/*
* Copyright 2013 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.juddi.gui.dsig;
import java.io.File;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.List;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.swing.JOptionPane;
import javax.xml.bind.JAXB;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import netscape.javascript.JSObject;
//import netscape.javascript.JSObject;
import org.apache.juddi.v3.client.cryptor.DigSigUtil;
import org.uddi.api_v3.BindingTemplate;
import org.uddi.api_v3.BusinessEntity;
import org.uddi.api_v3.BusinessService;
import org.uddi.api_v3.TModel;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.ls.DOMImplementationLS;
import org.w3c.dom.ls.LSSerializer;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
/**
* Provides a Java web applet that digitally signs UDDI xml. This class
* provides the most basic code for signing and was more of a proof of concept
* @deprecated XmlSigApplet2 instead
* @see XmlSigApplet2
* @author <a href="mailto:alexoree@apache.org">Alex O'Ree</a>
*/
public class XmlSignatureApplet extends java.applet.Applet {
private static final long serialVersionUID = 1L;
/**
* Initializes the applet XmlSignatureApplet
*/
public void init() {
try {
java.awt.EventQueue.invokeAndWait(new Runnable() {
public void run() {
initComponents();
}
});
} catch (Exception ex) {
ex.printStackTrace();
}
setupCertificates();
}
private XMLSignatureFactory initXMLSigFactory() {
XMLSignatureFactory fac = XMLSignatureFactory.getInstance();
return fac;
}
private Reference initReference(XMLSignatureFactory fac) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
List transformers = new ArrayList();
transformers.add(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null));
// String dm = map.getProperty(SIGNATURE_OPTION_DIGEST_METHOD);
//if (dm == null) {
String dm = DigestMethod.SHA1;
//}
Reference ref = fac.newReference("", fac.newDigestMethod(dm, null), transformers, null, null);
return ref;
}
private SignedInfo initSignedInfo(XMLSignatureFactory fac) throws Exception {
Reference ref = initReference(fac);
SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE,
(C14NMethodParameterSpec) null),
fac.newSignatureMethod(SignatureMethod.RSA_SHA1,
null),
Collections.singletonList(ref));
return si;
}
private static Document stringToDom(String xmlSource)
throws SAXException, ParserConfigurationException, IOException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
DocumentBuilder builder = factory.newDocumentBuilder();
return builder.parse(new InputSource(new StringReader(xmlSource)));
}
private String sign(String xml) throws Exception {
//DOMResult domResult = new DOMResult();
//JAXB.marshal(jaxbObj, domResult);
Document doc = stringToDom(xml);
Element docElement = doc.getDocumentElement();
// KeyStore.PrivateKeyEntry keyEntry = null;
// keyEntry= keyStore.getKey((String)jList1.getSelectedValue(), null);
// keyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry((String) jList1.getSelectedValue(), null);
PrivateKey key = (PrivateKey) keyStore.getKey((String) jList1.getSelectedValue(), null);
// PrivateKey privateKey = keyStore.getKey((String)jList1.getSelectedValue(),null);
Certificate origCert = keyStore.getCertificate((String) jList1.getSelectedValue());
//PublicKey validatingKey = origCert.getPublicKey();
this.signDOM(docElement, key, origCert);
// DOMSource domSource = new DOMSource(doc);
return getStringFromDoc(doc);
}
/**
* this converts a xml document to a string for writing back to the browser
* @param doc
* @return string
*/
public String getStringFromDoc(org.w3c.dom.Document doc) {
DOMImplementationLS domImplementation = (DOMImplementationLS) doc.getImplementation();
LSSerializer lsSerializer = domImplementation.createLSSerializer();
lsSerializer.getDomConfig().setParameter("xml-declaration", false);
//lsSerializer.getDomConfig().setParameter("xml-declaration", false);
return lsSerializer.writeToString(doc);
}
KeyStore keyStore = null;
KeyStore firefox = null;
private void setupCertificates() {
this.jList1.clearSelection();
this.jList1.removeAll();
Vector<String> certs = new Vector<String>();
//Provider p1 = new sun.security.pkcs11.SunPKCS11(strCfg);
//Security.addProvider(p1);
//KeyStore keyStore = KeyStore.getInstance("PKCS11");
//printMessageToConsole("Key Store instance created");
//keyStore.load(null, "password".toCharArray());
//covers all modern browsers in windows
try {
keyStore = KeyStore.getInstance("Windows-MY");
keyStore.load(null, null);
} catch (Exception ex) {
ex.printStackTrace();
//JOptionPane.showMessageDialog(this, ex.getMessage());
}
//firefox keystore
if (keyStore != null) {
try {
String strCfg = System.getProperty("user.home") + File.separator
+ "jdk6-nss-mozilla.cfg";
// Provider p1 = new sun.security.pkcs11.SunPKCS11(strCfg);
// Security.addProvider(p1);
keyStore = KeyStore.getInstance("PKCS11");
keyStore.load(null, "password".toCharArray());
} catch (Exception ex) {
//JOptionPane.showMessageDialog(this, ex.getMessage());
ex.printStackTrace();
}
}
//MacOS with Safari possibly others
if (keyStore != null) {
try {
keyStore = KeyStore.getInstance("KeychainStore");
keyStore.load(null, null);
} catch (Exception ex) {
//JOptionPane.showMessageDialog(this, ex.getMessage());
ex.printStackTrace();
}
}
try {
//printMessageToConsole("Key Store loaded");
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String a = aliases.nextElement();
X509Certificate certificate = (X509Certificate) keyStore.getCertificate(a);
//PublicKey publicKey = certificate.getPublicKey();
// X509Certificate cert = (X509Certificate) publicKey;
try {
Key key = keyStore.getKey(a, null);
certs.add(a);
} catch (Exception x) {
System.out.println("error loading certificate " + a + " " + x.getMessage());
}
}
} catch (Exception e) {
e.printStackTrace();
JOptionPane.showMessageDialog(this, e.getMessage());
}
jList1.setListData(certs);
if (!certs.isEmpty()) {
jList1.setSelectedIndex(0);
}
}
/**
* XML digital signature namespace
*/
public final static String XML_DIGSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
private void signDOM(Node node, PrivateKey privateKey, Certificate origCert) {
XMLSignatureFactory fac = initXMLSigFactory();
X509Certificate cert = (X509Certificate) origCert;
// Create the KeyInfo containing the X509Data.
KeyInfoFactory kif = fac.getKeyInfoFactory();
List<Object> x509Content = new ArrayList<Object>();
//x509Content.add(cert.getSubjectX500Principal().getName());
x509Content.add(cert);
X509Data xd = kif.newX509Data(x509Content);
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd));
// Create a DOMSignContext and specify the RSA PrivateKey and
// location of the resulting XMLSignature's parent element.
DOMSignContext dsc = new DOMSignContext(privateKey, node);
dsc.putNamespacePrefix(XML_DIGSIG_NS, "ns2");
// Create the XMLSignature, but don't sign it yet.
try {
SignedInfo si = initSignedInfo(fac);
XMLSignature signature = fac.newXMLSignature(si, ki);
// Marshal, generate, and sign the enveloped signature.
signature.sign(dsc);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
/**
* This method is called from within the init() method to initialize the
* form. WARNING: Do NOT modify this code. The content of this method is
* always regenerated by the Form Editor.
*/
// <editor-fold defaultstate="collapsed" desc="Generated Code">//GEN-BEGIN:initComponents
private void initComponents() {
jButton1 = new javax.swing.JButton();
jScrollPane1 = new javax.swing.JScrollPane();
jList1 = new javax.swing.JList();
setLayout(new java.awt.BorderLayout());
jButton1.setText("Sign");
jButton1.addActionListener(new java.awt.event.ActionListener() {
public void actionPerformed(java.awt.event.ActionEvent evt) {
jButton1ActionPerformed(evt);
}
});
add(jButton1, java.awt.BorderLayout.NORTH);
jScrollPane1.setViewportView(jList1);
add(jScrollPane1, java.awt.BorderLayout.CENTER);
}// </editor-fold>//GEN-END:initComponents
private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton1ActionPerformed
// TODO add your handling code here:
String signedXml = "error!";
JSObject window = JSObject.getWindow(this);
try {
if (keyStore == null || keyStore.size() == 0) {
signedXml = "Unforunately, it looks as if you don't have any certificates to choose from.";
window.call("writeXml", new Object[]{signedXml});
return;
}
} catch (Exception ex) {
signedXml = "Unforunately, it looks as if you don't have any certificates to choose from.";
window.call("writeXml", new Object[]{signedXml});
return;
}
if (jList1.getSelectedValue() == null) {
signedXml = "You must pick a certificate first";
window.call("writeXml", new Object[]{signedXml});
return;
}
Object object2 = window.call("getBrowserName", null);
Object object1 = window.call("getOsName", null);
Object object3 = window.call("getObjectType", null);
String browserName = (String) object2;
String osName = (String) object2;
String objecttype = (String) object3;
//get the xml
String xml = (String) window.call("getXml", new Object[]{});
Object j = null;
StringReader sr = new StringReader(xml);
if (objecttype.equalsIgnoreCase("business")) {
try {
j = (BusinessEntity) JAXB.unmarshal(sr, BusinessEntity.class);
} catch (Exception ex) {
}
}
if (objecttype.equalsIgnoreCase("service")) {
try {
j = (BusinessService) JAXB.unmarshal(sr, BusinessService.class);
} catch (Exception ex) {
}
}
if (objecttype.equalsIgnoreCase("binding")) {
try {
j = (BindingTemplate) JAXB.unmarshal(sr, BindingTemplate.class);
} catch (Exception ex) {
}
}
if (objecttype.equalsIgnoreCase("tmodel")) {
try {
j = (TModel) JAXB.unmarshal(sr, TModel.class);
} catch (Exception ex) {
}
}
if (j != null) {
try {
//sign it
org.apache.juddi.v3.client.cryptor.DigSigUtil ds = new DigSigUtil();
ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_BASE64, "true");
ds.put(DigSigUtil.SIGNATURE_METHOD, "RSA_SHA1");
PrivateKey key = (PrivateKey) keyStore.getKey((String) jList1.getSelectedValue(), null);
Certificate publickey = keyStore.getCertificate((String) jList1.getSelectedValue());
j = ds.signUddiEntity(j, publickey, key);
ds.clear();
StringWriter sw = new StringWriter();
JAXB.marshal(j, sw);
signedXml = sw.toString();
} catch (Exception ex) {
Logger.getLogger(XmlSignatureApplet.class.getName()).log(Level.SEVERE, null, ex);
signedXml = "Sorry I couldn't sign the data. " + ex.getMessage();
}
} else {
signedXml = "Unable to determine which type of object that we're signing";
}
/*
try {
signedXml = this.sign(xml);
} catch (Exception ex) {
signedXml = ex.getMessage();
Logger.getLogger(this.getClass().getName()).log(Level.SEVERE, null, ex);
}*/
//write it back to the web page
window.call("writeXml", new Object[]{signedXml});
}//GEN-LAST:event_jButton1ActionPerformed
// Variables declaration - do not modify//GEN-BEGIN:variables
private javax.swing.JButton jButton1;
private javax.swing.JList jList1;
private javax.swing.JScrollPane jScrollPane1;
// End of variables declaration//GEN-END:variables
}