Menu
▾
▴
[Neuclear-develop] neuclear-id/src/java/org/neuclear/id Identity.java,1.21,1.22 InvalidNamedObject.java,1.1,1.2 NSTools.java,1.14,1.15 SignatureRequest.java,1.5,1.6 SignedNamedCore.java,1.1,1.2 SignedNamedObject.java,1.11,1.12
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id
In directory sc8-pr-cvs1:/tmp/cvs-serv10855/src/java/org/neuclear/id
Modified Files:
Identity.java InvalidNamedObject.java NSTools.java
SignatureRequest.java SignedNamedCore.java
SignedNamedObject.java
Log Message:
EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
Otherwise You will Finaliate.
Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final.
This should hopefully make everything more stable (and secure).
Index: Identity.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/Identity.java,v
retrieving revision 1.21
retrieving revision 1.22
diff -C2 -d -r1.21 -r1.22
*** Identity.java 20 Nov 2003 23:42:24 -0000 1.21
--- Identity.java 21 Nov 2003 04:45:13 -0000 1.22
***************
*** 2,5 ****
--- 2,11 ----
* $Id$
* $Log$
+ * Revision 1.22 2003/11/21 04:45:13 pelle
+ * EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
+ * Otherwise You will Finaliate.
+ * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final.
+ * This should hopefully make everything more stable (and secure).
+ *
* Revision 1.21 2003/11/20 23:42:24 pelle
* Getting all the tests to work in id
***************
*** 308,312 ****
*/
! protected Identity(SignedNamedCore core, String repository, String signer, String logger, String receiver, PublicKey pub) throws NeuClearException {
super(core);
this.repository = repository;
--- 314,318 ----
*/
! protected Identity(final SignedNamedCore core, final String repository, final String signer, final String logger, final String receiver, final PublicKey pub) throws NeuClearException {
super(core);
this.repository = repository;
***************
*** 330,334 ****
}
! public SignedNamedObject send(SignedNamedObject obj) throws NeuClearException {
if (!Utility.isEmpty(receiver))
return Sender.quickSend(receiver, obj);
--- 336,340 ----
}
! public SignedNamedObject send(final SignedNamedObject obj) throws NeuClearException {
if (!Utility.isEmpty(receiver))
return Sender.quickSend(receiver, obj);
***************
*** 337,341 ****
}
! final void log(SignedNamedObject obj) throws NeuClearException {
if (!Utility.isEmpty(logger))
Sender.quickSend(logger, obj);
--- 343,347 ----
}
! final void log(final SignedNamedObject obj) throws NeuClearException {
if (!Utility.isEmpty(logger))
Sender.quickSend(logger, obj);
***************
*** 360,364 ****
try {
! PublicKey rootpk = CryptoTools.createPK(NSROOTPKMOD, NSROOTPKEXP);
return new Identity(SignedNamedCore.createRootCore(), NSResolver.NSROOTSTORE,
null, null, null, rootpk);
--- 366,370 ----
try {
! final PublicKey rootpk = CryptoTools.createPK(NSROOTPKMOD, NSROOTPKEXP);
return new Identity(SignedNamedCore.createRootCore(), NSResolver.NSROOTSTORE,
null, null, null, rootpk);
***************
*** 372,376 ****
public final java.security.cert.Certificate[] getCertificateChain() {
! ArrayList certs = new ArrayList(3);
Identity id = this;
while (id != null) {
--- 378,382 ----
public final java.security.cert.Certificate[] getCertificateChain() {
! final ArrayList certs = new ArrayList(3);
Identity id = this;
while (id != null) {
***************
*** 380,388 ****
certs.add(NEUROOT.getCertificate());
certs.trimToSize();
! Certificate cert[] = new Certificate[certs.size()];
! Iterator iter = certs.iterator();
int i = 0;
while (iter.hasNext()) {
! Certificate certificate = (java.security.cert.Certificate) iter.next();
cert[i++] = certificate;
}
--- 386,394 ----
certs.add(NEUROOT.getCertificate());
certs.trimToSize();
! final Certificate[] cert = new Certificate[certs.size()];
! final Iterator iter = certs.iterator();
int i = 0;
while (iter.hasNext()) {
! final Certificate certificate = (java.security.cert.Certificate) iter.next();
cert[i++] = certificate;
}
***************
*** 432,441 ****
*
*/
! public final void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
if (!getSignatory().getPublicKey().equals(publicKey))
throw new SignatureException("Key didnt match Signature");
}
! public final void verify(PublicKey publicKey, String string) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
verify(publicKey);
}
--- 438,447 ----
*
*/
! public final void verify(final PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
if (!getSignatory().getPublicKey().equals(publicKey))
throw new SignatureException("Key didnt match Signature");
}
! public final void verify(final PublicKey publicKey, final String string) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
verify(publicKey);
}
***************
*** 452,456 ****
//TODO I dont like this being public
! public static class Reader implements NamedObjectReader {
/**
* Read object from Element and fill in its details
--- 458,462 ----
//TODO I dont like this being public
! public static final class Reader implements NamedObjectReader {
/**
* Read object from Element and fill in its details
***************
*** 459,471 ****
* @return
*/
! public final SignedNamedObject read(SignedNamedCore core, Element elem) throws NeuClearException, XMLSecurityException {
! String repository = elem.attributeValue(DocumentHelper.createQName("repository", NSTools.NS_NEUID));
! String signer = elem.attributeValue(DocumentHelper.createQName("signer", NSTools.NS_NEUID));
! String logger = elem.attributeValue(DocumentHelper.createQName("logger", NSTools.NS_NEUID));
! String receiver = elem.attributeValue(DocumentHelper.createQName("receiver", NSTools.NS_NEUID));
! Element allowElement = elem.element(DocumentHelper.createQName("allow", NSTools.NS_NEUID));
! KeyInfo ki = new KeyInfo(allowElement.element(XMLSecTools.createQName("KeyInfo")));
! PublicKey pub = ki.getPublicKey();
return new Identity(core, repository, signer, logger, receiver, pub);
}
--- 465,477 ----
* @return
*/
! public final SignedNamedObject read(final SignedNamedCore core, final Element elem) throws NeuClearException, XMLSecurityException {
! final String repository = elem.attributeValue(DocumentHelper.createQName("repository", NSTools.NS_NEUID));
! final String signer = elem.attributeValue(DocumentHelper.createQName("signer", NSTools.NS_NEUID));
! final String logger = elem.attributeValue(DocumentHelper.createQName("logger", NSTools.NS_NEUID));
! final String receiver = elem.attributeValue(DocumentHelper.createQName("receiver", NSTools.NS_NEUID));
! final Element allowElement = elem.element(DocumentHelper.createQName("allow", NSTools.NS_NEUID));
! final KeyInfo ki = new KeyInfo(allowElement.element(XMLSecTools.createQName("KeyInfo")));
! final PublicKey pub = ki.getPublicKey();
return new Identity(core, repository, signer, logger, receiver, pub);
}
Index: InvalidNamedObject.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/InvalidNamedObject.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** InvalidNamedObject.java 15 Nov 2003 01:58:16 -0000 1.1
--- InvalidNamedObject.java 21 Nov 2003 04:45:13 -0000 1.2
***************
*** 2,5 ****
--- 2,11 ----
* $Id$
* $Log$
+ * Revision 1.2 2003/11/21 04:45:13 pelle
+ * EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
+ * Otherwise You will Finaliate.
+ * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final.
+ * This should hopefully make everything more stable (and secure).
+ *
* Revision 1.1 2003/11/15 01:58:16 pelle
* More work all around on web applications.
***************
*** 88,93 ****
import org.neuclear.commons.NeuClearException;
! public class InvalidNamedObject extends NeuClearException {
! public InvalidNamedObject(String msg) {
super(msg);
}
--- 94,99 ----
import org.neuclear.commons.NeuClearException;
! public final class InvalidNamedObject extends NeuClearException {
! public InvalidNamedObject(final String msg) {
super(msg);
}
Index: NSTools.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/NSTools.java,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -d -r1.14 -r1.15
*** NSTools.java 18 Nov 2003 23:35:45 -0000 1.14
--- NSTools.java 21 Nov 2003 04:45:13 -0000 1.15
***************
*** 2,5 ****
--- 2,11 ----
* $Id$
* $Log$
+ * Revision 1.15 2003/11/21 04:45:13 pelle
+ * EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
+ * Otherwise You will Finaliate.
+ * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final.
+ * This should hopefully make everything more stable (and secure).
+ *
* Revision 1.14 2003/11/18 23:35:45 pelle
* Payment Web Application is getting there.
***************
*** 164,168 ****
* @throws NeuClearException If name isn't a valid NEU Name
*/
! public static String normalizeNameURI(String name) throws NeuClearException {
if (!isValidName(name))
throw new InvalidNamedObject("Name: '" + name + "' is not valid");
--- 170,174 ----
* @throws NeuClearException If name isn't a valid NEU Name
*/
! public static String normalizeNameURI(final String name) throws NeuClearException {
if (!isValidName(name))
throw new InvalidNamedObject("Name: '" + name + "' is not valid");
***************
*** 182,189 ****
* @return boolean
*/
! public static boolean isValidName(String name) {
if (Utility.isEmpty(name))
return false;
! Matcher matcher = VALID.matcher(name);
return (matcher.matches());
}
--- 188,195 ----
* @return boolean
*/
! public static boolean isValidName(final String name) {
if (Utility.isEmpty(name))
return false;
! final Matcher matcher = VALID.matcher(name);
return (matcher.matches());
}
***************
*** 196,203 ****
* @throws NeuClearException if name is invalid
*/
! public static String getParentNSURI(String name) throws NeuClearException {
! String uri = normalizeNameURI(name);
! int slash = uri.lastIndexOf('/');
! int at = uri.indexOf('@');
if (slash < at)
return uri.substring(0, slash + 1) + uri.substring(at + 1);
--- 202,209 ----
* @throws NeuClearException if name is invalid
*/
! public static String getParentNSURI(final String name) throws NeuClearException {
! final String uri = normalizeNameURI(name);
! final int slash = uri.lastIndexOf('/');
! final int at = uri.indexOf('@');
if (slash < at)
return uri.substring(0, slash + 1) + uri.substring(at + 1);
***************
*** 209,219 ****
}
! public static String createUniqueNamedID(String nameSpace, String reqNameSpace) {
// Yeah, yeah there are better ways to do this
! String ms = new Long(System.currentTimeMillis() + new Random().nextLong()).toString(); //TODO seed the Random number generator
! byte ticketsrc[] = new byte[ms.length() + reqNameSpace.length()];
System.arraycopy(ms.getBytes(), 0, ticketsrc, 0, ms.length());
System.arraycopy(reqNameSpace.getBytes(), 0, ticketsrc, ms.length(), reqNameSpace.length());
! String ticket = CryptoTools.formatAsURLSafe(CryptoTools.digest256(ticketsrc));
//Lets reuse ticketsrc for memory reasons
int offset = ms.length() + 1;
--- 215,225 ----
}
! public static String createUniqueNamedID(final String nameSpace, final String reqNameSpace) {
// Yeah, yeah there are better ways to do this
! final String ms = new Long(System.currentTimeMillis() + new Random().nextLong()).toString(); //TODO seed the Random number generator
! final byte[] ticketsrc = new byte[ms.length() + reqNameSpace.length()];
System.arraycopy(ms.getBytes(), 0, ticketsrc, 0, ms.length());
System.arraycopy(reqNameSpace.getBytes(), 0, ticketsrc, ms.length(), reqNameSpace.length());
! final String ticket = CryptoTools.formatAsURLSafe(CryptoTools.digest256(ticketsrc));
//Lets reuse ticketsrc for memory reasons
int offset = ms.length() + 1;
***************
*** 235,245 ****
}
! public static String url2path(String name) {
if (!Utility.isEmpty(name)) {
! Matcher matcher = STRIP_URI_ARROBA.matcher(name);
if (matcher.matches()) {
return "/" + matcher.group(3) + "/@" + matcher.group(2) + Utility.denullString(matcher.group(4));
}
! int loc = name.indexOf("://");
if (loc >= 0)
return name.substring(loc + 2); //leave in one '/'
--- 241,251 ----
}
! public static String url2path(final String name) {
if (!Utility.isEmpty(name)) {
! final Matcher matcher = STRIP_URI_ARROBA.matcher(name);
if (matcher.matches()) {
return "/" + matcher.group(3) + "/@" + matcher.group(2) + Utility.denullString(matcher.group(4));
}
! final int loc = name.indexOf("://");
if (loc >= 0)
return name.substring(loc + 2); //leave in one '/'
Index: SignatureRequest.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/SignatureRequest.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** SignatureRequest.java 20 Nov 2003 16:01:25 -0000 1.5
--- SignatureRequest.java 21 Nov 2003 04:45:13 -0000 1.6
***************
*** 30,33 ****
--- 30,39 ----
$Id$
$Log$
+ Revision 1.6 2003/11/21 04:45:13 pelle
+ EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
+ Otherwise You will Finaliate.
+ Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final.
+ This should hopefully make everything more stable (and secure).
+
Revision 1.5 2003/11/20 16:01:25 pelle
Did a security review of the basic Verification process and needed to make changes.
***************
*** 72,76 ****
*/
public final class SignatureRequest extends SignedNamedObject {
! private SignatureRequest(SignedNamedCore core, String userid, NamedObjectBuilder unsigned, String description) throws NeuClearException {
super(core);
this.userid = userid;
--- 78,82 ----
*/
public final class SignatureRequest extends SignedNamedObject {
! private SignatureRequest(final SignedNamedCore core, final String userid, final NamedObjectBuilder unsigned, final String description) throws NeuClearException {
super(core);
this.userid = userid;
***************
*** 98,109 ****
* @return
*/
! public final SignedNamedObject read(SignedNamedCore core, Element elem) throws NeuClearException, XMLSecurityException {
! Element request = elem.element(DocumentHelper.createQName("Unsigned", NSTools.NS_NEUID));
! String userid = elem.attributeValue(DocumentHelper.createQName("userid", NSTools.NS_NEUID));
! Element uelem = ((Element) request.elements().get(0)).createCopy();
! Document doc = DocumentHelper.createDocument(uelem);
! NamedObjectBuilder unsigned = new NamedObjectBuilder(uelem);
String description = null;
! Element descrelem = elem.element(DocumentHelper.createQName("Description", NSTools.NS_NEUID));
if (descrelem != null)
description = descrelem.getText();
--- 104,115 ----
* @return
*/
! public final SignedNamedObject read(final SignedNamedCore core, final Element elem) throws NeuClearException, XMLSecurityException {
! final Element request = elem.element(DocumentHelper.createQName("Unsigned", NSTools.NS_NEUID));
! final String userid = elem.attributeValue(DocumentHelper.createQName("userid", NSTools.NS_NEUID));
! final Element uelem = ((Element) request.elements().get(0)).createCopy();
! final Document doc = DocumentHelper.createDocument(uelem);
! final NamedObjectBuilder unsigned = new NamedObjectBuilder(uelem);
String description = null;
! final Element descrelem = elem.element(DocumentHelper.createQName("Description", NSTools.NS_NEUID));
if (descrelem != null)
description = descrelem.getText();
Index: SignedNamedCore.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/SignedNamedCore.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** SignedNamedCore.java 20 Nov 2003 16:01:25 -0000 1.1
--- SignedNamedCore.java 21 Nov 2003 04:45:13 -0000 1.2
***************
*** 2,5 ****
--- 2,11 ----
* $Id$
* $Log$
+ * Revision 1.2 2003/11/21 04:45:13 pelle
+ * EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
+ * Otherwise You will Finaliate.
+ * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final.
+ * This should hopefully make everything more stable (and secure).
+ *
* Revision 1.1 2003/11/20 16:01:25 pelle
* Did a security review of the basic Verification process and needed to make changes.
***************
*** 232,236 ****
public final class SignedNamedCore {
! private SignedNamedCore(String name, Identity signer, Timestamp timestamp, String encoded) {
this.name = name;
this.signer = signer;
--- 238,242 ----
public final class SignedNamedCore {
! private SignedNamedCore(final String name, final Identity signer, final Timestamp timestamp, final String encoded) {
this.name = name;
this.signer = signer;
***************
*** 246,256 ****
* @throws NeuClearException
*/
! public final static SignedNamedCore read(Element elem) throws XMLException, NeuClearException {
! String name = NSTools.normalizeNameURI(elem.attributeValue(getNameAttrQName()));
! String signatoryName = NSTools.getParentNSURI(name);
! Identity signatory = NSResolver.resolveIdentity(signatoryName);
if (XMLSecTools.verifySignature(elem, signatory.getPublicKey())) {
! Timestamp timestamp = TimeTools.parseTimeStamp(elem.attributeValue("timestamp"));
return new SignedNamedCore( name, signatory, timestamp,new String(XMLSecTools.canonicalize(elem)));
} else
--- 252,262 ----
* @throws NeuClearException
*/
! public final static SignedNamedCore read(final Element elem) throws XMLException, NeuClearException {
! final String name = NSTools.normalizeNameURI(elem.attributeValue(getNameAttrQName()));
! final String signatoryName = NSTools.getParentNSURI(name);
! final Identity signatory = NSResolver.resolveIdentity(signatoryName);
if (XMLSecTools.verifySignature(elem, signatory.getPublicKey())) {
! final Timestamp timestamp = TimeTools.parseTimeStamp(elem.attributeValue("timestamp"));
return new SignedNamedCore( name, signatory, timestamp,new String(XMLSecTools.canonicalize(elem)));
} else
***************
*** 289,294 ****
*/
public final String getLocalName() {
! String fullName = getName();
! int i = fullName.lastIndexOf('/');
return fullName.substring(i + 1);
}
--- 295,300 ----
*/
public final String getLocalName() {
! final String fullName = getName();
! final int i = fullName.lastIndexOf('/');
return fullName.substring(i + 1);
}
Index: SignedNamedObject.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/SignedNamedObject.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** SignedNamedObject.java 20 Nov 2003 16:01:25 -0000 1.11
--- SignedNamedObject.java 21 Nov 2003 04:45:13 -0000 1.12
***************
*** 2,5 ****
--- 2,11 ----
* $Id$
* $Log$
+ * Revision 1.12 2003/11/21 04:45:13 pelle
+ * EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
+ * Otherwise You will Finaliate.
+ * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final.
+ * This should hopefully make everything more stable (and secure).
+ *
* Revision 1.11 2003/11/20 16:01:25 pelle
* Did a security review of the basic Verification process and needed to make changes.
***************
*** 224,228 ****
public class SignedNamedObject implements SignedObject, Named {
! protected SignedNamedObject(SignedNamedCore core) throws NeuClearException {
this.core=core;
}
--- 230,234 ----
public class SignedNamedObject implements SignedObject, Named {
! protected SignedNamedObject(final SignedNamedCore core) throws NeuClearException {
this.core=core;
}
***************
*** 294,298 ****
* @return
*/
! public SignedNamedObject read(SignedNamedCore core, Element elem) throws NeuClearException, XMLSecurityException {
return new SignedNamedObject(core);
}
--- 300,304 ----
* @return
*/
! public SignedNamedObject read(final SignedNamedCore core, final Element elem) throws NeuClearException, XMLSecurityException {
return new SignedNamedObject(core);
}
|
