From 11aa6dda70fcc1e09405882c920d7a8e672d0fa1 Mon Sep 17 00:00:00 2001
From: Zlatin Balevsky <zlatinb@gmail.com>
Date: Thu, 7 May 2020 13:29:21 +0100
Subject: [PATCH] sign tool in web ui

---
 .../java/com/muwire/webui/SignServlet.java    | 53 +++++++++++++++++++
 webui/src/main/js/sign.js                     | 15 ++++++
 webui/src/main/webapp/AboutMe.jsp             | 11 +++-
 webui/templates/web.xml.template              | 10 ++++
 4 files changed, 88 insertions(+), 1 deletion(-)
 create mode 100644 webui/src/main/java/com/muwire/webui/SignServlet.java
 create mode 100644 webui/src/main/js/sign.js

diff --git a/webui/src/main/java/com/muwire/webui/SignServlet.java b/webui/src/main/java/com/muwire/webui/SignServlet.java
new file mode 100644
index 00000000..dc95e8eb
--- /dev/null
+++ b/webui/src/main/java/com/muwire/webui/SignServlet.java
@@ -0,0 +1,53 @@
+package com.muwire.webui;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import com.muwire.core.Core;
+
+import net.i2p.crypto.DSAEngine;
+import net.i2p.data.Base64;
+import net.i2p.data.Signature;
+
+public class SignServlet extends HttpServlet {
+
+    private Core core;
+    
+    @Override
+    public void init(ServletConfig config) throws ServletException {
+        core = (Core) config.getServletContext().getAttribute("core");
+    }
+
+    @Override
+    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        String text = req.getParameter("text");
+        if (text == null) {
+            resp.sendError(503, "Nothing to sign?");
+            return;
+        }
+        
+        byte [] payload = text.getBytes(StandardCharsets.UTF_8);
+        Signature sig = DSAEngine.getInstance().sign(payload, core.getSpk());
+        
+        String response = Base64.encode(sig.getData());
+        
+        StringBuilder sb = new StringBuilder();
+        sb.append("<?xml version='1.0' encoding='UTF-8'?>");
+        sb.append("<Signed>").append(response).append("</Signed>");
+        
+        resp.setContentType("text/xml");
+        resp.setCharacterEncoding("UTF-8");
+        resp.setDateHeader("Expires", 0);
+        resp.setHeader("Pragma", "no-cache");
+        resp.setHeader("Cache-Control", "no-store, max-age=0, no-cache, must-revalidate");
+        byte[] out = sb.toString().getBytes("UTF-8");
+        resp.setContentLength(out.length);
+        resp.getOutputStream().write(out);
+    }
+}
diff --git a/webui/src/main/js/sign.js b/webui/src/main/js/sign.js
new file mode 100644
index 00000000..23592edf
--- /dev/null
+++ b/webui/src/main/js/sign.js
@@ -0,0 +1,15 @@
+function sign() {
+	var signText = document.getElementById("sign").value
+	
+	var xmlhttp = new XMLHttpRequest()
+	xmlhttp.onreadystatechange = function() {
+		if (this.readyState == 4 && this.status == 200) {
+			var signed = this.responseXML.getElementsByTagName("Signed")[0].childNodes[0].nodeValue
+			var signedDiv = document.getElementById("signed")
+			signedDiv.innerHTML = "<pre>" + signed + "</pre>"
+		}
+	}
+	xmlhttp.open("POST", "/MuWire/Sign", true)
+	xmlhttp.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
+	xmlhttp.send(encodeURI("text=" + signText))
+}
diff --git a/webui/src/main/webapp/AboutMe.jsp b/webui/src/main/webapp/AboutMe.jsp
index 05ca172b..b2292473 100644
--- a/webui/src/main/webapp/AboutMe.jsp
+++ b/webui/src/main/webapp/AboutMe.jsp
@@ -20,6 +20,7 @@ Core core = (Core) application.getAttribute("core");
     <head>
 <%@include file="css.jsi"%>
 <script src="js/util.js?<%=version%>" type="text/javascript"></script>
+<script src="js/sign.js?<%=version%>" type ="text/javascript"></script>
 <script>
 function copyFullId() {
 	copyToClipboard("full-id")
@@ -35,10 +36,18 @@ openAccordion = 3;
 <%@include file="sidebar.jsi"%>    	
 	</aside>
 	<section class="main foldermain">
+		<h3><%=Util._t("MuWire ID")%></h3>
 		<p><%=Util._t("Your short MuWire ID: {0}", core.getMe().getHumanReadableName())%></p>
 		<p><%=Util._t("Your full MuWire ID:")%></p>
-		<p><textarea class="fullId" id="full-id" readOnly="true"><%=core.getMe().toBase64()%></textarea></p>
+		<p><textarea class="fullId" id="full-id" readonly><%=core.getMe().toBase64()%></textarea></p>
 		<p><a href='#' onclick="window.copyFullId();return false;"><%=Util._t("Copy to clipboard")%></a></p>
+		
+		<hr/>
+		<h3><%=Util._t("Sign Tool")%></h3>
+		<p><%=Util._t("Enter text to sign with your MuWire ID")%></p>
+		<p><textarea class="sign" id="sign"></textarea></p>
+		<p><a href='#' onclick="window.sign();return false;"><%=Util._t("Sign")%></a></p>
+		<div id="signed"></div>
 	</section>
     </body>
 </html>
diff --git a/webui/templates/web.xml.template b/webui/templates/web.xml.template
index 6750bcdb..fa7d7474 100644
--- a/webui/templates/web.xml.template
+++ b/webui/templates/web.xml.template
@@ -90,6 +90,11 @@
     <servlet-class>com.muwire.webui.AdvancedSharingServlet</servlet-class>
 </servlet>
 
+<servlet>
+    <servlet-name>com.muwire.webui.SignServlet</servlet-name>
+    <servlet-class>com.muwire.webui.SignServlet</servlet-class>
+</servlet>
+
 <servlet-mapping>
     <servlet-name>com.muwire.webui.MuWireServlet</servlet-name>
     <url-pattern>/index.jsp</url-pattern>
@@ -165,6 +170,11 @@
     <url-pattern>/AdvancedShare</url-pattern>
 </servlet-mapping>
 
+<servlet-mapping>
+    <servlet-name>com.muwire.webui.SignServlet</servlet-name>
+    <url-pattern>/Sign</url-pattern>
+</servlet-mapping>
+
 __JASPER__
 
 <!--