aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-web/src/main/java/at
diff options
context:
space:
mode:
authorAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2013-11-27 10:05:17 +0100
committerAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2013-11-27 10:05:17 +0100
commitf3476576c50efd922593c82656efda7aec5ae97f (patch)
tree66107d5c5d3a88af66bd4829d8fcecc5678b749e /pdf-as-web/src/main/java/at
parent7b2e2b640b0f392183f7927f692936950d3fabfc (diff)
downloadpdf-as-4-f3476576c50efd922593c82656efda7aec5ae97f.tar.gz
pdf-as-4-f3476576c50efd922593c82656efda7aec5ae97f.tar.bz2
pdf-as-4-f3476576c50efd922593c82656efda7aec5ae97f.zip
MOA integration sign/verification (not finished yet ...)
Lots of PDF-AS Web implementation
Diffstat (limited to 'pdf-as-web/src/main/java/at')
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PDFASSession.java2
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java179
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java67
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SignServlet.java96
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java2
5 files changed, 301 insertions, 45 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PDFASSession.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PDFASSession.java
index 9207847d..dd914384 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PDFASSession.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PDFASSession.java
@@ -3,6 +3,7 @@ package at.gv.egiz.pdfas.web.helper;
import java.io.Serializable;
import at.gv.egiz.pdfas.lib.api.Configuration;
+import at.gv.egiz.pdfas.lib.api.PdfAs;
import at.gv.egiz.pdfas.lib.api.StatusRequest;
import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
@@ -13,6 +14,7 @@ public class PDFASSession implements Serializable {
private StatusRequest statusRequest;
private SignParameter signParameter;
private Configuration config;
+ private PdfAs pdfAs;
public PDFASSession(SignParameter parameter) {
this.signParameter = parameter;
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
new file mode 100644
index 00000000..cec6caeb
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
@@ -0,0 +1,179 @@
+package at.gv.egiz.pdfas.web.helper;
+
+import iaik.cms.ecc.IaikEccProvider;
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.xml.bind.JAXBElement;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.commons.lang3.StringEscapeUtils;
+
+import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource;
+import at.gv.egiz.pdfas.lib.api.Configuration;
+import at.gv.egiz.pdfas.lib.api.PdfAs;
+import at.gv.egiz.pdfas.lib.api.PdfAsFactory;
+import at.gv.egiz.pdfas.lib.api.StatusRequest;
+import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
+import at.gv.egiz.pdfas.sigs.pades.PAdESSigner;
+import at.gv.egiz.sl.CreateCMSSignatureRequestType;
+import at.gv.egiz.sl.CreateCMSSignatureResponseType;
+import at.gv.egiz.sl.InfoboxAssocArrayPairType;
+import at.gv.egiz.sl.InfoboxReadRequestType;
+import at.gv.egiz.sl.InfoboxReadResponseType;
+import at.gv.egiz.sl.ObjectFactory;
+import at.gv.egiz.sl.util.BKUSLConnector;
+import at.gv.egiz.sl.util.SLMarschaller;
+
+public class PdfAsHelper {
+
+ private static final String PDF_CONFIG = "PDF_CONFIG";
+ private static final String PDF_STATUS = "PDF_STATUS";
+ private static final String PDF_SL_CONNECTOR = "PDF_SL_CONNECTOR";
+
+ private static PdfAs pdfAs;
+ private static ObjectFactory of = new ObjectFactory();
+
+ static {
+ pdfAs = PdfAsFactory.createPdfAs(new File("/home/afitzek/.pdfas"));
+ IAIK.getInstance();
+ ECCProvider.addAsProvider();
+ }
+
+ public static void startSignature(HttpServletRequest request,
+ HttpServletResponse response, byte[] pdfData) throws Exception {
+
+ HttpSession session = request.getSession();
+
+ Configuration config = pdfAs.getConfiguration();
+ session.setAttribute(PDF_CONFIG, config);
+ BKUSLConnector bkuSLConnector = new BKUSLConnector(config);
+ SignParameter signParameter = PdfAsFactory.createSignParameter(config,
+ new ByteArrayDataSource(pdfData));
+ signParameter.setPlainSigner(new PAdESSigner(bkuSLConnector));
+
+ session.setAttribute(PDF_SL_CONNECTOR, bkuSLConnector);
+
+ StatusRequest statusRequest = pdfAs.startSign(signParameter);
+ session.setAttribute(PDF_STATUS, statusRequest);
+
+ PdfAsHelper.process(request, response);
+ }
+
+ private static byte[] getCertificate(
+ InfoboxReadResponseType infoboxReadResponseType) {
+ byte[] data = null;
+ if (infoboxReadResponseType.getAssocArrayData() != null) {
+ List<InfoboxAssocArrayPairType> pairs = infoboxReadResponseType
+ .getAssocArrayData().getPair();
+ Iterator<InfoboxAssocArrayPairType> pairIterator = pairs.iterator();
+ while(pairIterator.hasNext()) {
+ InfoboxAssocArrayPairType pair = pairIterator.next();
+ if(pair.getKey().equals("SecureSignatureKeypair")) {
+ return pair.getBase64Content();
+ }
+ }
+ }
+ // SecureSignatureKeypair
+
+ return data;
+ }
+
+ public static void injectCertificate(HttpServletRequest request,
+ HttpServletResponse response,
+ InfoboxReadResponseType infoboxReadResponseType) throws Exception {
+
+ HttpSession session = request.getSession();
+ StatusRequest statusRequest = (StatusRequest)session.getAttribute(PDF_STATUS);
+
+ statusRequest.setCertificate(getCertificate(infoboxReadResponseType));
+ statusRequest = pdfAs.process(statusRequest);
+ session.setAttribute(PDF_STATUS, statusRequest);
+
+ PdfAsHelper.process(request, response);
+ }
+
+ public static void injectSignature(HttpServletRequest request,
+ HttpServletResponse response,
+ CreateCMSSignatureResponseType createCMSSignatureResponseType)
+ throws Exception {
+
+ HttpSession session = request.getSession();
+ StatusRequest statusRequest = (StatusRequest) session
+ .getAttribute(PDF_STATUS);
+
+ statusRequest.setSigature(createCMSSignatureResponseType
+ .getCMSSignature());
+ statusRequest = pdfAs.process(statusRequest);
+ session.setAttribute(PDF_STATUS, statusRequest);
+
+ PdfAsHelper.process(request, response);
+ }
+
+ public static void process(HttpServletRequest request,
+ HttpServletResponse response) throws Exception {
+
+ HttpSession session = request.getSession();
+ StatusRequest statusRequest = (StatusRequest) session
+ .getAttribute(PDF_STATUS);
+ BKUSLConnector bkuSLConnector = (BKUSLConnector) session
+ .getAttribute(PDF_SL_CONNECTOR);
+ Configuration config = (Configuration) session.getAttribute(PDF_CONFIG);
+
+ if (statusRequest.needCertificate()) {
+ // build SL Request to read certificate
+ InfoboxReadRequestType readCertificateRequest = bkuSLConnector
+ .createInfoboxReadRequest();
+
+ JAXBElement<InfoboxReadRequestType> readRequest = of
+ .createInfoboxReadRequest(readCertificateRequest);
+
+ String url = request.getContextPath() + "/DataURL;jsessionid="
+ + session.getId();
+ String fullurl = request.getScheme() + "://"
+ + request.getServerName() + ":" + request.getServerPort()
+ + url;
+ String slRequest = SLMarschaller.marshalToString(readRequest);
+ String template = getTemplateSL();
+ template = template.replace("##BKU##",
+ "http://127.0.0.1:3495/http-security-layer-request");
+ template = template.replace("##XMLRequest##",
+ StringEscapeUtils.escapeHtml4(slRequest));
+ template = template.replace("##DataURL##", fullurl);
+ response.getWriter().write(template);
+ response.getWriter().close();
+ } else if (statusRequest.needSignature()) {
+ // build SL Request for cms signature
+ CreateCMSSignatureRequestType createCMSSignatureRequestType =
+ bkuSLConnector.createCMSRequest(statusRequest.getSignatureData(),
+ statusRequest.getSignatureDataByteRange());
+
+ String slRequest = SLMarschaller.marshalToString(of
+ .createCreateCMSSignatureRequest(createCMSSignatureRequestType));
+
+ response.setContentType("text/xml");
+ response.getWriter().write(slRequest);
+ response.getWriter().close();
+
+ } else if (statusRequest.isReady()) {
+ // TODO: store pdf document redirect to Finish URL
+ } else {
+ // TODO: invalid state
+ }
+ }
+
+ private static String getTemplateSL() throws IOException {
+ String xml = FileUtils.readFileToString(FileUtils
+ .toFile(PdfAsHelper.class.getResource("/template_sl.html")));
+ return xml;
+ }
+
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java
index 93586c1a..a8dfb053 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java
@@ -1,37 +1,76 @@
package at.gv.egiz.pdfas.web.servlets;
import java.io.IOException;
+
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.xml.bind.JAXBElement;
+
+import at.gv.egiz.pdfas.lib.api.StatusRequest;
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+import at.gv.egiz.sl.CreateCMSSignatureResponseType;
+import at.gv.egiz.sl.ErrorResponseType;
+import at.gv.egiz.sl.InfoboxReadResponseType;
+import at.gv.egiz.sl.util.SLMarschaller;
/**
* Servlet implementation class DataURL
*/
public class DataURLServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
-
- /**
- * @see HttpServlet#HttpServlet()
- */
- public DataURLServlet() {
- super();
- // TODO Auto-generated constructor stub
- }
/**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
+ * @see HttpServlet#HttpServlet()
*/
- protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- // TODO Auto-generated method stub
+ public DataURLServlet() {
+ super();
+ // TODO Auto-generated constructor stub
}
/**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
*/
- protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- // TODO Auto-generated method stub
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ this.process(request, response);
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ this.process(request, response);
+ }
+
+ protected void process(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+
+ String xmlResponse = request.getParameter("XMLResponse");
+
+ System.out.println(xmlResponse);
+
+ JAXBElement jaxbObject = (JAXBElement) SLMarschaller.unmarshalFromString(xmlResponse);
+ if(jaxbObject.getValue() instanceof InfoboxReadResponseType) {
+ InfoboxReadResponseType infoboxReadResponseType = (InfoboxReadResponseType)jaxbObject.getValue();
+ PdfAsHelper.injectCertificate(request, response, infoboxReadResponseType);
+ } else if(jaxbObject.getValue() instanceof CreateCMSSignatureResponseType) {
+ CreateCMSSignatureResponseType createCMSSignatureResponseType = (CreateCMSSignatureResponseType)jaxbObject.getValue();
+ PdfAsHelper.injectSignature(request, response, createCMSSignatureResponseType);
+ } else if(jaxbObject.getValue() instanceof ErrorResponseType) {
+ ErrorResponseType errorResponseType = (ErrorResponseType)jaxbObject.getValue();
+ // TODO: store error and redirect user
+ System.out.println("ERROR: " + errorResponseType.getErrorCode() + " " + errorResponseType.getInfo());
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
}
}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SignServlet.java
index 9ea6f354..5d3c2e34 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SignServlet.java
@@ -1,26 +1,36 @@
package at.gv.egiz.pdfas.web.servlets;
+import java.io.File;
import java.io.IOException;
+import java.io.PrintWriter;
+import java.nio.file.attribute.DosFileAttributes;
+import java.util.Iterator;
+import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
-import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource;
-import at.gv.egiz.pdfas.lib.api.Configuration;
-import at.gv.egiz.pdfas.lib.api.PdfAs;
-import at.gv.egiz.pdfas.lib.api.PdfAsFactory;
-import at.gv.egiz.pdfas.lib.api.StatusRequest;
-import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
+import org.apache.commons.fileupload.FileItem;
+import org.apache.commons.fileupload.FileItemFactory;
+import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.apache.commons.fileupload.servlet.ServletFileUpload;
+
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
/**
* Servlet implementation class Sign
*/
public class SignServlet extends HttpServlet {
+
private static final long serialVersionUID = 1L;
+ private static final String UPLOAD_DIRECTORY = "upload";
+ private static final int THRESHOLD_SIZE = 1024 * 1024 * 3; // 3MB
+ private static final int MAX_FILE_SIZE = 1024 * 1024 * 40; // 40MB
+ private static final int MAX_REQUEST_SIZE = 1024 * 1024 * 50; // 50MB
+
/**
* Default constructor.
*/
@@ -29,39 +39,65 @@ public class SignServlet extends HttpServlet {
}
/**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- response.getWriter()
- .println(
- "<html><head><title>Hello</title></head><body>BODY</body></html>");
- }
-
- /**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
- // TODO Auto-generated method stub
+ try {
+ doParameters(request, response);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ protected void doParameters(HttpServletRequest request,
+ HttpServletResponse response) throws Exception {
+ // checks if the request actually contains upload file
+ if (!ServletFileUpload.isMultipartContent(request)) {
+ PrintWriter writer = response.getWriter();
+ writer.println("Request does not contain upload data");
+ writer.flush();
+ return;
+ }
+
+ // configures upload settings
+ DiskFileItemFactory factory = new DiskFileItemFactory();
+ factory.setSizeThreshold(THRESHOLD_SIZE);
+ factory.setRepository(new File(System.getProperty("java.io.tmpdir")));
+
+ ServletFileUpload upload = new ServletFileUpload(factory);
+ upload.setFileSizeMax(MAX_FILE_SIZE);
+ upload.setSizeMax(MAX_REQUEST_SIZE);
+
+ // constructs the directory path to store upload file
+ String uploadPath = getServletContext().getRealPath("")
+ + File.separator + UPLOAD_DIRECTORY;
+ // creates the directory if it does not exist
+ File uploadDir = new File(uploadPath);
+ if (!uploadDir.exists()) {
+ uploadDir.mkdir();
+ }
+
+ List formItems = upload.parseRequest(request);
+ byte[] filecontent = null;
+ if(formItems.size() != 1) {
+ // TODO: no file uploaded!
+ } else {
+ FileItem item = (FileItem) formItems.get(0);
+ filecontent = item.get();
+ }
+
+ doSignature(request, response, filecontent);
}
protected void doSignature(HttpServletRequest request,
HttpServletResponse response, byte[] pdfData) {
try {
- PdfAs pdfAs = PdfAsFactory.createPdfAs(null);
- // TODO: Build configuration and Sign Parameters
- Configuration config = pdfAs.getConfiguration();
- SignParameter signParameter = PdfAsFactory.createSignParameter(
- config, new ByteArrayDataSource(pdfData));
-
-
-
- StatusRequest statusRequest = pdfAs.startSign(signParameter);
-
- } catch (PdfAsException e) {
+ // TODO: read Parameters ...
+ PdfAsHelper.startSignature(request, response, pdfData);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
e.printStackTrace();
}
}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
index d4303a5f..119bd2cb 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
@@ -50,7 +50,7 @@ public class VerifyServlet extends HttpServlet {
VerifyParameter parameter = PdfAsFactory.createVerifyParameter(conf, new ByteArrayDataSource(pdfData));
parameter.setWhichSignature(whichSignature);
- List<VerifyResult> results = pdfAs.verify(parameter);
+ //List<VerifyResult> results = pdfAs.verify(parameter);
// Create HTML Snippet for each Verification Result
// Put these results into the web page