/// <summary>
/// Encrypt the payload using the asymmetric key according to params, and
/// return an EncryptedContent.
/// </summary>
///
/// <param name="payload"></param>
/// <param name="key">The key value.</param>
/// <param name="keyName">The key name for the EncryptedContent key locator.</param>
/// <param name="params">The parameters for encryption.</param>
/// <returns>A new EncryptedContent.</returns>
private static EncryptedContent encryptAsymmetric(Blob payload, Blob key,
Name keyName, EncryptParams paras)
{
EncryptAlgorithmType algorithmType = paras.getAlgorithmType();
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.setKeyName(keyName);
if (algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaPkcs ||
algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep)
{
Blob encryptedPayload = net.named_data.jndn.encrypt.algo.RsaAlgorithm.encrypt(key, payload, paras);
EncryptedContent result = new EncryptedContent();
result.setAlgorithmType(algorithmType);
result.setKeyLocator(keyLocator);
result.setPayload(encryptedPayload);
return(result);
}
else
{
throw new Exception("Unsupported encryption method");
}
}
/// <summary>
/// Encrypt the payload using the symmetric key according to params, and return
/// an EncryptedContent.
/// </summary>
///
/// <param name="payload">The data to encrypt.</param>
/// <param name="key">The key value.</param>
/// <param name="keyName">The key name for the EncryptedContent key locator.</param>
/// <param name="params">The parameters for encryption.</param>
/// <returns>A new EncryptedContent.</returns>
private static EncryptedContent encryptSymmetric(Blob payload, Blob key,
Name keyName, EncryptParams paras)
{
EncryptAlgorithmType algorithmType = paras.getAlgorithmType();
Blob initialVector = paras.getInitialVector();
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.setKeyName(keyName);
if (algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc ||
algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesEcb)
{
if (algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc)
{
if (initialVector.size() != net.named_data.jndn.encrypt.algo.AesAlgorithm.BLOCK_SIZE)
{
throw new Exception("incorrect initial vector size");
}
}
Blob encryptedPayload = net.named_data.jndn.encrypt.algo.AesAlgorithm.encrypt(key, payload, paras);
EncryptedContent result = new EncryptedContent();
result.setAlgorithmType(algorithmType);
result.setKeyLocator(keyLocator);
result.setPayload(encryptedPayload);
result.setInitialVector(initialVector);
return(result);
}
else
{
throw new Exception("Unsupported encryption method");
}
}
public void testBadCertificateName()
{
Interest interest1 = fixture_.makeCommandInterest(fixture_.identity_);
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.setKeyName(new Name("/bad/cert/name"));
Sha256WithRsaSignature signatureInfo = new Sha256WithRsaSignature();
signatureInfo.setKeyLocator(keyLocator);
setNameComponent(interest1, net.named_data.jndn.security.CommandInterestSigner.POS_SIGNATURE_INFO,
net.named_data.jndn.encoding.TlvWireFormat.get().encodeSignatureInfo(signatureInfo));
validateExpectFailure(interest1, "Should fail (bad certificate name)");
}
public void testBadKeyLocatorType()
{
Interest interest1 = fixture_.makeCommandInterest(fixture_.identity_);
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEY_LOCATOR_DIGEST);
keyLocator.setKeyData(new Blob(new int[] { 0xdd, 0xdd, 0xdd, 0xdd,
0xdd, 0xdd, 0xdd, 0xdd }));
Sha256WithRsaSignature signatureInfo = new Sha256WithRsaSignature();
signatureInfo.setKeyLocator(keyLocator);
setNameComponent(interest1, net.named_data.jndn.security.CommandInterestSigner.POS_SIGNATURE_INFO,
net.named_data.jndn.encoding.TlvWireFormat.get().encodeSignatureInfo(signatureInfo));
validateExpectFailure(interest1, "Should fail (bad KeyLocator type)");
}
private static Sha256WithRsaSignature generateFakeSignature()
{
Sha256WithRsaSignature signatureInfo = new Sha256WithRsaSignature();
Name keyLocatorName = new Name("/ndn/site1/KEY/ksk-2516425377094");
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.setKeyName(keyLocatorName);
signatureInfo.setKeyLocator(keyLocator);
ValidityPeriod period = new ValidityPeriod();
period.setPeriod(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20141111T050000"),
net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20141111T060000"));
signatureInfo.setValidityPeriod(period);
Blob block2 = new Blob(SIG_VALUE, false);
signatureInfo.setSignature(block2);
return(signatureInfo);
}
public void testSetterGetter()
{
EncryptedContent content = new EncryptedContent();
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.NONE, content.getAlgorithmType());
Assert.AssertEquals(true, content.getPayload().isNull());
Assert.AssertEquals(true, content.getInitialVector().isNull());
Assert.AssertEquals(net.named_data.jndn.KeyLocatorType.NONE, content.getKeyLocator().getType());
content.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep);
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep, content.getAlgorithmType());
Assert.AssertEquals(true, content.getPayload().isNull());
Assert.AssertEquals(true, content.getInitialVector().isNull());
Assert.AssertEquals(net.named_data.jndn.KeyLocatorType.NONE, content.getKeyLocator().getType());
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.getKeyName().set("/test/key/locator");
content.setKeyLocator(keyLocator);
Assert.AssertTrue(content.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.NONE);
Assert.AssertTrue(content.getKeyLocator().getKeyName()
.equals(new Name("/test/key/locator")));
Assert.AssertEquals(true, content.getPayload().isNull());
Assert.AssertEquals(true, content.getInitialVector().isNull());
content.setPayload(new Blob(message, false));
Assert.AssertTrue(content.getPayload().equals(new Blob(message, false)));
content.setInitialVector(new Blob(iv, false));
Assert.AssertTrue(content.getInitialVector().equals(new Blob(iv, false)));
Blob encoded = content.wireEncode();
Blob contentBlob = new Blob(encrypted, false);
Assert.AssertTrue(contentBlob.equals(encoded));
}
public void testConstructor()
{
// Check default settings.
EncryptedContent content = new EncryptedContent();
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.NONE, content.getAlgorithmType());
Assert.AssertEquals(true, content.getPayload().isNull());
Assert.AssertEquals(true, content.getInitialVector().isNull());
Assert.AssertEquals(net.named_data.jndn.KeyLocatorType.NONE, content.getKeyLocator().getType());
// Check an encrypted content with IV.
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.getKeyName().set("/test/key/locator");
EncryptedContent rsaOaepContent = new EncryptedContent();
rsaOaepContent.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep)
.setKeyLocator(keyLocator).setPayload(new Blob(message, false))
.setInitialVector(new Blob(iv, false));
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
rsaOaepContent.getAlgorithmType());
Assert.AssertTrue(rsaOaepContent.getPayload().equals(new Blob(message, false)));
Assert.AssertTrue(rsaOaepContent.getInitialVector()
.equals(new Blob(iv, false)));
Assert.AssertTrue(rsaOaepContent.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.NONE);
Assert.AssertTrue(rsaOaepContent.getKeyLocator().getKeyName()
.equals(new Name("/test/key/locator")));
// Encoding.
Blob encryptedBlob = new Blob(encrypted, false);
Blob encoded = rsaOaepContent.wireEncode();
Assert.AssertTrue(encryptedBlob.equals(encoded));
// Decoding.
EncryptedContent rsaOaepContent2 = new EncryptedContent();
rsaOaepContent2.wireDecode(encryptedBlob);
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
rsaOaepContent2.getAlgorithmType());
Assert.AssertTrue(rsaOaepContent2.getPayload()
.equals(new Blob(message, false)));
Assert.AssertTrue(rsaOaepContent2.getInitialVector().equals(
new Blob(iv, false)));
Assert.AssertTrue(rsaOaepContent2.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.NONE);
Assert.AssertTrue(rsaOaepContent2.getKeyLocator().getKeyName()
.equals(new Name("/test/key/locator")));
// Check the no IV case.
EncryptedContent rsaOaepContentNoIv = new EncryptedContent();
rsaOaepContentNoIv.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep)
.setKeyLocator(keyLocator).setPayload(new Blob(message, false));
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
rsaOaepContentNoIv.getAlgorithmType());
Assert.AssertTrue(rsaOaepContentNoIv.getPayload().equals(
new Blob(message, false)));
Assert.AssertTrue(rsaOaepContentNoIv.getInitialVector().isNull());
Assert.AssertTrue(rsaOaepContentNoIv.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.NONE);
Assert.AssertTrue(rsaOaepContentNoIv.getKeyLocator().getKeyName()
.equals(new Name("/test/key/locator")));
// Encoding.
Blob encryptedBlob2 = new Blob(encryptedNoIv, false);
Blob encodedNoIV = rsaOaepContentNoIv.wireEncode();
Assert.AssertTrue(encryptedBlob2.equals(encodedNoIV));
// Decoding.
EncryptedContent rsaOaepContentNoIv2 = new EncryptedContent();
rsaOaepContentNoIv2.wireDecode(encryptedBlob2);
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
rsaOaepContentNoIv2.getAlgorithmType());
Assert.AssertTrue(rsaOaepContentNoIv2.getPayload().equals(
new Blob(message, false)));
Assert.AssertTrue(rsaOaepContentNoIv2.getInitialVector().isNull());
Assert.AssertTrue(rsaOaepContentNoIv2.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.NONE);
Assert.AssertTrue(rsaOaepContentNoIv2.getKeyLocator().getKeyName()
.equals(new Name("/test/key/locator")));
}
benchmarkEncodeDataSeconds
(int nIterations, bool useComplex, bool useCrypto, KeyType keyType,
Blob[] encoding)
{
Name name;
Blob content;
if (useComplex)
{
// Use a large name and content.
name = new Name
("/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00");
StringBuilder contentStream = new StringBuilder();
int count = 1;
contentStream.append(count++);
while (contentStream.toString().Length < 1115)
{
contentStream.append(" ").append(count++);
}
content = new Blob(contentStream.toString());
}
else
{
// Use a small name and content.
name = new Name("/test");
content = new Blob("abc");
}
Name.Component finalBlockId =
new Name.Component(new Blob(new byte[] { (byte)0 }));
// Initialize the KeyChain storage in case useCrypto is true.
MemoryIdentityStorage identityStorage = new MemoryIdentityStorage();
MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage();
KeyChain keyChain = new KeyChain
(new IdentityManager(identityStorage, privateKeyStorage),
new SelfVerifyPolicyManager(identityStorage));
Name keyName = new Name("/testname/DSK-123");
Name certificateName = keyName.getSubName(0, keyName.size() - 1).append
("KEY").append(keyName.get(-1)).append("ID-CERT").append("0");
privateKeyStorage.setKeyPairForKeyName
(keyName, KeyType.RSA, new ByteBuffer(DEFAULT_RSA_PUBLIC_KEY_DER),
new ByteBuffer(DEFAULT_RSA_PRIVATE_KEY_DER));
Blob signatureBits = new Blob(new byte[256]);
Blob emptyBlob = new Blob(new byte[0]);
double start = getNowSeconds();
for (int i = 0; i < nIterations; ++i)
{
Data data = new Data(name);
data.setContent(content);
if (useComplex)
{
data.getMetaInfo().setFreshnessPeriod(30000);
data.getMetaInfo().setFinalBlockId(finalBlockId);
}
if (useCrypto)
{
// This sets the signature fields.
keyChain.sign(data, certificateName);
}
else
{
// Imitate IdentityManager.signByCertificate to set up the signature
// fields, but don't sign.
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(KeyLocatorType.KEYNAME);
keyLocator.setKeyName(certificateName);
Sha256WithRsaSignature sha256Signature =
(Sha256WithRsaSignature)data.getSignature();
sha256Signature.setKeyLocator(keyLocator);
sha256Signature.setSignature(signatureBits);
}
encoding[0] = data.wireEncode();
}
double finish = getNowSeconds();
return(finish - start);
}