From 55d708efe16aa409665537dfc3647e9fe4bb669e Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 23 Jul 2018 08:42:08 +0200 Subject: fix a small bug in session handling --- .../src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas') diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java index 4b776cb3..6eb80650 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java @@ -1141,8 +1141,7 @@ public class PdfAsHelper { SL20Constants.SL20_PAYLOAD, SL20Constants.SL20_SIGNEDPAYLOAD, command, signedCommand); - //store requestId - + //store requestId request.getSession(false).setAttribute(PDF_SESSION_PREFIX + SL20Constants.SL20_REQID, reqId); //forward SL2.0 command @@ -1224,7 +1223,7 @@ public class PdfAsHelper { } else { JsonObject getCertCommand = SL20JSONBuilderUtils.createCommand(SL20Constants.SL20_COMMAND_IDENTIFIER_CREATE_SIG_CADES, createCAdESSigParams); - sl20CreateCAdES = SL20JSONBuilderUtils.createGenericRequest(UUID.randomUUID().toString(), null, getCertCommand, null); + sl20CreateCAdES = SL20JSONBuilderUtils.createGenericRequest(reqId, null, getCertCommand, null); } -- cgit v1.2.3 From e5f2601e931594572f88bb402343e39023dab939 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 25 Jul 2018 08:06:36 +0200 Subject: update to SL2.0 v0.61 fix a bug in SL2.0 impl for createCAdES --- .../at/gv/egiz/pdfas/web/helper/PdfAsHelper.java | 31 +++++++++++++++++++--- 1 file changed, 27 insertions(+), 4 deletions(-) (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas') diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java index 6eb80650..75249e78 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java @@ -60,6 +60,8 @@ import org.apache.http.entity.ContentType; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; import com.google.gson.JsonObject; import at.gv.egiz.pdfas.api.ws.PDFASSignParameters; @@ -67,6 +69,7 @@ import at.gv.egiz.pdfas.api.ws.PDFASSignParameters.Connector; import at.gv.egiz.pdfas.api.ws.PDFASSignResponse; import at.gv.egiz.pdfas.api.ws.PDFASVerificationResponse; import at.gv.egiz.pdfas.common.exceptions.PDFASError; +import at.gv.egiz.pdfas.common.utils.PDFUtils; import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource; import at.gv.egiz.pdfas.lib.api.Configuration; import at.gv.egiz.pdfas.lib.api.IConfigurationConstants; @@ -1190,9 +1193,24 @@ public class PdfAsHelper { } else if (slConnector instanceof SL20Connector) { //convert byte range - List byteRanges = new ArrayList(); - for (int el : statusRequest.getSignatureDataByteRange()) - byteRanges.add(String.valueOf(el)); + + int[] exclude_range = PDFUtils.buildExcludeRange(statusRequest.getSignatureDataByteRange()); + logger.info("Exclude Byte Range: " + exclude_range[0] + " " + exclude_range[1]); + + List byteRanges = new ArrayList(); + if (statusRequest.getSignatureDataByteRange().length % 2 != 0) { + logger.warn("ByteRange is not a set of pairs. Something is maybe suspect"); + + } + + for (int i=0; i Date: Thu, 26 Jul 2018 11:23:47 +0200 Subject: add logger on trace level for request/response debugging --- .../src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java | 2 ++ .../main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java | 6 ++++-- .../main/java/at/gv/egiz/pdfas/web/sl20/SL20HttpBindingUtils.java | 1 + 3 files changed, 7 insertions(+), 2 deletions(-) (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas') diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java index 75249e78..1cef0796 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java @@ -1805,6 +1805,8 @@ public class PdfAsHelper { redirectTwoCommand, null); + logger.trace("SL2.0 command: " + respContainer.toString()); + //workaround for A-Trust if (request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE) != null && request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE).equals(SL20Constants.HTTP_HEADER_VALUE_NATIVE) diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java index 7ddf0a55..31f5a2ef 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/SLDataURLServlet.java @@ -93,7 +93,7 @@ public class SLDataURLServlet extends HttpServlet { } - logger.trace("Received SL2.0 result: " + sl20Result); + logger.trace("Received SL2.0 command: " + sl20Result); //parse SL2.0 command/result into JSON try { @@ -144,6 +144,8 @@ public class SLDataURLServlet extends HttpServlet { //extract payloaf JsonObject payLoad = payLoadContainer.getPayload(); + logger.trace("SL2.0 payLoad on DataURL: " + payLoad.toString()); + //check response type if (SL20JSONExtractorUtils.getStringValue( payLoad, SL20Constants.SL20_COMMAND_CONTAINER_NAME, true) @@ -175,7 +177,7 @@ public class SLDataURLServlet extends HttpServlet { List sortedCerts = X509Utils.sortCertificates(certs); logger.debug("Sorting of certificate completed. Select end-user certificate ... "); - PdfAsHelper.injectCertificate(request, response, Base64.getDecoder().decode(sortedCerts.get(0).getEncoded()), getServletContext()); + PdfAsHelper.injectCertificate(request, response, sortedCerts.get(0).getEncoded(), getServletContext()); } diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/SL20HttpBindingUtils.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/SL20HttpBindingUtils.java index f5d6ff55..e43ebfcf 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/SL20HttpBindingUtils.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/sl20/SL20HttpBindingUtils.java @@ -21,6 +21,7 @@ public class SL20HttpBindingUtils { public static void writeIntoResponse(HttpServletRequest request, HttpServletResponse response, JsonObject sl20Forward, String redirectURL) throws IOException, URISyntaxException { //forward SL2.0 command + log.trace("SL20 command: " + sl20Forward.toString()); if (request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE) != null && request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE).equals(SL20Constants.HTTP_HEADER_VALUE_NATIVE)) { log.debug("Client request containts 'native client' header ... "); -- cgit v1.2.3