From db5abe4d7e9d7fa1a2b1e412d7ad65af37eff0fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Ce=C4=BEuch?= Date: Thu, 16 Jan 2025 17:03:52 +0100 Subject: [PATCH 1/6] add session timeout --- .../slovensko/autogram/core/Autogram.java | 29 +++++++++++++++++++ .../digital/slovensko/autogram/ui/UI.java | 2 ++ .../slovensko/autogram/ui/cli/CliUI.java | 5 ++++ .../slovensko/autogram/ui/gui/GUI.java | 7 +++-- 4 files changed, 41 insertions(+), 2 deletions(-) diff --git a/src/main/java/digital/slovensko/autogram/core/Autogram.java b/src/main/java/digital/slovensko/autogram/core/Autogram.java index 37ca78fa..50a285e2 100644 --- a/src/main/java/digital/slovensko/autogram/core/Autogram.java +++ b/src/main/java/digital/slovensko/autogram/core/Autogram.java @@ -14,6 +14,8 @@ import java.io.File; import java.util.List; +import java.util.Timer; +import java.util.TimerTask; import java.util.concurrent.ExecutorService; import java.util.concurrent.ScheduledExecutorService; import java.util.function.Consumer; @@ -24,6 +26,7 @@ public class Autogram { /** Current batch, should be null if no batch was started yet */ private Batch batch = null; private final PasswordManager passwordManager; + private Timer tokenSessionTimer = null; public Autogram(UI ui, UserSettings settings) { this.ui = ui; @@ -93,6 +96,8 @@ public void startVisualization(SigningJob job) { private void signCommonAndThen(SigningJob job, SigningKey signingKey, Consumer callback) { try { job.signWithKeyAndRespond(signingKey); + resetTokenSessionTimer(); + if (batch == null || batch.isEnded() || batch.isAllProcessed()) passwordManager.reset(); @@ -214,6 +219,7 @@ private void fetchKeysAndThen(TokenDriver driver, Consumer callback) try { var token = driver.createToken(passwordManager, settings); var keys = token.getKeys(); + resetTokenSessionTimer(); ui.onUIThreadDo( () -> ui.pickKeyAndThen(keys, driver, (privateKey) -> callback.accept(new SigningKey(token, privateKey)))); @@ -266,4 +272,27 @@ public TSPSource getTspSource() { public boolean isPlainXmlEnabled() { return settings.isPlainXmlEnabled(); } + + private void stopTokenSessionTimer() { + if (tokenSessionTimer == null) + return; + + tokenSessionTimer.cancel(); + } + + private void startTokenSessionTimer() { + var timerTask = new TimerTask() { + @Override + public void run() { + ui.resetSigningKey(); + } + }; + tokenSessionTimer = new Timer(); + tokenSessionTimer.schedule(timerTask, 5 * 60 * 1000); + } + + private void resetTokenSessionTimer() { + stopTokenSessionTimer(); + startTokenSessionTimer(); + } } diff --git a/src/main/java/digital/slovensko/autogram/ui/UI.java b/src/main/java/digital/slovensko/autogram/ui/UI.java index 0f29eebe..c8caa154 100644 --- a/src/main/java/digital/slovensko/autogram/ui/UI.java +++ b/src/main/java/digital/slovensko/autogram/ui/UI.java @@ -60,4 +60,6 @@ public interface UI { char[] getContextSpecificPassword(); public void updateBatch(); + + void resetSigningKey(); } diff --git a/src/main/java/digital/slovensko/autogram/ui/cli/CliUI.java b/src/main/java/digital/slovensko/autogram/ui/cli/CliUI.java index 1bc721e1..fa21f292 100644 --- a/src/main/java/digital/slovensko/autogram/ui/cli/CliUI.java +++ b/src/main/java/digital/slovensko/autogram/ui/cli/CliUI.java @@ -280,4 +280,9 @@ public char[] getContextSpecificPassword() { public void updateBatch() { // TODO: no usage for this in CLI UI } + + @Override + public void resetSigningKey() { + activeKey = null; + } } diff --git a/src/main/java/digital/slovensko/autogram/ui/gui/GUI.java b/src/main/java/digital/slovensko/autogram/ui/gui/GUI.java index 79f00e41..4ad3aa49 100644 --- a/src/main/java/digital/slovensko/autogram/ui/gui/GUI.java +++ b/src/main/java/digital/slovensko/autogram/ui/gui/GUI.java @@ -15,7 +15,6 @@ import digital.slovensko.autogram.drivers.TokenDriver; import digital.slovensko.autogram.ui.BatchUiResult; import digital.slovensko.autogram.ui.UI; -import eu.europa.esig.dss.enumerations.KeyUsageBit; import eu.europa.esig.dss.token.DSSPrivateKeyEntry; import javafx.application.HostServices; import javafx.application.Platform; @@ -500,8 +499,12 @@ public void disableSigning() { batchController.disableSigning(); } + @Override public void resetSigningKey() { - setActiveSigningKeyAndThen(null, null); + onUIThreadDo(()->{ + setActiveSigningKeyAndThen(null, null); + refreshKeyOnAllJobs(); + }); } public void cancelJob(SigningJob job) { From 1ffa31fceaae0ceef3d6e81e3fe9299687c6a6da Mon Sep 17 00:00:00 2001 From: Jan Suchal Date: Thu, 16 Jan 2025 20:55:31 +0100 Subject: [PATCH 2/6] Fix tests --- src/test/java/digital/slovensko/autogram/AutogramTests.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/test/java/digital/slovensko/autogram/AutogramTests.java b/src/test/java/digital/slovensko/autogram/AutogramTests.java index 11587f3b..5c712ab4 100644 --- a/src/test/java/digital/slovensko/autogram/AutogramTests.java +++ b/src/test/java/digital/slovensko/autogram/AutogramTests.java @@ -309,6 +309,11 @@ public void onSignatureCheckCompleted(ValidationReports wrapper) { public void updateBatch() { } + + @Override + public void resetSigningKey() { + + } } private class TestSettings extends UserSettings { From a0f0761a7257215caa9e0d6ee8bf54e56c54a78b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Ce=C4=BEuch?= Date: Fri, 17 Jan 2025 15:20:38 +0100 Subject: [PATCH 3/6] add token session timeout setting --- .../slovensko/autogram/core/Autogram.java | 2 +- .../slovensko/autogram/core/UserSettings.java | 14 +++++++++ .../ui/gui/SettingsDialogController.java | 12 ++++++++ .../autogram/ui/gui/settings-dialog.fxml | 29 +++++++++++++++---- 4 files changed, 50 insertions(+), 7 deletions(-) diff --git a/src/main/java/digital/slovensko/autogram/core/Autogram.java b/src/main/java/digital/slovensko/autogram/core/Autogram.java index 50a285e2..bd5e91a3 100644 --- a/src/main/java/digital/slovensko/autogram/core/Autogram.java +++ b/src/main/java/digital/slovensko/autogram/core/Autogram.java @@ -288,7 +288,7 @@ public void run() { } }; tokenSessionTimer = new Timer(); - tokenSessionTimer.schedule(timerTask, 5 * 60 * 1000); + tokenSessionTimer.schedule(timerTask, settings.getTokenSessionTimeout() * 60 * 1000); } private void resetTokenSessionTimer() { diff --git a/src/main/java/digital/slovensko/autogram/core/UserSettings.java b/src/main/java/digital/slovensko/autogram/core/UserSettings.java index 7c55f57d..61c5687c 100644 --- a/src/main/java/digital/slovensko/autogram/core/UserSettings.java +++ b/src/main/java/digital/slovensko/autogram/core/UserSettings.java @@ -33,6 +33,7 @@ public class UserSettings implements PasswordManagerSettings, SignatureTokenSett private String customTsaServer; private boolean bulkEnabled; private int pdfDpi; + private long tokenSessionTimeout; public static UserSettings load() { var prefs = Preferences.userNodeForPackage(UserSettings.class); @@ -56,6 +57,7 @@ public static UserSettings load() { settings.setCustomTsaServer(prefs.get("CUSTOM_TSA_SERVER", "")); settings.setTsaEnabled(prefs.getBoolean("TSA_ENABLE", false)); settings.setPdfDpi(prefs.getInt("PDF_DPI", 100)); + settings.setTokenSessionTimeout(prefs.getLong("TOKEN_SESSION_TIMEOUT", 5)); return settings; } @@ -81,6 +83,7 @@ public void save() { prefs.put("CUSTOM_TSA_SERVER", customTsaServer); prefs.putBoolean("TSA_ENABLE", tsaEnabled); prefs.putInt("PDF_DPI", pdfDpi); + prefs.putLong("TOKEN_SESSION_TIMEOUT", tokenSessionTimeout); } private void setSignatureType(String signatureType) { @@ -285,4 +288,15 @@ public int getPdfDpi() { public void setPdfDpi(int value) { pdfDpi = value; } + + public long getTokenSessionTimeout() { + return tokenSessionTimeout; + } + + public void setTokenSessionTimeout(long value) { + if (value <= 0) + return; + + tokenSessionTimeout = value; + } } diff --git a/src/main/java/digital/slovensko/autogram/ui/gui/SettingsDialogController.java b/src/main/java/digital/slovensko/autogram/ui/gui/SettingsDialogController.java index 085191af..c06b6ef9 100644 --- a/src/main/java/digital/slovensko/autogram/ui/gui/SettingsDialogController.java +++ b/src/main/java/digital/slovensko/autogram/ui/gui/SettingsDialogController.java @@ -33,6 +33,8 @@ public class SettingsDialogController { @FXML private HBox plainXmlEnabledRadios; @FXML + private TextField tokenSessionTimeoutTextField; + @FXML private ChoiceBox driverChoiceBox; @FXML private VBox trustedCountriesList; @@ -76,6 +78,7 @@ public void initialize() { initializeBulkEnabledCheckbox(); initializeEn319132CheckBox(); initializePlainXmlEnabledCheckBox(); + initializeTokenSessionTimeoutTextField(); initializeCorrectDocumentDisplayCheckBox(); initializeSignatureValidationCheckBox(); initializeCheckPDFAComplianceCheckBox(); @@ -297,6 +300,15 @@ private void initializeCustomKeystoreSettings() { }); } + private void initializeTokenSessionTimeoutTextField() { + tokenSessionTimeoutTextField.setTextFormatter(new TextFormatter <> (change -> change.getControlNewText().matches("[0-9]*") ? change : null)); + tokenSessionTimeoutTextField.setText(String.valueOf(userSettings.getTokenSessionTimeout())); + tokenSessionTimeoutTextField.setOnKeyTyped((e) -> { + if (!tokenSessionTimeoutTextField.getText().isEmpty()) + userSettings.setTokenSessionTimeout(Long.parseLong(tokenSessionTimeoutTextField.getText())); + }); + } + public void onSaveButtonAction() { userSettings.save(); var stage = (Stage) saveButton.getScene().getWindow(); diff --git a/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml b/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml index 18b3b009..b4e11676 100644 --- a/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml +++ b/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml @@ -150,19 +150,17 @@ - Použitie nového štandardu + Čas pre odpojenie podpisového certifikátu - Podpisovanie štandardom ETSI EN 319 132 a ETSI EN 319 122. - Pozor, systémy verejnej správy tento štandard väčšinou nepodporujú. + Po koľkých minútach nečinnosti bude podpisový certifikát odpojený. - - + + @@ -183,6 +181,25 @@ styleClass="autogram-smaller-radio-buttons" /> + + + + + Použitie nového štandardu + + + + + Podpisovanie štandardom ETSI EN 319 132 a ETSI EN 319 122. + Pozor, systémy verejnej správy tento štandard väčšinou nepodporujú. + + + + + + + From fa7151b726e40a2fcb6a11c9c386fc000a3fca6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Ce=C4=BEuch?= Date: Fri, 17 Jan 2025 15:32:36 +0100 Subject: [PATCH 4/6] update token session timeout info text --- .../digital/slovensko/autogram/ui/gui/settings-dialog.fxml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml b/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml index b4e11676..8cfee546 100644 --- a/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml +++ b/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml @@ -150,12 +150,12 @@ - Čas pre odpojenie podpisového certifikátu + Automatické odpojenie pri nečinnosti - Po koľkých minútach nečinnosti bude podpisový certifikát odpojený. + Po koľkých minútach nečinnosti bude s kartou zrušené spojenie. From 23aaad46b1fc563107adfc2c5560cf2199c8d6b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Ce=C4=BEuch?= Date: Fri, 17 Jan 2025 15:47:27 +0100 Subject: [PATCH 5/6] make number input smaller --- src/main/resources/digital/slovensko/autogram/ui/gui/idsk.css | 4 ++++ .../digital/slovensko/autogram/ui/gui/settings-dialog.fxml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/main/resources/digital/slovensko/autogram/ui/gui/idsk.css b/src/main/resources/digital/slovensko/autogram/ui/gui/idsk.css index 29da7ab4..3c2a31db 100644 --- a/src/main/resources/digital/slovensko/autogram/ui/gui/idsk.css +++ b/src/main/resources/digital/slovensko/autogram/ui/gui/idsk.css @@ -696,6 +696,10 @@ TextFlow.autogram-body-s { -fx-pref-width: 20.25em; } +.autogram-textfield-container--width-3 > TextField { + -fx-pref-width: 3.75em; +} + .autogram-dropdown { -fx-cursor: hand; diff --git a/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml b/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml index 8cfee546..89c58250 100644 --- a/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml +++ b/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml @@ -159,7 +159,7 @@ - + From dbcc179d61e77013652ddfdeb3b49e21c4fff29d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Ce=C4=BEuch?= Date: Fri, 17 Jan 2025 17:09:57 +0100 Subject: [PATCH 6/6] rename style class --- .../resources/digital/slovensko/autogram/ui/gui/idsk.css | 9 ++++----- .../slovensko/autogram/ui/gui/settings-dialog.fxml | 4 ++-- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/src/main/resources/digital/slovensko/autogram/ui/gui/idsk.css b/src/main/resources/digital/slovensko/autogram/ui/gui/idsk.css index 3c2a31db..7e1789e4 100644 --- a/src/main/resources/digital/slovensko/autogram/ui/gui/idsk.css +++ b/src/main/resources/digital/slovensko/autogram/ui/gui/idsk.css @@ -279,6 +279,10 @@ -fx-font-size: 1.1875em; } +.autogram-input--width-3 { + -fx-max-width: 3.75em; +} + .autogram-input:hover { -fx-cursor: text; } @@ -696,11 +700,6 @@ TextFlow.autogram-body-s { -fx-pref-width: 20.25em; } -.autogram-textfield-container--width-3 > TextField { - -fx-pref-width: 3.75em; -} - - .autogram-dropdown { -fx-cursor: hand; -fx-alignment: center-left; diff --git a/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml b/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml index 89c58250..685495a3 100644 --- a/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml +++ b/src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml @@ -159,8 +159,8 @@ - - + +