You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Razvan Dragut (JIRA)" <ji...@apache.org> on 2011/06/14 14:23:47 UTC
[jira] [Commented] (SHIRO-304) Add support for object signing and
sealing
[ https://issues.apache.org/jira/browse/SHIRO-304?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13049151#comment-13049151 ]
Razvan Dragut commented on SHIRO-304:
-------------------------------------
Another idea would be to have another service called SecurityService ( didn't see any class/interface named like that in Shiro so I thought I'd recommend ). This service would "wrap" (composition, aggregation, delegate) a CipherService.
SecurityService would deal with object signing and will delegate sealing to the CipherService. If composition/aggregation is used, the SecurityService could expose the CipherService methods and make SecurityService the general entry point in using cryptography and other related security features in Shiro.
// CipherService
SealedObject CipherService.seal(Object o);
Object CipherService.unseal(SealedObject so);
// SecurityService
SignedObject SecurityService.sign(Object o);
boolean SecurityService.verify(SignedObject so);
SealedObject SecurityService.signAndSeal(Object o);
// SecurityService exposes CipherService via one of the suitable patterns Composition/Aggregation.
SealedObject SecurityService.seal(Object o);
Object SecurityService.unseal(SealedObject so);
SecurityService can also assist with Message Authentication Code generation (MAC, HMAC), using a "HashService" in the same way as it would use CipherService.
How commited is Shiro in using the "services" API design ?
> Add support for object signing and sealing
> ------------------------------------------
>
> Key: SHIRO-304
> URL: https://issues.apache.org/jira/browse/SHIRO-304
> Project: Shiro
> Issue Type: Wish
> Components: Specification API
> Reporter: Razvan Dragut
> Priority: Minor
> Labels: security
>
> Request :
> Add API to allow signing and sealing an object. This can be supported by the existing Java API ( javax.crypto.SealedObject and java.security.SignedObject ).
> Reasoning :
> 1. Shiro users will be able to use encryption and signing of objects using uniform API with Shiro framework
> 2. Enforce/Suggest the correct way to sign and seal an object : Sign, then seal rather than allow unnecessary bad practice of sealing first, then signing to happen.
> Real world scenario :
> Sensitive information (E.g Credit Card details) being sent over the wire or being stored in a database as a serialised object.
> In order to store the object in a DB or send it outside a secure environment, the object should be signed, encrypted, serialised, sent/stored . Then, read/receive, deserialize, decrypt, checked signature.
> Initial ideas :
> The class CipherService could provide methods for signing, checking signature, sealing and unsealing. The CipherService class is stateless and I will omit the encryption keys parameters at the moment as this require some careful thinking on what kind of keys one can use, keep the verbosity at minimum and uniform API.
> SignedObject CipherService.sign(Object o);
> SealedObject CipherService.seal(Object o);
> SealedObject CipherService.signAndSeal(Object o);
> Object CipherService.unseal(SealedObject so); <-- this could automatically check for signature if the unsealed object is of type SignedObject
> boolean CipherService.checkSignature(SignedObject so);
> Something to consider is whether signing and sealing should be part of the same class/service. They are different actions with different semantics and the action/semantic of signing something doesn't really make sense to sit in a class/service that encrypts/decrypts.
> Any thoughts ?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira