Commit a391929b authored by Lukas Hameury's avatar Lukas Hameury
Browse files

Try to sign from javascript call

parent f37f726d
package coop.libriciel;
import coop.libriciel.action.ListCertsAction;
import coop.libriciel.action.SignAction;
import coop.libriciel.util.JSONUtils;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
public class NewSignatureMethodHandler {
private NewSignatureMethodHandler() {}
static ListCertsAction listCertsAction = new ListCertsAction();
static final ListCertsAction listCertsAction = new ListCertsAction();
static final SignAction signAction = new SignAction();
public static String listCerts() throws NoSuchAlgorithmException, CertificateEncodingException {
return listCertsAction.getCertificates();
}
public static String sign(String certificateId, String jsonDataToSign) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException, NoSuchProviderException, IOException {
return signAction.sign(listCertsAction.findForCertificate(certificateId), JSONUtils.jsonStringToList(jsonDataToSign));
}
}
package coop.libriciel.action;
import coop.libriciel.model.SignCertificate;
import coop.libriciel.util.CertUtils;
import coop.libriciel.util.JSONUtils;
import org.adullact.parapheur.applets.splittedsign.Base64;
......@@ -15,6 +16,37 @@ import java.security.cert.X509Certificate;
import java.util.*;
public class ListCertsAction {
public SignCertificate findForCertificate(final String id) {
return AccessController.doPrivileged(new PrivilegedAction<SignCertificate>() {
@Override
public SignCertificate run() {
CertListUtil certListUtil = new CertListUtil();
SignCertificate result = new SignCertificate();
List<Certificate> certs = certListUtil.getAvailableCertificates();
for (Certificate cert : certs) {
try {
String thumbprint = CertUtils.getThumbPrint((X509Certificate) cert);
if (thumbprint.equalsIgnoreCase(id)) {
// We found IT !
result.setSigningCertificate((X509Certificate) cert);
// Si on est sur windows, on prépare le onTop pour la demande de code PIN
result.setPrivateKey(certListUtil.getKey(result.getSigningCertificate()));
break;
}
} catch (CertificateEncodingException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
}
return result;
}
});
}
public String getCertificates() throws CertificateEncodingException, NoSuchAlgorithmException {
List<Certificate> certs = AccessController.doPrivileged(new PrivilegedAction<List<Certificate>>() {
@Override
......
package coop.libriciel.action;
import coop.libriciel.model.SignCertificate;
import coop.libriciel.util.JSONUtils;
import coop.libriciel.util.StringUtils;
import org.adullact.parapheur.applets.splittedsign.Base64;
import java.io.IOException;
import java.security.*;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
public class SignAction {
public String sign(final SignCertificate signingObj, final List<String> jsonDataToSign) {
return AccessController.doPrivileged(new PrivilegedAction<String>() {
@Override
public String run() {
Map<String, Object> signs = new HashMap<String, Object>();
for (int i = 0; i < jsonDataToSign.size(); i++) {
String toSign = jsonDataToSign.get(i);
List<String> finalToSign = new ArrayList<String>();
for(String tmpToSign: toSign.split(",")) {
try {
finalToSign.add(doSign(Base64.decode(tmpToSign), signingObj.getPrivateKey()));
} catch(Exception e) {
e.printStackTrace();
throw new RuntimeException("Cannot sign document, see erro log", e);
}
}
signs.put(String.valueOf(i), StringUtils.join(",", finalToSign));
}
return JSONUtils.mapToJSONString(signs);
}
});
}
public static String doSign(byte[] bytesToSign, PrivateKey privateKey) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
Signature sig;
if (privateKey instanceof java.security.interfaces.RSAPrivateKey) {
sig = Signature.getInstance("SHA256WithRSA", "BC");
} else if (System.getProperty("os.name").startsWith("Windows")) {
sig = Signature.getInstance("SHA256WithRSA", "SunMSCAPI");
} else {
sig = Signature.getInstance("SHA256WithRSA", "SunRsaSign");
}
sig.initSign(privateKey);
sig.update(bytesToSign);
byte[] signature = sig.sign();
return Base64.encodeBytes(signature);
}
}
package coop.libriciel.model;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
public class SignCertificate {
X509Certificate signingCertificate;
PrivateKey privateKey;
public X509Certificate getSigningCertificate() {
return signingCertificate;
}
public void setSigningCertificate(X509Certificate signingCertificate) {
this.signingCertificate = signingCertificate;
}
public PrivateKey getPrivateKey() {
return privateKey;
}
public void setPrivateKey(PrivateKey privateKey) {
this.privateKey = privateKey;
}
}
package coop.libriciel.util;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
......@@ -31,6 +33,10 @@ public class JSONUtils {
return result.toString();
}
public static List<String> jsonStringToList(String json) {
return Arrays.asList(json.replace("[", "").replace("]", "").split(","));
}
public static String arrayToJSONString(List<String> array) {
StringBuilder result = new StringBuilder("[");
boolean isFirst = true;
......
package coop.libriciel.util;
import java.util.List;
public class StringUtils {
private StringUtils() {
}
public static String join(String separator, List<String> input) {
if (input == null || input.isEmpty()) return "";
StringBuilder sb = new StringBuilder();
for (int i = 0; i < input.size(); i++) {
sb.append(input.get(i));
// if not the last item
if (i != input.size() - 1) {
sb.append(separator);
}
}
return sb.toString();
}
}
......@@ -269,6 +269,10 @@ public class Main extends javax.swing.JApplet implements Runnable {
return NewSignatureMethodHandler.listCerts();
}
public String sign(String certificateID, String dataToSign) throws NoSuchAlgorithmException, NoSuchProviderException, SignatureException, InvalidKeyException, IOException {
return NewSignatureMethodHandler.sign(certificateID, dataToSign);
}
/**
* The Digests are given and then stored in the map as Hexa strings
*
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment