Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [higgins-dev] [XDI4J] - Signing a XDI message
Hello Nuno,

First of all, this is EXACTLY what we in the XDI world are envisioning, i.e. a flow like this:
1. User (or web service acting on behalf of user) retrieves private/public key pair associated with the i-name. This is done by sending an XDI message to the i-broker (e.g. freexri.com) that includes the i-name's password
2. User (or web service acting on behalf of user) can now send signed XDI messages to XDI endpoints.
3. XDI endpoints can discover the user's certificate using XRI resolution and therefore verify the incoming XDI messages.

Now to your question:

I'm not familiar with the methods you are using. I normally do it like this:

import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.eclipse.higgins.xdi4j.Graph;
import org.eclipse.higgins.xdi4j.messaging.Message;
import org.eclipse.higgins.xdi4j.messaging.MessageEnvelope;
import org.eclipse.higgins.xdi4j.messaging.Operation;
import org.eclipse.higgins.xdi4j.signatures.Signatures;
import org.eclipse.higgins.xdi4j.xri3.impl.XRI3Segment;

public class Test {

    public static final String ENCRYPTION_ALGORITHM = "RSA";

    public static void main(String[] args) throws Exception {

        String strKey = "MIIEwAI.....";

        KeyFactory keyFactory = KeyFactory.getInstance(ENCRYPTION_ALGORITHM);
        PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(strKey.getBytes()));
        PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec);

        MessageEnvelope envelope = MessageEnvelope.newInstance();
        Message message = envelope.newMessage(new XRI3Segment("=markus"));
        Operation operation = message.createGetOperation();
        Graph operationGraph = operation.createOperationGraph(null);
        operationGraph.createStatement(new XRI3Segment("=markus"), new XRI3Segment("+email"));

        Signatures.sign(message.getSubject(), privateKey);

        System.out.println(envelope.toString());
    }
}

Does that help? Let me know if you still have trouble or other questions..

Markus

On Tue, May 18, 2010 at 12:24 PM, Nuno Rosa <nuno.sp.rosa@xxxxxxxxx> wrote:
Hi,

freexri.com issued a certificate associated with my i-name and i got a private key to sign messages and grant authenticity;
but i'm having a hard time trying to sign xdi message envelopes.
Here's a snippet of my code:

final String strKey = "MIIEvwIBADANB...."
[...]
DerValue dv = new DerValue(strKey);
envelope.sign(PKCS8Key.parseKey(dv)); 


it throws the following error:

Exception in thread "main" java.io.IOException: corrupt private key
at sun.security.pkcs.PKCS8Key.parseKey(PKCS8Key.java:104)


Can you give me some hints, example on how to sign it?

Best regards,
Nuno R.

_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev


Back to the top