XWiki - WebId - Create your WebId Certificate

<li>send us your public key, in what is known as a <a href="http://en.wikipedia.org/wiki/Certification_request">certification request</a> along with information from the form above</li>

97

<li>we will create a certificate with the parameters specified</li>

98

<li>it will be returned to you and your browser will match it with your private key and add the pair to your keychain</li>

99

<li>a <a href="$xwiki.getDocument('WebId.RSAPubKeyClass').getURL('edit','editor=class')">WebId.RSAPubKeyClass</a> object will be created in <a href="$homepage.getURL()">your public profile</a>, which you will then see clearly in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>. Your profile should also have an RDF view of the key.</li>

</ol>

</td>

</tr>

</table>

</form>

<p>To test your certificate try some of <a href="http://esw.w3.org/topic/foaf+ssl/RelyingParties">the services listed here</a>.</p>

107

108

#elseif($request.getParameter('viewParams') eq "yes")

109

#foreach($key in $request.parameterNames)

110

$key = $request.getParameter($key)

111

#end

112

#set( $addKey = false )

113

#end

114

115

#if (!$nodebug) #### if we come from the user's page we don't create a key

116

117

#if( $request.csrdata ) ## for Microsoft Browsers (see javascript rewriting of html)

118

#set( $cert = $foafssl.createFromPEM( $request.csrdata ) )

119

#elseif( $request.spkac )

120

#set( $cert = $foafssl.createFromSpkac( $request.spkac ) )

121

#end

122

#if ($cert)

123

#set( $pk = $cert.getSubjectPublicKey() )

124

125

$cert.setSubjectWebID( $request.webid )

126

$cert.setSubjectCommonName( $request.cn )

127

128

#set ($hours = $request.getParameter('hours') )

129

#if ($hours && $hours ne "")

130

$cert.addDurationInHours( $hours )

131

#end

132

133

#set ($days = $request.getParameter('days') )

134

#if ($days && $days ne "")

135

$cert.addDurationInDays( $days )

136

#end

137

138

#set( $startTme = $xwiki.jodatime.getMutableDateTime() )

139

$startTme.add( -7200000 )

140

$cert.setStartDate( $startTme.toDate() )

141

142

143

#set($s = $cert.getSerialisation())

144

145

#if( $request.getParameter('showCert') eq "yes")

146

The certificate that would have been sent back to you is:

147

mime-type: $s.getMimeType()

148

Content-Length: $s.getLength()

149

150

cert = $s.toString()

151

#set( $addKey = false )

152

#end

153

#if ( $addKey ) ## up to here if addKey is still true, then we are creating a cert

154

$s.writeTo( $response )

155

$context.setFinished(true)

156

#end

157

158

#if ( $request.getParameter('makeKeyObj') eq "yes" )

159

The Public Key, that will be stored on the server is:

160

* hex= $pk.getHexModulus()

161

* int= $pk.getIntExponent()

162

{{html}}More info in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>{{/html}}

163

#set( $addKey = true )

164

#end

165

166

#if ( $addKey && ($request.getParameter('webid') eq "${homepage.getExternalURL()}#me") )

167

## create and save the public key to the user's profile page

168

#set( $rsaKey = $homepage.newObject("WebId.RSAPubKeyClass"))

169

$!rsaKey.set("hexModulus", $pk.getHexModulus() )

170

$!rsaKey.set("intExponent", $pk.getIntExponent() )

171

$!rsaKey.set("name", $request.getParameter('cn') )

172

$!rsaKey.set("validFrom", $cert.getStartDate() )

173

$!rsaKey.set("validTo", $cert.getEndDate() )

$!homepage.save()

#end

#end

#end

author	version	line-number	content
		1	{{velocity}}
		2	$xwiki.jsx.use("WebId.CreateCert")
		3	{{html}}
		4	<script type="text/javascript">
		5	document.observe("dom:loaded", function() {
		6	configurePage();
		7	});
		8	if (typeof XMLHttpRequest == "undefined") {
		9	XMLHttpRequest = function () {
		10	try { return new ActiveXObject("Msxml2.XMLHTTP.6.0"); }
		11	catch (e1) {}
		12	try { return new ActiveXObject("Msxml2.XMLHTTP.3.0"); }
		13	catch (e2) {}
		14	try { return new ActiveXObject("Msxml2.XMLHTTP"); }
		15	catch (e3) {}
		16	//Microsoft.XMLHTTP points to Msxml2.XMLHTTP.3.0 and is redundant
		17	throw new Error("This browser does not support XMLHttpRequest.");
		18	};
		19	}
		20	</script>
		21	{{/html}}
		22	#set ( $nodebug = $request.getParameter("nodebug") )
		23	#set( $foafssl = $services.foafssl )
		24	#set( $homepage = $xwiki.getDocument($context.user) )
		25	#set( $addKey = true )
		26	$xwiki.jsx.use("WebId.CreateCert")
		27
		28	#set( $incomplete = ($request.getParameterMap().isEmpty() \|\| $nodebug) )
		29
		30	#if(! $!xwiki.exists("WebId.RSAPubKeyClass"))
		31
		32	You need to create the WebId.RSAPubKeyClass
		33	It should come with this installation's XAR file. If not you can [[create it here>>WebId.RSAPubKeyClass]] with the following properties:
		34	* A hexModulus TextArea
		35	* An intExponent NumberField
		36	* A name String Field
		37	* A validTo and validFrom date Field
		38	#elseif ( $incomplete )
		39	{{html clean="false"}}
		40	<div id="iehelptext" style="display: none;">
		41	<p>Using Internet Explorer under Windows Vista or above or Windows
		42	Server 2008, you need to configure the following for this to work:</p>
		43	<ul>
		44	<li>Add this site to the <i>Trusted Sites</i> list: in Internet
		45	Options -> Security -> Trusted Sites -> Sites -> Add ...</li>
		46	<li>You may need to configure the trust level (in this tab), using
		47	<i>Custom Level...</i>: enable <i>Initialize and script ActiveX
		48	controls not marked as safe for scripting</i>.</li>
		49	<li>If you are using Windows Vista without SP1 or above, you will
		50	probably need to install <a href="cacert.crt">this certificate</a> as a
		51	Trusted Root Certification Authority Certificate for your own
		52	certificate installation to succeed. You should probably remove that
		53	trusted root CA certificate afterwards.</li>
		54	</ul>
		55	</div>
		56	<form id="keygenform" action="" method="post">
		57	<table width="95%">
		58	<tr>
		59	<td>Common Name: </td>
		60	#set($cn = $request.getParameter("cn"))
		61	<td><input name="cn" size="30" id="cn" type="text" value="$!cn" /></td>
		62	</tr>
		63	<tr>
		64	<td>WebID: </td>
		65	<td><input name="webid" size="60" id="webid" type="text" value="${homepage.getExternalURL()}#me"/></td>
		66	</tr>
		67	<tr>
		68	<td>Key strength: </td>
		69	<td id="keystrenghtd"><keygen id="spkac" name="spkac" challenge="TheChallenge1"/></td>
		70	</tr>
		71	<tr>
		72	<td>Valid for: <br/>
		73	(defaults to 1 year)</td>
		74	<td><input type="text" name="hours" value="0.0" size="4"/> hours<br/>
		75	<input type="text" name="days" value="0" size="4"/> days </td>
		76	</tr>
		77	#if (!$nodebug)
		78	<tr>
		79	<td>Debug: </td>
		80	<td><input type="checkbox" name="viewParams" value="yes" /> view parameters<br/>
		81	<input type="checkbox" name="showCert" value="yes" /> show certificate<br/>
		82	<input type="checkbox" name="makeKeyObj" value="yes" /> create local objects<br/>
		83	<input type="checkbox" name="nodebug" value="yes" /> simulate input from a personal profile document<br/>
		84	</td>
		85	</tr>
		86	#end
		87	<tr>
		88	<td colspan="2">
		89	#if ($nodebug)
		90	Clicking the submit button will start the following sequence of events:
		91	#else
		92	If none of the above debug options are checked then the following will happen on clicking submit:
		93	#end
		94	<ol>
		95	<li>your browser will create a public/private key pair</li>
		96	<li>send us your public key, in what is known as a <a href="http://en.wikipedia.org/wiki/Certification_request">certification request</a> along with information from the form above</li>
		97	<li>we will create a certificate with the parameters specified</li>
		98	<li>it will be returned to you and your browser will match it with your private key and add the pair to your keychain</li>
		99	<li>a <a href="$xwiki.getDocument('WebId.RSAPubKeyClass').getURL('edit','editor=class')">WebId.RSAPubKeyClass</a> object will be created in <a href="$homepage.getURL()">your public profile</a>, which you will then see clearly in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>. Your profile should also have an RDF view of the key.</li>
		100	</ol>
		101	</td>
		102	</tr>
		103	</table>
		104	<input id="keygensubmit" type="submit" value="submit certificate request" />
		105	</form>
		106	<p>To test your certificate try some of <a href="http://esw.w3.org/topic/foaf+ssl/RelyingParties">the services listed here</a>.</p>
		107	{{/html}}
		108	#elseif($request.getParameter('viewParams') eq "yes")
		109	#foreach($key in $request.parameterNames)
		110	$key = $request.getParameter($key)
		111	#end
		112	#set( $addKey = false )
		113	#end
		114
		115	#if (!$nodebug) #### if we come from the user's page we don't create a key
		116
		117	#if( $request.csrdata ) ## for Microsoft Browsers (see javascript rewriting of html)
		118	#set( $cert = $foafssl.createFromPEM( $request.csrdata ) )
		119	#elseif( $request.spkac )
		120	#set( $cert = $foafssl.createFromSpkac( $request.spkac ) )
		121	#end
		122	#if ($cert)
		123	#set( $pk = $cert.getSubjectPublicKey() )
		124
		125	$cert.setSubjectWebID( $request.webid )
		126	$cert.setSubjectCommonName( $request.cn )
		127
		128	#set ($hours = $request.getParameter('hours') )
		129	#if ($hours && $hours ne "")
		130	$cert.addDurationInHours( $hours )
		131	#end
		132
		133	#set ($days = $request.getParameter('days') )
		134	#if ($days && $days ne "")
		135	$cert.addDurationInDays( $days )
		136	#end
		137
		138	#set( $startTme = $xwiki.jodatime.getMutableDateTime() )
		139	$startTme.add( -7200000 )
		140	$cert.setStartDate( $startTme.toDate() )
		141
		142
		143	#set($s = $cert.getSerialisation())
		144
		145	#if( $request.getParameter('showCert') eq "yes")
		146	The certificate that would have been sent back to you is:
		147	mime-type: $s.getMimeType()
		148	Content-Length: $s.getLength()
		149
		150	cert = $s.toString()
		151	#set( $addKey = false )
		152	#end
		153	#if ( $addKey ) ## up to here if addKey is still true, then we are creating a cert
		154	$s.writeTo( $response )
		155	$context.setFinished(true)
		156	#end
		157
		158	#if ( $request.getParameter('makeKeyObj') eq "yes" )
		159	The Public Key, that will be stored on the server is:
		160	* hex= $pk.getHexModulus()
		161	* int= $pk.getIntExponent()
		162	{{html}}More info in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>{{/html}}
		163	#set( $addKey = true )
		164	#end
		165
		166	#if ( $addKey && ($request.getParameter('webid') eq "${homepage.getExternalURL()}#me") )
		167	## create and save the public key to the user's profile page
		168	#set( $rsaKey = $homepage.newObject("WebId.RSAPubKeyClass"))
		169	$!rsaKey.set("hexModulus", $pk.getHexModulus() )
		170	$!rsaKey.set("intExponent", $pk.getIntExponent() )
		171	$!rsaKey.set("name", $request.getParameter('cn') )
		172	$!rsaKey.set("validFrom", $cert.getStartDate() )
		173	$!rsaKey.set("validTo", $cert.getEndDate() )
		174	$!homepage.save()
		175	#end
		176	#end
		177	#end
		178
		179	{{/velocity}}

Wiki source code of Create your WebId Certificate