[Neuclear-develop] neuclear-id/src/java/org/neuclear/id NSTools.java,1.16,1.17 SignedNamedCore.java,1.3,1.4

[<pe...@us...>]

Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id
In directory sc8-pr-cvs1:/tmp/cvs-serv11933/src/java/org/neuclear/id

Modified Files:
	NSTools.java SignedNamedCore.java 
Log Message:
Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html

Index: NSTools.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/NSTools.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -d -r1.16 -r1.17
*** NSTools.java	6 Dec 2003 00:17:03 -0000	1.16
--- NSTools.java	8 Dec 2003 19:32:32 -0000	1.17
***************
*** 2,5 ****
--- 2,8 ----
   * $Id$
   * $Log$
+  * Revision 1.17  2003/12/08 19:32:32  pelle
+  * Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html
+  *
   * Revision 1.16  2003/12/06 00:17:03  pelle
   * Updated various areas in NSTools.
***************
*** 323,326 ****
--- 326,346 ----
          throw new InvalidNamedObject("Invalid NEU ID: " + name);
      }
+     /**
+      * Checks to see if the following name should be resolved using the HTTP Resolving Scheme
+      * @param name
+      * @return
+      */
+     public static String isHttpScheme(final String name){
+         if (!Utility.isEmpty(name)) {
+             final Matcher matcher = HTTP_SCHEME.matcher(name);
+             if (matcher.matches())
+                 return "http://"+matcher.group(2)+"/_NEUID"; //TODO switch to https
+         }
+         return null;
+ 
+     }
+ 
+     private static final String HTTP_SCHEME_EX="^neu:(neuid:)?\\/\\/(([\\w-]+\\.)+[\\w-]+)$";
+     private static final Pattern HTTP_SCHEME=Pattern.compile(HTTP_SCHEME_EX);
  
      public static final String NEUID_URI = "http://neuclear.org/neu/neuid";
***************
*** 343,346 ****
  
      private static final Pattern STRIP_URI_ARROBA = Pattern.compile(STRIP_URI_ARROBA_EX);
- 
  }
--- 363,365 ----

Index: SignedNamedCore.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/SignedNamedCore.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** SignedNamedCore.java	21 Nov 2003 13:57:27 -0000	1.3
--- SignedNamedCore.java	8 Dec 2003 19:32:32 -0000	1.4
***************
*** 2,5 ****
--- 2,8 ----
   * $Id$
   * $Log$
+  * Revision 1.4  2003/12/08 19:32:32  pelle
+  * Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html
+  *
   * Revision 1.3  2003/11/21 13:57:27  pelle
   * Changed some mutable fields in immutable classes, making them truely immutable. Thus safer.
***************
*** 212,215 ****
--- 215,219 ----
  import org.neuclear.xml.XMLTools;
  import org.neuclear.xml.xmlsec.XMLSecTools;
+ import org.neuclear.xml.xmlsec.KeyInfo;
  import org.neuclear.id.resolver.NSResolver;
  import org.neuclear.id.verifier.VerifyingReader;
***************
*** 217,220 ****
--- 221,225 ----
  import java.sql.Timestamp;
  import java.io.InputStream;
+ import java.security.PublicKey;
  
  /**
***************
*** 249,253 ****
  
      /**
!      * Used to read and authenticate a SignedNamedObject.
       * @param elem
       * @return
--- 254,258 ----
  
      /**
!      * Used to read and authenticate a SignedNamedCore.
       * @param elem
       * @return
***************
*** 258,264 ****
          final String name = NSTools.normalizeNameURI(elem.attributeValue(getNameAttrQName()));
          final String signatoryName = NSTools.getParentNSURI(name);
- 
          final Identity signatory = NSResolver.resolveIdentity(signatoryName);
!         if (XMLSecTools.verifySignature(elem, signatory.getPublicKey())) {
              final Timestamp timestamp = TimeTools.parseTimeStamp(elem.attributeValue("timestamp"));
              return new SignedNamedCore( name, signatory, timestamp,new String(XMLSecTools.canonicalize(elem)));
--- 263,276 ----
          final String name = NSTools.normalizeNameURI(elem.attributeValue(getNameAttrQName()));
          final String signatoryName = NSTools.getParentNSURI(name);
          final Identity signatory = NSResolver.resolveIdentity(signatoryName);
!         PublicKey publicKey = signatory.getPublicKey();
!         if (NSTools.isHttpScheme(name)!=null){
!             // We have a self signed http authenticated certificate and need to extract
!             // the PublicKey from the xml
!             final Element allowElement = elem.element(DocumentHelper.createQName("allow", NSTools.NS_NEUID));
!             final KeyInfo ki = new KeyInfo(allowElement.element(XMLSecTools.createQName("KeyInfo")));
!             publicKey= ki.getPublicKey();
!         }
!         if (XMLSecTools.verifySignature(elem, publicKey)) {
              final Timestamp timestamp = TimeTools.parseTimeStamp(elem.attributeValue("timestamp"));
              return new SignedNamedCore( name, signatory, timestamp,new String(XMLSecTools.canonicalize(elem)));