Esempio n. 1
0
  /**
   * The public key in the certificate and the private key are used to sign the advertisement.
   *
   * @param paraCert The signer's certificate (public key)
   * @param paraPrivateKey The signer's private key.
   * @return true, if the signing succeeds. Otherwise, true.
   */
  public final synchronized boolean sign(
      PSECredential pseCredential, boolean includePublicKey, boolean includePeerID) {
    this.xmlSignatureInfoElement = null;
    this.xmlSignatureElement = null;
    this.xmlSignature = null;
    try {
      PSEMembershipService pseMembershipService =
          (PSEMembershipService) pseCredential.getSourceService();
      XMLDocument tempDocNoSig = (XMLDocument) this.getDocument(MimeMediaType.XMLUTF8);
      PSEMembershipService.PSEAdvertismentSignatureToken pseAdvertismentSignatureToken =
          pseMembershipService.signAdvertisement(tempDocNoSig, includePublicKey, includePeerID);
      XMLSignatureInfo xmlSignatureInfo = pseAdvertismentSignatureToken.getXMLSignatureInfo();
      xmlSignatureInfoElement = xmlSignatureInfo.getXMLSignatureInfoDocument();
      this.xmlSignature = pseAdvertismentSignatureToken.getXMLSignature();
      xmlSignatureElement = xmlSignature.getXMLSignatureDocument();
      this.authenticated = true;
      this.isMember = true;
      this.isCorrectMembershipKey = true;
    } catch (Exception ex) {
      this.xmlSignatureInfoElement = null;
      this.xmlSignatureElement = null;
      this.xmlSignature = null;
      this.authenticated = false;
      this.isMember = false;
      this.isCorrectMembershipKey = false;
    }

    return this.authenticated;
  }
Esempio n. 2
0
  /**
   * This method is used on a newly discovered advertisement, which may or may not bear a a valid or
   * invalid signature. If the signature and/or the advertisement has been tampered with, the method
   * returns false. If the advertisement is intact after it is signed and published, the method is
   * supposed to return true.
   *
   * @return true, when the signature is verified. Otherwise, false.
   */
  public final synchronized boolean verify(
      PSECredential pseCredential, boolean verifyKeyWithKeystore) {
    try {

      if (this.xmlSignatureInfoElement == null || this.xmlSignatureElement == null) {
        this.xmlSignature = null;
        this.authenticated = false;
        return false;
      }

      PSEMembershipService pseMembershipService =
          (PSEMembershipService) pseCredential.getSourceService();
      XMLDocument tempDocNoSig = (XMLDocument) this.getSignedDocument();
      PSEMembershipService.PSEAdvertismentValidationToken pseAdvertismentValidationToken =
          pseMembershipService.validateAdvertisement(tempDocNoSig, true);

      if (pseAdvertismentValidationToken.isValid()) {
        this.authenticated = pseAdvertismentValidationToken.isValid();
        this.isMember = pseAdvertismentValidationToken.isMember();
        this.isCorrectMembershipKey = pseAdvertismentValidationToken.isCorrectMembershipKey();
        this.xmlSignature = new XMLSignature(xmlSignatureElement);
      } else {
        this.xmlSignatureInfoElement = null;
        this.xmlSignatureElement = null;
        this.xmlSignature = null;
        this.authenticated = false;
        this.isMember = false;
        this.isCorrectMembershipKey = false;
      }
    } catch (Exception ex) {
      this.xmlSignatureInfoElement = null;
      this.xmlSignatureElement = null;
      this.xmlSignature = null;
      this.authenticated = false;
      this.isMember = false;
      this.isCorrectMembershipKey = false;
    }
    return this.authenticated;
  }