XWiki - WebId - Create your WebId Certificate

<li>send us your public key, in what is known as a <a href="http://en.wikipedia.org/wiki/Certification_request">certification request</a> along with information from the form above</li>

86

<li>we will create a certificate with the parameters specified</li>

87

<li>it will be returned to you and your browser will match it with your private key and add the pair to your keychain</li>

88

<li>a <a href="$xwiki.getDocument('WebId.RSAPubKeyClass').getURL('edit','editor=class')">WebId.RSAPubKeyClass</a> object will be created in <a href="$homepage.getURL()">your public profile</a>, which you will then see clearly in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>. Your profile should also have an RDF view of the key.</li>

</ol>

</td>

</tr>

</table>

</form>

<p>To test your certificates try some of <a href="http://esw.w3.org/topic/foaf+ssl">the foaf+ssl test pages</a>.</p>

96

97

#elseif($request.getParameter('viewParams') eq "yes")

98

#foreach($key in $request.parameterNames)

99

$key = $request.getParameter($key)

100

#end

101

#set( $addKey = false )

102

#end

103

104

#if( $request.csrdata ) ## for Microsoft Browsers (see javascript rewriting of html)

105

#set( $cert = $foafssl.createFromPEM( $request.csrdata ) )

106

#elseif( $request.spkac )

107

#set( $cert = $foafssl.createFromSpkac( $request.spkac ) )

108

#end

109

#if ($cert)

110

#set( $pk = $cert.getSubjectPublicKey() )

111

112

$cert.setSubjectWebID( $request.webid )

113

$cert.setSubjectCommonName( $request.cn )

114

115

#set ($hours = $request.getParameter('hours') )

116

#if ($hours && $hours ne "")

117

$cert.addDurationInHours( $hours )

118

#end

119

120

#set ($days = $request.getParameter('days') )

121

#if ($days && $days ne "")

122

$cert.addDurationInDays( $days )

123

#end

124

125

#set($s = $cert.getSerialisation())

126

127

#if( $request.getParameter('showCert') eq "yes")

128

The certificate that would have been sent back to you is:

129

mime-type: $s.getMimeType()

130

Content-Length: $s.getLength()

131

132

cert = $s.toString()

133

#set( $addKey = false )

134

#end

135

#if ( $addKey ) ## up to here if addKey is still true, then we are creating a cert

136

$s.writeTo( $response )

137

$context.setFinished(true)

138

#end

139

140

#if ( $request.getParameter('makeKeyObj') eq "yes" )

141

The Public Key, that will be stored on the server is:

142

* hex= $pk.getHexModulus()

143

* int= $pk.getIntExponent()

144

{{html}}More info in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>{{/html}}

145

#set( $addKey = true )

#end

#if ( $addKey )

## create and save the public key to the user's profile page

150

#set( $rsaKey = $homepage.newObject("WebId.RSAPubKeyClass"))

151

$!rsaKey.set("hexModulus", $pk.getHexModulus() )

152

$!rsaKey.set("intExponent", $pk.getIntExponent() )

153

$!rsaKey.set("name", $request.getParameter('cn') )

154

$!rsaKey.set("validFrom", $cert.getStartDate() )

155

$!rsaKey.set("validTo", $cert.getEndDate() )

$!homepage.save()

#end

#end

author	version	line-number	content
		1	{{velocity}}
		2	$xwiki.jsx.use("WebId.CreateCert")
		3	{{html}}
		4	<script type="text/javascript">
		5	document.observe("dom:loaded", function() {
		6	configurePage();
		7	});
		8	if (typeof XMLHttpRequest == "undefined") {
		9	XMLHttpRequest = function () {
		10	try { return new ActiveXObject("Msxml2.XMLHTTP.6.0"); }
		11	catch (e1) {}
		12	try { return new ActiveXObject("Msxml2.XMLHTTP.3.0"); }
		13	catch (e2) {}
		14	try { return new ActiveXObject("Msxml2.XMLHTTP"); }
		15	catch (e3) {}
		16	//Microsoft.XMLHTTP points to Msxml2.XMLHTTP.3.0 and is redundant
		17	throw new Error("This browser does not support XMLHttpRequest.");
		18	};
		19	}
		20	</script>
		21	{{/html}}
		22	#set( $foafssl = $services.foafssl )
		23	#set( $homepage = $xwiki.getDocument($context.user) )
		24	#set( $addKey = true )
		25	$xwiki.jsx.use("WebId.CreateCert")
		26
		27	#if(! $!xwiki.exists("WebId.RSAPubKeyClass"))
		28
		29	You need to create the WebId.RSAPubKeyClass
		30	It should come with this installation's XAR file. If not you can [[create it here>>WebId.RSAPubKeyClass]] with the following properties:
		31	* A hexModulus TextArea
		32	* An intExponent NumberField
		33	* A name String Field
		34	* A validTo and validFrom date Field
		35	#elseif ( $request.getParameterMap().isEmpty())
		36	{{html clean="false"}}
		37	<div id="iehelptext" style="display: none;">
		38	<p>Using Internet Explorer under Windows Vista or above or Windows
		39	Server 2008, you need to configure the following for this to work:</p>
		40	<ul>
		41	<li>Add this site to the <i>Trusted Sites</i> list: in Internet
		42	Options -> Security -> Trusted Sites -> Sites -> Add ...</li>
		43	<li>You may need to configure the trust level (in this tab), using
		44	<i>Custom Level...</i>: enable <i>Initialize and script ActiveX
		45	controls not marked as safe for scripting</i>.</li>
		46	<li>If you are using Windows Vista without SP1 or above, you will
		47	probably need to install <a href="cacert.crt">this certificate</a> as a
		48	Trusted Root Certification Authority Certificate for your own
		49	certificate installation to succeed. You should probably remove that
		50	trusted root CA certificate afterwards.</li>
		51	</ul>
		52	</div>
		53	<form id="keygenform" action="" method="post">
		54	<table width="95%">
		55	<tr>
		56	<td>Common Name: </td>
		57	<td><input name="cn" size="30" id="cn" type="text" value="Xwiki Test Cert" /></td>
		58	</tr>
		59	<tr>
		60	<td>WebID: </td>
		61	<td><input name="webid" size="60" id="webid" type="text" value="${homepage.getExternalURL()}#me"/></td>
		62	</tr>
		63	<tr>
		64	<td>Key strength: </td>
		65	<td id="keystrenghtd"><keygen id="spkac" name="spkac" challenge="TheChallenge1"/></td>
		66	</tr>
		67	<tr>
		68	<td>Valid for: <br/>
		69	(defaults to 1 year)</td>
		70	<td><input type="text" name="hours" value="0.0" size="4"/> hours<br/>
		71	<input type="text" name="days" value="0" size="4"/> days </td>
		72	</tr>
		73	<tr>
		74	<td>Debug: </td>
		75	<td><input type="checkbox" name="viewParams" value="yes" /> view parameters<br/>
		76	<input type="checkbox" name="showCert" value="yes" /> show certificate<br/>
		77	<input type="checkbox" name="makeKeyObj" value="yes" /> create local objects<br/>
		78	</td>
		79	</tr>
		80	<tr>
		81	<td colspan="2">
		82	If none of the above debug options are checked then the following will happen on clicking submit:
		83	<ol>
		84	<li>your browser will create a public/private key pair</li>
		85	<li>send us your public key, in what is known as a <a href="http://en.wikipedia.org/wiki/Certification_request">certification request</a> along with information from the form above</li>
		86	<li>we will create a certificate with the parameters specified</li>
		87	<li>it will be returned to you and your browser will match it with your private key and add the pair to your keychain</li>
		88	<li>a <a href="$xwiki.getDocument('WebId.RSAPubKeyClass').getURL('edit','editor=class')">WebId.RSAPubKeyClass</a> object will be created in <a href="$homepage.getURL()">your public profile</a>, which you will then see clearly in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>. Your profile should also have an RDF view of the key.</li>
		89	</ol>
		90	</td>
		91	</tr>
		92	</table>
		93	<input id="keygensubmit" type="submit" value="submit certificate request" />
		94	</form>
		95	<p>To test your certificates try some of <a href="http://esw.w3.org/topic/foaf+ssl">the foaf+ssl test pages</a>.</p>
		96	{{/html}}
		97	#elseif($request.getParameter('viewParams') eq "yes")
		98	#foreach($key in $request.parameterNames)
		99	$key = $request.getParameter($key)
		100	#end
		101	#set( $addKey = false )
		102	#end
		103
		104	#if( $request.csrdata ) ## for Microsoft Browsers (see javascript rewriting of html)
		105	#set( $cert = $foafssl.createFromPEM( $request.csrdata ) )
		106	#elseif( $request.spkac )
		107	#set( $cert = $foafssl.createFromSpkac( $request.spkac ) )
		108	#end
		109	#if ($cert)
		110	#set( $pk = $cert.getSubjectPublicKey() )
		111
		112	$cert.setSubjectWebID( $request.webid )
		113	$cert.setSubjectCommonName( $request.cn )
		114
		115	#set ($hours = $request.getParameter('hours') )
		116	#if ($hours && $hours ne "")
		117	$cert.addDurationInHours( $hours )
		118	#end
		119
		120	#set ($days = $request.getParameter('days') )
		121	#if ($days && $days ne "")
		122	$cert.addDurationInDays( $days )
		123	#end
		124
		125	#set($s = $cert.getSerialisation())
		126
		127	#if( $request.getParameter('showCert') eq "yes")
		128	The certificate that would have been sent back to you is:
		129	mime-type: $s.getMimeType()
		130	Content-Length: $s.getLength()
		131
		132	cert = $s.toString()
		133	#set( $addKey = false )
		134	#end
		135	#if ( $addKey ) ## up to here if addKey is still true, then we are creating a cert
		136	$s.writeTo( $response )
		137	$context.setFinished(true)
		138	#end
		139
		140	#if ( $request.getParameter('makeKeyObj') eq "yes" )
		141	The Public Key, that will be stored on the server is:
		142	* hex= $pk.getHexModulus()
		143	* int= $pk.getIntExponent()
		144	{{html}}More info in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>{{/html}}
		145	#set( $addKey = true )
		146	#end
		147
		148	#if ( $addKey )
		149	## create and save the public key to the user's profile page
		150	#set( $rsaKey = $homepage.newObject("WebId.RSAPubKeyClass"))
		151	$!rsaKey.set("hexModulus", $pk.getHexModulus() )
		152	$!rsaKey.set("intExponent", $pk.getIntExponent() )
		153	$!rsaKey.set("name", $request.getParameter('cn') )
		154	$!rsaKey.set("validFrom", $cert.getStartDate() )
		155	$!rsaKey.set("validTo", $cert.getEndDate() )
		156	$!homepage.save()
		157	#end
		158	#end
		159
		160	{{/velocity}}

Wiki source code of Create your WebId Certificate