shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Razvan Dragut (JIRA)" <>
Subject [jira] [Created] (SHIRO-304) Add support for object signing and sealing
Date Mon, 13 Jun 2011 22:11:47 GMT
Add support for object signing and sealing

                 Key: SHIRO-304
             Project: Shiro
          Issue Type: Wish
          Components: Specification API
            Reporter: Razvan Dragut
            Priority: Minor

Request :
Add API to allow signing and sealing an object. This can be supported by the existing Java
API ( javax.crypto.SealedObject and ).

Reasoning :
1. Shiro users will be able to use encryption and signing of objects using uniform API with
Shiro framework
2. Enforce/Suggest the correct way to sign and seal an object : Sign, then seal rather than
allow unnecessary bad practice of sealing first, then signing to happen. 

Real world scenario :
Sensitive information (E.g Credit Card details) being sent over the wire or being stored in
a database as a serialised object. 
In order to store the object in a DB or send it outside a secure environment, the object should
be signed, encrypted, serialised, sent/stored . Then, read/receive, deserialize, decrypt,
checked signature.

Initial ideas :

The class CipherService could provide methods for signing, checking signature, sealing and
unsealing. The CipherService class is stateless and I will omit the encryption keys parameters
at the moment as this require some careful thinking on what kind of keys one can use, keep
the verbosity at minimum and uniform API.

SignedObject CipherService.sign(Object o);
SealedObject CipherService.seal(Object o);
SealedObject CipherService.signAndSeal(Object o);
Object CipherService.unseal(SealedObject so); <-- this could automatically check for signature
if the unsealed object is of type SignedObject
boolean CipherService.checkSignature(SignedObject so);

Something to consider is whether signing and sealing should be part of the same class/service.
They are different actions with different semantics and the action/semantic of signing something
doesn't really make sense to sit in a class/service that encrypts/decrypts.

Any thoughts ?

This message is automatically generated by JIRA.
For more information on JIRA, see:


View raw message