Sign and verify method calls in Java

Question

We have a requirement that require us to sign the parameters to certain critical functions in the application. The method invocations is done with RMI. My first thought was to build a wrapper class for the parameters and sign it using SignedObject. But this will lead to many wrapper objects.

Do anyone has any ideas on how to accomplish this in a more general way? maybe override sending and receiving functions in RMI and ad signing and verifying?

Answer 1

You can run RMI over SSL. There were a couple of JSRs from Sun to do this, but they were rejected by Expert Committee vote. SO now you have to pick a non-standard way, which I believe most app servers do.

Answer 2

Is it not enough to authenticate the user that calls the method and grant him relevant privileges? this way you can pass any parameter that you want and you only have to verify once. You should be able to assume that if they can impersonate the user they can also use the code to sign the parameters.

Unless they get the parameters from somewhere else (from you originally maybe?), in which case if the parameters are Strings whomever creates the parameter value can just encrypt them using their private key and you can decrypt using a public key which means they are the ones who actually singed the parameter value. Wrapping all the parameters with a signed wrapper might have a high overhead.

Answer 3

There are of course several methods of doing this. One is indeed to sign the stream of data. Another one is to sign the argument object instances and basic types encoded into a byte array. Both require that you would hook into the RMI at some point.

Probably better is to put the RMI service behind a SOAP service, eg as described here . You could then create a web-service. Once you have a web-service you could deploy WS-Security . In that case you can rely on a pre-defined and researched message format for tranport layer security.