/// <summary> /// Create a KeyChain with the a default name and key pair. /// </summary> /// /// <param name="certificateName">Set certificateName[0] to the signing certificateName.</param> /// <returns>The KeyChain.</returns> /// <exception cref="System.Security.SecurityException"></exception> public static KeyChain buildKeyChain(Name[] certificateName) { MemoryIdentityStorage identityStorage = new MemoryIdentityStorage(); MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage(); KeyChain keyChain = new KeyChain(new IdentityManager(identityStorage, privateKeyStorage), new SelfVerifyPolicyManager(identityStorage)); // initialize the storage with Name keyName = new Name("/testname/DSK-123"); certificateName[0] = keyName.getSubName(0, keyName.size() - 1) .append("KEY").append(keyName.get(-1)).append("ID-CERT") .append("0"); identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob( DEFAULT_RSA_PUBLIC_KEY_DER, false)); privateKeyStorage.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER); return keyChain; }
static void Main(string[] args) { var interest = new Interest(); interest.wireDecode(new Blob(TlvInterest)); Console.Out.WriteLine("Interest:"); dumpInterest(interest); // Set the name again to clear the cached encoding so we encode again. interest.setName(interest.getName()); var encoding = interest.wireEncode(); Console.Out.WriteLine(""); Console.Out.WriteLine("Re-encoded interest " + encoding.toHex()); var reDecodedInterest = new Interest(); reDecodedInterest.wireDecode(encoding); Console.Out.WriteLine(""); Console.Out.WriteLine("Re-decoded Interest:"); dumpInterest(reDecodedInterest); var freshInterest = new Interest(new Name("/ndn/abc")); freshInterest.setMinSuffixComponents(4); freshInterest.setMaxSuffixComponents(6); freshInterest.setInterestLifetimeMilliseconds(30000); freshInterest.setChildSelector(1); freshInterest.setMustBeFresh(true); freshInterest.getKeyLocator().setType(KeyLocatorType.KEY_LOCATOR_DIGEST); freshInterest.getKeyLocator().setKeyData (new Blob(new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F })); freshInterest.getExclude().appendComponent(new Name("abc").get(0)).appendAny(); var identityStorage = new MemoryIdentityStorage(); var privateKeyStorage = new MemoryPrivateKeyStorage(); var keyChain = new KeyChain (new IdentityManager(identityStorage, privateKeyStorage), new SelfVerifyPolicyManager(identityStorage)); // Initialize the storage. var keyName = new Name("/testname/DSK-123"); var certificateName = keyName.getSubName(0, keyName.size() - 1).append ("KEY").append(keyName.get(-1)).append("ID-CERT").append("0"); identityStorage.addKey(keyName, KeyType.RSA, new Blob(DEFAULT_RSA_PUBLIC_KEY_DER)); privateKeyStorage.setKeyPairForKeyName (keyName, KeyType.RSA, new ByteBuffer(DEFAULT_RSA_PUBLIC_KEY_DER), new ByteBuffer(DEFAULT_RSA_PRIVATE_KEY_DER)); // Make a Face just so that we can sign the interest. var face = new Face("localhost"); face.setCommandSigningInfo(keyChain, certificateName); face.makeCommandInterest(freshInterest); Interest reDecodedFreshInterest = new Interest(); reDecodedFreshInterest.wireDecode(freshInterest.wireEncode()); Console.Out.WriteLine(""); Console.Out.WriteLine("Re-decoded fresh Interest:"); dumpInterest(reDecodedFreshInterest); VerifyCallbacks callbacks = new VerifyCallbacks("Freshly-signed Interest"); keyChain.verifyInterest(reDecodedFreshInterest, callbacks, callbacks); }
public void setUp() { MemoryIdentityStorage identityStorage = new MemoryIdentityStorage(); MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage(); keyChain = new KeyChain(new IdentityManager(identityStorage, privateKeyStorage), new SelfVerifyPolicyManager(identityStorage)); // Initialize the storage. Name keyName = new Name("/testname/DSK-123"); certificateName = keyName.getSubName(0, keyName.size() - 1) .append("KEY").append(keyName.get(-1)).append("ID-CERT") .append("0"); try { identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob( DEFAULT_RSA_PUBLIC_KEY_DER, false)); privateKeyStorage.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER); } catch (SecurityException ex) { // We don't expect this to happen. ILOG.J2CsMapping.Util.Logging.Logger.getLogger(typeof(TestLink).FullName).log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, null, ex); } }
public CredentialStorage() { this.identityStorage_ = new MemoryIdentityStorage(); this.privateKeyStorage_ = new MemoryPrivateKeyStorage(); this.keyChain_ = new KeyChain(new IdentityManager( identityStorage_, privateKeyStorage_), new SelfVerifyPolicyManager( identityStorage_)); Name keyName = new Name("/testname/DSK-123"); defaultCertName_ = keyName.getSubName(0, keyName.size() - 1) .append("KEY").append(keyName.get(-1)).append("ID-CERT") .append("0"); Name ecdsaKeyName = new Name("/testEcdsa/DSK-123"); ecdsaCertName_ = ecdsaKeyName.getSubName(0, ecdsaKeyName.size() - 1) .append("KEY").append(ecdsaKeyName.get(-1)).append("ID-CERT") .append("0"); try { identityStorage_.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob( DEFAULT_RSA_PUBLIC_KEY_DER, false)); privateKeyStorage_.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER); #if false // Skip ECDSA for now. identityStorage_.addKey(ecdsaKeyName, net.named_data.jndn.security.KeyType.ECDSA, new Blob( DEFAULT_EC_PUBLIC_KEY_DER, false)); privateKeyStorage_.setKeyPairForKeyName(ecdsaKeyName, net.named_data.jndn.security.KeyType.ECDSA, DEFAULT_EC_PUBLIC_KEY_DER, DEFAULT_EC_PRIVATE_KEY_DER); #endif } catch (SecurityException ex) { // Don't expect this to happen; System.Console.Out.WriteLine("Exception setting test keys: " + ex); identityStorage_ = null; privateKeyStorage_ = null; } }
/** * Loop to encode a data packet nIterations times. * @param nIterations The number of iterations. * @param useComplex If true, use a large name, large content and all fields. * If false, use a small name, small content * and only required fields. * @param useCrypto If true, sign the data packet. If false, use a blank * signature. * @param keyType KeyType.RSA or EC, used if useCrypto is true. * @param encoding Set encoding[0] to the wire encoding. * @return The number of seconds for all iterations. */ private static double benchmarkEncodeDataSeconds(int nIterations, bool useComplex, bool useCrypto, KeyType keyType, Blob[] encoding) { Name name; Blob content; if (useComplex) { // Use a large name and content. name = new Name ("/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00"); StringBuilder contentStream = new StringBuilder(); int count = 1; contentStream.append(count++); while (contentStream.toString().Length < 1115) contentStream.append(" ").append(count++); content = new Blob(contentStream.toString()); } else { // Use a small name and content. name = new Name("/test"); content = new Blob("abc"); } Name.Component finalBlockId = new Name.Component(new Blob(new byte[] { (byte)0 })); // Initialize the KeyChain storage in case useCrypto is true. MemoryIdentityStorage identityStorage = new MemoryIdentityStorage(); MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage(); KeyChain keyChain = new KeyChain (new IdentityManager(identityStorage, privateKeyStorage), new SelfVerifyPolicyManager(identityStorage)); Name keyName = new Name("/testname/DSK-123"); Name certificateName = keyName.getSubName(0, keyName.size() - 1).append ("KEY").append(keyName.get(-1)).append("ID-CERT").append("0"); privateKeyStorage.setKeyPairForKeyName (keyName, KeyType.RSA, new ByteBuffer(DEFAULT_RSA_PUBLIC_KEY_DER), new ByteBuffer(DEFAULT_RSA_PRIVATE_KEY_DER)); Blob signatureBits = new Blob(new byte[256]); Blob emptyBlob = new Blob(new byte[0]); double start = getNowSeconds(); for (int i = 0; i < nIterations; ++i) { Data data = new Data(name); data.setContent(content); if (useComplex) { data.getMetaInfo().setFreshnessPeriod(30000); data.getMetaInfo().setFinalBlockId(finalBlockId); } if (useCrypto) // This sets the signature fields. keyChain.sign(data, certificateName); else { // Imitate IdentityManager.signByCertificate to set up the signature // fields, but don't sign. KeyLocator keyLocator = new KeyLocator(); keyLocator.setType(KeyLocatorType.KEYNAME); keyLocator.setKeyName(certificateName); Sha256WithRsaSignature sha256Signature = (Sha256WithRsaSignature)data.getSignature(); sha256Signature.setKeyLocator(keyLocator); sha256Signature.setSignature(signatureBits); } encoding[0] = data.wireEncode(); } double finish = getNowSeconds(); return finish - start; }
public void setUp() { policyConfigDirectory = net.named_data.jndn.tests.integration_tests.IntegrationTestsCommon .getPolicyConfigDirectory(); identityStorage = new MemoryIdentityStorage(); privateKeyStorage = new MemoryPrivateKeyStorage(); // Not using keychain for verification so we don't need to set the // policy manager. keyChain = new KeyChain(new IdentityManager(identityStorage, privateKeyStorage)); identityName = new Name("/SecurityTestSecRule/Basic/Longer"); Name keyName = new Name(identityName).append("ksk-2439872"); defaultCertName = certNameFromKeyName(keyName); identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob( DEFAULT_RSA_PUBLIC_KEY_DER, false)); privateKeyStorage.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER); keyName = new Name("/SecurityTestSecRule/Basic/ksk-0923489"); identityStorage.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob( DEFAULT_RSA_PUBLIC_KEY_DER, false)); privateKeyStorage.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER); shortCertName = certNameFromKeyName(keyName, -2); net.named_data.jndn.security.policy.ConfigPolicyManager.setFriendAccess(this); }
static void Main(string[] args) { var data = new Data(); data.wireDecode(new Blob(TlvData)); Console.Out.WriteLine("Decoded Data:"); dumpData(data); // Set the content again to clear the cached encoding so we encode again. data.setContent(data.getContent()); var encoding = data.wireEncode(); var reDecodedData = new Data(); reDecodedData.wireDecode(encoding); Console.Out.WriteLine(""); Console.Out.WriteLine("Re-decoded Data:"); dumpData(reDecodedData); var identityStorage = new MemoryIdentityStorage(); var privateKeyStorage = new MemoryPrivateKeyStorage(); var keyChain = new KeyChain (new IdentityManager(identityStorage, privateKeyStorage), new SelfVerifyPolicyManager(identityStorage)); // Initialize the storage. var keyName = new Name("/testname/DSK-123"); var certificateName = keyName.getSubName(0, keyName.size() - 1).append ("KEY").append(keyName.get(-1)).append("ID-CERT").append("0"); identityStorage.addKey(keyName, KeyType.RSA, new Blob(DEFAULT_RSA_PUBLIC_KEY_DER)); privateKeyStorage.setKeyPairForKeyName (keyName, KeyType.RSA, new ByteBuffer(DEFAULT_RSA_PUBLIC_KEY_DER), new ByteBuffer(DEFAULT_RSA_PRIVATE_KEY_DER)); VerifyCallbacks callbacks = new VerifyCallbacks("Re-decoded Data"); keyChain.verifyData(reDecodedData, callbacks, callbacks); var freshData = new Data(new Name("/ndn/abc")); freshData.setContent(new Blob("SUCCESS!")); freshData.getMetaInfo().setFreshnessPeriod(5000); freshData.getMetaInfo().setFinalBlockId(new Name("/%00%09").get(0)); keyChain.sign(freshData, certificateName); Console.Out.WriteLine(""); Console.Out.WriteLine("Freshly-signed Data:"); dumpData(freshData); callbacks = new VerifyCallbacks("Freshly-signed Data"); keyChain.verifyData(freshData, callbacks, callbacks); }
public void setUp() { // Don't show INFO log messages. ILOG.J2CsMapping.Util.Logging.Logger.getLogger("").setLevel(ILOG.J2CsMapping.Util.Logging.Level.WARNING); policyConfigDirectory_ = net.named_data.jndn.tests.integration_tests.IntegrationTestsCommon .getPolicyConfigDirectory(); testCertFile_ = new FileInfo(System.IO.Path.Combine(new FileInfo(System.IO.Path.Combine(policyConfigDirectory_.FullName,"certs")).FullName,"test.cert")); identityStorage_ = new MemoryIdentityStorage(); privateKeyStorage_ = new MemoryPrivateKeyStorage(); identityManager_ = new IdentityManager(identityStorage_, privateKeyStorage_); policyManager_ = new ConfigPolicyManager(System.IO.Path.GetFullPath(new FileInfo(System.IO.Path.Combine(policyConfigDirectory_.FullName,"simple_rules.conf")).Name)); identityName_ = new Name("/TestConfigPolicyManager/temp"); // To match the anchor cert. Name keyName = new Name(identityName_).append("ksk-1416010123"); identityStorage_.addKey(keyName, net.named_data.jndn.security.KeyType.RSA, new Blob( DEFAULT_RSA_PUBLIC_KEY_DER, false)); privateKeyStorage_.setKeyPairForKeyName(keyName, net.named_data.jndn.security.KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER); IdentityCertificate cert = identityManager_.selfSign(keyName); identityStorage_.setDefaultKeyNameForIdentity(keyName); identityManager_.addCertificateAsDefault(cert); face_ = new Face("localhost"); keyChain_ = new KeyChain(identityManager_, policyManager_); keyName_ = keyName; net.named_data.jndn.security.policy.ConfigPolicyManager.setFriendAccess(this); }
static void Main(string[] args) { var face = new Face (new TcpTransport(), new TcpTransport.ConnectionInfo("localhost")); // For now, when setting face.setCommandSigningInfo, use a key chain with // a default private key instead of the system default key chain. This // is OK for now because NFD is configured to skip verification, so it // ignores the system default key chain. var identityStorage = new MemoryIdentityStorage(); var privateKeyStorage = new MemoryPrivateKeyStorage(); var keyChain = new KeyChain (new IdentityManager(identityStorage, privateKeyStorage), new SelfVerifyPolicyManager(identityStorage)); keyChain.setFace(face); // Initialize the storage. var keyName = new Name("/testname/DSK-123"); var certificateName = keyName.getSubName(0, keyName.size() - 1).append ("KEY").append(keyName.get(-1)).append("ID-CERT").append("0"); identityStorage.addKey(keyName, KeyType.RSA, new Blob(DEFAULT_RSA_PUBLIC_KEY_DER)); privateKeyStorage.setKeyPairForKeyName (keyName, KeyType.RSA, new ByteBuffer(DEFAULT_RSA_PUBLIC_KEY_DER), new ByteBuffer(DEFAULT_RSA_PRIVATE_KEY_DER)); face.setCommandSigningInfo(keyChain, certificateName); var echo = new Echo(keyChain, certificateName); var prefix = new Name("/testecho"); Console.Out.WriteLine("Register prefix " + prefix.toUri()); face.registerPrefix(prefix, echo, echo); // The main event loop. // Wait to receive one interest for the prefix. while (echo.responseCount_ < 1) { face.processEvents(); // We need to sleep for a few milliseconds so we don't use 100% of // the CPU. System.Threading.Thread.Sleep(5); } }