svn-gvsig-desktop / trunk / org.gvsig.desktop / org.gvsig.desktop.library / org.gvsig.installer / org.gvsig.installer.lib / org.gvsig.installer.lib.impl / src / main / java / org / gvsig / installer / lib / impl / utils / SignUtil.java @ 40560
History | View | Annotate | Download (9.37 KB)
1 |
/**
|
---|---|
2 |
* gvSIG. Desktop Geographic Information System.
|
3 |
*
|
4 |
* Copyright (C) 2007-2013 gvSIG Association.
|
5 |
*
|
6 |
* This program is free software; you can redistribute it and/or
|
7 |
* modify it under the terms of the GNU General Public License
|
8 |
* as published by the Free Software Foundation; either version 3
|
9 |
* of the License, or (at your option) any later version.
|
10 |
*
|
11 |
* This program is distributed in the hope that it will be useful,
|
12 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
13 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
14 |
* GNU General Public License for more details.
|
15 |
*
|
16 |
* You should have received a copy of the GNU General Public License
|
17 |
* along with this program; if not, write to the Free Software
|
18 |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
|
19 |
* MA 02110-1301, USA.
|
20 |
*
|
21 |
* For any additional information, do not hesitate to contact us
|
22 |
* at info AT gvsig.com, or visit our website www.gvsig.com.
|
23 |
*/
|
24 |
package org.gvsig.installer.lib.impl.utils; |
25 |
|
26 |
import java.io.BufferedReader; |
27 |
import java.io.File; |
28 |
import java.io.FileInputStream; |
29 |
import java.io.FileNotFoundException; |
30 |
import java.io.FileOutputStream; |
31 |
import java.io.FileWriter; |
32 |
import java.io.InputStream; |
33 |
import java.io.StringReader; |
34 |
import java.io.StringWriter; |
35 |
import java.security.KeyFactory; |
36 |
import java.security.KeyPair; |
37 |
import java.security.KeyPairGenerator; |
38 |
import java.security.NoSuchAlgorithmException; |
39 |
import java.security.NoSuchProviderException; |
40 |
import java.security.PrivateKey; |
41 |
import java.security.PublicKey; |
42 |
import java.security.SecureRandom; |
43 |
import java.security.Signature; |
44 |
import java.security.spec.EncodedKeySpec; |
45 |
import java.security.spec.InvalidKeySpecException; |
46 |
import java.security.spec.PKCS8EncodedKeySpec; |
47 |
import java.security.spec.X509EncodedKeySpec; |
48 |
|
49 |
import org.apache.commons.codec.binary.Base64; |
50 |
|
51 |
public class SignUtil { |
52 |
|
53 |
public static final int SIGN_OK = 0; |
54 |
public static final int SIGN_FAIL = 1; |
55 |
public static final int NOT_SIGNED = 2; |
56 |
|
57 |
private PublicKey pubKey = null; |
58 |
private PrivateKey privKey = null; |
59 |
|
60 |
public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException, FileNotFoundException { |
61 |
new SignUtil().doMain(args);
|
62 |
} |
63 |
|
64 |
private void doMain(String[] args) { |
65 |
|
66 |
try {
|
67 |
if( "sign".equalsIgnoreCase(getCommand(args)) ) { |
68 |
if( !this.canSign() ) { |
69 |
System.out.println("Can't locate private key to sign."); |
70 |
return;
|
71 |
} |
72 |
this.sign( this.getArg1AsFile(args)); |
73 |
System.out.println("File "+this.getArg1(args)+" signed."); |
74 |
return;
|
75 |
} |
76 |
|
77 |
if( "verify".equalsIgnoreCase(getCommand(args)) ) { |
78 |
if( !this.canVerify() ) { |
79 |
System.out.println("Can't locate public key to verify."); |
80 |
return;
|
81 |
} |
82 |
switch(this.verify(this.getArg1AsFile(args))) { |
83 |
case NOT_SIGNED:
|
84 |
System.out.println("NOT SIGNED"); |
85 |
break;
|
86 |
case SIGN_FAIL:
|
87 |
System.out.println("SIGN FAIL"); |
88 |
break;
|
89 |
case SIGN_OK:
|
90 |
System.out.println("SIGN OK"); |
91 |
break;
|
92 |
default:
|
93 |
System.out.println("ERROR"); |
94 |
} |
95 |
return;
|
96 |
} |
97 |
|
98 |
if( "generateKeys".equalsIgnoreCase(getCommand(args)) ) { |
99 |
this.generateKeys();
|
100 |
System.out.println("Generate keys ok"); |
101 |
return;
|
102 |
} |
103 |
|
104 |
System.out.println("Usage: SignUtil sign|verify|generateKeys\n" + |
105 |
" sign file\n" +
|
106 |
" verify file\n" +
|
107 |
" generateKeys\n");
|
108 |
return;
|
109 |
} catch (Exception e) { |
110 |
e.printStackTrace(); |
111 |
} |
112 |
} |
113 |
|
114 |
private String getCommand(String[] args) { |
115 |
if( args.length>=1) { |
116 |
return args[0]; |
117 |
} |
118 |
return null; |
119 |
} |
120 |
|
121 |
private File getArg1AsFile(String[] args) { |
122 |
if( args.length>=2) { |
123 |
return new File(args[1]); |
124 |
} |
125 |
return null; |
126 |
} |
127 |
|
128 |
private String getArg1(String[] args) { |
129 |
if( args.length>=2) { |
130 |
return args[1]; |
131 |
} |
132 |
return null; |
133 |
} |
134 |
|
135 |
public SignUtil() {
|
136 |
loadPrivateKey(); |
137 |
loadPublicKey(); |
138 |
} |
139 |
|
140 |
public SignUtil(byte[] publicKey){ |
141 |
loadPrivateKey(); |
142 |
loadPublicKey(publicKey); |
143 |
} |
144 |
|
145 |
private void loadPrivateKey() { |
146 |
File home = new File(System.getProperty("user.home")); |
147 |
File keyfile = new File(home, ".gvsig-keys" + File.separatorChar |
148 |
+ "key.private");
|
149 |
if (keyfile.exists()) {
|
150 |
try {
|
151 |
loadPrivateKey(keyfile); |
152 |
} catch (Exception e) { |
153 |
// Ignore errors
|
154 |
} |
155 |
} |
156 |
} |
157 |
|
158 |
private PrivateKey loadPrivateKey(File key) { |
159 |
try {
|
160 |
byte[] rawkey; |
161 |
rawkey = loadFileAsByteArray(new FileInputStream(key)); |
162 |
EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(rawkey); |
163 |
KeyFactory keyFactory = KeyFactory.getInstance("DSA", "SUN"); |
164 |
this.privKey = keyFactory.generatePrivate(keySpec);
|
165 |
} catch (Exception e) { |
166 |
this.privKey = null; |
167 |
} |
168 |
return this.privKey; |
169 |
} |
170 |
|
171 |
private PublicKey loadPublicKey() { |
172 |
File home = new File(System.getProperty("user.home")); |
173 |
File keyfile = new File(home, ".gvsig-keys" + File.separatorChar |
174 |
+ "key.public");
|
175 |
if (keyfile.exists()) {
|
176 |
return loadPublicKey(loadFileAsByteArray(keyfile));
|
177 |
} |
178 |
return null; |
179 |
} |
180 |
private PublicKey loadPublicKey(byte[] rawkey) { |
181 |
try {
|
182 |
EncodedKeySpec keySpec = new X509EncodedKeySpec(rawkey); |
183 |
KeyFactory keyFactory;
|
184 |
keyFactory = KeyFactory.getInstance("DSA", "SUN"); |
185 |
this.pubKey = keyFactory.generatePublic(keySpec);
|
186 |
} catch (Exception e) { |
187 |
this.pubKey = null; |
188 |
} |
189 |
return this.pubKey; |
190 |
} |
191 |
|
192 |
private PublicKey getPublicKey() { |
193 |
return this.pubKey; |
194 |
} |
195 |
|
196 |
private PrivateKey getPrivateKey() { |
197 |
return this.privKey; |
198 |
} |
199 |
|
200 |
private byte[] loadFileAsByteArray(InputStream in) { |
201 |
byte[] alldata; |
202 |
try {
|
203 |
alldata = new byte[in.available()]; |
204 |
in.read(alldata); |
205 |
in.close(); |
206 |
} catch (Exception e) { |
207 |
e.printStackTrace(); |
208 |
return null; |
209 |
} |
210 |
return alldata;
|
211 |
} |
212 |
|
213 |
private byte[] loadFileAsByteArray(File file) { |
214 |
try {
|
215 |
return loadFileAsByteArray(new FileInputStream(file)); |
216 |
} catch (FileNotFoundException e) { |
217 |
e.printStackTrace(); |
218 |
return null; |
219 |
} |
220 |
} |
221 |
|
222 |
private String getData(byte[] alldata) { |
223 |
BufferedReader reader = new BufferedReader(new StringReader( |
224 |
new String(alldata))); |
225 |
StringWriter writer = new StringWriter(); |
226 |
String line;
|
227 |
try {
|
228 |
boolean inSignature = false; |
229 |
while ((line = reader.readLine()) != null) { |
230 |
if (inSignature) {
|
231 |
if (line.startsWith("## END SIGNATURE")) { |
232 |
inSignature = false;
|
233 |
} |
234 |
} else {
|
235 |
if (line.startsWith("## BEGIN SIGNATURE")) { |
236 |
inSignature = true;
|
237 |
} else {
|
238 |
writer.append(line); |
239 |
writer.append("\n");
|
240 |
} |
241 |
} |
242 |
} |
243 |
writer.close(); |
244 |
} catch (Exception e) { |
245 |
e.printStackTrace(); |
246 |
return null; |
247 |
} |
248 |
return writer.toString();
|
249 |
} |
250 |
|
251 |
private byte[] getSignature(byte[] alldata) { |
252 |
BufferedReader reader = new BufferedReader(new StringReader( |
253 |
new String(alldata))); |
254 |
StringWriter writer = new StringWriter(); |
255 |
String line;
|
256 |
try {
|
257 |
boolean inSignature = false; |
258 |
while ((line = reader.readLine()) != null) { |
259 |
if (inSignature) {
|
260 |
if (line.startsWith("## END SIGNATURE")) { |
261 |
inSignature = false;
|
262 |
} else {
|
263 |
writer.append(line); |
264 |
writer.append("\n");
|
265 |
} |
266 |
} else {
|
267 |
if (line.startsWith("## BEGIN SIGNATURE")) { |
268 |
inSignature = true;
|
269 |
} |
270 |
} |
271 |
} |
272 |
writer.close(); |
273 |
} catch (Exception e) { |
274 |
e.printStackTrace(); |
275 |
return null; |
276 |
} |
277 |
String s = writer.toString();
|
278 |
if (s.length() < 1) { |
279 |
return null; |
280 |
} |
281 |
Base64 coder = new Base64(60); |
282 |
return coder.decode(s);
|
283 |
} |
284 |
|
285 |
public void sign(File file) { |
286 |
Signature dsa;
|
287 |
Base64 coder = new Base64(60); |
288 |
|
289 |
try {
|
290 |
String data = getData(loadFileAsByteArray(file));
|
291 |
dsa = Signature.getInstance("SHA1withDSA", "SUN"); |
292 |
dsa.initSign(getPrivateKey()); |
293 |
dsa.update(data.getBytes()); |
294 |
|
295 |
String sig = coder.encodeAsString(dsa.sign());
|
296 |
String[] lines = sig.split("\n"); |
297 |
|
298 |
FileWriter fw = new FileWriter(file); |
299 |
fw.append(data); |
300 |
fw.append("## BEGIN SIGNATURE\n");
|
301 |
for (int i = 0; i < lines.length; i++) { |
302 |
fw.append("## ");
|
303 |
fw.append(lines[i]); |
304 |
fw.append("\n");
|
305 |
} |
306 |
fw.append("## END SIGNATURE\n");
|
307 |
fw.close(); |
308 |
|
309 |
} catch (Exception e) { |
310 |
e.printStackTrace(); |
311 |
} |
312 |
|
313 |
} |
314 |
|
315 |
public int verify(File file) { |
316 |
return verify(loadFileAsByteArray(file));
|
317 |
} |
318 |
|
319 |
public int verify(byte[] alldata) { |
320 |
try {
|
321 |
String data = getData(alldata);
|
322 |
byte[] signature = getSignature(alldata); |
323 |
if (signature == null) { |
324 |
return NOT_SIGNED;
|
325 |
} |
326 |
Signature dsa;
|
327 |
dsa = Signature.getInstance("SHA1withDSA", "SUN"); |
328 |
dsa.initVerify(getPublicKey()); |
329 |
dsa.update(data.getBytes()); |
330 |
if (!dsa.verify(signature)) {
|
331 |
return SIGN_FAIL;
|
332 |
} |
333 |
return SIGN_OK;
|
334 |
|
335 |
} catch (Exception e) { |
336 |
e.printStackTrace(); |
337 |
} |
338 |
return NOT_SIGNED;
|
339 |
} |
340 |
|
341 |
public void generateKeys() { |
342 |
try {
|
343 |
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA", |
344 |
"SUN");
|
345 |
SecureRandom random = SecureRandom.getInstance("SHA1PRNG", |
346 |
"SUN");
|
347 |
keyGen.initialize(1024, random);
|
348 |
|
349 |
KeyPair pair = keyGen.generateKeyPair();
|
350 |
PrivateKey privKey = pair.getPrivate();
|
351 |
PublicKey pubKey = pair.getPublic();
|
352 |
|
353 |
FileOutputStream fos;
|
354 |
fos = new FileOutputStream("key.private"); |
355 |
fos.write(privKey.getEncoded()); |
356 |
fos.close(); |
357 |
|
358 |
fos = new FileOutputStream("key.public"); |
359 |
fos.write(pubKey.getEncoded()); |
360 |
fos.close(); |
361 |
|
362 |
System.out
|
363 |
.println("Generados los ficheros key.private y key.public en la carpeta corriente.");
|
364 |
System.out
|
365 |
.println("Por defecto la aplicaccion las buscara en la carpeta $HOME/.gvsig-keys .");
|
366 |
} catch (Exception e) { |
367 |
e.printStackTrace(); |
368 |
} |
369 |
|
370 |
} |
371 |
|
372 |
public boolean canSign() { |
373 |
if( this.getPrivateKey() == null ) { |
374 |
return false; |
375 |
} |
376 |
return true; |
377 |
} |
378 |
|
379 |
public boolean canVerify() { |
380 |
if( this.getPublicKey() == null ) { |
381 |
return false; |
382 |
} |
383 |
return true; |
384 |
} |
385 |
|
386 |
|
387 |
} |