net.named_data.jndn.security.identity

Class IdentityManager

java.lang.Object

net.named_data.jndn.security.identity.IdentityManager

public class IdentityManager
extends Object

An IdentityManager is the interface of operations related to identity, keys, and certificates.

Constructor Summary

Constructors

Constructor and Description
IdentityManager() Create a new IdentityManager to use BasicIdentityStorage and the default PrivateKeyStorage for your system, which is OSXPrivateKeyStorage for OS X, otherwise FilePrivateKeyStorage.
IdentityManager(IdentityStorage identityStorage) Create a new IdentityManager to use the given IdentityStorage and the default PrivateKeyStorage for your system, which is OSXPrivateKeyStorage for OS X, otherwise FilePrivateKeyStorage.
IdentityManager(IdentityStorage identityStorage, PrivateKeyStorage privateKeyStorage) Create a new IdentityManager to use the given identity and private key storage.

Method Summary

Methods

Modifier and Type	Method and Description
void	addCertificate(IdentityCertificate certificate) Add a certificate into the public key identity storage.
void	addCertificateAsDefault(IdentityCertificate certificate) Add a certificate into the public key identity storage and set the certificate as the default of its corresponding key.
void	addCertificateAsIdentityDefault(IdentityCertificate certificate) Add a certificate into the public key identity storage and set the certificate as the default for its corresponding identity.
Name	createIdentity(Name identityName, KeyParams params) Deprecated. Use createIdentityAndCertificate which returns the certificate name instead of the key name. You can use IdentityCertificate.certificateNameToPublicKeyName to convert the certificate name to the key name.
Name	createIdentityAndCertificate(Name identityName, KeyParams params) Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK.
Name	createIdentityCertificate(Name certificatePrefix, Name signerCertificateName, double notBefore, double notAfter) Create an identity certificate for a public key managed by this IdentityManager.
IdentityCertificate	createIdentityCertificate(Name certificatePrefix, PublicKey publicKey, Name signerCertificateName, double notBefore, double notAfter) Create an identity certificate for a public key supplied by the caller.
void	deleteIdentity(Name identityName) Delete the identity from the public and private key storage.
Name	generateEcdsaKeyPair(Name identityName) Generate a pair of ECDSA keys for the specified identity for a Data-Signing-Key and default keySize 256.
Name	generateEcdsaKeyPair(Name identityName, boolean isKsk) Generate a pair of ECDSA keys for the specified identity and default keySize 256.
Name	generateEcdsaKeyPair(Name identityName, boolean isKsk, int keySize) Generate a pair of ECDSA keys for the specified identity.
Name	generateEcdsaKeyPairAsDefault(Name identityName) Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity for a Data-Signing-Key and using the default keySize 256.
Name	generateEcdsaKeyPairAsDefault(Name identityName, boolean isKsk) Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity, using the default keySize 256.
Name	generateEcdsaKeyPairAsDefault(Name identityName, boolean isKsk, int keySize) Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity.
Name	generateRSAKeyPair(Name identityName) Generate a pair of RSA keys for the specified identity for a Data-Signing-Key and default keySize 2048.
Name	generateRSAKeyPair(Name identityName, boolean isKsk) Generate a pair of RSA keys for the specified identity and default keySize 2048.
Name	generateRSAKeyPair(Name identityName, boolean isKsk, int keySize) Generate a pair of RSA keys for the specified identity.
Name	generateRSAKeyPairAsDefault(Name identityName) Generate a pair of RSA keys for the specified identity and set it as default key for the identity for a Data-Signing-Key and using the default keySize 2048.
Name	generateRSAKeyPairAsDefault(Name identityName, boolean isKsk) Generate a pair of RSA keys for the specified identity and set it as default key for the identity, using the default keySize 2048.
Name	generateRSAKeyPairAsDefault(Name identityName, boolean isKsk, int keySize) Generate a pair of RSA keys for the specified identity and set it as default key for the identity.
void	getAllCertificateNamesOfKey(Name keyName, ArrayList nameList, boolean isDefault) Append all the certificate names of a particular key name to the nameList.
void	getAllIdentities(ArrayList nameList, boolean isDefault) Append all the identity names to the nameList.
void	getAllKeyNamesOfIdentity(Name identityName, ArrayList nameList, boolean isDefault) Append all the key names of a particular identity to the nameList.
IdentityCertificate	getCertificate(Name certificateName) Get a certificate with the specified name.
IdentityCertificate	getDefaultCertificate() Get the certificate of the default identity.
Name	getDefaultCertificateName() Get the default certificate name of the default identity, which will be used when signing is based on identity and the identity is not specified.
Name	getDefaultCertificateNameForIdentity(Name identityName) Get the default certificate name for the specified identity, which will be used when signing is performed based on identity.
Name	getDefaultIdentity() Get the default identity.
Name	getDefaultKeyNameForIdentity() Get the default key for an identity, inferred from the keyName.
Name	getDefaultKeyNameForIdentity(Name identityName) Get the default key for an identity.
PublicKey	getPublicKey(Name keyName) Get the public key with the specified name.
IdentityCertificate	prepareUnsignedIdentityCertificate(Name keyName, Name signingIdentity, double notBefore, double notAfter, List subjectDescription) Use the keyName to get the public key from the identity storage and prepare an unsigned identity certificate.
IdentityCertificate	prepareUnsignedIdentityCertificate(Name keyName, Name signingIdentity, double notBefore, double notAfter, List subjectDescription, Name certPrefix) Use the keyName to get the public key from the identity storage and prepare an unsigned identity certificate.
IdentityCertificate	prepareUnsignedIdentityCertificate(Name keyName, PublicKey publicKey, Name signingIdentity, double notBefore, double notAfter, List subjectDescription) Prepare an unsigned identity certificate.
IdentityCertificate	prepareUnsignedIdentityCertificate(Name keyName, PublicKey publicKey, Name signingIdentity, double notBefore, double notAfter, List subjectDescription, Name certPrefix) Prepare an unsigned identity certificate.
IdentityCertificate	selfSign(Name keyName) Generate a self-signed certificate for a public key.
void	setDefaultCertificateForKey(IdentityCertificate certificate) Set the certificate as the default for its corresponding key.
void	setDefaultIdentity(Name identityName) Set the default identity.
void	setDefaultKeyForIdentity(Name keyName) Set a key as the default key of an identity.
void	setDefaultKeyForIdentity(Name keyName, Name identityNameCheck) Set a key as the default key of an identity.
Signature	signByCertificate(ByteBuffer buffer, Name certificateName) Sign the byte array data based on the certificate name.
void	signByCertificate(Data data, Name certificateName) Sign data packet based on the certificate name.
void	signByCertificate(Data data, Name certificateName, WireFormat wireFormat) Sign data packet based on the certificate name.
void	signInterestByCertificate(Interest interest, Name certificateName, WireFormat wireFormat) Append a SignatureInfo to the Interest name, sign the name components and append a final name component with the signature bits.
void	signInterestWithSha256(Interest interest, WireFormat wireFormat) Append a SignatureInfo for DigestSha256 to the Interest name, digest the name components and append a final name component with the signature bits (which is the digest).
void	signWithSha256(Data data, WireFormat wireFormat) Wire encode the Data object, digest it and set its SignatureInfo to a DigestSha256.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

IdentityManager

public IdentityManager(IdentityStorage identityStorage,
               PrivateKeyStorage privateKeyStorage)

Create a new IdentityManager to use the given identity and private key storage.

Parameters:

identityStorage - An object of a subclass of IdentityStorage.

privateKeyStorage - An object of a subclass of PrivateKeyStorage.

IdentityManager

public IdentityManager(IdentityStorage identityStorage)
                throws SecurityException

Create a new IdentityManager to use the given IdentityStorage and the default PrivateKeyStorage for your system, which is OSXPrivateKeyStorage for OS X, otherwise FilePrivateKeyStorage.

Parameters:

identityStorage - An object of a subclass of IdentityStorage.

Throws:

SecurityException

IdentityManager

public IdentityManager()
                throws SecurityException

Create a new IdentityManager to use BasicIdentityStorage and the default PrivateKeyStorage for your system, which is OSXPrivateKeyStorage for OS X, otherwise FilePrivateKeyStorage.

Throws:

SecurityException

Method Detail

createIdentityAndCertificate

public final Name createIdentityAndCertificate(Name identityName,
                                KeyParams params)
                                        throws SecurityException

Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK. If a key pair or certificate for the identity already exists, use it.

Parameters:

identityName - The name of the identity.

params - The key parameters if a key needs to be generated for the identity.

Returns:

The name of the default certificate of the identity.

Throws:

SecurityException - if the identity has already been created.

createIdentity

public final Name createIdentity(Name identityName,
                  KeyParams params)
                          throws SecurityException

Deprecated. Use createIdentityAndCertificate which returns the certificate name instead of the key name. You can use IdentityCertificate.certificateNameToPublicKeyName to convert the certificate name to the key name.

Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK.

Parameters:

identityName - The name of the identity.

params - The key parameters if a key needs to be generated for the identity.

Returns:

The key name of the auto-generated KSK of the identity.

Throws:

SecurityException - if the identity has already been created.

deleteIdentity

public final void deleteIdentity(Name identityName)
                          throws SecurityException

Delete the identity from the public and private key storage. If the identity to be deleted is the current default system default, this will not delete the identity and will return immediately.

Parameters:

identityName - The name of the identity.

Throws:

SecurityException

setDefaultIdentity

public final void setDefaultIdentity(Name identityName)
                              throws SecurityException

Set the default identity. If the identityName does not exist, then clear the default identity so that getDefaultIdentity() throws an exception.

Parameters:

identityName - The default identity name.

Throws:

SecurityException

getDefaultIdentity

public final Name getDefaultIdentity()
                              throws SecurityException

Get the default identity.

Returns:

The name of default identity.

Throws:

SecurityException - if the default identity is not set.

getDefaultCertificate

public final IdentityCertificate getDefaultCertificate()
                                                throws SecurityException

Get the certificate of the default identity.

Returns:

The requested certificate. If not found, return null.

Throws:

SecurityException

generateRSAKeyPair

public final Name generateRSAKeyPair(Name identityName,
                      boolean isKsk,
                      int keySize)
                              throws SecurityException

Generate a pair of RSA keys for the specified identity.

Parameters:

identityName - The name of the identity.

isKsk - true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).

keySize - The size of the key.

Returns:

The generated key name.

Throws:

SecurityException

generateRSAKeyPair

public final Name generateRSAKeyPair(Name identityName,
                      boolean isKsk)
                              throws SecurityException

Generate a pair of RSA keys for the specified identity and default keySize 2048.

Parameters:

identityName - The name of the identity.

isKsk - true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).

Returns:

The generated key name.

Throws:

SecurityException

generateRSAKeyPair

public final Name generateRSAKeyPair(Name identityName)
                              throws SecurityException

Generate a pair of RSA keys for the specified identity for a Data-Signing-Key and default keySize 2048.

Parameters:

identityName - The name of the identity.

Returns:

The generated key name.

Throws:

SecurityException

generateEcdsaKeyPair

public final Name generateEcdsaKeyPair(Name identityName,
                        boolean isKsk,
                        int keySize)
                                throws SecurityException

Generate a pair of ECDSA keys for the specified identity.

Parameters:

identityName - The name of the identity.

isKsk - true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).

keySize - The size of the key.

Returns:

The generated key name.

Throws:

SecurityException

generateEcdsaKeyPair

public final Name generateEcdsaKeyPair(Name identityName,
                        boolean isKsk)
                                throws SecurityException

Generate a pair of ECDSA keys for the specified identity and default keySize 256.

Parameters:

identityName - The name of the identity.

isKsk - true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).

Returns:

The generated key name.

Throws:

SecurityException

generateEcdsaKeyPair

public final Name generateEcdsaKeyPair(Name identityName)
                                throws SecurityException

Generate a pair of ECDSA keys for the specified identity for a Data-Signing-Key and default keySize 256.

Parameters:

identityName - The name of the identity.

Returns:

The generated key name.

Throws:

SecurityException

setDefaultKeyForIdentity

public final void setDefaultKeyForIdentity(Name keyName,
                            Name identityNameCheck)
                                    throws SecurityException

Set a key as the default key of an identity. The identity name is inferred from keyName.

Parameters:

keyName - The name of the key.

identityNameCheck - The identity name to check that the keyName contains the same identity name. If an empty name, it is ignored.

Throws:

SecurityException

setDefaultKeyForIdentity

public final void setDefaultKeyForIdentity(Name keyName)
                                    throws SecurityException

Set a key as the default key of an identity. The identity name is inferred from keyName.

Parameters:

keyName - The name of the key.

Throws:

SecurityException

getDefaultKeyNameForIdentity

public final Name getDefaultKeyNameForIdentity(Name identityName)
                                        throws SecurityException

Get the default key for an identity.

Parameters:

identityName - the name of the identity. If empty, the identity name is inferred from the keyName.

Returns:

The default key name.

Throws:

SecurityException - if the default key name for the identity is not set.

getDefaultKeyNameForIdentity

public final Name getDefaultKeyNameForIdentity()
                                        throws SecurityException

Get the default key for an identity, inferred from the keyName.

Returns:

The default key name.

Throws:

SecurityException - if the default key name for the identity is not set.

generateRSAKeyPairAsDefault

public final Name generateRSAKeyPairAsDefault(Name identityName,
                               boolean isKsk,
                               int keySize)
                                       throws SecurityException

Generate a pair of RSA keys for the specified identity and set it as default key for the identity.

Parameters:

identityName - The name of the identity.

isKsk - true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).

keySize - The size of the key.

Returns:

The generated key name.

Throws:

SecurityException

generateRSAKeyPairAsDefault

public final Name generateRSAKeyPairAsDefault(Name identityName,
                               boolean isKsk)
                                       throws SecurityException

Generate a pair of RSA keys for the specified identity and set it as default key for the identity, using the default keySize 2048.

Parameters:

identityName - The name of the identity.

isKsk - true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).

Returns:

The generated key name.

Throws:

SecurityException

generateRSAKeyPairAsDefault

public final Name generateRSAKeyPairAsDefault(Name identityName)
                                       throws SecurityException

Generate a pair of RSA keys for the specified identity and set it as default key for the identity for a Data-Signing-Key and using the default keySize 2048.

Parameters:

identityName - The name of the identity.

Returns:

The generated key name.

Throws:

SecurityException

generateEcdsaKeyPairAsDefault

public final Name generateEcdsaKeyPairAsDefault(Name identityName,
                                 boolean isKsk,
                                 int keySize)
                                         throws SecurityException

Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity.

Parameters:

identityName - The name of the identity.

isKsk - true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).

keySize - The size of the key.

Returns:

The generated key name.

Throws:

SecurityException

generateEcdsaKeyPairAsDefault

public final Name generateEcdsaKeyPairAsDefault(Name identityName,
                                 boolean isKsk)
                                         throws SecurityException

Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity, using the default keySize 256.

Parameters:

identityName - The name of the identity.

isKsk - true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).

Returns:

The generated key name.

Throws:

SecurityException

generateEcdsaKeyPairAsDefault

public final Name generateEcdsaKeyPairAsDefault(Name identityName)
                                         throws SecurityException

Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity for a Data-Signing-Key and using the default keySize 256.

Parameters:

identityName - The name of the identity.

Returns:

The generated key name.

Throws:

SecurityException

getPublicKey

public final PublicKey getPublicKey(Name keyName)
                             throws SecurityException

Get the public key with the specified name.

Parameters:

keyName - The name of the key.

Returns:

The public key.

Throws:

SecurityException - if the keyName is not found.

createIdentityCertificate

public final Name createIdentityCertificate(Name certificatePrefix,
                             Name signerCertificateName,
                             double notBefore,
                             double notAfter)
                                     throws SecurityException

Create an identity certificate for a public key managed by this IdentityManager.

Parameters:

certificatePrefix - The name of public key to be signed.

signerCertificateName - The name of signing certificate.

notBefore - The notBefore value in the validity field of the generated certificate as milliseconds since 1970.

notAfter - The notAfter value in validity field of the generated certificate as milliseconds since 1970.

Returns:

The name of generated identity certificate.

Throws:

SecurityException

prepareUnsignedIdentityCertificate

public final IdentityCertificate prepareUnsignedIdentityCertificate(Name keyName,
                                                     Name signingIdentity,
                                                     double notBefore,
                                                     double notAfter,
                                                     List subjectDescription,
                                                     Name certPrefix)
                                                             throws SecurityException

Use the keyName to get the public key from the identity storage and prepare an unsigned identity certificate.

Parameters:

keyName - The key name, e.g., `/{identity_name}/ksk-123456`.

signingIdentity - The signing identity.

notBefore - See IdentityCertificate.

notAfter - See IdentityCertificate.

subjectDescription - A list of CertificateSubjectDescription. See IdentityCertificate. If null or empty, this adds a an ATTRIBUTE_NAME based on the keyName.

certPrefix - The prefix before the `KEY` component. If null, this infers the certificate name according to the relation between the signingIdentity and the subject identity. If the signingIdentity is a prefix of the subject identity, `KEY` will be inserted after the signingIdentity, otherwise `KEY` is inserted after subject identity (i.e., before `ksk-...`).

Returns:

The unsigned IdentityCertificate, or null the public is not in the identity storage or if the inputs are invalid.

Throws:

SecurityException

prepareUnsignedIdentityCertificate

public final IdentityCertificate prepareUnsignedIdentityCertificate(Name keyName,
                                                     Name signingIdentity,
                                                     double notBefore,
                                                     double notAfter,
                                                     List subjectDescription)
                                                             throws SecurityException

Use the keyName to get the public key from the identity storage and prepare an unsigned identity certificate. This infers the certificate name according to the relation between the signingIdentity and the subject identity. If the signingIdentity is a prefix of the subject identity, `KEY` will be inserted after the signingIdentity, otherwise `KEY` is inserted after subject identity (i.e., before `ksk-...`).

Parameters:

keyName - The key name, e.g., `/{identity_name}/ksk-123456`.

signingIdentity - The signing identity.

notBefore - See IdentityCertificate.

notAfter - See IdentityCertificate.

subjectDescription - A list of CertificateSubjectDescription. See IdentityCertificate. If null or empty, this adds a an ATTRIBUTE_NAME based on the keyName.

Returns:

The unsigned IdentityCertificate, or null the public is not in the identity storage or if the inputs are invalid.

Throws:

SecurityException

prepareUnsignedIdentityCertificate

public final IdentityCertificate prepareUnsignedIdentityCertificate(Name keyName,
                                                     PublicKey publicKey,
                                                     Name signingIdentity,
                                                     double notBefore,
                                                     double notAfter,
                                                     List subjectDescription,
                                                     Name certPrefix)
                                                             throws SecurityException

Prepare an unsigned identity certificate.

Parameters:

keyName - The key name, e.g., `/{identity_name}/ksk-123456`.

publicKey - The public key to sign.

signingIdentity - The signing identity.

notBefore - See IdentityCertificate.

notAfter - See IdentityCertificate.

subjectDescription - A list of CertificateSubjectDescription. See IdentityCertificate. If null or empty, this adds a an ATTRIBUTE_NAME based on the keyName.

certPrefix - The prefix before the `KEY` component. If null, this infers the certificate name according to the relation between the signingIdentity and the subject identity. If the signingIdentity is a prefix of the subject identity, `KEY` will be inserted after the signingIdentity, otherwise `KEY` is inserted after subject identity (i.e., before `ksk-...`).

Returns:

The unsigned IdentityCertificate, or null if the inputs are invalid.

Throws:

SecurityException

prepareUnsignedIdentityCertificate

public final IdentityCertificate prepareUnsignedIdentityCertificate(Name keyName,
                                                     PublicKey publicKey,
                                                     Name signingIdentity,
                                                     double notBefore,
                                                     double notAfter,
                                                     List subjectDescription)
                                                             throws SecurityException

Prepare an unsigned identity certificate. This infers the certificate name according to the relation between the signingIdentity and the subject identity. If the signingIdentity is a prefix of the subject identity, `KEY` will be inserted after the signingIdentity, otherwise `KEY` is inserted after subject identity (i.e., before `ksk-...`).

Parameters:

keyName - The key name, e.g., `/{identity_name}/ksk-123456`.

publicKey - The public key to sign.

signingIdentity - The signing identity.

notBefore - See IdentityCertificate.

notAfter - See IdentityCertificate.

subjectDescription - A list of CertificateSubjectDescription. See IdentityCertificate. If null or empty, this adds a an ATTRIBUTE_NAME based on the keyName.

Returns:

The unsigned IdentityCertificate, or null if the inputs are invalid.

Throws:

SecurityException

createIdentityCertificate

public final IdentityCertificate createIdentityCertificate(Name certificatePrefix,
                                            PublicKey publicKey,
                                            Name signerCertificateName,
                                            double notBefore,
                                            double notAfter)
                                                    throws SecurityException

Create an identity certificate for a public key supplied by the caller.

Parameters:

certificatePrefix - The name of public key to be signed.

publicKey - The public key to be signed.

signerCertificateName - The name of signing certificate.

notBefore - The notBefore value in the validity field of the generated certificate.

notAfter - The notAfter vallue in validity field of the generated certificate.

Returns:

The generated identity certificate.

Throws:

SecurityException

addCertificate

public final void addCertificate(IdentityCertificate certificate)
                          throws SecurityException

Add a certificate into the public key identity storage.

Parameters:

certificate - The certificate to to added. This makes a copy of the certificate.

Throws:

SecurityException

setDefaultCertificateForKey

public final void setDefaultCertificateForKey(IdentityCertificate certificate)
                                       throws SecurityException

Set the certificate as the default for its corresponding key.

Parameters:

certificate - The certificate.

Throws:

SecurityException

addCertificateAsIdentityDefault

public final void addCertificateAsIdentityDefault(IdentityCertificate certificate)
                                           throws SecurityException

Add a certificate into the public key identity storage and set the certificate as the default for its corresponding identity.

Parameters:

certificate - The certificate to be added. This makes a copy of the certificate.

Throws:

SecurityException

addCertificateAsDefault

public final void addCertificateAsDefault(IdentityCertificate certificate)
                                   throws SecurityException

Add a certificate into the public key identity storage and set the certificate as the default of its corresponding key.

Parameters:

certificate - The certificate to be added. This makes a copy of the certificate.

Throws:

SecurityException

getCertificate

public final IdentityCertificate getCertificate(Name certificateName)
                                         throws SecurityException,
                                                DerDecodingException

Get a certificate with the specified name.

Parameters:

certificateName - The name of the requested certificate.

Returns:

the requested certificate.

Throws:

SecurityException

DerDecodingException

getDefaultCertificateNameForIdentity

public final Name getDefaultCertificateNameForIdentity(Name identityName)
                                                throws SecurityException

Get the default certificate name for the specified identity, which will be used when signing is performed based on identity.

Parameters:

identityName - The name of the specified identity.

Returns:

The requested certificate name.

Throws:

SecurityException - if the default key name for the identity is not set or the default certificate name for the key name is not set.

getDefaultCertificateName

public final Name getDefaultCertificateName()
                                     throws SecurityException

Get the default certificate name of the default identity, which will be used when signing is based on identity and the identity is not specified.

Returns:

The requested certificate name.

Throws:

SecurityException - if the default identity is not set or the default key name for the identity is not set or the default certificate name for the key name is not set.

getAllIdentities

public void getAllIdentities(ArrayList nameList,
                    boolean isDefault)
                      throws SecurityException

Append all the identity names to the nameList.

Parameters:

nameList - Append result names to nameList.

isDefault - If true, add only the default identity name. If false, add only the non-default identity names.

Throws:

SecurityException

getAllKeyNamesOfIdentity

public final void getAllKeyNamesOfIdentity(Name identityName,
                            ArrayList nameList,
                            boolean isDefault)
                                    throws SecurityException

Append all the key names of a particular identity to the nameList.

Parameters:

identityName - The identity name to search for.

nameList - Append result names to nameList.

isDefault - If true, add only the default key name. If false, add only the non-default key names.

Throws:

SecurityException

getAllCertificateNamesOfKey

public void getAllCertificateNamesOfKey(Name keyName,
                               ArrayList nameList,
                               boolean isDefault)
                                 throws SecurityException

Append all the certificate names of a particular key name to the nameList.

Parameters:

keyName - The key name to search for.

nameList - Append result names to nameList.

isDefault - If true, add only the default certificate name. If false, add only the non-default certificate names.

Throws:

SecurityException

signByCertificate

public final Signature signByCertificate(ByteBuffer buffer,
                          Name certificateName)
                                  throws SecurityException

Sign the byte array data based on the certificate name.

Parameters:

buffer - The byte buffer to be signed.

certificateName - The signing certificate name.

Returns:

The generated signature.

Throws:

SecurityException

signByCertificate

public final void signByCertificate(Data data,
                     Name certificateName)
                             throws SecurityException

Sign data packet based on the certificate name. Use the default WireFormat.getDefaultWireFormat().

Parameters:

data - The Data object to sign and update its signature.

certificateName - The Name identifying the certificate which identifies the signing key.

Throws:

SecurityException

signByCertificate

public final void signByCertificate(Data data,
                     Name certificateName,
                     WireFormat wireFormat)
                             throws SecurityException

Sign data packet based on the certificate name.

Parameters:

data - The Data object to sign and update its signature.

certificateName - The Name identifying the certificate which identifies the signing key.

wireFormat - The WireFormat for calling encodeData.

Throws:

SecurityException

signInterestByCertificate

public final void signInterestByCertificate(Interest interest,
                             Name certificateName,
                             WireFormat wireFormat)
                                     throws SecurityException

Append a SignatureInfo to the Interest name, sign the name components and append a final name component with the signature bits.

Parameters:

interest - The Interest object to be signed. This appends name components of SignatureInfo and the signature bits.

certificateName - The certificate name of the key to use for signing.

wireFormat - A WireFormat object used to encode the input.

Throws:

SecurityException

signWithSha256

public final void signWithSha256(Data data,
                  WireFormat wireFormat)

Wire encode the Data object, digest it and set its SignatureInfo to a DigestSha256.

Parameters:

data - The Data object to be signed. This updates its signature and wireEncoding.

wireFormat - The WireFormat for calling encodeData.

signInterestWithSha256

public final void signInterestWithSha256(Interest interest,
                          WireFormat wireFormat)

Append a SignatureInfo for DigestSha256 to the Interest name, digest the name components and append a final name component with the signature bits (which is the digest).

Parameters:

interest - The Interest object to be signed. This appends name components of SignatureInfo and the signature bits.

wireFormat - A WireFormat object used to encode the input.

selfSign

public IdentityCertificate selfSign(Name keyName)
                             throws SecurityException

Generate a self-signed certificate for a public key.

Parameters:

keyName - The name of the public key.

Returns:

The generated certificate.

Throws:

SecurityException