Пример #1
0
        public void testSetters()
        {
            CertificateV2 certificate = new CertificateV2();

            certificate.setName(new Name(
                                    "/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B"));
            certificate.getMetaInfo().setFreshnessPeriod(3600 * 1000.0d);
            certificate.setContent(new Blob(PUBLIC_KEY, false));
            certificate.setSignature(generateFakeSignature());

            Assert.AssertEquals(new Name(
                                    "/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B"),
                                certificate.getName());
            Assert.AssertEquals(new Name("/ndn/site1/KEY/ksk-1416425377094"),
                                certificate.getKeyName());
            Assert.AssertEquals(new Name("/ndn/site1"), certificate.getIdentity());
            Assert.AssertEquals(new Name.Component("0123"), certificate.getIssuerId());
            Assert.AssertEquals(new Name.Component("ksk-1416425377094"),
                                certificate.getKeyId());
            Assert.AssertEquals(new Name("/ndn/site1/KEY/ksk-2516425377094"), net.named_data.jndn.KeyLocator
                                .getFromSignature(certificate.getSignature()).getKeyName());
            Assert.AssertEquals(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20141111T050000"), certificate
                                .getValidityPeriod().getNotBefore(), 0);
            Assert.AssertEquals(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20141111T060000"), certificate
                                .getValidityPeriod().getNotAfter(), 0);

            try {
                certificate.getPublicKey();
            } catch (Exception ex) {
                Assert.Fail(ex.Message);
            }
        }
Пример #2
0
        public void testOverwrite()
        {
            PibMemory pibImpl = new PibMemory();

            try {
                new PibKeyImpl(fixture.id1Key1Name, pibImpl);
                Assert.Fail("Did not throw the expected exception");
            } catch (Pib.Error ex) {
            } catch (Exception ex_0) {
                Assert.Fail("Did not throw the expected exception");
            }

            new PibKeyImpl(fixture.id1Key1Name, fixture.id1Key1.buf(), pibImpl);
            PibKeyImpl key1 = new PibKeyImpl(fixture.id1Key1Name, pibImpl);

            // Overwriting the key should work.
            new PibKeyImpl(fixture.id1Key1Name, fixture.id1Key2.buf(), pibImpl);
            PibKeyImpl key2 = new PibKeyImpl(fixture.id1Key1Name, pibImpl);

            // key1 should have cached the original public key.
            Assert.AssertTrue(!key1.getPublicKey().equals(key2.getPublicKey()));
            Assert.AssertTrue(key2.getPublicKey().equals(fixture.id1Key2));

            key1.addCertificate(fixture.id1Key1Cert1);
            // Use the wire encoding to check equivalence.
            Assert.AssertTrue(key1.getCertificate(fixture.id1Key1Cert1.getName())
                              .wireEncode().equals(fixture.id1Key1Cert1.wireEncode()));

            CertificateV2 otherCert = new CertificateV2(fixture.id1Key1Cert1);

            ((Sha256WithRsaSignature)otherCert.getSignature()).getValidityPeriod()
            .setPeriod(net.named_data.jndn.util.Common.getNowMilliseconds(),
                       net.named_data.jndn.util.Common.getNowMilliseconds() + 1000);
            // Don't bother resigning so we don't have to load a private key.

            Assert.AssertTrue(fixture.id1Key1Cert1.getName().equals(otherCert.getName()));
            Assert.AssertTrue(otherCert.getContent().equals(
                                  fixture.id1Key1Cert1.getContent()));
            Assert.AssertFalse(otherCert.wireEncode().equals(
                                   fixture.id1Key1Cert1.wireEncode()));

            key1.addCertificate(otherCert);

            Assert.AssertTrue(key1.getCertificate(fixture.id1Key1Cert1.getName())
                              .wireEncode().equals(otherCert.wireEncode()));
        }
Пример #3
0
        public void testConstructor()
        {
            CertificateV2 certificate = new CertificateV2();

            certificate.wireDecode(new Blob(CERT, false));

            Assert.AssertEquals(new Name(
                                    "/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B"),
                                certificate.getName());
            Assert.AssertEquals(new Name("/ndn/site1/KEY/ksk-1416425377094"),
                                certificate.getKeyName());
            Assert.AssertEquals(new Name("/ndn/site1"), certificate.getIdentity());
            Assert.AssertEquals(new Name.Component("0123"), certificate.getIssuerId());
            Assert.AssertEquals(new Name.Component("ksk-1416425377094"),
                                certificate.getKeyId());
            Assert.AssertEquals(new Name("/ndn/site1/KEY/ksk-2516425377094"), net.named_data.jndn.KeyLocator
                                .getFromSignature(certificate.getSignature()).getKeyName());
            Assert.AssertEquals(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20150814T223739"), certificate
                                .getValidityPeriod().getNotBefore(), 0);
            Assert.AssertEquals(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20150818T223738"), certificate
                                .getValidityPeriod().getNotAfter(), 0);

            try {
                certificate.getPublicKey();
            } catch (Exception ex) {
                Assert.Fail(ex.Message);
            }

            Data data = new Data();

            data.wireDecode(new Blob(CERT, false));
            CertificateV2 certificate2 = new CertificateV2(data);

            Assert.AssertEquals(certificate.getName(), certificate2.getName());
            Assert.AssertTrue(certificate.getPublicKey().equals(
                                  certificate2.getPublicKey()));
        }
Пример #4
0
        private static CertificateV2 makeSelfSignedCertificate(Name keyName,
                                                               Blob privateKeyBag, Blob publicKeyEncoding, ByteBuffer password,
                                                               DigestAlgorithm digestAlgorithm, WireFormat wireFormat)
        {
            CertificateV2 certificate = new CertificateV2();

            // Set the name.
            double now             = net.named_data.jndn.util.Common.getNowMilliseconds();
            Name   certificateName = new Name(keyName);

            certificateName.append("self").appendVersion((long)now);
            certificate.setName(certificateName);

            // Set the MetaInfo.
            certificate.getMetaInfo().setType(net.named_data.jndn.ContentType.KEY);
            // Set a one-hour freshness period.
            certificate.getMetaInfo().setFreshnessPeriod(3600 * 1000.0d);

            // Set the content.
            PublicKey publicKey = null;

            try {
                publicKey = new PublicKey(publicKeyEncoding);
            } catch (UnrecognizedKeyFormatException ex) {
                // Promote to Pib.Error.
                throw new Pib.Error("Error decoding public key " + ex);
            }
            certificate.setContent(publicKey.getKeyDer());

            // Create a temporary in-memory Tpm and import the private key.
            Tpm tpm = new Tpm("", "", new TpmBackEndMemory());

            tpm.importPrivateKey_(keyName, privateKeyBag.buf(), password);

            // Set the signature info.
            if (publicKey.getKeyType() == net.named_data.jndn.security.KeyType.RSA)
            {
                certificate.setSignature(new Sha256WithRsaSignature());
            }
            else if (publicKey.getKeyType() == net.named_data.jndn.security.KeyType.EC)
            {
                certificate.setSignature(new Sha256WithEcdsaSignature());
            }
            else
            {
                throw new AssertionError("Unsupported key type");
            }
            Signature signatureInfo = certificate.getSignature();

            net.named_data.jndn.KeyLocator.getFromSignature(signatureInfo).setType(
                net.named_data.jndn.KeyLocatorType.KEYNAME);
            net.named_data.jndn.KeyLocator.getFromSignature(signatureInfo).setKeyName(keyName);

            // Set a 20-year validity period.
            net.named_data.jndn.security.ValidityPeriod.getFromSignature(signatureInfo).setPeriod(now,
                                                                                                  now + 20 * 365 * 24 * 3600 * 1000.0d);

            // Encode once to get the signed portion.
            SignedBlob encoding       = certificate.wireEncode(wireFormat);
            Blob       signatureBytes = tpm.sign(encoding.signedBuf(), keyName,
                                                 digestAlgorithm);

            signatureInfo.setSignature(signatureBytes);

            // Encode again to include the signature.
            certificate.wireEncode(wireFormat);

            return(certificate);
        }