/// <summary>
        /// Create a KeyChain with the a default name and key pair.
        /// </summary>
        ///
        /// <param name="certificateName">Set certificateName[0] to the signing certificateName.</param>
        /// <returns>The KeyChain.</returns>
        /// <exception cref="System.Security.SecurityException"></exception>
        public static KeyChain buildKeyChain(Name[] certificateName)
        {
            MemoryIdentityStorage identityStorage = new MemoryIdentityStorage();
            MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage();
            KeyChain keyChain = new KeyChain(new IdentityManager(identityStorage,
                    privateKeyStorage),
                    new SelfVerifyPolicyManager(identityStorage));

            // initialize the storage with
            Name keyName = new Name("/testname/DSK-123");
            certificateName[0] = keyName.getSubName(0, keyName.size() - 1)
                    .append("KEY").append(keyName.get(-1)).append("ID-CERT")
                    .append("0");
            identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob(
                    DEFAULT_RSA_PUBLIC_KEY_DER, false));
            privateKeyStorage.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA,
                    DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER);

            return keyChain;
        }
        static void Main(string[] args)
        {
            var interest = new Interest();
              interest.wireDecode(new Blob(TlvInterest));
              Console.Out.WriteLine("Interest:");
              dumpInterest(interest);

              // Set the name again to clear the cached encoding so we encode again.
              interest.setName(interest.getName());
              var encoding = interest.wireEncode();
              Console.Out.WriteLine("");
              Console.Out.WriteLine("Re-encoded interest " + encoding.toHex());

              var reDecodedInterest = new Interest();
              reDecodedInterest.wireDecode(encoding);
              Console.Out.WriteLine("");
              Console.Out.WriteLine("Re-decoded Interest:");
              dumpInterest(reDecodedInterest);

              var freshInterest = new Interest(new Name("/ndn/abc"));
              freshInterest.setMinSuffixComponents(4);
              freshInterest.setMaxSuffixComponents(6);
              freshInterest.setInterestLifetimeMilliseconds(30000);
              freshInterest.setChildSelector(1);
              freshInterest.setMustBeFresh(true);
              freshInterest.getKeyLocator().setType(KeyLocatorType.KEY_LOCATOR_DIGEST);
              freshInterest.getKeyLocator().setKeyData
            (new Blob(new byte[] {
              0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
              0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F }));
              freshInterest.getExclude().appendComponent(new Name("abc").get(0)).appendAny();

              var identityStorage = new MemoryIdentityStorage();
              var privateKeyStorage = new MemoryPrivateKeyStorage();
              var keyChain = new KeyChain
            (new IdentityManager(identityStorage, privateKeyStorage),
              new SelfVerifyPolicyManager(identityStorage));

              // Initialize the storage.
              var keyName = new Name("/testname/DSK-123");
              var certificateName = keyName.getSubName(0, keyName.size() - 1).append
            ("KEY").append(keyName.get(-1)).append("ID-CERT").append("0");
              identityStorage.addKey(keyName, KeyType.RSA, new Blob(DEFAULT_RSA_PUBLIC_KEY_DER));
              privateKeyStorage.setKeyPairForKeyName
            (keyName, KeyType.RSA, new ByteBuffer(DEFAULT_RSA_PUBLIC_KEY_DER),
             new ByteBuffer(DEFAULT_RSA_PRIVATE_KEY_DER));

              // Make a Face just so that we can sign the interest.
              var face = new Face("localhost");
              face.setCommandSigningInfo(keyChain, certificateName);
              face.makeCommandInterest(freshInterest);

              Interest reDecodedFreshInterest = new Interest();
              reDecodedFreshInterest.wireDecode(freshInterest.wireEncode());
              Console.Out.WriteLine("");
              Console.Out.WriteLine("Re-decoded fresh Interest:");
              dumpInterest(reDecodedFreshInterest);

              VerifyCallbacks callbacks = new VerifyCallbacks("Freshly-signed Interest");
              keyChain.verifyInterest(reDecodedFreshInterest, callbacks, callbacks);
        }
Ejemplo n.º 3
0
        public void setUp()
        {
            MemoryIdentityStorage identityStorage = new MemoryIdentityStorage();
            MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage();
            keyChain = new KeyChain(new IdentityManager(identityStorage,
                    privateKeyStorage),
                    new SelfVerifyPolicyManager(identityStorage));

            // Initialize the storage.
            Name keyName = new Name("/testname/DSK-123");
            certificateName = keyName.getSubName(0, keyName.size() - 1)
                    .append("KEY").append(keyName.get(-1)).append("ID-CERT")
                    .append("0");
            try {
                identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob(
                        DEFAULT_RSA_PUBLIC_KEY_DER, false));
                privateKeyStorage.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA,
                        DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER);
            } catch (SecurityException ex) {
                // We don't expect this to happen.
                ILOG.J2CsMapping.Util.Logging.Logger.getLogger(typeof(TestLink).FullName).log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, null,
                        ex);
            }
        }
Ejemplo n.º 4
0
        public CredentialStorage()
        {
            this.identityStorage_ = new MemoryIdentityStorage();
            this.privateKeyStorage_ = new MemoryPrivateKeyStorage();
            this.keyChain_ = new KeyChain(new IdentityManager(
                    identityStorage_, privateKeyStorage_), new SelfVerifyPolicyManager(
                    identityStorage_));
            Name keyName = new Name("/testname/DSK-123");
            defaultCertName_ = keyName.getSubName(0, keyName.size() - 1)
                    .append("KEY").append(keyName.get(-1)).append("ID-CERT")
                    .append("0");

            Name ecdsaKeyName = new Name("/testEcdsa/DSK-123");
            ecdsaCertName_ = ecdsaKeyName.getSubName(0, ecdsaKeyName.size() - 1)
                    .append("KEY").append(ecdsaKeyName.get(-1)).append("ID-CERT")
                    .append("0");

            try {
                identityStorage_.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob(
                        DEFAULT_RSA_PUBLIC_KEY_DER, false));
                privateKeyStorage_.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA,
                        DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER);

            #if false // Skip ECDSA for now.
                identityStorage_.addKey(ecdsaKeyName, net.named_data.jndn.security.KeyType.ECDSA, new Blob(
                        DEFAULT_EC_PUBLIC_KEY_DER, false));
                privateKeyStorage_.setKeyPairForKeyName(ecdsaKeyName,
                        net.named_data.jndn.security.KeyType.ECDSA, DEFAULT_EC_PUBLIC_KEY_DER,
                        DEFAULT_EC_PRIVATE_KEY_DER);
            #endif
            } catch (SecurityException ex) {
                // Don't expect this to happen;
                System.Console.Out.WriteLine("Exception setting test keys: " + ex);
                identityStorage_ = null;
                privateKeyStorage_ = null;
            }
        }
        /**
         * Loop to encode a data packet nIterations times.
         * @param nIterations The number of iterations.
         * @param useComplex If true, use a large name, large content and all fields.
         * If false, use a small name, small content
         * and only required fields.
         * @param useCrypto If true, sign the data packet.  If false, use a blank
         * signature.
         * @param keyType KeyType.RSA or EC, used if useCrypto is true.
         * @param encoding Set encoding[0] to the wire encoding.
         * @return The number of seconds for all iterations.
         */
        private static double benchmarkEncodeDataSeconds(int nIterations, bool useComplex, bool useCrypto, KeyType keyType,
        Blob[] encoding)
        {
            Name name;
              Blob content;
              if (useComplex) {
            // Use a large name and content.
            name = new Name
              ("/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00");

            StringBuilder contentStream = new StringBuilder();
            int count = 1;
            contentStream.append(count++);
            while (contentStream.toString().Length < 1115)
              contentStream.append(" ").append(count++);
            content = new Blob(contentStream.toString());
              }
              else {
            // Use a small name and content.
            name = new Name("/test");
            content = new Blob("abc");
              }
              Name.Component finalBlockId =
            new Name.Component(new Blob(new byte[] { (byte)0 }));

              // Initialize the KeyChain storage in case useCrypto is true.
              MemoryIdentityStorage identityStorage = new MemoryIdentityStorage();
              MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage();
              KeyChain keyChain = new KeyChain
            (new IdentityManager(identityStorage, privateKeyStorage),
              new SelfVerifyPolicyManager(identityStorage));
              Name keyName = new Name("/testname/DSK-123");
              Name certificateName = keyName.getSubName(0, keyName.size() - 1).append
            ("KEY").append(keyName.get(-1)).append("ID-CERT").append("0");
              privateKeyStorage.setKeyPairForKeyName
              (keyName, KeyType.RSA, new ByteBuffer(DEFAULT_RSA_PUBLIC_KEY_DER),
            new ByteBuffer(DEFAULT_RSA_PRIVATE_KEY_DER));

              Blob signatureBits = new Blob(new byte[256]);
              Blob emptyBlob = new Blob(new byte[0]);

              double start = getNowSeconds();
              for (int i = 0; i < nIterations; ++i) {
            Data data = new Data(name);
            data.setContent(content);
            if (useComplex) {
              data.getMetaInfo().setFreshnessPeriod(30000);
              data.getMetaInfo().setFinalBlockId(finalBlockId);
            }

            if (useCrypto)
              // This sets the signature fields.
              keyChain.sign(data, certificateName);
            else {
              // Imitate IdentityManager.signByCertificate to set up the signature
              //   fields, but don't sign.
              KeyLocator keyLocator = new KeyLocator();
              keyLocator.setType(KeyLocatorType.KEYNAME);
              keyLocator.setKeyName(certificateName);
              Sha256WithRsaSignature sha256Signature =
            (Sha256WithRsaSignature)data.getSignature();
              sha256Signature.setKeyLocator(keyLocator);
              sha256Signature.setSignature(signatureBits);
            }

            encoding[0] = data.wireEncode();
              }
              double finish = getNowSeconds();

              return finish - start;
        }
        public void setUp()
        {
            policyConfigDirectory = net.named_data.jndn.tests.integration_tests.IntegrationTestsCommon
                    .getPolicyConfigDirectory();

            identityStorage = new MemoryIdentityStorage();
            privateKeyStorage = new MemoryPrivateKeyStorage();
            // Not using keychain for verification so we don't need to set the
            //   policy manager.
            keyChain = new KeyChain(new IdentityManager(identityStorage,
                    privateKeyStorage));
            identityName = new Name("/SecurityTestSecRule/Basic/Longer");

            Name keyName = new Name(identityName).append("ksk-2439872");
            defaultCertName = certNameFromKeyName(keyName);
            identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob(
                    DEFAULT_RSA_PUBLIC_KEY_DER, false));
            privateKeyStorage.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA,
                    DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER);

            keyName = new Name("/SecurityTestSecRule/Basic/ksk-0923489");
            identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob(
                    DEFAULT_RSA_PUBLIC_KEY_DER, false));
            privateKeyStorage.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA,
                    DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER);

            shortCertName = certNameFromKeyName(keyName, -2);

            net.named_data.jndn.security.policy.ConfigPolicyManager.setFriendAccess(this);
        }
        static void Main(string[] args)
        {
            var data = new Data();
              data.wireDecode(new Blob(TlvData));
              Console.Out.WriteLine("Decoded Data:");
              dumpData(data);

              // Set the content again to clear the cached encoding so we encode again.
              data.setContent(data.getContent());
              var encoding = data.wireEncode();

              var reDecodedData = new Data();
              reDecodedData.wireDecode(encoding);
              Console.Out.WriteLine("");
              Console.Out.WriteLine("Re-decoded Data:");
              dumpData(reDecodedData);

              var identityStorage = new MemoryIdentityStorage();
              var privateKeyStorage = new MemoryPrivateKeyStorage();
              var keyChain = new KeyChain
            (new IdentityManager(identityStorage, privateKeyStorage),
              new SelfVerifyPolicyManager(identityStorage));

              // Initialize the storage.
              var keyName = new Name("/testname/DSK-123");
              var certificateName = keyName.getSubName(0, keyName.size() - 1).append
            ("KEY").append(keyName.get(-1)).append("ID-CERT").append("0");
              identityStorage.addKey(keyName, KeyType.RSA, new Blob(DEFAULT_RSA_PUBLIC_KEY_DER));
              privateKeyStorage.setKeyPairForKeyName
            (keyName, KeyType.RSA, new ByteBuffer(DEFAULT_RSA_PUBLIC_KEY_DER),
              new ByteBuffer(DEFAULT_RSA_PRIVATE_KEY_DER));

              VerifyCallbacks callbacks = new VerifyCallbacks("Re-decoded Data");
              keyChain.verifyData(reDecodedData, callbacks, callbacks);

              var freshData = new Data(new Name("/ndn/abc"));
              freshData.setContent(new Blob("SUCCESS!"));
              freshData.getMetaInfo().setFreshnessPeriod(5000);
              freshData.getMetaInfo().setFinalBlockId(new Name("/%00%09").get(0));
              keyChain.sign(freshData, certificateName);
              Console.Out.WriteLine("");
              Console.Out.WriteLine("Freshly-signed Data:");
              dumpData(freshData);

              callbacks = new VerifyCallbacks("Freshly-signed Data");
              keyChain.verifyData(freshData, callbacks, callbacks);
        }
Ejemplo n.º 8
0
        public void setUp()
        {
            // Don't show INFO log messages.
            ILOG.J2CsMapping.Util.Logging.Logger.getLogger("").setLevel(ILOG.J2CsMapping.Util.Logging.Level.WARNING);

            policyConfigDirectory_ = net.named_data.jndn.tests.integration_tests.IntegrationTestsCommon
                    .getPolicyConfigDirectory();

            testCertFile_ = new FileInfo(System.IO.Path.Combine(new FileInfo(System.IO.Path.Combine(policyConfigDirectory_.FullName,"certs")).FullName,"test.cert"));

            identityStorage_ = new MemoryIdentityStorage();
            privateKeyStorage_ = new MemoryPrivateKeyStorage();
            identityManager_ = new IdentityManager(identityStorage_,
                    privateKeyStorage_);
            policyManager_ = new ConfigPolicyManager(System.IO.Path.GetFullPath(new FileInfo(System.IO.Path.Combine(policyConfigDirectory_.FullName,"simple_rules.conf")).Name));

            identityName_ = new Name("/TestConfigPolicyManager/temp");
            // To match the anchor cert.
            Name keyName = new Name(identityName_).append("ksk-1416010123");
            identityStorage_.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob(
                    DEFAULT_RSA_PUBLIC_KEY_DER, false));
            privateKeyStorage_.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA,
                    DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER);

            IdentityCertificate cert = identityManager_.selfSign(keyName);
            identityStorage_.setDefaultKeyNameForIdentity(keyName);
            identityManager_.addCertificateAsDefault(cert);

            face_ = new Face("localhost");
            keyChain_ = new KeyChain(identityManager_, policyManager_);
            keyName_ = keyName;

            net.named_data.jndn.security.policy.ConfigPolicyManager.setFriendAccess(this);
        }
        static void Main(string[] args)
        {
            var face = new Face
            (new TcpTransport(), new TcpTransport.ConnectionInfo("localhost"));

              // For now, when setting face.setCommandSigningInfo, use a key chain with
              //   a default private key instead of the system default key chain. This
              //   is OK for now because NFD is configured to skip verification, so it
              //   ignores the system default key chain.
              var identityStorage = new MemoryIdentityStorage();
              var privateKeyStorage = new MemoryPrivateKeyStorage();
              var keyChain = new KeyChain
            (new IdentityManager(identityStorage, privateKeyStorage),
              new SelfVerifyPolicyManager(identityStorage));
              keyChain.setFace(face);

              // Initialize the storage.
              var keyName = new Name("/testname/DSK-123");
              var certificateName = keyName.getSubName(0, keyName.size() - 1).append
            ("KEY").append(keyName.get(-1)).append("ID-CERT").append("0");
              identityStorage.addKey(keyName, KeyType.RSA, new Blob(DEFAULT_RSA_PUBLIC_KEY_DER));
              privateKeyStorage.setKeyPairForKeyName
            (keyName, KeyType.RSA, new ByteBuffer(DEFAULT_RSA_PUBLIC_KEY_DER),
              new ByteBuffer(DEFAULT_RSA_PRIVATE_KEY_DER));

              face.setCommandSigningInfo(keyChain, certificateName);

              var echo = new Echo(keyChain, certificateName);
              var prefix = new Name("/testecho");
              Console.Out.WriteLine("Register prefix  " + prefix.toUri());
              face.registerPrefix(prefix, echo, echo);

              // The main event loop.
              // Wait to receive one interest for the prefix.
              while (echo.responseCount_ < 1) {
            face.processEvents();

            // We need to sleep for a few milliseconds so we don't use 100% of
            //   the CPU.
            System.Threading.Thread.Sleep(5);
              }
        }