Menu
▾
▴
neuclear-develop — Support requests, cvs etc
You can subscribe to this list here.
| 2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(119) |
Oct
(111) |
Nov
(238) |
Dec
(395) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2004 |
Jan
(239) |
Feb
(59) |
Mar
(354) |
Apr
(489) |
May
(23) |
Jun
(2) |
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
(4) |
May
(5) |
Jun
(2) |
Jul
|
Aug
|
Sep
(3) |
Oct
(14) |
Nov
(17) |
Dec
(9) |
| 2007 |
Jan
(4) |
Feb
(3) |
Mar
|
Apr
(1) |
May
(1) |
Jun
(2) |
Jul
|
Aug
|
Sep
(1) |
Oct
(2) |
Nov
(1) |
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
(1) |
Apr
(7) |
May
(3) |
Jun
(6) |
Jul
(4) |
Aug
(3) |
Sep
(15) |
Oct
(13) |
Nov
(35) |
Dec
(40) |
| 2009 |
Jan
(19) |
Feb
(21) |
Mar
(16) |
Apr
(18) |
May
(36) |
Jun
(20) |
Jul
(32) |
Aug
(11) |
Sep
(3) |
Oct
(2) |
Nov
(2) |
Dec
(13) |
| 2010 |
Jan
(5) |
Feb
(5) |
Mar
(7) |
Apr
(1) |
May
(1) |
Jun
(3) |
Jul
(1) |
Aug
(1) |
Sep
(1) |
Oct
(1) |
Nov
|
Dec
|
| 2011 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
(1) |
Aug
(1) |
Sep
(1) |
Oct
(4) |
Nov
|
Dec
(3) |
| 2012 |
Jan
(3) |
Feb
(3) |
Mar
(1) |
Apr
(4) |
May
(8) |
Jun
(4) |
Jul
(9) |
Aug
(2) |
Sep
(8) |
Oct
(3) |
Nov
(8) |
Dec
(4) |
| 2013 |
Jan
(2) |
Feb
(1) |
Mar
(5) |
Apr
(6) |
May
(10) |
Jun
(5) |
Jul
(6) |
Aug
(7) |
Sep
(5) |
Oct
(2) |
Nov
(4) |
Dec
(4) |
| 2014 |
Jan
(13) |
Feb
(4) |
Mar
(7) |
Apr
(9) |
May
(20) |
Jun
(13) |
Jul
(10) |
Aug
(3) |
Sep
(5) |
Oct
(2) |
Nov
(2) |
Dec
(2) |
| 2015 |
Jan
(3) |
Feb
(3) |
Mar
(5) |
Apr
(4) |
May
(3) |
Jun
(2) |
Jul
(4) |
Aug
(3) |
Sep
(1) |
Oct
|
Nov
(1) |
Dec
(3) |
| 2016 |
Jan
|
Feb
(1) |
Mar
(1) |
Apr
(1) |
May
(1) |
Jun
(2) |
Jul
(1) |
Aug
(4) |
Sep
(3) |
Oct
(3) |
Nov
(4) |
Dec
(2) |
| 2017 |
Jan
|
Feb
(2) |
Mar
|
Apr
(2) |
May
(1) |
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <pe...@us...> - 2003-12-10 23:52:42
|
Update of /cvsroot/neuclear/neuclear-pay/src/java/org/neuclear/asset/receiver/servlet In directory sc8-pr-cvs1:/tmp/cvs-serv988/src/java/org/neuclear/asset/receiver/servlet Modified Files: AssetControllerServlet.java Log Message: Did some cleaning up in the builders Fixed some stuff in IdentityCreator New maven goal to create executable jarapp We are close to 0.8 final of ID, 0.11 final of XMLSIG and 0.5 of commons. Will release shortly. Index: AssetControllerServlet.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-pay/src/java/org/neuclear/asset/receiver/servlet/AssetControllerServlet.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** AssetControllerServlet.java 22 Nov 2003 00:22:28 -0000 1.4 --- AssetControllerServlet.java 10 Dec 2003 23:52:39 -0000 1.5 *************** *** 35,38 **** --- 35,45 ---- $Id$ $Log$ + Revision 1.5 2003/12/10 23:52:39 pelle + Did some cleaning up in the builders + Fixed some stuff in IdentityCreator + New maven goal to create executable jarapp + We are close to 0.8 final of ID, 0.11 final of XMLSIG and 0.5 of commons. + Will release shortly. + Revision 1.4 2003/11/22 00:22:28 pelle All unit tests in commons, id and xmlsec now work. *************** *** 51,55 **** Refactored the relationship between SignedNamedObject and NamedObjectBuilder a bit. SignedNamedObject now contains the full xml which is returned with getEncoded() ! This means that it is now possible to further send on or process a SignedNamedObject, leaving NamedObjectBuilder for its original purposes of purely generating new Contracts. NamedObjectBuilder.sign() now returns a SignedNamedObject which is the prefered way of processing it. --- 58,62 ---- Refactored the relationship between SignedNamedObject and NamedObjectBuilder a bit. SignedNamedObject now contains the full xml which is returned with getEncoded() ! This means that it is now possible to further receive on or process a SignedNamedObject, leaving NamedObjectBuilder for its original purposes of purely generating new Contracts. NamedObjectBuilder.sign() now returns a SignedNamedObject which is the prefered way of processing it. |
|
From: <pe...@us...> - 2003-12-10 23:52:42
|
Update of /cvsroot/neuclear/neuclear-pay/src/java/org/neuclear/asset/contracts
In directory sc8-pr-cvs1:/tmp/cvs-serv988/src/java/org/neuclear/asset/contracts
Modified Files:
Asset.java AssetTransactionContract.java
Log Message:
Did some cleaning up in the builders
Fixed some stuff in IdentityCreator
New maven goal to create executable jarapp
We are close to 0.8 final of ID, 0.11 final of XMLSIG and 0.5 of commons.
Will release shortly.
Index: Asset.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-pay/src/java/org/neuclear/asset/contracts/Asset.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** Asset.java 21 Nov 2003 04:43:04 -0000 1.9
--- Asset.java 10 Dec 2003 23:52:39 -0000 1.10
***************
*** 6,11 ****
import org.neuclear.commons.Utility;
import org.neuclear.id.*;
- import org.neuclear.id.verifier.VerifyingReader;
- import org.neuclear.senders.SoapSender;
import org.neuclear.xml.xmlsec.KeyInfo;
import org.neuclear.xml.xmlsec.XMLSecTools;
--- 6,9 ----
***************
*** 13,17 ****
import java.security.PublicKey;
- import java.sql.Timestamp;
/*
--- 11,14 ----
***************
*** 35,38 ****
--- 32,42 ----
$Id$
$Log$
+ Revision 1.10 2003/12/10 23:52:39 pelle
+ Did some cleaning up in the builders
+ Fixed some stuff in IdentityCreator
+ New maven goal to create executable jarapp
+ We are close to 0.8 final of ID, 0.11 final of XMLSIG and 0.5 of commons.
+ Will release shortly.
+
Revision 1.9 2003/11/21 04:43:04 pelle
EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
***************
*** 48,52 ****
Refactored the relationship between SignedNamedObject and NamedObjectBuilder a bit.
SignedNamedObject now contains the full xml which is returned with getEncoded()
! This means that it is now possible to further send on or process a SignedNamedObject, leaving
NamedObjectBuilder for its original purposes of purely generating new Contracts.
NamedObjectBuilder.sign() now returns a SignedNamedObject which is the prefered way of processing it.
--- 52,56 ----
Refactored the relationship between SignedNamedObject and NamedObjectBuilder a bit.
SignedNamedObject now contains the full xml which is returned with getEncoded()
! This means that it is now possible to further receive on or process a SignedNamedObject, leaving
NamedObjectBuilder for its original purposes of purely generating new Contracts.
NamedObjectBuilder.sign() now returns a SignedNamedObject which is the prefered way of processing it.
***************
*** 98,124 ****
*/
public final class Asset extends Identity {
! protected Asset(final SignedNamedCore core, final String repository, final String signer, final String logger, final String receiver, final PublicKey pub, final String assetController, final int decimal, final double minimumTransaction) throws NeuClearException {
super(core, repository, signer, logger, receiver, pub);
- this.assetController = assetController;
this.decimal = decimal;
this.multiplier = (int) Math.round(Math.pow(10, -decimal));
! this.minimumTransaction=minimumTransaction;
! }
!
!
! public final String getControllerURL() {
! return assetController;
}
- /**
- * Sends a contract to the Assets controller.
- *
- * @param obj NamedObjectBuilder
- * @return The receipt
- * @throws NeuClearException
- */
- public final SignedNamedObject send(final SignedNamedObject obj) throws NeuClearException {
- return SoapSender.quickSend(assetController, obj);
- }
/**
--- 102,112 ----
*/
public final class Asset extends Identity {
! protected Asset(final SignedNamedCore core, final String repository, final String signer, final String logger, final String receiver, final PublicKey pub, final int decimal, final double minimumTransaction) throws NeuClearException {
super(core, repository, signer, logger, receiver, pub);
this.decimal = decimal;
this.multiplier = (int) Math.round(Math.pow(10, -decimal));
! this.minimumTransaction = minimumTransaction;
}
/**
***************
*** 157,161 ****
if (!elem.getNamespace().equals(AssetGlobals.createNameSpace()))
throw new UnsupportedOperationException("");
- final String assetController = elem.attributeValue("controller");
final String repository = elem.attributeValue(DocumentHelper.createQName("repository", NSTools.NS_NEUID));
final String signer = elem.attributeValue(DocumentHelper.createQName("signer", NSTools.NS_NEUID));
--- 145,148 ----
***************
*** 171,182 ****
final double minimum = (!Utility.isEmpty(min)) ? Double.parseDouble(min) : 0;
! return new Asset(core, repository, signer, logger, receiver, pub, assetController, decimal, minimum);
}
-
}
- private final String assetController;
private final int decimal;
private final int multiplier;
--- 158,167 ----
final double minimum = (!Utility.isEmpty(min)) ? Double.parseDouble(min) : 0;
! return new Asset(core, repository, signer, logger, receiver, pub, decimal, minimum);
}
}
private final int decimal;
private final int multiplier;
Index: AssetTransactionContract.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-pay/src/java/org/neuclear/asset/contracts/AssetTransactionContract.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** AssetTransactionContract.java 28 Nov 2003 00:11:50 -0000 1.8
--- AssetTransactionContract.java 10 Dec 2003 23:52:39 -0000 1.9
***************
*** 21,27 ****
* $Id$
* $Log$
* Revision 1.8 2003/11/28 00:11:50 pelle
* Getting the NeuClear web transactions working.
! *
* Revision 1.7 2003/11/22 00:22:28 pelle
* All unit tests in commons, id and xmlsec now work.
--- 21,34 ----
* $Id$
* $Log$
+ * Revision 1.9 2003/12/10 23:52:39 pelle
+ * Did some cleaning up in the builders
+ * Fixed some stuff in IdentityCreator
+ * New maven goal to create executable jarapp
+ * We are close to 0.8 final of ID, 0.11 final of XMLSIG and 0.5 of commons.
+ * Will release shortly.
+ *
* Revision 1.8 2003/11/28 00:11:50 pelle
* Getting the NeuClear web transactions working.
! * <p/>
* Revision 1.7 2003/11/22 00:22:28 pelle
* All unit tests in commons, id and xmlsec now work.
***************
*** 43,47 ****
* Refactored the relationship between SignedNamedObject and NamedObjectBuilder a bit.
* SignedNamedObject now contains the full xml which is returned with getEncoded()
! * This means that it is now possible to further send on or process a SignedNamedObject, leaving
* NamedObjectBuilder for its original purposes of purely generating new Contracts.
* NamedObjectBuilder.sign() now returns a SignedNamedObject which is the prefered way of processing it.
--- 50,54 ----
* Refactored the relationship between SignedNamedObject and NamedObjectBuilder a bit.
* SignedNamedObject now contains the full xml which is returned with getEncoded()
! * This means that it is now possible to further receive on or process a SignedNamedObject, leaving
* NamedObjectBuilder for its original purposes of purely generating new Contracts.
* NamedObjectBuilder.sign() now returns a SignedNamedObject which is the prefered way of processing it.
|
|
From: <pe...@us...> - 2003-12-09 23:41:49
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/source
In directory sc8-pr-cvs1:/tmp/cvs-serv16140/src/java/org/neuclear/source
Modified Files:
CachedSource.java
Log Message:
IdentityCreator is now the default class of the uber jar.
It has many new features such as:
- Self signed certificates
- Unsigned Certificates (for external signing)
- Signing of Externally generated Certificates
- Command Line verification of an Identity name
CachedSource now supports freshness. It needs to be tested a bit more thoroughly
though.
Documentation including the bdg has been updated to reflect these changes.
Index: CachedSource.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/source/CachedSource.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -C2 -d -r1.15 -r1.16
*** CachedSource.java 6 Dec 2003 00:17:03 -0000 1.15
--- CachedSource.java 9 Dec 2003 23:41:44 -0000 1.16
***************
*** 3,6 ****
--- 3,19 ----
* $Id$
* $Log$
+ * Revision 1.16 2003/12/09 23:41:44 pelle
+ * IdentityCreator is now the default class of the uber jar.
+ * It has many new features such as:
+ * - Self signed certificates
+ * - Unsigned Certificates (for external signing)
+ * - Signing of Externally generated Certificates
+ * - Command Line verification of an Identity name
+ *
+ * CachedSource now supports freshness. It needs to be tested a bit more thoroughly
+ * though.
+ *
+ * Documentation including the bdg has been updated to reflect these changes.
+ *
* Revision 1.15 2003/12/06 00:17:03 pelle
* Updated various areas in NSTools.
***************
*** 136,141 ****
final File object = new File(cachedirpath + NSTools.name2path(name) + "/root.id");
try {
! if (!object.exists()) { //TODO check for freshness
object.getParentFile().mkdirs();
final InputStream in = src.getStream(endpoint, name);
final OutputStream out = new FileOutputStream(object);
--- 149,156 ----
final File object = new File(cachedirpath + NSTools.name2path(name) + "/root.id");
try {
! if (!object.exists()||((object.lastModified()+MS_STALE)<System.currentTimeMillis())) {
object.getParentFile().mkdirs();
+ if (object.exists())
+ object.delete();
final InputStream in = src.getStream(endpoint, name);
final OutputStream out = new FileOutputStream(object);
***************
*** 157,161 ****
private final Source src;
private final String cachedirpath;
!
}
--- 172,176 ----
private final Source src;
private final String cachedirpath;
! private final static long MS_STALE=8640000; // Milliseconds until a cache entry is stale
}
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/tools/commandline In directory sc8-pr-cvs1:/tmp/cvs-serv16140/src/java/org/neuclear/id/tools/commandline Added Files: BuildAllTopLevel.java BuildHttpIdentity.java CommandLineSigner.java IdentityCreator.java Log Message: IdentityCreator is now the default class of the uber jar. It has many new features such as: - Self signed certificates - Unsigned Certificates (for external signing) - Signing of Externally generated Certificates - Command Line verification of an Identity name CachedSource now supports freshness. It needs to be tested a bit more thoroughly though. Documentation including the bdg has been updated to reflect these changes. --- NEW FILE: BuildAllTopLevel.java --- package org.neuclear.id.tools.commandline; import org.neuclear.commons.NeuClearException; import org.neuclear.commons.crypto.passphraseagents.GuiDialogAgent; import org.neuclear.commons.crypto.signers.*; import org.neuclear.id.SignedNamedObject; import org.neuclear.id.builders.IdentityBuilder; import org.neuclear.store.FileStore; import org.neuclear.store.Store; import org.neuclear.xml.XMLException; import java.io.FileNotFoundException; import java.security.GeneralSecurityException; /* NeuClear Distributed Transaction Clearing Platform (C) 2003 Pelle Braendgaard This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA $Id: BuildAllTopLevel.java,v 1.1 2003/12/09 23:41:44 pelle Exp $ $Log: BuildAllTopLevel.java,v $ Revision 1.1 2003/12/09 23:41:44 pelle IdentityCreator is now the default class of the uber jar. It has many new features such as: - Self signed certificates - Unsigned Certificates (for external signing) - Signing of Externally generated Certificates - Command Line verification of an Identity name CachedSource now supports freshness. It needs to be tested a bit more thoroughly though. Documentation including the bdg has been updated to reflect these changes. Revision 1.3 2003/12/08 19:32:32 pelle Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html Revision 1.2 2003/11/21 04:45:13 pelle EncryptedFileStore now works. It uses the PBECipher with DES3 afair. Otherwise You will Finaliate. Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. This should hopefully make everything more stable (and secure). Revision 1.1 2003/11/20 23:42:24 pelle Getting all the tests to work in id Removing usage of BC in CryptoTools as it was causing issues. First version of EntityLedger that will use OFB's EntityEngine. This will allow us to support a vast amount databases without writing SQL. (Yipee) */ /** * User: pelleb * Date: Nov 20, 2003 * Time: 3:26:45 PM */ public final class BuildAllTopLevel { public static SignedNamedObject createIdentities(final String name, final Signer signer, final PublicKeySource pubsource) throws NeuClearException, XMLException { final IdentityBuilder id = new IdentityBuilder( name, pubsource.getPublicKey(name), "http://repository.neuclear.org", "http://users.neuclear.org:8080/Signer", "http://logger.neuclear.org", "mailto:pe...@ne..."); System.out.println("Signing: " + name); return id.sign(signer); } public static void main(final String[] args) { try { final JCESigner rootsig = new DefaultSigner(new GuiDialogAgent()); final JCESigner testsig = new TestCaseSigner(); final Store store = new FileStore("target/testdata/repository"); store.receive(createIdentities("neu://", rootsig, rootsig)); store.receive(createIdentities("neu://test", rootsig, testsig)); store.receive(createIdentities("neu://pelle@neuclear.org", rootsig, rootsig)); store.receive(createIdentities("neu://pelle", rootsig, rootsig)); store.receive(createIdentities("neu://verax", rootsig, rootsig)); store.receive(createIdentities("neu://bob@test", testsig, testsig)); store.receive(createIdentities("neu://alice@test", testsig, testsig)); } catch (NeuClearException e) { e.printStackTrace(); } catch (GeneralSecurityException e) { e.printStackTrace(); } catch (FileNotFoundException e) { e.printStackTrace(); } catch (XMLException e) { e.printStackTrace(); } } } --- NEW FILE: BuildHttpIdentity.java --- package org.neuclear.id.tools.commandline; import org.neuclear.commons.NeuClearException; import org.neuclear.commons.Utility; import org.neuclear.commons.crypto.passphraseagents.GuiDialogAgent; import org.neuclear.commons.crypto.passphraseagents.CommandLineAgent; import org.neuclear.commons.crypto.signers.*; import org.neuclear.id.SignedNamedObject; import org.neuclear.id.NSTools; import org.neuclear.id.builders.IdentityBuilder; import org.neuclear.store.FileStore; import org.neuclear.store.Store; import org.neuclear.xml.XMLException; import java.io.*; import java.security.GeneralSecurityException; /* NeuClear Distributed Transaction Clearing Platform (C) 2003 Pelle Braendgaard This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA $Id: BuildHttpIdentity.java,v 1.1 2003/12/09 23:41:44 pelle Exp $ $Log: BuildHttpIdentity.java,v $ Revision 1.1 2003/12/09 23:41:44 pelle IdentityCreator is now the default class of the uber jar. It has many new features such as: - Self signed certificates - Unsigned Certificates (for external signing) - Signing of Externally generated Certificates - Command Line verification of an Identity name CachedSource now supports freshness. It needs to be tested a bit more thoroughly though. Documentation including the bdg has been updated to reflect these changes. Revision 1.2 2003/12/08 22:05:08 pelle Some further documentation. Added the start of a busy developers guide form neuclear-id Revision 1.1 2003/12/08 19:32:32 pelle Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html Revision 1.2 2003/11/21 04:45:13 pelle EncryptedFileStore now works. It uses the PBECipher with DES3 afair. Otherwise You will Finaliate. Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. This should hopefully make everything more stable (and secure). Revision 1.1 2003/11/20 23:42:24 pelle Getting all the tests to work in id Removing usage of BC in CryptoTools as it was causing issues. First version of EntityLedger that will use OFB's EntityEngine. This will allow us to support a vast amount databases without writing SQL. (Yipee) */ /** * User: pelleb * Date: Nov 20, 2003 * Time: 3:26:45 PM */ public final class BuildHttpIdentity { public static void main(final String[] args) { try { if (args.length<2){ System.err.println("Usage: java org.neuclear.id.tools.commandline.BuildHttpIdentity name receiver"); System.err.println("eg. java org.neuclear.id.tools.commandline.BuildHttpIdentity neu://neuclear.org mailto:bo...@ne..."); System.exit(1); } final JCESigner rootsig = new DefaultSigner(new GuiDialogAgent()); createIdentity(args[0], rootsig,args[1]); } catch (NeuClearException e) { e.printStackTrace(); } catch (GeneralSecurityException e) { e.printStackTrace(); } catch (FileNotFoundException e) { e.printStackTrace(); } catch (XMLException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); //To change body of catch statement use Options | File Templates. } System.exit(0); } private static void createIdentity(final String name, final JCESigner rootsig,String receiver) throws NeuClearException, XMLException, IOException { System.out.println("Creating "+name); String store = NSTools.isHttpScheme(name); boolean isTopLevel=!Utility.isEmpty(store); if (!isTopLevel) { // If this isn't a top level we will derive the repository from its parent. store=NSTools.isHttpScheme(NSTools.getParentNSURI(name)); } final IdentityBuilder id = new IdentityBuilder( name, rootsig.getPublicKey(name), store, "http://localhost:11870/Signer", "http://logger.neuclear.org", receiver); System.out.println("Signing: " + name); id.sign((isTopLevel)?name:NSTools.getParentNSURI(name),rootsig); String filename = "_NEUID"+NSTools.name2path(name)+"/root.id"; System.out.println("Saving to: "+filename); File fout=new File(filename); fout.getParentFile().mkdirs(); OutputStream os=new FileOutputStream(fout); os.write(id.canonicalize()); os.close(); } } --- NEW FILE: CommandLineSigner.java --- /* $Id: CommandLineSigner.java,v 1.1 2003/12/09 23:41:44 pelle Exp $ * $Log: CommandLineSigner.java,v $ * Revision 1.1 2003/12/09 23:41:44 pelle * IdentityCreator is now the default class of the uber jar. * It has many new features such as: * - Self signed certificates * - Unsigned Certificates (for external signing) * - Signing of Externally generated Certificates * - Command Line verification of an Identity name * * CachedSource now supports freshness. It needs to be tested a bit more thoroughly * though. * * Documentation including the bdg has been updated to reflect these changes. * * Revision 1.14 2003/11/21 04:45:13 pelle * EncryptedFileStore now works. It uses the PBECipher with DES3 afair. * Otherwise You will Finaliate. * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. * This should hopefully make everything more stable (and secure). * * Revision 1.13 2003/11/13 23:26:42 pelle * The signing service and web authentication application is now almost working. * * Revision 1.12 2003/11/11 21:18:43 pelle * Further vital reshuffling. * org.neudist.crypto.* and org.neudist.utils.* have been moved to respective areas under org.neuclear.commons * org.neuclear.signers.* as well as org.neuclear.passphraseagents have been moved under org.neuclear.commons.crypto as well. * Did a bit of work on the Canonicalizer and changed a few other minor bits. * * Revision 1.11 2003/10/31 23:58:53 pelle * The IdentityCreator now fully works with the new Signer architecture. * * Revision 1.10 2003/10/29 21:16:27 pelle * Refactored the whole signing process. Now we have an interface called Signer which is the old SignerStore. * To use it you pass a byte array and an alias. The sign method then returns the signature. * If a Signer needs a passphrase it uses a PassPhraseAgent to present a dialogue box, read it from a command line etc. * This new Signer pattern allows us to use secure signing hardware such as N-Cipher in the future for server applications as well * as SmartCards for end user applications. * * Revision 1.9 2003/10/28 23:44:35 pelle * The GuiDialogAgent now works. It simply presents itself as a simple modal dialog box asking for a passphrase. * The two Signer implementations both use it for the passphrase. * * Revision 1.8 2003/10/25 00:39:54 pelle * Fixed SmtpSender it now sends the messages. * Refactored CommandLineSigner. Now it simply signs files read from command line. However new class IdentityCreator * is subclassed and creates new Identities. You can subclass CommandLineSigner to create your own variants. * Several problems with configuration. Trying to solve at the moment. Updated PicoContainer to beta-2 * * Revision 1.7 2003/10/21 22:31:13 pelle * Renamed NeudistException to NeuClearException and moved it to org.neuclear.commons where it makes more sense. * Unhooked the XMLException in the xmlsig library from NeuClearException to make all of its exceptions an independent hierarchy. * Obviously had to perform many changes throughout the code to support these changes. * * Revision 1.6 2003/10/01 19:08:31 pelle * Changed XML Format. Now NameSpace has been modified to Identity also the * xml namespace prefix nsdl has been changed to neuid. * The standard constants for using these have been moved into NSTools. * The NamedObjectBuilder can also now take an Element, such as an unsigned template. * * Revision 1.5 2003/09/26 00:22:07 pelle * Cleanups and final changes to code for refactoring of the Verifier and Reader part. * * Revision 1.4 2003/09/24 23:56:48 pelle * Refactoring nearly done. New model for creating signed objects. * With view for supporting the xmlpull api shortly for performance reasons. * Currently still uses dom4j but that has been refactored out that it * should now be very quick to implement a xmlpull implementation. * * A side benefit of this is that the API has been further simplified. I still have some work * todo with regards to cleaning up some of the outlying parts of the code. * * Revision 1.3 2003/09/23 19:16:28 pelle * Changed NameSpace to Identity. * To cause less confusion in the future. * * Revision 1.2 2003/09/22 19:24:02 pelle * More fixes throughout to problems caused by renaming. * * Revision 1.1.1.1 2003/09/19 14:41:31 pelle * First import into the neuclear project. This was originally under the SF neuclear * project. This marks a general major refactoring and renaming ahead. * * The new name for this code is NeuClear Identity and has the general package header of * org.neuclear.id * There are other areas within the current code which will be split out into other subprojects later on. * In particularly the signers will be completely seperated out as well as the contract types. * * * Revision 1.13 2003/02/18 14:57:21 pelle * Finished Cleaning up Receivers and Stores. * Also updated nsdl.xsd xml schema with latest changes. * The whole API is now very simple. * * Revision 1.12 2003/02/18 00:06:15 pelle * Moved the Signer's into xml-sig * * Revision 1.11 2003/02/16 00:26:18 pelle * Changed the hardcoded logger default to pick it up from LogSender * * Revision 1.10 2003/02/14 21:10:35 pelle * The email sender works. The LogSender and the SoapSender should work but havent been tested yet. * The SignedNamedObject has a new log() method that logs it's contents at it's parent Identity's logger. * The Identity object also has a new method send() which allows one to send a named object to the Identity's * default receiver. * * Revision 1.9 2003/02/14 05:10:13 pelle * New Source model is implemented. * It doesnt quite verify things correctly yet. I'm not yet sure why. * CommandLineSigner is simplified to make it easier to use. * * Revision 1.8 2003/02/10 22:30:14 pelle * Got rid of even further dependencies. In Particular OSCore * * Revision 1.7 2003/02/09 00:15:55 pelle * Fixed things so they now compile with r_0.7 of XMLSig * * Revision 1.6 2002/12/17 21:40:58 pelle * First part of refactoring of SignedNamedObject and SignedObject Interface/Class parings. * * Revision 1.5 2002/12/17 20:34:41 pelle * Lots of changes to core functionality. * First of all I've refactored most of the Resolving and verification code. I have a few more things to do * on it before I'm happy. * There is now a NSResolver class, which handles all the namespace resolution. I took most of the functionality * for this out of SignedNamedObject. * Then there is the veriifer, which verifies a given SignedNamedObject using the NSResolver. * This has simplified the SignedNamedObject classes drastically, leaving them as mainly data objects, which is what they * should be. * I have also gone around and tightened up security on many different classes, making clases and/or methods final where appropriate. * NSCache now operates using http://www.waterken.com's fantastic ADT collections library. * Something important has been added, which is a SignRequest named object. This signed object, embeds an unsigned * named object for signing by an end users' signing service. * Now were almost ready to start seriously implementing AssetIssuers and Transfers, which will be the most important * part of the framework. * * Revision 1.4 2002/10/10 21:29:25 pelle * Oops. XML-Signature's SignedInfo element I had coded as SignatureInfo * As I thought Canonicalisation doesnt seem to be standard. * Updated the SignedServlet to default to using ~/.neuclear/signers.ks * * Revision 1.3 2002/10/06 00:39:29 pelle * I have now expanded support for different types of Signers. * There is now a JCESigner which uses a JCE KeyStore for signing. * I have refactored the SigningServlet a bit, eliminating most of the demo code. * This has been moved into DemoSigningServlet. * I have expanded the CommandLineSigner, so it now also has an option for specifying a default signing service. * The default web application now contains two signers. * - The Demo one is still at /Signer * - There is a new one at /personal/Signer this uses the testkeys.ks for * signing anything under neu://test * Note neu://test now has a default interactive signer running on localhost. * So to play with this you must install the webapp on your own local machine. * * Revision 1.2 2002/10/02 21:03:45 pelle * Major Commit * I completely redid the namespace resolving code. * It now works correctly with the new store attribute of the namespace * And can correctly work out the location of a namespace file * by hierarchically signing it. * I have also included several top level namespaces and finalised * the root namespace. * In short all of the above means that we can theoretically call * Neubia live now. (Well on my first deployment anyway). * There is a new CommandLineSigner utility class which creates and signs * namespaces using standard java keystores. * I'm now working on updating the documentation, so other people * than me might have a chance at using it. * * Revision 1.1 2002/09/29 00:22:09 pelle * Several cosmetic changes. * First attempt at a new CommandLine tool for signing and creating namespace files. * This will be used by people to create requests for namespaces. * */ package org.neuclear.id.tools.commandline; import org.apache.commons.cli.*; import org.dom4j.Document; import org.neuclear.commons.Utility; import org.neuclear.commons.NeuClearException; import org.neuclear.commons.time.TimeTools; import org.neuclear.commons.configuration.Configuration; import org.neuclear.commons.configuration.ConfigurationException; import org.neuclear.commons.crypto.CryptoTools; import org.neuclear.commons.crypto.passphraseagents.CommandLineAgent; import org.neuclear.commons.crypto.signers.Signer; import org.neuclear.commons.crypto.signers.DefaultSigner; import org.neuclear.id.SignedNamedObject; import org.neuclear.id.NSTools; import org.neuclear.id.Identity; import org.neuclear.id.resolver.NSResolver; import org.neuclear.id.builders.NamedObjectBuilder; import org.neuclear.xml.XMLException; import org.neuclear.xml.XMLTools; import java.io.*; import java.security.GeneralSecurityException; /** * @author pelleb * @version $Revision: 1.1 $ */ public class CommandLineSigner { public CommandLineSigner(final String[] args) throws ParseException, FileNotFoundException, GeneralSecurityException, NeuClearException { CryptoTools.ensureProvider(); options = createOptions(); final CommandLineParser clparser = CommandLineParserFactory.newParser(); cmd = clparser.parse(options, args); checkArguments(); if (cmd.hasOption('v')){ String name=cmd.getOptionValue('v'); System.out.println("Resolving and Verifying: "+name); try { Identity id=NSResolver.resolveIdentity(name); if (id!=null){ System.out.println("Signed Object: "+id.getName()+ " is verified"); System.out.println("was signed at: "+TimeTools.formatTimeStamp(id.getTimeStamp())); System.out.println("Is of type: "+id.getClass().getName()); System.out.println("repository: "+id.getRepository()); System.out.println("signer: "+id.getSigner()); } else { System.out.println("Couldnt Resolve or Verify the object."); } } catch (NeuClearException e) { System.out.println("Couldnt Resolve or Verify the object."); } System.exit(0); } // agent=(PassPhraseAgent)Configuration.getComponent(PassPhraseAgent.class,"neuclear-id"); sig = new DefaultSigner(new CommandLineAgent()); alias = cmd.getOptionValue("a"); of = cmd.getOptionValue("o"); if (Utility.isEmpty(of)&&cmd.hasOption('i')){ of=cmd.getOptionValue('i')+".id"; } } public static void main(final String[] args) { try { final CommandLineSigner signer = new CommandLineSigner(args); signer.execute(); } catch (Exception e) { e.printStackTrace(); } } public final void checkArguments() { if (!hasArguments()) { final HelpFormatter help = new HelpFormatter(); help.printHelp("java " + this.getClass().getName() + getExtraHelp()+" [--outputfile signed/test.id] " , options); System.exit(1); } } protected String getExtraHelp() { return " --inputfile unsigned/test.id"; } protected boolean hasArguments() { return cmd.hasOption("i")||cmd.hasOption('v'); } public final void execute() { try { final NamedObjectBuilder subject = build(); if (!sig.canSignFor(alias)) { if (!Utility.isEmpty(of)) of=subject.getLocalName()+".xml"; System.err.println("Key with alias: " + alias + " doesnt exist in our keystore. \nSaving unsigned Identity as: "+of); } else { System.err.println("Signing by " + alias + " ..."); subject.sign(alias, sig); } OutputStream dest = System.out; if (!Utility.isEmpty(of)) { final File outFile = new File(of); if (outFile.getParentFile() != null) outFile.getParentFile().mkdirs(); dest = new FileOutputStream(of); System.err.println("Outputting to: " + of); } XMLTools.writeFile(dest, subject.getElement()); System.out.println(); } catch (Exception e) { System.err.println(e.getMessage()); e.printStackTrace(System.err); } } protected NamedObjectBuilder build() throws Exception { final String sf = cmd.getOptionValue("i"); try { InputStream source = System.in; if (!Utility.isEmpty(sf)) { source = new FileInputStream(sf); } final Document doc = XMLTools.loadDocument(source); final NamedObjectBuilder subject = new NamedObjectBuilder(doc); if (Utility.isEmpty(alias)) { alias = Utility.denullString(NSTools.isHttpScheme(subject.getName()),NSTools.getParentNSURI(subject.getName())); } if (!sig.canSignFor(alias)) { System.err.println("You can not sign as " +alias+ " with your current keystore."); System.exit(1); } System.out.println("You are about to sign the following Contract. Please make sure that is what you want."); System.out.println("Type: "+subject.getTagName()); System.out.println("Proposed Name: "+subject.getName()); System.out.println("Raw XML:\n==================="); System.out.println(subject.asXML()); System.out.print("===================\nAre you shure you wish to sign this? (y/N) "); String answer=new jline.ConsoleReader().readLine(); if (!answer.toLowerCase().equals("y")) { System.out.println("Aborted Signing Process"); System.exit(0); } return subject; } catch (FileNotFoundException e) { System.err.println("Couldnt find file: " + sf); System.exit(1); } catch (XMLException e) { System.err.println("Error parsing file: " + sf + "\n" + e.getLocalizedMessage()); System.exit(1); } return null; } private Options createOptions() { // create Options object final Options options = new Options(); // add t option // options.addOption("s", "keystore", true, "specify KeyStore"); // options.addOption("t", "keystoretype", true, "specify KeyStore Type"); // options.addOption("j", "keystorepassword", true, "specify KeyStore Password"); // options.addOption("a", "alias", true, "specify Key Alias in KeyStore"); // options.addOption("p", "password", true, "specify Alias Password"); options.addOption("o", "outputfile", true, "specify Output File"); options.addOption("i", "inputfile", true, "specify Input File"); options.addOption("v", "verify", true, "Specify NEU ID to verify"); getLocalOptions(options); return options; } protected void getLocalOptions(final Options options) { } protected final CommandLine cmd; protected final Options options; public final static String keystore = System.getProperty("user.home") + "/.keystore"; protected final Signer sig; // protected final PassPhraseAgent agent; protected String alias; protected String of; } --- NEW FILE: IdentityCreator.java --- /* $Id: IdentityCreator.java,v 1.1 2003/12/09 23:41:44 pelle Exp $ * $Log: IdentityCreator.java,v $ * Revision 1.1 2003/12/09 23:41:44 pelle * IdentityCreator is now the default class of the uber jar. * It has many new features such as: * - Self signed certificates * - Unsigned Certificates (for external signing) * - Signing of Externally generated Certificates * - Command Line verification of an Identity name * * CachedSource now supports freshness. It needs to be tested a bit more thoroughly * though. * * Documentation including the bdg has been updated to reflect these changes. * * Revision 1.7 2003/12/06 00:17:03 pelle * Updated various areas in NSTools. * Updated URI Validation in particular to support new expanded format * Updated createUniqueID and friends to be a lot more unique and more efficient. * In CryptoTools updated getRandom() to finally use a SecureRandom. * Changed CryptoTools.getFormatURLSafe to getBase36 because that is what it really is. * * Revision 1.6 2003/11/21 04:45:13 pelle * EncryptedFileStore now works. It uses the PBECipher with DES3 afair. * Otherwise You will Finaliate. * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. * This should hopefully make everything more stable (and secure). * * Revision 1.5 2003/11/11 21:18:43 pelle * Further vital reshuffling. * org.neudist.crypto.* and org.neudist.utils.* have been moved to respective areas under org.neuclear.commons * org.neuclear.signers.* as well as org.neuclear.passphraseagents have been moved under org.neuclear.commons.crypto as well. * Did a bit of work on the Canonicalizer and changed a few other minor bits. * * Revision 1.4 2003/11/05 18:50:33 pelle * Refactored org.neuclear.signers.source.Source and implementing classes to provide support for a local filesystem cache. * Also added Unit tests to make sure it actually works and modified IdentityCreator to write directly to the cache if no output filename is given. * * Revision 1.3 2003/10/31 23:58:53 pelle * The IdentityCreator now fully works with the new Signer architecture. * * Revision 1.2 2003/10/29 21:16:27 pelle * Refactored the whole signing process. Now we have an interface called Signer which is the old SignerStore. * To use it you pass a byte array and an alias. The sign method then returns the signature. * If a Signer needs a passphrase it uses a PassPhraseAgent to present a dialogue box, read it from a command line etc. * This new Signer pattern allows us to use secure signing hardware such as N-Cipher in the future for server applications as well * as SmartCards for end user applications. * * Revision 1.1 2003/10/25 00:39:54 pelle * Fixed SmtpSender it now sends the messages. * Refactored CommandLineSigner. Now it simply signs files read from command line. However new class IdentityCreator * is subclassed and creates new Identities. You can subclass CommandLineSigner to create your own variants. * Several problems with configuration. Trying to solve at the moment. Updated PicoContainer to beta-2 * * Revision 1.7 2003/10/21 22:31:13 pelle * Renamed NeudistException to NeuClearException and moved it to org.neuclear.commons where it makes more sense. * Unhooked the XMLException in the xmlsig library from NeuClearException to make all of its exceptions an independent hierarchy. * Obviously had to perform many changes throughout the code to support these changes. * * Revision 1.6 2003/10/01 19:08:31 pelle * Changed XML Format. Now NameSpace has been modified to Identity also the * xml namespace prefix nsdl has been changed to neuid. * The standard constants for using these have been moved into NSTools. * The NamedObjectBuilder can also now take an Element, such as an unsigned template. * * Revision 1.5 2003/09/26 00:22:07 pelle * Cleanups and final changes to code for refactoring of the Verifier and Reader part. * * Revision 1.4 2003/09/24 23:56:48 pelle * Refactoring nearly done. New model for creating signed objects. * With view for supporting the xmlpull api shortly for performance reasons. * Currently still uses dom4j but that has been refactored out that it * should now be very quick to implement a xmlpull implementation. * * A side benefit of this is that the API has been further simplified. I still have some work * todo with regards to cleaning up some of the outlying parts of the code. * * Revision 1.3 2003/09/23 19:16:28 pelle * Changed NameSpace to Identity. * To cause less confusion in the future. * * Revision 1.2 2003/09/22 19:24:02 pelle * More fixes throughout to problems caused by renaming. * * Revision 1.1.1.1 2003/09/19 14:41:31 pelle * First import into the neuclear project. This was originally under the SF neuclear * project. This marks a general major refactoring and renaming ahead. * * The new name for this code is NeuClear Identity and has the general package header of * org.neuclear.id * There are other areas within the current code which will be split out into other subprojects later on. * In particularly the signers will be completely seperated out as well as the contract types. * * * Revision 1.13 2003/02/18 14:57:21 pelle * Finished Cleaning up Receivers and Stores. * Also updated nsdl.xsd xml schema with latest changes. * The whole API is now very simple. * * Revision 1.12 2003/02/18 00:06:15 pelle * Moved the Signer's into xml-sig * * Revision 1.11 2003/02/16 00:26:18 pelle * Changed the hardcoded logger default to pick it up from LogSender * * Revision 1.10 2003/02/14 21:10:35 pelle * The email sender works. The LogSender and the SoapSender should work but havent been tested yet. * The SignedNamedObject has a new log() method that logs it's contents at it's parent Identity's logger. * The Identity object also has a new method send() which allows one to send a named object to the Identity's * default receiver. * * Revision 1.9 2003/02/14 05:10:13 pelle * New Source model is implemented. * It doesnt quite verify things correctly yet. I'm not yet sure why. * CommandLineSigner is simplified to make it easier to use. * * Revision 1.8 2003/02/10 22:30:14 pelle * Got rid of even further dependencies. In Particular OSCore * * Revision 1.7 2003/02/09 00:15:55 pelle * Fixed things so they now compile with r_0.7 of XMLSig * * Revision 1.6 2002/12/17 21:40:58 pelle * First part of refactoring of SignedNamedObject and SignedObject Interface/Class parings. * * Revision 1.5 2002/12/17 20:34:41 pelle * Lots of changes to core functionality. * First of all I've refactored most of the Resolving and verification code. I have a few more things to do * on it before I'm happy. * There is now a NSResolver class, which handles all the namespace resolution. I took most of the functionality * for this out of SignedNamedObject. * Then there is the veriifer, which verifies a given SignedNamedObject using the NSResolver. * This has simplified the SignedNamedObject classes drastically, leaving them as mainly data objects, which is what they * should be. * I have also gone around and tightened up security on many different classes, making clases and/or methods final where appropriate. * NSCache now operates using http://www.waterken.com's fantastic ADT collections library. * Something important has been added, which is a SignRequest named object. This signed object, embeds an unsigned * named object for signing by an end users' signing service. * Now were almost ready to start seriously implementing AssetIssuers and Transfers, which will be the most important * part of the framework. * * Revision 1.4 2002/10/10 21:29:25 pelle * Oops. XML-Signature's SignedInfo element I had coded as SignatureInfo * As I thought Canonicalisation doesnt seem to be standard. * Updated the SignedServlet to default to using ~/.neuclear/signers.ks * * Revision 1.3 2002/10/06 00:39:29 pelle * I have now expanded support for different types of Signers. * There is now a JCESigner which uses a JCE KeyStore for signing. * I have refactored the SigningServlet a bit, eliminating most of the demo code. * This has been moved into DemoSigningServlet. * I have expanded the CommandLineSigner, so it now also has an option for specifying a default signing service. * The default web application now contains two signers. * - The Demo one is still at /Signer * - There is a new one at /personal/Signer this uses the testkeys.ks for * signing anything under neu://test * Note neu://test now has a default interactive signer running on localhost. * So to play with this you must install the webapp on your own local machine. * * Revision 1.2 2002/10/02 21:03:45 pelle * Major Commit * I completely redid the namespace resolving code. * It now works correctly with the new store attribute of the namespace * And can correctly work out the location of a namespace file * by hierarchically signing it. * I have also included several top level namespaces and finalised * the root namespace. * In short all of the above means that we can theoretically call * Neubia live now. (Well on my first deployment anyway). * There is a new CommandLineSigner utility class which creates and signs * namespaces using standard java keystores. * I'm now working on updating the documentation, so other people * than me might have a chance at using it. * * Revision 1.1 2002/09/29 00:22:09 pelle * Several cosmetic changes. * First attempt at a new CommandLine tool for signing and creating namespace files. * This will be used by people to create requests for namespaces. * */ package org.neuclear.id.tools.commandline; import org.apache.commons.cli.Options; import org.neuclear.commons.NeuClearException; import org.neuclear.commons.Utility; import org.neuclear.commons.crypto.CryptoException; import org.neuclear.commons.crypto.signers.PublicKeySource; import org.neuclear.id.NSTools; import org.neuclear.id.builders.IdentityBuilder; import org.neuclear.id.builders.NamedObjectBuilder; import org.neuclear.id.resolver.NSResolver; import org.neuclear.senders.LogSender; import java.io.File; import java.security.PublicKey; /** * @author pelleb * @version $Revision: 1.1 $ */ public final class IdentityCreator extends CommandLineSigner { public IdentityCreator(final String[] args) throws Exception { super(args); if (!(sig instanceof PublicKeySource)) throw new NeuClearException("The default signer has to include public keys"); pksource = (PublicKeySource) sig; identity = cmd.getOptionValue("n"); //final String cachedirpath = System.getProperty("user.home") + "/.neuclear/cache"; // final File cachedir = new File(cachedirpath); // if (!cachedir.exists()) // cachedir.mkdirs(); if (!Utility.isEmpty(identity)){ of = Utility.denullString(of, "_NEUID" + NSTools.name2path(identity) + "/root.id"); alias = Utility.denullString(alias, NSTools.getParentNSURI(identity)); } } public final NamedObjectBuilder build() throws Exception { NamedObjectBuilder subject=null; if (cmd.hasOption('i')) {//If we have an input file we load that instead of creating a new one subject= super.build(); identity=subject.getName(); } String store = NSTools.isHttpScheme(identity); boolean isTopLevel=!Utility.isEmpty(store); if (!isTopLevel) { // If this isn't a top level we will derive the repository from its parent. store=NSTools.isHttpScheme(NSTools.getParentNSURI(identity)); } alias=(isTopLevel)?identity:NSTools.getParentNSURI(identity); final String allow = Utility.denullString(cmd.getOptionValue("w"), identity); final String defaultstore = Utility.denullString(cmd.getOptionValue("r"), store); final String defaultsigner = Utility.denullString(cmd.getOptionValue("s"), "http://localhost:11870/Signer"); final String defaultlogger = Utility.denullString(cmd.getOptionValue("l"), LogSender.LOGGER); final String defaultreceiver = cmd.getOptionValue("b"); final PublicKey newkid = pksource.getPublicKey(allow); if (newkid == null) throw new CryptoException("PublicKey not available for: " + allow); return new IdentityBuilder(identity, newkid, defaultstore, defaultsigner, defaultlogger, defaultreceiver); } public static void main(final String[] args) { try { final IdentityCreator signer = new IdentityCreator(args); signer.execute(); } catch (Exception e) { e.printStackTrace(); } System.exit(0); } protected final String getExtraHelp() { return " --name neu://neu/one --receiver mailto:jo...@so... [--allow neuone --repository http://repository.neuclear.org -signer http://localhost:11870/Signer -logger http://logger.neuclear.org ]"; } protected final boolean hasArguments() { return (cmd.hasOption("i")||cmd.hasOption('v')||(cmd.hasOption("n") && cmd.hasOption("b"))); } protected final void getLocalOptions(final Options options) { options.addOption("n", "name", true, "specify name of new Identity"); options.addOption("w", "allow", true, "specify alias in keystore of public key of new Identity"); options.addOption("r", "repository", true, "Identity's default Repository"); options.addOption("s", "signer", true, "Identity's default Interactive Signer"); options.addOption("l", "logger", true, "Identity's default Logging Service"); options.addOption("b", "receiver", true, "Identity's default Receiver"); } private String identity; private final PublicKeySource pksource; } |
|
From: <pe...@us...> - 2003-12-09 23:41:48
|
Update of /cvsroot/neuclear/neuclear-id In directory sc8-pr-cvs1:/tmp/cvs-serv16140 Modified Files: project.properties Log Message: IdentityCreator is now the default class of the uber jar. It has many new features such as: - Self signed certificates - Unsigned Certificates (for external signing) - Signing of Externally generated Certificates - Command Line verification of an Identity name CachedSource now supports freshness. It needs to be tested a bit more thoroughly though. Documentation including the bdg has been updated to reflect these changes. Index: project.properties =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/project.properties,v retrieving revision 1.19 retrieving revision 1.20 diff -C2 -d -r1.19 -r1.20 *** project.properties 9 Dec 2003 18:11:52 -0000 1.19 --- project.properties 9 Dec 2003 23:41:44 -0000 1.20 *************** *** 19,23 **** maven.test.skip=true ! maven.uberjar.main = org.neuclear.id.tools.commandline.BuildHttpIdentity maven.repo.central = neuclear.org maven.repo.central.directory = /home/sites/neuclear.org/public_html/maven --- 19,23 ---- maven.test.skip=true ! maven.uberjar.main = org.neuclear.id.tools.commandline.IdentityCreator maven.repo.central = neuclear.org maven.repo.central.directory = /home/sites/neuclear.org/public_html/maven |
|
From: <pe...@us...> - 2003-12-09 23:41:48
|
Update of /cvsroot/neuclear/neuclear-id/xdocs
In directory sc8-pr-cvs1:/tmp/cvs-serv16140/xdocs
Modified Files:
bdg.xml installation.xml
Log Message:
IdentityCreator is now the default class of the uber jar.
It has many new features such as:
- Self signed certificates
- Unsigned Certificates (for external signing)
- Signing of Externally generated Certificates
- Command Line verification of an Identity name
CachedSource now supports freshness. It needs to be tested a bit more thoroughly
though.
Documentation including the bdg has been updated to reflect these changes.
Index: bdg.xml
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/xdocs/bdg.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** bdg.xml 9 Dec 2003 16:42:02 -0000 1.2
--- bdg.xml 9 Dec 2003 23:41:45 -0000 1.3
***************
*** 90,98 ****
sign it. Lets run it with our ID and receiver we decided on earlier.
</p>
! <source>
! java -jar neuclear-id-0.8-SNAPSHOT-uber.jar <b>neu://yourdomain.com mailto:ad...@yo...</b>
! Creating neu://yourdomain.com
! Signing: neu://yourdomain.com
! Saving to: _NEUID/yourdomain.com/root.id </source>
<p>
The program asks you for the passphrases for both the keystore and your key. Enter them exactly like you did
--- 90,100 ----
sign it. Lets run it with our ID and receiver we decided on earlier.
</p>
! <source>$ java -jar neuclear-id-0.8-SNAPSHOT-uber.jar --name neu://yourdomain.com --receiver mailto:ad...@yo...
! Please enter passphrase for: KeyStore Passphrase for~/.keystore
! :
! Signing by neu://yourdomain.com ...
! Please enter passphrase for: neu://yourdomain.com
! :
! Outputting to: _NEUID/yourdomain.com/root.id</source>
<p>
The program asks you for the passphrases for both the keystore and your key. Enter them exactly like you did
***************
*** 113,125 ****
<section name="Test your Identity">
<p>
! Now lets write a little tiny bit of code to show what we can do:
</p>
! <source>// Lets get hold of your Identity:
! Identity me=NSResolver.resolveIdentity("<b>neu://yourdomain.com</b>");
! System.out.println(me.getName());</source>
<p>
! Type this snippet into a main method in some class in your favorite IDE. Add the neuclear jar file you downloaded before to
! your classpath and run it.
! If it didnt throw any exceptions you have just resolved your first Identity through the NeuClear ID system.
</p>
</section>
--- 115,129 ----
<section name="Test your Identity">
<p>
! To verify an Identity type the following in your command prompt:
</p>
! <source>$ java -jar neuclear-id-0.8-SNAPSHOT-uber.jar --verify neu://pelle@neuclear.org
! Resolving and Verifying: neu://pelle@neuclear.org
! Signed Object: neu://pelle@neuclear.org is verified
! was signed at: 2003-12-09T10:00:42,466EST
! Is of type: org.neuclear.id.Identity
! repository: http://neuclear.org/_NEUID
! signer: http://localhost:11870/Signer</source>
<p>
! Try it with your new identity that you created above.
</p>
</section>
***************
*** 184,192 ****
that we are asked for the root identity's passphrase and not the one of the sub identity.
</p>
! <source>
! java -jar neuclear-id-0.8-SNAPSHOT-uber.jar <b>neu://bob@yourdomain.com mailto:bo...@yo...</b>
! Creating neu://bob@yourdomain.com
! Signing: neu://bob@yourdomain.com
! Saving to: _NEUID/yourdomain.com/@bob/root.id </source>
<p>
Now all that remains is to copy it to your web server exactly like you did above and your new sub identity is
--- 188,198 ----
that we are asked for the root identity's passphrase and not the one of the sub identity.
</p>
! <source>$ java -jar neuclear-id-0.8-SNAPSHOT-uber.jar --name neu://bob@yourdomain.com --receiver mailto:bo...@yo...
! Please enter passphrase for: KeyStore Passphrase for~/.keystore
! :
! Signing by neu://yourdomain.com ...
! Please enter passphrase for: neu://yourdomain.com
! :
! Outputting to: _NEUID/yourdomain.com/@bob/root.id</source>
<p>
Now all that remains is to copy it to your web server exactly like you did above and your new sub identity is
Index: installation.xml
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/xdocs/installation.xml,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** installation.xml 9 Dec 2003 16:42:02 -0000 1.3
--- installation.xml 9 Dec 2003 23:41:45 -0000 1.4
***************
*** 16,20 ****
Download the <a href="http://neuclear.org/maven/neuclear-id/jars/neuclear-id-0.8-SNAPSHOT-uber.jar">NeuClear ID Executable</a>.
Excuse the long and ugly name, we will package it nicer later on. Currently this tool allows you to create a certificate and
! sign it. The jar file also contains all the required libraries and should be suitable for adding to your favorite IDE's classpath.
</p>
--- 16,21 ----
Download the <a href="http://neuclear.org/maven/neuclear-id/jars/neuclear-id-0.8-SNAPSHOT-uber.jar">NeuClear ID Executable</a>.
Excuse the long and ugly name, we will package it nicer later on. Currently this tool allows you to create a certificate and
! sign it. The jar file also contains all the required libraries and should be suitable for unpacking and
! adding to your favorite IDE's classpath.
</p>
|
|
From: <pe...@us...> - 2003-12-09 23:41:48
|
Update of /cvsroot/neuclear/neuclear-id/src/test/org/neuclear/id/resolver
In directory sc8-pr-cvs1:/tmp/cvs-serv16140/src/test/org/neuclear/id/resolver
Modified Files:
ResolverTests.java
Log Message:
IdentityCreator is now the default class of the uber jar.
It has many new features such as:
- Self signed certificates
- Unsigned Certificates (for external signing)
- Signing of Externally generated Certificates
- Command Line verification of an Identity name
CachedSource now supports freshness. It needs to be tested a bit more thoroughly
though.
Documentation including the bdg has been updated to reflect these changes.
Index: ResolverTests.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/test/org/neuclear/id/resolver/ResolverTests.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** ResolverTests.java 8 Dec 2003 19:32:32 -0000 1.1
--- ResolverTests.java 9 Dec 2003 23:41:44 -0000 1.2
***************
*** 19,23 ****
--- 19,26 ----
assertNotNull(NSResolver.resolveIdentity("neu://alice@test"));
assertNotNull(NSResolver.resolveIdentity("neu://neuclear.org"));
+ assertNotNull(NSResolver.resolveIdentity("neu://pelle@neuclear.org"));
assertNotNull(NSResolver.resolveIdentity("neu://veraxpay.com"));
+ assertNotNull(NSResolver.resolveIdentity("neu://pelle@talk.org"));
+ //assertNotNull(NSResolver.resolveIdentity("neu://will-k.com"));
}
|
|
From: <pe...@us...> - 2003-12-09 23:35:30
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/tools/commandline In directory sc8-pr-cvs1:/tmp/cvs-serv15853/commandline Log Message: Directory /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/tools/commandline added to the repository |
|
From: <pe...@us...> - 2003-12-09 18:11:56
|
Update of /cvsroot/neuclear/neuclear-id In directory sc8-pr-cvs1:/tmp/cvs-serv15725 Modified Files: project.properties Log Message: Moved Command Line tools to org.neuclear.id.tools.commandline Index: project.properties =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/project.properties,v retrieving revision 1.18 retrieving revision 1.19 diff -C2 -d -r1.18 -r1.19 *** project.properties 8 Dec 2003 22:05:09 -0000 1.18 --- project.properties 9 Dec 2003 18:11:52 -0000 1.19 *************** *** 19,23 **** maven.test.skip=true ! maven.uberjar.main = org.neuclear.signers.commandline.BuildHttpIdentity maven.repo.central = neuclear.org maven.repo.central.directory = /home/sites/neuclear.org/public_html/maven --- 19,23 ---- maven.test.skip=true ! maven.uberjar.main = org.neuclear.id.tools.commandline.BuildHttpIdentity maven.repo.central = neuclear.org maven.repo.central.directory = /home/sites/neuclear.org/public_html/maven |
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/signers/commandline In directory sc8-pr-cvs1:/tmp/cvs-serv15725/src/java/org/neuclear/signers/commandline Removed Files: BuildAllTopLevel.java BuildHttpIdentity.java CommandLineSigner.java IdentityCreator.java Log Message: Moved Command Line tools to org.neuclear.id.tools.commandline --- BuildAllTopLevel.java DELETED --- --- BuildHttpIdentity.java DELETED --- --- CommandLineSigner.java DELETED --- --- IdentityCreator.java DELETED --- |
|
From: <pe...@us...> - 2003-12-09 18:11:33
|
Update of /cvsroot/neuclear/neuclear-pay/src/test/org/neuclear/asset/receiver In directory sc8-pr-cvs1:/tmp/cvs-serv15649/src/test/org/neuclear/asset/receiver Modified Files: CreateTestPayments.java Log Message: Moved Command Line tools to org.neuclear.id.tools.commandline Index: CreateTestPayments.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-pay/src/test/org/neuclear/asset/receiver/CreateTestPayments.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** CreateTestPayments.java 21 Nov 2003 04:43:04 -0000 1.4 --- CreateTestPayments.java 9 Dec 2003 18:11:30 -0000 1.5 *************** *** 8,12 **** import org.neuclear.id.builders.NamedObjectBuilder; import org.neuclear.id.resolver.NSResolver; ! import org.neuclear.signers.commandline.CommandLineSigner; import java.io.IOException; --- 8,12 ---- import org.neuclear.id.builders.NamedObjectBuilder; import org.neuclear.id.resolver.NSResolver; ! import org.neuclear.id.tools.commandline.CommandLineSigner; import java.io.IOException; *************** *** 36,39 **** --- 36,42 ---- $Id$ $Log$ + Revision 1.5 2003/12/09 18:11:30 pelle + Moved Command Line tools to org.neuclear.id.tools.commandline + Revision 1.4 2003/11/21 04:43:04 pelle EncryptedFileStore now works. It uses the PBECipher with DES3 afair. |
|
From: <pe...@us...> - 2003-12-09 18:09:26
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/tools In directory sc8-pr-cvs1:/tmp/cvs-serv15182/src/java/org/neuclear/id/tools Log Message: Directory /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/id/tools added to the repository |
|
From: <pe...@us...> - 2003-12-09 16:42:06
|
Update of /cvsroot/neuclear/neuclear-id/xdocs
In directory sc8-pr-cvs1:/tmp/cvs-serv30035/xdocs
Modified Files:
bdg.xml index.xml installation.xml overview.xml
Log Message:
First Chapter of Busy Developers Guide Written. Main documentation restructured somewhat.
Index: bdg.xml
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/xdocs/bdg.xml,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** bdg.xml 8 Dec 2003 22:05:08 -0000 1.1
--- bdg.xml 9 Dec 2003 16:42:02 -0000 1.2
***************
*** 8,20 ****
<body>
! <section name="Introduction">
! <h3>Scope</h3>
<p>
This document describes in Example form the usage of the NeuClear ID API. The Document is not intended as
! an implemntation document or a strict API definition. The current final API Specifications can be found in the
<a href="apidocs/index.html">Project Java Docs</a>.
</p>
! <h3>Purpose</h3>
<p>
The main purpose of the NeuClear ID API is to provide a simple framework and API for building applications
--- 8,25 ----
<body>
! <section name="The Busy Developer's Guide to the NeuClear ID API">
! <h4>Scope</h4>
<p>
This document describes in Example form the usage of the NeuClear ID API. The Document is not intended as
! an implementation document or a strict API definition. The current final API Specifications can be found in the
<a href="apidocs/index.html">Project Java Docs</a>.
</p>
! <h4>Audience</h4>
! <p>
! The audience for this developers guide are expected to be relatively familiar with Java. The instructions are
! currently listed for unix type machines, but it should work on any machine running jdk1.4 including Windows.
! </p>
! <h4>Purpose</h4>
<p>
The main purpose of the NeuClear ID API is to provide a simple framework and API for building applications
***************
*** 22,26 ****
</p>
</section>
! <section name="Creating an Identity">
<p>
All messages (<a href="apidocs/org/neuclear/id/SignedNamedObject.html">SignedNamedObjects</a> in NeuClear lingo)
--- 27,31 ----
</p>
</section>
! <section name="Creating an Top Level Identity for your Domain Name">
<p>
All messages (<a href="apidocs/org/neuclear/id/SignedNamedObject.html">SignedNamedObjects</a> in NeuClear lingo)
***************
*** 29,32 ****
--- 34,40 ----
</p>
<p>
+ Each domain name must create a top level identity, which main job in life is to sign sub identities. So that is where we start.
+ </p>
+ <p>
The easiest way to get started is to use the neuclear-id-uber.jar from a command line.
We need to have the following ready:
***************
*** 35,45 ****
<li>The Name</li>
<li>A default receiver</li>
! <li>A Public/Private KeyPair</li>
</ul>
<p>
As we first need to create a top level Identity for your domain we will use the name neu://yourdomain.com as the
Identity name. For now to keep things simple lets use your email address as the default receiver.
</p>
<p>
Now we know the name of our new identity we first need to create our keypair. Sun provides us with a very badly designed
--- 43,55 ----
<li>The Name</li>
<li>A default receiver</li>
! <li>A RSA Key Pair</li>
</ul>
+ <h4>Pick an Identity Name</h4>
<p>
As we first need to create a top level Identity for your domain we will use the name neu://yourdomain.com as the
Identity name. For now to keep things simple lets use your email address as the default receiver.
</p>
+ <h4>Creating the Key Pair</h4>
<p>
Now we know the name of our new identity we first need to create our keypair. Sun provides us with a very badly designed
***************
*** 47,55 ****
create and store our keypair. The NeuClear toolset will provide its own keygeneration tools soon, but for now we've got to do it like this:
</p>
! <source> <![CDATA[
! $ keytool -genkey -keyalg RSA -alias neu://yourdomain.com
Enter keystore password: #####
What is your first and last name?
! [Unknown]: neu://yourdomain.com
What is the name of your organizational unit?
[Unknown]: Your Domain
--- 57,64 ----
create and store our keypair. The NeuClear toolset will provide its own keygeneration tools soon, but for now we've got to do it like this:
</p>
! <source>$ keytool -genkey -keyalg RSA -alias <b>neu://yourdomain.com</b>
Enter keystore password: #####
What is your first and last name?
! [Unknown]: <b>neu://yourdomain.com</b>
What is the name of your organizational unit?
[Unknown]: Your Domain
***************
*** 65,78 ****
[no]: yes
! Enter key password for <neu://yourdomain.com>
! (RETURN if same as keystore password):
! ]]></source>
<p>
! This makes our commandline look like this:
</p>
! <source> <![CDATA[
! java -jar neuclear-id-uber.jar neu://yourdomain.com mailto:joe...@yo...
! ]]></source>
<p>
</p>
</section>
--- 74,201 ----
[no]: yes
! Enter key password for neu://yourdomain.com
! (RETURN if same as keystore password):</source>
<p>
! What you can see there is the invocation of keytool with the <tt>-genkey</tt> option.
! We pick a RSA key, which is recommended over the default DSA key. The alias must be the same as the ID that you are creating.
! The details about first and last name location etc, are pretty much irrelevant for our purposes, but by convension we like to
! put the ID (eg. <tt>neu://yourdomain.com</tt>) in the first and last name field. What might not be immediately obvious here
! is that keytool creates a default keystore in your home directory at <tt>~/.keystore</tt> this contains your keys and the
! neuclear tools use this keystore later on.
</p>
! <h4>Create the Selfsigned Certificate</h4>
! <p>
! Download the <a href="http://neuclear.org/maven/neuclear-id/jars/neuclear-id-0.8-SNAPSHOT-uber.jar">NeuClear ID Executable</a>.
! Excuse the long and ugly name, we will package it nicer later on. Currently this tool allows you to create a certificate and
! sign it. Lets run it with our ID and receiver we decided on earlier.
! </p>
! <source>
! java -jar neuclear-id-0.8-SNAPSHOT-uber.jar <b>neu://yourdomain.com mailto:ad...@yo...</b>
! Creating neu://yourdomain.com
! Signing: neu://yourdomain.com
! Saving to: _NEUID/yourdomain.com/root.id </source>
! <p>
! The program asks you for the passphrases for both the keystore and your key. Enter them exactly like you did
! before. As the program has to initialise all sorts of cryptographic processes, it might seem a bit slow, but be patient.
! </p>
! <h4>Copy certificate to Web Server</h4>
<p>
+ The Certificate must now be moved to your web server. It has to live in the following file:
+ <tt>http://yourdomain.com/_NEUID/yourdomain.com/root.id</tt><br/>
+ The simplest way to do this in unix is to use <tt>scp</tt>:
+ </p>
+ <source>scp -r _NEUID/ <b>us...@yo...:/home/httpd/htdocs/</b></source>
+ <p>
+ where <tt>user</tt> is your username on the webserver. <tt>yourdomain.com</tt> is webserver domain name and
+ <tt>/home/httpd/htdocs/</tt> the full absolute path to the root of your web server.
+ </p>
+ </section>
+ <section name="Test your Identity">
+ <p>
+ Now lets write a little tiny bit of code to show what we can do:
+ </p>
+ <source>// Lets get hold of your Identity:
+ Identity me=NSResolver.resolveIdentity("<b>neu://yourdomain.com</b>");
+ System.out.println(me.getName());</source>
+ <p>
+ Type this snippet into a main method in some class in your favorite IDE. Add the neuclear jar file you downloaded before to
+ your classpath and run it.
+ If it didnt throw any exceptions you have just resolved your first Identity through the NeuClear ID system.
+ </p>
+ </section>
+ <section name="Creating a Sub Identity">
+ <p>
+ We dont recommend using top level identities for anything but signing sub identities. So for us to actually get started on some
+ real fun we need to create a new sub identity. This is pretty much a repitition of the above, so I will just highlight the differences
+ here.
+ </p>
+ <h4>Chosing the name</h4>
+ <p>
+ By convention there are two ways you can name a sub identity. For individuals or roles use the familiar email naming
+ convention. Such as:
+ </p>
+ <ul>
+ <li><tt>neu://bob@yourdomain.com</tt></li>
+ <li><tt>neu://sales@yourdomain.com</tt></li>
+ </ul>
+ <p>
+ If you want your sub identity to be a process or service. Such as an ecommerce site, an asset transfer system or an exchange system use
+ this format:
+ </p>
+ <ul>
+ <li><tt>neu://yourdomain.com/store</tt></li>
+ <li><tt>neu://yourdomain.com/homebanking</tt></li>
+ </ul>
+ <p>
+ The two formats are functionally equivalent, but are separated stylistically to make it easier to understand for
+ end users.
+ </p>
+ <p>
+ So for our example we picked <tt>neu://bob@yourdomain.com</tt>
+ </p>
+ <h4>Creating the Key Pair</h4>
+ <p>
+ Create a new keypair just like you did before:
+ </p>
+ <source>$ keytool -genkey -keyalg RSA -alias <b>neu://bob@yourdomain.com</b>
+ Enter keystore password: #####
+ What is your first and last name?
+ [Unknown]: <b>neu://bob@yourdomain.com</b>
+ What is the name of your organizational unit?
+ [Unknown]: Your Domain
+ What is the name of your organization?
+ [Unknown]: Your Domain
+ What is the name of your City or Locality?
+ [Unknown]: Panama City
+ What is the name of your State or Province?
+ [Unknown]: Panama
+ What is the two-letter country code for this unit?
+ [Unknown]: PA
+ Is CN=neu://bob@yourdomain.com, OU=Your Domain, O=Your Domain, L=Panama City, ST=Panama, C=PA correct?
+ [no]: yes
+
+ Enter key password for neu://bob@yourdomain.com
+ (RETURN if same as keystore password):</source>
+ <h4>Create the Signed Certificate</h4>
+ <p>
+ Again we need to create a certificate. This time however it is not self signed, but signed
+ by the top level identity we created above. As long as we create the two identities on the same
+ machine. The process is completely identical from a users stand point, with the notable exception
+ that we are asked for the root identity's passphrase and not the one of the sub identity.
+ </p>
+ <source>
+ java -jar neuclear-id-0.8-SNAPSHOT-uber.jar <b>neu://bob@yourdomain.com mailto:bo...@yo...</b>
+ Creating neu://bob@yourdomain.com
+ Signing: neu://bob@yourdomain.com
+ Saving to: _NEUID/yourdomain.com/@bob/root.id </source>
+ <p>
+ Now all that remains is to copy it to your web server exactly like you did above and your new sub identity is
+ ready and live.
+ </p>
+
+ </section>
+ <section name="Signing and verifying messages">
+ <p>
+ Coming soon.
</p>
</section>
Index: index.xml
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/xdocs/index.xml,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** index.xml 8 Dec 2003 19:32:33 -0000 1.4
--- index.xml 9 Dec 2003 16:42:02 -0000 1.5
***************
*** 17,51 ****
</p>
</section>
! <section name="Rethinking PKI">
! <p>
! I am a big believer in Public/Private Key crypto and digital signatures. The core technology is so elegant and
! has so many uses it is a wonder that it never quite took off. Unless you start
! addressing the many problems involved with the actual implementations and applications of the
! technology, see Ian Griggs wonderful rants here and you might understand:
</p>
!
! <ul><li><a href="http://www.iang.org/ssl/">SSL</a></li>
! <li><a href="http://www.iang.org/ssl/pki_considered_harmful.html">PKI</a></li>
! </ul>
!
! <p>The purpose of writing a new PKI system by scratch for NeuClear was to create a system that was:</p>
!
! <ul><li>Easy to use and understand for average users</li>
! <li>completely legacy free (ie. http (or p2p) not ldap, xml not asn.1 nor x509)</li>
! <li>Not be succeptible to government manipulation such as the dns system.</li>
! <li>Leave CyberSpace <span class="caps">ID</span> to Meat Space <span class="caps">ID</span> mapping to optional higher levels.</li>
! <li>Make accessability a higher priority than theoretical threat analysis (See Ian's rants again above)</li>
! </ul>
<p>
! The NeuClear ID attempts to take flexibility of <a href="http://www.pgp.org">PGP</a> and merge it with the
! ease of use of DNS. We have attempted to stay away from any of the thought processes behind the traditional X509
! CA model as offered by VeriSign, as we belive it doesnt solve any problems and presents too many.
</p>
<p>
! The Core technology is based on XML. With heavy use of the new XML-Signature standard to handle trust and
! security aspects of the framework. The initial implementation is in Java, but there is absolutely no
! reason at all that it couldnt be implemented in say C#, Pythom or Perl.
</p>
! </section>
</body>
--- 17,42 ----
</p>
</section>
! <section name="Busy Developer Guide">
! <p>
! We are working on expanding our documentation now. Besides expanding our <a href="apidocs/index.html">API Documentation</a>,
! we also now have a <a href="bdg.html">busy developers guide</a>. Aimed to get developers started with their own Identities
! quickly and easily.
</p>
! </section>
! <section name="Road Map">
<p>
! The current development version is 0.8-SNAPSHOT. Our aim for 0.8 FINAL is to stabilize and freeze the API.
! Thus the goal is to acheive usability for application developers. This should be reached in mid December 2003.
</p>
<p>
! Our aim for the next version 0.9 is to stabilize and freeze the underlying xml formats and standards as well
! as to create more userland tools. Thus the goal is to fix the underlying format making it easier for other implementations
! of NeuClear ID. This should be reached early on in January 2004
</p>
! <p>
! Our goal is for 1.0 the following release to be fairly polished from a usability standpoint. Our goal is to release this
! in February 2004.
! </p>
! </section>
</body>
Index: installation.xml
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/xdocs/installation.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** installation.xml 11 Nov 2003 02:31:47 -0000 1.2
--- installation.xml 9 Dec 2003 16:42:02 -0000 1.3
***************
*** 8,12 ****
<body>
! <section name="Requirements">
<p>
To build the NeuClear framework you first need to install <a href="http://maven.apache.org/">Maven</a>.
--- 8,24 ----
<body>
! <section name="Requirements">
! <p>
! Any JRE 1.4 VM should work. <a href="http://www.java.com:80/en/download/manual.jsp">Get the latest for your platform straight from Sun</a>.
! If you are running Mac OS/X Jaguar or Panther you should already be set. Please let us know of any problems.
! </p>
! <p>
! Download the <a href="http://neuclear.org/maven/neuclear-id/jars/neuclear-id-0.8-SNAPSHOT-uber.jar">NeuClear ID Executable</a>.
! Excuse the long and ugly name, we will package it nicer later on. Currently this tool allows you to create a certificate and
! sign it. The jar file also contains all the required libraries and should be suitable for adding to your favorite IDE's classpath.
! </p>
!
! </section>
! <section name="Requirements for Building">
<p>
To build the NeuClear framework you first need to install <a href="http://maven.apache.org/">Maven</a>.
Index: overview.xml
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/xdocs/overview.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** overview.xml 11 Nov 2003 02:31:47 -0000 1.2
--- overview.xml 9 Dec 2003 16:42:02 -0000 1.3
***************
*** 8,37 ****
<body>
! <section name="Simplifying Identity">
<p>
! If you believe most vendors selling Identity software, Identity is all about identifying the national ID
! number of the person who is clicking the mouse that links to your web site. This means that the relatively
! simple concept of verifying the person who logs in as "misterwhammo" to your web site as the same person
! who buys the t-shirt you are selling is made difficult.
</p>
<p>
! <a href="http://neuclear.org/id/">NeuClear ID</a> aims to cut the <i>Real World</i> aspect of Identity out
! of the core feature of online identity and makes it an optional extra. NeuClear presents Identity as a set
! of simple id's that your average user can easily setup and understand:
</p>
! <ul>
! <li>
! neu://superbux
! </li>
! <li>neu://pelle@super</li>
!
! </ul>
- </section>
- <section name="Hierarchical">
- One of the largest problems with DNS is its Hierarchical nature. However that is also one of its best features.
- It makes it easy to understand. We have taken the hierarchical nature of it and taken away the main problem of
- a central point of failure.
- </section>
</body>
--- 8,43 ----
<body>
! <section name="Rethinking PKI">
! <p>
! I am a big believer in Public/Private Key crypto and digital signatures. The core technology is so elegant and
! has so many uses it is a wonder that it never quite took off. Unless you start
! addressing the many problems involved with the actual implementations and applications of the
! technology, see Ian Griggs wonderful rants here and you might understand:
! </p>
!
! <ul><li><a href="http://www.iang.org/ssl/">SSL</a></li>
! <li><a href="http://www.iang.org/ssl/pki_considered_harmful.html">PKI</a></li>
! </ul>
!
! <p>The purpose of writing a new PKI system by scratch for NeuClear was to create a system that was:</p>
!
! <ul><li>Easy to use and understand for average users</li>
! <li>completely legacy free (ie. http (or p2p) not ldap, xml not asn.1 nor x509)</li>
! <li>Not be succeptible to government manipulation such as the dns system.</li>
! <li>Leave CyberSpace <span class="caps">ID</span> to Meat Space <span class="caps">ID</span> mapping to optional higher levels.</li>
! <li>Make accessability a higher priority than theoretical threat analysis (See Ian's rants again above)</li>
! </ul>
<p>
! The NeuClear ID attempts to take flexibility of <a href="http://www.pgp.org">PGP</a> and merge it with the
! ease of use of DNS. We have attempted to stay away from any of the thought processes behind the traditional X509
! CA model as offered by VeriSign, as we belive it doesnt solve any problems and presents too many.
</p>
<p>
! The Core technology is based on XML. With heavy use of the new XML-Signature standard to handle trust and
! security aspects of the framework. The initial implementation is in Java, but there is absolutely no
! reason at all that it couldnt be implemented in say C#, Pythom or Perl.
</p>
! </section>
</body>
|
|
From: <pe...@us...> - 2003-12-08 22:05:14
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/signers/commandline In directory sc8-pr-cvs1:/tmp/cvs-serv10805/src/java/org/neuclear/signers/commandline Modified Files: BuildHttpIdentity.java Log Message: Some further documentation. Added the start of a busy developers guide form neuclear-id Index: BuildHttpIdentity.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/signers/commandline/BuildHttpIdentity.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** BuildHttpIdentity.java 8 Dec 2003 19:32:32 -0000 1.1 --- BuildHttpIdentity.java 8 Dec 2003 22:05:08 -0000 1.2 *************** *** 2,6 **** --- 2,8 ---- import org.neuclear.commons.NeuClearException; + import org.neuclear.commons.Utility; import org.neuclear.commons.crypto.passphraseagents.GuiDialogAgent; + import org.neuclear.commons.crypto.passphraseagents.CommandLineAgent; import org.neuclear.commons.crypto.signers.*; import org.neuclear.id.SignedNamedObject; *************** *** 34,37 **** --- 36,42 ---- $Id$ $Log$ + Revision 1.2 2003/12/08 22:05:08 pelle + Some further documentation. Added the start of a busy developers guide form neuclear-id + Revision 1.1 2003/12/08 19:32:32 pelle Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html *************** *** 60,68 **** public static void main(final String[] args) { try { final JCESigner rootsig = new DefaultSigner(new GuiDialogAgent()); ! final String name="neu://neuclear.org"; ! System.out.println("Creating and Signing"); ! createIdentity(name, rootsig,"mailto:pe...@ne..."); ! createIdentity("neu://veraxpay.com", rootsig,"mailto:pe...@ne..."); } catch (NeuClearException e) { e.printStackTrace(); --- 65,76 ---- public static void main(final String[] args) { try { + if (args.length<2){ + System.err.println("Usage: java org.neuclear.signers.commandline.BuildHttpIdentity name receiver"); + System.err.println("eg. java org.neuclear.signers.commandline.BuildHttpIdentity neu://neuclear.org mailto:bo...@ne..."); + System.exit(1); + } final JCESigner rootsig = new DefaultSigner(new GuiDialogAgent()); ! ! createIdentity(args[0], rootsig,args[1]); } catch (NeuClearException e) { e.printStackTrace(); *************** *** 80,87 **** private static void createIdentity(final String name, final JCESigner rootsig,String receiver) throws NeuClearException, XMLException, IOException { final IdentityBuilder id = new IdentityBuilder( name, rootsig.getPublicKey(name), ! NSTools.isHttpScheme(name), "http://localhost:11870/Signer", "http://logger.neuclear.org", --- 88,102 ---- private static void createIdentity(final String name, final JCESigner rootsig,String receiver) throws NeuClearException, XMLException, IOException { + System.out.println("Creating "+name); + String store = NSTools.isHttpScheme(name); + boolean isTopLevel=!Utility.isEmpty(store); + if (!isTopLevel) { + // If this isn't a top level we will derive the repository from its parent. + store=NSTools.isHttpScheme(NSTools.getParentNSURI(name)); + } final IdentityBuilder id = new IdentityBuilder( name, rootsig.getPublicKey(name), ! store, "http://localhost:11870/Signer", "http://logger.neuclear.org", *************** *** 89,94 **** System.out.println("Signing: " + name); ! id.sign(name,rootsig); ! String filename = "target/testdata/public_html/_NEUID"+NSTools.name2path(name)+"/root.id"; System.out.println("Saving to: "+filename); File fout=new File(filename); --- 104,109 ---- System.out.println("Signing: " + name); ! id.sign((isTopLevel)?name:NSTools.getParentNSURI(name),rootsig); ! String filename = "_NEUID"+NSTools.name2path(name)+"/root.id"; System.out.println("Saving to: "+filename); File fout=new File(filename); |
|
From: <pe...@us...> - 2003-12-08 22:05:14
|
Update of /cvsroot/neuclear/neuclear-id/xdocs
In directory sc8-pr-cvs1:/tmp/cvs-serv10805/xdocs
Modified Files:
navigation.xml
Added Files:
bdg.xml
Log Message:
Some further documentation. Added the start of a busy developers guide form neuclear-id
--- NEW FILE: bdg.xml ---
<?xml version="1.0"?>
<document>
<properties>
<title>The Busy Developer's Guide to the NeuClear ID API</title>
<author email="pe...@ne...">Pelle Braendgaard</author>
</properties>
<body>
<section name="Introduction">
<h3>Scope</h3>
<p>
This document describes in Example form the usage of the NeuClear ID API. The Document is not intended as
an implemntation document or a strict API definition. The current final API Specifications can be found in the
<a href="apidocs/index.html">Project Java Docs</a>.
</p>
<h3>Purpose</h3>
<p>
The main purpose of the NeuClear ID API is to provide a simple framework and API for building applications
using a Public Key Infrastructure (PKI).
</p>
</section>
<section name="Creating an Identity">
<p>
All messages (<a href="apidocs/org/neuclear/id/SignedNamedObject.html">SignedNamedObjects</a> in NeuClear lingo)
in NeuClear ID must be signed by an <a href="apidocs/org/neuclear/id/Identity.html">Identity</a>. So to get started we
must first create a new Identity.
</p>
<p>
The easiest way to get started is to use the neuclear-id-uber.jar from a command line.
We need to have the following ready:
</p>
<ul>
<li>The Name</li>
<li>A default receiver</li>
<li>A Public/Private KeyPair</li>
</ul>
<p>
As we first need to create a top level Identity for your domain we will use the name neu://yourdomain.com as the
Identity name. For now to keep things simple lets use your email address as the default receiver.
</p>
<p>
Now we know the name of our new identity we first need to create our keypair. Sun provides us with a very badly designed
tool called <a href="http://java.sun.com/j2se/1.4.2/docs/tooldocs/solaris/keytool.html">keytool</a> which we can use to
create and store our keypair. The NeuClear toolset will provide its own keygeneration tools soon, but for now we've got to do it like this:
</p>
<source> <![CDATA[
$ keytool -genkey -keyalg RSA -alias neu://yourdomain.com
Enter keystore password: #####
What is your first and last name?
[Unknown]: neu://yourdomain.com
What is the name of your organizational unit?
[Unknown]: Your Domain
What is the name of your organization?
[Unknown]: Your Domain
What is the name of your City or Locality?
[Unknown]: Panama City
What is the name of your State or Province?
[Unknown]: Panama
What is the two-letter country code for this unit?
[Unknown]: PA
Is CN=neu://yourdomain.com, OU=Your Domain, O=Your Domain, L=Panama City, ST=Panama, C=PA correct?
[no]: yes
Enter key password for <neu://yourdomain.com>
(RETURN if same as keystore password):
]]></source>
<p>
This makes our commandline look like this:
</p>
<source> <![CDATA[
java -jar neuclear-id-uber.jar neu://yourdomain.com mailto:joe...@yo...
]]></source>
<p>
</p>
</section>
</body>
</document>
Index: navigation.xml
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/xdocs/navigation.xml,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** navigation.xml 11 Nov 2003 21:18:47 -0000 1.4
--- navigation.xml 8 Dec 2003 22:05:09 -0000 1.5
***************
*** 14,17 ****
--- 14,18 ----
<item name="Front Page" href="/index.html"/>
<item name="Overview" href="/overview.html"/>
+ <item name="Busy Developers Guide" href="/bdg.html"/>
<!-- <item name="SubProjects" href="/subprojects.html">
<item name="XMLSignature Library" href="http://www.NeuClear.org/xmlsig/index.html"/>
|
|
From: <pe...@us...> - 2003-12-08 22:05:12
|
Update of /cvsroot/neuclear/neuclear-id In directory sc8-pr-cvs1:/tmp/cvs-serv10805 Modified Files: project.properties project.xml Log Message: Some further documentation. Added the start of a busy developers guide form neuclear-id Index: project.properties =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/project.properties,v retrieving revision 1.17 retrieving revision 1.18 diff -C2 -d -r1.17 -r1.18 *** project.properties 8 Dec 2003 19:32:33 -0000 1.17 --- project.properties 8 Dec 2003 22:05:09 -0000 1.18 *************** *** 18,23 **** maven.repo.remote = http://neuclear.org/maven/,http://www.ibiblio.org/maven/,http://dist.codehaus.org/ ! #maven.test.skip=true ! maven.uberjar.main = org.neuclear.signers.commandline.CommandLineSigner maven.repo.central = neuclear.org maven.repo.central.directory = /home/sites/neuclear.org/public_html/maven --- 18,23 ---- maven.repo.remote = http://neuclear.org/maven/,http://www.ibiblio.org/maven/,http://dist.codehaus.org/ ! maven.test.skip=true ! maven.uberjar.main = org.neuclear.signers.commandline.BuildHttpIdentity maven.repo.central = neuclear.org maven.repo.central.directory = /home/sites/neuclear.org/public_html/maven Index: project.xml =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/project.xml,v retrieving revision 1.19 retrieving revision 1.20 diff -C2 -d -r1.19 -r1.20 *** project.xml 28 Nov 2003 00:12:59 -0000 1.19 --- project.xml 8 Dec 2003 22:05:09 -0000 1.20 *************** *** 117,120 **** --- 117,124 ---- </dependency> <dependency> + <id>jline</id> + <version>0.8.1</version> + </dependency> + <dependency> <id>junit</id> <name>junit</name> |
|
From: <pe...@us...> - 2003-12-08 22:05:05
|
Update of /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/soap
In directory sc8-pr-cvs1:/tmp/cvs-serv10745/src/java/org/neuclear/xml/soap
Modified Files:
SOAPServlet.java
Log Message:
Some further documentation. Added the start of a busy developers guide form neuclear-id
Index: SOAPServlet.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/soap/SOAPServlet.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** SOAPServlet.java 24 Nov 2003 23:33:15 -0000 1.3
--- SOAPServlet.java 8 Dec 2003 22:05:01 -0000 1.4
***************
*** 1,4 ****
--- 1,7 ----
/* $Id$
* $Log$
+ * Revision 1.4 2003/12/08 22:05:01 pelle
+ * Some further documentation. Added the start of a busy developers guide form neuclear-id
+ *
* Revision 1.3 2003/11/24 23:33:15 pelle
* More Cactus unit testing going on.
***************
*** 96,107 ****
final SAXReader reader = new SAXReader();
final Document doc = reader.read(is);
! // System.out.println("RECEIVED:" + doc.asXML());
! // System.out.println("NEUDIST: SOAP Post Request to " + this.getClass().getName());
final Element bodyElement = doc.getRootElement().element(SOAPTools.createEnvelopeQName());
//TODO: Check for null
final Element requestElement = (Element) bodyElement.elements().get(0);
if (requestElement == null) {
- // System.out.println("NEUDIST: SOAP Request was invalid");
- // System.out.println(doc.asXML());
response.sendError(500, "NEUDIST: SOAP Request was invalid");
}
--- 99,107 ----
final SAXReader reader = new SAXReader();
final Document doc = reader.read(is);
!
final Element bodyElement = doc.getRootElement().element(SOAPTools.createEnvelopeQName());
//TODO: Check for null
final Element requestElement = (Element) bodyElement.elements().get(0);
if (requestElement == null) {
response.sendError(500, "NEUDIST: SOAP Request was invalid");
}
***************
*** 125,129 ****
out.close();
} catch (DocumentException e) {
- // System.out.println("NeuDist: Exception in SOAP Request");
e.printStackTrace(System.out);
response.sendError(500, e.getMessage());
--- 125,128 ----
|
|
From: <pe...@us...> - 2003-12-08 19:32:38
|
Update of /cvsroot/neuclear/neuclear-id In directory sc8-pr-cvs1:/tmp/cvs-serv11933 Modified Files: project.properties Log Message: Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html Index: project.properties =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/project.properties,v retrieving revision 1.16 retrieving revision 1.17 diff -C2 -d -r1.16 -r1.17 *** project.properties 28 Nov 2003 00:12:59 -0000 1.16 --- project.properties 8 Dec 2003 19:32:33 -0000 1.17 *************** *** 18,22 **** maven.repo.remote = http://neuclear.org/maven/,http://www.ibiblio.org/maven/,http://dist.codehaus.org/ ! maven.test.skip=true maven.uberjar.main = org.neuclear.signers.commandline.CommandLineSigner maven.repo.central = neuclear.org --- 18,22 ---- maven.repo.remote = http://neuclear.org/maven/,http://www.ibiblio.org/maven/,http://dist.codehaus.org/ ! #maven.test.skip=true maven.uberjar.main = org.neuclear.signers.commandline.CommandLineSigner maven.repo.central = neuclear.org |
|
From: <pe...@us...> - 2003-12-08 19:32:37
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/store In directory sc8-pr-cvs1:/tmp/cvs-serv11933/src/java/org/neuclear/store Modified Files: EncryptedFileStore.java Log Message: Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html Index: EncryptedFileStore.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/store/EncryptedFileStore.java,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** EncryptedFileStore.java 6 Dec 2003 00:17:04 -0000 1.15 --- EncryptedFileStore.java 8 Dec 2003 19:32:32 -0000 1.16 *************** *** 2,5 **** --- 2,8 ---- * $Id$ * $Log$ + * Revision 1.16 2003/12/08 19:32:32 pelle + * Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html + * * Revision 1.15 2003/12/06 00:17:04 pelle * Updated various areas in NSTools. *************** *** 235,239 **** protected final String getFileName(final String name) throws NeuClearException { final String deURLizedName = NSTools.normalizeNameURI(name); ! final byte[] hash = CryptoTools.formatAsBase36(CryptoTools.digest256(deURLizedName.getBytes())).getBytes(); //if (true) return new String(hash); final int partlength = hash.length / 8; --- 238,242 ---- protected final String getFileName(final String name) throws NeuClearException { final String deURLizedName = NSTools.normalizeNameURI(name); ! final byte[] hash = CryptoTools.formatAsBase36 (CryptoTools.digest256(deURLizedName.getBytes())).getBytes(); //if (true) return new String(hash); final int partlength = hash.length / 8; |
|
From: <pe...@us...> - 2003-12-08 19:32:36
|
Update of /cvsroot/neuclear/neuclear-id/xdocs In directory sc8-pr-cvs1:/tmp/cvs-serv11933/xdocs Modified Files: index.xml Log Message: Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html Index: index.xml =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/xdocs/index.xml,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** index.xml 11 Nov 2003 02:31:47 -0000 1.3 --- index.xml 8 Dec 2003 19:32:33 -0000 1.4 *************** *** 14,18 **** --- 14,40 ---- applications that people have been talking about the last 10 years, but never got of the ground due to usability and logistical reasons. + </p> + </section> + <section name="Rethinking PKI"> + <p> + I am a big believer in Public/Private Key crypto and digital signatures. The core technology is so elegant and + has so many uses it is a wonder that it never quite took off. Unless you start + addressing the many problems involved with the actual implementations and applications of the + technology, see Ian Griggs wonderful rants here and you might understand: + </p> + + <ul><li><a href="http://www.iang.org/ssl/">SSL</a></li> + <li><a href="http://www.iang.org/ssl/pki_considered_harmful.html">PKI</a></li> + </ul> + + <p>The purpose of writing a new PKI system by scratch for NeuClear was to create a system that was:</p> + + <ul><li>Easy to use and understand for average users</li> + <li>completely legacy free (ie. http (or p2p) not ldap, xml not asn.1 nor x509)</li> + <li>Not be succeptible to government manipulation such as the dns system.</li> + <li>Leave CyberSpace <span class="caps">ID</span> to Meat Space <span class="caps">ID</span> mapping to optional higher levels.</li> + <li>Make accessability a higher priority than theoretical threat analysis (See Ian's rants again above)</li> + </ul> <p> The NeuClear ID attempts to take flexibility of <a href="http://www.pgp.org">PGP</a> and merge it with the |
|
From: <pe...@us...> - 2003-12-08 19:32:36
|
Update of /cvsroot/neuclear/neuclear-id/src/test/org/neuclear/id/resolver In directory sc8-pr-cvs1:/tmp/cvs-serv11933/src/test/org/neuclear/id/resolver Added Files: ResolverTests.java Log Message: Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html --- NEW FILE: ResolverTests.java --- package org.neuclear.id.resolver; import junit.framework.TestCase; import org.neuclear.id.InvalidNamedObject; import org.neuclear.commons.NeuClearException; /** * Created by IntelliJ IDEA. * User: pelleb * Date: Dec 8, 2003 * Time: 11:56:22 AM * To change this template use Options | File Templates. */ public class ResolverTests extends TestCase { public void testResolve() throws NeuClearException { assertNotNull(NSResolver.resolveIdentity("neu://test")); assertNotNull(NSResolver.resolveIdentity("neu://bob@test")); assertNotNull(NSResolver.resolveIdentity("neu://alice@test")); assertNotNull(NSResolver.resolveIdentity("neu://neuclear.org")); assertNotNull(NSResolver.resolveIdentity("neu://veraxpay.com")); } } |
|
From: <pe...@us...> - 2003-12-08 19:32:36
|
Update of /cvsroot/neuclear/neuclear-id/src/test/org/neuclear/id In directory sc8-pr-cvs1:/tmp/cvs-serv11933/src/test/org/neuclear/id Modified Files: NSToolsTest.java Log Message: Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html Index: NSToolsTest.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/src/test/org/neuclear/id/NSToolsTest.java,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** NSToolsTest.java 6 Dec 2003 00:17:04 -0000 1.12 --- NSToolsTest.java 8 Dec 2003 19:32:33 -0000 1.13 *************** *** 2,5 **** --- 2,8 ---- $Id$ $Log$ + Revision 1.13 2003/12/08 19:32:33 pelle + Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html + Revision 1.12 2003/12/06 00:17:04 pelle Updated various areas in NSTools. *************** *** 211,214 **** --- 214,226 ---- assertTrue(NSTools.isValidName(NSTools.createUniqueTransactionID("neu://neuclear.org", "neu://bob@neuclear.org"))); assertTrue(NSTools.isValidName(NSTools.createUniqueTransactionID("neu://bob@test.org", "neu://neuclear.org/test"))); + } + public static void testIsHttpScheme(){ + assertNotNull(NSTools.isHttpScheme("neu://neuclear.org")); + assertNotNull(NSTools.isHttpScheme("neu://repository.neuclear.org")); + assertNull(NSTools.isHttpScheme("neu://neuclear.org/test")); + assertNull(NSTools.isHttpScheme("neu://test@neuclear.org/test")); + assertNull(NSTools.isHttpScheme("neu://test@neuclear.org")); + assertNull(NSTools.isHttpScheme("neu://neuclear.org!sdfsdfdsf")); + } } |
|
From: <pe...@us...> - 2003-12-08 19:32:35
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/source In directory sc8-pr-cvs1:/tmp/cvs-serv11933/src/java/org/neuclear/source Modified Files: HttpSource.java Log Message: Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html Index: HttpSource.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/source/HttpSource.java,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** HttpSource.java 6 Dec 2003 00:17:04 -0000 1.11 --- HttpSource.java 8 Dec 2003 19:32:32 -0000 1.12 *************** *** 8,11 **** --- 8,14 ---- * $Id$ * $Log$ + * Revision 1.12 2003/12/08 19:32:32 pelle + * Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html + * * Revision 1.11 2003/12/06 00:17:04 pelle * Updated various areas in NSTools. *************** *** 109,113 **** protected final InputStream getStream(final String endpoint, final String name) throws NeuClearException { try { ! final String urlstring = endpoint + NSTools.name2path(name); final URL url = new URL(urlstring); --- 112,116 ---- protected final InputStream getStream(final String endpoint, final String name) throws NeuClearException { try { ! final String urlstring = endpoint + NSTools.name2path(name)+"/root.id"; final URL url = new URL(urlstring); |
|
From: <pe...@us...> - 2003-12-08 19:32:35
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/signers/commandline In directory sc8-pr-cvs1:/tmp/cvs-serv11933/src/java/org/neuclear/signers/commandline Modified Files: BuildAllTopLevel.java Added Files: BuildHttpIdentity.java Log Message: Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html --- NEW FILE: BuildHttpIdentity.java --- package org.neuclear.signers.commandline; import org.neuclear.commons.NeuClearException; import org.neuclear.commons.crypto.passphraseagents.GuiDialogAgent; import org.neuclear.commons.crypto.signers.*; import org.neuclear.id.SignedNamedObject; import org.neuclear.id.NSTools; import org.neuclear.id.builders.IdentityBuilder; import org.neuclear.store.FileStore; import org.neuclear.store.Store; import org.neuclear.xml.XMLException; import java.io.*; import java.security.GeneralSecurityException; /* NeuClear Distributed Transaction Clearing Platform (C) 2003 Pelle Braendgaard This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA $Id: BuildHttpIdentity.java,v 1.1 2003/12/08 19:32:32 pelle Exp $ $Log: BuildHttpIdentity.java,v $ Revision 1.1 2003/12/08 19:32:32 pelle Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html Revision 1.2 2003/11/21 04:45:13 pelle EncryptedFileStore now works. It uses the PBECipher with DES3 afair. Otherwise You will Finaliate. Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. This should hopefully make everything more stable (and secure). Revision 1.1 2003/11/20 23:42:24 pelle Getting all the tests to work in id Removing usage of BC in CryptoTools as it was causing issues. First version of EntityLedger that will use OFB's EntityEngine. This will allow us to support a vast amount databases without writing SQL. (Yipee) */ /** * User: pelleb * Date: Nov 20, 2003 * Time: 3:26:45 PM */ public final class BuildHttpIdentity { public static void main(final String[] args) { try { final JCESigner rootsig = new DefaultSigner(new GuiDialogAgent()); final String name="neu://neuclear.org"; System.out.println("Creating and Signing"); createIdentity(name, rootsig,"mailto:pe...@ne..."); createIdentity("neu://veraxpay.com", rootsig,"mailto:pe...@ne..."); } catch (NeuClearException e) { e.printStackTrace(); } catch (GeneralSecurityException e) { e.printStackTrace(); } catch (FileNotFoundException e) { e.printStackTrace(); } catch (XMLException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); //To change body of catch statement use Options | File Templates. } System.exit(0); } private static void createIdentity(final String name, final JCESigner rootsig,String receiver) throws NeuClearException, XMLException, IOException { final IdentityBuilder id = new IdentityBuilder( name, rootsig.getPublicKey(name), NSTools.isHttpScheme(name), "http://localhost:11870/Signer", "http://logger.neuclear.org", receiver); System.out.println("Signing: " + name); id.sign(name,rootsig); String filename = "target/testdata/public_html/_NEUID"+NSTools.name2path(name)+"/root.id"; System.out.println("Saving to: "+filename); File fout=new File(filename); fout.getParentFile().mkdirs(); OutputStream os=new FileOutputStream(fout); os.write(id.canonicalize()); os.close(); } } Index: BuildAllTopLevel.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/signers/commandline/BuildAllTopLevel.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** BuildAllTopLevel.java 21 Nov 2003 04:45:13 -0000 1.2 --- BuildAllTopLevel.java 8 Dec 2003 19:32:32 -0000 1.3 *************** *** 33,36 **** --- 33,39 ---- $Id$ $Log$ + Revision 1.3 2003/12/08 19:32:32 pelle + Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html + Revision 1.2 2003/11/21 04:45:13 pelle EncryptedFileStore now works. It uses the PBECipher with DES3 afair. *************** *** 72,75 **** --- 75,79 ---- store.receive(createIdentities("neu://", rootsig, rootsig)); store.receive(createIdentities("neu://test", rootsig, testsig)); + store.receive(createIdentities("neu://pelle@neuclear.org", rootsig, rootsig)); store.receive(createIdentities("neu://pelle", rootsig, rootsig)); store.receive(createIdentities("neu://verax", rootsig, rootsig)); |
|
From: <pe...@us...> - 2003-12-08 19:32:35
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/receiver In directory sc8-pr-cvs1:/tmp/cvs-serv11933/src/java/org/neuclear/receiver Modified Files: ReceiverServlet.java Log Message: Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html Index: ReceiverServlet.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/receiver/ReceiverServlet.java,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** ReceiverServlet.java 28 Nov 2003 00:12:58 -0000 1.10 --- ReceiverServlet.java 8 Dec 2003 19:32:32 -0000 1.11 *************** *** 2,5 **** --- 2,8 ---- * $Id$ * $Log$ + * Revision 1.11 2003/12/08 19:32:32 pelle + * Added support for the http scheme into ID. See http://neuclear.org/archives/000195.html + * * Revision 1.10 2003/11/28 00:12:58 pelle * Getting the NeuClear web transactions working. *************** *** 116,120 **** protected final void handleInputStream(final InputStream is, final HttpServletRequest request, final HttpServletResponse response) throws IOException { ! PrintWriter writer = response.getWriter(); final boolean isXML = request.getContentType().equals("text/xml"); if (isXML) { --- 119,123 ---- protected final void handleInputStream(final InputStream is, final HttpServletRequest request, final HttpServletResponse response) throws IOException { ! final PrintWriter writer = response.getWriter(); final boolean isXML = request.getContentType().equals("text/xml"); if (isXML) { |
570 messages has been excluded from this view by a project administrator.
