/// <summary>
/// Create a new Sha256WithRsaSignature with a copy of the fields in the given
/// signature object.
/// </summary>
///
/// <param name="signature">The signature object to copy.</param>
public Sha256WithRsaSignature(Sha256WithRsaSignature signature)
{
this.signature_ = new Blob();
this.keyLocator_ = new ChangeCounter(
new KeyLocator());
this.changeCount_ = 0;
signature_ = signature.signature_;
keyLocator_.set(new KeyLocator(signature.getKeyLocator()));
}
/// <summary>
/// Create a new Sha256WithRsaSignature with a copy of the fields in the given
/// signature object.
/// </summary>
///
/// <param name="signature">The signature object to copy.</param>
public Sha256WithRsaSignature(Sha256WithRsaSignature signature)
{
this.signature_ = new Blob();
this.keyLocator_ = new ChangeCounter(
new KeyLocator());
this.validityPeriod_ = new ChangeCounter(
new ValidityPeriod());
this.changeCount_ = 0;
signature_ = signature.signature_;
keyLocator_.set(new KeyLocator(signature.getKeyLocator()));
}
/// <summary>
/// Create an identity certificate for a public key supplied by the caller.
/// </summary>
///
/// <param name="certificatePrefix">The name of public key to be signed.</param>
/// <param name="publicKey">The public key to be signed.</param>
/// <param name="signerCertificateName">The name of signing certificate.</param>
/// <param name="notBefore">The notBefore value in the validity field of the generated certificate.</param>
/// <param name="notAfter">The notAfter vallue in validity field of the generated certificate.</param>
/// <returns>The generated identity certificate.</returns>
public IdentityCertificate createIdentityCertificate(
Name certificatePrefix, PublicKey publicKey,
Name signerCertificateName, double notBefore, double notAfter)
{
IdentityCertificate certificate = new IdentityCertificate();
Name keyName = getKeyNameFromCertificatePrefix(certificatePrefix);
Name certificateName = new Name(certificatePrefix);
certificateName.append("ID-CERT").appendVersion(
(long) net.named_data.jndn.util.Common.getNowMilliseconds());
certificate.setName(certificateName);
certificate.setNotBefore(notBefore);
certificate.setNotAfter(notAfter);
certificate.setPublicKeyInfo(publicKey);
certificate.addSubjectDescription(new CertificateSubjectDescription(
"2.5.4.41", keyName.toUri()));
try {
certificate.encode();
} catch (DerEncodingException ex) {
throw new SecurityException("DerDecodingException: " + ex);
} catch (DerDecodingException ex_0) {
throw new SecurityException("DerEncodingException: " + ex_0);
}
Sha256WithRsaSignature sha256Sig = new Sha256WithRsaSignature();
KeyLocator keyLocator = new KeyLocator();
keyLocator.setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
keyLocator.setKeyName(signerCertificateName);
sha256Sig.setKeyLocator(keyLocator);
certificate.setSignature(sha256Sig);
SignedBlob unsignedData = certificate.wireEncode();
IdentityCertificate signerCertificate;
try {
signerCertificate = getCertificate(signerCertificateName);
} catch (DerDecodingException ex_1) {
throw new SecurityException("DerDecodingException: " + ex_1);
}
Name signerkeyName = signerCertificate.getPublicKeyName();
Blob sigBits = privateKeyStorage_.sign(unsignedData.signedBuf(),
signerkeyName);
sha256Sig.setSignature(sigBits);
return certificate;
}
/// <summary>
/// Return a new Signature object based on the signature algorithm of the
/// public key with keyName (derived from certificateName).
/// </summary>
///
/// <param name="certificateName">The certificate name.</param>
/// <param name="digestAlgorithm"></param>
/// <returns>A new object of the correct subclass of Signature.</returns>
private Signature makeSignatureByCertificate(Name certificateName,
DigestAlgorithm[] digestAlgorithm)
{
Name keyName = net.named_data.jndn.security.certificate.IdentityCertificate
.certificateNameToPublicKeyName(certificateName);
PublicKey publicKey = privateKeyStorage_.getPublicKey(keyName);
KeyType keyType = publicKey.getKeyType();
if (keyType == net.named_data.jndn.security.KeyType.RSA) {
Sha256WithRsaSignature signature = new Sha256WithRsaSignature();
digestAlgorithm[0] = net.named_data.jndn.security.DigestAlgorithm.SHA256;
signature.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
signature.getKeyLocator().setKeyName(certificateName.getPrefix(-1));
return signature;
} else if (keyType == net.named_data.jndn.security.KeyType.ECDSA) {
Sha256WithEcdsaSignature signature_0 = new Sha256WithEcdsaSignature();
digestAlgorithm[0] = net.named_data.jndn.security.DigestAlgorithm.SHA256;
signature_0.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
signature_0.getKeyLocator().setKeyName(certificateName.getPrefix(-1));
return signature_0;
} else
throw new SecurityException("Key type is not recognized");
}
public void testMatchesData()
{
Interest interest = new Interest(new Name("/A"));
interest.setMinSuffixComponents(2);
interest.setMaxSuffixComponents(2);
interest.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
interest.getKeyLocator().setKeyName(new Name("/B"));
interest.getExclude().appendComponent(new Name.Component("J"));
interest.getExclude().appendAny();
Data data = new Data(new Name("/A/D"));
Sha256WithRsaSignature signature = new Sha256WithRsaSignature();
signature.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
signature.getKeyLocator().setKeyName(new Name("/B"));
data.setSignature(signature);
Assert.AssertEquals(true, interest.matchesData(data));
// Check violating MinSuffixComponents.
Data data1 = new Data(data);
data1.setName(new Name("/A"));
Assert.AssertEquals(false, interest.matchesData(data1));
Interest interest1 = new Interest(interest);
interest1.setMinSuffixComponents(1);
Assert.AssertEquals(true, interest1.matchesData(data1));
// Check violating MaxSuffixComponents.
Data data2 = new Data(data);
data2.setName(new Name("/A/E/F"));
Assert.AssertEquals(false, interest.matchesData(data2));
Interest interest2 = new Interest(interest);
interest2.setMaxSuffixComponents(3);
Assert.AssertEquals(true, interest2.matchesData(data2));
// Check violating PublisherPublicKeyLocator.
Data data3 = new Data(data);
Sha256WithRsaSignature signature3 = new Sha256WithRsaSignature();
signature3.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
signature3.getKeyLocator().setKeyName(new Name("/G"));
data3.setSignature(signature3);
Assert.AssertEquals(false, interest.matchesData(data3));
Interest interest3 = new Interest(interest);
interest3.getKeyLocator().setType(net.named_data.jndn.KeyLocatorType.KEYNAME);
interest3.getKeyLocator().setKeyName(new Name("/G"));
Assert.AssertEquals(true, interest3.matchesData(data3));
Data data4 = new Data(data);
data4.setSignature(new DigestSha256Signature());
Assert.AssertEquals(false, interest.matchesData(data4));
Interest interest4 = new Interest(interest);
interest4.setKeyLocator(new KeyLocator());
Assert.AssertEquals(true, interest4.matchesData(data4));
// Check violating Exclude.
Data data5 = new Data(data);
data5.setName(new Name("/A/J"));
Assert.AssertEquals(false, interest.matchesData(data5));
Interest interest5 = new Interest(interest);
interest5.getExclude().clear();
interest5.getExclude().appendComponent(new Name.Component("K"));
interest5.getExclude().appendAny();
Assert.AssertEquals(true, interest5.matchesData(data5));
// Check violating Name.
Data data6 = new Data(data);
data6.setName(new Name("/H/I"));
Assert.AssertEquals(false, interest.matchesData(data6));
Data data7 = new Data(data);
data7.setName(new Name("/A/B"));
Interest interest7 = new Interest(
new Name(
"/A/B/sha256digest="
+ "54008e240a7eea2714a161dfddf0dd6ced223b3856e9da96792151e180f3b128"));
Assert.AssertEquals(true, interest7.matchesData(data7));
// Check violating the implicit digest.
Interest interest7b = new Interest(new Name(
"/A/B/%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00"
+ "%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00"));
Assert.AssertEquals(false, interest7b.matchesData(data7));
// Check excluding the implicit digest.
Interest interest8 = new Interest(new Name("/A/B"));
interest8.getExclude().appendComponent(interest7.getName().get(2));
Assert.AssertEquals(false, interest8.matchesData(data7));
}
