static void Main(string[] args)
{
var data = new Data();
data.wireDecode(new Blob(TlvData));
// Use a hard-wired secret for testing. In a real application the signer
// ensures that the verifier knows the shared key and its keyName.
var key = new Blob(new byte[] {
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31
});
if (KeyChain.verifyDataWithHmacWithSha256(data, key))
Console.Out.WriteLine("Hard-coded data signature verification: VERIFIED");
else
Console.Out.WriteLine("Hard-coded data signature verification: FAILED");
var freshData = new Data(new Name("/ndn/abc"));
var signature = new HmacWithSha256Signature();
signature.getKeyLocator().setType(KeyLocatorType.KEYNAME);
signature.getKeyLocator().setKeyName(new Name("key1"));
freshData.setSignature(signature);
freshData.setContent(new Blob("SUCCESS!"));
Console.Out.WriteLine("Signing fresh data packet " + freshData.getName().toUri());
KeyChain.signWithHmacWithSha256(freshData, key);
if (KeyChain.verifyDataWithHmacWithSha256(freshData, key))
Console.Out.WriteLine("Freshly-signed data signature verification: VERIFIED");
else
Console.Out.WriteLine("Freshly-signed data signature verification: FAILED");
}
/// <summary>
/// Wire encode the Data object, digest it and set its SignatureInfo to
/// a DigestSha256.
/// </summary>
///
/// <param name="data"></param>
/// <param name="wireFormat">The WireFormat for calling encodeData.</param>
public void signWithSha256(Data data, WireFormat wireFormat)
{
data.setSignature(new DigestSha256Signature());
// Encode once to get the signed portion.
SignedBlob encoding = data.wireEncode(wireFormat);
// Digest and set the signature.
byte[] signedPortionDigest = net.named_data.jndn.util.Common.digestSha256(encoding.signedBuf());
data.getSignature().setSignature(new Blob(signedPortionDigest, false));
// Encode again to include the signature.
data.wireEncode(wireFormat);
}
/// <summary>
/// Sign data packet based on the certificate name.
/// </summary>
///
/// <param name="data">The Data object to sign and update its signature.</param>
/// <param name="certificateName"></param>
/// <param name="wireFormat">The WireFormat for calling encodeData.</param>
public void signByCertificate(Data data, Name certificateName,
WireFormat wireFormat)
{
DigestAlgorithm[] digestAlgorithm = new DigestAlgorithm[1];
Signature signature = makeSignatureByCertificate(certificateName,
digestAlgorithm);
data.setSignature(signature);
// Encode once to get the signed portion.
SignedBlob encoding = data.wireEncode(wireFormat);
data.getSignature()
.setSignature(
privateKeyStorage_.sign(
encoding.signedBuf(),
net.named_data.jndn.security.certificate.IdentityCertificate
.certificateNameToPublicKeyName(certificateName),
digestAlgorithm[0]));
// Encode again to include the signature.
data.wireEncode(wireFormat);
}
public void testMatchesData()
{
Interest interest = new Interest(new Name("/A"));
interest.setMinSuffixComponents(2);
interest.setMaxSuffixComponents(2);
interest.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
interest.getKeyLocator().setKeyName(new Name("/B"));
interest.getExclude().appendComponent(new Name.Component("J"));
interest.getExclude().appendAny();
Data data = new Data(new Name("/A/D"));
Sha256WithRsaSignature signature = new Sha256WithRsaSignature();
signature.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
signature.getKeyLocator().setKeyName(new Name("/B"));
data.setSignature(signature);
Assert.AssertEquals(true, interest.matchesData(data));
// Check violating MinSuffixComponents.
Data data1 = new Data(data);
data1.setName(new Name("/A"));
Assert.AssertEquals(false, interest.matchesData(data1));
Interest interest1 = new Interest(interest);
interest1.setMinSuffixComponents(1);
Assert.AssertEquals(true, interest1.matchesData(data1));
// Check violating MaxSuffixComponents.
Data data2 = new Data(data);
data2.setName(new Name("/A/E/F"));
Assert.AssertEquals(false, interest.matchesData(data2));
Interest interest2 = new Interest(interest);
interest2.setMaxSuffixComponents(3);
Assert.AssertEquals(true, interest2.matchesData(data2));
// Check violating PublisherPublicKeyLocator.
Data data3 = new Data(data);
Sha256WithRsaSignature signature3 = new Sha256WithRsaSignature();
signature3.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
signature3.getKeyLocator().setKeyName(new Name("/G"));
data3.setSignature(signature3);
Assert.AssertEquals(false, interest.matchesData(data3));
Interest interest3 = new Interest(interest);
interest3.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
interest3.getKeyLocator().setKeyName(new Name("/G"));
Assert.AssertEquals(true, interest3.matchesData(data3));
Data data4 = new Data(data);
data4.setSignature(new DigestSha256Signature());
Assert.AssertEquals(false, interest.matchesData(data4));
Interest interest4 = new Interest(interest);
interest4.setKeyLocator(new KeyLocator());
Assert.AssertEquals(true, interest4.matchesData(data4));
// Check violating Exclude.
Data data5 = new Data(data);
data5.setName(new Name("/A/J"));
Assert.AssertEquals(false, interest.matchesData(data5));
Interest interest5 = new Interest(interest);
interest5.getExclude().clear();
interest5.getExclude().appendComponent(new Name.Component("K"));
interest5.getExclude().appendAny();
Assert.AssertEquals(true, interest5.matchesData(data5));
// Check violating Name.
Data data6 = new Data(data);
data6.setName(new Name("/H/I"));
Assert.AssertEquals(false, interest.matchesData(data6));
Data data7 = new Data(data);
data7.setName(new Name("/A/B"));
Interest interest7 = new Interest(
new Name(
"/A/B/sha256digest="
+ "54008e240a7eea2714a161dfddf0dd6ced223b3856e9da96792151e180f3b128"));
Assert.AssertEquals(true, interest7.matchesData(data7));
// Check violating the implicit digest.
Interest interest7b = new Interest(new Name(
"/A/B/%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00"
+ "%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00"));
Assert.AssertEquals(false, interest7b.matchesData(data7));
// Check excluding the implicit digest.
Interest interest8 = new Interest(new Name("/A/B"));
interest8.getExclude().appendComponent(interest7.getName().get(2));
Assert.AssertEquals(false, interest8.matchesData(data7));
}