aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets
diff options
context:
space:
mode:
authorAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2014-05-14 11:39:11 +0200
committerAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2014-05-14 11:39:11 +0200
commitb0003ddc4bebc411c5a3296bf5f172b80b443525 (patch)
tree5af48939e06b4e2bd2f8ffb59d36be6698102f23 /pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets
parentb7360b8707496e07930df209a84d1ff45767e38d (diff)
downloadpdf-as-4-b0003ddc4bebc411c5a3296bf5f172b80b443525.tar.gz
pdf-as-4-b0003ddc4bebc411c5a3296bf5f172b80b443525.tar.bz2
pdf-as-4-b0003ddc4bebc411c5a3296bf5f172b80b443525.zip
Added Verification functionality, + some Log Level fixes
Diffstat (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets')
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java6
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java94
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java90
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java87
4 files changed, 261 insertions, 16 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
index ac22f6c8..153a69fe 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
@@ -84,8 +84,7 @@ public class ExternSignServlet extends HttpServlet {
//PdfAsHelper.regenerateSession(request);
- System.out.println("Get signing request");
- logger.info("Get signing request");
+ logger.debug("Get signing request");
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
PdfAsHelper.setErrorURL(request, response, errorUrl);
@@ -119,8 +118,7 @@ public class ExternSignServlet extends HttpServlet {
//PdfAsHelper.regenerateSession(request);
- System.out.println("Post signing request");
- logger.info("Post signing request");
+ logger.debug("Post signing request");
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
PdfAsHelper.setErrorURL(request, response, errorUrl);
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java
new file mode 100644
index 00000000..69386478
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java
@@ -0,0 +1,94 @@
+package at.gv.egiz.pdfas.web.servlets;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.cert.CertificateEncodingException;
+import java.util.List;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+
+public class PDFSignatureCertificateData extends HttpServlet {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger logger = LoggerFactory
+ .getLogger(PDFSignatureCertificateData.class);
+
+ public static final String SIGN_ID = "SIGID";
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public PDFSignatureCertificateData() {
+ super();
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ this.process(request, response);
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ this.process(request, response);
+ }
+
+ protected void process(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ if(request.getParameter(SIGN_ID) == null) {
+ throw new PdfAsException("Missing Parameter");
+ }
+
+ String sigID = request.getParameter(SIGN_ID);
+
+ int id = Integer.parseInt(sigID);
+
+ List<VerifyResult> vResult = PdfAsHelper
+ .getVerificationResult(request);
+
+ if (id < vResult.size()) {
+ VerifyResult res = vResult.get(id);
+
+ response.setHeader(
+ "Content-Disposition",
+ "inline;filename=cert_" + id + ".cer");
+ response.setContentType("application/pkix-cert");
+ OutputStream os = response.getOutputStream();
+ os.write(res.getSignerCertificate().getEncoded());
+ os.close();
+ } else {
+ logger.error("Verification CERT not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ }
+ } catch (NumberFormatException e) {
+ logger.error("Verification CERT not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ } catch (PdfAsException e) {
+ logger.error("Verification CERT not found:", e);
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ } catch (CertificateEncodingException e) {
+ logger.error("Verification CERT invalid:", e);
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ }
+ }
+
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java
new file mode 100644
index 00000000..a4cee36f
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java
@@ -0,0 +1,90 @@
+package at.gv.egiz.pdfas.web.servlets;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.util.List;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+
+public class PDFSignatureData extends HttpServlet {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger logger = LoggerFactory
+ .getLogger(PDFSignatureData.class);
+
+ public static final String SIGN_ID = "SIGID";
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public PDFSignatureData() {
+ super();
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ this.process(request, response);
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ this.process(request, response);
+ }
+
+ protected void process(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ if(request.getParameter(SIGN_ID) == null) {
+ throw new PdfAsException("Missing Parameter");
+ }
+
+ String sigID = request.getParameter(SIGN_ID);
+
+ int id = Integer.parseInt(sigID);
+
+ List<VerifyResult> vResult = PdfAsHelper
+ .getVerificationResult(request);
+
+ if (id < vResult.size()) {
+ VerifyResult res = vResult.get(id);
+
+ response.setHeader(
+ "Content-Disposition",
+ "inline;filename=signed_data_" + id + ".pdf");
+ response.setContentType("application/pdf");
+ OutputStream os = response.getOutputStream();
+ os.write(res.getSignatureData());
+ os.close();
+ } else {
+ logger.error("Verification DATA not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ }
+ } catch (NumberFormatException e) {
+ logger.error("Verification DATA not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ } catch (PdfAsException e) {
+ logger.error("Verification DATA not found:", e);
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ }
+ }
+
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
index 42a5175a..912e6efc 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
@@ -23,8 +23,11 @@
******************************************************************************/
package at.gv.egiz.pdfas.web.servlets;
+import iaik.x509.X509Certificate;
+
import java.io.File;
import java.io.IOException;
+import java.io.OutputStream;
import java.util.List;
import javax.servlet.ServletException;
@@ -39,6 +42,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor;
@@ -51,7 +55,7 @@ public class VerifyServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
private static final Logger logger = LoggerFactory
- .getLogger(ExternSignServlet.class);
+ .getLogger(VerifyServlet.class);
private static final String UPLOAD_PDF_DATA = "pdf-file";
private static final String UPLOAD_DIRECTORY = "upload";
@@ -72,7 +76,7 @@ public class VerifyServlet extends HttpServlet {
*/
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
- System.out.println("Get verify request");
+
logger.info("Get verify request");
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
@@ -91,7 +95,8 @@ public class VerifyServlet extends HttpServlet {
byte[] pdfData = RemotePDFFetcher.fetchPdfFile(pdfUrl);
doVerify(request, response, pdfData);
- } catch (Exception e) {
+ } catch (Throwable e) {
+ logger.error("Generic Error: ", e);
PdfAsHelper.setSessionException(request, response, e.getMessage(),
e);
PdfAsHelper.gotoError(getServletContext(), request, response);
@@ -105,8 +110,7 @@ public class VerifyServlet extends HttpServlet {
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
- System.out.println("Post signing request");
- logger.info("Post signing request");
+ logger.info("Post verify request");
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
PdfAsHelper.setErrorURL(request, response, errorUrl);
@@ -225,7 +229,8 @@ public class VerifyServlet extends HttpServlet {
}
doVerify(request, response, filecontent);
- } catch (Exception e) {
+ } catch (Throwable e) {
+ logger.error("Generic Error: ", e);
PdfAsHelper.setSessionException(request, response, e.getMessage(),
e);
PdfAsHelper.gotoError(getServletContext(), request, response);
@@ -234,9 +239,11 @@ public class VerifyServlet extends HttpServlet {
protected void doVerify(HttpServletRequest request,
HttpServletResponse response, byte[] pdfData) throws Exception {
- throw new Exception("");
- /*List<VerifyResult> results = PdfAsHelper.synchornousVerify(request,
+ logger.debug("doVerify");
+ logger.info("Starting verification of pdf dokument");
+
+ List<VerifyResult> results = PdfAsHelper.synchornousVerify(request,
response, pdfData);
PdfAsHelper.setVerificationResult(request, results);
@@ -245,11 +252,36 @@ public class VerifyServlet extends HttpServlet {
// Put these results into the web page
// Or create a JSON response with the verification results for automated
// processing
+
+ StringBuilder sb = new StringBuilder();
+
+ sb.append("<html><head><title></title></head><body>");
+ sb.append("<h3>Verification Results for: " + PdfAsHelper.getPDFFileName(request) + "</h3>");
+ sb.append("<table style=\"width:100%\" border='1' >");
+
+ sb.append("<tr>");
+
+ sb.append("<th>Signature</th>");
+ sb.append("<th>Processed</th>");
+ sb.append("<th>Signed By</th>");
+ sb.append("<th>Cert Code</th>");
+ sb.append("<th>Cert Message</th>");
+ sb.append("<th>Value Code</th>");
+ sb.append("<th>Value Message</th>");
+ sb.append("<th>Error</th>");
+ sb.append("<th>Certificate</th>");
+ sb.append("<th>Signed Data</th>");
+
+ sb.append("</tr>");
+
for (int i = 0; i < results.size(); i++) {
VerifyResult result = results.get(i);
-
+ sb.append("<tr>");
+
+ sb.append("<td>" + i + "</td>");
+
if (result.isVerificationDone()) {
-
+ sb.append("<td>YES</td>");
int certCode = result.getCertificateCheck().getCode();
String certMessage = result.getCertificateCheck().getMessage();
@@ -259,11 +291,42 @@ public class VerifyServlet extends HttpServlet {
Exception e = result.getVerificationException();
X509Certificate cert = result.getSignerCertificate();
- byte[] data = result.getSignatureData();
+ sb.append("<td>" + cert.getSubjectDN().getName() + "</td>");
+ sb.append("<td>" + certCode + "</td>");
+ sb.append("<td>" + certMessage + "</td>");
+ sb.append("<td>" + valueCode + "</td>");
+ sb.append("<td>" + valueMessage + "</td>");
+ if(e != null) {
+ sb.append("<td>" + e.getMessage() + "</td>");
+ } else {
+ sb.append("<td>-</td>");
+ }
+ sb.append("<td><a href=\"signCert?SIGID=" + i + "\">here</a></td>");
+ sb.append("<td><a href=\"signData?SIGID=" + i + "\">here</a></td>");
+ } else {
+ sb.append("<td>NO</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
}
- }*/
+
+
+ sb.append("</tr>");
+ }
+ sb.append("</table>");
+ sb.append("</body></html>");
+
+ response.setContentType("text/html");
+ OutputStream os = response.getOutputStream();
+ os.write(sb.toString().getBytes());
+ os.close();
}
}