Re: [Aglets-developer] some questions about aglets security(permission)!

[x r. <xr...@ho...>]

Cat:
  h r u?
  In my project about Aglets,i met with some questions,now hope u can help 
me,thanx!

In order to get a secure Aglets,I wanna make some modifications for 
Aglets.So I modified two 
file-LocalAgletRef.java(<aglets-home>/src/com/ibm/aglets) & 
AgletContextImpl.java(<aglets-home>/src/com/ibm/aglets).Now I make some 
directions for my modifications for their code.
   Here I list the codes I have added into the corresponding source files.
In the method: 
void dispatch(MessageImpl msg, Ticket ticket)
 in LocalAgletRef.java,the adding parts are as follow:
/-------------------------------------------------------------------------------------------------------/


/*******对其进行改造所加的API******************************/
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.Provider;
import javax.crypto.Cipher;
import java.security.interfaces.RSAPublicKey;
import javax.crypto.*;
import java.io.*;
import com.ibm.aglet.AgletID;
/***************************************************/
//There are some codes(here omitted)

SecureRandom random = new SecureRandom();
				KeyPair kp;
				Cipher  c;
				byte[] encrypted1=new byte[50000];
				int encrypted_length=0;
				try{
					KeyGenerator keygen = KeyGenerator.getInstance("DES","SunJCE");
					SecretKey desKey = keygen.generateKey();
					c = Cipher.getInstance("DES/ECB/PKCS5Padding","SunJCE");
					c.init(c.ENCRYPT_MODE,desKey);
					byte[] encrypted2 = c.doFinal(agent);
					encrypted_length=encrypted2.length;
					for(int i=0;i<encrypted2.length;i++)
						encrypted1[i]=encrypted2[i];
				//Serialize
					FileOutputStream fos=new 
FileOutputStream("F:/temp050829/RSAprivatekey");
					ObjectOutputStream oos=new ObjectOutputStream(fos);
					oos.writeObject(desKey);
					oos.flush();
					oos.close();
					/*******************************************************/
				}
				catch(Throwable t)
				{
					t.printStackTrace();
				}
				byte[] encrypted=new byte[encrypted_length];
				for(int i=0;i<encrypted_length;i++)
						encrypted[i]=encrypted1[i];//The last byte array encrypted.

//All the following codes are omitted!
/-------------------------------------------------------------------------------------------------------/

In the method:
 public void receiveAglet(Name agent_name, ClassName[] classnames, 
							 String codebase, byte[] agent, 
							 String sender)
in AgletContextImpl.java,the adding parts are as follow:

/*******对其进行改造所加的API******************************/
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import javax.crypto.*;
import java.io.*;
/***************************************************/
SecureRandom random = new SecureRandom();
		//KeyPair kp;
		Cipher  c;
		byte[] decrypted1=new byte[50000];
		int decrypted_length=0;
//There are some codes(here omitted)


try{
				FileInputStream fis=new FileInputStream("F:/temp050829/RSAprivatekey");
				ObjectInputStream ois=new ObjectInputStream(fis);
				SecretKey desKey=(SecretKey)ois.readObject();
				ois.close();
				c = Cipher.getInstance("DES/ECB/PKCS5Padding","SunJCE");
				c.init(c.DECRYPT_MODE, desKey);
				byte[] decrypted2 = c.doFinal(agent);
				decrypted_length=decrypted2.length;
				for(int i=0;i<decrypted2.length;i++)
					decrypted1[i]=decrypted2[i];
			}
			catch(Throwable t)
			{
				t.printStackTrace();
			}
			byte[] decrypted=new byte[decrypted_length];
			for(int i=0;i<decrypted_length;i++)
				decrypted[i]=decrypted1[i];
//All the following codes are omitted!
/-------------------------------------------------------------------------------------------------------/

I make an experiment in one host,opening two Aglets server.When I send one 
aglet to from one server to another.Some exceptions come into being on the 
sender 
java.security.NoSuchProviderException: No such provider: SunJCE
        at javax.crypto.SunJCE_b.a(DashoA6275)
        at javax.crypto.KeyGenerator.getInstance(DashoA6275)
        at com.ibm.aglets.LocalAgletRef.dispatch(LocalAgletRef.java:977)
        at com.ibm.aglets.SystemMessage.handle(Unknown Source)
        at com.ibm.aglets.AgletThread.run(Unknown Source)
and there are some exceptions on the receiver:
java.security.NoSuchProviderException: Provider 'SunJCE' not found
        at javax.crypto.Cipher.getInstance(DashoA6275)
        at 
com.ibm.aglets.AgletContextImpl.receiveAglet(AgletContextImpl.java:937)
        at com.ibm.aglets.MAFAgentSystem_AgletsImpl$2.run(Unknown Source)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.ibm.aglets.MAFAgentSystem_AgletsImpl.receive_agent(Unknown 
Source)
        at com.ibm.maf.atp.ConnectionHandler.handleDispatchRequest(Unknown 
Source)
        at com.ibm.maf.atp.ConnectionHandler.handleRequest(Unknown Source)
        at com.ibm.maf.atp.ConnectionHandler.handle(Unknown Source)
        at com.ibm.maf.atp.ConnectionHandler.run(Unknown Source)


But what I wanna say is that when I try this code in one single java 
file(as shown below),the program can run normally,and get the right 
result.The program is that:
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Signature;
import java.lang.Integer;
import java.lang.Byte;
import java.io.*;
import java.security.interfaces.RSAPublicKey;
import javax.crypto.*;

public class mytest2 
{
	public static void main(String[] args) 
	{
		byte[] agent="we love you,my little boys!".getBytes();
		SecureRandom random = new SecureRandom();
				KeyPair kp;
				Cipher  c;
				byte[] encrypted1=new byte[50000];
				int encrypted_length=0;
				try{
					KeyGenerator keygen = KeyGenerator.getInstance("DES","SunJCE");
					SecretKey desKey = keygen.generateKey();
					c = Cipher.getInstance("DES/ECB/PKCS5Padding","SunJCE");
				   c.init(c.ENCRYPT_MODE,desKey);
					byte[] encrypted2 = c.doFinal(agent);
					c.init(c.DECRYPT_MODE, desKey);
				    byte[] data2 = c.doFinal(encrypted2);
					System.out.println(new String(encrypted2));
					System.out.println(new String(data2));
					encrypted_length=encrypted2.length;
					for(int i=0;i<encrypted2.length;i++)
						encrypted1[i]=encrypted2[i];
				FileOutputStream fos=new FileOutputStream("F:/temp050829/mytest2key");
						ObjectOutputStream oos=new ObjectOutputStream(fos);
						oos.writeObject(desKey);
						oos.flush();
						oos.close();
				}
				catch(Throwable t)
				{
					t.printStackTrace();
				}
				byte[] encrypted=new byte[encrypted_length];
				for(int i=0;i<encrypted_length;i++)
						encrypted[i]=encrypted1[i];
				System.out.println(new String(encrypted));
	}
}
By the way,all the configurations for Aglets and Java in my computer are 
correct.What’s wrong with it?Please help me,thanks very much!

_________________________________________________________________
享用世界上最大的电子邮件系统― MSN Hotmail。  http://www.hotmail.com