Overview  Package   Class  Tree  Deprecated  Index  Help 

Sun SPOT API
Green Release  
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sun.squawk.security.verifier
Class SignatureVerifier

java.lang.Object
  extended by com.sun.squawk.security.verifier.SignatureVerifier

public class SignatureVerifier
extends Object

Author:
Christian Pühringer

Field Summary
static int BUFFER_SIZE
          The numbe of bytes read from flash memory and passed to the signature verification per loop.
static boolean DEBUG
          DEBUG is used for enabling and disabling debug code, usually to write debug messages which are defined in the form:
if (SignatureVerifier.DEBUG) { If enabled is set to false the compiler will no include the debug code to the class file, as the statements are unreachable.
static int MAXIMUM_HEADER_SIZE
          The maximum size the header of a suite can have to be compatible with SignatureVerifier.
 
Constructor Summary
SignatureVerifier()
          Creates a new instance of SignatureVerifier
 
Method Summary
protected static void ensureInitialized()
           
static boolean getSuiteVerifiedFlag(int suiteAddress)
           
static void initialize(byte[] publicKeyBytes, int offset, int length)
           
static boolean isVerifiedSuite(String uri)
           
static void verify(byte[] buffer, byte[] signature)
           
static void verify(byte[] buffer, int bufferOffset, int bufferLength, byte[] signature, int signatureOffset, int signatureLength)
          Verifies a buffer TODO: javadoc TODO: support both native and normal verification.
static void verifySuite(InputStream suiteIn)
          Verifies a suite in flash memory.
static void verifySuite(InputStream suiteIn, boolean useNativeSHA)
          Verifies a suite in flash memory using either the java Signature or a native read from flash and sha1 code.
static void verifySuite(String uri)
          Verifies a suite in flash memory.
 
Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEBUG

public static final boolean DEBUG
DEBUG is used for enabling and disabling debug code, usually to write debug messages which are defined in the form:
if (SignatureVerifier.DEBUG) { If enabled is set to false the compiler will no include the debug code to the class file, as the statements are unreachable. Thus using this kind of debug statements doesn't increase the size of the code. This wouldn't be the case if the statement is in another method, and as code size and execution time is crucial for spots no debug_output method is included in the Debug class and the if statement must be indcluded in the code which needs debug output.
REMARK: debugging can only be enabled and disabled by recompiling and reflashing the squawk library.

See Also:
Constant Field Values

MAXIMUM_HEADER_SIZE

public static final int MAXIMUM_HEADER_SIZE
The maximum size the header of a suite can have to be compatible with SignatureVerifier. In the flash memory case this is guaranteed, the header 48 byte for application suites, the header of the library suite is slightly smaller. Higher maximum header sizes (actually higher differences between maximum and minimum header sizes) decrease the minimum size of the suite supported by verifySuite.

See Also:
Constant Field Values

BUFFER_SIZE

public static final int BUFFER_SIZE
The numbe of bytes read from flash memory and passed to the signature verification per loop. Must be larger than MAXIMUM_HEADER_SIZE!. Theoretically should the verification be faster for larger buffer sizes, but measurements show that the influence is only measurable for very small buffer sizes, and even then is very small. (That is not very surprising, because larger buffer sizes only accelerate the message digesting, while the time for elliptic curve computations, and especially the flash memory operations does not change. (The time for ecc verifySuite is about 1s)) Suite (43800 byte) BUFFER_SIZE Verification time 48: 3125ms 128: 3092ms 256: 3043ms 512: 3047ms 1024: 3017ms 2048: 2984ms 4096: 3014ms 65536: 3009ms

See Also:
Constant Field Values
Constructor Detail

SignatureVerifier

public SignatureVerifier()
Creates a new instance of SignatureVerifier

Method Detail

initialize

public static void initialize(byte[] publicKeyBytes,
                              int offset,
                              int length)
                       throws SignatureVerifierException
Throws:
SignatureVerifierException

verify

public static void verify(byte[] buffer,
                          byte[] signature)
                   throws SignatureVerifierException,
                          IOException
Throws:
SignatureVerifierException
IOException

verify

public static void verify(byte[] buffer,
                          int bufferOffset,
                          int bufferLength,
                          byte[] signature,
                          int signatureOffset,
                          int signatureLength)
                   throws SignatureVerifierException,
                          IOException
Verifies a buffer TODO: javadoc TODO: support both native and normal verification. (do we really need that?)

Throws:
SignatureVerifierException
IOException

verifySuite

public static void verifySuite(String uri)
                        throws SignatureVerifierException,
                               IOException
Verifies a suite in flash memory. Remark: The suite header must be shorter than MAXIMUM_HEADER_SIZE bytes. This is only guarenteed in the case that the suite is in flash memory on a Spot, because it is ensured in com/syn/squawk/suiteconverter/Suite.java by replacing the parentURL with a url of the form flash://
.lib. If the suite is a suite file on the desktop, this is not garanteed, because the parent URL can have any length. Furthermore verifySuite expects that the first integer after the object memory in the suite is the hash. This is only the case for suite converted for flashmemory, thus it won't work for other suites.

Parameters:
uri - A uri pointing to a suite in flash memory. (flash://
[.lib])
ignoreSuiteVerifiedFlag - If true, verifySuite verifies the suite even if SuiteVerifiedFlag in the suite is true. It neither updates the flag after verification.
Throws:
SignatureVerifierException
IOException

verifySuite

public static void verifySuite(InputStream suiteIn)
                        throws SignatureVerifierException,
                               IOException
Verifies a suite in flash memory. Remark: The suite header must be shorter than MAXIMUM_HEADER_SIZE bytes. This is only guarenteed in the case that the suite is in flash memory on a Spot, because it is ensured in com/syn/squawk/suiteconverter/Suite.java by replacing the parentURL with a url of the form flash://
.lib. If the suite is a suite file on the desktop, this is not garanteed, because the parent URL can have any length. Furthermore verifySuite expects that the first integer after the object memory in the suite is the hash. This is only the case for suite converted for flashmemory, thus it won't work for other suites.

Parameters:
suiteIn - An input stream which allows retrieving a suite. This usually is a FlashInputStream pointing to a suite in the flash memory.
Throws:
SignatureVerifierException
IOException

verifySuite

public static void verifySuite(InputStream suiteIn,
                               boolean useNativeSHA)
                        throws SignatureVerifierException,
                               IOException
Verifies a suite in flash memory using either the java Signature or a native read from flash and sha1 code. It is only intented to ensure that the byte code wasn't changed for Java compliance reasons. It does NOT protect against attackers (especially if ignoreSuiteVerifiedFlag==false). For functionallity which require such protection (like access control for over the air deployment)use the verify method.

Remark: The suite header must be shorter than MAXIMUM_HEADER_SIZE bytes. This is only guarenteed in the case that the suite is in flash memory on a Spot, because it is ensured in com/syn/squawk/suiteconverter/Suite.java by replacing the parentURL with a url of the form flash://

.lib. If the suite is a suite file on the desktop, this is not garanteed, because the parent URL can have any length. Furthermore verifySuite expects that the first integer after the object memory in the suite is the hash. This is only the case for suite converted for flashmemory, thus it won't work for other suites.

Parameters:
suiteIn - An input stream which allows retrieving a suite. This usually is a FlashInputStream pointing to a suite in the flash memory.
useNativeSHA - Use faster message digest computation. Native C is about 85x faster than the pure Java version. useNativeSHA=true cannot be used if NATIVE_VERIFICATION compile flag not set, and useNativeSHA=false cannot be used if NATIVE_VERIFICATION_ONLY is set.In this cases verifySuite will throw a RuntimeException
Throws:
SignatureVerifierException
IOException

ensureInitialized

protected static void ensureInitialized()
                                 throws SignatureVerifierException
Throws:
SignatureVerifierException

getSuiteVerifiedFlag

public static boolean getSuiteVerifiedFlag(int suiteAddress)
                                    throws IllegalArgumentException
Throws:
IllegalArgumentException

isVerifiedSuite

public static boolean isVerifiedSuite(String uri)
Overview  Package   Class  Tree  Deprecated  Index  Help 

Sun SPOT API
Green Release  
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2006 Sun Microsystems, Inc. All Rights Reserved.