Thursday, March 27, 2014

Create self signed SSL certificates with crl/ocsp X509 Extensions using openssl

Posted by Sudheera Palihakkara On 12:57 AM

(image source : https://ssl.trustwave.com/support/support-how-ssl-works.php)

In order to test Ocsp/Crl validation we need to send the client request with ssl certificates that have information about CRL and OCSP. For that we can add authorityInfoAccess and crlDistributionPoints extensions to certificates. Here I'm using openssl tool on linux terminal to create required certificates.

what we need to create:


step 1. RSA key to root CA
step 2. Root CA certificate
step 3.  RSA key to subordinate(client)
step 4.  subordinate certificate
and then we can get the subordinate signed by root CA.

step 1
create 4096 long RSA key names ca.key

openssl genrsa -out ca.key 4096

step 2
create root CA using the generated key. Enter following line and provide information for your root CA that may be asked.

openssl req -new -x509 -days 1826 -key ca.key -out ca.crt 

step 3
create RSA key for subordinate

openssl genrsa -out ia.key 4096   

step 4

openssl req -new -key ia.key -out ia.csr

Ok. Now we have to add the required extension before giving Certificate Signing Request. First create a file named my.cnf with the following data.

authorityInfoAccess = OCSP;URI: http://ocsp.digicert.com
crlDistributionPoints=URI:http://crl3.digicert.com/ca3-g17.crl

Now we can execute following command with the extension of above created file.

openssl x509 -req -days 730 -in ia.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out ia.crt -extfile my.cnf

we have ia.crt certificate signed by ca.crt .

Next blog post will be about how to test the ocsp/crl verification at the transport listener using CURL.

resources :
http://blog.didierstevens.com/2008/12/30/howto-make-your-own-cert-with-openssl/
http://stackoverflow.com/questions/11966123/howto-create-a-certificate-using-openssl-including-a-crl-distribution-point/12023746#12023746

Wednesday, March 26, 2014

WSO2 ESB OCSP/CRL Verification implementation in transport Listner

Posted by Sudheera Palihakkara On 11:25 PM





 (image source : http://support.f5.com/techdocs/home/bigip/manuals/bigip4_5/bigip4_5features/images/BIGip_OCSPa.gif)

During the SSL handshake a server invokes OCSP/CRL protocols to verify that the client’s X509 Certificate is not revoked by its issuer. Those protocols needs to make a http call to servers at CA in order to do the verification.  The responses include information about the revocation of the certificates. The SSL connection can’t be establish any further if the response indicate that the certificates are revoked. If not then the server can perform the SSL handshake.

In ESB 4.8.1 this feature is already implemented for transport sender. I have implemented it for the transport listener.

In order to enable this feature you have to add the following configuration to “Transport Ins (Listeners)”  section in axis2.xml file.


<parameter name="SSLVerifyClient">require</parameter>
            <!--supports optional|require or defaults to none -->
        <parameter name="CertificateRevocationVerifier" enable="true">
                <CacheSize>50</CacheSize>
                <!-- In minutes -->
                <CacheDelay>1</CacheDelay>
 </parameter>

There is automatically managed cache associated with both ocsp and crl verifications. 

Testing ocsp/crl validation by creating self signed certificates will be explained in next blog post.

Monday, January 21, 2013

TankGame 03 - Java 2D game development tutorial with Slick, MarteEngine, Lwjgl

Posted by Sudheera Palihakkara On 7:50 AM


Now we have configured the environment,(If not, please refer the previous post) so we can create the game world with the entities in it. In my Netbeans project I have several Java classes representing various entities in the game. First we need to setup the "game world" which contains  all the players, blocks etc, 

So for the game application we need several types of java classes to handle various  tasks of the game. In my project I have divided the entire task into four parts. This approach is makes life easy for programmer. I have four software packages in my project.

Communicator package handles the communication and provide interface to get/send data for the rest of program. Configuration package contain all the configuration data including socket numbers foe communication etc. All the entities we have used in the application are list under the entities package. Game world class and other main classes are located inside the other package.

  OK now let's do coding. You can take a look at the code developed so far by me by following this link : github


First Step : Create the game container

The class with the main method (view here)should look like this way. It should extend the StateBasedGame. And in the main method it should initiate a  Application game container like this.


 AppGameContainer app = new AppGameContainer(new TankGametest02_GUI("Tank Game"));  

And then we can set the display mode of the game window, and the refresh rate. after that we can start the application.


 app.setDisplayMode(1280, 650, false);  
 app.setTargetFrameRate(60);  
 app.start();  

When we  start the game we need to initiate some sates, like load some configuration data into the program or load images from storage which we plan to include in the game later. This requirements can be achieved by overriding the method  initStatesList() .


1:    @Override  
2:    public void initStatesList(GameContainer gc) throws SlickException {  
3:      try {  
4:        ResourceManager.loadResources("data/resources.xml");  
5:        config.loadData();  
6:      } catch (IOException ex) {  
7:        Logger.getLogger(TankGametest02_GUI.class.getName()).log(Level.SEVERE, null, ex);  
8:      }  
9:      addState(new GameWorld(GAME_STATE, gc));  
10:      enterState(GAME_STATE);  
11:    }  

In line number 4, I have loaded the images using resource manager, take a look at the resources.xml file here. And  in the 5th line I have initiate the variables in config class using the configuration data entered in configuration property file located inside the configuration folder. take a look. That's all for this class. It just creates the game container and starts it.



Second Step : Create the game world
  
We need a "world" for all these tanks, bricks, stones and all to live in.  So here we create the GameWorld class by extending world class. 

Here in this class we need to override several methods in order to keep up the functionalists of the game world. These methods are called by the game engine so we don't have to worry about it.

1. Enter the game. Here in this example enter method doesn't do anything useful.

   @Override  
   public void enter(GameContainer container, StateBasedGame game) throws SlickException {  
     super.enter(container, game);  
   }  

2. Initi() method can be used to initiate game world details. I have used it here to create the background image(Load from the resource manager) and set up the bricks, stones and water in the tanks game.(non moveable objects)

 @Override  
   public void init(GameContainer gc, StateBasedGame game) throws SlickException {  
     super.init(gc, game);  
     gc.setAlwaysRender(true);  
     gc.setUpdateOnlyWhenVisible(false);  
     //create background  
     createBackground();  
     container.setAlwaysRender(true);  
     try {  
       setup(game);  
     } catch (IOException ex) {  
       Logger.getLogger(GameWorld.class.getName()).log(Level.SEVERE, null, ex);  
       System.out.println("IOException @setup()" + ex.toString());  
     }  
   }  

3. render method will render graphics you can draw images, lines, text etc which will render throughout the game. I rendered the background and the grid.
   @Override  
   public void render(GameContainer gc, StateBasedGame game, Graphics g) throws SlickException {  
     //render background  
     g.drawImage(background, 0, -130);  
     g.drawImage(arenaImage, 20, 20);  
     super.render(gc, game, g);  
     //render Points table  
     setPointsTable(g);  
   }  


4.This is the most important method. The update method will be called by the game engine while the game is running couple of milliseconds apart. Number of milliseconds between two calls to the update method is given by delta, which send as an parameter to the update method by the engine. Inside this method we can specify the thing we want to do during the game time.

   @Override  
   public void update(GameContainer gc, StateBasedGame game, int delta) throws SlickException {  
     super.update(gc, game, delta);  
     String reciveData = com.reciveData();  
     String[] section = reciveData.split(":");  
     if (section[0].equals("C")) {  
       setCoins(section);  
     } else if (section[0].equals("L")) {  
       setLifePacks(section);  
     } else if (section[0].equals("G")) {  
       updatePlayers(section);  
     }  
   }  

All other methods for just keep above four method body clean and simple.

So I guess that's all for this post, we will discuss about entities in the next post... :-)


 

Monday, November 12, 2012

TankGame 02 - Slick, MarteEngine, Lwjgl Setup - Java 2D game development

Posted by Sudheera Palihakkara On 11:43 AM


Lets keep AI algorithm and the game logic aside for a while and focus on the Game interface in this post. I'm using Slick + MarteEngine +Light Weight Java Game Library(lwgjl) combination for this project. So this post and the future posts will be kind of Silk game developing tutorials. That's a good thing because these engins,libraries are not commonly used and tutorials are hard to find. Jmonkey is also a good game engine but as I heard it is biased towards 3D game developing and we don't need that. Since we're coding with Java we can't use XNA framework either.

First of all we need to include these libraries to our project. I'm developing this project with Netbeans, so here I'll explain the steps you should follow in oder to setup the environment first.  Eclipse users please google it, it's not hard to do it with eclipse. However with my x64 bit computer I spent like 48 hours to find a way to get these things to work. I'll explain the standard way and later I can give this special bundle for x64 bit users.

Slick

1. Download and extract the library from :  Link
2. Open netbeans, create new project, goto tools->libraries
3. Click on the button new library, and give name "Slick"
4. Click button add jar/folder and browse the extracted folder and go to the folder "lib" and choose all files except "slick.jar" and "slick-util-src.zip" and then click add.
5. In source tab add the folder "src" which located inside the extracted folder. And do the same for Javadoc tab(folder is named "javadoc").

Marte Engine

1. Download ans extract from : Link
2. Create the new library named "marte" like we did before(step 3 above)
3. add marteEngine.jar and src folder in classpath and sources tabs.


setup the project

1. Go to project properties. (RightClick - > Properties)
2. In left side choose libraries.
3. Under the "compile" tab click on add library and add "marte" library we just created.
4.Click on add jar/Folder and add Slick.jar which we left at step 4 of slick setting
5. In "Run" tab add the "slick" library.
6. Now choose 'run' from the left side panel()  and for the 'VM Options' you should enter the following line :
-Djava.library.path="F:\Tank Game\Libraries\lwjgl-2.8.4\lwjgl-2.8.4\native\windows" 

Here as the path I've given the path to "\native\windows" folder.  You have to browse the path according to your folder and paste it as the path.

And that's all. Now we have setup our environment. Here's my netbeans project folder that I'm currently working on. (It contains a half-game from a tutorial on youtube). Download it and import to netbeans and follow above steps. (If you already added the libraries then you have to follow "setup the project" part only).


Now run the spaceshooter.java file. If you get a new window and a space-ship in it, then you have done everything correctly so far. If not you have to go through above all steps and make it done. If your system is x64 bit then don't worry there's an issue with the lwgjl library for x64 systems. x64 users can follow these steps instead.

For x64 users 

I should give credit to Mr. Stefan Hendriks for sharing this wonderful method with us. I almost spent a whole day trying crack this one. here's the original post.
 
Download this special 64 version of lwgjl : Download

 1. In netbeans goto tools-> libraries and delete the slick library we created earlier.
2.  Create new "slick" library and add everything(to classpath tab) except slick.jar in the "slick\lib" folder of the downloaded folder. And the Java doc and src as we did earlier.
3.  Create a new library called "lwgjl" and add everything inside the "lwgjl\lib" folder of the downloaded folder to the classpath tab. And add src and Javadoc accordinly.
4. Then repeat the setup the project steps, but at the step 4 add the slick.jar located in the "\slick\lib" of the downloaded folder, and at the step 6 you should set the path of "\native\windows" folder that is located inside of the downloaded folder.
5. Don't forget to add the "lwgjl" library to compile tab.

This is how is should look


Now everything should be working nicely. That's it for now, soon we'll be developing the Tank Game world and players, hopefully. thanks.

Any problem with the post? please leave a comment.

Sunday, October 28, 2012

TankGame 01 - Communicating with the Server

Posted by Sudheera Palihakkara On 9:57 AM


This blog post is more like a log than a tutorial. Here I'm logging the steps I followed while creating the AI player for the TankGame which provided as a 2nd year project. I will provide every single detail with this post and the future posts, so if anyone interested in following this as a tutorial he/she will get a chance.


First of all I should explain whats required to do in this project. We are provided with a Server application which hosts the TankGame (something like this). Our task is to program an AI player program in order it can win over the other players(4 other). 


Downloads:

Introduction to game : download
Server program(for practicing purposes) : download
Information about above Sever program : download

Get server Program running :  Unzip the Downloaded server program, a c# project folder. You have to open MS Visual Studio and open this project. (Or double click on the C# project file located in  ...\Server_v3.2.0.1\lk.ac.mrt.cse.pc11 named lk.ac.mrt.cse.pc11). Then by pressing F5 key you can run the server. 
  
Now we have the Server program, so we should create the client program. The client and the server programs should be able to communicate with each other. So we need to create the socket connections. In server program configuration file it is configured as the server port as 6000 and the client port as 7000 and the address as 127.0.0.1 .
 So according to the introduction slides in order to join the game, the client should send the msg "JOIN#" to the server. Here's the simple Java code for sending msgs to server. 




private BufferedWriter write;

Socket serversoc = new Socket("127.0.0.1", 6000);

write = new BufferedWriter(new OutputStreamWriter(serversoc.getOutputStream()));
write.write("JOIN#");
write.flush();

However, for this server program "flush()" method didn't work, So I had to use the "write.close()" instead.
 

Because of that we have to reopen the bufferedreader as well as the socket each time we want to send a msg, (Hope this server bug will repair soon and then I'll update the post ASAP).


Important :  For above code to work properly you should first run the Server program. Then using the GUI select(put a tick) the four dummies and then click start. The game will wait for the other player(your client) and will start as soon as you send the "JOIN#" msg.

OK. Now our target is to read  the server reply, For do this we should open the socket with the port number 7000. And then we can listen to that socket and receive the server replies. Following code will show a simple example but in your client program you should use a listener and do the job according to the msg arrival.  




private BufferedReader read;
ServerSocket clientserversoc = new ServerSocket(7000);
Socket clientsoc = clientserversoc.accept();
read = new BufferedReader(new InputStreamReader(clientsoc.getInputStream()));
System.out.println(read.readLine()); // do the job, I just print out the msg
read.close();

Again here I use "read.close()" because without that line it won't work. :-/.  Ok. thats it for today. Soon I'll post how to work with the game engine and the AI algorithms we're using for this program. Thank you.!

Thursday, April 5, 2012

Hacking JOSH - with virtual hardware

Posted by Sudheera Palihakkara On 12:28 PM



This post will extend the Hacking JOSH – Operating System Tutorial with some cool stuff. Some of the content of this post is based on the work done by Mr.Asiri Rathnayake.

Here I will show how to boot JOSH os in a virtual computer without using any hardware.(USB drive or floppy disk). Another advantage of using this method is you can develop and test it without rebooting your computer(host). All you need to do is rebooting the virtual computer.
_________________________________________________________

Wednesday, February 22, 2012

How to install & troubleshoot Apache Tomcat ( NetBeans and IDEA ) - Part 01

Posted by Sudheera Palihakkara On 10:36 AM

What is Tomcat ?
Tomcat is an open source servlet container and web server for java servlets and Java Server Pages(JSPs).

Installation guide for windows

1. Get tomcat
First you have to download the Binary Distribution from the apache website. Latest release is 7.0.25 But I would recommend 6.0.35 stable version. For windows download the appropriate bit distribution suit for your system.(32 bit or 64 bit)


Once you downloaded the binary distribution you can extract it and copy to a folder. I would recommend C:/Program Files.

Important : Your system should have installed netbeans 6.0(with web and Java EE) or higher and JDK latest version.

2. Configure
First we have to configure tomcat users and roles by editing  tomcat-users.xml located in the conf folder. (C:\Program Files\apache-tomcat-6.0.35\conf) 

Initially it would look look like this 

(click on the image to zoom)

Now you have to edit the tomcat-users.xml file as you wish.Ultimately it should look like following.

<?xml version='1.0' encoding='utf-8'?>
    <tomcat-users>
        <role rolename="manager"/>
        <role rolename="standard"/>
        <user username="admin" password="pwd" roles="standard,manager"/>
     </tomcat-users>
 
You can download the edited  tomcat-users.xml file (with above username and password ) here
Later you will need this username and password when adding server to netbeans.

3. Adding External Server

Then you have to add the server to netbeans. Start up netbeans as the first step.
Then find the service tab on the left hand side. If you can't find the services tab there, just hit Ctrl+5 or goto Windows->Services

Right click on Servers and click 'add server'


Then you will get 'Add server instance' window choose the appropriate server and hit next

In next window you have to specify the sever location. That is the extracted folder which is located inside program files folder. And you need to enter the username and password you added to the tomcat-users.xml file.

 
With that step you are done with installation. Good luck with your work. My next post is about some difficulties which I faced during installing tomcat. Thank you.


Follow by Email