Ejemplo n.º 1
0
        public void testPrepareUnsignedCertificate()
        {
            MemoryIdentityStorage   identityStorage   = new MemoryIdentityStorage();
            MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage();
            IdentityManager         identityManager   = new IdentityManager(identityStorage,
                                                                            privateKeyStorage);
            Name keyName = new Name("/test/ksk-1457560485494");

            identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA,
                                   new Blob(PUBLIC_KEY, false));

            ArrayList subjectDescriptions = new ArrayList();

            ILOG.J2CsMapping.Collections.Collections.Add(subjectDescriptions, new CertificateSubjectDescription(TEST_OID,
                                                                                                                "TEST NAME"));
            IdentityCertificate newCertificate = identityManager
                                                 .prepareUnsignedIdentityCertificate(keyName,
                                                                                     keyName.getPrefix(1), toyCertNotBefore,
                                                                                     toyCertNotAfter, subjectDescriptions);

            // Update the generated certificate version to equal the one in toyCert.
            newCertificate.setName(new Name(newCertificate.getName().getPrefix(-1)
                                            .append(toyCert.getName().get(-1))));

            // Make a copy to test encoding.
            IdentityCertificate certificateCopy = new IdentityCertificate(
                newCertificate);

            Assert.AssertEquals(
                "Prepared unsigned certificate dump does not have the expected format",
                "" + toyCert, "" + certificateCopy);
        }
Ejemplo n.º 2
0
        public void testCertificateAddDelete()
        {
            Name identityName = new Name("/TestIdentityStorage/Identity")
                                .appendVersion((long)getNowSeconds());

            identityManager.createIdentityAndCertificate(identityName,
                                                         net.named_data.jndn.security.KeyChain.getDefaultKeyParams());
            Name keyName1 = identityManager
                            .getDefaultKeyNameForIdentity(identityName);
            IdentityCertificate cert2 = identityManager.selfSign(keyName1);

            identityStorage.addCertificate(cert2);
            Name certName2 = cert2.getName();

            Name certName1 = identityManager
                             .getDefaultCertificateNameForIdentity(identityName);

            Assert.AssertFalse(
                "New certificate was set as default without explicit request",
                certName1.equals(certName2));

            identityStorage.deleteCertificateInfo(certName1);
            Assert.AssertTrue(identityStorage.doesCertificateExist(certName2));
            Assert.AssertFalse(identityStorage.doesCertificateExist(certName1));

            keyChain.deleteIdentity(identityName);
            Assert.AssertFalse(identityStorage.doesCertificateExist(certName2));
        }
Ejemplo n.º 3
0
        /// <summary>
        /// Get the default certificate from the identity storage and return its name.
        /// If there is no default identity or default certificate, then create one.
        /// </summary>
        ///
        /// <returns>The default certificate name.</returns>
        private Name prepareDefaultCertificateName()
        {
            IdentityCertificate signingCertificate = identityManager_
                                                     .getDefaultCertificate();

            if (signingCertificate == null)
            {
                setDefaultCertificate();
                signingCertificate = identityManager_.getDefaultCertificate();
            }

            return(signingCertificate.getName());
        }
Ejemplo n.º 4
0
        /// <summary>
        /// Add a certificate to the identity storage. Also call addKey to ensure that
        /// the certificate key exists. If the certificate is already installed, don't
        /// replace it.
        /// </summary>
        ///
        /// <param name="certificate"></param>
        public sealed override void addCertificate(IdentityCertificate certificate)
        {
            Name certificateName = certificate.getName();
            Name keyName         = certificate.getPublicKeyName();

            addKey(keyName, certificate.getPublicKeyInfo().getKeyType(),
                   certificate.getPublicKeyInfo().getKeyDer());

            if (doesCertificateExist(certificateName))
            {
                return;
            }

            // Insert the certificate.
            try {
                PreparedStatement statement = database_
                                              .prepareStatement("INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data) "
                                                                + "values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)");
                statement.setString(1, certificateName.toUri());

                Name signerName = net.named_data.jndn.KeyLocator.getFromSignature(
                    certificate.getSignature()).getKeyName();
                statement.setString(2, signerName.toUri());

                String keyId    = keyName.get(-1).toEscapedString();
                Name   identity = keyName.getPrefix(-1);
                statement.setString(3, identity.toUri());
                statement.setString(4, keyId);

                // Convert from milliseconds to seconds since 1/1/1970.
                statement.setLong(5,
                                  (long)(Math.Floor(certificate.getNotBefore() / 1000.0d)));
                statement.setLong(6,
                                  (long)(Math.Floor(certificate.getNotAfter() / 1000.0d)));

                // wireEncode returns the cached encoding if available.
                statement.setBytes(7, certificate.wireEncode().getImmutableArray());

                try {
                    statement.executeUpdate();
                } finally {
                    statement.close();
                }
            } catch (SQLException exception) {
                throw new SecurityException("BasicIdentityStorage: SQLite error: "
                                            + exception);
            }
        }
Ejemplo n.º 5
0
        /// <summary>
        /// Add a certificate to the identity storage. Also call addKey to ensure that
        /// the certificate key exists. If the certificate is already installed, don't
        /// replace it.
        /// </summary>
        ///
        /// <param name="certificate"></param>
        public override void addCertificate(IdentityCertificate certificate)
        {
            Name certificateName = certificate.getName();
            Name keyName         = certificate.getPublicKeyName();

            addKey(keyName, certificate.getPublicKeyInfo().getKeyType(),
                   certificate.getPublicKeyInfo().getKeyDer());

            if (doesCertificateExist(certificateName))
            {
                return;
            }

            // Insert the certificate.
            ILOG.J2CsMapping.Collections.Collections.Put(certificateStore_, certificateName.toUri(), certificate.wireEncode());
        }
Ejemplo n.º 6
0
        public void testStress()
        {
            Name identityName = new Name("/TestSecPublicInfoSqlite3/Delete")
                                .appendVersion((long)getNowSeconds());

            // ndn-cxx returns the cert name, but the IndentityManager docstring
            // specifies a key.
            Name certName1 = keyChain.createIdentityAndCertificate(identityName);
            Name keyName1  = net.named_data.jndn.security.certificate.IdentityCertificate
                             .certificateNameToPublicKeyName(certName1);
            Name keyName2 = keyChain.generateRSAKeyPairAsDefault(identityName);

            IdentityCertificate cert2 = identityManager.selfSign(keyName2);
            Name certName2            = cert2.getName();

            identityManager.addCertificateAsDefault(cert2);

            Name keyName3             = keyChain.generateRSAKeyPairAsDefault(identityName);
            IdentityCertificate cert3 = identityManager.selfSign(keyName3);
            Name certName3            = cert3.getName();

            identityManager.addCertificateAsDefault(cert3);

            IdentityCertificate cert4 = identityManager.selfSign(keyName3);

            identityManager.addCertificateAsDefault(cert4);
            Name certName4 = cert4.getName();

            IdentityCertificate cert5 = identityManager.selfSign(keyName3);

            identityManager.addCertificateAsDefault(cert5);
            Name certName5 = cert5.getName();

            Assert.AssertTrue(identityStorage.doesIdentityExist(identityName));
            Assert.AssertTrue(identityStorage.doesKeyExist(keyName1));
            Assert.AssertTrue(identityStorage.doesKeyExist(keyName2));
            Assert.AssertTrue(identityStorage.doesKeyExist(keyName3));
            Assert.AssertTrue(identityStorage.doesCertificateExist(certName1));
            Assert.AssertTrue(identityStorage.doesCertificateExist(certName2));
            Assert.AssertTrue(identityStorage.doesCertificateExist(certName3));
            Assert.AssertTrue(identityStorage.doesCertificateExist(certName4));
            Assert.AssertTrue(identityStorage.doesCertificateExist(certName5));

            identityStorage.deleteCertificateInfo(certName5);
            Assert.AssertFalse(identityStorage.doesCertificateExist(certName5));
            Assert.AssertTrue(identityStorage.doesCertificateExist(certName4));
            Assert.AssertTrue(identityStorage.doesCertificateExist(certName3));
            Assert.AssertTrue(identityStorage.doesKeyExist(keyName2));

            identityStorage.deletePublicKeyInfo(keyName3);
            Assert.AssertFalse(identityStorage.doesCertificateExist(certName4));
            Assert.AssertFalse(identityStorage.doesCertificateExist(certName3));
            Assert.AssertFalse(identityStorage.doesKeyExist(keyName3));
            Assert.AssertTrue(identityStorage.doesKeyExist(keyName2));
            Assert.AssertTrue(identityStorage.doesKeyExist(keyName1));
            Assert.AssertTrue(identityStorage.doesIdentityExist(identityName));

            keyChain.deleteIdentity(identityName);
            Assert.AssertFalse(identityStorage.doesCertificateExist(certName2));
            Assert.AssertFalse(identityStorage.doesKeyExist(keyName2));
            Assert.AssertFalse(identityStorage.doesCertificateExist(certName1));
            Assert.AssertFalse(identityStorage.doesKeyExist(keyName1));
            Assert.AssertFalse(identityStorage.doesIdentityExist(identityName));
        }
Ejemplo n.º 7
0
        /// <summary>
        /// Insert the certificate into the cache. Assumes the timestamp is not yet
        /// removed from the name.
        /// </summary>
        ///
        /// <param name="certificate">The certificate to copy and insert.</param>
        public void insertCertificate(IdentityCertificate certificate)
        {
            Name certName = certificate.getName().getPrefix(-1);

            ILOG.J2CsMapping.Collections.Collections.Put(cache_, certName.toUri(), certificate.wireEncode());
        }