HI,
I wanted to know how could I retrieve a sealed object from a signed object and then verify it?
Heres my attempt:
if(!sending){//if we are receiving (being the server)
ServerSocket server = new ServerSocket(port);
Socket s = server.accept();
ObjectInputStream oin = new OnbjectInputStream(s.getInputStream());
ObjectOutputStream oout = new ObjectOutputStream(s.getOutputStream());
System.out.println("Please enter a passphrase:");
//asks user to enter their passphrase
System.out.println("Type your message: ");
//server retrieves the clients message
InputStreamReader message = new InputStreamReader(System.in);
BufferedReader console = new BufferedReader(message);
String message = null;
try {
secretMessage = console.readLine();
}
catch (IOException e) { message = "<" + e + ">";}
//gets the object from the sender
oin.readObject(signedobject);
SealedObject so = signedobject.getObject();
//retrieves the Sealed object
Public key = getKey(user);
Signature sig = Signature.getInstance("DSA");
sig.init(key);
sig.update();
//decrypting the object
SealedObject so = (SealedObject) oin.readObject();
Cipher cipher = Cipher.getInstance(algorithm);
if(sig.verify(key)){
verifies = true;
System.out.println("The signature has successfully verified");
System.out(secretMessage);
cipher.init(Cipher.DECRYPT_MODE, key);
SecretObject secretObject = (SecretObject) so.getObject(cipher);
//retrieves the original object with the necryption removed.
}
else{
System.out.println("The signature has failed to verify, please recheck your passphrase");
please let me know if you spot any other errors
cheers.