diff options
Diffstat (limited to 'pdf-as-web/src/main/java/at')
| -rw-r--r-- | pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java | 10 | ||||
| -rw-r--r-- | pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java | 117 |
2 files changed, 75 insertions, 52 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java index 81b60131..7177541c 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java @@ -58,6 +58,7 @@ public class WebConfiguration implements IConfigurationConstants { public static final String MOA_SS_ENABLED = "moa.enabled"; public static final String SOAP_SIGN_ENABLED = "soap.sign.enabled"; + public static final String SOAP_SIGN_WITH_VERIFY_ENABLED = "soap.sign.with.verify.enabled"; public static final String SOAP_VERIFY_ENABLED = "soap.verify.enabled"; public static final String RELOAD_PASSWORD = "reload.pwd"; public static final String RELOAD_ENABLED = "reload.enabled"; @@ -506,6 +507,15 @@ public class WebConfiguration implements IConfigurationConstants { return false; } + public static boolean isSoapSignWithVerifyEnabled() { + String value = properties.getProperty(SOAP_SIGN_WITH_VERIFY_ENABLED); + if (value != null) { + return value.equals("true"); + + } + return getSoapSignEnabled(); + } + public static boolean getSoapVerifyEnabled() { String value = properties.getProperty(SOAP_VERIFY_ENABLED); if (value != null) { diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java index 2c248059..dce3e34c 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java @@ -455,67 +455,80 @@ public class PDFASSigningImpl implements PDFASSigning { @SneakyThrows private void validatePdfSignature(SignedDocument el, PdfasSignRequest request, StatisticEvent statisticEvent) { - - Map<String, String> preProcessor = null; - if (request.getCoreParams().getPreprocessor() != null) { - preProcessor = request.getCoreParams().getPreprocessor(); - - } - - VerifyResult verifyResult = null; - if (request.getVerificationLevel() != null && - request.getVerificationLevel().equals( - VerificationLevel.FULL_CERT_PATH)) { - final List<VerifyResult> verResults = PdfAsHelper - .synchronousVerify( - el.getOutputData(), - -1, - SignatureVerificationLevel.FULL_VERIFICATION, - preProcessor); - - if (verResults.size() < 1) { - throw new WebServiceException( - "Document verification failed! " + verResults.size()); + + if (WebConfiguration.isSoapSignWithVerifyEnabled()) { + Map<String, String> preProcessor = null; + if (request.getCoreParams().getPreprocessor() != null) { + preProcessor = request.getCoreParams().getPreprocessor(); + } - verifyResult = verResults.get(verResults.size() - 1); - } else { - final List<VerifyResult> verResults = PdfAsHelper - .synchronousVerify( - el.getOutputData(), - -1, - SignatureVerificationLevel.INTEGRITY_ONLY_VERIFICATION, - preProcessor); - - if (verResults.size() < 1) { - throw new WebServiceException( - "Document verification failed! " + verResults.size()); + + VerifyResult verifyResult = null; + if (request.getVerificationLevel() != null && + request.getVerificationLevel().equals( + VerificationLevel.FULL_CERT_PATH)) { + final List<VerifyResult> verResults = PdfAsHelper + .synchronousVerify( + el.getOutputData(), + -1, + SignatureVerificationLevel.FULL_VERIFICATION, + preProcessor); + + if (verResults.size() < 1) { + throw new WebServiceException( + "Document verification failed! " + verResults.size()); + } + verifyResult = verResults.get(verResults.size() - 1); + } else { + final List<VerifyResult> verResults = PdfAsHelper + .synchronousVerify( + el.getOutputData(), + -1, + SignatureVerificationLevel.INTEGRITY_ONLY_VERIFICATION, + preProcessor); + + if (verResults.size() < 1) { + throw new WebServiceException( + "Document verification failed! " + verResults.size()); + } + + verifyResult = verResults.get(verResults.size() - 1); + } + + if (verifyResult.getValueCheckCode().getCode() == 0) { + statisticEvent.setStatus(Status.OK); + statisticEvent.setEndNow(); + statisticEvent.setTimestampNow(); + statisticEvent.setFilesize(el.getOutputData().length); + StatisticFrontend.getInstance().storeEvent(statisticEvent); + statisticEvent.setLogged(true); + + } else { + statisticEvent.setStatus(Status.ERROR); + statisticEvent.setErrorCode(verifyResult.getValueCheckCode().getCode()); + statisticEvent.setEndNow(); + statisticEvent.setTimestampNow(); + statisticEvent.setFilesize(el.getOutputData().length); + StatisticFrontend.getInstance().storeEvent(statisticEvent); + statisticEvent.setLogged(true); + } + + el.getVerificationResponse().setCertificateCode( + verifyResult.getCertificateCheck().getCode()); + el.getVerificationResponse().setValueCode( + verifyResult.getValueCheckCode().getCode()); - verifyResult = verResults.get(verResults.size() - 1); - - } - - if (verifyResult.getValueCheckCode().getCode() == 0) { - statisticEvent.setStatus(Status.OK); - statisticEvent.setEndNow(); - statisticEvent.setTimestampNow(); - statisticEvent.setFilesize(el.getOutputData().length); - StatisticFrontend.getInstance().storeEvent(statisticEvent); - statisticEvent.setLogged(true); } else { - statisticEvent.setStatus(Status.ERROR); - statisticEvent.setErrorCode(verifyResult.getValueCheckCode().getCode()); + log.debug("Implicite signature-verification skipped by configuration"); + statisticEvent.setStatus(Status.OK); statisticEvent.setEndNow(); statisticEvent.setTimestampNow(); statisticEvent.setFilesize(el.getOutputData().length); StatisticFrontend.getInstance().storeEvent(statisticEvent); statisticEvent.setLogged(true); + } - - el.getVerificationResponse().setCertificateCode( - verifyResult.getCertificateCheck().getCode()); - el.getVerificationResponse().setValueCode( - verifyResult.getValueCheckCode().getCode()); - + } } |