Hello Nuno,
First of all, this is EXACTLY what we in the XDI world are envisioning, i.e.
a flow like this:
1. User (or web service acting on behalf of user) retrieves private/public
key pair associated with the i-name. This is done by sending an XDI message
to the i-broker (e.g. freexri.com) that includes the i-name's password
2. User (or web service acting on behalf of user) can now send signed XDI
messages to XDI endpoints.
3. XDI endpoints can discover the user's certificate using XRI resolution
and therefore verify the incoming XDI messages.
Now to your question:
I'm not familiar with the methods you are using. I normally do it like this:
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.eclipse.higgins.xdi4j.Graph;
import org.eclipse.higgins.xdi4j.messaging.Message;
import org.eclipse.higgins.xdi4j.messaging.MessageEnvelope;
import org.eclipse.higgins.xdi4j.messaging.Operation;
import org.eclipse.higgins.xdi4j.signatures.Signatures;
import org.eclipse.higgins.xdi4j.xri3.impl.XRI3Segment;
public class Test {
public static final String ENCRYPTION_ALGORITHM = "RSA";
public static void main(String[] args) throws Exception {
String strKey = "MIIEwAI.....";
KeyFactory keyFactory =
KeyFactory.getInstance(ENCRYPTION_ALGORITHM);
PKCS8EncodedKeySpec privateKeySpec = new
PKCS8EncodedKeySpec(Base64.decodeBase64(strKey.getBytes()));
PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec);
MessageEnvelope envelope = MessageEnvelope.newInstance();
Message message = envelope.newMessage(new XRI3Segment("=markus"));
Operation operation = message.createGetOperation();
Graph operationGraph = operation.createOperationGraph(null);
operationGraph.createStatement(new XRI3Segment("=markus"), new
XRI3Segment("+email"));
Signatures.sign(message.getSubject(), privateKey);
System.out.println(envelope.toString());
}
}
Does that help? Let me know if you still have trouble or other questions..
Markus
On Tue, May 18, 2010 at 12:24 PM, Nuno Rosa <[email protected]> wrote:
> Hi,
>
> freexri.com issued a certificate associated with my i-name and i got a
> private key to sign messages and grant authenticity;
> but i'm having a hard time trying to sign xdi message envelopes.
> Here's a snippet of my code:
>
> final String strKey = "MIIEvwIBADANB...."
> [...]
> DerValue dv = new DerValue(strKey);
> envelope.sign(PKCS8Key.parseKey(dv));
>
>
> it throws the following error:
>
> *Exception in thread "main" java.io.IOException: corrupt private key*
> * **at sun.security.pkcs.PKCS8Key.parseKey(PKCS8Key.java:104)*
> *
> *
> *
> *
> Can you give me some hints, example on how to sign it?
>
> Best regards,
> Nuno R.
>
> _______________________________________________
> higgins-dev mailing list
> [email protected]
> https://dev.eclipse.org/mailman/listinfo/higgins-dev
>
>
_______________________________________________
higgins-dev mailing list
[email protected]
https://dev.eclipse.org/mailman/listinfo/higgins-dev
