/// <summary> /// Generate a key pair for the specified identity. /// </summary> /// /// <param name="identityName">The name of the specified identity.</param> /// <param name="isKsk">true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).</param> /// <param name="params">The parameters of the key.</param> /// <returns>The name of the generated key.</returns> private Name generateKeyPair(Name identityName, bool isKsk, KeyParams paras) { ILOG.J2CsMapping.Util.Logging.Logger.getLogger(this.GetType().FullName).log(ILOG.J2CsMapping.Util.Logging.Level.INFO, "Get new key ID"); Name keyName = identityStorage_.getNewKeyName(identityName, isKsk); ILOG.J2CsMapping.Util.Logging.Logger.getLogger(this.GetType().FullName).log(ILOG.J2CsMapping.Util.Logging.Level.INFO, "Generate key pair in private storage"); privateKeyStorage_.generateKeyPair(keyName, paras); ILOG.J2CsMapping.Util.Logging.Logger.getLogger(this.GetType().FullName).log(ILOG.J2CsMapping.Util.Logging.Level.INFO, "Create a key record in public storage"); PublicKey pubKey = privateKeyStorage_.getPublicKey(keyName); identityStorage_.addKey(keyName, paras.getKeyType(), pubKey.getKeyDer()); return keyName; }
/// <summary> /// Create an identity by creating a pair of Key-Signing-Key (KSK) for this /// identity and a self-signed certificate of the KSK. If a key pair or /// certificate for the identity already exists, use it. /// </summary> /// /// <param name="identityName">The name of the identity.</param> /// <param name="params">The key parameters if a key needs to be generated for the identity.</param> /// <returns>The name of the default certificate of the identity.</returns> /// <exception cref="System.Security.SecurityException">if the identity has already been created.</exception> public Name createIdentityAndCertificate(Name identityName, KeyParams paras) { identityStorage_.addIdentity(identityName); Name keyName = null; bool generateKey = true; try { keyName = identityStorage_ .getDefaultKeyNameForIdentity(identityName); PublicKey key = new PublicKey(identityStorage_.getKey(keyName)); if (key.getKeyType() == paras.getKeyType()) // The key exists and has the same type, so don't need to generate one. generateKey = false; } catch (SecurityException ex) { } if (generateKey) { keyName = generateKeyPair(identityName, true, paras); identityStorage_.setDefaultKeyNameForIdentity(keyName); } Name certName = null; bool makeCert = true; try { certName = identityStorage_ .getDefaultCertificateNameForKey(keyName); // The cert exists, so don't need to make it. makeCert = false; } catch (SecurityException ex_0) { } if (makeCert) { IdentityCertificate selfCert = selfSign(keyName); addCertificateAsIdentityDefault(selfCert); certName = selfCert.getName(); } return certName; }
/// <summary> /// Generate a pair of asymmetric keys. /// </summary> /// /// <param name="keyName">The name of the key pair.</param> /// <param name="params">The parameters of the key.</param> /// <exception cref="System.Security.SecurityException"></exception> public override void generateKeyPair(Name keyName, KeyParams paras) { if (doesKeyExist(keyName, net.named_data.jndn.security.KeyClass.PUBLIC)) throw new SecurityException("Public Key already exists"); if (doesKeyExist(keyName, net.named_data.jndn.security.KeyClass.PRIVATE)) throw new SecurityException("Private Key already exists"); String keyAlgorithm; int keySize; if (paras.getKeyType() == net.named_data.jndn.security.KeyType.RSA) { keyAlgorithm = "RSA"; keySize = ((RsaKeyParams) paras).getKeySize(); } else if (paras.getKeyType() == net.named_data.jndn.security.KeyType.ECDSA) { keyAlgorithm = "EC"; keySize = ((EcdsaKeyParams) paras).getKeySize(); } else throw new SecurityException("Cannot generate a key pair of type " + paras.getKeyType()); KeyPairGenerator generator = null; try { generator = System.KeyPairGenerator.getInstance(keyAlgorithm); } catch (Exception e) { throw new SecurityException( "FilePrivateKeyStorage: Could not create the key generator: " + e.Message); } generator.initialize(keySize); KeyPair pair = generator.generateKeyPair(); setKeyPairForKeyName(keyName, paras.getKeyType(), ILOG.J2CsMapping.NIO.ByteBuffer.wrap(pair.getPublic().getEncoded()), ILOG.J2CsMapping.NIO.ByteBuffer.wrap(pair.getPrivate().getEncoded())); }