📄 encryptandsign.java
字号:
/*
Name: EncryptAndSign.java
Licensing: LGPL
API: Sun (http://java.sun.com) JCE 1.2.2 API (cleanroom implementation by Bouncy Castle)
Provider: Bouncy Castle (http://www.bouncycastle.org)
Disclaimer:
COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND,
EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE
IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE
RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE
PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR)
ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY
CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED CODE IS AUTHORIZED
HEREUNDER EXCEPT UNDER THIS DISCLAIMER.
*/
package net.sourceforge.jcetaglib.taglib.crypto;
import net.sourceforge.jcetaglib.lib.CertTools;
import net.sourceforge.jcetaglib.lib.Clean;
import net.sourceforge.jcetaglib.lib.Hybrid;
import net.sourceforge.jcetaglib.lib.X509Cert;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.JspWriter;
import javax.servlet.jsp.PageContext;
import javax.servlet.jsp.tagext.BodyTagSupport;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
/**
* JSP tag used for encrypting & signing data
*
* @jsp.tag
* name="encryptandsign"
* display-name="EncryptAndSign"
* body-content="JSP"
* example="
* <jce:encryptandsign
* 	var=\"foralice\"
* 	value=\"<%= new StringBuffer(\"Encrypt this string\") %>\"
* 	scope=\"page\"
* 	storefile=\"C:/keystores/bob.p12\"
* 	storeentry=\"user\"
* 	storepassword=\"<%= new StringBuffer(\"password\") %>\"
* 	recpemfile=\"C:/keystores/alice.cert\"/>"
*
* description="JSP tag used for encrypting & signing data"
*
* @author Gert Van Ham
* @author hamgert@users.sourceforge.net
* @author http://jcetaglib.sourceforge.net
* @version $Id: EncryptAndSign.java,v 1.5 2004/04/15 07:28:35 hamgert Exp $
*/
public class EncryptAndSign extends BodyTagSupport {
private static final String PAGE = "page";
private static final String REQUEST = "request";
private static final String SESSION = "session";
private static final String APPLICATION = "application";
private StringBuffer value; // tag attribute
private String var; // tag attribute
private int scope = PageContext.PAGE_SCOPE; // tag attribute
private String file; // tag attribute
private String newfile; // tag attribute
private String signame = "MD5withRSA"; // tag attribute
private String algorithm = "AES"; // tag attribute
private String seed; // tag attribute
private int strength = 256; // tag attribute
private String mode = "CBC"; // tag attribute
private String padding = "PKCS7Padding"; // tag attribute
/* Attributes for sender's X.509 keystore */
// P12 keystore
private String storefile; // tag attribute
private String storeentry; // tag attribute
private StringBuffer storepassword; // tag attribute
/* Attributes for receiver's certificate */
// receiver's certificate as string
private String recpemstring; // tag attribute
// ... OR as PEM file
private String recpemfile; // tag attribute
private StringBuffer input; // what we'll store in scope:var
private StringBuffer output; // return text
public static int getScope(String scope) {
int ret = PageContext.PAGE_SCOPE; // default
if (REQUEST.equalsIgnoreCase(scope))
ret = PageContext.REQUEST_SCOPE;
else if (SESSION.equalsIgnoreCase(scope))
ret = PageContext.SESSION_SCOPE;
else if (APPLICATION.equalsIgnoreCase(scope))
ret = PageContext.APPLICATION_SCOPE;
else if (PAGE.equalsIgnoreCase(scope))
ret = PageContext.PAGE_SCOPE;
return ret;
} //getScope()
public int doEndTag() throws JspException {
X509Certificate cert = null;
X509Certificate reccert = null;
PrivateKey signingKey = null;
// determine the value by...
if (value != null) {
// ... reading our attribute
input = value;
} else {
// ... retrieving and trimming our body
if (bodyContent == null || bodyContent.getString() == null) {
input = new StringBuffer("");
} else {
input = new StringBuffer(bodyContent.getString().trim());
}
}
// retrieve the sender's private key (for signing) & public key
try {
signingKey = X509Cert.getPrivateFromP12(storefile, storeentry, storepassword);
cert = X509Cert.getCertificateFromP12(storefile, storeentry, storepassword);
} catch (Exception e) {
throw new JspException("JCE Exception - keystore could not be loaded: " + e.getMessage(), e);
}
// loading the receiver's public key
try {
if (recpemfile == null || recpemfile == "") {
// use PEM string
InputStream pemstream = new ByteArrayInputStream(recpemstring.getBytes());
reccert = CertTools.getCertfromPEM(pemstream);
} else {
// use PEM store
reccert = CertTools.getCertfromPEM(recpemfile);
}
} catch (Exception e) {
throw new JspException("JCE Exception - PEM could not be loaded: " + e.getMessage(), e);
}
// encrypt and sign
try {
if (file != null) {
if (seed == null) {
Hybrid.encryptFileAndSign(file
, newfile
, reccert.getPublicKey()
, signingKey
, cert
, signame
, algorithm
, null
, strength
, mode
, padding);
} else {
Hybrid.encryptFileAndSign(file
, newfile
, reccert.getPublicKey()
, signingKey
, cert
, signame
, algorithm
, seed.getBytes()
, strength
, mode
, padding);
}
} else {
if (seed == null) {
output = Hybrid.encryptAndSign(input
, reccert.getPublicKey()
, signingKey
, cert
, signame
, algorithm
, null
, strength
, mode
, padding);
} else {
output = Hybrid.encryptAndSign(input
, reccert.getPublicKey()
, signingKey
, cert
, signame
, algorithm
, seed.getBytes()
, strength
, mode
, padding);
}
}
} catch (Exception e) {
throw new JspException("JCE Exception: " + e.getMessage(), e);
}
// decide what to do with the result
if (var != null) {
if (output != null) {
pageContext.setAttribute(var, output, scope);
}
} else {
if (file == null || file == "") {
if (bodyContent != null) {
bodyContent.clearBody();
}
try {
JspWriter w = pageContext.getOut();
w.print(output);
} catch (IOException ex) {
throw new JspException(ex.getMessage(), ex);
}
}
}
signingKey = null;
return EVAL_PAGE;
}
public void release() {
// Cleanup all sensitive information
Clean.blank(value);
Clean.blank(storepassword);
Clean.blank(input);
Clean.blank(output);
super.release();
} //release()
/**
* @jsp.attribute
* description="Optional attribute, the string to encrypt or decrypt. The body of the tag will be taken if omitted"
* type="java.lang.StringBuffer"
* required="false"
* rtexprvalue="true"
*/
public void setValue(StringBuffer value) {
this.value = value;
}
public StringBuffer getValue() {
return value;
}
/**
* @jsp.attribute
* description="Optional attribute, variable to store the encrypted string. The string will be printed if omitted"
* type="java.lang.String"
* required="false"
* rtexprvalue="false"
*/
public void setVar(String var) {
this.var = var;
}
public String getVar() {
return var;
}
/**
* @jsp.attribute
* description="Scope of the 'var' attribute. Can be 'page', 'session', 'request' or 'application'. Default is 'page'"
* type="java.lang.String"
* required="false"
* rtexprvalue="false"
*/
public void setScope(String scope) {
this.scope = getScope(scope);
}
/**
* @jsp.attribute
* description="The signature algorithm. Default is 'MD5withRSA'"
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setSigname(String signame) {
this.signame = signame;
}
/**
* @jsp.attribute
* description="The key algorithm. Default is 'AES'"
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setAlgorithm(String algorithm) {
this.algorithm = algorithm;
}
/**
* @jsp.attribute
* description="Optional seed for SecureRandom "
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setSeed(String seed) {
this.seed = seed;
}
/**
* @jsp.attribute
* description="The key size in bits (integer value). Values depends on the used algorithm (see next paragraph). Default is 256 (for AES)"
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setStrength(int strength) {
this.strength = strength;
}
/**
* @jsp.attribute
* description="Encryption mode. Default is 'CBC'"
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setMode(String mode) {
this.mode = mode;
}
/**
* @jsp.attribute
* description="Padding scheme. Default is 'PKCS7Padding'"
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setPadding(String padding) {
this.padding = padding;
}
/**
* @jsp.attribute
* description="The PKCS#12 (P12) keystore where the private key is stored"
* type="java.lang.String"
* required="true"
* rtexprvalue="true"
*/
public void setStorefile(String storefile) {
this.storefile = storefile;
}
/**
* @jsp.attribute
* description="The PKCS#12 (P12) keystore entry name for private key"
* type="java.lang.String"
* required="true"
* rtexprvalue="true"
*/
public void setStoreentry(String storeentry) {
this.storeentry = storeentry;
}
/**
* @jsp.attribute
* description="The PKCS#12 (P12) keystore password"
* type="java.lang.StringBuffer"
* required="true"
* rtexprvalue="true"
*/
public void setStorepassword(StringBuffer storepassword) {
this.storepassword = storepassword;
}
/**
* @jsp.attribute
* description="The receiver's certificate stored in a PEM file"
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setRecpemfile(String recpemfile) {
this.recpemfile = recpemfile;
}
/**
* @jsp.attribute
* description="The receiver's certificate as a PEM formatted string"
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setRecpemstring(String recpemstring) {
this.recpemstring = recpemstring;
}
/**
* @jsp.attribute
* description="Encrypts a file instead of a string"
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setFile(String file) {
this.file = file;
}
/**
* @jsp.attribute
* description="File(name) to store the encrypted data"
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setNewfile(String newfile) {
this.newfile = newfile;
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -