KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sourceforge > jcetaglib > taglib > crypto > DecryptAndVerifyHMAC


1 /*
2   Name: DecryptAndVerifyHMAC.java
3   Licensing: LGPL
4
5   API: Sun (http://java.sun.com) JCE 1.2.2 API (cleanroom implementation by Bouncy Castle)
6   Provider: Bouncy Castle (http://www.bouncycastle.org)
7
8   Disclaimer:
9
10   COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND,
11   EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE
12   IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE
13   RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE
14   PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR)
15   ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY
16   CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED CODE IS AUTHORIZED
17   HEREUNDER EXCEPT UNDER THIS DISCLAIMER.
18 */
19
20 package net.sourceforge.jcetaglib.taglib.crypto;
21
22 import net.sourceforge.jcetaglib.lib.Clean;
23 import net.sourceforge.jcetaglib.lib.Hybrid;
24 import net.sourceforge.jcetaglib.lib.X509Cert;
25
26 import javax.servlet.jsp.JspException JavaDoc;
27 import javax.servlet.jsp.JspWriter JavaDoc;
28 import javax.servlet.jsp.PageContext JavaDoc;
29 import javax.servlet.jsp.tagext.BodyTagSupport JavaDoc;
30 import java.io.IOException JavaDoc;
31 import java.security.PrivateKey JavaDoc;
32
33 /**
34  * JSP tag used for decrypting data & verify MAC
35  *
36  * @jsp.tag
37  * name="decryptandverifyhmac"
38  * display-name="DecryptAndVerifyHMAC"
39  * body-content="JSP"
40  * example="
41  * <jce:decryptandverifyhmac

42  * 	var=\"decrypted\"

43  * 	scope=\"page\"

44  * 	storefile=\"C:/keystores/alice.p12\"

45  * 	storeentry=\"user\"

46  * 	storepassword=\"<%= new StringBuffer(\"password\") %>\"/>"
47  *
48  * description="JSP tag used for decrypting data & verify MAC"
49  *
50  * @author Gert Van Ham
51  * @author hamgert@users.sourceforge.net
52  * @author http://jcetaglib.sourceforge.net
53  * @version $Id: DecryptAndVerifyHMAC.java,v 1.5 2004/04/15 07:28:35 hamgert Exp $
54  */
55 public class DecryptAndVerifyHMAC extends BodyTagSupport JavaDoc {
56     private static final String JavaDoc PAGE = "page";
57     private static final String JavaDoc REQUEST = "request";
58     private static final String JavaDoc SESSION = "session";
59     private static final String JavaDoc APPLICATION = "application";
60
61     private StringBuffer JavaDoc value; // tag attribute
62 private String JavaDoc var; // tag attribute
63 private int scope = PageContext.PAGE_SCOPE; // tag attribute
64
65     private String JavaDoc file; // tag attribute
66 private String JavaDoc newfile; // tag attribute
67
68     private String JavaDoc algorithm = "AES"; // tag attribute
69 private String JavaDoc mode = "CBC"; // tag attribute
70 private String JavaDoc padding = "PKCS7Padding"; // tag attribute
71
72     // P12 keystore...
73 private String JavaDoc storefile; // tag attribute
74 private String JavaDoc storeentry; // tag attribute
75 private StringBuffer JavaDoc storepassword; // tag attribute
76
77     private StringBuffer JavaDoc input; // what we'll store in scope:var
78 private StringBuffer JavaDoc output; // return text
79
80     public static int getScope(String JavaDoc scope) {
81         int ret = PageContext.PAGE_SCOPE; // default
82
83         if (REQUEST.equalsIgnoreCase(scope))
84             ret = PageContext.REQUEST_SCOPE;
85         else if (SESSION.equalsIgnoreCase(scope))
86             ret = PageContext.SESSION_SCOPE;
87         else if (APPLICATION.equalsIgnoreCase(scope))
88             ret = PageContext.APPLICATION_SCOPE;
89         else if (PAGE.equalsIgnoreCase(scope))
90             ret = PageContext.PAGE_SCOPE;
91
92         return ret;
93     } //getScope()
94
95     public int doEndTag() throws JspException JavaDoc {
96         PrivateKey JavaDoc privKey = null;
97
98         // determine the value by...
99 if (value != null) {
100             // ... reading our attribute
101 input = value;
102         } else {
103             // ... retrieving and trimming our body
104 if (bodyContent == null || bodyContent.getString() == null) {
105                 input = new StringBuffer JavaDoc("");
106             } else {
107                 input = new StringBuffer JavaDoc(bodyContent.getString().trim());
108             }
109         }
110
111         // retrieve the receiver's private key for decryption
112 try {
113             privKey = X509Cert.getPrivateFromP12(storefile, storeentry, storepassword);
114         } catch (Exception JavaDoc e) {
115             throw new JspException JavaDoc("JCE Exception - keystore could not be loaded: " + e.getMessage(), e);
116         }
117
118         // decrypt
119 try {
120             if (file != null) {
121                 Hybrid.decryptFileAndVerifyHMAC(file
122                         , newfile
123                         , privKey
124                         , algorithm
125                         , mode
126                         , padding);
127             } else {
128                 output = Hybrid.decryptAndVerifyHMAC(input
129                         , privKey
130                         , algorithm
131                         , mode
132                         , padding);
133             }
134         } catch (Exception JavaDoc e) {
135             throw new JspException JavaDoc("JCE Exception: " + e.getMessage(), e);
136         }
137
138         // decide what to do with the result
139 if (var != null) {
140             if (output != null) {
141                 pageContext.setAttribute(var, output, scope);
142             }
143         } else {
144             if (file == null || file == "") {
145                 if (bodyContent != null) {
146                     bodyContent.clearBody();
147                 }
148
149                 try {
150                     JspWriter JavaDoc w = pageContext.getOut();
151                     w.print(output);
152                 } catch (IOException JavaDoc ex) {
153                     throw new JspException JavaDoc(ex.getMessage(), ex);
154                 }
155             }
156         }
157
158         privKey = null;
159
160         return EVAL_PAGE;
161     }
162
163     public void release() {
164         // Cleanup all sensitive information
165 Clean.blank(value);
166         Clean.blank(storepassword);
167         Clean.blank(input);
168         Clean.blank(output);
169
170         super.release();
171     } //release()
172
173     /**
174      * @jsp.attribute
175      * description="Optional attribute, the string to decrypt. The body of the tag will be taken if omitted"
176      * type="java.lang.StringBuffer"
177      * required="false"
178      * rtexprvalue="true"
179      */
180     public void setValue(StringBuffer JavaDoc value) {
181         this.value = value;
182     }
183
184     public StringBuffer JavaDoc getValue() {
185         return value;
186     }
187
188     /**
189      * @jsp.attribute
190      * description="Optional attribute, variable to store the decrypted string. The string will be printed if omitted"
191      * type="java.lang.String"
192      * required="false"
193      * rtexprvalue="false"
194      */
195     public void setVar(String JavaDoc var) {
196         this.var = var;
197     }
198
199     public String JavaDoc getVar() {
200         return var;
201     }
202
203     /**
204      * @jsp.attribute
205      * description="Scope of the 'var' attribute. Can be 'page', 'session', 'request' or 'application'. Default is 'page'"
206      * type="java.lang.String"
207      * required="false"
208      * rtexprvalue="false"
209      */
210     public void setScope(String JavaDoc scope) {
211         this.scope = getScope(scope);
212     }
213
214     /**
215      * @jsp.attribute
216      * description="The key algorithm. Default is AES"
217      * type="java.lang.String"
218      * required="false"
219      * rtexprvalue="true"
220      */
221     public void setAlgorithm(String JavaDoc algorithm) {
222         this.algorithm = algorithm;
223     }
224
225     /**
226      * @jsp.attribute
227      * description="Encryption mode. Default is 'CBC'"
228      * type="java.lang.String"
229      * required="false"
230      * rtexprvalue="true"
231      */
232     public void setMode(String JavaDoc mode) {
233         this.mode = mode;
234     }
235
236     /**
237      * @jsp.attribute
238      * description="Padding scheme. Default is 'PKCS7Padding'"
239      * type="java.lang.String"
240      * required="false"
241      * rtexprvalue="true"
242      */
243     public void setPadding(String JavaDoc padding) {
244         this.padding = padding;
245     }
246
247     /**
248      * @jsp.attribute
249      * description="The PKCS#12 (P12) keystore where the private key is stored."
250      * type="java.lang.String"
251      * required="true"
252      * rtexprvalue="true"
253      */
254     public void setStorefile(String JavaDoc storefile) {
255         this.storefile = storefile;
256     }
257
258     /**
259      * @jsp.attribute
260      * description="The PKCS#12 (P12) keystore entry name for private key"
261      * type="java.lang.String"
262      * required="true"
263      * rtexprvalue="true"
264      */
265     public void setStoreentry(String JavaDoc storeentry) {
266         this.storeentry = storeentry;
267     }
268
269     /**
270      * @jsp.attribute
271      * description="The PKCS#12 (P12) keystore password"
272      * type="java.lang.StringBuffer"
273      * required="true"
274      * rtexprvalue="true"
275      */
276     public void setStorepassword(StringBuffer JavaDoc storepassword) {
277         this.storepassword = storepassword;
278     }
279
280     /**
281      * @jsp.attribute
282      * description="Decrypts a file instead of a string"
283      * type="java.lang.String"
284      * required="false"
285      * rtexprvalue="true"
286      */
287     public void setFile(String JavaDoc file) {
288         this.file = file;
289     }
290
291     /**
292      * @jsp.attribute
293      * description="File(name) to store the decrypted data "
294      * type="java.lang.String"
295      * required="false"
296      * rtexprvalue="true"
297      */
298     public void setNewfile(String JavaDoc newfile) {
299         this.newfile = newfile;
300     }
301 }
Popular Tags