aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2014-02-06 12:47:21 +0100
committerAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2014-02-06 12:47:21 +0100
commit5ea41481c10aa43ab1df5e0b7ba0c18c3262c9eb (patch)
treef915ba3e7c132e47a57ae4ec74c872d32a1d3acc
parent8238b1a96ab240ac30525f2b254518cd052d2501 (diff)
downloadpdf-as-4-5ea41481c10aa43ab1df5e0b7ba0c18c3262c9eb.tar.gz
pdf-as-4-5ea41481c10aa43ab1df5e0b7ba0c18c3262c9eb.tar.bz2
pdf-as-4-5ea41481c10aa43ab1df5e0b7ba0c18c3262c9eb.zip
Started verification implementation, HTTP Session cleanup
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java1
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java178
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java5
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java6
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java4
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java240
-rw-r--r--pdf-as-web/src/main/resources/template_verifyResult.html3
-rw-r--r--pdf-as-web/src/main/webapp/egiz.jsp328
8 files changed, 690 insertions, 75 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java
index bcda2263..d782c4dc 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java
@@ -47,6 +47,7 @@ public class ExceptionCatchFilter implements Filter {
if(request instanceof HttpServletRequest) {
logger.debug("Processing Parameters into Attributes");
HttpServletRequest httpRequest = (HttpServletRequest)request;
+ PdfAsHelper.logAccess(httpRequest);
Enumeration<String> parameterNames = httpRequest.getParameterNames();
while(parameterNames.hasMoreElements()) {
String name = parameterNames.nextElement();
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
index 12d7ffc5..13e8159f 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
@@ -18,24 +18,19 @@ import org.apache.commons.lang3.StringEscapeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import com.lowagie.text.html.WebColors;
-
-import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
import at.gv.egiz.pdfas.lib.api.ByteArrayDataSink;
import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource;
import at.gv.egiz.pdfas.lib.api.Configuration;
import at.gv.egiz.pdfas.lib.api.DataSink;
import at.gv.egiz.pdfas.lib.api.PdfAs;
import at.gv.egiz.pdfas.lib.api.PdfAsFactory;
-import at.gv.egiz.pdfas.lib.api.SignaturePosition;
import at.gv.egiz.pdfas.lib.api.StatusRequest;
import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner;
import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
import at.gv.egiz.pdfas.lib.api.sign.SignResult;
-import at.gv.egiz.pdfas.lib.impl.PdfAsImpl;
-import at.gv.egiz.pdfas.lib.impl.SignaturePositionImpl;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
import at.gv.egiz.pdfas.sigs.pades.PAdESSigner;
-import at.gv.egiz.pdfas.sigs.pades.PAdESSignerKeystore;
import at.gv.egiz.pdfas.sigs.pkcs7detached.PKCS7DetachedSigner;
import at.gv.egiz.pdfas.web.config.WebConfiguration;
import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
@@ -69,6 +64,7 @@ public class PdfAsHelper {
private static final String REQUEST_FROM_DU = "REQ_DATA_URL";
private static final String SIGNATURE_DATA_HASH = "SIGNATURE_DATA_HASH";
private static final String SIGNATURE_ACTIVE = "SIGNATURE_ACTIVE";
+ private static final String VERIFICATION_RESULT = "VERIFICATION_RESULT";
private static final Logger logger = LoggerFactory
.getLogger(PdfAsHelper.class);
@@ -78,14 +74,14 @@ public class PdfAsHelper {
static {
logger.debug("Creating PDF-AS");
- pdfAs = PdfAsFactory.createPdfAs(new File(WebConfiguration.getPdfASDir()));
+ pdfAs = PdfAsFactory.createPdfAs(new File(WebConfiguration
+ .getPdfASDir()));
logger.debug("Creating PDF-AS done");
}
-
+
public static void init() {
logger.debug("PDF-AS Helper initialized");
}
-
private static void validatePdfSize(HttpServletRequest request,
HttpServletResponse response, byte[] pdfData)
@@ -113,7 +109,7 @@ public class PdfAsHelper {
}
}
}
-
+
private static String buildPosString(HttpServletRequest request,
HttpServletResponse response) throws PdfAsWebException {
String posP = PdfAsParameterExtractor.getSigPosP(request);
@@ -180,6 +176,38 @@ public class PdfAsHelper {
return sb.toString();
}
+ public static List<VerifyResult> synchornousVerify(
+ HttpServletRequest request, HttpServletResponse response,
+ byte[] pdfData) throws Exception {
+ String signidxString = PdfAsParameterExtractor.getSigIdx(request);
+ int signIdx = -1;
+ if (signidxString != null) {
+ try {
+ signIdx = Integer.parseInt(signidxString);
+ } catch (Throwable e) {
+ logger.error("Failed to parse Signature Index: "
+ + signidxString);
+ }
+ }
+
+ logger.error("Verifing Signature index: " + signIdx);
+
+ Configuration config = pdfAs.getConfiguration();
+
+ ByteArrayDataSource dataSource = new ByteArrayDataSource(pdfData);
+
+ VerifyParameter verifyParameter = PdfAsFactory.createVerifyParameter(
+ config, dataSource);
+
+ verifyParameter.setDataSource(dataSource);
+ verifyParameter.setConfiguration(config);
+ verifyParameter.setWhichSignature(signIdx);
+
+ List<VerifyResult> results = pdfAs.verify(verifyParameter);
+
+ return results;
+ }
+
/**
* Create synchronous PDF Signature
*
@@ -213,9 +241,11 @@ public class PdfAsHelper {
if (connector.equals("moa")) {
signer = new PAdESSigner(new MOAConnector(config));
} else {
- signer = new PKCS7DetachedSigner(WebConfiguration.getKeystoreFile(),
+ signer = new PKCS7DetachedSigner(
+ WebConfiguration.getKeystoreFile(),
WebConfiguration.getKeystoreAlias(),
- WebConfiguration.getKeystorePass(), WebConfiguration.getKeystoreKeyPass(),
+ WebConfiguration.getKeystorePass(),
+ WebConfiguration.getKeystoreKeyPass(),
WebConfiguration.getKeystoreType());
}
@@ -240,17 +270,21 @@ public class PdfAsHelper {
HttpServletResponse response, ServletContext context, byte[] pdfData)
throws Exception {
- // TODO: Protect session so that only one PDF can be signed during one session
- /*if(PdfAsHelper.isSignatureActive(request)) {
- throw new PdfAsException("Signature is active in this session");
- }
-
- PdfAsHelper.setSignatureActive(request, true);*/
-
+ // TODO: Protect session so that only one PDF can be signed during one
+ // session
+ /*
+ * if(PdfAsHelper.isSignatureActive(request)) { throw new
+ * PdfAsException("Signature is active in this session"); }
+ *
+ * PdfAsHelper.setSignatureActive(request, true);
+ */
+
validatePdfSize(request, response, pdfData);
HttpSession session = request.getSession();
+ logger.info("Starting signature in session: " + session.getId());
+
Configuration config = pdfAs.getConfiguration();
session.setAttribute(PDF_CONFIG, config);
@@ -262,12 +296,14 @@ public class PdfAsHelper {
String connector = PdfAsParameterExtractor.getConnector(request);
IPlainSigner signer;
- if (connector.equals("bku") || connector.equals("onlinebku") || connector.equals("mobilebku")) {
+ if (connector.equals("bku") || connector.equals("onlinebku")
+ || connector.equals("mobilebku")) {
BKUSLConnector conn = new BKUSLConnector(config);
signer = new PAdESSigner(conn);
session.setAttribute(PDF_SL_CONNECTOR, conn);
} else {
- throw new PdfAsWebException("Invalid connector (bku | onlinebku | mobilebku | moa | jks)");
+ throw new PdfAsWebException(
+ "Invalid connector (bku | onlinebku | mobilebku | moa | jks)");
}
signParameter.setPlainSigner(signer);
@@ -318,6 +354,10 @@ public class PdfAsHelper {
StatusRequest statusRequest = (StatusRequest) session
.getAttribute(PDF_STATUS);
+ if(statusRequest == null) {
+ throw new PdfAsWebException("No Signature running in session:" + session.getId());
+ }
+
statusRequest.setCertificate(getCertificate(infoboxReadResponseType));
statusRequest = pdfAs.process(statusRequest);
session.setAttribute(PDF_STATUS, statusRequest);
@@ -336,6 +376,10 @@ public class PdfAsHelper {
StatusRequest statusRequest = (StatusRequest) session
.getAttribute(PDF_STATUS);
+ if(statusRequest == null) {
+ throw new PdfAsWebException("No Signature running in session:" + session.getId());
+ }
+
statusRequest.setSigature(createCMSSignatureResponseType
.getCMSSignature());
statusRequest = pdfAs.process(statusRequest);
@@ -343,6 +387,11 @@ public class PdfAsHelper {
PdfAsHelper.process(request, response, context);
}
+
+ public static void logAccess(HttpServletRequest request) {
+ HttpSession session = request.getSession();
+ logger.debug("Access to " + request.getServletPath() + " in Session: " + session.getId());
+ }
public static void process(HttpServletRequest request,
HttpServletResponse response, ServletContext context)
@@ -356,7 +405,8 @@ public class PdfAsHelper {
String connector = (String) session.getAttribute(PDF_SL_INTERACTIVE);
- if (connector.equals("bku") || connector.equals("onlinebku") || connector.equals("mobilebku")) {
+ if (connector.equals("bku") || connector.equals("onlinebku")
+ || connector.equals("mobilebku")) {
BKUSLConnector bkuSLConnector = (BKUSLConnector) session
.getAttribute(PDF_SL_CONNECTOR);
@@ -374,18 +424,14 @@ public class PdfAsHelper {
JAXBElement<InfoboxReadRequestType> readRequest = of
.createInfoboxReadRequest(readCertificateRequest);
- String url = request.getContextPath() + "/DataURL;jsessionid="
- + session.getId();
- String fullurl = request.getScheme() + "://"
- + request.getServerName() + ":"
- + request.getServerPort() + url;
+ String url = generateDataURL(request, response);
String slRequest = SLMarschaller.marshalToString(readRequest);
String template = getTemplateSL();
template = template.replace("##BKU##",
generateBKUURL(connector));
template = template.replace("##XMLRequest##",
StringEscapeUtils.escapeHtml4(slRequest));
- template = template.replace("##DataURL##", fullurl);
+ template = template.replace("##DataURL##", url);
response.getWriter().write(template);
response.getWriter().close();
} else if (statusRequest.needSignature()) {
@@ -431,28 +477,31 @@ public class PdfAsHelper {
.toFile(PdfAsHelper.class.getResource("/template_sl.html")));
return xml;
}
-
+
public static String getErrorRedirectTemplateSL() throws IOException {
String xml = FileUtils.readFileToString(FileUtils
- .toFile(PdfAsHelper.class.getResource("/template_error_redirect.html")));
+ .toFile(PdfAsHelper.class
+ .getResource("/template_error_redirect.html")));
return xml;
}
-
+
public static String getProvideTemplate() throws IOException {
- String xml = FileUtils.readFileToString(FileUtils
- .toFile(PdfAsHelper.class.getResource("/template_provide.html")));
+ String xml = FileUtils
+ .readFileToString(FileUtils.toFile(PdfAsHelper.class
+ .getResource("/template_provide.html")));
return xml;
}
-
+
public static String getErrorTemplate() throws IOException {
String xml = FileUtils.readFileToString(FileUtils
.toFile(PdfAsHelper.class.getResource("/template_error.html")));
return xml;
}
-
+
public static String getInvokeRedirectTemplateSL() throws IOException {
String xml = FileUtils.readFileToString(FileUtils
- .toFile(PdfAsHelper.class.getResource("/template_invoke_redirect.html")));
+ .toFile(PdfAsHelper.class
+ .getResource("/template_invoke_redirect.html")));
return xml;
}
@@ -542,7 +591,7 @@ public class PdfAsHelper {
Object obj = session.getAttribute(PDF_ERR_URL);
return obj == null ? null : obj.toString();
}
-
+
public static void setInvokeURL(HttpServletRequest request,
HttpServletResponse response, String url) {
HttpSession session = request.getSession();
@@ -582,6 +631,11 @@ public class PdfAsHelper {
return dataURL;
}
+ public static void regenerateSession(HttpServletRequest request) {
+ request.getSession(false).invalidate();
+ request.getSession(true);
+ }
+
public static String generateDataURL(HttpServletRequest request,
HttpServletResponse response) {
return generateURL(request, response, PDF_DATAURL_PAGE);
@@ -591,7 +645,7 @@ public class PdfAsHelper {
HttpServletResponse response) {
return generateURL(request, response, PDF_PROVIDE_PAGE);
}
-
+
public static String generateErrorURL(HttpServletRequest request,
HttpServletResponse response) {
return generateURL(request, response, PDF_ERROR_PAGE);
@@ -601,13 +655,13 @@ public class PdfAsHelper {
HttpServletResponse response) {
return generateURL(request, response, PDF_PDFDATA_PAGE);
}
-
+
public static String generateBKUURL(String connector) {
- if(connector.equals("bku")) {
+ if (connector.equals("bku")) {
return WebConfiguration.getLocalBKUURL();
- } else if(connector.equals("onlinebku")) {
+ } else if (connector.equals("onlinebku")) {
return WebConfiguration.getOnlineBKUURL();
- } else if(connector.equals("mobilebku")) {
+ } else if (connector.equals("mobilebku")) {
return WebConfiguration.getHandyBKUURL();
}
return WebConfiguration.getLocalBKUURL();
@@ -626,8 +680,9 @@ public class PdfAsHelper {
}
return false;
}
-
- public static void setSignatureDataHash(HttpServletRequest request, String value) {
+
+ public static void setSignatureDataHash(HttpServletRequest request,
+ String value) {
HttpSession session = request.getSession();
session.setAttribute(SIGNATURE_DATA_HASH, value);
}
@@ -640,7 +695,7 @@ public class PdfAsHelper {
}
return "";
}
-
+
public static void setPDFFileName(HttpServletRequest request, String value) {
HttpSession session = request.getSession();
session.setAttribute(PDF_FILE_NAME, value);
@@ -654,13 +709,36 @@ public class PdfAsHelper {
}
return "document.pdf";
}
-
- public static void setSignatureActive(HttpServletRequest request, boolean value) {
- request.setAttribute(SIGNATURE_ACTIVE, new Boolean(value));
+
+ public static void setVerificationResult(HttpServletRequest request,
+ List<VerifyResult> value) {
+ HttpSession session = request.getSession();
+ session.setAttribute(VERIFICATION_RESULT, value);
+ }
+
+ public static List<VerifyResult> getVerificationResult(
+ HttpServletRequest request) {
+ HttpSession session = request.getSession();
+ Object obj = session.getAttribute(VERIFICATION_RESULT);
+ if (obj != null) {
+ try {
+ return (List<VerifyResult>) obj;
+ } catch (Throwable e) {
+ logger.error("Invalid object type");
+ }
+ }
+ return null;
+ }
+
+ public static void setSignatureActive(HttpServletRequest request,
+ boolean value) {
+ HttpSession session = request.getSession();
+ session.setAttribute(SIGNATURE_ACTIVE, new Boolean(value));
}
public static boolean isSignatureActive(HttpServletRequest request) {
- Object obj = request.getAttribute(SIGNATURE_ACTIVE);
+ HttpSession session = request.getSession();
+ Object obj = session.getAttribute(SIGNATURE_ACTIVE);
if (obj != null) {
if (obj instanceof Boolean) {
return ((Boolean) obj).booleanValue();
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
index 4d6ad1fe..b20a6656 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
@@ -18,6 +18,7 @@ public class PdfAsParameterExtractor {
public static final String PARAM_SIG_POS_Y = "sig-pos-y";
public static final String PARAM_SIG_POS_X = "sig-pos-x";
public static final String PARAM_SIG_POS_W = "sig-pos-w";
+ public static final String PARAM_SIG_IDX = "sig-idx";
public static String getConnector(HttpServletRequest request) {
String connector = (String)request.getAttribute(PARAM_CONNECTOR);
@@ -70,4 +71,8 @@ public class PdfAsParameterExtractor {
public static String getSigPosW(HttpServletRequest request) {
return (String)request.getAttribute(PARAM_SIG_POS_W);
}
+
+ public static String getSigIdx(HttpServletRequest request) {
+ return (String)request.getAttribute(PARAM_SIG_IDX);
+ }
}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java
index 7847d840..dcb93fb1 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java
@@ -58,26 +58,28 @@ public class DataURLServlet extends HttpServlet {
PdfAsHelper.setFromDataUrl(request);
String xmlResponse = request.getParameter("XMLResponse");
- System.out.println(xmlResponse);
+ //System.out.println(xmlResponse);
JAXBElement jaxbObject = (JAXBElement) SLMarschaller.unmarshalFromString(xmlResponse);
if(jaxbObject.getValue() instanceof InfoboxReadResponseType) {
InfoboxReadResponseType infoboxReadResponseType = (InfoboxReadResponseType)jaxbObject.getValue();
+ logger.info("Got InfoboxReadResponseType");
PdfAsHelper.injectCertificate(request, response, infoboxReadResponseType, getServletContext());
} else if(jaxbObject.getValue() instanceof CreateCMSSignatureResponseType) {
CreateCMSSignatureResponseType createCMSSignatureResponseType = (CreateCMSSignatureResponseType)jaxbObject.getValue();
+ logger.info("Got CreateCMSSignatureResponseType");
PdfAsHelper.injectSignature(request, response, createCMSSignatureResponseType, getServletContext());
} else if(jaxbObject.getValue() instanceof ErrorResponseType) {
ErrorResponseType errorResponseType = (ErrorResponseType)jaxbObject.getValue();
logger.error("SecurityLayer: " + errorResponseType.getErrorCode() + " " + errorResponseType.getInfo());
throw new PdfAsSecurityLayerException(errorResponseType.getInfo(),
errorResponseType.getErrorCode());
-
} else {
throw new PdfAsSecurityLayerException("Unknown SL response",
9999);
}
} catch (Exception e) {
+ logger.error("Error in DataURL Servlet. " , e);
PdfAsHelper.setSessionException(request, response, e.getMessage(),
e);
PdfAsHelper.gotoError(getServletContext(), request, response);
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
index fe26f097..b2649a57 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
@@ -60,6 +60,8 @@ public class ExternSignServlet extends HttpServlet {
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
+ //PdfAsHelper.regenerateSession(request);
+
System.out.println("Get signing request");
logger.info("Get signing request");
@@ -93,6 +95,8 @@ public class ExternSignServlet extends HttpServlet {
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
+ //PdfAsHelper.regenerateSession(request);
+
System.out.println("Post signing request");
logger.info("Post signing request");
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
index 4418c30b..0dd96e78 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
@@ -1,5 +1,8 @@
package at.gv.egiz.pdfas.web.servlets;
+import iaik.x509.X509Certificate;
+
+import java.io.File;
import java.io.IOException;
import java.util.List;
@@ -8,53 +11,244 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.fileupload.FileItem;
+import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.apache.commons.fileupload.servlet.ServletFileUpload;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource;
import at.gv.egiz.pdfas.lib.api.Configuration;
import at.gv.egiz.pdfas.lib.api.PdfAs;
import at.gv.egiz.pdfas.lib.api.PdfAsFactory;
import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter;
import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor;
+import at.gv.egiz.pdfas.web.helper.RemotePDFFetcher;
/**
* Servlet implementation class VerifyServlet
*/
public class VerifyServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
-
- /**
- * @see HttpServlet#HttpServlet()
- */
- public VerifyServlet() {
- super();
- }
+
+ private static final Logger logger = LoggerFactory
+ .getLogger(ExternSignServlet.class);
+
+ private static final String UPLOAD_PDF_DATA = "pdfFile";
+ private static final String UPLOAD_DIRECTORY = "upload";
+ private static final int THRESHOLD_SIZE = 1024 * 1024 * 3; // 3MB
+ private static final int MAX_FILE_SIZE = 1024 * 1024 * 40; // 40MB
+ private static final int MAX_REQUEST_SIZE = 1024 * 1024 * 50; // 50MB
/**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
+ * @see HttpServlet#HttpServlet()
*/
- protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- // TODO Auto-generated method stub
+ public VerifyServlet() {
+ super();
}
/**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
*/
- protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- // TODO Auto-generated method stub
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ System.out.println("Get verify request");
+ logger.info("Get verify request");
+
+ String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
+ PdfAsHelper.setErrorURL(request, response, errorUrl);
+ try {
+ // Mandatory Parameters on Get Request:
+ String invokeUrl = PdfAsParameterExtractor.getInvokeURL(request);
+ PdfAsHelper.setInvokeURL(request, response, invokeUrl);
+
+ String pdfUrl = PdfAsParameterExtractor.getPdfUrl(request);
+
+ if (pdfUrl == null) {
+ throw new PdfAsWebException(
+ "No PDF URL given! Use POST request to sign without PDF URL.");
+ }
+
+ byte[] pdfData = RemotePDFFetcher.fetchPdfFile(pdfUrl);
+ doVerify(request, response, pdfData);
+ } catch (Exception e) {
+ PdfAsHelper.setSessionException(request, response, e.getMessage(),
+ e);
+ PdfAsHelper.gotoError(getServletContext(), request, response);
+ }
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ System.out.println("Post signing request");
+ logger.info("Post signing request");
+
+ String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
+ PdfAsHelper.setErrorURL(request, response, errorUrl);
+
+ try {
+ byte[] filecontent = null;
+
+ // checks if the request actually contains upload file
+ if (!ServletFileUpload.isMultipartContent(request)) {
+ // No Uploaded data!
+ if (PdfAsParameterExtractor.getPdfUrl(request) != null) {
+ doGet(request, response);
+ return;
+ } else {
+ throw new PdfAsWebException("No Signature data defined!");
+ }
+ } else {
+ // configures upload settings
+ DiskFileItemFactory factory = new DiskFileItemFactory();
+ factory.setSizeThreshold(THRESHOLD_SIZE);
+ factory.setRepository(new File(System
+ .getProperty("java.io.tmpdir")));
+
+ ServletFileUpload upload = new ServletFileUpload(factory);
+ upload.setFileSizeMax(MAX_FILE_SIZE);
+ upload.setSizeMax(MAX_REQUEST_SIZE);
+
+ // constructs the directory path to store upload file
+ String uploadPath = getServletContext().getRealPath("")
+ + File.separator + UPLOAD_DIRECTORY;
+ // creates the directory if it does not exist
+ File uploadDir = new File(uploadPath);
+ if (!uploadDir.exists()) {
+ uploadDir.mkdir();
+ }
+
+ List formItems = upload.parseRequest(request);
+ logger.debug(formItems.size() + " Items in form data");
+ if (formItems.size() < 1) {
+ // No Uploaded data!
+ // Try do get
+ // No Uploaded data!
+ if (PdfAsParameterExtractor.getPdfUrl(request) != null) {
+ doGet(request, response);
+ return;
+ } else {
+ throw new PdfAsWebException(
+ "No Signature data defined!");
+ }
+ } else {
+ for (int i = 0; i < formItems.size(); i++) {
+ Object obj = formItems.get(i);
+ if (obj instanceof FileItem) {
+ FileItem item = (FileItem) obj;
+ if (item.getFieldName().equals(UPLOAD_PDF_DATA)) {
+ filecontent = item.get();
+ try {
+ File f = new File(item.getName());
+ String name = f.getName();
+ logger.debug("Got upload: "
+ + item.getName());
+ if (name != null) {
+ if (!(name.endsWith(".pdf") || name
+ .endsWith(".PDF"))) {
+ name += ".pdf";
+ }
+
+ logger.debug("Setting Filename in session: "
+ + name);
+ PdfAsHelper.setPDFFileName(request,
+ name);
+ }
+ } catch (Throwable e) {
+ logger.error("In resolving filename", e);
+ }
+ if (filecontent.length < 10) {
+ filecontent = null;
+ } else {
+ logger.debug("Found pdf Data! Size: "
+ + filecontent.length);
+ }
+ } else {
+ request.setAttribute(item.getFieldName(),
+ item.getString());
+ logger.debug("Setting " + item.getFieldName()
+ + " = " + item.getString());
+ }
+ } else {
+ logger.debug(obj.getClass().getName() + " - "
+ + obj.toString());
+ }
+ }
+ }
+ }
+
+ if (filecontent == null) {
+ if (PdfAsParameterExtractor.getPdfUrl(request) != null) {
+ filecontent = RemotePDFFetcher
+ .fetchPdfFile(PdfAsParameterExtractor
+ .getPdfUrl(request));
+ }
+ }
+
+ if (filecontent == null) {
+ Object sourceObj = request.getAttribute("source");
+ if (sourceObj != null) {
+ String source = sourceObj.toString();
+ if (source.equals("internal")) {
+ request.setAttribute("FILEERR", true);
+ request.getRequestDispatcher("index.jsp").forward(
+ request, response);
+ return;
+ }
+ }
+ throw new PdfAsException("No Signature data available");
+ }
+
+ doVerify(request, response, filecontent);
+ } catch (Exception e) {
+ PdfAsHelper.setSessionException(request, response, e.getMessage(),
+ e);
+ PdfAsHelper.gotoError(getServletContext(), request, response);
+ }
}
- protected void doVerify(HttpServletRequest request, HttpServletResponse response,
- byte[] pdfData, int whichSignature) {
- PdfAs pdfAs = PdfAsFactory.createPdfAs(null);
- Configuration conf = pdfAs.getConfiguration();
- VerifyParameter parameter = PdfAsFactory.createVerifyParameter(conf, new ByteArrayDataSource(pdfData));
- parameter.setWhichSignature(whichSignature);
+ protected void doVerify(HttpServletRequest request,
+ HttpServletResponse response, byte[] pdfData) throws Exception {
+ throw new Exception("");
- //List<VerifyResult> results = pdfAs.verify(parameter);
+ /*List<VerifyResult> results = PdfAsHelper.synchornousVerify(request,
+ response, pdfData);
+
+ PdfAsHelper.setVerificationResult(request, results);
// Create HTML Snippet for each Verification Result
// Put these results into the web page
- // Or create a JSON response with the verification results for automated processing
-
+ // Or create a JSON response with the verification results for automated
+ // processing
+ for (int i = 0; i < results.size(); i++) {
+ VerifyResult result = results.get(i);
+
+ if (result.isVerificationDone()) {
+
+ int certCode = result.getCertificateCheck().getCode();
+ String certMessage = result.getCertificateCheck().getMessage();
+
+ int valueCode = result.getValueCheckCode().getCode();
+ String valueMessage = result.getValueCheckCode().getMessage();
+
+ Exception e = result.getVerificationException();
+
+ X509Certificate cert = result.getSignerCertificate();
+ byte[] data = result.getSignatureData();
+
+
+ }
+ }*/
}
-
+
}
diff --git a/pdf-as-web/src/main/resources/template_verifyResult.html b/pdf-as-web/src/main/resources/template_verifyResult.html
new file mode 100644
index 00000000..075d86d8
--- /dev/null
+++ b/pdf-as-web/src/main/resources/template_verifyResult.html
@@ -0,0 +1,3 @@
+<p>
+
+</p> \ No newline at end of file
diff --git a/pdf-as-web/src/main/webapp/egiz.jsp b/pdf-as-web/src/main/webapp/egiz.jsp
new file mode 100644
index 00000000..f6086190
--- /dev/null
+++ b/pdf-as-web/src/main/webapp/egiz.jsp
@@ -0,0 +1,328 @@
+
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<%@ taglib uri="http://www.opensymphony.com/sitemesh/decorator"
+ prefix="decorator"%>
+<%@page contentType="text/html; charset=UTF-8"%>
+<html xmlns="http://www.w3.org/1999/xhtml" lang="de" xml:lang="de">
+<head>
+<meta http-equiv="content-type" content="text/html; charset=iso-8859-15" />
+
+<meta http-equiv="x-ua-compatible" content="IE=edge" />
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<meta name="generator"
+ content="Joomla! - Open Source Content Management" />
+<title><decorator:title></decorator:title> - Testportal - E-Government
+ Innovationszentrum - EGIZ</title>
+<link href="http://www.egiz.gv.at/de/testportal/8-openID_demo?catId=0"
+ rel="canonical" />
+<link href="http://www.egiz.gv.at/de/templates/egiz/favicon.ico"
+ rel="shortcut icon" type="image/vnd.microsoft.icon" />
+<link
+ href="http://www.egiz.gv.at/de/component/search/?Itemid=109&amp;catid=8&amp;id=8&amp;format=opensearch"
+ rel="search" title="Suchen E-Government Innovationszentrum - EGIZ"
+ type="application/opensearchdescription+xml" />
+<link rel="stylesheet"
+ href="http://www.egiz.gv.at/components/com_egiz/assets/css/projects.css"
+ type="text/css" />
+<link rel="stylesheet"
+ href="http://www.egiz.gv.at/templates/system/css/system.css"
+ type="text/css" />
+<link rel="stylesheet"
+ href="http://www.egiz.gv.at/templates/egiz/css/general.css"
+ type="text/css" media="all" />
+<link rel="stylesheet"
+ href="http://www.egiz.gv.at/templates/egiz/css/print.css"
+ type="text/css" media="print" />
+<link rel="stylesheet"
+ href="http://www.egiz.gv.at/media/mod_falang/css/template.css"
+ type="text/css" />
+<script
+ src="http://www.egiz.gv.at/templates/egiz/js/jquery-1.8.3.min.js"
+ type="text/javascript"></script>
+<script
+ src="http://www.egiz.gv.at/templates/egiz/js/jquery.event.move.js"
+ type="text/javascript"></script>
+<script
+ src="http://www.egiz.gv.at/templates/egiz/js/jquery.event.swipe.js"
+ type="text/javascript"></script>
+<script src="http://www.egiz.gv.at/templates/egiz/js/EgizResponsive.js"
+ type="text/javascript"></script>
+<link href="http://www.egiz.gv.at/de/component/obrss/egiz-feed.rss"
+ rel="alternate" type="application/rss+xml" title="EGIZ Feed" />
+<meta name="viewport"
+ content="width=device-width, maximum-scale=3.0, user-scalable=yes" />
+<meta name="HandheldFriendly" content="true" />
+<meta name="apple-mobile-web-app-capable" content="YES" />
+<link rel="stylesheet" media="only screen and (max-width: 800px)"
+ href="http://www.egiz.gv.at/templates/egiz/css/800.css" />
+<link rel="stylesheet" media="only screen and (max-width: 750px)"
+ href="http://www.egiz.gv.at/templates/egiz/css/mobile.css" />
+<link rel="stylesheet" media="only screen and (max-width: 320px)"
+ href="http://www.egiz.gv.at/templates/egiz/css/mobile320.css" />
+<link rel="stylesheet" media="only screen and (max-width: 240px)"
+ href="http://www.egiz.gv.at/templates/egiz/css/mobile240.css" />
+<!--[if IE 7]> <link rel="stylesheet" href="http://www.egiz.gv.at/templates/egiz/css/ie7.css" /> <![endif]-->
+<!--[if IE 8]> <link rel="stylesheet" href="http://www.egiz.gv.at/templates/egiz/css/ie8.css" /> <![endif]-->
+<script type="text/javascript">var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-38726304-2']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script>
+
+<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+<meta content="text/css" http-equiv="Content-Style-Type">
+<link rel="stylesheet" type="text/css" href="css/index.css">
+<script type="text/javascript" src="./js/common.js"></script>
+<decorator:head></decorator:head>
+</head>
+<body onload="<decorator:getProperty property="body.onload" />">
+ <div id="template_outer">
+ <div id="template">
+ <div id="skiplinks">
+ <p>
+ <a href="http://www.egiz.gv.at/de/#template_content_content"
+ accesskey="0">Zum Inhalt springen (Alt+0).</a>
+ </p>
+ <p>
+ <a href="http://www.egiz.gv.at/de/#template_mainmenu" accesskey="1">Zum
+ Hauptmenü springen (Alt+1).</a>
+ </p>
+ <p>
+ <a href="http://www.egiz.gv.at/de/#footer" accesskey="3">Zum
+ Footer springen (Alt+3).</a>
+ </p>
+ </div>
+ <div id="template_header">
+ <div id="logo">
+ <a href="http://www.egiz.gv.at/de/."> <img
+ src="http://www.egiz.gv.at/templates/egiz/images/logo.png"
+ alt="Logo" />
+ </a>
+ </div>
+ <div id="twitterLangswitch">
+ <div id="langswitch">
+ <div class="moduletable">
+ <div class="mod-languages">
+ <ul class="lang-inline">
+ <li class=""><a
+ href="/en/testportal/8-openID_demo?catId=0"> <span>English</span>
+ <img
+ src="http://www.egiz.gv.at/media/mod_falang/images/en.png"
+ alt="English" title="English" />
+ </a></li>
+ </ul>
+ </div>
+ </div>
+ </div>
+ <div id="twitter">
+ <a href="https://twitter.com/egov_egiz"
+ class="twitter-follow-button"> <img
+ src="http://www.egiz.gv.at/templates/egiz/images/twitter.png"
+ alt="@egov_egiz folgen" />
+ </a>
+ </div>
+ </div>
+ <div id="topmenu">
+ <div class="moduletable">
+ <ul class="nav menu ">
+ <li class="item-112"><a id="anmeldenLink"
+ href="http://www.egiz.gv.at/anmelden">Anmelden</a></li>
+ </ul>
+ </div>
+ </div>
+ <div id="topsearch">
+ <div class="moduletable">
+ <div class="search">
+ <form action="/de/testportal" method="post" class="form-inline"
+ onsubmit="return this.searchword.value != '';">
+ <div class="inputbox">
+ <label id="searchlabel" for="mod-search-searchword">Suchbegriff</label><input
+ name="searchword" id="mod-search-searchword" maxlength="200"
+ class="inputbox search-query" type="text" size="10"
+ value="Suchbegriff eingeben"
+ onblur="if (this.value=='') this.value='Suchbegriff eingeben';"
+ onfocus="if (this.value=='Suchbegriff eingeben') this.value='';" />
+ </div>
+ <label id="searchbuttonlabel" for="mod-search-searchbutton">Suchen</label>
+ <div class="imagebutton">
+ <input id="mod-search-searchbutton" alt="Suchen" type="image"
+ value="Suchen"
+ src="http://www.egiz.gv.at/templates/egiz/images/searchbutton.png"
+ onclick="this.form.searchword.focus();" />
+ </div>
+ <div class="clear"></div>
+ <input type="hidden" name="task" value="search" /> <input
+ type="hidden" name="option" value="com_search" /> <input
+ type="hidden" name="Itemid" value="109" />
+ </form>
+ </div>
+ </div>
+ </div>
+ <div class="clear"></div>
+ </div>
+ <div id="template_mainmenu">
+ <h1 class="hidden">Hauptmenü</h1>
+ <div class="moduletable_menu">
+ <ul class="nav menu ">
+ <li class="item-101"><a href="http://www.egiz.gv.at/de/">&nbsp;<img
+ src="http://www.egiz.gv.at/files/images/homebutton.png"
+ alt="Home" />&nbsp;
+ </a></li>
+ <li class="item-107"><a
+ href="http://www.egiz.gv.at/de/projekte">Projekte</a></li>
+ <li class="item-108"><a
+ href="http://www.egiz.gv.at/de/schwerpunkte">Schwerpunkte</a></li>
+ <li class="item-109 current active"><a
+ href="http://www.egiz.gv.at/de/testportal">Testportal</a></li>
+ <li class="item-110"><a
+ href="http://www.egiz.gv.at/de/research">Forschung</a></li>
+ <li class="item-111 parent"><a
+ href="http://www.egiz.gv.at/de/ueber-egiz">Über EGIZ</a></li>
+ </ul>
+ <div class="clear"></div>
+ </div>
+ <div class="clear"></div>
+ </div>
+ <div id="template_content">
+ <h1 class="hidden">Inhalt</h1>
+ <div id="system-message-container">
+ <div id="system-message"></div>
+ </div>
+ <div id="template_content_content">
+ <div id="projectsContainer">
+ <div class="prevPage">
+ <a
+ href="http://demo.egiz.gv.at/de/testportal/7-eps2-demo#projectsContainer"><img
+ src="http://www.egiz.gv.at/templates/egiz/images/scrollleft.png"
+ alt="zurückblättern" /></a>
+ </div>
+ <div class="content">
+ <div class="backlink">
+ <a href="http://www.egiz.gv.at/testportal">Zurück zur
+ Übersicht</a>
+ </div>
+ <h1>PDF Signatur</h1>
+ <div class="project projectWithExtra">
+ <div class="body">
+ <decorator:body></decorator:body>
+ </div>
+ </div>
+ <div class="extratext">
+ <h2>Detailinformationen</h2>
+ <p>Unter folgenden Links finden Sie detaillierte
+ Informationen wie Sie zu OpenID Connect, der Bürgerkarte und
+ der Handy-Signatur.</p>
+ <a href="http://openid.net/connect/" target="_blank">OpenID
+ Connect</a> <br />
+ <br />
+ <a href="http://www.buergerkarte.at" target="_blank">Bürgerkarte.at</a>
+ <br />
+ <br />
+ <a href="https://www.handy-signatur.at/" target="_blank"
+ title="Handy-Signatur.at">Handy-Signatur.at</a>
+ </div>
+ <div class="clear"></div>
+ </div>
+ <div class="nextPage">
+ <a
+ href="http://demo.egiz.gv.at/de/testportal/7-eps2-demo#projectsContainer"><img
+ src="http://www.egiz.gv.at/templates/egiz/images/scrollright.png"
+ alt="weiterblättern" /></a>
+ </div>
+ <div class="clear"></div>
+ </div>
+ </div>
+ </div>
+ </div>
+ <div id="template_footer">
+ <div id="footer">
+ <h1 class="hidden">Footer</h1>
+ <div class="moduletable">
+ <div id="footer_left">
+ <p style="margin-bottom: 0cm;">
+ <strong>Über EGIZ:</strong><br />» <a
+ href="http://www.egiz.gv.at/de/ueber-egiz">Mission Statement</a><br />»
+ <a href="http://www.egiz.gv.at/de/ueber-egiz/team">Unser Team</a><br />»
+ <a href="http://www.egiz.gv.at/de/news">News</a><br />
+ <a href="http://www.egiz.gv.at/de/newsletter">» Newsletter
+ abonnieren</a><br />» <a href="http://www.egiz.gv.at/de/presse">Presseinformation</a><br />»
+ <a href="http://www.egiz.gv.at/de/ueber-egiz/jobs">Jobs</a><br />»
+ <a href="http://www.egiz.gv.at/de/ueber-egiz/kontakt">Kontakt</a>
+ </p>
+ <p style="margin-bottom: 0cm;">
+ <strong>Schwerpunkte:</strong><br />
+ <a href="http://www.egiz.gv.at/de/schwerpunkte">» Unsere
+ Schwerpunkte</a>
+ </p>
+ <p style="margin-bottom: 0cm;">
+ <a href="http://www.egiz.gv.at/component/obrss/egiz-feed.rss"
+ id="rss_link">RSS-Feed</a>
+ </p>
+ <p style="margin-bottom: 0cm;">
+ <a href="javascript:window.print();" id="print_link">Drucken</a>
+ </p>
+ </div>
+ <div id="footer_middle">
+ <p style="margin-bottom: 0cm;">
+ <strong>Veranstaltungen: </strong>
+ </p>
+ <div>
+ <ul id="footer_veranstaltungen">
+ <li>» <a
+ href="http://www.egiz.gv.at/de/veranstaltungen#item28">Neue
+ Formate für fortgeschrittene Signaturen</a>
+ </li>
+ <li>» <a
+ href="http://www.egiz.gv.at/de/veranstaltungen#item24">EGIZ
+ MOA 2.0 Workshop am 25. Juni 2013</a>
+ </li>
+ <li>» <a
+ href="http://www.egiz.gv.at/de/veranstaltungen#item18">EGIZ
+ MOA Workshop am 28. Juni 2012</a>
+ </li>
+ <li>» <a
+ href="http://www.egiz.gv.at/de/veranstaltungen#item19">EGIZ
+ Workshop am 15. März 2012</a>
+ </li>
+ </ul>
+ </div>
+ <p>
+ <a href="http://www.egiz.gv.at/de/veranstaltungen">»
+ Veranstaltungsübersicht</a>
+ </p>
+ <p style="margin-bottom: 0cm;">
+ <strong> Research:</strong><br />
+ <a href="http://www.egiz.gv.at/de/research">» Unsere
+ Forschungsarbeit</a>
+ </p>
+ </div>
+ <div id="footer_right">
+ <p style="margin-bottom: 0cm;">
+ <strong>Kontakt EGIZ:</strong><br />E-Government
+ Innovationszentrum EGIZ<br />IAIK, TU-Graz<br />Inffeldgasse
+ 16a, A-8010 Graz<br />
+ <br />Tel.: +43 (316) 873-5514<br />Fax: +43 (316) 873-5520<br />
+ <a href="mailto:webmaster@egiz.gv.at">webmaster@egiz.gv.at</a><br />
+ <br />
+ <a href="http://www.egiz.gv.at/de/ueber-egiz/impressum">Impressum</a>
+ </p>
+ <p style="margin-bottom: 0cm;">
+ <a href="http://www.egiz.gv.at/de/sitemap">Sitemap</a>
+ </p>
+ <p style="margin-bottom: 0cm;"></p>
+ <p style="margin-bottom: 0cm;">
+ <a href="http://www.tugraz.at"><img
+ src="http://www.egiz.gv.at/files/images/tugraz_logo.png"
+ alt="Logo der TU Graz" /></a>
+ </p>
+ <p style="margin-bottom: 0cm;">
+ <a href="http://www.bka.gv.at/"><img
+ src="http://www.egiz.gv.at/files/images/bundeskanzleramt_logo.png"
+ alt="Logo Bundeskanzleramt Österreich" /></a>
+ </p>
+ </div>
+ <div class="clear"></div>
+ <!--<div id="intouch"> Website: <a href="http://www.intouch.at/" target="_blank">INTOUCH Werbeagentur &amp; Internetagentur</a></div>-->
+ </div>
+ </div>
+ </div>
+ </div>
+</body>
+</html> \ No newline at end of file