/**
* The public key in the certificate and the private key are used to sign the advertisement.
*
* @param paraCert The signer's certificate (public key)
* @param paraPrivateKey The signer's private key.
* @return true, if the signing succeeds. Otherwise, true.
*/
public final synchronized boolean sign(
PSECredential pseCredential, boolean includePublicKey, boolean includePeerID) {
this.xmlSignatureInfoElement = null;
this.xmlSignatureElement = null;
this.xmlSignature = null;
try {
PSEMembershipService pseMembershipService =
(PSEMembershipService) pseCredential.getSourceService();
XMLDocument tempDocNoSig = (XMLDocument) this.getDocument(MimeMediaType.XMLUTF8);
PSEMembershipService.PSEAdvertismentSignatureToken pseAdvertismentSignatureToken =
pseMembershipService.signAdvertisement(tempDocNoSig, includePublicKey, includePeerID);
XMLSignatureInfo xmlSignatureInfo = pseAdvertismentSignatureToken.getXMLSignatureInfo();
xmlSignatureInfoElement = xmlSignatureInfo.getXMLSignatureInfoDocument();
this.xmlSignature = pseAdvertismentSignatureToken.getXMLSignature();
xmlSignatureElement = xmlSignature.getXMLSignatureDocument();
this.authenticated = true;
this.isMember = true;
this.isCorrectMembershipKey = true;
} catch (Exception ex) {
this.xmlSignatureInfoElement = null;
this.xmlSignatureElement = null;
this.xmlSignature = null;
this.authenticated = false;
this.isMember = false;
this.isCorrectMembershipKey = false;
}
return this.authenticated;
}
/**
* This method is used on a newly discovered advertisement, which may or may not bear a a valid or
* invalid signature. If the signature and/or the advertisement has been tampered with, the method
* returns false. If the advertisement is intact after it is signed and published, the method is
* supposed to return true.
*
* @return true, when the signature is verified. Otherwise, false.
*/
public final synchronized boolean verify(
PSECredential pseCredential, boolean verifyKeyWithKeystore) {
try {
if (this.xmlSignatureInfoElement == null || this.xmlSignatureElement == null) {
this.xmlSignature = null;
this.authenticated = false;
return false;
}
PSEMembershipService pseMembershipService =
(PSEMembershipService) pseCredential.getSourceService();
XMLDocument tempDocNoSig = (XMLDocument) this.getSignedDocument();
PSEMembershipService.PSEAdvertismentValidationToken pseAdvertismentValidationToken =
pseMembershipService.validateAdvertisement(tempDocNoSig, true);
if (pseAdvertismentValidationToken.isValid()) {
this.authenticated = pseAdvertismentValidationToken.isValid();
this.isMember = pseAdvertismentValidationToken.isMember();
this.isCorrectMembershipKey = pseAdvertismentValidationToken.isCorrectMembershipKey();
this.xmlSignature = new XMLSignature(xmlSignatureElement);
} else {
this.xmlSignatureInfoElement = null;
this.xmlSignatureElement = null;
this.xmlSignature = null;
this.authenticated = false;
this.isMember = false;
this.isCorrectMembershipKey = false;
}
} catch (Exception ex) {
this.xmlSignatureInfoElement = null;
this.xmlSignatureElement = null;
this.xmlSignature = null;
this.authenticated = false;
this.isMember = false;
this.isCorrectMembershipKey = false;
}
return this.authenticated;
}
