示例#1
0
        /// <summary>
        /// Set the key name in keyHandle according to identityName and params.
        /// </summary>
        ///
        protected static internal void setKeyName(TpmKeyHandle keyHandle, Name identityName,
                                                  KeyParams paras)
        {
            Name.Component keyId;
            if (paras.getKeyIdType() == net.named_data.jndn.security.KeyIdType.USER_SPECIFIED)
            {
                keyId = paras.getKeyId();
            }
            else if (paras.getKeyIdType() == net.named_data.jndn.security.KeyIdType.SHA256)
            {
                byte[] digest = net.named_data.jndn.util.Common.digestSha256(keyHandle.derivePublicKey()
                                                                             .buf());
                keyId = new Name.Component(digest);
            }
            else if (paras.getKeyIdType() == net.named_data.jndn.security.KeyIdType.RANDOM)
            {
                if (paras.getKeyId().getValue().size() == 0)
                {
                    throw new TpmBackEnd.Error(
                              "setKeyName: The keyId is empty for type RANDOM");
                }
                keyId = paras.getKeyId();
            }
            else
            {
                throw new TpmBackEnd.Error("setKeyName: unrecognized params.getKeyIdType()");
            }

            keyHandle.setKeyName(net.named_data.jndn.security.pib.PibKey.constructKeyName(identityName, keyId));
        }
示例#2
0
        /// <summary>
        /// Get the public portion of an asymmetric key pair with name keyName.
        /// </summary>
        ///
        /// <param name="keyName">The name of the key.</param>
        /// <returns>The encoded public key, or an isNull Blob if the key does not exist.</returns>
        public Blob getPublicKey(Name keyName)
        {
            TpmKeyHandle key = findKey(keyName);

            if (key == null)
            {
                return(new Blob());
            }
            else
            {
                return(key.derivePublicKey());
            }
        }
示例#3
0
        /// <summary>
        /// Return the plain text which is decrypted from cipherText using the key
        /// with name keyName.
        /// </summary>
        ///
        /// <param name="cipherText">The cipher text byte buffer.</param>
        /// <param name="keyName">The name of the key.</param>
        /// <returns>The decrypted data, or an isNull Blob if the key does not exist.</returns>
        public Blob decrypt(ByteBuffer cipherText, Name keyName)
        {
            TpmKeyHandle key = findKey(keyName);

            if (key == null)
            {
                return(new Blob());
            }
            else
            {
                return(key.decrypt(cipherText));
            }
        }
示例#4
0
        /// <summary>
        /// Compute a digital signature from the byte buffer using the key with name
        /// keyName.
        /// </summary>
        ///
        /// <param name="data">The input byte buffer.</param>
        /// <param name="keyName">The name of the key.</param>
        /// <param name="digestAlgorithm">The digest algorithm for the signature.</param>
        /// <returns>The signature Blob, or an isNull Blob if the key does not exist, or
        /// for an unrecognized digestAlgorithm.</returns>
        public Blob sign(ByteBuffer data, Name keyName,
                         DigestAlgorithm digestAlgorithm)
        {
            TpmKeyHandle key = findKey(keyName);

            if (key == null)
            {
                return(new Blob());
            }
            else
            {
                return(key.sign(digestAlgorithm, data));
            }
        }
示例#5
0
 /// <summary>
 /// Create a key for the identityName according to params. The created key is
 /// named /{identityName}/[keyId]/KEY .
 /// This should only be called by KeyChain.
 /// </summary>
 ///
 /// <param name="identityName">The name if the identity.</param>
 /// <param name="params">The KeyParams for creating the key.</param>
 /// <returns>The name of the created key.</returns>
 /// <exception cref="Tpm.Error">if params is invalid or the key type is unsupported.</exception>
 /// <exception cref="TpmBackEnd.Error">if the key already exists or cannot be created.</exception>
 public Name createKey_(Name identityName, KeyParams paras)
 {
     if (paras.getKeyType() == net.named_data.jndn.security.KeyType.RSA ||
         paras.getKeyType() == net.named_data.jndn.security.KeyType.EC)
     {
         TpmKeyHandle keyHandle = backEnd_.createKey(identityName, paras);
         Name         keyName   = keyHandle.getKeyName();
         ILOG.J2CsMapping.Collections.Collections.Put(keys_, keyName, keyHandle);
         return(keyName);
     }
     else
     {
         throw new Tpm.Error("createKey: Unsupported key type");
     }
 }
示例#6
0
        /// <summary>
        /// Get the TpmKeyHandle with name keyName, using backEnd_.getKeyHandle if it
        /// is not already cached in keys_.
        /// </summary>
        ///
        /// <param name="keyName">The name of the key, which is copied.</param>
        /// <returns>The key handle in the keys_ cache, or null if no key exists with
        /// name keyName.</returns>
        private TpmKeyHandle findKey(Name keyName)
        {
            TpmKeyHandle handle = ILOG.J2CsMapping.Collections.Collections.Get(keys_, keyName);

            if (handle != null)
            {
                return(handle);
            }

            handle = backEnd_.getKeyHandle(keyName);

            if (handle != null)
            {
                // Copy the Name.
                ILOG.J2CsMapping.Collections.Collections.Put(keys_, new Name(keyName), handle);
                return(handle);
            }

            return(null);
        }