root / branches / v2_0_0_prep / extensions / org.gvsig.installer / org.gvsig.installer.lib / org.gvsig.installer.lib.impl / src / main / java / org / gvsig / installer / lib / impl / utils / SignUtil.java @ 37857
History | View | Annotate | Download (8.43 KB)
1 |
package org.gvsig.installer.lib.impl.utils; |
---|---|
2 |
|
3 |
import java.io.BufferedReader; |
4 |
import java.io.File; |
5 |
import java.io.FileInputStream; |
6 |
import java.io.FileNotFoundException; |
7 |
import java.io.FileOutputStream; |
8 |
import java.io.FileWriter; |
9 |
import java.io.InputStream; |
10 |
import java.io.StringReader; |
11 |
import java.io.StringWriter; |
12 |
import java.security.KeyFactory; |
13 |
import java.security.KeyPair; |
14 |
import java.security.KeyPairGenerator; |
15 |
import java.security.NoSuchAlgorithmException; |
16 |
import java.security.NoSuchProviderException; |
17 |
import java.security.PrivateKey; |
18 |
import java.security.PublicKey; |
19 |
import java.security.SecureRandom; |
20 |
import java.security.Signature; |
21 |
import java.security.spec.EncodedKeySpec; |
22 |
import java.security.spec.InvalidKeySpecException; |
23 |
import java.security.spec.PKCS8EncodedKeySpec; |
24 |
import java.security.spec.X509EncodedKeySpec; |
25 |
|
26 |
import org.apache.commons.codec.binary.Base64; |
27 |
|
28 |
public class SignUtil { |
29 |
|
30 |
public static final int SIGN_OK = 0; |
31 |
public static final int SIGN_FAIL = 1; |
32 |
public static final int NOT_SIGNED = 2; |
33 |
|
34 |
private PublicKey pubKey = null; |
35 |
private PrivateKey privKey = null; |
36 |
|
37 |
public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException, FileNotFoundException { |
38 |
new SignUtil().doMain(args);
|
39 |
} |
40 |
|
41 |
private void doMain(String[] args) { |
42 |
|
43 |
try {
|
44 |
if( "sign".equalsIgnoreCase(getCommand(args)) ) { |
45 |
if( !this.canSign() ) { |
46 |
System.out.println("Can't locate private key to sign."); |
47 |
return;
|
48 |
} |
49 |
this.sign( this.getArg1AsFile(args)); |
50 |
System.out.println("File "+this.getArg1(args)+" signed."); |
51 |
return;
|
52 |
} |
53 |
|
54 |
if( "verify".equalsIgnoreCase(getCommand(args)) ) { |
55 |
if( !this.canVerify() ) { |
56 |
System.out.println("Can't locate public key to verify."); |
57 |
return;
|
58 |
} |
59 |
switch(this.verify(this.getArg1AsFile(args))) { |
60 |
case NOT_SIGNED:
|
61 |
System.out.println("NOT SIGNED"); |
62 |
break;
|
63 |
case SIGN_FAIL:
|
64 |
System.out.println("SIGN FAIL"); |
65 |
break;
|
66 |
case SIGN_OK:
|
67 |
System.out.println("SIGN OK"); |
68 |
break;
|
69 |
default:
|
70 |
System.out.println("ERROR"); |
71 |
} |
72 |
return;
|
73 |
} |
74 |
|
75 |
if( "generateKeys".equalsIgnoreCase(getCommand(args)) ) { |
76 |
this.generateKeys();
|
77 |
System.out.println("Generate keys ok"); |
78 |
return;
|
79 |
} |
80 |
|
81 |
System.out.println("Usage: SignUtil sign|verify|generateKeys\n" + |
82 |
" sign file\n" +
|
83 |
" verify file\n" +
|
84 |
" generateKeys\n");
|
85 |
return;
|
86 |
} catch (Exception e) { |
87 |
e.printStackTrace(); |
88 |
} |
89 |
} |
90 |
|
91 |
private String getCommand(String[] args) { |
92 |
if( args.length>=1) { |
93 |
return args[0]; |
94 |
} |
95 |
return null; |
96 |
} |
97 |
|
98 |
private File getArg1AsFile(String[] args) { |
99 |
if( args.length>=2) { |
100 |
return new File(args[1]); |
101 |
} |
102 |
return null; |
103 |
} |
104 |
|
105 |
private String getArg1(String[] args) { |
106 |
if( args.length>=2) { |
107 |
return args[1]; |
108 |
} |
109 |
return null; |
110 |
} |
111 |
|
112 |
public SignUtil() {
|
113 |
loadPrivateKey(); |
114 |
loadPublicKey(); |
115 |
} |
116 |
|
117 |
public SignUtil(byte[] publicKey){ |
118 |
loadPrivateKey(); |
119 |
loadPublicKey(publicKey); |
120 |
} |
121 |
|
122 |
private void loadPrivateKey() { |
123 |
File home = new File(System.getProperty("user.home")); |
124 |
File keyfile = new File(home, ".gvsig-keys" + File.separatorChar |
125 |
+ "key.private");
|
126 |
if (keyfile.exists()) {
|
127 |
try {
|
128 |
loadPrivateKey(keyfile); |
129 |
} catch (Exception e) { |
130 |
// Ignore errors
|
131 |
} |
132 |
} |
133 |
} |
134 |
|
135 |
private PrivateKey loadPrivateKey(File key) { |
136 |
try {
|
137 |
byte[] rawkey; |
138 |
rawkey = loadFileAsByteArray(new FileInputStream(key)); |
139 |
EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(rawkey); |
140 |
KeyFactory keyFactory = KeyFactory.getInstance("DSA", "SUN"); |
141 |
this.privKey = keyFactory.generatePrivate(keySpec);
|
142 |
} catch (Exception e) { |
143 |
this.privKey = null; |
144 |
} |
145 |
return this.privKey; |
146 |
} |
147 |
|
148 |
private PublicKey loadPublicKey() { |
149 |
File home = new File(System.getProperty("user.home")); |
150 |
File keyfile = new File(home, ".gvsig-keys" + File.separatorChar |
151 |
+ "key.public");
|
152 |
if (keyfile.exists()) {
|
153 |
return loadPublicKey(loadFileAsByteArray(keyfile));
|
154 |
} |
155 |
return null; |
156 |
} |
157 |
private PublicKey loadPublicKey(byte[] rawkey) { |
158 |
try {
|
159 |
EncodedKeySpec keySpec = new X509EncodedKeySpec(rawkey); |
160 |
KeyFactory keyFactory;
|
161 |
keyFactory = KeyFactory.getInstance("DSA", "SUN"); |
162 |
this.pubKey = keyFactory.generatePublic(keySpec);
|
163 |
} catch (Exception e) { |
164 |
this.pubKey = null; |
165 |
} |
166 |
return this.pubKey; |
167 |
} |
168 |
|
169 |
private PublicKey getPublicKey() { |
170 |
return this.pubKey; |
171 |
} |
172 |
|
173 |
private PrivateKey getPrivateKey() { |
174 |
return this.privKey; |
175 |
} |
176 |
|
177 |
private byte[] loadFileAsByteArray(InputStream in) { |
178 |
byte[] alldata; |
179 |
try {
|
180 |
alldata = new byte[in.available()]; |
181 |
in.read(alldata); |
182 |
in.close(); |
183 |
} catch (Exception e) { |
184 |
e.printStackTrace(); |
185 |
return null; |
186 |
} |
187 |
return alldata;
|
188 |
} |
189 |
|
190 |
private byte[] loadFileAsByteArray(File file) { |
191 |
try {
|
192 |
return loadFileAsByteArray(new FileInputStream(file)); |
193 |
} catch (FileNotFoundException e) { |
194 |
e.printStackTrace(); |
195 |
return null; |
196 |
} |
197 |
} |
198 |
|
199 |
private String getData(byte[] alldata) { |
200 |
BufferedReader reader = new BufferedReader(new StringReader( |
201 |
new String(alldata))); |
202 |
StringWriter writer = new StringWriter(); |
203 |
String line;
|
204 |
try {
|
205 |
boolean inSignature = false; |
206 |
while ((line = reader.readLine()) != null) { |
207 |
if (inSignature) {
|
208 |
if (line.startsWith("## END SIGNATURE")) { |
209 |
inSignature = false;
|
210 |
} |
211 |
} else {
|
212 |
if (line.startsWith("## BEGIN SIGNATURE")) { |
213 |
inSignature = true;
|
214 |
} else {
|
215 |
writer.append(line); |
216 |
writer.append("\n");
|
217 |
} |
218 |
} |
219 |
} |
220 |
writer.close(); |
221 |
} catch (Exception e) { |
222 |
e.printStackTrace(); |
223 |
return null; |
224 |
} |
225 |
return writer.toString();
|
226 |
} |
227 |
|
228 |
private byte[] getSignature(byte[] alldata) { |
229 |
BufferedReader reader = new BufferedReader(new StringReader( |
230 |
new String(alldata))); |
231 |
StringWriter writer = new StringWriter(); |
232 |
String line;
|
233 |
try {
|
234 |
boolean inSignature = false; |
235 |
while ((line = reader.readLine()) != null) { |
236 |
if (inSignature) {
|
237 |
if (line.startsWith("## END SIGNATURE")) { |
238 |
inSignature = false;
|
239 |
} else {
|
240 |
writer.append(line); |
241 |
writer.append("\n");
|
242 |
} |
243 |
} else {
|
244 |
if (line.startsWith("## BEGIN SIGNATURE")) { |
245 |
inSignature = true;
|
246 |
} |
247 |
} |
248 |
} |
249 |
writer.close(); |
250 |
} catch (Exception e) { |
251 |
e.printStackTrace(); |
252 |
return null; |
253 |
} |
254 |
String s = writer.toString();
|
255 |
if (s.length() < 1) { |
256 |
return null; |
257 |
} |
258 |
Base64 coder = new Base64(60); |
259 |
return coder.decode(s);
|
260 |
} |
261 |
|
262 |
public void sign(File file) { |
263 |
Signature dsa;
|
264 |
Base64 coder = new Base64(60); |
265 |
|
266 |
try {
|
267 |
String data = getData(loadFileAsByteArray(file));
|
268 |
dsa = Signature.getInstance("SHA1withDSA", "SUN"); |
269 |
dsa.initSign(getPrivateKey()); |
270 |
dsa.update(data.getBytes()); |
271 |
|
272 |
String sig = coder.encodeAsString(dsa.sign());
|
273 |
String[] lines = sig.split("\n"); |
274 |
|
275 |
FileWriter fw = new FileWriter(file); |
276 |
fw.append(data); |
277 |
fw.append("## BEGIN SIGNATURE\n");
|
278 |
for (int i = 0; i < lines.length; i++) { |
279 |
fw.append("## ");
|
280 |
fw.append(lines[i]); |
281 |
fw.append("\n");
|
282 |
} |
283 |
fw.append("## END SIGNATURE\n");
|
284 |
fw.close(); |
285 |
|
286 |
} catch (Exception e) { |
287 |
e.printStackTrace(); |
288 |
} |
289 |
|
290 |
} |
291 |
|
292 |
public int verify(File file) { |
293 |
return verify(loadFileAsByteArray(file));
|
294 |
} |
295 |
|
296 |
public int verify(byte[] alldata) { |
297 |
try {
|
298 |
String data = getData(alldata);
|
299 |
byte[] signature = getSignature(alldata); |
300 |
if (signature == null) { |
301 |
return NOT_SIGNED;
|
302 |
} |
303 |
Signature dsa;
|
304 |
dsa = Signature.getInstance("SHA1withDSA", "SUN"); |
305 |
dsa.initVerify(getPublicKey()); |
306 |
dsa.update(data.getBytes()); |
307 |
if (!dsa.verify(signature)) {
|
308 |
return SIGN_FAIL;
|
309 |
} |
310 |
return SIGN_OK;
|
311 |
|
312 |
} catch (Exception e) { |
313 |
e.printStackTrace(); |
314 |
} |
315 |
return NOT_SIGNED;
|
316 |
} |
317 |
|
318 |
public void generateKeys() { |
319 |
try {
|
320 |
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA", |
321 |
"SUN");
|
322 |
SecureRandom random = SecureRandom.getInstance("SHA1PRNG", |
323 |
"SUN");
|
324 |
keyGen.initialize(1024, random);
|
325 |
|
326 |
KeyPair pair = keyGen.generateKeyPair();
|
327 |
PrivateKey privKey = pair.getPrivate();
|
328 |
PublicKey pubKey = pair.getPublic();
|
329 |
|
330 |
FileOutputStream fos;
|
331 |
fos = new FileOutputStream("key.private"); |
332 |
fos.write(privKey.getEncoded()); |
333 |
fos.close(); |
334 |
|
335 |
fos = new FileOutputStream("key.public"); |
336 |
fos.write(pubKey.getEncoded()); |
337 |
fos.close(); |
338 |
|
339 |
System.out
|
340 |
.println("Generados los ficheros key.private y key.public en la carpeta corriente.");
|
341 |
System.out
|
342 |
.println("Por defecto la aplicaccion las buscara en la carpeta $HOME/.gvsig-keys .");
|
343 |
} catch (Exception e) { |
344 |
e.printStackTrace(); |
345 |
} |
346 |
|
347 |
} |
348 |
|
349 |
public boolean canSign() { |
350 |
if( this.getPrivateKey() == null ) { |
351 |
return false; |
352 |
} |
353 |
return true; |
354 |
} |
355 |
|
356 |
public boolean canVerify() { |
357 |
if( this.getPublicKey() == null ) { |
358 |
return false; |
359 |
} |
360 |
return true; |
361 |
} |
362 |
|
363 |
|
364 |
} |