KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > objectweb > proactive > ext > security > ProActiveSecurityManager


1 /*
2 * ################################################################
3 *
4 * ProActive: The Java(TM) library for Parallel, Distributed,
5 * Concurrent computing with Security and Mobility
6 *
7 * Copyright (C) 1997-2002 INRIA/University of Nice-Sophia Antipolis
8 * Contact: proactive-support@inria.fr
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
23 * USA
24 *
25 * Initial developer(s): The ProActive Team
26 * http://www.inria.fr/oasis/ProActive/contacts.html
27 * Contributor(s):
28 *
29 * ################################################################
30 */
31 package org.objectweb.proactive.ext.security;
32
33 import java.io.ByteArrayInputStream JavaDoc;
34 import java.io.ByteArrayOutputStream JavaDoc;
35 import java.io.File JavaDoc;
36 import java.io.FileInputStream JavaDoc;
37 import java.io.IOException JavaDoc;
38 import java.io.InputStream JavaDoc;
39 import java.io.Serializable JavaDoc;
40 import java.security.Key JavaDoc;
41 import java.security.KeyFactory JavaDoc;
42 import java.security.PrivateKey JavaDoc;
43 import java.security.Provider JavaDoc;
44 import java.security.PublicKey JavaDoc;
45 import java.security.SecureRandom JavaDoc;
46 import java.security.Security JavaDoc;
47 import java.security.Signature JavaDoc;
48 import java.security.SignedObject JavaDoc;
49 import java.security.cert.CertificateEncodingException JavaDoc;
50 import java.security.cert.CertificateExpiredException JavaDoc;
51 import java.security.cert.CertificateFactory JavaDoc;
52 import java.security.cert.CertificateNotYetValidException JavaDoc;
53 import java.security.cert.X509Certificate JavaDoc;
54 import java.security.interfaces.RSAPrivateKey JavaDoc;
55 import java.security.spec.PKCS8EncodedKeySpec JavaDoc;
56 import java.security.spec.X509EncodedKeySpec JavaDoc;
57 import java.util.ArrayList JavaDoc;
58 import java.util.Enumeration JavaDoc;
59 import java.util.Hashtable JavaDoc;
60 import java.util.Random JavaDoc;
61
62 import javax.crypto.Cipher;
63 import javax.crypto.KeyGenerator;
64 import javax.crypto.SecretKey;
65 import javax.crypto.spec.IvParameterSpec;
66 import javax.crypto.spec.SecretKeySpec;
67
68 import org.apache.log4j.Logger;
69 import org.objectweb.proactive.core.ProActiveException;
70 import org.objectweb.proactive.core.body.BodyImpl;
71 import org.objectweb.proactive.core.body.UniversalBody;
72 import org.objectweb.proactive.core.node.Node;
73 import org.objectweb.proactive.core.node.NodeException;
74 import org.objectweb.proactive.core.node.NodeFactory;
75 import org.objectweb.proactive.core.runtime.ProActiveRuntimeImpl;
76 import org.objectweb.proactive.core.runtime.RuntimeFactory;
77 import org.objectweb.proactive.core.xml.XMLPropertiesStore;
78 import org.objectweb.proactive.examples.garden.Flower;
79 import org.objectweb.proactive.ext.security.crypto.AuthenticationException;
80 import org.objectweb.proactive.ext.security.crypto.AuthenticationTicket;
81 import org.objectweb.proactive.ext.security.crypto.AuthenticationTicketProperty;
82 import org.objectweb.proactive.ext.security.crypto.ConfidentialityTicket;
83 import org.objectweb.proactive.ext.security.crypto.KeyExchangeException;
84 import org.objectweb.proactive.ext.security.crypto.RandomLongGenerator;
85 import org.objectweb.proactive.ext.security.crypto.Session;
86 import org.xml.sax.SAXException JavaDoc;
87
88 import sun.rmi.server.MarshalOutputStream;
89
90
91 /**
92  * @author acontes
93  *
94  * To change this generated comment edit the template variable "typecomment":
95  * Window>Preferences>Java>Templates.
96  * To enable and disable the creation of type comments go to
97  * Window>Preferences>Java>Code Generation.
98  */
99 public class ProActiveSecurityManager implements Serializable JavaDoc {
100     protected static Logger logger = Logger.getLogger(ProActiveSecurityManager.class.getName());
101
102     /* contains all active sessions for the current active object */
103     protected Hashtable JavaDoc sessions;
104
105     /* random generator used for generating sesssion key */
106     protected transient RandomLongGenerator randomLongGenerator;
107
108     /* Policy server */
109     protected PolicyServer policyServer;
110
111     /* Active object certificate */
112     protected X509Certificate JavaDoc certificate;
113
114     /* Active Object private Key */
115     protected PrivateKey JavaDoc privateKey;
116
117     /* owner certificate */
118     protected transient X509Certificate JavaDoc parentCertificate;
119     protected PublicKey JavaDoc publicKey;
120     protected byte[] privateKeyEncoded;
121     protected X509Certificate JavaDoc[] trustedCertificationAuthority;
122     protected XMLPropertiesStore policiesRules;
123     protected transient UniversalBody myBody;
124     protected String JavaDoc VNName;
125
126     // protected UniversalBody body;
127
128     /**
129      * This a the default constructor to use with the ProActiveSecurityManager
130      */
131     public ProActiveSecurityManager() {
132         sessions = new Hashtable JavaDoc();
133     }
134
135     /**
136      * Method ProActiveSecurityManager.
137      * @param file the file containing the policy
138      * @throws IOException if the file doesn't exist
139      */
140     public ProActiveSecurityManager(X509Certificate JavaDoc certificate, PrivateKey JavaDoc pk,
141         PolicyServer ps) {
142         Provider JavaDoc myProvider = new org.bouncycastle.jce.provider.BouncyCastleProvider();
143         Security.addProvider(myProvider);
144         this.policyServer = ps;
145         this.certificate = certificate;
146         this.privateKey = pk;
147         publicKey = certificate.getPublicKey();
148         sessions = new Hashtable JavaDoc();
149         logger.debug(
150             "psm +-+--+-+-++-+-+-++-++-+--+-+-+-+-+-+-+-+-+-+-+-++--+-+-+-+-+-+-+-+ ");
151     }
152
153     public ProActiveSecurityManager(String JavaDoc file) throws java.io.IOException JavaDoc {
154         Provider JavaDoc myProvider = new org.bouncycastle.jce.provider.BouncyCastleProvider();
155         Security.addProvider(myProvider);
156         sessions = new Hashtable JavaDoc();
157
158         if ((new File JavaDoc(file)).exists()) {
159             this.policiesRules = new XMLPropertiesStore(file);
160             try {
161                 this.policyServer = ProActiveSecurityDescriptorHandler.createPolicyServer(file);
162             } catch (IOException JavaDoc e) {
163                 e.printStackTrace();
164             } catch (SAXException JavaDoc e) {
165                 e.printStackTrace();
166             }
167             setCertificate();
168             setPrivateKey();
169             setTrustedCertificationAuthority();
170             publicKey = certificate.getPublicKey();
171         }
172         logger.debug("psm" + file +
173             " +-+--+-+-++-+-+-++-++-+--+-+-+-+-+-+-+-+-+-+-+-++--+-+-+-+-+-+-+-+ ");
174     }
175
176     public void setBody(UniversalBody body) {
177         myBody = body;
178     }
179
180     /**
181      * Method setCertificate.
182      * set the certificate of the active object
183      */
184     private void setCertificate() {
185         String JavaDoc certificateFile = policiesRules.getValueAsString(SecurityConstants.XML_CERTIFICATE)
186                                               .trim();
187         X509Certificate JavaDoc certificate = null;
188
189         try {
190             InputStream JavaDoc inStream = new FileInputStream JavaDoc(certificateFile);
191             CertificateFactory JavaDoc cfe = CertificateFactory.getInstance("X.509");
192             certificate = (X509Certificate JavaDoc) cfe.generateCertificate(inStream);
193             inStream.close();
194         } catch (IOException JavaDoc e) {
195             logger.warn(" Certificate file " + certificateFile + " not found");
196             e.printStackTrace();
197         } catch (java.security.cert.CertificateException JavaDoc e) {
198             logger.warn(
199                 "An error occurs while loading active object certificate");
200             e.printStackTrace();
201         }
202
203         this.certificate = certificate;
204     }
205
206     /**
207             * Method getPolicyTo.
208             * @param certificate the object certificate we want to get the policy from
209             * @return Policy policy attributes
210             */
211     public SecurityContext getPolicy(SecurityContext securityContext)
212         throws SecurityNotAvailableException {
213         if (policyServer == null) {
214             // if Active Obect policy server is null, maybe a runtime poilicy server exists
215 try {
216                 policyServer = RuntimeFactory.getDefaultRuntime()
217                                              .getPolicyServer();
218                 if (policyServer == null) {
219                     throw new SecurityNotAvailableException(
220                         "No Runtime nor Active Object Policy server found");
221                 }
222             } catch (ProActiveException e) {
223                 throw new SecurityNotAvailableException(
224                     "No Runtime nor Active Object Policy server found");
225             }
226         }
227         return policyServer.getPolicy(securityContext);
228     }
229
230     /**
231      * Method getPolicyTo.
232      * @param certificate the object certificate we want to get the policy from
233      * @return Policy policy attributes
234      */
235     public Policy getPolicyTo(X509Certificate JavaDoc certificate) {
236         return policyServer.getPolicyTo(certificate);
237     }
238
239     /**
240      * Method getPolicyTo.
241      * @param certificate the object certificate we want to get the policy from
242      * @return Policy policy attributes
243      */
244     public Communication getPolicyTo(String JavaDoc type, String JavaDoc from, String JavaDoc to)
245         throws SecurityNotAvailableException {
246         if (policyServer == null) {
247             throw new SecurityNotAvailableException();
248         }
249         return policyServer.getPolicyTo(type, from, to);
250     }
251
252     /**
253      * Method setTrustedCertificationAuthority.
254      * Loads external trusted certification authority if exist
255      * Done once when the ProActiveSecurityManager is created
256      */
257     private void setTrustedCertificationAuthority() {
258         X509Certificate JavaDoc[] trustedCertificationAuthority = null;
259         X509Certificate JavaDoc certificate;
260         String JavaDoc file = "";
261
262         try {
263             org.w3c.dom.Node JavaDoc[] nodes = policiesRules.getAllNodes(SecurityConstants.XML_TRUSTED_CERTIFICATION_AUTHORITY);
264
265             if (nodes == null) {
266         // logger.info(" No Trusted Certification Authority");
267
268                 return;
269             }
270
271             int i = 0;
272
273             // initialize the array of trusted CA
274 trustedCertificationAuthority = new X509Certificate JavaDoc[nodes.length];
275
276             // prepare to read CA certificate
277 InputStream JavaDoc inStream = null;
278
279             // read all certificate from disk and save it in memory
280 for (; i < nodes.length; i++) {
281                 // get the file path
282 file = policiesRules.getValueAsString(SecurityConstants.XML_CERTIFICATION_AUTHORITY_CERTIFICATE,
283                         nodes[i]);
284                 file = file.trim();
285
286                 //initialize the reader
287 inStream = new FileInputStream JavaDoc(file);
288
289                 CertificateFactory JavaDoc cfe = CertificateFactory.getInstance("X.509");
290                 certificate = (X509Certificate JavaDoc) cfe.generateCertificate(inStream);
291
292                 // Add the certificate
293 trustedCertificationAuthority[i] = certificate;
294             }
295
296             // close the stream
297 if (inStream != null) {
298                 inStream.close();
299             }
300         } catch (java.security.cert.CertificateException JavaDoc e) {
301             System.out.println(
302                 "An error occurs while loading authority certification certificate");
303             e.printStackTrace();
304         } catch (IOException JavaDoc e) {
305             e.printStackTrace();
306         }
307
308         this.trustedCertificationAuthority = trustedCertificationAuthority;
309     }
310
311     private void decodePrivateKey() {
312         RSAPrivateKey JavaDoc privateKey = null;
313
314         try {
315             KeyFactory JavaDoc key_factory = KeyFactory.getInstance("RSA", "BC");
316             PKCS8EncodedKeySpec JavaDoc key_spec = new PKCS8EncodedKeySpec JavaDoc(privateKeyEncoded);
317             privateKey = (RSAPrivateKey JavaDoc) key_factory.generatePrivate(key_spec);
318         } catch (java.security.spec.InvalidKeySpecException JavaDoc e) {
319             System.out.println("private key invalide");
320             e.printStackTrace();
321         } catch (java.security.NoSuchAlgorithmException JavaDoc e) {
322             e.printStackTrace();
323         } catch (java.security.NoSuchProviderException JavaDoc e) {
324             e.printStackTrace();
325         }
326
327         this.privateKey = privateKey;
328     }
329
330     /**
331      * Method setPrivateKey.
332      * sets the private key of the active object
333      */
334     private void setPrivateKey() {
335       // logger.info("Loading private key ...");
336
337         String JavaDoc privateKeyFile = policiesRules.getValueAsString(SecurityConstants.XML_PRIVATE_KEY)
338                                              .trim();
339         RSAPrivateKey JavaDoc privateKey = null;
340         PKCS8EncodedKeySpec JavaDoc key_spec = null;
341
342         byte[] key_bytes = null;
343
344         try {
345             FileInputStream JavaDoc fis = new FileInputStream JavaDoc(privateKeyFile);
346             ByteArrayOutputStream JavaDoc key_baos = new ByteArrayOutputStream JavaDoc();
347             int aByte = 0;
348
349             while ((aByte = fis.read()) != -1) {
350                 key_baos.write(aByte);
351             }
352
353             fis.close();
354             key_bytes = key_baos.toByteArray();
355             key_baos.close();
356
357             KeyFactory JavaDoc key_factory = KeyFactory.getInstance("RSA", "BC");
358             key_spec = new PKCS8EncodedKeySpec JavaDoc(key_bytes);
359             privateKey = (RSAPrivateKey JavaDoc) key_factory.generatePrivate(key_spec);
360         } catch (IOException JavaDoc e) {
361             System.out.println("Private Key not found : file " +
362                 privateKeyFile + " not found");
363             e.printStackTrace();
364         } catch (java.security.spec.InvalidKeySpecException JavaDoc e) {
365             System.out.println("private key invalide :" + privateKeyFile);
366             e.printStackTrace();
367         } catch (java.security.NoSuchAlgorithmException JavaDoc e) {
368             e.printStackTrace();
369         } catch (java.security.NoSuchProviderException JavaDoc e) {
370             e.printStackTrace();
371         }
372
373         this.privateKeyEncoded = key_bytes;
374         this.privateKey = privateKey;
375      // logger.info("Loading private key done ...");
376 }
377
378     /**
379      * Method initiateSession. This method is the entry point for an secured communication. We get local and distant policies,
380      * compute it, and generate the result policy, then if needed, we start an symmetric key exchange to encrypt the communication.
381      * @param distantBody
382      * @throws CommunicationForbiddenException
383      * @throws AuthenticationException
384      */
385     public void initiateSession(int type, UniversalBody distantBody)
386         throws CommunicationForbiddenException,
387             org.objectweb.proactive.ext.security.crypto.AuthenticationException,
388             RenegotiateSessionException, SecurityNotAvailableException {
389         X509Certificate JavaDoc distantBodyCertificate = null;
390         Communication localPolicy = null;
391         Communication distantBodyPolicy = null;
392
393         PolicyServer runtimePolicyServer = null;
394
395         distantBody = distantBody.getRemoteAdapter();
396
397         // get runtime Policy Server if exists
398 try {
399             runtimePolicyServer = RuntimeFactory.getDefaultRuntime()
400                                                 .getPolicyServer();
401         } catch (ProActiveException e1) {
402             e1.printStackTrace();
403         }
404
405         // identify local Virtual Node
406 Node n = null;
407
408         //System.out.println ("myBody is intanceof HalfBody " + (myBody instanceof HalfBody) + myBody + " " + myBody.getClass());
409 logger.debug(" myBody.getNodeURL() : " + myBody.getNodeURL() +
410             "VNNAME " + VNName);
411         if (VNName == null) {
412             // && (! myBody.getNodeURL().equals("LOCAL"))) {
413 // can be null if security was not enable at lauching time
414 // retrieving node's virtual node name
415 try {
416                 //logger.debug (" myBody.getNodeURL() : "+ myBody.getNodeURL());
417 System.out.println("NODE LOCAL");
418                 if (myBody.getNodeURL().equals ("LOCAL")) {
419                 VNName = NodeFactory.getDefaultNode().getVnName();
420                     
421                 } else {
422                     System.out.println("NODE PAS LOCAL");
423                 n = NodeFactory.getNode(myBody.getNodeURL());
424                 VNName = ProActiveSecurity.retrieveVNName(n.getNodeInformation()
425                                                            .getName());
426                 }
427             } catch (NodeException e2) {
428                 e2.printStackTrace();
429             }
430
431             //} else {
432 // VNName = "*";
433 }
434         if (n != null) {
435             logger.debug("sender : node ' " + n.getNodeInformation().getURL() +
436                 " " + n.getNodeInformation().getName() +
437                 "' - virtual node : '" + VNName);
438         }
439
440         String JavaDoc distantOAVirtualNode = null;
441
442         try {
443             distantOAVirtualNode = distantBody.getVNName();
444         } catch (IOException JavaDoc e3) {
445             e3.printStackTrace();
446         }
447
448         Communication runtimePolicy;
449         Communication VNPolicy;
450         Communication distantPolicy;
451         runtimePolicy = VNPolicy = distantBodyPolicy = null;
452         ArrayList JavaDoc arrayFrom = new ArrayList JavaDoc();
453         ArrayList JavaDoc arrayTo = new ArrayList JavaDoc();
454
455         if (VNName == null) {
456             arrayFrom.add(new DefaultEntity());
457         } else {
458             try {
459                 arrayFrom = myBody.getEntities();
460             } catch (SecurityNotAvailableException e2) {
461             } catch (IOException JavaDoc e2) {
462             }
463
464             //arrayFrom.add(new EntityVirtualNode(VNName));
465 }
466         if (distantOAVirtualNode == null) {
467             arrayTo.add(new DefaultEntity());
468         } else {
469             try {
470                 arrayTo = distantBody.getEntities();
471             } catch (IOException JavaDoc e2) {
472                 e2.printStackTrace();
473             }
474
475             ///arrayTo.add(new EntityVirtualNode(distantOAVirtualNode));
476 }
477         if (runtimePolicyServer != null) {
478             if (distantOAVirtualNode == null) {
479                 // distant Active Object is not security aware
480 distantOAVirtualNode = "*";
481             }
482             SecurityContext sc = new SecurityContext(SecurityContext.COMMUNICATION_SEND_REQUEST_TO,
483                     arrayFrom, arrayTo);
484             localPolicy = runtimePolicyServer.getPolicy(sc).getSendRequest();
485         } else {
486             logger.debug("No Runtime policy server installed : VN[ " + VNName +
487                 "], node " + myBody.getNodeURL());
488             localPolicy = new Communication();
489         }
490         if (!localPolicy.isCommunicationAllowed()) {
491             throw new CommunicationForbiddenException(
492                 "Sending request is denied to " + distantOAVirtualNode);
493         }
494
495         try {
496             SecurityContext sc = new SecurityContext(SecurityContext.COMMUNICATION_RECEIVE_REQUEST_FROM,
497                     arrayFrom, arrayTo);
498             distantPolicy = distantBody.getPolicy(sc).getReceiveRequest();
499
500             if (!distantPolicy.isCommunicationAllowed()) {
501                 throw new CommunicationForbiddenException(
502                     "Receiving request id denied for " + distantOAVirtualNode);
503             }
504
505             if (distantBodyPolicy == null) {
506                 distantBodyPolicy = new Communication();
507             }
508
509             Communication resultPolicy = Communication.computeCommunication(localPolicy,
510                     distantBodyPolicy);
511
512             long sessionID = 0;
513
514             try {
515                 sessionID = distantBody.startNewSession(resultPolicy);
516             } catch (IOException JavaDoc e) {
517                 logger.warn("can't start a new session");
518                 e.printStackTrace();
519                 throw new org.objectweb.proactive.ext.security.crypto.AuthenticationException();
520             }
521
522             Session session = null;
523
524             try {
525                 session = new Session(sessionID, resultPolicy);
526             } catch (Exception JavaDoc e) {
527                 e.printStackTrace();
528             }
529
530             session.distantBody = distantBody;
531             session.setDistantOACertificate(distantBodyCertificate);
532             sessions.put(new Long JavaDoc(sessionID), session);
533
534             if (distantBodyCertificate != null) {
535                 session.setDistantOAPublicKey(distantBodyCertificate.getPublicKey());
536             } else {
537                 session.setDistantOAPublicKey(distantBody.getPublicKey());
538             }
539
540             try {
541                 logger.debug("VN[" + VNName + "]:" + myBody + " -> VN " +
542                     distantOAVirtualNode + "Key echange session id :" +
543                     sessionID);
544                 keyNegociationSenderSide(distantBody, sessionID);
545             } catch (KeyExchangeException e) {
546                 logger.warn("Key exchange exception ");
547                 // System.exit(0);
548 throw new CommunicationForbiddenException();
549             }
550         } catch (java.io.IOException JavaDoc e) {
551             logger.warn("exception thrown while initiating the session");
552             e.printStackTrace();
553         }
554     }
555
556     public X509Certificate JavaDoc getCertificate() {
557         return certificate;
558     }
559
560     public void terminateSession(UniversalBody body, long sessionID) {
561         terminateSession(sessionID);
562     }
563
564     public void terminateSession(long sessionID) {
565         synchronized (sessions) {
566             sessions.remove(new Long JavaDoc(sessionID));
567
568             Session s = (Session) sessions.get(new Long JavaDoc(sessionID));
569             if (s == null) {
570                 System.out.println("Session " + sessionID +
571                     " deleted, new size " + sessions.size());
572             } else {
573                 System.out.println("ARRRRGGGGGGG Session " + sessionID +
574                     " not deleted");
575             }
576         }
577     }
578
579     public long startNewSession(Communication po) {
580         long id = 0;
581         Policy defaultPolicy = new Policy();
582         if (!defaultPolicy.equals(po)) {
583             try {
584                 Session ses = null;
585                 id = new Random JavaDoc().nextLong() + System.currentTimeMillis();
586
587                 Session newSession = ses = new Session(id, po);
588                 sessions.put(new Long JavaDoc(id), newSession);
589             } catch (Exception JavaDoc e) {
590                 e.printStackTrace();
591             }
592         }
593
594         return id;
595     }
596
597     /**
598      * Method encrypt.
599      * @param sessionID the session we use to encrypt the Object
600      * @param object the object to encrypt
601      * @return byte[][] encrypted result
602      */
603     public byte[][] encrypt(long sessionID, Object JavaDoc object) {
604         Session session = (Session) sessions.get(new Long JavaDoc(sessionID));
605         if (session != null) {
606             try {
607                 ByteArrayOutputStream JavaDoc bout = new ByteArrayOutputStream JavaDoc();
608
609                 MarshalOutputStream out = new MarshalOutputStream(bout);
610                 out.writeObject(object);
611                 out.flush();
612                 out.close();
613
614                 byte[] byteArray = bout.toByteArray();
615
616                 bout.close();
617
618                 return session.writePDU(byteArray);
619             } catch (Exception JavaDoc e) {
620                 e.printStackTrace();
621             }
622
623             // return encryptionEngine.encrypt(message, ((Session) sessions.get(s)).getSessionKey(id));
624 }
625
626         return null;
627     }
628
629     /**
630      * Method decrypt.
631      * @param sessionID the session we use to decrypt the message
632      * @param message the message to decrypt
633      * @return byte[] the decrypted message returns as byte array
634      */
635     public byte[] decrypt(long sessionID, byte[][] message)
636         throws RenegotiateSessionException {
637         Session session = (Session) sessions.get(new Long JavaDoc(sessionID));
638         if (session != null) {
639             try {
640                 return session.readPDU(message[0], message[1]);
641             } catch (Exception JavaDoc e) {
642                 e.printStackTrace();
643             }
644         } else {
645             Object JavaDoc o;
646             if (myBody instanceof BodyImpl) {
647                 o = ((Flower) ((BodyImpl) myBody).getReifiedObject()).getName();
648             } else {
649                 o = "HalfBody ";
650             }
651             logger.warn(o + "I have not find " + sessionID +
652                 " session to decrypt the message ");
653             throw new RenegotiateSessionException(myBody.getRemoteAdapter());
654         }
655
656         return null;
657     }
658
659     public boolean mutualAuthenticationSenderSide(UniversalBody distantBody,
660         X509Certificate JavaDoc distantBodyCertificate) throws AuthenticationException {
661         checkCertificate(distantBodyCertificate);
662         unilateralAuthenticationSenderSide(distantBody);
663
664         return true;
665     }
666
667     /**
668      * Method checkCertificate. Checks the validity of an certificate
669      * @param distantBodyCertificate the certificate to check
670      * @return boolean. returns true if the certificate is valid, false otherwise
671      */
672     private boolean checkCertificate(X509Certificate JavaDoc distantBodyCertificate) {
673         // logger.info("Checking distant OA certificate validity");
674 try {
675             distantBodyCertificate.checkValidity();
676         } catch (CertificateExpiredException JavaDoc e) {
677             logger.warn(distantBodyCertificate.getSubjectDN() +
678                 " has expired, negociation stopped");
679
680             return false;
681         } catch (CertificateNotYetValidException JavaDoc e) {
682             logger.warn(distantBodyCertificate.getSubjectDN() +
683                 " is not yet valid, negociation stopped");
684
685             return false;
686         }
687
688         // logger.info("Retrieving DistantOA Domain Server");
689 String JavaDoc domainLocation = distantBodyCertificate.getIssuerDN().getName();
690
691         return true;
692     }
693
694     public boolean unilateralAuthenticationSenderSide(UniversalBody distantBody)
695         throws AuthenticationException {
696         long rb = randomLongGenerator.generateLong(32);
697         AuthenticationTicket authenticationTicket = new AuthenticationTicket();
698         String JavaDoc B = certificate.getIssuerDN().getName();
699         long ra = authenticationTicket.random;
700         String JavaDoc addresse = authenticationTicket.identity;
701
702         if (addresse.equals(B) == false) {
703             throw new AuthenticationException(
704                 "SessionInitializer : WRONG IDENTITY");
705         }
706
707         // Emitter Certificate Checking
708 X509Certificate JavaDoc emitterCertificate = authenticationTicket.certificate;
709         String JavaDoc A = emitterCertificate.getIssuerDN().getName();
710
711         // A is the sessionInitializer
712 checkCertificate(emitterCertificate);
713
714