Beispiel #1
0
        /// <summary>
        /// Add a certificate to the identity storage. Also call addKey to ensure that
        /// the certificate key exists. If the certificate is already installed, don't
        /// replace it.
        /// </summary>
        ///
        /// <param name="certificate"></param>
        public sealed override void addCertificate(IdentityCertificate certificate)
        {
            Name certificateName = certificate.getName();
            Name keyName         = certificate.getPublicKeyName();

            addKey(keyName, certificate.getPublicKeyInfo().getKeyType(),
                   certificate.getPublicKeyInfo().getKeyDer());

            if (doesCertificateExist(certificateName))
            {
                return;
            }

            // Insert the certificate.
            try {
                PreparedStatement statement = database_
                                              .prepareStatement("INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data) "
                                                                + "values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)");
                statement.setString(1, certificateName.toUri());

                Name signerName = net.named_data.jndn.KeyLocator.getFromSignature(
                    certificate.getSignature()).getKeyName();
                statement.setString(2, signerName.toUri());

                String keyId    = keyName.get(-1).toEscapedString();
                Name   identity = keyName.getPrefix(-1);
                statement.setString(3, identity.toUri());
                statement.setString(4, keyId);

                // Convert from milliseconds to seconds since 1/1/1970.
                statement.setLong(5,
                                  (long)(Math.Floor(certificate.getNotBefore() / 1000.0d)));
                statement.setLong(6,
                                  (long)(Math.Floor(certificate.getNotAfter() / 1000.0d)));

                // wireEncode returns the cached encoding if available.
                statement.setBytes(7, certificate.wireEncode().getImmutableArray());

                try {
                    statement.executeUpdate();
                } finally {
                    statement.close();
                }
            } catch (SQLException exception) {
                throw new SecurityException("BasicIdentityStorage: SQLite error: "
                                            + exception);
            }
        }
Beispiel #2
0
        /// <summary>
        /// Add a new member with the given memberCertificate into a schedule named
        /// scheduleName. If cert is an IdentityCertificate made from memberCertificate,
        /// then the member's identity name is cert.getPublicKeyName().getPrefix(-1).
        /// </summary>
        ///
        /// <param name="scheduleName">The schedule name.</param>
        /// <param name="memberCertificate">The member's certificate.</param>
        /// <exception cref="GroupManagerDb.Error">If there's no schedule named scheduleName, ifthe member's identity name already exists, or other database error.</exception>
        /// <exception cref="DerDecodingException">for error decoding memberCertificate as acertificate.</exception>
        public void addMember(String scheduleName, Data memberCertificate)
        {
            IdentityCertificate cert = new IdentityCertificate(memberCertificate);

            database_.addMember(scheduleName, cert.getPublicKeyName(), cert
                                .getPublicKeyInfo().getKeyDer());
        }
        /// <summary>
        /// Add a certificate to the identity storage. Also call addKey to ensure that
        /// the certificate key exists. If the certificate is already installed, don't
        /// replace it.
        /// </summary>
        ///
        /// <param name="certificate"></param>
        public override void addCertificate(IdentityCertificate certificate)
        {
            Name certificateName = certificate.getName();
            Name keyName         = certificate.getPublicKeyName();

            addKey(keyName, certificate.getPublicKeyInfo().getKeyType(),
                   certificate.getPublicKeyInfo().getKeyDer());

            if (doesCertificateExist(certificateName))
            {
                return;
            }

            // Insert the certificate.
            ILOG.J2CsMapping.Collections.Collections.Put(certificateStore_, certificateName.toUri(), certificate.wireEncode());
        }
Beispiel #4
0
        public void testCreateDKeyData()
        {
            // Create the group manager.
            GroupManager manager = new GroupManager(new Name("Alice"), new Name(
                                                        "data_type"), new Sqlite3GroupManagerDb(
                                                        dKeyDatabaseFilePath.FullName), 2048, 1, keyChain);

            Blob newCertificateBlob            = certificate.wireEncode();
            IdentityCertificate newCertificate = new IdentityCertificate();

            newCertificate.wireDecode(newCertificateBlob);

            // Encrypt the D-KEY.
            Data data = friendAccess.createDKeyData(manager, "20150825T000000",
                                                    "20150827T000000", new Name("/ndn/memberA/KEY"),
                                                    decryptKeyBlob, newCertificate.getPublicKeyInfo().getKeyDer());

            // Verify the encrypted D-KEY.
            Blob dataContent = data.getContent();

            // Get the nonce key.
            // dataContent is a sequence of the two EncryptedContent.
            EncryptedContent encryptedNonce = new EncryptedContent();

            encryptedNonce.wireDecode(dataContent);
            Assert.AssertEquals(0, encryptedNonce.getInitialVector().size());
            Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
                                encryptedNonce.getAlgorithmType());

            Blob          blobNonce     = encryptedNonce.getPayload();
            EncryptParams decryptParams = new EncryptParams(
                net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep);
            Blob nonce = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptKeyBlob, blobNonce,
                                                                               decryptParams);

            // Get the D-KEY.
            // Use the size of encryptedNonce to find the start of encryptedPayload.
            ByteBuffer payloadContent = dataContent.buf().duplicate();

            payloadContent.position(encryptedNonce.wireEncode().size());
            EncryptedContent encryptedPayload = new EncryptedContent();

            encryptedPayload.wireDecode(payloadContent);
            Assert.AssertEquals(16, encryptedPayload.getInitialVector().size());
            Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc,
                                encryptedPayload.getAlgorithmType());

            decryptParams.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc);
            decryptParams.setInitialVector(encryptedPayload.getInitialVector());
            Blob blobPayload  = encryptedPayload.getPayload();
            Blob largePayload = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(nonce, blobPayload,
                                                                                      decryptParams);

            Assert.AssertTrue(largePayload.equals(decryptKeyBlob));
        }