Archivelink Signature Public Exponent

Hi guys,
I am trying to generate a certificate for signing the URL for the Archivelink interface.
The documentation stated that the public exponent has to be equal to (2^16)+1.
Does anybody know how important that condition is? The reason I am asking is that it is easy to create an RSA key with a given exponent but it is either not possible or not that simple in case of DSA key.
I haven't explored all the possibilities for this but my preliminary attempts at it were producing invalid keys that failed during signing or verification.
Is it a requirement that the 'y' value (public key exponent) of DSA parameters must be equal to 2^16 + 1, and if so are there any inputs for the other DSA parameters like 'p', 'q', and 'g'?
kind regards

This procedure explains how to selet a certificate:
Selecting Certificates - System Security - SAP Library
After selecting you can export it. The following procedure explains how to import a certificate, select it, and export it to the database, for example:
Adding a Certificate to the Database - System Security - SAP Library

Similar Messages

Generating RSA keys based on p, q, and public exponent

Hi,
The problem is the following. I need to generate an RSA key pair on the card based on pre-defined P, Q and public exponent. The KeyPair specs syas that if the public exponent is pre-initialized it will be retained. All other values are overwritten though (I checked with a test applet on jcop41). So two questions:
1. Do you know of any card that can also retain p and q and generate (calculate) dp, dq, pq, and public modulus. This is contrary to the specification so I doubt there would be any, but it is always good to ask.
2. Do any of you have a Java code that would do this (ie. calculate the missing key components) that can be run on Java Card, ie. does not use BigInteger or similar classes.
Cheers,
Woj

That is exactly the point I was trying to make, I actually forgot about this thread, because the problem at hand went on the shelf for the moment. To reformulate:
1. I have only certain parts of the RSA key, but enough parts to determine a valid private/public key pair.
2. Now I want to generate the missing parts on the card. The JC API requires all the parts to be supplied, it is not possible to provide only partial (but determining the whole key) key information. The KeyPair class can only retain the public exponent during key generation, but not the other parts (according to the specs and my own tests).
3. My wild guess is that it would probably be doable without too much hassle with host JCE, but it's not an option for me, it has to be done on the card.
4. I could try to write my own Java Card code that would do this based on, say, openssl implementation, but now I am too lazy, so that's why I asked if somebody possibly has the code that does this.
Cheers,
Woj

How to find modulus(n) and public key exponent(e)Sor

I did the following code:
import java.security.*;
class keypair
public static void main(String args[])
try {
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
        keyGen.initialize(1024);
        KeyPair keypair = keyGen.genKeyPair();
        PrivateKey privateKey = keypair.getPrivate();
        PublicKey publicKey = keypair.getPublic();
        System.out.println(publicKey);
catch (java.security.NoSuchAlgorithmException e) {
}It produced the following output:
E:\java>java keypair
Sun RSA public key, 1024 bits
modulus: 104598424699919432698042124865237006532583108525971624656815039032375
*68185931249899603942873174007833898125332457427834491991685017307342129730049040*
*85039266578793603162921901877391682504673766949037045217194339504369288262569809*
*64618725280325930282787918761626276736975012559809247463223114702205350103039131*
public exponent: 65537
How to parse modulus(n) and public exponent(e) from this output?
Similarly when i print private key, it produces the following output:
E:\java>java keypair
Sun RSA private CRT key, 1024 bits
modulus:          124578817060208658480856678950235831207402457067036419284514
*60119309486714863949162442643168408523979997168613499493638925829235693238993015*
*36861462235708805467117179894466762970147852286192228334073408407380525883650965*
*26200137024900438305422984852314541271126647102071346646999343089444655087519613*
*147762713*
public exponent: 65537
private exponent: 938527844532658207604152892230342202756165450473898580852699
*91069268853864683730106242370135012901790500054313488639918623825755509450966957*
*25996151023641565209086629652161258725723528561744214714448113895688480371394495*
*69970533766968335232379493089928062691491508442909468663624841001227918721233934*
*90451285*
prime p:          128112715803862066344339615342766575233634768887073748611821
*70613165835421234259251719401979554816266892921739504796026180704477109334458578*
*924582228715587*
prime q:          972415706579323990162180646771186062588725555167352041581263
*11833654947284058644791019214876691698044764118648637510099163830088827138987158*
*06445271350899*
prime exponent p: 102053075991522697645186596252261651077210381075096084960080
*01572103324900452503753532555651687424478224695551102238145517644352533224205327*
*850477437666141*
prime exponent q: 668659136319899226645386130685620335239039277715133737489656
*56694442226518700929665796129185316864860876985624927131126216000167126890435269*
*81971346772483*
crt coefficient: 337801534982286124613379128447816812903646302193598735486466
*78634104811105616496519276355880320340688935923186965279527763125244878069735173*
*60542121091569*
E:\java>
From this output how to parse n and d, where d is the secret exponent or decryption exponent? Thanks in advance. Apologies, for posting in this forum instead of cryptography forum.
Edited by: sowndar on Nov 28, 2009 3:12 AM

sowndar wrote:
From this output how to parse n and d, where d is the secret exponent or decryption exponent? Why do you think you need to parse anything? Why do you need the modulus and exponents?
P.S. Extract the public and private keys from the key pair, cast them to RSAPublicKey and RSAPrivateKey as appropriate then look at the methods of classes RSAPublicKey and RSAPrivateKey to see how to get modulus and exponents.

Invalid Key Exception: Unsupported key type: Sun RSA public key, 1024 bits

I am trying to retrieve certificates from Microsoft Keystore and extract its keys using SunMSCAPI in jdk 1.6. It gives me an invalid key exception, when I am trying to wrap the Symmetric key (which was previously used to perform AES encryption on data), using RSA algorithm.
Code snippet:
           // RSA 1024 bits Asymmetric encryption of Symmetric AES key
            // List the certificates from Microsoft KeyStore using SunMSCAPI.
                  System.out.println("List of certificates found in Microsoft Personal Keystore:");
                   KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
                   ks.load(null, null) ;
                   Enumeration en = ks.aliases() ;
                   PublicKey RSAPubKey = null;
                   Key RSAPrivKey = null;
                   int i = 0;
                   while (en.hasMoreElements()) {
                        String aliasKey = (String)en.nextElement() ;
                        X509Certificate c = (X509Certificate) ks.getCertificate(aliasKey) ;
                        String sss = ks.getCertificateAlias(c);
                        if(sss.equals("C5151997"))
                        System.out.println("---> alias : " + sss) ;
                        i= i + 1;
                        String str = c.toString();
                        System.out.println(" Certificate details : " + str ) ;
                      RSAPubKey = c.getPublicKey();
                        RSAPrivKey = ks.getKey(aliasKey, null); //"mypassword".toCharArray()
                        Certificate[] chain = ks.getCertificateChain(aliasKey);
                   System.out.println("No of certificates found from Personal MS Keystore: " + i);
            // Encrypt the generated Symmetric AES Key using RSA cipher
                    Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", ks.getProvider().getName());
                   rsaCipher.init(Cipher.WRAP_MODE, RSAPubKey);
                   byte[] encryptedSymmKey = rsaCipher.wrap(aeskey);
                   System.out.println("Encrypted Symmetric Key :" + new String(encryptedSymmKey));
                   System.out.println("Encrypted Symmetric Key Length in Bytes: " + encryptedSymmKey.length);
                   // RSA Decryption of Encrypted Symmetric AES key
                   rsaCipher.init(Cipher.UNWRAP_MODE, RSAPrivKey);
                   Key decryptedKey = rsaCipher.unwrap(encryptedSymmKey, "AES", Cipher.SECRET_KEY);Output:
List of certificates found in Microsoft Personal Keystore:
---> alias : C5151997
Certificate details : [
Version: V3
Subject: CN=C5151997, O=SAP-AG, C=DE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 171871587533146191561538456391418351861663300588728159334223437391061141885590024223283480319626015611710315581642512941578588886825766256507714725820048129123720143461110410353346492039350478625370269565346566901446816729164309038944197418238814947654954590754593726047828813400082450341775203029183105860831
public exponent: 65537
Validity: [From: Mon Jan 24 18:17:49 IST 2011,
               To: Wed Jan 23 18:17:49 IST 2013]
Issuer: CN=SSO_CA, O=SAP-AG, C=DE
SerialNumber: [    4d12c509 00000005 eb85]
Certificate Extensions: 6
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 07 E5 83 A1 B2 B7 DF 6B 4B 67 9C 1D 42 C9 0D F4 .......kKg..B...
0010: 35 76 D3 F7 5v..
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: E4 C4 2C 93 20 AF DA 4C F2 53 68 4A C0 E7 EC 30 ..,. ..L.ShJ...0
0010: 8C 0C 3B 9A ..;.
[3]: ObjectId: 1.3.6.1.4.1.311.21.7 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 30 30 2E 06 26 2B 06 01 04 01 82 37 15 08 82 .00..&+.....7...
0010: D1 E1 73 84 E4 FE 0B 84 FD 8B 15 83 E5 90 1B 83 ..s.............
0020: E6 A1 43 81 62 84 B1 DA 50 9E D3 14 02 01 64 02 ..C.b...P.....d.
0030: 01 1B ..
[4]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
RFC822Name: [email protected]
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: B3 C5 92 66 8D D7 ED 6D 51 12 63 CC F4 52 18 B9 ...f...mQ.c..R..
0010: B8 A6 78 F7 ED 7D 78 18 DA 71 09 C9 AE C8 49 23 ..x...x..q....I#
0020: F5 32 2F 0F D1 C0 4C 08 2B 6D 3C 11 B9 5F 5B B5 .2/...L.+m<.._[.
0030: 05 D9 CA E6 F9 0A 94 14 E7 C6 7A DB 63 FE E5 EC ..........z.c...
0040: 48 94 8C 0D 77 92 59 DE 34 6E 77 1A 24 FE E3 C1 H...w.Y.4nw.$...
0050: D8 0B 52 6A 7E 22 13 71 D7 F8 AF D1 17 C8 64 4F ..Rj.".q......dO
0060: 83 EA 2D 6A CA 7F C3 84 37 15 FE 99 73 1D 7C D1 ..-j....7...s...
0070: 6D B4 99 09 62 B9 0F 18 33 4C C6 66 7A 9F C0 DB m...b...3L.fz...
No of certificates found from Personal MS Keystore: 1
Exception in thread "main" java.security.InvalidKeyException: Unsupported key type: Sun RSA public key, 1024 bits
modulus: 171871587533146191561538456391418351861663300588728159334223437391061141885590024223283480319626015611710315581642512941578588886825766256507714725820048129123720143461110410353346492039350478625370269565346566901446816729164309038944197418238814947654954590754593726047828813400082450341775203029183105860831
public exponent: 65537
     at sun.security.mscapi.RSACipher.init(RSACipher.java:176)
     at sun.security.mscapi.RSACipher.engineInit(RSACipher.java:129)
     at javax.crypto.Cipher.init(DashoA13*..)
     at javax.crypto.Cipher.init(DashoA13*..)
     at com.sap.srm.crpto.client.applet.CryptoClass.main(CryptoClass.java:102)
Edited by: sabre150 on 18-Jul-2011 03:47
Added [ code] tags to make code readable.

A bit of research indicates that the classes of the keys obtained by
                      RSAPubKey = c.getPublicKey();
                           RSAPrivKey = ks.getKey(aliasKey, null); //"mypassword".toCharArray()are sun.security.rsa.RSAPublicKeyImpl and sun.security.*mscapi*.RSAPrivateKey . It seems that for Cipher objects from the SunMSCAPI provider cannot accept RSA public keys of class sun.security.rsa.RSAPublicKeyImpl and that the SunMSCAPI will only accept RSA private keys of class sun.security.mscapi.RSAPrivateKey.
This came up under different guise a couple of years ago. It makes sense since encrypting/wrapping with a public key does not represent a security problem (there is nothing secret in any of the encryption operations) when done outside of MSCAPI so one can use any provider that has the capability BUT the decryption/unwrapping must be done with the SunMSCAPI provider which delegates it to the MSCAPI.
My working test code based on your code implementing this approach is :
        // RSA 1024 bits Asymmetric encryption of Symmetric AES key
        // List the certificates from Microsoft KeyStore using SunMSCAPI.
        System.out.println("List of certificates found in Microsoft Personal Keystore:");
        KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
        ks.load(null, null);
        Enumeration en = ks.aliases();
        PublicKey RSAPubKey = null;
        Key RSAPrivKey = null;
        int i = 0;
        while (en.hasMoreElements())
            String aliasKey = (String) en.nextElement();
            X509Certificate c = (X509Certificate) ks.getCertificate(aliasKey);
            String sss = ks.getCertificateAlias(c);
            if (sss.equals("rsa_key")) // The alias for my key - make sure you change it back to your alias
                System.out.println("---> alias : " + sss);
                i = i + 1;
                String str = c.toString();
                System.out.println(" Certificate details : " + str);
                RSAPubKey = c.getPublicKey();
         System.out.println(RSAPubKey.getClass().getName());
               RSAPrivKey = ks.getKey(aliasKey, null); //"mypassword".toCharArray()
        System.out.println(RSAPrivKey.getClass().getName());
                Certificate[] chain = ks.getCertificateChain(aliasKey);
        System.out.println(ks.getProvider().getName());
        System.out.println("No of certificates found from Personal MS Keystore: " + i);
        Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");//, ks.getProvider().getName());       !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
            rsaCipher.init(Cipher.WRAP_MODE, RSAPubKey);
        byte[] keyBytes =
            1, 2, 3, 4, 5, 6, 7, 8, 2, 3, 4, 5, 6, 7, 8, 9
        SecretKey aeskey = new SecretKeySpec(keyBytes, "AES");
        byte[] encryptedSymmKey = rsaCipher.wrap(aeskey);
        System.out.println("Encrypted Symmetric Key :" + Arrays.toString(encryptedSymmKey));
        System.out.println("Encrypted Symmetric Key Length in Bytes: " + encryptedSymmKey.length);
        // RSA Decryption of Encrypted Symmetric AES key
        Cipher unwrapRsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", ks.getProvider().getName());       //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
        unwrapRsaCipher.init(Cipher.UNWRAP_MODE, RSAPrivKey);
        Key decryptedKey = unwrapRsaCipher.unwrap(encryptedSymmKey, "AES", Cipher.SECRET_KEY);
        System.out.println("Decrypted Symmetric Key :" + Arrays.toString(decryptedKey.getEncoded())); // Matches the 'keyBytes' above

RSA Signature Forgery Vulnerability ?

Both OpenSSL and BouncyCastle have announced fixes related to a vulnerability recently found in PKCS #1 v1.5 signatures.
http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/
http://www.openssl.org/news/secadv_20060905.txt
Do current versions jsse/jce have this issue? And if so what is being done to address it?
G

Both OpenSSL and BouncyCastle have announced fixes
related to a vulnerability recently found in PKCS #1
v1.5 signatures.
http://www.matasano.com/log/469/many-rsa-signatures-ma
y-be-forgeable-in-openssl-and-elsewhere/
http://www.openssl.org/news/secadv_20060905.txt
Do current versions jsse/jce have this issue? And if
so what is being done to address it?
GYes, Suns JCE is vulnerable to this attack. You can for example verify this yourself:
Generate a 3072 bit RSA public key with public exponent e=3.
Use the message:
Welcome to Crypto 06
The SHA-1 hash of this message is
132930072fd147c44e4df2289206ba472f53d855You can verify that Suns JCE accepts the signature
07ffffffffffffffffffffffffffffff
ffffffffffffffffffffffffffffffff
ffffffffffffffffffffffffffffffff
ffffffffffffffffffffffffffffffff
ffffffffffffffffffffffffffffffff
fffffffffffffffeaaead6eab6b2b18e
bd595822b1555ac56ee1955eea6c5fb0
6867ed8b6d5e4db43f1a75c7fffffffffor this message.
I'm currently using JDK 1.5 for my tests.
I'm not aware of patches.
Daniel Bleichenbacher

How to get Public Key Remainder?

Hi Friends..
Sorry, i have a little doubt regarding the Public Key Remainder..
What is Public Key Remainder used for?.. is it a part of Public Key?.. How to get it from Public Key, especially in Java?
As far as i know that the Public Key is constructed with Modulus and Exponent, and with this we can Encrypt and Verify data was signed by Private Key..
In Java, we can expose Public Key's modulus and public exponent using RSAPublicKey, there's no method to expose Public Key's Remainder..
Please help me regarding this..
Thanks

Leonardo Carreira wrote:
Hi Shane,
Thanks for your reply.. :)
safarmer wrote:
In that case the exponent and remainder are you public key (exponent and modulus) and the certificate is defined in the definitions section of Book 3. It is a secure way of verifying the public key and it's owner through a trusted certification authority.
EMV Book 3 tends to use Remainder and Modulus interchangeably.You mean, the Issuer (in this case one of E,M, and V) should provide 2 certificates for 1 card?..
This is implemented on SDA or DDA?..
Sorry, i'm still have no idea..
The Remainder and Modulus should be used interchangeably?..
How the Host and Card can decides in each transaction whether it will use Remainder or Modulus?..I mean that the terminology is used interchangeably. They refer to the same thing as far as the actual key is concerned.
Cheers,
Shane

Configuration of Public Key Authentication Policy for SFTP on OAG 11.1.2.2

Hi
I'm working on the configuration of an SFTP server over OAG, using both password and public key authentication.
This particular listener need 3 policies:
- Password Authentication
- Public Key Authentication
- File upload
Both File upload and password auth are working OK, but I've been having a hard time with the PK policy. This policy uses the attribute ${authentication.subject.public.key} to store the PK info, which I confirmed is being sent to the gateway (as modulus + public exponent), however I can not find a way to verify the key received with the ones on the Key Pairs store.
OAG Version is 11.1.2.2
Any comments?

Hi a82383ca-36ac-49d5-aa6e-c3307f7e56e1,
It would probably help if you place this question under the community for product you have questions about. I will see if I can help you move it to the proper one by asking around.
Best regards,
VictorI

PDF Digital Signature

Hi,
Does any body know how to write a PKCS#7 (Public Key Cryptography Standard) object in java. This object has to be written to PDF file in order to generate signed pdf's.
plz let me now any code samples or URLs to write PKCS#7 format. I dont want to use third party libraries.
Thanks in advance.
Subhani.

Here i'm attaching a sample file how to generate signature for PDF document. If i remove the BouncyCastle clasess the rest of the program perfectly compiled and generated valid signature bytes and i used BC clasess to convert this signature bytes in to PKCS#7 Format. one error is "gen.addCertificatesAndCRLs" of BC accept CertStore where as i got CertChain from keystore. (plz see the code)
import java.security.*;
import java.security.cert.*;
import java.security.spec.*;
import java.io.*;
import java.util.*;
import org.bouncycastle.cms.*;
public class TestDigSig {
// Generate a RSA signature
public TestDigSig() {
try {
KeyStore keyStore = KeyStore.getInstance("PKCS12");
// aa.pfx - Trial Digitlal Id got from Verisign site.
keyStore.load(new FileInputStream("aa.pfx"), storepswd);
Provider provider = keyStore.getProvider();
for(Enumeration e = keyStore.aliases() ; e.hasMoreElements() ;) {
alias = e.nextElement().toString();
// Retrieving private key
PrivateKey privKey = (PrivateKey)keyStore.getKey(alias, storepswd);
java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate)keyStore.getCertificate(alias);
java.security.cert.Certificate[] certChain =
keyStore.getCertificateChain(alias);
// Length of certChain is 3
//System.out.println("certificte chain "+certChain.length);
// Retrieving public key
PublicKey pubKey = cert.getPublicKey();
// Have to support RSA - MD5 only
Signature rsa = Signature.getInstance("MD5withRSA");
rsa.initSign(privKey);
/* Update and sign the data */
// dumpPart1.dat and dumpPart2.dat are bytes of PDF document.
// Two dat files are compulsory in order to embed signature(PKCS#7 Format) in PDF doc
FileInputStream fis = new FileInputStream("dumpPart1.dat");
BufferedInputStream bufin = new BufferedInputStream(fis);
byte[] buffer = new byte[1024];
int len;
while (bufin.available() != 0) {
len = bufin.read(buffer);
rsa.update(buffer, 0, len);
bufin.close();
FileInputStream fis1 = new FileInputStream("dumpPart2.dat");
BufferedInputStream bufin1 = new BufferedInputStream(fis1);
byte[] buffer1 = new byte[1024];
int len1;
while (bufin1.available() != 0) {
len1 = bufin1.read(buffer1);
rsa.update(buffer1, 0, len1);
bufin1.close();
/* Now that all the data to be signed has been read in,
generate a signature for it */
// The array contains signature bytes.
byte[] rsaSign = rsa.sign();
// using BouncyCastl clasess for PKCS#7 Format
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(privKey, cert, CMSSignedDataGenerator.DIGEST_MD5);
gen.addCertificatesAndCRLs(certChain);
CMSProcessableByteArray process = new CMSProcessableByteArray(rsaSign);
CMSSignedData data = gen.generate(process, "BC");
FileOutputStream contentStream = new FileOutputStream("chkContent");
contentStream.write(data.getEncoded());
contentStream.close();
} catch(Exception e) {
e.printStackTrace();
public static void main(String[] args) {
new TestDigSig();
private char[] storepswd = {'1', '2', '3'};
private String alias;
If you have any piece of code that how to create a PKCS#7 object using BC clasess, please let me know.
Thanks.

How to instantiate public key

hi,
I have a problem when I try to instanciate a RSAPublicKey from javacard with this code :
publicKey = (RSAPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC, KeyBuilder.LENGTH_RSA_1024, false);
this returns the error code 6f 00.
please help again!

the first problem have been already fixed and the value returned by getReason is 1
here my public exponent and modulus arrays
private static final byte[] exponentPublicKey = {1, 0, 1};
private static final byte[] modulusPublicKey = {
          0, -48, -96, -44, -25, 111, 122, 92, 11, -79,
          124, -63, 97, -126, -60, -10, -44, -99, -20, 40,
          60, 82, -25, -85, -96, 46, 119, 91, -4, 122,
          -33, 88, 1, 51, 113, 20, 122, 101, -79, 59,
          -127, 53, 90, 64, -94, -44, -94, 18, 74, 89,
          62, 33, -66, 0, 0, -89, -11, -111, 10, 48,
          -27, 73, 88, 12, 89};

Two Interface implementation with different signatures

Hallo,
I'm searching a solution for the following problem:
I have an Interface which has to have the following methods names:
deleteObject()
moveObject()
and besides that I must have to classes which implements this interface, but because of the nature of the programm these classes have the following signatures:
class 1.
public static boolean deleteObject(File objectToDelete)
public static boolean moveObject(File srcObjectPath, File dstObjectPath, SVNRevision revision, boolean isRename)
class 2.
public void moveObject(Folder rFolder, FSObject rFSObject)
public void deleteObject(FSObject rFSObject) but unfortunately I cant see how to solve this problem, bearing in mind that that the signatures of the methods of the second class cant be manipulated, the signatures of the first one are flexible?
Thanks in advance
Christian Rosenfeld

well, the story is like that: I have finished my master thesis which includes programming. This thesis contributes to an already existing big project.
The original implementation of the integrated file browser has the follwoing methods:
public void moveObject(Folder rFolder, FSObject rFSObject)
public void deleteObject(FSObject rFSObject)My implementation which is a total new implementation of the file browser, which also has version control, must have same named methds (deleteObject, moveObject). Now because of the nature of the programm that I have implemented, these methods have the following signatures:
public static boolean deleteObject(File objectToDelete)
public static boolean moveObject(File srcObjectPath, File dstObjectPath, SVNRevision revision, boolean isRename)Now for some reason that I dont really understand, the subervisor is asking about an interface which will allow him to choose between the two implementations, like:
interface FileOperations{
moveObject(...);
deleteObject(...);
}but what shall the signatures of the interface be? supposing that the signatures of my methods can be manipulated, ist possible to find a suitable interface?
Christian
Edited by: ChristianRosenfeld on Sep 22, 2008 1:57 AM

Why won't my message signature verify

Can anyone help. I dont seem to be able to verify a signature that I have just created. I'm a Java and Crypto newbie so please take it easy on me! The code is as follows:
import java.nio.ByteBuffer;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Signature;
public class EncryptionLesson {
     public static void main(String[] args) throws Exception {
          ByteBuffer message = ByteBuffer.wrap("This is my message".getBytes());
          // Create key pair
          KeyPairGenerator kpg;
          kpg = KeyPairGenerator.getInstance("DSA");
          kpg.initialize(512);
          KeyPair pair = kpg.genKeyPair();
          // Sign a message
          Signature sig = Signature.getInstance("DSA");
          sig.initSign(pair.getPrivate());
          sig.update(message);
          ByteBuffer messageSignature = ByteBuffer.wrap(sig.sign());
          // Verify signature
          Signature vsig = Signature.getInstance("DSA");
          vsig.initVerify(pair.getPublic());
          vsig.update(message);
          if (vsig.verify(messageSignature.array())) {
               System.out.println("Signature Okay");
          } else {
               System.out.println("Signature NOT Okay");
}The result is alway "Signature NOT Okay". Please excuse the gratuitous use of ByteBuffer, I have just read JavaNIO and was sold on them.

sorry about mistaking the vaiables in the previous post. the proper main will look like this:
public static void main(String[] args) throws Exception {
          ByteBuffer message = ByteBuffer.wrap("This is my message".getBytes());
          // Create key pair
          KeyPairGenerator kpg;
          kpg = KeyPairGenerator.getInstance("DSA");
          kpg.initialize(512);
          KeyPair pair = kpg.genKeyPair();
          // Sign a message
          Signature sig = Signature.getInstance("SHA1withDSA");
          sig.initSign(pair.getPrivate());
          sig.update(message.array());
          ByteBuffer messageSignature = ByteBuffer.wrap(sig.sign());
          // Verify signature
          Signature vsig = Signature.getInstance("SHA1withDSA");
          vsig.initVerify(pair.getPublic());
          vsig.update(message.array());
          if (vsig.verify(messageSignature.array())) {
               System.out.println("Signature Okay");
          } else {
               System.out.println("Signature NOT Okay");
     }Futher to bring it to your notice, this is signing and verification and not encryption ;-) you might consider your class name!

Changing method signature according to the new business logic

Dear java community,
Recently I'm confronted with one issue and I want to know your opinion about this.
ISSUE DESCRIPTION:
In one of my business tier class I had method register user:
public RegistrationStatus registerUser(User user, RegistrationType type, boolean confirmationRequired) throws MyBusinessException;According to new business rules I need to add 2 arguments to this methods (boolean isCustomBank and String customBankName).
All arguments in method are mandatory and I need them in registration process. It is also possible that in future it would be needed to pass more arguments to registerUser method (according to changes in business logic).
POSSIBLE SOLUTIONS:
A) Create userContext (as map) and collect there some arguments that needed in registration process (it would be used not only in this method, so it also would contain some other arguments not needed in registration). Signature of this method would look like this:
public RegistrationStatus registerUser(User user, RegistrationType type, Map userContext) throws MyBusinessException;Invocation would look like this:
Map userContext = new HashMap();
userContext.put(UserCostants.CONFIRMATION_REQUIRED, form.isConfirmationRequired());
userContext.put(UserCostants.CUSTOM_BANK, form.isCustomBank());
userContext.put(UserCostants. CUSTOM_BANK_NAME, form.getCustomBankName);
myRegistrationService.registerUser(form.getUser, form.getRegistrationType(), userContext);And UserCostants:
public interface UserCostants {
   String CUSTOM_BANK = "customBank";
   // other constants
}B) Create userContext (as class � wrapper of map from previous solution) and collect there some arguments that needed in registration process (it would be used not only in this method, so it also would contain some other arguments not needed in registration). Signature of this method would look like this:
public RegistrationStatus registerUser(User user, RegistrationType type, UserContext ctx) throws MyBusinessException;Wrapper class:
public class UserContext {
   Map userContext = new HashMap();
   public Boolean isCustomBank() { return (Boolean) userContext.get("customBank"); }
   public void setCustomBank(Boolean customBank) { userContext.put("customBank", customBank);}
   // other get and set metods
}C) Create value object UserRegistrationData that would hold data ONLY for user registration method. Example of the signature:
public RegistrationStatus registerUser(User user, RegistrationType type, UserRegistrationData registrationData) throws MyBusinessException;And value object class:
public class UserRegistrationData {
   public boolean customBank;
   public boolean confirmationRequired;
   public String customBankName;
   public boolean isCustomBank() { return this.customBank; }
   public void setCustomBank(boolean customBank) { this.customBank = customBank;}
   // other get and set metods
}D) Just add new arguments to method's signature:
public RegistrationStatus registerUser(User user, RegistrationType type, Boolean confirmationRequired,
                                       boolean isCustomBank, String customBankName) throws MyBusinessException;E) your solution....
QUESTIONS:
I don't tell you my opinion and pros and cons because I want to know your independent opinion.
Which of these solutions are good and why do you think they are good?
Which of these solutions are bad and why do you think they are bad?
Thanks.

Hi ,
I thought of you overload that method and add into the Map.
Its best solution, even we use the same scenario in my application.
Thanks and Regards
Maruthi.

Creating HMAC signature

I am probably doing something fundamentally stupid here.
I am trying to generate HMAC signature using "HMacSHA1". I have created two methods in my class called SecurityUtil. One for assigning Key and another for signing the data with the key. Within my unit test method, when I call the sign() method twice with the same data, I am getting different signature. I should be getting the same signature.
public void setKey(String secretKey) throws Exception
        mac = Mac.getInstance("HmacSHA1");
        byte[] keyBytes = secretKey.getBytes("UTF8");
        SecretKey signingKey = new SecretKeySpec(keyBytes, "HmacSHA1");
        mac.init(signingKey);
    // This method creates signature for a given String.
    public String sign(String data) throws Exception
        System.out.println("Data is " + data);
        byte[] signBytes = mac.doFinal(data.getBytes("UTF8"));
        String signature = signBytes.toString();
        return signature;
    }Here is my Unit Test.
@Test
    public void testSecurityUtil() throws Exception {
        SecurityUtil sUtil = new SecurityUtil();
        sUtil.setKey("password");
        String authorizationCode = sUtil.sign("password");
        System.out.println("User signature is + " + authorizationCode);
        //do it again just to make sure we get the same signature
        sUtil.setKey("password");
        String secondAutCode = sUtil.sign("password");
        System.out.println("Second User signature is + " + secondAutCode);
    }I am getting different signature for the two invocation of methods! Any ideas why I am getting different values?
Thanks
Phewa

This line        String signature = signBytes.toString();does not give you a String representation of the content of the array of bytes referenced by 'signBytes' . It just gives you a pseudo pointer to the array which in no way reflects the contents of the array.
If you must have a String representation then you should Base64 or Hex encode the byte array but where possible you should just keep the bytes. Google for Jakarta Commons Codec for a library to do the Base64 or Hex encoding.

Ws compile client generates wrong method signature

Hi,
the wscompile - option client - always generates the wrong method signature in the class AdresseIF_Stub:
--> public de.skkoeln.webservice.web.Adresse_Type[]
I need the signature public de.skkoeln.webservice.web.Adresse[] due to I can't compile the generated classes. This is the signature of the AdresseIF interface.
What is my fault ?
Oliver
Adresse ist the JavaClass which I expect to get as return value. The webservice was successfully installed

Oliver, is it only wrong in the stub? Does all of the generated code compile? If it all compiles then there is no error. The reason the _Type was added is because they are other WSDL names that have the same name. Please read section 4.3.12 of the JAXRPC spec for more detail.

Method signature - ideas

Look at this method signature:
public ArrayList getFollowUpEmails() throws Exception{}
This ArraysList contains several EmailTO transfer objects - but I had to tell you this. Now look at this signature:
public EmailTO[] getFollowUpEmails() throws Exception{}
See how the above method is self explaining. For classes that are to be re-used often by other developers would it be better to use arrays because they are more obvious? How do other people deal with this or do you just not worry about it and leave it up to the comments to explain?

See how the above method is self explaining. Yes, returning an array is more self explanatory. Are you defensively copying the array?
For classes that are to be re-used often by other developers would it be better to use arrays because they are more obvious? It depends. Yes its more obvious but if folks are going to stick the array contents into a Collection then returning a Collection is nice, too.
How do other people deal with this or do you just not worry about it and leave it up to the comments to explain?Thats what javadoc is for. i.e. @return a List of EmailTo objects
In jdk1.5 templates will help with this a bit.
One of the most painful bugs you will encounter is when you don't make defensive copies of objects and another class mutates an internal data structure. Of course, defensive copies waste object references and in some cases, can really cause a slow down. You can always provide access via ye old getNumberOfFollowUpEmails/getFollowUpEmail(int i)
Ian

Archivelink Signature Public Exponent

Similar Messages

Maybe you are looking for