1 27 package ch.ethz.prose; 28 29 import java.io.FileInputStream ; 31 import java.io.IOException ; 32 import java.rmi.MarshalledObject ; 33 import java.security.InvalidKeyException ; 34 import java.security.KeyPair ; 35 import java.security.KeyStore ; 36 import java.security.NoSuchAlgorithmException ; 37 import java.security.PrivateKey ; 38 import java.security.PublicKey ; 39 import java.security.Signature ; 40 import java.security.SignatureException ; 41 import java.security.SignedObject ; 42 import java.util.List ; 43 44 import ch.ethz.prose.crosscut.Crosscut; 45 import ch.ethz.inf.util.Logger; 46 47 80 final public class SignedAspect extends Aspect { 81 private static KeyPair keyPair; 82 83 private SignedObject signedExtension; 84 private PublicKey publicKey; 85 87 transient Aspect wrappedExtension; 88 transient boolean verified = false; 89 90 91 98 public SignedAspect(Aspect extension, KeyPair keys) { 99 publicKey = keys.getPublic(); 100 101 try { 102 Signature signingEngine = Signature.getInstance(getSigningAlgorithm()); 103 signedExtension = new SignedObject (new MarshalledObject (extension), keys.getPrivate(), signingEngine); 104 } catch (Exception e) { 105 throw new IllegalArgumentException ("failed to sign extension ("+e+")"); 106 } 107 } 108 109 public void insertionAction(boolean beforeInsertion) throws AspectInsertionException { 111 getExtension().insertionAction(beforeInsertion); 112 } 113 114 115 public void withdrawalAction(boolean beforeWithdrawal) { 116 getExtension().withdrawalAction(beforeWithdrawal); 117 } 118 119 protected Crosscut[] crosscuts() 120 { 121 return getExtension().crosscuts(); 122 } 123 124 public List getCrosscuts() { 125 return getExtension().getCrosscuts(); 126 } 127 128 134 public static SignedAspect signExtension(Aspect ext) { 135 try { 136 if (keyPair == null) { 137 String ksl = System.getProperty("ch.ethz.prose.keystore.location"); 138 String ksp = System.getProperty("ch.ethz.prose.keystore.password"); 139 String alias = "runes-system"; 141 KeyStore ks = KeyStore.getInstance("JKS"); 142 ks.load(new FileInputStream (ksl), ksp.toCharArray()); 143 PrivateKey privateKey = (PrivateKey ) ks.getKey(alias, alias.toCharArray()); PublicKey publicKey = ks.getCertificate(alias).getPublicKey(); 145 keyPair = new KeyPair (publicKey, privateKey); 146 } 147 148 return new SignedAspect(ext, keyPair); 149 150 } catch (Exception e) { 151 Logger.error("SignedAspect.signExtension: could not sign extension", e); 152 throw new IllegalStateException ("could not sign extension"); 153 } 154 } 155 156 163 public void verifyExtension() throws NoSuchAlgorithmException , SignatureException , InvalidKeyException { 164 Signature verificationEngine = Signature.getInstance(getSigningAlgorithm()); 165 signedExtension.verify(publicKey, verificationEngine); 166 verified = true; 167 } 168 169 175 public Aspect getExtension() { 176 try { 177 if (wrappedExtension == null) { 178 wrappedExtension = (Aspect) ((MarshalledObject ) signedExtension.getObject()).get(); 179 } 180 181 return wrappedExtension; 182 183 } catch (IOException e) { 184 Logger.error("SignedAspect.getExtension: io exception", e); 185 throw new RuntimeException ("contained exception " + e); 186 187 } catch (ClassNotFoundException e) { 188 Logger.error("SignedAspect.getExtension: class not found", e); 189 throw new RuntimeException ("contained exception " + e); 190 } 191 } 192 193 198 public PublicKey getPublicKey() { 199 return publicKey; 200 } 201 202 207 public String getSigningAlgorithm() { 208 String signingAlgorithm; 209 210 if (publicKey.getAlgorithm().equals("DSA")) { 211 signingAlgorithm = "SHA1withDSA"; 212 213 } else if (publicKey.getAlgorithm().equals("RSA")) { 214 signingAlgorithm = "MD5withRSA"; 215 216 } else { 217 throw new IllegalArgumentException ("unknown key algorithm, currently supported are DSA and RSA"); 218 } 219 220 return signingAlgorithm; 221 } 222 223 227 public String toString() { 228 if (wrappedExtension != null) { 229 return "SignedAspect, "+ (verified?"verified":"not verified") +", containing " + wrappedExtension.toString(); 230 231 } else { 232 return "SignedAspect, not accessed"; 233 } 234 } 235 236 240 244 245 248 public boolean equals(Object o) { 249 if (o instanceof SignedAspect) { 250 return getExtension().equals(((SignedAspect) o).getExtension()); 251 252 } else if (o instanceof Aspect) { 253 return getExtension().equals(o); 254 255 } else { 256 return false; 257 } 258 } 259 260 263 public int hashCode() { 264 return getExtension().hashCode(); 265 } 266 } 267 268 269 | Popular Tags |