/// <summary>
/// Encrypt the payload using the asymmetric key according to params, and
/// return an EncryptedContent.
/// </summary>
///
/// <param name="payload"></param>
/// <param name="key">The key value.</param>
/// <param name="keyName">The key name for the EncryptedContent key locator.</param>
/// <param name="params">The parameters for encryption.</param>
/// <returns>A new EncryptedContent.</returns>
private static EncryptedContent encryptAsymmetric(Blob payload, Blob key,
Name keyName, EncryptParams paras)
{
EncryptAlgorithmType algorithmType = paras.getAlgorithmType();
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.setKeyName(keyName);
if (algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaPkcs ||
algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep)
{
Blob encryptedPayload = net.named_data.jndn.encrypt.algo.RsaAlgorithm.encrypt(key, payload, paras);
EncryptedContent result = new EncryptedContent();
result.setAlgorithmType(algorithmType);
result.setKeyLocator(keyLocator);
result.setPayload(encryptedPayload);
return(result);
}
else
{
throw new Exception("Unsupported encryption method");
}
}
public void testKekRetrievalFailure()
{
int[] nErrors_0 = new int[] { 0 };
fixture_ = new TestEncryptorV2.EncryptorFixture(false, new TestEncryptorV2.Anonymous_C0(nErrors_0));
Blob plainText = new Blob("Data to encrypt");
EncryptedContent encryptedContent = fixture_.encryptor_
.encrypt(plainText.getImmutableArray());
// Check that KEK interests has been sent.
Assert.AssertTrue(fixture_.face_.sentInterests_[0].getName().getPrefix(6)
.equals(new Name("/access/policy/identity/NAC/dataset/KEK")));
// ... and failed to retrieve.
Assert.AssertEquals(0, fixture_.face_.sentData_.Count);
Assert.AssertEquals(1, nErrors_0[0]);
Assert.AssertEquals(0, fixture_.face_.sentData_.Count);
// Check recovery.
fixture_.publishData();
fixture_.face_.delayedCallTable_.setNowOffsetMilliseconds_(73000);
fixture_.face_.processEvents();
Data kekData = fixture_.face_.sentData_[0];
Assert.AssertTrue(kekData.getName().getPrefix(6)
.equals(new Name("/access/policy/identity/NAC/dataset/KEK")));
Assert.AssertEquals(7, kekData.getName().size());
}
/// <summary>
/// Encrypt the payload using the symmetric key according to params, and return
/// an EncryptedContent.
/// </summary>
///
/// <param name="payload">The data to encrypt.</param>
/// <param name="key">The key value.</param>
/// <param name="keyName">The key name for the EncryptedContent key locator.</param>
/// <param name="params">The parameters for encryption.</param>
/// <returns>A new EncryptedContent.</returns>
private static EncryptedContent encryptSymmetric(Blob payload, Blob key,
Name keyName, EncryptParams paras)
{
EncryptAlgorithmType algorithmType = paras.getAlgorithmType();
Blob initialVector = paras.getInitialVector();
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.setKeyName(keyName);
if (algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc ||
algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesEcb)
{
if (algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc)
{
if (initialVector.size() != net.named_data.jndn.encrypt.algo.AesAlgorithm.BLOCK_SIZE)
{
throw new Exception("incorrect initial vector size");
}
}
Blob encryptedPayload = net.named_data.jndn.encrypt.algo.AesAlgorithm.encrypt(key, payload, paras);
EncryptedContent result = new EncryptedContent();
result.setAlgorithmType(algorithmType);
result.setKeyLocator(keyLocator);
result.setPayload(encryptedPayload);
result.setInitialVector(initialVector);
return(result);
}
else
{
throw new Exception("Unsupported encryption method");
}
}
public void testCreateDKeyData()
{
// Create the group manager.
GroupManager manager = new GroupManager(new Name("Alice"), new Name(
"data_type"), new Sqlite3GroupManagerDb(
dKeyDatabaseFilePath.FullName), 2048, 1, keyChain);
Blob newCertificateBlob = certificate.wireEncode();
IdentityCertificate newCertificate = new IdentityCertificate();
newCertificate.wireDecode(newCertificateBlob);
// Encrypt the D-KEY.
Data data = friendAccess.createDKeyData(manager, "20150825T000000",
"20150827T000000", new Name("/ndn/memberA/KEY"),
decryptKeyBlob, newCertificate.getPublicKeyInfo().getKeyDer());
// Verify the encrypted D-KEY.
Blob dataContent = data.getContent();
// Get the nonce key.
// dataContent is a sequence of the two EncryptedContent.
EncryptedContent encryptedNonce = new EncryptedContent();
encryptedNonce.wireDecode(dataContent);
Assert.AssertEquals(0, encryptedNonce.getInitialVector().size());
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
encryptedNonce.getAlgorithmType());
Blob blobNonce = encryptedNonce.getPayload();
EncryptParams decryptParams = new EncryptParams(
net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep);
Blob nonce = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptKeyBlob, blobNonce,
decryptParams);
// Get the D-KEY.
// Use the size of encryptedNonce to find the start of encryptedPayload.
ByteBuffer payloadContent = dataContent.buf().duplicate();
payloadContent.position(encryptedNonce.wireEncode().size());
EncryptedContent encryptedPayload = new EncryptedContent();
encryptedPayload.wireDecode(payloadContent);
Assert.AssertEquals(16, encryptedPayload.getInitialVector().size());
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc,
encryptedPayload.getAlgorithmType());
decryptParams.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc);
decryptParams.setInitialVector(encryptedPayload.getInitialVector());
Blob blobPayload = encryptedPayload.getPayload();
Blob largePayload = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(nonce, blobPayload,
decryptParams);
Assert.AssertTrue(largePayload.equals(decryptKeyBlob));
}
public void checkEncryptionKeys(IList result, double testTime,
Name.Component roundedTime,
int expectedExpressInterestCallCount)
{
Assert.AssertEquals(expectedExpressInterestCallCount,
expressInterestCallCount_[0]);
try {
Assert.AssertEquals(true, testDb_.hasContentKey(testTime));
contentKey_[0] = testDb_.getContentKey(testTime);
} catch (ProducerDb.Error ex) {
Assert.Fail("Error in ProducerDb: " + ex);
}
EncryptParams paras = new EncryptParams(
net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep);
for (int i = 0; i < result.Count; ++i)
{
Data key = (Data)result[i];
Name keyName = key.getName();
Assert.AssertEquals(cKeyName_, keyName.getSubName(0, 6));
Assert.AssertEquals(keyName.get(6), roundedTime);
Assert.AssertEquals(keyName.get(7), net.named_data.jndn.encrypt.algo.Encryptor.NAME_COMPONENT_FOR);
Assert.AssertEquals(true,
outer_TestProducer.decryptionKeys.Contains(keyName.getSubName(8)));
Blob decryptionKey = (Blob)ILOG.J2CsMapping.Collections.Collections.Get(outer_TestProducer.decryptionKeys, keyName
.getSubName(8));
Assert.AssertEquals(true, decryptionKey.size() != 0);
Blob encryptedKeyEncoding = key.getContent();
EncryptedContent content = new EncryptedContent();
try {
content.wireDecode(encryptedKeyEncoding);
} catch (EncodingException ex_0) {
Assert.Fail("Error decoding EncryptedContent" + ex_0);
}
Blob encryptedKey = content.getPayload();
Blob retrievedKey = null;
try {
retrievedKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptionKey,
encryptedKey, paras);
} catch (Exception ex_1) {
Assert.Fail("Error in RsaAlgorithm.decrypt: " + ex_1);
}
Assert.AssertTrue(contentKey_[0].equals(retrievedKey));
}
Assert.AssertEquals(3, result.Count);
}
public void testEncryptAndPublishCk()
{
fixture_.encryptor_.clearKekData_();
Assert.AssertEquals(false, fixture_.encryptor_.getIsKekRetrievalInProgress_());
fixture_.encryptor_.regenerateCk();
// Unlike the ndn-group-encrypt unit tests, we don't check
// isKekRetrievalInProgress_ true because we use a synchronous face which
// finishes immediately.
Blob plainText = new Blob("Data to encrypt");
EncryptedContent encryptedContent = fixture_.encryptor_
.encrypt(plainText.getImmutableArray());
Name ckPrefix = encryptedContent.getKeyLocatorName();
Assert.AssertTrue(new Name("/some/ck/prefix/CK")
.equals(ckPrefix.getPrefix(-1)));
Assert.AssertTrue(encryptedContent.hasInitialVector());
Assert.AssertTrue(!encryptedContent.getPayload().equals(plainText));
// Check that the KEK Interest has been sent.
Assert.AssertTrue(fixture_.face_.sentInterests_[0].getName().getPrefix(6)
.equals(new Name("/access/policy/identity/NAC/dataset/KEK")));
Data kekData = fixture_.face_.sentData_[0];
Assert.AssertTrue(kekData.getName().getPrefix(6)
.equals(new Name("/access/policy/identity/NAC/dataset/KEK")));
Assert.AssertEquals(7, kekData.getName().size());
ILOG.J2CsMapping.Collections.Collections.Clear(fixture_.face_.sentData_);
ILOG.J2CsMapping.Collections.Collections.Clear(fixture_.face_.sentInterests_);
fixture_.face_.receive(new Interest(ckPrefix).setCanBePrefix(true)
.setMustBeFresh(true));
Name ckName = fixture_.face_.sentData_[0].getName();
Assert.AssertTrue(ckName.getPrefix(4).equals(new Name("/some/ck/prefix/CK")));
Assert.AssertTrue(ckName.get(5).equals(new Name.Component("ENCRYPTED-BY")));
Name extractedKek = ckName.getSubName(6);
Assert.AssertTrue(extractedKek.equals(kekData.getName()));
Assert.AssertEquals(false, fixture_.encryptor_.getIsKekRetrievalInProgress_());
}
public void testDecryptValid()
{
TestDecryptorV2.DecryptorFixture fixture = new TestDecryptorV2.DecryptorFixture(new Name("/first/user"));
EncryptedContent encryptedContent = new EncryptedContent();
encryptedContent.wireDecodeV2(net.named_data.jndn.tests.integration_tests.EncryptStaticData.encryptedBlobs[0]);
int[] nSuccesses_0 = new int[] { 0 };
int[] nFailures_1 = new int[] { 0 };
fixture.decryptor_.decrypt(encryptedContent,
new TestDecryptorV2.Anonymous_C3(nSuccesses_0), new TestDecryptorV2.Anonymous_C2(nFailures_1));
Assert.AssertEquals(1, nSuccesses_0[0]);
Assert.AssertEquals(0, nFailures_1[0]);
}
public void testContentAsymmetricEncryptSmall()
{
/* foreach */
foreach (TestEncryptor.AsymmetricEncryptInput input in encryptorRsaTestInputs)
{
Blob rawContent = new Blob(toBuffer(new int[] { 0x01, 0x23, 0x45,
0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76,
0x54, 0x32, 0x10, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74,
0x73 }), false);
Data data = new Data();
RsaKeyParams rsaParams = new RsaKeyParams(1024);
Name keyName = new Name("test");
DecryptKey decryptKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.generateKey(rsaParams);
EncryptKey encryptKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.deriveEncryptKey(decryptKey
.getKeyBits());
Blob eKey = encryptKey.getKeyBits();
Blob dKey = decryptKey.getKeyBits();
EncryptParams encryptParams = new EncryptParams(input.type());
net.named_data.jndn.encrypt.algo.Encryptor.encryptData(data, rawContent, keyName, eKey,
encryptParams);
Assert.AssertEquals(input.testName(), new Name("/FOR").append(keyName),
data.getName());
EncryptedContent extractContent = new EncryptedContent();
extractContent.wireDecode(data.getContent());
Assert.AssertEquals(input.testName(), keyName, extractContent
.getKeyLocator().getKeyName());
Assert.AssertEquals(input.testName(), 0, extractContent.getInitialVector()
.size());
Assert.AssertEquals(input.testName(), input.type(),
extractContent.getAlgorithmType());
Blob recovered = extractContent.getPayload();
Blob decrypted = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(dKey, recovered,
encryptParams);
Assert.AssertTrue(input.testName(), rawContent.equals(decrypted));
}
}
public void testSetterGetter()
{
EncryptedContent content = new EncryptedContent();
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.NONE, content.getAlgorithmType());
Assert.AssertEquals(true, content.getPayload().isNull());
Assert.AssertEquals(true, content.getInitialVector().isNull());
Assert.AssertEquals(net.named_data.jndn.KeyLocatorType.NONE, content.getKeyLocator().getType());
content.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep);
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep, content.getAlgorithmType());
Assert.AssertEquals(true, content.getPayload().isNull());
Assert.AssertEquals(true, content.getInitialVector().isNull());
Assert.AssertEquals(net.named_data.jndn.KeyLocatorType.NONE, content.getKeyLocator().getType());
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.getKeyName().set("/test/key/locator");
content.setKeyLocator(keyLocator);
Assert.AssertTrue(content.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.NONE);
Assert.AssertTrue(content.getKeyLocator().getKeyName()
.equals(new Name("/test/key/locator")));
Assert.AssertEquals(true, content.getPayload().isNull());
Assert.AssertEquals(true, content.getInitialVector().isNull());
content.setPayload(new Blob(message, false));
Assert.AssertTrue(content.getPayload().equals(new Blob(message, false)));
content.setInitialVector(new Blob(iv, false));
Assert.AssertTrue(content.getInitialVector().equals(new Blob(iv, false)));
Blob encoded = content.wireEncode();
Blob contentBlob = new Blob(encrypted, false);
Assert.AssertTrue(contentBlob.equals(encoded));
}
public void testContentSymmetricEncrypt()
{
/* foreach */
foreach (TestEncryptor.SymmetricEncryptInput input in encryptorAesTestInputs)
{
Data data = new Data();
net.named_data.jndn.encrypt.algo.Encryptor.encryptData(data, input.plainText(), input.keyName(),
input.key(), input.encryptParams());
Assert.AssertEquals(input.testName(),
new Name("/FOR").append(input.keyName()), data.getName());
Assert.AssertTrue(input.testName(),
input.encryptedContent().equals(data.getContent()));
EncryptedContent content = new EncryptedContent();
content.wireDecode(data.getContent());
Blob decryptedOutput = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(input.key(),
content.getPayload(), input.encryptParams());
Assert.AssertTrue(input.testName(),
input.plainText().equals(decryptedOutput));
}
}
public void testDecodingError()
{
EncryptedContent encryptedContent = new EncryptedContent();
Blob errorBlob1 = new Blob(toBuffer(new int[] {
0x1f,
0x30, // Wrong EncryptedContent (0x82, 0x24)
0x1c,
0x16, // KeyLocator
0x07,
0x14, // Name
0x08, 0x04, 0x74, 0x65, 0x73, 0x74, 0x08, 0x03, 0x6b, 0x65,
0x79, 0x08, 0x07, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72,
0x83,
0x01, // EncryptedAlgorithm
0x00, 0x85,
0x0a, // InitialVector
0x72, 0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x62, 0x69, 0x74, 0x73,
0x84, 0x07, // EncryptedPayload
0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74
}), false);
try {
encryptedContent.wireDecode(errorBlob1);
Assert.Fail("wireDecode did not throw an exception");
} catch (EncodingException ex) {
} catch (Exception ex_0) {
Assert.Fail("wireDecode did not throw EncodingException");
}
Blob errorBlob2 = new Blob(toBuffer(new int[] {
0x82,
0x30, // EncryptedContent
0x1d,
0x16, // Wrong KeyLocator (0x1c, 0x16)
0x07,
0x14, // Name
0x08, 0x04, 0x74, 0x65, 0x73, 0x74, 0x08, 0x03, 0x6b, 0x65,
0x79, 0x08, 0x07, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72,
0x83,
0x01, // EncryptedAlgorithm
0x00, 0x85,
0x0a, // InitialVector
0x72, 0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x62, 0x69, 0x74, 0x73,
0x84, 0x07, // EncryptedPayload
0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74
}), false);
try {
encryptedContent.wireDecode(errorBlob2);
Assert.Fail("wireDecode did not throw an exception");
} catch (EncodingException ex_1) {
} catch (Exception ex_2) {
Assert.Fail("wireDecode did not throw EncodingException");
}
Blob errorBlob3 = new Blob(toBuffer(new int[] {
0x82,
0x30, // EncryptedContent
0x1c,
0x16, // KeyLocator
0x07,
0x14, // Name
0x08, 0x04, 0x74, 0x65, 0x73, 0x74, 0x08, 0x03, 0x6b, 0x65,
0x79, 0x08, 0x07, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72,
0x1d,
0x01, // Wrong EncryptedAlgorithm (0x83, 0x01)
0x00, 0x85,
0x0a, // InitialVector
0x72, 0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x62, 0x69, 0x74, 0x73,
0x84, 0x07, // EncryptedPayload
0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74
}), false);
try {
encryptedContent.wireDecode(errorBlob3);
Assert.Fail("wireDecode did not throw an exception");
} catch (EncodingException ex_3) {
} catch (Exception ex_4) {
Assert.Fail("wireDecode did not throw EncodingException");
}
Blob errorBlob4 = new Blob(toBuffer(new int[] { 0x82,
0x30, // EncryptedContent
0x1c,
0x16, // KeyLocator
0x07,
0x14, // Name
0x08, 0x04, 0x74, 0x65, 0x73,
0x74, // 'test'
0x08, 0x03, 0x6b, 0x65,
0x79, // 'key'
0x08, 0x07, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f,
0x72, // 'locator'
0x83,
0x01, // EncryptedAlgorithm
0x00, 0x1f,
0x0a, // InitialVector (0x84, 0x0a)
0x72, 0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x62, 0x69, 0x74, 0x73,
0x84, 0x07, // EncryptedPayload
0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74 }), false);
try {
encryptedContent.wireDecode(errorBlob4);
Assert.Fail("wireDecode did not throw an exception");
} catch (EncodingException ex_5) {
} catch (Exception ex_6) {
Assert.Fail("wireDecode did not throw EncodingException");
}
Blob errorBlob5 = new Blob(toBuffer(new int[] { 0x82,
0x30, // EncryptedContent
0x1c,
0x16, // KeyLocator
0x07,
0x14, // Name
0x08, 0x04, 0x74, 0x65, 0x73,
0x74, // 'test'
0x08, 0x03, 0x6b, 0x65,
0x79, // 'key'
0x08, 0x07, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f,
0x72, // 'locator'
0x83,
0x01, // EncryptedAlgorithm
0x00, 0x85,
0x0a, // InitialVector
0x72, 0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x62, 0x69, 0x74, 0x73,
0x21, 0x07, // EncryptedPayload (0x85, 0x07)
0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74 }), false);
try {
encryptedContent.wireDecode(errorBlob5);
Assert.Fail("wireDecode did not throw an exception");
} catch (EncodingException ex_7) {
} catch (Exception ex_8) {
Assert.Fail("wireDecode did not throw EncodingException");
}
Blob errorBlob6 = new Blob(toBuffer(new int[] { 0x82, 0x00 // Empty EncryptedContent
}), false);
try {
encryptedContent.wireDecode(errorBlob6);
Assert.Fail("wireDecode did not throw an exception");
} catch (EncodingException ex_9) {
} catch (Exception ex_10) {
Assert.Fail("wireDecode did not throw EncodingException");
}
}
/// <summary>
/// Decode input as an EncryptedContent and set the fields of the
/// encryptedContent object. Your derived class should override.
/// </summary>
///
/// <param name="encryptedContent"></param>
/// <param name="input"></param>
/// <exception cref="EncodingException">For invalid encoding.</exception>
/// <exception cref="System.NotSupportedException">for unimplemented if the derivedclass does not override.</exception>
public virtual void decodeEncryptedContent(EncryptedContent encryptedContent,
ByteBuffer input)
{
throw new NotSupportedException(
"decodeEncryptedContent is not implemented");
}
/// <summary>
/// Encode the EncryptedContent and return the encoding. Your derived class
/// should override.
/// </summary>
///
/// <param name="encryptedContent">The EncryptedContent object to encode.</param>
/// <returns>A Blob containing the encoding.</returns>
/// <exception cref="System.NotSupportedException">for unimplemented if the derivedclass does not override.</exception>
public virtual Blob encodeEncryptedContent(EncryptedContent encryptedContent)
{
throw new NotSupportedException(
"encodeEncryptedContent is not implemented");
}
public void testGetGroupKey()
{
// Create the group manager.
GroupManager manager = new GroupManager(new Name("Alice"), new Name(
"data_type"), new Sqlite3GroupManagerDb(
groupKeyDatabaseFilePath.FullName), 1024, 1, keyChain);
setManager(manager);
// Get the data list from the group manager.
double timePoint1 = net.named_data.jndn.encrypt.Schedule.fromIsoString("20150825T093000");
IList result = manager.getGroupKey(timePoint1);
Assert.AssertEquals(4, result.Count);
// The first data packet contains the group's encryption key (public key).
Data data = (Data)result[0];
Assert.AssertEquals(
"/Alice/READ/data_type/E-KEY/20150825T090000/20150825T100000",
data.getName().toUri());
EncryptKey groupEKey = new EncryptKey(data.getContent());
// Get the second data packet and decrypt.
data = (Data)result[1];
Assert.AssertEquals(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberA/ksk-123",
data.getName().toUri());
/////////////////////////////////////////////////////// Start decryption.
Blob dataContent = data.getContent();
// Get the nonce key.
// dataContent is a sequence of the two EncryptedContent.
EncryptedContent encryptedNonce = new EncryptedContent();
encryptedNonce.wireDecode(dataContent);
Assert.AssertEquals(0, encryptedNonce.getInitialVector().size());
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
encryptedNonce.getAlgorithmType());
EncryptParams decryptParams = new EncryptParams(
net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep);
Blob blobNonce = encryptedNonce.getPayload();
Blob nonce = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptKeyBlob, blobNonce,
decryptParams);
// Get the payload.
// Use the size of encryptedNonce to find the start of encryptedPayload.
ByteBuffer payloadContent = dataContent.buf().duplicate();
payloadContent.position(encryptedNonce.wireEncode().size());
EncryptedContent encryptedPayload = new EncryptedContent();
encryptedPayload.wireDecode(payloadContent);
Assert.AssertEquals(16, encryptedPayload.getInitialVector().size());
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc,
encryptedPayload.getAlgorithmType());
decryptParams.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc);
decryptParams.setInitialVector(encryptedPayload.getInitialVector());
Blob blobPayload = encryptedPayload.getPayload();
Blob largePayload = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(nonce, blobPayload,
decryptParams);
// Get the group D-KEY.
DecryptKey groupDKey = new DecryptKey(largePayload);
/////////////////////////////////////////////////////// End decryption.
// Check the D-KEY.
EncryptKey derivedGroupEKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.deriveEncryptKey(groupDKey
.getKeyBits());
Assert.AssertTrue(groupEKey.getKeyBits().equals(derivedGroupEKey.getKeyBits()));
// Check the third data packet.
data = (Data)result[2];
Assert.AssertEquals(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberB/ksk-123",
data.getName().toUri());
// Check the fourth data packet.
data = (Data)result[3];
Assert.AssertEquals(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberC/ksk-123",
data.getName().toUri());
// Check invalid time stamps for getting the group key.
double timePoint2 = net.named_data.jndn.encrypt.Schedule.fromIsoString("20150826T083000");
Assert.AssertEquals(0, manager.getGroupKey(timePoint2).Count);
double timePoint3 = net.named_data.jndn.encrypt.Schedule.fromIsoString("20150827T023000");
Assert.AssertEquals(0, manager.getGroupKey(timePoint3).Count);
}
public void testContentKeyRequest()
{
Name prefix = new Name("/prefix");
Name suffix = new Name("/a/b/c");
Name expectedInterest = new Name(prefix);
expectedInterest.append(net.named_data.jndn.encrypt.algo.Encryptor.NAME_COMPONENT_READ);
expectedInterest.append(suffix);
expectedInterest.append(net.named_data.jndn.encrypt.algo.Encryptor.NAME_COMPONENT_E_KEY);
Name cKeyName = new Name(prefix);
cKeyName.append(net.named_data.jndn.encrypt.algo.Encryptor.NAME_COMPONENT_SAMPLE);
cKeyName.append(suffix);
cKeyName.append(net.named_data.jndn.encrypt.algo.Encryptor.NAME_COMPONENT_C_KEY);
Name timeMarker = new Name("20150101T100000/20150101T120000");
double testTime1 = net.named_data.jndn.encrypt.Schedule.fromIsoString("20150101T100001");
double testTime2 = net.named_data.jndn.encrypt.Schedule.fromIsoString("20150101T110001");
Name.Component testTimeRounded1 = new Name.Component(
"20150101T100000");
Name.Component testTimeRounded2 = new Name.Component(
"20150101T110000");
Name.Component testTimeComponent2 = new Name.Component(
"20150101T110001");
// Create content keys required for this test case:
for (int i = 0; i < suffix.size(); ++i)
{
createEncryptionKey(expectedInterest, timeMarker);
expectedInterest = expectedInterest.getPrefix(-2).append(
net.named_data.jndn.encrypt.algo.Encryptor.NAME_COMPONENT_E_KEY);
}
int[] expressInterestCallCount = new int[] { 0 };
// Prepare a LocalTestFace to instantly answer calls to expressInterest.
TestProducer.LocalTestFace face = new TestProducer.LocalTestFace(this, timeMarker,
expressInterestCallCount);
// Verify that the content key is correctly encrypted for each domain, and
// the produce method encrypts the provided data with the same content key.
ProducerDb testDb = new Sqlite3ProducerDb(
databaseFilePath.FullName);
Producer producer = new Producer(prefix, suffix, face, keyChain, testDb);
Blob[] contentKey = new Blob[] { null };
TestProducer.CheckEncryptionKeys checkEncryptionKeys = new TestProducer.CheckEncryptionKeys(
this, expressInterestCallCount, contentKey, cKeyName, testDb);
// An initial test to confirm that keys are created for this time slot.
Name contentKeyName1 = producer.createContentKey(testTime1,
new TestProducer.Anonymous_C4(checkEncryptionKeys, testTimeRounded1,
testTime1));
// Verify that we do not repeat the search for e-keys. The total
// expressInterestCallCount should be the same.
Name contentKeyName2 = producer.createContentKey(testTime2,
new TestProducer.Anonymous_C3(checkEncryptionKeys, testTime2,
testTimeRounded2));
// Confirm content key names are correct
Assert.AssertEquals(cKeyName, contentKeyName1.getPrefix(-1));
Assert.AssertEquals(testTimeRounded1, contentKeyName1.get(6));
Assert.AssertEquals(cKeyName, contentKeyName2.getPrefix(-1));
Assert.AssertEquals(testTimeRounded2, contentKeyName2.get(6));
// Confirm that produce encrypts with the correct key and has the right name.
Data testData = new Data();
producer.produce(testData, testTime2, new Blob(DATA_CONTENT, false));
Name producedName = testData.getName();
Assert.AssertEquals(cKeyName.getPrefix(-1), producedName.getSubName(0, 5));
Assert.AssertEquals(testTimeComponent2, producedName.get(5));
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.Encryptor.NAME_COMPONENT_FOR, producedName.get(6));
Assert.AssertEquals(cKeyName, producedName.getSubName(7, 6));
Assert.AssertEquals(testTimeRounded2, producedName.get(13));
Blob dataBlob = testData.getContent();
EncryptedContent dataContent = new EncryptedContent();
dataContent.wireDecode(dataBlob);
Blob encryptedData = dataContent.getPayload();
Blob initialVector = dataContent.getInitialVector();
EncryptParams paras = new EncryptParams(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc,
16);
paras.setInitialVector(initialVector);
Blob decryptTest = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(contentKey[0], encryptedData,
paras);
Assert.AssertTrue(decryptTest.equals(new Blob(DATA_CONTENT, false)));
}
/// <summary>
/// Prepare an encrypted data packet by encrypting the payload using the key
/// according to the params. In addition, this prepares the encoded
/// EncryptedContent with the encryption result using keyName and params. The
/// encoding is set as the content of the data packet. If params defines an
/// asymmetric encryption algorithm and the payload is larger than the maximum
/// plaintext size, this encrypts the payload with a symmetric key that is
/// asymmetrically encrypted and provided as a nonce in the content of the data
/// packet. The packet's /{dataName}/ is updated to be
/// /{dataName}/FOR/{keyName}
/// </summary>
///
/// <param name="data">The data packet which is updated.</param>
/// <param name="payload">The payload to encrypt.</param>
/// <param name="keyName">The key name for the EncryptedContent.</param>
/// <param name="key">The encryption key value.</param>
/// <param name="params">The parameters for encryption.</param>
public static void encryptData(Data data, Blob payload, Name keyName,
Blob key, EncryptParams paras)
{
Name dataName = data.getName();
dataName.append(NAME_COMPONENT_FOR).append(keyName);
data.setName(dataName);
EncryptAlgorithmType algorithmType = paras.getAlgorithmType();
if (algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc ||
algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesEcb)
{
EncryptedContent content = encryptSymmetric(payload, key, keyName,
paras);
data.setContent(content.wireEncode(net.named_data.jndn.encoding.TlvWireFormat.get()));
}
else if (algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaPkcs ||
algorithmType == net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep)
{
// Java doesn't have a direct way to get the maximum plain text size, so
// try to encrypt the payload first and catch the error if it is too big.
try {
EncryptedContent content_0 = encryptAsymmetric(payload, key,
keyName, paras);
data.setContent(content_0.wireEncode(net.named_data.jndn.encoding.TlvWireFormat.get()));
return;
} catch (IllegalBlockSizeException ex) {
// The payload is larger than the maximum plaintext size. Continue.
}
// 128-bit nonce.
ByteBuffer nonceKeyBuffer = ILOG.J2CsMapping.NIO.ByteBuffer.allocate(16);
net.named_data.jndn.util.Common.getRandom().nextBytes(nonceKeyBuffer.array());
Blob nonceKey = new Blob(nonceKeyBuffer, false);
Name nonceKeyName = new Name(keyName);
nonceKeyName.append("nonce");
EncryptParams symmetricParams = new EncryptParams(
net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc, net.named_data.jndn.encrypt.algo.AesAlgorithm.BLOCK_SIZE);
EncryptedContent nonceContent = encryptSymmetric(payload, nonceKey,
nonceKeyName, symmetricParams);
EncryptedContent payloadContent = encryptAsymmetric(nonceKey, key,
keyName, paras);
Blob nonceContentEncoding = nonceContent.wireEncode();
Blob payloadContentEncoding = payloadContent.wireEncode();
ByteBuffer content_1 = ILOG.J2CsMapping.NIO.ByteBuffer.allocate(nonceContentEncoding
.size() + payloadContentEncoding.size());
content_1.put(payloadContentEncoding.buf());
content_1.put(nonceContentEncoding.buf());
content_1.flip();
data.setContent(new Blob(content_1, false));
}
else
{
throw new Exception("Unsupported encryption method");
}
}
/// <summary>
/// Decode input as an EncryptedContent v2 (used in Name-based Access Control
/// v2) and set the fields of the encryptedContent object.
/// See https://github.com/named-data/name-based-access-control/blob/new/docs/spec.rst .
/// Copy from the input when making new Blob values. Your derived class should
/// override.
/// </summary>
///
/// <param name="encryptedContent"></param>
/// <param name="input"></param>
/// <exception cref="EncodingException">For invalid encoding.</exception>
/// <exception cref="System.NotSupportedException">for unimplemented if the derivedclass does not override.</exception>
public void decodeEncryptedContentV2(
EncryptedContent encryptedContent, ByteBuffer input)
{
decodeEncryptedContentV2(encryptedContent, input, true);
}
public void testContentAsymmetricEncryptLarge()
{
/* foreach */
foreach (TestEncryptor.AsymmetricEncryptInput input in encryptorRsaTestInputs)
{
Blob largeContent = new Blob(toBuffer(new int[] { 0x73, 0x5a, 0xbd,
0x47, 0x0c, 0xfe, 0xf8, 0x7d, 0x2e, 0x17, 0xaa, 0x11, 0x6f,
0x23, 0xc5, 0x10, 0x23, 0x36, 0x88, 0xc4, 0x2a, 0x0f, 0x9a,
0x72, 0x54, 0x31, 0xa8, 0xb3, 0x51, 0x18, 0x9f, 0x0e, 0x1b,
0x93, 0x62, 0xd9, 0xc4, 0xf5, 0xf4, 0x3d, 0x61, 0x9a, 0xca,
0x05, 0x65, 0x6b, 0xc6, 0x41, 0xf9, 0xd5, 0x1c, 0x67, 0xc1,
0xd0, 0xd5, 0x6f, 0x7b, 0x70, 0xb8, 0x8f, 0xdb, 0x19, 0x68,
0x7c, 0xe0, 0x2d, 0x04, 0x49, 0xa9, 0xa2, 0x77, 0x4e, 0xfc,
0x60, 0x0d, 0x7c, 0x1b, 0x93, 0x6c, 0xd2, 0x61, 0xc4, 0x6b,
0x01, 0xe9, 0x12, 0x28, 0x6d, 0xf5, 0x78, 0xe9, 0x99, 0x0b,
0x9c, 0x4f, 0x90, 0x34, 0x3e, 0x06, 0x92, 0x57, 0xe3, 0x7a,
0x8f, 0x13, 0xc7, 0xf3, 0xfe, 0xf0, 0xe2, 0x59, 0x48, 0x15,
0xb9, 0xdb, 0x77, 0x07, 0x1d, 0x6d, 0xb5, 0x65, 0x17, 0xdf,
0x76, 0x6f, 0xb5, 0x43, 0xde, 0x71, 0xac, 0xf1, 0x22, 0xbf,
0xb2, 0xe5, 0xd9, 0x22, 0xf1, 0x67, 0x76, 0x71, 0x0c, 0xff,
0x99, 0x7b, 0x94, 0x9b, 0x24, 0x20, 0x80, 0xe3, 0xcc, 0x06,
0x4a, 0xed, 0xdf, 0xec, 0x50, 0xd5, 0x87, 0x3d, 0xa0, 0x7d,
0x9c, 0xe5, 0x13, 0x10, 0x98, 0x14, 0xc3, 0x90, 0x10, 0xd9,
0x25, 0x9a, 0x59, 0xe9, 0x37, 0x26, 0xfd, 0x87, 0xd7, 0xf4,
0xf9, 0x11, 0x91, 0xad, 0x5c, 0x00, 0x95, 0xf5, 0x2b, 0x37,
0xf7, 0x4e, 0xb4, 0x4b, 0x42, 0x7c, 0xb3, 0xad, 0xd6, 0x33,
0x5f, 0x0b, 0x84, 0x57, 0x7f, 0xa7, 0x07, 0x73, 0x37, 0x4b,
0xab, 0x2e, 0xfb, 0xfe, 0x1e, 0xcb, 0xb6, 0x4a, 0xc1, 0x21,
0x5f, 0xec, 0x92, 0xb7, 0xac, 0x97, 0x75, 0x20, 0xc9, 0xd8,
0x9e, 0x93, 0xd5, 0x12, 0x7a, 0x64, 0xb9, 0x4c, 0xed, 0x49,
0x87, 0x44, 0x5b, 0x4f, 0x90, 0x34, 0x3e, 0x06, 0x92, 0x57,
0xe3, 0x7a, 0x8f, 0x13, 0xc7, 0xf3, 0xfe, 0xf0, 0xe2, 0x59,
0x48, 0x15, 0xb9, 0xdb, 0x77, 0x07, 0x1d, 0x6d, 0xb5, 0x65,
0x17, 0xdf, 0x76, 0x6f, 0xb5, 0x43, 0xde, 0x71, 0xac, 0xf1,
0x22, 0xbf, 0xb2, 0xe5, 0xd9 }), false);
Data data = new Data();
RsaKeyParams rsaParams = new RsaKeyParams(1024);
Name keyName = new Name("test");
DecryptKey decryptKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.generateKey(rsaParams);
EncryptKey encryptKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.deriveEncryptKey(decryptKey
.getKeyBits());
Blob eKey = encryptKey.getKeyBits();
Blob dKey = decryptKey.getKeyBits();
EncryptParams encryptParams = new EncryptParams(input.type());
net.named_data.jndn.encrypt.algo.Encryptor.encryptData(data, largeContent, keyName, eKey,
encryptParams);
Assert.AssertEquals(input.testName(), new Name("/FOR").append(keyName),
data.getName());
Blob largeDataContent = data.getContent();
// largeDataContent is a sequence of the two EncryptedContent.
EncryptedContent encryptedNonce = new EncryptedContent();
encryptedNonce.wireDecode(largeDataContent);
Assert.AssertEquals(input.testName(), keyName, encryptedNonce
.getKeyLocator().getKeyName());
Assert.AssertEquals(input.testName(), 0, encryptedNonce.getInitialVector()
.size());
Assert.AssertEquals(input.testName(), input.type(),
encryptedNonce.getAlgorithmType());
// Use the size of encryptedNonce to find the start of encryptedPayload.
ByteBuffer payloadContent = largeDataContent.buf().duplicate();
payloadContent.position(encryptedNonce.wireEncode().size());
EncryptedContent encryptedPayload = new EncryptedContent();
encryptedPayload.wireDecode(payloadContent);
Name nonceKeyName = new Name(keyName);
nonceKeyName.append("nonce");
Assert.AssertEquals(input.testName(), nonceKeyName, encryptedPayload
.getKeyLocator().getKeyName());
Assert.AssertEquals(input.testName(), 16, encryptedPayload
.getInitialVector().size());
Assert.AssertEquals(input.testName(), net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc,
encryptedPayload.getAlgorithmType());
Assert.AssertTrue(input.testName(), encryptedNonce.wireEncode().size()
+ encryptedPayload.wireEncode().size() == largeDataContent
.size());
Blob blobNonce = encryptedNonce.getPayload();
Blob nonce = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(dKey, blobNonce, encryptParams);
encryptParams.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc);
encryptParams.setInitialVector(encryptedPayload.getInitialVector());
Blob bufferPayload = encryptedPayload.getPayload();
Blob largePayload = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(nonce, bufferPayload,
encryptParams);
Assert.AssertTrue(input.testName(), largeContent.equals(largePayload));
}
}
public void testConstructor()
{
// Check default settings.
EncryptedContent content = new EncryptedContent();
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.NONE, content.getAlgorithmType());
Assert.AssertEquals(true, content.getPayload().isNull());
Assert.AssertEquals(true, content.getInitialVector().isNull());
Assert.AssertEquals(net.named_data.jndn.KeyLocatorType.NONE, content.getKeyLocator().getType());
// Check an encrypted content with IV.
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.getKeyName().set("/test/key/locator");
EncryptedContent rsaOaepContent = new EncryptedContent();
rsaOaepContent.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep)
.setKeyLocator(keyLocator).setPayload(new Blob(message, false))
.setInitialVector(new Blob(iv, false));
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
rsaOaepContent.getAlgorithmType());
Assert.AssertTrue(rsaOaepContent.getPayload().equals(new Blob(message, false)));
Assert.AssertTrue(rsaOaepContent.getInitialVector()
.equals(new Blob(iv, false)));
Assert.AssertTrue(rsaOaepContent.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.NONE);
Assert.AssertTrue(rsaOaepContent.getKeyLocator().getKeyName()
.equals(new Name("/test/key/locator")));
// Encoding.
Blob encryptedBlob = new Blob(encrypted, false);
Blob encoded = rsaOaepContent.wireEncode();
Assert.AssertTrue(encryptedBlob.equals(encoded));
// Decoding.
EncryptedContent rsaOaepContent2 = new EncryptedContent();
rsaOaepContent2.wireDecode(encryptedBlob);
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
rsaOaepContent2.getAlgorithmType());
Assert.AssertTrue(rsaOaepContent2.getPayload()
.equals(new Blob(message, false)));
Assert.AssertTrue(rsaOaepContent2.getInitialVector().equals(
new Blob(iv, false)));
Assert.AssertTrue(rsaOaepContent2.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.NONE);
Assert.AssertTrue(rsaOaepContent2.getKeyLocator().getKeyName()
.equals(new Name("/test/key/locator")));
// Check the no IV case.
EncryptedContent rsaOaepContentNoIv = new EncryptedContent();
rsaOaepContentNoIv.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep)
.setKeyLocator(keyLocator).setPayload(new Blob(message, false));
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
rsaOaepContentNoIv.getAlgorithmType());
Assert.AssertTrue(rsaOaepContentNoIv.getPayload().equals(
new Blob(message, false)));
Assert.AssertTrue(rsaOaepContentNoIv.getInitialVector().isNull());
Assert.AssertTrue(rsaOaepContentNoIv.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.NONE);
Assert.AssertTrue(rsaOaepContentNoIv.getKeyLocator().getKeyName()
.equals(new Name("/test/key/locator")));
// Encoding.
Blob encryptedBlob2 = new Blob(encryptedNoIv, false);
Blob encodedNoIV = rsaOaepContentNoIv.wireEncode();
Assert.AssertTrue(encryptedBlob2.equals(encodedNoIV));
// Decoding.
EncryptedContent rsaOaepContentNoIv2 = new EncryptedContent();
rsaOaepContentNoIv2.wireDecode(encryptedBlob2);
Assert.AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
rsaOaepContentNoIv2.getAlgorithmType());
Assert.AssertTrue(rsaOaepContentNoIv2.getPayload().equals(
new Blob(message, false)));
Assert.AssertTrue(rsaOaepContentNoIv2.getInitialVector().isNull());
Assert.AssertTrue(rsaOaepContentNoIv2.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.NONE);
Assert.AssertTrue(rsaOaepContentNoIv2.getKeyLocator().getKeyName()
.equals(new Name("/test/key/locator")));
}
public void checkEncryptionKeys(List result, double testTime,
Name.Component roundedTime,
int expectedExpressInterestCallCount) {
AssertEquals(expectedExpressInterestCallCount,
expressInterestCallCount[0]);
try {
AssertEquals(true, testDb.HasContentKey(testTime));
contentKey[0] = testDb.GetContentKey(testTime);
} catch (ProducerDb.Error ex) {
Fail("Error in ProducerDb: " + ex);
}
EncryptParams paras = new EncryptParams(
net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep);
for (int i = 0; i < result.Count; ++i) {
Data key = (Data) result[i];
Name keyName = key.getName();
AssertEquals(cKeyName, keyName.getSubName(0, 6));
AssertEquals(keyName.get(6), roundedTime);
AssertEquals(keyName.get(7), net.named_data.jndn.encrypt.algo.Encryptor.NAME_COMPONENT_FOR);
AssertEquals(true,
outer_TestProducer.decryptionKeys.Contains(keyName.getSubName(8)));
Blob decryptionKey = (Blob) ILOG.J2CsMapping.Collections.Collections.Get(outer_TestProducer.decryptionKeys,keyName
.getSubName(8));
AssertEquals(true, decryptionKey.size() != 0);
Blob encryptedKeyEncoding = key.getContent();
EncryptedContent content = new EncryptedContent();
try {
content.wireDecode(encryptedKeyEncoding);
} catch (EncodingException ex_0) {
Fail("Error decoding EncryptedContent" + ex_0);
}
Blob encryptedKey = content.getPayload();
Blob retrievedKey = null;
try {
retrievedKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptionKey,
encryptedKey, paras);
} catch (Exception ex_1) {
Fail("Error in RsaAlgorithm.decrypt: " + ex_1);
}
AssertTrue(contentKey[0].Equals(retrievedKey));
}
AssertEquals(3, result.Count);
}
