XWiki - WebId - Create your WebId Certificate

<li>send us your public key, in what is known as a <a href="http://en.wikipedia.org/wiki/Certification_request">certification request</a> along with information from the form above</li>

89

<li>we will create a certificate with the parameters specified</li>

90

<li>it will be returned to you and your browser will match it with your private key and add the pair to your keychain</li>

91

<li>a <a href="$xwiki.getDocument('WebId.RSAPubKeyClass').getURL('edit','editor=class')">WebId.RSAPubKeyClass</a> object will be created in <a href="$homepage.getURL()">your public profile</a>, which you will then see clearly in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>. Your profile should also have an RDF view of the key.</li>

</ol>

</td>

</tr>

</table>

</form>

<p>To test your certificates try some of <a href="http://esw.w3.org/topic/foaf+ssl">the foaf+ssl test pages</a>.</p>

99

100

#elseif($request.getParameter('viewParams') eq "yes")

101

#foreach($key in $request.parameterNames)

102

$key = $request.getParameter($key)

103

#end

104

#set( $addKey = false )

105

#end

106

107

#if( $request.csrdata ) ## for Microsoft Browsers (see javascript rewriting of html)

108

#set( $cert = $foafssl.createFromPEM( $request.csrdata ) )

109

#elseif( $request.spkac )

110

#set( $cert = $foafssl.createFromSpkac( $request.spkac ) )

111

#end

112

#if ($cert)

113

#set( $pk = $cert.getSubjectPublicKey() )

114

115

$cert.setSubjectWebID( $request.webid )

116

$cert.setSubjectCommonName( $request.cn )

117

118

#set ($hours = $request.getParameter('hours') )

119

#if ($hours && $hours ne "")

120

$cert.addDurationInHours( $hours )

121

#end

122

123

#set ($days = $request.getParameter('days') )

124

#if ($days && $days ne "")

125

$cert.addDurationInDays( $days )

126

#end

127

128

#set($s = $cert.getSerialisation())

129

130

#if( $request.getParameter('showCert') eq "yes")

131

The certificate that would have been sent back to you is:

132

mime-type: $s.getMimeType()

133

Content-Length: $s.getLength()

134

135

cert = $s.toString()

136

#set( $addKey = false )

137

#end

138

#if ( $addKey ) ## up to here if addKey is still true, then we are creating a cert

139

$s.writeTo( $response )

140

$context.setFinished(true)

141

#end

142

143

#if ( $request.getParameter('makeKeyObj') eq "yes" )

144

The Public Key, that will be stored on the server is:

145

* hex= $pk.getHexModulus()

146

* int= $pk.getIntExponent()

147

{{html}}More info in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>{{/html}}

148

#set( $addKey = true )

#end

#if ( $addKey )

## create and save the public key to the user's profile page

153

#set( $rsaKey = $homepage.newObject("WebId.RSAPubKeyClass"))

154

$!rsaKey.set("hexModulus", $pk.getHexModulus() )

155

$!rsaKey.set("intExponent", $pk.getIntExponent() )

156

$!rsaKey.set("name", $request.getParameter('cn') )

157

$!rsaKey.set("validFrom", $cert.getStartDate() )

158

$!rsaKey.set("validTo", $cert.getEndDate() )

$!homepage.save()

#end

#end

author	version	line-number	content
		1	{{velocity}}
		2	$xwiki.jsx.use("WebId.CreateCert")
		3	{{html}}
		4	<script type="text/javascript">
		5	document.observe("dom:loaded", function() {
		6	configurePage();
		7	});
		8	if (typeof XMLHttpRequest == "undefined") {
		9	XMLHttpRequest = function () {
		10	try { return new ActiveXObject("Msxml2.XMLHTTP.6.0"); }
		11	catch (e1) {}
		12	try { return new ActiveXObject("Msxml2.XMLHTTP.3.0"); }
		13	catch (e2) {}
		14	try { return new ActiveXObject("Msxml2.XMLHTTP"); }
		15	catch (e3) {}
		16	//Microsoft.XMLHTTP points to Msxml2.XMLHTTP.3.0 and is redundant
		17	throw new Error("This browser does not support XMLHttpRequest.");
		18	};
		19	}
		20	</script>
		21	{{/html}}
		22	#set ( $nodebug = $request.getParameter("nodebug") )
		23	#set( $foafssl = $services.foafssl )
		24	#set( $homepage = $xwiki.getDocument($context.user) )
		25	#set( $addKey = true )
		26	$xwiki.jsx.use("WebId.CreateCert")
		27
		28	#set( $incomplete = ( $request.getParameterMap().isEmpty() \|\| ( $nodebug && request.getParameter("spkac") ) )
		29
		30	#if(! $!xwiki.exists("WebId.RSAPubKeyClass"))
		31
		32	You need to create the WebId.RSAPubKeyClass
		33	It should come with this installation's XAR file. If not you can [[create it here>>WebId.RSAPubKeyClass]] with the following properties:
		34	* A hexModulus TextArea
		35	* An intExponent NumberField
		36	* A name String Field
		37	* A validTo and validFrom date Field
		38	#elseif ( $request.getParameterMap().isEmpty())
		39	{{html clean="false"}}
		40	<div id="iehelptext" style="display: none;">
		41	<p>Using Internet Explorer under Windows Vista or above or Windows
		42	Server 2008, you need to configure the following for this to work:</p>
		43	<ul>
		44	<li>Add this site to the <i>Trusted Sites</i> list: in Internet
		45	Options -> Security -> Trusted Sites -> Sites -> Add ...</li>
		46	<li>You may need to configure the trust level (in this tab), using
		47	<i>Custom Level...</i>: enable <i>Initialize and script ActiveX
		48	controls not marked as safe for scripting</i>.</li>
		49	<li>If you are using Windows Vista without SP1 or above, you will
		50	probably need to install <a href="cacert.crt">this certificate</a> as a
		51	Trusted Root Certification Authority Certificate for your own
		52	certificate installation to succeed. You should probably remove that
		53	trusted root CA certificate afterwards.</li>
		54	</ul>
		55	</div>
		56	<form id="keygenform" action="" method="post">
		57	<table width="95%">
		58	<tr>
		59	<td>Common Name: </td>
		60	<td><input name="cn" size="30" id="cn" type="text" value="Xwiki Test Cert" /></td>
		61	</tr>
		62	<tr>
		63	<td>WebID: </td>
		64	<td><input name="webid" size="60" id="webid" type="text" value="${homepage.getExternalURL()}#me"/></td>
		65	</tr>
		66	<tr>
		67	<td>Key strength: </td>
		68	<td id="keystrenghtd"><keygen id="spkac" name="spkac" challenge="TheChallenge1"/></td>
		69	</tr>
		70	<tr>
		71	<td>Valid for: <br/>
		72	(defaults to 1 year)</td>
		73	<td><input type="text" name="hours" value="0.0" size="4"/> hours<br/>
		74	<input type="text" name="days" value="0" size="4"/> days </td>
		75	</tr>
		76	<tr>
		77	<td>Debug: </td>
		78	<td><input type="checkbox" name="viewParams" value="yes" /> view parameters<br/>
		79	<input type="checkbox" name="showCert" value="yes" /> show certificate<br/>
		80	<input type="checkbox" name="makeKeyObj" value="yes" /> create local objects<br/>
		81	</td>
		82	</tr>
		83	<tr>
		84	<td colspan="2">
		85	If none of the above debug options are checked then the following will happen on clicking submit:
		86	<ol>
		87	<li>your browser will create a public/private key pair</li>
		88	<li>send us your public key, in what is known as a <a href="http://en.wikipedia.org/wiki/Certification_request">certification request</a> along with information from the form above</li>
		89	<li>we will create a certificate with the parameters specified</li>
		90	<li>it will be returned to you and your browser will match it with your private key and add the pair to your keychain</li>
		91	<li>a <a href="$xwiki.getDocument('WebId.RSAPubKeyClass').getURL('edit','editor=class')">WebId.RSAPubKeyClass</a> object will be created in <a href="$homepage.getURL()">your public profile</a>, which you will then see clearly in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>. Your profile should also have an RDF view of the key.</li>
		92	</ol>
		93	</td>
		94	</tr>
		95	</table>
		96	<input id="keygensubmit" type="submit" value="submit certificate request" />
		97	</form>
		98	<p>To test your certificates try some of <a href="http://esw.w3.org/topic/foaf+ssl">the foaf+ssl test pages</a>.</p>
		99	{{/html}}
		100	#elseif($request.getParameter('viewParams') eq "yes")
		101	#foreach($key in $request.parameterNames)
		102	$key = $request.getParameter($key)
		103	#end
		104	#set( $addKey = false )
		105	#end
		106
		107	#if( $request.csrdata ) ## for Microsoft Browsers (see javascript rewriting of html)
		108	#set( $cert = $foafssl.createFromPEM( $request.csrdata ) )
		109	#elseif( $request.spkac )
		110	#set( $cert = $foafssl.createFromSpkac( $request.spkac ) )
		111	#end
		112	#if ($cert)
		113	#set( $pk = $cert.getSubjectPublicKey() )
		114
		115	$cert.setSubjectWebID( $request.webid )
		116	$cert.setSubjectCommonName( $request.cn )
		117
		118	#set ($hours = $request.getParameter('hours') )
		119	#if ($hours && $hours ne "")
		120	$cert.addDurationInHours( $hours )
		121	#end
		122
		123	#set ($days = $request.getParameter('days') )
		124	#if ($days && $days ne "")
		125	$cert.addDurationInDays( $days )
		126	#end
		127
		128	#set($s = $cert.getSerialisation())
		129
		130	#if( $request.getParameter('showCert') eq "yes")
		131	The certificate that would have been sent back to you is:
		132	mime-type: $s.getMimeType()
		133	Content-Length: $s.getLength()
		134
		135	cert = $s.toString()
		136	#set( $addKey = false )
		137	#end
		138	#if ( $addKey ) ## up to here if addKey is still true, then we are creating a cert
		139	$s.writeTo( $response )
		140	$context.setFinished(true)
		141	#end
		142
		143	#if ( $request.getParameter('makeKeyObj') eq "yes" )
		144	The Public Key, that will be stored on the server is:
		145	* hex= $pk.getHexModulus()
		146	* int= $pk.getIntExponent()
		147	{{html}}More info in <a target="_blank" href="${homepage.getURL('edit','editor=object')}">its object view</a>{{/html}}
		148	#set( $addKey = true )
		149	#end
		150
		151	#if ( $addKey )
		152	## create and save the public key to the user's profile page
		153	#set( $rsaKey = $homepage.newObject("WebId.RSAPubKeyClass"))
		154	$!rsaKey.set("hexModulus", $pk.getHexModulus() )
		155	$!rsaKey.set("intExponent", $pk.getIntExponent() )
		156	$!rsaKey.set("name", $request.getParameter('cn') )
		157	$!rsaKey.set("validFrom", $cert.getStartDate() )
		158	$!rsaKey.set("validTo", $cert.getEndDate() )
		159	$!homepage.save()
		160	#end
		161	#end
		162
		163	{{/velocity}}

Wiki source code of Create your WebId Certificate