/// <summary> /// Prepare an unsigned identity certificate. /// </summary> /// /// <param name="keyName">The key name, e.g., `/{identity_name}/ksk-123456`.</param> /// <param name="publicKey">The public key to sign.</param> /// <param name="signingIdentity">The signing identity.</param> /// <param name="notBefore">See IdentityCertificate.</param> /// <param name="notAfter">See IdentityCertificate.</param> /// <param name="subjectDescription">on the keyName.</param> /// <param name="certPrefix">signingIdentity and the subject identity. If the signingIdentity is a prefix of the subject identity, `KEY` will be inserted after the signingIdentity, otherwise `KEY` is inserted after subject identity (i.e., before `ksk-...`).</param> /// <returns>The unsigned IdentityCertificate, or null if the inputs are invalid.</returns> public IdentityCertificate prepareUnsignedIdentityCertificate( Name keyName, PublicKey publicKey, Name signingIdentity, double notBefore, double notAfter, IList subjectDescription, Name certPrefix) { if (keyName.size() < 1) return null; String tempKeyIdPrefix = keyName.get(-1).toEscapedString(); if (tempKeyIdPrefix.Length < 4) return null; String keyIdPrefix = tempKeyIdPrefix.Substring(0,(4)-(0)); if (!keyIdPrefix.equals("ksk-") && !keyIdPrefix.equals("dsk-")) return null; IdentityCertificate certificate = new IdentityCertificate(); Name certName = new Name(); if (certPrefix == null) { // No certificate prefix hint, so infer the prefix. if (signingIdentity.match(keyName)) certName.append(signingIdentity).append("KEY") .append(keyName.getSubName(signingIdentity.size())) .append("ID-CERT") .appendVersion((long) net.named_data.jndn.util.Common.getNowMilliseconds()); else certName.append(keyName.getPrefix(-1)).append("KEY") .append(keyName.get(-1)).append("ID-CERT") .appendVersion((long) net.named_data.jndn.util.Common.getNowMilliseconds()); } else { // A cert prefix hint is supplied, so determine the cert name. if (certPrefix.match(keyName) && !certPrefix.equals(keyName)) certName.append(certPrefix).append("KEY") .append(keyName.getSubName(certPrefix.size())) .append("ID-CERT") .appendVersion((long) net.named_data.jndn.util.Common.getNowMilliseconds()); else return null; } certificate.setName(certName); certificate.setNotBefore(notBefore); certificate.setNotAfter(notAfter); certificate.setPublicKeyInfo(publicKey); if (subjectDescription == null || (subjectDescription.Count==0)) certificate .addSubjectDescription(new CertificateSubjectDescription( "2.5.4.41", keyName.getPrefix(-1).toUri())); else { for (int i = 0; i < subjectDescription.Count; ++i) certificate .addSubjectDescription((CertificateSubjectDescription) subjectDescription[i]); } try { certificate.encode(); } catch (DerEncodingException ex) { throw new SecurityException("DerEncodingException: " + ex); } catch (DerDecodingException ex_0) { throw new SecurityException("DerDecodingException: " + ex_0); } return certificate; }
public void testMatch() { Name name = new Name("/edu/cmu/andrew/user/3498478"); Name name2 = new Name(name); Assert.AssertTrue("Name does not match deep copy of itself", name.match(name2)); name2 = name.getPrefix(2); Assert.AssertTrue("Name did not match prefix", name2.match(name)); Assert.AssertFalse("Name should not match shorter name", name.match(name2)); Assert.AssertTrue("Empty name should always match another", new Name().match(name)); }
/// <summary> /// Determines if a name satisfies the relation to another name, based on /// matchRelation. /// </summary> /// /// <param name="name"></param> /// <param name="matchName"></param> /// <param name="matchRelation">name as a prefix "is-strict-prefix-of" - passes if the name has the other name as a prefix, and is not equal "equal" - passes if the two names are equal</param> /// <returns>True if matches.</returns> private static bool matchesRelation(Name name, Name matchName, String matchRelation) { bool passed = false; if (matchRelation.equals("is-strict-prefix-of")) { if (matchName.size() == name.size()) passed = false; else if (matchName.match(name)) passed = true; } else if (matchRelation.equals("is-prefix-of")) { if (matchName.match(name)) passed = true; } else if (matchRelation.equals("equal")) { if (matchName.equals(name)) passed = true; } return passed; }