/// <summary> /// Generate a self-signed certificate for a public key. /// </summary> /// /// <param name="keyName">The name of the public key.</param> /// <returns>The generated certificate.</returns> public IdentityCertificate selfSign(Name keyName) { IdentityCertificate certificate = new IdentityCertificate(); Blob keyBlob = identityStorage_.getKey(keyName); PublicKey publicKey = new PublicKey(keyBlob); Calendar calendar = ILOG.J2CsMapping.Util.Calendar.getInstance(); double notBefore = (double) calendar.getTimeInMillis(); calendar.add(ILOG.J2CsMapping.Util.Calendar.YEAR, 2); double notAfter = (double) calendar.getTimeInMillis(); certificate.setNotBefore(notBefore); certificate.setNotAfter(notAfter); Name certificateName = keyName.getPrefix(-1).append("KEY") .append(keyName.get(-1)).append("ID-CERT") .appendVersion((long) certificate.getNotBefore()); certificate.setName(certificateName); certificate.setPublicKeyInfo(publicKey); certificate.addSubjectDescription(new CertificateSubjectDescription( "2.5.4.41", keyName.toUri())); try { certificate.encode(); } catch (DerEncodingException ex) { // We don't expect this to happen. ILOG.J2CsMapping.Util.Logging.Logger.getLogger(typeof(IdentityManager).FullName).log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, null, ex); return null; } catch (DerDecodingException ex_0) { // We don't expect this to happen. ILOG.J2CsMapping.Util.Logging.Logger.getLogger(typeof(IdentityManager).FullName).log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, null, ex_0); return null; } signByCertificate(certificate, certificate.getName()); return certificate; }
/// <summary> /// Add a certificate to the identity storage. Also call addKey to ensure that /// the certificate key exists. If the certificate is already installed, don't /// replace it. /// </summary> /// /// <param name="certificate"></param> public override sealed void addCertificate(IdentityCertificate certificate) { Name certificateName = certificate.getName(); Name keyName = certificate.getPublicKeyName(); addKey(keyName, certificate.getPublicKeyInfo().getKeyType(), certificate.getPublicKeyInfo().getKeyDer()); if (doesCertificateExist(certificateName)) return; // Insert the certificate. try { PreparedStatement statement = database_ .prepareStatement("INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data) " + "values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)"); statement.setString(1, certificateName.toUri()); Name signerName = net.named_data.jndn.KeyLocator.getFromSignature( certificate.getSignature()).getKeyName(); statement.setString(2, signerName.toUri()); String keyId = keyName.get(-1).toEscapedString(); Name identity = keyName.getPrefix(-1); statement.setString(3, identity.toUri()); statement.setString(4, keyId); // Convert from milliseconds to seconds since 1/1/1970. statement.setLong(5, (long) (Math.Floor(certificate.getNotBefore() / 1000.0d))); statement.setLong(6, (long) (Math.Floor(certificate.getNotAfter() / 1000.0d))); // wireEncode returns the cached encoding if available. statement.setBytes(7, certificate.wireEncode().getImmutableArray()); try { statement.executeUpdate(); } finally { statement.close(); } } catch (SQLException exception) { throw new SecurityException("BasicIdentityStorage: SQLite error: " + exception); } }