public void testPrepareUnsignedCertificate()
{
MemoryIdentityStorage identityStorage = new MemoryIdentityStorage();
MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage();
IdentityManager identityManager = new IdentityManager(identityStorage,
privateKeyStorage);
Name keyName = new Name("/test/ksk-1457560485494");
identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA,
new Blob(PUBLIC_KEY, false));
ArrayList subjectDescriptions = new ArrayList();
ILOG.J2CsMapping.Collections.Collections.Add(subjectDescriptions, new CertificateSubjectDescription(TEST_OID,
"TEST NAME"));
IdentityCertificate newCertificate = identityManager
.prepareUnsignedIdentityCertificate(keyName,
keyName.getPrefix(1), toyCertNotBefore,
toyCertNotAfter, subjectDescriptions);
// Update the generated certificate version to equal the one in toyCert.
newCertificate.setName(new Name(newCertificate.getName().getPrefix(-1)
.append(toyCert.getName().get(-1))));
// Make a copy to test encoding.
IdentityCertificate certificateCopy = new IdentityCertificate(
newCertificate);
Assert.AssertEquals(
"Prepared unsigned certificate dump does not have the expected format",
"" + toyCert, "" + certificateCopy);
}
public void testCertificateAddDelete()
{
Name identityName = new Name("/TestIdentityStorage/Identity")
.appendVersion((long)getNowSeconds());
identityManager.createIdentityAndCertificate(identityName,
net.named_data.jndn.security.KeyChain.getDefaultKeyParams());
Name keyName1 = identityManager
.getDefaultKeyNameForIdentity(identityName);
IdentityCertificate cert2 = identityManager.selfSign(keyName1);
identityStorage.addCertificate(cert2);
Name certName2 = cert2.getName();
Name certName1 = identityManager
.getDefaultCertificateNameForIdentity(identityName);
Assert.AssertFalse(
"New certificate was set as default without explicit request",
certName1.equals(certName2));
identityStorage.deleteCertificateInfo(certName1);
Assert.AssertTrue(identityStorage.doesCertificateExist(certName2));
Assert.AssertFalse(identityStorage.doesCertificateExist(certName1));
keyChain.deleteIdentity(identityName);
Assert.AssertFalse(identityStorage.doesCertificateExist(certName2));
}
/// <summary>
/// Get the default certificate from the identity storage and return its name.
/// If there is no default identity or default certificate, then create one.
/// </summary>
///
/// <returns>The default certificate name.</returns>
private Name prepareDefaultCertificateName()
{
IdentityCertificate signingCertificate = identityManager_
.getDefaultCertificate();
if (signingCertificate == null)
{
setDefaultCertificate();
signingCertificate = identityManager_.getDefaultCertificate();
}
return(signingCertificate.getName());
}
/// <summary>
/// Add a certificate to the identity storage. Also call addKey to ensure that
/// the certificate key exists. If the certificate is already installed, don't
/// replace it.
/// </summary>
///
/// <param name="certificate"></param>
public sealed override void addCertificate(IdentityCertificate certificate)
{
Name certificateName = certificate.getName();
Name keyName = certificate.getPublicKeyName();
addKey(keyName, certificate.getPublicKeyInfo().getKeyType(),
certificate.getPublicKeyInfo().getKeyDer());
if (doesCertificateExist(certificateName))
{
return;
}
// Insert the certificate.
try {
PreparedStatement statement = database_
.prepareStatement("INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data) "
+ "values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)");
statement.setString(1, certificateName.toUri());
Name signerName = net.named_data.jndn.KeyLocator.getFromSignature(
certificate.getSignature()).getKeyName();
statement.setString(2, signerName.toUri());
String keyId = keyName.get(-1).toEscapedString();
Name identity = keyName.getPrefix(-1);
statement.setString(3, identity.toUri());
statement.setString(4, keyId);
// Convert from milliseconds to seconds since 1/1/1970.
statement.setLong(5,
(long)(Math.Floor(certificate.getNotBefore() / 1000.0d)));
statement.setLong(6,
(long)(Math.Floor(certificate.getNotAfter() / 1000.0d)));
// wireEncode returns the cached encoding if available.
statement.setBytes(7, certificate.wireEncode().getImmutableArray());
try {
statement.executeUpdate();
} finally {
statement.close();
}
} catch (SQLException exception) {
throw new SecurityException("BasicIdentityStorage: SQLite error: "
+ exception);
}
}
/// <summary>
/// Add a certificate to the identity storage. Also call addKey to ensure that
/// the certificate key exists. If the certificate is already installed, don't
/// replace it.
/// </summary>
///
/// <param name="certificate"></param>
public override void addCertificate(IdentityCertificate certificate)
{
Name certificateName = certificate.getName();
Name keyName = certificate.getPublicKeyName();
addKey(keyName, certificate.getPublicKeyInfo().getKeyType(),
certificate.getPublicKeyInfo().getKeyDer());
if (doesCertificateExist(certificateName))
{
return;
}
// Insert the certificate.
ILOG.J2CsMapping.Collections.Collections.Put(certificateStore_, certificateName.toUri(), certificate.wireEncode());
}
public void testStress()
{
Name identityName = new Name("/TestSecPublicInfoSqlite3/Delete")
.appendVersion((long)getNowSeconds());
// ndn-cxx returns the cert name, but the IndentityManager docstring
// specifies a key.
Name certName1 = keyChain.createIdentityAndCertificate(identityName);
Name keyName1 = net.named_data.jndn.security.certificate.IdentityCertificate
.certificateNameToPublicKeyName(certName1);
Name keyName2 = keyChain.generateRSAKeyPairAsDefault(identityName);
IdentityCertificate cert2 = identityManager.selfSign(keyName2);
Name certName2 = cert2.getName();
identityManager.addCertificateAsDefault(cert2);
Name keyName3 = keyChain.generateRSAKeyPairAsDefault(identityName);
IdentityCertificate cert3 = identityManager.selfSign(keyName3);
Name certName3 = cert3.getName();
identityManager.addCertificateAsDefault(cert3);
IdentityCertificate cert4 = identityManager.selfSign(keyName3);
identityManager.addCertificateAsDefault(cert4);
Name certName4 = cert4.getName();
IdentityCertificate cert5 = identityManager.selfSign(keyName3);
identityManager.addCertificateAsDefault(cert5);
Name certName5 = cert5.getName();
Assert.AssertTrue(identityStorage.doesIdentityExist(identityName));
Assert.AssertTrue(identityStorage.doesKeyExist(keyName1));
Assert.AssertTrue(identityStorage.doesKeyExist(keyName2));
Assert.AssertTrue(identityStorage.doesKeyExist(keyName3));
Assert.AssertTrue(identityStorage.doesCertificateExist(certName1));
Assert.AssertTrue(identityStorage.doesCertificateExist(certName2));
Assert.AssertTrue(identityStorage.doesCertificateExist(certName3));
Assert.AssertTrue(identityStorage.doesCertificateExist(certName4));
Assert.AssertTrue(identityStorage.doesCertificateExist(certName5));
identityStorage.deleteCertificateInfo(certName5);
Assert.AssertFalse(identityStorage.doesCertificateExist(certName5));
Assert.AssertTrue(identityStorage.doesCertificateExist(certName4));
Assert.AssertTrue(identityStorage.doesCertificateExist(certName3));
Assert.AssertTrue(identityStorage.doesKeyExist(keyName2));
identityStorage.deletePublicKeyInfo(keyName3);
Assert.AssertFalse(identityStorage.doesCertificateExist(certName4));
Assert.AssertFalse(identityStorage.doesCertificateExist(certName3));
Assert.AssertFalse(identityStorage.doesKeyExist(keyName3));
Assert.AssertTrue(identityStorage.doesKeyExist(keyName2));
Assert.AssertTrue(identityStorage.doesKeyExist(keyName1));
Assert.AssertTrue(identityStorage.doesIdentityExist(identityName));
keyChain.deleteIdentity(identityName);
Assert.AssertFalse(identityStorage.doesCertificateExist(certName2));
Assert.AssertFalse(identityStorage.doesKeyExist(keyName2));
Assert.AssertFalse(identityStorage.doesCertificateExist(certName1));
Assert.AssertFalse(identityStorage.doesKeyExist(keyName1));
Assert.AssertFalse(identityStorage.doesIdentityExist(identityName));
}
/// <summary>
/// Insert the certificate into the cache. Assumes the timestamp is not yet
/// removed from the name.
/// </summary>
///
/// <param name="certificate">The certificate to copy and insert.</param>
public void insertCertificate(IdentityCertificate certificate)
{
Name certName = certificate.getName().getPrefix(-1);
ILOG.J2CsMapping.Collections.Collections.Put(cache_, certName.toUri(), certificate.wireEncode());
}