diff options
author | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2014-05-14 11:39:11 +0200 |
---|---|---|
committer | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2014-05-14 11:39:11 +0200 |
commit | b0003ddc4bebc411c5a3296bf5f172b80b443525 (patch) | |
tree | 5af48939e06b4e2bd2f8ffb59d36be6698102f23 /pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets | |
parent | b7360b8707496e07930df209a84d1ff45767e38d (diff) | |
download | pdf-as-4-b0003ddc4bebc411c5a3296bf5f172b80b443525.tar.gz pdf-as-4-b0003ddc4bebc411c5a3296bf5f172b80b443525.tar.bz2 pdf-as-4-b0003ddc4bebc411c5a3296bf5f172b80b443525.zip |
Added Verification functionality, + some Log Level fixes
Diffstat (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets')
4 files changed, 261 insertions, 16 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java index ac22f6c8..153a69fe 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java @@ -84,8 +84,7 @@ public class ExternSignServlet extends HttpServlet { //PdfAsHelper.regenerateSession(request); - System.out.println("Get signing request"); - logger.info("Get signing request"); + logger.debug("Get signing request"); String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request); PdfAsHelper.setErrorURL(request, response, errorUrl); @@ -119,8 +118,7 @@ public class ExternSignServlet extends HttpServlet { //PdfAsHelper.regenerateSession(request); - System.out.println("Post signing request"); - logger.info("Post signing request"); + logger.debug("Post signing request"); String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request); PdfAsHelper.setErrorURL(request, response, errorUrl); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java new file mode 100644 index 00000000..69386478 --- /dev/null +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java @@ -0,0 +1,94 @@ +package at.gv.egiz.pdfas.web.servlets; + +import java.io.IOException; +import java.io.OutputStream; +import java.security.cert.CertificateEncodingException; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; +import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; +import at.gv.egiz.pdfas.web.helper.PdfAsHelper; + +public class PDFSignatureCertificateData extends HttpServlet { + + private static final long serialVersionUID = 1L; + + private static final Logger logger = LoggerFactory + .getLogger(PDFSignatureCertificateData.class); + + public static final String SIGN_ID = "SIGID"; + + /** + * @see HttpServlet#HttpServlet() + */ + public PDFSignatureCertificateData() { + super(); + } + + /** + * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse + * response) + */ + protected void doGet(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + this.process(request, response); + } + + /** + * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse + * response) + */ + protected void doPost(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + this.process(request, response); + } + + protected void process(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + try { + if(request.getParameter(SIGN_ID) == null) { + throw new PdfAsException("Missing Parameter"); + } + + String sigID = request.getParameter(SIGN_ID); + + int id = Integer.parseInt(sigID); + + List<VerifyResult> vResult = PdfAsHelper + .getVerificationResult(request); + + if (id < vResult.size()) { + VerifyResult res = vResult.get(id); + + response.setHeader( + "Content-Disposition", + "inline;filename=cert_" + id + ".cer"); + response.setContentType("application/pkix-cert"); + OutputStream os = response.getOutputStream(); + os.write(res.getSignerCertificate().getEncoded()); + os.close(); + } else { + logger.error("Verification CERT not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId()); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } + } catch (NumberFormatException e) { + logger.error("Verification CERT not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId()); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } catch (PdfAsException e) { + logger.error("Verification CERT not found:", e); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } catch (CertificateEncodingException e) { + logger.error("Verification CERT invalid:", e); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } + } + +} diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java new file mode 100644 index 00000000..a4cee36f --- /dev/null +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java @@ -0,0 +1,90 @@ +package at.gv.egiz.pdfas.web.servlets; + +import java.io.IOException; +import java.io.OutputStream; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; +import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; +import at.gv.egiz.pdfas.web.helper.PdfAsHelper; + +public class PDFSignatureData extends HttpServlet { + + private static final long serialVersionUID = 1L; + + private static final Logger logger = LoggerFactory + .getLogger(PDFSignatureData.class); + + public static final String SIGN_ID = "SIGID"; + + /** + * @see HttpServlet#HttpServlet() + */ + public PDFSignatureData() { + super(); + } + + /** + * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse + * response) + */ + protected void doGet(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + this.process(request, response); + } + + /** + * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse + * response) + */ + protected void doPost(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + this.process(request, response); + } + + protected void process(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + try { + if(request.getParameter(SIGN_ID) == null) { + throw new PdfAsException("Missing Parameter"); + } + + String sigID = request.getParameter(SIGN_ID); + + int id = Integer.parseInt(sigID); + + List<VerifyResult> vResult = PdfAsHelper + .getVerificationResult(request); + + if (id < vResult.size()) { + VerifyResult res = vResult.get(id); + + response.setHeader( + "Content-Disposition", + "inline;filename=signed_data_" + id + ".pdf"); + response.setContentType("application/pdf"); + OutputStream os = response.getOutputStream(); + os.write(res.getSignatureData()); + os.close(); + } else { + logger.error("Verification DATA not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId()); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } + } catch (NumberFormatException e) { + logger.error("Verification DATA not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId()); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } catch (PdfAsException e) { + logger.error("Verification DATA not found:", e); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } + } + +} diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java index 42a5175a..912e6efc 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java @@ -23,8 +23,11 @@ ******************************************************************************/ package at.gv.egiz.pdfas.web.servlets; +import iaik.x509.X509Certificate; + import java.io.File; import java.io.IOException; +import java.io.OutputStream; import java.util.List; import javax.servlet.ServletException; @@ -39,6 +42,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.gv.egiz.pdfas.common.exceptions.PdfAsException; +import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; import at.gv.egiz.pdfas.web.exception.PdfAsWebException; import at.gv.egiz.pdfas.web.helper.PdfAsHelper; import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor; @@ -51,7 +55,7 @@ public class VerifyServlet extends HttpServlet { private static final long serialVersionUID = 1L; private static final Logger logger = LoggerFactory - .getLogger(ExternSignServlet.class); + .getLogger(VerifyServlet.class); private static final String UPLOAD_PDF_DATA = "pdf-file"; private static final String UPLOAD_DIRECTORY = "upload"; @@ -72,7 +76,7 @@ public class VerifyServlet extends HttpServlet { */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - System.out.println("Get verify request"); + logger.info("Get verify request"); String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request); @@ -91,7 +95,8 @@ public class VerifyServlet extends HttpServlet { byte[] pdfData = RemotePDFFetcher.fetchPdfFile(pdfUrl); doVerify(request, response, pdfData); - } catch (Exception e) { + } catch (Throwable e) { + logger.error("Generic Error: ", e); PdfAsHelper.setSessionException(request, response, e.getMessage(), e); PdfAsHelper.gotoError(getServletContext(), request, response); @@ -105,8 +110,7 @@ public class VerifyServlet extends HttpServlet { protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - System.out.println("Post signing request"); - logger.info("Post signing request"); + logger.info("Post verify request"); String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request); PdfAsHelper.setErrorURL(request, response, errorUrl); @@ -225,7 +229,8 @@ public class VerifyServlet extends HttpServlet { } doVerify(request, response, filecontent); - } catch (Exception e) { + } catch (Throwable e) { + logger.error("Generic Error: ", e); PdfAsHelper.setSessionException(request, response, e.getMessage(), e); PdfAsHelper.gotoError(getServletContext(), request, response); @@ -234,9 +239,11 @@ public class VerifyServlet extends HttpServlet { protected void doVerify(HttpServletRequest request, HttpServletResponse response, byte[] pdfData) throws Exception { - throw new Exception(""); - /*List<VerifyResult> results = PdfAsHelper.synchornousVerify(request, + logger.debug("doVerify"); + logger.info("Starting verification of pdf dokument"); + + List<VerifyResult> results = PdfAsHelper.synchornousVerify(request, response, pdfData); PdfAsHelper.setVerificationResult(request, results); @@ -245,11 +252,36 @@ public class VerifyServlet extends HttpServlet { // Put these results into the web page // Or create a JSON response with the verification results for automated // processing + + StringBuilder sb = new StringBuilder(); + + sb.append("<html><head><title></title></head><body>"); + sb.append("<h3>Verification Results for: " + PdfAsHelper.getPDFFileName(request) + "</h3>"); + sb.append("<table style=\"width:100%\" border='1' >"); + + sb.append("<tr>"); + + sb.append("<th>Signature</th>"); + sb.append("<th>Processed</th>"); + sb.append("<th>Signed By</th>"); + sb.append("<th>Cert Code</th>"); + sb.append("<th>Cert Message</th>"); + sb.append("<th>Value Code</th>"); + sb.append("<th>Value Message</th>"); + sb.append("<th>Error</th>"); + sb.append("<th>Certificate</th>"); + sb.append("<th>Signed Data</th>"); + + sb.append("</tr>"); + for (int i = 0; i < results.size(); i++) { VerifyResult result = results.get(i); - + sb.append("<tr>"); + + sb.append("<td>" + i + "</td>"); + if (result.isVerificationDone()) { - + sb.append("<td>YES</td>"); int certCode = result.getCertificateCheck().getCode(); String certMessage = result.getCertificateCheck().getMessage(); @@ -259,11 +291,42 @@ public class VerifyServlet extends HttpServlet { Exception e = result.getVerificationException(); X509Certificate cert = result.getSignerCertificate(); - byte[] data = result.getSignatureData(); + sb.append("<td>" + cert.getSubjectDN().getName() + "</td>"); + sb.append("<td>" + certCode + "</td>"); + sb.append("<td>" + certMessage + "</td>"); + sb.append("<td>" + valueCode + "</td>"); + sb.append("<td>" + valueMessage + "</td>"); + if(e != null) { + sb.append("<td>" + e.getMessage() + "</td>"); + } else { + sb.append("<td>-</td>"); + } + sb.append("<td><a href=\"signCert?SIGID=" + i + "\">here</a></td>"); + sb.append("<td><a href=\"signData?SIGID=" + i + "\">here</a></td>"); + } else { + sb.append("<td>NO</td>"); + sb.append("<td>-</td>"); + sb.append("<td>-</td>"); + sb.append("<td>-</td>"); + sb.append("<td>-</td>"); + sb.append("<td>-</td>"); + sb.append("<td>-</td>"); + sb.append("<td>-</td>"); + sb.append("<td>-</td>"); } - }*/ + + + sb.append("</tr>"); + } + sb.append("</table>"); + sb.append("</body></html>"); + + response.setContentType("text/html"); + OutputStream os = response.getOutputStream(); + os.write(sb.toString().getBytes()); + os.close(); } } |