diff options
Diffstat (limited to 'pdf-as-web/src')
12 files changed, 122 insertions, 46 deletions
diff --git a/pdf-as-web/src/main/assembly/tomcat/setVariables.bat b/pdf-as-web/src/main/assembly/tomcat/setVariables.bat index 606f84e1..57bd2f9a 100644 --- a/pdf-as-web/src/main/assembly/tomcat/setVariables.bat +++ b/pdf-as-web/src/main/assembly/tomcat/setVariables.bat @@ -59,10 +59,10 @@ rem Maximum PermGenSize in M set JVM_MAXPERMSIZE=256
rem COMMAND LINE OPTIONS
-set JAVA_OPTS=-server -Xss%JVM_XSS%k -Xms%JVM_XMS%m -Xmx%JVM_XMX%m -XX:MaxPermSize=%JVM_MAXPERMSIZE%m
+set JAVA_OPTS=-server -Xss%JVM_XSS%k -Xms%JVM_XMS%m -Xmx%JVM_XMX%m -XX:MaxPermSize=%JVM_MAXPERMSIZE%m -Dfile.encoding=UTF8
set CATALINA_OPTS=%PDFAS_WORK_DIR_PARAM%
rem SERVICE OPTIONS
-set SERVICE_OPTS=%PDFAS_WORK_DIR_PARAM%;-XX:MaxPermSize=%JVM_MAXPERMSIZE%m
+set SERVICE_OPTS=%PDFAS_WORK_DIR_PARAM%;-XX:MaxPermSize=%JVM_MAXPERMSIZE%m -Dfile.encoding=UTF8
:END
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java index 11ee4790..2f7c9323 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java @@ -301,7 +301,7 @@ public class PdfAsHelper { return sb.toString(); } - public static List<VerifyResult> synchornousVerify( + public static List<VerifyResult> synchronousVerify( HttpServletRequest request, HttpServletResponse response, byte[] pdfData) throws Exception { String signidxString = PdfAsParameterExtractor.getSigIdx(request); @@ -332,9 +332,9 @@ public class PdfAsHelper { return results; } - public static List<VerifyResult> synchornousVerify(byte[] pdfData, - int signIdx, SignatureVerificationLevel lvl, - Map<String, String> preProcessor) throws Exception { + public static List<VerifyResult> synchronousVerify(byte[] pdfData, + int signIdx, SignatureVerificationLevel lvl, + Map<String, String> preProcessor) throws Exception { logger.debug("Verifing Signature index: " + signIdx); Configuration config = pdfAs.getConfiguration(); @@ -364,11 +364,13 @@ public class PdfAsHelper { * The Web response * @param pdfData * The pdf data + * @param dynamicSignatureBlockArguments * @return The signed pdf data * @throws Exception */ - public static byte[] synchornousSignature(HttpServletRequest request, - HttpServletResponse response, byte[] pdfData) throws Exception { + public static byte[] synchronousSignature(HttpServletRequest request, + HttpServletResponse response, byte[] pdfData, + Map<String, String> dynamicSignatureBlockArguments) throws Exception { validatePdfSize(request, response, pdfData); Configuration config = pdfAs.getConfiguration(); @@ -506,6 +508,8 @@ public class PdfAsHelper { // set Signature Position signParameter.setSignaturePosition(buildPosString(request, response)); + //set signature block parameters + signParameter.setDynamicSignatureBlockArguments(dynamicSignatureBlockArguments); @SuppressWarnings("unused") SignResult result = pdfAs.sign(signParameter); @@ -522,8 +526,9 @@ public class PdfAsHelper { * @return The signed pdf data * @throws Exception */ - public static PDFASSignResponse synchornousServerSignature(byte[] pdfData, - PDFASSignParameters params) throws Exception { + public static PDFASSignResponse synchronousServerSignature(byte[] pdfData, + PDFASSignParameters params, Map<String, String> dynamicSignatureBlockArguments) throws Exception { + Configuration config = pdfAs.getConfiguration(); if (WebConfiguration.isAllowExtOverwrite() && params.getOverrides() != null) { @@ -658,6 +663,8 @@ public class PdfAsHelper { signParameter.setPreprocessorArguments(params.getPreprocessor() .getMap()); } + //TODO alex + signParameter.setDynamicSignatureBlockArguments(dynamicSignatureBlockArguments); SignResult signResult = pdfAs.sign(signParameter); @@ -771,7 +778,7 @@ public class PdfAsHelper { HttpServletResponse response, ServletContext context, byte[] pdfData, String connector, String position, String transactionId, String profile, - Map<String, String> preProcessor, Map<String, String> overwrite) throws Exception { + Map<String, String> preProcessor, Map<String, String> overwrite, Map<String, String> dynamicSignatureBlockArguments) throws Exception { // TODO: Protect session so that only one PDF can be signed during one // session @@ -856,6 +863,7 @@ public class PdfAsHelper { // set Signature Position signParameter.setSignaturePosition(position); + signParameter.setDynamicSignatureBlockArguments(dynamicSignatureBlockArguments); StatusRequest statusRequest = pdfAs.startSign(signParameter); session.setAttribute(PDF_STATUS, statusRequest); @@ -1283,7 +1291,7 @@ public class PdfAsHelper { baos.close(); PDFASVerificationResponse verResponse = new PDFASVerificationResponse(); - List<VerifyResult> verResults = PdfAsHelper.synchornousVerify( + List<VerifyResult> verResults = PdfAsHelper.synchronousVerify( baos.toByteArray(), -2, PdfAsHelper.getVerificationLevel(request), null); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java index 5415b233..31fbf46d 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java @@ -23,6 +23,7 @@ ******************************************************************************/ package at.gv.egiz.pdfas.web.helper; +import java.nio.charset.Charset; import java.util.Enumeration; import java.util.HashMap; import java.util.Map; @@ -31,6 +32,8 @@ import javax.servlet.http.HttpServletRequest; import at.gv.egiz.pdfas.lib.api.IConfigurationConstants; import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter.SignatureVerificationLevel; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class PdfAsParameterExtractor { @@ -74,7 +77,10 @@ public class PdfAsParameterExtractor { public static final String PARAM_PREPROCESSOR_PREFIX = "pp:"; public static final String PARAM_OVERWRITE_PREFIX = "ov:"; public static final String PARAM_QRCODE_CONTENT = "qrcontent"; + public static final String PARAM_DYNAMIC_SIGNATURE_BLOCK_PARAMETER = "sbp:"; + private static final Logger logger = LoggerFactory + .getLogger(PdfAsParameterExtractor.class); public static String getConnector(HttpServletRequest request) { String connector = (String)request.getAttribute(PARAM_CONNECTOR); @@ -83,7 +89,26 @@ public class PdfAsParameterExtractor { } return PARAM_CONNECTOR_DEFAULT; } - + + public static Map<String,String> getDynamicSignatureBlockParameters(HttpServletRequest request) throws Exception { + HashMap<String, String> signatureBlockParametersMap = new HashMap<String, String>(); + logger.debug("Default charset:"+ Charset.defaultCharset()); + logger.debug("Request charset:"+ request.getCharacterEncoding()); + + Enumeration<String> parameterNames = request.getAttributeNames(); + while(parameterNames.hasMoreElements()) { + String parameterName = parameterNames.nextElement(); + if (parameterName.startsWith(PARAM_DYNAMIC_SIGNATURE_BLOCK_PARAMETER)) { + String key = parameterName.substring(PARAM_DYNAMIC_SIGNATURE_BLOCK_PARAMETER.length()); + String value = (String) request.getAttribute(parameterName); + if(value != null && !value.isEmpty()){ + signatureBlockParametersMap.put(key, value); + logger.debug("Setting key "+ key +" to "+ value ); + } + } + } + return signatureBlockParametersMap; + } public static String getQRCodeContent(HttpServletRequest request) { String qrcodeContent = (String)request.getAttribute(PARAM_QRCODE_CONTENT); return qrcodeContent; diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java index 2c2af9a9..674d3351 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java @@ -27,7 +27,6 @@ import at.gv.egiz.pdfas.common.exceptions.PDFASError; import at.gv.egiz.pdfas.common.exceptions.PdfAsException; import at.gv.egiz.pdfas.common.exceptions.PdfAsSettingsValidationException; import at.gv.egiz.pdfas.common.settings.ISettings; -import at.gv.egiz.pdfas.common.utils.StringUtils; import at.gv.egiz.pdfas.lib.api.IConfigurationConstants; import at.gv.egiz.pdfas.lib.api.PdfAsFactory; import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter.SignatureVerificationLevel; @@ -57,6 +56,7 @@ import javax.servlet.http.HttpServletResponse; import java.io.File; import java.io.IOException; import java.util.List; +import java.util.Map; /** * Servlet implementation class Sign @@ -350,12 +350,10 @@ public class ExternSignServlet extends HttpServlet { PlaceholderWebConfiguration.clear(); } - } catch(Exception e) { logger.error(e.getLocalizedMessage()); } - String filename = PdfAsParameterExtractor.getFilename(request); if(filename != null) { logger.debug("Setting Filename in session: " + filename); @@ -366,7 +364,10 @@ public class ExternSignServlet extends HttpServlet { PdfAsHelper.setSignatureDataHash(request, pdfDataHash); logger.debug("Storing signatures data hash: " + pdfDataHash); - + + Map<String, String> dynamicSignatureBlockArguments = + PdfAsParameterExtractor.getDynamicSignatureBlockParameters(request); + logger.debug("Starting signature creation with: " + connector); //IPlainSigner signer; @@ -396,11 +397,12 @@ public class ExternSignServlet extends HttpServlet { } PdfAsHelper.setStatisticEvent(request, response, statisticEvent); - - PdfAsHelper.startSignature(request, response, getServletContext(), pdfData, connector, + + + PdfAsHelper.startSignature(request, response, getServletContext(), pdfData, connector, PdfAsHelper.buildPosString(request, response), transactionId, PdfAsParameterExtractor .getSigType(request), PdfAsParameterExtractor.getPreProcessorMap(request), - PdfAsParameterExtractor.getOverwriteMap(request)); + PdfAsParameterExtractor.getOverwriteMap(request), dynamicSignatureBlockArguments); return; } else if (connector.equals("jks") || connector.equals("moa")) { // start synchronous siganture creation @@ -432,8 +434,8 @@ public class ExternSignServlet extends HttpServlet { } } - byte[] pdfSignedData = PdfAsHelper.synchornousSignature(request, - response, pdfData); + byte[] pdfSignedData = PdfAsHelper.synchronousSignature(request, + response, pdfData, dynamicSignatureBlockArguments); PdfAsHelper.setSignedPdf(request, response, pdfSignedData); statisticEvent.setStatus(Status.OK); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java index 13d874e8..641c09e7 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java @@ -1,9 +1,7 @@ package at.gv.egiz.pdfas.web.servlets; import at.gv.egiz.pdfas.api.ws.PDFASSignParameters; -import at.gv.egiz.pdfas.api.ws.PDFASSignRequest; import at.gv.egiz.pdfas.api.ws.PDFASSignResponse; -import at.gv.egiz.pdfas.api.ws.VerificationLevel; import at.gv.egiz.pdfas.common.exceptions.PDFASError; import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter; import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; @@ -15,10 +13,9 @@ import at.gv.egiz.pdfas.web.helper.JSONStartResponse; import at.gv.egiz.pdfas.web.helper.PdfAsHelper; import at.gv.egiz.pdfas.web.stats.StatisticEvent; import at.gv.egiz.pdfas.web.stats.StatisticFrontend; -import at.gv.egiz.pdfas.web.store.RequestStore; import org.apache.commons.codec.binary.Base64; import org.apache.commons.io.IOUtils; -import org.json.HTTP; +import org.json.JSONArray; import org.json.JSONObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -27,9 +24,8 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.xml.ws.WebServiceException; -import java.io.BufferedReader; import java.io.IOException; +import java.util.HashMap; import java.util.List; import java.util.Map; @@ -49,7 +45,7 @@ public class JSONAPIServlet extends HttpServlet { private static final String JSON_DATAURL = "dataUrl"; private static final String JSON_BKUURL = "bkuUrl"; private static final String JSON_SLREQUEST = "slRequest"; - + private static final String JSON_SBP = "sbp"; private static final Logger logger = LoggerFactory.getLogger(JSONAPIServlet.class); @Override @@ -139,16 +135,32 @@ public class JSONAPIServlet extends HttpServlet { parameters.setPosition(position); parameters.setProfile(profile); + Map<String, String> signatureBlockParametersMap = new HashMap<>(); + try { + JSONArray jsonArray = jsonObject.getJSONArray(JSON_SBP); + if (jsonArray != null) { + for (int i = 0; i < jsonArray.length(); i++) { + String s = jsonArray.getString(0); + if (!s.contains("=")) {//TODO or pass as map? + throw new Exception("Invalid parameter: " + s); + } + String[] values = s.split("=", 2); + signatureBlockParametersMap.put(values[0], values[1]); + } + } + }catch(Exception e){ + e.printStackTrace(); + } if (PDFASSignParameters.Connector.MOA.equals(connectorEnum) || PDFASSignParameters.Connector.JKS.equals(connectorEnum)) { // Plain server based signatures!! - PDFASSignResponse pdfasSignResponse = PdfAsHelper.synchornousServerSignature( - inputDocument, parameters); + PDFASSignResponse pdfasSignResponse = PdfAsHelper.synchronousServerSignature( + inputDocument, parameters, signatureBlockParametersMap); VerifyResult verifyResult = null; List<VerifyResult> verResults = PdfAsHelper - .synchornousVerify( + .synchronousVerify( pdfasSignResponse.getSignedPDF(), -1, VerifyParameter.SignatureVerificationLevel.INTEGRITY_ONLY_VERIFICATION, diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PlaceholderGeneratorServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PlaceholderGeneratorServlet.java index 5f2dc95c..6e80fad8 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PlaceholderGeneratorServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PlaceholderGeneratorServlet.java @@ -73,9 +73,11 @@ public class PlaceholderGeneratorServlet extends HttpServlet implements Placehol String filename = "placeholder"; if(id != null && !id.isEmpty()) { - id = id.replaceAll("[^a-zA-Z0-9]", "_"); - buildString = buildString + ";" + SignaturePlaceholderData.ID_KEY + "=" + id; - filename = filename + "_" + id; + id = id.replaceAll("[^0-9]", ""); + if(id != null && !id.isEmpty()) { + buildString = buildString + ";" + SignaturePlaceholderData.ID_KEY + "=" + id; + filename = filename + "_" + id; + } } if(profile != null && !profile.isEmpty()) { diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/UIEntryPointServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/UIEntryPointServlet.java index 73f8299c..664dd9b3 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/UIEntryPointServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/UIEntryPointServlet.java @@ -174,13 +174,15 @@ public class UIEntryPointServlet extends HttpServlet { overwrite = pdfAsRequest.getParameters().getOverrides() .getMap(); } + //TODO alex + Map<String, String> dynamicSignatureBlockArguments = pdfAsRequest.getSignatureBlockParameters(); PdfAsHelper.startSignature(req, resp, getServletContext(), pdfAsRequest.getInputData(), connector.toString(), pdfAsRequest.getParameters().getPosition(), pdfAsRequest.getParameters().getTransactionId(), pdfAsRequest.getParameters().getProfile(), map, - overwrite); + overwrite, dynamicSignatureBlockArguments); } else { throw new PdfAsWebException("Invalid connector (" + Connector.BKU + " | " + Connector.ONLINEBKU + " | " diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java index a8beffeb..bc5f2e2d 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java @@ -304,7 +304,7 @@ public class VerifyServlet extends HttpServlet { logger.debug("Format: " + format); - List<VerifyResult> results = PdfAsHelper.synchornousVerify(pdfData, -1, lvl, + List<VerifyResult> results = PdfAsHelper.synchronousVerify(pdfData, -1, lvl, PdfAsParameterExtractor.getPreProcessorMap(request)); PdfAsHelper.setVerificationResult(request, results); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java index f850c5ae..531abdf1 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java @@ -104,15 +104,16 @@ public class PDFASSigningImpl implements PDFASSigning { || request.getParameters().getConnector() .equals(Connector.JKS)) { // Plain server based signatures!! - response = PdfAsHelper.synchornousServerSignature( - request.getInputData(), request.getParameters()); + response = PdfAsHelper.synchronousServerSignature( + request.getInputData(), request.getParameters(), request.getSignatureBlockParameters()); + VerifyResult verifyResult = null; if (request.getVerificationLevel() != null && request.getVerificationLevel().equals( VerificationLevel.FULL_CERT_PATH)) { List<VerifyResult> verResults = PdfAsHelper - .synchornousVerify( + .synchronousVerify( response.getSignedPDF(), -1, SignatureVerificationLevel.FULL_VERIFICATION, @@ -125,7 +126,7 @@ public class PDFASSigningImpl implements PDFASSigning { verifyResult = verResults.get(verResults.size() - 1); } else { List<VerifyResult> verResults = PdfAsHelper - .synchornousVerify( + .synchronousVerify( response.getSignedPDF(), -1, SignatureVerificationLevel.INTEGRITY_ONLY_VERIFICATION, diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASVerificationImpl.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASVerificationImpl.java index bfdc3bd3..b1bca4ba 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASVerificationImpl.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASVerificationImpl.java @@ -71,7 +71,7 @@ public class PDFASVerificationImpl implements PDFASVerification { statisticEvent.setProfileId(null); statisticEvent.setDevice(request.getVerificationLevel().toString()); - List<VerifyResult> results = PdfAsHelper.synchornousVerify( + List<VerifyResult> results = PdfAsHelper.synchronousVerify( request.getInputData(), sigIdx, lvl, preProcessor); for(int i = 0; i < results.size(); i++) { diff --git a/pdf-as-web/src/main/webapp/WEB-INF/web.xml b/pdf-as-web/src/main/webapp/WEB-INF/web.xml index 9b69c983..7920ad91 100644 --- a/pdf-as-web/src/main/webapp/WEB-INF/web.xml +++ b/pdf-as-web/src/main/webapp/WEB-INF/web.xml @@ -31,7 +31,22 @@ <param-value>*</param-value> </init-param> </filter> - + <!-- A filter that sets character encoding that is used to decode --> + <!-- parameters in a POST request --> + <filter> + <filter-name>setCharacterEncodingFilter</filter-name> + <filter-class>org.apache.catalina.filters.SetCharacterEncodingFilter</filter-class> + <init-param> + <param-name>encoding</param-name> + <param-value>UTF-8</param-value> + </init-param> + </filter> + + <!-- The mapping for the Set Character Encoding Filter --> + <filter-mapping> + <filter-name>setCharacterEncodingFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <!-- filter-mapping> <filter-name>sitemesh</filter-name> diff --git a/pdf-as-web/src/main/webapp/index.jsp b/pdf-as-web/src/main/webapp/index.jsp index c07b2cc0..9007d62a 100644 --- a/pdf-as-web/src/main/webapp/index.jsp +++ b/pdf-as-web/src/main/webapp/index.jsp @@ -2,11 +2,14 @@ <%@page import="at.gv.egiz.pdfas.web.helper.PdfAsHelper"%> <html> <head> -<title>PDF-Signatur</title> + <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> + <title>PDF-Signatur</title> </head> <body> - <form action="Sign" method="POST" - enctype="multipart/form-data"> + +<form action="Sign" method="POST" enctype="multipart/form-data" > + + <input name="utf8" type="hidden" value="✓" /> <input type="hidden" name="source" id="source" value="internal" /> <input type="file" name="pdf-file" id="pdf-file" accept="application/pdf"> <% @@ -24,6 +27,12 @@ <img src="assets/img/localBKU.png" /> <button type="submit" value="bku" name="connector" id="bku">Lokale BKU </button> +<!-- + <label for="ab">SBP keyA</label> + <input type="text" id="ab" name="sbp:keyA"> + <label for="abc">SBP keyB</label> + <input type="text" id="abc" name="sbp:keyB"> + --> <% } %> |