitionResult, extractedSignatures);
}
prevPartitionResult = partitionResult;
@@ -436,6 +437,39 @@ public class VerificationFilterImpl implements VerificationFilter return signatureHolderChain;
}
+ private void mergeSignatures(List oldList, List newList, List result) {
+
+ for(int i=0; i < newList.size(); i++) {
+
+ SignatureHolder currentNewSh = (SignatureHolder)newList.get(i);
+
+ boolean shAlreadyPresentInOldList = false;
+ int pos = -1;
+
+ for(int j=0; j<oldList.size(); j++) {
+
+ SignatureHolder currentOldSh = (SignatureHolder)oldList.get(j);
+
+ if(currentNewSh.getSignatureObject().getSignationValue().equals(currentOldSh.getSignatureObject().getSignationValue())) {
+
+ shAlreadyPresentInOldList = true;
+ pos = j;
+ }
+ }
+
+ if(!shAlreadyPresentInOldList) {
+
+ // signature holder has not been found earlier -> add
+ result.add(currentNewSh);
+ }
+
+ }
+
+
+ return;
+ }
+
+
protected List flattenOutTextPartitions (List partitions, List blocks)
{
diff --git a/src/main/java/at/gv/egiz/pdfas/utils/WebUtils.java b/src/main/java/at/gv/egiz/pdfas/utils/WebUtils.java new file mode 100644 index 0000000..4bca486 --- /dev/null +++ b/src/main/java/at/gv/egiz/pdfas/utils/WebUtils.java @@ -0,0 +1,100 @@ +package at.gv.egiz.pdfas.utils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
+import at.knowcenter.wag.egov.egiz.exceptions.SettingNotFoundException;
+import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
+import at.knowcenter.wag.egov.egiz.web.LocalRequestHelper;
+
+/**
+ * @author tknall
+ */
+public final class WebUtils {
+
+ private WebUtils() {
+ }
+
+ /**
+ * The log.
+ */
+ private final static Log LOG = LogFactory.getLog(WebUtils.class);
+
+ /**
+ * The configuration key that replaces a dynamically generated retrieve signature data url.
+ */
+ private final static String RETRIEVE_SIGNATURE_DATA_URL_OVERRIDE_KEY = "retrieve_signature_data_url_override";
+
+ /**
+ * Unlike {@link HttpServletResponse#encodeURL(String)} that adds only a
+ * {@code JSESSIONID} entry to the given url if needed, this method always
+ * adds the session id (except if already present within the url.
+ *
+ * @param url
+ * The given url.
+ * @param session
+ * The {@link HttpSession}.
+ * @return The given url plus a session id.
+ */
+ public static String addJSessionID(String url, HttpSession session) {
+ if (url == null) {
+ return null;
+ }
+ if (!StringUtils.containsIgnoreCase(url, ";jsessionid=")) {
+ url = url + ";jsessionid=" + session.getId();
+ LOG.debug("Adding jsessionid " + session.getId());
+ } else {
+ LOG.debug("No need to add a jsessionid.");
+ }
+ LOG.debug("Returning url " + url);
+ return url;
+ }
+
+ /**
+ * Unlike {@link HttpServletResponse#encodeURL(String)} that adds only a
+ * {@code JSESSIONID} entry to the given url if needed, this method always
+ * adds the session id (except if already present within the url.
+ *
+ * @param url
+ * The given url.
+ * @param request
+ * The {@link HttpServletRequest}.
+ * @return The given url plus a session id.
+ */
+ public static String addJSessionID(String url, HttpServletRequest request) {
+ return addJSessionID(url, request.getSession());
+ }
+
+ /**
+ * Either dynamically creates locref content url or uses a url provides by the pdf-as
+ * configuration (key {@code retrieve_signature_data_url_override}).
+ * @param request The {@link HttpServletRequest}.
+ * @param response The {@link HttpServletResponse}.
+ * @return The retrieve signature data url.
+ */
+ public static String buildRetrieveSignatureDataURL(HttpServletRequest request, HttpServletResponse response) {
+ String override = null;
+ LOG.debug("Building retrieve signature data url.");
+ try {
+ override = SettingsReader.getInstance().getSetting(RETRIEVE_SIGNATURE_DATA_URL_OVERRIDE_KEY, null);
+ } catch (SettingsException e) {
+ LOG.error(e);
+ }
+ String result;
+ if (override == null) {
+ result = WebUtils.addJSessionID(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData", request);
+ } else {
+ LOG.debug("Override url found: " + override);
+ result = WebUtils.addJSessionID(override, request);
+ }
+ LOG.debug("RetrieveSignatureDataURL = " + result);
+ return result;
+ }
+
+}
diff --git a/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java b/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java index a904ad4..6fc7a1a 100644 --- a/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java +++ b/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java @@ -20,6 +20,7 @@ import at.gv.egiz.pdfas.framework.SignatorFactory; import at.gv.egiz.pdfas.framework.signator.Signator;
import at.gv.egiz.pdfas.impl.output.ByteArrayDataSink;
import at.gv.egiz.pdfas.impl.output.FileBasedDataSink;
+import at.gv.egiz.pdfas.utils.WebUtils;
import at.gv.egiz.pdfas.web.SignSessionInformation;
import at.knowcenter.wag.egov.egiz.PdfASID;
import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException;
@@ -135,7 +136,8 @@ public class SignServletHelper // TODO TR: Web-Applikation verwendet in Loc-Ref-Variante ext. Referenz, um performanter zu sein;
// nachfolend auskommentieren, wenn anstatt SwA-Connector LocRef-Connector verwendet wird
- URL signature_data_URL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData");
+// URL signature_data_URL = new URL(WebUtils.addJSessionID(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData", request));
+ URL signature_data_URL = new URL(WebUtils.buildRetrieveSignatureDataURL(request, response));
String signature_data_url = response.encodeURL(signature_data_URL.toString());
Connector c = ConnectorChooser.chooseWebConnectorForSign(si.connector, si.type, signature_data_url);
diff --git a/src/main/java/at/gv/egiz/pdfas/web/helper/SigningTimeHelper.java b/src/main/java/at/gv/egiz/pdfas/web/helper/SigningTimeHelper.java new file mode 100644 index 0000000..673c197 --- /dev/null +++ b/src/main/java/at/gv/egiz/pdfas/web/helper/SigningTimeHelper.java @@ -0,0 +1,83 @@ +package at.gv.egiz.pdfas.web.helper;
+
+import java.util.Date;
+
+import org.apache.commons.lang.time.DateFormatUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.pdfas.exceptions.ErrorCode;
+import at.gv.egiz.pdfas.framework.signator.SignatorInformation;
+import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
+import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
+import at.knowcenter.wag.egov.egiz.exceptions.SignatureException;
+import at.knowcenter.wag.egov.egiz.pdf.EGIZDate;
+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
+
+/**
+ * This class deals with invalid signing times.
+ * @author tknall
+ */
+public final class SigningTimeHelper {
+
+ private SigningTimeHelper() {
+ }
+
+ private static Integer tolerance = null;
+
+ /**
+ * The log.
+ */
+ private final static Log LOG = LogFactory.getLog(SigningTimeHelper.class);
+
+ private final static String SIGNING_TIME_TOLERANCE_KEY = "signing_time_tolerance";
+ private final static String FORMAT_UTC_DATE_PATTERN = "yyyy-MM-dd'T'HH:mm:ss'Z'";
+
+ public static void checkSigningTimeAgainstHostTime(SignatorInformation si) throws SignatureException {
+ checkSigningTimeAgainstHostTime(si.getSignSignatureObject());
+ }
+
+ public static synchronized void checkSigningTimeAgainstHostTime(SignSignatureObject sso) throws SignatureException {
+ if (tolerance == null) {
+ try {
+ String toleranceString = SettingsReader.getInstance().getSetting(SIGNING_TIME_TOLERANCE_KEY, "-1");
+ tolerance = new Integer(Integer.parseInt(toleranceString));
+ } catch (NumberFormatException e) {
+ LOG.warn("Invalid configuration key = " + SIGNING_TIME_TOLERANCE_KEY + ". Disabling signing time check.");
+ tolerance = new Integer(-1);
+ } catch (SettingsException e) {
+ LOG.error("Error reading settings. Disabling signing time check.", e);
+ tolerance = new Integer(-1);
+ }
+ }
+ if (tolerance.intValue() == -1) {
+ return;
+ }
+
+ // signing time
+ Date signingTime = EGIZDate.parseDateFromString(sso.getDate());
+
+ // current time
+ Date currentTime = new Date();
+
+ // lower limit
+ Date lowerLimit = new Date(currentTime.getTime() - tolerance.intValue()*1000);
+
+ // upper limit
+ Date upperLimit = new Date(currentTime.getTime() + tolerance.intValue()*1000);
+
+ String signingTimeString = DateFormatUtils.formatUTC(signingTime, FORMAT_UTC_DATE_PATTERN);
+
+ if (LOG.isDebugEnabled()) {
+ String lower = DateFormatUtils.formatUTC(lowerLimit, FORMAT_UTC_DATE_PATTERN);
+ String upper = DateFormatUtils.formatUTC(upperLimit, FORMAT_UTC_DATE_PATTERN);
+ LOG.debug("Checking if signing time " + signingTimeString + " is valid according to the given time frame [ " + lower + ", " + upper + " ].");
+ }
+
+ if (signingTime.before(lowerLimit) || signingTime.after(upperLimit)) {
+ throw new SignatureException(ErrorCode.INVALID_SIGNING_TIME, "The signing time " + signingTimeString + " is out of the given tolerance of " + tolerance.intValue() + " seconds.");
+ }
+
+ }
+
+}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java b/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java index ab93b94..113f13e 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java @@ -96,7 +96,7 @@ public abstract class PdfAS * The current version of the pdf-as library. This version string is logged on every invocation
* of the api or the web application.
*/
- public static final String PDFAS_VERSION = "3.0.6-20080715";
+ public static final String PDFAS_VERSION = "3.0.7-20080923";
/**
* The key of the strict mode setting.
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/PDFSignatureObjectIText.java b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/PDFSignatureObjectIText.java index 2053264..75e90c5 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/PDFSignatureObjectIText.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/PDFSignatureObjectIText.java @@ -421,6 +421,7 @@ public class PDFSignatureObjectIText implements PDFSignatureObject {
pdf_cell.setColspan(cell.getColSpan());
}
+ // TODO[tknall]: Check if cell nowrap may be used to prevent wrapping of cells containing keys.
if (cell.isNoWrap())
{
pdf_cell.setNoWrap(true);
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/ConnectorChooser.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/ConnectorChooser.java index e991e04..7188273 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/ConnectorChooser.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/ConnectorChooser.java @@ -6,6 +6,7 @@ package at.knowcenter.wag.egov.egiz.sig.connectors; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import at.gv.egiz.pdfas.api.commons.Constants;
import at.gv.egiz.pdfas.framework.ConnectorParameters;
import at.knowcenter.wag.egov.egiz.PdfASID;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
@@ -16,6 +17,7 @@ import at.knowcenter.wag.egov.egiz.sig.connectors.bku.MultipartDetachedBKUConnec import at.knowcenter.wag.egov.egiz.sig.connectors.bku.OldEnvelopingBase64BKUConnector;
import at.knowcenter.wag.egov.egiz.sig.connectors.moa.EnvelopingBase64MOAConnector;
import at.knowcenter.wag.egov.egiz.sig.connectors.moa.MOASoapWithAttachmentConnector;
+import at.knowcenter.wag.egov.egiz.sig.connectors.mocca.LocRefDetachedMOCCAConnector;
import at.knowcenter.wag.egov.egiz.sig.sigid.HotfixIdFormatter;
/**
@@ -39,15 +41,21 @@ public final class ConnectorChooser log.debug("Choosing LocalConnector for signation...");
log.debug("connector type = " + connector);
-
- if (!connector.equals("bku"))
- {
- log.error("Currently only the BKU connector is fully implemented.");
- }
-
- log.debug("choosing locref detached BKU connector.");
+
ConnectorParameters cp = new ConnectorParameters();
cp.setProfileId(profile);
+
+ if (Constants.SIGNATURE_DEVICE_MOC.equals(connector)) {
+
+ return new LocRefDetachedMOCCAConnector(cp, loc_ref_url);
+
+ } else if (Constants.SIGNATURE_DEVICE_BKU.equals(connector)){
+
+ return new LocRefDetachedBKUConnector(cp, loc_ref_url);
+
+ }
+
+ log.error("Currently only the BKU connector is fully implemented.");
return new LocRefDetachedBKUConnector(cp, loc_ref_url);
}
@@ -58,7 +66,7 @@ public final class ConnectorChooser log.debug("connector type = " + connector);
- if (!connector.equals("moa"))
+ if (!connector.equals(Constants.SIGNATURE_DEVICE_MOA))
{
log.error("Currently only the MOA connector is available for non local WEB signation.");
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java index 4cc09e1..44a7c38 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java @@ -11,6 +11,8 @@ import java.util.Date; import java.util.Properties;
import java.util.SimpleTimeZone;
import java.util.TimeZone;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -29,6 +31,7 @@ import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.DetachedBKUConnector;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
+import at.knowcenter.wag.egov.egiz.sig.connectors.mocca.LocRefDetachedMOCCAConnector;
import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedLocRefMOAIdFormatter;
import at.knowcenter.wag.egov.egiz.sig.sigkz.SigKZIDHelper;
import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
@@ -186,15 +189,19 @@ public class MOASoapWithAttachmentConnector implements Connector String verify_request_template = this.environment.getVerifyRequestTemplate();
String xml_content = null;
- if (!SigKZIDHelper.isMOASigned(so))
- {
+
+ if (SigKZIDHelper.isMOASigned(so)) {
+ log.debug("MOA signature detected.");
+ xml_content = prepareXMLContent(data, so);
+ } else if (SigKZIDHelper.isMOCCASigned(so)) {
+ log.debug("MOCCA signature detected.");
+ LocRefDetachedMOCCAConnector mocca_connector = new LocRefDetachedMOCCAConnector(this.params, "not needed here");
+ xml_content = mocca_connector.prepareXMLContent(data, so);
+ } else {
+ log.debug("Generic signature (not MOA/MOCCA) signature detected.");
DetachedBKUConnector bku_connector = new DetachedBKUConnector(this.params, "not needed here");
xml_content = bku_connector.prepareXMLContent(data, so);
}
- else
- {
- xml_content = prepareXMLContent(data, so);
- }
String verify_request_xml = verify_request_template.replaceFirst(TemplateReplaces.XML_CONTENT_REPLACE, xml_content);
verify_request_xml = verify_request_xml.replaceFirst(TemplateReplaces.TRUST_PROFILE_ID_REPLACE, this.environment.getVerifyTrustProfileId());
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java new file mode 100644 index 0000000..8ae6d5f --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java @@ -0,0 +1,695 @@ +package at.knowcenter.wag.egov.egiz.sig.connectors.mocca;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.Properties;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.pdfas.exceptions.ErrorCode;
+import at.gv.egiz.pdfas.framework.ConnectorParameters;
+import at.gv.egiz.pdfas.web.helper.SigningTimeHelper;
+import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
+import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
+import at.knowcenter.wag.egov.egiz.exceptions.PresentableException;
+import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
+import at.knowcenter.wag.egov.egiz.exceptions.SignatureException;
+import at.knowcenter.wag.egov.egiz.sig.SignatureData;
+import at.knowcenter.wag.egov.egiz.sig.SignatureObject;
+import at.knowcenter.wag.egov.egiz.sig.SignatureResponse;
+import at.knowcenter.wag.egov.egiz.sig.X509Cert;
+import at.knowcenter.wag.egov.egiz.sig.connectors.Connector;
+import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector;
+import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces;
+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper;
+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection;
+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
+import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedMOCIdFormatter;
+import at.knowcenter.wag.egov.egiz.sig.sigid.IdFormatter;
+import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
+import at.knowcenter.wag.egov.egiz.tools.FileHelper;
+
+/**
+ * Connector for MOCCA.
+ * @author tknall
+ */
+public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector {
+
+ private static Log log = LogFactory.getLog(LocRefDetachedMOCCAConnector.class);
+
+ /**
+ * The connector parameters.
+ */
+ protected ConnectorParameters params = null;
+
+ /**
+ * The environment of this connector containing templates.
+ */
+ protected Environment environment = null;
+
+ /**
+ * Constructor that builds the configuration environment for this connector according to the
+ * given profile.
+ * @param connectorParameters The connectot parameters.
+ * @throws ConnectorException Thrown in case of error.
+ */
+ public LocRefDetachedMOCCAConnector(ConnectorParameters connectorParameters, String loc_ref_content) throws ConnectorException {
+ this.params = connectorParameters;
+ this.environment = new Environment(this.params.getProfileId(), loc_ref_content);
+ }
+
+ /**
+ * Sends the request to the given URL. This method handles communication exceptions.
+ * The actual send work is done by doPostRequestMultipart.
+ * @see BKUPostConnection#doPostRequestMultipart(String, String, SignatureData)
+ * @param url The URL to send the request to.
+ * @param request_string The request XML.
+ * @param data The data.
+ * @return Returns the response properties containing among others the response XML.
+ * @throws ConnectorException Thrown in case of an error.
+ */
+ protected Properties sendRequest(String url, String request_string, SignatureData data) throws ConnectorException {
+ try {
+ Properties response_properties = BKUPostConnection.doPostRequestMultipart(url, request_string, data);
+ return response_properties;
+ } catch (Exception e) {
+ ConnectorException se = new ConnectorException(320, e);
+ throw se;
+ }
+ }
+
+ /**
+ * Starts a signature process.
+ * @param data The data to be signed.
+ * @return Returns the signature object containing the signed data.
+ * @throws ConnectorException Thrown in case of an error.
+ */
+ public SignSignatureObject doSign(SignatureData data) throws ConnectorException {
+ log.debug("doSign:");
+
+ String sign_request_xml = prepareSignRequest(data);
+ log.debug("sign_request_xml = " + sign_request_xml);
+
+ String url = this.environment.getSignURL();
+ Properties response_properties = sendRequest(url, sign_request_xml, data);
+
+ SignSignatureObject sso = analyzeSignResponse(response_properties);
+
+ sso.response_properties = response_properties;
+
+ log.debug("doSign finished.");
+ return sso;
+ }
+
+ /**
+ * Verification is not supported by MOCCA. Therefore this method always throws a
+ * {@link ConnectorException} with error code {@link ErrorCode#SIGNATURE_VERIFICATION_NOT_SUPPORTED}.
+ */
+ public SignatureResponse doVerify(SignatureData data, SignSignatureObject so) throws ConnectorException {
+ throw new ConnectorException(ErrorCode.SIGNATURE_VERIFICATION_NOT_SUPPORTED, "Signature Verification is not supported by MOCCA.");
+ }
+
+ /**
+ * This method analyzes a signature response of the signature device.
+ * @param response_properties The response elements of the signature device.
+ * @return The parsed signed signature object.
+ * @throws ConnectorException Thrown in case of an error.
+ */
+ public SignSignatureObject analyzeSignResponse(Properties response_properties) throws ConnectorException {
+ log.debug("analyzeSignResponse:");
+ String response_string = response_properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY);
+ BKUHelper.checkResponseForError(response_string);
+ SignSignatureObject so = this.parseCreateXMLResponse(response_string, new DetachedMOCIdFormatter());
+ so.response_properties = response_properties;
+ log.debug("analyzeSignResponse finished.");
+ return so;
+ }
+
+ /**
+ * This method parses the signature creation response of the signature device.
+ * @param xmlResponse The response string.
+ * @return Returns the parsed signature object holding the data.
+ * @see SignatureObject
+ * @see CodingHelper
+ * @see X509Cert
+ */
+ public SignSignatureObject parseCreateXMLResponse(String xmlResponse, IdFormatter id_formatter) throws ConnectorException {
+
+ Pattern iss_nam_p_s = Pattern.compile("<[\\w]*:?X509IssuerName>");
+ Pattern iss_nam_p_e = Pattern.compile("</[\\w]*:?X509IssuerName>");
+ Pattern sig_tim_p_s = Pattern.compile("<[\\w]*:?SigningTime>");
+ Pattern sig_tim_p_e = Pattern.compile("</[\\w]*:?SigningTime>");
+ Pattern ser_num_p_s = Pattern.compile("<[\\w]*:?X509SerialNumber>");
+ Pattern ser_num_p_e = Pattern.compile("</[\\w]*:?X509SerialNumber>");
+ Pattern sig_cer_p_s = Pattern.compile("<[\\w]*:?X509Certificate>");
+ Pattern sig_cer_p_e = Pattern.compile("</[\\w]*:?X509Certificate>");
+
+ Matcher iss_nam_m_s = iss_nam_p_s.matcher(xmlResponse);
+ Matcher iss_nam_m_e = iss_nam_p_e.matcher(xmlResponse);
+ Matcher sig_tim_m_s = sig_tim_p_s.matcher(xmlResponse);
+ Matcher sig_tim_m_e = sig_tim_p_e.matcher(xmlResponse);
+ Matcher ser_num_m_s = ser_num_p_s.matcher(xmlResponse);
+ Matcher ser_num_m_e = ser_num_p_e.matcher(xmlResponse);
+ Matcher sig_cer_m_s = sig_cer_p_s.matcher(xmlResponse);
+ Matcher sig_cer_m_e = sig_cer_p_e.matcher(xmlResponse);
+
+ // SignatureValue
+ String sig_val = null;
+ Matcher signatureValueMatcher = Pattern.compile("<(\\w+:)?SignatureValue( Id=\"[\\w-]+\")?>\\s*(.*)\\s*</(\\w+:)?SignatureValue>").matcher(xmlResponse);
+ if (signatureValueMatcher.find()) {
+ sig_val = signatureValueMatcher.group(3);
+ }
+ log.debug("sig_val = " + sig_val);
+
+ // X509IssuerName
+ String iss_nam = null;
+ if (iss_nam_m_s.find() && iss_nam_m_e.find()) {
+ iss_nam = xmlResponse.substring(iss_nam_m_s.end(), iss_nam_m_e.start());
+ }
+ log.debug("iss_nam = " + iss_nam);
+
+ // X509SerialNumber
+ String ser_num = null;
+ if (ser_num_m_s.find() && ser_num_m_e.find()) {
+ ser_num = BKUHelper.removeAllWhitespace(xmlResponse.substring(ser_num_m_s.end(), ser_num_m_e.start()));
+ }
+ log.debug("ser_num = " + ser_num);
+
+ // SigningTime
+ String sig_tim = null;
+ if (sig_tim_m_s.find() && sig_tim_m_e.find()) {
+ sig_tim = xmlResponse.substring(sig_tim_m_s.end(), sig_tim_m_e.start());
+ }
+ log.debug("sig_tim = " + sig_tim);
+
+ // X509Certificate
+ X509Certificate cert = null;
+ if (sig_cer_m_s.find() && sig_cer_m_e.find()) {
+ String sig_cer = BKUHelper.removeAllWhitespace(xmlResponse.substring(sig_cer_m_s.end(), sig_cer_m_e.start()));
+
+ try {
+ byte[] der = CodingHelper.decodeBase64(sig_cer);
+ ByteArrayInputStream bais = new ByteArrayInputStream(der);
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ cert = (X509Certificate) cf.generateCertificate(bais);
+ bais.close();
+ } catch (UnsupportedEncodingException e) {
+ throw new ConnectorException(300, e);
+ } catch (CertificateException e) {
+ throw new ConnectorException(300, e);
+ } catch (IOException e) {
+ throw new ConnectorException(300, e);
+ }
+ }
+ log.debug("X509Certificate = " + cert);
+
+ if (log.isDebugEnabled()) {
+
+ String cert_iss = cert.getIssuerDN().getName();
+ log.debug("certificate's issuer = " + cert_iss);
+ log.debug("response's issuer = " + iss_nam);
+ log.debug("issuer matches = " + cert_iss.equals(iss_nam));
+ log.debug("ser number matches = " + cert.getSerialNumber().toString().equals(ser_num));
+ }
+
+ // extract Signature Id's
+ String[] ids = extractIds(xmlResponse);
+ String final_ids = id_formatter.formatIds(ids);
+
+ SignSignatureObject so = new SignSignatureObject();
+ so.date = sig_tim;
+ so.issuer = iss_nam;
+ so.signatureValue = sig_val;
+ so.x509Certificate = cert;
+
+ so.id = final_ids;
+
+ return so;
+ }
+
+ /**
+ * Extraction of the id attributes from the xml response.
+ * @param xmlResponse The xml response.
+ * @return The parsed id attributes.
+ */
+ public final static String[] extractIds(String xmlResponse) {
+ return new String[] { extractId(xmlResponse) };
+ }
+
+ /**
+ * There is only one special common part of all id attributes of this connector that has to be
+ * stored. This method returns that single part.
+ * @param xmlResponse The xml response.
+ * @return The parsed common part of all id attributes.
+ */
+ private final static String extractId(String xmlResponse) {
+ final Pattern ID_PATTERN = Pattern.compile("Id\\s*=\\s*\"\\s*Signature-([\\p{XDigit}]+)-\\d+\\s*\"");
+ Matcher matcher = ID_PATTERN.matcher(xmlResponse);
+ if (matcher.find() && matcher.groupCount() > 0) {
+ return matcher.group(1);
+ }
+ return null;
+ }
+
+ /**
+ * Verification is not supported by MOCCA. Therefore this method always throws a
+ * {@link ConnectorException} with error code {@link ErrorCode#SIGNATURE_VERIFICATION_NOT_SUPPORTED}.
+ */
+ public SignatureResponse analyzeVerifyResponse(Properties response_properties) throws ConnectorException {
+ throw new ConnectorException(ErrorCode.SIGNATURE_VERIFICATION_NOT_SUPPORTED, "Signature Verification is not supported by MOCCA.");
+ }
+
+ /**
+ * Prepares the signature request xml to be sent using the sign request template.
+ * @param data The signature data.
+ * @return Returns the sign request xml to be sent.
+ * @throws ConnectorException Thrown in case of an error.
+ */
+ public String prepareSignRequest(SignatureData data) throws ConnectorException {
+ log.debug("prepareSignRequestDetached:");
+
+ String sign_request_template = this.environment.getSignRequestTemplate();
+
+ String sign_keybox_identifier = this.environment.getSignKeyboxIdentifier();
+ String mime_type = data.getMimeType();
+ String loc_ref_content = this.environment.getLocRefContent();
+
+ if (log.isDebugEnabled()) {
+ log.debug("sign keybox identifier = " + sign_keybox_identifier);
+ log.debug("mime type = " + mime_type);
+ log.debug("loc_ref_content = " + loc_ref_content);
+ }
+
+ String sign_request_xml = sign_request_template.replaceFirst(TemplateReplaces.KEYBOX_IDENTIFIER_REPLACE, sign_keybox_identifier);
+ sign_request_xml = sign_request_xml.replaceFirst(TemplateReplaces.MIME_TYPE_REPLACE, mime_type);
+ sign_request_xml = sign_request_xml.replaceFirst(TemplateReplaces.LOC_REF_CONTENT_REPLACE, loc_ref_content);
+
+ log.debug("sign_request_xml = " + sign_request_xml);
+ log.debug("prepareSignRequestDetached finished.");
+ return sign_request_xml;
+ }
+
+ /**
+ * Verification is not supported by MOCCA. Therefore this method always throws a
+ * {@link ConnectorException} with error code {@link ErrorCode#SIGNATURE_VERIFICATION_NOT_SUPPORTED}.
+ */
+ public String prepareVerifyRequest(SignatureData data, SignSignatureObject so) throws ConnectorException {
+ throw new ConnectorException(ErrorCode.SIGNATURE_VERIFICATION_NOT_SUPPORTED, "Signature Verification is not supported by MOCCA.");
+ }
+
+ /**
+ * Prepares the xml content of a signature creation request including the link to the signature data.
+ * @param data The signature data.
+ * @param so The signature object containing the signature information.
+ * @return Returns the xml content.
+ * @throws ConnectorException Thrown in case of an error.
+ */
+ public String prepareXMLContent(SignatureData data, SignSignatureObject so) throws ConnectorException {
+ log.debug("prepareXMLContent:");
+ try {
+ String verify_template = this.environment.getVerifyTemplate();
+
+ String ids_string = so.getSigID();
+ String sigId = this.parseSigId(ids_string);
+
+ X509Certificate cert = so.getX509Certificate();
+ String cert_alg = this.environment.getCertAlgEcdsa();
+ if (cert.getPublicKey().getAlgorithm().indexOf("RSA") >= 0)
+ {
+ cert_alg = this.environment.getCertAlgRsa();
+ }
+
+ // cert alg replace
+ String verify_xml = verify_template.replaceFirst(TemplateReplaces.CERT_ALG_REPLACE, cert_alg);
+
+ // data digest replace
+ byte[] data_value_hash = CodingHelper.buildDigest(data.getDataSource());
+ String object_data_hash = CodingHelper.encodeBase64(data_value_hash);
+
+ // template replacements
+
+ verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_DATA_REPLACE, object_data_hash);
+ verify_xml = verify_xml.replaceFirst(TemplateReplaces.SIGNATURE_VALUE_REPLACE, so.getSignatureValue());
+
+ // X.509 Certificate replace
+ byte[] der = cert.getEncoded();
+ byte[] cert_hash = CodingHelper.buildDigest(der);
+ String certDigest = CodingHelper.encodeBase64(cert_hash);
+ String x509_cert_string = CodingHelper.encodeBase64(der);
+ verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_CERTIFICATE_REPLACE, x509_cert_string);
+
+ // Qualified Properties replaces
+ verify_xml = verify_xml.replaceAll(TemplateReplaces.SIG_ID_REPLACE, sigId);
+ verify_xml = verify_xml.replaceFirst(TemplateReplaces.SIGNING_TIME_REPLACE, so.getDate());
+ verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_CERTIFICATE_REPLACE, certDigest);
+ verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_ISSUER_NAME_REPLACE, so.getIssuer());
+ verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_SERIAL_NUMBER_REPLACE, so.getSerialNumber());
+ // SigDataRefReplace already done above
+ verify_xml = verify_xml.replaceFirst(TemplateReplaces.MIME_TYPE_REPLACE, data.getMimeType());
+
+ // Signed Properties hash
+ Pattern spPattern = Pattern.compile("(<(\\w+:)?SignedProperties.*>.*</(\\w+:)?SignedProperties>)");
+ Matcher matcher = spPattern.matcher(verify_xml);
+ if (matcher.find()) {
+ log.debug("SignedProperties found.");
+ String string_to_be_hashed = matcher.group(1);
+ log.debug("SignedProperties string to be hashed: " + string_to_be_hashed);
+ final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8");
+ byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed);
+ String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code);
+
+ verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_PROPERTIES_REPLACE, sig_prop_hash);
+ }
+
+ log.debug("prepareXMLContent finished.");
+ return verify_xml;
+ } catch (Exception e) {
+ log.debug(e);
+ throw new ConnectorException(310, e);
+ }
+ }
+
+ /**
+ * Holds environment configuration information like templates.
+ * @author wprinz
+ */
+ public static class Environment {
+
+ /**
+ * The configuration key of the sign keybox identifier.
+ */
+ protected static final String SIGN_KEYBOX_IDENTIFIER_KEY = "moc.sign.KeyboxIdentifier";
+
+ /**
+ * The configuration key of the sign request template.
+ */
+ protected static final String SIGN_REQUEST_TEMPLATE_KEY = "moc.sign.request.detached";
+
+ /**
+ * The configuration key of the sign URL.
+ */
+ protected static final String SIGN_URL_KEY = "moc.sign.url";
+
+ /**
+ * BKU template file prefix
+ */
+ protected static final String TEMPLATE_FILE_PREFIX = "./templates/moc.";
+
+ /**
+ * signing file template sufix
+ */
+ protected static final String SIGN_TEMPLATE_FILE_SUFIX = ".sign.request.xml";
+
+ /**
+ * verifing template file sufix
+ */
+ /* signature verification is not supported by mocca
+ protected static final String VERIFY_REQUEST_TEMPLATE_FILE_SUFIX = ".verify.request.xml";
+ */
+
+ /**
+ * verifing file template key sufix
+ */
+ protected static final String VERIFY_TEMPLATE_SUFIX = ".verify.template.xml";
+
+ /**
+ * The configuration key of the verify request template.
+ */
+ /* signature verification is not supported by mocca
+ protected static final String VERIFY_REQUEST_TEMPLATE_KEY = "moc.verify.request.detached";
+ */
+
+ /**
+ * The configuration key of the verify template.
+ */
+ protected static final String VERIFY_TEMPLATE_KEY = "moc.verify.template.detached";
+
+ /**
+ * The configuration key of the verify URL.
+ */
+ /* signature verification is not supported by mocca
+ protected static final String xxxVERIFY_URL_KEY = "moc.verify.url";
+ */
+
+ /**
+ * The configuration key for the ECDSA cert alg property.
+ */
+ protected static final String ECDSA_CERT_ALG_KEY = "cert.alg.ecdsa";
+
+ /**
+ * The configuration key for the RSA cert alg property.
+ */
+ protected static final String RSA_CERT_ALG_KEY = "cert.alg.rsa";
+
+ protected String profile = null;
+
+ protected String loc_ref_content = null;
+
+ protected String sign_keybox_identifier = null;
+
+ protected String sign_request_template = null;
+
+ protected String sign_url = null;
+
+ /* signature verification is not supported by mocca
+ protected String verify_request_template = null;
+ */
+
+ protected String verify_template = null;
+
+ /* signature verification is not supported by mocca
+ protected String verify_url = null;
+ */
+
+ protected String cert_alg_ecdsa = null;
+
+ protected String cert_alg_rsa = null;
+
+ /**
+ * Initializes the environment with a given profile.
+ * @param profile The configuration profile.
+ * @throws ConnectorException Thrown in case of an error.
+ */
+ public Environment(String profile, String loc_ref_content) throws ConnectorException {
+ this.profile = profile;
+
+ this.loc_ref_content = loc_ref_content;
+
+ SettingsReader settings = null;
+ try {
+ settings = SettingsReader.getInstance();
+ } catch (SettingsException e) {
+ throw new ConnectorException(300, e);
+ }
+
+ this.sign_keybox_identifier = getConnectorValueFromProfile(settings, profile, SIGN_KEYBOX_IDENTIFIER_KEY);
+
+
+ // SIGN REQUEST
+
+ // try specific file
+ String sign_request_filename = TEMPLATE_FILE_PREFIX + settings.getValueFromKey("default.moc.algorithm.id") + SIGN_TEMPLATE_FILE_SUFIX;
+ log.debug("Trying to load specific sign request file " + sign_request_filename);
+ this.sign_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(sign_request_filename));
+
+ // try default request file
+ if (this.sign_request_template == null) {
+ sign_request_filename = getConnectorValueFromProfile(settings, profile, SIGN_REQUEST_TEMPLATE_KEY);
+ log.debug("Specific file not found. Trying default sign request file " + sign_request_filename);
+ this.sign_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(sign_request_filename));
+ }
+
+ // request file is needed !!!
+ if (this.sign_request_template == null) {
+ throw new ConnectorException(300, "Can not read the create xml request template");
+ }
+
+ this.sign_url = getConnectorValueFromProfile(settings, profile, SIGN_URL_KEY);
+
+
+ // VERIFY REQUEST
+ /* signature verification is not supported by mocca
+
+ // try specific file
+ String verify_request_filename = TEMPLATE_FILE_PREFIX + settings.getValueFromKey("default.moc.algorithm.id") + VERIFY_REQUEST_TEMPLATE_FILE_SUFIX;
+ log.debug("Trying to load specific verify request file " + verify_request_filename);
+ this.verify_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request_filename));
+
+ // try default request file
+ if (this.verify_request_template == null) {
+ verify_request_filename = getConnectorValueFromProfile(settings, profile, VERIFY_REQUEST_TEMPLATE_KEY);
+ log.debug("Specific file not found. Trying default verify request file " + verify_request_filename);
+ this.verify_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request_filename));
+ }
+
+ // request file is needed !!!
+ if (this.verify_request_template == null) {
+ throw new ConnectorException(ErrorCode.SETTING_NOT_FOUND, "Can not read the verify xml request template");
+ }
+
+ */
+
+ // load template file
+ // try specific file
+ String verify_filename = TEMPLATE_FILE_PREFIX + settings.getValueFromKey("default.moc.algorithm.id") + VERIFY_TEMPLATE_SUFIX;
+ log.debug("Trying to load specific signature template file " + verify_filename);
+ this.verify_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_filename));
+
+ // try default signature template file
+ if (this.verify_template == null) {
+ verify_filename = getConnectorValueFromProfile(settings, profile, VERIFY_TEMPLATE_KEY);
+ log.debug("Specific signature template file not found. Trying default signature template file " + verify_filename);
+ this.verify_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_filename));
+ }
+
+ // signature template is needed !!!
+ if (this.verify_template == null) {
+ throw new ConnectorException(ErrorCode.SETTING_NOT_FOUND, "Can not read the verify template");
+ }
+
+ /* signature verification is not supported by mocca
+ this.verify_url = getConnectorValueFromProfile(settings, profile, VERIFY_URL_KEY);
+ */
+
+ this.cert_alg_ecdsa = settings.getValueFromKey(ECDSA_CERT_ALG_KEY);
+
+ this.cert_alg_rsa = settings.getValueFromKey(RSA_CERT_ALG_KEY);
+
+ }
+
+ /**
+ * Returns the profile name.
+ * @return The profile name.
+ */
+ public String getProfile() {
+ return this.profile;
+ }
+
+ /**
+ * Returns the LocRef content.
+ *
+ * @return Returns the LocRef content.
+ */
+ public String getLocRefContent() {
+ return this.loc_ref_content;
+ }
+
+ /**
+ * Returns the sign keybox identifier.
+ *
+ * @return Returns the sign keybox identifier.
+ */
+ public String getSignKeyboxIdentifier() {
+ return this.sign_keybox_identifier;
+ }
+
+ /**
+ * Returns the sign request template.
+ *
+ * @return Returns the sign request template.
+ */
+ public String getSignRequestTemplate() {
+ return this.sign_request_template;
+ }
+
+ /**
+ * Returns the sign URL.
+ *
+ * @return Returns the sign URL.
+ */
+ public String getSignURL() {
+ return this.sign_url;
+ }
+
+ /**
+ * Returns the verify request template.
+ *
+ * @return Returns the verify request template.
+ */
+ /* signature verification is not supported by mocca
+ public String getVerifyRequestTemplate() {
+ return this.verify_request_template;
+ }
+ */
+
+ /**
+ * Returns the verify template.
+ *
+ * @return Returns the verify template.
+ */
+ public String getVerifyTemplate() {
+ return this.verify_template;
+ }
+
+ /**
+ * Returns the verify URL.
+ *
+ * @return Returns the verify URL.
+ */
+ /* signature verification is not supported by mocca
+ public String getVerifyURL() {
+ return this.verify_url;
+ }
+ */
+
+ /**
+ * Returns the ecdsa cert alg property.
+ *
+ * @return Returns the ecdsa cert alg property.
+ */
+ public String getCertAlgEcdsa() {
+ return this.cert_alg_ecdsa;
+ }
+
+ /**
+ * Returns the rsa cert alg property.
+ *
+ * @return Returns the rsa cert alg property.
+ */
+ public String getCertAlgRsa() {
+ return this.cert_alg_rsa;
+ }
+
+ /**
+ * Reads the configuration entry given by the key, first from the given
+ * profile, if not found from the defaults.
+ *
+ * @param settings
+ * The settings.
+ * @param profile
+ * The profile.
+ * @param key
+ * The configuration key.
+ * @return Returns the configuration entry.
+ */
+ public static String getConnectorValueFromProfile(SettingsReader settings, String profile, String key) {
+ String value = settings.getValueFromKey("sig_obj." + profile + "." + key); //$NON-NLS-2$
+ if (value == null) {
+ value = settings.getValueFromKey(key);
+ }
+ return value;
+ }
+ }
+
+ /**
+ * Parses the common part for all id attributes from a given signature parameter string.
+ * @param sigIdString The given signature parameter string.
+ * @return The common part of all id attributes.
+ */
+ protected String parseSigId(String sigIdString) {
+ int pos = sigIdString.indexOf("@");
+ String result = null;
+ if (pos != -1) {
+ result = sigIdString.substring(pos+1).trim();
+ }
+ return result;
+ }
+
+}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedMOCIdFormatter.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedMOCIdFormatter.java new file mode 100644 index 0000000..c942b73 --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedMOCIdFormatter.java @@ -0,0 +1,48 @@ +/**
+ *
+ */
+package at.knowcenter.wag.egov.egiz.sig.sigid;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
+import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
+
+/**
+ * @author tknall
+ *
+ */
+public class DetachedMOCIdFormatter implements IdFormatter {
+
+ public static String SIG_ID_PREFIX = "etsi-moc-1.0";
+
+ /**
+ * Key value in property file
+ */
+ public static final String SIG_ID_PROPERTY_KEY = "default.moc.algorithm.id";
+
+ /**
+ * The log.
+ */
+ private static Log log = LogFactory.getLog(DetachedIdFormatter.class);
+
+ /**
+ * @see at.knowcenter.wag.egov.egiz.sig.sigid.IdFormatter#formatIds(java.lang.String[])
+ */
+ public String formatIds(String[] ids) {
+ // read id from property file and use it
+ String prefix = null;
+ try {
+ prefix = SettingsReader.getInstance().getValueFromKey(SIG_ID_PROPERTY_KEY);
+ } catch (SettingsException e) {
+ log.error(e.getMessage(), e);
+ }
+ prefix = StringUtils.defaultIfEmpty(prefix, SIG_ID_PREFIX);
+
+ StringBuffer formattedIds = new StringBuffer(prefix).append("@").append(ids[0]);
+ return formattedIds.toString();
+ }
+
+}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java index 5206ed1..67c5e15 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java @@ -3,6 +3,8 @@ */
package at.knowcenter.wag.egov.egiz.sig.sigkz;
+import org.apache.commons.lang.ArrayUtils;
+import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -12,6 +14,7 @@ import at.knowcenter.wag.egov.egiz.exceptions.InvalidIDException; import at.knowcenter.wag.egov.egiz.framework.SignatorFactory;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedLocRefMOAIdFormatter;
+import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedMOCIdFormatter;
import at.knowcenter.wag.egov.egiz.sig.sigid.HotfixIdFormatter;
/**
@@ -87,6 +90,23 @@ public final class SigKZIDHelper return isMOASigned(kz, sig_id);
}
+
+ /**
+ * @author tknall
+ */
+ public static boolean isMOCCASigned(SignSignatureObject so) {
+ String sig_kz = so.kz;
+ String sig_id = so.id;
+ if (StringUtils.isEmpty(sig_kz) || StringUtils.isEmpty(sig_id)) {
+ return false;
+ }
+ String[] ids = sig_id.split("@");
+ if (ArrayUtils.isEmpty(ids)) {
+ return false;
+ }
+ String prefix = ids[0];
+ return DetachedMOCIdFormatter.SIG_ID_PREFIX.equals(prefix);
+ }
public static boolean isOldBKU(PdfASID sig_kz, String sig_id) throws ConnectorException
{
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java index 15792b9..0490c48 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java @@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import at.gv.egiz.pdfas.utils.WebUtils;
import at.gv.egiz.pdfas.web.CurrentLocalOperation;
import at.gv.egiz.pdfas.web.SignSessionInformation;
import at.gv.egiz.pdfas.web.VerifySessionInformation;
@@ -88,8 +89,9 @@ public abstract class LocalRequestHelper */
public static String processLocalSign(SignSessionInformation si, HttpServletRequest request, HttpServletResponse response) throws IOException, PresentableException
{
- String host = request.getServerName(); // "129.27.153.77"
- URL loc_ref_URL = new URL(getLocalContextAddress(request, response) + "/RetrieveSignatureData");
+ String host = request.getServerName();
+// URL loc_ref_URL = new URL(WebUtils.addJSessionID(getLocalContextAddress(request, response) + "/RetrieveSignatureData", request));
+ URL loc_ref_URL = new URL(WebUtils.buildRetrieveSignatureDataURL(request, response));
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
LocalConnector c = ConnectorChooser.chooseLocalConnectorForSign(si.connector, si.type, loc_ref_url);
@@ -100,8 +102,9 @@ public abstract class LocalRequestHelper si.outputAvailable = false;
si.response_properties = null;
- URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL");
+ URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), WebUtils.addJSessionID(request.getContextPath() + "/DataURL", request));
String data_url = response.encodeURL(data_URL.toString());
+ logger.debug("data_url = " + data_url);
request.setAttribute("local_request_url", local_request_url);
request.setAttribute("data_url", data_url);
@@ -180,7 +183,8 @@ public abstract class LocalRequestHelper // si.finished = false;
String host = request.getServerName();
- URL loc_ref_URL = new URL(getLocalContextAddress(request, response) + "/RetrieveSignatureData");
+// URL loc_ref_URL = new URL(WebUtils.addJSessionID(getLocalContextAddress(request, response) + "/RetrieveSignatureData", request));
+ URL loc_ref_URL = new URL(WebUtils.buildRetrieveSignatureDataURL(request, response));
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
for (int i = 0; i < si.currentLocalOperation.requests.length; i++)
@@ -216,7 +220,7 @@ public abstract class LocalRequestHelper String local_request_url = getLocalServiceAddress(si.type, si.connector);
- URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL");
+ URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), WebUtils.addJSessionID(request.getContextPath() + "/DataURL", request));
String data_url = response.encodeURL(data_URL.toString());
request.setAttribute("local_request_url", local_request_url);
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java index 19a82c3..2adc4b1 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java @@ -8,17 +8,24 @@ import java.io.PrintWriter; import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.util.ArrayList;
+import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
+import org.apache.commons.fileupload.FileItem;
+import org.apache.commons.fileupload.FileItemFactory;
+import org.apache.commons.fileupload.FileUploadException;
+import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.apache.commons.fileupload.servlet.ServletFileUpload;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -29,12 +36,14 @@ import at.gv.egiz.pdfas.web.SignSessionInformation; import at.gv.egiz.pdfas.web.VerifySessionInformation;
import at.gv.egiz.pdfas.web.helper.SessionHelper;
import at.gv.egiz.pdfas.web.helper.SignServletHelper;
+import at.gv.egiz.pdfas.web.helper.SigningTimeHelper;
import at.gv.egiz.pdfas.web.helper.TempDirHelper;
import at.knowcenter.wag.egov.egiz.PdfASID;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
import at.knowcenter.wag.egov.egiz.exceptions.InvalidIDException;
import at.knowcenter.wag.egov.egiz.exceptions.PresentableException;
import at.knowcenter.wag.egov.egiz.exceptions.SignatorFactoryException;
+import at.knowcenter.wag.egov.egiz.exceptions.SignatureException;
import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder;
import at.knowcenter.wag.egov.egiz.sig.SignatureResponse;
import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorChooser;
@@ -156,15 +165,42 @@ public class DataURLServlet extends HttpServlet protected boolean isNullResponse(String xml_response)
{
- return xml_response.indexOf("NullOperationResponse") >= 0;
+ return xml_response != null && xml_response.indexOf("NullOperationResponse") != -1;
}
- protected void processSign(HttpServletRequest request, HttpServletResponse response, SignSessionInformation si) throws ServletException, IOException, ConnectorException, SignatorException, SignatorFactoryException
+ private static String retrieveXMLResponse(HttpServletRequest request) throws ServletException {
+ log.debug("Trying to fetch XMLResponse...");
+ String xml_response = null;
+ if (ServletFileUpload.isMultipartContent(request)) {
+ log.debug("Response is multipart.");
+ FileItemFactory factory = new DiskFileItemFactory();
+ ServletFileUpload upload = new ServletFileUpload(factory);
+ try {
+ List items = upload.parseRequest(request);
+ Iterator iter = items.iterator();
+ while (iter.hasNext()) {
+ FileItem item = (FileItem) iter.next();
+ if (item.isFormField() && "XMLResponse".equals(item.getFieldName())) {
+ log.debug("XMLResponse part found.");
+ xml_response = item.getString();
+ break;
+ }
+ }
+ } catch (FileUploadException e) {
+ throw new ServletException(e);
+ }
+ } else {
+ xml_response = request.getParameter("XMLResponse");
+ }
+ log.debug("XMLResponse = " + xml_response);
+ return xml_response;
+ }
+
+ protected void processSign(HttpServletRequest request, HttpServletResponse response, SignSessionInformation si) throws ServletException, IOException, ConnectorException, SignatorException, SignatorFactoryException, SignatureException
{
log.trace("processSign");
- String xml_response = request.getParameter("XMLResponse"); //$NON-NLS-1$
- log.debug("xml_response = " + xml_response); //$NON-NLS-1$
+ String xml_response = retrieveXMLResponse(request);
if (isNullResponse(xml_response))
{
@@ -202,6 +238,9 @@ public class DataURLServlet extends HttpServlet si.si.setSignSignatureObject(c.analyzeSignResponse(si.response_properties));
+ // workaround for invalid signing time
+ SigningTimeHelper.checkSigningTimeAgainstHostTime(si.si);
+
PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode);
Signator signator = SignatorFactory.createSignator(algorithm);
@@ -227,21 +266,33 @@ public class DataURLServlet extends HttpServlet }
else
{
- HttpSession session = request.getSession(true);
- log.debug("Putting signed document into session (" + session.getId() + ").");
- session.setAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT, si);
-// String serverURL = LocalRequestHelper.getLocalServerAddress(request, response);
- String downloadURL = response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/ProvidePDF");
- log.debug("Creating download URL \"" + downloadURL + "\".");
- session.setAttribute(SessionAttributes.DOWNLOAD_URL_FOR_SIGNED_PDF_DOCUMENT, downloadURL);
-
-// String redirectURL = response.encodeRedirectURL("/pdf-as/jsp/download.jsp");
-// log.debug("Redirecting to " + redirectURL + ".");
-// response.sendRedirect(redirectURL);
- temporaryRedirect(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/download.jsp", response);
+ // tzefferer: If PDF-AS has been called by an external web-application, we do not
+ // redirect to download.jsp but return the sign-response immediately
+ if (si.exappinf != null) {
+ log.debug("Entering external application interface mode. Skipping redirection to download page.");
+ SignServletHelper.returnSignResponse(si, response);
+
+ // Not needed due to redirection of returnSignResponse.
+ // Just to clarify that there must not be any code after returnSignResponse.
+ return;
+ } else {
+ log.debug("Preparing download page.");
+ HttpSession session = request.getSession(true);
+ log.debug("Putting signed document into session (" + session.getId() + ").");
+ session.setAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT, si);
+ String downloadURL = response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/ProvidePDF");
+ log.debug("Creating download URL \"" + downloadURL + "\".");
+ session.setAttribute(SessionAttributes.DOWNLOAD_URL_FOR_SIGNED_PDF_DOCUMENT, downloadURL);
+ Cookie cookie = new Cookie("JSESSIONID", session.getId());
+ response.addCookie(cookie);
+ temporaryRedirect(response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/download.jsp") , response);
+
+ // Not needed due to temporaryRedirect.
+ // Just to clarify that there must not be any code after temporaryRedirect.
+ return;
+ }
- return;
-// SignServletHelper.returnSignResponse(si, response);
+ // do not insert any code within this else block !
}
}
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java index 6330f0c..124b2a3 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java @@ -45,6 +45,7 @@ import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.gv.egiz.pdfas.exceptions.ErrorCodeHelper;
import at.gv.egiz.pdfas.exceptions.external.ExternalErrorException;
import at.gv.egiz.pdfas.framework.input.PdfDataSource;
+import at.gv.egiz.pdfas.utils.WebUtils;
import at.gv.egiz.pdfas.web.SignSessionInformation;
import at.gv.egiz.pdfas.web.helper.SignServletHelper;
import at.gv.egiz.pdfas.web.helper.TempDirHelper;
@@ -282,7 +283,8 @@ public class SignServlet extends HttpServlet if (ud.preview)
{
String submit_url = response.encodeURL(request.getContextPath() + "/SignPreview");
- String signature_data_url = response.encodeURL(request.getContextPath() + "/RetrieveSignatureData");
+// String signature_data_url = response.encodeURL(WebUtils.addJSessionID(request.getContextPath() + "/RetrieveSignatureData", request));
+ String signature_data_url = response.encodeURL(WebUtils.buildRetrieveSignatureDataURL(request, response));
request.setAttribute("submit_url", submit_url);
request.setAttribute("signature_data_url", signature_data_url);
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java index 9b8583d..5e1819e 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java @@ -41,6 +41,7 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.pdfas.framework.input.TextDataSource;
import at.gv.egiz.pdfas.utils.StreamUtils;
+import at.gv.egiz.pdfas.utils.WebUtils;
import at.gv.egiz.pdfas.web.VerifySessionInformation;
import at.gv.egiz.pdfas.web.helper.SessionHelper;
import at.gv.egiz.pdfas.web.helper.TempDirHelper;
@@ -566,7 +567,8 @@ public class VerifyPreviewServlet extends HttpServlet }
String host = request.getServerName();
- URL loc_ref_URL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData");
+// URL loc_ref_URL = new URL(WebUtils.addJSessionID(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData", request));
+ URL loc_ref_URL = new URL(WebUtils.buildRetrieveSignatureDataURL(request, response));
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
List results = PdfAS.verifySignatureHoldersWeb(holders_to_verify, si, loc_ref_url);
@@ -685,7 +687,8 @@ public class VerifyPreviewServlet extends HttpServlet }
String host = request.getServerName();
- URL loc_ref_URL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData");
+// URL loc_ref_URL = new URL(WebUtils.addJSessionID(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData", request));
+ URL loc_ref_URL = new URL(WebUtils.buildRetrieveSignatureDataURL(request, response));
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
List results = PdfAS.verifySignatureHoldersWeb(holders_to_verify, si, loc_ref_url);
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java index 387ae08..1029a5f 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java @@ -45,6 +45,7 @@ import at.gv.egiz.pdfas.framework.input.ExtractionStage; import at.gv.egiz.pdfas.framework.input.PdfDataSource;
import at.gv.egiz.pdfas.framework.input.TextDataSource;
import at.gv.egiz.pdfas.framework.vfilter.VerificationFilterParameters;
+import at.gv.egiz.pdfas.utils.WebUtils;
import at.gv.egiz.pdfas.web.VerifySessionInformation;
import at.gv.egiz.pdfas.web.helper.TempDirHelper;
import at.knowcenter.wag.egov.egiz.PdfAS;
@@ -151,7 +152,8 @@ public class VerifyServlet extends HttpServlet String host = request.getServerName();
// TODO still required for old communication with MOA-SS/SP
- URL loc_ref_URL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData");
+// URL loc_ref_URL = new URL(WebUtils.addJSessionID(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData", request));
+ URL loc_ref_URL = new URL(WebUtils.buildRetrieveSignatureDataURL(request, response));
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
List results = PdfAS.verifySignatureHoldersWeb(signature_holders, si, loc_ref_url);
diff --git a/src/main/resources/DefaultConfiguration.zip b/src/main/resources/DefaultConfiguration.zip Binary files differindex 1496121..287ea30 100644 --- a/src/main/resources/DefaultConfiguration.zip +++ b/src/main/resources/DefaultConfiguration.zip diff --git a/src/main/webapp/jsp/download.jsp b/src/main/webapp/jsp/download.jsp index 841f1d0..76180cc 100644 --- a/src/main/webapp/jsp/download.jsp +++ b/src/main/webapp/jsp/download.jsp @@ -32,11 +32,11 @@ <h2>Dokument Signatur erstellen</h2>
<div class="pdfasnote">Der Signatur-Vorgang ist abgeschlossen. Das signierte Dokument kann nun heruntergeladen werden.<br/>Hinweis: Der Download ist nur einmalig möglich. Das Dokument wird nicht am Server gespeichert.</div>
<div class="pdfasverticalspace"></div>
- <form action="<%= downloadURL %>" name="submitform" accept-charset="UTF-8" method="post">
+ <form action="<%= downloadURL %>" name="submitform" accept-charset="UTF-8" method="post" enctype="application/x-www-form-urlencoded">
<input type="submit" id="SendRequestButton" value="Signiertes Dokument herunterladen" onclick="return hitButton();"/>
</form>
<div class="pdfasverticalspace"></div>
<a href="<%= request.getContextPath() %>/">zurück</a>
</body>
-
+
</html>
diff --git a/src/main/webapp/jsp/signpreview.jsp b/src/main/webapp/jsp/signpreview.jsp index 6ff6da6..ee97497 100644 --- a/src/main/webapp/jsp/signpreview.jsp +++ b/src/main/webapp/jsp/signpreview.jsp @@ -4,6 +4,7 @@ <%@ page import="at.gv.egiz.pdfas.web.SignSessionInformation" %>
<%@ page import="at.gv.egiz.pdfas.impl.input.TextDataSourceImpl"%>
<%@page import="org.apache.commons.lang.StringEscapeUtils"%>
+<%@ page import="at.gv.egiz.pdfas.api.commons.Constants" %>
<%
SignSessionInformation si = (SignSessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION);
@@ -35,11 +36,13 @@ %>
<form action="<%= submit_url %>" name="submitform" enctype="multipart/form-data" accept-charset="UTF-8" method="get">
<pre class="pdfasnt"><%= document_text != null ? document_text : "" %></pre>
- <div>
- <!-- =============================================== Start BKU-Erkennung -->
- <iframe src="bku-erkennung/bku-erkennung_iframe.html" width="152" height="57" id="sep_iframe" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" allowtransparency="true"></iframe>
- <!-- ================================================ Stop BKU-Erkennung -->
- </div>
+ <% if (Constants.SIGNATURE_DEVICE_BKU.equals(si.connector)) { %>
+ <div>
+ <!-- =============================================== Start BKU-Erkennung -->
+ <iframe src="bku-erkennung/bku-erkennung_iframe.html" width="152" height="57" id="sep_iframe" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" allowtransparency="true"></iframe>
+ <!-- ================================================ Stop BKU-Erkennung -->
+ </div>
+ <% } // end if %>
<input type="submit" value="Signieren..." />
</form>
<%
@@ -50,11 +53,13 @@ <input type="submit" value="Vorschaudokument anzeigen..." />
</form>
<div class="pdfasverticalspace"></div>
- <div>
- <!-- =============================================== Start BKU-Erkennung -->
- <iframe src="bku-erkennung/bku-erkennung_iframe.html" width="152" height="57" id="sep_iframe" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" allowtransparency="true"></iframe>
- <!-- ================================================ Stop BKU-Erkennung -->
- </div>
+ <% if (Constants.SIGNATURE_DEVICE_BKU.equals(si.connector)) { %>
+ <div>
+ <!-- =============================================== Start BKU-Erkennung -->
+ <iframe src="bku-erkennung/bku-erkennung_iframe.html" width="152" height="57" id="sep_iframe" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" allowtransparency="true"></iframe>
+ <!-- ================================================ Stop BKU-Erkennung -->
+ </div>
+ <% } // end if %>
<form action="<%= submit_url %>" method="get">
<input type="submit" value="Signieren..." />
</form>
diff --git a/src/main/webapp/jsp/signupload.jsp b/src/main/webapp/jsp/signupload.jsp index e6c243f..3db3be5 100644 --- a/src/main/webapp/jsp/signupload.jsp +++ b/src/main/webapp/jsp/signupload.jsp @@ -1,5 +1,6 @@ <%@ page import="at.knowcenter.wag.egov.egiz.web.FormFields" %>
<%@ page import="at.knowcenter.wag.egov.egiz.web.SessionAttributes" %>
+<%@ page import="at.gv.egiz.pdfas.api.commons.Constants" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
@@ -19,7 +20,7 @@ <table border="0" cellspacing="0" cellpadding="4" id="pdfasupperformtable">
<tr>
<td nowrap="nowrap"><label>PDF Datei:</label></td>
- <td><input size="50" type="file" name="<%= FormFields.FIELD_UPLOAD %>" accept="application/pdf" /></td>
+ <td><input size="50" type="file" name="<%= FormFields.FIELD_UPLOAD %>" accept="application/pdf"/></td>
</tr>
<tr>
<td nowrap="nowrap"><label>Signatur Typ:</label></td>
@@ -43,10 +44,18 @@ </select>
</td>
</tr>
+ <tr>
+ <td nowrap="nowrap"><label>Signaturgerät:</label></td>
+ <td>
+ <select name="connector">
+ <option value="<%= Constants.SIGNATURE_DEVICE_BKU %>">BKU</option>
+ <option value="<%= Constants.SIGNATURE_DEVICE_MOC %>" selected="selected">MOCCA</option>
+ </select>
+ </td>
+ </tr>
</table>
<div class="pdfasnote"><span class="pdfasemphasis">Bitte beachten Sie:</span> Im textuellen Modus signierte Dokumente können nur dann geprüft werden, wenn das Zertifikat in einem Verzeichnisdienst verfügbar ist.</div>
- <input type="hidden" name="connector" value="bku"/>
<input type="hidden" name="<%= FormFields.FIELD_DOWNLOAD %>" value="<%= FormFields.VALUE_DOWNLOAD_ATTACHMENT %>"/>
<input type="hidden" name="<%= FormFields.FIELD_PREVIEW %>" value="false" />
diff --git a/src/site/changes.xml b/src/site/changes.xml index 5e50598..a0a2556 100644 --- a/src/site/changes.xml +++ b/src/site/changes.xml @@ -13,6 +13,24 @@ </release>
-->
+ <release version="3.0.7-20080923" date="2008-09-23" description="subsequent release">
+ <action dev="tknall" type="remove">Deprecated webapp-folder removed from svn repository.</action>
+ <action dev="tknall" type="add">New DefaultConfiguration.zip integrated in order to allow mocca signatures.</action>
+ <action dev="tknall" type="fix">Minor bug concerning choice of cce within the web application fixed.</action>
+ </release>
+
+ <release version="3.0.7-20080916" date="2008-09-16" description="subsequent release">
+ <action dev="tknall" type="add">Signature with new online bku MOCCA integrated (new signature device "moc" created).</action>
+ <action dev="tknall" type="add">Configuration keys for mocca added.</action>
+ <action dev="tknall" type="add">New error codes (371 = signature verification not supported by this connector, 372 = invalid signing time) introduced.</action>
+ <action dev="tknall" type="add">Optional check of the signing time for the web application implemented. At signature creation time the signing time is checked for plausibility. This is a workaround for the ITS:mac-linux signing time bug. New configuration key ("signing_time_tolerance") added (applies to web application only) to overcome invalid signing times. A signature is only accepted if its signing time is within a time frame of [current time - signing_time_tolerance, current time + signing_time_tolerance] where signing_time_tolerance is interpreted as seconds.</action>
+ <action dev="tzefferer" type="fix">Bugfix: Correct extraction of signatures with wrong signing times implemented. (The order of the signatures is still invalid in case of false signing times.)</action>
+ <action dev="tknall" type="add">Optional override of the dynamic creation of the signature retrieval url (locrefcontent) implemented in order to overcome ssl problems (retrieve_signature_data_url_override). Note: Assure that this URL is accessible from the citizen card environment.</action>
+ <action dev="tknall" type="fix">Download of signed pdf-file for external application interface adjusted.</action>
+ <action dev="tknall" type="add">Verification of mocca signed documents implemented.</action>
+ <action dev="tknall" type="add">Retrieval of xml response via multipart implemented (mocca strictly follows security layer spec)</action>
+ </release>
+
<release version="3.0.6-20080715" date="2008-07-15" description="subsequent release">
<action dev="tknall" type="update">Parsing of PublicAuthority-Flag and PublicAuthority-Code from MOA-VerifyXMLSignatureResponses implemented.</action>
</release>
diff --git a/tomcat/pdf-as.xml b/tomcat/pdf-as.xml deleted file mode 100644 index 5b4429c..0000000 --- a/tomcat/pdf-as.xml +++ /dev/null @@ -1,5 +0,0 @@ -<Context cookies="false" reloadable="true" path="pdf-as" docBase="<change this path>\PDF-AS\webapp">
-
- <Parameter name="work-dir" value="<change this path>\PDF-AS\work" override="false"/>
-
-</Context>
diff --git a/webapp/THIS_FOLDER_IS_DEPRECATED.txt b/webapp/THIS_FOLDER_IS_DEPRECATED.txt deleted file mode 100644 index e2f7c5a..0000000 --- a/webapp/THIS_FOLDER_IS_DEPRECATED.txt +++ /dev/null @@ -1 +0,0 @@ -This folder is regarded as deprecated. Use src/main/webapp instead.
\ No newline at end of file diff --git a/webapp/WEB-INF/lib/ant-1.6.5.jar b/webapp/WEB-INF/lib/ant-1.6.5.jar Binary files differdeleted file mode 100644 index 3beb3b8..0000000 --- a/webapp/WEB-INF/lib/ant-1.6.5.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/axis-1.0.jar b/webapp/WEB-INF/lib/axis-1.0.jar Binary files differdeleted file mode 100644 index 7cf3102..0000000 --- a/webapp/WEB-INF/lib/axis-1.0.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/axis-jaxrpc-1.0.jar b/webapp/WEB-INF/lib/axis-jaxrpc-1.0.jar Binary files differdeleted file mode 100644 index 4a20816..0000000 --- a/webapp/WEB-INF/lib/axis-jaxrpc-1.0.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/axis-saaj-1.0.jar b/webapp/WEB-INF/lib/axis-saaj-1.0.jar Binary files differdeleted file mode 100644 index cf43f1f..0000000 --- a/webapp/WEB-INF/lib/axis-saaj-1.0.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/axis-wsdl4j-1.0.jar b/webapp/WEB-INF/lib/axis-wsdl4j-1.0.jar Binary files differdeleted file mode 100644 index e90968e..0000000 --- a/webapp/WEB-INF/lib/axis-wsdl4j-1.0.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/commons-codec-1.3.jar b/webapp/WEB-INF/lib/commons-codec-1.3.jar Binary files differdeleted file mode 100644 index 957b675..0000000 --- a/webapp/WEB-INF/lib/commons-codec-1.3.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/commons-discovery-0.2.jar b/webapp/WEB-INF/lib/commons-discovery-0.2.jar Binary files differdeleted file mode 100644 index b885548..0000000 --- a/webapp/WEB-INF/lib/commons-discovery-0.2.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/commons-fileupload-1.1.jar b/webapp/WEB-INF/lib/commons-fileupload-1.1.jar Binary files differdeleted file mode 100644 index 6fb2120..0000000 --- a/webapp/WEB-INF/lib/commons-fileupload-1.1.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/commons-httpclient-3.0.jar b/webapp/WEB-INF/lib/commons-httpclient-3.0.jar Binary files differdeleted file mode 100644 index 54a9300..0000000 --- a/webapp/WEB-INF/lib/commons-httpclient-3.0.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/commons-io-1.1.jar b/webapp/WEB-INF/lib/commons-io-1.1.jar Binary files differdeleted file mode 100644 index 624fc1a..0000000 --- a/webapp/WEB-INF/lib/commons-io-1.1.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/commons-lang-2.3.jar b/webapp/WEB-INF/lib/commons-lang-2.3.jar Binary files differdeleted file mode 100644 index c33b353..0000000 --- a/webapp/WEB-INF/lib/commons-lang-2.3.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/commons-logging-1.0.3.jar b/webapp/WEB-INF/lib/commons-logging-1.0.3.jar Binary files differdeleted file mode 100644 index b99c937..0000000 --- a/webapp/WEB-INF/lib/commons-logging-1.0.3.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/iaik_ecc_eval_signed-2.15.jar b/webapp/WEB-INF/lib/iaik_ecc_eval_signed-2.15.jar Binary files differdeleted file mode 100644 index dbed40b..0000000 --- a/webapp/WEB-INF/lib/iaik_ecc_eval_signed-2.15.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/iaik_jce_eval_signed-3.16.jar b/webapp/WEB-INF/lib/iaik_jce_eval_signed-3.16.jar Binary files differdeleted file mode 100644 index 5687b91..0000000 --- a/webapp/WEB-INF/lib/iaik_jce_eval_signed-3.16.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/junit-3.8.jar b/webapp/WEB-INF/lib/junit-3.8.jar Binary files differdeleted file mode 100644 index 571bc02..0000000 --- a/webapp/WEB-INF/lib/junit-3.8.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/log4j-1.2.13.jar b/webapp/WEB-INF/lib/log4j-1.2.13.jar Binary files differdeleted file mode 100644 index dde9972..0000000 --- a/webapp/WEB-INF/lib/log4j-1.2.13.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/lucene-1.4.3.jar b/webapp/WEB-INF/lib/lucene-1.4.3.jar Binary files differdeleted file mode 100644 index 58add99..0000000 --- a/webapp/WEB-INF/lib/lucene-1.4.3.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/lucene-demos-1.4.3.jar b/webapp/WEB-INF/lib/lucene-demos-1.4.3.jar Binary files differdeleted file mode 100644 index 55a9afd..0000000 --- a/webapp/WEB-INF/lib/lucene-demos-1.4.3.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/servlet-api-2.4.jar b/webapp/WEB-INF/lib/servlet-api-2.4.jar Binary files differdeleted file mode 100644 index dd326d3..0000000 --- a/webapp/WEB-INF/lib/servlet-api-2.4.jar +++ /dev/null diff --git a/webapp/WEB-INF/lib/xercesImpl-2.7.1.jar b/webapp/WEB-INF/lib/xercesImpl-2.7.1.jar Binary files differdeleted file mode 100644 index 0b100e1..0000000 --- a/webapp/WEB-INF/lib/xercesImpl-2.7.1.jar +++ /dev/null diff --git a/webapp/WEB-INF/web.xml b/webapp/WEB-INF/web.xml deleted file mode 100644 index ba6d8de..0000000 --- a/webapp/WEB-INF/web.xml +++ /dev/null @@ -1,122 +0,0 @@ -<?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
- version="2.4">
-
- <description>
- EGIZ PDF-AS
- </description>
- <display-name>PDF-AS</display-name>
-
- <context-param>
- <description>
- The working directory of PDF-AS.
- Points to a directory on the local file system where templates, config files, certificates etc. are found.
- If empty, the base of the web application will be chosen.
- </description>
- <param-name></param-name>
- <param-value>override this in your context file (pdf-as.xml)</param-value>
- </context-param>
-
- <listener>
- <listener-class>at.knowcenter.wag.egov.egiz.web.PdfASServletContextListener</listener-class>
- </listener>
-
- <servlet>
- <servlet-name>Sign</servlet-name>
- <servlet-class>at.knowcenter.wag.egov.egiz.web.servlets.SignServlet</servlet-class>
- </servlet>
-
- <servlet>
- <servlet-name>ProvidePDF</servlet-name>
- <servlet-class>at.knowcenter.wag.egov.egiz.web.servlets.ProvidePDFServlet</servlet-class>
- </servlet>
-
- <servlet>
- <servlet-name>SignPreview</servlet-name>
- <servlet-class>at.knowcenter.wag.egov.egiz.web.servlets.SignPreviewServlet</servlet-class>
- </servlet>
-
- <servlet>
- <servlet-name>RetrieveSignatureData</servlet-name>
- <servlet-class>at.knowcenter.wag.egov.egiz.web.servlets.RetrieveSignatureDataServlet</servlet-class>
- </servlet>
-
- <servlet>
- <servlet-name>DataURL</servlet-name>
- <servlet-class>at.knowcenter.wag.egov.egiz.web.servlets.DataURLServlet</servlet-class>
- </servlet>
-
- <servlet>
- <servlet-name>Verify</servlet-name>
- <servlet-class>at.knowcenter.wag.egov.egiz.web.servlets.VerifyServlet</servlet-class>
- </servlet>
-
- <servlet>
- <servlet-name>VerifyPreview</servlet-name>
- <servlet-class>at.knowcenter.wag.egov.egiz.web.servlets.VerifyPreviewServlet</servlet-class>
- </servlet>
-
- <servlet>
- <servlet-name>AsynchronousDataResponder</servlet-name>
- <servlet-class>at.knowcenter.wag.egov.egiz.web.AsynchronousDataResponder</servlet-class>
- </servlet>
-
- <servlet>
- <servlet-name>AsynchronousRedirectResponder</servlet-name>
- <servlet-class>at.knowcenter.wag.egov.egiz.web.AsynchronousRedirectResponder</servlet-class>
- </servlet>
-
-
- <servlet-mapping>
- <servlet-name>Sign</servlet-name>
- <url-pattern>/Sign</url-pattern>
- </servlet-mapping>
-
- <servlet-mapping>
- <servlet-name>ProvidePDF</servlet-name>
- <url-pattern>/ProvidePDF</url-pattern>
- </servlet-mapping>
-
- <servlet-mapping>
- <servlet-name>SignPreview</servlet-name>
- <url-pattern>/SignPreview</url-pattern>
- </servlet-mapping>
-
- <servlet-mapping>
- <servlet-name>RetrieveSignatureData</servlet-name>
- <url-pattern>/RetrieveSignatureData</url-pattern>
- </servlet-mapping>
-
- <servlet-mapping>
- <servlet-name>DataURL</servlet-name>
- <url-pattern>/DataURL</url-pattern>
- </servlet-mapping>
-
- <servlet-mapping>
- <servlet-name>Verify</servlet-name>
- <url-pattern>/Verify</url-pattern>
- </servlet-mapping>
-
- <servlet-mapping>
- <servlet-name>VerifyPreview</servlet-name>
- <url-pattern>/VerifyPreview</url-pattern>
- </servlet-mapping>
-
- <servlet-mapping>
- <servlet-name>AsynchronousDataResponder</servlet-name>
- <url-pattern>/AsynchronousDataResponder</url-pattern>
- </servlet-mapping>
-
- <servlet-mapping>
- <servlet-name>AsynchronousRedirectResponder</servlet-name>
- <url-pattern>/AsynchronousRedirectResponder</url-pattern>
- </servlet-mapping>
-
- <session-config>
- <session-timeout>5</session-timeout>
- </session-config>
-
-
-</web-app>
\ No newline at end of file diff --git a/webapp/css/styles.css b/webapp/css/styles.css deleted file mode 100644 index 4575ccc..0000000 --- a/webapp/css/styles.css +++ /dev/null @@ -1,59 +0,0 @@ -body {margin:10px;padding:0;font:1em Arial, sans-serif}
-
-//label {margin:0px;color:green;border:0px solid red;display:block; float:left; width:10em;text-align:right;}
-//div {margin:0 0; text-align:center;}
-//.ip, .inf {margin:2px;font-size:0.8em;}
-//#nav, #eb {border:1px solid #366090; margin:0 10%; font-size:1.5em;}
-//#nh, #sh {color:#fff;background:#366090}
-//#eh {color:#000;background:#f63}
-//#eb {border:1px solid #f63;}
-//#ct, #err, #res {margin:1em;text-align:left;}
-//#ct {white-space:nowrap;}
-//.pr {font:0.7em Arial, sans-serif;width:100%}
-
-
-.nt {font:0.7em Arial, sans-serif; border:1px solid black;text-align:left;padding:4px;background:#ddd;height:16em;overflow:auto;}
-.big {margin:100px; font-size:1.5em;}
-.sca {font:0.8em Arial, sans-serif; color:green;}
-.sin {font:0.7em Arial, sans-serif; width:99%;}
-.sim {width:120px; height:120px;}
-.st {border:1px solid #000; width:100%; border-spacing:2px;}
-.sst {font:0.7em Arial, sans-serif; text-align:left;white-space:normal; background:#eee;}
-fieldset {font:0.7em Arial, sans-serif; text-align:left; padding:2px;}
-.srt {}
-.srtd {background:#ffffe7}
-
-.srcc_0 {background:#bdff7b;}
-.srcc_1, .srcc_3 {background:#ff0;}
-.srcc_2, .srcc_4, .srcc_5, .srcc_99 {background:#f66;}
-
-.srsc_0 {background:#bdff7b;}
-.srsc_1 {background:#f66;}
-.srsc_2 {background:#f66;}
-
-.srmc_0 {background:#bdff7b;}
-.srmc_1, .srmc_99 {background:#ff0;}
-.srmc_2, .srmc_3 {background:#f66;}
-
-.sigprevtablediv {width:100%;}
-
-
-
-
-.maindiv {margin:0 0; text-align:center;}
-.mainframe {border:1px solid #366090; margin:0 10%; font-size:1.5em;}
-.mainheadline {color:#fff;background:#366090}
-
-.errorheadline {color:#000;background:#f63}
-
-.contentsdiv {margin:1em;text-align:left;}
-
-.uploadlabel {margin:0px;color:green;border:0px solid red;display:block; float:left; width:10em;text-align:right;}
-
-.field {margin:2px;font-size:0.8em;}
-.button {margin:2px;font-size:0.8em;}
-
-.previewfield {font:0.7em Arial, sans-serif;width:100%}
-
-.listtype {font-weight:bold; text-align:left;}
-.listtable {font:0.7em Arial, sans-serif; text-align:left;}
\ No newline at end of file diff --git a/webapp/index.html b/webapp/index.html deleted file mode 100644 index b2f0ddb..0000000 --- a/webapp/index.html +++ /dev/null @@ -1,22 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
-<title>PDF-AS Amtssignaturen</title>
-<link rel="stylesheet" type="text/css" href="/pdf-as/css/styles.css" />
-</head>
-<body>
-<div class="maindiv">
-<h1>PDF-AS Amtssignaturen</h1>
-<div class="mainframe">
-<div class="mainheadline">Bitte wählen Sie aus</div>
-
-<p>
-<a href="jsp/verifyupload.jsp">Dokument Signatur prüfen</a><br />
-<a href="jsp/verifyupload.jsp?freetext=true">Dokument Signatur mit freier Texteingabe prüfen</a><br />
-<a href="jsp/signupload.jsp">Dokument Signatur erstellen</a><br />
-</p>
-
-</div>
-</div>
-</body>
-</html>
\ No newline at end of file diff --git a/webapp/jsp/dataok.jsp b/webapp/jsp/dataok.jsp deleted file mode 100644 index 7fc1b96..0000000 --- a/webapp/jsp/dataok.jsp +++ /dev/null @@ -1,24 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
-<title>PDF-AS Amtssignaturen</title>
-<link rel="stylesheet" type="text/css" href="/pdf-as/css/styles.css" />
-</head>
-<body>
-<div class="maindiv">
-<h1>PDF-AS Amtssignaturen</h1>
-<div class="mainframe">
-<div class="mainheadline">Datenänderung</div>
-
-<p>
-Die Daten wurden erfolgreich übernommen.
-</p>
-
-</div>
-<%
- String btlurl = (String)request.getAttribute("btlurl");
-%>
-<a class="big" href="<%=btlurl%>">zurück zur Liste</a>
-</div>
-</body>
-</html>
\ No newline at end of file diff --git a/webapp/jsp/error.jsp b/webapp/jsp/error.jsp deleted file mode 100644 index 90120b6..0000000 --- a/webapp/jsp/error.jsp +++ /dev/null @@ -1,52 +0,0 @@ -<%@ page isErrorPage="true" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.LocalRequestHelper" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.servlets.SignServlet" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.exceptions.*" %>
-<%@ page import="java.io.*" %>
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
-<title>PDF-AS Amtssignaturen Resultat</title>
-<link rel="stylesheet" type="text/css" href="<%=LocalRequestHelper.getLocalServerAddress(request,response)%>pdf-as/css/styles.css" />
-</head>
-<body>
-<%
- PresentableException pe = (PresentableException)request.getAttribute("PresentableException");
- if (exception != null && exception instanceof PresentableException)
- {
- pe = (PresentableException)exception;
- SignServlet.prepareDispatchToErrorPage(pe, request);
- }
-
- String error = (request.getAttribute("error") == null ? "" : request.getAttribute("error").toString());
- String cause = (request.getAttribute("cause") == null ? "" : request.getAttribute("cause").toString());
-%>
-<div class="maindiv">
-<h1>PDF-AS Amtssignaturen</h1>
-<div class="mainframe">
-<div class="errorheadline">Ein Fehler ist aufgetreten</div>
-<div class="contentsdiv">
-<%= error %><br />
-<br />Grund:
-<br />
-<strong><%= cause %></strong>
-</div>
-</div>
-<a class="big" href="<%=LocalRequestHelper.getLocalServerAddress(request,response)%>pdf-as/">Weiter...</a>
-</div>
-<pre style="display:none">
-<%
- if (pe != null)
- {
- StringWriter sw = new StringWriter();
- PrintWriter pw = new PrintWriter(sw);
- pe.printStackTrace(pw);
- sw.close();
- pw.close();
- out.print(sw);
- }
-%>
-</pre>
-</body>
-</html>
\ No newline at end of file diff --git a/webapp/jsp/local_connection_page.jsp b/webapp/jsp/local_connection_page.jsp deleted file mode 100644 index 16c7ea1..0000000 --- a/webapp/jsp/local_connection_page.jsp +++ /dev/null @@ -1,49 +0,0 @@ -<%@ page contentType="text/html; charset=UTF-8" %>
-<%
- String local_request_url = (String)request.getAttribute("local_request_url");
- String quoted_request = (String)request.getAttribute("quoted_request");
- String data_url = (String)request.getAttribute("data_url");
- String redirect_url = (String)request.getAttribute("redirect_url");
-%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
-<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
-<title>PDF-AS Amtssignaturen Lokale Verbindung</title>
-<link rel="stylesheet" type="text/css" href="/pdf-as/css/styles.css" />
-</head>
-
-<body onload="document.submitform.submit()">
-<div class="maindiv">
-
-<h1>PDF-AS Amtssignaturen</h1>
-
-<div class="mainframe">
-<div class="mainheadline">Verbindung zu BKU/A1</div>
-
-<div>Die Verbindung wird hergestellt.<br/>Bitte haben sie etwas Geduld.</div>
-
-
-<form action="<%= local_request_url %>"
- name="submitform"
- accept-charset="UTF-8"
- method="post">
-<!-- enctype="multipart/form-data"-->
-
-
-
-<input type="hidden" name="XMLRequest" value="<%= quoted_request %>" />
-
-<input type="hidden" name="DataURL" value="<%= data_url %>" />
-<input type="hidden" name="RedirectURL" value="<%= redirect_url %>" />
-
-<input class="ip" type="submit" value="Abschicken..." />
-
-</form>
-
-
-</div>
-<a class="big" href="/pdf-as/">zurück</a>
-</div>
-</body>
-</html>
diff --git a/webapp/jsp/null_request_page.jsp b/webapp/jsp/null_request_page.jsp deleted file mode 100644 index c6786d7..0000000 --- a/webapp/jsp/null_request_page.jsp +++ /dev/null @@ -1,48 +0,0 @@ -<%@ page contentType="text/html; charset=UTF-8" %>
-<%
- String local_request_url = (String)request.getAttribute("local_request_url");
- String data_url = (String)request.getAttribute("data_url");
-%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
-<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
-<title>PDF-AS Amtssignaturen Lokale Verbindung</title>
-<link rel="stylesheet" type="text/css" href="/pdf-as/css/styles.css" />
-
-</head>
-
-<body onload="document.submitform.submit()">
-
-<div class="maindiv">
-
-<h1>PDF-AS Amtssignaturen</h1>
-
-<div class="mainframe">
-<div class="mainheadline">Verbindung zu BKU/A1</div>
-
-<div>Die Verbindung wird hergestellt.<br/>Bitte haben sie etwas Geduld.</div>
-
-
-<form action="<%= local_request_url %>"
- name="submitform"
- accept-charset="UTF-8"
- method="post">
-<!-- enctype="multipart/form-data"-->
-
-
-
-<input type="hidden" name="XMLRequest" value="<?xml version='1.0' encoding='UTF-8'?><NullOperationRequest xmlns='http://www.buergerkarte.at/namespaces/securitylayer/1.2#'/>" />
-
-<input type="hidden" name="DataURL" value="<%= data_url %>"/>
-
-<input class="ip" type="submit" value="Abschicken..." />
-
-</form>
-
-
-</div>
-<a class="big" href="/pdf-as/">zurück</a>
-</div>
-</body>
-</html>
\ No newline at end of file diff --git a/webapp/jsp/redirect_refresh_page.jsp b/webapp/jsp/redirect_refresh_page.jsp deleted file mode 100644 index ee047c9..0000000 --- a/webapp/jsp/redirect_refresh_page.jsp +++ /dev/null @@ -1,36 +0,0 @@ -<%@ page contentType="text/html; charset=UTF-8" %>
-<%
- String refresh_url = (String)request.getAttribute("refresh_url");
-%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
-<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
-
-<meta http-equiv="refresh" content="1"/>
-
-<title>PDF-AS Amtssignaturen Lokale Verbindung</title>
-<link rel="stylesheet" type="text/css" href="/pdf-as/css/styles.css" />
-</head>
-<body>
-
-<div class="maindiv">
-
-<h1>PDF-AS Amtssignaturen</h1>
-
-<div class="mainframe">
-<div class="mainheadline">Verbindung zu BKU/A1</div>
-
-<div>Bitte warten.<br/>Sobald ein Ergebnis vorliegt, wird es hier angezeigt.</div>
-
-<div>
-Diese Seite lädt sich automatisch neu.<br/>
-Sollte dies nicht funktionieren, so folgen Sie bitte diesem Link:<br/>
-<a href="<%= refresh_url %>"><%= refresh_url %></a>
-</div>
-
-</div>
-<a class="big" href="/pdf-as/">zurück</a>
-</div>
-</body>
-</html>
diff --git a/webapp/jsp/results.jsp b/webapp/jsp/results.jsp deleted file mode 100644 index d98fcd3..0000000 --- a/webapp/jsp/results.jsp +++ /dev/null @@ -1,106 +0,0 @@ -<%@ page contentType="text/html; charset=UTF-8" %>
-<%@ page import="java.util.List" %>
-<%@ page import="java.util.Iterator" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.sig.SignatureResponse" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.LocalRequestHelper" %>
-
-<%
- List results = (List) request.getAttribute("results");
- Object bb = request.getAttribute("backbutton");
- String btlurl = (String)request.getAttribute("btlurl");
- boolean backbutton = true;
- if (bb != null && bb.equals("false"))
- {
- backbutton = false;
- }
-%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
- <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
- <title>PDF-AS Amtssignaturen Resultat</title>
- <link rel="stylesheet" type="text/css" href="<%=LocalRequestHelper.getLocalServerAddress(request,response)%>pdf-as/css/styles.css" />
-</head>
-<body>
-<div class="maindiv">
-<h1>PDF-AS Amtssignaturen</h1>
-<div class="mainframe">
-<div class="mainheadline">Resultat</div>
-
-<div class="contentsdiv">
-<%
- Iterator resit = results.iterator();
- while (resit.hasNext())
- {
- SignatureResponse result = (SignatureResponse) resit.next();
-%>
-
-
-
-
-<fieldset><legend><b>Zertifikat</b></legend>
-<table class="srt">
- <tr><td>Signator:</td><td class="srtd"><%= result.getX509SubjectName() %></td></tr>
- <tr><td>Aussteller:</td><td class="srtd"><%= result.getX509IssuerName() %></td></tr>
- <tr><td>Seriennummer:</td><td class="srtd"><%= result.getX509SerialNumber() %></td></tr>
-
-<%
- List public_properties = result.getPublicProperties();
- Iterator propit = public_properties.iterator();
- while (propit.hasNext())
- {
- String public_property = (String) propit.next();
-%>
- <tr><td> Eigenschaft:</td><td class="srtd"><%= public_property %></td></tr>
-<%
- }
-%>
- <tr><td>Zertifikat:</td><td class="srcc_<%= result.getCertificateCheckCode() %>"><%= result.getCertificateCheckInfo() %></td></tr>
-
-</table>
-</fieldset>
-<fieldset><legend><b>Signatur-Check</b></legend>
-<div class="srsc_<%= result.getSignatureCheckCode() %>"><%= result.getSignatureCheckInfo() %></div>
-</fieldset>
-<fieldset><legend><b>Manifest-Check</b></legend>
-<div class="srmc_<%= result.getSignatureManifestCheckCode() %>"><%= result.getSignatureManifestCheckInfo() %></div>
-</fieldset>
-
-
-
-
-
-<%
- if (resit.hasNext())
- {
-%>
- <br />
-<%
- }
- }
-%>
-</div>
-
-</div>
-<%
- if (backbutton)
- {
-%>
-<a class="big" href="<%=LocalRequestHelper.getLocalServerAddress(request,response)%>pdf-as/">zurück</a>
-<%
- }
- if (btlurl != null)
- {
-%>
-<a class="big" href="<%=btlurl%>">zurück zur Liste</a>
-<%
- }
-%>
-
-</div>
-</body>
-</html>
-
-
-
-
diff --git a/webapp/jsp/signpreview.jsp b/webapp/jsp/signpreview.jsp deleted file mode 100644 index 897aec2..0000000 --- a/webapp/jsp/signpreview.jsp +++ /dev/null @@ -1,93 +0,0 @@ -<%@ page import="at.knowcenter.wag.egov.egiz.web.FormFields" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.SessionAttributes" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.sig.SignatureData" %>
-<%@ page import="at.gv.egiz.pdfas.web.SignSessionInformation" %>
-<%@page import="at.gv.egiz.pdfas.impl.input.TextDataSourceImpl"%>
-<%
- SignSessionInformation si = (SignSessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION);
-
- String submit_url = (String)request.getAttribute("submit_url");
-
- String signature_data_url = (String)request.getAttribute("signature_data_url");
-
- String document_text = null;
- if (si.mode.equals(FormFields.VALUE_MODE_TEXTUAL))
- {
- SignatureData data = si.si.getSignatureData();
- TextDataSourceImpl tds = (TextDataSourceImpl)data.getDataSource();
- document_text = tds.getText();
- }
-%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
- <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
- <title>PDF-AS Amtssignaturen Vorschau</title>
- <link rel="stylesheet" type="text/css" href="/pdf-as/css/styles.css" />
-</head>
-<body>
-<div class="maindiv">
-<h1>PDF-AS Amtssignaturen</h1>
-<div class="mainframe">
-<div class="mainheadline">Vorschau: Dokument Signieren</div>
-
-
-<%
- if (si.mode.equals(FormFields.VALUE_MODE_TEXTUAL))
- {
-%>
-<form action="<%= submit_url %>"
- name="submitform"
- enctype="multipart/form-data"
- accept-charset="UTF-8"
- method="get">
-<div class="contentsdiv">
-
-
-<pre class="nt"><%= document_text %></pre>
-
-<br />
-
-<input class="button" type="submit" value="Signieren..." />
-
-</div>
-</form>
-
-
-<%
- }
- else
- {
-%>
-
-<form action="<%= signature_data_url %>"
- method="get"
- target="blank_">
-<div class="contentsdiv">
-
-<input class="button" type="submit" value="Vorschaudokument anzeigen..." />
-
-</div>
-</form>
-
-<br />
-
-<form action="<%= submit_url %>"
- method="get">
-<div class="contentsdiv">
-
-<input class="button" type="submit" value="Signieren..." />
-
-</div>
-</form>
-
-<%
- }
-%>
-
-
-</div>
-<a class="big" href="/pdf-as/">zurück</a>
-</div>
-</body>
-</html>
diff --git a/webapp/jsp/signupload.jsp b/webapp/jsp/signupload.jsp deleted file mode 100644 index 1474da5..0000000 --- a/webapp/jsp/signupload.jsp +++ /dev/null @@ -1,81 +0,0 @@ -<%@ page import="at.knowcenter.wag.egov.egiz.web.FormFields" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.SessionAttributes" %>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
- <title>PDF-AS Amtssignaturen</title>
- <link rel="stylesheet" type="text/css" href="/pdf-as/css/styles.css" />
-</head>
-<body>
-<div class="maindiv">
-<h1>PDF-AS Amtssignaturen</h1>
-<div class="mainframe">
-<div class="mainheadline">Dokument Signatur erstellen</div>
-
-<form name="submitform"
- enctype="multipart/form-data"
- accept-charset="UTF-8"
- method="post"
- action="/pdf-as/Sign">
-
-<div class="contentsdiv">
-
-<!--
-<label class="uploadlabel">Name:</label><%= request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_NAME) %>
--->
-<br />
-<br />
-
-<label class="uploadlabel">PDF Datei:</label>
-
-<input class="field" size="20" type="file" name="<%= FormFields.FIELD_UPLOAD %>" accept="application/pdf" />
-
-<br />
-
-<label class="uploadlabel">Signatur Typ:</label>
-
-<%= FormFields.generateTypeSelectBox() %>
-
-<br />
-
-<label class="uploadlabel">Signier Applikation:</label>
-
-<%= FormFields.generateConnectorSelectBox() %>
-
-<br />
-
-<label class="uploadlabel">Signier Modus:</label>
-
-<select name="<%= FormFields.FIELD_MODE %>" class="field">
-<option value="<%= FormFields.VALUE_MODE_BINARY %>" selected="selected">binär</option>
-<option value="<%= FormFields.VALUE_MODE_TEXTUAL %>">textuell</option>
-<option value="<%= FormFields.VALUE_MODE_DETACHED %>">detached</option>
-</select>
-
-<br />
-
-<label class="uploadlabel">Dokument:</label>
-<select name="<%= FormFields.FIELD_DOWNLOAD %>" class="field" >
-<option value="<%= FormFields.VALUE_DOWNLOAD_INLINE %>" selected="selected">im Browser anzeigen</option>
-<option value="<%= FormFields.VALUE_DOWNLOAD_ATTACHMENT %>">als Download</option>
-</select>
-
-
-<br />
-<br />
-
-
-<label class="uploadlabel"> </label>
-<input type="hidden" name="<%= FormFields.FIELD_PREVIEW %>" value="false" />
-<input class="button" type="submit" value="Signatur erstellen" />
-<input class="button" type="submit" value="Vorschau" onclick="document.submitform.<%= FormFields.FIELD_PREVIEW %>.value='true'" />
-
-
-</div>
-</form>
-
-</div>
-<a class="big" href="/pdf-as/">zurück</a>
-</div>
-</body>
-</html>
\ No newline at end of file diff --git a/webapp/jsp/verifylist.jsp b/webapp/jsp/verifylist.jsp deleted file mode 100644 index 3d4cf6d..0000000 --- a/webapp/jsp/verifylist.jsp +++ /dev/null @@ -1,98 +0,0 @@ -<%@ page contentType="text/html; charset=UTF-8" %>
-<%@ page errorPage="error.jsp" %>
-<%@ page import="java.util.List" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.pdf.SignatureHolder" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.FormFields" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.SessionAttributes" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.servlets.VerifyPreviewServlet" %>
-<%@ page import="at.gv.egiz.pdfas.web.VerifySessionInformation" %>
-<%@ page import="at.gv.egiz.pdfas.web.helper.SessionHelper"%>
-<%
-
- VerifySessionInformation si = (VerifySessionInformation) SessionHelper.getSession(request);
-
- List signature_holders = si.signature_holders;
-
-%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
- <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
- <title>PDF-AS Amtssignaturen Vorschau</title>
- <link rel="stylesheet" type="text/css" href="/pdf-as/css/styles.css" />
-</head>
-<body>
-<div class="maindiv">
-<h1>PDF-AS Amtssignaturen</h1>
-<div class="mainframe">
-<%
- if (signature_holders.size() > 1)
- {
-%>
-<div class="mainheadline">Extrahierte Signaturen</div>
-<%
- }
- else
- {
-%>
-<div class="mainheadline">Extrahierte Signatur</div>
-<%
- }
-%>
-
-
-<div class="contentsdiv">
-
-
-<%
- for (int i = 0; i < signature_holders.size(); i++)
- {
- SignatureHolder holder = (SignatureHolder) signature_holders.get(i);
-%>
-
-
-<%= VerifyPreviewServlet.renderRequiredKeysText(holder.getSignatureObject()) %>
-
-<form action="<%= response.encodeURL(request.getContextPath() + "/VerifyPreview") %>"
- accept-charset="UTF-8"
- method="get"
- style="float:left;">
-<input type="hidden" name="<%= FormFields.FIELD_VERIFY_WHICH %>" value="<%= i %>" />
-<input type="hidden" name="<%= FormFields.FIELD_PREVIEW %>" value="false" />
-
-<input class="button" type="submit" value="Nur diese Signatur prüfen" />
-</form>
-
-<form action="<%= response.encodeURL(request.getContextPath() + "/VerifyPreview") %>"
- accept-charset="UTF-8"
- method="get"
- style="float:left;">
-<input type="hidden" name="<%= FormFields.FIELD_VERIFY_WHICH %>" value="<%= i %>" />
-<input type="hidden" name="<%= FormFields.FIELD_PREVIEW %>" value="true" />
-
-<input class="button" type="submit" value="Vorschau..." />
-</form>
-
-<hr style="clear:both;" />
-
-<%
- }
-%>
-
-<form action="<%= response.encodeURL(request.getContextPath() + "/VerifyPreview") %>"
- accept-charset="UTF-8"
- method="get">
-<input type="hidden" name="<%= FormFields.FIELD_VERIFY_WHICH %>" value="<%= FormFields.VALUE_VERIFY_WHICH_ALL %>" />
-<input type="hidden" name="<%= FormFields.FIELD_PREVIEW %>" value="false" />
-
-<input class="button" type="submit" value="Alle prüfen" />
-</form>
-
-
-</div>
-
-</div>
-<a class="big" href="/pdf-as/">zurück</a>
-</div>
-</body>
-</html>
\ No newline at end of file diff --git a/webapp/jsp/verifypreview.jsp b/webapp/jsp/verifypreview.jsp deleted file mode 100644 index 13cbd67..0000000 --- a/webapp/jsp/verifypreview.jsp +++ /dev/null @@ -1,80 +0,0 @@ -<%@ page contentType="text/html; charset=UTF-8" %>
-<%@ page errorPage="error.jsp" %>
-<%@ page import="java.util.List" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.pdf.SignatureHolder" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.pdf.TextualSignatureHolder" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.FormFields" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.SessionAttributes" %>
-<%@ page import="at.knowcenter.wag.egov.egiz.web.servlets.VerifyPreviewServlet" %>
-<%@ page import="at.gv.egiz.pdfas.web.VerifySessionInformation" %>
-<%@ page import="at.gv.egiz.pdfas.web.helper.SessionHelper"%>
-<%
- String btlurl = (String)request.getAttribute("btlurl");
-
- VerifySessionInformation si = (VerifySessionInformation) SessionHelper.getSession(request);
-
- List signature_holders = si.signature_holders;
- Integer ver_wh = (Integer) request.getAttribute(FormFields.FIELD_VERIFY_WHICH);
- int verify_which = ver_wh.intValue();
- SignatureHolder signature_holder = (SignatureHolder) signature_holders.get(verify_which);
-
-%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
-<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
-<title>PDF-AS Amtssignaturen Vorschau</title>
-<link rel="stylesheet" type="text/css" href="/pdf-as/css/styles.css" />
-
-<script type="text/javascript">
- function initSigValues()
- {
-<%= VerifyPreviewServlet.renderRequiredKeysJavaScript(signature_holder.getSignatureObject(), "") %>
- }
-</script>
-
-</head>
-
-<body onload="initSigValues()">
-<div class="maindiv">
-
-<h1>PDF-AS Amtssignaturen</h1>
-
-<div class="mainframe">
-<div class="mainheadline">Vorschau: Dokument Prüfen</div>
-
-<form action="<%= response.encodeURL(request.getContextPath() + "/VerifyPreview") %>"
- name="submitform"
- enctype="multipart/form-data"
- accept-charset="UTF-8"
- method="post">
-<div class="contentsdiv">
-
-
-<input type="hidden" name="<%= FormFields.FIELD_VERIFY_WHICH %>" value="<%= verify_which %>" />
-
-<div>Rekonstruktion der Signaturmarke:</div>
-<textarea class="previewfield" cols="80" rows="14" name="<%= FormFields.FIELD_RAW_DOCUMENT_TEXT %>"><%= ((TextualSignatureHolder)signature_holder).getSignedText() %></textarea>
-
-<%= VerifyPreviewServlet.renderRequiredKeys(signature_holder.getSignatureObject(), "", false) %>
-
-<br />
-
-<input type="hidden" name="verify" value="false" />
-
-<input class="button" type="submit" value="Werte übernehmen" />
-
-<input class="button" type="submit" value="Werte übernehmen und prüfen" onclick="document.submitform.verify.value='true'" />
-
-</div>
-</form>
-
-</div>
-
-<a class="big" href="/pdf-as">zurück</a>
-<a class="big" href="<%=btlurl%>">zurück zur Liste</a>
-
-</div>
-</body>
-
-</html>
diff --git a/webapp/jsp/verifyupload.jsp b/webapp/jsp/verifyupload.jsp deleted file mode 100644 index a33883d..0000000 --- a/webapp/jsp/verifyupload.jsp +++ /dev/null @@ -1,100 +0,0 @@ -<%@ page import="at.knowcenter.wag.egov.egiz.web.FormFields" %>
-<%@ page contentType="text/html; charset=UTF-8" %>
-<%
- boolean freetext_entry = false;
- String parameter_freetext = (String)request.getParameter(FormFields.PARAMETER_FREE_TEXT_ENTRY);
- if (parameter_freetext != null && parameter_freetext.equals(FormFields.VALUE_TRUE))
- {
- freetext_entry = true;
- }
-%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
- <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <title>PDF-AS Amtssignaturen</title>
- <link rel="stylesheet" type="text/css" href="/pdf-as/css/styles.css" />
-</head>
-<body>
-<div class="maindiv">
-<h1>PDF-AS Amtssignaturen</h1>
-<div class="mainframe">
-<div class="mainheadline">Dokument Signatur prüfen</div>
-
-
-<form name="submitform" enctype="multipart/form-data" method="post" action="/pdf-as/Verify" accept-charset="UTF-8">
-
-<div class="contentsdiv">
-
-<%
- if (freetext_entry)
- {
-%>
-<div>Vollständiger Dokumenttext:</div>
-<textarea class="previewfield" cols="80" rows="14" name="<%= FormFields.FIELD_UPLOAD %>">Hier bitte den vollständigen Dokumenttext samt Signaturblock eingeben.</textarea>
-<br />
-<%
- }
- else
- {
-%>
-<br />
-
-<label class="uploadlabel">PDF Datei:</label>
-
-<input class="field" size="20" type="file" name="<%= FormFields.FIELD_UPLOAD %>" accept="application/pdf,text/plain" />
-<%
- }
-%>
-
-<br />
-
-<label class="uploadlabel">Prüf Applikation:</label>
-
-<%= FormFields.generateConnectorSelectBox() %>
-
-<%
- if (freetext_entry)
- {
-%>
-
-<br />
-
-<label class="uploadlabel">Prüf Modus:</label>
-
-<span>textuell</span>
-<!--
-<input type="hidden" name="<%= FormFields.FIELD_MODE %>" value="<%= FormFields.VALUE_MODE_TEXTUAL %>" />
--->
-<%
- }
- else
- {
-%>
-<!--
-<select name="<%= FormFields.FIELD_MODE %>" class="field">
-<option value="<%= FormFields.VALUE_MODE_BINARY %>" selected="selected">binär</option>
-<option value="<%= FormFields.VALUE_MODE_TEXTUAL %>">textuell</option>
-</select>
--->
-<%
- }
-%>
-
-<br />
-<br />
-
-
-<label class="uploadlabel"> </label>
-<input type="hidden" name="<%= FormFields.FIELD_PREVIEW %>" value="false" />
-<input class="button" type="submit" value="Alle prüfen" />
-<input class="button" type="submit" value="Signaturen auflisten" onclick="document.submitform.<%= FormFields.FIELD_PREVIEW %>.value='true'" />
-
-</div>
-</form>
-
-</div>
-<a class="big" href="/pdf-as/">zurück</a>
-</div>
-</body>
-</html>
\ No newline at end of file diff --git a/work/cfg/config.properties b/work/cfg/config.properties index 0f54030..509caae 100644 --- a/work/cfg/config.properties +++ b/work/cfg/config.properties @@ -14,6 +14,18 @@ ldap.url=http://xxx.yyy.z.com:5000/some/fake/url cert.alg.rsa=http://www.w3.org/2000/09/xmldsig#rsa-sha1
cert.alg.ecdsa=http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
+# time frame the signing time may differ (in the upper and the lower direction) from the host time
+# in seconds
+# valid frame: current time - signing_time_tolerance ... current time + signing_time
+# no value or -1 means that the signing time is not checked
+signing_time_tolerance=900
+
+# this key overrides the dynamically built locrefcontent URL for the retrieval of the data to be signed
+# remove/disable this key to enable the old dynamic build process
+# Use this key to overcome SSL Problems with dataurl communication.
+# Note: Assure that this URL is accessible from the citizen card environment.
+#retrieve_signature_data_url_override=http://localhost:8080/pdf-as/RetrieveSignatureData
+
# Beim Signieren: Überprüfung ob Dokument PDF-Version 1.4 (oder weniger) hat
strict_mode=false
@@ -27,7 +39,7 @@ correct_document_if_necessary=true # internal - das Dokument wird mit dem "internen" iText Corrector korrigiert
# external - das Dokument wird durch einen externen Kommandozeilenaufruf korrigiert.
# Hinweis: ein externes Programm aufzurufen birgt gewisse Risiken in sich
-# und sollte daher nöglichst nicht verwendet werden.
+# und sollte daher möglichst nicht verwendet werden.
corrector=internal
# Kommandozeile für den externen Connector.
@@ -63,15 +75,21 @@ default.bku.algorithm.id=etsi-bka-1.0 # MOA Algorithm - Kennzeichnung
default.moa.algorithm.id=etsi-bka-moa-1.0
+# MOCCA Algorithm - Kennzeichnung
+default.moc.algorithm.id=etsi-moc-1.0
+
# MOA Detached Signieren aus Konsole möglich - zurzeit möglich nur mit BKU
moa.sign.console.detached.enabled=false
# MOA Kennzeichnungsfeld anzeigen
moa.id.field.visible=false
+
#############################################
# Signaturdienste
+# BKU settings
+
bku.available_for_web=true
bku.available_for_commandline=true
@@ -84,7 +102,7 @@ bku.sign.request.base64=./templates/default.bku.sign.enveloping.xml # default bku detached sign template file
bku.sign.request.detached=./templates/default.bku.sign.detached.xml
-# BKU VERIFYING
+# BKU verification
bku.verify.url=http://127.0.0.1:3495/http-security-layer-request
bku.verify.template.base64old=./templates/default.bku.verify.template.enveloping.old.xml
@@ -96,6 +114,22 @@ bku.verify.template.base64=./templates/default.bku.verify.template.enveloping.xm bku.verify.request.detached=./templates/default.bku.verify.request.detached.xml
bku.verify.template.detached=./templates/default.bku.verify.template.detached.xml
+
+# MOCCA settings
+moc.available_for_web=true
+moc.available_for_commandline=false
+
+# MOCCA signature
+moc.sign.url=https://apps.egiz.gv.at/bkuonline/https-security-layer-request
+moc.sign.KeyboxIdentifier=SecureSignatureKeypair
+# default MOCCA signature template
+moc.sign.request.detached=./templates/default.moc.sign.detached.xml
+
+# MOCCA verification
+# default MOCCA verify template
+moc.verify.template.detached=./templates/default.moc.verify.template.detached.xml
+
+
# A1 settings
a1.available_for_web=false
a1.available_for_commandline=false
@@ -135,6 +169,7 @@ moa.verify.template.base64=./templates/default.moa.verify.template.enveloping.xm moa.verify.request.detached=./templates/default.moa.verify.request.detached.xml
moa.verify.template.detached=./templates/default.moa.verify.template.detached.xml
+
#############################################
# Responsemeldungen der Signaturdienste
diff --git a/work/cfg/help_text.properties b/work/cfg/help_text.properties index b99ff77..afd2d4b 100644 --- a/work/cfg/help_text.properties +++ b/work/cfg/help_text.properties @@ -60,6 +60,12 @@ error.code.330=Es kann keine Verbindung zu MOA hergestellt werden oder MOA hat d # TODO remove this when MOA detached is ready
error.code.370=Eine detached Signature kann zur Zeit mit MOA nicht überprüft werden.
+# Für die Online-BKU: Signatur-Prüfung wird nicht unterstützt werden.
+error.code.371=Dieses Signaturgerät unterstützt keine Signatur-Prüfung.
+
+# Workaround for ITS(Mac/Linux) bug concerning the signing time.
+error.code.372=Der Signaturzeitpunkt ist ungültig. Stellen Sie bitte sicher, dass die Systemzeit sowie die Zeitzoneneinstellung Ihres Rechners korrekt sind.
+
#NormalizeException
error.code.400=Das Normalisierungsmodul kann nicht initialisiert werden.
diff --git a/work/templates/default.moc.sign.detached.xml b/work/templates/default.moc.sign.detached.xml new file mode 100644 index 0000000..c8252da --- /dev/null +++ b/work/templates/default.moc.sign.detached.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<sl:CreateXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#">
+<sl:KeyboxIdentifier>KeyboxIdentifierReplace</sl:KeyboxIdentifier>
+<sl:DataObjectInfo Structure="detached">
+<sl:DataObject Reference="urn:Document">
+<sl:LocRefContent>LocRefContentReplace</sl:LocRefContent>
+</sl:DataObject>
+<sl:TransformsInfo>
+<sl:FinalDataMetaInfo>
+<sl:MimeType>MimeTypeReplace</sl:MimeType>
+</sl:FinalDataMetaInfo>
+</sl:TransformsInfo>
+</sl:DataObjectInfo>
+</sl:CreateXMLSignatureRequest>
diff --git a/work/templates/default.moc.verify.template.detached.xml b/work/templates/default.moc.verify.template.detached.xml new file mode 100644 index 0000000..93e4f96 --- /dev/null +++ b/work/templates/default.moc.verify.template.detached.xml @@ -0,0 +1 @@ +<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="Signature-SigIdReplace-1"><dsig:SignedInfo Id="SignedInfo-SigIdReplace-1"><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="CertAlgReplace"/><dsig:Reference Id="Reference-SigIdReplace-1" URI="urn:Document"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>DigestValueSignedDataReplace</dsig:DigestValue></dsig:Reference><dsig:Reference Id="Reference-SigIdReplace-2" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(xades=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('Object-SigIdReplace-1')/child::xades:QualifyingProperties/child::xades:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedPropertiesReplace</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue Id="SignatureValue-SigIdReplace-1">SignatureValueReplace</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>X509CertificateReplace</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="Object-SigIdReplace-1"><QualifyingProperties xmlns="http://uri.etsi.org/01903/v1.1.1#" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#"><SignedProperties xmlns="http://uri.etsi.org/01903/v1.1.1#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" Id="SignedProperties-SigIdReplace-1"><SignedSignatureProperties><SigningTime>SigningTimeReplace</SigningTime><SigningCertificate><Cert><CertDigest><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>DigestValueX509CertificateReplace</DigestValue></CertDigest><IssuerSerial><ns2:X509IssuerName>X509IssuerNameReplace</ns2:X509IssuerName><ns2:X509SerialNumber>X509SerialNumberReplace</ns2:X509SerialNumber></IssuerSerial></Cert></SigningCertificate><SignaturePolicyIdentifier><SignaturePolicyImplied></SignaturePolicyImplied></SignaturePolicyIdentifier></SignedSignatureProperties><SignedDataObjectProperties><DataObjectFormat ObjectReference="#Reference-SigIdReplace-1"><MimeType>MimeTypeReplace</MimeType></DataObjectFormat></SignedDataObjectProperties></SignedProperties></QualifyingProperties></dsig:Object></dsig:Signature>
\ No newline at end of file diff --git a/work/templates/moc.etsi-moc-1.0.sign.request.xml b/work/templates/moc.etsi-moc-1.0.sign.request.xml new file mode 100644 index 0000000..c8252da --- /dev/null +++ b/work/templates/moc.etsi-moc-1.0.sign.request.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<sl:CreateXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#">
+<sl:KeyboxIdentifier>KeyboxIdentifierReplace</sl:KeyboxIdentifier>
+<sl:DataObjectInfo Structure="detached">
+<sl:DataObject Reference="urn:Document">
+<sl:LocRefContent>LocRefContentReplace</sl:LocRefContent>
+</sl:DataObject>
+<sl:TransformsInfo>
+<sl:FinalDataMetaInfo>
+<sl:MimeType>MimeTypeReplace</sl:MimeType>
+</sl:FinalDataMetaInfo>
+</sl:TransformsInfo>
+</sl:DataObjectInfo>
+</sl:CreateXMLSignatureRequest>
diff --git a/work/templates/moc.etsi-moc-1.0.verify.template.xml b/work/templates/moc.etsi-moc-1.0.verify.template.xml new file mode 100644 index 0000000..93e4f96 --- /dev/null +++ b/work/templates/moc.etsi-moc-1.0.verify.template.xml @@ -0,0 +1 @@ +<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="Signature-SigIdReplace-1"><dsig:SignedInfo Id="SignedInfo-SigIdReplace-1"><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="CertAlgReplace"/><dsig:Reference Id="Reference-SigIdReplace-1" URI="urn:Document"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>DigestValueSignedDataReplace</dsig:DigestValue></dsig:Reference><dsig:Reference Id="Reference-SigIdReplace-2" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(xades=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('Object-SigIdReplace-1')/child::xades:QualifyingProperties/child::xades:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedPropertiesReplace</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue Id="SignatureValue-SigIdReplace-1">SignatureValueReplace</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>X509CertificateReplace</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="Object-SigIdReplace-1"><QualifyingProperties xmlns="http://uri.etsi.org/01903/v1.1.1#" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#"><SignedProperties xmlns="http://uri.etsi.org/01903/v1.1.1#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" Id="SignedProperties-SigIdReplace-1"><SignedSignatureProperties><SigningTime>SigningTimeReplace</SigningTime><SigningCertificate><Cert><CertDigest><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>DigestValueX509CertificateReplace</DigestValue></CertDigest><IssuerSerial><ns2:X509IssuerName>X509IssuerNameReplace</ns2:X509IssuerName><ns2:X509SerialNumber>X509SerialNumberReplace</ns2:X509SerialNumber></IssuerSerial></Cert></SigningCertificate><SignaturePolicyIdentifier><SignaturePolicyImplied></SignaturePolicyImplied></SignaturePolicyIdentifier></SignedSignatureProperties><SignedDataObjectProperties><DataObjectFormat ObjectReference="#Reference-SigIdReplace-1"><MimeType>MimeTypeReplace</MimeType></DataObjectFormat></SignedDataObjectProperties></SignedProperties></QualifyingProperties></dsig:Object></dsig:Signature>
\ No newline at end of file |