/** * The public key in the certificate and the private key are used to sign the advertisement. * * @param paraCert The signer's certificate (public key) * @param paraPrivateKey The signer's private key. * @return true, if the signing succeeds. Otherwise, true. */ public final synchronized boolean sign( PSECredential pseCredential, boolean includePublicKey, boolean includePeerID) { this.xmlSignatureInfoElement = null; this.xmlSignatureElement = null; this.xmlSignature = null; try { PSEMembershipService pseMembershipService = (PSEMembershipService) pseCredential.getSourceService(); XMLDocument tempDocNoSig = (XMLDocument) this.getDocument(MimeMediaType.XMLUTF8); PSEMembershipService.PSEAdvertismentSignatureToken pseAdvertismentSignatureToken = pseMembershipService.signAdvertisement(tempDocNoSig, includePublicKey, includePeerID); XMLSignatureInfo xmlSignatureInfo = pseAdvertismentSignatureToken.getXMLSignatureInfo(); xmlSignatureInfoElement = xmlSignatureInfo.getXMLSignatureInfoDocument(); this.xmlSignature = pseAdvertismentSignatureToken.getXMLSignature(); xmlSignatureElement = xmlSignature.getXMLSignatureDocument(); this.authenticated = true; this.isMember = true; this.isCorrectMembershipKey = true; } catch (Exception ex) { this.xmlSignatureInfoElement = null; this.xmlSignatureElement = null; this.xmlSignature = null; this.authenticated = false; this.isMember = false; this.isCorrectMembershipKey = false; } return this.authenticated; }
/** * This method is used on a newly discovered advertisement, which may or may not bear a a valid or * invalid signature. If the signature and/or the advertisement has been tampered with, the method * returns false. If the advertisement is intact after it is signed and published, the method is * supposed to return true. * * @return true, when the signature is verified. Otherwise, false. */ public final synchronized boolean verify( PSECredential pseCredential, boolean verifyKeyWithKeystore) { try { if (this.xmlSignatureInfoElement == null || this.xmlSignatureElement == null) { this.xmlSignature = null; this.authenticated = false; return false; } PSEMembershipService pseMembershipService = (PSEMembershipService) pseCredential.getSourceService(); XMLDocument tempDocNoSig = (XMLDocument) this.getSignedDocument(); PSEMembershipService.PSEAdvertismentValidationToken pseAdvertismentValidationToken = pseMembershipService.validateAdvertisement(tempDocNoSig, true); if (pseAdvertismentValidationToken.isValid()) { this.authenticated = pseAdvertismentValidationToken.isValid(); this.isMember = pseAdvertismentValidationToken.isMember(); this.isCorrectMembershipKey = pseAdvertismentValidationToken.isCorrectMembershipKey(); this.xmlSignature = new XMLSignature(xmlSignatureElement); } else { this.xmlSignatureInfoElement = null; this.xmlSignatureElement = null; this.xmlSignature = null; this.authenticated = false; this.isMember = false; this.isCorrectMembershipKey = false; } } catch (Exception ex) { this.xmlSignatureInfoElement = null; this.xmlSignatureElement = null; this.xmlSignature = null; this.authenticated = false; this.isMember = false; this.isCorrectMembershipKey = false; } return this.authenticated; }