aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets
diff options
context:
space:
mode:
Diffstat (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets')
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java14
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java24
2 files changed, 34 insertions, 4 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
index c96225bd..3a6bc971 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
@@ -2,7 +2,6 @@ package at.gv.egiz.pdfas.web.servlets;
import java.io.File;
import java.io.IOException;
-import java.io.PrintWriter;
import java.util.List;
import javax.servlet.ServletException;
@@ -18,14 +17,12 @@ import org.slf4j.LoggerFactory;
import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner;
-import at.gv.egiz.pdfas.sigs.pades.PAdESSigner;
import at.gv.egiz.pdfas.web.config.WebConfiguration;
import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
+import at.gv.egiz.pdfas.web.helper.DigestHelper;
import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor;
import at.gv.egiz.pdfas.web.helper.RemotePDFFetcher;
-import at.gv.egiz.sl.util.BKUSLConnector;
-import at.gv.egiz.sl.util.MOAConnector;
/**
* Servlet implementation class Sign
@@ -209,6 +206,15 @@ public class ExternSignServlet extends HttpServlet {
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
PdfAsHelper.setErrorURL(request, response, errorUrl);
+ if(pdfData == null) {
+ throw new PdfAsException("No Signature data available");
+ }
+
+ String pdfDataHash = DigestHelper.getHexEncodedHash(pdfData);
+
+ PdfAsHelper.setSignatureDataHash(request, pdfDataHash);
+ logger.debug("Storing signatures data hash: " + pdfDataHash);
+
logger.debug("Starting signature creation with: " + connector);
IPlainSigner signer;
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java
index 6ce0e1c9..9bf66fe9 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFData.java
@@ -8,14 +8,23 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
/**
* Servlet implementation class PDFData
*/
public class PDFData extends HttpServlet {
+
private static final long serialVersionUID = 1L;
+ private static final Logger logger = LoggerFactory
+ .getLogger(PDFData.class);
+
+ private static String ORIGINAL_DIGEST = "origdigest";
+
/**
* @see HttpServlet#HttpServlet()
*/
@@ -45,7 +54,22 @@ public class PDFData extends HttpServlet {
HttpServletResponse response) throws ServletException, IOException {
byte[] signedData = PdfAsHelper.getSignedPdf(request, response);
+ String plainPDFDigest = request.getParameter(ORIGINAL_DIGEST);
+
if (signedData != null) {
+ if(plainPDFDigest != null) {
+ String signatureDataHash = PdfAsHelper.getSignatureDataHash(request);
+ if(!plainPDFDigest.equalsIgnoreCase(signatureDataHash)) {
+ logger.error("Digest Hash mismatch!");
+ logger.error("Requested digest: " + plainPDFDigest);
+ logger.error("Saved digest: " + signatureDataHash);
+
+ PdfAsHelper.setSessionException(request, response,
+ "Signature Data digest do not match!", null);
+ PdfAsHelper.gotoError(getServletContext(), request, response);
+ return;
+ }
+ }
response.setContentType("application/pdf");
OutputStream os = response.getOutputStream();
os.write(signedData);