General Actions:
Log-in
Register
Wiki:
webid
▼
:
Document Index
»
Space:
WebId
▼
:
Document Index
»
Page:
CreateCert
Search
Page Actions:
Export
▼
:
Export as PDF
Export as ODT
Export as RTF
Export as HTML
More actions
▼
:
Print preview
View Source
Create your WebId Certificate
Wiki source code of
Create your WebId Certificate
Last modified by
Sub Proletarian
on 2012/04/07 04:45
Content
·
Comments
(4)
·
Annotations
(0)
·
Attachments
(0)
·
History
·
Information
Hide line numbers
1: {{velocity}} 2: $xwiki.jsx.use("WebId.CreateCert") 3: {{html}} 4: <script type="text/javascript"> 5: document.observe("dom:loaded", function() { 6: configurePage(); 7: }); 8: if (typeof XMLHttpRequest == "undefined") { 9: XMLHttpRequest = function () { 10: try { return new ActiveXObject("Msxml2.XMLHTTP.6.0"); } 11: catch (e1) {} 12: try { return new ActiveXObject("Msxml2.XMLHTTP.3.0"); } 13: catch (e2) {} 14: try { return new ActiveXObject("Msxml2.XMLHTTP"); } 15: catch (e3) {} 16: //Microsoft.XMLHTTP points to Msxml2.XMLHTTP.3.0 and is redundant 17: throw new Error("This browser does not support XMLHttpRequest."); 18: }; 19: } 20: </script> 21: {{/html}} 22: #set ( $nodebug = $request.getParameter("nodebug") ) 23: #set( $foafssl = $services.foafssl ) 24: #set( $homepage = $xwiki.getDocument($context.user) ) 25: #set( $addKey = true ) 26: $xwiki.jsx.use("WebId.CreateCert") 27: 28: #set( $incomplete = ($request.getParameterMap().isEmpty() || $nodebug) ) 29: 30: #if(! $!xwiki.exists("WebId.RSAPubKeyClass")) 31: 32: You need to create the WebId.RSAPubKeyClass 33: It should come with this installation's XAR file. If not you can [[create it here>>WebId.RSAPubKeyClass]] with the following properties: 34: * A hexModulus TextArea 35: * An intExponent NumberField 36: * A name String Field 37: * A validTo and validFrom date Field 38: #elseif ( $incomplete ) 39: {{html clean="false"}} 40: <div id="iehelptext" style="display: none;"> 41: <p>Using Internet Explorer under Windows Vista or above or Windows 42: Server 2008, you need to configure the following for this to work:</p> 43: <ul> 44: <li>Add this site to the <i>Trusted Sites</i> list: in Internet 45: Options -> Security -> Trusted Sites -> Sites -> Add ...</li> 46: <li>You may need to configure the trust level (in this tab), using 47: <i>Custom Level...</i>: enable <i>Initialize and script ActiveX 48: controls not marked as safe for scripting</i>.</li> 49: <li>If you are using Windows Vista without SP1 or above, you will 50: probably need to install <a href="cacert.crt">this certificate</a> as a 51: Trusted Root Certification Authority Certificate for your own 52: certificate installation to succeed. You should probably remove that 53: trusted root CA certificate afterwards.</li> 54: </ul> 55: </div> 56: 57: <form id="keygenform" action="" method="post"> 58: <table width="95%"> 59: <tr> 60: <td>Common Name: </td> 61: #set($cn = $request.getParameter("cn")) 62: <td><input name="cn" size="30" id="cn" type="text" value="$!cn" /></td> 63: </tr> 64: <tr> 65: <td>WebID: </td> 66: <td><input name="webid" size="60" id="webid" type="text" value="${homepage.getExternalURL()}#me"/></td> 67: </tr> 68: <tr> 69: <td>Key strength: </td> 70: <td id="keystrenghtd"><keygen id="spkac" name="spkac" challenge="TheChallenge1"/></td> 71: </tr> 72: <tr> 73: <td>Valid for: <br/> 74: (defaults to 1 year)</td> 75: <td><input type="text" name="hours" value="0.0" size="4"/> hours<br/> 76: <input type="text" name="days" value="356" size="4"/> days </td> 77: </tr> 78: #if (!$nodebug) 79: <tr> 80: <td>Debug: </td> 81: <td><input type="checkbox" name="viewParams" value="yes" /> view parameters<br/> 82: <input type="checkbox" name="showCert" value="yes" /> show certificate<br/> 83: <input type="checkbox" name="makeKeyObj" value="yes" /> create local objects<br/> 84: <input type="checkbox" name="nodebug" value="yes" /> simulate input from a personal profile document<br/> 85: </td> 86: </tr> 87: #end 88: <tr> 89: <td colspan="2"> 90: #if ($nodebug) 91: Clicking the submit button will start the following sequence of events: 92: #else 93: If none of the above debug options are checked then the following will happen on clicking submit: 94: #end 95: <ol> 96: <li>your browser will create a public/private key pair</li> 97: <li>send us your public key, in what is known as a <a href="http://en.wikipedia.org/wiki/Certification_request">certification request</a> along with information from the form above</li> 98: <li>we will create a certificate with the parameters specified</li> 99: <li>it will be returned to you and your browser will match it with your private key and add the pair to your keychain</li> 100: <li>a <a href="$xwiki.getDocument('WebId.RSAPubKeyClass').getURL('edit','editor=class')">WebId.RSAPubKeyClass</a> object will be created in <a href="$homepage.getURL()">your public profile</a>, which you will then see clearly in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>. Your profile should also have an RDF view of the key.</li> 101: </ol> 102: </td> 103: </tr> 104: </table> 105: <input id="keygensubmit" type="submit" value="submit certificate request" /> 106: </form> 107: <p>To test your certificate try some of <a href="http://esw.w3.org/topic/foaf+ssl/RelyingParties">the services listed here</a>.</p> 108: {{/html}} 109: #elseif($request.getParameter('viewParams') eq "yes") 110: #foreach($key in $request.parameterNames) 111: $key = $request.getParameter($key) 112: #end 113: #set( $addKey = false ) 114: #end 115: 116: #if (!$nodebug) #### if we come from the user's page we don't create a key 117: 118: #if( $request.csrdata ) ## for Microsoft Browsers (see javascript rewriting of html) 119: #set( $cert = $foafssl.createFromPEM( $request.csrdata ) ) 120: #elseif( $request.spkac ) 121: #set( $cert = $foafssl.createFromSpkac( $request.spkac ) ) 122: #end 123: #if ($cert) 124: #set( $pk = $cert.getSubjectPublicKey() ) 125: 126: $cert.setSubjectWebID( $request.webid ) 127: $cert.setSubjectCommonName( $request.cn ) 128: 129: #set ($hours = $request.getParameter('hours') ) 130: $cert.startEarlier("2") 131: 132: #if ($hours && $hours ne "") 133: $cert.addDurationInHours( $hours) 134: #end 135: 136: #set ($days = $request.getParameter('days') ) 137: #if ($days && $days ne "") 138: $cert.addDurationInDays( $days ) 139: #end 140: 141: #set($s = $cert.getSerialisation()) 142: 143: #if( $request.getParameter('showCert') eq "yes") 144: The certificate that would have been sent back to you is: 145: mime-type: $s.getMimeType() 146: Content-Length: $s.getLength() 147: 148: cert = $s.toString() 149: #set( $addKey = false ) 150: #end 151: #if ( $addKey ) ## up to here if addKey is still true, then we are creating a cert 152: $s.writeTo( $response ) 153: $context.setFinished(true) 154: #end 155: 156: #if ( $request.getParameter('makeKeyObj') eq "yes" ) 157: The Public Key, that will be stored on the server is: 158: * hex= $pk.getHexModulus() 159: * int= $pk.getIntExponent() 160: {{html}}More info in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>{{/html}} 161: #set( $addKey = true ) 162: #end 163: 164: #if ( $addKey && ($request.getParameter('webid') eq "${homepage.getExternalURL()}#me") ) 165: ## create and save the public key to the user's profile page 166: #set( $rsaKey = $homepage.newObject("WebId.RSAPubKeyClass")) 167: $!rsaKey.set("hexModulus", $pk.getHexModulus() ) 168: $!rsaKey.set("intExponent", $pk.getIntExponent() ) 169: $!rsaKey.set("name", $request.getParameter('cn') ) 170: $!rsaKey.set("validFrom", $cert.getStartDate() ) 171: $!rsaKey.set("validTo", $cert.getEndDate() ) 172: $!homepage.save() 173: #end 174: #end 175: #end 176: 177: {{/velocity}}
