[Webfunds-commits] java/webfunds/ricardian Contract.java

• Previous message: [Webfunds-commits] java/webfunds/openpgp/cert SimpleOpenPGPCertificate.java
• Next message: [Webfunds-commits] java/webfunds TODO_SCW
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

iang        00/08/16 21:59:18

  Modified:    webfunds/ricardian Contract.java
  Log:
  Whoa!  Works to produce a signed and validated OpenPGP Contract!
  
  Way To Go, Team!

Revision  Changes    Path
1.32      +23 -0     java/webfunds/ricardian/Contract.java

Index: Contract.java
===================================================================
RCS file: /home/webfunds/cvsroot/java/webfunds/ricardian/Contract.java,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- Contract.java	2000/08/16 19:51:18	1.31
+++ Contract.java	2000/08/17 01:59:18	1.32
@@ -1,4 +1,4 @@
-/* $Id: Contract.java,v 1.31 2000/08/16 19:51:18 iang Exp $
+/* $Id: Contract.java,v 1.32 2000/08/17 01:59:18 iang Exp $
  *
  * Copyright (c) Systemics Ltd 1995-1999 on behalf of
  * the WebFunds Development Team.  All Rights Reserved.
@@ -47,6 +47,7 @@
 import webfunds.sox.utils.Base64;
 
 import cryptix.openpgp.PGPUserID;
+import cryptix.openpgp.PGPKeyID;
 import cryptix.openpgp.PGPException;
 import cryptix.openpgp.PGPMessage;
 import cryptix.openpgp.PGPPublicKey;
@@ -980,6 +981,9 @@
 
         Certificate contractCert = getContractCert();
 
+        System.err.println("contract C: " + contractCert);
+        System.err.println("topLevel C: " + topLevelCert);
+
         /*
          *  No cert path for signing key yet, may be signed by intermediate
          *  key some time.
@@ -1014,7 +1018,26 @@
 
         /*
          *  Verify certification path - top-level signs contract signing key
+         *  First check they are not the same!
          */
+        PGPKeyID contractId = contractKey.getKeyID();
+        PGPKeyID topLevelId = topLevelKey.getKeyID();
+
+        System.err.println("contract  : " + contractKey);
+        System.err.println("topLevel  : " + topLevelKey);
+        System.err.println("contractId: " + contractId);
+        System.err.println("topLevelId: " + topLevelId);
+        if (contractId == null)
+            throw new ContractException(ContractException.KEY_CONTRACT,
+                                        "no KeyId within key??");
+        if (topLevelId == null)
+            throw new ContractException(ContractException.KEY_TOP_LEVEL,
+                                        "no KeyId within key??");
+        if (contractId.equals(topLevelId))
+            throw new ContractException(ContractException.KEY_CONTRACT,
+                        "cannot use top level cert as contract signing key");
+
+
         try {
             contractCert.verify(topLevelKey);
         } catch (SignatureException se) {

• Previous message: [Webfunds-commits] java/webfunds/openpgp/cert SimpleOpenPGPCertificate.java
• Next message: [Webfunds-commits] java/webfunds TODO_SCW
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]