/// <summary>
/// Set the key name in keyHandle according to identityName and params.
/// </summary>
///
protected static internal void setKeyName(TpmKeyHandle keyHandle, Name identityName,
KeyParams paras)
{
Name.Component keyId;
if (paras.getKeyIdType() == net.named_data.jndn.security.KeyIdType.USER_SPECIFIED)
{
keyId = paras.getKeyId();
}
else if (paras.getKeyIdType() == net.named_data.jndn.security.KeyIdType.SHA256)
{
byte[] digest = net.named_data.jndn.util.Common.digestSha256(keyHandle.derivePublicKey()
.buf());
keyId = new Name.Component(digest);
}
else if (paras.getKeyIdType() == net.named_data.jndn.security.KeyIdType.RANDOM)
{
if (paras.getKeyId().getValue().size() == 0)
{
throw new TpmBackEnd.Error(
"setKeyName: The keyId is empty for type RANDOM");
}
keyId = paras.getKeyId();
}
else
{
throw new TpmBackEnd.Error("setKeyName: unrecognized params.getKeyIdType()");
}
keyHandle.setKeyName(net.named_data.jndn.security.pib.PibKey.constructKeyName(identityName, keyId));
}
/// <summary>
/// Get the public portion of an asymmetric key pair with name keyName.
/// </summary>
///
/// <param name="keyName">The name of the key.</param>
/// <returns>The encoded public key, or an isNull Blob if the key does not exist.</returns>
public Blob getPublicKey(Name keyName)
{
TpmKeyHandle key = findKey(keyName);
if (key == null)
{
return(new Blob());
}
else
{
return(key.derivePublicKey());
}
}
/// <summary>
/// Return the plain text which is decrypted from cipherText using the key
/// with name keyName.
/// </summary>
///
/// <param name="cipherText">The cipher text byte buffer.</param>
/// <param name="keyName">The name of the key.</param>
/// <returns>The decrypted data, or an isNull Blob if the key does not exist.</returns>
public Blob decrypt(ByteBuffer cipherText, Name keyName)
{
TpmKeyHandle key = findKey(keyName);
if (key == null)
{
return(new Blob());
}
else
{
return(key.decrypt(cipherText));
}
}
/// <summary>
/// Compute a digital signature from the byte buffer using the key with name
/// keyName.
/// </summary>
///
/// <param name="data">The input byte buffer.</param>
/// <param name="keyName">The name of the key.</param>
/// <param name="digestAlgorithm">The digest algorithm for the signature.</param>
/// <returns>The signature Blob, or an isNull Blob if the key does not exist, or
/// for an unrecognized digestAlgorithm.</returns>
public Blob sign(ByteBuffer data, Name keyName,
DigestAlgorithm digestAlgorithm)
{
TpmKeyHandle key = findKey(keyName);
if (key == null)
{
return(new Blob());
}
else
{
return(key.sign(digestAlgorithm, data));
}
}
/// <summary>
/// Create a key for the identityName according to params. The created key is
/// named /{identityName}/[keyId]/KEY .
/// This should only be called by KeyChain.
/// </summary>
///
/// <param name="identityName">The name if the identity.</param>
/// <param name="params">The KeyParams for creating the key.</param>
/// <returns>The name of the created key.</returns>
/// <exception cref="Tpm.Error">if params is invalid or the key type is unsupported.</exception>
/// <exception cref="TpmBackEnd.Error">if the key already exists or cannot be created.</exception>
public Name createKey_(Name identityName, KeyParams paras)
{
if (paras.getKeyType() == net.named_data.jndn.security.KeyType.RSA ||
paras.getKeyType() == net.named_data.jndn.security.KeyType.EC)
{
TpmKeyHandle keyHandle = backEnd_.createKey(identityName, paras);
Name keyName = keyHandle.getKeyName();
ILOG.J2CsMapping.Collections.Collections.Put(keys_, keyName, keyHandle);
return(keyName);
}
else
{
throw new Tpm.Error("createKey: Unsupported key type");
}
}
/// <summary>
/// Get the TpmKeyHandle with name keyName, using backEnd_.getKeyHandle if it
/// is not already cached in keys_.
/// </summary>
///
/// <param name="keyName">The name of the key, which is copied.</param>
/// <returns>The key handle in the keys_ cache, or null if no key exists with
/// name keyName.</returns>
private TpmKeyHandle findKey(Name keyName)
{
TpmKeyHandle handle = ILOG.J2CsMapping.Collections.Collections.Get(keys_, keyName);
if (handle != null)
{
return(handle);
}
handle = backEnd_.getKeyHandle(keyName);
if (handle != null)
{
// Copy the Name.
ILOG.J2CsMapping.Collections.Collections.Put(keys_, new Name(keyName), handle);
return(handle);
}
return(null);
}