@Before
public void setUp() throws SecurityException {
face_ = new Face();
// For now, when setting face.setCommandSigningInfo, use a key chain with
// a default private key instead of the system default key chain. This
// is OK for now because NFD is configured to skip verification, so it
// ignores the system default key chain.
// On a platform which supports it, it would be better to use the default
// KeyChain constructor.
MemoryIdentityStorage identityStorage = new MemoryIdentityStorage();
MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage();
KeyChain keyChain =
new KeyChain(
new IdentityManager(identityStorage, privateKeyStorage),
new SelfVerifyPolicyManager(identityStorage));
keyChain.setFace(face_);
// Initialize the storage.
Name keyName = new Name("/testname/DSK-123");
Name certificateName =
keyName
.getSubName(0, keyName.size() - 1)
.append("KEY")
.append(keyName.get(-1))
.append("ID-CERT")
.append("0");
identityStorage.addKey(keyName, KeyType.RSA, new Blob(DEFAULT_RSA_PUBLIC_KEY_DER, false));
privateKeyStorage.setKeyPairForKeyName(
keyName, KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER);
face_.setCommandSigningInfo(keyChain, certificateName);
}
/**
* Append a timestamp component and a random value component to interest's name. This ensures that
* the timestamp is greater than the timestamp used in the previous call. Then use keyChain to
* sign the interest which appends a SignatureInfo component and a component with the signature
* bits. If the interest lifetime is not set, this sets it.
*
* @param interest The interest whose name is append with components.
* @param keyChain The KeyChain for calling sign.
* @param certificateName The certificate name of the key to use for signing.
* @param wireFormat A WireFormat object used to encode the SignatureInfo and to encode interest
* name for signing.
*/
public void generate(
Interest interest, KeyChain keyChain, Name certificateName, WireFormat wireFormat)
throws SecurityException {
double timestamp;
synchronized (lastTimestampLock_) {
timestamp = Math.round(Common.getNowMilliseconds());
while (timestamp <= lastTimestamp_) timestamp += 1.0;
// Update the timestamp now while it is locked. In the small chance that
// signing fails, it just means that we have bumped the timestamp.
lastTimestamp_ = timestamp;
}
// The timestamp is encoded as a TLV nonNegativeInteger.
TlvEncoder encoder = new TlvEncoder(8);
encoder.writeNonNegativeInteger((long) timestamp);
interest.getName().append(new Blob(encoder.getOutput(), false));
// The random value is a TLV nonNegativeInteger too, but we know it is 8 bytes,
// so we don't need to call the nonNegativeInteger encoder.
ByteBuffer randomBuffer = ByteBuffer.allocate(8);
// Note: SecureRandom is thread safe.
Common.getRandom().nextBytes(randomBuffer.array());
interest.getName().append(new Blob(randomBuffer, false));
keyChain.sign(interest, certificateName, wireFormat);
if (interest.getInterestLifetimeMilliseconds() < 0)
// The caller has not set the interest lifetime, so set it here.
interest.setInterestLifetimeMilliseconds(1000.0);
}