Пример #1
0
  @Before
  public void setUp() throws SecurityException {
    face_ = new Face();

    // For now, when setting face.setCommandSigningInfo, use a key chain with
    //   a default private key instead of the system default key chain. This
    //   is OK for now because NFD is configured to skip verification, so it
    //   ignores the system default key chain.
    // On a platform which supports it, it would be better to use the default
    //   KeyChain constructor.
    MemoryIdentityStorage identityStorage = new MemoryIdentityStorage();
    MemoryPrivateKeyStorage privateKeyStorage = new MemoryPrivateKeyStorage();
    KeyChain keyChain =
        new KeyChain(
            new IdentityManager(identityStorage, privateKeyStorage),
            new SelfVerifyPolicyManager(identityStorage));
    keyChain.setFace(face_);

    // Initialize the storage.
    Name keyName = new Name("/testname/DSK-123");
    Name certificateName =
        keyName
            .getSubName(0, keyName.size() - 1)
            .append("KEY")
            .append(keyName.get(-1))
            .append("ID-CERT")
            .append("0");
    identityStorage.addKey(keyName, KeyType.RSA, new Blob(DEFAULT_RSA_PUBLIC_KEY_DER, false));
    privateKeyStorage.setKeyPairForKeyName(
        keyName, KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER);

    face_.setCommandSigningInfo(keyChain, certificateName);
  }
Пример #2
0
  /**
   * Append a timestamp component and a random value component to interest's name. This ensures that
   * the timestamp is greater than the timestamp used in the previous call. Then use keyChain to
   * sign the interest which appends a SignatureInfo component and a component with the signature
   * bits. If the interest lifetime is not set, this sets it.
   *
   * @param interest The interest whose name is append with components.
   * @param keyChain The KeyChain for calling sign.
   * @param certificateName The certificate name of the key to use for signing.
   * @param wireFormat A WireFormat object used to encode the SignatureInfo and to encode interest
   *     name for signing.
   */
  public void generate(
      Interest interest, KeyChain keyChain, Name certificateName, WireFormat wireFormat)
      throws SecurityException {
    double timestamp;
    synchronized (lastTimestampLock_) {
      timestamp = Math.round(Common.getNowMilliseconds());
      while (timestamp <= lastTimestamp_) timestamp += 1.0;
      // Update the timestamp now while it is locked. In the small chance that
      //   signing fails, it just means that we have bumped the timestamp.
      lastTimestamp_ = timestamp;
    }

    // The timestamp is encoded as a TLV nonNegativeInteger.
    TlvEncoder encoder = new TlvEncoder(8);
    encoder.writeNonNegativeInteger((long) timestamp);
    interest.getName().append(new Blob(encoder.getOutput(), false));

    // The random value is a TLV nonNegativeInteger too, but we know it is 8 bytes,
    //   so we don't need to call the nonNegativeInteger encoder.
    ByteBuffer randomBuffer = ByteBuffer.allocate(8);
    // Note: SecureRandom is thread safe.
    Common.getRandom().nextBytes(randomBuffer.array());
    interest.getName().append(new Blob(randomBuffer, false));

    keyChain.sign(interest, certificateName, wireFormat);

    if (interest.getInterestLifetimeMilliseconds() < 0)
      // The caller has not set the interest lifetime, so set it here.
      interest.setInterestLifetimeMilliseconds(1000.0);
  }