From ed0667e0873d4103f1385dcbc8be3c46fe0ae2d8 Mon Sep 17 00:00:00 2001
From: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>
Date: Wed, 19 Jun 2013 10:29:33 +0200
Subject: Added SHA256 hash calculation of original document do prevent
application document injection
---
.../main/java/at/gv/egiz/pdfas/web/FormFields.java | 2 +
.../java/at/gv/egiz/pdfas/web/PDFContainer.java | 4 +-
.../egiz/pdfas/web/helper/SignServletHelper.java | 2 +-
.../egiz/pdfas/web/servlets/ProvidePDFServlet.java | 30 +-
.../at/gv/egiz/pdfas/web/servlets/SignServlet.java | 1630 ++++++++++----------
.../pdfas/web/session/SignSessionInformation.java | 2 +
6 files changed, 862 insertions(+), 808 deletions(-)
(limited to 'pdf-as-web/src/main/java/at')
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/FormFields.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/FormFields.java
index 9c95838..0888d7b 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/FormFields.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/FormFields.java
@@ -153,6 +153,8 @@ public abstract class FormFields
public static final String FIELD_MOBILETEST_ENABLED = "mobiletestenabled";
+ public static final String FIELD_ORIGINAL_DIGEST = "origdigest";
+
/**
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/PDFContainer.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/PDFContainer.java
index 9bfd70f..5099f8d 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/PDFContainer.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/PDFContainer.java
@@ -27,11 +27,13 @@ public class PDFContainer {
public long id;
public byte[] pdf;
+ public String originalDigest;
- public PDFContainer(byte[] pdf, long id) {
+ public PDFContainer(byte[] pdf, long id, String originalDigest) {
this.id = id;
this.pdf = pdf;
+ this.originalDigest = originalDigest;
}
public boolean equals(Object pc) {
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java
index cddd073..4dbe6f0 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/SignServletHelper.java
@@ -262,7 +262,7 @@ public class SignServletHelper
byte [] signed_pdf = si.signedPdf;
HttpSession session = request.getSession();
- PDFContainer entry = new PDFContainer(signed_pdf, si.exappinf.pdf_id);
+ PDFContainer entry = new PDFContainer(signed_pdf, si.exappinf.pdf_id, si.plainPDFDigest);
ProvidePDFServlet.signedDocuments.add(entry);
// notify webapp...
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java
index 60c5d41..234640b 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ProvidePDFServlet.java
@@ -66,6 +66,8 @@ public class ProvidePDFServlet extends HttpServlet {
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String pdfIdString = request.getParameter(FormFields.FIELD_PDF_ID);
+ String plainPDFDigest = request.getParameter(FormFields.FIELD_ORIGINAL_DIGEST);
+
HttpSession session = request.getSession();
if (pdfIdString == null) {
@@ -85,6 +87,14 @@ public class ProvidePDFServlet extends HttpServlet {
// Popup-Blocker, Link-Prefetching, IE 9 SmartScreen-Filter...???
// session.removeAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT);
log.debug("Returning signed pdf to browser.");
+ if(plainPDFDigest != null) {
+ if(!plainPDFDigest.equalsIgnoreCase(si.plainPDFDigest)) {
+ log.error("PDF Digests don't match!");
+ log.error("Requested digest: " + plainPDFDigest);
+ log.error("Saved digest: " + si.plainPDFDigest);
+ return;
+ }
+ }
SignServletHelper.returnSignResponse(si, request, response);
log.debug("Removing free text (if any) from session.");
session.removeAttribute(UpdateFormServlet.UPLOADFORM_FREETEXT_KEY);
@@ -93,32 +103,38 @@ public class ProvidePDFServlet extends HttpServlet {
} else {
long pdfId = Long.parseLong(pdfIdString);
- byte[] pdf = null;
-
+ PDFContainer pdf = null;
synchronized (signedDocuments) {
Iterator it = signedDocuments.iterator();
while (it.hasNext() && pdf == null) {
PDFContainer current = (PDFContainer) it.next();
if (current.id == pdfId) {
- pdf = current.pdf;
+ pdf = current;
signedDocuments.remove(current);
}
}
}
- if (pdf != null) {
+ if (pdf != null && pdf.pdf != null) {
try {
-
+ if(plainPDFDigest != null) {
+ if(!plainPDFDigest.equalsIgnoreCase(pdf.originalDigest)) {
+ log.error("PDF Digests don't match! 1");
+ log.error("Requested digest: " + plainPDFDigest);
+ log.error("Saved digest: " + pdf.originalDigest);
+ return;
+ }
+ }
SignServletHelper.disableBrowserCacheForResponse(response);
response.setContentType("application/pdf");
- response.setContentLength(pdf.length);
+ response.setContentLength(pdf.pdf.length);
//SignSessionInformation si = (SignSessionInformation)session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION);
String filename = (String)session.getAttribute(SignServlet.SUBMITFORM_FILENAME_KEY);
response.setHeader("Content-disposition", "attachment; filename=\""+filename+"\"");
- InputStream is = new ByteArrayInputStream(pdf);
+ InputStream is = new ByteArrayInputStream(pdf.pdf);
final int bufferSize = 1024;
byte[] buffer = new byte[bufferSize];
int len = -1;
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SignServlet.java
index cd2c38a..19b729a 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SignServlet.java
@@ -33,6 +33,8 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URL;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
import java.util.Iterator;
import java.util.List;
@@ -44,6 +46,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
+import org.apache.commons.codec.binary.Hex;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
@@ -78,807 +81,836 @@ import com.lowagie.text.DocumentException;
* This method is the sign servlet for the pdf-as web application. It takes get
* and post requests fill out jsp templates and give the user feedback about the
* results of the sign process
- *
+ *
* @author wlackner
* @author wprinz
*/
-public class SignServlet extends HttpServlet
-{
-
- /**
- * SVUID.
- */
- private static final long serialVersionUID = -4156938216903740438L;
-
- /**
- * The log.
- */
- private static Log log = LogFactory.getLog(SignServlet.class);
-
-
-
- public static final String SUBMITFORM_SIGNATURE_TYPE_KEY = "signupload.jsp:signatureType";
- public static final String SUBMITFORM_SIGNATURE_MODE_KEY = "signupload.jsp:signatureMode";
- public static final String SUBMITFORM_SIGNATURE_DEVICE_KEY = "signupload.jsp:signatureKey";
- public static final String SUBMITFORM_PDFA_KEY = "signupload.jsp:pdfaKey";
- public static final String SUBMITFORM_SOURCE_KEY = "signupload.jsp:sourceKey";
- public static final String SUBMITFORM_FREETEXT_KEY = "signupload.jsp:freeTextKey";
- public static final String SUBMITFORM_NOTE_KEY = "signupload.jsp:noteKey";
- public static final String SUBMITFORM_FILE_KEY = "signupload.jsp:fileKey";
- public static final String SUBMITFORM_FILENAME_KEY = "signupload.jsp:filenameKey";
- public static final String SUBMITFORM_PREVIEW = "signupload.jsp:previewKey";
-
-
-
-
- //Added by rpiazzi to know if an error occured within IFrame because this calls for
- //a different display of the error
- public static final String ERROR_WITHIN_IFRAME = "error_within_iframe";
- //Added by rpiazzi to know the height of the div's in further jsp's
- public static final String HEIGHT_SIGN_DIV = "height_sign_div";
- //Added by rpiazzi
- public static HttpSession session = null;
-
- protected void dispatch(HttpServletRequest request, HttpServletResponse response, String resource) throws ServletException, IOException
- {
- dispatch(request, response, resource, getServletContext());
- }
-
- protected static void dispatch(HttpServletRequest request, HttpServletResponse response, String resource, ServletContext context) throws ServletException, IOException
- {
- response.setContentType("text/html");
- response.setCharacterEncoding("UTF-8");
-
- RequestDispatcher disp = context.getRequestDispatcher(resource);
- disp.forward(request, response);
- }
-
- /**
- * Processes the sign upload.
- *
- * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest,
- * javax.servlet.http.HttpServletResponse)
- */
- public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
- {
- UploadedData ud = null;
- ExternAppInformation exappinf = null;
- SignaturePositioning sigpos = null;
-
-
- // for performance measurement
- long startTime = System.currentTimeMillis();
-
- // check if pdf-as has been called by external webapp
- if (request.getParameter(FormFields.FIELD_PDF_URL) != null)
- {
- String preview = (String) request.getParameter(FormFields.FIELD_PREVIEW);
- String sig_type = (String) request.getParameter(FormFields.FIELD_SIGNATURE_TYPE);
- String sig_app = (String) request.getParameter(FormFields.FIELD_CONNECTOR);
- String sig_mode = (String) request.getParameter(FormFields.FIELD_MODE);
- String filename = (String) request.getParameter(FormFields.FIELD_FILENAME);
- String pdf_url = (String) request.getParameter(FormFields.FIELD_PDF_URL);
- String pdf_id = (String) request.getParameter(FormFields.FIELD_PDF_ID);
- String invoke_url = (String) request.getParameter(FormFields.FIELD_INVOKE_APP_URL);
- String invoke_error_url = (String) request.getParameter(FormFields.FIELD_INVOKE_APP_ERROR_URL);
- String session_id = (String) request.getParameter(FormFields.FIELD_SESSION_ID);
- String sig_pos_y = (String) request.getParameter(FormFields.FIELD_SIGPOS_Y);
- String sig_pos_p = (String) request.getParameter(FormFields.FIELD_SIGPOS_P);
- String sig_pos_x = (String) request.getParameter(FormFields.FIELD_SIGPOS_X);
- String sig_pos_w = (String) request.getParameter(FormFields.FIELD_SIGPOS_W);
- String note = (String) request.getParameter(FormFields.FIELD_NOTE_ENABLED);
-
- //Added by rpiazzi
- log.debug("Received external request from "+request.getRemoteAddr());
- log.debug("Parameter preview: "+preview);
- log.debug("Parameter sig_type: "+sig_type);
- log.debug("Parameter sig_app: "+sig_app);
- log.debug("Parameter sig_mode: "+sig_mode);
- log.debug("Parameter filename: "+filename);
- log.debug("Parameter pdf_url: "+pdf_url);
- log.debug("Parameter pdf_id: "+pdf_id);
- log.debug("Parameter invoke_url: "+invoke_url);
- log.debug("Parameter invoke_error_url: "+invoke_error_url);
- log.debug("Parameter session_id: "+session_id);
- log.debug("Parameter sig_pos_y: "+sig_pos_y);
- log.debug("Parameter sig_pos_p: "+sig_pos_p);
- log.debug("Parameter sig_pos_x: "+sig_pos_x);
- log.debug("Parameter sig_pos_w: "+sig_pos_w);
- log.debug("Parameter note: "+note);
- //end added
-
- session = request.getSession(true);
-
- session.setAttribute(SignServlet.SUBMITFORM_FILENAME_KEY, filename);
-
- // added by tknall
- if (sig_pos_y != null && sig_pos_p != null && sig_pos_x != null) {
- if (sig_pos_w != null) {
- try
- {
- sigpos = new SignaturePositioning("x:" + sig_pos_x + ";y:" + sig_pos_y + ";w:"+ sig_pos_w + ";p:" + sig_pos_p);
- }
- catch (PDFDocumentException e)
- {
- log.warn("Unable to create signature position object: " + e.getMessage(), e);
- }
- }
- else {
- try
- {
- sigpos = new SignaturePositioning("x:" + sig_pos_x + ";y:" + sig_pos_y + ";p:" + sig_pos_p);
- }
- catch (PDFDocumentException e)
- {
- log.warn("Unable to create signature position object: " + e.getMessage(), e);
- }
- }
- } else {
- log.debug("No signature position provided.");
- }
-
-
- // if we already have parameters "&" must be used instead of "?"
- String paramSeparator = (pdf_url.indexOf("?") != -1) ? "&" : "?";
- String query = pdf_url + "/" + filename + paramSeparator + FormFields.FIELD_PDF_ID + "=" + pdf_id;
- //query = pdf_url;
-
- log.debug("Query string for loading pdf: "+query);
-
- // wprinz: rem: this allocation is useless
- // byte[] extern_pdf = new byte[Integer.parseInt(pdf_length)];
- URL source_url = new URL(query);
- InputStream is = source_url.openStream();
-
- // extern_pdf = toByteArray(is);
-
- // set UploadedData object...
- UploadedData ud_extern = new UploadedData();
-
- ud_extern.file_name = filename;
- ud_extern.pdfDataSource = new ByteArrayPdfDataSource(IOUtils.toByteArray(is));
-
- ud_extern.preview = "true".equalsIgnoreCase(preview);
- ud_extern.sig_app = sig_app;
- ud_extern.sig_mode = sig_mode;
- ud_extern.sig_type = sig_type;
-
- if (note!=null) {
- if (note.equals("true")) {
- ud_extern.note=true;
- ud_extern.sig_type = ud_extern.sig_type + "_NOTE";
- }
- else {
- ud_extern.note=false;
- }
- }
- else {
- ud_extern.note=true;
- ud_extern.sig_type = ud_extern.sig_type + "_NOTE";
- }
-
-
- ud_extern.pdfa = false;
-
- ud = ud_extern;
-
- exappinf = new ExternAppInformation(invoke_url, pdf_id, session_id, invoke_error_url);
-
- }
- else
- {
- try
- {
- // tzefferer: modified
- // UploadedData ud = retrieveUploadedDataFromRequest(request);
-
- UploadedData ud_form = retrieveUploadedDataFromRequest(request);
- ud = ud_form;
- // end modify
-
- }
- catch (PdfAsException e)
- {
- log.error(e);
-
- //Added by rpiazzi to check if this attribute is still null
- HttpSession session = request.getSession();
- String error_within_iframe = (String)session.getAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY);
- if (error_within_iframe==null) {
- session.setAttribute(SignServlet.ERROR_WITHIN_IFRAME, "no");
- }
- //end added
-
- prepareDispatchToErrorPage(e, request);
- dispatch(request, response, "/jsp/error.jsp");
-
-
-
-
- return;
- }
- catch (FileUploadException e) {
- log.error(e);
-
- //Added by rpiazzi to check if this attribute is still null
- HttpSession session = request.getSession();
- String error_within_iframe = (String)session.getAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY);
- if (error_within_iframe==null) {
- session.setAttribute(SignServlet.ERROR_WITHIN_IFRAME, "no");
- }
- //end added
-
- request.setAttribute("error", e.getMessage());
- request.setAttribute("cause", e.getCause());
- request.setAttribute("resourcebundle", Boolean.TRUE);
- dispatch(request, response, "/jsp/error.jsp");
- }
- catch (IOException e) {
- log.error(e);
-
- //Added by rpiazzi to check if this attribute is still null
- HttpSession session = request.getSession();
- String error_within_iframe = (String)session.getAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY);
- if (error_within_iframe==null) {
- session.setAttribute(SignServlet.ERROR_WITHIN_IFRAME, "no");
- }
- //end added
-
- request.setAttribute("error", e.getMessage());
- request.setAttribute("cause", e.getCause());
- request.setAttribute("resourcebundle", Boolean.TRUE);
- dispatch(request, response, "/jsp/error.jsp");
- }
- }
- try
- {
- // not needed, that is done in sign()
- // ud.pdfDataSource = PdfAS.applyStrictMode(ud.pdfDataSource);
-
- session = request.getSession(true);
-
- SignSessionInformation si = new SignSessionInformation(); // SessionTable.generateSessionInformationObject();
- si.connector = ud.sig_app;
-
- if ((ud.mobileTestEnabled) && (si.connector.equals("mobile"))) {
- si.connector = Constants.SIGNATURE_DEVICE_MOBILETEST;
- session.setAttribute(SignServlet.SUBMITFORM_SIGNATURE_DEVICE_KEY, si.connector);
- }
-
- si.application = "sign";
- si.mode = ud.sig_mode;
- si.pdfDataSource = ud.pdfDataSource;
- si.type = ud.sig_type;
-
- si.filename = formatFileName(ud.file_name);
-
- si.download_inline = ud.download_inline;
- si.pdfa = ud.pdfa;
- si.note = ud.note;
-
- // added tzefferer:
- si.exappinf = exappinf;
- si.pos = sigpos;
- // end add
-
- // added afitzek
- si.startTime = startTime;
-
- log.info("Putting signature data into session " + session.getId());
- session.setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si);
-
- // String user_name = (String)
- // request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_NAME);
- // String user_password = (String)
- // request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_PASSWORD);
- // si.user_name = user_name;
- // si.user_password = user_password;
-
- SignServletHelper.prepareSign(ApiHelper.getPdfAsFromContext(getServletContext()), si);
-
- //comment out by rpiazzi because preview has now its own Servlet
- /*if (ud.preview)
- {
- String submit_url = response.encodeURL(request.getContextPath() + "/SignPreview");
- String signature_data_url = response.encodeURL(WebUtils.buildRetrieveSignatureDataURL(request, response));
-
- request.setAttribute("submit_url", submit_url);
- request.setAttribute("signature_data_url", signature_data_url);
- if (si.mode.equals(FormFields.VALUE_MODE_TEXTUAL)){
- request.setAttribute("document_text", ((TextBased)si.sdi.getSignatureData()).getText());
- }
-
- dispatch(request, response, "/jsp/signpreview.jsp");
-
- return;
- }*/
-
-
- SignServletHelper.finishSign(si, request, response, getServletContext());
-
- }
- catch (PresentableException e)
- {
- log.error(e.getMessage(), e);
- prepareDispatchToErrorPage(e, request);
- dispatch(request, response, "/jsp/error.jsp");
- } catch (Exception e) {
- log.error(e.getMessage(), e);
- PresentableException pe = new PresentableException(ErrorCode.UNKNOWN_ERROR, e);
- prepareDispatchToErrorPage(pe, request);
- dispatch(request, response, "/jsp/error.jsp");
- }
- }
-
- // tzefferer:added
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
- {
- HttpSession session = request.getSession();
- doPost(request, response);
- }
- // end add
-
- protected UploadedData retrieveUploadedDataFromRequest(HttpServletRequest request) throws ServletException, UnsupportedEncodingException, FileUploadException, PDFDocumentException, IOException
- {
- DiskFileItemFactory fif = new DiskFileItemFactory();
- fif.setRepository(WebSettingsReader.getTemporaryDirectory());
- ServletFileUpload sfu = new ServletFileUpload(fif);
-
- List items = sfu.parseRequest(request);
-
- //FileItem preview_fi = null;
- FileItem mode_fi = null;
- FileItem file_upload_fi = null;
- //FileItem download_fi = null;
- FileItem freeText_fi = null;
- FileItem source_fi = null;
- FileItem sig_type_fi = null;
- FileItem sig_app_fi = null;
-
- boolean pdfaEnabled=false;
- boolean noteEnabled=false;
- String sig_type="";
- String sig_app="";
- String mode="";
- String doc_file_name;
- DataSource pdfDataSource;
- boolean mobileTestEnabled=false;
-
- Iterator it = items.iterator();
- session = request.getSession(true);
-
-
-
- //Added by rpiazzi. If servlet was called for preview data was already written into
- //session.
- //Now commented out because the preview function is no more supported
- /*if ((((FileItem)items.get(0)).getFieldName().equals(SignServlet.SUBMITFORM_PREVIEW))) {
- FileItem fi = (FileItem)items.get(1);
-
- sig_app_fi = fi;
- session.setAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY, sig_app_fi.getString("UTF-8"));
-
- if (((String)session.getAttribute(SUBMITFORM_PDFA_KEY))!=null) {
- if (((String)session.getAttribute(SUBMITFORM_PDFA_KEY)).equals("on")) {
- pdfaEnabled = true;
- }
- }
- if (((String)session.getAttribute(SUBMITFORM_NOTE_KEY))!=null) {
- if (((String)session.getAttribute(SUBMITFORM_NOTE_KEY)).equals("on")) {
- noteEnabled = true;
- }
- }
-
- sig_type = (String)session.getAttribute(SUBMITFORM_SIGNATURE_TYPE_KEY);
- sig_app = sig_app_fi.getString("UTF-8");
-
- mode = (String)session.getAttribute(SUBMITFORM_SIGNATURE_MODE_KEY);
- doc_file_name = (String)session.getAttribute(SUBMITFORM_FILENAME_KEY);
- pdfDataSource = (DataSource)session.getAttribute(SUBMITFORM_FILE_KEY);
-
- }
- //end added
- else {*/
-
- //Added by rpiazzi to check wheter local bku button was hit. In this case the parameters
- //were already put into session because before local bku, online bku has to be called
- //and therefore this servlet was already called.
- //First check if one submitted parameter is the local bku button.
- boolean localFound = false;
- int positionLocal = 0;
- while (it.hasNext()) {
- if (((FileItem)it.next()).getFieldName().equals(FormFields.FIELD_CONNECTOR_LOCALBKU)) {
- localFound = true;
- break;
- }
- positionLocal++;
- }
-
- if (localFound) {
-
- session.setAttribute(SignServlet.ERROR_WITHIN_IFRAME, "no");
- pdfaEnabled = "on".equalsIgnoreCase((String)session.getAttribute(SUBMITFORM_PDFA_KEY));
- sig_type = (String)session.getAttribute(SUBMITFORM_SIGNATURE_TYPE_KEY);
- noteEnabled = "on".equalsIgnoreCase((String)session.getAttribute(SUBMITFORM_NOTE_KEY));
-
- session.setAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY, "bku");
- sig_app = "bku";
- mode = (String)session.getAttribute(SUBMITFORM_SIGNATURE_MODE_KEY);
- doc_file_name = (String)session.getAttribute(SUBMITFORM_FILENAME_KEY);
- pdfDataSource = (DataSource)session.getAttribute(SUBMITFORM_FILE_KEY);
- }
- //end added
- //else get settings from form fields
- else {
- session.setAttribute(SignServlet.ERROR_WITHIN_IFRAME, "yes");
- it = items.iterator();
- while (it.hasNext())
- {
- FileItem item = (FileItem) it.next();
- log.debug("item = " + item.getFieldName()); //$NON-NLS-1$
-
- if (log.isDebugEnabled())
- {
- if (item.isFormField())
- {
- String item_string = item.getString("UTF-8"); //$NON-NLS-1$
- log.debug(" form field string = " + item_string); //$NON-NLS-1$
- }
- else
- {
- log.debug(" filename = " + item.getName()); //$NON-NLS-1$
- log.debug(" filesize = " + item.getSize()); //$NON-NLS-1$
- }
- }
-
- if (item.getFieldName().equals(FormFields.FIELD_SIGNATURE_TYPE))
- {
- sig_type_fi = item;
- session.setAttribute(SUBMITFORM_SIGNATURE_TYPE_KEY, item.getString("UTF-8"));
- sig_type=item.getString("UTF-8");
- continue;
- }
-
- if ((item.getFieldName().equals(FormFields.FIELD_CONNECTOR_SMARTCARD)) || (item.getFieldName().equals(FormFields.FIELD_CONNECTOR_MOBILE)) || (item.getFieldName().equals(FormFields.FIELD_CONNECTOR_LOCALBKU))) {
- if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR_SMARTCARD)) {
- session.setAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY, "moc");
- sig_app = "moc";
- }
- if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR_MOBILE)) {
- session.setAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY, "mobile");
- sig_app = "mobile";
- }
- if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR_LOCALBKU)) {
- session.setAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY, "bku");
- sig_app = "bku";
- }
- continue;
- }
-
- if (item.getFieldName().equals(FormFields.FIELD_MODE))
- {
- mode_fi = item;
- session.setAttribute(SUBMITFORM_SIGNATURE_MODE_KEY, mode_fi.getString("UTF-8"));
- continue;
- }
-
- if (item.getFieldName().equals(FormFields.FIELD_SOURCE_FILE))
- {
- //changed by rpiazzi
- //Item always contains something as it is just hidden by javascript
- // because of this just set the value if not empty
- if (item!=null) {
- file_upload_fi = item;
- }
- continue;
-
- }
-
- //Added by rpiazzi to ignore the form fields for the inactive mode
- //but not more needed
- /*if (item.getFieldName().equals(FormFields.FIELD_MODE_INACTIVE)) {
- continue;
- }*/
- //end added
-
- /*Commented out by rpiazzi because not more needed
- * if (item.getFieldName().equals(FormFields.FIELD_DOWNLOAD))
- {
- download_fi = item;
- continue;
- }*/
-
- if (FormFields.FIELD_PDFA_ENABLED.equals(item.getFieldName())) {
- if (item.getString("UTF-8")!=null) {
- session.setAttribute(SUBMITFORM_PDFA_KEY, "on");
- pdfaEnabled=true;
- }
- else {
- session.setAttribute(SUBMITFORM_PDFA_KEY, "off");
- pdfaEnabled=false;
- }
- continue;
- }
-
- if (FormFields.FIELD_SOURCE_FREETEXT.equals(item.getFieldName())) {
- freeText_fi = item;
- String value = freeText_fi.getString("UTF-8");
- if (value != null) {
- session.setAttribute(SUBMITFORM_FREETEXT_KEY, value);
- }
- continue;
- }
-
- if (FormFields.FIELD_SOURCE.equals(item.getFieldName())) {
- source_fi = item;
- session.setAttribute(SUBMITFORM_SOURCE_KEY, item.getString("UTF-8"));
- continue;
- }
-
- //Added by rpiazzi. Feature added for inserting note into signature block
- if (FormFields.FIELD_NOTE_ENABLED.equals(item.getFieldName())) {
- if (item.getString("UTF-8")!=null) {
- session.setAttribute(SUBMITFORM_NOTE_KEY, "on");
- noteEnabled=true;
- }
- else {
- session.setAttribute(SUBMITFORM_NOTE_KEY, "off");
- noteEnabled=false;
- }
- continue;
- }
- //end added
-
- //Added by rpiazzi to let later jsp's know the height of the div elements
- if (FormFields.FIELD_HEIGHT_SIGNDIV.equals(item.getFieldName())) {
- session.setAttribute(HEIGHT_SIGN_DIV, item.getString("UTF-8"));
- continue;
- }
- //end added
-
- if (FormFields.FIELD_MOBILETEST_ENABLED.equals(item.getFieldName())) {
- if (item.getString("UTF-8")!=null) {
- if (item.getString("UTF-8").equals("on")) {
- mobileTestEnabled=true;
- }
- }
- continue;
- }
-
- throw new ServletException("Unrecognized POST data."); //$NON-NLS-1$
-
- }
-
- if (sig_type_fi == null || (file_upload_fi == null && freeText_fi== null))
- {
- throw new ServletException("Insufficient data provided in request"); //$NON-NLS-1$
- }
-
- mode = mode_fi.getString("UTF-8"); //$NON-NLS-1$
- if (!mode.equals(FormFields.VALUE_MODE_BINARY) && !mode.equals(FormFields.VALUE_MODE_TEXTUAL) && !mode.equals(FormFields.VALUE_MODE_DETACHED))
- {
- throw new ServletException("The mode '" + mode + "' is unrecognized."); //$NON-NLS-1$ //$NON-NLS-2$
- }
-
-
- //Commented out by rpiazzi because not more needed
- /*boolean download_inline = true;
- if (download_fi.getString("UTF-8").equals(FormFields.VALUE_DOWNLOAD_ATTACHMENT)) //$NON-NLS-1$
- {
- download_inline = false;
- }*/
-
-
- // distinguish between file and freetext
- if (source_fi.getString("UTF-8").equals(FormFields.VALUE_SOURCE_FILE)) {
- log.debug("Processing file.");
- File f = new File(file_upload_fi.getName());
- doc_file_name = f.getName();
- log.debug("file content type =" + file_upload_fi.getContentType()); //$NON-NLS-1$
-
- String extension = VerifyServlet.extractExtension(doc_file_name);
- if (extension != null && !extension.equals("pdf")) //$NON-NLS-1$
- {
- throw new PDFDocumentException(201, "The provided file '" + doc_file_name + "' doesn't have the PDF extension (.pdf)."); //$NON-NLS-1$//$NON-NLS-2$
- }
-
- if (file_upload_fi.getSize() <= 0)
- {
- throw new PDFDocumentException(250, "The document is empty."); //$NON-NLS-1$
- }
-
- try
- {
- pdfDataSource = new ByteArrayPdfDataSource(IOUtils.toByteArray(file_upload_fi.getInputStream()));
- session.setAttribute(SUBMITFORM_FILE_KEY, pdfDataSource);
- session.setAttribute(SUBMITFORM_FILENAME_KEY, doc_file_name);
- }
- catch (IOException e)
- {
- throw new PDFDocumentException(201, "Couldn't store the file in the temp dir.", e);
- }
- } else {
- log.debug("Processing free text.");
- try {
- byte[] freeTextPDF = IText.createPDF(freeText_fi.getString("UTF-8"), pdfaEnabled);
- pdfDataSource = new ByteArrayPdfDataSource(freeTextPDF);
- doc_file_name = IText.DEFAULT_FILENAME;
- session.setAttribute(SUBMITFORM_FILE_KEY, pdfDataSource);
- session.setAttribute(SUBMITFORM_FILENAME_KEY, doc_file_name);
- } catch (DocumentException e) {
- throw new PDFDocumentException(201, "Unable to create PDF document.", e);
- } catch (IOException e) {
- throw new PDFDocumentException(201, "Unable to create PDF document.", e);
- }
-
- //}
- // byte[] pdf = file_upload_fi.get();
- }
- }
-
-
-
-
-
-
- UploadedData ud = new UploadedData();
-
- ud.preview = false;
- ud.pdfa = pdfaEnabled;
- ud.download_inline = false;
- ud.sig_type = sig_type;
- ud.sig_app = sig_app;
- ud.sig_mode = mode;
- ud.file_name = doc_file_name;
- ud.pdfDataSource = pdfDataSource;
- ud.note = noteEnabled;
-
- //Added by rpiazzi
- if (ud.note && !ud.sig_type.contains("NOTE")) {
- ud.sig_type += "_NOTE";
- session.setAttribute(SUBMITFORM_SIGNATURE_TYPE_KEY, ud.sig_type);
- }
-
- if (mobileTestEnabled) {
- ud.mobileTestEnabled=true;
- }
-
- //end added
-
- return ud;
- }
-
-
-
-
-
- public static void prepareDispatchToErrorPage(PdfAsException pe, HttpServletRequest request)
- {
- request.setAttribute("PresentableException", pe);
-// if (pe instanceof ErrorCodeException)
-// {
- request.setAttribute("error", "Fehler " + pe.getErrorCode());
-
- String cause = ErrorCodeHelper.getMessageForErrorCode(pe.getErrorCode());
-
- if (pe instanceof ExternalErrorException)
- {
- ExternalErrorException eee = (ExternalErrorException) pe;
- cause = eee.getExternalErrorCode() + ": " + eee.getExternalErrorMessage();
- }
- request.setAttribute("cause", cause);
-
- if (pe.getErrorCode() == ErrorCode.PLACEHOLDER_EXCEPTION)
- {
- PlaceholderException phe = null;
- if (pe instanceof PlaceholderException)
- {
- phe = (PlaceholderException) pe;
- }
- else
- {
- phe = (PlaceholderException) pe.getCause();
- }
-
- request.setAttribute("cause", "Der Platzhalter des Feldes " + phe.getField() + " ist um " + phe.getMissing() + " Bytes zu kurz. " + cause);
- }
-
- //Added by rpiazzi to know if error happened when request was within iframe
- //In this case the visualization of the error has to be done differently
- /*HttpSession session = request.getSession();
- if (((String)session.getAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY)).equals(Constants.SIGNATURE_DEVICE_BKU)) {
- request.setAttribute(ERROR_WITHIN_IFRAME, "no");
- }
- else {
- request.setAttribute(ERROR_WITHIN_IFRAME, "yes");
- }*/
- //end added
-
-
-// }
-// else
-// {
-// request.setAttribute("error", "PresentableException");
-// request.setAttribute("cause", pe.toString());
-// }
- }
-
- /**
- * Formats the file name so that it is suitable for content disposition.
- *
- * @param file_name
- * The file name.
- * @return Returns the formatted file name.
- */
- public static String formatFileName(String file_name)
- {
- File file = new File(file_name);
- String file_name_only = file.getName();
- // the file_name contains \\ ==> remove them so Internet Explorer works
- // correctly.
- return file_name_only;
- }
-
-
-
-
-
- // tzefferer: added
- public static byte[] toByteArray(InputStream inputStream) throws IOException
- {
-
- if (inputStream == null)
- {
- return null;
- }
-
- ByteArrayOutputStream out = new ByteArrayOutputStream(8192);
- int n;
- byte[] buffer = new byte[2048];
- BufferedInputStream bufIn = new BufferedInputStream(inputStream);
- try
- {
- while ((n = bufIn.read(buffer)) != -1)
- {
- out.write(buffer, 0, n);
- }
- }
- finally
- {
- if (bufIn != null)
- {
- bufIn.close();
- }
- }
- return out.toByteArray();
- }
-
- // end add
-
- protected static class UploadedData
- {
- protected boolean preview = false;
-
- protected boolean pdfa = false;
-
- protected boolean download_inline = false;
-
- protected String sig_type = null;
-
- protected String sig_app = null;
-
- protected String sig_mode = null;
-
- protected String file_name = null;
-
- protected DataSource pdfDataSource = null;
-
- protected boolean mobileTestEnabled = false;
-
- //added by rpiazzi
- protected boolean note = false;
- // protected byte[] pdf = null;
- }
+public class SignServlet extends HttpServlet {
+
+ /**
+ * SVUID.
+ */
+ private static final long serialVersionUID = -4156938216903740438L;
+
+ /**
+ * The log.
+ */
+ private static Log log = LogFactory.getLog(SignServlet.class);
+
+ public static final String SUBMITFORM_SIGNATURE_TYPE_KEY = "signupload.jsp:signatureType";
+ public static final String SUBMITFORM_SIGNATURE_MODE_KEY = "signupload.jsp:signatureMode";
+ public static final String SUBMITFORM_SIGNATURE_DEVICE_KEY = "signupload.jsp:signatureKey";
+ public static final String SUBMITFORM_PDFA_KEY = "signupload.jsp:pdfaKey";
+ public static final String SUBMITFORM_SOURCE_KEY = "signupload.jsp:sourceKey";
+ public static final String SUBMITFORM_FREETEXT_KEY = "signupload.jsp:freeTextKey";
+ public static final String SUBMITFORM_NOTE_KEY = "signupload.jsp:noteKey";
+ public static final String SUBMITFORM_FILE_KEY = "signupload.jsp:fileKey";
+ public static final String SUBMITFORM_FILENAME_KEY = "signupload.jsp:filenameKey";
+ public static final String SUBMITFORM_PREVIEW = "signupload.jsp:previewKey";
+
+ // Added by rpiazzi to know if an error occured within IFrame because this
+ // calls for
+ // a different display of the error
+ public static final String ERROR_WITHIN_IFRAME = "error_within_iframe";
+ // Added by rpiazzi to know the height of the div's in further jsp's
+ public static final String HEIGHT_SIGN_DIV = "height_sign_div";
+ // Added by rpiazzi
+ public static HttpSession session = null;
+
+ protected void dispatch(HttpServletRequest request,
+ HttpServletResponse response, String resource)
+ throws ServletException, IOException {
+ dispatch(request, response, resource, getServletContext());
+ }
+
+ protected static void dispatch(HttpServletRequest request,
+ HttpServletResponse response, String resource,
+ ServletContext context) throws ServletException, IOException {
+ response.setContentType("text/html");
+ response.setCharacterEncoding("UTF-8");
+
+ RequestDispatcher disp = context.getRequestDispatcher(resource);
+ disp.forward(request, response);
+ }
+
+ /**
+ * Processes the sign upload.
+ *
+ * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest,
+ * javax.servlet.http.HttpServletResponse)
+ */
+ public void doPost(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ UploadedData ud = null;
+ ExternAppInformation exappinf = null;
+ SignaturePositioning sigpos = null;
+
+ // for performance measurement
+ long startTime = System.currentTimeMillis();
+
+ String plain_hex_digest = null;
+ MessageDigest md = null;
+ try {
+ md = MessageDigest.getInstance("SHA-256");
+ } catch (NoSuchAlgorithmException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ // check if pdf-as has been called by external webapp
+ if (request.getParameter(FormFields.FIELD_PDF_URL) != null) {
+ String preview = (String) request
+ .getParameter(FormFields.FIELD_PREVIEW);
+ String sig_type = (String) request
+ .getParameter(FormFields.FIELD_SIGNATURE_TYPE);
+ String sig_app = (String) request
+ .getParameter(FormFields.FIELD_CONNECTOR);
+ String sig_mode = (String) request
+ .getParameter(FormFields.FIELD_MODE);
+ String filename = (String) request
+ .getParameter(FormFields.FIELD_FILENAME);
+ String pdf_url = (String) request
+ .getParameter(FormFields.FIELD_PDF_URL);
+ String pdf_id = (String) request
+ .getParameter(FormFields.FIELD_PDF_ID);
+ String invoke_url = (String) request
+ .getParameter(FormFields.FIELD_INVOKE_APP_URL);
+ String invoke_error_url = (String) request
+ .getParameter(FormFields.FIELD_INVOKE_APP_ERROR_URL);
+ String session_id = (String) request
+ .getParameter(FormFields.FIELD_SESSION_ID);
+ String sig_pos_y = (String) request
+ .getParameter(FormFields.FIELD_SIGPOS_Y);
+ String sig_pos_p = (String) request
+ .getParameter(FormFields.FIELD_SIGPOS_P);
+ String sig_pos_x = (String) request
+ .getParameter(FormFields.FIELD_SIGPOS_X);
+ String sig_pos_w = (String) request
+ .getParameter(FormFields.FIELD_SIGPOS_W);
+ String note = (String) request
+ .getParameter(FormFields.FIELD_NOTE_ENABLED);
+
+ // Added by rpiazzi
+ log.debug("Received external request from "
+ + request.getRemoteAddr());
+ log.debug("Parameter preview: " + preview);
+ log.debug("Parameter sig_type: " + sig_type);
+ log.debug("Parameter sig_app: " + sig_app);
+ log.debug("Parameter sig_mode: " + sig_mode);
+ log.debug("Parameter filename: " + filename);
+ log.debug("Parameter pdf_url: " + pdf_url);
+ log.debug("Parameter pdf_id: " + pdf_id);
+ log.debug("Parameter invoke_url: " + invoke_url);
+ log.debug("Parameter invoke_error_url: " + invoke_error_url);
+ log.debug("Parameter session_id: " + session_id);
+ log.debug("Parameter sig_pos_y: " + sig_pos_y);
+ log.debug("Parameter sig_pos_p: " + sig_pos_p);
+ log.debug("Parameter sig_pos_x: " + sig_pos_x);
+ log.debug("Parameter sig_pos_w: " + sig_pos_w);
+ log.debug("Parameter note: " + note);
+ // end added
+
+ session = request.getSession(true);
+
+ session.setAttribute(SignServlet.SUBMITFORM_FILENAME_KEY, filename);
+
+ // added by tknall
+ if (sig_pos_y != null && sig_pos_p != null && sig_pos_x != null) {
+ if (sig_pos_w != null) {
+ try {
+ sigpos = new SignaturePositioning("x:" + sig_pos_x
+ + ";y:" + sig_pos_y + ";w:" + sig_pos_w + ";p:"
+ + sig_pos_p);
+ } catch (PDFDocumentException e) {
+ log.warn("Unable to create signature position object: "
+ + e.getMessage(), e);
+ }
+ } else {
+ try {
+ sigpos = new SignaturePositioning("x:" + sig_pos_x
+ + ";y:" + sig_pos_y + ";p:" + sig_pos_p);
+ } catch (PDFDocumentException e) {
+ log.warn("Unable to create signature position object: "
+ + e.getMessage(), e);
+ }
+ }
+ } else {
+ log.debug("No signature position provided.");
+ }
+
+ // if we already have parameters "&" must be used instead of "?"
+ String paramSeparator = (pdf_url.indexOf("?") != -1) ? "&" : "?";
+ String query = pdf_url + "/" + filename + paramSeparator
+ + FormFields.FIELD_PDF_ID + "=" + pdf_id;
+ // query = pdf_url;
+
+ log.debug("Query string for loading pdf: " + query);
+
+ // wprinz: rem: this allocation is useless
+ // byte[] extern_pdf = new byte[Integer.parseInt(pdf_length)];
+ URL source_url = new URL(query);
+ InputStream is = source_url.openStream();
+
+ // extern_pdf = toByteArray(is);
+
+ // set UploadedData object...
+ UploadedData ud_extern = new UploadedData();
+
+ ud_extern.file_name = filename;
+ byte[] plain_pdf_data = IOUtils.toByteArray(is);
+
+ ud_extern.pdfDataSource = new ByteArrayPdfDataSource(plain_pdf_data);
+
+ ud_extern.preview = "true".equalsIgnoreCase(preview);
+ ud_extern.sig_app = sig_app;
+ ud_extern.sig_mode = sig_mode;
+ ud_extern.sig_type = sig_type;
+
+ if (note != null) {
+ if (note.equals("true")) {
+ ud_extern.note = true;
+ ud_extern.sig_type = ud_extern.sig_type + "_NOTE";
+ } else {
+ ud_extern.note = false;
+ }
+ } else {
+ ud_extern.note = true;
+ ud_extern.sig_type = ud_extern.sig_type + "_NOTE";
+ }
+
+ ud_extern.pdfa = false;
+
+ ud = ud_extern;
+
+ exappinf = new ExternAppInformation(invoke_url, pdf_id, session_id,
+ invoke_error_url);
+
+ } else {
+ try {
+ // tzefferer: modified
+ // UploadedData ud = retrieveUploadedDataFromRequest(request);
+
+ UploadedData ud_form = retrieveUploadedDataFromRequest(request);
+ ud = ud_form;
+ // end modify
+
+ } catch (PdfAsException e) {
+ log.error(e);
+
+ // Added by rpiazzi to check if this attribute is still null
+ HttpSession session = request.getSession();
+ String error_within_iframe = (String) session
+ .getAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY);
+ if (error_within_iframe == null) {
+ session.setAttribute(SignServlet.ERROR_WITHIN_IFRAME, "no");
+ }
+ // end added
+
+ prepareDispatchToErrorPage(e, request);
+ dispatch(request, response, "/jsp/error.jsp");
+
+ return;
+ } catch (FileUploadException e) {
+ log.error(e);
+
+ // Added by rpiazzi to check if this attribute is still null
+ HttpSession session = request.getSession();
+ String error_within_iframe = (String) session
+ .getAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY);
+ if (error_within_iframe == null) {
+ session.setAttribute(SignServlet.ERROR_WITHIN_IFRAME, "no");
+ }
+ // end added
+
+ request.setAttribute("error", e.getMessage());
+ request.setAttribute("cause", e.getCause());
+ request.setAttribute("resourcebundle", Boolean.TRUE);
+ dispatch(request, response, "/jsp/error.jsp");
+ } catch (IOException e) {
+ log.error(e);
+
+ // Added by rpiazzi to check if this attribute is still null
+ HttpSession session = request.getSession();
+ String error_within_iframe = (String) session
+ .getAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY);
+ if (error_within_iframe == null) {
+ session.setAttribute(SignServlet.ERROR_WITHIN_IFRAME, "no");
+ }
+ // end added
+
+ request.setAttribute("error", e.getMessage());
+ request.setAttribute("cause", e.getCause());
+ request.setAttribute("resourcebundle", Boolean.TRUE);
+ dispatch(request, response, "/jsp/error.jsp");
+ }
+ }
+ try {
+ // not needed, that is done in sign()
+ // ud.pdfDataSource = PdfAS.applyStrictMode(ud.pdfDataSource);
+
+ session = request.getSession(true);
+
+ SignSessionInformation si = new SignSessionInformation(); // SessionTable.generateSessionInformationObject();
+ si.connector = ud.sig_app;
+
+ if ((ud.mobileTestEnabled) && (si.connector.equals("mobile"))) {
+ si.connector = Constants.SIGNATURE_DEVICE_MOBILETEST;
+ session.setAttribute(
+ SignServlet.SUBMITFORM_SIGNATURE_DEVICE_KEY,
+ si.connector);
+ }
+
+ si.application = "sign";
+ si.mode = ud.sig_mode;
+ si.pdfDataSource = ud.pdfDataSource;
+ si.type = ud.sig_type;
+ if (md != null) {
+ byte[] plain_digest = md.digest(ud.pdfDataSource.getAsByteArray());
+ plain_hex_digest = Hex.encodeHexString(plain_digest);
+ log.info("Original PDF HASH Value: " + plain_hex_digest);
+ si.plainPDFDigest = plain_hex_digest;
+ }
+
+ si.filename = formatFileName(ud.file_name);
+
+ si.download_inline = ud.download_inline;
+ si.pdfa = ud.pdfa;
+ si.note = ud.note;
+
+ // added tzefferer:
+ si.exappinf = exappinf;
+ si.pos = sigpos;
+ // end add
+
+ // added afitzek
+ si.startTime = startTime;
+
+ log.info("Putting signature data into session " + session.getId());
+ session.setAttribute(
+ SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si);
+
+ // String user_name = (String)
+ // request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_NAME);
+ // String user_password = (String)
+ // request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_PASSWORD);
+ // si.user_name = user_name;
+ // si.user_password = user_password;
+
+ SignServletHelper.prepareSign(
+ ApiHelper.getPdfAsFromContext(getServletContext()), si);
+
+ // comment out by rpiazzi because preview has now its own Servlet
+ /*
+ * if (ud.preview) { String submit_url =
+ * response.encodeURL(request.getContextPath() + "/SignPreview");
+ * String signature_data_url =
+ * response.encodeURL(WebUtils.buildRetrieveSignatureDataURL
+ * (request, response));
+ *
+ * request.setAttribute("submit_url", submit_url);
+ * request.setAttribute("signature_data_url", signature_data_url);
+ * if (si.mode.equals(FormFields.VALUE_MODE_TEXTUAL)){
+ * request.setAttribute("document_text",
+ * ((TextBased)si.sdi.getSignatureData()).getText()); }
+ *
+ * dispatch(request, response, "/jsp/signpreview.jsp");
+ *
+ * return; }
+ */
+
+ SignServletHelper.finishSign(si, request, response,
+ getServletContext());
+
+ } catch (PresentableException e) {
+ log.error(e.getMessage(), e);
+ prepareDispatchToErrorPage(e, request);
+ dispatch(request, response, "/jsp/error.jsp");
+ } catch (Exception e) {
+ log.error(e.getMessage(), e);
+ PresentableException pe = new PresentableException(
+ ErrorCode.UNKNOWN_ERROR, e);
+ prepareDispatchToErrorPage(pe, request);
+ dispatch(request, response, "/jsp/error.jsp");
+ }
+ }
+
+ // tzefferer:added
+ public void doGet(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ HttpSession session = request.getSession();
+ doPost(request, response);
+ }
+
+ // end add
+
+ protected UploadedData retrieveUploadedDataFromRequest(
+ HttpServletRequest request) throws ServletException,
+ UnsupportedEncodingException, FileUploadException,
+ PDFDocumentException, IOException {
+ DiskFileItemFactory fif = new DiskFileItemFactory();
+ fif.setRepository(WebSettingsReader.getTemporaryDirectory());
+ ServletFileUpload sfu = new ServletFileUpload(fif);
+
+ List items = sfu.parseRequest(request);
+
+ // FileItem preview_fi = null;
+ FileItem mode_fi = null;
+ FileItem file_upload_fi = null;
+ // FileItem download_fi = null;
+ FileItem freeText_fi = null;
+ FileItem source_fi = null;
+ FileItem sig_type_fi = null;
+ FileItem sig_app_fi = null;
+
+ boolean pdfaEnabled = false;
+ boolean noteEnabled = false;
+ String sig_type = "";
+ String sig_app = "";
+ String mode = "";
+ String doc_file_name;
+ DataSource pdfDataSource;
+ boolean mobileTestEnabled = false;
+
+ Iterator it = items.iterator();
+ session = request.getSession(true);
+
+ // Added by rpiazzi. If servlet was called for preview data was already
+ // written into
+ // session.
+ // Now commented out because the preview function is no more supported
+ /*
+ * if ((((FileItem)items.get(0)).getFieldName().equals(SignServlet.
+ * SUBMITFORM_PREVIEW))) { FileItem fi = (FileItem)items.get(1);
+ *
+ * sig_app_fi = fi;
+ * session.setAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY,
+ * sig_app_fi.getString("UTF-8"));
+ *
+ * if (((String)session.getAttribute(SUBMITFORM_PDFA_KEY))!=null) { if
+ * (((String)session.getAttribute(SUBMITFORM_PDFA_KEY)).equals("on")) {
+ * pdfaEnabled = true; } } if
+ * (((String)session.getAttribute(SUBMITFORM_NOTE_KEY))!=null) { if
+ * (((String)session.getAttribute(SUBMITFORM_NOTE_KEY)).equals("on")) {
+ * noteEnabled = true; } }
+ *
+ * sig_type =
+ * (String)session.getAttribute(SUBMITFORM_SIGNATURE_TYPE_KEY); sig_app
+ * = sig_app_fi.getString("UTF-8");
+ *
+ * mode = (String)session.getAttribute(SUBMITFORM_SIGNATURE_MODE_KEY);
+ * doc_file_name =
+ * (String)session.getAttribute(SUBMITFORM_FILENAME_KEY); pdfDataSource
+ * = (DataSource)session.getAttribute(SUBMITFORM_FILE_KEY);
+ *
+ * } //end added else {
+ */
+
+ // Added by rpiazzi to check wheter local bku button was hit. In this
+ // case the parameters
+ // were already put into session because before local bku, online bku
+ // has to be called
+ // and therefore this servlet was already called.
+ // First check if one submitted parameter is the local bku button.
+ boolean localFound = false;
+ int positionLocal = 0;
+ while (it.hasNext()) {
+ if (((FileItem) it.next()).getFieldName().equals(
+ FormFields.FIELD_CONNECTOR_LOCALBKU)) {
+ localFound = true;
+ break;
+ }
+ positionLocal++;
+ }
+
+ if (localFound) {
+
+ session.setAttribute(SignServlet.ERROR_WITHIN_IFRAME, "no");
+ pdfaEnabled = "on".equalsIgnoreCase((String) session
+ .getAttribute(SUBMITFORM_PDFA_KEY));
+ sig_type = (String) session
+ .getAttribute(SUBMITFORM_SIGNATURE_TYPE_KEY);
+ noteEnabled = "on".equalsIgnoreCase((String) session
+ .getAttribute(SUBMITFORM_NOTE_KEY));
+
+ session.setAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY, "bku");
+ sig_app = "bku";
+ mode = (String) session.getAttribute(SUBMITFORM_SIGNATURE_MODE_KEY);
+ doc_file_name = (String) session
+ .getAttribute(SUBMITFORM_FILENAME_KEY);
+ pdfDataSource = (DataSource) session
+ .getAttribute(SUBMITFORM_FILE_KEY);
+ }
+ // end added
+ // else get settings from form fields
+ else {
+ session.setAttribute(SignServlet.ERROR_WITHIN_IFRAME, "yes");
+ it = items.iterator();
+ while (it.hasNext()) {
+ FileItem item = (FileItem) it.next();
+ log.debug("item = " + item.getFieldName()); //$NON-NLS-1$
+
+ if (log.isDebugEnabled()) {
+ if (item.isFormField()) {
+ String item_string = item.getString("UTF-8"); //$NON-NLS-1$
+ log.debug(" form field string = " + item_string); //$NON-NLS-1$
+ } else {
+ log.debug(" filename = " + item.getName()); //$NON-NLS-1$
+ log.debug(" filesize = " + item.getSize()); //$NON-NLS-1$
+ }
+ }
+
+ if (item.getFieldName().equals(FormFields.FIELD_SIGNATURE_TYPE)) {
+ sig_type_fi = item;
+ session.setAttribute(SUBMITFORM_SIGNATURE_TYPE_KEY,
+ item.getString("UTF-8"));
+ sig_type = item.getString("UTF-8");
+ continue;
+ }
+
+ if ((item.getFieldName()
+ .equals(FormFields.FIELD_CONNECTOR_SMARTCARD))
+ || (item.getFieldName()
+ .equals(FormFields.FIELD_CONNECTOR_MOBILE))
+ || (item.getFieldName()
+ .equals(FormFields.FIELD_CONNECTOR_LOCALBKU))) {
+ if (item.getFieldName().equals(
+ FormFields.FIELD_CONNECTOR_SMARTCARD)) {
+ session.setAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY,
+ "moc");
+ sig_app = "moc";
+ }
+ if (item.getFieldName().equals(
+ FormFields.FIELD_CONNECTOR_MOBILE)) {
+ session.setAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY,
+ "mobile");
+ sig_app = "mobile";
+ }
+ if (item.getFieldName().equals(
+ FormFields.FIELD_CONNECTOR_LOCALBKU)) {
+ session.setAttribute(SUBMITFORM_SIGNATURE_DEVICE_KEY,
+ "bku");
+ sig_app = "bku";
+ }
+ continue;
+ }
+
+ if (item.getFieldName().equals(FormFields.FIELD_MODE)) {
+ mode_fi = item;
+ session.setAttribute(SUBMITFORM_SIGNATURE_MODE_KEY,
+ mode_fi.getString("UTF-8"));
+ continue;
+ }
+
+ if (item.getFieldName().equals(FormFields.FIELD_SOURCE_FILE)) {
+ // changed by rpiazzi
+ // Item always contains something as it is just hidden by
+ // javascript
+ // because of this just set the value if not empty
+ if (item != null) {
+ file_upload_fi = item;
+ }
+ continue;
+
+ }
+
+ // Added by rpiazzi to ignore the form fields for the inactive
+ // mode
+ // but not more needed
+ /*
+ * if
+ * (item.getFieldName().equals(FormFields.FIELD_MODE_INACTIVE))
+ * { continue; }
+ */
+ // end added
+
+ /*
+ * Commented out by rpiazzi because not more needed if
+ * (item.getFieldName().equals(FormFields.FIELD_DOWNLOAD)) {
+ * download_fi = item; continue; }
+ */
+
+ if (FormFields.FIELD_PDFA_ENABLED.equals(item.getFieldName())) {
+ if (item.getString("UTF-8") != null) {
+ session.setAttribute(SUBMITFORM_PDFA_KEY, "on");
+ pdfaEnabled = true;
+ } else {
+ session.setAttribute(SUBMITFORM_PDFA_KEY, "off");
+ pdfaEnabled = false;
+ }
+ continue;
+ }
+
+ if (FormFields.FIELD_SOURCE_FREETEXT
+ .equals(item.getFieldName())) {
+ freeText_fi = item;
+ String value = freeText_fi.getString("UTF-8");
+ if (value != null) {
+ session.setAttribute(SUBMITFORM_FREETEXT_KEY, value);
+ }
+ continue;
+ }
+
+ if (FormFields.FIELD_SOURCE.equals(item.getFieldName())) {
+ source_fi = item;
+ session.setAttribute(SUBMITFORM_SOURCE_KEY,
+ item.getString("UTF-8"));
+ continue;
+ }
+
+ // Added by rpiazzi. Feature added for inserting note into
+ // signature block
+ if (FormFields.FIELD_NOTE_ENABLED.equals(item.getFieldName())) {
+ if (item.getString("UTF-8") != null) {
+ session.setAttribute(SUBMITFORM_NOTE_KEY, "on");
+ noteEnabled = true;
+ } else {
+ session.setAttribute(SUBMITFORM_NOTE_KEY, "off");
+ noteEnabled = false;
+ }
+ continue;
+ }
+ // end added
+
+ // Added by rpiazzi to let later jsp's know the height of the
+ // div elements
+ if (FormFields.FIELD_HEIGHT_SIGNDIV.equals(item.getFieldName())) {
+ session.setAttribute(HEIGHT_SIGN_DIV,
+ item.getString("UTF-8"));
+ continue;
+ }
+ // end added
+
+ if (FormFields.FIELD_MOBILETEST_ENABLED.equals(item
+ .getFieldName())) {
+ if (item.getString("UTF-8") != null) {
+ if (item.getString("UTF-8").equals("on")) {
+ mobileTestEnabled = true;
+ }
+ }
+ continue;
+ }
+
+ throw new ServletException("Unrecognized POST data."); //$NON-NLS-1$
+
+ }
+
+ if (sig_type_fi == null
+ || (file_upload_fi == null && freeText_fi == null)) {
+ throw new ServletException(
+ "Insufficient data provided in request"); //$NON-NLS-1$
+ }
+
+ mode = mode_fi.getString("UTF-8"); //$NON-NLS-1$
+ if (!mode.equals(FormFields.VALUE_MODE_BINARY)
+ && !mode.equals(FormFields.VALUE_MODE_TEXTUAL)
+ && !mode.equals(FormFields.VALUE_MODE_DETACHED)) {
+ throw new ServletException(
+ "The mode '" + mode + "' is unrecognized."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ // Commented out by rpiazzi because not more needed
+ /*
+ * boolean download_inline = true; if
+ * (download_fi.getString("UTF-8")
+ * .equals(FormFields.VALUE_DOWNLOAD_ATTACHMENT)) //$NON-NLS-1$ {
+ * download_inline = false; }
+ */
+
+ // distinguish between file and freetext
+ if (source_fi.getString("UTF-8").equals(
+ FormFields.VALUE_SOURCE_FILE)) {
+ log.debug("Processing file.");
+ File f = new File(file_upload_fi.getName());
+ doc_file_name = f.getName();
+ log.debug("file content type =" + file_upload_fi.getContentType()); //$NON-NLS-1$
+
+ String extension = VerifyServlet
+ .extractExtension(doc_file_name);
+ if (extension != null && !extension.equals("pdf")) //$NON-NLS-1$
+ {
+ throw new PDFDocumentException(
+ 201,
+ "The provided file '" + doc_file_name + "' doesn't have the PDF extension (.pdf)."); //$NON-NLS-1$//$NON-NLS-2$
+ }
+
+ if (file_upload_fi.getSize() <= 0) {
+ throw new PDFDocumentException(250,
+ "The document is empty."); //$NON-NLS-1$
+ }
+
+ try {
+ pdfDataSource = new ByteArrayPdfDataSource(
+ IOUtils.toByteArray(file_upload_fi.getInputStream()));
+ session.setAttribute(SUBMITFORM_FILE_KEY, pdfDataSource);
+ session.setAttribute(SUBMITFORM_FILENAME_KEY, doc_file_name);
+ } catch (IOException e) {
+ throw new PDFDocumentException(201,
+ "Couldn't store the file in the temp dir.", e);
+ }
+ } else {
+ log.debug("Processing free text.");
+ try {
+ byte[] freeTextPDF = IText.createPDF(
+ freeText_fi.getString("UTF-8"), pdfaEnabled);
+ pdfDataSource = new ByteArrayPdfDataSource(freeTextPDF);
+ doc_file_name = IText.DEFAULT_FILENAME;
+ session.setAttribute(SUBMITFORM_FILE_KEY, pdfDataSource);
+ session.setAttribute(SUBMITFORM_FILENAME_KEY, doc_file_name);
+ } catch (DocumentException e) {
+ throw new PDFDocumentException(201,
+ "Unable to create PDF document.", e);
+ } catch (IOException e) {
+ throw new PDFDocumentException(201,
+ "Unable to create PDF document.", e);
+ }
+
+ // }
+ // byte[] pdf = file_upload_fi.get();
+ }
+ }
+
+ UploadedData ud = new UploadedData();
+
+ ud.preview = false;
+ ud.pdfa = pdfaEnabled;
+ ud.download_inline = false;
+ ud.sig_type = sig_type;
+ ud.sig_app = sig_app;
+ ud.sig_mode = mode;
+ ud.file_name = doc_file_name;
+ ud.pdfDataSource = pdfDataSource;
+ ud.note = noteEnabled;
+
+ // Added by rpiazzi
+ if (ud.note && !ud.sig_type.contains("NOTE")) {
+ ud.sig_type += "_NOTE";
+ session.setAttribute(SUBMITFORM_SIGNATURE_TYPE_KEY, ud.sig_type);
+ }
+
+ if (mobileTestEnabled) {
+ ud.mobileTestEnabled = true;
+ }
+
+ // end added
+
+ return ud;
+ }
+
+ public static void prepareDispatchToErrorPage(PdfAsException pe,
+ HttpServletRequest request) {
+ request.setAttribute("PresentableException", pe);
+ // if (pe instanceof ErrorCodeException)
+ // {
+ request.setAttribute("error", "Fehler " + pe.getErrorCode());
+
+ String cause = ErrorCodeHelper
+ .getMessageForErrorCode(pe.getErrorCode());
+
+ if (pe instanceof ExternalErrorException) {
+ ExternalErrorException eee = (ExternalErrorException) pe;
+ cause = eee.getExternalErrorCode() + ": "
+ + eee.getExternalErrorMessage();
+ }
+ request.setAttribute("cause", cause);
+
+ if (pe.getErrorCode() == ErrorCode.PLACEHOLDER_EXCEPTION) {
+ PlaceholderException phe = null;
+ if (pe instanceof PlaceholderException) {
+ phe = (PlaceholderException) pe;
+ } else {
+ phe = (PlaceholderException) pe.getCause();
+ }
+
+ request.setAttribute("cause",
+ "Der Platzhalter des Feldes " + phe.getField() + " ist um "
+ + phe.getMissing() + " Bytes zu kurz. " + cause);
+ }
+
+ // Added by rpiazzi to know if error happened when request was within
+ // iframe
+ // In this case the visualization of the error has to be done
+ // differently
+ /*
+ * HttpSession session = request.getSession(); if
+ * (((String)session.getAttribute
+ * (SUBMITFORM_SIGNATURE_DEVICE_KEY)).equals
+ * (Constants.SIGNATURE_DEVICE_BKU)) {
+ * request.setAttribute(ERROR_WITHIN_IFRAME, "no"); } else {
+ * request.setAttribute(ERROR_WITHIN_IFRAME, "yes"); }
+ */
+ // end added
+
+ // }
+ // else
+ // {
+ // request.setAttribute("error", "PresentableException");
+ // request.setAttribute("cause", pe.toString());
+ // }
+ }
+
+ /**
+ * Formats the file name so that it is suitable for content disposition.
+ *
+ * @param file_name
+ * The file name.
+ * @return Returns the formatted file name.
+ */
+ public static String formatFileName(String file_name) {
+ File file = new File(file_name);
+ String file_name_only = file.getName();
+ // the file_name contains \\ ==> remove them so Internet Explorer works
+ // correctly.
+ return file_name_only;
+ }
+
+ // tzefferer: added
+ public static byte[] toByteArray(InputStream inputStream)
+ throws IOException {
+
+ if (inputStream == null) {
+ return null;
+ }
+
+ ByteArrayOutputStream out = new ByteArrayOutputStream(8192);
+ int n;
+ byte[] buffer = new byte[2048];
+ BufferedInputStream bufIn = new BufferedInputStream(inputStream);
+ try {
+ while ((n = bufIn.read(buffer)) != -1) {
+ out.write(buffer, 0, n);
+ }
+ } finally {
+ if (bufIn != null) {
+ bufIn.close();
+ }
+ }
+ return out.toByteArray();
+ }
+
+ // end add
+
+ protected static class UploadedData {
+ protected boolean preview = false;
+
+ protected boolean pdfa = false;
+
+ protected boolean download_inline = false;
+
+ protected String sig_type = null;
+
+ protected String sig_app = null;
+
+ protected String sig_mode = null;
+
+ protected String file_name = null;
+
+ protected DataSource pdfDataSource = null;
+
+ protected boolean mobileTestEnabled = false;
+
+ // added by rpiazzi
+ protected boolean note = false;
+ // protected byte[] pdf = null;
+ }
}
-
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/session/SignSessionInformation.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/session/SignSessionInformation.java
index 11efbc1..ed05715 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/session/SignSessionInformation.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/session/SignSessionInformation.java
@@ -187,4 +187,6 @@ public class SignSessionInformation implements HttpSessionBindingListener, Seria
log.debug("Unbound SignSessionInformation from session (ID=" + event.getSession().getId() + ").");
}
+
+ public String plainPDFDigest;
}
--
cgit v1.2.3