/**
* Wire encode the Data object, digest it and set its SignatureInfo to a DigestSha256.
*
* @param data The Data object to be signed. This updates its signature and wireEncoding.
* @param wireFormat The WireFormat for calling encodeData.
*/
public final void signWithSha256(Data data, WireFormat wireFormat) {
data.setSignature(new DigestSha256Signature());
// Encode once to get the signed portion.
SignedBlob encoding = data.wireEncode(wireFormat);
// Digest and set the signature.
byte[] signedPortionDigest = Common.digestSha256(encoding.signedBuf());
data.getSignature().setSignature(new Blob(signedPortionDigest, false));
// Encode again to include the signature.
data.wireEncode(wireFormat);
}
/**
* Sign data packet based on the certificate name.
*
* @param data The Data object to sign and update its signature.
* @param certificateName The Name identifying the certificate which identifies the signing key.
* @param wireFormat The WireFormat for calling encodeData.
*/
public final void signByCertificate(Data data, Name certificateName, WireFormat wireFormat)
throws SecurityException {
DigestAlgorithm[] digestAlgorithm = new DigestAlgorithm[1];
Signature signature = makeSignatureByCertificate(certificateName, digestAlgorithm);
data.setSignature(signature);
// Encode once to get the signed portion.
SignedBlob encoding = data.wireEncode(wireFormat);
data.getSignature()
.setSignature(
privateKeyStorage_.sign(
encoding.signedBuf(),
IdentityCertificate.certificateNameToPublicKeyName(certificateName),
digestAlgorithm[0]));
// Encode again to include the signature.
data.wireEncode(wireFormat);
}
