/// <summary>
        /// Add a certificate to the identity storage. Also call addKey to ensure that
        /// the certificate key exists. If the certificate is already installed, don't
        /// replace it.
        /// </summary>
        ///
        /// <param name="certificate"></param>
        public override sealed void addCertificate(IdentityCertificate certificate)
        {
            Name certificateName = certificate.getName();
            Name keyName = certificate.getPublicKeyName();

            addKey(keyName, certificate.getPublicKeyInfo().getKeyType(),
                    certificate.getPublicKeyInfo().getKeyDer());

            if (doesCertificateExist(certificateName))
                return;

            // Insert the certificate.
            try {
                PreparedStatement statement = database_
                        .prepareStatement("INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data) "
                                + "values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)");
                statement.setString(1, certificateName.toUri());

                Name signerName = net.named_data.jndn.KeyLocator.getFromSignature(
                        certificate.getSignature()).getKeyName();
                statement.setString(2, signerName.toUri());

                String keyId = keyName.get(-1).toEscapedString();
                Name identity = keyName.getPrefix(-1);
                statement.setString(3, identity.toUri());
                statement.setString(4, keyId);

                // Convert from milliseconds to seconds since 1/1/1970.
                statement.setLong(5,
                        (long) (Math.Floor(certificate.getNotBefore() / 1000.0d)));
                statement.setLong(6,
                        (long) (Math.Floor(certificate.getNotAfter() / 1000.0d)));

                // wireEncode returns the cached encoding if available.
                statement.setBytes(7, certificate.wireEncode().getImmutableArray());

                try {
                    statement.executeUpdate();
                } finally {
                    statement.close();
                }
            } catch (SQLException exception) {
                throw new SecurityException("BasicIdentityStorage: SQLite error: "
                        + exception);
            }
        }
        /// <summary>
        /// Fetch a certificate from the cache.
        /// </summary>
        ///
        /// <param name="certificateName"></param>
        /// <returns>A new copy of the IdentityCertificate, or null if not found.</returns>
        public IdentityCertificate getCertificate(Name certificateName)
        {
            Blob certData = (Blob) ILOG.J2CsMapping.Collections.Collections.Get(cache_,certificateName.toUri());
            if (certData == null)
                return null;

            IdentityCertificate cert = new IdentityCertificate();
            try {
                cert.wireDecode(certData.buf());
            } catch (EncodingException ex) {
                ILOG.J2CsMapping.Util.Logging.Logger.getLogger(typeof(CertificateCache).FullName).log(
                        ILOG.J2CsMapping.Util.Logging.Level.SEVERE, null, ex);
                throw new Exception(ex.Message);
            }

            return cert;
        }
        /// <summary>
        /// Prepare an unsigned identity certificate.
        /// </summary>
        ///
        /// <param name="keyName">The key name, e.g., `/{identity_name}/ksk-123456`.</param>
        /// <param name="publicKey">The public key to sign.</param>
        /// <param name="signingIdentity">The signing identity.</param>
        /// <param name="notBefore">See IdentityCertificate.</param>
        /// <param name="notAfter">See IdentityCertificate.</param>
        /// <param name="subjectDescription">on the keyName.</param>
        /// <param name="certPrefix">signingIdentity and the subject identity. If the signingIdentity is a prefix of the subject identity, `KEY` will be inserted after the signingIdentity, otherwise `KEY` is inserted after subject identity (i.e., before `ksk-...`).</param>
        /// <returns>The unsigned IdentityCertificate, or null if the inputs are invalid.</returns>
        public IdentityCertificate prepareUnsignedIdentityCertificate(
				Name keyName, PublicKey publicKey, Name signingIdentity,
				double notBefore, double notAfter, IList subjectDescription,
				Name certPrefix)
        {
            if (keyName.size() < 1)
                return null;

            String tempKeyIdPrefix = keyName.get(-1).toEscapedString();
            if (tempKeyIdPrefix.Length < 4)
                return null;
            String keyIdPrefix = tempKeyIdPrefix.Substring(0,(4)-(0));
            if (!keyIdPrefix.equals("ksk-") && !keyIdPrefix.equals("dsk-"))
                return null;

            IdentityCertificate certificate = new IdentityCertificate();
            Name certName = new Name();

            if (certPrefix == null) {
                // No certificate prefix hint, so infer the prefix.
                if (signingIdentity.match(keyName))
                    certName.append(signingIdentity).append("KEY")
                            .append(keyName.getSubName(signingIdentity.size()))
                            .append("ID-CERT")
                            .appendVersion((long) net.named_data.jndn.util.Common.getNowMilliseconds());
                else
                    certName.append(keyName.getPrefix(-1)).append("KEY")
                            .append(keyName.get(-1)).append("ID-CERT")
                            .appendVersion((long) net.named_data.jndn.util.Common.getNowMilliseconds());
            } else {
                // A cert prefix hint is supplied, so determine the cert name.
                if (certPrefix.match(keyName) && !certPrefix.equals(keyName))
                    certName.append(certPrefix).append("KEY")
                            .append(keyName.getSubName(certPrefix.size()))
                            .append("ID-CERT")
                            .appendVersion((long) net.named_data.jndn.util.Common.getNowMilliseconds());
                else
                    return null;
            }

            certificate.setName(certName);
            certificate.setNotBefore(notBefore);
            certificate.setNotAfter(notAfter);
            certificate.setPublicKeyInfo(publicKey);

            if (subjectDescription == null || (subjectDescription.Count==0))
                certificate
                        .addSubjectDescription(new CertificateSubjectDescription(
                                "2.5.4.41", keyName.getPrefix(-1).toUri()));
            else {
                for (int i = 0; i < subjectDescription.Count; ++i)
                    certificate
                            .addSubjectDescription((CertificateSubjectDescription) subjectDescription[i]);
            }

            try {
                certificate.encode();
            } catch (DerEncodingException ex) {
                throw new SecurityException("DerEncodingException: " + ex);
            } catch (DerDecodingException ex_0) {
                throw new SecurityException("DerDecodingException: " + ex_0);
            }

            return certificate;
        }
        /// <summary>
        /// Create an identity certificate for a public key supplied by the caller.
        /// </summary>
        ///
        /// <param name="certificatePrefix">The name of public key to be signed.</param>
        /// <param name="publicKey">The public key to be signed.</param>
        /// <param name="signerCertificateName">The name of signing certificate.</param>
        /// <param name="notBefore">The notBefore value in the validity field of the generated certificate.</param>
        /// <param name="notAfter">The notAfter vallue in validity field of the generated certificate.</param>
        /// <returns>The generated identity certificate.</returns>
        public IdentityCertificate createIdentityCertificate(
				Name certificatePrefix, PublicKey publicKey,
				Name signerCertificateName, double notBefore, double notAfter)
        {
            IdentityCertificate certificate = new IdentityCertificate();
            Name keyName = getKeyNameFromCertificatePrefix(certificatePrefix);

            Name certificateName = new Name(certificatePrefix);
            certificateName.append("ID-CERT").appendVersion(
                    (long) net.named_data.jndn.util.Common.getNowMilliseconds());

            certificate.setName(certificateName);
            certificate.setNotBefore(notBefore);
            certificate.setNotAfter(notAfter);
            certificate.setPublicKeyInfo(publicKey);
            certificate.addSubjectDescription(new CertificateSubjectDescription(
                    "2.5.4.41", keyName.toUri()));
            try {
                certificate.encode();
            } catch (DerEncodingException ex) {
                throw new SecurityException("DerDecodingException: " + ex);
            } catch (DerDecodingException ex_0) {
                throw new SecurityException("DerEncodingException: " + ex_0);
            }

            Sha256WithRsaSignature sha256Sig = new Sha256WithRsaSignature();

            KeyLocator keyLocator = new KeyLocator();
            keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
            keyLocator.setKeyName(signerCertificateName);

            sha256Sig.setKeyLocator(keyLocator);

            certificate.setSignature(sha256Sig);

            SignedBlob unsignedData = certificate.wireEncode();

            IdentityCertificate signerCertificate;
            try {
                signerCertificate = getCertificate(signerCertificateName);
            } catch (DerDecodingException ex_1) {
                throw new SecurityException("DerDecodingException: " + ex_1);
            }
            Name signerkeyName = signerCertificate.getPublicKeyName();

            Blob sigBits = privateKeyStorage_.sign(unsignedData.signedBuf(),
                    signerkeyName);

            sha256Sig.setSignature(sigBits);

            return certificate;
        }
Exemple #5
0
 /// <summary>
 /// The copy constructor.
 /// </summary>
 ///
 public IdentityCertificate(IdentityCertificate identityCertificate) : base(identityCertificate)
 {
     this.publicKeyName_ = new Name();
     publicKeyName_      = identityCertificate.publicKeyName_;
 }
Exemple #6
0
 /// <summary>
 /// Install an identity certificate into the public key identity storage.
 /// </summary>
 ///
 /// <param name="certificate">The certificate to to added.</param>
 public void installIdentityCertificate(IdentityCertificate certificate)
 {
     identityManager_.addCertificate(certificate);
 }
        /// <summary>
        /// Get a certificate from the identity storage.
        /// </summary>
        ///
        /// <param name="certificateName">The name of the requested certificate.</param>
        /// <returns>The requested certificate.</returns>
        /// <exception cref="System.Security.SecurityException">if the certificate doesn't exist.</exception>
        public override IdentityCertificate getCertificate(Name certificateName)
        {
            Blob certificateDer = (Blob) ILOG.J2CsMapping.Collections.Collections.Get(certificateStore_,certificateName
                            .toUri());
            if (certificateDer == null)
                throw new SecurityException(
                        "MemoryIdentityStorage::getKey: The certificate does not exist");

            IdentityCertificate certificate = new IdentityCertificate();
            try {
                certificate.wireDecode(certificateDer);
            } catch (EncodingException ex) {
                throw new SecurityException(
                        "MemoryIdentityStorage::getKey: The certificate cannot be decoded");
            }
            return certificate;
        }
            public void onVerified(Data data)
            {
                IdentityCertificate certificate;
                    try {
                        certificate = new IdentityCertificate(data);
                    } catch (DerDecodingException ex) {
                        try {
                            onValidationFailed_.onInterestValidationFailed(
                                    originalInterest_, "Cannot decode certificate "
                                            + data.getName().toUri());
                        } catch (Exception exception) {
                            net.named_data.jndn.security.policy.ConfigPolicyManager.logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                                    "Error in onInterestValidationFailed", exception);
                        }
                        return;
                    }
                    outer_ConfigPolicyManager.certificateCache_.insertCertificate(certificate);

                    try {
                        // Now that we stored the needed certificate, increment stepCount and try again
                        //   to verify the originalInterest.
                        outer_ConfigPolicyManager.checkVerificationPolicy(originalInterest_, stepCount_ + 1,
                                onVerified_, onValidationFailed_, wireFormat_);
                    } catch (SecurityException ex_0) {
                        try {
                            onValidationFailed_.onInterestValidationFailed(
                                    originalInterest_,
                                    "Error in checkVerificationPolicy: " + ex_0);
                        } catch (Exception exception_1) {
                            net.named_data.jndn.security.policy.ConfigPolicyManager.logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                                    "Error in onInterestValidationFailed", exception_1);
                        }
                    }
            }
            public static IdentityCertificate loadIdentityCertificateFromFile(
					String filename)
            {
                StringBuilder encodedData = new StringBuilder();

                try {
                    TextReader certFile = new FileReader(
                                            filename);
                    // Use "try/finally instead of "try-with-resources" or "using"
                    // which are not supported before Java 7.
                    try {
                        String line;
                        while ((line = certFile.readLine()) != null)
                            encodedData.append(line);
                    } finally {
                        certFile.close();
                    }
                } catch (FileNotFoundException ex) {
                    throw new SecurityException(
                            "Can't find IdentityCertificate file " + filename
                                    + ": " + ex.Message);
                } catch (IOException ex_0) {
                    throw new SecurityException(
                            "Error reading IdentityCertificate file " + filename
                                    + ": " + ex_0.Message);
                }

                byte[] decodedData = net.named_data.jndn.util.Common.base64Decode(encodedData.toString());
                IdentityCertificate cert = new IdentityCertificate();
                try {
                    cert.wireDecode(new Blob(decodedData, false));
                } catch (EncodingException ex_1) {
                    throw new SecurityException(
                            "Can't decode the IdentityCertificate from file "
                                    + filename + ": " + ex_1.Message);
                }
                return cert;
            }
        public void testPrepareUnsignedCertificate()
        {
            MemoryIdentityStorage identityStorage = new MemoryIdentityStorage();
            MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage();
            IdentityManager identityManager = new IdentityManager(identityStorage,
                    privateKeyStorage);
            Name keyName = new Name("/test/ksk-1457560485494");
            identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA,
                    new Blob(PUBLIC_KEY, false));

            ArrayList subjectDescriptions = new ArrayList();
            ILOG.J2CsMapping.Collections.Collections.Add(subjectDescriptions,new CertificateSubjectDescription(TEST_OID,
                            "TEST NAME"));
            IdentityCertificate newCertificate = identityManager
                    .prepareUnsignedIdentityCertificate(keyName,
                            keyName.getPrefix(1), toyCertNotBefore,
                            toyCertNotAfter, subjectDescriptions);

            // Update the generated certificate version to equal the one in toyCert.
            newCertificate.setName(new Name(newCertificate.getName().getPrefix(-1)
                    .append(toyCert.getName().get(-1))));

            // Make a copy to test encoding.
            IdentityCertificate certificateCopy = new IdentityCertificate(
                    newCertificate);
            Assert.AssertEquals(
                    "Prepared unsigned certificate dump does not have the expected format",
                    "" + toyCert, "" + certificateCopy);
        }
        /// <summary>
        /// This looks up certificates specified as base64-encoded data or file names.
        /// These are cached by filename or encoding to avoid repeated reading of files
        /// or decoding.
        /// </summary>
        ///
        /// <param name="certID"></param>
        /// <param name="isPath"></param>
        /// <returns>The certificate object.</returns>
        private IdentityCertificate lookupCertificate(String certID, bool isPath)
        {
            IdentityCertificate cert;

            if (!fixedCertificateCache_.Contains(certID)) {
                if (isPath)
                    // Load the certificate data (base64 encoded IdentityCertificate)
                    cert = net.named_data.jndn.security.policy.ConfigPolicyManager.TrustAnchorRefreshManager
                            .loadIdentityCertificateFromFile(certID);
                else {
                    byte[] certData = net.named_data.jndn.util.Common.base64Decode(certID);
                    cert = new IdentityCertificate();
                    try {
                        cert.wireDecode(new Blob(certData, false));
                    } catch (EncodingException ex) {
                        throw new SecurityException(
                                "Cannot base64 decode the cert data: "
                                        + ex.Message);
                    }
                }

                String certUri = cert.getName().getPrefix(-1).toUri();
                ILOG.J2CsMapping.Collections.Collections.Put(fixedCertificateCache_,certID,certUri);
                certificateCache_.insertCertificate(cert);
            } else
                cert = certificateCache_.getCertificate(new Name(
                        (String) ILOG.J2CsMapping.Collections.Collections.Get(fixedCertificateCache_,certID)));

            return cert;
        }
        public void testRefresh10s()
        {
            StringBuilder encodedData = new StringBuilder();
            TextReader dataFile = new System.IO.StreamReader(new FileInfo(System.IO.Path.Combine(policyConfigDirectory_.FullName,"testData")).OpenWrite());
            // Use "try/finally instead of "try-with-resources" or "using"
            // which are not supported before Java 7.
            try {
                String line;
                while ((line = dataFile.readLine()) != null)
                    encodedData.append(line);
            } finally {
                dataFile.close();
            }

            byte[] decodedData = net.named_data.jndn.util.Common.base64Decode(encodedData.toString());
            Data data = new Data();
            data.wireDecode(new Blob(decodedData, false));

            // This test is needed, since the KeyChain will express interests in unknown
            // certificates.
            VerificationResult vr = doVerify(policyManager_, data);

            AssertTrue(
                    "ConfigPolicyManager did not create ValidationRequest for unknown certificate",
                    vr.hasFurtherSteps_);
            AssertEquals(
                    "ConfigPolicyManager called success callback with pending ValidationRequest",
                    0, vr.successCount_);
            AssertEquals(
                    "ConfigPolicyManager called failure callback with pending ValidationRequest",
                    0, vr.failureCount_);

            // Now save the cert data to our anchor directory, and wait.
            // We have to sign it with the current identity or the policy manager will
            // create an interest for the signing certificate.
            IdentityCertificate cert = new IdentityCertificate();
            byte[] certData = net.named_data.jndn.util.Common.base64Decode(CERT_DUMP);
            cert.wireDecode(new Blob(certData, false));
            keyChain_.signByIdentity(cert, identityName_);
            Blob signedCertBlob = cert.wireEncode();
            String encodedCert = net.named_data.jndn.util.Common.base64Encode(signedCertBlob
                    .getImmutableArray());
            BufferedStream certFile = new BufferedStream(new System.IO.StreamWriter(testCertFile_.OpenRead()));
            try {
                certFile.Write(encodedCert,0,encodedCert.Substring(0,encodedCert.Length));
                certFile.flush();
            } finally {
                certFile.close();
            }

            // Still too early for refresh to pick it up.
            vr = doVerify(policyManager_, data);

            AssertTrue("ConfigPolicyManager refresh occured sooner than specified",
                    vr.hasFurtherSteps_);
            AssertEquals(
                    "ConfigPolicyManager called success callback with pending ValidationRequest",
                    0, vr.successCount_);
            AssertEquals(
                    "ConfigPolicyManager called failure callback with pending ValidationRequest",
                    0, vr.failureCount_);

            ILOG.J2CsMapping.Threading.ThreadWrapper.sleep(6000);

            // Now we should find it.
            vr = doVerify(policyManager_, data);

            AssertFalse("ConfigPolicyManager did not refresh certificate store",
                    vr.hasFurtherSteps_);
            AssertEquals("Verification success called " + vr.successCount_
                    + " times instead of 1", 1, vr.successCount_);
            AssertEquals("ConfigPolicyManager did not verify valid signed data", 0,
                    vr.failureCount_);
        }
 public TestGroupManager()
 {
     this.certificate = new IdentityCertificate();
 }
        public void testCreateDKeyData()
        {
            // Create the group manager.
            GroupManager manager = new GroupManager(new Name("Alice"), new Name(
                    "data_type"), new Sqlite3GroupManagerDb(
                    System.IO.Path.GetFullPath(dKeyDatabaseFilePath.Name)), 2048, 1, keyChain);

            Blob newCertificateBlob = certificate.wireEncode();
            IdentityCertificate newCertificate = new IdentityCertificate();
            newCertificate.wireDecode(newCertificateBlob);

            // Encrypt the D-KEY.
            Data data = friendAccess.createDKeyData(manager, "20150825T000000",
                    "20150827T000000", new Name("/ndn/memberA/KEY"),
                    decryptKeyBlob, newCertificate.getPublicKeyInfo().getKeyDer());

            // Verify the encrypted D-KEY.
            Blob dataContent = data.getContent();

            // Get the nonce key.
            // dataContent is a sequence of the two EncryptedContent.
            EncryptedContent encryptedNonce = new EncryptedContent();
            encryptedNonce.wireDecode(dataContent);
            AssertEquals(0, encryptedNonce.getInitialVector().size());
            AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
                    encryptedNonce.getAlgorithmType());

            Blob blobNonce = encryptedNonce.getPayload();
            EncryptParams decryptParams = new EncryptParams(
                    net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep);
            Blob nonce = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptKeyBlob, blobNonce,
                    decryptParams);

            // Get the D-KEY.
            // Use the size of encryptedNonce to find the start of encryptedPayload.
            ByteBuffer payloadContent = dataContent.buf().duplicate();
            payloadContent.position(encryptedNonce.wireEncode().size());
            EncryptedContent encryptedPayload = new EncryptedContent();
            encryptedPayload.wireDecode(payloadContent);
            AssertEquals(16, encryptedPayload.getInitialVector().size());
            AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc,
                    encryptedPayload.getAlgorithmType());

            decryptParams.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc);
            decryptParams.setInitialVector(encryptedPayload.getInitialVector());
            Blob blobPayload = encryptedPayload.getPayload();
            Blob largePayload = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(nonce, blobPayload,
                    decryptParams);

            AssertTrue(largePayload.equals(decryptKeyBlob));
        }
        /// <summary>
        /// Generate a self-signed certificate for a public key.
        /// </summary>
        ///
        /// <param name="keyName">The name of the public key.</param>
        /// <returns>The generated certificate.</returns>
        public IdentityCertificate selfSign(Name keyName)
        {
            IdentityCertificate certificate = new IdentityCertificate();

            Blob keyBlob = identityStorage_.getKey(keyName);
            PublicKey publicKey = new PublicKey(keyBlob);

            Calendar calendar = ILOG.J2CsMapping.Util.Calendar.getInstance();
            double notBefore = (double) calendar.getTimeInMillis();
            calendar.add(ILOG.J2CsMapping.Util.Calendar.YEAR, 2);
            double notAfter = (double) calendar.getTimeInMillis();

            certificate.setNotBefore(notBefore);
            certificate.setNotAfter(notAfter);

            Name certificateName = keyName.getPrefix(-1).append("KEY")
                    .append(keyName.get(-1)).append("ID-CERT")
                    .appendVersion((long) certificate.getNotBefore());
            certificate.setName(certificateName);

            certificate.setPublicKeyInfo(publicKey);
            certificate.addSubjectDescription(new CertificateSubjectDescription(
                    "2.5.4.41", keyName.toUri()));
            try {
                certificate.encode();
            } catch (DerEncodingException ex) {
                // We don't expect this to happen.
                ILOG.J2CsMapping.Util.Logging.Logger.getLogger(typeof(IdentityManager).FullName).log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                        null, ex);
                return null;
            } catch (DerDecodingException ex_0) {
                // We don't expect this to happen.
                ILOG.J2CsMapping.Util.Logging.Logger.getLogger(typeof(IdentityManager).FullName).log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                        null, ex_0);
                return null;
            }

            signByCertificate(certificate, certificate.getName());

            return certificate;
        }
 /// <summary>
 /// Add a certificate to the identity storage. Also call addKey to ensure that
 /// the certificate key exists. If the certificate is already installed, don't
 /// replace it.
 /// </summary>
 ///
 /// <param name="certificate"></param>
 public abstract void addCertificate(IdentityCertificate certificate);
        /// <summary>
        /// Set the certificate as the default for its corresponding key.
        /// </summary>
        ///
        /// <param name="certificate">The certificate.</param>
        public void setDefaultCertificateForKey(
				IdentityCertificate certificate)
        {
            Name keyName = certificate.getPublicKeyName();

            if (!identityStorage_.doesKeyExist(keyName))
                throw new SecurityException(
                        "No corresponding Key record for certificate!");

            identityStorage_.setDefaultCertificateNameForKey(keyName,
                    certificate.getName());
        }
 /// <summary>
 /// Add a new member with the given memberCertificate into a schedule named
 /// scheduleName. If cert is an IdentityCertificate made from memberCertificate,
 /// then the member's identity name is cert.getPublicKeyName().getPrefix(-1).
 /// </summary>
 ///
 /// <param name="scheduleName">The schedule name.</param>
 /// <param name="memberCertificate">The member's certificate.</param>
 /// <exception cref="GroupManagerDb.Error">If there's no schedule named scheduleName, ifthe member's identity name already exists, or other database error.</exception>
 /// <exception cref="DerDecodingException">for error decoding memberCertificate as acertificate.</exception>
 public void addMember(String scheduleName, Data memberCertificate)
 {
     IdentityCertificate cert = new IdentityCertificate(memberCertificate);
     database_.addMember(scheduleName, cert.getPublicKeyName(), cert
             .getPublicKeyInfo().getKeyDer());
 }
        /// <summary>
        /// Add a certificate to the identity storage. Also call addKey to ensure that
        /// the certificate key exists. If the certificate is already installed, don't
        /// replace it.
        /// </summary>
        ///
        /// <param name="certificate"></param>
        public override void addCertificate(IdentityCertificate certificate)
        {
            Name certificateName = certificate.getName();
            Name keyName = certificate.getPublicKeyName();

            addKey(keyName, certificate.getPublicKeyInfo().getKeyType(),
                    certificate.getPublicKeyInfo().getKeyDer());

            if (doesCertificateExist(certificateName))
                return;

            // Insert the certificate.
            ILOG.J2CsMapping.Collections.Collections.Put(certificateStore_,certificateName.toUri(),certificate.wireEncode());
        }
 /// <summary>
 /// Add a certificate into the public key identity storage.
 /// </summary>
 ///
 /// <param name="certificate"></param>
 public void addCertificate(IdentityCertificate certificate)
 {
     identityStorage_.addCertificate(certificate);
 }
 /// <summary>
 /// Insert the certificate into the cache. Assumes the timestamp is not yet
 /// removed from the name.
 /// </summary>
 ///
 /// <param name="certificate">The certificate to copy and insert.</param>
 public void insertCertificate(IdentityCertificate certificate)
 {
     Name certName = certificate.getName().getPrefix(-1);
     ILOG.J2CsMapping.Collections.Collections.Put(cache_,certName.toUri(),certificate.wireEncode());
 }
        /// <summary>
        /// Add a certificate into the public key identity storage and set the
        /// certificate as the default of its corresponding key.
        /// </summary>
        ///
        /// <param name="certificate"></param>
        public void addCertificateAsDefault(IdentityCertificate certificate)
        {
            identityStorage_.addCertificate(certificate);

            setDefaultCertificateForKey(certificate);
        }
Exemple #23
0
        /// <summary>
        /// Set the certificate as the default for its corresponding key.
        /// </summary>
        ///
        /// <param name="certificate">The certificate.</param>
        public void setDefaultCertificateForKey(
				IdentityCertificate certificate)
        {
            identityManager_.setDefaultCertificateForKey(certificate);
        }
        /// <summary>
        /// Add a certificate into the public key identity storage and set the
        /// certificate as the default for its corresponding identity.
        /// </summary>
        ///
        /// <param name="certificate"></param>
        public void addCertificateAsIdentityDefault(
				IdentityCertificate certificate)
        {
            identityStorage_.addCertificate(certificate);

            Name keyName = certificate.getPublicKeyName();

            setDefaultKeyForIdentity(keyName);

            setDefaultCertificateForKey(certificate);
        }
 /// <summary>
 /// The copy constructor.
 /// </summary>
 ///
 public IdentityCertificate(IdentityCertificate identityCertificate)
     : base(identityCertificate)
 {
     this.publicKeyName_ = new Name();
     publicKeyName_ = identityCertificate.publicKeyName_;
 }
        /// <summary>
        /// Get a certificate from the identity storage.
        /// </summary>
        ///
        /// <param name="certificateName">The name of the requested certificate.</param>
        /// <returns>The requested certificate.</returns>
        /// <exception cref="System.Security.SecurityException">if the certificate doesn't exist.</exception>
        public override sealed IdentityCertificate getCertificate(Name certificateName)
        {
            try {
                PreparedStatement statement;
                statement = database_.prepareStatement(net.named_data.jndn.security.identity.Sqlite3IdentityStorageBase.SELECT_getCertificate);
                statement.setString(1, certificateName.toUri());

                IdentityCertificate certificate = new IdentityCertificate();
                try {
                    SqlDataReader result = statement.executeQuery();

                    if (result.NextResult()) {
                        try {
                            certificate.wireDecode(new Blob(result
                                    .getBytes("certificate_data"), false));
                        } catch (EncodingException ex) {
                            throw new SecurityException(
                                    "BasicIdentityStorage: Error decoding certificate data: "
                                            + ex);
                        }
                    } else
                        throw new SecurityException(
                                "BasicIdentityStorage::getKey: The key certificate not exist");
                } finally {
                    statement.close();
                }

                return certificate;
            } catch (SQLException exception) {
                throw new SecurityException("BasicIdentityStorage: SQLite error: "
                        + exception);
            }
        }