diff options
author | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2014-01-28 13:49:33 +0100 |
---|---|---|
committer | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2014-01-28 13:49:33 +0100 |
commit | e210f9d25fb530a2650059390f12a7e8ecec48b3 (patch) | |
tree | 39c889c93bfaf94691524cf541185b736fd63ade /pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java | |
parent | f2d16430b03c38a55009bf5d157e41bfe04fcdf9 (diff) | |
download | pdf-as-4-e210f9d25fb530a2650059390f12a7e8ecec48b3.tar.gz pdf-as-4-e210f9d25fb530a2650059390f12a7e8ecec48b3.tar.bz2 pdf-as-4-e210f9d25fb530a2650059390f12a7e8ecec48b3.zip |
PDF-AS cleanups
Diffstat (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java')
-rw-r--r-- | pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java index 6ce0e1c9..9bf66fe9 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java @@ -8,14 +8,23 @@ import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import at.gv.egiz.pdfas.web.helper.PdfAsHelper; /** * Servlet implementation class PDFData */ public class PDFData extends HttpServlet { + private static final long serialVersionUID = 1L; + private static final Logger logger = LoggerFactory + .getLogger(PDFData.class); + + private static String ORIGINAL_DIGEST = "origdigest"; + /** * @see HttpServlet#HttpServlet() */ @@ -45,7 +54,22 @@ public class PDFData extends HttpServlet { HttpServletResponse response) throws ServletException, IOException { byte[] signedData = PdfAsHelper.getSignedPdf(request, response); + String plainPDFDigest = request.getParameter(ORIGINAL_DIGEST); + if (signedData != null) { + if(plainPDFDigest != null) { + String signatureDataHash = PdfAsHelper.getSignatureDataHash(request); + if(!plainPDFDigest.equalsIgnoreCase(signatureDataHash)) { + logger.error("Digest Hash mismatch!"); + logger.error("Requested digest: " + plainPDFDigest); + logger.error("Saved digest: " + signatureDataHash); + + PdfAsHelper.setSessionException(request, response, + "Signature Data digest do not match!", null); + PdfAsHelper.gotoError(getServletContext(), request, response); + return; + } + } response.setContentType("application/pdf"); OutputStream os = response.getOutputStream(); os.write(signedData); |