The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

Agile Buzz Forum
Create a Validation Certificate

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
James Robertson

Posts: 29924
Nickname: jarober61
Registered: Jun, 2003

David Buck, Smalltalker at large
Create a Validation Certificate Posted: Aug 7, 2009 12:40 PM
Reply to this message Reply

This post originated from an RSS feed registered with Agile Buzz by James Robertson.
Original Post: Create a Validation Certificate
Feed Title: Cincom Smalltalk Blog - Smalltalk with Rants
Feed URL: http://www.cincomsmalltalk.com/rssBlog/rssBlogView.xml
Feed Description: James Robertson comments on Cincom Smalltalk, the Smalltalk development community, and IT trends and issues in general. 		Latest Agile Buzz Posts
Latest Agile Buzz Posts by James Robertson
Latest Posts From Cincom Smalltalk Blog - Smalltalk with Rants

Advertisement

I did a screencast this morning on creating a certificate that can be used to validate an application - this assumes that you safeguard your private keys, of course. Here's a simple example that shows how to generate a certificate, and then how to validate it. First, you create the keys:



	| rsaKeyGen |
	"create a key generator"
	rsaKeyGen := RSAKeyGenerator
				keySize: 1024
				random: (DSSRandom seed: Timestamp now asSeconds ** 10)
				primalityTest: (MillerRabin random: (DSSRandom b: 160)).

	"create keys"
	privateKey := rsaKeyGen privateKey.
	publicKey := rsaKeyGen publicKey.

	"store keys.  Note that this is hardly the preferred way of storing such data..."
	SimpleCertificate privateKey: privateKey.
	SimpleCertificate publicKey: publicKey

Storing the public and private keys together is a bad idea, but it does make this example easier to show. The Class SimpleCertificate has two class instance variables: publicKey, privateKey (you can kind it in the Public Store Repository - use it as a guideline, not as the right way to do this). Next, create your certificate with some text, signing with the private key:



register: details
	| stream encodedDetails signature |
	encodedDetails := details asByteArrayEncoding: #utf8.
	signature := RSA new
		useSHA;
		privateKey: self privateKey;
		sign: encodedDetails.
	stream := 'certificate.txt' asFilename writeStream binary.
	[stream nextPutAll: signature; nextPutAll: encodedDetails] ensure: [stream close].
	^signature

To call that, use:


"details for the certificate"
details := 'username=jarober
email=jarober@gmail.com
id=1234567890'.

signature := SimpleCertificate register: details.

Finally, to verify the certificate, you use the public key to check:


verify: signature for: details
	"answers a boolean"

	| rsaCipher |
	rsaCipher := RSA new publicKey: SimpleCertificate publicKey. 
	rsaCipher useSHA. 
	^rsaCipher verify: signature of: details.

And to call that:


SimpleCertificate verify: signature for: details.

That should answer true. If you try it with different text for details, it should answer false. There's a simple example of signing text, and later validating it. I'll cover all of this in a screencast soon.

Technorati Tags: ,

Read: Create a Validation Certificate

Topic: Good Luck with the Paywall Previous Topic   Next Topic Topic: Coach Towards Your Exit
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use