From d5a386b533a3e56006c13c875f6ee80a97569777 Mon Sep 17 00:00:00 2001 From: tknall Date: Tue, 27 Nov 2007 13:39:27 +0000 Subject: serious bug in EGIZDate fixed (comparison was performed in 12-hour-mode, therefore sigs over noon were broken), jce- and ecc-provider are now being registered in Settingsreader git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@231 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../pdfas/impl/vfilter/VerificationFilterImpl.java | 51 ++++++++++++++-------- .../wag/egov/egiz/cfg/SettingsReader.java | 13 ++++++ .../wag/egov/egiz/ldap/api/LDAPAPIFactory.java | 11 ----- .../egiz/ldap/client/LDAPClientFactoryImpl.java | 7 ++- .../at/knowcenter/wag/egov/egiz/pdf/EGIZDate.java | 10 ++++- 5 files changed, 59 insertions(+), 33 deletions(-) diff --git a/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java b/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java index 3fe17bf..bd5a146 100644 --- a/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java +++ b/src/main/java/at/gv/egiz/pdfas/impl/vfilter/VerificationFilterImpl.java @@ -7,6 +7,7 @@ import java.util.ArrayList; import java.util.Iterator; import java.util.List; +import org.apache.commons.lang.time.StopWatch; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -63,6 +64,8 @@ public class VerificationFilterImpl implements VerificationFilter public List extractSignatureHolders(final PdfDataSource pdf, List blocks, final VerificationFilterParameters parameters) throws VerificationFilterException { log.trace("extractSignaturHolders:"); + StopWatch sw = new StopWatch(); + sw.start(); if (log.isDebugEnabled()) { @@ -72,20 +75,6 @@ public class VerificationFilterImpl implements VerificationFilter unrollLinearization(blocks); - // tzefferer: check document here - SettingsReader settings; - try { - settings = SettingsReader.getInstance(); - } catch (SettingsException e) { - throw new VerificationFilterException(e); - } - String check_doc = settings.getSetting(CHECK_DOCUMENT, "false"); - - if(check_doc.equalsIgnoreCase("true")) { - checkDocument(pdf, blocks, parameters); - } - // end add - if (log.isDebugEnabled()) { log.debug("IU blocks without linearization: " + blocks.size()); @@ -122,8 +111,32 @@ public class VerificationFilterImpl implements VerificationFilter } } - + log.trace("extractSignaturHolders finished."); + sw.stop(); + log.debug("extractSignatureHolders: " + sw.getTime() + "ms."); + + SettingsReader settings; + try { + settings = SettingsReader.getInstance(); + } catch (SettingsException e) { + throw new VerificationFilterException(e); + } + String check_doc = settings.getSetting(CHECK_DOCUMENT, "false"); + + // tzefferer: check document here + // check doesn't make sense if we don't have any signatures + if (signatureHolderChain != null && !signatureHolderChain.isEmpty() && "true".equalsIgnoreCase(check_doc)) { + sw.reset(); + sw.start(); + checkDocument(pdf, blocks, parameters); + sw.stop(); + log.debug("checkDocument: " + sw.getTime() + "ms."); + } else { + log.debug("Skipping checkDocument."); + } + // end add + return signatureHolderChain; } @@ -571,7 +584,7 @@ public class VerificationFilterImpl implements VerificationFilter boolean sig_detected = false; - if(considerOldSigs) { + if (considerOldSigs) { DelimitedPdfDataSource dds = new DelimitedPdfDataSource(pdf, pdf.getLength()); String text = null; @@ -583,7 +596,7 @@ public class VerificationFilterImpl implements VerificationFilter SignaturesAndOld sao = extractSignaturesAndOld(text); - if((sao != null)&&(sao.oldSignature != null)) { + if ((sao != null) && (sao.oldSignature != null)) { sig_detected = true; } } @@ -591,7 +604,7 @@ public class VerificationFilterImpl implements VerificationFilter Iterator it = blocks.iterator(); String prev_text = null; - + while (it.hasNext()) { boolean sig_in_current_block = false; @@ -607,7 +620,7 @@ public class VerificationFilterImpl implements VerificationFilter throw new VerificationFilterException(e); } - if(prev_text == null) { + if (prev_text == null) { prev_text = text; } else { String texttmp = text.substring(prev_text.length()); diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java b/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java index b7fcb96..97929af 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java @@ -18,6 +18,11 @@ package at.knowcenter.wag.egov.egiz.cfg; +import iaik.asn1.ObjectID; +import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; +import iaik.utils.RFC2253NameParser; + import java.io.File; import java.io.FileInputStream; import java.io.IOException; @@ -681,5 +686,13 @@ public class SettingsReader implements Serializable CONFIG_PATH = RESOURCES_PATH + CFG + FILE_SEP; CERT_PATH = RESOURCES_PATH + CERT + FILE_SEP; } + + static { + IAIK.addAsProvider(); + ECCProvider.addAsProvider(); + // Does not conform with PKIX, but is used by belgium citizen card +// log.info("Registering RDN \"SERIALNUMBER\" as " + ObjectID.serialNumber + "."); + RFC2253NameParser.register("SERIALNUMBER", ObjectID.serialNumber); + } } \ No newline at end of file diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactory.java b/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactory.java index a54d861..3aa16bf 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactory.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/ldap/api/LDAPAPIFactory.java @@ -1,10 +1,5 @@ package at.knowcenter.wag.egov.egiz.ldap.api; -import iaik.asn1.ObjectID; -import iaik.security.ecc.provider.ECCProvider; -import iaik.security.provider.IAIK; -import iaik.utils.RFC2253NameParser; - import org.apache.log4j.Logger; import at.knowcenter.wag.egov.egiz.ldap.client.LDAPIssuerNameFilter; @@ -19,12 +14,6 @@ public abstract class LDAPAPIFactory { private final Logger log = Logger.getLogger(LDAPAPIFactory.class); protected LDAPAPIFactory() { - IAIK.addAsProvider(); - ECCProvider.addAsProvider(); - - // Does not conform with PKIX, but is used by belgium citizen card -// log.info("Registering RDN \"SERIALNUMBER\" as " + ObjectID.serialNumber + "."); - RFC2253NameParser.register("SERIALNUMBER", ObjectID.serialNumber); } public static synchronized LDAPAPIFactory getInstance(LDAPIssuerNameFilter ldapIssuerNameFilter) { diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java b/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java index bf233a8..1390202 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/ldap/client/LDAPClientFactoryImpl.java @@ -69,8 +69,11 @@ public final class LDAPClientFactoryImpl extends LDAPClientFactory { } public synchronized LDAPClient createClient(String issuerName) throws LDAPException { - if (issuerName == null || issuerName.length() == 0) { - throw new NullPointerException("Issuer name must not be null or empty."); + if (issuerName == null) { + throw new NullPointerException("Issuer name must not be null."); + } + if (issuerName.length() == 0) { + throw new IllegalArgumentException("Issuer name must not be empty."); } LDAPClient ldapClient = (LDAPClient) ldapClients.get(issuerName); if (ldapClient == null) { diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/EGIZDate.java b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/EGIZDate.java index a9463b2..ddbea0b 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/EGIZDate.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/EGIZDate.java @@ -164,9 +164,17 @@ public class EGIZDate { LOG.debug("Parsing date string \"" + date_value + "\" returns: " + date); + +// return new EGIZDate(calendar.get(Calendar.YEAR), calendar +// .get(Calendar.MONTH), calendar.get(Calendar.DAY_OF_MONTH), +// calendar.get(Calendar.HOUR), calendar.get(Calendar.MINUTE), +// calendar.get(Calendar.SECOND)); + + // fixed by tknall: really bad bug: Calendar.HOUR means hour in 12-hour-mode instead f 24-hour. !!!! + // this leads to false comparison of two dates where one date is prior noon and one after noon. return new EGIZDate(calendar.get(Calendar.YEAR), calendar .get(Calendar.MONTH), calendar.get(Calendar.DAY_OF_MONTH), - calendar.get(Calendar.HOUR), calendar.get(Calendar.MINUTE), + calendar.get(Calendar.HOUR_OF_DAY), calendar.get(Calendar.MINUTE), calendar.get(Calendar.SECOND)); } -- cgit v1.2.3