KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sourceforge > jcetaglib > taglib > crypto > VerifySignature


1 /*
2   Name: VerifySignature.java
3   Licensing: LGPL
4
5   API: Sun (http://java.sun.com) JCE 1.2.2 API (cleanroom implementation by Bouncy Castle)
6   Provider: Bouncy Castle (http://www.bouncycastle.org)
7
8   Disclaimer:
9
10   COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND,
11   EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE
12   IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE
13   RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE
14   PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR)
15   ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY
16   CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED CODE IS AUTHORIZED
17   HEREUNDER EXCEPT UNDER THIS DISCLAIMER.
18 */
19
20 package net.sourceforge.jcetaglib.taglib.crypto;
21
22 import net.sourceforge.jcetaglib.lib.CertTools;
23 import net.sourceforge.jcetaglib.lib.Clean;
24 import net.sourceforge.jcetaglib.lib.Signatures;
25 import net.sourceforge.jcetaglib.lib.X509Cert;
26
27 import javax.servlet.jsp.JspException JavaDoc;
28 import javax.servlet.jsp.JspWriter JavaDoc;
29 import javax.servlet.jsp.PageContext JavaDoc;
30 import javax.servlet.jsp.tagext.BodyTagSupport JavaDoc;
31 import java.io.ByteArrayInputStream JavaDoc;
32 import java.io.IOException JavaDoc;
33 import java.io.InputStream JavaDoc;
34 import java.security.PublicKey JavaDoc;
35 import java.security.cert.X509Certificate JavaDoc;
36
37 /**
38  * JSP tag used for verifying SIG (signatures) of strings and files
39  *
40  * @jsp.tag
41  * name="verifysignature"
42  * display-name="VerifySignature"
43  * body-content="JSP"
44  * example="
45  * <%-- Verifies a signature and prints 'true' or 'false'--%>

46  * <jce:verifysignature

47  * 	signature=\"UxJjY1cIKa0ZYzqI=\" 

48  * 	pemfile=\"c:/keystores/cert.pem\">

49  * Please generate a SIG</jce:verifysignature>"
50  *
51  * description="JSP tag used for verifying SIG (signatures) of strings and files"
52  *
53  * @author Gert Van Ham
54  * @author hamgert@users.sourceforge.net
55  * @author http://jcetaglib.sourceforge.net
56  * @version $Id: VerifySignature.java,v 1.5 2004/04/15 07:28:36 hamgert Exp $
57  */
58 public class VerifySignature extends BodyTagSupport JavaDoc {
59
60     private static final String JavaDoc PAGE = "page";
61     private static final String JavaDoc REQUEST = "request";
62     private static final String JavaDoc SESSION = "session";
63     private static final String JavaDoc APPLICATION = "application";
64
65     private StringBuffer JavaDoc value; // tag attribute
66 private String JavaDoc var; // tag attribute
67 private int scope = PageContext.PAGE_SCOPE; // tag attribute
68
69     private String JavaDoc signame = "RIPEMD160WithRSA/ISO9796-2"; // tag attribute
70 private StringBuffer JavaDoc signature; // tag attribute
71 private String JavaDoc file; // tag attribute
72
73     /* Attributes for X.509 keystore */
74
75     // P12 keystore...
76 private String JavaDoc storefile; // tag attribute
77 private String JavaDoc storeentry; // tag attribute
78 private StringBuffer JavaDoc storepassword; // tag attribute
79
80     // ... OR PEM string
81 private String JavaDoc pemstring; // tag attribute
82
83     // ... OR PEM file
84 private String JavaDoc pemfile; // tag attribute
85
86     private StringBuffer JavaDoc input; // what we'll store in scope:var
87 private StringBuffer JavaDoc output; // return text
88
89     public static int getScope(String JavaDoc scope) {
90         int ret = PageContext.PAGE_SCOPE; // default
91
92         if (REQUEST.equalsIgnoreCase(scope))
93             ret = PageContext.REQUEST_SCOPE;
94         else if (SESSION.equalsIgnoreCase(scope))
95             ret = PageContext.SESSION_SCOPE;
96         else if (APPLICATION.equalsIgnoreCase(scope))
97             ret = PageContext.APPLICATION_SCOPE;
98         else if (PAGE.equalsIgnoreCase(scope))
99             ret = PageContext.PAGE_SCOPE;
100
101         return ret;
102     } //getScope()
103
104     public int doEndTag() throws JspException JavaDoc {
105         boolean ret;
106
107         // determine the value by...
108 if (value != null) {
109             // ... reading our attribute
110 input = value;
111         } else {
112             // ... retrieving and trimming our body
113 if (bodyContent == null || bodyContent.getString() == null) {
114                 input = new StringBuffer JavaDoc("");
115             } else {
116                 input = new StringBuffer JavaDoc(bodyContent.getString().trim());
117             }
118         }
119
120         X509Certificate JavaDoc cert = null;
121         PublicKey JavaDoc verifyKey;
122
123         try {
124             // Retrieve the private key (for signing) from one of the three possible keystores
125 if (storefile == null || storefile == "") {
126                 if (pemfile == null || pemfile == "") {
127                     // use PEM string
128 InputStream JavaDoc pemstream = new ByteArrayInputStream JavaDoc(pemstring.getBytes());
129                     cert = CertTools.getCertfromPEM(pemstream);
130                 } else {
131                     // use PEM store
132 cert = CertTools.getCertfromPEM(pemfile);
133                 }
134             } else {
135                 // use PKCS #12 keystore
136 cert = X509Cert.getCertificateFromP12(storefile, storeentry, storepassword);
137             }
138         } catch (Exception JavaDoc e) {
139             throw new JspException JavaDoc("JCE Exception - keystore could not be loaded: " + e.getMessage(), e);
140         }
141
142         // get the public key from the certificate
143 verifyKey = cert.getPublicKey();
144
145         try {
146             if (file != null) {
147                 ret = Signatures.verifyFileSIG(file, signature, verifyKey, signame);
148             } else {
149                 ret = Signatures.verifySIG(input, signature, verifyKey, signame);
150             }
151         } catch (Exception JavaDoc e) {
152             throw new JspException JavaDoc("JCE Exception: " + e.toString(), e);
153         }
154
155         if (ret) {
156             output = new StringBuffer JavaDoc("true");
157         } else {
158             output = new StringBuffer JavaDoc("false");
159         }
160
161         // decide what to do with the result
162 if (var != null) {
163             if (output != null) {
164                 pageContext.setAttribute(var, output, scope);
165             }
166         } else {
167             if (bodyContent != null) {
168                 bodyContent.clearBody();
169             }
170
171             try {
172                 JspWriter JavaDoc w = pageContext.getOut();
173                 w.print(output);
174             } catch (IOException JavaDoc ex) {
175                 throw new JspException JavaDoc(ex.getMessage(), ex);
176             }
177         }
178
179         return EVAL_PAGE;
180     } // doEndTag()
181
182     public void release() {
183         // Cleanup all sensitive information
184 Clean.blank(value);
185         Clean.blank(storepassword);
186         Clean.blank(signature);
187         Clean.blank(input);
188         Clean.blank(output);
189
190         super.release();
191     } //release()
192
193
194     /**
195      * @jsp.attribute
196      * description="Optional attribute, the string to verify the SIG from. The body of the tag will be taken if omitted"
197      * type="java.lang.StringBuffer"
198      * required="false"
199      * rtexprvalue="true"
200      */
201     public void setValue(StringBuffer JavaDoc value) {
202         this.value = value;
203     }
204
205     public StringBuffer JavaDoc getValue() {
206         return value;
207     }
208
209     /**
210      * @jsp.attribute
211      * description="Optional attribute, variable to store the 'true' if the signature was succesfully verified, 'false' if not. 'true' or 'false' will be printed if omitted"
212      * type="java.lang.String"
213      * required="false"
214      * rtexprvalue="false"
215      */
216     public void setVar(String JavaDoc var) {
217         this.var = var;
218     }
219
220     public String JavaDoc getVar() {
221         return var;
222     }
223
224     /**
225      * @jsp.attribute
226      * description="Scope of the 'var' attribute. Can be 'page', 'session', 'request' or 'application'. Default is 'page'"
227      * type="java.lang.String"
228      * required="false"
229      * rtexprvalue="false"
230      */
231     public void setScope(String JavaDoc scope) {
232         this.scope = getScope(scope);
233     }
234
235     /**
236      * @jsp.attribute
237      * description="The signature (in BASE64 format)"
238      * type="java.lang.String"
239      * required="true"
240      * rtexprvalue="true"
241      */
242     public void setSignature(StringBuffer JavaDoc signature) {
243         this.signature = signature;
244     }
245
246     /**
247      * @jsp.attribute
248      * description="The signature algorithm. Default is 'RIPEMD160WithRSA/ISO9796-2'"
249      * type="java.lang.String"
250      * required="false"
251      * rtexprvalue="true"
252      */
253     public void setSigname(String JavaDoc signame) {
254         this.signame = signame;
255     }
256
257     /**
258      * @jsp.attribute
259      * description="Verifies a SIG from a file instead of a string"
260      * type="java.lang.String"
261      * required="false"
262      * rtexprvalue="true"
263      */
264     public void setFile(String JavaDoc file) {
265         this.file = file;
266     }
267
268     /**
269      * @jsp.attribute
270      * description="The PKCS#12 (P12) keystore where the sender's certificate (public key) is stored"
271      * type="java.lang.String"
272      * required="true"
273      * rtexprvalue="true"
274      */
275     public void setStorefile(String JavaDoc storefile) {
276         this.storefile = storefile;
277     }
278
279     /**
280      * @jsp.attribute
281      * description="The PKCS#12 (P12) keystore entry name for sender's certificate/public key"
282      * type="java.lang.String"
283      * required="true"
284      * rtexprvalue="true"
285      */
286     public void setStoreentry(String JavaDoc storeentry) {
287         this.storeentry = storeentry;
288     }
289
290     /**
291      * @jsp.attribute
292      * description="The PKCS#12 (P12) keystore password"
293      * type="java.lang.StringBuffer"
294      * required="true"
295      * rtexprvalue="true"
296      */
297     public void setStorepassword(StringBuffer JavaDoc storepassword) {
298         this.storepassword = storepassword;
299     }
300
301     /**
302      * @jsp.attribute
303      * description="The sender's certificate stored in a PEM file"
304      * type="java.lang.String"
305      * required="false"
306      * rtexprvalue="true"
307      */
308     public void setPemfile(String JavaDoc pemfile) {
309         this.pemfile = pemfile;
310     }
311
312     /**
313      * @jsp.attribute
314      * description="The sender's certificate as a PEM formatted string"
315      * type="java.lang.String"
316      * required="false"
317      * rtexprvalue="true"
318      */
319     public void setPemstring(String JavaDoc pemstring) {
320         this.pemstring = pemstring;
321     }
322
323 }
Popular Tags