From 8b69a68f80ce64da4bc68f9d03a17113d48a0599 Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Tue, 15 Jul 2014 18:50:42 +0200 Subject: Verify per SOAP Service --- .../at/gv/egiz/pdfas/api/ws/PDFASVerification.java | 17 +++ .../gv/egiz/pdfas/api/ws/PDFASVerifyRequest.java | 56 +++++++++ .../gv/egiz/pdfas/api/ws/PDFASVerifyResponse.java | 27 +++++ .../at/gv/egiz/pdfas/api/ws/PDFASVerifyResult.java | 126 +++++++++++++++++++++ .../gv/egiz/pdfas/web/client/RemotePDFSigner.java | 3 - .../egiz/pdfas/web/client/RemotePDFVerifier.java | 35 ++++++ .../pdfas/web/helper/PdfAsParameterExtractor.java | 24 ++++ .../egiz/pdfas/web/ws/PDFASVerificationImpl.java | 125 ++++++++++++++++++++ 8 files changed, 410 insertions(+), 3 deletions(-) create mode 100644 pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerification.java create mode 100644 pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyRequest.java create mode 100644 pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyResponse.java create mode 100644 pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyResult.java create mode 100644 pdf-as-web-client/src/main/java/at/gv/egiz/pdfas/web/client/RemotePDFVerifier.java create mode 100644 pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASVerificationImpl.java diff --git a/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerification.java b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerification.java new file mode 100644 index 00000000..edc6f22e --- /dev/null +++ b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerification.java @@ -0,0 +1,17 @@ +package at.gv.egiz.pdfas.api.ws; + +import javax.jws.WebMethod; +import javax.jws.WebParam; +import javax.jws.WebResult; +import javax.jws.WebService; +import javax.jws.soap.SOAPBinding; +import javax.jws.soap.SOAPBinding.Style; + +@WebService +@SOAPBinding(style = Style.RPC) +public interface PDFASVerification { + @WebMethod(operationName = "verify") + @WebResult(name="verifyResponse") + public PDFASVerifyResponse verifyPDFDokument(@WebParam(name = "verifyRequest") PDFASVerifyRequest request); + +} diff --git a/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyRequest.java b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyRequest.java new file mode 100644 index 00000000..7167e921 --- /dev/null +++ b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyRequest.java @@ -0,0 +1,56 @@ +package at.gv.egiz.pdfas.api.ws; + +import java.io.Serializable; + +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlType; + +@XmlType(name="VerifyRequest") +public class PDFASVerifyRequest implements Serializable { + + /** + * + */ + private static final long serialVersionUID = 8159503247524085992L; + + String requestID; + byte[] inputData; + VerificationLevel verificationLevel; + Integer sigIdx; + + @XmlElement(required = true, nillable = false, name="requestID") + public String getRequestID() { + return requestID; + } + + public void setRequestID(String requestID) { + this.requestID = requestID; + } + + @XmlElement(required = false, nillable = true, name="verificationLevel") + public VerificationLevel getVerificationLevel() { + return verificationLevel; + } + + public void setVerificationLevel(VerificationLevel verificationLevel) { + this.verificationLevel = verificationLevel; + } + + @XmlElement(required = true, nillable = false, name="inputData") + public byte[] getInputData() { + return inputData; + } + + public void setInputData(byte[] inputData) { + this.inputData = inputData; + } + + @XmlElement(required = false, nillable = true, name="signatureIndex") + public Integer getSignatureIndex() { + return sigIdx; + } + + public void setSignatureIndex(Integer sigIdx) { + this.sigIdx = sigIdx; + } +} diff --git a/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyResponse.java b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyResponse.java new file mode 100644 index 00000000..defb05f5 --- /dev/null +++ b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyResponse.java @@ -0,0 +1,27 @@ +package at.gv.egiz.pdfas.api.ws; + +import java.io.Serializable; +import java.util.List; + +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlType; + +@XmlType(name="VerifyResponse") +public class PDFASVerifyResponse implements Serializable { + + /** + * + */ + private static final long serialVersionUID = -1984406533559692943L; + + List verifyResults; + + @XmlElement(required = true, nillable = false, name="verifyResults") + public List getVerifyResults() { + return verifyResults; + } + + public void setVerifyResults(List verifyResults) { + this.verifyResults = verifyResults; + } +} diff --git a/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyResult.java b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyResult.java new file mode 100644 index 00000000..6744af4a --- /dev/null +++ b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/api/ws/PDFASVerifyResult.java @@ -0,0 +1,126 @@ +package at.gv.egiz.pdfas.api.ws; + +import java.io.Serializable; + +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlType; + +@XmlType(name="VerifyResult") +public class PDFASVerifyResult implements Serializable { + + /** + * + */ + private static final long serialVersionUID = -1984406533559692943L; + + String requestID; + int signatureIndex; + boolean processed; + String signedBy; + int certificateCode; + String certificateMessage; + int valueCode; + String valueMessage; + String error; + String certificate; + String signedData; + + @XmlElement(required = true, nillable = false, name="requestID") + public String getRequestID() { + return requestID; + } + + public void setRequestID(String requestID) { + this.requestID = requestID; + } + + @XmlElement(required = true, nillable = false, name="processed") + public boolean getProcessed() { + return processed; + } + + public void setProcessed(boolean processed) { + this.processed = processed; + } + + @XmlElement(required = true, nillable = false, name="signatureIndex") + public int getSignatureIndex() { + return signatureIndex; + } + + public void setSignatureIndex(int signatureIndex) { + this.signatureIndex = signatureIndex; + } + + @XmlElement(required = true, nillable = false, name="signedBy") + public String getSignedBy() { + return signedBy; + } + + public void setSignedBy(String signedBy) { + this.signedBy = signedBy; + } + + @XmlElement(required = true, nillable = false, name="certificateCode") + public int getCertificateCode() { + return certificateCode; + } + + public void setCertificateCode(int certificateCode) { + this.certificateCode = certificateCode; + } + + @XmlElement(required = true, nillable = false, name="certificateMessage") + public String getCertificateMessage() { + return certificateMessage; + } + + public void setCertificateMessage(String certificateMessage) { + this.certificateMessage = certificateMessage; + } + + @XmlElement(required = true, nillable = false, name="valueCode") + public int getValueCode() { + return valueCode; + } + + public void setValueCode(int valueCode) { + this.valueCode = valueCode; + } + + @XmlElement(required = true, nillable = false, name="valueMessage") + public String getValueMessage() { + return valueMessage; + } + + public void setValueMessage(String valueMessage) { + this.valueMessage = valueMessage; + } + + @XmlElement(required = true, nillable = false, name="error") + public String getError() { + return error; + } + + public void setError(String error) { + this.error = error; + } + + @XmlElement(required = true, nillable = false, name="certificate") + public String getCertificate() { + return certificate; + } + + public void setCertificate(String certificate) { + this.certificate = certificate; + } + + @XmlElement(required = true, nillable = false, name="signedData") + public String getSignedData() { + return signedData; + } + + public void setSignedData(String signedData) { + this.signedData = signedData; + } +} diff --git a/pdf-as-web-client/src/main/java/at/gv/egiz/pdfas/web/client/RemotePDFSigner.java b/pdf-as-web-client/src/main/java/at/gv/egiz/pdfas/web/client/RemotePDFSigner.java index 8906a980..e65cf98a 100644 --- a/pdf-as-web-client/src/main/java/at/gv/egiz/pdfas/web/client/RemotePDFSigner.java +++ b/pdf-as-web-client/src/main/java/at/gv/egiz/pdfas/web/client/RemotePDFSigner.java @@ -32,20 +32,17 @@ import javax.xml.ws.soap.SOAPBinding; import at.gv.egiz.pdfas.api.ws.PDFASBulkSignRequest; import at.gv.egiz.pdfas.api.ws.PDFASBulkSignResponse; -import at.gv.egiz.pdfas.api.ws.PDFASSignParameters; import at.gv.egiz.pdfas.api.ws.PDFASSignRequest; import at.gv.egiz.pdfas.api.ws.PDFASSignResponse; import at.gv.egiz.pdfas.api.ws.PDFASSigning; public class RemotePDFSigner implements PDFASSigning { - private URL urlEndpoint; private Service service; private PDFASSigning proxy; public RemotePDFSigner(URL endpoint, boolean useMTOM) { - this.urlEndpoint = endpoint; QName qname = new QName("http://ws.web.pdfas.egiz.gv.at/", "PDFASSigningImplService"); service = Service.create(endpoint, qname); diff --git a/pdf-as-web-client/src/main/java/at/gv/egiz/pdfas/web/client/RemotePDFVerifier.java b/pdf-as-web-client/src/main/java/at/gv/egiz/pdfas/web/client/RemotePDFVerifier.java new file mode 100644 index 00000000..25561577 --- /dev/null +++ b/pdf-as-web-client/src/main/java/at/gv/egiz/pdfas/web/client/RemotePDFVerifier.java @@ -0,0 +1,35 @@ +package at.gv.egiz.pdfas.web.client; + +import java.net.URL; + +import javax.xml.namespace.QName; +import javax.xml.ws.BindingProvider; +import javax.xml.ws.Service; +import javax.xml.ws.soap.SOAPBinding; + +import at.gv.egiz.pdfas.api.ws.PDFASVerification; +import at.gv.egiz.pdfas.api.ws.PDFASVerifyRequest; +import at.gv.egiz.pdfas.api.ws.PDFASVerifyResponse; + +public class RemotePDFVerifier implements PDFASVerification { + + private Service service; + + private PDFASVerification proxy; + + public RemotePDFVerifier(URL endpoint, boolean useMTOM) { + QName qname = new QName("http://ws.web.pdfas.egiz.gv.at/", + "PDFASVerificationImplService"); + service = Service.create(endpoint, qname); + + proxy = service.getPort(PDFASVerification.class); + + BindingProvider bp = (BindingProvider) proxy; + SOAPBinding binding = (SOAPBinding) bp.getBinding(); + binding.setMTOMEnabled(useMTOM); + } + + public PDFASVerifyResponse verifyPDFDokument(PDFASVerifyRequest request) { + return proxy.verifyPDFDokument(request); + } +} diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java index 23335268..017eabb2 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java @@ -33,6 +33,13 @@ public class PdfAsParameterExtractor { public static final String PARAM_TRANSACTION_ID = "transactionId"; public static final String PARAM_CONNECTOR_DEFAULT = "bku"; + public static final String PARAM_FORMAT = "format"; + public static final String PARAM_HTML = "html"; + public static final String PARAM_JSON = "json"; + + public static final String[] AVAILABLE_FORMATS = new String[] { + PARAM_HTML, PARAM_JSON + }; public static final String PARAM_INVOKE_URL = "invoke-app-url"; public static final String PARAM_INVOKE_URL_TARGET = "invoke-app-url-target"; @@ -88,6 +95,23 @@ public class PdfAsParameterExtractor { return (String)request.getAttribute(PARAM_INVOKE_URL_TARGET); } + public static String getFormat(HttpServletRequest request) { + String format = (String)request.getAttribute(PARAM_FORMAT); + + String finalFormat = null; + for(int i = 0; i < AVAILABLE_FORMATS.length; i++) { + if(AVAILABLE_FORMATS[i].equals(format)) { + finalFormat = AVAILABLE_FORMATS[i]; + } + } + + if(finalFormat == null) { + finalFormat = PARAM_HTML; + } + + return finalFormat; + } + public static String getInvokeErrorURL(HttpServletRequest request) { String url = (String)request.getAttribute(PARAM_INVOKE_URL_ERROR); return url; diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASVerificationImpl.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASVerificationImpl.java new file mode 100644 index 00000000..c6fb8cd7 --- /dev/null +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASVerificationImpl.java @@ -0,0 +1,125 @@ +package at.gv.egiz.pdfas.web.ws; + +import iaik.x509.X509Certificate; + +import java.util.ArrayList; +import java.util.List; + +import javax.jws.WebService; +import javax.xml.ws.WebServiceException; +import javax.xml.ws.soap.MTOM; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.pdfas.api.ws.PDFASVerification; +import at.gv.egiz.pdfas.api.ws.PDFASVerifyRequest; +import at.gv.egiz.pdfas.api.ws.PDFASVerifyResponse; +import at.gv.egiz.pdfas.api.ws.PDFASVerifyResult; +import at.gv.egiz.pdfas.api.ws.VerificationLevel; +import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter.SignatureVerificationLevel; +import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; +import at.gv.egiz.pdfas.web.config.WebConfiguration; +import at.gv.egiz.pdfas.web.helper.PdfAsHelper; + +@MTOM +@WebService(endpointInterface = "at.gv.egiz.pdfas.api.ws.PDFASVerification") +public class PDFASVerificationImpl implements PDFASVerification { + + private static final Logger logger = LoggerFactory + .getLogger(PDFASVerificationImpl.class); + + public PDFASVerifyResponse verifyPDFDokument(PDFASVerifyRequest request) { + checkSoapVerifyEnabled(); + if (request == null) { + logger.warn("SOAP Verify Request is null!"); + return null; + } + + PDFASVerifyResponse response = new PDFASVerifyResponse(); + response.setVerifyResults(new ArrayList()); + try { + int sigIdx = -1; + if (request.getSignatureIndex() != null) { + sigIdx = request.getSignatureIndex().intValue(); + } + + SignatureVerificationLevel lvl = SignatureVerificationLevel.INTEGRITY_ONLY_VERIFICATION; + + if (request.getVerificationLevel().equals( + VerificationLevel.INTEGRITY_ONLY)) { + lvl = SignatureVerificationLevel.INTEGRITY_ONLY_VERIFICATION; + } else if (request.getVerificationLevel().equals( + VerificationLevel.FULL_CERT_PATH)) { + lvl = SignatureVerificationLevel.FULL_VERIFICATION; + } + + List results = PdfAsHelper.synchornousVerify( + request.getInputData(), sigIdx, lvl); + + for(int i = 0; i < results.size(); i++) { + VerifyResult result = results.get(i); + + PDFASVerifyResult webResult = new PDFASVerifyResult(); + + X509Certificate cert = (X509Certificate) result + .getSignerCertificate(); + + int certCode = result.getCertificateCheck().getCode(); + String certMessage = result.getCertificateCheck().getMessage(); + + int valueCode = result.getValueCheckCode().getCode(); + String valueMessage = result.getValueCheckCode().getMessage(); + + Exception e = result.getVerificationException(); + + webResult.setRequestID(request.getRequestID()); + webResult.setSignatureIndex(i); + webResult.setProcessed(result.isVerificationDone()); + + if (result.isVerificationDone()) { + webResult.setSignedBy(cert.getSubjectDN().getName()); + webResult.setCertificateCode(certCode); + webResult.setCertificateMessage(certMessage); + + webResult.setValueCode(valueCode); + webResult.setValueMessage(valueMessage); + if (e != null) { + webResult.setError(e.getMessage()); + } + webResult.setCertificate("signCert?SIGID=" + i); + webResult.setSignedData("signData?SIGID=" + i); + } else { + webResult.setSignedBy(""); + webResult.setCertificateCode(certCode); + webResult.setCertificateMessage(certMessage); + + webResult.setCertificateCode(valueCode); + webResult.setCertificateMessage(valueMessage); + if (e != null) { + webResult.setError(e.getMessage()); + } + webResult.setCertificate(""); + webResult.setSignedData(""); + } + + response.getVerifyResults().add(webResult); + } + } catch (Exception e) { + logger.error("Failed to verify PDF", e); + if (WebConfiguration.isShowErrorDetails()) { + throw new WebServiceException("Generic Error", e); + } else { + throw new WebServiceException("Server Verification failed."); + } + } + return response; + } + + private void checkSoapVerifyEnabled() { + if (!WebConfiguration.getSoapVerifyEnabled()) { + throw new WebServiceException("Service disabled!"); + } + } + +} -- cgit v1.2.3