From 527484bcc0a65c61d50209849f7b3db34f0128f7 Mon Sep 17 00:00:00 2001 From: knowcenter Date: Thu, 17 May 2007 15:28:32 +0000 Subject: web git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@87 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../egiz/web/AsynchronousRedirectResponder.java | 7 +- .../knowcenter/wag/egov/egiz/web/FormFields.java | 2 +- .../wag/egov/egiz/web/LocalRequestHelper.java | 191 ++++-- .../egov/egiz/web/PdfASServletContextListener.java | 4 +- .../java/at/knowcenter/wag/egov/egiz/web/Sign.java | 544 ---------------- .../knowcenter/wag/egov/egiz/web/SignPreview.java | 105 --- .../at/knowcenter/wag/egov/egiz/web/Verify.java | 285 --------- .../wag/egov/egiz/web/VerifyPreview.java | 704 -------------------- .../wag/egov/egiz/web/servlets/DataURLServlet.java | 199 ++++++ .../web/servlets/RetrieveSignatureDataServlet.java | 100 +++ .../egov/egiz/web/servlets/SignPreviewServlet.java | 94 +++ .../wag/egov/egiz/web/servlets/SignServlet.java | 576 +++++++++++++++++ .../egiz/web/servlets/VerifyPreviewServlet.java | 708 +++++++++++++++++++++ .../wag/egov/egiz/web/servlets/VerifyServlet.java | 334 ++++++++++ 14 files changed, 2168 insertions(+), 1685 deletions(-) delete mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/Sign.java delete mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/SignPreview.java delete mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/Verify.java delete mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/VerifyPreview.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignPreviewServlet.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java create mode 100644 src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/web') diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/AsynchronousRedirectResponder.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/AsynchronousRedirectResponder.java index b98c83e..58d0773 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/AsynchronousRedirectResponder.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/AsynchronousRedirectResponder.java @@ -39,6 +39,7 @@ import at.knowcenter.wag.egov.egiz.framework.SignatorFactory; import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; import at.knowcenter.wag.egov.egiz.sig.SignatureResponse; import at.knowcenter.wag.egov.egiz.sig.connectors.BKUConnector; +import at.knowcenter.wag.egov.egiz.web.servlets.SignServlet; /** * Servlet that responds to the redirect requests of the local service (e.g. @@ -111,7 +112,7 @@ public class AsynchronousRedirectResponder extends HttpServlet catch (PresentableException e) { e.printStackTrace(); - Sign.prepareDispatchToErrorPage(e, request); + SignServlet.prepareDispatchToErrorPage(e, request); dispatch(request, response, "/jsp/error.jsp"); return; @@ -185,7 +186,7 @@ public class AsynchronousRedirectResponder extends HttpServlet si.sign_result = signator.finishSign(si.iui); } - Sign.returnSignResponse(si, response); + SignServlet.returnSignResponse(si, response); } } @@ -195,7 +196,7 @@ public class AsynchronousRedirectResponder extends HttpServlet //SessionTable.remove(si.session_id); e.printStackTrace(); - Sign.prepareDispatchToErrorPage(e, request); + SignServlet.prepareDispatchToErrorPage(e, request); dispatch(request, response, "/jsp/error.jsp"); } diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java index 6331a54..2285cc6 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java @@ -84,7 +84,7 @@ public abstract class FormFields * The signator mode form field. * @return Returns the corresponding PDFASID. */ - protected static PdfASID translateSignatureModeToPdfASID(String signature_mode) + public static PdfASID translateSignatureModeToPdfASID(String signature_mode) { if (signature_mode.equals(VALUE_MODE_BINARY)) { diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java index 2008fdc..723bc90 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java @@ -32,7 +32,13 @@ import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; -import at.knowcenter.wag.egov.egiz.sig.LocalConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; +import at.knowcenter.wag.egov.egiz.sig.SignatureData; +import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl; +import at.knowcenter.wag.egov.egiz.sig.SignatureObject; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.LocRefDetachedBKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject; +import at.knowcenter.wag.egov.egiz.tools.CodingHelper; /** * Contains commonly used helper functions for the local request procedure. @@ -41,16 +47,21 @@ import at.knowcenter.wag.egov.egiz.sig.LocalConnector; */ public abstract class LocalRequestHelper { + /** + * The resource of the null request page jsp. + */ + public static final String NULL_REQUEST_PAGE_JSP = "/jsp/null_request_page.jsp"; + /** * The resource of the local connection page jsp. */ public static final String LOCAL_CONNECTION_PAGE_JSP = "/jsp/local_connection_page.jsp"; - + /** * The resource of the redirect refresh page jsp. */ public static final String REDIRECT_REFRESH_PAGE_JSP = "/jsp/redirect_refresh_page.jsp"; - + /** * Sets up the local sign procedure. * @@ -61,40 +72,72 @@ public abstract class LocalRequestHelper * @throws PresentableException * Forwarded exception. */ - public static void processLocalSign(SessionInformation si, + public static String processLocalSign(SessionInformation si, HttpServletRequest request, HttpServletResponse response) throws IOException, PresentableException { - LocalConnector local_conn = (LocalConnector) ConnectorFactory.createConnector(si.connector); - - - // FIXME refactor WEB - String document_text = "fixme"; //si.iui.document_text; - String request_string = local_conn.prepareSignRequest(si.user_name, document_text, si.type); - String request_url = local_conn.getSignURL(si.type); - - LocalRequest local_request = new LocalRequest(request_url, request_string); - List local_requests = new ArrayList(); - local_requests.add(local_request); + String host = request.getServerName(); // "129.27.153.77" + URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); + String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); - // ByteArrayOutputStream baos = new ByteArrayOutputStream(); - // ObjectOutputStream oos = new ObjectOutputStream(baos); - // oos.writeObject(local_requests); - // oos.close(); - // baos.close(); + LocalConnector c = new LocRefDetachedBKUConnector(si.type, loc_ref_url); + String sign_request = c.prepareSignRequest(si.iui.signature_data); + // TODO local URL + String local_request_url = "http://127.0.0.1:3495/http-security-layer-request"; si.requests = new LocalRequest[1]; - si.requests[0] = new LocalRequest(local_conn.getSignURL(si.type), request_string); + si.requests[0] = new LocalRequest(local_request_url, sign_request); si.current_operation = 0; si.response_properties = new Properties[1]; si.response_properties[0] = null; - // SessionTable.put(si); - request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si); + URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL"); + String data_url = response.encodeURL(data_URL.toString()); - // byte [] requests_bytes = baos.toByteArray(); - // String base64 = CodingHelper.encodeBase64(requests_bytes); + request.setAttribute("local_request_url", local_request_url); + request.setAttribute("data_url", data_url); - LocalRequestHelper.prepareDispatchToLocalConnectionPage(si.requests[0], request, response); + return NULL_REQUEST_PAGE_JSP; + + + // TODO make better + // + // LocalConnector local_conn = (LocalConnector) + // ConnectorFactory.createConnector(si.connector); + // + // + // // FIXME refactor WEB + // String document_text = "fixme"; //si.iui.document_text; + // String request_string = local_conn.prepareSignRequest(si.user_name, + // document_text, si.type); + // String request_url = local_conn.getSignURL(si.type); + // + // LocalRequest local_request = new LocalRequest(request_url, + // request_string); + // List local_requests = new ArrayList(); + // local_requests.add(local_request); + // + // // ByteArrayOutputStream baos = new ByteArrayOutputStream(); + // // ObjectOutputStream oos = new ObjectOutputStream(baos); + // // oos.writeObject(local_requests); + // // oos.close(); + // // baos.close(); + // + // si.requests = new LocalRequest[1]; + // si.requests[0] = new LocalRequest(local_conn.getSignURL(si.type), + // request_string); + // si.current_operation = 0; + // si.response_properties = new Properties[1]; + // si.response_properties[0] = null; + // + // // SessionTable.put(si); + // request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, + // si); + // + // // byte [] requests_bytes = baos.toByteArray(); + // // String base64 = CodingHelper.encodeBase64(requests_bytes); + // + // LocalRequestHelper.prepareDispatchToLocalConnectionPage(si.requests[0], + // request, response); } /** @@ -102,6 +145,8 @@ public abstract class LocalRequestHelper * * @param response * The HttpServletResponse the local request page is written to. + * @return Returns the JSP location where the calling servlet should dispatch + * to. * @throws SignatureException * Forwarded exception. * @throws NormalizeException @@ -111,7 +156,7 @@ public abstract class LocalRequestHelper * @throws ConnectorFactoryException * Forwarded exception. */ - public static void processLocalVerify(SessionInformation si, + public static String processLocalVerify(SessionInformation si, List holders_to_verify, HttpServletRequest request, HttpServletResponse response) throws SignatureException, NormalizeException, IOException, ConnectorFactoryException { @@ -120,36 +165,98 @@ public abstract class LocalRequestHelper si.current_operation = 0; si.finished = false; - request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si); - // SessionTable.put(si); + String host = request.getServerName(); + URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); + String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); - LocalConnector local_conn = (LocalConnector) ConnectorFactory.createConnector(si.connector); + LocalConnector local_conn = new LocRefDetachedBKUConnector(si.type, loc_ref_url); for (int i = 0; i < si.requests.length; i++) { SignatureHolder holder = (SignatureHolder) holders_to_verify.get(i); + SignatureObject s = holder.getSignatureObject(); + + // TODO This whole processing is unnecessary here because only the mime + // type is used. String text_to_be_verified = holder.getSignedText(); - // Normalizer normalizer = new Normalizer(); - // String normalized = normalizer.normalize(holder.signed_text); + SignatureData sd = null; + if (holder.getSignatureObject().isBinary()) + { + byte[] data = CodingHelper.decodeBase64(text_to_be_verified); + sd = new SignatureDataImpl(data, "application/pdf"); + } + else + { + sd = new SignatureDataImpl(text_to_be_verified.getBytes("UTF-8"), "text/plain", "UTF-8"); + } + + SignSignatureObject so = new SignSignatureObject(); + so.date = s.getSignationDate(); + so.signatureValue = s.getSignationValue(); + so.issuer = s.getSignationIssuer(); + so.x509Certificate = s.getX509Cert().getX509Certificate(); + so.id = s.getSignationIds(); + so.kz = s.getKZ().toString(); - String request_string = local_conn.prepareVerifyRequest(text_to_be_verified, holder.getSignatureObject()); + String request_string = local_conn.prepareVerifyRequest(sd, so); - LocalRequest local_request = new LocalRequest(local_conn.getVerifyURL(holder.getSignatureObject().getSignationType()), request_string); + LocalRequest local_request = new LocalRequest("not-needed", request_string); si.requests[i] = local_request; si.response_properties[i] = null; } - // ByteArrayOutputStream baos = new ByteArrayOutputStream(); - // ObjectOutputStream oos = new ObjectOutputStream(baos); - // oos.writeObject(local_requests); - // oos.close(); - // baos.close(); + String local_request_url = "http://127.0.0.1:3495/http-security-layer-request"; + + URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL"); + String data_url = response.encodeURL(data_URL.toString()); + + request.setAttribute("local_request_url", local_request_url); + request.setAttribute("data_url", data_url); - // byte [] requests_bytes = baos.toByteArray(); - // String base64 = CodingHelper.encodeBase64(requests_bytes); + return NULL_REQUEST_PAGE_JSP; - prepareDispatchToLocalConnectionPage(si.requests[0], request, response); + // si.requests = new LocalRequest[holders_to_verify.size()]; + // si.response_properties = new Properties[si.requests.length]; + // si.current_operation = 0; + // si.finished = false; + // + // request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, + // si); + // // SessionTable.put(si); + // + // LocalConnector local_conn = (LocalConnector) + // ConnectorFactory.createConnector(si.connector); + // + // for (int i = 0; i < si.requests.length; i++) + // { + // SignatureHolder holder = (SignatureHolder) holders_to_verify.get(i); + // + // String text_to_be_verified = holder.getSignedText(); + // // Normalizer normalizer = new Normalizer(); + // // String normalized = normalizer.normalize(holder.signed_text); + // + // String request_string = + // local_conn.prepareVerifyRequest(text_to_be_verified, + // holder.getSignatureObject()); + // + // LocalRequest local_request = new + // LocalRequest(local_conn.getVerifyURL(holder.getSignatureObject().getSignationType()), + // request_string); + // si.requests[i] = local_request; + // si.response_properties[i] = null; + // } + // + // // ByteArrayOutputStream baos = new ByteArrayOutputStream(); + // // ObjectOutputStream oos = new ObjectOutputStream(baos); + // // oos.writeObject(local_requests); + // // oos.close(); + // // baos.close(); + // + // // byte [] requests_bytes = baos.toByteArray(); + // // String base64 = CodingHelper.encodeBase64(requests_bytes); + // + // prepareDispatchToLocalConnectionPage(si.requests[0], request, response); } /** diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java index 4412c21..0fafca4 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java @@ -24,6 +24,7 @@ import javax.servlet.ServletContextEvent; import javax.servlet.ServletContextListener; import org.apache.log4j.Logger; +import org.apache.log4j.PropertyConfigurator; import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; @@ -73,7 +74,8 @@ public class PdfASServletContextListener implements ServletContextListener } SettingsReader.initializeForWeb(base_dir); - + PropertyConfigurator.configure(SettingsReader.CONFIG_PATH + "log4j.properties"); + SettingsReader.clearTemporaryDirectory(); } diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/Sign.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/Sign.java deleted file mode 100644 index 2b1c2a4..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/Sign.java +++ /dev/null @@ -1,544 +0,0 @@ -/** - * Copyright (c) 2006 by Know-Center, Graz, Austria - * - * This software is the confidential and proprietary information of Know-Center, - * Graz, Austria. You shall not disclose such Confidential Information and shall - * use it only in accordance with the terms of the license agreement you entered - * into with Know-Center. - * - * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF - * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR - * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY - * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS - * DERIVATIVES. - * - * $Id: Sign.java,v 1.7 2006/10/11 07:39:13 wprinz Exp $ - */ -package at.knowcenter.wag.egov.egiz.web; - -import java.io.File; -import java.io.IOException; -import java.io.Serializable; -import java.util.Iterator; -import java.util.List; - -import javax.servlet.RequestDispatcher; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.commons.fileupload.FileItem; -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.fileupload.disk.DiskFileItemFactory; -import org.apache.commons.fileupload.servlet.ServletFileUpload; -import org.apache.log4j.Logger; - -import at.knowcenter.wag.egov.egiz.PdfAS; -import at.knowcenter.wag.egov.egiz.PdfASID; -import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; -import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; -import at.knowcenter.wag.egov.egiz.exceptions.ErrorCodeException; -import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException; -import at.knowcenter.wag.egov.egiz.exceptions.PlaceholderException; -import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; -import at.knowcenter.wag.egov.egiz.framework.SignResult; -import at.knowcenter.wag.egov.egiz.framework.Signator; -import at.knowcenter.wag.egov.egiz.framework.SignatorFactory; -import at.knowcenter.wag.egov.egiz.framework.signators.DetachedSignator_1_0_0; -import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; -import at.knowcenter.wag.egov.egiz.tools.CodingHelper; - -/** - * This method is the sign servlet for the pdf-as web application. It takes get - * and post requests fill out jsp templates and give the user feedback about the - * results of the sign process - * - * @author wlackner - * @author wprinz - */ -public class Sign extends HttpServlet -{ - - /** - * SVUID. - */ - private static final long serialVersionUID = -4156938216903740438L; - - /** - * Authorisation marker for the http header string. - */ - protected static final String AUTH = "authorization"; - - /** - * Authorisation marker for the http header string. - */ - protected static final String AUTH_BASIC = "Basic"; - - /** - * The logger. - */ - private static final Logger logger_ = ConfigLogger.getLogger(Sign.class); - - protected void dispatch(HttpServletRequest request, - HttpServletResponse response, String resource) throws ServletException, IOException - { - dispatch(request, response, resource, getServletContext()); - } - - protected static void dispatch(HttpServletRequest request, - HttpServletResponse response, String resource, ServletContext context) throws ServletException, IOException - { - response.setContentType("text/html"); - response.setCharacterEncoding("UTF-8"); - - RequestDispatcher disp = context.getRequestDispatcher(resource); - disp.forward(request, response); - } - - /** - * @author modified by tknall - */ - public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - String authenticate = request.getHeader(AUTH); - if (authenticate != null) - { - logger_.info("authenticate:" + authenticate); - if (authenticate.indexOf(AUTH_BASIC) == 0) - { - authenticate = authenticate.substring(AUTH_BASIC.length() + 1); - logger_.info("authenticate:" + authenticate); - authenticate = new String(CodingHelper.decodeBase64(authenticate), "UTF-8"); - logger_.info("authenticate:" + authenticate); - - String[] auth_value = authenticate.split(":"); - String user_name = auth_value[0]; - String user_password = auth_value[1]; - logger_.info("username:" + user_name); - // start modification tknall -// logger_.info("password:" + user_password); - logger_.info("password:XXXXXXXXXXXX"); - // stop modification tknall - - HttpSession session = request.getSession(); - session.setAttribute(SessionAttributes.ATTRIBUTE_USER_NAME, user_name); - session.setAttribute(SessionAttributes.ATTRIBUTE_USER_PASSWORD, user_password); - - dispatch(request, response, "/jsp/signupload.jsp"); - return; - } - // start modification tknall - } else { - String user_name = ""; - String user_password = ""; - logger_.info("authenticate:User has not been authenticated!"); - logger_.info("username: UNKNOWN"); - logger_.info("password: XXXXXXXXXXXX"); - HttpSession session = request.getSession(); - session.setAttribute("uname", user_name); - session.setAttribute("upass", user_password); - dispatch(request, response, "/jsp/signupload.jsp"); - } - -// request.setAttribute("error", "Falsche Authentifikation"); -// request.setAttribute("cause", "Passwort oder Benutzername ist falsch"); -// dispatch(request, response, "/jsp/error.jsp"); - // stop modification tknall - } - - public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - DiskFileItemFactory fif = new DiskFileItemFactory(); - fif.setRepository(SettingsReader.getTemporaryDirectory()); - ServletFileUpload sfu = new ServletFileUpload(fif); - - try - { - List items = sfu.parseRequest(request); - - FileItem preview_fi = null; - FileItem sig_type_fi = null; - FileItem sig_app_fi = null; - FileItem mode_fi = null; - FileItem file_upload_fi = null; - FileItem download_fi = null; - - Iterator it = items.iterator(); - while (it.hasNext()) - { - FileItem item = (FileItem) it.next(); - logger_.debug("item = " + item.getFieldName()); - - if (item.isFormField()) - { - byte[] item_data = item.get(); - String item_string = new String(item_data, "UTF-8"); - logger_.debug(" form field string = " + item_string); - } - else - { - logger_.debug(" filename = " + item.getName()); - logger_.debug(" filesize = " + item.getSize()); - } - - if (item.getFieldName().equals(FormFields.FIELD_PREVIEW)) - { - preview_fi = item; - continue; - } - - if (item.getFieldName().equals(FormFields.FIELD_SIGNATURE_TYPE)) - { - sig_type_fi = item; - continue; - } - - if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR)) - { - sig_app_fi = item; - continue; - } - - if (item.getFieldName().equals(FormFields.FIELD_MODE)) - { - mode_fi = item; - continue; - } - - if (item.getFieldName().equals(FormFields.FIELD_UPLOAD)) - { - file_upload_fi = item; - continue; - } - - if (item.getFieldName().equals(FormFields.FIELD_DOWNLOAD)) - { - download_fi = item; - continue; - } - - throw new ServletException("unrecognized POST data."); - - } - - if (preview_fi == null || sig_type_fi == null || sig_app_fi == null || file_upload_fi == null || download_fi == null) - { - throw new ServletException("Unsufficient data provided in request"); - } - - String mode = mode_fi.getString("UTF-8"); - if (!mode.equals(FormFields.VALUE_MODE_BINARY) && !mode.equals(FormFields.VALUE_MODE_TEXTUAL) && !mode.equals(FormFields.VALUE_MODE_DETACHED)) - { - throw new ServletException("The mode '" + mode + "' is unrecognized."); - } - - String preview_str = preview_fi.getString("UTF-8"); - boolean preview = false; - if (preview_str.equals("true")) - { - preview = true; - } - - boolean download_inline = true; - if (download_fi.getString("UTF-8").equals(FormFields.VALUE_DOWNLOAD_ATTACHMENT)) - { - download_inline = false; - } - - String sig_type = sig_type_fi.getString("UTF-8"); - String connector = sig_app_fi.getString("UTF-8"); - - String doc_file_name = file_upload_fi.getName(); - logger_.debug(" file content type =" + file_upload_fi.getContentType()); - - String extension = Verify.extractExtension(doc_file_name); - if (extension != null && !extension.equals("pdf")) - { - throw new PDFDocumentException(201, "The provided file '" + doc_file_name + "' doesn't have the PDF extension (.pdf)."); - } - - byte[] pdf = file_upload_fi.get(); - if (file_upload_fi.getSize() <= 0) - { - throw new PDFDocumentException(250, "The document is empty."); - } - PdfAS.applyStrictMode(pdf); - - String user_name = (String) request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_NAME); - String user_password = (String) request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_PASSWORD); - - SessionInformation si = new SessionInformation(); // SessionTable.generateSessionInformationObject(); - si.connector = connector; - si.application = "sign"; - si.mode = mode; - si.pdf = pdf; - si.type = sig_type; - si.user_name = user_name; - si.user_password = user_password; - si.filename = formatFileName(file_upload_fi.getName()); - si.download_inline = download_inline; - - prepareSign(si); - - if (preview) - { - request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si); - - String submit_url = response.encodeURL(request.getContextPath() + "/SignPreview"); - - request.setAttribute("submit_url", submit_url); - - dispatch(request, response, "/jsp/signpreview.jsp"); - - return; - } - - finishSign(si, request, response, getServletContext()); - } - catch (FileUploadException e) - { - request.setAttribute("error", "Fehler beim Upload der Daten"); - request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten."); - dispatch(request, response, "/jsp/error.jsp"); - } - catch (PresentableException e) - { - e.printStackTrace(); - prepareDispatchToErrorPage(e, request); - dispatch(request, response, "/jsp/error.jsp"); - } - } - - public static void prepareSign(SessionInformation si) throws PresentableException - { - PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode); - Signator signator = SignatorFactory.createSignator(algorithm); - si.iui = signator.prepareSign(si.pdf, si.type, null, ConnectorFactory.needsSIG_ID(si.connector)); - } - - public static void finishSign(SessionInformation si, - HttpServletRequest request, HttpServletResponse response, ServletContext context) throws PresentableException, IOException, ServletException - { - if (ConnectorFactory.isConnectorLocal(si.connector)) - { - LocalRequestHelper.processLocalSign(si, request, response); - dispatch(request, response, LocalRequestHelper.LOCAL_CONNECTION_PAGE_JSP, context); - return; - } - - PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode); - Signator signator = SignatorFactory.createSignator(algorithm); - - // FIXME refactor WEB - si.iui.signed_signature_object = null; //PdfAS.sign(si.iui.document_text, si.type, si.connector, si.user_name, si.user_password); - - si.sign_result = signator.finishSign(si.iui); - - returnSignResponse(si, response); - } - - public static void prepareDispatchToErrorPage(PresentableException pe, - HttpServletRequest request) - { - if (pe instanceof ErrorCodeException) - { - ErrorCodeException ece = (ErrorCodeException) pe; - request.setAttribute("error", "Fehler " + ece.getErrorCode()); - - String cause = ece.getErrorCodeMessage(); - if (ece.hasExternalErrorMessage()) - { - cause = ece.getExternalErrorCode() + ": " + ece.getExternalErrorMessage(); - } - request.setAttribute("cause", cause); - - if (pe instanceof PlaceholderException) - { - PlaceholderException phe = (PlaceholderException) ece; - - request.setAttribute("cause", "Der Platzhalter des Feldes " + phe.getField() + " ist um " + phe.getMissing() + " Bytes zu kurz. " + ece.getErrorCodeMessage()); - } - } - else - { - request.setAttribute("error", "PresentableException"); - request.setAttribute("cause", pe.toString()); - } - } - - public void dispatchToPreview(String document_text, String connector, - String mode, String signature_type, String submit_url, - HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - request.setAttribute("document_text", document_text); - request.setAttribute("connector", connector); - request.setAttribute("mode", mode); - request.setAttribute("signature_type", signature_type); - request.setAttribute("submit_url", submit_url); - - dispatch(request, response, "/jsp/signpreview.jsp"); - } - - // public static void formatPreview(String document_text, String connector, - // String mode, String signature_type, String submit_url, - // HttpServletResponse response) throws ServletException, IOException - // { - // response.setContentType("text/html"); - // response.setCharacterEncoding("UTF-8"); - // - // PrintWriter writer = response.getWriter(); - // - // writer.println(""); - // writer.println(""); - // writer.println(""); - // writer.println(""); - // writer.println(""); - // writer.println("PDF-AS Amtssignaturen Vorschau"); - // writer.println(""); - // writer.println(""); - // - // writer.println(""); - // writer.println("
"); - // - // writer.println("

PDF-AS Amtssignaturen

"); - // - // writer.println("
"); - // writer.println("
Vorschau: Dokument Prüfen
"); - // writer.println("
"); - // writer.println("
"); - // - // writer.println(""); - // writer.println(""); - // writer.println(""); - // writer.println(""); - // writer.println(""); - // - // writer.println(""); - // writer.println("
"); - // - // writer.println(""); - // - // writer.println("
"); - // writer.println("
"); - // writer.println("
"); - // - // writer.println("zurück"); - // - // writer.println("
"); - // writer.println(""); - // - // writer.println(""); - // } - - /** - * This class is just used to put the pdf byte array into the session. - * - * @author wprinz - */ - protected class SignPreviewInfo implements Serializable - { - /** - * SVUID. - */ - private static final long serialVersionUID = 3102824040163616332L; - - public byte[] pdf = null; - - public String mode = null; - } - - /** - * Formats the file name so that it is suitable for content disposition. - * - * @param file_name - * The file name. - * @return Returns the formatted file name. - */ - public static String formatFileName(String file_name) - { - File file = new File(file_name); - String file_name_only = file.getName(); - // the file_name contains \\ ==> remove them so Internet Explorer works - // correctly. - return file_name_only; - } - - /** - * Formats the file name according to the SignResult. - * - * @param file_name - * The file name. - * @param sign_result - * The sign result. - * @return Returns the formatted file name. - */ - public static String formatFileNameForSignResult(String file_name, - SignResult sign_result) - { - String output = file_name + "_signed"; - if (sign_result.getMimeType().equals(DetachedSignator_1_0_0.MIME_TYPE)) - { - output += ".xml"; - } - else - { - output += ".pdf"; - } - - return output; - } - - /** - * Returns the data in the SignResult with proper content disposition. - * - * @param si - * SessionInformation. - * @param response - * The servlet response. - * @throws IOException - * The IO Exception. - */ - public static void returnSignResponse(SessionInformation si, - HttpServletResponse response) throws IOException - { - SignResult sign_result = si.sign_result; - - String file_name = formatFileNameForSignResult(si.filename, sign_result); - - // The name parameter is actually deprecated in favour of Content-Disposition filename - // Unfortunately Acrobat reader does recognize neither of these parameters - // with its inline save-as. It always takes the page name. - response.setContentType(sign_result.getMimeType() + "; name=\"" + file_name + "\""); - if (si.download_inline) - { - response.addHeader("Content-Disposition", "inline; filename=\"" + file_name + "\""); - } - else - { - response.addHeader("Content-Disposition", "attachment; filename=\"" + file_name + "\""); - } - response.getOutputStream().write(sign_result.getData()); - - } -} \ No newline at end of file diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/SignPreview.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/SignPreview.java deleted file mode 100644 index 1b32bdf..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/SignPreview.java +++ /dev/null @@ -1,105 +0,0 @@ -/** - * Copyright (c) 2006 by Know-Center, Graz, Austria - * - * This software is the confidential and proprietary information of Know-Center, - * Graz, Austria. You shall not disclose such Confidential Information and shall - * use it only in accordance with the terms of the license agreement you entered - * into with Know-Center. - * - * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF - * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR - * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY - * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS - * DERIVATIVES. - * - * $Id: SignPreview.java,v 1.2 2006/10/11 07:39:13 wprinz Exp $ - */ -package at.knowcenter.wag.egov.egiz.web; - -import java.io.IOException; - -import javax.servlet.RequestDispatcher; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import at.knowcenter.wag.egov.egiz.exceptions.ErrorCodeException; -import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; - -/** - * @author wprinz - */ -public class SignPreview extends HttpServlet -{ - - /** - * SVUID. - */ - private static final long serialVersionUID = -8818532511322299998L; - - protected void dispatch(HttpServletRequest request, - HttpServletResponse response, String resource) throws ServletException, IOException - { - response.setContentType("text/html"); - response.setCharacterEncoding("UTF-8"); - - RequestDispatcher disp = getServletContext().getRequestDispatcher(resource); - disp.forward(request, response); - } - - protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - SessionInformation si = null; - HttpSession session = null; - try - { - session = request.getSession(false); - // String session_id_string = request.getParameter("session"); - if (session == null) - { - throw new ErrorCodeException(600, "The session is missing."); - } - - si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); - // long session_id = Long.parseLong(session_id_string); - // si = SessionTable.get(session_id); - if (si == null) - { - throw new ErrorCodeException(600, "The session is not found or is no longer valid."); - } - - } - catch (PresentableException e) - { - e.printStackTrace(); - Sign.prepareDispatchToErrorPage(e, request); - dispatch(request, response, "/jsp/error.jsp"); - - return; - } - - try - { - String preview = request.getParameter(FormFields.FIELD_PREVIEW); - if (preview != null && preview.equals(FormFields.VALUE_TRUE)) - { - response.setContentType("application/pdf"); - response.getOutputStream().write(si.iui.signed_pdf); - return; - } - else - { - Sign.finishSign(si, request, response, getServletContext()); - } - } - catch (PresentableException e) - { - e.printStackTrace(); - Sign.prepareDispatchToErrorPage(e, request); - dispatch(request, response, "/jsp/error.jsp"); - } - } -} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/Verify.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/Verify.java deleted file mode 100644 index a8a5a5b..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/Verify.java +++ /dev/null @@ -1,285 +0,0 @@ -/* - * Copyright (c) 2006 by Know-Center, Graz, Austria - * - * This software is the confidential and proprietary information of Know-Center, - * Graz, Austria. You shall not disclose such Confidential Information and shall - * use it only in accordance with the terms of the license agreement you entered - * into with Know-Center. - * - * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF - * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR - * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY - * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS - * DERIVATIVES. - * - * $Id: Verify.java,v 1.7 2006/10/11 07:39:13 wprinz Exp $ - */ -package at.knowcenter.wag.egov.egiz.web; - -import java.io.IOException; -import java.util.Iterator; -import java.util.List; - -import javax.servlet.RequestDispatcher; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.fileupload.FileItem; -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.fileupload.disk.DiskFileItemFactory; -import org.apache.commons.fileupload.servlet.ServletFileUpload; -import org.apache.log4j.Logger; - -import at.knowcenter.wag.egov.egiz.PdfAS; -import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; -import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; -import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException; -import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; -import at.knowcenter.wag.egov.egiz.framework.VerificationFilter; -import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; - -/** - * This method is the verify servlet for the pdf-as web application. It takes - * get and post requests fill out jsp templates and give the user feedback about - * the results of the verify process. - * - * @author wlackner - * @author wprinz - */ -public class Verify extends HttpServlet -{ - - /** - * SVUID. - */ - private static final long serialVersionUID = 309198792358636766L; - - /** - * The logger. - */ - private static final Logger logger_ = ConfigLogger.getLogger(Verify.class); - - protected void dispatch(HttpServletRequest request, - HttpServletResponse response, String resource) throws ServletException, IOException - { - response.setContentType("text/html"); - response.setCharacterEncoding("UTF-8"); - - RequestDispatcher disp = getServletContext().getRequestDispatcher(resource); - disp.forward(request, response); - } - - protected void dispatchToResults(List results, HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException - { - request.setAttribute("results", results); - dispatch(request, response, "/jsp/results.jsp"); - } - - - public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - dispatch(request, response, "/jsp/verifyupload.jsp"); - } - - public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - - DiskFileItemFactory fif = new DiskFileItemFactory(); - fif.setRepository(SettingsReader.getTemporaryDirectory()); - ServletFileUpload sfu = new ServletFileUpload(fif); - - try - { - - List items = sfu.parseRequest(request); - - FileItem upload_fi = null; - FileItem connector_fi = null; -// FileItem mode_fi = null; - FileItem preview_fi = null; - - { - Iterator it = items.iterator(); - while (it.hasNext()) - { - FileItem item = (FileItem) it.next(); - logger_.debug("item = " + item.getFieldName()); - - if (item.isFormField()) - { - byte[] item_data = item.get(); - String item_string = new String(item_data, "UTF-8"); - logger_.debug(" form field string = " + item_string); - } - else - { - logger_.debug(" filename = " + item.getName()); - logger_.debug(" filesize = " + item.getSize()); - } - - if (item.getFieldName().equals(FormFields.FIELD_UPLOAD)) - { - upload_fi = item; - continue; - } - - if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR)) - { - connector_fi = item; - continue; - } - -// if (item.getFieldName().equals(FormFields.FIELD_MODE)) -// { -// mode_fi = item; -// continue; -// } - - if (item.getFieldName().equals(FormFields.FIELD_PREVIEW)) - { - preview_fi = item; - continue; - } - - throw new ServletException("unrecognized POST data."); - } - } - - if (upload_fi == null || connector_fi == null || /*mode_fi == null ||*/ preview_fi == null) - { - throw new ServletException("Unsufficient data provided in request."); - } - - String connector = connector_fi.getString("UTF-8"); - -// String mode = mode_fi.getString("UTF-8"); -// if (!mode.equals(FormFields.VALUE_MODE_BINARY) && !mode.equals(FormFields.VALUE_MODE_TEXTUAL)) -// { -// throw new ServletException("The mode '" + mode + "' is unrecognized."); -// } - - String preview_str = preview_fi.getString("UTF-8"); - if (!preview_str.equals(FormFields.VALUE_TRUE) && !preview_str.equals(FormFields.VALUE_FALSE)) - { - throw new ServletException("The preview '" + preview_str + "' is unrecognized."); - } - boolean preview = false; - if (preview_str.equals(FormFields.VALUE_TRUE)) - { - preview = true; - } - - // process the request - logger_.debug("file content type =" + upload_fi.getContentType()); - logger_.debug("file size = " + upload_fi.getSize()); - if (upload_fi.getSize() <= 0) - { - throw new PDFDocumentException(250, "The document is empty."); - } - byte[] document_bytes = upload_fi.get(); - - VerificationFilter vf = new VerificationFilter(); - List signature_holders = null; - - String doc_file_name = upload_fi.getName(); - String extension = extractExtension(doc_file_name); - - String raw_text = null; - if (doc_file_name == null || (extension != null && extension.equals("txt"))) - { - raw_text = new String(document_bytes, "UTF-8"); - signature_holders = vf.extractSignaturesFromPlainText(raw_text); - } - else - { - signature_holders = vf.extractSignaturesFromPdf(document_bytes); - } - - if (signature_holders.size() == 0) - { - throw new PDFDocumentException(206, "PDF document not signed."); - } - - if (preview) - { - SessionInformation si = new SessionInformation(); - si.application = "verify"; - si.connector = connector; - si.signature_holders = signature_holders; - request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si); - - dispatch(request, response, "/jsp/verifylist.jsp"); - //VerifyPreview.formatPreview(signature_holders, connector, request, response); - } - else - { - if (ConnectorFactory.isConnectorLocal(connector)) - { - SessionInformation si = new SessionInformation(); //SessionTable.generateSessionInformationObject(); - si.connector = connector; - si.application = "verify"; - si.mode = null; - si.pdf = null; - si.type = null; - si.user_name = null; - si.user_password = null; - - si.signature_holders = signature_holders; - - LocalRequestHelper.processLocalVerify(si, si.signature_holders, request, response); - dispatch(request, response, LocalRequestHelper.LOCAL_CONNECTION_PAGE_JSP); - return; - } - - List results = PdfAS.verifySignatureHolders(signature_holders, connector); - dispatchToResults(results, request, response); - } - - } - catch (FileUploadException e) - { - request.setAttribute("error", "Fehler beim Upload der Daten"); - request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten."); - dispatch(request, response, "/jsp/error.jsp"); - } - catch (PresentableException e) - { - e.printStackTrace(); - Sign.prepareDispatchToErrorPage(e, request); - dispatch(request, response, "/jsp/error.jsp"); - } - - } - - /** - * Extracts the extension from a file name string. - * - *

- * The extension of a file name is whatever text follows the last '.'. - *

- * - * @param file_name - * The file name. - * @return Returns the extension. If the file name ends with the '.', then an - * empty string is returned. If the file name doesn't contain any '.' - * or file_name is null, null is returned. - */ - public static String extractExtension(String file_name) - { - if (file_name == null) - { - return null; - } - - int dot_index = file_name.lastIndexOf('.'); - if (dot_index < 0) - { - return null; - } - return file_name.substring(dot_index + 1); - } -} \ No newline at end of file diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/VerifyPreview.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/VerifyPreview.java deleted file mode 100644 index c39fd91..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/VerifyPreview.java +++ /dev/null @@ -1,704 +0,0 @@ -/** - * Copyright (c) 2006 by Know-Center, Graz, Austria - * - * This software is the confidential and proprietary information of Know-Center, - * Graz, Austria. You shall not disclose such Confidential Information and shall - * use it only in accordance with the terms of the license agreement you entered - * into with Know-Center. - * - * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF - * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR - * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY - * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS - * DERIVATIVES. - * - * $Id: VerifyPreview.java,v 1.4 2006/10/11 07:39:13 wprinz Exp $ - */ -package at.knowcenter.wag.egov.egiz.web; - -import java.io.IOException; -import java.io.PrintWriter; -import java.io.StringWriter; -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; - -import javax.servlet.RequestDispatcher; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.commons.fileupload.FileItem; -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.fileupload.disk.DiskFileItemFactory; -import org.apache.commons.fileupload.servlet.ServletFileUpload; -import org.apache.log4j.Logger; - -import at.knowcenter.wag.egov.egiz.PdfAS; -import at.knowcenter.wag.egov.egiz.PdfASID; -import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; -import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; -import at.knowcenter.wag.egov.egiz.exceptions.ErrorCodeException; -import at.knowcenter.wag.egov.egiz.exceptions.InvalidIDException; -import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; -import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; -import at.knowcenter.wag.egov.egiz.pdf.BinarySignatureHolder; -import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; -import at.knowcenter.wag.egov.egiz.pdf.TextualSignatureHolder; -import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; -import at.knowcenter.wag.egov.egiz.sig.SignatureEntry; -import at.knowcenter.wag.egov.egiz.sig.SignatureObject; -import at.knowcenter.wag.egov.egiz.sig.SignatureTypes; - -/** - * @author wprinz - */ -public class VerifyPreview extends HttpServlet -{ - /** - * SVUID. - */ - private static final long serialVersionUID = 6954343542890239109L; - - /** - * The logger. - */ - private static final Logger logger_ = ConfigLogger.getLogger(VerifyPreview.class); - - protected void dispatch(HttpServletRequest request, - HttpServletResponse response, String resource) throws ServletException, IOException - { - response.setContentType("text/html"); - response.setCharacterEncoding("UTF-8"); - - RequestDispatcher disp = getServletContext().getRequestDispatcher(resource); - disp.forward(request, response); - } - - protected static String generateNamePrefix(int num) - { - return SIG_INPUT_PREFIX + num + "_"; - } - - // public static void formatPreview(List signature_holders, String connector, - // HttpServletRequest request, HttpServletResponse response) throws - // ServletException, IOException - // { - // response.setContentType("text/html"); - // response.setCharacterEncoding("UTF-8"); - // - // PrintWriter writer = response.getWriter(); - // - // writer.println(""); - // writer.println(""); - // writer.println(""); - // writer.println(""); - // writer.println("PDF-AS Amtssignaturen Vorschau"); - // writer.println(""); - // - // writer.println(""); - // - // writer.println(""); - // - // writer.println(""); - // writer.println("
"); - // - // writer.println("

PDF-AS Amtssignaturen

"); - // - // writer.println("
"); - // writer.println("
Vorschau: Dokument Prüfen
"); - // writer.println("
"); - // writer.println("
"); - // - // // writer.println(""); - // writer.println(""); - // - // // if (mode.equals(FormFields.VALUE_MODE_TEXTUAL)) - // // { - // // String raw_document_text = ((SignatureHolder) - // // signature_holders.get(0)).signed_text; - // // writer.println(""); - // // writer.println("
"); - // // } - // - // if (signature_holders.size() == 1) - // { - // writer.println("
Rekonstruktion der Signaturmarke:
"); - // } - // else - // { - // writer.println("
Rekonstruktion der Signaturmarken:
"); - // } - // - // // this special
is only needed because internet explorer doesn't - // // format the width of the - // // tables right when the div is not given. - // // probably this is because the table then tries to calculate the relative - // // width from the surrounding form object. - // writer.println("
"); - // int num = 0; - // Iterator it = signature_holders.iterator(); - // while (it.hasNext()) - // { - // SignatureHolder signature_holder = (SignatureHolder) it.next(); - // - // String name_prefix = generateNamePrefix(num); - // - // String input_key = name_prefix + FormFields.FIELD_RAW_DOCUMENT_TEXT; - // if (signature_holder.signature_object.isBinary()) - // { - // writer.println(""); - // } - // else - // { - // writer.println("
"); - // writer.println(""); - // writer.println("
"); - // } - // - // String html = renderRequiredKeys(signature_holder.signature_object, - // name_prefix, false); - // writer.println(html); - // - // writer.println(""); - // - // num++; - // } - // writer.println("
"); - // - // writer.println("");// + - // // FormFields.VALUE_VERIFY_WHICH_ALL - // // + - // // "\" - // // />"); - // writer.println(""); - // - // writer.println("
"); - // writer.println(""); - // writer.println("
"); - // - // writer.println("zurück"); - // - // writer.println("
"); - // writer.println(""); - // - // writer.println(""); - // - // } - - public static String renderRequiredKeysJavaScript( - SignatureObject signature_object, String name_prefix) - { - StringWriter sw = new StringWriter(); - PrintWriter writer = new PrintWriter(sw); - - String[] rkeys = SignatureTypes.REQUIRED_SIG_KEYS; - - for (int key_idx = 0; key_idx < rkeys.length; key_idx++) - { - String key = rkeys[key_idx]; - SignatureEntry entry = signature_object.getSigEntry(key); - String value = entry.getValue(); - if (SignatureTypes.SIG_ID.equals(key) && value == null) - { - continue; - } - - value = value.replaceAll("\\s", " "); - value = value.replaceAll("\\\"", "\\\""); - - String input_key = name_prefix + key; - - writer.println(" document.submitform." + input_key + ".value = \"" + value + "\";"); - } - - return sw.toString(); - } - - public static String renderRequiredKeys(SignatureObject signature_object, - String name_prefix, boolean write_value) - { - StringWriter sw = new StringWriter(); - PrintWriter writer = new PrintWriter(sw); - - writer.println(""); - - String[] rkeys = SignatureTypes.REQUIRED_SIG_KEYS; - - for (int key_idx = 0; key_idx < rkeys.length; key_idx++) - { - String key = rkeys[key_idx]; - SignatureEntry entry = signature_object.getSigEntry(key); - String caption = entry.getCaption(); - String value = entry.getValue(); - if (SignatureTypes.SIG_ID.equals(key) && value == null) - { - continue; - } - - writer.println(" "); - writer.println(" "); - writer.println(" "); - writer.println(" "); - } - writer.println("
" + caption + ":"); - - value = value.replaceAll("\\s", " "); - value = value.replaceAll("\\\"", "\\\""); - - String input_key = name_prefix + key; - writer.println(" "); - - writer.println("
"); - - return sw.toString(); - } - - public static String renderRequiredKeysText(SignatureObject signature_object) - { - StringWriter sw = new StringWriter(); - PrintWriter writer = new PrintWriter(sw); - - String title = "alte PDF-AS Signatur"; - try - { - PdfASID kz = signature_object.getKZ(); - if (kz != null) - { - title = kz.toString(); - } - } - catch (InvalidIDException e) - { - e.printStackTrace(); - } - writer.println("
Signatur: " + title + "
"); - writer.println(""); - - // just render useful information - String[] rkeys = { SignatureTypes.SIG_DATE, SignatureTypes.SIG_ISSUER, - SignatureTypes.SIG_NUMBER }; // SignatureTypes.REQUIRED_SIG_KEYS; - - for (int key_idx = 0; key_idx < rkeys.length; key_idx++) - { - String key = rkeys[key_idx]; - SignatureEntry entry = signature_object.getSigEntry(key); - String caption = entry.getCaption(); - String value = entry.getValue(); - if (SignatureTypes.SIG_ID.equals(key) && value == null) - { - continue; - } - - writer.println(" "); - writer.println(" "); - writer.println(" "); - writer.println(" "); - } - writer.println("
" + caption + ":"); - - value = value.replaceAll("\\s", " "); - value = value.replaceAll("\\\"", "\\\""); - - writer.println(" " + value); - - writer.println("
"); - - return sw.toString(); - } - - protected void dispatchToResults(List results, HttpServletRequest request, - HttpServletResponse response, boolean backbutton) throws ServletException, IOException - { - request.setAttribute("results", results); - request.setAttribute("backbutton", backbutton ? "true" : "false"); - dispatch(request, response, "/jsp/results.jsp"); - } - - // public static void formatVerifyResults(List results, - // HttpServletResponse response) throws IOException, SettingNotFoundException - // { - // response.setContentType("text/html"); - // response.setCharacterEncoding("UTF-8"); - // - // PrintWriter writer = response.getWriter(); - // - // writer.println(""); - // writer.println(""); - // writer.println(""); - // writer.println(""); - // writer.println("PDF-AS Amtssignaturen Resultat"); - // writer.println(""); - // writer.println(""); - // - // writer.println(""); - // writer.println("
"); - // - // writer.println("

PDF-AS Amtssignaturen

"); - // - // writer.println("
"); - // writer.println("
Resultat
"); - // writer.println("
"); - // - // Iterator it = results.iterator(); - // while (it.hasNext()) - // { - // SignatureResponse result = (SignatureResponse) it.next(); - // formatSignatureResponse(result, writer); - // - // if (it.hasNext()) - // { - // writer.println("
"); - // } - // } - // - // writer.println("
"); - // writer.println("
"); - // - // writer.println("zurück"); - // - // writer.println("
"); - // writer.println(""); - // - // writer.println(""); - // - // } - // - // public static void formatSignatureResponse(SignatureResponse result, - // PrintWriter writer) throws SettingNotFoundException - // { - // writer.println("
Zertifikat"); - // writer.println(""); - // writer.println(" "); - // writer.println(" "); - // writer.println(" "); - // List public_properties = result.getPublicProperties(); - // Iterator it = public_properties.iterator(); - // while (it.hasNext()) - // { - // String public_property = (String) it.next(); - // writer.println(" "); - // } - // - // writer.println(" "); - // - // writer.println("
Signator:" + - // result.getX509SubjectName() + "
Aussteller:" + - // result.getX509IssuerName() + "
Seriennummer:" + - // result.getX509SerialNumber() + "
Eigenschaft:" + - // public_property + "
Zertifikat:" + result.getCertificateCheckInfo() - // + "
"); - // writer.println("
"); - // writer.println("
Signatur-Check"); - // writer.println("
" + result.getSignatureCheckInfo() + "
"); - // writer.println("
"); - // writer.println("
Manifest-Check"); - // writer.println("
" + - // result.getSignatureManifestCheckInfo() + "
"); - // writer.println("
"); - // } - - /** - * Form field name prefix for signature table names - */ - public static final String SIG_INPUT_PREFIX = "sig_inp_"; - - protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - SessionInformation si = null; - HttpSession session = null; - try - { - session = request.getSession(false); - // String session_id_string = request.getParameter("session"); - if (session == null) - { - throw new ErrorCodeException(600, "The session is missing."); - } - - si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); - // long session_id = Long.parseLong(session_id_string); - // si = SessionTable.get(session_id); - if (si == null) - { - throw new ErrorCodeException(600, "The session is not found or is no longer valid."); - } - - } - catch (PresentableException e) - { - e.printStackTrace(); - Sign.prepareDispatchToErrorPage(e, request); - dispatch(request, response, "/jsp/error.jsp"); - - return; - } - - try - { - - int verify_which = -1; - boolean preview = false; - - { - String str_verify_which = request.getParameter(FormFields.FIELD_VERIFY_WHICH); - logger_.debug("verify_which = " + str_verify_which); - if (str_verify_which.equals(FormFields.VALUE_VERIFY_WHICH_ALL)) - { - verify_which = -1; - } - else - { - verify_which = Integer.parseInt(str_verify_which); - } - logger_.debug("verify_which = " + verify_which); - } - - { - String preview_string = request.getParameter(FormFields.FIELD_PREVIEW); - if (preview_string.equals("true")) - { - preview = true; - } - } - - List holders_to_verify = si.signature_holders; - - if (verify_which >= 0) - { - if (verify_which >= si.signature_holders.size()) - { - throw new SignatureException(312, "The selected signature to be verified doesn't exist."); - } - - SignatureHolder holder = (SignatureHolder) si.signature_holders.get(verify_which); - holders_to_verify = new ArrayList(); - holders_to_verify.add(holder); - - if (preview == true) - { - if (holder instanceof BinarySignatureHolder) - { - BinarySignatureHolder binary_holder = (BinarySignatureHolder) holder; - response.setContentType("application/pdf"); - response.getOutputStream().write(binary_holder.getSignedPdf(), 0, binary_holder.getSignedPdfLength()); - } - else - // if (holder.getSignatureObject().isTextual()) - { - // formatPreview(holders_to_verify, si.connector, request, - // response); - request.setAttribute(FormFields.FIELD_VERIFY_WHICH, new Integer(verify_which)); - dispatch(request, response, "/jsp/verifypreview.jsp"); - } - - return; - } - - } - - if (ConnectorFactory.isConnectorLocal(si.connector)) - { - LocalRequestHelper.processLocalVerify(si, holders_to_verify, request, response); - dispatch(request, response, LocalRequestHelper.LOCAL_CONNECTION_PAGE_JSP); - return; - } - - List results = PdfAS.verifySignatureHolders(holders_to_verify, si.connector); - boolean backbutton = true; - if (verify_which >= 0) - { - backbutton = false; - } - dispatchToResults(results, request, response, backbutton); - - } - catch (PresentableException e) - { - e.printStackTrace(); - Sign.prepareDispatchToErrorPage(e, request); - dispatch(request, response, "/jsp/error.jsp"); - } - } - - protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - SessionInformation si = null; - HttpSession session = null; - try - { - session = request.getSession(false); - // String session_id_string = request.getParameter("session"); - if (session == null) - { - throw new ErrorCodeException(600, "The session is missing."); - } - - si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); - // long session_id = Long.parseLong(session_id_string); - // si = SessionTable.get(session_id); - if (si == null) - { - throw new ErrorCodeException(600, "The session is not found or is no longer valid."); - } - - } - catch (PresentableException e) - { - e.printStackTrace(); - Sign.prepareDispatchToErrorPage(e, request); - dispatch(request, response, "/jsp/error.jsp"); - - return; - } - - DiskFileItemFactory fif = new DiskFileItemFactory(); - fif.setRepository(SettingsReader.getTemporaryDirectory()); - ServletFileUpload sfu = new ServletFileUpload(fif); - - try - { - String text_to_be_verified = null; - SignatureObject signature_object = new SignatureObject(); - - String default_type = SettingsReader.getInstance().getValueFromKey(SignatureTypes.DEFAULT_TYPE); - signature_object.setSigType(default_type); - signature_object.initByType(); - - int verify_which = -1; - boolean verify = false; - - List items = sfu.parseRequest(request); - - Iterator it = items.iterator(); - while (it.hasNext()) - { - FileItem item = (FileItem) it.next(); - logger_.debug("item = " + item.getFieldName()); - - if (item.getFieldName().equals(FormFields.FIELD_RAW_DOCUMENT_TEXT)) - { - String raw_document_text = item.getString("UTF-8"); - text_to_be_verified = PdfAS.normalizeText(raw_document_text); - continue; - } - - if (item.getFieldName().equals(FormFields.FIELD_VERIFY_WHICH)) - { - String which_str = item.getString("UTF-8"); - verify_which = Integer.parseInt(which_str); - continue; - } - - if (item.getFieldName().equals("verify")) - { - if (item.getString("UTF-8").equals("true")) - { - verify = true; - } - continue; - } - - String key = item.getFieldName(); - String value = item.getString("UTF-8"); - - signature_object.setSigValue(key, value); - logger_.debug("sig_obj_number" + key + " = " + value); - } - - SignatureHolder new_holder = new TextualSignatureHolder(text_to_be_verified, signature_object); - si.signature_holders.set(verify_which, new_holder); - - if (verify == false) - { - dispatch(request, response, "/dataok.html"); - return; - } - - List holders_to_verify = si.signature_holders; - - if (verify_which >= 0) - { - if (verify_which >= si.signature_holders.size()) - { - throw new SignatureException(312, "The selected signature to be verified doesn't exist."); - } - - SignatureHolder holder = (SignatureHolder) si.signature_holders.get(verify_which); - holders_to_verify = new ArrayList(); - holders_to_verify.add(holder); - } - - if (ConnectorFactory.isConnectorLocal(si.connector)) - { - LocalRequestHelper.processLocalVerify(si, holders_to_verify, request, response); - dispatch(request, response, LocalRequestHelper.LOCAL_CONNECTION_PAGE_JSP); - return; - } - - List results = PdfAS.verifySignatureHolders(holders_to_verify, si.connector); - dispatchToResults(results, request, response, true); - } - catch (FileUploadException e) - { - request.setAttribute("error", "Fehler beim Upload der Daten"); - request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten."); - dispatch(request, response, "/jsp/error.jsp"); - } - catch (PresentableException e) - { - e.printStackTrace(); - Sign.prepareDispatchToErrorPage(e, request); - dispatch(request, response, "/jsp/error.jsp"); - } - - } -} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java new file mode 100644 index 0000000..7d7220c --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java @@ -0,0 +1,199 @@ +/** + * + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.knowcenter.wag.egov.egiz.PdfASID; +import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.framework.Signator; +import at.knowcenter.wag.egov.egiz.framework.SignatorFactory; +import at.knowcenter.wag.egov.egiz.sig.SignatureResponse; +import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.EnvelopedBase64BKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.LocRefDetachedBKUConnector; +import at.knowcenter.wag.egov.egiz.web.FormFields; +import at.knowcenter.wag.egov.egiz.web.LocalRequest; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; + +/** + * @author wprinz + * + */ +public class DataURLServlet extends HttpServlet +{ + + /** + * SVUID. + */ + private static final long serialVersionUID = -5846618335843762752L; + + /** + * The log. + */ + private static Log log = LogFactory.getLog(DataURLServlet.class); + + protected void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource) throws ServletException, IOException + { + dispatch(request, response, resource, getServletContext()); + } + + protected static void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource, ServletContext context) throws ServletException, IOException + { + response.setContentType("text/html"); + response.setCharacterEncoding("UTF-8"); + + RequestDispatcher disp = context.getRequestDispatcher(resource); + disp.forward(request, response); + } + + protected void dispatchToResults(List results, HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException + { + request.setAttribute("results", results); + dispatch(request, response, "/jsp/results.jsp"); + } + + /** + * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest, + * javax.servlet.http.HttpServletResponse) + */ + protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + log.debug("Data URL is accessed."); //$NON-NLS-1$ + + HttpSession session = request.getSession(false); + if (session == null) + { + String msg = "There is no session associated with this request."; //$NON-NLS-1$ + log.error(msg); + throw new ServletException(msg); + } + + SessionInformation si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); + if (si == null) + { + String msg = "The session is not found or no longer valid."; //$NON-NLS-1$ + log.error(msg); + throw new ServletException(msg); + } + + try + { + log.debug("Request character encoding = " + request.getCharacterEncoding()); //$NON-NLS-1$ + if (request.getCharacterEncoding() == null || request.getCharacterEncoding().equals("UTF-8")) //$NON-NLS-1$ + { + log.error("The BKU didn't set a character encoding for the request."); //$NON-NLS-1$ + + log.warn("Manually setting character encoding to UTF-8"); //$NON-NLS-1$ + request.setCharacterEncoding("UTF-8"); //$NON-NLS-1$ + } + + String xml_response = request.getParameter("XMLResponse"); //$NON-NLS-1$ + log.debug("xml_response = " + xml_response); //$NON-NLS-1$ + + if (isNullResponse(xml_response)) + { + log.debug("Received a NullOperationResponse -> answering with the first request."); //$NON-NLS-1$ + + assert si.current_operation == 0; + } + else + { + log.debug("Recieved a normal response -> storing the response."); //$NON-NLS-1$ + + Properties response_properties = new Properties(); + response_properties.setProperty(BKUPostConnection.RESPONSE_STRING_KEY, xml_response); + si.response_properties[si.current_operation] = response_properties; + + si.current_operation++; + } + + if (si.current_operation < si.requests.length) + { + log.debug("There are still requests to be performed -> answering with request #" + si.current_operation); //$NON-NLS-1$ + + LocalRequest local_request = si.requests[si.current_operation]; + + String request_string = local_request.getRequestString(); + + response.setContentType("text/xml"); + response.setCharacterEncoding("UTF-8"); + response.getWriter().println(request_string); + } + else + { + log.debug("All requests have been processed -> processing the responses."); //$NON-NLS-1$ + + if (si.application.equals("sign")) + { + // Sign + + if (si.sign_result == null) + { + LocalConnector c = new LocRefDetachedBKUConnector(si.type, "loc ref content not needed here"); //$NON-NLS-1$ + + si.iui.signed_signature_object = c.analyzeSignResponse(si.response_properties[0]); + + PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode); + Signator signator = SignatorFactory.createSignator(algorithm); + + si.sign_result = signator.finishSign(si.iui); + } + + SignServlet.returnSignResponse(si, response); + } + else + { + // Verify + + List results = new ArrayList(); + + for (int i = 0; i < si.response_properties.length; i++) + { + LocalConnector c = new LocRefDetachedBKUConnector(si.type, "loc ref content not needed here"); //$NON-NLS-1$ + + SignatureResponse sig_resp = c.analyzeVerifyResponse(si.response_properties[i]); + results.add(sig_resp); + } + + dispatchToResults(results, request, response); + } + } + } + catch (PresentableException e) + { + log.error(e); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + + log.debug("DataURL access finished."); //$NON-NLS-1$ + } + + protected boolean isNullResponse(String xml_response) + { + return xml_response.indexOf("NullOperationResponse") >= 0; + } +} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java new file mode 100644 index 0000000..402170c --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java @@ -0,0 +1,100 @@ +/** + * + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.IOException; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; +import at.knowcenter.wag.egov.egiz.sig.SignatureData; +import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl; +import at.knowcenter.wag.egov.egiz.sig.SignatureObject; +import at.knowcenter.wag.egov.egiz.tools.CodingHelper; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; + +/** + * Retrieves the Signature Data from the session and returns it. + * + * @author wprinz + */ +public class RetrieveSignatureDataServlet extends HttpServlet +{ + + /** + * SVUID. + */ + private static final long serialVersionUID = -5387006236836240538L; + + /** + * The log. + */ + private static Log log = LogFactory.getLog(RetrieveSignatureDataServlet.class); + + /** + * @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + log.debug("Request for receiving signature data."); //$NON-NLS-1$ + + HttpSession session = request.getSession(false); + if (session == null) + { + String msg = "There is no session associated with this request."; //$NON-NLS-1$ + log.error(msg); + throw new ServletException(msg); + } + + SessionInformation si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); + if (si == null) + { + String msg = "The session is not found or no longer valid."; //$NON-NLS-1$ + log.error(msg); + throw new ServletException(msg); + } + + SignatureData sd = null; + if (si.application.equals("sign")) + { + sd = si.iui.signature_data; + } + else + { + SignatureHolder holder = (SignatureHolder) si.signature_holders.get(si.current_operation); + SignatureObject s = holder.getSignatureObject(); + + // TODO make better + String text_to_be_verified = holder.getSignedText(); + if (holder.getSignatureObject().isBinary()) + { + byte[] data = CodingHelper.decodeBase64(text_to_be_verified); + sd = new SignatureDataImpl(data, "application/pdf"); + } + else + { + sd = new SignatureDataImpl(text_to_be_verified.getBytes("UTF-8"), "text/plain", "UTF-8"); + } + + } + + log.debug("Writing " + sd.getMimeType() + " data:"); //$NON-NLS-1$ //$NON-NLS-2$ + + response.setContentType(sd.getMimeType()); + response.setCharacterEncoding(sd.getCharacterEncoding()); + response.getOutputStream().write(sd.getData()); + + log.debug("Writing SignatureData finished."); //$NON-NLS-1$ + } + + +} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignPreviewServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignPreviewServlet.java new file mode 100644 index 0000000..1d8ee0b --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignPreviewServlet.java @@ -0,0 +1,94 @@ +/** + * Copyright (c) 2006 by Know-Center, Graz, Austria + * + * This software is the confidential and proprietary information of Know-Center, + * Graz, Austria. You shall not disclose such Confidential Information and shall + * use it only in accordance with the terms of the license agreement you entered + * into with Know-Center. + * + * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF + * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR + * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY + * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. + * + * $Id: SignPreview.java,v 1.2 2006/10/11 07:39:13 wprinz Exp $ + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.IOException; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import at.knowcenter.wag.egov.egiz.exceptions.ErrorCodeException; +import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.web.FormFields; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; + +/** + * @author wprinz + */ +public class SignPreviewServlet extends HttpServlet +{ + + /** + * SVUID. + */ + private static final long serialVersionUID = -8818532511322299998L; + + protected void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource) throws ServletException, IOException + { + response.setContentType("text/html"); + response.setCharacterEncoding("UTF-8"); + + RequestDispatcher disp = getServletContext().getRequestDispatcher(resource); + disp.forward(request, response); + } + + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + SessionInformation si = null; + try + { + HttpSession session = request.getSession(false); + if (session == null) + { + throw new ErrorCodeException(600, "The session is missing."); + } + + si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); + if (si == null) + { + throw new ErrorCodeException(600, "The session is not found or is no longer valid."); + } + + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + + return; + } + + try + { + SignServlet.finishSign(si, request, response, getServletContext()); + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + } +} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java new file mode 100644 index 0000000..f2cbde8 --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java @@ -0,0 +1,576 @@ +/** + * Copyright (c) 2006 by Know-Center, Graz, Austria + * + * This software is the confidential and proprietary information of Know-Center, + * Graz, Austria. You shall not disclose such Confidential Information and shall + * use it only in accordance with the terms of the license agreement you entered + * into with Know-Center. + * + * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF + * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR + * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY + * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. + * + * $Id: Sign.java,v 1.7 2006/10/11 07:39:13 wprinz Exp $ + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.File; +import java.io.IOException; +import java.io.Serializable; +import java.io.UnsupportedEncodingException; +import java.net.URL; +import java.util.Iterator; +import java.util.List; +import java.util.Properties; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.fileupload.FileItem; +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.log4j.Logger; + +import at.knowcenter.wag.egov.egiz.PdfAS; +import at.knowcenter.wag.egov.egiz.PdfASID; +import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; +import at.knowcenter.wag.egov.egiz.exceptions.ErrorCodeException; +import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException; +import at.knowcenter.wag.egov.egiz.exceptions.PlaceholderException; +import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.framework.SignResult; +import at.knowcenter.wag.egov.egiz.framework.Signator; +import at.knowcenter.wag.egov.egiz.framework.SignatorFactory; +import at.knowcenter.wag.egov.egiz.framework.signators.DetachedSignator_1_0_0; +import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; +import at.knowcenter.wag.egov.egiz.sig.SignatureData; +import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl; +import at.knowcenter.wag.egov.egiz.sig.connectors.Connector; +import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.DetachedBKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.EnvelopedBase64BKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.LocRefDetachedBKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.moa.DetachedLocRefMOAConnector; +import at.knowcenter.wag.egov.egiz.tools.CodingHelper; +import at.knowcenter.wag.egov.egiz.web.FormFields; +import at.knowcenter.wag.egov.egiz.web.LocalRequest; +import at.knowcenter.wag.egov.egiz.web.LocalRequestHelper; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; + +/** + * This method is the sign servlet for the pdf-as web application. It takes get + * and post requests fill out jsp templates and give the user feedback about the + * results of the sign process + * + * @author wlackner + * @author wprinz + */ +public class SignServlet extends HttpServlet +{ + + /** + * SVUID. + */ + private static final long serialVersionUID = -4156938216903740438L; + + /** + * The log. + */ + private static Log log = LogFactory.getLog(SignServlet.class); + + protected void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource) throws ServletException, IOException + { + dispatch(request, response, resource, getServletContext()); + } + + protected static void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource, ServletContext context) throws ServletException, IOException + { + response.setContentType("text/html"); + response.setCharacterEncoding("UTF-8"); + + RequestDispatcher disp = context.getRequestDispatcher(resource); + disp.forward(request, response); + } + + // The sign servlet is used for processing the upload only. + // Authentication is deactivated. if required - make an own servlet. + // /** + // * @author modified by tknall + // */ + // public void doGet(HttpServletRequest request, HttpServletResponse response) + // throws ServletException, IOException + // { + // String authenticate = request.getHeader(AUTH); + // if (authenticate != null) + // { + // logger_.info("authenticate:" + authenticate); + // if (authenticate.indexOf(AUTH_BASIC) == 0) + // { + // authenticate = authenticate.substring(AUTH_BASIC.length() + 1); + // logger_.info("authenticate:" + authenticate); + // authenticate = new String(CodingHelper.decodeBase64(authenticate), + // "UTF-8"); + // logger_.info("authenticate:" + authenticate); + // + // String[] auth_value = authenticate.split(":"); + // String user_name = auth_value[0]; + // String user_password = auth_value[1]; + // logger_.info("username:" + user_name); + // // start modification tknall + // // logger_.info("password:" + user_password); + // logger_.info("password:XXXXXXXXXXXX"); + // // stop modification tknall + // + // HttpSession session = request.getSession(); + // session.setAttribute(SessionAttributes.ATTRIBUTE_USER_NAME, user_name); + // session.setAttribute(SessionAttributes.ATTRIBUTE_USER_PASSWORD, + // user_password); + // + // dispatch(request, response, "/jsp/signupload.jsp"); + // return; + // } + // // start modification tknall + // } else { + // String user_name = ""; + // String user_password = ""; + // logger_.info("authenticate:User has not been authenticated!"); + // logger_.info("username: UNKNOWN"); + // logger_.info("password: XXXXXXXXXXXX"); + // HttpSession session = request.getSession(); + // session.setAttribute("uname", user_name); + // session.setAttribute("upass", user_password); + // dispatch(request, response, "/jsp/signupload.jsp"); + // } + + // request.setAttribute("error", "Falsche Authentifikation"); + // request.setAttribute("cause", "Passwort oder Benutzername ist falsch"); + // dispatch(request, response, "/jsp/error.jsp"); + // // stop modification tknall + // } + + /** + * Processes the sign upload. + * + * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest, + * javax.servlet.http.HttpServletResponse) + */ + public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + try + { + UploadedData ud = retrieveUploadedDataFromRequest(request); + + PdfAS.applyStrictMode(ud.pdf); + + SessionInformation si = new SessionInformation(); // SessionTable.generateSessionInformationObject(); + si.connector = ud.sig_app; + si.application = "sign"; + si.mode = ud.sig_mode; + si.pdf = ud.pdf; + si.type = ud.sig_type; + si.filename = formatFileName(ud.file_name); + si.download_inline = ud.download_inline; + + request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si); + + // String user_name = (String) + // request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_NAME); + // String user_password = (String) + // request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_PASSWORD); + // si.user_name = user_name; + // si.user_password = user_password; + + prepareSign(si); + + if (ud.preview) + { + String submit_url = response.encodeURL(request.getContextPath() + "/SignPreview"); + String signature_data_url = response.encodeURL(request.getContextPath() + "/RetrieveSignatureData"); + + request.setAttribute("submit_url", submit_url); + request.setAttribute("signature_data_url", signature_data_url); + + dispatch(request, response, "/jsp/signpreview.jsp"); + + return; + } + + finishSign(si, request, response, getServletContext()); + } + catch (FileUploadException e) + { + request.setAttribute("error", "Fehler beim Upload der Daten"); + request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten."); + dispatch(request, response, "/jsp/error.jsp"); + } + catch (PresentableException e) + { + e.printStackTrace(); + prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + } + + protected UploadedData retrieveUploadedDataFromRequest( + HttpServletRequest request) throws ServletException, UnsupportedEncodingException, FileUploadException, PDFDocumentException + { + DiskFileItemFactory fif = new DiskFileItemFactory(); + fif.setRepository(SettingsReader.getTemporaryDirectory()); + ServletFileUpload sfu = new ServletFileUpload(fif); + + List items = sfu.parseRequest(request); + + FileItem preview_fi = null; + FileItem sig_type_fi = null; + FileItem sig_app_fi = null; + FileItem mode_fi = null; + FileItem file_upload_fi = null; + FileItem download_fi = null; + + Iterator it = items.iterator(); + while (it.hasNext()) + { + FileItem item = (FileItem) it.next(); + log.debug("item = " + item.getFieldName()); //$NON-NLS-1$ + + if (log.isDebugEnabled()) + { + if (item.isFormField()) + { + String item_string = item.getString("UTF-8"); //$NON-NLS-1$ + log.debug(" form field string = " + item_string); //$NON-NLS-1$ + } + else + { + log.debug(" filename = " + item.getName()); //$NON-NLS-1$ + log.debug(" filesize = " + item.getSize()); //$NON-NLS-1$ + } + } + + if (item.getFieldName().equals(FormFields.FIELD_PREVIEW)) + { + preview_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_SIGNATURE_TYPE)) + { + sig_type_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR)) + { + sig_app_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_MODE)) + { + mode_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_UPLOAD)) + { + file_upload_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_DOWNLOAD)) + { + download_fi = item; + continue; + } + + throw new ServletException("unrecognized POST data."); //$NON-NLS-1$ + + } + + if (preview_fi == null || sig_type_fi == null || sig_app_fi == null || file_upload_fi == null || download_fi == null) + { + throw new ServletException("Insufficient data provided in request"); //$NON-NLS-1$ + } + + String mode = mode_fi.getString("UTF-8"); //$NON-NLS-1$ + if (!mode.equals(FormFields.VALUE_MODE_BINARY) && !mode.equals(FormFields.VALUE_MODE_TEXTUAL) && !mode.equals(FormFields.VALUE_MODE_DETACHED)) + { + throw new ServletException("The mode '" + mode + "' is unrecognized."); //$NON-NLS-1$ //$NON-NLS-2$ + } + + String preview_str = preview_fi.getString("UTF-8"); //$NON-NLS-1$ + boolean preview = false; + if (preview_str.equals("true")) //$NON-NLS-1$ + { + preview = true; + } + + boolean download_inline = true; + if (download_fi.getString("UTF-8").equals(FormFields.VALUE_DOWNLOAD_ATTACHMENT)) //$NON-NLS-1$ + { + download_inline = false; + } + + String sig_type = sig_type_fi.getString("UTF-8"); //$NON-NLS-1$ + String sig_app = sig_app_fi.getString("UTF-8"); //$NON-NLS-1$ + + String doc_file_name = file_upload_fi.getName(); + log.debug("file content type =" + file_upload_fi.getContentType()); //$NON-NLS-1$ + + String extension = VerifyServlet.extractExtension(doc_file_name); + if (extension != null && !extension.equals("pdf")) //$NON-NLS-1$ + { + throw new PDFDocumentException(201, "The provided file '" + doc_file_name + "' doesn't have the PDF extension (.pdf)."); //$NON-NLS-1$//$NON-NLS-2$ + } + + byte[] pdf = file_upload_fi.get(); + if (file_upload_fi.getSize() <= 0) + { + throw new PDFDocumentException(250, "The document is empty."); //$NON-NLS-1$ + } + + UploadedData ud = new UploadedData(); + + ud.preview = preview; + ud.download_inline = download_inline; + ud.sig_type = sig_type; + ud.sig_app = sig_app; + ud.sig_mode = mode; + ud.file_name = doc_file_name; + ud.pdf = pdf; + + return ud; + } + + /** + * Prepares the sign. + * + *

+ * This prepares the data for both being signed or being previewed. + *

+ * + * @param si + * The SessionInformation to be prepared. + * @throws PresentableException + * f.e. + */ + public static void prepareSign(SessionInformation si) throws PresentableException + { + log.debug("prepareSign:"); //$NON-NLS-1$ + + PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode); + Signator signator = SignatorFactory.createSignator(algorithm); + si.iui = signator.prepareSign(si.pdf, si.type, null, ConnectorFactory.needsSIG_ID(si.connector)); + + log.debug("prepareSign finished."); //$NON-NLS-1$ + } + + /** + * Finishes the sign. + * + *

+ * For non local connectors this concludes the sign process, signs the + * document and returns the result. For local connectors this initializes the + * local sign process and redirects to following servlets. + *

+ * + * @param si + * The SessionInformation. + * @param request + * The servlet request for dispatching. + * @param response + * The servlet response for dispatching. + * @param context + * The servlet context for dispatching. + * @throws PresentableException + * f.e. + * @throws IOException + * f. e. + * @throws ServletException + * f. e. + */ + public static void finishSign(SessionInformation si, + HttpServletRequest request, HttpServletResponse response, + ServletContext context) throws PresentableException, IOException, ServletException + { + log.debug("finishSign:"); //$NON-NLS-1$ + + log.debug("connector = " + si.connector); //$NON-NLS-1$ + if (ConnectorFactory.isConnectorLocal(si.connector)) + { + log.debug("Connector is local -> dispatching to local processing."); //$NON-NLS-1$ + + String dispatch_to = LocalRequestHelper.processLocalSign(si, request, response); + dispatch(request, response, dispatch_to, context); + return; + } + log.debug("Connector is not local -> finishing the sign."); //$NON-NLS-1$ + + PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode); + Signator signator = SignatorFactory.createSignator(algorithm); + + log.debug("RequestURL = " + request.getRequestURL()); + log.debug("ContextPath = " + request.getContextPath()); + String host = request.getServerName(); + URL signature_data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); + String signature_data_url = response.encodeURL(signature_data_URL.toString()); + + Connector c = new DetachedLocRefMOAConnector(si.type, signature_data_url); + si.iui.signed_signature_object = c.doSign(si.iui.signature_data); + + si.sign_result = signator.finishSign(si.iui); + + returnSignResponse(si, response); + + log.debug("finishSign finished."); //$NON-NLS-1$ + } + + public static void prepareDispatchToErrorPage(PresentableException pe, + HttpServletRequest request) + { + if (pe instanceof ErrorCodeException) + { + ErrorCodeException ece = (ErrorCodeException) pe; + request.setAttribute("error", "Fehler " + ece.getErrorCode()); + + String cause = ece.getErrorCodeMessage(); + if (ece.hasExternalErrorMessage()) + { + cause = ece.getExternalErrorCode() + ": " + ece.getExternalErrorMessage(); + } + request.setAttribute("cause", cause); + + if (pe instanceof PlaceholderException) + { + PlaceholderException phe = (PlaceholderException) ece; + + request.setAttribute("cause", "Der Platzhalter des Feldes " + phe.getField() + " ist um " + phe.getMissing() + " Bytes zu kurz. " + ece.getErrorCodeMessage()); + } + } + else + { + request.setAttribute("error", "PresentableException"); + request.setAttribute("cause", pe.toString()); + } + } + + public void dispatchToPreview(String document_text, String connector, + String mode, String signature_type, String submit_url, + HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + request.setAttribute("document_text", document_text); + request.setAttribute("connector", connector); + request.setAttribute("mode", mode); + request.setAttribute("signature_type", signature_type); + request.setAttribute("submit_url", submit_url); + + dispatch(request, response, "/jsp/signpreview.jsp"); + } + + /** + * Formats the file name so that it is suitable for content disposition. + * + * @param file_name + * The file name. + * @return Returns the formatted file name. + */ + public static String formatFileName(String file_name) + { + File file = new File(file_name); + String file_name_only = file.getName(); + // the file_name contains \\ ==> remove them so Internet Explorer works + // correctly. + return file_name_only; + } + + /** + * Formats the file name according to the SignResult. + * + * @param file_name + * The file name. + * @param sign_result + * The sign result. + * @return Returns the formatted file name. + */ + public static String formatFileNameForSignResult(String file_name, + SignResult sign_result) + { + String output = file_name + "_signed"; + if (sign_result.getMimeType().equals(DetachedSignator_1_0_0.MIME_TYPE)) + { + output += ".xml"; + } + else + { + output += ".pdf"; + } + + return output; + } + + /** + * Returns the data in the SignResult with proper content disposition. + * + * @param si + * SessionInformation. + * @param response + * The servlet response. + * @throws IOException + * The IO Exception. + */ + public static void returnSignResponse(SessionInformation si, + HttpServletResponse response) throws IOException + { + SignResult sign_result = si.sign_result; + + String file_name = formatFileNameForSignResult(si.filename, sign_result); + + // The name parameter is actually deprecated in favour of + // Content-Disposition filename + // Unfortunately Acrobat reader does recognize neither of these parameters + // with its inline save-as. It always takes the page name. + response.setContentType(sign_result.getMimeType() + "; name=\"" + file_name + "\""); + if (si.download_inline) + { + response.addHeader("Content-Disposition", "inline; filename=\"" + file_name + "\""); + } + else + { + response.addHeader("Content-Disposition", "attachment; filename=\"" + file_name + "\""); + } + response.getOutputStream().write(sign_result.getData()); + + } + + protected static class UploadedData + { + protected boolean preview = false; + + protected boolean download_inline = false; + + protected String sig_type = null; + + protected String sig_app = null; + + protected String sig_mode = null; + + protected String file_name = null; + + protected byte[] pdf = null; + } +} \ No newline at end of file diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java new file mode 100644 index 0000000..98f582e --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java @@ -0,0 +1,708 @@ +/** + * Copyright (c) 2006 by Know-Center, Graz, Austria + * + * This software is the confidential and proprietary information of Know-Center, + * Graz, Austria. You shall not disclose such Confidential Information and shall + * use it only in accordance with the terms of the license agreement you entered + * into with Know-Center. + * + * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF + * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR + * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY + * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. + * + * $Id: VerifyPreview.java,v 1.4 2006/10/11 07:39:13 wprinz Exp $ + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.IOException; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.fileupload.FileItem; +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; +import org.apache.log4j.Logger; + +import at.knowcenter.wag.egov.egiz.PdfAS; +import at.knowcenter.wag.egov.egiz.PdfASID; +import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; +import at.knowcenter.wag.egov.egiz.exceptions.ErrorCodeException; +import at.knowcenter.wag.egov.egiz.exceptions.InvalidIDException; +import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; +import at.knowcenter.wag.egov.egiz.pdf.BinarySignatureHolder; +import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; +import at.knowcenter.wag.egov.egiz.pdf.TextualSignatureHolder; +import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; +import at.knowcenter.wag.egov.egiz.sig.SignatureEntry; +import at.knowcenter.wag.egov.egiz.sig.SignatureObject; +import at.knowcenter.wag.egov.egiz.sig.SignatureTypes; +import at.knowcenter.wag.egov.egiz.web.FormFields; +import at.knowcenter.wag.egov.egiz.web.LocalRequestHelper; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; + +/** + * @author wprinz + */ +public class VerifyPreviewServlet extends HttpServlet +{ + /** + * SVUID. + */ + private static final long serialVersionUID = 6954343542890239109L; + + /** + * The logger. + */ + private static final Logger logger_ = ConfigLogger.getLogger(VerifyPreviewServlet.class); + + protected void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource) throws ServletException, IOException + { + response.setContentType("text/html"); + response.setCharacterEncoding("UTF-8"); + + RequestDispatcher disp = getServletContext().getRequestDispatcher(resource); + disp.forward(request, response); + } + + protected static String generateNamePrefix(int num) + { + return SIG_INPUT_PREFIX + num + "_"; + } + + // public static void formatPreview(List signature_holders, String connector, + // HttpServletRequest request, HttpServletResponse response) throws + // ServletException, IOException + // { + // response.setContentType("text/html"); + // response.setCharacterEncoding("UTF-8"); + // + // PrintWriter writer = response.getWriter(); + // + // writer.println(""); + // writer.println(""); + // writer.println(""); + // writer.println(""); + // writer.println("PDF-AS Amtssignaturen Vorschau"); + // writer.println(""); + // + // writer.println(""); + // + // writer.println(""); + // + // writer.println(""); + // writer.println("
"); + // + // writer.println("

PDF-AS Amtssignaturen

"); + // + // writer.println("
"); + // writer.println("
Vorschau: Dokument Prüfen
"); + // writer.println("
"); + // writer.println("
"); + // + // // writer.println(""); + // writer.println(""); + // + // // if (mode.equals(FormFields.VALUE_MODE_TEXTUAL)) + // // { + // // String raw_document_text = ((SignatureHolder) + // // signature_holders.get(0)).signed_text; + // // writer.println(""); + // // writer.println("
"); + // // } + // + // if (signature_holders.size() == 1) + // { + // writer.println("
Rekonstruktion der Signaturmarke:
"); + // } + // else + // { + // writer.println("
Rekonstruktion der Signaturmarken:
"); + // } + // + // // this special
is only needed because internet explorer doesn't + // // format the width of the + // // tables right when the div is not given. + // // probably this is because the table then tries to calculate the relative + // // width from the surrounding form object. + // writer.println("
"); + // int num = 0; + // Iterator it = signature_holders.iterator(); + // while (it.hasNext()) + // { + // SignatureHolder signature_holder = (SignatureHolder) it.next(); + // + // String name_prefix = generateNamePrefix(num); + // + // String input_key = name_prefix + FormFields.FIELD_RAW_DOCUMENT_TEXT; + // if (signature_holder.signature_object.isBinary()) + // { + // writer.println(""); + // } + // else + // { + // writer.println("
"); + // writer.println(""); + // writer.println("
"); + // } + // + // String html = renderRequiredKeys(signature_holder.signature_object, + // name_prefix, false); + // writer.println(html); + // + // writer.println(""); + // + // num++; + // } + // writer.println("
"); + // + // writer.println("");// + + // // FormFields.VALUE_VERIFY_WHICH_ALL + // // + + // // "\" + // // />"); + // writer.println(""); + // + // writer.println("
"); + // writer.println(""); + // writer.println("
"); + // + // writer.println("zurück"); + // + // writer.println("
"); + // writer.println(""); + // + // writer.println(""); + // + // } + + public static String renderRequiredKeysJavaScript( + SignatureObject signature_object, String name_prefix) + { + StringWriter sw = new StringWriter(); + PrintWriter writer = new PrintWriter(sw); + + String[] rkeys = SignatureTypes.REQUIRED_SIG_KEYS; + + for (int key_idx = 0; key_idx < rkeys.length; key_idx++) + { + String key = rkeys[key_idx]; + SignatureEntry entry = signature_object.getSigEntry(key); + String value = entry.getValue(); + if (SignatureTypes.SIG_ID.equals(key) && value == null) + { + continue; + } + + value = value.replaceAll("\\s", " "); + value = value.replaceAll("\\\"", "\\\""); + + String input_key = name_prefix + key; + + writer.println(" document.submitform." + input_key + ".value = \"" + value + "\";"); + } + + return sw.toString(); + } + + public static String renderRequiredKeys(SignatureObject signature_object, + String name_prefix, boolean write_value) + { + StringWriter sw = new StringWriter(); + PrintWriter writer = new PrintWriter(sw); + + writer.println(""); + + String[] rkeys = SignatureTypes.REQUIRED_SIG_KEYS; + + for (int key_idx = 0; key_idx < rkeys.length; key_idx++) + { + String key = rkeys[key_idx]; + SignatureEntry entry = signature_object.getSigEntry(key); + String caption = entry.getCaption(); + String value = entry.getValue(); + if (SignatureTypes.SIG_ID.equals(key) && value == null) + { + continue; + } + + writer.println(" "); + writer.println(" "); + writer.println(" "); + writer.println(" "); + } + writer.println("
" + caption + ":"); + + value = value.replaceAll("\\s", " "); + value = value.replaceAll("\\\"", "\\\""); + + String input_key = name_prefix + key; + writer.println(" "); + + writer.println("
"); + + return sw.toString(); + } + + public static String renderRequiredKeysText(SignatureObject signature_object) + { + StringWriter sw = new StringWriter(); + PrintWriter writer = new PrintWriter(sw); + + String title = "alte PDF-AS Signatur"; + try + { + PdfASID kz = signature_object.getKZ(); + if (kz != null) + { + title = kz.toString(); + } + } + catch (InvalidIDException e) + { + e.printStackTrace(); + } + writer.println("
Signatur: " + title + "
"); + writer.println(""); + + // just render useful information + String[] rkeys = { SignatureTypes.SIG_DATE, SignatureTypes.SIG_ISSUER, + SignatureTypes.SIG_NUMBER }; // SignatureTypes.REQUIRED_SIG_KEYS; + + for (int key_idx = 0; key_idx < rkeys.length; key_idx++) + { + String key = rkeys[key_idx]; + SignatureEntry entry = signature_object.getSigEntry(key); + String caption = entry.getCaption(); + String value = entry.getValue(); + if (SignatureTypes.SIG_ID.equals(key) && value == null) + { + continue; + } + + writer.println(" "); + writer.println(" "); + writer.println(" "); + writer.println(" "); + } + writer.println("
" + caption + ":"); + + value = value.replaceAll("\\s", " "); + value = value.replaceAll("\\\"", "\\\""); + + writer.println(" " + value); + + writer.println("
"); + + return sw.toString(); + } + + protected void dispatchToResults(List results, HttpServletRequest request, + HttpServletResponse response, boolean backbutton) throws ServletException, IOException + { + request.setAttribute("results", results); + request.setAttribute("backbutton", backbutton ? "true" : "false"); + dispatch(request, response, "/jsp/results.jsp"); + } + + // public static void formatVerifyResults(List results, + // HttpServletResponse response) throws IOException, SettingNotFoundException + // { + // response.setContentType("text/html"); + // response.setCharacterEncoding("UTF-8"); + // + // PrintWriter writer = response.getWriter(); + // + // writer.println(""); + // writer.println(""); + // writer.println(""); + // writer.println(""); + // writer.println("PDF-AS Amtssignaturen Resultat"); + // writer.println(""); + // writer.println(""); + // + // writer.println(""); + // writer.println("
"); + // + // writer.println("

PDF-AS Amtssignaturen

"); + // + // writer.println("
"); + // writer.println("
Resultat
"); + // writer.println("
"); + // + // Iterator it = results.iterator(); + // while (it.hasNext()) + // { + // SignatureResponse result = (SignatureResponse) it.next(); + // formatSignatureResponse(result, writer); + // + // if (it.hasNext()) + // { + // writer.println("
"); + // } + // } + // + // writer.println("
"); + // writer.println("
"); + // + // writer.println("zurück"); + // + // writer.println("
"); + // writer.println(""); + // + // writer.println(""); + // + // } + // + // public static void formatSignatureResponse(SignatureResponse result, + // PrintWriter writer) throws SettingNotFoundException + // { + // writer.println("
Zertifikat"); + // writer.println(""); + // writer.println(" "); + // writer.println(" "); + // writer.println(" "); + // List public_properties = result.getPublicProperties(); + // Iterator it = public_properties.iterator(); + // while (it.hasNext()) + // { + // String public_property = (String) it.next(); + // writer.println(" "); + // } + // + // writer.println(" "); + // + // writer.println("
Signator:" + + // result.getX509SubjectName() + "
Aussteller:" + + // result.getX509IssuerName() + "
Seriennummer:" + + // result.getX509SerialNumber() + "
Eigenschaft:" + + // public_property + "
Zertifikat:" + result.getCertificateCheckInfo() + // + "
"); + // writer.println("
"); + // writer.println("
Signatur-Check"); + // writer.println("
" + result.getSignatureCheckInfo() + "
"); + // writer.println("
"); + // writer.println("
Manifest-Check"); + // writer.println("
" + + // result.getSignatureManifestCheckInfo() + "
"); + // writer.println("
"); + // } + + /** + * Form field name prefix for signature table names + */ + public static final String SIG_INPUT_PREFIX = "sig_inp_"; + + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + SessionInformation si = null; + HttpSession session = null; + try + { + session = request.getSession(false); + // String session_id_string = request.getParameter("session"); + if (session == null) + { + throw new ErrorCodeException(600, "The session is missing."); + } + + si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); + // long session_id = Long.parseLong(session_id_string); + // si = SessionTable.get(session_id); + if (si == null) + { + throw new ErrorCodeException(600, "The session is not found or is no longer valid."); + } + + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + + return; + } + + try + { + + int verify_which = -1; + boolean preview = false; + + { + String str_verify_which = request.getParameter(FormFields.FIELD_VERIFY_WHICH); + logger_.debug("verify_which = " + str_verify_which); + if (str_verify_which.equals(FormFields.VALUE_VERIFY_WHICH_ALL)) + { + verify_which = -1; + } + else + { + verify_which = Integer.parseInt(str_verify_which); + } + logger_.debug("verify_which = " + verify_which); + } + + { + String preview_string = request.getParameter(FormFields.FIELD_PREVIEW); + if (preview_string.equals("true")) + { + preview = true; + } + } + + List holders_to_verify = si.signature_holders; + + if (verify_which >= 0) + { + if (verify_which >= si.signature_holders.size()) + { + throw new SignatureException(312, "The selected signature to be verified doesn't exist."); + } + + SignatureHolder holder = (SignatureHolder) si.signature_holders.get(verify_which); + holders_to_verify = new ArrayList(); + holders_to_verify.add(holder); + + if (preview == true) + { + if (holder instanceof BinarySignatureHolder) + { + BinarySignatureHolder binary_holder = (BinarySignatureHolder) holder; + response.setContentType("application/pdf"); + response.getOutputStream().write(binary_holder.getSignedPdf(), 0, binary_holder.getSignedPdfLength()); + } + else + // if (holder.getSignatureObject().isTextual()) + { + // formatPreview(holders_to_verify, si.connector, request, + // response); + request.setAttribute(FormFields.FIELD_VERIFY_WHICH, new Integer(verify_which)); + dispatch(request, response, "/jsp/verifypreview.jsp"); + } + + return; + } + + } + + if (ConnectorFactory.isConnectorLocal(si.connector)) + { + String dispatch_to = LocalRequestHelper.processLocalVerify(si, holders_to_verify, request, response); + dispatch(request, response, dispatch_to); + return; + } + + List results = PdfAS.verifySignatureHolders(holders_to_verify, si.connector); + boolean backbutton = true; + if (verify_which >= 0) + { + backbutton = false; + } + dispatchToResults(results, request, response, backbutton); + + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + } + + protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + SessionInformation si = null; + HttpSession session = null; + try + { + session = request.getSession(false); + // String session_id_string = request.getParameter("session"); + if (session == null) + { + throw new ErrorCodeException(600, "The session is missing."); + } + + si = (SessionInformation) session.getAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION); + // long session_id = Long.parseLong(session_id_string); + // si = SessionTable.get(session_id); + if (si == null) + { + throw new ErrorCodeException(600, "The session is not found or is no longer valid."); + } + + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + + return; + } + + DiskFileItemFactory fif = new DiskFileItemFactory(); + fif.setRepository(SettingsReader.getTemporaryDirectory()); + ServletFileUpload sfu = new ServletFileUpload(fif); + + try + { + String text_to_be_verified = null; + SignatureObject signature_object = new SignatureObject(); + + String default_type = SettingsReader.getInstance().getValueFromKey(SignatureTypes.DEFAULT_TYPE); + signature_object.setSigType(default_type); + signature_object.initByType(); + + int verify_which = -1; + boolean verify = false; + + List items = sfu.parseRequest(request); + + Iterator it = items.iterator(); + while (it.hasNext()) + { + FileItem item = (FileItem) it.next(); + logger_.debug("item = " + item.getFieldName()); + + if (item.getFieldName().equals(FormFields.FIELD_RAW_DOCUMENT_TEXT)) + { + String raw_document_text = item.getString("UTF-8"); + text_to_be_verified = PdfAS.normalizeText(raw_document_text); + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_VERIFY_WHICH)) + { + String which_str = item.getString("UTF-8"); + verify_which = Integer.parseInt(which_str); + continue; + } + + if (item.getFieldName().equals("verify")) + { + if (item.getString("UTF-8").equals("true")) + { + verify = true; + } + continue; + } + + String key = item.getFieldName(); + String value = item.getString("UTF-8"); + + signature_object.setSigValue(key, value); + logger_.debug("sig_obj_number" + key + " = " + value); + } + + SignatureHolder new_holder = new TextualSignatureHolder(text_to_be_verified, signature_object); + si.signature_holders.set(verify_which, new_holder); + + if (verify == false) + { + dispatch(request, response, "/dataok.html"); + return; + } + + List holders_to_verify = si.signature_holders; + + if (verify_which >= 0) + { + if (verify_which >= si.signature_holders.size()) + { + throw new SignatureException(312, "The selected signature to be verified doesn't exist."); + } + + SignatureHolder holder = (SignatureHolder) si.signature_holders.get(verify_which); + holders_to_verify = new ArrayList(); + holders_to_verify.add(holder); + } + + if (ConnectorFactory.isConnectorLocal(si.connector)) + { + String dispatch_to = LocalRequestHelper.processLocalVerify(si, holders_to_verify, request, response); + dispatch(request, response, dispatch_to); + return; + } + + List results = PdfAS.verifySignatureHolders(holders_to_verify, si.connector); + dispatchToResults(results, request, response, true); + } + catch (FileUploadException e) + { + request.setAttribute("error", "Fehler beim Upload der Daten"); + request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten."); + dispatch(request, response, "/jsp/error.jsp"); + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + + } +} diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java new file mode 100644 index 0000000..ee20498 --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java @@ -0,0 +1,334 @@ +/* + * Copyright (c) 2006 by Know-Center, Graz, Austria + * + * This software is the confidential and proprietary information of Know-Center, + * Graz, Austria. You shall not disclose such Confidential Information and shall + * use it only in accordance with the terms of the license agreement you entered + * into with Know-Center. + * + * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF + * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR + * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY + * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. + * + * $Id: Verify.java,v 1.7 2006/10/11 07:39:13 wprinz Exp $ + */ +package at.knowcenter.wag.egov.egiz.web.servlets; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URL; +import java.util.Iterator; +import java.util.List; +import java.util.Properties; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.fileupload.FileItem; +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.log4j.Logger; + +import at.knowcenter.wag.egov.egiz.PdfAS; +import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; +import at.knowcenter.wag.egov.egiz.exceptions.ConnectorFactoryException; +import at.knowcenter.wag.egov.egiz.exceptions.NormalizeException; +import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException; +import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; +import at.knowcenter.wag.egov.egiz.exceptions.SignatureTypesException; +import at.knowcenter.wag.egov.egiz.framework.VerificationFilter; +import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; +import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory; +import at.knowcenter.wag.egov.egiz.sig.SignatureData; +import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl; +import at.knowcenter.wag.egov.egiz.sig.SignatureObject; +import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.LocRefDetachedBKUConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject; +import at.knowcenter.wag.egov.egiz.tools.CodingHelper; +import at.knowcenter.wag.egov.egiz.web.FormFields; +import at.knowcenter.wag.egov.egiz.web.LocalRequest; +import at.knowcenter.wag.egov.egiz.web.LocalRequestHelper; +import at.knowcenter.wag.egov.egiz.web.SessionAttributes; +import at.knowcenter.wag.egov.egiz.web.SessionInformation; +import at.knowcenter.wag.egov.egiz.web.servlets.SignServlet.UploadedData; + +/** + * This method is the verify servlet for the pdf-as web application. It takes + * get and post requests fill out jsp templates and give the user feedback about + * the results of the verify process. + * + * @author wlackner + * @author wprinz + */ +public class VerifyServlet extends HttpServlet +{ + + /** + * SVUID. + */ + private static final long serialVersionUID = 309198792358636766L; + + /** + * The log. + */ + private static Log log = LogFactory.getLog(SignServlet.class); + + protected void dispatch(HttpServletRequest request, + HttpServletResponse response, String resource) throws ServletException, IOException + { + response.setContentType("text/html"); //$NON-NLS-1$ + response.setCharacterEncoding("UTF-8"); //$NON-NLS-1$ + + RequestDispatcher disp = getServletContext().getRequestDispatcher(resource); + disp.forward(request, response); + } + + protected void dispatchToResults(List results, HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException + { + request.setAttribute("results", results); //$NON-NLS-1$ + dispatch(request, response, "/jsp/results.jsp"); //$NON-NLS-1$ + } + + /** + * Processes the verify upload. + * + * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest, + * javax.servlet.http.HttpServletResponse) + */ + public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + try + { + UploadedData ud = retrieveUploadedDataFromRequest(request); + + List signature_holders = extractSignatureHoldersFromFile(ud.file_name, ud.file_data); + + SessionInformation si = new SessionInformation(); // SessionTable.generateSessionInformationObject(); + si.connector = ud.sig_app; + si.application = "verify"; + si.mode = null; + si.pdf = null; + si.type = null; + si.user_name = null; + si.user_password = null; + + si.signature_holders = signature_holders; + + request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si); + + if (ud.preview) + { + dispatch(request, response, "/jsp/verifylist.jsp"); + // VerifyPreview.formatPreview(signature_holders, connector, request, + // response); + } + else + { + if (ConnectorFactory.isConnectorLocal(si.connector)) + { + String dispatch_to = LocalRequestHelper.processLocalVerify(si, si.signature_holders, request, response); + dispatch(request, response, dispatch_to); + return; + } + + List results = PdfAS.verifySignatureHolders(signature_holders, si.connector); + dispatchToResults(results, request, response); + } + + } + catch (FileUploadException e) + { + request.setAttribute("error", "Fehler beim Upload der Daten"); + request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten."); + dispatch(request, response, "/jsp/error.jsp"); + } + catch (PresentableException e) + { + e.printStackTrace(); + SignServlet.prepareDispatchToErrorPage(e, request); + dispatch(request, response, "/jsp/error.jsp"); + } + + } + + protected UploadedData retrieveUploadedDataFromRequest( + HttpServletRequest request) throws ServletException, UnsupportedEncodingException, FileUploadException, PDFDocumentException + { + DiskFileItemFactory fif = new DiskFileItemFactory(); + fif.setRepository(SettingsReader.getTemporaryDirectory()); + ServletFileUpload sfu = new ServletFileUpload(fif); + + List items = sfu.parseRequest(request); + + FileItem upload_fi = null; + FileItem connector_fi = null; + // FileItem mode_fi = null; + FileItem preview_fi = null; + + { + Iterator it = items.iterator(); + while (it.hasNext()) + { + FileItem item = (FileItem) it.next(); + log.debug("item = " + item.getFieldName()); //$NON-NLS-1$ + + if (item.isFormField()) + { + String item_string = item.getString("UTF-8"); //$NON-NLS-1$ + log.debug(" form field string = " + item_string); //$NON-NLS-1$ + } + else + { + log.debug(" filename = " + item.getName()); //$NON-NLS-1$ + log.debug(" filesize = " + item.getSize()); //$NON-NLS-1$ + } + + if (item.getFieldName().equals(FormFields.FIELD_UPLOAD)) + { + upload_fi = item; + continue; + } + + if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR)) + { + connector_fi = item; + continue; + } + + // if (item.getFieldName().equals(FormFields.FIELD_MODE)) + // { + // mode_fi = item; + // continue; + // } + + if (item.getFieldName().equals(FormFields.FIELD_PREVIEW)) + { + preview_fi = item; + continue; + } + + throw new ServletException("unrecognized POST data."); //$NON-NLS-1$ + } + } + + if (upload_fi == null || connector_fi == null || /* mode_fi == null || */preview_fi == null) + { + throw new ServletException("Unsufficient data provided in request."); //$NON-NLS-1$ + } + + String connector = connector_fi.getString("UTF-8"); //$NON-NLS-1$ + + // String mode = mode_fi.getString("UTF-8"); + // if (!mode.equals(FormFields.VALUE_MODE_BINARY) && + // !mode.equals(FormFields.VALUE_MODE_TEXTUAL)) + // { + // throw new ServletException("The mode '" + mode + "' is unrecognized."); + // } + + String preview_str = preview_fi.getString("UTF-8"); //$NON-NLS-1$ + if (!preview_str.equals(FormFields.VALUE_TRUE) && !preview_str.equals(FormFields.VALUE_FALSE)) + { + throw new ServletException("The preview '" + preview_str + "' is unrecognized."); //$NON-NLS-1$//$NON-NLS-2$ + } + boolean preview = false; + if (preview_str.equals(FormFields.VALUE_TRUE)) + { + preview = true; + } + + // process the request + log.debug("file content type =" + upload_fi.getContentType()); //$NON-NLS-1$ + log.debug("file size = " + upload_fi.getSize()); //$NON-NLS-1$ + if (upload_fi.getSize() <= 0) + { + throw new PDFDocumentException(250, "The document is empty."); //$NON-NLS-1$ + } + byte[] document_bytes = upload_fi.get(); + + UploadedData ud = new UploadedData(); + ud.preview = preview; + ud.sig_app = connector; + ud.file_name = upload_fi.getName(); + ud.file_data = document_bytes; + + return ud; + } + + protected List extractSignatureHoldersFromFile (String file_name, byte [] data) throws UnsupportedEncodingException, PresentableException + { + VerificationFilter vf = new VerificationFilter(); + List signature_holders = null; + + String extension = extractExtension(file_name); + + String raw_text = null; + if (file_name == null || (extension != null && extension.equals("txt"))) //$NON-NLS-1$ + { + raw_text = new String(data, "UTF-8"); //$NON-NLS-1$ + signature_holders = vf.extractSignaturesFromPlainText(raw_text); + } + else + { + signature_holders = vf.extractSignaturesFromPdf(data); + } + + if (signature_holders.size() == 0) + { + throw new PDFDocumentException(206, "PDF document not signed."); //$NON-NLS-1$ + } + + return signature_holders; + } + + /** + * Extracts the extension from a file name string. + * + *

+ * The extension of a file name is whatever text follows the last '.'. + *

+ * + * @param file_name + * The file name. + * @return Returns the extension. If the file name ends with the '.', then an + * empty string is returned. If the file name doesn't contain any '.' + * or file_name is null, null is returned. + */ + public static String extractExtension(String file_name) + { + if (file_name == null) + { + return null; + } + + int dot_index = file_name.lastIndexOf('.'); + if (dot_index < 0) + { + return null; + } + return file_name.substring(dot_index + 1); + } + + protected static class UploadedData + { + protected boolean preview = false; + + protected String sig_app = null; + + protected String file_name = null; + + protected byte[] file_data = null; + } +} \ No newline at end of file -- cgit v1.2.3