[Neuclear-develop] Re: interested in neuclear development

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

This sounds excellent. You sound like you've gotten the hang of it.

On Sunday 18 April 2004 20:55, you wrote:
> however i have written a piece of code
> -- SQLSigner [performs the actual signing] -- begun to
> get a hang on this
> -- SQLStore [data object]
> -- SQLStoreAccess [accessor for SQLStore]

Excellent if you want send me the code and I'll have a look at it.

>
> The code might not execute since i have to give some
> finishing touches as yet and test it with the junit
> test case which is in progress...
>
> It would be great if you could tell me if i am in the
> correct lines.
>
> SQLStore
> -- alias [username]
> -- wrapped private key (byte[])
> -- public key (how do we store the byte[] for this)

Just store the getEncoded() value as a string.

>
> for public key, i have done get encoding and stored
> the string, is this the correct way ?
>
> The reason for the wrapped private key is so that this
> will be encoded and no one [even those who have db
> access] will nto be able to hack others keys
>
>
>
> In SQLSigner
> -- public byte[] sign(byte[] data,
> SetPublicKeyCallBack callback)
> i didnt understand why this method is and what is the
> use of setPublicKeyCallBack

SetPublicKeyCallBack is used in situations where the user and not the 
application chooses the alias to sign with. The application then creates this 
callback method, from which it will get the PublicKey from the signer.

Have a look at:
http://cvs.sourceforge.net/viewcvs.py/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/XMLSignature.java?view=markup
in the method void sign(BrowsableSigner signer) for an example of how it is 
done.

The main thing you need to know when implementing the signer is once the data 
has been signed (before returning it), just set the PublicKey on the callback 
method.

>
> -- createKeyPair
> would there be a need to implement this method for
> SQLSigner .. right now i have performed the same
> operation as in generateKey
generateKey() should be all you need.

>
> -- public byte[] sign(String name, byte[] data)
> why would one use this method

This format is used mainly in server applications, where the specific alias is 
known. For example the Asset Controller knows that it is to sign all receipt 
with a specific key, so it calls this method to sign.

>
> -- this question is related to public key ... would it
> be a good idea to write a wrapper method in CryptoTool
> for the encoding/deconding of public key ?

Yup, go ahead if you need it.

>
> will catch up really soon as i have begun to
> understand some aspects of it .. however trying to do
> hibernate and cryptography is a litte challenging for
> me :-)

It sounds like your'e catching up.

>
> with ur help will catch up really fast on this ..
>
> i am really waiting to get this thing up, this is a
> great idea ..

Me too, I'm so impatient here ;-)

>
> the more i think about exchange
> -- stock exchange
> -- exchange for futures/options
> -- pre-paid
> -- paypal

The applications are really limitless. It will be interesting to see what 
people come up with.

>
> can we extend this idea for a mobile payment gateway
> like .. imagine i want to pay for my parking and i can
> send a URL from my cell phone [via SMS or WAP] which
> will be our exchange and this will authenticate and
> pay for the parking .. this idea is tremendous

The way I'm thinking there are two approaches:

1. A WAP based signer using the SQLSigner
2. A MIDP Java app to install on the phone, which allows you to create 
transactions directly there.
>
> its like u dont need any special security device, and
> then ofcourse all the concepts of micro payment and
> blah blah ... and if we have the connectivity to the
> bank then the payment is dedcuted .. i see a million
> scenarios with this

Excactly.

>
> this idea seems to be really catching on me ..i m just
> waiting to get some applicaitons on this one .. i
> think this idea is done with great vision ... i really
> appreciate u

Thanks. Its a hard one to expain without seeing it in practice, but it sounds 
like you understand it.

>
> is there a way i can write a paper on it ? any topic u
> have ofcourse [business related] i will continue to be
> developing this software too ... somehow i think this
> is a very inovating concept

Feel free to register on the NeuClear.org site and write papers there. We are 
going to be doing a lot of work pushing it to the Micro Lending market here 
in Latin America. But there are tons of applications, pick one that you find 
sexy?

>
> Looking forward from some guidance ...

No problem. I've added you to the two neuclear lists you should have received 
your welcome messages by now.

If you want to register as a sourceforge developer go ahead and upload your 
SSH public key. Let me know when that is done and I'll add you as a developer 
on the project.

>
> Feel free to crap the code as Tom Peter Says ..
> Destruction is Great ... Always start with a fresh
> scratch book :-)

Send it to me and I'll look at it. I'm a gentle kind of guy ;-)

>
> Cheers
> Deneb

Pelle
-- 
http://talk.org     + Live and direct from Panama
http://neuclear.org + Clear it both ways with NeuClear