View Javadoc
1   /*
2    * Copyright 2001-2013 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   */
17  package org.apache.juddi.v3.client.cli;
18  
19  import java.util.concurrent.atomic.AtomicReference;
20  import org.apache.juddi.v3.client.config.UDDIClient;
21  import org.apache.juddi.v3.client.cryptor.DigSigUtil;
22  import org.apache.juddi.v3.client.transport.Transport;
23  import org.uddi.api_v3.*;
24  import org.uddi.v3_service.UDDIInquiryPortType;
25  import org.uddi.v3_service.UDDIPublicationPortType;
26  import org.uddi.v3_service.UDDISecurityPortType;
27  
28  /**
29   * This class shows you how to digitally sign a tmodel and verify the signature
30   *
31   * @author <a href="mailto:alexoree@apache.org">Alex O'Ree</a>
32   */
33  public class UddiDigitalSignatureTmodel {
34  
35          private UDDISecurityPortType security = null;
36          private UDDIInquiryPortType inquiry = null;
37          private UDDIPublicationPortType publish = null;
38          private UDDIClient clerkManager = null;
39  
40          /**
41           * This sets up the ws proxies using uddi.xml in META-INF
42           */
43          public UddiDigitalSignatureTmodel() {
44                  try {
45                          // create a manager and read the config in the archive; 
46                          // you can use your config file name
47                          clerkManager = new UDDIClient("META-INF/simple-publish-uddi.xml");
48                          Transport transport = clerkManager.getTransport();
49                          // Now you create a reference to the UDDI API
50                          security = transport.getUDDISecurityService();
51                          inquiry = transport.getUDDIInquiryService();
52                          publish = transport.getUDDIPublishService();
53                  } catch (Exception e) {
54                          e.printStackTrace();
55                  }
56          }
57  
58          /**
59           * Main entry point
60           *
61           * @param args
62           */
63          public static void main(String args[]) {
64                  UddiDigitalSignatureTmodel sp = new UddiDigitalSignatureTmodel();
65                  sp.fire(null, null);
66          }
67  
68          public void fire(String token, String key) {
69                  try {
70                          DigSigUtil ds = null;
71  
72                          //option 1), set everything manually
73                          ds = new DigSigUtil();
74                          ds.put(DigSigUtil.SIGNATURE_KEYSTORE_FILE, "keystore.jks");
75                          ds.put(DigSigUtil.SIGNATURE_KEYSTORE_FILETYPE, "JKS");
76                          ds.put(DigSigUtil.SIGNATURE_KEYSTORE_FILE_PASSWORD, "Test");
77                          ds.put(DigSigUtil.SIGNATURE_KEYSTORE_KEY_ALIAS, "Test");
78                          ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_BASE64, "true");
79  
80                          ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_SERIAL, "true");
81                          ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_SUBJECTDN, "true");
82                          ds.put(DigSigUtil.TRUSTSTORE_FILE, "truststore.jks");
83                          ds.put(DigSigUtil.TRUSTSTORE_FILETYPE, "JKS");
84                          ds.put(DigSigUtil.TRUSTSTORE_FILE_PASSWORD, "Test");
85  
86                          //option 2), load it from the juddi config file
87                          //ds = new DigSigUtil(clerkManager.getClientConfig().getDigitalSignatureConfiguration());
88                          //login
89                          if (token == null) //option, load from juddi config
90                          {
91                                  token = getAuthKey(clerkManager.getClerk("default").getPublisher(),
92                                          clerkManager.getClerk("default").getPassword());
93                          }
94                          if (key==null){
95                                  SaveTModel stm = new SaveTModel();
96                                  stm.setAuthInfo(token);
97                                  TModel tm = new TModel();
98                                  tm.setName(new Name("my cool signed tmodel", null));
99                                  stm.getTModel().add(tm);
100                                 TModelDetail saveTModel = publish.saveTModel(stm);
101                                 key = saveTModel.getTModel().get(0).getTModelKey();
102                         }
103 
104                         TModel be = getTmodelDetails(key);
105                         if (!be.getSignature().isEmpty())
106                         {
107                                 System.out.println("WARN, the entity with the key " + key + " is already signed! aborting");
108                                 return;
109                         }
110                         
111                         //DigSigUtil.JAXB_ToStdOut(be);
112                         System.out.println("signing");
113                         TModel signUDDI_JAXBObject = ds.signUddiEntity(be);
114                         DigSigUtil.JAXB_ToStdOut(signUDDI_JAXBObject);
115                         System.out.println("signed, saving");
116 
117                         SaveTModel sb = new SaveTModel();
118                         sb.setAuthInfo(token);
119                         sb.getTModel().add(signUDDI_JAXBObject);
120                         publish.saveTModel(sb);
121                         System.out.println("saved, fetching");
122 
123                         be = getTmodelDetails(key);
124                         DigSigUtil.JAXB_ToStdOut(be);
125                         System.out.println("verifing");
126                         AtomicReference<String> msg = new AtomicReference<String>();
127                         boolean verifySigned_UDDI_JAXB_Object = ds.verifySignedUddiEntity(be, msg);
128                         if (verifySigned_UDDI_JAXB_Object) {
129                                 System.out.println("signature validation passed (expected)");
130                         } else {
131                                 System.out.println("signature validation failed (not expected)");
132                         }
133                         System.out.println(msg.get());
134 
135                 } catch (Exception e) {
136                         e.printStackTrace();
137                 }
138         }
139 
140         private TModel getTmodelDetails(String key) throws Exception {
141                 //   BusinessInfo get
142                 GetTModelDetail r = new GetTModelDetail();
143                 r.getTModelKey().add(key);
144                 return inquiry.getTModelDetail(r).getTModel().get(0);
145         }
146 
147         /**
148          * Gets a UDDI style auth token, otherwise, appends credentials to the
149          * ws proxies (not yet implemented)
150          *
151          * @param username
152          * @param password
153          * @param style
154          * @return
155          */
156         private String getAuthKey(String username, String password) {
157                 try {
158 
159                         GetAuthToken getAuthTokenRoot = new GetAuthToken();
160                         getAuthTokenRoot.setUserID(username);
161                         getAuthTokenRoot.setCred(password);
162 
163                         // Making API call that retrieves the authentication token for the 'root' user.
164                         AuthToken rootAuthToken = security.getAuthToken(getAuthTokenRoot);
165                         System.out.println("root AUTHTOKEN = " + "don't log auth tokens!");
166                         return rootAuthToken.getAuthInfo();
167                 } catch (Exception ex) {
168                         System.out.println("Could not authenticate with the provided credentials " + ex.getMessage());
169                 }
170                 return null;
171         }
172 }