Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep
Overview  Package   Class  Use  Deprecated  Index 
Home >> All >> ch >> ethz >> [ prose overview ]  PREV CLASS  NEXT CLASS
SUMMARY: JavaDoc of ch.ethz.prose.SecureLocalAspectManager JAVADOC | Sourc code of ch.ethz.prose.SecureLocalAspectManager SOURCE | Download ch.ethz.prose.SecureLocalAspectManager DOWNLOAD | NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

ch.ethz.prose
Class SecureLocalAspectManager  view SecureLocalAspectManager download SecureLocalAspectManager.java

java.lang.Object
  extended bych.ethz.prose.LocalAspectManager
      extended bych.ethz.prose.SecureLocalAspectManager
All Implemented Interfaces:
AspectManager, ch.ethz.prose.engine.ClassLoadListener
public class SecureLocalAspectManager
extends LocalAspectManager

Class SecureLocalAspectManager extends LocalAspectManager. It recognizes SignedExtensions in insertExtension and performs the insertion under the permissions granted to the SecureLocalAspectManager class, in case that the signature is valid and the signer is trusted to insert extensions.

Version:
$Revision: 1.1.1.1 $

Nested Class Summary
 
Nested classes inherited from class ch.ethz.prose.LocalAspectManager
LocalAspectManager.TransactionGroup
 
Field Summary
private  java.util.Hashtable certTable
           
private  java.security.KeyStore keyStore
           
 
Fields inherited from class ch.ethz.prose.LocalAspectManager
ABORT, COMMIT, jpm
 
Constructor Summary
SecureLocalAspectManager(boolean isConnectedToVM, ch.ethz.jvmai.JVMAspectInterface ai)
          Constructs an extension manager that inserts SignedExtensions under privileged rights
 
Method Summary
private  java.security.KeyStore getKeyStore()
           
 void insert(Aspect ext)
          Insert the extension ext into the extension manager.
private  boolean isTrusted(java.security.PublicKey key)
           
private  void superInsertExtension(Aspect ext)
           
protected  boolean validateKey(java.security.PublicKey key)
          Decides whether a key is valid and trusted to insert an extension under the privileged permissions of this class.
 
Methods inherited from class ch.ethz.prose.LocalAspectManager
abort, classLoaded, commit, createJoinPointManager, doInsertExtension, doWithdrawExtension, finalize, getAllAspects, getJoinPointManager, insert, isConnectedToVM, startup, teardown, withdraw, withdraw
 
Methods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

keyStore

private java.security.KeyStore keyStore

certTable

private java.util.Hashtable certTable
Constructor Detail

SecureLocalAspectManager

public SecureLocalAspectManager(boolean isConnectedToVM,
                                ch.ethz.jvmai.JVMAspectInterface ai)
Constructs an extension manager that inserts SignedExtensions under privileged rights

Method Detail

validateKey

protected boolean validateKey(java.security.PublicKey key)
Decides whether a key is valid and trusted to insert an extension under the privileged permissions of this class.

The actual implementation is very restricted: accepts if a trusted certificate exists in the keystore defined by the system properties ch.ethz.prose.keystore.location and ch.ethz.prose.keystore.password. (ATTENTION: THIS IS A HUGE SECURITY HOLE!!!). Feel free to build a subclass with a better implementation.

It was thought to attach certificates to signed extensions to help the target system to make its decision. As in JDK 1.2.2 the class java.security.cert.Certificate is not Serializable, this feature is unluckily not yet implemented.

insert

public void insert(Aspect ext)
            throws AspectManagerException
Insert the extension ext into the extension manager. If ext is of type SignedAspect, the signature is verified and if the key is known to be trusted to insert extensions, the insertion is performed exclusively under the rights granted to this class.

If the extension fails the verification or the key is not trusted, it is attempted to install the extension in the usual way (without privileged permissions).

Specified by:
insert in interface AspectManager
Overrides:
insert in class LocalAspectManager

superInsertExtension

private void superInsertExtension(Aspect ext)
                           throws AspectManagerException

getKeyStore

private java.security.KeyStore getKeyStore()
                                    throws java.security.KeyStoreException,
                                           java.security.NoSuchAlgorithmException,
                                           java.io.IOException,
                                           java.security.cert.CertificateException

isTrusted

private boolean isTrusted(java.security.PublicKey key)
                   throws java.security.KeyStoreException,
                          java.security.NoSuchAlgorithmException,
                          java.io.IOException,
                          java.security.cert.CertificateException
Overview  Package   Class  Use  Deprecated  Index 
Home >> All >> ch >> ethz >> [ prose overview ]  PREV CLASS  NEXT CLASS
SUMMARY: JavaDoc of ch.ethz.prose.SecureLocalAspectManager JAVADOC | Sourc code of ch.ethz.prose.SecureLocalAspectManager SOURCE | Download ch.ethz.prose.SecureLocalAspectManager DOWNLOAD | NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD