Added Verification functionality, + some Log Level fixes

4 files changed, 261 insertions, 16 deletions

diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
index ac22f6c8..153a69fe 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
@@ -84,8 +84,7 @@ public class ExternSignServlet extends HttpServlet {
 		
 		//PdfAsHelper.regenerateSession(request);
 		
-		System.out.println("Get signing request");
-		logger.info("Get signing request");
+		logger.debug("Get signing request");
 		
 		String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
 		PdfAsHelper.setErrorURL(request, response, errorUrl);
@@ -119,8 +118,7 @@ public class ExternSignServlet extends HttpServlet {
 		
 		//PdfAsHelper.regenerateSession(request);
 		
-		System.out.println("Post signing request");
-		logger.info("Post signing request");
+		logger.debug("Post signing request");
 		
 		String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
 		PdfAsHelper.setErrorURL(request, response, errorUrl);
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java
new file mode 100644
index 00000000..69386478
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java
@@ -0,0 +1,94 @@
+package at.gv.egiz.pdfas.web.servlets;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.cert.CertificateEncodingException;
+import java.util.List;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+
+public class PDFSignatureCertificateData  extends HttpServlet {
+
+	private static final long serialVersionUID = 1L;
+
+	private static final Logger logger = LoggerFactory
+			.getLogger(PDFSignatureCertificateData.class);
+
+	public static final String SIGN_ID = "SIGID";
+
+	/**
+	 * @see HttpServlet#HttpServlet()
+	 */
+	public PDFSignatureCertificateData() {
+		super();
+	}
+
+	/**
+	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+	 *      response)
+	 */
+	protected void doGet(HttpServletRequest request,
+			HttpServletResponse response) throws ServletException, IOException {
+		this.process(request, response);
+	}
+
+	/**
+	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+	 *      response)
+	 */
+	protected void doPost(HttpServletRequest request,
+			HttpServletResponse response) throws ServletException, IOException {
+		this.process(request, response);
+	}
+
+	protected void process(HttpServletRequest request,
+			HttpServletResponse response) throws ServletException, IOException {
+		try {
+			if(request.getParameter(SIGN_ID) == null) {
+				throw new PdfAsException("Missing Parameter");
+			}
+			
+			String sigID = request.getParameter(SIGN_ID);
+
+			int id = Integer.parseInt(sigID);
+
+			List<VerifyResult> vResult = PdfAsHelper
+					.getVerificationResult(request);
+
+			if (id < vResult.size()) {
+				VerifyResult res =  vResult.get(id);
+				
+				response.setHeader(
+						"Content-Disposition",
+						"inline;filename=cert_" + id + ".cer");
+				response.setContentType("application/pkix-cert");
+				OutputStream os = response.getOutputStream();
+				os.write(res.getSignerCertificate().getEncoded());
+				os.close();
+			} else {
+				logger.error("Verification CERT not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+				response.sendError(HttpServletResponse.SC_NOT_FOUND);
+			}
+		} catch (NumberFormatException e) {
+			logger.error("Verification CERT not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+			response.sendError(HttpServletResponse.SC_NOT_FOUND);
+		} catch (PdfAsException e) {
+			logger.error("Verification CERT not found:", e);
+			response.sendError(HttpServletResponse.SC_NOT_FOUND);
+		} catch (CertificateEncodingException e) {
+			logger.error("Verification CERT invalid:", e);
+			response.sendError(HttpServletResponse.SC_NOT_FOUND);
+		} 
+	}
+
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java
new file mode 100644
index 00000000..a4cee36f
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java
@@ -0,0 +1,90 @@
+package at.gv.egiz.pdfas.web.servlets;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.util.List;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+
+public class PDFSignatureData extends HttpServlet {
+
+	private static final long serialVersionUID = 1L;
+
+	private static final Logger logger = LoggerFactory
+			.getLogger(PDFSignatureData.class);
+
+	public static final String SIGN_ID = "SIGID";
+
+	/**
+	 * @see HttpServlet#HttpServlet()
+	 */
+	public PDFSignatureData() {
+		super();
+	}
+
+	/**
+	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+	 *      response)
+	 */
+	protected void doGet(HttpServletRequest request,
+			HttpServletResponse response) throws ServletException, IOException {
+		this.process(request, response);
+	}
+
+	/**
+	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+	 *      response)
+	 */
+	protected void doPost(HttpServletRequest request,
+			HttpServletResponse response) throws ServletException, IOException {
+		this.process(request, response);
+	}
+
+	protected void process(HttpServletRequest request,
+			HttpServletResponse response) throws ServletException, IOException {
+		try {
+			if(request.getParameter(SIGN_ID) == null) {
+				throw new PdfAsException("Missing Parameter");
+			}
+			
+			String sigID = request.getParameter(SIGN_ID);
+
+			int id = Integer.parseInt(sigID);
+
+			List<VerifyResult> vResult = PdfAsHelper
+					.getVerificationResult(request);
+
+			if (id < vResult.size()) {
+				VerifyResult res =  vResult.get(id);
+				
+				response.setHeader(
+						"Content-Disposition",
+						"inline;filename=signed_data_" + id + ".pdf");
+				response.setContentType("application/pdf");
+				OutputStream os = response.getOutputStream();
+				os.write(res.getSignatureData());
+				os.close();
+			} else {
+				logger.error("Verification DATA not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+				response.sendError(HttpServletResponse.SC_NOT_FOUND);
+			}
+		} catch (NumberFormatException e) {
+			logger.error("Verification DATA not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+			response.sendError(HttpServletResponse.SC_NOT_FOUND);
+		} catch (PdfAsException e) {
+			logger.error("Verification DATA not found:", e);
+			response.sendError(HttpServletResponse.SC_NOT_FOUND);
+		} 
+	}
+
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
index 42a5175a..912e6efc 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
@@ -23,8 +23,11 @@
  ******************************************************************************/
 package at.gv.egiz.pdfas.web.servlets;
 
+import iaik.x509.X509Certificate;
+
 import java.io.File;
 import java.io.IOException;
+import java.io.OutputStream;
 import java.util.List;
 
 import javax.servlet.ServletException;
@@ -39,6 +42,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
 import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
 import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
 import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor;
@@ -51,7 +55,7 @@ public class VerifyServlet extends HttpServlet {
 	private static final long serialVersionUID = 1L;
 
 	private static final Logger logger = LoggerFactory
-			.getLogger(ExternSignServlet.class);
+			.getLogger(VerifyServlet.class);
 
 	private static final String UPLOAD_PDF_DATA = "pdf-file";
 	private static final String UPLOAD_DIRECTORY = "upload";
@@ -72,7 +76,7 @@ public class VerifyServlet extends HttpServlet {
 	 */
 	protected void doGet(HttpServletRequest request,
 			HttpServletResponse response) throws ServletException, IOException {
-		System.out.println("Get verify request");
+
 		logger.info("Get verify request");
 
 		String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
@@ -91,7 +95,8 @@ public class VerifyServlet extends HttpServlet {
 
 			byte[] pdfData = RemotePDFFetcher.fetchPdfFile(pdfUrl);
 			doVerify(request, response, pdfData);
-		} catch (Exception e) {
+		} catch (Throwable e) {
+			logger.error("Generic Error: ", e);
 			PdfAsHelper.setSessionException(request, response, e.getMessage(),
 					e);
 			PdfAsHelper.gotoError(getServletContext(), request, response);
@@ -105,8 +110,7 @@ public class VerifyServlet extends HttpServlet {
 	protected void doPost(HttpServletRequest request,
 			HttpServletResponse response) throws ServletException, IOException {
 
-		System.out.println("Post signing request");
-		logger.info("Post signing request");
+		logger.info("Post verify request");
 
 		String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
 		PdfAsHelper.setErrorURL(request, response, errorUrl);
@@ -225,7 +229,8 @@ public class VerifyServlet extends HttpServlet {
 			}
 
 			doVerify(request, response, filecontent);
-		} catch (Exception e) {
+		} catch (Throwable e) {
+			logger.error("Generic Error: ", e);
 			PdfAsHelper.setSessionException(request, response, e.getMessage(),
 					e);
 			PdfAsHelper.gotoError(getServletContext(), request, response);
@@ -234,9 +239,11 @@ public class VerifyServlet extends HttpServlet {
 
 	protected void doVerify(HttpServletRequest request,
 			HttpServletResponse response, byte[] pdfData) throws Exception {
-		throw new Exception("");
 		
-		/*List<VerifyResult> results = PdfAsHelper.synchornousVerify(request,
+		logger.debug("doVerify");
+		logger.info("Starting verification of pdf dokument");
+		
+		List<VerifyResult> results = PdfAsHelper.synchornousVerify(request,
 				response, pdfData);
 
 		PdfAsHelper.setVerificationResult(request, results);
@@ -245,11 +252,36 @@ public class VerifyServlet extends HttpServlet {
 		// Put these results into the web page
 		// Or create a JSON response with the verification results for automated
 		// processing
+		
+		StringBuilder sb = new StringBuilder();
+		
+		sb.append("<html><head><title></title></head><body>");
+		sb.append("<h3>Verification Results for: " + PdfAsHelper.getPDFFileName(request) + "</h3>");
+		sb.append("<table style=\"width:100%\" border='1' >");
+		
+		sb.append("<tr>");
+		
+		sb.append("<th>Signature</th>");
+		sb.append("<th>Processed</th>");
+		sb.append("<th>Signed By</th>");
+		sb.append("<th>Cert Code</th>");
+		sb.append("<th>Cert Message</th>");
+		sb.append("<th>Value Code</th>");
+		sb.append("<th>Value Message</th>");
+		sb.append("<th>Error</th>");
+		sb.append("<th>Certificate</th>");
+		sb.append("<th>Signed Data</th>");
+		
+		sb.append("</tr>");
+		
 		for (int i = 0; i < results.size(); i++) {
 			VerifyResult result = results.get(i);
-
+			sb.append("<tr>");
+			
+			sb.append("<td>" + i + "</td>");			
+			
 			if (result.isVerificationDone()) {
-
+				sb.append("<td>YES</td>");
 				int certCode = result.getCertificateCheck().getCode();
 				String certMessage = result.getCertificateCheck().getMessage();
 
@@ -259,11 +291,42 @@ public class VerifyServlet extends HttpServlet {
 				Exception e = result.getVerificationException();
 				
  				X509Certificate cert = result.getSignerCertificate();
-				byte[] data = result.getSignatureData();
 				
+				sb.append("<td>" + cert.getSubjectDN().getName() + "</td>");
+				sb.append("<td>" + certCode + "</td>");
+				sb.append("<td>" + certMessage + "</td>");
+				sb.append("<td>" + valueCode + "</td>");
+				sb.append("<td>" + valueMessage + "</td>");
+				if(e != null) {
+					sb.append("<td>" + e.getMessage() + "</td>");
+				} else {
+					sb.append("<td>-</td>");
+				}
+				sb.append("<td><a href=\"signCert?SIGID=" + i + "\">here</a></td>");
+				sb.append("<td><a href=\"signData?SIGID=" + i + "\">here</a></td>");
 				
+			} else {
+				sb.append("<td>NO</td>");
+				sb.append("<td>-</td>");
+				sb.append("<td>-</td>");
+				sb.append("<td>-</td>");
+				sb.append("<td>-</td>");
+				sb.append("<td>-</td>");
+				sb.append("<td>-</td>");
+				sb.append("<td>-</td>");
+				sb.append("<td>-</td>");
 			}
-		}*/
+			
+			
+			sb.append("</tr>");
+		}
+		sb.append("</table>");
+		sb.append("</body></html>");
+		
+		response.setContentType("text/html");
+		OutputStream os = response.getOutputStream();
+		os.write(sb.toString().getBytes());
+		os.close();
 	}
 
 }