aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--build.gradle2
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/sl20/SL20Connector.java4
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java5
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java44
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java33
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java6
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/SL20HttpBindingUtils.java1
7 files changed, 79 insertions, 16 deletions
diff --git a/build.gradle b/build.gradle
index 7c4bf510..c3c2ae2d 100644
--- a/build.gradle
+++ b/build.gradle
@@ -16,7 +16,7 @@ task wrapper(type: Wrapper) {
allprojects {
apply plugin: 'com.github.ben-manes.versions'
repositories { mavenCentral() }
- version = '4.1.4-Snapshot'
+ version = '4.2.0-Snapshot'
}
configurations {
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/SL20Connector.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/SL20Connector.java
index a82771bd..3088a564 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/SL20Connector.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/SL20Connector.java
@@ -62,7 +62,9 @@ public class SL20Connector extends BaseSLConnector {
HttpResponse httpResp = httpClient.execute(httpReq);
log.debug("Response from VDA received ");
- return SL20JSONExtractorUtils.getSL20ContainerFromResponse(httpResp);
+ JsonObject sl20Resp = SL20JSONExtractorUtils.getSL20ContainerFromResponse(httpResp);
+ log.trace("SL20 command: " + sl20Resp.toString());
+ return sl20Resp;
} catch (URISyntaxException | IOException e) {
log.warn("Can NOT build SL20 http requst. Reason:" + e.getMessage(), e);
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java
index 59c3079d..fdefa1d9 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java
@@ -160,6 +160,8 @@ public class SL20Constants {
//createCAdES Signture
public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_KEYID = "keyId";
public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT = "content";
+ public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL = "contentUrl";
+ public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE = "contentMode";
public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_MIMETYPE = "mimeType";
public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_PADES_COMBATIBILTY = "padesComatibility";
public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE = "excludedByteRange";
@@ -176,7 +178,8 @@ public class SL20Constants {
public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL_XL = "cAdES-X-L";
public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL_A = "cAdES-A";
-
+ public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE_DETACHED = "detached";
+ public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE_ENVELOPING = "enveloping";
//create binding key command
public static final String SL20_COMMAND_PARAM_BINDING_CREATE_KONTOID = "kontoID";
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java
index efbc2890..7cbb7800 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java
@@ -2,13 +2,10 @@ package at.gv.egiz.sl20.utils;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
-import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
-import org.apache.commons.codec.binary.Base64;
-import org.bouncycastle.util.encoders.Base64Encoder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -182,14 +179,37 @@ public class SL20JSONBuilderUtils {
}
public static JsonObject createCreateCAdESCommandParameters(String keyId,
- String pdfUrl, String mimeType, boolean padesCompatiblem, List<String> byteRanges, String cadesLevel,
+ byte[] content, String contentUrl, String contentMode, String mimeType, boolean padesCompatiblem, List<JsonElement> byteRanges, String cadesLevel,
String dataUrl, X509Certificate x5cEnc) throws CertificateEncodingException, SLCommandoBuildException {
JsonObject params = new JsonObject();
addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_KEYID, keyId, true);
- addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT, pdfUrl, true);
+
+ if (content != null && contentUrl != null) {
+ log.warn(SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT + " and "
+ + SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL + " can not SET TWICE");
+ throw new SLCommandoBuildException();
+
+ }
+
+ if (content != null)
+ addSingleByteElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT, content, true);
+
+ else if (contentUrl != null )
+ addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL, contentUrl, true);
+
+ else {
+ log.warn(SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT + " and "
+ + SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL + " is NULL");
+ throw new SLCommandoBuildException();
+
+ }
+
+ addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE, contentMode, true);
addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_MIMETYPE, mimeType, true);
addSingleBooleanElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_PADES_COMBATIBILTY, padesCompatiblem, false);
- addArrayOfStrings(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE, byteRanges);
+
+ //addArrayOfStrings(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE, byteRanges);
+ addArrayOfElements(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE, byteRanges);
addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL, cadesLevel, false);
addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_GETCERTIFICATE_DATAURL, dataUrl, true);
addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_GETCERTIFICATE_X5CENC, x5cEnc, false);
@@ -452,6 +472,18 @@ public class SL20JSONBuilderUtils {
}
}
+ private static void addArrayOfElements(JsonObject parent, String keyId, List<JsonElement> values) throws SLCommandoBuildException {
+ validateParentAndKey(parent, keyId);
+ if (values != null) {
+ JsonArray callReqParamsArray = new JsonArray();
+ parent.add(keyId, callReqParamsArray );
+ for(JsonElement el : values)
+ callReqParamsArray.add(el);
+
+ }
+
+ }
+
private static void addArrayOfStrings(JsonObject parent, String keyId, List<String> values) throws SLCommandoBuildException {
validateParentAndKey(parent, keyId);
if (values != null) {
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
index bd904aae..4b69e5a8 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
@@ -60,6 +60,8 @@ import org.apache.http.entity.ContentType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import com.google.gson.JsonArray;
+import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import at.gv.egiz.pdfas.api.ws.PDFASSignParameters;
@@ -67,6 +69,7 @@ import at.gv.egiz.pdfas.api.ws.PDFASSignParameters.Connector;
import at.gv.egiz.pdfas.api.ws.PDFASSignResponse;
import at.gv.egiz.pdfas.api.ws.PDFASVerificationResponse;
import at.gv.egiz.pdfas.common.exceptions.PDFASError;
+import at.gv.egiz.pdfas.common.utils.PDFUtils;
import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource;
import at.gv.egiz.pdfas.lib.api.Configuration;
import at.gv.egiz.pdfas.lib.api.IConfigurationConstants;
@@ -1143,7 +1146,6 @@ public class PdfAsHelper {
command, signedCommand);
//store requestId
-
request.getSession(false).setAttribute(PDF_SESSION_PREFIX + SL20Constants.SL20_REQID, reqId);
//forward SL2.0 command
@@ -1192,9 +1194,24 @@ public class PdfAsHelper {
} else if (slConnector instanceof SL20Connector) {
//convert byte range
- List<String> byteRanges = new ArrayList<String>();
- for (int el : statusRequest.getSignatureDataByteRange())
- byteRanges.add(String.valueOf(el));
+
+ int[] exclude_range = PDFUtils.buildExcludeRange(statusRequest.getSignatureDataByteRange());
+ logger.info("Exclude Byte Range: " + exclude_range[0] + " " + exclude_range[1]);
+
+ List<JsonElement> byteRanges = new ArrayList<JsonElement>();
+ if (statusRequest.getSignatureDataByteRange().length % 2 != 0) {
+ logger.warn("ByteRange is not a set of pairs. Something is maybe suspect");
+
+ }
+
+ for (int i=0; i<exclude_range.length/2; i++) {
+ JsonArray el = new JsonArray();
+ el.add(exclude_range[2*i]);
+ el.add(exclude_range[2*i + 1]);
+ byteRanges.add(el);
+
+ }
+
java.security.cert.X509Certificate x5cEnc = null;
if (WebConfiguration.isSL20EncryptionEnabled() && joseTools != null)
@@ -1205,11 +1222,15 @@ public class PdfAsHelper {
if (pack.getRequestType().getPAdESFlag() != null)
padesCompatibel = pack.getRequestType().getPAdESFlag();
+ byte[] data = PDFUtils.blackOutSignature(statusRequest.getSignatureData(),
+ statusRequest.getSignatureDataByteRange());
+
JsonObject createCAdESSigParams =
SL20JSONBuilderUtils.createCreateCAdESCommandParameters(
pack.getRequestType().getKeyboxIdentifier(),
//statusRequest.getSignatureData(),
generateNSPdfURL(request,response),
+ SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE_DETACHED,
pack.getRequestType().getDataObject().getMetaInfo().getMimeType(),
padesCompatibel ,
byteRanges,
@@ -1226,7 +1247,7 @@ public class PdfAsHelper {
} else {
JsonObject getCertCommand = SL20JSONBuilderUtils.createCommand(SL20Constants.SL20_COMMAND_IDENTIFIER_CREATE_SIG_CADES, createCAdESSigParams);
- sl20CreateCAdES = SL20JSONBuilderUtils.createGenericRequest(UUID.randomUUID().toString(), null, getCertCommand, null);
+ sl20CreateCAdES = SL20JSONBuilderUtils.createGenericRequest(reqId, null, getCertCommand, null);
}
@@ -1791,6 +1812,8 @@ public class PdfAsHelper {
redirectTwoCommand,
null);
+ logger.trace("SL2.0 command: " + respContainer.toString());
+
//workaround for A-Trust
if (request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE) != null &&
request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE).equals(SL20Constants.HTTP_HEADER_VALUE_NATIVE)
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java
index 7ddf0a55..31f5a2ef 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java
@@ -93,7 +93,7 @@ public class SLDataURLServlet extends HttpServlet {
}
- logger.trace("Received SL2.0 result: " + sl20Result);
+ logger.trace("Received SL2.0 command: " + sl20Result);
//parse SL2.0 command/result into JSON
try {
@@ -144,6 +144,8 @@ public class SLDataURLServlet extends HttpServlet {
//extract payloaf
JsonObject payLoad = payLoadContainer.getPayload();
+ logger.trace("SL2.0 payLoad on DataURL: " + payLoad.toString());
+
//check response type
if (SL20JSONExtractorUtils.getStringValue(
payLoad, SL20Constants.SL20_COMMAND_CONTAINER_NAME, true)
@@ -175,7 +177,7 @@ public class SLDataURLServlet extends HttpServlet {
List<X509Certificate> sortedCerts = X509Utils.sortCertificates(certs);
logger.debug("Sorting of certificate completed. Select end-user certificate ... ");
- PdfAsHelper.injectCertificate(request, response, Base64.getDecoder().decode(sortedCerts.get(0).getEncoded()), getServletContext());
+ PdfAsHelper.injectCertificate(request, response, sortedCerts.get(0).getEncoded(), getServletContext());
}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/SL20HttpBindingUtils.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/SL20HttpBindingUtils.java
index f5d6ff55..e43ebfcf 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/SL20HttpBindingUtils.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/SL20HttpBindingUtils.java
@@ -21,6 +21,7 @@ public class SL20HttpBindingUtils {
public static void writeIntoResponse(HttpServletRequest request, HttpServletResponse response, JsonObject sl20Forward, String redirectURL) throws IOException, URISyntaxException {
//forward SL2.0 command
+ log.trace("SL20 command: " + sl20Forward.toString());
if (request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE) != null &&
request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE).equals(SL20Constants.HTTP_HEADER_VALUE_NATIVE)) {
log.debug("Client request containts 'native client' header ... ");