[Jsdsi-users] Re: <What's the correct way to send over Proof?>
Status: Pre-Alpha
Brought to you by:
sajma
Menu
▾
▴
[Jsdsi-users] Re: <What's the correct way to send over Proof?>
|
From: Sean R. <sra...@ae...> - 2004-05-05 22:49:25
|
Hi,
Not entirely sure I follow what you mean, but do you mean that when you
read a file (called 'file-from-client.txt' for example) containing:
(proof
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (public-key (rsa (e #03#) (n SCS_F)))))
(sequence
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
(signature
(hash md5 HASH-VALUE)
(public-key (rsa (e #03#) (n MATT)))
(rsa-pkcs1-md5 SIGNATURE-VALUE))
... [3 cert/signature pairs not included for brevity] ...
(cert
(issuer (name (public-key (rsa (e #03#) (n SCS))) scs_faculty))
(subject (public-key (rsa (e #03#) (n SCS_F)))))
(signature
(hash md5 HASH-VALUE)
(public-key (rsa (e #03#) (n SCS)))
(rsa-pkcs1-md5 SIGNATURE-VALUE))))
using something like:
FileInputStream fis = new FileInputStream("file-from-client.txt");
jsdsi.sexp.ObjInputStream ois = new
jsdsi.sexp.ObjInputStream(fis);
jsdsi.Proof proof = (jsdsi.Proof) ois.readObj();
you get the Proof:
(proof
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
(sequence
(cert
(issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
(subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
(signature
(hash md5 HASH-VALUE)
(public-key (rsa (e #03#) (n MATT)))
(rsa-pkcs1-md5 SIGNATURE-VALUE))))
?
On Wed, 2004-05-05 at 22:54, Feng-Shuo wrote:
> Other questions about proof transmission:
> 1. If my client side supplies a proof that actually composes of 5 proofs
> sequence certificates with 1 proof result cert in following fashion:
> However, by using above method, I can only receive one proof which is
> the very first one and the result proof cert is changed too!
> So my questions are how to maintain result proof cert intact and how to
> compose serveral proofs into one proof
> (I tried the way that client ship proof.getCertificates one by one then
> server build proofs by certificates then I use proof.compose to concatenate
> those 5 proof certificates but error is thrown when compose! and i don't
> think the result cert will retain in such way neither)
>
> 2. When run the CertPathValidator, which cert and certstore I should feed
> in CertPathParameters? (Is cert = AclEntry which requestd proofs? Is
> certstore = client/server certstore? )
>
> Client:
> (proof
>
> Result cert ==>
> (cert
> (issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
> (subject (public-key (rsa (e #03#) (n SCS_F)))))
>
> 5 Proof sequence ==>
> (sequence
> (cert
> (issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
> (subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
> (signature
> (hash md5 HASH-VALUE)
> (public-key (rsa (e #03#) (n MATT)))
> (rsa-pkcs1-md5 SIGNATURE-VALUE))
> ....
> (cert
> (issuer (name (public-key (rsa (e #03#) (n SCS))) scs_faculty))
> (subject (public-key (rsa (e #03#) (n SCS_F)))))
> (signature
> (hash md5 HASH-VALUE)
> (public-key (rsa (e #03#) (n SCS)))
> (rsa-pkcs1-md5 SIGNATURE-VALUE))))
>
> Server:
> (proof
> (cert
> (issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
> (subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
> (sequence
> (cert
> (issuer (name (public-key (rsa (e #03#) (n MATT))) advisor))
> (subject (name (public-key (rsa (e #03#) (n NORMAN))) advisee)))
> (signature
> (hash md5 HASH-VALUE)
> (public-key (rsa (e #03#) (n MATT)))
> (rsa-pkcs1-md5 SIGNATURE-VALUE))))
>
>
>
> ----- Original Message -----
> From: "Sean Radford" <sra...@ae...>
> To: "Mr. Sameer Ajmani" <aj...@cs...>
> Cc: <fc...@an...>; "users jsdsi"
> <jsd...@li...>
> Sent: Wednesday, May 05, 2004 4:57 PM
> Subject: Re: <What's the correct way to send over Proof?>
>
>
> > On Wed, 2004-05-05 at 21:49, Sameer Ajmani wrote:
> > > Good idea. The site should also include a HOWTO for several common
> tasks:
> > > creating keys, certificates, signatures, proofs, writing and reading
> these
> > > from a file or the network, etc.
> > >
> > Another good idea... I'll try to make a start on that this w/e (the
> > HOWTO) - if the Proof stuff isn't done by then I'll try for that too....
> >
> >
> > Sean
> >
> > > Sameer
> > >
> > > > On Wed, 2004-05-05 at 12:16, Sameer Ajmani wrote:
> > > >> You can transfer a Proof as a Sequence (using proof.getSequence).
> But
> > > >> we should probably add support for transferring it just as a Proof.
> > > >> The reason I didn't in the firts place is because Proof isn't
> actually
> > > >> an official SPKI/SDSI datatype---it's specific to JSDSI.
> > > >>
> > > >
> > > > I'd vote for making Proof SExpression'able (and consequently implement
> > > > java.io.Serializable). Just seems sensible and thinking about it... I
> > > > hit the same problem (but never got round to raising the issue) about
> a
> > > > year ago!
> > > >
> > > > Guess we should be adding things like this to the 'Future Work'
> section
> > > > of the site (so we don't forget them) - until we get an issue tracking
> > > > application going...
> > > >
> > > > Regards,
> > > >
> > > > Sean
> > > >
> > > >> Sameer
> > > >>
> > > >> > Dear Sameer, Sean, and jsdsi experts,
> > > >> >
> > > >> > Orignial NameCert or AuthCert which are be embedded in Certifcate
> > > >> can be sent and receive well by using CertificateFactory Engine But
> > > >> now, after the client generates proof from certificate discovery,
> > > >> how should I send this over correctly? Currently, I try to use
> > > >> jsdsi.ObjOutputStream and jsdsi.ObjInputStream: Client:
> > > >> > FileOutputStream pd_file_out = new
> > > >> > FileOutputStream("server_agent_queue.txt", true);
> > > >> > jsdsi.sexp.ObjOutputStream pd_oos = new
> > > >> > jsdsi.sexp.ObjOutputStream(pd_file_out);
> > > >> > pd_oos.writeCanonical(proof);
> > > >> > pd_file_out.close();
> > > >> >
> > > >> > Server:
> > > >> > FileInputStream file_in = new
> > > >> > FileInputStream("server_agent_queue.txt");
> jsdsi.sexp.ObjInputStream
> > > >> ois = new jsdsi.sexp.ObjInputStream(fis); while (true) {
> > > >> > if (ois.available() > 0) {
> > > >> > ===> jsdsi.Proof pf = (jsdsi.Proof) ois.readObj();
> > > >> > break;
> > > >> > }
> > > >> > }
> > > >> >
> > > >> > But it occures following error on ===> line:
> > > >> > jsdsi.sexp.SexpParseException: unrecognized object type: proof
> > > >> >
> > > >> > Any idea, please? and Thanks for answer in advanced!
> > > >> >
> > > >> > Sincerely,
> > > >> >
> > > >> > Matt
> > > >>
> > > >>
> > > >> http://ajmani.net
> > > >>
> > > > --
> > > > Dr. Sean Radford, MBBS, MSc
> > > > sra...@ae...
> > > > http://www.aegeus-technology.com
> > >
> > >
> > > http://ajmani.net
> > >
> > --
> > Dr. Sean Radford, MBBS, MSc
> > sra...@ae...
> > http://www.aegeus-technology.com
> >
> >
> >
--
Dr. Sean Radford, MBBS, MSc
sra...@ae...
http://www.aegeus-technology.com
|
