org.xlattice.crypto
Class SignedList

java.lang.Object
  org.xlattice.crypto.SignedList

Direct Known Subclasses:

BuildList, SnapShot

public abstract class SignedList
extends java.lang.Object

In its serialized form a SignedList consists of a public key line, a title line, a timestamp line, a number of content lines, and a digital signature. Each of the lines ends with a CR-LF sequence. A blank line follows the last content line. The timestamp (in CCYY-MM-DD HH:MM:SS form) represents the time at which the list was signed using the RSA private key corresponding to the key in the public key line. The public key itself is base-64 encoded. The SHA1withRSA digital signature is on the entire SignedList excluding the digital signature line. All line endings are converted to CRLF before taking the digital signature. The SignedList itself has a 20-byte extended hash, the 20-byte SHA1 digest of a function of the public key and the title. This means that the owner of the RSA key can create any number of documents with the same hash but different timestamps with the intention being that users can choose to regard the document with the most recent timestamp as authentic. What the content line contains varies between subclasses.

Author:

Jim Dixon

Field Summary

static int	BUF_SIZE
static java.lang.String	CRLF

Constructor Summary

protected	SignedList(java.io.Reader reader)
protected	SignedList(RSAPublicKey publicKey, java.lang.String title)

Method Summary

byte[]	getHash() Return this SignedList's hash, a byte array 20 bytes long.
RSAPublicKey	getPublicKey()
java.lang.String	getTitle()
boolean	isSigned()
protected abstract void	readContents(java.io.BufferedReader in) Subclasses must read in content lines, stripping off line endings do a verifier.update(line), where line excludes any terminating CRLF.
static java.lang.String	readFoldedLine(java.io.BufferedReader in, boolean unfold) Read lines until one is found that does not begin with a space.
void	sign(RSAKey key) Set a timestamp and calculate a digital signature.
abstract int	size() The number of items in the list, excluding the header lines (public key, title, timestamp) and the footer lines (blank line, digital signature).
java.lang.String	toString() Serialize the entire document.
abstract java.lang.String	toString(int n) Nth content item in String form, without any terminating CRLF.
boolean	verify() Verify that the SignedList agrees with its digital signature.
protected java.lang.StringBuffer	withoutDigSig()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

BUF_SIZE

public static final int BUF_SIZE

See Also:

Constant Field Values

CRLF

public static final java.lang.String CRLF

See Also:

Constant Field Values

Constructor Detail

SignedList

protected SignedList(RSAPublicKey publicKey,
                     java.lang.String title)
              throws org.xlattice.CryptoException

Throws:

org.xlattice.CryptoException

SignedList

protected SignedList(java.io.Reader reader)
              throws org.xlattice.CryptoException,
                     java.io.IOException

Throws:

org.xlattice.CryptoException

java.io.IOException

Method Detail

getPublicKey

public final RSAPublicKey getPublicKey()

Returns:

a clone of the public key

getTitle

public final java.lang.String getTitle()

isSigned

public final boolean isSigned()

readFoldedLine

public static java.lang.String readFoldedLine(java.io.BufferedReader in,
                                              boolean unfold)
                                       throws java.io.IOException

Read lines until one is found that does not begin with a space. The lines beginning with a space are added to the StringBuffer. The first line found not beginning with a space is returned. XXX This should find a better home.

Parameters:

in - open BufferedReader

unfold - unfold the line if true

Returns:

the collected line

Throws:

java.io.IOException

getHash

public byte[] getHash()

Return this SignedList's hash, a byte array 20 bytes long. The exact algorithm used is critical. It should not be changed except perhaps at major version number changes.

Returns:

the hash of the SignedList

readContents

protected abstract void readContents(java.io.BufferedReader in)
                              throws org.xlattice.CryptoException,
                                     java.io.IOException

Subclasses must read in content lines, stripping off line endings do a verifier.update(line), where line excludes any terminating CRLF.

Throws:

org.xlattice.CryptoException - if error in content lines

java.io.IOException

sign

public final void sign(RSAKey key)
                throws org.xlattice.CryptoException

Set a timestamp and calculate a digital signature. First calculate the SHA1 hash of the pubkey, title, timestamp, and content lines, excluding the terminating CRLF in each case, then encrypt that using the RSA private key supplied.

Parameters:

key - RSAKey whose secret materials are used to sign

Throws:

org.xlattice.CryptoException

size

public abstract int size()

The number of items in the list, excluding the header lines (public key, title, timestamp) and the footer lines (blank line, digital signature).

Returns:

the number of content items

verify

public boolean verify()
               throws org.xlattice.CryptoException

Verify that the SignedList agrees with its digital signature.

Returns:

true if the digital signature agrees with the public key

Throws:

org.xlattice.CryptoException

withoutDigSig

protected final java.lang.StringBuffer withoutDigSig()

toString

public final java.lang.String toString()

Serialize the entire document. All lines are CRLF-terminated. Subclasses are responsible for formatting their content lines, without any termination.

Overrides:

toString in class java.lang.Object

toString

public abstract java.lang.String toString(int n)

Nth content item in String form, without any terminating CRLF.

Parameters:

n - index of content item to be serialized

Returns:

serialized content item