From ed0667e0873d4103f1385dcbc8be3c46fe0ae2d8 Mon Sep 17 00:00:00 2001
From: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>
Date: Wed, 19 Jun 2013 10:29:33 +0200
Subject: Added SHA256 hash calculation of original document do prevent
 application document injection

---
 .../src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper')

diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java
index cddd073..4dbe6f0 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java
@@ -262,7 +262,7 @@ public class SignServletHelper
       byte [] signed_pdf = si.signedPdf;
       HttpSession session = request.getSession();
       
-      PDFContainer entry = new PDFContainer(signed_pdf, si.exappinf.pdf_id);
+      PDFContainer entry = new PDFContainer(signed_pdf, si.exappinf.pdf_id, si.plainPDFDigest);
       ProvidePDFServlet.signedDocuments.add(entry);
 
       // notify webapp...
-- 
cgit v1.2.3