jxta-jxse
  1. jxta-jxse
  2. JXTA_JXSE-105

Advertisement signing and verification

    Details

    • Type: Improvement Improvement
    • Status: Resolved
    • Priority: Blocker Blocker
    • Resolution: Fixed
    • Affects Version/s: 2.5
    • Fix Version/s: not determined
    • Component/s: code
    • Labels:
      None
    • Environment:

      Operating System: All
      Platform: All

    • Issuezilla Id:
      105

      Description

      The existing SignedAdvertisement does not work because it does not have
      indexed fields. As a result, once it is published, it will be buried in the
      CM dungeon and nobody is able to discover it.

      Anyway, this message is not to discuss about the SignedAdvertisement. It
      should be deprecated because I have re-engineered the Advertisement class.
      Now it makes signing and verifying an advertisement much easier to use and
      more intuitive.

      There are five methods in the Advertisement class.

      public final XMLSignature getSignature();
      public final Document getSignedDocument();
      public final synchronized boolean isAuthenticated();
      public final synchronized boolean sign(Certificate paraCert, PrivateKey
      paraPriv);
      public final synchronized boolean verify();

      It works like this:

      //Before you publish your advertisement in New York:
      Advertisement myAdv;
      //Construct it as you normally do. Populate something to myAdv.
      boolean ok = myAdv.sign(myCert, myPrivateKey);
      //Suppose ok is true. Publish it.
      //Done.

      //Somebody discovers your advertisement in London:
      Advertisement yourAdv;
      boolean ok = yourAdv.verify();
      //Suppose ok is true. He may want to know who signed it. Then he can do:
      XMLSignature signer = yourAdv.getSignature();
      //Done.

      The isAuthenticated() returns true when sign or verify returns true.

      The getSignedDcoument() returns the original document (unsigned) appended
      with a signature (if it exists).

      Any existing advertisement implementation does not have to change anything
      in order to benefit from the signature feature.

      1. Advertisement.java
        23 kB
        thenetworker
      2. Cm.java
        45 kB
        thenetworker
      3. DiscoveryResponseMsg.java
        13 kB
        thenetworker
      4. ExtendableAdvertisement.java
        8 kB
        thenetworker
      5. RendezVousServiceProvider.java
        33 kB
        thenetworker

        Issue Links

          Activity

          Hide
          thenetworker added a comment -

          Cm, RendezVousServiceProvider, and DiscoveryResponseMsg have been identified to
          use getSignedDocument()method in order to process signed advertisements.

          Show
          thenetworker added a comment - Cm, RendezVousServiceProvider, and DiscoveryResponseMsg have been identified to use getSignedDocument()method in order to process signed advertisements.
          Hide
          adamman71 added a comment -

          thenetworker has loaded a complete jxta.zip containing the work for this
          incident too. Need to check QA and JUnit requirements.

          Show
          adamman71 added a comment - thenetworker has loaded a complete jxta.zip containing the work for this incident too. Need to check QA and JUnit requirements.
          Hide
          adamman71 added a comment -

          jxta.zip is available from incident 103

          Show
          adamman71 added a comment - jxta.zip is available from incident 103
          Hide
          adamman71 added a comment -

          Discussion with Mike: globally, we need to make sure we minimize the impact of
          the introduction of this new feature on JXSE/JXTA.

          + QA code/JUnit tests implementation is required before any posting.

          Show
          adamman71 added a comment - Discussion with Mike: globally, we need to make sure we minimize the impact of the introduction of this new feature on JXSE/JXTA. + QA code/JUnit tests implementation is required before any posting.
          Hide
          adamman71 added a comment -

          Code committed, next episode in issue 417 (if any).

          Show
          adamman71 added a comment - Code committed, next episode in issue 417 (if any).

            People

            • Assignee:
              jxta-jxse-issues
              Reporter:
              thenetworker
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: