[Jsdsi-users] Re: JSDSI build/use

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Dav,

We're in the process of switching from an old build format (flat
directory) to Maven, so the src zipfile is out of date.  For your
purposes, you should not need to source: you can just use the compiled JAR
(and online Javadocs for reference).

You don't need JSDSI to encrypt network traffic: just use a cryptographic
provider like cryptix or Sun's built-in provider, select the encryption
algorithm you want, and wrap your communication streams in
CipherInputStream and CipherOutputStream.  Read the Java JCE documentation
for details.

Where JSDSI helps is in authorizing entry into the network, group
management, and authentication.  The best way to get started is to
determine what kinds of authorizations you want (is there just membership?
 or do you have read vs. write access?  or maybe you want to authorize
some people to add new members, but not others?).  You should read the
SPKI documentation for details:
http://theworld.com/~cme/html/spki.html#1-SPKI/SDSI

Once you know what kind of certificates you need, you can create them
pretty easily by allocating JSDSI objects.  For example, each member
should be represented by a principal, and therefore needs a public/private
key pair.  Use Java's RSAPublicKey class (and related classes) to create
new key pairs, then wrap the public keys in jsdsi.RSAPublicKey to create
principals.  Create new Cert objects to represent certificates, and create
a Signature for each one using the private key of the issuer.  Put the
Cert and the Signature together in a jsdsi.Certificate, and you can pass
that object around and verify() it.

If this sounds confusing, just take some time to read through the SPKI
theory and structrue RFCs (see the above link).  Each SPKI object has a
corresponding JSDSI object, and JSDSI includes some additional objects
that make creating and verifying certificates easy.

Please send further questions to jsd...@li... (you may need to
subscribe first).

Sameer

> Hello,
>
> I want to create a P2P app that uses PKI to encrypt network traffic and
> authorize entry into the network. I thought perhaps JSDSI could help.
>
> I can download a compiled jar and browse the code/javadocs, but the
> documentation on the project site is inaccurate (for instance, i have
> installed maven, and can run maven -g ok, but running 'maven
> jar:install' in the dir with the unzipped jsdsi.src.zip contents results
> in an empty 'Global Project.jar' file) and without a GUI (docs talk
> about a GUI, but apparently that is for an earlier version?) it's not
> clear to me how to do things like generate a key pair or create a
> connection between two apps encrypted using that key pair.
>
> So my question is: Is it possible to do what I want with JSDSI? And if
> so, is there any help in determining where to start in using the API?
>
> I understand that it is alpha code, but it appears that at least the
> older version (SDSI, which had a GUI) was an actual working system. Is
> JSDSI at least at the same level of usability (not counting the GIU)?
>
> BTW, with that jsdsi.src.zip file ...it's mostly a flat dir structure
> ...is that correct? I'm not used to how maven does things, but I
> expected the source code to be in a subdir at least, so it makes me
> suspect the zip file was packaged wrong?
>
> Thanks,
>
> --
> Dav Coleman
> http://AkuAku.org/

http://ajmani.net