/// <summary> /// Create a new Sha256WithRsaSignature with a copy of the fields in the given /// signature object. /// </summary> /// /// <param name="signature">The signature object to copy.</param> public Sha256WithRsaSignature(Sha256WithRsaSignature signature) { this.signature_ = new Blob(); this.keyLocator_ = new ChangeCounter( new KeyLocator()); this.changeCount_ = 0; signature_ = signature.signature_; keyLocator_.set(new KeyLocator(signature.getKeyLocator())); }
/// <summary> /// Create a new Sha256WithRsaSignature with a copy of the fields in the given /// signature object. /// </summary> /// /// <param name="signature">The signature object to copy.</param> public Sha256WithRsaSignature(Sha256WithRsaSignature signature) { this.signature_ = new Blob(); this.keyLocator_ = new ChangeCounter( new KeyLocator()); this.validityPeriod_ = new ChangeCounter( new ValidityPeriod()); this.changeCount_ = 0; signature_ = signature.signature_; keyLocator_.set(new KeyLocator(signature.getKeyLocator())); }
/// <summary> /// Create an identity certificate for a public key supplied by the caller. /// </summary> /// /// <param name="certificatePrefix">The name of public key to be signed.</param> /// <param name="publicKey">The public key to be signed.</param> /// <param name="signerCertificateName">The name of signing certificate.</param> /// <param name="notBefore">The notBefore value in the validity field of the generated certificate.</param> /// <param name="notAfter">The notAfter vallue in validity field of the generated certificate.</param> /// <returns>The generated identity certificate.</returns> public IdentityCertificate createIdentityCertificate( Name certificatePrefix, PublicKey publicKey, Name signerCertificateName, double notBefore, double notAfter) { IdentityCertificate certificate = new IdentityCertificate(); Name keyName = getKeyNameFromCertificatePrefix(certificatePrefix); Name certificateName = new Name(certificatePrefix); certificateName.append("ID-CERT").appendVersion( (long) net.named_data.jndn.util.Common.getNowMilliseconds()); certificate.setName(certificateName); certificate.setNotBefore(notBefore); certificate.setNotAfter(notAfter); certificate.setPublicKeyInfo(publicKey); certificate.addSubjectDescription(new CertificateSubjectDescription( "2.5.4.41", keyName.toUri())); try { certificate.encode(); } catch (DerEncodingException ex) { throw new SecurityException("DerDecodingException: " + ex); } catch (DerDecodingException ex_0) { throw new SecurityException("DerEncodingException: " + ex_0); } Sha256WithRsaSignature sha256Sig = new Sha256WithRsaSignature(); KeyLocator keyLocator = new KeyLocator(); keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME); keyLocator.setKeyName(signerCertificateName); sha256Sig.setKeyLocator(keyLocator); certificate.setSignature(sha256Sig); SignedBlob unsignedData = certificate.wireEncode(); IdentityCertificate signerCertificate; try { signerCertificate = getCertificate(signerCertificateName); } catch (DerDecodingException ex_1) { throw new SecurityException("DerDecodingException: " + ex_1); } Name signerkeyName = signerCertificate.getPublicKeyName(); Blob sigBits = privateKeyStorage_.sign(unsignedData.signedBuf(), signerkeyName); sha256Sig.setSignature(sigBits); return certificate; }
/// <summary> /// Return a new Signature object based on the signature algorithm of the /// public key with keyName (derived from certificateName). /// </summary> /// /// <param name="certificateName">The certificate name.</param> /// <param name="digestAlgorithm"></param> /// <returns>A new object of the correct subclass of Signature.</returns> private Signature makeSignatureByCertificate(Name certificateName, DigestAlgorithm[] digestAlgorithm) { Name keyName = net.named_data.jndn.security.certificate.IdentityCertificate .certificateNameToPublicKeyName(certificateName); PublicKey publicKey = privateKeyStorage_.getPublicKey(keyName); KeyType keyType = publicKey.getKeyType(); if (keyType == net.named_data.jndn.security.KeyType.RSA) { Sha256WithRsaSignature signature = new Sha256WithRsaSignature(); digestAlgorithm[0] = net.named_data.jndn.security.DigestAlgorithm.SHA256; signature.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME); signature.getKeyLocator().setKeyName(certificateName.getPrefix(-1)); return signature; } else if (keyType == net.named_data.jndn.security.KeyType.ECDSA) { Sha256WithEcdsaSignature signature_0 = new Sha256WithEcdsaSignature(); digestAlgorithm[0] = net.named_data.jndn.security.DigestAlgorithm.SHA256; signature_0.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME); signature_0.getKeyLocator().setKeyName(certificateName.getPrefix(-1)); return signature_0; } else throw new SecurityException("Key type is not recognized"); }
public void testMatchesData() { Interest interest = new Interest(new Name("/A")); interest.setMinSuffixComponents(2); interest.setMaxSuffixComponents(2); interest.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME); interest.getKeyLocator().setKeyName(new Name("/B")); interest.getExclude().appendComponent(new Name.Component("J")); interest.getExclude().appendAny(); Data data = new Data(new Name("/A/D")); Sha256WithRsaSignature signature = new Sha256WithRsaSignature(); signature.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME); signature.getKeyLocator().setKeyName(new Name("/B")); data.setSignature(signature); Assert.AssertEquals(true, interest.matchesData(data)); // Check violating MinSuffixComponents. Data data1 = new Data(data); data1.setName(new Name("/A")); Assert.AssertEquals(false, interest.matchesData(data1)); Interest interest1 = new Interest(interest); interest1.setMinSuffixComponents(1); Assert.AssertEquals(true, interest1.matchesData(data1)); // Check violating MaxSuffixComponents. Data data2 = new Data(data); data2.setName(new Name("/A/E/F")); Assert.AssertEquals(false, interest.matchesData(data2)); Interest interest2 = new Interest(interest); interest2.setMaxSuffixComponents(3); Assert.AssertEquals(true, interest2.matchesData(data2)); // Check violating PublisherPublicKeyLocator. Data data3 = new Data(data); Sha256WithRsaSignature signature3 = new Sha256WithRsaSignature(); signature3.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME); signature3.getKeyLocator().setKeyName(new Name("/G")); data3.setSignature(signature3); Assert.AssertEquals(false, interest.matchesData(data3)); Interest interest3 = new Interest(interest); interest3.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME); interest3.getKeyLocator().setKeyName(new Name("/G")); Assert.AssertEquals(true, interest3.matchesData(data3)); Data data4 = new Data(data); data4.setSignature(new DigestSha256Signature()); Assert.AssertEquals(false, interest.matchesData(data4)); Interest interest4 = new Interest(interest); interest4.setKeyLocator(new KeyLocator()); Assert.AssertEquals(true, interest4.matchesData(data4)); // Check violating Exclude. Data data5 = new Data(data); data5.setName(new Name("/A/J")); Assert.AssertEquals(false, interest.matchesData(data5)); Interest interest5 = new Interest(interest); interest5.getExclude().clear(); interest5.getExclude().appendComponent(new Name.Component("K")); interest5.getExclude().appendAny(); Assert.AssertEquals(true, interest5.matchesData(data5)); // Check violating Name. Data data6 = new Data(data); data6.setName(new Name("/H/I")); Assert.AssertEquals(false, interest.matchesData(data6)); Data data7 = new Data(data); data7.setName(new Name("/A/B")); Interest interest7 = new Interest( new Name( "/A/B/sha256digest=" + "54008e240a7eea2714a161dfddf0dd6ced223b3856e9da96792151e180f3b128")); Assert.AssertEquals(true, interest7.matchesData(data7)); // Check violating the implicit digest. Interest interest7b = new Interest(new Name( "/A/B/%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00" + "%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00")); Assert.AssertEquals(false, interest7b.matchesData(data7)); // Check excluding the implicit digest. Interest interest8 = new Interest(new Name("/A/B")); interest8.getExclude().appendComponent(interest7.getName().get(2)); Assert.AssertEquals(false, interest8.matchesData(data7)); }