/**
* Append a SignatureInfo for DigestSha256 to the Interest name, digest the name components and
* append a final name component with the signature bits (which is the digest).
*
* @param interest The Interest object to be signed. This appends name components of SignatureInfo
* and the signature bits.
* @param wireFormat A WireFormat object used to encode the input.
*/
public final void signInterestWithSha256(Interest interest, WireFormat wireFormat) {
DigestSha256Signature signature = new DigestSha256Signature();
// Append the encoded SignatureInfo.
interest.getName().append(wireFormat.encodeSignatureInfo(signature));
// Append an empty signature so that the "signedPortion" is correct.
interest.getName().append(new Name.Component());
// Encode once to get the signed portion.
SignedBlob encoding = interest.wireEncode(wireFormat);
// Digest and set the signature.
byte[] signedPortionDigest = Common.digestSha256(encoding.signedBuf());
signature.setSignature(new Blob(signedPortionDigest, false));
// Remove the empty signature and append the real one.
interest.setName(
interest.getName().getPrefix(-1).append(wireFormat.encodeSignatureValue(signature)));
}
/**
* Append a SignatureInfo to the Interest name, sign the name components and append a final name
* component with the signature bits.
*
* @param interest The Interest object to be signed. This appends name components of SignatureInfo
* and the signature bits.
* @param certificateName The certificate name of the key to use for signing.
* @param wireFormat A WireFormat object used to encode the input.
*/
public final void signInterestByCertificate(
Interest interest, Name certificateName, WireFormat wireFormat) throws SecurityException {
DigestAlgorithm[] digestAlgorithm = new DigestAlgorithm[1];
Signature signature = makeSignatureByCertificate(certificateName, digestAlgorithm);
// Append the encoded SignatureInfo.
interest.getName().append(wireFormat.encodeSignatureInfo(signature));
// Append an empty signature so that the "signedPortion" is correct.
interest.getName().append(new Name.Component());
// Encode once to get the signed portion, and sign.
SignedBlob encoding = interest.wireEncode(wireFormat);
signature.setSignature(
privateKeyStorage_.sign(
encoding.signedBuf(),
IdentityCertificate.certificateNameToPublicKeyName(certificateName),
digestAlgorithm[0]));
// Remove the empty signature and append the real one.
interest.setName(
interest.getName().getPrefix(-1).append(wireFormat.encodeSignatureValue(signature)));
}
/**
* Sign data packet based on the certificate name. Use the default
* WireFormat.getDefaultWireFormat().
*
* @param data The Data object to sign and update its signature.
* @param certificateName The Name identifying the certificate which identifies the signing key.
*/
public final void signByCertificate(Data data, Name certificateName) throws SecurityException {
signByCertificate(data, certificateName, WireFormat.getDefaultWireFormat());
}
/**
* Append a timestamp component and a random value component to interest's name. This ensures that
* the timestamp is greater than the timestamp used in the previous call. Then use keyChain to
* sign the interest which appends a SignatureInfo component and a component with the signature
* bits. If the interest lifetime is not set, this sets it. Use the default WireFormat to encode
* the SignatureInfo and to encode interest name for signing.
*
* @param interest The interest whose name is append with components.
* @param keyChain The KeyChain for calling sign.
* @param certificateName The certificate name of the key to use for signing.
*/
public void generate(Interest interest, KeyChain keyChain, Name certificateName)
throws SecurityException {
generate(interest, keyChain, certificateName, WireFormat.getDefaultWireFormat());
}