/// <summary>
/// Generate an RSA key pair according to keySize_.
/// </summary>
///
/// <param name="privateKeyBlob"></param>
/// <param name="publicKeyBlob"></param>
private void generateKeyPair(Blob[] privateKeyBlob, Blob[] publicKeyBlob)
{
RsaKeyParams paras = new RsaKeyParams(keySize_);
DecryptKey privateKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.generateKey(paras);
privateKeyBlob[0] = privateKey.getKeyBits();
EncryptKey publicKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.deriveEncryptKey(privateKeyBlob[0]);
publicKeyBlob[0] = publicKey.getKeyBits();
}
public void testEncryptionDecryption()
{
EncryptParams encryptParams = new EncryptParams(
net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesEcb, 16);
Blob key = new Blob(KEY, false);
DecryptKey decryptKey = new DecryptKey(key);
EncryptKey encryptKey = net.named_data.jndn.encrypt.algo.AesAlgorithm.deriveEncryptKey(decryptKey
.getKeyBits());
// Check key loading and key derivation.
Assert.AssertTrue(encryptKey.getKeyBits().equals(key));
Assert.AssertTrue(decryptKey.getKeyBits().equals(key));
Blob plainBlob = new Blob(PLAINTEXT, false);
// Encrypt data in AES_ECB.
Blob cipherBlob = net.named_data.jndn.encrypt.algo.AesAlgorithm.encrypt(encryptKey.getKeyBits(),
plainBlob, encryptParams);
Assert.AssertTrue(cipherBlob.equals(new Blob(CIPHERTEXT_ECB, false)));
// Decrypt data in AES_ECB.
Blob receivedBlob = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(decryptKey.getKeyBits(),
cipherBlob, encryptParams);
Assert.AssertTrue(receivedBlob.equals(plainBlob));
// Encrypt/decrypt data in AES_CBC with auto-generated IV.
encryptParams.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc);
cipherBlob = net.named_data.jndn.encrypt.algo.AesAlgorithm.encrypt(encryptKey.getKeyBits(), plainBlob,
encryptParams);
receivedBlob = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(decryptKey.getKeyBits(),
cipherBlob, encryptParams);
Assert.AssertTrue(receivedBlob.equals(plainBlob));
// Encrypt data in AES_CBC with specified IV.
Blob initialVector = new Blob(INITIAL_VECTOR, false);
encryptParams.setInitialVector(initialVector);
cipherBlob = net.named_data.jndn.encrypt.algo.AesAlgorithm.encrypt(encryptKey.getKeyBits(), plainBlob,
encryptParams);
Assert.AssertTrue(cipherBlob.equals(new Blob(CIPHERTEXT_CBC_IV, false)));
// Decrypt data in AES_CBC with specified IV.
receivedBlob = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(decryptKey.getKeyBits(),
cipherBlob, encryptParams);
Assert.AssertTrue(receivedBlob.equals(plainBlob));
}
public void testEncryptionDecryption()
{
EncryptParams encryptParams = new EncryptParams(
net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep, 0);
Blob privateKeyBlob = new Blob(net.named_data.jndn.util.Common.base64Decode(PRIVATE_KEY), false);
Blob publicKeyBlob = new Blob(net.named_data.jndn.util.Common.base64Decode(PUBLIC_KEY), false);
DecryptKey decryptKey = new DecryptKey(privateKeyBlob);
EncryptKey encryptKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.deriveEncryptKey(decryptKey
.getKeyBits());
Blob encodedPublic = publicKeyBlob;
Blob derivedPublicKey = encryptKey.getKeyBits();
Assert.AssertTrue(encodedPublic.equals(derivedPublicKey));
Blob plainBlob = new Blob(PLAINTEXT, false);
Blob encryptBlob = net.named_data.jndn.encrypt.algo.RsaAlgorithm.encrypt(encryptKey.getKeyBits(),
plainBlob, encryptParams);
Blob receivedBlob = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptKey.getKeyBits(),
encryptBlob, encryptParams);
Assert.AssertTrue(plainBlob.equals(receivedBlob));
Blob cipherBlob = new Blob(CIPHERTEXT_OAEP, false);
Blob decryptedBlob = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptKey.getKeyBits(),
cipherBlob, encryptParams);
Assert.AssertTrue(plainBlob.equals(decryptedBlob));
// Now test RsaPkcs.
encryptParams = new EncryptParams(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaPkcs, 0);
encryptBlob = net.named_data.jndn.encrypt.algo.RsaAlgorithm.encrypt(encryptKey.getKeyBits(), plainBlob,
encryptParams);
receivedBlob = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptKey.getKeyBits(),
encryptBlob, encryptParams);
Assert.AssertTrue(plainBlob.equals(receivedBlob));
cipherBlob = new Blob(CIPHERTEXT_PKCS, false);
decryptedBlob = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptKey.getKeyBits(),
cipherBlob, encryptParams);
Assert.AssertTrue(plainBlob.equals(decryptedBlob));
}
/// <summary>
/// Generate a new random decrypt key for AES based on the given params.
/// </summary>
///
/// <param name="params">The key params with the key size (in bits).</param>
/// <returns>The new decrypt key.</returns>
public static DecryptKey generateKey(AesKeyParams paras)
{
// Convert the key bit size to bytes.
ByteBuffer key = ILOG.J2CsMapping.NIO.ByteBuffer.allocate(paras.getKeySize() / 8);
net.named_data.jndn.util.Common.getRandom().nextBytes(key.array());
DecryptKey decryptKey = new DecryptKey(new Blob(key, false));
return decryptKey;
}
public void testGetGroupKey()
{
// Create the group manager.
GroupManager manager = new GroupManager(new Name("Alice"), new Name(
"data_type"), new Sqlite3GroupManagerDb(
System.IO.Path.GetFullPath(groupKeyDatabaseFilePath.Name)), 1024, 1, keyChain);
setManager(manager);
// Get the data list from the group manager.
double timePoint1 = net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20150825T093000");
IList result = manager.getGroupKey(timePoint1);
AssertEquals(4, result.Count);
// The first data packet contains the group's encryption key (public key).
Data data = (Data) result[0];
AssertEquals(
"/Alice/READ/data_type/E-KEY/20150825T090000/20150825T100000",
data.getName().toUri());
EncryptKey groupEKey = new EncryptKey(data.getContent());
// Get the second data packet and decrypt.
data = (Data) result[1];
AssertEquals(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberA/ksk-123",
data.getName().toUri());
/////////////////////////////////////////////////////// Start decryption.
Blob dataContent = data.getContent();
// Get the nonce key.
// dataContent is a sequence of the two EncryptedContent.
EncryptedContent encryptedNonce = new EncryptedContent();
encryptedNonce.wireDecode(dataContent);
AssertEquals(0, encryptedNonce.getInitialVector().size());
AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep,
encryptedNonce.getAlgorithmType());
EncryptParams decryptParams = new EncryptParams(
net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.RsaOaep);
Blob blobNonce = encryptedNonce.getPayload();
Blob nonce = net.named_data.jndn.encrypt.algo.RsaAlgorithm.decrypt(decryptKeyBlob, blobNonce,
decryptParams);
// Get the payload.
// Use the size of encryptedNonce to find the start of encryptedPayload.
ByteBuffer payloadContent = dataContent.buf().duplicate();
payloadContent.position(encryptedNonce.wireEncode().size());
EncryptedContent encryptedPayload = new EncryptedContent();
encryptedPayload.wireDecode(payloadContent);
AssertEquals(16, encryptedPayload.getInitialVector().size());
AssertEquals(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc,
encryptedPayload.getAlgorithmType());
decryptParams.setAlgorithmType(net.named_data.jndn.encrypt.algo.EncryptAlgorithmType.AesCbc);
decryptParams.setInitialVector(encryptedPayload.getInitialVector());
Blob blobPayload = encryptedPayload.getPayload();
Blob largePayload = net.named_data.jndn.encrypt.algo.AesAlgorithm.decrypt(nonce, blobPayload,
decryptParams);
// Get the group D-KEY.
DecryptKey groupDKey = new DecryptKey(largePayload);
/////////////////////////////////////////////////////// End decryption.
// Check the D-KEY.
EncryptKey derivedGroupEKey = net.named_data.jndn.encrypt.algo.RsaAlgorithm.deriveEncryptKey(groupDKey
.getKeyBits());
AssertTrue(groupEKey.getKeyBits().equals(derivedGroupEKey.getKeyBits()));
// Check the third data packet.
data = (Data) result[2];
AssertEquals(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberB/ksk-123",
data.getName().toUri());
// Check the fourth data packet.
data = (Data) result[3];
AssertEquals(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberC/ksk-123",
data.getName().toUri());
// Check invalid time stamps for getting the group key.
double timePoint2 = net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20150826T083000");
AssertEquals(0, manager.getGroupKey(timePoint2).Count);
double timePoint3 = net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20150827T023000");
AssertEquals(0, manager.getGroupKey(timePoint3).Count);
}
