aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets
diff options
context:
space:
mode:
Diffstat (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets')
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java6
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java4
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java240
3 files changed, 225 insertions, 25 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java
index 7847d840..dcb93fb1 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java
@@ -58,26 +58,28 @@ public class DataURLServlet extends HttpServlet {
PdfAsHelper.setFromDataUrl(request);
String xmlResponse = request.getParameter("XMLResponse");
- System.out.println(xmlResponse);
+ //System.out.println(xmlResponse);
JAXBElement jaxbObject = (JAXBElement) SLMarschaller.unmarshalFromString(xmlResponse);
if(jaxbObject.getValue() instanceof InfoboxReadResponseType) {
InfoboxReadResponseType infoboxReadResponseType = (InfoboxReadResponseType)jaxbObject.getValue();
+ logger.info("Got InfoboxReadResponseType");
PdfAsHelper.injectCertificate(request, response, infoboxReadResponseType, getServletContext());
} else if(jaxbObject.getValue() instanceof CreateCMSSignatureResponseType) {
CreateCMSSignatureResponseType createCMSSignatureResponseType = (CreateCMSSignatureResponseType)jaxbObject.getValue();
+ logger.info("Got CreateCMSSignatureResponseType");
PdfAsHelper.injectSignature(request, response, createCMSSignatureResponseType, getServletContext());
} else if(jaxbObject.getValue() instanceof ErrorResponseType) {
ErrorResponseType errorResponseType = (ErrorResponseType)jaxbObject.getValue();
logger.error("SecurityLayer: " + errorResponseType.getErrorCode() + " " + errorResponseType.getInfo());
throw new PdfAsSecurityLayerException(errorResponseType.getInfo(),
errorResponseType.getErrorCode());
-
} else {
throw new PdfAsSecurityLayerException("Unknown SL response",
9999);
}
} catch (Exception e) {
+ logger.error("Error in DataURL Servlet. " , e);
PdfAsHelper.setSessionException(request, response, e.getMessage(),
e);
PdfAsHelper.gotoError(getServletContext(), request, response);
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
index fe26f097..b2649a57 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
@@ -60,6 +60,8 @@ public class ExternSignServlet extends HttpServlet {
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
+ //PdfAsHelper.regenerateSession(request);
+
System.out.println("Get signing request");
logger.info("Get signing request");
@@ -93,6 +95,8 @@ public class ExternSignServlet extends HttpServlet {
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
+ //PdfAsHelper.regenerateSession(request);
+
System.out.println("Post signing request");
logger.info("Post signing request");
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
index 4418c30b..0dd96e78 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
@@ -1,5 +1,8 @@
package at.gv.egiz.pdfas.web.servlets;
+import iaik.x509.X509Certificate;
+
+import java.io.File;
import java.io.IOException;
import java.util.List;
@@ -8,53 +11,244 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.fileupload.FileItem;
+import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.apache.commons.fileupload.servlet.ServletFileUpload;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource;
import at.gv.egiz.pdfas.lib.api.Configuration;
import at.gv.egiz.pdfas.lib.api.PdfAs;
import at.gv.egiz.pdfas.lib.api.PdfAsFactory;
import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter;
import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor;
+import at.gv.egiz.pdfas.web.helper.RemotePDFFetcher;
/**
* Servlet implementation class VerifyServlet
*/
public class VerifyServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
-
- /**
- * @see HttpServlet#HttpServlet()
- */
- public VerifyServlet() {
- super();
- }
+
+ private static final Logger logger = LoggerFactory
+ .getLogger(ExternSignServlet.class);
+
+ private static final String UPLOAD_PDF_DATA = "pdfFile";
+ private static final String UPLOAD_DIRECTORY = "upload";
+ private static final int THRESHOLD_SIZE = 1024 * 1024 * 3; // 3MB
+ private static final int MAX_FILE_SIZE = 1024 * 1024 * 40; // 40MB
+ private static final int MAX_REQUEST_SIZE = 1024 * 1024 * 50; // 50MB
/**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
+ * @see HttpServlet#HttpServlet()
*/
- protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- // TODO Auto-generated method stub
+ public VerifyServlet() {
+ super();
}
/**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
*/
- protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- // TODO Auto-generated method stub
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ System.out.println("Get verify request");
+ logger.info("Get verify request");
+
+ String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
+ PdfAsHelper.setErrorURL(request, response, errorUrl);
+ try {
+ // Mandatory Parameters on Get Request:
+ String invokeUrl = PdfAsParameterExtractor.getInvokeURL(request);
+ PdfAsHelper.setInvokeURL(request, response, invokeUrl);
+
+ String pdfUrl = PdfAsParameterExtractor.getPdfUrl(request);
+
+ if (pdfUrl == null) {
+ throw new PdfAsWebException(
+ "No PDF URL given! Use POST request to sign without PDF URL.");
+ }
+
+ byte[] pdfData = RemotePDFFetcher.fetchPdfFile(pdfUrl);
+ doVerify(request, response, pdfData);
+ } catch (Exception e) {
+ PdfAsHelper.setSessionException(request, response, e.getMessage(),
+ e);
+ PdfAsHelper.gotoError(getServletContext(), request, response);
+ }
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ System.out.println("Post signing request");
+ logger.info("Post signing request");
+
+ String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
+ PdfAsHelper.setErrorURL(request, response, errorUrl);
+
+ try {
+ byte[] filecontent = null;
+
+ // checks if the request actually contains upload file
+ if (!ServletFileUpload.isMultipartContent(request)) {
+ // No Uploaded data!
+ if (PdfAsParameterExtractor.getPdfUrl(request) != null) {
+ doGet(request, response);
+ return;
+ } else {
+ throw new PdfAsWebException("No Signature data defined!");
+ }
+ } else {
+ // configures upload settings
+ DiskFileItemFactory factory = new DiskFileItemFactory();
+ factory.setSizeThreshold(THRESHOLD_SIZE);
+ factory.setRepository(new File(System
+ .getProperty("java.io.tmpdir")));
+
+ ServletFileUpload upload = new ServletFileUpload(factory);
+ upload.setFileSizeMax(MAX_FILE_SIZE);
+ upload.setSizeMax(MAX_REQUEST_SIZE);
+
+ // constructs the directory path to store upload file
+ String uploadPath = getServletContext().getRealPath("")
+ + File.separator + UPLOAD_DIRECTORY;
+ // creates the directory if it does not exist
+ File uploadDir = new File(uploadPath);
+ if (!uploadDir.exists()) {
+ uploadDir.mkdir();
+ }
+
+ List formItems = upload.parseRequest(request);
+ logger.debug(formItems.size() + " Items in form data");
+ if (formItems.size() < 1) {
+ // No Uploaded data!
+ // Try do get
+ // No Uploaded data!
+ if (PdfAsParameterExtractor.getPdfUrl(request) != null) {
+ doGet(request, response);
+ return;
+ } else {
+ throw new PdfAsWebException(
+ "No Signature data defined!");
+ }
+ } else {
+ for (int i = 0; i < formItems.size(); i++) {
+ Object obj = formItems.get(i);
+ if (obj instanceof FileItem) {
+ FileItem item = (FileItem) obj;
+ if (item.getFieldName().equals(UPLOAD_PDF_DATA)) {
+ filecontent = item.get();
+ try {
+ File f = new File(item.getName());
+ String name = f.getName();
+ logger.debug("Got upload: "
+ + item.getName());
+ if (name != null) {
+ if (!(name.endsWith(".pdf") || name
+ .endsWith(".PDF"))) {
+ name += ".pdf";
+ }
+
+ logger.debug("Setting Filename in session: "
+ + name);
+ PdfAsHelper.setPDFFileName(request,
+ name);
+ }
+ } catch (Throwable e) {
+ logger.error("In resolving filename", e);
+ }
+ if (filecontent.length < 10) {
+ filecontent = null;
+ } else {
+ logger.debug("Found pdf Data! Size: "
+ + filecontent.length);
+ }
+ } else {
+ request.setAttribute(item.getFieldName(),
+ item.getString());
+ logger.debug("Setting " + item.getFieldName()
+ + " = " + item.getString());
+ }
+ } else {
+ logger.debug(obj.getClass().getName() + " - "
+ + obj.toString());
+ }
+ }
+ }
+ }
+
+ if (filecontent == null) {
+ if (PdfAsParameterExtractor.getPdfUrl(request) != null) {
+ filecontent = RemotePDFFetcher
+ .fetchPdfFile(PdfAsParameterExtractor
+ .getPdfUrl(request));
+ }
+ }
+
+ if (filecontent == null) {
+ Object sourceObj = request.getAttribute("source");
+ if (sourceObj != null) {
+ String source = sourceObj.toString();
+ if (source.equals("internal")) {
+ request.setAttribute("FILEERR", true);
+ request.getRequestDispatcher("index.jsp").forward(
+ request, response);
+ return;
+ }
+ }
+ throw new PdfAsException("No Signature data available");
+ }
+
+ doVerify(request, response, filecontent);
+ } catch (Exception e) {
+ PdfAsHelper.setSessionException(request, response, e.getMessage(),
+ e);
+ PdfAsHelper.gotoError(getServletContext(), request, response);
+ }
}
- protected void doVerify(HttpServletRequest request, HttpServletResponse response,
- byte[] pdfData, int whichSignature) {
- PdfAs pdfAs = PdfAsFactory.createPdfAs(null);
- Configuration conf = pdfAs.getConfiguration();
- VerifyParameter parameter = PdfAsFactory.createVerifyParameter(conf, new ByteArrayDataSource(pdfData));
- parameter.setWhichSignature(whichSignature);
+ protected void doVerify(HttpServletRequest request,
+ HttpServletResponse response, byte[] pdfData) throws Exception {
+ throw new Exception("");
- //List<VerifyResult> results = pdfAs.verify(parameter);
+ /*List<VerifyResult> results = PdfAsHelper.synchornousVerify(request,
+ response, pdfData);
+
+ PdfAsHelper.setVerificationResult(request, results);
// Create HTML Snippet for each Verification Result
// Put these results into the web page
- // Or create a JSON response with the verification results for automated processing
-
+ // Or create a JSON response with the verification results for automated
+ // processing
+ for (int i = 0; i < results.size(); i++) {
+ VerifyResult result = results.get(i);
+
+ if (result.isVerificationDone()) {
+
+ int certCode = result.getCertificateCheck().getCode();
+ String certMessage = result.getCertificateCheck().getMessage();
+
+ int valueCode = result.getValueCheckCode().getCode();
+ String valueMessage = result.getValueCheckCode().getMessage();
+
+ Exception e = result.getVerificationException();
+
+ X509Certificate cert = result.getSignerCertificate();
+ byte[] data = result.getSignatureData();
+
+
+ }
+ }*/
}
-
+
}