jsdsi-users Mailing List for JSDSI (Page 5)
Status: Pre-Alpha
Brought to you by:
sajma
Menu
▾
▴
jsdsi-users — JSDSI Users
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
(5) |
Mar
(10) |
Apr
(20) |
May
(26) |
Jun
(7) |
Jul
(10) |
Aug
(25) |
Sep
(1) |
Oct
|
Nov
(1) |
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(4) |
Jul
|
Aug
|
Sep
|
Oct
(6) |
Nov
(6) |
Dec
|
| 2006 |
Jan
(20) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2007 |
Jan
|
Feb
(2) |
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
|
From: Sean R. <sra...@ae...> - 2004-05-05 22:49:25
|
Hi,
Not entirely sure I follow what you mean, but do you mean that when you
read a file (called 'file-from-client.txt' for example) containing:
(proof
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (public-key (rsa (e #03#) (n SCS_F)))))
(sequence
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
(signature
(hash md5 HASH-VALUE)
(public-key (rsa (e #03#) (n MATT)))
(rsa-pkcs1-md5 SIGNATURE-VALUE))
... [3 cert/signature pairs not included for brevity] ...
(cert
(issuer (name (public-key (rsa (e #03#) (n SCS))) scs_faculty))
(subject (public-key (rsa (e #03#) (n SCS_F)))))
(signature
(hash md5 HASH-VALUE)
(public-key (rsa (e #03#) (n SCS)))
(rsa-pkcs1-md5 SIGNATURE-VALUE))))
using something like:
FileInputStream fis = new FileInputStream("file-from-client.txt");
jsdsi.sexp.ObjInputStream ois = new
jsdsi.sexp.ObjInputStream(fis);
jsdsi.Proof proof = (jsdsi.Proof) ois.readObj();
you get the Proof:
(proof
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
(sequence
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
(signature
(hash md5 HASH-VALUE)
(public-key (rsa (e #03#) (n MATT)))
(rsa-pkcs1-md5 SIGNATURE-VALUE))))
?
On Wed, 2004-05-05 at 22:54, Feng-Shuo wrote:
> Other questions about proof transmission:
> 1. If my client side supplies a proof that actually composes of 5 proofs
> sequence certificates with 1 proof result cert in following fashion:
> However, by using above method, I can only receive one proof which is
> the very first one and the result proof cert is changed too!
> So my questions are how to maintain result proof cert intact and how to
> compose serveral proofs into one proof
> (I tried the way that client ship proof.getCertificates one by one then
> server build proofs by certificates then I use proof.compose to concatenate
> those 5 proof certificates but error is thrown when compose! and i don't
> think the result cert will retain in such way neither)
>
> 2. When run the CertPathValidator, which cert and certstore I should feed
> in CertPathParameters? (Is cert = AclEntry which requestd proofs? Is
> certstore = client/server certstore? )
>
> Client:
> (proof
>
> Result cert ==>
> (cert
> (issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
> (subject (public-key (rsa (e #03#) (n SCS_F)))))
>
> 5 Proof sequence ==>
> (sequence
> (cert
> (issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
> (subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
> (signature
> (hash md5 HASH-VALUE)
> (public-key (rsa (e #03#) (n MATT)))
> (rsa-pkcs1-md5 SIGNATURE-VALUE))
> ....
> (cert
> (issuer (name (public-key (rsa (e #03#) (n SCS))) scs_faculty))
> (subject (public-key (rsa (e #03#) (n SCS_F)))))
> (signature
> (hash md5 HASH-VALUE)
> (public-key (rsa (e #03#) (n SCS)))
> (rsa-pkcs1-md5 SIGNATURE-VALUE))))
>
> Server:
> (proof
> (cert
> (issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
> (subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
> (sequence
> (cert
> (issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
> (subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
> (signature
> (hash md5 HASH-VALUE)
> (public-key (rsa (e #03#) (n MATT)))
> (rsa-pkcs1-md5 SIGNATURE-VALUE))))
>
>
>
> ----- Original Message -----
> From: "Sean Radford" <sra...@ae...>
> To: "Mr. Sameer Ajmani" <aj...@cs...>
> Cc: <fc...@an...>; "users jsdsi"
> <jsd...@li...>
> Sent: Wednesday, May 05, 2004 4:57 PM
> Subject: Re: <What's the correct way to send over Proof?>
>
>
> > On Wed, 2004-05-05 at 21:49, Sameer Ajmani wrote:
> > > Good idea. The site should also include a HOWTO for several common
> tasks:
> > > creating keys, certificates, signatures, proofs, writing and reading
> these
> > > from a file or the network, etc.
> > >
> > Another good idea... I'll try to make a start on that this w/e (the
> > HOWTO) - if the Proof stuff isn't done by then I'll try for that too....
> >
> >
> > Sean
> >
> > > Sameer
> > >
> > > > On Wed, 2004-05-05 at 12:16, Sameer Ajmani wrote:
> > > >> You can transfer a Proof as a Sequence (using proof.getSequence).
> But
> > > >> we should probably add support for transferring it just as a Proof.
> > > >> The reason I didn't in the firts place is because Proof isn't
> actually
> > > >> an official SPKI/SDSI datatype---it's specific to JSDSI.
> > > >>
> > > >
> > > > I'd vote for making Proof SExpression'able (and consequently implement
> > > > java.io.Serializable). Just seems sensible and thinking about it... I
> > > > hit the same problem (but never got round to raising the issue) about
> a
> > > > year ago!
> > > >
> > > > Guess we should be adding things like this to the 'Future Work'
> section
> > > > of the site (so we don't forget them) - until we get an issue tracking
> > > > application going...
> > > >
> > > > Regards,
> > > >
> > > > Sean
> > > >
> > > >> Sameer
> > > >>
> > > >> > Dear Sameer, Sean, and jsdsi experts,
> > > >> >
> > > >> > Orignial NameCert or AuthCert which are be embedded in Certifcate
> > > >> can be sent and receive well by using CertificateFactory Engine But
> > > >> now, after the client generates proof from certificate discovery,
> > > >> how should I send this over correctly? Currently, I try to use
> > > >> jsdsi.ObjOutputStream and jsdsi.ObjInputStream: Client:
> > > >> > FileOutputStream pd_file_out = new
> > > >> > FileOutputStream("server_agent_queue.txt", true);
> > > >> > jsdsi.sexp.ObjOutputStream pd_oos = new
> > > >> > jsdsi.sexp.ObjOutputStream(pd_file_out);
> > > >> > pd_oos.writeCanonical(proof);
> > > >> > pd_file_out.close();
> > > >> >
> > > >> > Server:
> > > >> > FileInputStream file_in = new
> > > >> > FileInputStream("server_agent_queue.txt");
> jsdsi.sexp.ObjInputStream
> > > >> ois = new jsdsi.sexp.ObjInputStream(fis); while (true) {
> > > >> > if (ois.available() > 0) {
> > > >> > ===> jsdsi.Proof pf = (jsdsi.Proof) ois.readObj();
> > > >> > break;
> > > >> > }
> > > >> > }
> > > >> >
> > > >> > But it occures following error on ===> line:
> > > >> > jsdsi.sexp.SexpParseException: unrecognized object type: proof
> > > >> >
> > > >> > Any idea, please? and Thanks for answer in advanced!
> > > >> >
> > > >> > Sincerely,
> > > >> >
> > > >> > Matt
> > > >>
> > > >>
> > > >> http://ajmani.net
> > > >>
> > > > --
> > > > Dr. Sean Radford, MBBS, MSc
> > > > sra...@ae...
> > > > http://www.aegeus-technology.com
> > >
> > >
> > > http://ajmani.net
> > >
> > --
> > Dr. Sean Radford, MBBS, MSc
> > sra...@ae...
> > http://www.aegeus-technology.com
> >
> >
> >
--
Dr. Sean Radford, MBBS, MSc
sra...@ae...
http://www.aegeus-technology.com
|
|
From: Feng-Shuo <fc...@an...> - 2004-05-05 21:52:43
|
Other questions about proof transmission:
1. If my client side supplies a proof that actually composes of 5 proofs
sequence certificates with 1 proof result cert in following fashion:
However, by using above method, I can only receive one proof which is
the very first one and the result proof cert is changed too!
So my questions are how to maintain result proof cert intact and how to
compose serveral proofs into one proof
(I tried the way that client ship proof.getCertificates one by one then
server build proofs by certificates then I use proof.compose to concatenate
those 5 proof certificates but error is thrown when compose! and i don't
think the result cert will retain in such way neither)
2. When run the CertPathValidator, which cert and certstore I should feed
in CertPathParameters? (Is cert = AclEntry which requestd proofs? Is
certstore = client/server certstore? )
Client:
(proof
Result cert ==>
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (public-key (rsa (e #03#) (n SCS_F)))))
5 Proof sequence ==>
(sequence
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
(signature
(hash md5 HASH-VALUE)
(public-key (rsa (e #03#) (n MATT)))
(rsa-pkcs1-md5 SIGNATURE-VALUE))
....
(cert
(issuer (name (public-key (rsa (e #03#) (n SCS))) scs_faculty))
(subject (public-key (rsa (e #03#) (n SCS_F)))))
(signature
(hash md5 HASH-VALUE)
(public-key (rsa (e #03#) (n SCS)))
(rsa-pkcs1-md5 SIGNATURE-VALUE))))
Server:
(proof
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
(sequence
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
(signature
(hash md5 HASH-VALUE)
(public-key (rsa (e #03#) (n MATT)))
(rsa-pkcs1-md5 SIGNATURE-VALUE))))
----- Original Message -----
From: "Sean Radford" <sra...@ae...>
To: "Mr. Sameer Ajmani" <aj...@cs...>
Cc: <fc...@an...>; "users jsdsi"
<jsd...@li...>
Sent: Wednesday, May 05, 2004 4:57 PM
Subject: Re: <What's the correct way to send over Proof?>
> On Wed, 2004-05-05 at 21:49, Sameer Ajmani wrote:
> > Good idea. The site should also include a HOWTO for several common
tasks:
> > creating keys, certificates, signatures, proofs, writing and reading
these
> > from a file or the network, etc.
> >
> Another good idea... I'll try to make a start on that this w/e (the
> HOWTO) - if the Proof stuff isn't done by then I'll try for that too....
>
>
> Sean
>
> > Sameer
> >
> > > On Wed, 2004-05-05 at 12:16, Sameer Ajmani wrote:
> > >> You can transfer a Proof as a Sequence (using proof.getSequence).
But
> > >> we should probably add support for transferring it just as a Proof.
> > >> The reason I didn't in the firts place is because Proof isn't
actually
> > >> an official SPKI/SDSI datatype---it's specific to JSDSI.
> > >>
> > >
> > > I'd vote for making Proof SExpression'able (and consequently implement
> > > java.io.Serializable). Just seems sensible and thinking about it... I
> > > hit the same problem (but never got round to raising the issue) about
a
> > > year ago!
> > >
> > > Guess we should be adding things like this to the 'Future Work'
section
> > > of the site (so we don't forget them) - until we get an issue tracking
> > > application going...
> > >
> > > Regards,
> > >
> > > Sean
> > >
> > >> Sameer
> > >>
> > >> > Dear Sameer, Sean, and jsdsi experts,
> > >> >
> > >> > Orignial NameCert or AuthCert which are be embedded in Certifcate
> > >> can be sent and receive well by using CertificateFactory Engine But
> > >> now, after the client generates proof from certificate discovery,
> > >> how should I send this over correctly? Currently, I try to use
> > >> jsdsi.ObjOutputStream and jsdsi.ObjInputStream: Client:
> > >> > FileOutputStream pd_file_out = new
> > >> > FileOutputStream("server_agent_queue.txt", true);
> > >> > jsdsi.sexp.ObjOutputStream pd_oos = new
> > >> > jsdsi.sexp.ObjOutputStream(pd_file_out);
> > >> > pd_oos.writeCanonical(proof);
> > >> > pd_file_out.close();
> > >> >
> > >> > Server:
> > >> > FileInputStream file_in = new
> > >> > FileInputStream("server_agent_queue.txt");
jsdsi.sexp.ObjInputStream
> > >> ois = new jsdsi.sexp.ObjInputStream(fis); while (true) {
> > >> > if (ois.available() > 0) {
> > >> > ===> jsdsi.Proof pf = (jsdsi.Proof) ois.readObj();
> > >> > break;
> > >> > }
> > >> > }
> > >> >
> > >> > But it occures following error on ===> line:
> > >> > jsdsi.sexp.SexpParseException: unrecognized object type: proof
> > >> >
> > >> > Any idea, please? and Thanks for answer in advanced!
> > >> >
> > >> > Sincerely,
> > >> >
> > >> > Matt
> > >>
> > >>
> > >> http://ajmani.net
> > >>
> > > --
> > > Dr. Sean Radford, MBBS, MSc
> > > sra...@ae...
> > > http://www.aegeus-technology.com
> >
> >
> > http://ajmani.net
> >
> --
> Dr. Sean Radford, MBBS, MSc
> sra...@ae...
> http://www.aegeus-technology.com
>
>
>
|
|
From: Sean R. <sra...@ae...> - 2004-05-05 20:58:48
|
On Wed, 2004-05-05 at 21:49, Sameer Ajmani wrote:
> Good idea. The site should also include a HOWTO for several common tasks:
> creating keys, certificates, signatures, proofs, writing and reading these
> from a file or the network, etc.
>
Another good idea... I'll try to make a start on that this w/e (the
HOWTO) - if the Proof stuff isn't done by then I'll try for that too....
Sean
> Sameer
>
> > On Wed, 2004-05-05 at 12:16, Sameer Ajmani wrote:
> >> You can transfer a Proof as a Sequence (using proof.getSequence). But
> >> we should probably add support for transferring it just as a Proof.
> >> The reason I didn't in the firts place is because Proof isn't actually
> >> an official SPKI/SDSI datatype---it's specific to JSDSI.
> >>
> >
> > I'd vote for making Proof SExpression'able (and consequently implement
> > java.io.Serializable). Just seems sensible and thinking about it... I
> > hit the same problem (but never got round to raising the issue) about a
> > year ago!
> >
> > Guess we should be adding things like this to the 'Future Work' section
> > of the site (so we don't forget them) - until we get an issue tracking
> > application going...
> >
> > Regards,
> >
> > Sean
> >
> >> Sameer
> >>
> >> > Dear Sameer, Sean, and jsdsi experts,
> >> >
> >> > Orignial NameCert or AuthCert which are be embedded in Certifcate
> >> can be sent and receive well by using CertificateFactory Engine But
> >> now, after the client generates proof from certificate discovery,
> >> how should I send this over correctly? Currently, I try to use
> >> jsdsi.ObjOutputStream and jsdsi.ObjInputStream: Client:
> >> > FileOutputStream pd_file_out = new
> >> > FileOutputStream("server_agent_queue.txt", true);
> >> > jsdsi.sexp.ObjOutputStream pd_oos = new
> >> > jsdsi.sexp.ObjOutputStream(pd_file_out);
> >> > pd_oos.writeCanonical(proof);
> >> > pd_file_out.close();
> >> >
> >> > Server:
> >> > FileInputStream file_in = new
> >> > FileInputStream("server_agent_queue.txt"); jsdsi.sexp.ObjInputStream
> >> ois = new jsdsi.sexp.ObjInputStream(fis); while (true) {
> >> > if (ois.available() > 0) {
> >> > ===> jsdsi.Proof pf = (jsdsi.Proof) ois.readObj();
> >> > break;
> >> > }
> >> > }
> >> >
> >> > But it occures following error on ===> line:
> >> > jsdsi.sexp.SexpParseException: unrecognized object type: proof
> >> >
> >> > Any idea, please? and Thanks for answer in advanced!
> >> >
> >> > Sincerely,
> >> >
> >> > Matt
> >>
> >>
> >> http://ajmani.net
> >>
> > --
> > Dr. Sean Radford, MBBS, MSc
> > sra...@ae...
> > http://www.aegeus-technology.com
>
>
> http://ajmani.net
>
--
Dr. Sean Radford, MBBS, MSc
sra...@ae...
http://www.aegeus-technology.com
|
|
From: Sameer A. <aj...@cs...> - 2004-05-05 20:49:42
|
Good idea. The site should also include a HOWTO for several common tasks:
creating keys, certificates, signatures, proofs, writing and reading these
from a file or the network, etc.
Sameer
> On Wed, 2004-05-05 at 12:16, Sameer Ajmani wrote:
>> You can transfer a Proof as a Sequence (using proof.getSequence). But
>> we should probably add support for transferring it just as a Proof.
>> The reason I didn't in the firts place is because Proof isn't actually
>> an official SPKI/SDSI datatype---it's specific to JSDSI.
>>
>
> I'd vote for making Proof SExpression'able (and consequently implement
> java.io.Serializable). Just seems sensible and thinking about it... I
> hit the same problem (but never got round to raising the issue) about a
> year ago!
>
> Guess we should be adding things like this to the 'Future Work' section
> of the site (so we don't forget them) - until we get an issue tracking
> application going...
>
> Regards,
>
> Sean
>
>> Sameer
>>
>> > Dear Sameer, Sean, and jsdsi experts,
>> >
>> > Orignial NameCert or AuthCert which are be embedded in Certifcate
>> can be sent and receive well by using CertificateFactory Engine But
>> now, after the client generates proof from certificate discovery,
>> how should I send this over correctly? Currently, I try to use
>> jsdsi.ObjOutputStream and jsdsi.ObjInputStream: Client:
>> > FileOutputStream pd_file_out = new
>> > FileOutputStream("server_agent_queue.txt", true);
>> > jsdsi.sexp.ObjOutputStream pd_oos = new
>> > jsdsi.sexp.ObjOutputStream(pd_file_out);
>> > pd_oos.writeCanonical(proof);
>> > pd_file_out.close();
>> >
>> > Server:
>> > FileInputStream file_in = new
>> > FileInputStream("server_agent_queue.txt"); jsdsi.sexp.ObjInputStream
>> ois = new jsdsi.sexp.ObjInputStream(fis); while (true) {
>> > if (ois.available() > 0) {
>> > ===> jsdsi.Proof pf = (jsdsi.Proof) ois.readObj();
>> > break;
>> > }
>> > }
>> >
>> > But it occures following error on ===> line:
>> > jsdsi.sexp.SexpParseException: unrecognized object type: proof
>> >
>> > Any idea, please? and Thanks for answer in advanced!
>> >
>> > Sincerely,
>> >
>> > Matt
>>
>>
>> http://ajmani.net
>>
> --
> Dr. Sean Radford, MBBS, MSc
> sra...@ae...
> http://www.aegeus-technology.com
http://ajmani.net
|
|
From: Sean R. <sra...@ae...> - 2004-05-05 20:41:02
|
On Wed, 2004-05-05 at 12:16, Sameer Ajmani wrote:
> You can transfer a Proof as a Sequence (using proof.getSequence). But we
> should probably add support for transferring it just as a Proof. The
> reason I didn't in the firts place is because Proof isn't actually an
> official SPKI/SDSI datatype---it's specific to JSDSI.
>
I'd vote for making Proof SExpression'able (and consequently implement
java.io.Serializable). Just seems sensible and thinking about it... I
hit the same problem (but never got round to raising the issue) about a
year ago!
Guess we should be adding things like this to the 'Future Work' section
of the site (so we don't forget them) - until we get an issue tracking
application going...
Regards,
Sean
> Sameer
>
> > Dear Sameer, Sean, and jsdsi experts,
> >
> > Orignial NameCert or AuthCert which are be embedded in Certifcate can be
> > sent and receive well by using CertificateFactory Engine But now, after
> > the client generates proof from certificate discovery, how should I send
> > this over correctly? Currently, I try to use jsdsi.ObjOutputStream and
> > jsdsi.ObjInputStream: Client:
> > FileOutputStream pd_file_out = new
> > FileOutputStream("server_agent_queue.txt", true);
> > jsdsi.sexp.ObjOutputStream pd_oos = new
> > jsdsi.sexp.ObjOutputStream(pd_file_out);
> > pd_oos.writeCanonical(proof);
> > pd_file_out.close();
> >
> > Server:
> > FileInputStream file_in = new
> > FileInputStream("server_agent_queue.txt"); jsdsi.sexp.ObjInputStream
> > ois = new jsdsi.sexp.ObjInputStream(fis); while (true) {
> > if (ois.available() > 0) {
> > ===> jsdsi.Proof pf = (jsdsi.Proof) ois.readObj();
> > break;
> > }
> > }
> >
> > But it occures following error on ===> line:
> > jsdsi.sexp.SexpParseException: unrecognized object type: proof
> >
> > Any idea, please? and Thanks for answer in advanced!
> >
> > Sincerely,
> >
> > Matt
>
>
> http://ajmani.net
>
--
Dr. Sean Radford, MBBS, MSc
sra...@ae...
http://www.aegeus-technology.com
|
|
From: Sameer A. <aj...@cs...> - 2004-05-05 13:15:01
|
To clarify:
Client:
FileOutputStream pd_file_out = new
FileOutputStream("server_agent_queue.txt",
true);
jsdsi.sexp.ObjOutputStream pd_oos = new
jsdsi.sexp.ObjOutputStream(pd_file_out);
==> pd_oos.writeCanonical(proof.getSequence());
pd_file_out.close();
Server:
FileInputStream file_in = new FileInputStream("server_agent_queue.txt");
jsdsi.sexp.ObjInputStream ois = new jsdsi.sexp.ObjInputStream(fis);
while (true) {
if (ois.available() > 0) {
==> jsdsi.Proof pf = new Proof (Certificate.fromSequence
((jsdsi.Sequence) ois.readObj()));
break;
}
}
This is another case where a better API is needed. Any suggestions?
Probably the most sensible is just to make the way you wanted to use it
(Obj.parseObj()) work, i.e., provide Proof.parseProof().
Sameer
> You can transfer a Proof as a Sequence (using proof.getSequence). But
> we should probably add support for transferring it just as a Proof. The
> reason I didn't in the firts place is because Proof isn't actually an
> official SPKI/SDSI datatype---it's specific to JSDSI.
>
> Sameer
>
>> Dear Sameer, Sean, and jsdsi experts,
>>
>> Orignial NameCert or AuthCert which are be embedded in Certifcate can
>> be sent and receive well by using CertificateFactory Engine But now,
>> after the client generates proof from certificate discovery, how
>> should I send this over correctly? Currently, I try to use
>> jsdsi.ObjOutputStream and jsdsi.ObjInputStream: Client:
>> FileOutputStream pd_file_out = new
>> FileOutputStream("server_agent_queue.txt", true);
>> jsdsi.sexp.ObjOutputStream pd_oos = new
>> jsdsi.sexp.ObjOutputStream(pd_file_out);
>> pd_oos.writeCanonical(proof);
>> pd_file_out.close();
>>
>> Server:
>> FileInputStream file_in = new
>> FileInputStream("server_agent_queue.txt"); jsdsi.sexp.ObjInputStream
>> ois = new jsdsi.sexp.ObjInputStream(fis); while (true) {
>> if (ois.available() > 0) {
>> ===> jsdsi.Proof pf = (jsdsi.Proof) ois.readObj();
>> break;
>> }
>> }
>>
>> But it occures following error on ===> line:
>> jsdsi.sexp.SexpParseException: unrecognized object type: proof
>>
>> Any idea, please? and Thanks for answer in advanced!
>>
>> Sincerely,
>>
>> Matt
>
>
> http://ajmani.net
>
>
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: Oracle 10g
> Get certified on the hottest thing ever to hit the market... Oracle 10g.
> Take an Oracle 10g class now, and we'll give you the exam FREE.
> http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
> _______________________________________________
> Jsdsi-users mailing list
> Jsd...@li...
> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
http://ajmani.net
|
|
From: Sameer A. <aj...@cs...> - 2004-05-05 11:16:12
|
You can transfer a Proof as a Sequence (using proof.getSequence). But we
should probably add support for transferring it just as a Proof. The
reason I didn't in the firts place is because Proof isn't actually an
official SPKI/SDSI datatype---it's specific to JSDSI.
Sameer
> Dear Sameer, Sean, and jsdsi experts,
>
> Orignial NameCert or AuthCert which are be embedded in Certifcate can be
> sent and receive well by using CertificateFactory Engine But now, after
> the client generates proof from certificate discovery, how should I send
> this over correctly? Currently, I try to use jsdsi.ObjOutputStream and
> jsdsi.ObjInputStream: Client:
> FileOutputStream pd_file_out = new
> FileOutputStream("server_agent_queue.txt", true);
> jsdsi.sexp.ObjOutputStream pd_oos = new
> jsdsi.sexp.ObjOutputStream(pd_file_out);
> pd_oos.writeCanonical(proof);
> pd_file_out.close();
>
> Server:
> FileInputStream file_in = new
> FileInputStream("server_agent_queue.txt"); jsdsi.sexp.ObjInputStream
> ois = new jsdsi.sexp.ObjInputStream(fis); while (true) {
> if (ois.available() > 0) {
> ===> jsdsi.Proof pf = (jsdsi.Proof) ois.readObj();
> break;
> }
> }
>
> But it occures following error on ===> line:
> jsdsi.sexp.SexpParseException: unrecognized object type: proof
>
> Any idea, please? and Thanks for answer in advanced!
>
> Sincerely,
>
> Matt
http://ajmani.net
|
|
From: Feng-Shuo <fc...@an...> - 2004-05-05 04:55:28
|
Dear Sameer, Sean, and jsdsi experts,
Orignial NameCert or AuthCert which are be embedded in Certifcate can be =
sent and receive well by using CertificateFactory Engine
But now, after the client generates proof from certificate discovery, =
how should I send this over correctly?
Currently, I try to use jsdsi.ObjOutputStream and jsdsi.ObjInputStream:
Client:
FileOutputStream pd_file_out =3D new =
FileOutputStream("server_agent_queue.txt", true);
jsdsi.sexp.ObjOutputStream pd_oos =3D new =
jsdsi.sexp.ObjOutputStream(pd_file_out);
pd_oos.writeCanonical(proof);
pd_file_out.close();
=20
Server:
FileInputStream file_in =3D new =
FileInputStream("server_agent_queue.txt");
jsdsi.sexp.ObjInputStream ois =3D new =
jsdsi.sexp.ObjInputStream(fis);
while (true) {
if (ois.available() > 0) {
=3D=3D=3D> jsdsi.Proof pf =3D (jsdsi.Proof) ois.readObj();
break;
}
}
=20
But it occures following error on =3D=3D=3D> line:
jsdsi.sexp.SexpParseException: unrecognized object type: proof
=20
Any idea, please? and Thanks for answer in advanced!
Sincerely,
Matt |
|
From: Sean R. <sra...@ae...> - 2004-05-02 15:59:33
|
Hi,
I would say that the best way is to use jsdsi.util.KeyPairFactory
And, as the javadoc for that class mentions:
Note: Care should be taken when creating Keys without specifying a
keysize, SecureRandom, or any AlgorithmParameterSpec, as it has been
noted that without, keys are predictable when using some Providers.
But in your examples you are always creating 1024 bit keys, so that is
no problem.
Regards,
Sean
On Sun, 2004-05-02 at 06:16, Feng-Shuo wrote:
>
> Dear Sameer, Sean, and jsdsi experts,
> I read the mail list in archive about "Sun KeyPairGeneratory" but
> I still don't really know how to generate different Keypairs through
> jsdsi API.
>
> Following are some of ways I tried but neither one of them works well,
> could you tell me what is the correct way to generate?
> 1. java.math.BigInteger s_m = new java.math.BigInteger("1024");
> java.math.BigInteger s_e = new java.math.BigInteger("9");
> jsdsi.RSAPublicKey s_rsapk = new jsdsi.RSAPublicKey(s_m, s_e,
> "RSA");
>
> KeyPair s_pair = s_rsapk.create();
> PrivateKey s_priv = s_pair.getPrivate();
> jsdsi.PublicKey s_pub = (jsdsi.PublicKey) s_pair.getPublic();
>
> ---> This method always generate the same Keypair
>
> 2. KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
> RSAKeyGenParameterSpec rsagen = new
> RSAKeyGenParameterSpec(1024,RSAKeyGenParameterSpec.F0);
> keyGen.initialize(rsagen);
>
> KeyPair s_test_pair = keyGen.generateKeyPair();
> PrivateKey s_priv = s_test_pair.getPrivate();
>
> //-->Class Cast Error: jsdsi.PublicKey s_pub = (jsdsi.PublicKey)
> s_test_pair.getPublic();
> java.security.interfaces.RSAPublicKey pub =
> (java.security.interfaces.RSAPublicKey)s_test_pair.getPublic();
> jsdsi.RSAPublicKey s_pub = new jsdsi.RSAPublicKey(pub);
>
> ---> Throw Class Cast Error when pass KeyPair into "create" method in
> "signature" class
> (I think error is occured in " assert(kp.getPublic() instanceof
> Principal) within signature class ")
>
> 3. KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
> RSAKeyGenParameterSpec rsagen = new
> RSAKeyGenParameterSpec(1024,RSAKeyGenParameterSpec.F0);
> keyGen.initialize(rsagen);
>
> KeyPair s_test_pair = keyGen.generateKeyPair();
> PrivateKey s_priv = s_test_pair.getPrivate();
>
> java.security.interfaces.RSAPublicKey pub =
> (java.security.interfaces.RSAPublicKey)s_test_pair.getPublic();
> jsdsi.RSAPublicKey s_pub = new jsdsi.RSAPublicKey(pub);
> /* Create another keypair from jsdsi.RSAPublicKey.create() */
> KeyPair s_pair = s_pub.create();
>
> ---> This method always generate the same Keypair
>
> Regards,
>
> Matt
--
Dr. Sean Radford, MBBS, MSc
sra...@ae...
http://www.aegeus-technology.com
|
|
From: Feng-Shuo <fc...@an...> - 2004-05-02 05:16:56
|
Dear Sameer, Sean, and jsdsi experts,
I read the mail list in archive about "Sun KeyPairGeneratory" but I =
still don't really know how to generate different Keypairs through jsdsi =
API.
Following are some of ways I tried but neither one of them works well, =
could you tell me what is the correct way to generate?
1. java.math.BigInteger s_m =3D new java.math.BigInteger("1024");
java.math.BigInteger s_e =3D new java.math.BigInteger("9");
jsdsi.RSAPublicKey s_rsapk =3D new jsdsi.RSAPublicKey(s_m, s_e, =
"RSA");
KeyPair s_pair =3D s_rsapk.create();
PrivateKey s_priv =3D s_pair.getPrivate();
jsdsi.PublicKey s_pub =3D (jsdsi.PublicKey) s_pair.getPublic();
=20
---> This method always generate the same Keypair
2. KeyPairGenerator keyGen =3D KeyPairGenerator.getInstance("RSA");
RSAKeyGenParameterSpec rsagen =3D new =
RSAKeyGenParameterSpec(1024,RSAKeyGenParameterSpec.F0);
keyGen.initialize(rsagen);
KeyPair s_test_pair =3D keyGen.generateKeyPair();
PrivateKey s_priv =3D s_test_pair.getPrivate();
//-->Class Cast Error: jsdsi.PublicKey s_pub =3D (jsdsi.PublicKey) =
s_test_pair.getPublic();
java.security.interfaces.RSAPublicKey pub =3D =
(java.security.interfaces.RSAPublicKey)s_test_pair.getPublic();
jsdsi.RSAPublicKey s_pub =3D new jsdsi.RSAPublicKey(pub);
=20
---> Throw Class Cast Error when pass KeyPair into "create" method in =
"signature" class
(I think error is occured in " assert(kp.getPublic() instanceof =
Principal) within signature class ")
=20
3. KeyPairGenerator keyGen =3D KeyPairGenerator.getInstance("RSA");
RSAKeyGenParameterSpec rsagen =3D new =
RSAKeyGenParameterSpec(1024,RSAKeyGenParameterSpec.F0);
keyGen.initialize(rsagen);
KeyPair s_test_pair =3D keyGen.generateKeyPair();
PrivateKey s_priv =3D s_test_pair.getPrivate();
java.security.interfaces.RSAPublicKey pub =3D =
(java.security.interfaces.RSAPublicKey)s_test_pair.getPublic();
jsdsi.RSAPublicKey s_pub =3D new jsdsi.RSAPublicKey(pub);
/* Create another keypair from jsdsi.RSAPublicKey.create() */
KeyPair s_pair =3D s_pub.create();
=20
---> This method always generate the same Keypair
Regards,
Matt |
|
From: Luis P. <lp...@ne...> - 2004-04-28 23:09:28
|
Guillermo,
Taking Sean's ideia u can also try:
1 - (tag (index (* range numeric g 0 le 2))) for an index = 2;
2 - (tag (index (* range numeric g 0 le 6))) for an index = 6;
Then, when u intersect '1' with '2' the result will be 1.
U can achieve this tags by doing: new SimpleTag("index", new ExprTag[] {new
RangeTag("numeric", "2", false, "0", true)}).
I think that u can also achieve your tag using just jsdsi.
-- Luis Pedro
|
|
From: Sameer A. <aj...@cs...> - 2004-04-28 23:01:34
|
Comments below... > On Wed, 2004-04-28 at 18:38, Guillermo Navarro wrote: >> Hi, >> >> Thanks for your interest. I'm still working on it and as you said I >> may find a way to encode the tags so I can use the existing tags (I'm >> testing several approaches). >> >> At the moment I use a tag which looks like: >> >> (tag (my-kind-of-auth (index 3) (id 453455) (val <byte-string>))) >> >> It is an element of a hash chain. The "val" is an element "index" of >> the hash chain "id". >> >> The intersection function, is something like: given two tags, the >> resulting intersection is the one with a lower index, only if both >> id's are equal, and we can verify the value of the corresponding hash, >> otherwise the intersection is null. >> > As an idea, could the 'index' be a SetTag, where index 3 equates to > (index (* set 1 2 3)). Therefore the intersection of (index (* set 1 2 3 > 4)) and (index (* set 1 2)) is (index (* set 1 2)). Using SetTags won't scale well to large numbers of indexes. Instead, you can use a RangeTag to represent an arbitrarily large set: Represent index N as (index (*range numeric lt N)), for example: index 3 == (index (*range numeric lt 3)) index 1 == (index (*range numeric lt 1)) Then index 1 intersected with index 3 is the intersection of the ranges "less than 1" and "less than 3", which is "less than 1". (this is because the "less than" parameter is an _upper limit_, and a lower upper limit is more restrictive, and intersection returns the more restrictive range). Note also that "only if both id's are equal" works fine as you have it: (id 453455) will only intersect with another SimpleTag like (id 453455 ...) -- the "..." is there because SimpleTags can be extended (and so restricted), but this is irrelevant for what you're doing. I agree with Sean about the (val ...) tag -- what value did you hash? Sameer |
|
From: Sean R. <sra...@ae...> - 2004-04-28 22:37:49
|
On Wed, 2004-04-28 at 18:38, Guillermo Navarro wrote: > Hi, > > Thanks for your interest. I'm still working on it and as you said I > may find a way to encode the tags so I can use the existing tags (I'm > testing several approaches). > > At the moment I use a tag which looks like: > > (tag (my-kind-of-auth (index 3) (id 453455) (val <byte-string>))) > > It is an element of a hash chain. The "val" is an element "index" of > the hash chain "id". > > The intersection function, is something like: given two tags, the > resulting intersection is the one with a lower index, only if both > id's are equal, and we can verify the value of the corresponding hash, > otherwise the intersection is null. > As an idea, could the 'index' be a SetTag, where index 3 equates to (index (* set 1 2 3)). Therefore the intersection of (index (* set 1 2 3 4)) and (index (* set 1 2)) is (index (* set 1 2)). Unsure of what you mean about verifying the value of the hash. Is the hash the bytes-string in (val (byte-string))? What is it a hash of? > As I said, I'm still working on it and I'm not sure how will it end > (if this ends in anything). I will let you know more details as soon > as I have more details or something more sound (I'm in a very > primitive stage). Thanks anyway. > That's fine. Will be glad to try and help. Regards, Sean -- Dr. Sean Radford, MBBS, MSc sra...@ae... http://www.aegeus-technology.com |
|
From: Sean R. <sra...@ae...> - 2004-04-28 08:58:43
|
Hi, The Hash.create(String, byte[], URI[]) method was added on 26th May, 4 days after the 0.5 release. If you need (would like) this method then I would suggest the latest 'snapshot' jar from the jsdsi maven repository. http://jsdsi.sourceforge.net/maven/jsdsi/jars/ Hope that helps, regards, Sean On Wed, 2004-04-28 at 04:21, Feng-Shuo wrote: > Dear Sameer, > > Thanks for your answering that is very informative. > However, I found that "create" method in "Hash" class isn't included in > released jsdsi-0.5.jar(Although, the javadoc of this method is on the web). > Therefore, I still can't create valid hash value. Could you check on this, > please? or I misunderstood something still? > > Sincerely, > > Matt > > ----- Original Message ----- > From: "Sameer Ajmani" <aj...@cs...> > To: <fc...@an...> > Cc: <jsd...@li...> > Sent: Tuesday, April 27, 2004 8:23 AM > Subject: Re: <Question about JSDSI> > > > > Your error is here: > > > SexpString ss = new SexpString(certificate.toString()); > > > sos.writeCanonical(ss); > > > > You should not wrap the certificate in a SexpString. Instead, > > write the certificate as a Sequence: > > > > sos.writeCanonical(certificate.toSequence().toSexp()); > > > > [[[ NOTE TO ALL: This is pretty unintuitive; any suggestions on how to > > make it better? ]]] > > > > > > > > You should not access "engine" methods directly: > > > > > jsdsi.sexp.CertificateFactory cert_f = new > > > jsdsi.sexp.CertificateFactory(); while (sis.available() > 0) { > > > /* ========== Exception happens in next line >>> Caught exception > > > java.security.cert.CertificateParsingException */ > > > jsdsi.Certificate jcertificate = (jsdsi.Certificate) cert_f. > > > engineGenerateCertificate(sis); > > > /* ========== */ > > > > Instead, obtain a CertificateFactory via the provider: > > > > CertificateFactory cf = CertificateFactory.getInstance("SPKI/SEXP"); > > > > while (sis.available() > 0) { > > Certificate cert = cf.generateCertificate(sis); > > System.out.println(cert.toString()); > > } > > > > > > > > This signature is invalid, because "d" was not produced using any > > signature algorithm: > > > > > /* Put the Cert(NameCert) and the Signature together in a > > > jsdsi.Certificate*/ byte[] d = new byte[1024]; > > > jsdsi.Signature sig = new jsdsi.Signature(pub, new > > > Hash("SHA",ncert), "RSA", d); > > > > Use one of the jsdsi.Signature.create() methods instead (these were added > > last month). You should use Hash.create(), too. [[[ NOTE TO JSDSI > > DEVELOPERS: We should probably make the cosntructors for Hash and > > Signature package-private to avoid this problem in the future. But > > somehow we have to let the parsers in jsdsi.sexp access them. ]]] > > > > Sameer > > > > > Dear Sameer and Sean, > > > I know I should post questions on maillist but it seems take some time > > > to get subscription confirmation letter, so sorry that I choose to > > > send my question in e-mail directly. The question is when I try to > > > generate the certificate from underlying s-exp stream (I highlighted > > > that code in /*===== ), that seems something wrong with the encoding > > > scheme or maybe other problmes. Could you help me figure out what > > > might be the problem and how to correct it? > > > > > > Sincerely, > > > > > > Matt Chang > > > > > > Following is my testing code within main() which stores NameCert to > > > File then restores from File : > > > > > > try { > > > > > > /********** Client side ***********/ > > > /* Generate a RSA key pair */ > > > java.math.BigInteger m = new java.math.BigInteger("1024"); > > > java.math.BigInteger e = new java.math.BigInteger("3"); > > > RSAPublicKey rsapk = new RSAPublicKey(m, e, "RSA"); > > > > > > /* Creates a new RSA key pair whose public key is a Principal */ > > > KeyPair pair = rsapk.create(); > > > PrivateKey priv = pair.getPrivate(); > > > jsdsi.PublicKey pub = (jsdsi.PublicKey) pair.getPublic(); > > > > > > /* Creat a Name certificate */ > > > Validity v = new Validity(new Date(2004, 4, 24), new Date(2004, > > > 5, > > > 24)); NameCert ncert = new NameCert(pub, pub, v, "", "comment", > > > "name-string"); > > > > > > /* Put the Cert(NameCert) and the Signature together in a > > > jsdsi.Certificate*/ byte[] d = new byte[1024]; > > > jsdsi.Signature sig = new jsdsi.Signature(pub, new > > > Hash("SHA",ncert), "RSA", d); jsdsi.Certificate certificate = new > > > jsdsi.Certificate(pub, ncert, sig); > > > > > > /* Display this Certificate which includes Namecert and > > > signature > > > */ System.out.println("Client Agent: Certificate content: "); > > > System.out.println(certificate.toString()); > > > > > > /* Transfer Certificate in S-expOutStream -> FileOutputStream */ > > > FileOutputStream file_out = new FileOutputStream("namecert.txt"); > > > SexpOutputStream sos = new SexpOutputStream(file_out); > > > SexpString ss = new SexpString(certificate.toString()); > > > sos.writeCanonical(ss); > > > > > > file_out.close(); > > > > > > /**************** Server Side **************/ > > > /* Retrieve Certificate from S-exp InStream <- FileInputStream*/ > > > FileInputStream file_in = new FileInputStream("namecert.txt"); > > > SexpInputStream sis = new SexpInputStream(file_in); > > > jsdsi.sexp.CertificateFactory cert_f = new > > > jsdsi.sexp.CertificateFactory(); while (sis.available() > 0) { > > > /* ========== Exception happens in next line >>> Caught exception > > > java.security.cert.CertificateParsingException */ > > > jsdsi.Certificate jcertificate = (jsdsi.Certificate) cert_f. > > > engineGenerateCertificate(sis); > > > /* ========== */ > > > > > > jsdsi.PublicKey s_pk = > > > (jsdsi.PublicKey)jcertificate.getPublicKey(); > > > jcertificate.verify(s_pk); > > > > > > /* Display this Certificate which includes Namecert and > > > signature */ System.out.println("Server Agent: Certificate > > > content: "); System.out.println(jcertificate.toString()); > > > > > > NameCert n_cert = (NameCert) jcertificate.getCert(); > > > System.out.println("Server Agent: Name certificate: "); > > > System.out.println(n_cert.toString()); > > > } > > > > > > } > > > catch (Exception e) { > > > System.err.println("Caught exception " + e.toString()); > > > } > > > > > > > > > http://ajmani.net > > > > > > > > > > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: Oracle 10g > Get certified on the hottest thing ever to hit the market... Oracle 10g. > Take an Oracle 10g class now, and we'll give you the exam FREE. > http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click > _______________________________________________ > Jsdsi-users mailing list > Jsd...@li... > https://lists.sourceforge.net/lists/listinfo/jsdsi-users -- Dr. Sean Radford, MBBS, MSc sra...@ae... http://www.aegeus-technology.com |
|
From: Sean R. <sra...@ae...> - 2004-04-28 08:49:36
|
Sorry guys - I've been in the hills out of email...
Hello Guillermo, I hope, despite you're current probelme, that jsdsi is
proving fun.
I guess my only additional point regarding Tags is the need to extend
the jsdsi provided ones in the first place. When I first started with
jsdsi I kept wanting to myself, but now that I have a better
understanding of it all can see how the existing ones can be used to
meet most (all) purposes.
Guillermo, would you like some suggestions on how (if it is possible)
you might model your tags using the jsdsi classes?
Regards,
Sean
On Tue, 2004-04-27 at 15:55, Sameer Ajmani wrote:
> Ok, I've just checked a change into CVS that makes toTagSexp protected.
>
> Sameer
>
> > Sameer Ajmani <aj...@cs...> writes:
> >
> >> Would making toTagSexp() protected solve your problem? We can
> >> probably do this.
> >
> > yes, it will be perfect.
> >
> > I think it will allow others to provide specific tags with their own
> > intersect() methods without modifying the jsdsi package by extending
> > Tag. (again, I don't know if it is a good practice or if it should be
> > allowed, but at least i find it useful).
> >
> >
> > guillermo
> >
> >>
> >> Sameer
> >>
> >>>
> >>> Thanks a lot for the answer and the advice,
> >>>
> >>>> To construct application-specific tags, just use the Tag subclasses.
> >>>
> >>> I wanted to create a new Tag object because the semantics of my
> >>> authorization tag require a different intersect() function. I just
> >>> though that I could extend jsdsi.Tag implementing the abstract
> >>> methods, and providing my own intersect algorithm for my specific
> >>> tag.
> >>>
> >>> If I implement my own Tag extending jsdsi.Tag I get an error because
> >>> I cannot implement the abstract method Tag.toTagSexp(). Making it
> >>> public in Tag solves the error, although I don't know if this is a
> >>> good practice.
> >>>
> >>> Thanks again,
> >>>
> >>> Guillermo
> >>>
> >>>
> >>> Sameer Ajmani <aj...@cs...> writes:
> >>>
> >>>> Tag.toSexp() returns (tag <tag-material>), while Tag.toTagSexp()
> >>>> just returns <tag-material>. This just matters for when you write
> >>>> tags to a file or to the network (you should always use toSexp(), so
> >>>> that the receiver knows that it's getting a Tag). To construct
> >>>> application-specific tags, just use the Tag subclasses. For
> >>>> example, a tag like this:
> >>>> (tag (file (*set read write) (*prefix /home/ajmani)))
> >>>> Is constructed as:
> >>>> new SimpleTag("file",
> >>>> new ExprTag[] {
> >>>> new SetTag(new ExprTag[] { new StringTag("read"),
> >>>> new StringTag("write") }),
> >>>> new PrefixTag("/home/ajmani");
> >>>> };
> >>>> ).toSexp();
> >>>>
> >>>> or parse the original string into an object:
> >>>>
> >>>> Tag myTag = (Tag)Obj.parseObj
> >>>> (new SexpInputString
> >>>> (new ByteArrayInputStream
> >>>> (Sexp.encodeString
> >>>> ("(tag (file (*set read write) (*prefix /home/ajmani)))")
> >>>> )).readSexp());
> >>>>
> >>>> Sameer
> >>>>
> >>>>> Hi,
> >>>>>
> >>>>> I have a little question regarding jsdsi.Tag. I need to create an
> >>>>> application specific Tag and I was wondering if the abstract class
> >>>>> Tag is intended to be extended by external sw packages.
> >>>>>
> >>>>> If this is the case, the method Tag.toTagSexp() shouldn't it be
> >>>>> declared public or protected? In the latests stable version and
> >>>>> current CVS version is is package-private. And if this is not the
> >>>>> case, which is the best way to implement an application-specific
> >>>>> tag?
> >>>>>
> >>>>>
> >>>>> thanks,
> >>>>>
> >>>>> Guillermo
> >>>>>
> >>>>> --
> >>>>> ---------------------------------------------------------------
> >>>>> Guillermo Navarro (gna...@cc...)
> >>>>> Phone: +34 93 581 3577
> >>>>> FAX: +34 93 581 3033
> >>>>> Home: http://www.ccd.uab.es/~guille
> >>>>> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
> >>>>> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
> >>>>> ---------------------------------------------------------------
> >>>>>
> >>>>>
> >>>>>
> >>>>> -------------------------------------------------------
> >>>>> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
> >>>>> For a limited time only, get FREE Ground shipping on all orders of
> >>>>> $35 or more. Hurry up and shop folks, this offer expires April
> >>>>> 30th! http://www.thinkgeek.com/freeshipping/?cpg=12297
> >>>>> _______________________________________________
> >>>>> Jsdsi-users mailing list
> >>>>> Jsd...@li...
> >>>>> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
> >>>>
> >>>>
> >>>> http://ajmani.net
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> -------------------------------------------------------
> >>>> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
> >>>> For a limited time only, get FREE Ground shipping on all orders of
> >>>> $35 or more. Hurry up and shop folks, this offer expires April 30th!
> >>>> http://www.thinkgeek.com/freeshipping/?cpg=12297
> >>>> _______________________________________________
> >>>> Jsdsi-users mailing list
> >>>> Jsd...@li...
> >>>> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
> >>>>
> >>>
> >>> --
> >>> ---------------------------------------------------------------
> >>> Guillermo Navarro (gna...@cc...)
> >>> Phone: +34 93 581 3577
> >>> FAX: +34 93 581 3033
> >>> Home: http://www.ccd.uab.es/~guille
> >>> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
> >>> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
> >>> ---------------------------------------------------------------
> >>
> >>
> >> http://ajmani.net
> >>
> >>
> >>
> >
> > --
> > ---------------------------------------------------------------
> > Guillermo Navarro (gna...@cc...)
> > Phone: +34 93 581 3577
> > FAX: +34 93 581 3033
> > Home: http://www.ccd.uab.es/~guille
> > Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
> > Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
> > ---------------------------------------------------------------
>
>
> http://ajmani.net
>
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
> For a limited time only, get FREE Ground shipping on all orders of $35
> or more. Hurry up and shop folks, this offer expires April 30th!
> http://www.thinkgeek.com/freeshipping/?cpg=12297
> _______________________________________________
> Jsdsi-users mailing list
> Jsd...@li...
> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
--
Dr. Sean Radford, MBBS, MSc
sra...@ae...
http://www.aegeus-technology.com
|
|
From: Feng-Shuo <fc...@an...> - 2004-04-28 03:21:48
|
Dear Sameer,
Thanks for your answering that is very informative.
However, I found that "create" method in "Hash" class isn't included in
released jsdsi-0.5.jar(Although, the javadoc of this method is on the web).
Therefore, I still can't create valid hash value. Could you check on this,
please? or I misunderstood something still?
Sincerely,
Matt
----- Original Message -----
From: "Sameer Ajmani" <aj...@cs...>
To: <fc...@an...>
Cc: <jsd...@li...>
Sent: Tuesday, April 27, 2004 8:23 AM
Subject: Re: <Question about JSDSI>
> Your error is here:
> > SexpString ss = new SexpString(certificate.toString());
> > sos.writeCanonical(ss);
>
> You should not wrap the certificate in a SexpString. Instead,
> write the certificate as a Sequence:
>
> sos.writeCanonical(certificate.toSequence().toSexp());
>
> [[[ NOTE TO ALL: This is pretty unintuitive; any suggestions on how to
> make it better? ]]]
>
>
>
> You should not access "engine" methods directly:
>
> > jsdsi.sexp.CertificateFactory cert_f = new
> > jsdsi.sexp.CertificateFactory(); while (sis.available() > 0) {
> > /* ========== Exception happens in next line >>> Caught exception
> > java.security.cert.CertificateParsingException */
> > jsdsi.Certificate jcertificate = (jsdsi.Certificate) cert_f.
> > engineGenerateCertificate(sis);
> > /* ========== */
>
> Instead, obtain a CertificateFactory via the provider:
>
> CertificateFactory cf = CertificateFactory.getInstance("SPKI/SEXP");
>
> while (sis.available() > 0) {
> Certificate cert = cf.generateCertificate(sis);
> System.out.println(cert.toString());
> }
>
>
>
> This signature is invalid, because "d" was not produced using any
> signature algorithm:
>
> > /* Put the Cert(NameCert) and the Signature together in a
> > jsdsi.Certificate*/ byte[] d = new byte[1024];
> > jsdsi.Signature sig = new jsdsi.Signature(pub, new
> > Hash("SHA",ncert), "RSA", d);
>
> Use one of the jsdsi.Signature.create() methods instead (these were added
> last month). You should use Hash.create(), too. [[[ NOTE TO JSDSI
> DEVELOPERS: We should probably make the cosntructors for Hash and
> Signature package-private to avoid this problem in the future. But
> somehow we have to let the parsers in jsdsi.sexp access them. ]]]
>
> Sameer
>
> > Dear Sameer and Sean,
> > I know I should post questions on maillist but it seems take some time
> > to get subscription confirmation letter, so sorry that I choose to
> > send my question in e-mail directly. The question is when I try to
> > generate the certificate from underlying s-exp stream (I highlighted
> > that code in /*===== ), that seems something wrong with the encoding
> > scheme or maybe other problmes. Could you help me figure out what
> > might be the problem and how to correct it?
> >
> > Sincerely,
> >
> > Matt Chang
> >
> > Following is my testing code within main() which stores NameCert to
> > File then restores from File :
> >
> > try {
> >
> > /********** Client side ***********/
> > /* Generate a RSA key pair */
> > java.math.BigInteger m = new java.math.BigInteger("1024");
> > java.math.BigInteger e = new java.math.BigInteger("3");
> > RSAPublicKey rsapk = new RSAPublicKey(m, e, "RSA");
> >
> > /* Creates a new RSA key pair whose public key is a Principal */
> > KeyPair pair = rsapk.create();
> > PrivateKey priv = pair.getPrivate();
> > jsdsi.PublicKey pub = (jsdsi.PublicKey) pair.getPublic();
> >
> > /* Creat a Name certificate */
> > Validity v = new Validity(new Date(2004, 4, 24), new Date(2004,
> > 5,
> > 24)); NameCert ncert = new NameCert(pub, pub, v, "", "comment",
> > "name-string");
> >
> > /* Put the Cert(NameCert) and the Signature together in a
> > jsdsi.Certificate*/ byte[] d = new byte[1024];
> > jsdsi.Signature sig = new jsdsi.Signature(pub, new
> > Hash("SHA",ncert), "RSA", d); jsdsi.Certificate certificate = new
> > jsdsi.Certificate(pub, ncert, sig);
> >
> > /* Display this Certificate which includes Namecert and
> > signature
> > */ System.out.println("Client Agent: Certificate content: ");
> > System.out.println(certificate.toString());
> >
> > /* Transfer Certificate in S-expOutStream -> FileOutputStream */
> > FileOutputStream file_out = new FileOutputStream("namecert.txt");
> > SexpOutputStream sos = new SexpOutputStream(file_out);
> > SexpString ss = new SexpString(certificate.toString());
> > sos.writeCanonical(ss);
> >
> > file_out.close();
> >
> > /**************** Server Side **************/
> > /* Retrieve Certificate from S-exp InStream <- FileInputStream*/
> > FileInputStream file_in = new FileInputStream("namecert.txt");
> > SexpInputStream sis = new SexpInputStream(file_in);
> > jsdsi.sexp.CertificateFactory cert_f = new
> > jsdsi.sexp.CertificateFactory(); while (sis.available() > 0) {
> > /* ========== Exception happens in next line >>> Caught exception
> > java.security.cert.CertificateParsingException */
> > jsdsi.Certificate jcertificate = (jsdsi.Certificate) cert_f.
> > engineGenerateCertificate(sis);
> > /* ========== */
> >
> > jsdsi.PublicKey s_pk =
> > (jsdsi.PublicKey)jcertificate.getPublicKey();
> > jcertificate.verify(s_pk);
> >
> > /* Display this Certificate which includes Namecert and
> > signature */ System.out.println("Server Agent: Certificate
> > content: "); System.out.println(jcertificate.toString());
> >
> > NameCert n_cert = (NameCert) jcertificate.getCert();
> > System.out.println("Server Agent: Name certificate: ");
> > System.out.println(n_cert.toString());
> > }
> >
> > }
> > catch (Exception e) {
> > System.err.println("Caught exception " + e.toString());
> > }
> >
>
>
> http://ajmani.net
>
>
>
>
>
|
|
From: Guillermo N. <gna...@cc...> - 2004-04-27 15:05:53
|
Thanks a lot for the answer and the advice,
> To construct application-specific tags, just use the Tag subclasses.
I wanted to create a new Tag object because the semantics of my
authorization tag require a different intersect() function. I just
though that I could extend jsdsi.Tag implementing the abstract
methods, and providing my own intersect algorithm for my specific tag.
If I implement my own Tag extending jsdsi.Tag I get an error because I
cannot implement the abstract method Tag.toTagSexp(). Making it public
in Tag solves the error, although I don't know if this is a good
practice.
Thanks again,
Guillermo
Sameer Ajmani <aj...@cs...> writes:
> Tag.toSexp() returns (tag <tag-material>), while Tag.toTagSexp() just
> returns <tag-material>. This just matters for when you write tags to a
> file or to the network (you should always use toSexp(), so that the
> receiver knows that it's getting a Tag). To construct
> application-specific tags, just use the Tag subclasses. For example, a
> tag like this:
> (tag (file (*set read write) (*prefix /home/ajmani)))
> Is constructed as:
> new SimpleTag("file",
> new ExprTag[] {
> new SetTag(new ExprTag[] { new StringTag("read"),
> new StringTag("write") }),
> new PrefixTag("/home/ajmani");
> };
> ).toSexp();
>
> or parse the original string into an object:
>
> Tag myTag = (Tag)Obj.parseObj
> (new SexpInputString
> (new ByteArrayInputStream
> (Sexp.encodeString
> ("(tag (file (*set read write) (*prefix /home/ajmani)))")
> )).readSexp());
>
> Sameer
>
>> Hi,
>>
>> I have a little question regarding jsdsi.Tag. I need to create an
>> application specific Tag and I was wondering if the abstract class Tag
>> is intended to be extended by external sw packages.
>>
>> If this is the case, the method Tag.toTagSexp() shouldn't it be
>> declared public or protected? In the latests stable version and
>> current CVS version is is package-private. And if this is not the
>> case, which is the best way to implement an application-specific tag?
>>
>>
>> thanks,
>>
>> Guillermo
>>
>> --
>> ---------------------------------------------------------------
>> Guillermo Navarro (gna...@cc...)
>> Phone: +34 93 581 3577
>> FAX: +34 93 581 3033
>> Home: http://www.ccd.uab.es/~guille
>> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
>> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
>> ---------------------------------------------------------------
>>
>>
>>
>> -------------------------------------------------------
>> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek For
>> a limited time only, get FREE Ground shipping on all orders of $35 or
>> more. Hurry up and shop folks, this offer expires April 30th!
>> http://www.thinkgeek.com/freeshipping/?cpg=12297
>> _______________________________________________
>> Jsdsi-users mailing list
>> Jsd...@li...
>> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
>
>
> http://ajmani.net
>
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
> For a limited time only, get FREE Ground shipping on all orders of $35
> or more. Hurry up and shop folks, this offer expires April 30th!
> http://www.thinkgeek.com/freeshipping/?cpg=12297
> _______________________________________________
> Jsdsi-users mailing list
> Jsd...@li...
> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
>
--
---------------------------------------------------------------
Guillermo Navarro (gna...@cc...)
Phone: +34 93 581 3577
FAX: +34 93 581 3033
Home: http://www.ccd.uab.es/~guille
Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
---------------------------------------------------------------
|
|
From: Sameer A. <aj...@cs...> - 2004-04-27 14:56:03
|
Ok, I've just checked a change into CVS that makes toTagSexp protected.
Sameer
> Sameer Ajmani <aj...@cs...> writes:
>
>> Would making toTagSexp() protected solve your problem? We can
>> probably do this.
>
> yes, it will be perfect.
>
> I think it will allow others to provide specific tags with their own
> intersect() methods without modifying the jsdsi package by extending
> Tag. (again, I don't know if it is a good practice or if it should be
> allowed, but at least i find it useful).
>
>
> guillermo
>
>>
>> Sameer
>>
>>>
>>> Thanks a lot for the answer and the advice,
>>>
>>>> To construct application-specific tags, just use the Tag subclasses.
>>>
>>> I wanted to create a new Tag object because the semantics of my
>>> authorization tag require a different intersect() function. I just
>>> though that I could extend jsdsi.Tag implementing the abstract
>>> methods, and providing my own intersect algorithm for my specific
>>> tag.
>>>
>>> If I implement my own Tag extending jsdsi.Tag I get an error because
>>> I cannot implement the abstract method Tag.toTagSexp(). Making it
>>> public in Tag solves the error, although I don't know if this is a
>>> good practice.
>>>
>>> Thanks again,
>>>
>>> Guillermo
>>>
>>>
>>> Sameer Ajmani <aj...@cs...> writes:
>>>
>>>> Tag.toSexp() returns (tag <tag-material>), while Tag.toTagSexp()
>>>> just returns <tag-material>. This just matters for when you write
>>>> tags to a file or to the network (you should always use toSexp(), so
>>>> that the receiver knows that it's getting a Tag). To construct
>>>> application-specific tags, just use the Tag subclasses. For
>>>> example, a tag like this:
>>>> (tag (file (*set read write) (*prefix /home/ajmani)))
>>>> Is constructed as:
>>>> new SimpleTag("file",
>>>> new ExprTag[] {
>>>> new SetTag(new ExprTag[] { new StringTag("read"),
>>>> new StringTag("write") }),
>>>> new PrefixTag("/home/ajmani");
>>>> };
>>>> ).toSexp();
>>>>
>>>> or parse the original string into an object:
>>>>
>>>> Tag myTag = (Tag)Obj.parseObj
>>>> (new SexpInputString
>>>> (new ByteArrayInputStream
>>>> (Sexp.encodeString
>>>> ("(tag (file (*set read write) (*prefix /home/ajmani)))")
>>>> )).readSexp());
>>>>
>>>> Sameer
>>>>
>>>>> Hi,
>>>>>
>>>>> I have a little question regarding jsdsi.Tag. I need to create an
>>>>> application specific Tag and I was wondering if the abstract class
>>>>> Tag is intended to be extended by external sw packages.
>>>>>
>>>>> If this is the case, the method Tag.toTagSexp() shouldn't it be
>>>>> declared public or protected? In the latests stable version and
>>>>> current CVS version is is package-private. And if this is not the
>>>>> case, which is the best way to implement an application-specific
>>>>> tag?
>>>>>
>>>>>
>>>>> thanks,
>>>>>
>>>>> Guillermo
>>>>>
>>>>> --
>>>>> ---------------------------------------------------------------
>>>>> Guillermo Navarro (gna...@cc...)
>>>>> Phone: +34 93 581 3577
>>>>> FAX: +34 93 581 3033
>>>>> Home: http://www.ccd.uab.es/~guille
>>>>> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
>>>>> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
>>>>> ---------------------------------------------------------------
>>>>>
>>>>>
>>>>>
>>>>> -------------------------------------------------------
>>>>> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
>>>>> For a limited time only, get FREE Ground shipping on all orders of
>>>>> $35 or more. Hurry up and shop folks, this offer expires April
>>>>> 30th! http://www.thinkgeek.com/freeshipping/?cpg=12297
>>>>> _______________________________________________
>>>>> Jsdsi-users mailing list
>>>>> Jsd...@li...
>>>>> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
>>>>
>>>>
>>>> http://ajmani.net
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> -------------------------------------------------------
>>>> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
>>>> For a limited time only, get FREE Ground shipping on all orders of
>>>> $35 or more. Hurry up and shop folks, this offer expires April 30th!
>>>> http://www.thinkgeek.com/freeshipping/?cpg=12297
>>>> _______________________________________________
>>>> Jsdsi-users mailing list
>>>> Jsd...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
>>>>
>>>
>>> --
>>> ---------------------------------------------------------------
>>> Guillermo Navarro (gna...@cc...)
>>> Phone: +34 93 581 3577
>>> FAX: +34 93 581 3033
>>> Home: http://www.ccd.uab.es/~guille
>>> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
>>> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
>>> ---------------------------------------------------------------
>>
>>
>> http://ajmani.net
>>
>>
>>
>
> --
> ---------------------------------------------------------------
> Guillermo Navarro (gna...@cc...)
> Phone: +34 93 581 3577
> FAX: +34 93 581 3033
> Home: http://www.ccd.uab.es/~guille
> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
> ---------------------------------------------------------------
http://ajmani.net
|
|
From: Guillermo N. <gna...@cc...> - 2004-04-27 14:06:21
|
Sameer Ajmani <aj...@cs...> writes:
> Would making toTagSexp() protected solve your problem? We can probably do
> this.
yes, it will be perfect.
I think it will allow others to provide specific tags with their own
intersect() methods without modifying the jsdsi package by extending
Tag. (again, I don't know if it is a good practice or if it should be
allowed, but at least i find it useful).
guillermo
>
> Sameer
>
>>
>> Thanks a lot for the answer and the advice,
>>
>>> To construct application-specific tags, just use the Tag subclasses.
>>
>> I wanted to create a new Tag object because the semantics of my
>> authorization tag require a different intersect() function. I just
>> though that I could extend jsdsi.Tag implementing the abstract
>> methods, and providing my own intersect algorithm for my specific tag.
>>
>> If I implement my own Tag extending jsdsi.Tag I get an error because I
>> cannot implement the abstract method Tag.toTagSexp(). Making it public
>> in Tag solves the error, although I don't know if this is a good
>> practice.
>>
>> Thanks again,
>>
>> Guillermo
>>
>>
>> Sameer Ajmani <aj...@cs...> writes:
>>
>>> Tag.toSexp() returns (tag <tag-material>), while Tag.toTagSexp() just
>>> returns <tag-material>. This just matters for when you write tags to
>>> a file or to the network (you should always use toSexp(), so that the
>>> receiver knows that it's getting a Tag). To construct
>>> application-specific tags, just use the Tag subclasses. For example,
>>> a tag like this:
>>> (tag (file (*set read write) (*prefix /home/ajmani)))
>>> Is constructed as:
>>> new SimpleTag("file",
>>> new ExprTag[] {
>>> new SetTag(new ExprTag[] { new StringTag("read"),
>>> new StringTag("write") }),
>>> new PrefixTag("/home/ajmani");
>>> };
>>> ).toSexp();
>>>
>>> or parse the original string into an object:
>>>
>>> Tag myTag = (Tag)Obj.parseObj
>>> (new SexpInputString
>>> (new ByteArrayInputStream
>>> (Sexp.encodeString
>>> ("(tag (file (*set read write) (*prefix /home/ajmani)))")
>>> )).readSexp());
>>>
>>> Sameer
>>>
>>>> Hi,
>>>>
>>>> I have a little question regarding jsdsi.Tag. I need to create an
>>>> application specific Tag and I was wondering if the abstract class
>>>> Tag is intended to be extended by external sw packages.
>>>>
>>>> If this is the case, the method Tag.toTagSexp() shouldn't it be
>>>> declared public or protected? In the latests stable version and
>>>> current CVS version is is package-private. And if this is not the
>>>> case, which is the best way to implement an application-specific tag?
>>>>
>>>>
>>>> thanks,
>>>>
>>>> Guillermo
>>>>
>>>> --
>>>> ---------------------------------------------------------------
>>>> Guillermo Navarro (gna...@cc...)
>>>> Phone: +34 93 581 3577
>>>> FAX: +34 93 581 3033
>>>> Home: http://www.ccd.uab.es/~guille
>>>> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
>>>> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
>>>> ---------------------------------------------------------------
>>>>
>>>>
>>>>
>>>> -------------------------------------------------------
>>>> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
>>>> For a limited time only, get FREE Ground shipping on all orders of
>>>> $35 or more. Hurry up and shop folks, this offer expires April 30th!
>>>> http://www.thinkgeek.com/freeshipping/?cpg=12297
>>>> _______________________________________________
>>>> Jsdsi-users mailing list
>>>> Jsd...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
>>>
>>>
>>> http://ajmani.net
>>>
>>>
>>>
>>>
>>>
>>> -------------------------------------------------------
>>> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
>>> For a limited time only, get FREE Ground shipping on all orders of $35
>>> or more. Hurry up and shop folks, this offer expires April 30th!
>>> http://www.thinkgeek.com/freeshipping/?cpg=12297
>>> _______________________________________________
>>> Jsdsi-users mailing list
>>> Jsd...@li...
>>> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
>>>
>>
>> --
>> ---------------------------------------------------------------
>> Guillermo Navarro (gna...@cc...)
>> Phone: +34 93 581 3577
>> FAX: +34 93 581 3033
>> Home: http://www.ccd.uab.es/~guille
>> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
>> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
>> ---------------------------------------------------------------
>
>
> http://ajmani.net
>
>
>
--
---------------------------------------------------------------
Guillermo Navarro (gna...@cc...)
Phone: +34 93 581 3577
FAX: +34 93 581 3033
Home: http://www.ccd.uab.es/~guille
Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
---------------------------------------------------------------
|
|
From: Sameer A. <aj...@cs...> - 2004-04-27 13:46:46
|
Would making toTagSexp() protected solve your problem? We can probably do
this.
Sameer
>
> Thanks a lot for the answer and the advice,
>
>> To construct application-specific tags, just use the Tag subclasses.
>
> I wanted to create a new Tag object because the semantics of my
> authorization tag require a different intersect() function. I just
> though that I could extend jsdsi.Tag implementing the abstract
> methods, and providing my own intersect algorithm for my specific tag.
>
> If I implement my own Tag extending jsdsi.Tag I get an error because I
> cannot implement the abstract method Tag.toTagSexp(). Making it public
> in Tag solves the error, although I don't know if this is a good
> practice.
>
> Thanks again,
>
> Guillermo
>
>
> Sameer Ajmani <aj...@cs...> writes:
>
>> Tag.toSexp() returns (tag <tag-material>), while Tag.toTagSexp() just
>> returns <tag-material>. This just matters for when you write tags to
>> a file or to the network (you should always use toSexp(), so that the
>> receiver knows that it's getting a Tag). To construct
>> application-specific tags, just use the Tag subclasses. For example,
>> a tag like this:
>> (tag (file (*set read write) (*prefix /home/ajmani)))
>> Is constructed as:
>> new SimpleTag("file",
>> new ExprTag[] {
>> new SetTag(new ExprTag[] { new StringTag("read"),
>> new StringTag("write") }),
>> new PrefixTag("/home/ajmani");
>> };
>> ).toSexp();
>>
>> or parse the original string into an object:
>>
>> Tag myTag = (Tag)Obj.parseObj
>> (new SexpInputString
>> (new ByteArrayInputStream
>> (Sexp.encodeString
>> ("(tag (file (*set read write) (*prefix /home/ajmani)))")
>> )).readSexp());
>>
>> Sameer
>>
>>> Hi,
>>>
>>> I have a little question regarding jsdsi.Tag. I need to create an
>>> application specific Tag and I was wondering if the abstract class
>>> Tag is intended to be extended by external sw packages.
>>>
>>> If this is the case, the method Tag.toTagSexp() shouldn't it be
>>> declared public or protected? In the latests stable version and
>>> current CVS version is is package-private. And if this is not the
>>> case, which is the best way to implement an application-specific tag?
>>>
>>>
>>> thanks,
>>>
>>> Guillermo
>>>
>>> --
>>> ---------------------------------------------------------------
>>> Guillermo Navarro (gna...@cc...)
>>> Phone: +34 93 581 3577
>>> FAX: +34 93 581 3033
>>> Home: http://www.ccd.uab.es/~guille
>>> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
>>> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
>>> ---------------------------------------------------------------
>>>
>>>
>>>
>>> -------------------------------------------------------
>>> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
>>> For a limited time only, get FREE Ground shipping on all orders of
>>> $35 or more. Hurry up and shop folks, this offer expires April 30th!
>>> http://www.thinkgeek.com/freeshipping/?cpg=12297
>>> _______________________________________________
>>> Jsdsi-users mailing list
>>> Jsd...@li...
>>> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
>>
>>
>> http://ajmani.net
>>
>>
>>
>>
>>
>> -------------------------------------------------------
>> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
>> For a limited time only, get FREE Ground shipping on all orders of $35
>> or more. Hurry up and shop folks, this offer expires April 30th!
>> http://www.thinkgeek.com/freeshipping/?cpg=12297
>> _______________________________________________
>> Jsdsi-users mailing list
>> Jsd...@li...
>> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
>>
>
> --
> ---------------------------------------------------------------
> Guillermo Navarro (gna...@cc...)
> Phone: +34 93 581 3577
> FAX: +34 93 581 3033
> Home: http://www.ccd.uab.es/~guille
> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
> ---------------------------------------------------------------
http://ajmani.net
|
|
From: Sameer A. <aj...@cs...> - 2004-04-27 12:58:11
|
Tag.toSexp() returns (tag <tag-material>), while Tag.toTagSexp() just
returns <tag-material>. This just matters for when you write tags to a
file or to the network (you should always use toSexp(), so that the
receiver knows that it's getting a Tag). To construct
application-specific tags, just use the Tag subclasses. For example, a
tag like this:
(tag (file (*set read write) (*prefix /home/ajmani)))
Is constructed as:
new SimpleTag("file",
new ExprTag[] {
new SetTag(new ExprTag[] { new StringTag("read"),
new StringTag("write") }),
new PrefixTag("/home/ajmani");
};
).toSexp();
or parse the original string into an object:
Tag myTag = (Tag)Obj.parseObj
(new SexpInputString
(new ByteArrayInputStream
(Sexp.encodeString
("(tag (file (*set read write) (*prefix /home/ajmani)))")
)).readSexp());
Sameer
> Hi,
>
> I have a little question regarding jsdsi.Tag. I need to create an
> application specific Tag and I was wondering if the abstract class Tag
> is intended to be extended by external sw packages.
>
> If this is the case, the method Tag.toTagSexp() shouldn't it be
> declared public or protected? In the latests stable version and
> current CVS version is is package-private. And if this is not the
> case, which is the best way to implement an application-specific tag?
>
>
> thanks,
>
> Guillermo
>
> --
> ---------------------------------------------------------------
> Guillermo Navarro (gna...@cc...)
> Phone: +34 93 581 3577
> FAX: +34 93 581 3033
> Home: http://www.ccd.uab.es/~guille
> Combinatoria i Comunicacio Digital (http://www.ccd.uab.es)
> Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain
> ---------------------------------------------------------------
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek For
> a limited time only, get FREE Ground shipping on all orders of $35 or
> more. Hurry up and shop folks, this offer expires April 30th!
> http://www.thinkgeek.com/freeshipping/?cpg=12297
> _______________________________________________
> Jsdsi-users mailing list
> Jsd...@li...
> https://lists.sourceforge.net/lists/listinfo/jsdsi-users
http://ajmani.net
|
|
From: Sameer A. <aj...@cs...> - 2004-04-27 12:23:22
|
Your error is here:
> SexpString ss = new SexpString(certificate.toString());
> sos.writeCanonical(ss);
You should not wrap the certificate in a SexpString. Instead,
write the certificate as a Sequence:
sos.writeCanonical(certificate.toSequence().toSexp());
[[[ NOTE TO ALL: This is pretty unintuitive; any suggestions on how to
make it better? ]]]
You should not access "engine" methods directly:
> jsdsi.sexp.CertificateFactory cert_f = new
> jsdsi.sexp.CertificateFactory(); while (sis.available() > 0) {
> /* ========== Exception happens in next line >>> Caught exception
> java.security.cert.CertificateParsingException */
> jsdsi.Certificate jcertificate = (jsdsi.Certificate) cert_f.
> engineGenerateCertificate(sis);
> /* ========== */
Instead, obtain a CertificateFactory via the provider:
CertificateFactory cf = CertificateFactory.getInstance("SPKI/SEXP");
while (sis.available() > 0) {
Certificate cert = cf.generateCertificate(sis);
System.out.println(cert.toString());
}
This signature is invalid, because "d" was not produced using any
signature algorithm:
> /* Put the Cert(NameCert) and the Signature together in a
> jsdsi.Certificate*/ byte[] d = new byte[1024];
> jsdsi.Signature sig = new jsdsi.Signature(pub, new
> Hash("SHA",ncert), "RSA", d);
Use one of the jsdsi.Signature.create() methods instead (these were added
last month). You should use Hash.create(), too. [[[ NOTE TO JSDSI
DEVELOPERS: We should probably make the cosntructors for Hash and
Signature package-private to avoid this problem in the future. But
somehow we have to let the parsers in jsdsi.sexp access them. ]]]
Sameer
> Dear Sameer and Sean,
> I know I should post questions on maillist but it seems take some time
> to get subscription confirmation letter, so sorry that I choose to
> send my question in e-mail directly. The question is when I try to
> generate the certificate from underlying s-exp stream (I highlighted
> that code in /*===== ), that seems something wrong with the encoding
> scheme or maybe other problmes. Could you help me figure out what
> might be the problem and how to correct it?
>
> Sincerely,
>
> Matt Chang
>
> Following is my testing code within main() which stores NameCert to
> File then restores from File :
>
> try {
>
> /********** Client side ***********/
> /* Generate a RSA key pair */
> java.math.BigInteger m = new java.math.BigInteger("1024");
> java.math.BigInteger e = new java.math.BigInteger("3");
> RSAPublicKey rsapk = new RSAPublicKey(m, e, "RSA");
>
> /* Creates a new RSA key pair whose public key is a Principal */
> KeyPair pair = rsapk.create();
> PrivateKey priv = pair.getPrivate();
> jsdsi.PublicKey pub = (jsdsi.PublicKey) pair.getPublic();
>
> /* Creat a Name certificate */
> Validity v = new Validity(new Date(2004, 4, 24), new Date(2004,
> 5,
> 24)); NameCert ncert = new NameCert(pub, pub, v, "", "comment",
> "name-string");
>
> /* Put the Cert(NameCert) and the Signature together in a
> jsdsi.Certificate*/ byte[] d = new byte[1024];
> jsdsi.Signature sig = new jsdsi.Signature(pub, new
> Hash("SHA",ncert), "RSA", d); jsdsi.Certificate certificate = new
> jsdsi.Certificate(pub, ncert, sig);
>
> /* Display this Certificate which includes Namecert and
> signature
> */ System.out.println("Client Agent: Certificate content: ");
> System.out.println(certificate.toString());
>
> /* Transfer Certificate in S-expOutStream -> FileOutputStream */
> FileOutputStream file_out = new FileOutputStream("namecert.txt");
> SexpOutputStream sos = new SexpOutputStream(file_out);
> SexpString ss = new SexpString(certificate.toString());
> sos.writeCanonical(ss);
>
> file_out.close();
>
> /**************** Server Side **************/
> /* Retrieve Certificate from S-exp InStream <- FileInputStream*/
> FileInputStream file_in = new FileInputStream("namecert.txt");
> SexpInputStream sis = new SexpInputStream(file_in);
> jsdsi.sexp.CertificateFactory cert_f = new
> jsdsi.sexp.CertificateFactory(); while (sis.available() > 0) {
> /* ========== Exception happens in next line >>> Caught exception
> java.security.cert.CertificateParsingException */
> jsdsi.Certificate jcertificate = (jsdsi.Certificate) cert_f.
> engineGenerateCertificate(sis);
> /* ========== */
>
> jsdsi.PublicKey s_pk =
> (jsdsi.PublicKey)jcertificate.getPublicKey();
> jcertificate.verify(s_pk);
>
> /* Display this Certificate which includes Namecert and
> signature */ System.out.println("Server Agent: Certificate
> content: "); System.out.println(jcertificate.toString());
>
> NameCert n_cert = (NameCert) jcertificate.getCert();
> System.out.println("Server Agent: Name certificate: ");
> System.out.println(n_cert.toString());
> }
>
> }
> catch (Exception e) {
> System.err.println("Caught exception " + e.toString());
> }
>
http://ajmani.net
|
|
From: <gu...@cc...> - 2004-04-27 10:47:56
|
Hi, I have a little question regarding jsdsi.Tag. I need to create an application specific Tag and I was wondering if the abstract class Tag is intended to be extended by external sw packages. If this is the case, the method Tag.toTagSexp() shouldn't it be declared public or protected? In the latests stable version and current CVS version is is package-private. And if this is not the case, which is the best way to implement an application-specific tag? thanks, Guillermo -- --------------------------------------------------------------- Guillermo Navarro (gna...@cc...) Phone: +34 93 581 3577 FAX: +34 93 581 3033 Home: http://www.ccd.uab.es/~guille Combinatoria i Comunicacio Digital (http://www.ccd.uab.es) Universitat Autonoma de Barcelona - 08193 Bellaterra, Spain --------------------------------------------------------------- |
|
From: Sean R. <sra...@ae...> - 2004-04-21 13:56:03
|
Excellent - one solution to remember for similar problems in the future. I hope jsdsi sparks your interest and meets your needs. Regards, Sean On Wed, 2004-04-21 at 14:25, David R Robison wrote: > Thanks for your help. The problem seemed to be with my Maven repository. > I deleted all the *.cache files then re-ran Maven. It rebuilt the cache > files and all was well. > David > > Sean Radford wrote: > > >Hmm... not sure about this one. > > > >We are not doing anything special with our build process so there should > >be no reason for this. I've had a quick look on the Maven user list and > >can't see any mention of any similar problems. > > > >Are you able to jar:install on other Maven projects? > > > >Can you 'run -X maven jar:install' and send the debug output? > > > >I may have to install maven-1.0-rc2 and see if I get the same (I'm using > >rc1, as far as I'm aware like the rest of the jsdsi developers). > > > >Regards, > > > >Sean > > > > > >On Tue, 2004-04-20 at 20:59, Sameer Ajmani wrote: > > > > > >>I don't know the answer to this -- forwarding to the list... > >> > >> > >> > >>>Thanks, now when I run "maven jar:install" I get the following error: > >>> > >>> __ __ > >>>| \/ |__ _Apache__ ___ > >>>| |\/| / _` \ V / -_) ' \ ~ intelligent projects ~ > >>>|_| |_\__,_|\_/\___|_||_| v. 1.0-rc2 > >>> > >>>com.werken.werkz.NoSuchGoalException: No goal [java:jar-resources] > >>> at > >>>org.apache.maven.plugin.GoalToJellyScriptHousingMapper.resolveJellyScriptHousings(GoalToJellyScriptHousingMapper.java:254) > >>> at > >>>org.apache.maven.plugin.PluginManager.prepAttainGoal(PluginManager.java:567) > >>> at > >>>org.apache.maven.plugin.PluginManager.attainGoals(PluginManager.java:523) > >>> at org.apache.maven.MavenSession.attainGoals(MavenSession.java:265) > >>>at org.apache.maven.cli.App.doMain(App.java:466) > >>> at org.apache.maven.cli.App.main(App.java:1117) > >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at > >>>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > >>> at > >>>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > >>> at java.lang.reflect.Method.invoke(Method.java:324) > >>> at com.werken.forehead.Forehead.run(Forehead.java:551) > >>> at com.werken.forehead.Forehead.main(Forehead.java:581) > >>>Total time: 7 seconds > >>>Finished at: Tue Apr 20 15:22:38 EDT 2004 > >>> > >>>David > >>> > >>> > >>>Sameer Ajmani wrote: > >>> > >>> > >>> > >>>>Make sure your network connection is okay. Assuming it is, it's > >>>>possible our URLs for those JARs are bad. You can download both of > >>>>those from the JSDSI web site directly: > >>>>http://jsdsi.sourceforge.net/maven/cryptix/jars/cryptix32.jar > >>>>http://jsdsi.sourceforge.net/maven/novell/jars/ldap.jar > >>>> > >>>>Save them in your local Maven repository as: > >>>>.maven/repository/cryptix/jars/cryptix32.jar > >>>>.maven/repository/novell/jars/ldap.jar > >>>> > >>>>Sameer > >>>> > >>>> > >>>> > >>>> > >>>> > >>>>>I'm trying to use Maven to build version 0.5. I get the following > >>>>>errors: > >>>>> > >>>>>__ __ > >>>>>| \/ |__ _Apache__ ___ > >>>>>| |\/| / _` \ V / -_) ' \ ~ intelligent projects ~ > >>>>>|_| |_\__,_|\_/\___|_||_| v. 1.0-rc2 > >>>>> > >>>>>Attempting to download cryptix32.jar. > >>>>>WARNING: Failed to download cryptix32.jar. > >>>>>Attempting to download ldap.jar. > >>>>>WARNING: Failed to download ldap.jar. > >>>>> > >>>>>Any idea what the problem might be? > >>>>>David Robison > >>>>> > >>>>>-- > >>>>> > >>>>>David R Robison > >>>>>Open Roads Consulting, Inc. > >>>>>708 S. Battlefield Blvd., Chesapeake, VA 23322 > >>>>>phone: (757) 546-3401 > >>>>>e-mail: drr...@op... > >>>>>web: http://openroadsconsulting.com > >>>>> > >>>>> > >>>>> > >>>>> > >>>>>------------------------------------------------------- > >>>>>This SF.Net email is sponsored by: IBM Linux Tutorials > >>>>>Free Linux tutorial presented by Daniel Robbins, President and CEO of > >>>>>GenToo technologies. Learn everything from fundamentals to system > >>>>>administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > >>>>>_______________________________________________ > >>>>>Jsdsi-users mailing list > >>>>>Jsd...@li... > >>>>>https://lists.sourceforge.net/lists/listinfo/jsdsi-users > >>>>> > >>>>> > >>>>> > >>>>> > >>>>http://ajmani.net > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>-- > >>> > >>>David R Robison > >>>Open Roads Consulting, Inc. > >>>708 S. Battlefield Blvd., Chesapeake, VA 23322 > >>>phone: (757) 546-3401 > >>>e-mail: drr...@op... > >>>web: http://openroadsconsulting.com > >>> > >>> > >>http://ajmani.net > >> > >> > >> > >> > >> > >>------------------------------------------------------- > >>This SF.Net email is sponsored by: IBM Linux Tutorials > >>Free Linux tutorial presented by Daniel Robbins, President and CEO of > >>GenToo technologies. Learn everything from fundamentals to system > >>administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > >>_______________________________________________ > >>Jsdsi-users mailing list > >>Jsd...@li... > >>https://lists.sourceforge.net/lists/listinfo/jsdsi-users > >> > >> -- Dr. Sean Radford, MBBS, MSc sra...@ae... http://www.aegeus-technology.com |
|
From: David R R. <drr...@op...> - 2004-04-21 13:25:18
|
Thanks for your help. The problem seemed to be with my Maven repository. I deleted all the *.cache files then re-ran Maven. It rebuilt the cache files and all was well. David Sean Radford wrote: >Hmm... not sure about this one. > >We are not doing anything special with our build process so there should >be no reason for this. I've had a quick look on the Maven user list and >can't see any mention of any similar problems. > >Are you able to jar:install on other Maven projects? > >Can you 'run -X maven jar:install' and send the debug output? > >I may have to install maven-1.0-rc2 and see if I get the same (I'm using >rc1, as far as I'm aware like the rest of the jsdsi developers). > >Regards, > >Sean > > >On Tue, 2004-04-20 at 20:59, Sameer Ajmani wrote: > > >>I don't know the answer to this -- forwarding to the list... >> >> >> >>>Thanks, now when I run "maven jar:install" I get the following error: >>> >>> __ __ >>>| \/ |__ _Apache__ ___ >>>| |\/| / _` \ V / -_) ' \ ~ intelligent projects ~ >>>|_| |_\__,_|\_/\___|_||_| v. 1.0-rc2 >>> >>>com.werken.werkz.NoSuchGoalException: No goal [java:jar-resources] >>> at >>>org.apache.maven.plugin.GoalToJellyScriptHousingMapper.resolveJellyScriptHousings(GoalToJellyScriptHousingMapper.java:254) >>> at >>>org.apache.maven.plugin.PluginManager.prepAttainGoal(PluginManager.java:567) >>> at >>>org.apache.maven.plugin.PluginManager.attainGoals(PluginManager.java:523) >>> at org.apache.maven.MavenSession.attainGoals(MavenSession.java:265) >>>at org.apache.maven.cli.App.doMain(App.java:466) >>> at org.apache.maven.cli.App.main(App.java:1117) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at >>>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >>> at >>>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >>> at java.lang.reflect.Method.invoke(Method.java:324) >>> at com.werken.forehead.Forehead.run(Forehead.java:551) >>> at com.werken.forehead.Forehead.main(Forehead.java:581) >>>Total time: 7 seconds >>>Finished at: Tue Apr 20 15:22:38 EDT 2004 >>> >>>David >>> >>> >>>Sameer Ajmani wrote: >>> >>> >>> >>>>Make sure your network connection is okay. Assuming it is, it's >>>>possible our URLs for those JARs are bad. You can download both of >>>>those from the JSDSI web site directly: >>>>http://jsdsi.sourceforge.net/maven/cryptix/jars/cryptix32.jar >>>>http://jsdsi.sourceforge.net/maven/novell/jars/ldap.jar >>>> >>>>Save them in your local Maven repository as: >>>>.maven/repository/cryptix/jars/cryptix32.jar >>>>.maven/repository/novell/jars/ldap.jar >>>> >>>>Sameer >>>> >>>> >>>> >>>> >>>> >>>>>I'm trying to use Maven to build version 0.5. I get the following >>>>>errors: >>>>> >>>>>__ __ >>>>>| \/ |__ _Apache__ ___ >>>>>| |\/| / _` \ V / -_) ' \ ~ intelligent projects ~ >>>>>|_| |_\__,_|\_/\___|_||_| v. 1.0-rc2 >>>>> >>>>>Attempting to download cryptix32.jar. >>>>>WARNING: Failed to download cryptix32.jar. >>>>>Attempting to download ldap.jar. >>>>>WARNING: Failed to download ldap.jar. >>>>> >>>>>Any idea what the problem might be? >>>>>David Robison >>>>> >>>>>-- >>>>> >>>>>David R Robison >>>>>Open Roads Consulting, Inc. >>>>>708 S. Battlefield Blvd., Chesapeake, VA 23322 >>>>>phone: (757) 546-3401 >>>>>e-mail: drr...@op... >>>>>web: http://openroadsconsulting.com >>>>> >>>>> >>>>> >>>>> >>>>>------------------------------------------------------- >>>>>This SF.Net email is sponsored by: IBM Linux Tutorials >>>>>Free Linux tutorial presented by Daniel Robbins, President and CEO of >>>>>GenToo technologies. Learn everything from fundamentals to system >>>>>administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click >>>>>_______________________________________________ >>>>>Jsdsi-users mailing list >>>>>Jsd...@li... >>>>>https://lists.sourceforge.net/lists/listinfo/jsdsi-users >>>>> >>>>> >>>>> >>>>> >>>>http://ajmani.net >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>-- >>> >>>David R Robison >>>Open Roads Consulting, Inc. >>>708 S. Battlefield Blvd., Chesapeake, VA 23322 >>>phone: (757) 546-3401 >>>e-mail: drr...@op... >>>web: http://openroadsconsulting.com >>> >>> >>http://ajmani.net >> >> >> >> >> >>------------------------------------------------------- >>This SF.Net email is sponsored by: IBM Linux Tutorials >>Free Linux tutorial presented by Daniel Robbins, President and CEO of >>GenToo technologies. Learn everything from fundamentals to system >>administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click >>_______________________________________________ >>Jsdsi-users mailing list >>Jsd...@li... >>https://lists.sourceforge.net/lists/listinfo/jsdsi-users >> >> -- David R Robison Open Roads Consulting, Inc. 708 S. Battlefield Blvd., Chesapeake, VA 23322 phone: (757) 546-3401 e-mail: drr...@op... web: http://openroadsconsulting.com |
1 message has been excluded from this view by a project administrator.
