diff options
Diffstat (limited to 'pdf-as-web/src/main/java/at/gv/egiz')
3 files changed, 12 insertions, 26 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java index bca9bc5b..ba1481f9 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java @@ -345,7 +345,13 @@ public class ExternSignServlet extends HttpServlet { String placeholder_id = PdfAsParameterExtractor.getPlaceholderId(request); if(!placeholder_id.equalsIgnoreCase("")) { PlaceholderWebConfiguration.setValue(IConfigurationConstants.PLACEHOLDER_WEB_ID, placeholder_id); + } else + { + PlaceholderWebConfiguration.clear(); + } + + } catch(Exception e) { logger.error(e.getLocalizedMessage()); } diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java index 31f5a2ef..55946afb 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java @@ -118,7 +118,7 @@ public class SLDataURLServlet extends HttpServlet { String sl20ReqId = (String) request.getSession(false).getAttribute(PdfAsHelper.PDF_SESSION_PREFIX + SL20Constants.SL20_REQID); String inRespTo = SL20JSONExtractorUtils.getStringValue(sl20ReqObj, SL20Constants.SL20_INRESPTO, true); if (sl20ReqId == null || !sl20ReqId.equals(inRespTo)) { - logger.info("SL20 'reqId': " + sl20ReqId + " does NOT match to 'inResponseTo':" + inRespTo); + logger.debug("SL20 'reqId': " + sl20ReqId + " does NOT match to 'inResponseTo':" + inRespTo); throw new SL20SecurityException("SL20 'reqId': " + sl20ReqId + " does NOT match to 'inResponseTo':" + inRespTo); } diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/JsonSecurityUtils.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/JsonSecurityUtils.java index 4f496a75..4a0ecf47 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/JsonSecurityUtils.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/JsonSecurityUtils.java @@ -1,20 +1,16 @@ package at.gv.egiz.pdfas.web.sl20; -import java.io.IOException; import java.security.Key; import java.security.KeyStore; import java.security.PrivateKey; import java.security.cert.Certificate; -import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; import java.util.ArrayList; -import java.util.Base64; import java.util.Collections; import java.util.Enumeration; import java.util.List; import org.apache.commons.lang3.StringUtils; -import org.bouncycastle.util.encoders.Base64Encoder; import org.jose4j.jwa.AlgorithmConstraints; import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; import org.jose4j.jwe.JsonWebEncryption; @@ -85,7 +81,7 @@ public class JsonSecurityUtils implements IJOSETools{ if (certChainSigning[i] instanceof X509Certificate) { signCertChain[i] = (X509Certificate)certChainSigning[i]; } else - logger.warn("NO X509 certificate for signing: " + certChainSigning[i].getType()); + logger.warn("NO X509 certificate for signing: "); } @@ -99,7 +95,7 @@ public class JsonSecurityUtils implements IJOSETools{ if (certChainEncryption[i] instanceof X509Certificate) { encCertChain[i] = (X509Certificate)certChainEncryption[i]; } else - logger.warn("NO X509 certificate for encryption: " + certChainEncryption[i].getType()); + logger.warn("NO X509 certificate for encryption: "); } } else logger.info("No encryption key for SL2.0 found. End-to-End encryption is not used."); @@ -119,20 +115,20 @@ public class JsonSecurityUtils implements IJOSETools{ if (cert != null && cert instanceof X509Certificate) trustedCerts.add((X509Certificate) cert); else - logger.info("Can not process entry: " + el + ". Reason: " + cert.toString()); + logger.info("Can not process entry: " + el + ". Reason: "); } } //some short validation if (signPrivKey == null || !(signPrivKey instanceof PrivateKey)) { - logger.info("Can NOT open privateKey for SL2.0 signing. KeyStore=" + getKeyStoreFilePath()); + logger.info("Can NOT open privateKey for SL2.0 signing. KeyStore="); throw new SL20Exception("sl20.03"); } if (signCertChain == null || signCertChain.length == 0) { - logger.info("NO certificate for SL2.0 signing. KeyStore=" + getKeyStoreFilePath()); + logger.info("NO certificate for SL2.0 signing. KeyStore="); throw new SL20Exception("sl20.03"); } @@ -205,15 +201,6 @@ public class JsonSecurityUtils implements IJOSETools{ } else { logger.info("Can NOT find JOSE certificate in truststore."); - logger.debug("JOSE certificate: " + sortedX5cCerts.get(0).toString()); - try { - logger.debug("Cert: " + Base64.getEncoder().encodeToString(sortedX5cCerts.get(0).getEncoded())); - - } catch (CertificateEncodingException e) { - e.printStackTrace(); - - } - } } else if (StringUtils.isNotEmpty(x5t256)) { @@ -289,12 +276,6 @@ public class JsonSecurityUtils implements IJOSETools{ if (!sortedX5cCerts.get(0).equals(encCertChain[0])) { logger.info("Certificate from JOSE header does NOT match encryption certificate"); logger.debug("JOSE certificate: " + sortedX5cCerts.get(0).toString()); - - try { - logger.debug("Cert: " + Base64.getEncoder().encodeToString(sortedX5cCerts.get(0).getEncoded())); - } catch (CertificateEncodingException e) { - e.printStackTrace(); - } throw new SL20Exception("sl20.05"); } @@ -303,7 +284,6 @@ public class JsonSecurityUtils implements IJOSETools{ String certFingerPrint = X509Util.x5tS256(encCertChain[0]); if (!certFingerPrint.equals(x5t256)) { logger.info("X5t256 from JOSE header does NOT match encryption certificate"); - logger.debug("X5t256 from JOSE header: " + x5t256 + " Encrytption cert: " + certFingerPrint); throw new SL20Exception("sl20.05"); } |