[cap-talk] introducers

Wed Mar 12 03:23:47 EDT 2008

I read on the wikipedia that there were things called "introducers."   
I would like to find out the details of what introducers are.  My idea  
of what an introducer is something like the below.  If someone has a  
better introducer, let me know (like in E or Joe-E).  This code has  
never been compiled.

class Introducer {
	private Hashtable<String,RevocableSubject> users = new   
Hashtable<String,RevocableSubject>();
	public Introducer()
	}

	/**
	 * This is called once the user has a RevocableSubject.   To get a  
RevocableSubject, you must have an Account.  To have an Account, you  
need a name, password and image match.  The user is not allowed to  
change the Account information in the RevocableSubject (yet)--but I'm  
worried about serialized objects.  Seems like a security hole.  I  
guess it's best to not keep RevocableSubjects around for very long.
	 */
	public void introduceMe(final RevocableSubject requestor, String  
recipientAccount) {
		// no changes to requestor allowed on another thread
		synchronized(requestor) {
			RevocableSubject copy = requestor.clone();
		}
		users.put(copy.getName(), copy);
		ACapabilitySendingCapability cap = new  
ACapabilitySendingCapability(copy);
		// the requestor cannot change the sender, because the Account is  
final in the RevocableSubject class, and the requestor doesn't have  
access to the capability in the first place.
		RevocableSubject s = users.get(recipientAccount);
		s.sendCapability(cap);

	}
	public boolean authenticate(final RevocableSubject s) throw  
BadAccountExcpetion {
		RevocableSubject ns = users.get(s.getName());
		if (ns == null) (
			// handle DOS and spammers by requiring they match an image to get  
an account.  See below	
			users.put(s.getName(), s);
			return true;
		}
		if  (!s.getAccount().equals(ns.getAccount()) {
				s.revoke();
				throw new BadAccountException();
		}
	}
	public List<String> search(String recipientAccountPattern) {
		// database routines to get account names
	}
	public void revokeUserAccount(RevocableSubject s) {
			users.remove(s.getName());
	}
}

class Account {
	private final String name;
	private final String hashedPassword;
	public Account(String requestorName, char [] requestorPassword,  
String guessedImagePattern, String imagePattern, Introducer  
introducer) throws BadAccountException {
		hashedPassword = requestorPassword.hashCode();
		name = requestorName;
		if (!guessedImagePattern.equals(presentedImagePattern)) {
				throw new BadAccountException();
		}
	}
	public boolean equals(Account a) {
		name.equals(a.name) || hashedPassword).equals(a.hashedPassword)
	}
	public void getName() {
		return name;
	}
}

final class RevocableSubject {	
	final private Account account;
	private boolean revoked = false;
	private Vector<ACapabilitySendingCapability> caps = new  
Vector<ACapabilitySendingCapability>();
	private RevocableSubject() {};
	public RevocableSubject(final Account account, Introducer introducer)  
throws BadAccountException, NoServiceException {
		if (account == null) {
			revoke();
			throw new BadAccountException();
		}
		if (introducer == null) {
			revoke();
			throw new NoServiceException();
		}
		this.account = account;
		introducer.authenticate(this);
	}
	public Account getAccount() {
		return this.account;
	}
	public String getName() {
		return this.account.getName();
	}
	public void sendCapability(ACapabilitySendingCapability cap) {
		if (!revoked) {
			caps.add(cap);
		}
	}
	public ACapabilitySendingCapability getNextCap() {
		if (!revoked) {
			return caps.remove(0);
		}
	}
	public void revoke() 	{
		revoke = true;
		caps.removeAll();
	}
}

class ACapabilitySendingCapability {
	private final RevocableSubject s;
	public ACapabilitySendingCapability(RevocableSubject s) {
		this.s = s;
	}
	public void sendBack(ACapabilitySendingCapability c) {
		s.sendCapability(c);
	}
}

So I might define a method like

void introduce(String bob,  char [] bobsPassword) {
		Introducer introducer = new Introducer();
		Account a = new Account(bob, bobsPassword, "23df939", "23df939",  
introducer);
		RevocableSubject s = new RevocableSubject(a, introducer);
		introducer.introduceMe(s, "Carol");
}

On the receiving side, there might be a thread like for auto accept  
introductions.

class Receive extends Thread {
	public void run() {
		Introducer introducer = new Introducer();
		Account a = new Account("Carol", new char []  
{'p','a','s','s','w','d'}, "123fdsf33", "123fdsf33", introducer);
		RevocableSubject s = new RevocableSubject(a, introducer);
		while (true) {
			ACapabilitySendingCapability cap = s.getNextCap();
			cap.sendBack(new ACapabilitySendingCapability(s));
		}
	}
}