Menu
▾
▴
[Neuclear-develop] neuclear-id/src/java/org/neuclear/id Named.java,NONE,1.1 NamedObjectReader.java,NONE,1.1 SignedNamedObject.java,NONE,1.1 SignedObject.java,NONE,1.1 Identity.java,1.1,1.2 InvalidIdentityException.java,1.1,1.2 NSTools.java,1.3,1.4 GenericNamedObject.java,1.2,NONE NamedObject.java,1.3,NONE NamedObjectFactory.java,1.3,NONE
|
From: <pe...@us...> - 2003-09-24 23:56:56
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id
In directory sc8-pr-cvs1:/tmp/cvs-serv524/src/java/org/neuclear/id
Modified Files:
Identity.java InvalidIdentityException.java NSTools.java
Added Files:
Named.java NamedObjectReader.java SignedNamedObject.java
SignedObject.java
Removed Files:
GenericNamedObject.java NamedObject.java
NamedObjectFactory.java
Log Message:
Refactoring nearly done. New model for creating signed objects.
With view for supporting the xmlpull api shortly for performance reasons.
Currently still uses dom4j but that has been refactored out that it
should now be very quick to implement a xmlpull implementation.
A side benefit of this is that the API has been further simplified. I still have some work
todo with regards to cleaning up some of the outlying parts of the code.
--- NEW FILE: Named.java ---
package org.neuclear.id;
import org.neudist.utils.NeudistException;
/*
NeuClear Distributed Transaction Clearing Platform
(C) 2003 Pelle Braendgaard
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
$Id: Named.java,v 1.1 2003/09/24 23:56:48 pelle Exp $
$Log: Named.java,v $
Revision 1.1 2003/09/24 23:56:48 pelle
Refactoring nearly done. New model for creating signed objects.
With view for supporting the xmlpull api shortly for performance reasons.
Currently still uses dom4j but that has been refactored out that it
should now be very quick to implement a xmlpull implementation.
A side benefit of this is that the API has been further simplified. I still have some work
todo with regards to cleaning up some of the outlying parts of the code.
*/
/**
*
* User: pelleb
* Date: Sep 23, 2003
* Time: 4:06:57 PM
*/
public interface Named {
String getName() throws NeudistException;
String getLocalName() throws NeudistException;
}
--- NEW FILE: NamedObjectReader.java ---
package org.neuclear.id;
import org.dom4j.Element;
import org.neudist.utils.NeudistException;
import java.sql.Timestamp;
/*
NeuClear Distributed Transaction Clearing Platform
(C) 2003 Pelle Braendgaard
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
$Id: NamedObjectReader.java,v 1.1 2003/09/24 23:56:48 pelle Exp $
$Log: NamedObjectReader.java,v $
Revision 1.1 2003/09/24 23:56:48 pelle
Refactoring nearly done. New model for creating signed objects.
With view for supporting the xmlpull api shortly for performance reasons.
Currently still uses dom4j but that has been refactored out that it
should now be very quick to implement a xmlpull implementation.
A side benefit of this is that the API has been further simplified. I still have some work
todo with regards to cleaning up some of the outlying parts of the code.
*/
/**
*
* User: pelleb
* Date: Sep 23, 2003
* Time: 5:09:57 PM
*/
public interface NamedObjectReader {
/**
* Read object from Element and fill in its details
* @param elem
* @return
*/
public SignedNamedObject read(Element elem,String name,Identity signatory,String digest,Timestamp timestamp) throws NeudistException;
}
--- NEW FILE: SignedNamedObject.java ---
/*
* $Id: SignedNamedObject.java,v 1.1 2003/09/24 23:56:48 pelle Exp $
* $Log: SignedNamedObject.java,v $
* Revision 1.1 2003/09/24 23:56:48 pelle
* Refactoring nearly done. New model for creating signed objects.
* With view for supporting the xmlpull api shortly for performance reasons.
* Currently still uses dom4j but that has been refactored out that it
* should now be very quick to implement a xmlpull implementation.
*
* A side benefit of this is that the API has been further simplified. I still have some work
* todo with regards to cleaning up some of the outlying parts of the code.
*
* Revision 1.3 2003/09/23 19:16:27 pelle
* Changed NameSpace to Identity.
* To cause less confusion in the future.
*
* Revision 1.2 2003/09/22 19:24:01 pelle
* More fixes throughout to problems caused by renaming.
*
* Revision 1.1.1.1 2003/09/19 14:41:03 pelle
* First import into the neuclear project. This was originally under the SF neudist
* project. This marks a general major refactoring and renaming ahead.
*
* The new name for this code is NeuClear Identity and has the general package header of
* org.neuclear.id
* There are other areas within the current code which will be split out into other subprojects later on.
* In particularly the signers will be completely seperated out as well as the contract types.
*
*
* Revision 1.13 2003/02/18 14:57:19 pelle
* Finished Cleaning up Receivers and Stores.
* Also updated nsdl.xsd xml schema with latest changes.
* The whole API is now very simple.
*
* Revision 1.12 2003/02/14 21:10:30 pelle
* The email sender works. The LogSender and the SoapSender should work but havent been tested yet.
* The SignedNamedObject has a new log() method that logs it's contents at it's parent Identity's logger.
* The Identity object also has a new method send() which allows one to send a named object to the Identity's
* default receiver.
*
* Revision 1.11 2003/02/14 14:04:29 pelle
* The New Source Classes work and NS resolution works as well.
* I've renamed Target to TargetReference to prepare for the other main refactoring ahead. Implementation of
* Senders.
*
* Revision 1.10 2003/02/10 22:30:06 pelle
* Got rid of even further dependencies. In Particular OSCore
*
* Revision 1.9 2003/02/09 00:15:52 pelle
* Fixed things so they now compile with r_0.7 of XMLSig
*
* Revision 1.8 2002/12/17 21:53:28 pelle
* Final changes for refactoring.
*
* Revision 1.7 2002/12/17 20:34:39 pelle
* Lots of changes to core functionality.
* First of all I've refactored most of the Resolving and verification code. I have a few more things to do
* on it before I'm happy.
* There is now a NSResolver class, which handles all the namespace resolution. I took most of the functionality
* for this out of SignedNamedObject.
* Then there is the veriifer, which verifies a given SignedNamedObject using the NSResolver.
* This has simplified the SignedNamedObject classes drastically, leaving them as mainly data objects, which is what they
* should be.
* I have also gone around and tightened up security on many different classes, making clases and/or methods final where appropriate.
* NSCache now operates using http://www.waterken.com's fantastic ADT collections library.
* Something important has been added, which is a SignRequest named object. This signed object, embeds an unsigned
* named object for signing by an end users' signing service.
* Now were almost ready to start seriously implementing AssetIssuers and Transfers, which will be the most important
* part of the framework.
*
* Revision 1.6 2002/10/03 01:51:58 pelle
* Bunch of smaller fixes for bugs found during deployment.
* Also a bit more documentation.
* I'm happy with this being called rev. 0.4
*
* Revision 1.5 2002/10/02 21:03:44 pelle
* Major Commit
* I completely redid the namespace resolving code.
* It now works correctly with the new store attribute of the namespace
* And can correctly work out the location of a namespace file
* by hierarchically signing it.
* I have also included several top level namespaces and finalised
* the root namespace.
* In short all of the above means that we can theoretically call
* Neubia live now. (Well on my first deployment anyway).
* There is a new CommandLineSigner utility class which creates and signs
* namespaces using standard java keystores.
* I'm now working on updating the documentation, so other people
* than me might have a chance at using it.
*
* Revision 1.4 2002/09/25 19:20:15 pelle
* Added various new schemas and updated most of the existing ones.
* Added explanation interface for explaining the purpose of a
* SignedNamedObject to a user. We may want to use XSL instead.
* Also made the signing webapp look a bit nicer.
*
* Revision 1.3 2002/09/21 23:11:13 pelle
* A bunch of clean ups. Got rid of as many hard coded URL's as I could.
*
* Revision 1.2 2002/09/20 01:15:18 pelle
* Added prototype webapplication under src/java
* SOAPServlet appears to work
* Any webservices taking named objects should subclass from ReceiverServlet
* SigningServlet is not completely working right now, but
* will be the main prototype of a web based signer.
*
* Other new features are GenericNamedObject for simple instantiation of
* arbitrary named objects.
*
* Revision 1.1.1.1 2002/09/18 10:55:40 pelle
* First release in new CVS structure.
* Also first public release.
* This implemnts simple named objects.
* - Identity Objects
* - NSAuth Objects
*
* Storage systems
* - In Memory Storage
* - Clear text file based storage
* - Encrypted File Storage (with SHA256 digested filenames)
* - CachedStorage
* - SoapStorage
*
* Simple SOAP client/server
* - Simple Single method call SOAP client, for arbitrary dom4j based requests
* - Simple Abstract SOAP Servlet for implementing http based SOAP Servers
*
* Simple XML-Signature Implementation
* - Based on dom4j
* - SHA-RSA only
* - Very simple (likely imperfect) highspeed canonicalizer
* - Zero support for X509 (We dont like that anyway)
* - Super Simple
*
*
* Revision 1.1.1.1 2002/05/29 10:02:22 pelle
* Lets try one more time. This is the first rev of the next gen of Neudist
*
*
*/
package org.neuclear.id;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.dom4j.Namespace;
import org.neudist.utils.NeudistException;
import java.sql.Timestamp;
/**
* Major changes made. SignedNamedObject is now always a verified object.
*/
public class SignedNamedObject implements SignedObject, Named {
protected SignedNamedObject(String name, Identity signer,Timestamp timestamp,String digest) throws NeudistException {
this.name=NSTools.normalizeNameURI(name);
this.signer=signer;
this.timestamp=timestamp;
this.digest=digest;
}
/**
* The full name (URI) of an object
* @return String containing the fully qualified URI of an object
*/
public String getName() throws NeudistException {
return name;
}
/**
* The Name of an object within it's parent Identity
* @return Parent Name
*/
public String getLocalName() throws NeudistException {
String fullName = getName();
int i = fullName.lastIndexOf('/');
return fullName.substring(i + 1);
}
public Timestamp getTimeStamp() throws NeudistException {
return timestamp;
}
public final void log() throws NeudistException {
Identity ns = getSignatory();
ns.log(this);
}
public Identity getSignatory() {
return signer;
}
public String getDigest() {
return digest;
}
private String name;
private Identity signer;
private Timestamp timestamp;
private String digest;
final public static class Reader implements NamedObjectReader {
/**
* Read object from Element and fill in its details
* @param elem
* @return
*/
public SignedNamedObject read(Element elem, String name, Identity signatory, String digest, Timestamp timestamp) throws NeudistException {
return new SignedNamedObject(name,signatory,timestamp,digest);
}
}
public static final String NSDL_NAMESPACE="http://neudist.org/neu/nsdl";
public static final Namespace NS_NSDL=DocumentHelper.createNamespace("nsdl",NSDL_NAMESPACE);
public static final String NSDL_PREFIX="nsdl:";
}
--- NEW FILE: SignedObject.java ---
/* $Id: SignedObject.java,v 1.1 2003/09/24 23:56:48 pelle Exp $
* $Log: SignedObject.java,v $
* Revision 1.1 2003/09/24 23:56:48 pelle
* Refactoring nearly done. New model for creating signed objects.
* With view for supporting the xmlpull api shortly for performance reasons.
* Currently still uses dom4j but that has been refactored out that it
* should now be very quick to implement a xmlpull implementation.
*
* A side benefit of this is that the API has been further simplified. I still have some work
* todo with regards to cleaning up some of the outlying parts of the code.
*
* Revision 1.3 2003/02/14 21:14:08 pelle
* The AbstractElementProxy has a new final method .asXML()
* which is similar to DOM4J's but it outputs the xml in the compact format and not the pretty format, thus not causing problems with Canonicalization.
* You can now also easily get the digest of a SignedElement with the new .getDigest() value.
*
* Revision 1.2 2003/02/08 18:48:37 pelle
* The Signature phase has been rewritten.
* There now is a new Class called QuickEmbeddedSignature which is more in line with my original idea for this library.
* It simply has a template of the xml and signs it in a standard way.
* The original XMLSignature class is still used for verification and will in the future handle more thoroughly
* all the various flavours of XMLSig.
* XMLSecTools has got different flavours of canonicalize now. Including one where you can pass it a Canonicaliser to use.
* Of the new Canonicalizer's are CanonicalizerWithComments, which I accidently left out of the last commit.
* And CanonicalizerWithoutSignature which leaves out the Signature in the Canonicalization phase and is thus
* a lot more efficient than the previous approach.
*
* Revision 1.1 2003/01/21 03:14:11 pelle
* Mainly clean ups through out and further documentation.
*
* Revision 1.1 2003/01/18 18:12:32 pelle
* First Independent commit of the Independent XML-Signature API for NeuDist.
*
* Revision 1.2 2003/01/16 19:16:09 pelle
* Major Structural Changes.
* We've split the test classes out of the normal source tree, to enable Maven's test support to work.
* WARNING
* for Development purposes the code does not as of this commit until otherwise notified actually verifysigs.
* We are reworking the XMLSig library and need to continue work elsewhere for the time being.
* DO NOT USE THIS FOR REAL APPS
*
* Revision 1.1 2002/12/17 21:53:29 pelle
* Final changes for refactoring.
*
* Revision 1.4 2002/12/17 21:41:04 pelle
* First part of refactoring of SignedNamedObject and SignedObject Interface/Class parings.
*
* Revision 1.3 2002/12/17 20:34:44 pelle
* Lots of changes to core functionality.
* First of all I've refactored most of the Resolving and verification code. I have a few more things to do
* on it before I'm happy.
* There is now a NSResolver class, which handles all the namespace resolution. I took most of the functionality
* for this out of SignedNamedObject.
* Then there is the veriifer, which verifies a given SignedNamedObject using the NSResolver.
* This has simplified the SignedNamedObject classes drastically, leaving them as mainly data objects, which is what they
* should be.
* I have also gone around and tightened up security on many different classes, making clases and/or methods final where appropriate.
* NSCache now operates using http://www.waterken.com's fantastic ADT collections library.
* Something important has been added, which is a SignRequest named object. This signed object, embeds an unsigned
* named object for signing by an end users' signing service.
* Now were almost ready to start seriously implementing AssetIssuers and Transfers, which will be the most important
* part of the framework.
*
* Revision 1.2 2002/09/21 23:11:16 pelle
* A bunch of clean ups. Got rid of as many hard coded URL's as I could.
*
*/
package org.neuclear.id;
/**
* SignedObject provides an interface to the data of an object that was signed
* AND verified.
* @author pelleb
* @version $Revision: 1.1 $
*/
import org.neudist.utils.NeudistException;
public interface SignedObject {
Identity getSignatory();
String getDigest();
}
Index: Identity.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/Identity.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** Identity.java 23 Sep 2003 19:16:26 -0000 1.1
--- Identity.java 24 Sep 2003 23:56:48 -0000 1.2
***************
*** 2,5 ****
--- 2,14 ----
* $Id$
* $Log$
+ * Revision 1.2 2003/09/24 23:56:48 pelle
+ * Refactoring nearly done. New model for creating signed objects.
+ * With view for supporting the xmlpull api shortly for performance reasons.
+ * Currently still uses dom4j but that has been refactored out that it
+ * should now be very quick to implement a xmlpull implementation.
+ *
+ * A side benefit of this is that the API has been further simplified. I still have some work
+ * todo with regards to cleaning up some of the outlying parts of the code.
+ *
* Revision 1.1 2003/09/23 19:16:26 pelle
* Changed NameSpace to Identity.
***************
*** 33,37 ****
* Revision 1.8 2003/02/14 21:10:29 pelle
* The email sender works. The LogSender and the SoapSender should work but havent been tested yet.
! * The NamedObject has a new log() method that logs it's contents at it's parent Identity's logger.
* The Identity object also has a new method send() which allows one to send a named object to the Identity's
* default receiver.
--- 42,46 ----
* Revision 1.8 2003/02/14 21:10:29 pelle
* The email sender works. The LogSender and the SoapSender should work but havent been tested yet.
! * The SignedNamedObject has a new log() method that logs it's contents at it's parent Identity's logger.
* The Identity object also has a new method send() which allows one to send a named object to the Identity's
* default receiver.
***************
*** 49,53 ****
*
* Revision 1.4 2002/12/17 21:40:54 pelle
! * First part of refactoring of NamedObject and SignedObject Interface/Class parings.
*
* Revision 1.3 2002/12/17 20:34:39 pelle
--- 58,62 ----
*
* Revision 1.4 2002/12/17 21:40:54 pelle
! * First part of refactoring of SignedNamedObject and SignedObject Interface/Class parings.
*
* Revision 1.3 2002/12/17 20:34:39 pelle
***************
*** 56,62 ****
* on it before I'm happy.
* There is now a NSResolver class, which handles all the namespace resolution. I took most of the functionality
! * for this out of NamedObject.
! * Then there is the veriifer, which verifies a given NamedObject using the NSResolver.
! * This has simplified the NamedObject classes drastically, leaving them as mainly data objects, which is what they
* should be.
* I have also gone around and tightened up security on many different classes, making clases and/or methods final where appropriate.
--- 65,71 ----
* on it before I'm happy.
* There is now a NSResolver class, which handles all the namespace resolution. I took most of the functionality
! * for this out of SignedNamedObject.
! * Then there is the veriifer, which verifies a given SignedNamedObject using the NSResolver.
! * This has simplified the SignedNamedObject classes drastically, leaving them as mainly data objects, which is what they
* should be.
* I have also gone around and tightened up security on many different classes, making clases and/or methods final where appropriate.
***************
*** 145,169 ****
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
- import org.dom4j.QName;
- import org.neuclear.id.resolver.NSResolver;
- import org.neuclear.senders.LogSender;
- import org.neuclear.senders.Sender;
import org.neudist.utils.NeudistException;
import org.neudist.utils.Utility;
import org.neudist.xml.xmlsec.KeyInfo;
import org.neudist.xml.xmlsec.XMLSecTools;
import java.security.PublicKey;
import java.util.Iterator;
import java.util.List;
! public final class Identity extends NamedObject {
/**
- * This constructor should be used by subclasses of Identity. It creates a Standard Identity document, but doesn't sign it.
- * The signing should be done as the last step of the constructor of the subclass.
* @param name The Name of Identity
! * @param allow PublicKey allowed to sign in here
* @param repository URL of Default Store for Identity. (Note. A Identity object is stored in the default repository of it's parent namespace)
* @param signer URL of default interactive signing service for namespace. If null it doesnt allow interactive signing
--- 154,182 ----
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.neudist.utils.NeudistException;
import org.neudist.utils.Utility;
import org.neudist.xml.xmlsec.KeyInfo;
import org.neudist.xml.xmlsec.XMLSecTools;
+ import org.neudist.xml.xmlsec.XMLSecurityException;
+ import org.neudist.crypto.CryptoTools;
+ import org.neudist.crypto.CryptoException;
+ import org.neuclear.senders.Sender;
+ import org.neuclear.id.resolver.NSResolver;
import java.security.PublicKey;
import java.util.Iterator;
import java.util.List;
+ import java.sql.Timestamp;
! public final class Identity extends SignedNamedObject {
! private static final String NSROOTPKMOD = "AKbv1DrfQCj7fbcc/9U8mLHi9LzFGVw8ac9z26BN1+yeq9VG3wvW+OXjvUpQ9cD+dpwpFXeai9Hz DkFeJcT9Coi9A8Aj4nffWAlxJ/AVOIRCi1d4A/d9InhQ7UYYA5O7XBcwKneopYVa9zRDUoy0ZpVy t9Kj5i0Zw6oZsflAu4S4pIU+niYwwWrYmCuBEq9kecf7nSGiU0rHp1QNs7NYdhXCl2BMcSaz0AZt AF8YLlZYasviJkoxUFBB/Vjqa98xi7V7XIGsMbXWqUvJ8MW2N/CUdBz5aDlpBUwul8rqyq+03A0q 84AFJiUcudqVL7KhURXB8ZYy/hZb+YkEvE3IigU=";
! private static final String NSROOTPKEXP = "AQAB";
! private static PublicKey nsrootpk;
/**
* @param name The Name of Identity
! * @param signatory The Signatory that signed this object
! * @param timestamp The TimeStamp of the SignedNamedObject
* @param repository URL of Default Store for Identity. (Note. A Identity object is stored in the default repository of it's parent namespace)
* @param signer URL of default interactive signing service for namespace. If null it doesnt allow interactive signing
***************
*** 171,266 ****
* @throws NeudistException
*/
- public Identity(String name, PublicKey allow, String repository, String signer, String logger, String receiver) throws NeudistException {
- super(name, "Identity");
-
- Element root = getElement();
- // We have meaningful defaults for the following two
- this.repository = Utility.denullString(repository, NSResolver.NSROOTSTORE);
- this.logger = Utility.denullString(repository, LogSender.LOGGER);
this.signer = signer;
this.receiver = receiver;
! root.addAttribute(DocumentHelper.createQName("repository", NamedObject.NS_NSDL), this.repository);
! root.addAttribute(DocumentHelper.createQName("logger", NamedObject.NS_NSDL), receiver);
! if (!Utility.isEmpty(signer))
! root.addAttribute(DocumentHelper.createQName("signer", NamedObject.NS_NSDL), signer);
!
! if (!Utility.isEmpty(receiver))
! root.addAttribute(DocumentHelper.createQName("receiver", NamedObject.NS_NSDL), receiver);
!
! if (allow != null) {
! QName allowName = DocumentHelper.createQName("allow", NamedObject.NS_NSDL);
! Element pub = root.addElement(allowName);
! pubs = new PublicKey[1];
! pubs[0] = allow;
! pub.add(XMLSecTools.createKeyInfo(allow));
! }
}
- public Identity(String name, PublicKey allow, String repository) throws NeudistException {
- this(name, allow, repository, null, null, null);
- }
- public Identity(String name, PublicKey allow) throws NeudistException {
- this(name, allow, null);
- }
- /**
- * This constructor should be used by subclasses of Identity. It creates a Standard Identity document, but doesn't sign it.
- * The signing should be done as the last step of the constructor of the subclass.
- */
- /*
- protected Identity(String name) throws NeudistException {
- super(name,"Identity");
- }
- */
- /**
- * Builds a Identity from an XML Document.
- */
- public Identity(Element nsElem) throws NeudistException/*,KeyResolverException*/ {
- super(nsElem);
- try {
- Element ns = getElement();
- repository = ns.attributeValue(DocumentHelper.createQName("store", NamedObject.NS_NSDL));
- signer = ns.attributeValue(DocumentHelper.createQName("signer", NamedObject.NS_NSDL));
- logger = ns.attributeValue(DocumentHelper.createQName("logger", NamedObject.NS_NSDL));
- receiver = ns.attributeValue(DocumentHelper.createQName("receiver", NamedObject.NS_NSDL));
-
- Element allowElement = ns.element(DocumentHelper.createQName("allow", NamedObject.NS_NSDL));
- List keys = allowElement.elements(XMLSecTools.createQName("KeyInfo"));
- pubs = new PublicKey[keys.size()];
- int i = 0;
- for (Iterator iter = keys.iterator(); iter.hasNext(); i++) {
- KeyInfo ki = new KeyInfo((Element) iter.next());
- pubs[i] = ki.getPublicKey();
- }
- } catch (Exception e) {
- Utility.rethrowException(e);
- }
- }
-
- /**
- * Returns the first allowed public key
- * @return the first allowed public key
- */
- public PublicKey getAllowed() {
- if (pubs != null && pubs.length > 0)
- return pubs[0];
- else
- return null;
- }
-
- public boolean postAllowed(NamedObject obj) throws NeudistException {
- try {
- for (int i = 0; i < pubs.length; i++) {
- if (obj.verifySignature(pubs[i]))
- return true;
- }
- } catch (Exception e) {
- Utility.rethrowException(e);
- }
- return false;
- };
public String getRepository() {
--- 184,200 ----
* @throws NeudistException
*/
+ Identity(String name, Identity signatory, Timestamp timestamp, String digest, String repository, String signer, String logger, String receiver, PublicKey[] pubs) throws NeudistException {
+ super(name, signatory, timestamp, digest);
+ this.repository = repository;
+ this.logger = logger;
this.signer = signer;
this.receiver = receiver;
! this.pubs = pubs;
}
public String getRepository() {
***************
*** 276,280 ****
}
! public final void send(NamedObject obj) throws NeudistException {
if (!Utility.isEmpty(receiver))
Sender.quickSend(receiver, obj);
--- 210,214 ----
}
! public final void send(SignedNamedObject obj) throws NeudistException {
if (!Utility.isEmpty(receiver))
Sender.quickSend(receiver, obj);
***************
*** 283,287 ****
}
! void log(NamedObject obj) throws NeudistException {
if (!Utility.isEmpty(logger))
Sender.quickSend(logger, obj);
--- 217,221 ----
}
! void log(SignedNamedObject obj) throws NeudistException {
if (!Utility.isEmpty(logger))
Sender.quickSend(logger, obj);
***************
*** 291,295 ****
return "Identity";
}
!
private String repository;
private String signer;
--- 225,231 ----
return "Identity";
}
! public PublicKey[] getPublicKeys(){
! return pubs;
! }
private String repository;
private String signer;
***************
*** 298,300 ****
--- 234,283 ----
private PublicKey pubs[];
+
+
+ public final static Identity getRootIdentity() throws NeudistException {
+
+ PublicKey rootpk=CryptoTools.createPK(NSROOTPKMOD, NSROOTPKEXP);
+ root=new Identity("neu://",null,new Timestamp(0),null,NSResolver.NSROOTSTORE,
+ null,null,null,new PublicKey[]{rootpk});
+ return root;
+ }
+ private static Identity root;
+
+ /**
+ * Returns the fixed Root PublicKey
+ */
+ private final static PublicKey getRootPK() throws XMLSecurityException {
+ if (nsrootpk == null)
+ nsrootpk = CryptoTools.createPK(NSROOTPKMOD, NSROOTPKEXP);
+ return nsrootpk;
+ }
+
+ //TODO I dont like this being public
+ final static class Reader implements NamedObjectReader {
+ /**
+ * Read object from Element and fill in its details
+ * @param elem
+ * @return
+ */
+ public SignedNamedObject read(Element elem, String name, Identity signatory, String digest, Timestamp timestamp) throws NeudistException {
+ String repository=elem.attributeValue(DocumentHelper.createQName("store",SignedNamedObject.NS_NSDL));
+ String signer=elem.attributeValue(DocumentHelper.createQName("signer",SignedNamedObject.NS_NSDL));
+ String logger=elem.attributeValue(DocumentHelper.createQName("logger",SignedNamedObject.NS_NSDL));
+ String receiver=elem.attributeValue(DocumentHelper.createQName("receiver",SignedNamedObject.NS_NSDL));
+
+ Element allowElement=elem.element(DocumentHelper.createQName("allow",SignedNamedObject.NS_NSDL));
+ List keys=allowElement.elements(XMLSecTools.createQName("KeyInfo"));
+ PublicKey pubs[]=new PublicKey[keys.size()];
+ int i=0;
+ for (Iterator iter=keys.iterator();iter.hasNext();i++) {
+ KeyInfo ki=new KeyInfo((Element)iter.next());
+ pubs[i]=ki.getPublicKey();
+ }
+
+ return new Identity(name,signatory,timestamp,digest,repository,signer,logger,receiver,pubs);
+ }
+
+ }
+
}
Index: InvalidIdentityException.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/InvalidIdentityException.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** InvalidIdentityException.java 23 Sep 2003 19:16:27 -0000 1.1
--- InvalidIdentityException.java 24 Sep 2003 23:56:48 -0000 1.2
***************
*** 2,5 ****
--- 2,14 ----
* $Id$
* $Log$
+ * Revision 1.2 2003/09/24 23:56:48 pelle
+ * Refactoring nearly done. New model for creating signed objects.
+ * With view for supporting the xmlpull api shortly for performance reasons.
+ * Currently still uses dom4j but that has been refactored out that it
+ * should now be very quick to implement a xmlpull implementation.
+ *
+ * A side benefit of this is that the API has been further simplified. I still have some work
+ * todo with regards to cleaning up some of the outlying parts of the code.
+ *
* Revision 1.1 2003/09/23 19:16:27 pelle
* Changed NameSpace to Identity.
***************
*** 21,25 ****
* Revision 1.3 2003/02/14 21:10:26 pelle
* The email sender works. The LogSender and the SoapSender should work but havent been tested yet.
! * The NamedObject has a new log() method that logs it's contents at it's parent Identity's logger.
* The Identity object also has a new method send() which allows one to send a named object to the Identity's
* default receiver.
--- 30,34 ----
* Revision 1.3 2003/02/14 21:10:26 pelle
* The email sender works. The LogSender and the SoapSender should work but havent been tested yet.
! * The SignedNamedObject has a new log() method that logs it's contents at it's parent Identity's logger.
* The Identity object also has a new method send() which allows one to send a named object to the Identity's
* default receiver.
Index: NSTools.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/NSTools.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** NSTools.java 23 Sep 2003 19:16:27 -0000 1.3
--- NSTools.java 24 Sep 2003 23:56:48 -0000 1.4
***************
*** 2,5 ****
--- 2,14 ----
* $Id$
* $Log$
+ * Revision 1.4 2003/09/24 23:56:48 pelle
+ * Refactoring nearly done. New model for creating signed objects.
+ * With view for supporting the xmlpull api shortly for performance reasons.
+ * Currently still uses dom4j but that has been refactored out that it
+ * should now be very quick to implement a xmlpull implementation.
+ *
+ * A side benefit of this is that the API has been further simplified. I still have some work
+ * todo with regards to cleaning up some of the outlying parts of the code.
+ *
* Revision 1.3 2003/09/23 19:16:27 pelle
* Changed NameSpace to Identity.
***************
*** 21,25 ****
* Revision 1.11 2003/02/14 21:10:28 pelle
* The email sender works. The LogSender and the SoapSender should work but havent been tested yet.
! * The NamedObject has a new log() method that logs it's contents at it's parent Identity's logger.
* The Identity object also has a new method send() which allows one to send a named object to the Identity's
* default receiver.
--- 30,34 ----
* Revision 1.11 2003/02/14 21:10:28 pelle
* The email sender works. The LogSender and the SoapSender should work but havent been tested yet.
! * The SignedNamedObject has a new log() method that logs it's contents at it's parent Identity's logger.
* The Identity object also has a new method send() which allows one to send a named object to the Identity's
* default receiver.
***************
*** 42,46 ****
*
* Revision 1.6 2002/12/17 21:40:53 pelle
! * First part of refactoring of NamedObject and SignedObject Interface/Class parings.
*
* Revision 1.5 2002/12/17 20:34:39 pelle
--- 51,55 ----
*
* Revision 1.6 2002/12/17 21:40:53 pelle
! * First part of refactoring of SignedNamedObject and SignedObject Interface/Class parings.
*
* Revision 1.5 2002/12/17 20:34:39 pelle
***************
*** 49,55 ****
* on it before I'm happy.
* There is now a NSResolver class, which handles all the namespace resolution. I took most of the functionality
! * for this out of NamedObject.
! * Then there is the veriifer, which verifies a given NamedObject using the NSResolver.
! * This has simplified the NamedObject classes drastically, leaving them as mainly data objects, which is what they
* should be.
* I have also gone around and tightened up security on many different classes, making clases and/or methods final where appropriate.
--- 58,64 ----
* on it before I'm happy.
* There is now a NSResolver class, which handles all the namespace resolution. I took most of the functionality
! * for this out of SignedNamedObject.
! * Then there is the veriifer, which verifies a given SignedNamedObject using the NSResolver.
! * This has simplified the SignedNamedObject classes drastically, leaving them as mainly data objects, which is what they
* should be.
* I have also gone around and tightened up security on many different classes, making clases and/or methods final where appropriate.
***************
*** 195,199 ****
public static void main(String args[]) {
try {
! NamedObject obj = NamedObjectFactory.fetchNamedObject("neu://free/pelle");
System.out.println("Got: " + obj.getName());
obj = NamedObjectFactory.fetchNamedObject("neu://pelle");
--- 204,208 ----
public static void main(String args[]) {
try {
! SignedNamedObject obj = NamedObjectFactory.fetchNamedObject("neu://free/pelle");
System.out.println("Got: " + obj.getName());
obj = NamedObjectFactory.fetchNamedObject("neu://pelle");
--- GenericNamedObject.java DELETED ---
--- NamedObject.java DELETED ---
--- NamedObjectFactory.java DELETED ---
|
