From 527484bcc0a65c61d50209849f7b3db34f0128f7 Mon Sep 17 00:00:00 2001 From: knowcenter Date: Thu, 17 May 2007 15:28:32 +0000 Subject: web git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@87 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../wag/egov/egiz/web/servlets/DataURLServlet.java | 199 ++++++ .../web/servlets/RetrieveSignatureDataServlet.java | 100 +++ .../egov/egiz/web/servlets/SignPreviewServlet.java | 94 +++ .../wag/egov/egiz/web/servlets/SignServlet.java | 576 +++++++++++++++++ .../egiz/web/servlets/VerifyPreviewServlet.java | 708 +++++++++++++++++++++ .../wag/egov/egiz/web/servlets/VerifyServlet.java | 334 ++++++++++ 6 files changed, 2011 insertions(+) create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignPreviewServlet.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/web/servlets') diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java new file mode 100644 index 0000000..7d7220c --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java @@ -0,0 +1,199 @@ +/** + * + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.knowcenter.wag.egov.egiz.PdfASID; +import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.framework.Signator; +import at.knowcenter.wag.egov.egiz.framework.SignatorFactory; +import at.knowcenter.wag.egov.egiz.sig.SignatureResponse; +import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.EnvelopedBase64BKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.LocRefDetachedBKUConnector; +import at.knowcenter.wag.egov.egiz.web.FormFields; +import at.knowcenter.wag.egov.egiz.web.LocalRequest; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; + +/** + * @author wprinz + * + */ +public class DataURLServlet extends HttpServlet +{ + + /** + * SVUID. + */ + private static final long serialVersionUID = -5846618335843762752L; + + /** + * The log. + */ + private static Log log = LogFactory.getLog(DataURLServlet.class); + + protected void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource) throws ServletException, IOException + { + dispatch(request, response, resource, getServletContext()); + } + + protected static void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource, ServletContext context) throws ServletException, IOException + { + response.setContentType("text/html"); + response.setCharacterEncoding("UTF-8"); + + RequestDispatcher disp = context.getRequestDispatcher(resource); + disp.forward(request, response); + } + + protected void dispatchToResults(List results, HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException + { + request.setAttribute("results", results); + dispatch(request, response, "/jsp/results.jsp"); + } + + /** + * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest, + * javax.servlet.http.HttpServletResponse) + */ + protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + log.debug("Data URL is accessed."); //$NON-NLS-1$ + + HttpSession session = request.getSession(false); + if (session == null) + { + String msg = "There is no session associated with this request."; //$NON-NLS-1$ + log.error(msg); + throw new ServletException(msg); + } + + SessionInformation si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); + if (si == null) + { + String msg = "The session is not found or no longer valid."; //$NON-NLS-1$ + log.error(msg); + throw new ServletException(msg); + } + + try + { + log.debug("Request character encoding = " + request.getCharacterEncoding()); //$NON-NLS-1$ + if (request.getCharacterEncoding() == null || request.getCharacterEncoding().equals("UTF-8")) //$NON-NLS-1$ + { + log.error("The BKU didn't set a character encoding for the request."); //$NON-NLS-1$ + + log.warn("Manually setting character encoding to UTF-8"); //$NON-NLS-1$ + request.setCharacterEncoding("UTF-8"); //$NON-NLS-1$ + } + + String xml_response = request.getParameter("XMLResponse"); //$NON-NLS-1$ + log.debug("xml_response = " + xml_response); //$NON-NLS-1$ + + if (isNullResponse(xml_response)) + { + log.debug("Received a NullOperationResponse -> answering with the first request."); //$NON-NLS-1$ + + assert si.current_operation == 0; + } + else + { + log.debug("Recieved a normal response -> storing the response."); //$NON-NLS-1$ + + Properties response_properties = new Properties(); + response_properties.setProperty(BKUPostConnection.RESPONSE_STRING_KEY, xml_response); + si.response_properties[si.current_operation] = response_properties; + + si.current_operation++; + } + + if (si.current_operation < si.requests.length) + { + log.debug("There are still requests to be performed -> answering with request #" + si.current_operation); //$NON-NLS-1$ + + LocalRequest local_request = si.requests[si.current_operation]; + + String request_string = local_request.getRequestString(); + + response.setContentType("text/xml"); + response.setCharacterEncoding("UTF-8"); + response.getWriter().println(request_string); + } + else + { + log.debug("All requests have been processed -> processing the responses."); //$NON-NLS-1$ + + if (si.application.equals("sign")) + { + // Sign + + if (si.sign_result == null) + { + LocalConnector c = new LocRefDetachedBKUConnector(si.type, "loc ref content not needed here"); //$NON-NLS-1$ + + si.iui.signed_signature_object = c.analyzeSignResponse(si.response_properties[0]); + + PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode); + Signator signator = SignatorFactory.createSignator(algorithm); + + si.sign_result = signator.finishSign(si.iui); + } + + SignServlet.returnSignResponse(si, response); + } + else + { + // Verify + + List results = new ArrayList(); + + for (int i = 0; i < si.response_properties.length; i++) + { + LocalConnector c = new LocRefDetachedBKUConnector(si.type, "loc ref content not needed here"); //$NON-NLS-1$ + + SignatureResponse sig_resp = c.analyzeVerifyResponse(si.response_properties[i]); + results.add(sig_resp); + } + + dispatchToResults(results, request, response); + } + } + } + catch (PresentableException e) + { + log.error(e); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + + log.debug("DataURL access finished."); //$NON-NLS-1$ + } + + protected boolean isNullResponse(String xml_response) + { + return xml_response.indexOf("NullOperationResponse") >= 0; + } +} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java new file mode 100644 index 0000000..402170c --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java @@ -0,0 +1,100 @@ +/** + * + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.IOException; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; +import at.knowcenter.wag.egov.egiz.sig.SignatureData; +import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl; +import at.knowcenter.wag.egov.egiz.sig.SignatureObject; +import at.knowcenter.wag.egov.egiz.tools.CodingHelper; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; + +/** + * Retrieves the Signature Data from the session and returns it. + * + * @author wprinz + */ +public class RetrieveSignatureDataServlet extends HttpServlet +{ + + /** + * SVUID. + */ + private static final long serialVersionUID = -5387006236836240538L; + + /** + * The log. + */ + private static Log log = LogFactory.getLog(RetrieveSignatureDataServlet.class); + + /** + * @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + log.debug("Request for receiving signature data."); //$NON-NLS-1$ + + HttpSession session = request.getSession(false); + if (session == null) + { + String msg = "There is no session associated with this request."; //$NON-NLS-1$ + log.error(msg); + throw new ServletException(msg); + } + + SessionInformation si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); + if (si == null) + { + String msg = "The session is not found or no longer valid."; //$NON-NLS-1$ + log.error(msg); + throw new ServletException(msg); + } + + SignatureData sd = null; + if (si.application.equals("sign")) + { + sd = si.iui.signature_data; + } + else + { + SignatureHolder holder = (SignatureHolder) si.signature_holders.get(si.current_operation); + SignatureObject s = holder.getSignatureObject(); + + // TODO make better + String text_to_be_verified = holder.getSignedText(); + if (holder.getSignatureObject().isBinary()) + { + byte[] data = CodingHelper.decodeBase64(text_to_be_verified); + sd = new SignatureDataImpl(data, "application/pdf"); + } + else + { + sd = new SignatureDataImpl(text_to_be_verified.getBytes("UTF-8"), "text/plain", "UTF-8"); + } + + } + + log.debug("Writing " + sd.getMimeType() + " data:"); //$NON-NLS-1$ //$NON-NLS-2$ + + response.setContentType(sd.getMimeType()); + response.setCharacterEncoding(sd.getCharacterEncoding()); + response.getOutputStream().write(sd.getData()); + + log.debug("Writing SignatureData finished."); //$NON-NLS-1$ + } + + +} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignPreviewServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignPreviewServlet.java new file mode 100644 index 0000000..1d8ee0b --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignPreviewServlet.java @@ -0,0 +1,94 @@ +/** + * Copyright (c) 2006 by Know-Center, Graz, Austria + * + * This software is the confidential and proprietary information of Know-Center, + * Graz, Austria. You shall not disclose such Confidential Information and shall + * use it only in accordance with the terms of the license agreement you entered + * into with Know-Center. + * + * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF + * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR + * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY + * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. + * + * $Id: SignPreview.java,v 1.2 2006/10/11 07:39:13 wprinz Exp $ + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.IOException; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import at.knowcenter.wag.egov.egiz.exceptions.ErrorCodeException; +import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.web.FormFields; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; + +/** + * @author wprinz + */ +public class SignPreviewServlet extends HttpServlet +{ + + /** + * SVUID. + */ + private static final long serialVersionUID = -8818532511322299998L; + + protected void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource) throws ServletException, IOException + { + response.setContentType("text/html"); + response.setCharacterEncoding("UTF-8"); + + RequestDispatcher disp = getServletContext().getRequestDispatcher(resource); + disp.forward(request, response); + } + + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + SessionInformation si = null; + try + { + HttpSession session = request.getSession(false); + if (session == null) + { + throw new ErrorCodeException(600, "The session is missing."); + } + + si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); + if (si == null) + { + throw new ErrorCodeException(600, "The session is not found or is no longer valid."); + } + + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + + return; + } + + try + { + SignServlet.finishSign(si, request, response, getServletContext()); + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + } +} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java new file mode 100644 index 0000000..f2cbde8 --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java @@ -0,0 +1,576 @@ +/** + * Copyright (c) 2006 by Know-Center, Graz, Austria + * + * This software is the confidential and proprietary information of Know-Center, + * Graz, Austria. You shall not disclose such Confidential Information and shall + * use it only in accordance with the terms of the license agreement you entered + * into with Know-Center. + * + * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF + * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR + * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY + * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. + * + * $Id: Sign.java,v 1.7 2006/10/11 07:39:13 wprinz Exp $ + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.File; +import java.io.IOException; +import java.io.Serializable; +import java.io.UnsupportedEncodingException; +import java.net.URL; +import java.util.Iterator; +import java.util.List; +import java.util.Properties; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.fileupload.FileItem; +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.log4j.Logger; + +import at.knowcenter.wag.egov.egiz.PdfAS; +import at.knowcenter.wag.egov.egiz.PdfASID; +import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; +import at.knowcenter.wag.egov.egiz.exceptions.ErrorCodeException; +import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException; +import at.knowcenter.wag.egov.egiz.exceptions.PlaceholderException; +import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.framework.SignResult; +import at.knowcenter.wag.egov.egiz.framework.Signator; +import at.knowcenter.wag.egov.egiz.framework.SignatorFactory; +import at.knowcenter.wag.egov.egiz.framework.signators.DetachedSignator_1_0_0; +import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; +import at.knowcenter.wag.egov.egiz.sig.SignatureData; +import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl; +import at.knowcenter.wag.egov.egiz.sig.connectors.Connector; +import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.DetachedBKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.EnvelopedBase64BKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.LocRefDetachedBKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.moa.DetachedLocRefMOAConnector; +import at.knowcenter.wag.egov.egiz.tools.CodingHelper; +import at.knowcenter.wag.egov.egiz.web.FormFields; +import at.knowcenter.wag.egov.egiz.web.LocalRequest; +import at.knowcenter.wag.egov.egiz.web.LocalRequestHelper; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; + +/** + * This method is the sign servlet for the pdf-as web application. It takes get + * and post requests fill out jsp templates and give the user feedback about the + * results of the sign process + * + * @author wlackner + * @author wprinz + */ +public class SignServlet extends HttpServlet +{ + + /** + * SVUID. + */ + private static final long serialVersionUID = -4156938216903740438L; + + /** + * The log. + */ + private static Log log = LogFactory.getLog(SignServlet.class); + + protected void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource) throws ServletException, IOException + { + dispatch(request, response, resource, getServletContext()); + } + + protected static void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource, ServletContext context) throws ServletException, IOException + { + response.setContentType("text/html"); + response.setCharacterEncoding("UTF-8"); + + RequestDispatcher disp = context.getRequestDispatcher(resource); + disp.forward(request, response); + } + + // The sign servlet is used for processing the upload only. + // Authentication is deactivated. if required - make an own servlet. + // /** + // * @author modified by tknall + // */ + // public void doGet(HttpServletRequest request, HttpServletResponse response) + // throws ServletException, IOException + // { + // String authenticate = request.getHeader(AUTH); + // if (authenticate != null) + // { + // logger_.info("authenticate:" + authenticate); + // if (authenticate.indexOf(AUTH_BASIC) == 0) + // { + // authenticate = authenticate.substring(AUTH_BASIC.length() + 1); + // logger_.info("authenticate:" + authenticate); + // authenticate = new String(CodingHelper.decodeBase64(authenticate), + // "UTF-8"); + // logger_.info("authenticate:" + authenticate); + // + // String[] auth_value = authenticate.split(":"); + // String user_name = auth_value[0]; + // String user_password = auth_value[1]; + // logger_.info("username:" + user_name); + // // start modification tknall + // // logger_.info("password:" + user_password); + // logger_.info("password:XXXXXXXXXXXX"); + // // stop modification tknall + // + // HttpSession session = request.getSession(); + // session.setAttribute(SessionAttributes.ATTRIBUTE_USER_NAME, user_name); + // session.setAttribute(SessionAttributes.ATTRIBUTE_USER_PASSWORD, + // user_password); + // + // dispatch(request, response, "/jsp/signupload.jsp"); + // return; + // } + // // start modification tknall + // } else { + // String user_name = ""; + // String user_password = ""; + // logger_.info("authenticate:User has not been authenticated!"); + // logger_.info("username: UNKNOWN"); + // logger_.info("password: XXXXXXXXXXXX"); + // HttpSession session = request.getSession(); + // session.setAttribute("uname", user_name); + // session.setAttribute("upass", user_password); + // dispatch(request, response, "/jsp/signupload.jsp"); + // } + + // request.setAttribute("error", "Falsche Authentifikation"); + // request.setAttribute("cause", "Passwort oder Benutzername ist falsch"); + // dispatch(request, response, "/jsp/error.jsp"); + // // stop modification tknall + // } + + /** + * Processes the sign upload. + * + * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest, + * javax.servlet.http.HttpServletResponse) + */ + public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + try + { + UploadedData ud = retrieveUploadedDataFromRequest(request); + + PdfAS.applyStrictMode(ud.pdf); + + SessionInformation si = new SessionInformation(); // SessionTable.generateSessionInformationObject(); + si.connector = ud.sig_app; + si.application = "sign"; + si.mode = ud.sig_mode; + si.pdf = ud.pdf; + si.type = ud.sig_type; + si.filename = formatFileName(ud.file_name); + si.download_inline = ud.download_inline; + + request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si); + + // String user_name = (String) + // request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_NAME); + // String user_password = (String) + // request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_PASSWORD); + // si.user_name = user_name; + // si.user_password = user_password; + + prepareSign(si); + + if (ud.preview) + { + String submit_url = response.encodeURL(request.getContextPath() + "/SignPreview"); + String signature_data_url = response.encodeURL(request.getContextPath() + "/RetrieveSignatureData"); + + request.setAttribute("submit_url", submit_url); + request.setAttribute("signature_data_url", signature_data_url); + + dispatch(request, response, "/jsp/signpreview.jsp"); + + return; + } + + finishSign(si, request, response, getServletContext()); + } + catch (FileUploadException e) + { + request.setAttribute("error", "Fehler beim Upload der Daten"); + request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten."); + dispatch(request, response, "/jsp/error.jsp"); + } + catch (PresentableException e) + { + e.printStackTrace(); + prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + } + + protected UploadedData retrieveUploadedDataFromRequest( + HttpServletRequest request) throws ServletException, UnsupportedEncodingException, FileUploadException, PDFDocumentException + { + DiskFileItemFactory fif = new DiskFileItemFactory(); + fif.setRepository(SettingsReader.getTemporaryDirectory()); + ServletFileUpload sfu = new ServletFileUpload(fif); + + List items = sfu.parseRequest(request); + + FileItem preview_fi = null; + FileItem sig_type_fi = null; + FileItem sig_app_fi = null; + FileItem mode_fi = null; + FileItem file_upload_fi = null; + FileItem download_fi = null; + + Iterator it = items.iterator(); + while (it.hasNext()) + { + FileItem item = (FileItem) it.next(); + log.debug("item = " + item.getFieldName()); //$NON-NLS-1$ + + if (log.isDebugEnabled()) + { + if (item.isFormField()) + { + String item_string = item.getString("UTF-8"); //$NON-NLS-1$ + log.debug(" form field string = " + item_string); //$NON-NLS-1$ + } + else + { + log.debug(" filename = " + item.getName()); //$NON-NLS-1$ + log.debug(" filesize = " + item.getSize()); //$NON-NLS-1$ + } + } + + if (item.getFieldName().equals(FormFields.FIELD_PREVIEW)) + { + preview_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_SIGNATURE_TYPE)) + { + sig_type_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR)) + { + sig_app_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_MODE)) + { + mode_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_UPLOAD)) + { + file_upload_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_DOWNLOAD)) + { + download_fi = item; + continue; + } + + throw new ServletException("unrecognized POST data."); //$NON-NLS-1$ + + } + + if (preview_fi == null || sig_type_fi == null || sig_app_fi == null || file_upload_fi == null || download_fi == null) + { + throw new ServletException("Insufficient data provided in request"); //$NON-NLS-1$ + } + + String mode = mode_fi.getString("UTF-8"); //$NON-NLS-1$ + if (!mode.equals(FormFields.VALUE_MODE_BINARY) && !mode.equals(FormFields.VALUE_MODE_TEXTUAL) && !mode.equals(FormFields.VALUE_MODE_DETACHED)) + { + throw new ServletException("The mode '" + mode + "' is unrecognized."); //$NON-NLS-1$ //$NON-NLS-2$ + } + + String preview_str = preview_fi.getString("UTF-8"); //$NON-NLS-1$ + boolean preview = false; + if (preview_str.equals("true")) //$NON-NLS-1$ + { + preview = true; + } + + boolean download_inline = true; + if (download_fi.getString("UTF-8").equals(FormFields.VALUE_DOWNLOAD_ATTACHMENT)) //$NON-NLS-1$ + { + download_inline = false; + } + + String sig_type = sig_type_fi.getString("UTF-8"); //$NON-NLS-1$ + String sig_app = sig_app_fi.getString("UTF-8"); //$NON-NLS-1$ + + String doc_file_name = file_upload_fi.getName(); + log.debug("file content type =" + file_upload_fi.getContentType()); //$NON-NLS-1$ + + String extension = VerifyServlet.extractExtension(doc_file_name); + if (extension != null && !extension.equals("pdf")) //$NON-NLS-1$ + { + throw new PDFDocumentException(201, "The provided file '" + doc_file_name + "' doesn't have the PDF extension (.pdf)."); //$NON-NLS-1$//$NON-NLS-2$ + } + + byte[] pdf = file_upload_fi.get(); + if (file_upload_fi.getSize() <= 0) + { + throw new PDFDocumentException(250, "The document is empty."); //$NON-NLS-1$ + } + + UploadedData ud = new UploadedData(); + + ud.preview = preview; + ud.download_inline = download_inline; + ud.sig_type = sig_type; + ud.sig_app = sig_app; + ud.sig_mode = mode; + ud.file_name = doc_file_name; + ud.pdf = pdf; + + return ud; + } + + /** + * Prepares the sign. + * + *

+ * This prepares the data for both being signed or being previewed. + *

+ * + * @param si + * The SessionInformation to be prepared. + * @throws PresentableException + * f.e. + */ + public static void prepareSign(SessionInformation si) throws PresentableException + { + log.debug("prepareSign:"); //$NON-NLS-1$ + + PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode); + Signator signator = SignatorFactory.createSignator(algorithm); + si.iui = signator.prepareSign(si.pdf, si.type, null, ConnectorFactory.needsSIG_ID(si.connector)); + + log.debug("prepareSign finished."); //$NON-NLS-1$ + } + + /** + * Finishes the sign. + * + *

+ * For non local connectors this concludes the sign process, signs the + * document and returns the result. For local connectors this initializes the + * local sign process and redirects to following servlets. + *

+ * + * @param si + * The SessionInformation. + * @param request + * The servlet request for dispatching. + * @param response + * The servlet response for dispatching. + * @param context + * The servlet context for dispatching. + * @throws PresentableException + * f.e. + * @throws IOException + * f. e. + * @throws ServletException + * f. e. + */ + public static void finishSign(SessionInformation si, + HttpServletRequest request, HttpServletResponse response, + ServletContext context) throws PresentableException, IOException, ServletException + { + log.debug("finishSign:"); //$NON-NLS-1$ + + log.debug("connector = " + si.connector); //$NON-NLS-1$ + if (ConnectorFactory.isConnectorLocal(si.connector)) + { + log.debug("Connector is local -> dispatching to local processing."); //$NON-NLS-1$ + + String dispatch_to = LocalRequestHelper.processLocalSign(si, request, response); + dispatch(request, response, dispatch_to, context); + return; + } + log.debug("Connector is not local -> finishing the sign."); //$NON-NLS-1$ + + PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode); + Signator signator = SignatorFactory.createSignator(algorithm); + + log.debug("RequestURL = " + request.getRequestURL()); + log.debug("ContextPath = " + request.getContextPath()); + String host = request.getServerName(); + URL signature_data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); + String signature_data_url = response.encodeURL(signature_data_URL.toString()); + + Connector c = new DetachedLocRefMOAConnector(si.type, signature_data_url); + si.iui.signed_signature_object = c.doSign(si.iui.signature_data); + + si.sign_result = signator.finishSign(si.iui); + + returnSignResponse(si, response); + + log.debug("finishSign finished."); //$NON-NLS-1$ + } + + public static void prepareDispatchToErrorPage(PresentableException pe, + HttpServletRequest request) + { + if (pe instanceof ErrorCodeException) + { + ErrorCodeException ece = (ErrorCodeException) pe; + request.setAttribute("error", "Fehler " + ece.getErrorCode()); + + String cause = ece.getErrorCodeMessage(); + if (ece.hasExternalErrorMessage()) + { + cause = ece.getExternalErrorCode() + ": " + ece.getExternalErrorMessage(); + } + request.setAttribute("cause", cause); + + if (pe instanceof PlaceholderException) + { + PlaceholderException phe = (PlaceholderException) ece; + + request.setAttribute("cause", "Der Platzhalter des Feldes " + phe.getField() + " ist um " + phe.getMissing() + " Bytes zu kurz. " + ece.getErrorCodeMessage()); + } + } + else + { + request.setAttribute("error", "PresentableException"); + request.setAttribute("cause", pe.toString()); + } + } + + public void dispatchToPreview(String document_text, String connector, + String mode, String signature_type, String submit_url, + HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + request.setAttribute("document_text", document_text); + request.setAttribute("connector", connector); + request.setAttribute("mode", mode); + request.setAttribute("signature_type", signature_type); + request.setAttribute("submit_url", submit_url); + + dispatch(request, response, "/jsp/signpreview.jsp"); + } + + /** + * Formats the file name so that it is suitable for content disposition. + * + * @param file_name + * The file name. + * @return Returns the formatted file name. + */ + public static String formatFileName(String file_name) + { + File file = new File(file_name); + String file_name_only = file.getName(); + // the file_name contains \\ ==> remove them so Internet Explorer works + // correctly. + return file_name_only; + } + + /** + * Formats the file name according to the SignResult. + * + * @param file_name + * The file name. + * @param sign_result + * The sign result. + * @return Returns the formatted file name. + */ + public static String formatFileNameForSignResult(String file_name, + SignResult sign_result) + { + String output = file_name + "_signed"; + if (sign_result.getMimeType().equals(DetachedSignator_1_0_0.MIME_TYPE)) + { + output += ".xml"; + } + else + { + output += ".pdf"; + } + + return output; + } + + /** + * Returns the data in the SignResult with proper content disposition. + * + * @param si + * SessionInformation. + * @param response + * The servlet response. + * @throws IOException + * The IO Exception. + */ + public static void returnSignResponse(SessionInformation si, + HttpServletResponse response) throws IOException + { + SignResult sign_result = si.sign_result; + + String file_name = formatFileNameForSignResult(si.filename, sign_result); + + // The name parameter is actually deprecated in favour of + // Content-Disposition filename + // Unfortunately Acrobat reader does recognize neither of these parameters + // with its inline save-as. It always takes the page name. + response.setContentType(sign_result.getMimeType() + "; name=\"" + file_name + "\""); + if (si.download_inline) + { + response.addHeader("Content-Disposition", "inline; filename=\"" + file_name + "\""); + } + else + { + response.addHeader("Content-Disposition", "attachment; filename=\"" + file_name + "\""); + } + response.getOutputStream().write(sign_result.getData()); + + } + + protected static class UploadedData + { + protected boolean preview = false; + + protected boolean download_inline = false; + + protected String sig_type = null; + + protected String sig_app = null; + + protected String sig_mode = null; + + protected String file_name = null; + + protected byte[] pdf = null; + } +} \ No newline at end of file diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java new file mode 100644 index 0000000..98f582e --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java @@ -0,0 +1,708 @@ +/** + * Copyright (c) 2006 by Know-Center, Graz, Austria + * + * This software is the confidential and proprietary information of Know-Center, + * Graz, Austria. You shall not disclose such Confidential Information and shall + * use it only in accordance with the terms of the license agreement you entered + * into with Know-Center. + * + * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF + * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR + * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY + * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. + * + * $Id: VerifyPreview.java,v 1.4 2006/10/11 07:39:13 wprinz Exp $ + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.IOException; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.fileupload.FileItem; +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; +import org.apache.log4j.Logger; + +import at.knowcenter.wag.egov.egiz.PdfAS; +import at.knowcenter.wag.egov.egiz.PdfASID; +import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; +import at.knowcenter.wag.egov.egiz.exceptions.ErrorCodeException; +import at.knowcenter.wag.egov.egiz.exceptions.InvalidIDException; +import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; +import at.knowcenter.wag.egov.egiz.pdf.BinarySignatureHolder; +import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; +import at.knowcenter.wag.egov.egiz.pdf.TextualSignatureHolder; +import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; +import at.knowcenter.wag.egov.egiz.sig.SignatureEntry; +import at.knowcenter.wag.egov.egiz.sig.SignatureObject; +import at.knowcenter.wag.egov.egiz.sig.SignatureTypes; +import at.knowcenter.wag.egov.egiz.web.FormFields; +import at.knowcenter.wag.egov.egiz.web.LocalRequestHelper; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; + +/** + * @author wprinz + */ +public class VerifyPreviewServlet extends HttpServlet +{ + /** + * SVUID. + */ + private static final long serialVersionUID = 6954343542890239109L; + + /** + * The logger. + */ + private static final Logger logger_ = ConfigLogger.getLogger(VerifyPreviewServlet.class); + + protected void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource) throws ServletException, IOException + { + response.setContentType("text/html"); + response.setCharacterEncoding("UTF-8"); + + RequestDispatcher disp = getServletContext().getRequestDispatcher(resource); + disp.forward(request, response); + } + + protected static String generateNamePrefix(int num) + { + return SIG_INPUT_PREFIX + num + "_"; + } + + // public static void formatPreview(List signature_holders, String connector, + // HttpServletRequest request, HttpServletResponse response) throws + // ServletException, IOException + // { + // response.setContentType("text/html"); + // response.setCharacterEncoding("UTF-8"); + // + // PrintWriter writer = response.getWriter(); + // + // writer.println(""); + // writer.println(""); + // writer.println(""); + // writer.println(""); + // writer.println("PDF-AS Amtssignaturen Vorschau"); + // writer.println(""); + // + // writer.println(""); + // + // writer.println(""); + // + // writer.println(""); + // writer.println("
"); + // + // writer.println("

PDF-AS Amtssignaturen

"); + // + // writer.println("
"); + // writer.println("
Vorschau: Dokument Prüfen
"); + // writer.println("
"); + // writer.println("
"); + // + // // writer.println(""); + // writer.println(""); + // + // // if (mode.equals(FormFields.VALUE_MODE_TEXTUAL)) + // // { + // // String raw_document_text = ((SignatureHolder) + // // signature_holders.get(0)).signed_text; + // // writer.println(""); + // // writer.println("
"); + // // } + // + // if (signature_holders.size() == 1) + // { + // writer.println("
Rekonstruktion der Signaturmarke:
"); + // } + // else + // { + // writer.println("
Rekonstruktion der Signaturmarken:
"); + // } + // + // // this special
is only needed because internet explorer doesn't + // // format the width of the + // // tables right when the div is not given. + // // probably this is because the table then tries to calculate the relative + // // width from the surrounding form object. + // writer.println("
"); + // int num = 0; + // Iterator it = signature_holders.iterator(); + // while (it.hasNext()) + // { + // SignatureHolder signature_holder = (SignatureHolder) it.next(); + // + // String name_prefix = generateNamePrefix(num); + // + // String input_key = name_prefix + FormFields.FIELD_RAW_DOCUMENT_TEXT; + // if (signature_holder.signature_object.isBinary()) + // { + // writer.println(""); + // } + // else + // { + // writer.println("
"); + // writer.println(""); + // writer.println("
"); + // } + // + // String html = renderRequiredKeys(signature_holder.signature_object, + // name_prefix, false); + // writer.println(html); + // + // writer.println(""); + // + // num++; + // } + // writer.println("
"); + // + // writer.println("");// + + // // FormFields.VALUE_VERIFY_WHICH_ALL + // // + + // // "\" + // // />"); + // writer.println(""); + // + // writer.println("
"); + // writer.println(""); + // writer.println("
"); + // + // writer.println("zurück"); + // + // writer.println("
"); + // writer.println(""); + // + // writer.println(""); + // + // } + + public static String renderRequiredKeysJavaScript( + SignatureObject signature_object, String name_prefix) + { + StringWriter sw = new StringWriter(); + PrintWriter writer = new PrintWriter(sw); + + String[] rkeys = SignatureTypes.REQUIRED_SIG_KEYS; + + for (int key_idx = 0; key_idx < rkeys.length; key_idx++) + { + String key = rkeys[key_idx]; + SignatureEntry entry = signature_object.getSigEntry(key); + String value = entry.getValue(); + if (SignatureTypes.SIG_ID.equals(key) && value == null) + { + continue; + } + + value = value.replaceAll("\\s", " "); + value = value.replaceAll("\\\"", "\\\""); + + String input_key = name_prefix + key; + + writer.println(" document.submitform." + input_key + ".value = \"" + value + "\";"); + } + + return sw.toString(); + } + + public static String renderRequiredKeys(SignatureObject signature_object, + String name_prefix, boolean write_value) + { + StringWriter sw = new StringWriter(); + PrintWriter writer = new PrintWriter(sw); + + writer.println(""); + + String[] rkeys = SignatureTypes.REQUIRED_SIG_KEYS; + + for (int key_idx = 0; key_idx < rkeys.length; key_idx++) + { + String key = rkeys[key_idx]; + SignatureEntry entry = signature_object.getSigEntry(key); + String caption = entry.getCaption(); + String value = entry.getValue(); + if (SignatureTypes.SIG_ID.equals(key) && value == null) + { + continue; + } + + writer.println(" "); + writer.println(" "); + writer.println(" "); + writer.println(" "); + } + writer.println("
" + caption + ":"); + + value = value.replaceAll("\\s", " "); + value = value.replaceAll("\\\"", "\\\""); + + String input_key = name_prefix + key; + writer.println(" "); + + writer.println("
"); + + return sw.toString(); + } + + public static String renderRequiredKeysText(SignatureObject signature_object) + { + StringWriter sw = new StringWriter(); + PrintWriter writer = new PrintWriter(sw); + + String title = "alte PDF-AS Signatur"; + try + { + PdfASID kz = signature_object.getKZ(); + if (kz != null) + { + title = kz.toString(); + } + } + catch (InvalidIDException e) + { + e.printStackTrace(); + } + writer.println("
Signatur: " + title + "
"); + writer.println(""); + + // just render useful information + String[] rkeys = { SignatureTypes.SIG_DATE, SignatureTypes.SIG_ISSUER, + SignatureTypes.SIG_NUMBER }; // SignatureTypes.REQUIRED_SIG_KEYS; + + for (int key_idx = 0; key_idx < rkeys.length; key_idx++) + { + String key = rkeys[key_idx]; + SignatureEntry entry = signature_object.getSigEntry(key); + String caption = entry.getCaption(); + String value = entry.getValue(); + if (SignatureTypes.SIG_ID.equals(key) && value == null) + { + continue; + } + + writer.println(" "); + writer.println(" "); + writer.println(" "); + writer.println(" "); + } + writer.println("
" + caption + ":"); + + value = value.replaceAll("\\s", " "); + value = value.replaceAll("\\\"", "\\\""); + + writer.println(" " + value); + + writer.println("
"); + + return sw.toString(); + } + + protected void dispatchToResults(List results, HttpServletRequest request, + HttpServletResponse response, boolean backbutton) throws ServletException, IOException + { + request.setAttribute("results", results); + request.setAttribute("backbutton", backbutton ? "true" : "false"); + dispatch(request, response, "/jsp/results.jsp"); + } + + // public static void formatVerifyResults(List results, + // HttpServletResponse response) throws IOException, SettingNotFoundException + // { + // response.setContentType("text/html"); + // response.setCharacterEncoding("UTF-8"); + // + // PrintWriter writer = response.getWriter(); + // + // writer.println(""); + // writer.println(""); + // writer.println(""); + // writer.println(""); + // writer.println("PDF-AS Amtssignaturen Resultat"); + // writer.println(""); + // writer.println(""); + // + // writer.println(""); + // writer.println("
"); + // + // writer.println("

PDF-AS Amtssignaturen

"); + // + // writer.println("
"); + // writer.println("
Resultat
"); + // writer.println("
"); + // + // Iterator it = results.iterator(); + // while (it.hasNext()) + // { + // SignatureResponse result = (SignatureResponse) it.next(); + // formatSignatureResponse(result, writer); + // + // if (it.hasNext()) + // { + // writer.println("
"); + // } + // } + // + // writer.println("
"); + // writer.println("
"); + // + // writer.println("zurück"); + // + // writer.println("
"); + // writer.println(""); + // + // writer.println(""); + // + // } + // + // public static void formatSignatureResponse(SignatureResponse result, + // PrintWriter writer) throws SettingNotFoundException + // { + // writer.println("
Zertifikat"); + // writer.println(""); + // writer.println(" "); + // writer.println(" "); + // writer.println(" "); + // List public_properties = result.getPublicProperties(); + // Iterator it = public_properties.iterator(); + // while (it.hasNext()) + // { + // String public_property = (String) it.next(); + // writer.println(" "); + // } + // + // writer.println(" "); + // + // writer.println("
Signator:" + + // result.getX509SubjectName() + "
Aussteller:" + + // result.getX509IssuerName() + "
Seriennummer:" + + // result.getX509SerialNumber() + "
Eigenschaft:" + + // public_property + "
Zertifikat:" + result.getCertificateCheckInfo() + // + "
"); + // writer.println("
"); + // writer.println("
Signatur-Check"); + // writer.println("
" + result.getSignatureCheckInfo() + "
"); + // writer.println("
"); + // writer.println("
Manifest-Check"); + // writer.println("
" + + // result.getSignatureManifestCheckInfo() + "
"); + // writer.println("
"); + // } + + /** + * Form field name prefix for signature table names + */ + public static final String SIG_INPUT_PREFIX = "sig_inp_"; + + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + SessionInformation si = null; + HttpSession session = null; + try + { + session = request.getSession(false); + // String session_id_string = request.getParameter("session"); + if (session == null) + { + throw new ErrorCodeException(600, "The session is missing."); + } + + si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); + // long session_id = Long.parseLong(session_id_string); + // si = SessionTable.get(session_id); + if (si == null) + { + throw new ErrorCodeException(600, "The session is not found or is no longer valid."); + } + + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + + return; + } + + try + { + + int verify_which = -1; + boolean preview = false; + + { + String str_verify_which = request.getParameter(FormFields.FIELD_VERIFY_WHICH); + logger_.debug("verify_which = " + str_verify_which); + if (str_verify_which.equals(FormFields.VALUE_VERIFY_WHICH_ALL)) + { + verify_which = -1; + } + else + { + verify_which = Integer.parseInt(str_verify_which); + } + logger_.debug("verify_which = " + verify_which); + } + + { + String preview_string = request.getParameter(FormFields.FIELD_PREVIEW); + if (preview_string.equals("true")) + { + preview = true; + } + } + + List holders_to_verify = si.signature_holders; + + if (verify_which >= 0) + { + if (verify_which >= si.signature_holders.size()) + { + throw new SignatureException(312, "The selected signature to be verified doesn't exist."); + } + + SignatureHolder holder = (SignatureHolder) si.signature_holders.get(verify_which); + holders_to_verify = new ArrayList(); + holders_to_verify.add(holder); + + if (preview == true) + { + if (holder instanceof BinarySignatureHolder) + { + BinarySignatureHolder binary_holder = (BinarySignatureHolder) holder; + response.setContentType("application/pdf"); + response.getOutputStream().write(binary_holder.getSignedPdf(), 0, binary_holder.getSignedPdfLength()); + } + else + // if (holder.getSignatureObject().isTextual()) + { + // formatPreview(holders_to_verify, si.connector, request, + // response); + request.setAttribute(FormFields.FIELD_VERIFY_WHICH, new Integer(verify_which)); + dispatch(request, response, "/jsp/verifypreview.jsp"); + } + + return; + } + + } + + if (ConnectorFactory.isConnectorLocal(si.connector)) + { + String dispatch_to = LocalRequestHelper.processLocalVerify(si, holders_to_verify, request, response); + dispatch(request, response, dispatch_to); + return; + } + + List results = PdfAS.verifySignatureHolders(holders_to_verify, si.connector); + boolean backbutton = true; + if (verify_which >= 0) + { + backbutton = false; + } + dispatchToResults(results, request, response, backbutton); + + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + } + + protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + SessionInformation si = null; + HttpSession session = null; + try + { + session = request.getSession(false); + // String session_id_string = request.getParameter("session"); + if (session == null) + { + throw new ErrorCodeException(600, "The session is missing."); + } + + si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); + // long session_id = Long.parseLong(session_id_string); + // si = SessionTable.get(session_id); + if (si == null) + { + throw new ErrorCodeException(600, "The session is not found or is no longer valid."); + } + + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + + return; + } + + DiskFileItemFactory fif = new DiskFileItemFactory(); + fif.setRepository(SettingsReader.getTemporaryDirectory()); + ServletFileUpload sfu = new ServletFileUpload(fif); + + try + { + String text_to_be_verified = null; + SignatureObject signature_object = new SignatureObject(); + + String default_type = SettingsReader.getInstance().getValueFromKey(SignatureTypes.DEFAULT_TYPE); + signature_object.setSigType(default_type); + signature_object.initByType(); + + int verify_which = -1; + boolean verify = false; + + List items = sfu.parseRequest(request); + + Iterator it = items.iterator(); + while (it.hasNext()) + { + FileItem item = (FileItem) it.next(); + logger_.debug("item = " + item.getFieldName()); + + if (item.getFieldName().equals(FormFields.FIELD_RAW_DOCUMENT_TEXT)) + { + String raw_document_text = item.getString("UTF-8"); + text_to_be_verified = PdfAS.normalizeText(raw_document_text); + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_VERIFY_WHICH)) + { + String which_str = item.getString("UTF-8"); + verify_which = Integer.parseInt(which_str); + continue; + } + + if (item.getFieldName().equals("verify")) + { + if (item.getString("UTF-8").equals("true")) + { + verify = true; + } + continue; + } + + String key = item.getFieldName(); + String value = item.getString("UTF-8"); + + signature_object.setSigValue(key, value); + logger_.debug("sig_obj_number" + key + " = " + value); + } + + SignatureHolder new_holder = new TextualSignatureHolder(text_to_be_verified, signature_object); + si.signature_holders.set(verify_which, new_holder); + + if (verify == false) + { + dispatch(request, response, "/dataok.html"); + return; + } + + List holders_to_verify = si.signature_holders; + + if (verify_which >= 0) + { + if (verify_which >= si.signature_holders.size()) + { + throw new SignatureException(312, "The selected signature to be verified doesn't exist."); + } + + SignatureHolder holder = (SignatureHolder) si.signature_holders.get(verify_which); + holders_to_verify = new ArrayList(); + holders_to_verify.add(holder); + } + + if (ConnectorFactory.isConnectorLocal(si.connector)) + { + String dispatch_to = LocalRequestHelper.processLocalVerify(si, holders_to_verify, request, response); + dispatch(request, response, dispatch_to); + return; + } + + List results = PdfAS.verifySignatureHolders(holders_to_verify, si.connector); + dispatchToResults(results, request, response, true); + } + catch (FileUploadException e) + { + request.setAttribute("error", "Fehler beim Upload der Daten"); + request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten."); + dispatch(request, response, "/jsp/error.jsp"); + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + + } +} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java new file mode 100644 index 0000000..ee20498 --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java @@ -0,0 +1,334 @@ +/* + * Copyright (c) 2006 by Know-Center, Graz, Austria + * + * This software is the confidential and proprietary information of Know-Center, + * Graz, Austria. You shall not disclose such Confidential Information and shall + * use it only in accordance with the terms of the license agreement you entered + * into with Know-Center. + * + * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF + * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR + * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY + * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. + * + * $Id: Verify.java,v 1.7 2006/10/11 07:39:13 wprinz Exp $ + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URL; +import java.util.Iterator; +import java.util.List; +import java.util.Properties; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.fileupload.FileItem; +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.log4j.Logger; + +import at.knowcenter.wag.egov.egiz.PdfAS; +import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; +import at.knowcenter.wag.egov.egiz.exceptions.ConnectorFactoryException; +import at.knowcenter.wag.egov.egiz.exceptions.NormalizeException; +import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException; +import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; +import at.knowcenter.wag.egov.egiz.exceptions.SignatureTypesException; +import at.knowcenter.wag.egov.egiz.framework.VerificationFilter; +import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; +import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; +import at.knowcenter.wag.egov.egiz.sig.SignatureData; +import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl; +import at.knowcenter.wag.egov.egiz.sig.SignatureObject; +import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.LocRefDetachedBKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject; +import at.knowcenter.wag.egov.egiz.tools.CodingHelper; +import at.knowcenter.wag.egov.egiz.web.FormFields; +import at.knowcenter.wag.egov.egiz.web.LocalRequest; +import at.knowcenter.wag.egov.egiz.web.LocalRequestHelper; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; +import at.knowcenter.wag.egov.egiz.web.servlets.SignServlet.UploadedData; + +/** + * This method is the verify servlet for the pdf-as web application. It takes + * get and post requests fill out jsp templates and give the user feedback about + * the results of the verify process. + * + * @author wlackner + * @author wprinz + */ +public class VerifyServlet extends HttpServlet +{ + + /** + * SVUID. + */ + private static final long serialVersionUID = 309198792358636766L; + + /** + * The log. + */ + private static Log log = LogFactory.getLog(SignServlet.class); + + protected void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource) throws ServletException, IOException + { + response.setContentType("text/html"); //$NON-NLS-1$ + response.setCharacterEncoding("UTF-8"); //$NON-NLS-1$ + + RequestDispatcher disp = getServletContext().getRequestDispatcher(resource); + disp.forward(request, response); + } + + protected void dispatchToResults(List results, HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException + { + request.setAttribute("results", results); //$NON-NLS-1$ + dispatch(request, response, "/jsp/results.jsp"); //$NON-NLS-1$ + } + + /** + * Processes the verify upload. + * + * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest, + * javax.servlet.http.HttpServletResponse) + */ + public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + try + { + UploadedData ud = retrieveUploadedDataFromRequest(request); + + List signature_holders = extractSignatureHoldersFromFile(ud.file_name, ud.file_data); + + SessionInformation si = new SessionInformation(); // SessionTable.generateSessionInformationObject(); + si.connector = ud.sig_app; + si.application = "verify"; + si.mode = null; + si.pdf = null; + si.type = null; + si.user_name = null; + si.user_password = null; + + si.signature_holders = signature_holders; + + request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si); + + if (ud.preview) + { + dispatch(request, response, "/jsp/verifylist.jsp"); + // VerifyPreview.formatPreview(signature_holders, connector, request, + // response); + } + else + { + if (ConnectorFactory.isConnectorLocal(si.connector)) + { + String dispatch_to = LocalRequestHelper.processLocalVerify(si, si.signature_holders, request, response); + dispatch(request, response, dispatch_to); + return; + } + + List results = PdfAS.verifySignatureHolders(signature_holders, si.connector); + dispatchToResults(results, request, response); + } + + } + catch (FileUploadException e) + { + request.setAttribute("error", "Fehler beim Upload der Daten"); + request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten."); + dispatch(request, response, "/jsp/error.jsp"); + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + + } + + protected UploadedData retrieveUploadedDataFromRequest( + HttpServletRequest request) throws ServletException, UnsupportedEncodingException, FileUploadException, PDFDocumentException + { + DiskFileItemFactory fif = new DiskFileItemFactory(); + fif.setRepository(SettingsReader.getTemporaryDirectory()); + ServletFileUpload sfu = new ServletFileUpload(fif); + + List items = sfu.parseRequest(request); + + FileItem upload_fi = null; + FileItem connector_fi = null; + // FileItem mode_fi = null; + FileItem preview_fi = null; + + { + Iterator it = items.iterator(); + while (it.hasNext()) + { + FileItem item = (FileItem) it.next(); + log.debug("item = " + item.getFieldName()); //$NON-NLS-1$ + + if (item.isFormField()) + { + String item_string = item.getString("UTF-8"); //$NON-NLS-1$ + log.debug(" form field string = " + item_string); //$NON-NLS-1$ + } + else + { + log.debug(" filename = " + item.getName()); //$NON-NLS-1$ + log.debug(" filesize = " + item.getSize()); //$NON-NLS-1$ + } + + if (item.getFieldName().equals(FormFields.FIELD_UPLOAD)) + { + upload_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR)) + { + connector_fi = item; + continue; + } + + // if (item.getFieldName().equals(FormFields.FIELD_MODE)) + // { + // mode_fi = item; + // continue; + // } + + if (item.getFieldName().equals(FormFields.FIELD_PREVIEW)) + { + preview_fi = item; + continue; + } + + throw new ServletException("unrecognized POST data."); //$NON-NLS-1$ + } + } + + if (upload_fi == null || connector_fi == null || /* mode_fi == null || */preview_fi == null) + { + throw new ServletException("Unsufficient data provided in request."); //$NON-NLS-1$ + } + + String connector = connector_fi.getString("UTF-8"); //$NON-NLS-1$ + + // String mode = mode_fi.getString("UTF-8"); + // if (!mode.equals(FormFields.VALUE_MODE_BINARY) && + // !mode.equals(FormFields.VALUE_MODE_TEXTUAL)) + // { + // throw new ServletException("The mode '" + mode + "' is unrecognized."); + // } + + String preview_str = preview_fi.getString("UTF-8"); //$NON-NLS-1$ + if (!preview_str.equals(FormFields.VALUE_TRUE) && !preview_str.equals(FormFields.VALUE_FALSE)) + { + throw new ServletException("The preview '" + preview_str + "' is unrecognized."); //$NON-NLS-1$//$NON-NLS-2$ + } + boolean preview = false; + if (preview_str.equals(FormFields.VALUE_TRUE)) + { + preview = true; + } + + // process the request + log.debug("file content type =" + upload_fi.getContentType()); //$NON-NLS-1$ + log.debug("file size = " + upload_fi.getSize()); //$NON-NLS-1$ + if (upload_fi.getSize() <= 0) + { + throw new PDFDocumentException(250, "The document is empty."); //$NON-NLS-1$ + } + byte[] document_bytes = upload_fi.get(); + + UploadedData ud = new UploadedData(); + ud.preview = preview; + ud.sig_app = connector; + ud.file_name = upload_fi.getName(); + ud.file_data = document_bytes; + + return ud; + } + + protected List extractSignatureHoldersFromFile (String file_name, byte [] data) throws UnsupportedEncodingException, PresentableException + { + VerificationFilter vf = new VerificationFilter(); + List signature_holders = null; + + String extension = extractExtension(file_name); + + String raw_text = null; + if (file_name == null || (extension != null && extension.equals("txt"))) //$NON-NLS-1$ + { + raw_text = new String(data, "UTF-8"); //$NON-NLS-1$ + signature_holders = vf.extractSignaturesFromPlainText(raw_text); + } + else + { + signature_holders = vf.extractSignaturesFromPdf(data); + } + + if (signature_holders.size() == 0) + { + throw new PDFDocumentException(206, "PDF document not signed."); //$NON-NLS-1$ + } + + return signature_holders; + } + + /** + * Extracts the extension from a file name string. + * + *

+ * The extension of a file name is whatever text follows the last '.'. + *

+ * + * @param file_name + * The file name. + * @return Returns the extension. If the file name ends with the '.', then an + * empty string is returned. If the file name doesn't contain any '.' + * or file_name is null, null is returned. + */ + public static String extractExtension(String file_name) + { + if (file_name == null) + { + return null; + } + + int dot_index = file_name.lastIndexOf('.'); + if (dot_index < 0) + { + return null; + } + return file_name.substring(dot_index + 1); + } + + protected static class UploadedData + { + protected boolean preview = false; + + protected String sig_app = null; + + protected String file_name = null; + + protected byte[] file_data = null; + } +} \ No newline at end of file -- cgit v1.2.3