aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-web/src/main/java/at
diff options
context:
space:
mode:
Diffstat (limited to 'pdf-as-web/src/main/java/at')
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java2
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java36
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java3
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java6
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java94
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java90
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java87
7 files changed, 278 insertions, 40 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java
index 085976f0..c7bb19a0 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/filter/ExceptionCatchFilter.java
@@ -76,7 +76,7 @@ public class ExceptionCatchFilter implements Filter {
String name = parameterNames.nextElement();
String value = httpRequest.getParameter(name);
request.setAttribute(name, value);
- logger.info("Setting attribute: " + name + " - " + value);
+ logger.debug("Setting attribute: " + name + " - " + value);
}
}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
index 0f33056e..5a452188 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
@@ -56,6 +56,7 @@ import at.gv.egiz.pdfas.lib.api.sign.SignResult;
import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter;
import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
import at.gv.egiz.pdfas.sigs.pades.PAdESSigner;
+import at.gv.egiz.pdfas.sigs.pades.PAdESSignerKeystore;
import at.gv.egiz.pdfas.sigs.pkcs7detached.PKCS7DetachedSigner;
import at.gv.egiz.pdfas.web.config.WebConfiguration;
import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
@@ -98,14 +99,14 @@ public class PdfAsHelper {
private static ObjectFactory of = new ObjectFactory();
static {
- logger.debug("Creating PDF-AS");
+ logger.info("Creating PDF-AS");
pdfAs = PdfAsFactory.createPdfAs(new File(WebConfiguration
.getPdfASDir()));
- logger.debug("Creating PDF-AS done");
+ logger.info("Creating PDF-AS done");
}
public static void init() {
- logger.debug("PDF-AS Helper initialized");
+ logger.info("PDF-AS Helper initialized");
}
private static void validatePdfSize(HttpServletRequest request,
@@ -247,7 +248,7 @@ public class PdfAsHelper {
}
}
- logger.error("Verifing Signature index: " + signIdx);
+ logger.debug("Verifing Signature index: " + signIdx);
Configuration config = pdfAs.getConfiguration();
@@ -298,7 +299,7 @@ public class PdfAsHelper {
if (connector.equals("moa")) {
signer = new PAdESSigner(new MOAConnector(config));
} else if(connector.equals("jks")) {
- signer = new PKCS7DetachedSigner(
+ signer = new PAdESSignerKeystore(
WebConfiguration.getKeystoreFile(),
WebConfiguration.getKeystoreAlias(),
WebConfiguration.getKeystorePass(),
@@ -356,7 +357,7 @@ public class PdfAsHelper {
if(!WebConfiguration.getKeystoreEnabled()) {
throw new PdfAsWebException("JKS connector disabled.");
}
- signer = new PKCS7DetachedSigner(
+ signer = new PAdESSignerKeystore(
WebConfiguration.getKeystoreFile(),
WebConfiguration.getKeystoreAlias(),
WebConfiguration.getKeystorePass(),
@@ -488,7 +489,7 @@ public class PdfAsHelper {
CreateCMSSignatureResponseType createCMSSignatureResponseType,
ServletContext context) throws Exception {
- logger.info("Got CMS Signature Response");
+ logger.debug("Got CMS Signature Response");
HttpSession session = request.getSession();
StatusRequest statusRequest = (StatusRequest) session
@@ -530,13 +531,8 @@ public class PdfAsHelper {
BKUSLConnector bkuSLConnector = (BKUSLConnector) session
.getAttribute(PDF_SL_CONNECTOR);
- // TODO Handle logic for BKU interaction
-
-// Configuration config = (Configuration) session
-// .getAttribute(PDF_CONFIG);
-
if (statusRequest.needCertificate()) {
- logger.info("Needing Certificate from BKU");
+ logger.debug("Needing Certificate from BKU");
// build SL Request to read certificate
InfoboxReadRequestType readCertificateRequest = bkuSLConnector
.createInfoboxReadRequest();
@@ -555,7 +551,7 @@ public class PdfAsHelper {
response.getWriter().write(template);
response.getWriter().close();
} else if (statusRequest.needSignature()) {
- logger.info("Needing Signature from BKU");
+ logger.debug("Needing Signature from BKU");
// build SL Request for cms signature
RequestPackage pack = bkuSLConnector
.createCMSRequest(statusRequest.getSignatureData(),
@@ -571,7 +567,7 @@ public class PdfAsHelper {
} else if (statusRequest.isReady()) {
// TODO: store pdf document redirect to Finish URL
- logger.info("Document ready!");
+ logger.debug("Document ready!");
SignResult result = pdfAs.finishSign(statusRequest);
DataSink output = result.getOutputDocument();
@@ -581,14 +577,14 @@ public class PdfAsHelper {
byteDataSink.getData());
PdfAsHelper.gotoProvidePdf(context, request, response);
} else {
- // TODO: no signature data available!
+ throw new PdfAsWebException("No Signature data available");
}
} else {
- // TODO: invalid state
+ throw new PdfAsWebException("Invalid state!");
}
} else {
- // TODO Handle logic for
+ throw new PdfAsWebException("Invalid connector: " + connector);
}
}
@@ -716,7 +712,7 @@ public class PdfAsHelper {
HttpServletResponse response, String url) {
HttpSession session = request.getSession();
session.setAttribute(PDF_INVOKE_URL, url);
- logger.info("External Invoke URL: " + url);
+ logger.debug("External Invoke URL: " + url);
}
public static String getInvokeURL(HttpServletRequest request,
@@ -747,7 +743,7 @@ public class PdfAsHelper {
+ session.getId();
}
}
- logger.info("Generated URL: " + dataURL);
+ logger.debug("Generated URL: " + dataURL);
return dataURL;
}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
index c4acf5a8..730fe9ad 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
@@ -59,9 +59,6 @@ public class PdfAsParameterExtractor {
public static String getInvokeErrorURL(HttpServletRequest request) {
String url = (String)request.getAttribute(PARAM_INVOKE_URL_ERROR);
- if(url != null) {
- //TODO validation!
- }
return url;
}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
index ac22f6c8..153a69fe 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
@@ -84,8 +84,7 @@ public class ExternSignServlet extends HttpServlet {
//PdfAsHelper.regenerateSession(request);
- System.out.println("Get signing request");
- logger.info("Get signing request");
+ logger.debug("Get signing request");
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
PdfAsHelper.setErrorURL(request, response, errorUrl);
@@ -119,8 +118,7 @@ public class ExternSignServlet extends HttpServlet {
//PdfAsHelper.regenerateSession(request);
- System.out.println("Post signing request");
- logger.info("Post signing request");
+ logger.debug("Post signing request");
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
PdfAsHelper.setErrorURL(request, response, errorUrl);
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java
new file mode 100644
index 00000000..69386478
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java
@@ -0,0 +1,94 @@
+package at.gv.egiz.pdfas.web.servlets;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.cert.CertificateEncodingException;
+import java.util.List;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+
+public class PDFSignatureCertificateData extends HttpServlet {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger logger = LoggerFactory
+ .getLogger(PDFSignatureCertificateData.class);
+
+ public static final String SIGN_ID = "SIGID";
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public PDFSignatureCertificateData() {
+ super();
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ this.process(request, response);
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ this.process(request, response);
+ }
+
+ protected void process(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ if(request.getParameter(SIGN_ID) == null) {
+ throw new PdfAsException("Missing Parameter");
+ }
+
+ String sigID = request.getParameter(SIGN_ID);
+
+ int id = Integer.parseInt(sigID);
+
+ List<VerifyResult> vResult = PdfAsHelper
+ .getVerificationResult(request);
+
+ if (id < vResult.size()) {
+ VerifyResult res = vResult.get(id);
+
+ response.setHeader(
+ "Content-Disposition",
+ "inline;filename=cert_" + id + ".cer");
+ response.setContentType("application/pkix-cert");
+ OutputStream os = response.getOutputStream();
+ os.write(res.getSignerCertificate().getEncoded());
+ os.close();
+ } else {
+ logger.error("Verification CERT not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ }
+ } catch (NumberFormatException e) {
+ logger.error("Verification CERT not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ } catch (PdfAsException e) {
+ logger.error("Verification CERT not found:", e);
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ } catch (CertificateEncodingException e) {
+ logger.error("Verification CERT invalid:", e);
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ }
+ }
+
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java
new file mode 100644
index 00000000..a4cee36f
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java
@@ -0,0 +1,90 @@
+package at.gv.egiz.pdfas.web.servlets;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.util.List;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+
+public class PDFSignatureData extends HttpServlet {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger logger = LoggerFactory
+ .getLogger(PDFSignatureData.class);
+
+ public static final String SIGN_ID = "SIGID";
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public PDFSignatureData() {
+ super();
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ this.process(request, response);
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ this.process(request, response);
+ }
+
+ protected void process(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ if(request.getParameter(SIGN_ID) == null) {
+ throw new PdfAsException("Missing Parameter");
+ }
+
+ String sigID = request.getParameter(SIGN_ID);
+
+ int id = Integer.parseInt(sigID);
+
+ List<VerifyResult> vResult = PdfAsHelper
+ .getVerificationResult(request);
+
+ if (id < vResult.size()) {
+ VerifyResult res = vResult.get(id);
+
+ response.setHeader(
+ "Content-Disposition",
+ "inline;filename=signed_data_" + id + ".pdf");
+ response.setContentType("application/pdf");
+ OutputStream os = response.getOutputStream();
+ os.write(res.getSignatureData());
+ os.close();
+ } else {
+ logger.error("Verification DATA not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ }
+ } catch (NumberFormatException e) {
+ logger.error("Verification DATA not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId());
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ } catch (PdfAsException e) {
+ logger.error("Verification DATA not found:", e);
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ }
+ }
+
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
index 42a5175a..912e6efc 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java
@@ -23,8 +23,11 @@
******************************************************************************/
package at.gv.egiz.pdfas.web.servlets;
+import iaik.x509.X509Certificate;
+
import java.io.File;
import java.io.IOException;
+import java.io.OutputStream;
import java.util.List;
import javax.servlet.ServletException;
@@ -39,6 +42,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor;
@@ -51,7 +55,7 @@ public class VerifyServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
private static final Logger logger = LoggerFactory
- .getLogger(ExternSignServlet.class);
+ .getLogger(VerifyServlet.class);
private static final String UPLOAD_PDF_DATA = "pdf-file";
private static final String UPLOAD_DIRECTORY = "upload";
@@ -72,7 +76,7 @@ public class VerifyServlet extends HttpServlet {
*/
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
- System.out.println("Get verify request");
+
logger.info("Get verify request");
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
@@ -91,7 +95,8 @@ public class VerifyServlet extends HttpServlet {
byte[] pdfData = RemotePDFFetcher.fetchPdfFile(pdfUrl);
doVerify(request, response, pdfData);
- } catch (Exception e) {
+ } catch (Throwable e) {
+ logger.error("Generic Error: ", e);
PdfAsHelper.setSessionException(request, response, e.getMessage(),
e);
PdfAsHelper.gotoError(getServletContext(), request, response);
@@ -105,8 +110,7 @@ public class VerifyServlet extends HttpServlet {
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
- System.out.println("Post signing request");
- logger.info("Post signing request");
+ logger.info("Post verify request");
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
PdfAsHelper.setErrorURL(request, response, errorUrl);
@@ -225,7 +229,8 @@ public class VerifyServlet extends HttpServlet {
}
doVerify(request, response, filecontent);
- } catch (Exception e) {
+ } catch (Throwable e) {
+ logger.error("Generic Error: ", e);
PdfAsHelper.setSessionException(request, response, e.getMessage(),
e);
PdfAsHelper.gotoError(getServletContext(), request, response);
@@ -234,9 +239,11 @@ public class VerifyServlet extends HttpServlet {
protected void doVerify(HttpServletRequest request,
HttpServletResponse response, byte[] pdfData) throws Exception {
- throw new Exception("");
- /*List<VerifyResult> results = PdfAsHelper.synchornousVerify(request,
+ logger.debug("doVerify");
+ logger.info("Starting verification of pdf dokument");
+
+ List<VerifyResult> results = PdfAsHelper.synchornousVerify(request,
response, pdfData);
PdfAsHelper.setVerificationResult(request, results);
@@ -245,11 +252,36 @@ public class VerifyServlet extends HttpServlet {
// Put these results into the web page
// Or create a JSON response with the verification results for automated
// processing
+
+ StringBuilder sb = new StringBuilder();
+
+ sb.append("<html><head><title></title></head><body>");
+ sb.append("<h3>Verification Results for: " + PdfAsHelper.getPDFFileName(request) + "</h3>");
+ sb.append("<table style=\"width:100%\" border='1' >");
+
+ sb.append("<tr>");
+
+ sb.append("<th>Signature</th>");
+ sb.append("<th>Processed</th>");
+ sb.append("<th>Signed By</th>");
+ sb.append("<th>Cert Code</th>");
+ sb.append("<th>Cert Message</th>");
+ sb.append("<th>Value Code</th>");
+ sb.append("<th>Value Message</th>");
+ sb.append("<th>Error</th>");
+ sb.append("<th>Certificate</th>");
+ sb.append("<th>Signed Data</th>");
+
+ sb.append("</tr>");
+
for (int i = 0; i < results.size(); i++) {
VerifyResult result = results.get(i);
-
+ sb.append("<tr>");
+
+ sb.append("<td>" + i + "</td>");
+
if (result.isVerificationDone()) {
-
+ sb.append("<td>YES</td>");
int certCode = result.getCertificateCheck().getCode();
String certMessage = result.getCertificateCheck().getMessage();
@@ -259,11 +291,42 @@ public class VerifyServlet extends HttpServlet {
Exception e = result.getVerificationException();
X509Certificate cert = result.getSignerCertificate();
- byte[] data = result.getSignatureData();
+ sb.append("<td>" + cert.getSubjectDN().getName() + "</td>");
+ sb.append("<td>" + certCode + "</td>");
+ sb.append("<td>" + certMessage + "</td>");
+ sb.append("<td>" + valueCode + "</td>");
+ sb.append("<td>" + valueMessage + "</td>");
+ if(e != null) {
+ sb.append("<td>" + e.getMessage() + "</td>");
+ } else {
+ sb.append("<td>-</td>");
+ }
+ sb.append("<td><a href=\"signCert?SIGID=" + i + "\">here</a></td>");
+ sb.append("<td><a href=\"signData?SIGID=" + i + "\">here</a></td>");
+ } else {
+ sb.append("<td>NO</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
+ sb.append("<td>-</td>");
}
- }*/
+
+
+ sb.append("</tr>");
+ }
+ sb.append("</table>");
+ sb.append("</body></html>");
+
+ response.setContentType("text/html");
+ OutputStream os = response.getOutputStream();
+ os.write(sb.toString().getBytes());
+ os.close();
}
}