New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added curve-authentication #445

Merged
merged 2 commits into from Jan 5, 2017

Conversation

Projects
None yet
2 participants
@dertom95
Contributor

dertom95 commented Jan 5, 2017

I took czmq as base and tried to adapt curve-authentication to jzmq. I made some test-cases, so that might be the best start trying to follow what I did. Feel free to comment. Cheers....

Here some howtos:

You can specify the directory,where your certificates (in ZMP-Format) are located,like this:

auth.configureCurve(".curve");

Create a certificate and save it to disk like this:

		    ZCert client_cert = new ZCert();
		    client_cert.setMeta("name", "Client test certificate");
		    client_cert.savePublic(".curve/testcert.pub");
                    //client_cert.saveSecret(".curve/testcert.secret");

Create Server-Socket:

		    //  Create and bind server socket
		    ZMQ.Socket server = ctx.createSocket(ZMQ.PUSH);
		    server.setZAPDomain("global".getBytes());
		    server.setCurveServer(true);
		    server.setCurvePublicKey(server_cert.getPublicKey());
		    server.setCurveSecretKey(server_cert.getSecretKey());
		    server.bind("tcp://*:9000");

Create a client:

		    //  Create and connect client socket
		    ZMQ.Socket client = ctx.createSocket(ZMQ.PULL);
		    client.setCurvePublicKey(client_cert.getPublicKey());
		    client.setCurveSecretKey(client_cert.getSecretKey());
		    client.setCurveServerKey(server_cert.getPublicKey());
		    client.connect("tcp://127.0.0.1:9000");

dertom95 added some commits Jan 3, 2017

added curve-authentication checking the public key of the connecting …
…socket with a basic certification-store

For this the new classes ZCert,ZCertStore were created.
@trevorbernard

This comment has been minimized.

Show comment
Hide comment
@trevorbernard

trevorbernard Jan 5, 2017

Member

Love it!

Member

trevorbernard commented Jan 5, 2017

Love it!

@trevorbernard trevorbernard merged commit e43e4dc into zeromq:master Jan 5, 2017

1 check failed

continuous-integration/travis-ci/pr The Travis CI build could not complete due to an error
Details
@dertom95

This comment has been minimized.

Show comment
Hide comment
@dertom95

dertom95 Jan 5, 2017

Contributor

Did you see the travis-tests for open-jdk6 didn't finish? At least not in this pullrequest. But ran through after your merge!? The test seemed to block, so I will add some timeouts to be sure. Additionally I just saw, that on curve-authentication the certificate-folder is scanned twice. Will fix this and create another pull-request.

Contributor

dertom95 commented Jan 5, 2017

Did you see the travis-tests for open-jdk6 didn't finish? At least not in this pullrequest. But ran through after your merge!? The test seemed to block, so I will add some timeouts to be sure. Additionally I just saw, that on curve-authentication the certificate-folder is scanned twice. Will fix this and create another pull-request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment