public void testSetters() { CertificateV2 certificate = new CertificateV2(); certificate.setName(new Name( "/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B")); certificate.getMetaInfo().setFreshnessPeriod(3600 * 1000.0d); certificate.setContent(new Blob(PUBLIC_KEY, false)); certificate.setSignature(generateFakeSignature()); Assert.AssertEquals(new Name( "/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B"), certificate.getName()); Assert.AssertEquals(new Name("/ndn/site1/KEY/ksk-1416425377094"), certificate.getKeyName()); Assert.AssertEquals(new Name("/ndn/site1"), certificate.getIdentity()); Assert.AssertEquals(new Name.Component("0123"), certificate.getIssuerId()); Assert.AssertEquals(new Name.Component("ksk-1416425377094"), certificate.getKeyId()); Assert.AssertEquals(new Name("/ndn/site1/KEY/ksk-2516425377094"), net.named_data.jndn.KeyLocator .getFromSignature(certificate.getSignature()).getKeyName()); Assert.AssertEquals(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20141111T050000"), certificate .getValidityPeriod().getNotBefore(), 0); Assert.AssertEquals(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20141111T060000"), certificate .getValidityPeriod().getNotAfter(), 0); try { certificate.getPublicKey(); } catch (Exception ex) { Assert.Fail(ex.Message); } }
public void testEmptyContent() { Data data = new Data(certificateBase_); data.setContent(new Blob()); data.setSignature(generateFakeSignature()); try { new CertificateV2(data); Assert.Fail("The CertificateV2 constructor did not throw an exception"); } catch (CertificateV2.Error ex) { } catch (Exception ex_0) { Assert.Fail("The CertificateV2 constructor did not throw an exception"); } CertificateV2 certificate = new CertificateV2(certificateBase_); certificate.setContent(new Blob()); certificate.setSignature(generateFakeSignature()); try { certificate.getPublicKey(); Assert.Fail("getPublicKey did not throw an exception"); } catch (CertificateV2.Error ex_1) { } catch (Exception ex_2) { Assert.Fail("getPublicKey did not throw an exception"); } }
public void testOverwrite() { /* foreach */ foreach (PibDataFixture2 fixture in pibImpls) { PibImpl pib = fixture.pib; // Check for id1Key1, which should not exist. pib.removeIdentity(fixture.id1); Assert.AssertEquals(false, pib.hasKey(fixture.id1Key1Name)); // Add id1Key1. pib.addKey(fixture.id1, fixture.id1Key1Name, fixture.id1Key1.buf()); Assert.AssertEquals(true, pib.hasKey(fixture.id1Key1Name)); Blob keyBits = pib.getKeyBits(fixture.id1Key1Name); Assert.AssertTrue(keyBits.equals(fixture.id1Key1)); // To check overwrite, add a key with the same name. pib.addKey(fixture.id1, fixture.id1Key1Name, fixture.id1Key2.buf()); Blob keyBits2 = pib.getKeyBits(fixture.id1Key1Name); Assert.AssertTrue(keyBits2.equals(fixture.id1Key2)); // Check for id1Key1Cert1, which should not exist. pib.removeIdentity(fixture.id1); Assert.AssertEquals(false, pib.hasCertificate(fixture.id1Key1Cert1.getName())); // Add id1Key1Cert1. pib.addKey(fixture.id1, fixture.id1Key1Name, fixture.id1Key1.buf()); pib.addCertificate(fixture.id1Key1Cert1); Assert.AssertEquals(true, pib.hasCertificate(fixture.id1Key1Cert1.getName())); CertificateV2 cert = pib.getCertificate(fixture.id1Key1Cert1 .getName()); Assert.AssertTrue(cert.wireEncode().equals( fixture.id1Key1Cert1.wireEncode())); // Create a fake certificate with the same name. CertificateV2 cert2 = fixture.id1Key2Cert1; cert2.setName(fixture.id1Key1Cert1.getName()); cert2.setSignature(fixture.id1Key2Cert1.getSignature()); pib.addCertificate(cert2); CertificateV2 cert3 = pib.getCertificate(fixture.id1Key1Cert1 .getName()); Assert.AssertTrue(cert3.wireEncode().equals(cert2.wireEncode())); // Check that both the key and certificate are overwritten. Blob keyBits3 = pib.getKeyBits(fixture.id1Key1Name); Assert.AssertTrue(keyBits3.equals(fixture.id1Key2)); } }
public void testValidityPeriodChecking() { CertificateV2 certificate = new CertificateV2(); certificate.setName(new Name( "/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B")); certificate.getMetaInfo().setFreshnessPeriod(3600 * 1000.0d); certificate.setContent(new Blob(PUBLIC_KEY, false)); certificate.setSignature(generateFakeSignature()); Assert.AssertEquals(true, certificate.isValid(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20141111T050000"))); Assert.AssertEquals(true, certificate.isValid(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20141111T060000"))); Assert.AssertEquals(false, certificate.isValid(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20141111T045959"))); Assert.AssertEquals(false, certificate.isValid(net.named_data.jndn.tests.unit_tests.UnitTestsCommon.fromIsoString("20141111T060001"))); }
private static CertificateV2 makeSelfSignedCertificate(Name keyName, Blob privateKeyBag, Blob publicKeyEncoding, ByteBuffer password, DigestAlgorithm digestAlgorithm, WireFormat wireFormat) { CertificateV2 certificate = new CertificateV2(); // Set the name. double now = net.named_data.jndn.util.Common.getNowMilliseconds(); Name certificateName = new Name(keyName); certificateName.append("self").appendVersion((long)now); certificate.setName(certificateName); // Set the MetaInfo. certificate.getMetaInfo().setType(net.named_data.jndn.ContentType.KEY); // Set a one-hour freshness period. certificate.getMetaInfo().setFreshnessPeriod(3600 * 1000.0d); // Set the content. PublicKey publicKey = null; try { publicKey = new PublicKey(publicKeyEncoding); } catch (UnrecognizedKeyFormatException ex) { // Promote to Pib.Error. throw new Pib.Error("Error decoding public key " + ex); } certificate.setContent(publicKey.getKeyDer()); // Create a temporary in-memory Tpm and import the private key. Tpm tpm = new Tpm("", "", new TpmBackEndMemory()); tpm.importPrivateKey_(keyName, privateKeyBag.buf(), password); // Set the signature info. if (publicKey.getKeyType() == net.named_data.jndn.security.KeyType.RSA) { certificate.setSignature(new Sha256WithRsaSignature()); } else if (publicKey.getKeyType() == net.named_data.jndn.security.KeyType.EC) { certificate.setSignature(new Sha256WithEcdsaSignature()); } else { throw new AssertionError("Unsupported key type"); } Signature signatureInfo = certificate.getSignature(); net.named_data.jndn.KeyLocator.getFromSignature(signatureInfo).setType( net.named_data.jndn.KeyLocatorType.KEYNAME); net.named_data.jndn.KeyLocator.getFromSignature(signatureInfo).setKeyName(keyName); // Set a 20-year validity period. net.named_data.jndn.security.ValidityPeriod.getFromSignature(signatureInfo).setPeriod(now, now + 20 * 365 * 24 * 3600 * 1000.0d); // Encode once to get the signed portion. SignedBlob encoding = certificate.wireEncode(wireFormat); Blob signatureBytes = tpm.sign(encoding.signedBuf(), keyName, digestAlgorithm); signatureInfo.setSignature(signatureBytes); // Encode again to include the signature. certificate.wireEncode(wireFormat); return(certificate); }