/// <summary> /// Add a certificate to the identity storage. Also call addKey to ensure that /// the certificate key exists. If the certificate is already installed, don't /// replace it. /// </summary> /// /// <param name="certificate"></param> public sealed override void addCertificate(IdentityCertificate certificate) { Name certificateName = certificate.getName(); Name keyName = certificate.getPublicKeyName(); addKey(keyName, certificate.getPublicKeyInfo().getKeyType(), certificate.getPublicKeyInfo().getKeyDer()); if (doesCertificateExist(certificateName)) { return; } // Insert the certificate. try { PreparedStatement statement = database_ .prepareStatement("INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data) " + "values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)"); statement.setString(1, certificateName.toUri()); Name signerName = net.named_data.jndn.KeyLocator.getFromSignature( certificate.getSignature()).getKeyName(); statement.setString(2, signerName.toUri()); String keyId = keyName.get(-1).toEscapedString(); Name identity = keyName.getPrefix(-1); statement.setString(3, identity.toUri()); statement.setString(4, keyId); // Convert from milliseconds to seconds since 1/1/1970. statement.setLong(5, (long)(Math.Floor(certificate.getNotBefore() / 1000.0d))); statement.setLong(6, (long)(Math.Floor(certificate.getNotAfter() / 1000.0d))); // wireEncode returns the cached encoding if available. statement.setBytes(7, certificate.wireEncode().getImmutableArray()); try { statement.executeUpdate(); } finally { statement.close(); } } catch (SQLException exception) { throw new SecurityException("BasicIdentityStorage: SQLite error: " + exception); } }
public void testRefresh10s() { StringBuilder encodedData = new StringBuilder(); TextReader dataFile = new FileReader(new FileInfo(System.IO.Path.Combine(policyConfigDirectory_.FullName, "testData")).FullName); // Use "try/finally instead of "try-with-resources" or "using" // which are not supported before Java 7. try { String line; while ((line = dataFile.readLine()) != null) { encodedData.append(line); } } finally { dataFile.close(); } byte[] decodedData = net.named_data.jndn.util.Common.base64Decode(encodedData.toString()); Data data = new Data(); data.wireDecode(new Blob(decodedData, false)); // This test is needed, since the KeyChain will express interests in unknown // certificates. VerificationResult vr = doVerify(policyManager_, data); Assert.AssertTrue( "ConfigPolicyManager did not create ValidationRequest for unknown certificate", vr.hasFurtherSteps_); Assert.AssertEquals( "ConfigPolicyManager called success callback with pending ValidationRequest", 0, vr.successCount_); Assert.AssertEquals( "ConfigPolicyManager called failure callback with pending ValidationRequest", 0, vr.failureCount_); // Now save the cert data to our anchor directory, and wait. // We have to sign it with the current identity or the policy manager will // create an interest for the signing certificate. IdentityCertificate cert = new IdentityCertificate(); byte[] certData = net.named_data.jndn.util.Common.base64Decode(CERT_DUMP); cert.wireDecode(new Blob(certData, false)); keyChain_.signByIdentity(cert, identityName_); Blob signedCertBlob = cert.wireEncode(); String encodedCert = net.named_data.jndn.util.Common.base64Encode(signedCertBlob .getImmutableArray()); var certFile = (new StreamWriter( testCertFile_.FullName)); try { certFile.Write(encodedCert, 0, encodedCert.Substring(0, encodedCert.Length)); certFile.flush(); } finally { certFile.close(); } // Still too early for refresh to pick it up. vr = doVerify(policyManager_, data); Assert.AssertTrue("ConfigPolicyManager refresh occured sooner than specified", vr.hasFurtherSteps_); Assert.AssertEquals( "ConfigPolicyManager called success callback with pending ValidationRequest", 0, vr.successCount_); Assert.AssertEquals( "ConfigPolicyManager called failure callback with pending ValidationRequest", 0, vr.failureCount_); ILOG.J2CsMapping.Threading.ThreadWrapper.sleep(6000); // Now we should find it. vr = doVerify(policyManager_, data); Assert.AssertFalse("ConfigPolicyManager did not refresh certificate store", vr.hasFurtherSteps_); Assert.AssertEquals("Verification success called " + vr.successCount_ + " times instead of 1", 1, vr.successCount_); Assert.AssertEquals("ConfigPolicyManager did not verify valid signed data", 0, vr.failureCount_); }
/// <summary> /// Add a certificate to the identity storage. Also call addKey to ensure that /// the certificate key exists. If the certificate is already installed, don't /// replace it. /// </summary> /// /// <param name="certificate"></param> public override void addCertificate(IdentityCertificate certificate) { Name certificateName = certificate.getName(); Name keyName = certificate.getPublicKeyName(); addKey(keyName, certificate.getPublicKeyInfo().getKeyType(), certificate.getPublicKeyInfo().getKeyDer()); if (doesCertificateExist(certificateName)) { return; } // Insert the certificate. ILOG.J2CsMapping.Collections.Collections.Put(certificateStore_, certificateName.toUri(), certificate.wireEncode()); }
/// <summary> /// Insert the certificate into the cache. Assumes the timestamp is not yet /// removed from the name. /// </summary> /// /// <param name="certificate">The certificate to copy and insert.</param> public void insertCertificate(IdentityCertificate certificate) { Name certName = certificate.getName().getPrefix(-1); ILOG.J2CsMapping.Collections.Collections.Put(cache_, certName.toUri(), certificate.wireEncode()); }