svn-gvsig-desktop / trunk / org.gvsig.desktop / org.gvsig.desktop.library / org.gvsig.installer / org.gvsig.installer.lib / org.gvsig.installer.lib.impl / src / main / java / org / gvsig / installer / lib / impl / utils / SignUtil.java @ 40560
History | View | Annotate | Download (9.37 KB)
1 | 40560 | jjdelcerro | /**
|
---|---|---|---|
2 | * gvSIG. Desktop Geographic Information System.
|
||
3 | *
|
||
4 | * Copyright (C) 2007-2013 gvSIG Association.
|
||
5 | *
|
||
6 | * This program is free software; you can redistribute it and/or
|
||
7 | * modify it under the terms of the GNU General Public License
|
||
8 | * as published by the Free Software Foundation; either version 3
|
||
9 | * of the License, or (at your option) any later version.
|
||
10 | *
|
||
11 | * This program is distributed in the hope that it will be useful,
|
||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
14 | * GNU General Public License for more details.
|
||
15 | *
|
||
16 | * You should have received a copy of the GNU General Public License
|
||
17 | * along with this program; if not, write to the Free Software
|
||
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
|
||
19 | * MA 02110-1301, USA.
|
||
20 | *
|
||
21 | * For any additional information, do not hesitate to contact us
|
||
22 | * at info AT gvsig.com, or visit our website www.gvsig.com.
|
||
23 | */
|
||
24 | 40435 | jjdelcerro | package org.gvsig.installer.lib.impl.utils; |
25 | |||
26 | import java.io.BufferedReader; |
||
27 | import java.io.File; |
||
28 | import java.io.FileInputStream; |
||
29 | import java.io.FileNotFoundException; |
||
30 | import java.io.FileOutputStream; |
||
31 | import java.io.FileWriter; |
||
32 | import java.io.InputStream; |
||
33 | import java.io.StringReader; |
||
34 | import java.io.StringWriter; |
||
35 | import java.security.KeyFactory; |
||
36 | import java.security.KeyPair; |
||
37 | import java.security.KeyPairGenerator; |
||
38 | import java.security.NoSuchAlgorithmException; |
||
39 | import java.security.NoSuchProviderException; |
||
40 | import java.security.PrivateKey; |
||
41 | import java.security.PublicKey; |
||
42 | import java.security.SecureRandom; |
||
43 | import java.security.Signature; |
||
44 | import java.security.spec.EncodedKeySpec; |
||
45 | import java.security.spec.InvalidKeySpecException; |
||
46 | import java.security.spec.PKCS8EncodedKeySpec; |
||
47 | import java.security.spec.X509EncodedKeySpec; |
||
48 | |||
49 | import org.apache.commons.codec.binary.Base64; |
||
50 | |||
51 | public class SignUtil { |
||
52 | |||
53 | public static final int SIGN_OK = 0; |
||
54 | public static final int SIGN_FAIL = 1; |
||
55 | public static final int NOT_SIGNED = 2; |
||
56 | |||
57 | private PublicKey pubKey = null; |
||
58 | private PrivateKey privKey = null; |
||
59 | |||
60 | public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException, FileNotFoundException { |
||
61 | new SignUtil().doMain(args);
|
||
62 | } |
||
63 | |||
64 | private void doMain(String[] args) { |
||
65 | |||
66 | try {
|
||
67 | if( "sign".equalsIgnoreCase(getCommand(args)) ) { |
||
68 | if( !this.canSign() ) { |
||
69 | System.out.println("Can't locate private key to sign."); |
||
70 | return;
|
||
71 | } |
||
72 | this.sign( this.getArg1AsFile(args)); |
||
73 | System.out.println("File "+this.getArg1(args)+" signed."); |
||
74 | return;
|
||
75 | } |
||
76 | |||
77 | if( "verify".equalsIgnoreCase(getCommand(args)) ) { |
||
78 | if( !this.canVerify() ) { |
||
79 | System.out.println("Can't locate public key to verify."); |
||
80 | return;
|
||
81 | } |
||
82 | switch(this.verify(this.getArg1AsFile(args))) { |
||
83 | case NOT_SIGNED:
|
||
84 | System.out.println("NOT SIGNED"); |
||
85 | break;
|
||
86 | case SIGN_FAIL:
|
||
87 | System.out.println("SIGN FAIL"); |
||
88 | break;
|
||
89 | case SIGN_OK:
|
||
90 | System.out.println("SIGN OK"); |
||
91 | break;
|
||
92 | default:
|
||
93 | System.out.println("ERROR"); |
||
94 | } |
||
95 | return;
|
||
96 | } |
||
97 | |||
98 | if( "generateKeys".equalsIgnoreCase(getCommand(args)) ) { |
||
99 | this.generateKeys();
|
||
100 | System.out.println("Generate keys ok"); |
||
101 | return;
|
||
102 | } |
||
103 | |||
104 | System.out.println("Usage: SignUtil sign|verify|generateKeys\n" + |
||
105 | " sign file\n" +
|
||
106 | " verify file\n" +
|
||
107 | " generateKeys\n");
|
||
108 | return;
|
||
109 | } catch (Exception e) { |
||
110 | e.printStackTrace(); |
||
111 | } |
||
112 | } |
||
113 | |||
114 | private String getCommand(String[] args) { |
||
115 | if( args.length>=1) { |
||
116 | return args[0]; |
||
117 | } |
||
118 | return null; |
||
119 | } |
||
120 | |||
121 | private File getArg1AsFile(String[] args) { |
||
122 | if( args.length>=2) { |
||
123 | return new File(args[1]); |
||
124 | } |
||
125 | return null; |
||
126 | } |
||
127 | |||
128 | private String getArg1(String[] args) { |
||
129 | if( args.length>=2) { |
||
130 | return args[1]; |
||
131 | } |
||
132 | return null; |
||
133 | } |
||
134 | |||
135 | public SignUtil() {
|
||
136 | loadPrivateKey(); |
||
137 | loadPublicKey(); |
||
138 | } |
||
139 | |||
140 | public SignUtil(byte[] publicKey){ |
||
141 | loadPrivateKey(); |
||
142 | loadPublicKey(publicKey); |
||
143 | } |
||
144 | |||
145 | private void loadPrivateKey() { |
||
146 | File home = new File(System.getProperty("user.home")); |
||
147 | File keyfile = new File(home, ".gvsig-keys" + File.separatorChar |
||
148 | + "key.private");
|
||
149 | if (keyfile.exists()) {
|
||
150 | try {
|
||
151 | loadPrivateKey(keyfile); |
||
152 | } catch (Exception e) { |
||
153 | // Ignore errors
|
||
154 | } |
||
155 | } |
||
156 | } |
||
157 | |||
158 | private PrivateKey loadPrivateKey(File key) { |
||
159 | try {
|
||
160 | byte[] rawkey; |
||
161 | rawkey = loadFileAsByteArray(new FileInputStream(key)); |
||
162 | EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(rawkey); |
||
163 | KeyFactory keyFactory = KeyFactory.getInstance("DSA", "SUN"); |
||
164 | this.privKey = keyFactory.generatePrivate(keySpec);
|
||
165 | } catch (Exception e) { |
||
166 | this.privKey = null; |
||
167 | } |
||
168 | return this.privKey; |
||
169 | } |
||
170 | |||
171 | private PublicKey loadPublicKey() { |
||
172 | File home = new File(System.getProperty("user.home")); |
||
173 | File keyfile = new File(home, ".gvsig-keys" + File.separatorChar |
||
174 | + "key.public");
|
||
175 | if (keyfile.exists()) {
|
||
176 | return loadPublicKey(loadFileAsByteArray(keyfile));
|
||
177 | } |
||
178 | return null; |
||
179 | } |
||
180 | private PublicKey loadPublicKey(byte[] rawkey) { |
||
181 | try {
|
||
182 | EncodedKeySpec keySpec = new X509EncodedKeySpec(rawkey); |
||
183 | KeyFactory keyFactory;
|
||
184 | keyFactory = KeyFactory.getInstance("DSA", "SUN"); |
||
185 | this.pubKey = keyFactory.generatePublic(keySpec);
|
||
186 | } catch (Exception e) { |
||
187 | this.pubKey = null; |
||
188 | } |
||
189 | return this.pubKey; |
||
190 | } |
||
191 | |||
192 | private PublicKey getPublicKey() { |
||
193 | return this.pubKey; |
||
194 | } |
||
195 | |||
196 | private PrivateKey getPrivateKey() { |
||
197 | return this.privKey; |
||
198 | } |
||
199 | |||
200 | private byte[] loadFileAsByteArray(InputStream in) { |
||
201 | byte[] alldata; |
||
202 | try {
|
||
203 | alldata = new byte[in.available()]; |
||
204 | in.read(alldata); |
||
205 | in.close(); |
||
206 | } catch (Exception e) { |
||
207 | e.printStackTrace(); |
||
208 | return null; |
||
209 | } |
||
210 | return alldata;
|
||
211 | } |
||
212 | |||
213 | private byte[] loadFileAsByteArray(File file) { |
||
214 | try {
|
||
215 | return loadFileAsByteArray(new FileInputStream(file)); |
||
216 | } catch (FileNotFoundException e) { |
||
217 | e.printStackTrace(); |
||
218 | return null; |
||
219 | } |
||
220 | } |
||
221 | |||
222 | private String getData(byte[] alldata) { |
||
223 | BufferedReader reader = new BufferedReader(new StringReader( |
||
224 | new String(alldata))); |
||
225 | StringWriter writer = new StringWriter(); |
||
226 | String line;
|
||
227 | try {
|
||
228 | boolean inSignature = false; |
||
229 | while ((line = reader.readLine()) != null) { |
||
230 | if (inSignature) {
|
||
231 | if (line.startsWith("## END SIGNATURE")) { |
||
232 | inSignature = false;
|
||
233 | } |
||
234 | } else {
|
||
235 | if (line.startsWith("## BEGIN SIGNATURE")) { |
||
236 | inSignature = true;
|
||
237 | } else {
|
||
238 | writer.append(line); |
||
239 | writer.append("\n");
|
||
240 | } |
||
241 | } |
||
242 | } |
||
243 | writer.close(); |
||
244 | } catch (Exception e) { |
||
245 | e.printStackTrace(); |
||
246 | return null; |
||
247 | } |
||
248 | return writer.toString();
|
||
249 | } |
||
250 | |||
251 | private byte[] getSignature(byte[] alldata) { |
||
252 | BufferedReader reader = new BufferedReader(new StringReader( |
||
253 | new String(alldata))); |
||
254 | StringWriter writer = new StringWriter(); |
||
255 | String line;
|
||
256 | try {
|
||
257 | boolean inSignature = false; |
||
258 | while ((line = reader.readLine()) != null) { |
||
259 | if (inSignature) {
|
||
260 | if (line.startsWith("## END SIGNATURE")) { |
||
261 | inSignature = false;
|
||
262 | } else {
|
||
263 | writer.append(line); |
||
264 | writer.append("\n");
|
||
265 | } |
||
266 | } else {
|
||
267 | if (line.startsWith("## BEGIN SIGNATURE")) { |
||
268 | inSignature = true;
|
||
269 | } |
||
270 | } |
||
271 | } |
||
272 | writer.close(); |
||
273 | } catch (Exception e) { |
||
274 | e.printStackTrace(); |
||
275 | return null; |
||
276 | } |
||
277 | String s = writer.toString();
|
||
278 | if (s.length() < 1) { |
||
279 | return null; |
||
280 | } |
||
281 | Base64 coder = new Base64(60); |
||
282 | return coder.decode(s);
|
||
283 | } |
||
284 | |||
285 | public void sign(File file) { |
||
286 | Signature dsa;
|
||
287 | Base64 coder = new Base64(60); |
||
288 | |||
289 | try {
|
||
290 | String data = getData(loadFileAsByteArray(file));
|
||
291 | dsa = Signature.getInstance("SHA1withDSA", "SUN"); |
||
292 | dsa.initSign(getPrivateKey()); |
||
293 | dsa.update(data.getBytes()); |
||
294 | |||
295 | String sig = coder.encodeAsString(dsa.sign());
|
||
296 | String[] lines = sig.split("\n"); |
||
297 | |||
298 | FileWriter fw = new FileWriter(file); |
||
299 | fw.append(data); |
||
300 | fw.append("## BEGIN SIGNATURE\n");
|
||
301 | for (int i = 0; i < lines.length; i++) { |
||
302 | fw.append("## ");
|
||
303 | fw.append(lines[i]); |
||
304 | fw.append("\n");
|
||
305 | } |
||
306 | fw.append("## END SIGNATURE\n");
|
||
307 | fw.close(); |
||
308 | |||
309 | } catch (Exception e) { |
||
310 | e.printStackTrace(); |
||
311 | } |
||
312 | |||
313 | } |
||
314 | |||
315 | public int verify(File file) { |
||
316 | return verify(loadFileAsByteArray(file));
|
||
317 | } |
||
318 | |||
319 | public int verify(byte[] alldata) { |
||
320 | try {
|
||
321 | String data = getData(alldata);
|
||
322 | byte[] signature = getSignature(alldata); |
||
323 | if (signature == null) { |
||
324 | return NOT_SIGNED;
|
||
325 | } |
||
326 | Signature dsa;
|
||
327 | dsa = Signature.getInstance("SHA1withDSA", "SUN"); |
||
328 | dsa.initVerify(getPublicKey()); |
||
329 | dsa.update(data.getBytes()); |
||
330 | if (!dsa.verify(signature)) {
|
||
331 | return SIGN_FAIL;
|
||
332 | } |
||
333 | return SIGN_OK;
|
||
334 | |||
335 | } catch (Exception e) { |
||
336 | e.printStackTrace(); |
||
337 | } |
||
338 | return NOT_SIGNED;
|
||
339 | } |
||
340 | |||
341 | public void generateKeys() { |
||
342 | try {
|
||
343 | KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA", |
||
344 | "SUN");
|
||
345 | SecureRandom random = SecureRandom.getInstance("SHA1PRNG", |
||
346 | "SUN");
|
||
347 | keyGen.initialize(1024, random);
|
||
348 | |||
349 | KeyPair pair = keyGen.generateKeyPair();
|
||
350 | PrivateKey privKey = pair.getPrivate();
|
||
351 | PublicKey pubKey = pair.getPublic();
|
||
352 | |||
353 | FileOutputStream fos;
|
||
354 | fos = new FileOutputStream("key.private"); |
||
355 | fos.write(privKey.getEncoded()); |
||
356 | fos.close(); |
||
357 | |||
358 | fos = new FileOutputStream("key.public"); |
||
359 | fos.write(pubKey.getEncoded()); |
||
360 | fos.close(); |
||
361 | |||
362 | System.out
|
||
363 | .println("Generados los ficheros key.private y key.public en la carpeta corriente.");
|
||
364 | System.out
|
||
365 | .println("Por defecto la aplicaccion las buscara en la carpeta $HOME/.gvsig-keys .");
|
||
366 | } catch (Exception e) { |
||
367 | e.printStackTrace(); |
||
368 | } |
||
369 | |||
370 | } |
||
371 | |||
372 | public boolean canSign() { |
||
373 | if( this.getPrivateKey() == null ) { |
||
374 | return false; |
||
375 | } |
||
376 | return true; |
||
377 | } |
||
378 | |||
379 | public boolean canVerify() { |
||
380 | if( this.getPublicKey() == null ) { |
||
381 | return false; |
||
382 | } |
||
383 | return true; |
||
384 | } |
||
385 | |||
386 | |||
387 | } |