メランジ雑記帳

nssの内部ストアを利用することにより、ICカードやリーダ・ライタがなくてもPKIのテストを簡単にできるようにしてみた。


2010-04-24 12:05:06,591 (AWT-EventQueue-2) [SignApplet.java:20]- *** start paint ***
2010-04-24 12:05:08,297 (Thread-4) [SignApplet.java:31]- start sign
2010-04-24 12:05:08,311 (Thread-4) [SignApplet.java:34]- digest = 0000: 64 61 74 61 0a data.
alias=sdp-test
alias=kansaieigyo/kansaieigyo
2010-04-24 12:05:08,452 (Thread-4) [PKCS11Sign.java:37]- before sign data is 0000: 64 61 74 61 0a data.
2010-04-24 12:05:08,452 (Thread-4) [PKCS11Sign.java:37]- before sign data is 0000: 64 61 74 61 0a data.
pkcs1sign of data is
0000: 0f 7a 0e 1b a9 30 7c cb 80 8a 72 f5 c7 2b 69 85 .z...0|. ..r..+i.
0010: 2b 2e 60 55 b6 88 8e 31 01 eb 2c cf a8 51 dd 52 +.`U...1 ..,..Q.R
0020: ab c1 35 f4 af 10 01 61 c9 8d ea 1d 84 7f cb 7d ..5....a ......}
0030: c3 88 44 b4 87 1d 7f 7b 8e 1d db 57 3e 5d 7a 4f ..D...{ ...W>]zO
0040: a1 b2 57 e4 39 8b b2 c0 0b 52 62 95 48 a0 32 bf ..W.9... .Rb.H.2.
0050: 35 11 b2 f3 06 da 6c 2b 05 d2 22 da 13 e8 f3 e3 5.....l+ ..".....
0060: d2 65 c3 3f 91 d5 76 c8 d3 d1 01 4e e3 69 76 36 .e.?..v. ...N.iv6
0070: d2 67 b2 40 db ec 45 73 d6 50 2c 36 d5 73 33 23 .g.@..Es .P,6.s3#

2010-04-24 12:05:08,461 (Thread-4) [SignApplet.java:38]- sign =
0000: 0f 7a 0e 1b a9 30 7c cb 80 8a 72 f5 c7 2b 69 85 .z...0|. ..r..+i.
0010: 2b 2e 60 55 b6 88 8e 31 01 eb 2c cf a8 51 dd 52 +.`U...1 ..,..Q.R
0020: ab c1 35 f4 af 10 01 61 c9 8d ea 1d 84 7f cb 7d ..5....a ......}
0030: c3 88 44 b4 87 1d 7f 7b 8e 1d db 57 3e 5d 7a 4f ..D...{ ...W>]zO
0040: a1 b2 57 e4 39 8b b2 c0 0b 52 62 95 48 a0 32 bf ..W.9... .Rb.H.2.
0050: 35 11 b2 f3 06 da 6c 2b 05 d2 22 da 13 e8 f3 e3 5.....l+ ..".....
0060: d2 65 c3 3f 91 d5 76 c8 d3 d1 01 4e e3 69 76 36 .e.?..v. ...N.iv6
0070: d2 67 b2 40 db ec 45 73 d6 50 2c 36 d5 73 33 23 .g.@..Es .P,6.s3#

2010-04-24 12:05:08,462 (Thread-4) [SignApplet.java:46]- getCert


というjava consoleの出力が得られた。

tomcat側のログは

2010-04-24 09:29:56,238 (http-9080-Processor25) servlet.SignDocHTML#doGet[248]- action is SignedDigest
2010-04-24 09:29:56,238 (http-9080-Processor25) servlet.SignDocHTML#doVerify_Go[136]- Create SignedDigest request
2010-04-24 09:29:56,239 (http-9080-Processor25) servlet.SignDocHTML#doVerify_Go[139]- SignerCert: MIIDQTCCAqqgAwIBAgIBajANBgkqhkiG9w0BAQQFADBWMQswCQYDVQQGEwJKUDEcMBoGA1UEChMTTWVsYW5nZSBDb3Jwb3JhdGlvbjEQMA4GA1UECxMHUEMtQ2x1YjEXMBUGA1UECxMOTWVsYW5nZVNvZnQgQ0EwHhcNMDUwMTMwMDYwODMzWhcNMTUwMTI4MDYwODMzWjCBmDELMAkGA1UEBhMCSlAxCzAJBgNVBAoMAmNvMQwwCgYDVQQLDANBQkMxFjAUBgNVBAsMDUthbnNhaSBCcmFuY2gxGTAXBgNVBAsMEFNhbGVzIERlcGFydG1lbnQxFjAUBgNVBAMMDUhpZGVvIE5vZ3VjaGkxIzAhBgkqhkiG9w0BCQEWFHNkcHVzZXI0QHNkcC10ZXN0LmpwMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6jh2hRcAo6ZxktIzKzOhZLPCCVGEJ3HNW576NKz0+XKst1qIXJ+zsWZ/XUrO4fAB9H2LfFWcQnfrl1CHHMvponeIigoS450u7RysjaWuti0W5mf+1yH8updDIDwNKrTSZhEfSoUSBY0oM5gHAYfwAPar013Tondz53z8rkpyu3wIDAQABo4HbMIHYMAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBT5rh1wCAeP0wH8FIhTyVz5AUGH7DB+BgNVHSMEdzB1gBSs2d3N+e9kDKMCLX99Ht9//fTLbqFapFgwVjELMAkGA1UEBhMCSlAxHDAaBgNVBAoTE01lbGFuZ2UgQ29ycG9yYXRpb24xEDAOBgNVBAsTB1BDLUNsdWIxFzAVBgNVBAsTDk1lbGFuZ2VTb2Z0IENBggEAMA0GCSqGSIb3DQEBBAUAA4GBACUt08Me7fjDxZqrQ0zUgzqIeaa99pTSAMDiZ47eQ9spoX5cfhIAb0M+04GrdMVxyXArdKp5RAhNNxGT7qPlJtelHyQZezjPVc/ka8ae/QJhM9y2iduDXIYQgUI2mITtFFTSQsGidEXCU81Dj45Je0Lyx7Rw1T2Y8Rnoq/tvi2S4
2010-04-24 09:29:56,241 (http-9080-Processor25) util.DmsUtil#getCertDN[511]- x509certificate class=sun.security.x509.X509CertImpl

2010-04-24 09:29:56,245 (http-9080-Processor25) servlet.SignDocHTML#doVerify_Go[158]- publicKey :RSA public key (1024 bits):
public exponent: 10001
modulus: ba8e1da145c028e99c64b48ccacce8592cf082546109dc7356e7be8d2b3d3e5cab2dd6a21727ecec599fd752b3b87c007d1f62df1567109dfae5d421c732fa689de2228284b8e74bbb472b23696bad8b45b999ffb5c87f2ea5d0c80f034aad34998447d2a14481634a0ce601c061fc003daaf4d774e89ddcf9df3f2b929caedf

2010-04-24 09:29:56,252 (http-9080-Processor25) util.DtsUtil#readFile[1300]- contentFile:read contentFile len=5
2010-04-24 09:29:56,261 (http-9080-Processor25) util.PKCS11Sign#verify[153]- verify is true
2010-04-24 09:29:56,261 (http-9080-Processor25) servlet.SignDocHTML#doVerify_Go[179]- b is true
2010-04-24 09:29:56,442 (http-9080-Processor25) dtsapi.DTSAPI#getSessionAttribute[2452]- get attribute(desSessionId): 79313DB4A175496C62243614BBA13746
2010-04-24 09:29:56,443 (http-9080-Processor25) dtsapi.DTSAPI#[330]- new DTSAPI dmsSession is org.apache.catalina.session.StandardSessionFacade@8a52b6
userDN = CN=Hideo Noguchi,OU=Sales Department,OU=Kansai Branch,OU=ABC,O=co,C=JP
2010-04-24 09:29:56,445 (http-9080-Processor25) util.LdapFind#find[301]- base = CN=Hideo Noguchi,OU=Sales Department,OU=Kansai Branch,OU=ABC,O=co,C=JP
2010-04-24 09:29:56,446 (http-9080-Processor25) util.LdapFind#find[305]- new base = CN=Hideo Noguchi,OU=Sales Department,OU=Kansai Branch,OU=ABC,O=co,C=JP
2010-04-24 09:29:56,471 (Thread-113) util.LdapFind#run[1600]- base=CN=Hideo Noguchi,OU=Sales Department,OU=Kansai Branch,OU=ABC,O=co,C=JP
2010-04-24 09:29:56,704 (http-9080-Processor25) servlet.Login#handleRequest[271]- checkLDAP:userDN : CN=Hideo Noguchi,OU=Sales Department,OU=Kansai Branch,OU=ABC,O=co,C=JP
2010-04-24 09:29:56,705 (http-9080-Processor25) servlet.Login#handleRequest[276]- loginDateTime : 2010-04-24 09:29:56 JST
2010-04-24 09:29:56,705 (http-9080-Processor25) servlet.Login#handleRequest[282]- call DTSAPI Login
2010-04-24 09:29:56,707 (http-9080-Processor25) dtsapi.DTSAPI#Login[1183]- Login Base64&URL encoded cert------

2010-04-24 09:29:56,707 (http-9080-Processor25) dtsapi.DTSAPI#Login[1184]- -----------------------------------
2010-04-24 09:29:56,708 (http-9080-Processor25) dtsapi.DTSAPI#genDESServletURL[1105]- genDESServletURL: snoop=false snoopURL=null
2010-04-24 09:29:56,708 (http-9080-Processor25) dtsapi.DTSAPI#Login[1191]- Login start!!-------------------
2010-04-24 09:29:56,709 (http-9080-Processor25) dtsapi.DTSAPI#Login[1193]- DTSAPI_version is 2
2010-04-24 09:29:56,709 (http-9080-Processor25) dtsapi.DTSAPI#Login[1194]- TOMCAT_version is 4