1

We have a requirement that require us to sign the parameters to certain critical functions in the application. The method invocations is done with RMI. My first thought was to build a wrapper class for the parameters and sign it using SignedObject. But this will lead to many wrapper objects.

Do anyone has any ideas on how to accomplish this in a more general way? maybe override sending and receiving functions in RMI and ad signing and verifying?

Improve this question
1
  • Don't forget to mention to management that this is not an easy assignment at all. You need a good key management scheme, design your own protocol, delve into cryptography and somehow prove that it is working and not vulnerable to attacks. Hopefully you don't have too many performance constraints, or you may run into trouble. Commented Jan 3, 2013 at 15:46

3 Answers 3

Reset to default
1

You can run RMI over SSL. There were a couple of JSRs from Sun to do this, but they were rejected by Expert Committee vote. SO now you have to pick a non-standard way, which I believe most app servers do.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Problem is, SSL is outside the application, and we are not allowed to rely on only that, we must also sign it manually. Lots and lost of layers here..
0

Is it not enough to authenticate the user that calls the method and grant him relevant privileges? this way you can pass any parameter that you want and you only have to verify once. You should be able to assume that if they can impersonate the user they can also use the code to sign the parameters.

Unless they get the parameters from somewhere else (from you originally maybe?), in which case if the parameters are Strings whomever creates the parameter value can just encrypt them using their private key and you can decrypt using a public key which means they are the ones who actually singed the parameter value. Wrapping all the parameters with a signed wrapper might have a high overhead.

Improve this answer

Comments

0

There are of course several methods of doing this. One is indeed to sign the stream of data. Another one is to sign the argument object instances and basic types encoded into a byte array. Both require that you would hook into the RMI at some point.

Probably better is to put the RMI service behind a SOAP service, e.g. as described here. You could then create a web-service. Once you have a web-service you could deploy WS-Security. In that case you can rely on a pre-defined and researched message format for tranport layer security.

Improve this answer

3 Comments

Answer in addition to Tom Hawtins answer to use SSL, which is probably the way to go for most readers, apparently except the original asker who has additional constraints.
Note that this is probably a good solution, but that does not mean it is an easy solution, prepare to do a lot of work. Possibly leave implementation and/or testing to a consultant.
I do not think we have the option to put up a SOAP layer between the RMI calls. You talk about hooking into RMI, do you have any idea on how to do this?

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.