From b0003ddc4bebc411c5a3296bf5f172b80b443525 Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Wed, 14 May 2014 11:39:11 +0200 Subject: Added Verification functionality, + some Log Level fixes --- .../egiz/pdfas/web/servlets/ExternSignServlet.java | 6 +- .../web/servlets/PDFSignatureCertificateData.java | 94 ++++++++++++++++++++++ .../egiz/pdfas/web/servlets/PDFSignatureData.java | 90 +++++++++++++++++++++ .../gv/egiz/pdfas/web/servlets/VerifyServlet.java | 87 +++++++++++++++++--- 4 files changed, 261 insertions(+), 16 deletions(-) create mode 100644 pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java create mode 100644 pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets') diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java index ac22f6c8..153a69fe 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java @@ -84,8 +84,7 @@ public class ExternSignServlet extends HttpServlet { //PdfAsHelper.regenerateSession(request); - System.out.println("Get signing request"); - logger.info("Get signing request"); + logger.debug("Get signing request"); String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request); PdfAsHelper.setErrorURL(request, response, errorUrl); @@ -119,8 +118,7 @@ public class ExternSignServlet extends HttpServlet { //PdfAsHelper.regenerateSession(request); - System.out.println("Post signing request"); - logger.info("Post signing request"); + logger.debug("Post signing request"); String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request); PdfAsHelper.setErrorURL(request, response, errorUrl); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java new file mode 100644 index 00000000..69386478 --- /dev/null +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureCertificateData.java @@ -0,0 +1,94 @@ +package at.gv.egiz.pdfas.web.servlets; + +import java.io.IOException; +import java.io.OutputStream; +import java.security.cert.CertificateEncodingException; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; +import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; +import at.gv.egiz.pdfas.web.helper.PdfAsHelper; + +public class PDFSignatureCertificateData extends HttpServlet { + + private static final long serialVersionUID = 1L; + + private static final Logger logger = LoggerFactory + .getLogger(PDFSignatureCertificateData.class); + + public static final String SIGN_ID = "SIGID"; + + /** + * @see HttpServlet#HttpServlet() + */ + public PDFSignatureCertificateData() { + super(); + } + + /** + * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse + * response) + */ + protected void doGet(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + this.process(request, response); + } + + /** + * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse + * response) + */ + protected void doPost(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + this.process(request, response); + } + + protected void process(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + try { + if(request.getParameter(SIGN_ID) == null) { + throw new PdfAsException("Missing Parameter"); + } + + String sigID = request.getParameter(SIGN_ID); + + int id = Integer.parseInt(sigID); + + List vResult = PdfAsHelper + .getVerificationResult(request); + + if (id < vResult.size()) { + VerifyResult res = vResult.get(id); + + response.setHeader( + "Content-Disposition", + "inline;filename=cert_" + id + ".cer"); + response.setContentType("application/pkix-cert"); + OutputStream os = response.getOutputStream(); + os.write(res.getSignerCertificate().getEncoded()); + os.close(); + } else { + logger.error("Verification CERT not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId()); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } + } catch (NumberFormatException e) { + logger.error("Verification CERT not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId()); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } catch (PdfAsException e) { + logger.error("Verification CERT not found:", e); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } catch (CertificateEncodingException e) { + logger.error("Verification CERT invalid:", e); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } + } + +} diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java new file mode 100644 index 00000000..a4cee36f --- /dev/null +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/PDFSignatureData.java @@ -0,0 +1,90 @@ +package at.gv.egiz.pdfas.web.servlets; + +import java.io.IOException; +import java.io.OutputStream; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; +import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; +import at.gv.egiz.pdfas.web.helper.PdfAsHelper; + +public class PDFSignatureData extends HttpServlet { + + private static final long serialVersionUID = 1L; + + private static final Logger logger = LoggerFactory + .getLogger(PDFSignatureData.class); + + public static final String SIGN_ID = "SIGID"; + + /** + * @see HttpServlet#HttpServlet() + */ + public PDFSignatureData() { + super(); + } + + /** + * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse + * response) + */ + protected void doGet(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + this.process(request, response); + } + + /** + * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse + * response) + */ + protected void doPost(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + this.process(request, response); + } + + protected void process(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + try { + if(request.getParameter(SIGN_ID) == null) { + throw new PdfAsException("Missing Parameter"); + } + + String sigID = request.getParameter(SIGN_ID); + + int id = Integer.parseInt(sigID); + + List vResult = PdfAsHelper + .getVerificationResult(request); + + if (id < vResult.size()) { + VerifyResult res = vResult.get(id); + + response.setHeader( + "Content-Disposition", + "inline;filename=signed_data_" + id + ".pdf"); + response.setContentType("application/pdf"); + OutputStream os = response.getOutputStream(); + os.write(res.getSignatureData()); + os.close(); + } else { + logger.error("Verification DATA not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId()); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } + } catch (NumberFormatException e) { + logger.error("Verification DATA not found! for id " + request.getParameter(SIGN_ID) + " in session " + request.getSession().getId()); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } catch (PdfAsException e) { + logger.error("Verification DATA not found:", e); + response.sendError(HttpServletResponse.SC_NOT_FOUND); + } + } + +} diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java index 42a5175a..912e6efc 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/VerifyServlet.java @@ -23,8 +23,11 @@ ******************************************************************************/ package at.gv.egiz.pdfas.web.servlets; +import iaik.x509.X509Certificate; + import java.io.File; import java.io.IOException; +import java.io.OutputStream; import java.util.List; import javax.servlet.ServletException; @@ -39,6 +42,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.gv.egiz.pdfas.common.exceptions.PdfAsException; +import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; import at.gv.egiz.pdfas.web.exception.PdfAsWebException; import at.gv.egiz.pdfas.web.helper.PdfAsHelper; import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor; @@ -51,7 +55,7 @@ public class VerifyServlet extends HttpServlet { private static final long serialVersionUID = 1L; private static final Logger logger = LoggerFactory - .getLogger(ExternSignServlet.class); + .getLogger(VerifyServlet.class); private static final String UPLOAD_PDF_DATA = "pdf-file"; private static final String UPLOAD_DIRECTORY = "upload"; @@ -72,7 +76,7 @@ public class VerifyServlet extends HttpServlet { */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - System.out.println("Get verify request"); + logger.info("Get verify request"); String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request); @@ -91,7 +95,8 @@ public class VerifyServlet extends HttpServlet { byte[] pdfData = RemotePDFFetcher.fetchPdfFile(pdfUrl); doVerify(request, response, pdfData); - } catch (Exception e) { + } catch (Throwable e) { + logger.error("Generic Error: ", e); PdfAsHelper.setSessionException(request, response, e.getMessage(), e); PdfAsHelper.gotoError(getServletContext(), request, response); @@ -105,8 +110,7 @@ public class VerifyServlet extends HttpServlet { protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - System.out.println("Post signing request"); - logger.info("Post signing request"); + logger.info("Post verify request"); String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request); PdfAsHelper.setErrorURL(request, response, errorUrl); @@ -225,7 +229,8 @@ public class VerifyServlet extends HttpServlet { } doVerify(request, response, filecontent); - } catch (Exception e) { + } catch (Throwable e) { + logger.error("Generic Error: ", e); PdfAsHelper.setSessionException(request, response, e.getMessage(), e); PdfAsHelper.gotoError(getServletContext(), request, response); @@ -234,9 +239,11 @@ public class VerifyServlet extends HttpServlet { protected void doVerify(HttpServletRequest request, HttpServletResponse response, byte[] pdfData) throws Exception { - throw new Exception(""); - /*List results = PdfAsHelper.synchornousVerify(request, + logger.debug("doVerify"); + logger.info("Starting verification of pdf dokument"); + + List results = PdfAsHelper.synchornousVerify(request, response, pdfData); PdfAsHelper.setVerificationResult(request, results); @@ -245,11 +252,36 @@ public class VerifyServlet extends HttpServlet { // Put these results into the web page // Or create a JSON response with the verification results for automated // processing + + StringBuilder sb = new StringBuilder(); + + sb.append(""); + sb.append("

Verification Results for: " + PdfAsHelper.getPDFFileName(request) + "

"); + sb.append(""); + + sb.append(""); + + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + + sb.append(""); + for (int i = 0; i < results.size(); i++) { VerifyResult result = results.get(i); - + sb.append(""); + + sb.append(""); + if (result.isVerificationDone()) { - + sb.append(""); int certCode = result.getCertificateCheck().getCode(); String certMessage = result.getCertificateCheck().getMessage(); @@ -259,11 +291,42 @@ public class VerifyServlet extends HttpServlet { Exception e = result.getVerificationException(); X509Certificate cert = result.getSignerCertificate(); - byte[] data = result.getSignatureData(); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + if(e != null) { + sb.append(""); + } else { + sb.append(""); + } + sb.append(""); + sb.append(""); + } else { + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); + sb.append(""); } - }*/ + + + sb.append(""); + } + sb.append("
SignatureProcessedSigned ByCert CodeCert MessageValue CodeValue MessageErrorCertificateSigned Data
" + i + "YES" + cert.getSubjectDN().getName() + "" + certCode + "" + certMessage + "" + valueCode + "" + valueMessage + "" + e.getMessage() + "-herehereNO--------
"); + sb.append(""); + + response.setContentType("text/html"); + OutputStream os = response.getOutputStream(); + os.write(sb.toString().getBytes()); + os.close(); } } -- cgit v1.2.3