diff options
author | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2014-02-06 12:47:21 +0100 |
---|---|---|
committer | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2014-02-06 12:47:21 +0100 |
commit | 5ea41481c10aa43ab1df5e0b7ba0c18c3262c9eb (patch) | |
tree | f915ba3e7c132e47a57ae4ec74c872d32a1d3acc | |
parent | 8238b1a96ab240ac30525f2b254518cd052d2501 (diff) | |
download | pdf-as-4-5ea41481c10aa43ab1df5e0b7ba0c18c3262c9eb.tar.gz pdf-as-4-5ea41481c10aa43ab1df5e0b7ba0c18c3262c9eb.tar.bz2 pdf-as-4-5ea41481c10aa43ab1df5e0b7ba0c18c3262c9eb.zip |
Started verification implementation, HTTP Session cleanup
8 files changed, 690 insertions, 75 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java index bcda2263..d782c4dc 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java @@ -47,6 +47,7 @@ public class ExceptionCatchFilter implements Filter { if(request instanceof HttpServletRequest) { logger.debug("Processing Parameters into Attributes"); HttpServletRequest httpRequest = (HttpServletRequest)request; + PdfAsHelper.logAccess(httpRequest); Enumeration<String> parameterNames = httpRequest.getParameterNames(); while(parameterNames.hasMoreElements()) { String name = parameterNames.nextElement(); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java index 12d7ffc5..13e8159f 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java @@ -18,24 +18,19 @@ import org.apache.commons.lang3.StringEscapeUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import com.lowagie.text.html.WebColors; - -import at.gv.egiz.pdfas.common.exceptions.PdfAsException; import at.gv.egiz.pdfas.lib.api.ByteArrayDataSink; import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource; import at.gv.egiz.pdfas.lib.api.Configuration; import at.gv.egiz.pdfas.lib.api.DataSink; import at.gv.egiz.pdfas.lib.api.PdfAs; import at.gv.egiz.pdfas.lib.api.PdfAsFactory; -import at.gv.egiz.pdfas.lib.api.SignaturePosition; import at.gv.egiz.pdfas.lib.api.StatusRequest; import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner; import at.gv.egiz.pdfas.lib.api.sign.SignParameter; import at.gv.egiz.pdfas.lib.api.sign.SignResult; -import at.gv.egiz.pdfas.lib.impl.PdfAsImpl; -import at.gv.egiz.pdfas.lib.impl.SignaturePositionImpl; +import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter; +import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; import at.gv.egiz.pdfas.sigs.pades.PAdESSigner; -import at.gv.egiz.pdfas.sigs.pades.PAdESSignerKeystore; import at.gv.egiz.pdfas.sigs.pkcs7detached.PKCS7DetachedSigner; import at.gv.egiz.pdfas.web.config.WebConfiguration; import at.gv.egiz.pdfas.web.exception.PdfAsWebException; @@ -69,6 +64,7 @@ public class PdfAsHelper { private static final String REQUEST_FROM_DU = "REQ_DATA_URL"; private static final String SIGNATURE_DATA_HASH = "SIGNATURE_DATA_HASH"; private static final String SIGNATURE_ACTIVE = "SIGNATURE_ACTIVE"; + private static final String VERIFICATION_RESULT = "VERIFICATION_RESULT"; private static final Logger logger = LoggerFactory .getLogger(PdfAsHelper.class); @@ -78,14 +74,14 @@ public class PdfAsHelper { static { logger.debug("Creating PDF-AS"); - pdfAs = PdfAsFactory.createPdfAs(new File(WebConfiguration.getPdfASDir())); + pdfAs = PdfAsFactory.createPdfAs(new File(WebConfiguration + .getPdfASDir())); logger.debug("Creating PDF-AS done"); } - + public static void init() { logger.debug("PDF-AS Helper initialized"); } - private static void validatePdfSize(HttpServletRequest request, HttpServletResponse response, byte[] pdfData) @@ -113,7 +109,7 @@ public class PdfAsHelper { } } } - + private static String buildPosString(HttpServletRequest request, HttpServletResponse response) throws PdfAsWebException { String posP = PdfAsParameterExtractor.getSigPosP(request); @@ -180,6 +176,38 @@ public class PdfAsHelper { return sb.toString(); } + public static List<VerifyResult> synchornousVerify( + HttpServletRequest request, HttpServletResponse response, + byte[] pdfData) throws Exception { + String signidxString = PdfAsParameterExtractor.getSigIdx(request); + int signIdx = -1; + if (signidxString != null) { + try { + signIdx = Integer.parseInt(signidxString); + } catch (Throwable e) { + logger.error("Failed to parse Signature Index: " + + signidxString); + } + } + + logger.error("Verifing Signature index: " + signIdx); + + Configuration config = pdfAs.getConfiguration(); + + ByteArrayDataSource dataSource = new ByteArrayDataSource(pdfData); + + VerifyParameter verifyParameter = PdfAsFactory.createVerifyParameter( + config, dataSource); + + verifyParameter.setDataSource(dataSource); + verifyParameter.setConfiguration(config); + verifyParameter.setWhichSignature(signIdx); + + List<VerifyResult> results = pdfAs.verify(verifyParameter); + + return results; + } + /** * Create synchronous PDF Signature * @@ -213,9 +241,11 @@ public class PdfAsHelper { if (connector.equals("moa")) { signer = new PAdESSigner(new MOAConnector(config)); } else { - signer = new PKCS7DetachedSigner(WebConfiguration.getKeystoreFile(), + signer = new PKCS7DetachedSigner( + WebConfiguration.getKeystoreFile(), WebConfiguration.getKeystoreAlias(), - WebConfiguration.getKeystorePass(), WebConfiguration.getKeystoreKeyPass(), + WebConfiguration.getKeystorePass(), + WebConfiguration.getKeystoreKeyPass(), WebConfiguration.getKeystoreType()); } @@ -240,17 +270,21 @@ public class PdfAsHelper { HttpServletResponse response, ServletContext context, byte[] pdfData) throws Exception { - // TODO: Protect session so that only one PDF can be signed during one session - /*if(PdfAsHelper.isSignatureActive(request)) { - throw new PdfAsException("Signature is active in this session"); - } - - PdfAsHelper.setSignatureActive(request, true);*/ - + // TODO: Protect session so that only one PDF can be signed during one + // session + /* + * if(PdfAsHelper.isSignatureActive(request)) { throw new + * PdfAsException("Signature is active in this session"); } + * + * PdfAsHelper.setSignatureActive(request, true); + */ + validatePdfSize(request, response, pdfData); HttpSession session = request.getSession(); + logger.info("Starting signature in session: " + session.getId()); + Configuration config = pdfAs.getConfiguration(); session.setAttribute(PDF_CONFIG, config); @@ -262,12 +296,14 @@ public class PdfAsHelper { String connector = PdfAsParameterExtractor.getConnector(request); IPlainSigner signer; - if (connector.equals("bku") || connector.equals("onlinebku") || connector.equals("mobilebku")) { + if (connector.equals("bku") || connector.equals("onlinebku") + || connector.equals("mobilebku")) { BKUSLConnector conn = new BKUSLConnector(config); signer = new PAdESSigner(conn); session.setAttribute(PDF_SL_CONNECTOR, conn); } else { - throw new PdfAsWebException("Invalid connector (bku | onlinebku | mobilebku | moa | jks)"); + throw new PdfAsWebException( + "Invalid connector (bku | onlinebku | mobilebku | moa | jks)"); } signParameter.setPlainSigner(signer); @@ -318,6 +354,10 @@ public class PdfAsHelper { StatusRequest statusRequest = (StatusRequest) session .getAttribute(PDF_STATUS); + if(statusRequest == null) { + throw new PdfAsWebException("No Signature running in session:" + session.getId()); + } + statusRequest.setCertificate(getCertificate(infoboxReadResponseType)); statusRequest = pdfAs.process(statusRequest); session.setAttribute(PDF_STATUS, statusRequest); @@ -336,6 +376,10 @@ public class PdfAsHelper { StatusRequest statusRequest = (StatusRequest) session .getAttribute(PDF_STATUS); + if(statusRequest == null) { + throw new PdfAsWebException("No Signature running in session:" + session.getId()); + } + statusRequest.setSigature(createCMSSignatureResponseType .getCMSSignature()); statusRequest = pdfAs.process(statusRequest); @@ -343,6 +387,11 @@ public class PdfAsHelper { PdfAsHelper.process(request, response, context); } + + public static void logAccess(HttpServletRequest request) { + HttpSession session = request.getSession(); + logger.debug("Access to " + request.getServletPath() + " in Session: " + session.getId()); + } public static void process(HttpServletRequest request, HttpServletResponse response, ServletContext context) @@ -356,7 +405,8 @@ public class PdfAsHelper { String connector = (String) session.getAttribute(PDF_SL_INTERACTIVE); - if (connector.equals("bku") || connector.equals("onlinebku") || connector.equals("mobilebku")) { + if (connector.equals("bku") || connector.equals("onlinebku") + || connector.equals("mobilebku")) { BKUSLConnector bkuSLConnector = (BKUSLConnector) session .getAttribute(PDF_SL_CONNECTOR); @@ -374,18 +424,14 @@ public class PdfAsHelper { JAXBElement<InfoboxReadRequestType> readRequest = of .createInfoboxReadRequest(readCertificateRequest); - String url = request.getContextPath() + "/DataURL;jsessionid=" - + session.getId(); - String fullurl = request.getScheme() + "://" - + request.getServerName() + ":" - + request.getServerPort() + url; + String url = generateDataURL(request, response); String slRequest = SLMarschaller.marshalToString(readRequest); String template = getTemplateSL(); template = template.replace("##BKU##", generateBKUURL(connector)); template = template.replace("##XMLRequest##", StringEscapeUtils.escapeHtml4(slRequest)); - template = template.replace("##DataURL##", fullurl); + template = template.replace("##DataURL##", url); response.getWriter().write(template); response.getWriter().close(); } else if (statusRequest.needSignature()) { @@ -431,28 +477,31 @@ public class PdfAsHelper { .toFile(PdfAsHelper.class.getResource("/template_sl.html"))); return xml; } - + public static String getErrorRedirectTemplateSL() throws IOException { String xml = FileUtils.readFileToString(FileUtils - .toFile(PdfAsHelper.class.getResource("/template_error_redirect.html"))); + .toFile(PdfAsHelper.class + .getResource("/template_error_redirect.html"))); return xml; } - + public static String getProvideTemplate() throws IOException { - String xml = FileUtils.readFileToString(FileUtils - .toFile(PdfAsHelper.class.getResource("/template_provide.html"))); + String xml = FileUtils + .readFileToString(FileUtils.toFile(PdfAsHelper.class + .getResource("/template_provide.html"))); return xml; } - + public static String getErrorTemplate() throws IOException { String xml = FileUtils.readFileToString(FileUtils .toFile(PdfAsHelper.class.getResource("/template_error.html"))); return xml; } - + public static String getInvokeRedirectTemplateSL() throws IOException { String xml = FileUtils.readFileToString(FileUtils - .toFile(PdfAsHelper.class.getResource("/template_invoke_redirect.html"))); + .toFile(PdfAsHelper.class + .getResource("/template_invoke_redirect.html"))); return xml; } @@ -542,7 +591,7 @@ public class PdfAsHelper { Object obj = session.getAttribute(PDF_ERR_URL); return obj == null ? null : obj.toString(); } - + public static void setInvokeURL(HttpServletRequest request, HttpServletResponse response, String url) { HttpSession session = request.getSession(); @@ -582,6 +631,11 @@ public class PdfAsHelper { return dataURL; } + public static void regenerateSession(HttpServletRequest request) { + request.getSession(false).invalidate(); + request.getSession(true); + } + public static String generateDataURL(HttpServletRequest request, HttpServletResponse response) { return generateURL(request, response, PDF_DATAURL_PAGE); @@ -591,7 +645,7 @@ public class PdfAsHelper { HttpServletResponse response) { return generateURL(request, response, PDF_PROVIDE_PAGE); } - + public static String generateErrorURL(HttpServletRequest request, HttpServletResponse response) { return generateURL(request, response, PDF_ERROR_PAGE); @@ -601,13 +655,13 @@ public class PdfAsHelper { HttpServletResponse response) { return generateURL(request, response, PDF_PDFDATA_PAGE); } - + public static String generateBKUURL(String connector) { - if(connector.equals("bku")) { + if (connector.equals("bku")) { return WebConfiguration.getLocalBKUURL(); - } else if(connector.equals("onlinebku")) { + } else if (connector.equals("onlinebku")) { return WebConfiguration.getOnlineBKUURL(); - } else if(connector.equals("mobilebku")) { + } else if (connector.equals("mobilebku")) { return WebConfiguration.getHandyBKUURL(); } return WebConfiguration.getLocalBKUURL(); @@ -626,8 +680,9 @@ public class PdfAsHelper { } return false; } - - public static void setSignatureDataHash(HttpServletRequest request, String value) { + + public static void setSignatureDataHash(HttpServletRequest request, + String value) { HttpSession session = request.getSession(); session.setAttribute(SIGNATURE_DATA_HASH, value); } @@ -640,7 +695,7 @@ public class PdfAsHelper { } return ""; } - + public static void setPDFFileName(HttpServletRequest request, String value) { HttpSession session = request.getSession(); session.setAttribute(PDF_FILE_NAME, value); @@ -654,13 +709,36 @@ public class PdfAsHelper { } return "document.pdf"; } - - public static void setSignatureActive(HttpServletRequest request, boolean value) { - request.setAttribute(SIGNATURE_ACTIVE, new Boolean(value)); + + public static void setVerificationResult(HttpServletRequest request, + List<VerifyResult> value) { + HttpSession session = request.getSession(); + session.setAttribute(VERIFICATION_RESULT, value); + } + + public static List<VerifyResult> getVerificationResult( + HttpServletRequest request) { + HttpSession session = request.getSession(); + Object obj = session.getAttribute(VERIFICATION_RESULT); + if (obj != null) { + try { + return (List<VerifyResult>) obj; + } catch (Throwable e) { + logger.error("Invalid object type"); + } + } + return null; + } + + public static void setSignatureActive(HttpServletRequest request, + boolean value) { + HttpSession session = request.getSession(); + session.setAttribute(SIGNATURE_ACTIVE, new Boolean(value)); } public static boolean isSignatureActive(HttpServletRequest request) { - Object obj = request.getAttribute(SIGNATURE_ACTIVE); + HttpSession session = request.getSession(); + Object obj = session.getAttribute(SIGNATURE_ACTIVE); if (obj != null) { if (obj instanceof Boolean) { return ((Boolean) obj).booleanValue(); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java index 4d6ad1fe..b20a6656 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java @@ -18,6 +18,7 @@ public class PdfAsParameterExtractor { public static final String PARAM_SIG_POS_Y = "sig-pos-y"; public static final String PARAM_SIG_POS_X = "sig-pos-x"; public static final String PARAM_SIG_POS_W = "sig-pos-w"; + public static final String PARAM_SIG_IDX = "sig-idx"; public static String getConnector(HttpServletRequest request) { String connector = (String)request.getAttribute(PARAM_CONNECTOR); @@ -70,4 +71,8 @@ public class PdfAsParameterExtractor { public static String getSigPosW(HttpServletRequest request) { return (String)request.getAttribute(PARAM_SIG_POS_W); } + + public static String getSigIdx(HttpServletRequest request) { + return (String)request.getAttribute(PARAM_SIG_IDX); + } } diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java index 7847d840..dcb93fb1 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java @@ -58,26 +58,28 @@ public class DataURLServlet extends HttpServlet { PdfAsHelper.setFromDataUrl(request); String xmlResponse = request.getParameter("XMLResponse"); - System.out.println(xmlResponse); + //System.out.println(xmlResponse); JAXBElement jaxbObject = (JAXBElement) SLMarschaller.unmarshalFromString(xmlResponse); if(jaxbObject.getValue() instanceof InfoboxReadResponseType) { InfoboxReadResponseType infoboxReadResponseType = (InfoboxReadResponseType)jaxbObject.getValue(); + logger.info("Got InfoboxReadResponseType"); PdfAsHelper.injectCertificate(request, response, infoboxReadResponseType, getServletContext()); } else if(jaxbObject.getValue() instanceof CreateCMSSignatureResponseType) { CreateCMSSignatureResponseType createCMSSignatureResponseType = (CreateCMSSignatureResponseType)jaxbObject.getValue(); + logger.info("Got CreateCMSSignatureResponseType"); PdfAsHelper.injectSignature(request, response, createCMSSignatureResponseType, getServletContext()); } else if(jaxbObject.getValue() instanceof ErrorResponseType) { ErrorResponseType errorResponseType = (ErrorResponseType)jaxbObject.getValue(); logger.error("SecurityLayer: " + errorResponseType.getErrorCode() + " " + errorResponseType.getInfo()); throw new PdfAsSecurityLayerException(errorResponseType.getInfo(), errorResponseType.getErrorCode()); - } else { throw new PdfAsSecurityLayerException("Unknown SL response", 9999); } } catch (Exception e) { + logger.error("Error in DataURL Servlet. " , e); PdfAsHelper.setSessionException(request, response, e.getMessage(), e); PdfAsHelper.gotoError(getServletContext(), request, response); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java index fe26f097..b2649a57 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java @@ -60,6 +60,8 @@ public class ExternSignServlet extends HttpServlet { protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + //PdfAsHelper.regenerateSession(request); + System.out.println("Get signing request"); logger.info("Get signing request"); @@ -93,6 +95,8 @@ public class ExternSignServlet extends HttpServlet { protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + //PdfAsHelper.regenerateSession(request); + System.out.println("Post signing request"); logger.info("Post signing request"); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java index 4418c30b..0dd96e78 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java @@ -1,5 +1,8 @@ package at.gv.egiz.pdfas.web.servlets; +import iaik.x509.X509Certificate; + +import java.io.File; import java.io.IOException; import java.util.List; @@ -8,53 +11,244 @@ import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.commons.fileupload.FileItem; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource; import at.gv.egiz.pdfas.lib.api.Configuration; import at.gv.egiz.pdfas.lib.api.PdfAs; import at.gv.egiz.pdfas.lib.api.PdfAsFactory; import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter; import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; +import at.gv.egiz.pdfas.web.exception.PdfAsWebException; +import at.gv.egiz.pdfas.web.helper.PdfAsHelper; +import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor; +import at.gv.egiz.pdfas.web.helper.RemotePDFFetcher; /** * Servlet implementation class VerifyServlet */ public class VerifyServlet extends HttpServlet { private static final long serialVersionUID = 1L; - - /** - * @see HttpServlet#HttpServlet() - */ - public VerifyServlet() { - super(); - } + + private static final Logger logger = LoggerFactory + .getLogger(ExternSignServlet.class); + + private static final String UPLOAD_PDF_DATA = "pdfFile"; + private static final String UPLOAD_DIRECTORY = "upload"; + private static final int THRESHOLD_SIZE = 1024 * 1024 * 3; // 3MB + private static final int MAX_FILE_SIZE = 1024 * 1024 * 40; // 40MB + private static final int MAX_REQUEST_SIZE = 1024 * 1024 * 50; // 50MB /** - * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) + * @see HttpServlet#HttpServlet() */ - protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - // TODO Auto-generated method stub + public VerifyServlet() { + super(); } /** - * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) + * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse + * response) */ - protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - // TODO Auto-generated method stub + protected void doGet(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + System.out.println("Get verify request"); + logger.info("Get verify request"); + + String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request); + PdfAsHelper.setErrorURL(request, response, errorUrl); + try { + // Mandatory Parameters on Get Request: + String invokeUrl = PdfAsParameterExtractor.getInvokeURL(request); + PdfAsHelper.setInvokeURL(request, response, invokeUrl); + + String pdfUrl = PdfAsParameterExtractor.getPdfUrl(request); + + if (pdfUrl == null) { + throw new PdfAsWebException( + "No PDF URL given! Use POST request to sign without PDF URL."); + } + + byte[] pdfData = RemotePDFFetcher.fetchPdfFile(pdfUrl); + doVerify(request, response, pdfData); + } catch (Exception e) { + PdfAsHelper.setSessionException(request, response, e.getMessage(), + e); + PdfAsHelper.gotoError(getServletContext(), request, response); + } + } + + /** + * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse + * response) + */ + protected void doPost(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + + System.out.println("Post signing request"); + logger.info("Post signing request"); + + String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request); + PdfAsHelper.setErrorURL(request, response, errorUrl); + + try { + byte[] filecontent = null; + + // checks if the request actually contains upload file + if (!ServletFileUpload.isMultipartContent(request)) { + // No Uploaded data! + if (PdfAsParameterExtractor.getPdfUrl(request) != null) { + doGet(request, response); + return; + } else { + throw new PdfAsWebException("No Signature data defined!"); + } + } else { + // configures upload settings + DiskFileItemFactory factory = new DiskFileItemFactory(); + factory.setSizeThreshold(THRESHOLD_SIZE); + factory.setRepository(new File(System + .getProperty("java.io.tmpdir"))); + + ServletFileUpload upload = new ServletFileUpload(factory); + upload.setFileSizeMax(MAX_FILE_SIZE); + upload.setSizeMax(MAX_REQUEST_SIZE); + + // constructs the directory path to store upload file + String uploadPath = getServletContext().getRealPath("") + + File.separator + UPLOAD_DIRECTORY; + // creates the directory if it does not exist + File uploadDir = new File(uploadPath); + if (!uploadDir.exists()) { + uploadDir.mkdir(); + } + + List formItems = upload.parseRequest(request); + logger.debug(formItems.size() + " Items in form data"); + if (formItems.size() < 1) { + // No Uploaded data! + // Try do get + // No Uploaded data! + if (PdfAsParameterExtractor.getPdfUrl(request) != null) { + doGet(request, response); + return; + } else { + throw new PdfAsWebException( + "No Signature data defined!"); + } + } else { + for (int i = 0; i < formItems.size(); i++) { + Object obj = formItems.get(i); + if (obj instanceof FileItem) { + FileItem item = (FileItem) obj; + if (item.getFieldName().equals(UPLOAD_PDF_DATA)) { + filecontent = item.get(); + try { + File f = new File(item.getName()); + String name = f.getName(); + logger.debug("Got upload: " + + item.getName()); + if (name != null) { + if (!(name.endsWith(".pdf") || name + .endsWith(".PDF"))) { + name += ".pdf"; + } + + logger.debug("Setting Filename in session: " + + name); + PdfAsHelper.setPDFFileName(request, + name); + } + } catch (Throwable e) { + logger.error("In resolving filename", e); + } + if (filecontent.length < 10) { + filecontent = null; + } else { + logger.debug("Found pdf Data! Size: " + + filecontent.length); + } + } else { + request.setAttribute(item.getFieldName(), + item.getString()); + logger.debug("Setting " + item.getFieldName() + + " = " + item.getString()); + } + } else { + logger.debug(obj.getClass().getName() + " - " + + obj.toString()); + } + } + } + } + + if (filecontent == null) { + if (PdfAsParameterExtractor.getPdfUrl(request) != null) { + filecontent = RemotePDFFetcher + .fetchPdfFile(PdfAsParameterExtractor + .getPdfUrl(request)); + } + } + + if (filecontent == null) { + Object sourceObj = request.getAttribute("source"); + if (sourceObj != null) { + String source = sourceObj.toString(); + if (source.equals("internal")) { + request.setAttribute("FILEERR", true); + request.getRequestDispatcher("index.jsp").forward( + request, response); + return; + } + } + throw new PdfAsException("No Signature data available"); + } + + doVerify(request, response, filecontent); + } catch (Exception e) { + PdfAsHelper.setSessionException(request, response, e.getMessage(), + e); + PdfAsHelper.gotoError(getServletContext(), request, response); + } } - protected void doVerify(HttpServletRequest request, HttpServletResponse response, - byte[] pdfData, int whichSignature) { - PdfAs pdfAs = PdfAsFactory.createPdfAs(null); - Configuration conf = pdfAs.getConfiguration(); - VerifyParameter parameter = PdfAsFactory.createVerifyParameter(conf, new ByteArrayDataSource(pdfData)); - parameter.setWhichSignature(whichSignature); + protected void doVerify(HttpServletRequest request, + HttpServletResponse response, byte[] pdfData) throws Exception { + throw new Exception(""); - //List<VerifyResult> results = pdfAs.verify(parameter); + /*List<VerifyResult> results = PdfAsHelper.synchornousVerify(request, + response, pdfData); + + PdfAsHelper.setVerificationResult(request, results); // Create HTML Snippet for each Verification Result // Put these results into the web page - // Or create a JSON response with the verification results for automated processing - + // Or create a JSON response with the verification results for automated + // processing + for (int i = 0; i < results.size(); i++) { + VerifyResult result = results.get(i); + + if (result.isVerificationDone()) { + + int certCode = result.getCertificateCheck().getCode(); + String certMessage = result.getCertificateCheck().getMessage(); + + int valueCode = result.getValueCheckCode().getCode(); + String valueMessage = result.getValueCheckCode().getMessage(); + + Exception e = result.getVerificationException(); + + X509Certificate cert = result.getSignerCertificate(); + byte[] data = result.getSignatureData(); + + + } + }*/ } - + } diff --git a/pdf-as-web/src/main/resources/template_verifyResult.html b/pdf-as-web/src/main/resources/template_verifyResult.html new file mode 100644 index 00000000..075d86d8 --- /dev/null +++ b/pdf-as-web/src/main/resources/template_verifyResult.html @@ -0,0 +1,3 @@ +<p> + +</p>
\ No newline at end of file diff --git a/pdf-as-web/src/main/webapp/egiz.jsp b/pdf-as-web/src/main/webapp/egiz.jsp new file mode 100644 index 00000000..f6086190 --- /dev/null +++ b/pdf-as-web/src/main/webapp/egiz.jsp @@ -0,0 +1,328 @@ + +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<%@ taglib uri="http://www.opensymphony.com/sitemesh/decorator" + prefix="decorator"%> +<%@page contentType="text/html; charset=UTF-8"%> +<html xmlns="http://www.w3.org/1999/xhtml" lang="de" xml:lang="de"> +<head> +<meta http-equiv="content-type" content="text/html; charset=iso-8859-15" /> + +<meta http-equiv="x-ua-compatible" content="IE=edge" /> +<meta http-equiv="content-type" content="text/html; charset=utf-8" /> +<meta name="generator" + content="Joomla! - Open Source Content Management" /> +<title><decorator:title></decorator:title> - Testportal - E-Government + Innovationszentrum - EGIZ</title> +<link href="http://www.egiz.gv.at/de/testportal/8-openID_demo?catId=0" + rel="canonical" /> +<link href="http://www.egiz.gv.at/de/templates/egiz/favicon.ico" + rel="shortcut icon" type="image/vnd.microsoft.icon" /> +<link + href="http://www.egiz.gv.at/de/component/search/?Itemid=109&catid=8&id=8&format=opensearch" + rel="search" title="Suchen E-Government Innovationszentrum - EGIZ" + type="application/opensearchdescription+xml" /> +<link rel="stylesheet" + href="http://www.egiz.gv.at/components/com_egiz/assets/css/projects.css" + type="text/css" /> +<link rel="stylesheet" + href="http://www.egiz.gv.at/templates/system/css/system.css" + type="text/css" /> +<link rel="stylesheet" + href="http://www.egiz.gv.at/templates/egiz/css/general.css" + type="text/css" media="all" /> +<link rel="stylesheet" + href="http://www.egiz.gv.at/templates/egiz/css/print.css" + type="text/css" media="print" /> +<link rel="stylesheet" + href="http://www.egiz.gv.at/media/mod_falang/css/template.css" + type="text/css" /> +<script + src="http://www.egiz.gv.at/templates/egiz/js/jquery-1.8.3.min.js" + type="text/javascript"></script> +<script + src="http://www.egiz.gv.at/templates/egiz/js/jquery.event.move.js" + type="text/javascript"></script> +<script + src="http://www.egiz.gv.at/templates/egiz/js/jquery.event.swipe.js" + type="text/javascript"></script> +<script src="http://www.egiz.gv.at/templates/egiz/js/EgizResponsive.js" + type="text/javascript"></script> +<link href="http://www.egiz.gv.at/de/component/obrss/egiz-feed.rss" + rel="alternate" type="application/rss+xml" title="EGIZ Feed" /> +<meta name="viewport" + content="width=device-width, maximum-scale=3.0, user-scalable=yes" /> +<meta name="HandheldFriendly" content="true" /> +<meta name="apple-mobile-web-app-capable" content="YES" /> +<link rel="stylesheet" media="only screen and (max-width: 800px)" + href="http://www.egiz.gv.at/templates/egiz/css/800.css" /> +<link rel="stylesheet" media="only screen and (max-width: 750px)" + href="http://www.egiz.gv.at/templates/egiz/css/mobile.css" /> +<link rel="stylesheet" media="only screen and (max-width: 320px)" + href="http://www.egiz.gv.at/templates/egiz/css/mobile320.css" /> +<link rel="stylesheet" media="only screen and (max-width: 240px)" + href="http://www.egiz.gv.at/templates/egiz/css/mobile240.css" /> +<!--[if IE 7]> <link rel="stylesheet" href="http://www.egiz.gv.at/templates/egiz/css/ie7.css" /> <![endif]--> +<!--[if IE 8]> <link rel="stylesheet" href="http://www.egiz.gv.at/templates/egiz/css/ie8.css" /> <![endif]--> +<script type="text/javascript">var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-38726304-2']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> + +<meta content="text/html; charset=utf-8" http-equiv="Content-Type"> +<meta content="text/css" http-equiv="Content-Style-Type"> +<link rel="stylesheet" type="text/css" href="css/index.css"> +<script type="text/javascript" src="./js/common.js"></script> +<decorator:head></decorator:head> +</head> +<body onload="<decorator:getProperty property="body.onload" />"> + <div id="template_outer"> + <div id="template"> + <div id="skiplinks"> + <p> + <a href="http://www.egiz.gv.at/de/#template_content_content" + accesskey="0">Zum Inhalt springen (Alt+0).</a> + </p> + <p> + <a href="http://www.egiz.gv.at/de/#template_mainmenu" accesskey="1">Zum + Hauptmenü springen (Alt+1).</a> + </p> + <p> + <a href="http://www.egiz.gv.at/de/#footer" accesskey="3">Zum + Footer springen (Alt+3).</a> + </p> + </div> + <div id="template_header"> + <div id="logo"> + <a href="http://www.egiz.gv.at/de/."> <img + src="http://www.egiz.gv.at/templates/egiz/images/logo.png" + alt="Logo" /> + </a> + </div> + <div id="twitterLangswitch"> + <div id="langswitch"> + <div class="moduletable"> + <div class="mod-languages"> + <ul class="lang-inline"> + <li class=""><a + href="/en/testportal/8-openID_demo?catId=0"> <span>English</span> + <img + src="http://www.egiz.gv.at/media/mod_falang/images/en.png" + alt="English" title="English" /> + </a></li> + </ul> + </div> + </div> + </div> + <div id="twitter"> + <a href="https://twitter.com/egov_egiz" + class="twitter-follow-button"> <img + src="http://www.egiz.gv.at/templates/egiz/images/twitter.png" + alt="@egov_egiz folgen" /> + </a> + </div> + </div> + <div id="topmenu"> + <div class="moduletable"> + <ul class="nav menu "> + <li class="item-112"><a id="anmeldenLink" + href="http://www.egiz.gv.at/anmelden">Anmelden</a></li> + </ul> + </div> + </div> + <div id="topsearch"> + <div class="moduletable"> + <div class="search"> + <form action="/de/testportal" method="post" class="form-inline" + onsubmit="return this.searchword.value != '';"> + <div class="inputbox"> + <label id="searchlabel" for="mod-search-searchword">Suchbegriff</label><input + name="searchword" id="mod-search-searchword" maxlength="200" + class="inputbox search-query" type="text" size="10" + value="Suchbegriff eingeben" + onblur="if (this.value=='') this.value='Suchbegriff eingeben';" + onfocus="if (this.value=='Suchbegriff eingeben') this.value='';" /> + </div> + <label id="searchbuttonlabel" for="mod-search-searchbutton">Suchen</label> + <div class="imagebutton"> + <input id="mod-search-searchbutton" alt="Suchen" type="image" + value="Suchen" + src="http://www.egiz.gv.at/templates/egiz/images/searchbutton.png" + onclick="this.form.searchword.focus();" /> + </div> + <div class="clear"></div> + <input type="hidden" name="task" value="search" /> <input + type="hidden" name="option" value="com_search" /> <input + type="hidden" name="Itemid" value="109" /> + </form> + </div> + </div> + </div> + <div class="clear"></div> + </div> + <div id="template_mainmenu"> + <h1 class="hidden">Hauptmenü</h1> + <div class="moduletable_menu"> + <ul class="nav menu "> + <li class="item-101"><a href="http://www.egiz.gv.at/de/"> <img + src="http://www.egiz.gv.at/files/images/homebutton.png" + alt="Home" /> + </a></li> + <li class="item-107"><a + href="http://www.egiz.gv.at/de/projekte">Projekte</a></li> + <li class="item-108"><a + href="http://www.egiz.gv.at/de/schwerpunkte">Schwerpunkte</a></li> + <li class="item-109 current active"><a + href="http://www.egiz.gv.at/de/testportal">Testportal</a></li> + <li class="item-110"><a + href="http://www.egiz.gv.at/de/research">Forschung</a></li> + <li class="item-111 parent"><a + href="http://www.egiz.gv.at/de/ueber-egiz">Über EGIZ</a></li> + </ul> + <div class="clear"></div> + </div> + <div class="clear"></div> + </div> + <div id="template_content"> + <h1 class="hidden">Inhalt</h1> + <div id="system-message-container"> + <div id="system-message"></div> + </div> + <div id="template_content_content"> + <div id="projectsContainer"> + <div class="prevPage"> + <a + href="http://demo.egiz.gv.at/de/testportal/7-eps2-demo#projectsContainer"><img + src="http://www.egiz.gv.at/templates/egiz/images/scrollleft.png" + alt="zurückblättern" /></a> + </div> + <div class="content"> + <div class="backlink"> + <a href="http://www.egiz.gv.at/testportal">Zurück zur + Übersicht</a> + </div> + <h1>PDF Signatur</h1> + <div class="project projectWithExtra"> + <div class="body"> + <decorator:body></decorator:body> + </div> + </div> + <div class="extratext"> + <h2>Detailinformationen</h2> + <p>Unter folgenden Links finden Sie detaillierte + Informationen wie Sie zu OpenID Connect, der Bürgerkarte und + der Handy-Signatur.</p> + <a href="http://openid.net/connect/" target="_blank">OpenID + Connect</a> <br /> + <br /> + <a href="http://www.buergerkarte.at" target="_blank">Bürgerkarte.at</a> + <br /> + <br /> + <a href="https://www.handy-signatur.at/" target="_blank" + title="Handy-Signatur.at">Handy-Signatur.at</a> + </div> + <div class="clear"></div> + </div> + <div class="nextPage"> + <a + href="http://demo.egiz.gv.at/de/testportal/7-eps2-demo#projectsContainer"><img + src="http://www.egiz.gv.at/templates/egiz/images/scrollright.png" + alt="weiterblättern" /></a> + </div> + <div class="clear"></div> + </div> + </div> + </div> + </div> + <div id="template_footer"> + <div id="footer"> + <h1 class="hidden">Footer</h1> + <div class="moduletable"> + <div id="footer_left"> + <p style="margin-bottom: 0cm;"> + <strong>Über EGIZ:</strong><br />» <a + href="http://www.egiz.gv.at/de/ueber-egiz">Mission Statement</a><br />» + <a href="http://www.egiz.gv.at/de/ueber-egiz/team">Unser Team</a><br />» + <a href="http://www.egiz.gv.at/de/news">News</a><br /> + <a href="http://www.egiz.gv.at/de/newsletter">» Newsletter + abonnieren</a><br />» <a href="http://www.egiz.gv.at/de/presse">Presseinformation</a><br />» + <a href="http://www.egiz.gv.at/de/ueber-egiz/jobs">Jobs</a><br />» + <a href="http://www.egiz.gv.at/de/ueber-egiz/kontakt">Kontakt</a> + </p> + <p style="margin-bottom: 0cm;"> + <strong>Schwerpunkte:</strong><br /> + <a href="http://www.egiz.gv.at/de/schwerpunkte">» Unsere + Schwerpunkte</a> + </p> + <p style="margin-bottom: 0cm;"> + <a href="http://www.egiz.gv.at/component/obrss/egiz-feed.rss" + id="rss_link">RSS-Feed</a> + </p> + <p style="margin-bottom: 0cm;"> + <a href="javascript:window.print();" id="print_link">Drucken</a> + </p> + </div> + <div id="footer_middle"> + <p style="margin-bottom: 0cm;"> + <strong>Veranstaltungen: </strong> + </p> + <div> + <ul id="footer_veranstaltungen"> + <li>» <a + href="http://www.egiz.gv.at/de/veranstaltungen#item28">Neue + Formate für fortgeschrittene Signaturen</a> + </li> + <li>» <a + href="http://www.egiz.gv.at/de/veranstaltungen#item24">EGIZ + MOA 2.0 Workshop am 25. Juni 2013</a> + </li> + <li>» <a + href="http://www.egiz.gv.at/de/veranstaltungen#item18">EGIZ + MOA Workshop am 28. Juni 2012</a> + </li> + <li>» <a + href="http://www.egiz.gv.at/de/veranstaltungen#item19">EGIZ + Workshop am 15. März 2012</a> + </li> + </ul> + </div> + <p> + <a href="http://www.egiz.gv.at/de/veranstaltungen">» + Veranstaltungsübersicht</a> + </p> + <p style="margin-bottom: 0cm;"> + <strong> Research:</strong><br /> + <a href="http://www.egiz.gv.at/de/research">» Unsere + Forschungsarbeit</a> + </p> + </div> + <div id="footer_right"> + <p style="margin-bottom: 0cm;"> + <strong>Kontakt EGIZ:</strong><br />E-Government + Innovationszentrum EGIZ<br />IAIK, TU-Graz<br />Inffeldgasse + 16a, A-8010 Graz<br /> + <br />Tel.: +43 (316) 873-5514<br />Fax: +43 (316) 873-5520<br /> + <a href="mailto:webmaster@egiz.gv.at">webmaster@egiz.gv.at</a><br /> + <br /> + <a href="http://www.egiz.gv.at/de/ueber-egiz/impressum">Impressum</a> + </p> + <p style="margin-bottom: 0cm;"> + <a href="http://www.egiz.gv.at/de/sitemap">Sitemap</a> + </p> + <p style="margin-bottom: 0cm;"></p> + <p style="margin-bottom: 0cm;"> + <a href="http://www.tugraz.at"><img + src="http://www.egiz.gv.at/files/images/tugraz_logo.png" + alt="Logo der TU Graz" /></a> + </p> + <p style="margin-bottom: 0cm;"> + <a href="http://www.bka.gv.at/"><img + src="http://www.egiz.gv.at/files/images/bundeskanzleramt_logo.png" + alt="Logo Bundeskanzleramt Österreich" /></a> + </p> + </div> + <div class="clear"></div> + <!--<div id="intouch"> Website: <a href="http://www.intouch.at/" target="_blank">INTOUCH Werbeagentur & Internetagentur</a></div>--> + </div> + </div> + </div> + </div> +</body> +</html>
\ No newline at end of file |