本文整理汇总了Python中pyndn.security.KeyChain.createIdentityAndCertificate方法的典型用法代码示例。如果您正苦于以下问题:Python KeyChain.createIdentityAndCertificate方法的具体用法?Python KeyChain.createIdentityAndCertificate怎么用?Python KeyChain.createIdentityAndCertificate使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类pyndn.security.KeyChain的用法示例。
在下文中一共展示了KeyChain.createIdentityAndCertificate方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_self_verification
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
def test_self_verification(self):
policyManager = SelfVerifyPolicyManager(self.identityStorage)
keyChain = KeyChain(self.identityManager, policyManager)
identityName = Name('TestValidator/RsaSignatureVerification')
keyChain.createIdentityAndCertificate(identityName)
data = Data(Name('/TestData/1'))
keyChain.signByIdentity(data, identityName)
vr = doVerify(policyManager, data)
self.assertFalse(vr.hasFurtherSteps,
"SelfVerifyPolicyManager returned a ValidationRequest")
self.assertEqual(vr.failureCount, 0,
"Verification of identity-signed data failed")
self.assertEqual(vr.successCount, 1,
"Verification success called {} times instead of 1".format(
vr.successCount))
data2 = Data(Name('/TestData/2'))
vr = doVerify(policyManager,
data2)
self.assertFalse(vr.hasFurtherSteps,
"SelfVerifyPolicyManager returned a ValidationRequest")
self.assertEqual(vr.successCount, 0,
"Verification of unsigned data succeeded")
self.assertEqual(vr.failureCount, 1,
"Verification failure callback called {} times instead of 1".format(
vr.failureCount))示例2: test_no_verify
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
def test_no_verify(self):
policyManager = NoVerifyPolicyManager()
identityName = Name('TestValidator/Null').appendVersion(int(time.time()))
keyChain = KeyChain(self.identityManager, policyManager)
keyChain.createIdentityAndCertificate(identityName)
data = Data(Name(identityName).append('data'))
keyChain.signByIdentity(data, identityName)
vr = doVerify(policyManager, data)
self.assertFalse(vr.hasFurtherSteps,
"NoVerifyPolicyManager returned a ValidationRequest")
self.assertEqual(vr.failureCount, 0,
"Verification failed with NoVerifyPolicyManager")
self.assertEqual(vr.successCount, 1,
"Verification success called {} times instead of 1".format(
vr.successCount))示例3: main
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
def main():
# Params parsing
parser = argparse.ArgumentParser(
description="bms gateway node to Parse or follow Cascade Datahub log and publish to MiniNdn."
)
parser.add_argument("filename", help="datahub log file")
parser.add_argument("-f", dest="follow", action="store_true", help="follow (tail -f) the log file")
parser.add_argument("--namespace", default="/ndn/edu/ucla/remap/bms", help="root of ndn name, no trailing slash")
args = parser.parse_args()
# Setup logging
logger = Logger()
logger.prepareLogging()
# Face, KeyChain, memoryContentCache and asio event loop initialization
loop = asyncio.get_event_loop()
face = ThreadsafeFace(loop)
keyChain = KeyChain(IdentityManager(BasicIdentityStorage(), FilePrivateKeyStorage()))
# For the gateway publisher, we create one identity for it to sign nfd command interests
certificateName = keyChain.createIdentityAndCertificate(Name("/ndn/bms/gateway-publisher"))
face.setCommandSigningInfo(keyChain, certificateName)
cache = MemoryContentCache(face)
dataPublisher = DataPublisher(face, keyChain, loop, cache, args.namespace)
cache.registerPrefix(Name(args.namespace), dataPublisher.onRegisterFailed, dataPublisher.onDataNotFound)
# Parse csv to decide the mapping between sensor JSON -> <NDN name, data type>
dataPublisher.populateSensorNDNDictFromCSV("bms-sensor-data-types-sanitized.csv")
if args.follow:
# asyncio.async(loop.run_in_executor(executor, followfile, args.filename, args.namespace, cache))
loop.run_until_complete(dataPublisher.followfile(args.filename))
else:
loop.run_until_complete(dataPublisher.readfile(args.filename))
loop.run_forever()
face.shutdown()示例4: TestConsumer
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
class TestConsumer(object):
def __init__(self, face):
# Set up face
self.face = face
self.databaseFilePath = "policy_config/test_consumer.db"
try:
os.remove(self.databaseFilePath)
except OSError:
# no such file
pass
self.groupName = Name("/org/openmhealth/zhehao")
# Set up the keyChain.
identityStorage = BasicIdentityStorage()
privateKeyStorage = FilePrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(identityStorage, privateKeyStorage),
NoVerifyPolicyManager())
# Authorized identity
identityName = Name("/org/openmhealth/dvu-python-3")
# Unauthorized identity
#identityName = Name("/org/openmhealth/dvu-python-1")
self.certificateName = self.keyChain.createIdentityAndCertificate(identityName)
self.face.setCommandSigningInfo(self.keyChain, self.certificateName)
consumerKeyName = IdentityCertificate.certificateNameToPublicKeyName(self.certificateName)
consumerCertificate = identityStorage.getCertificate(self.certificateName)
self.consumer = Consumer(
face, self.keyChain, self.groupName, identityName,
Sqlite3ConsumerDb(self.databaseFilePath))
# TODO: Read the private key to decrypt d-key...this may or may not be ideal
base64Content = None
with open(privateKeyStorage.nameTransform(consumerKeyName.toUri(), ".pri")) as keyFile:
print privateKeyStorage.nameTransform(consumerKeyName.toUri(), ".pri")
base64Content = keyFile.read()
#print base64Content
der = Blob(base64.b64decode(base64Content), False)
self.consumer.addDecryptionKey(consumerKeyName, der)
self.memoryContentCache = MemoryContentCache(self.face)
self.memoryContentCache.registerPrefix(identityName, self.onRegisterFailed, self.onDataNotFound)
self.memoryContentCache.add(consumerCertificate)
accessRequestInterest = Interest(Name(self.groupName).append("read_access_request").append(self.certificateName).appendVersion(int(time.time())))
self.face.expressInterest(accessRequestInterest, self.onAccessRequestData, self.onAccessRequestTimeout)
print "Access request interest name: " + accessRequestInterest.getName().toUri()
self.consumeCatalog = True
return
def onAccessRequestData(self, interest, data):
print "Access request data: " + data.getName().toUri()
print "Start consuming"
self.startConsuming()
return
def onAccessRequestTimeout(self, interest):
print "Access request times out: " + interest.getName().toUri()
print "Assuming certificate sent and D-key generated, start consuming"
self.startConsuming()
return
def startConsuming(self):
if self.consumeCatalog:
contentName = Name("/org/openmhealth/zhehao/SAMPLE/fitness/physical_activity/time_location/catalog/20160620T080000")
self.consumer.consume(contentName, self.onCatalogConsumeComplete, self.onConsumeFailed)
print "Trying to consume: " + contentName.toUri()
else:
contentName = Name("/org/openmhealth/zhehao/SAMPLE/fitness/physical_activity/time_location/")
dataNum = 60
baseZFill = 3
basetimeString = "20160620T080"
for i in range(0, dataNum):
timeString = basetimeString + str(i).zfill(baseZFill)
timeFloat = Schedule.fromIsoString(timeString)
self.consumer.consume(Name(contentName).append(timeString), self.onConsumeComplete, self.onConsumeFailed)
print "Trying to consume: " + Name(contentName).append(timeString).toUri()
def onDataNotFound(self, prefix, interest, face, interestFilterId, filter):
print "Data not found for interest: " + interest.getName().toUri()
return
def onRegisterFailed(self, prefix):
print "Prefix registration failed: " + prefix.toUri()
return
def onCatalogConsumeComplete(self, data, result):
print "Consume complete for catalog: " + data.getName().toUri()
resultObject = json.loads(result.toRawStr())
contentName = Name("/org/openmhealth/zhehao/SAMPLE/fitness/physical_activity/time_location/")
#.........这里部分代码省略.........
示例5: TestGroupManager
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
class TestGroupManager(ut.TestCase):
def setUp(self):
# Reuse the policy_config subdirectory for the temporary SQLite files.
self.dKeyDatabaseFilePath = "policy_config/manager-d-key-test.db"
try:
os.remove(self.dKeyDatabaseFilePath)
except OSError:
# no such file
pass
self.eKeyDatabaseFilePath = "policy_config/manager-e-key-test.db"
try:
os.remove(self.eKeyDatabaseFilePath)
except OSError:
# no such file
pass
self.intervalDatabaseFilePath = "policy_config/manager-interval-test.db"
try:
os.remove(self.intervalDatabaseFilePath)
except OSError:
# no such file
pass
self.groupKeyDatabaseFilePath = "policy_config/manager-group-key-test.db"
try:
os.remove(self.groupKeyDatabaseFilePath)
except OSError:
# no such file
pass
params = RsaKeyParams()
memberDecryptKey = RsaAlgorithm.generateKey(params)
self.decryptKeyBlob = memberDecryptKey.getKeyBits()
memberEncryptKey = RsaAlgorithm.deriveEncryptKey(self.decryptKeyBlob)
self.encryptKeyBlob = memberEncryptKey.getKeyBits()
# Generate the certificate.
self.certificate = IdentityCertificate()
self.certificate.setName(Name("/ndn/memberA/KEY/ksk-123/ID-CERT/123"))
contentPublicKey = PublicKey(self.encryptKeyBlob)
self.certificate.setPublicKeyInfo(contentPublicKey)
self.certificate.setNotBefore(0)
self.certificate.setNotAfter(0)
self.certificate.encode()
signatureInfoBlob = Blob(SIG_INFO, False)
signatureValueBlob = Blob(SIG_VALUE, False)
signature = TlvWireFormat.get().decodeSignatureInfoAndValue(
signatureInfoBlob.buf(), signatureValueBlob.buf())
self.certificate.setSignature(signature)
self.certificate.wireEncode()
# Set up the keyChain.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(identityStorage, privateKeyStorage),
NoVerifyPolicyManager())
identityName = Name("TestGroupManager")
self.keyChain.createIdentityAndCertificate(identityName)
self.keyChain.getIdentityManager().setDefaultIdentity(identityName)
def tearDown(self):
try:
os.remove(self.dKeyDatabaseFilePath)
except OSError:
pass
try:
os.remove(self.eKeyDatabaseFilePath)
except OSError:
pass
try:
os.remove(self.intervalDatabaseFilePath)
except OSError:
pass
try:
os.remove(self.groupKeyDatabaseFilePath)
except OSError:
pass
def setManager(self, manager):
# Set up the first schedule.
schedule1 = Schedule()
interval11 = RepetitiveInterval(
Schedule.fromIsoString("20150825T000000"),
Schedule.fromIsoString("20150827T000000"), 5, 10, 2,
RepetitiveInterval.RepeatUnit.DAY)
interval12 = RepetitiveInterval(
Schedule.fromIsoString("20150825T000000"),
Schedule.fromIsoString("20150827T000000"), 6, 8, 1,
RepetitiveInterval.RepeatUnit.DAY)
interval13 = RepetitiveInterval(
Schedule.fromIsoString("20150827T000000"),
Schedule.fromIsoString("20150827T000000"), 7, 8)
schedule1.addWhiteInterval(interval11)
schedule1.addWhiteInterval(interval12)
schedule1.addBlackInterval(interval13)
#.........这里部分代码省略.........
示例6: SampleProducer
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
class SampleProducer(object):
def __init__(self, face, username, memoryContentCache):
# Set up face
self.face = face
# Set up the keyChain.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(identityStorage, privateKeyStorage),
NoVerifyPolicyManager())
identityName = Name(username)
self.certificateName = self.keyChain.createIdentityAndCertificate(identityName)
self.keyChain.getIdentityManager().setDefaultIdentity(identityName)
self.face.setCommandSigningInfo(self.keyChain, self.certificateName)
self.databaseFilePath = "policy_config/test_producer.db"
self.catalogDatabaseFilePath = "policy_config/test_producer_catalog.db"
try:
os.remove(self.databaseFilePath)
except OSError:
# no such file
pass
try:
os.remove(self.catalogDatabaseFilePath)
except OSError:
# no such file
pass
self.testDb = Sqlite3ProducerDb(self.databaseFilePath)
self.catalogDb = Sqlite3ProducerDb(self.catalogDatabaseFilePath)
# TODO: as of right now, catalog has a different suffix, so need another instance of producer; that producer cannot share
# the same DB with the first producer, otherwise there won't be a self.onEncryptedKeys call; as the catalog producer uses
# its own C-key, and that key won't be encrypted by an E-key as no interest goes out
# This sounds like something problematic from the library
prefix = Name(username)
suffix = Name("fitness/physical_activity/time_location")
self.producer = Producer(Name(prefix), suffix, self.face, self.keyChain, self.testDb)
catalogSuffix = Name(suffix).append("catalog")
self.catalogProducer = Producer(Name(prefix), catalogSuffix, self.face, self.keyChain, self.catalogDb)
self.memoryContentCache = memoryContentCache
return
def createContentKey(self, timeSlot):
print "debug: createContentKey for data and catalog"
contentKeyName = self.producer.createContentKey(timeSlot, self.onEncryptedKeys, self.onError)
catalogKeyName = self.catalogProducer.createContentKey(timeSlot, self.onEncryptedKeys, self.onError)
print contentKeyName.toUri()
print catalogKeyName.toUri()
def onError(self, code, msg):
print str(code) + " : " + msg
return
def initiateContentStoreInsertion(self, repoCommandPrefix, data):
fetchName = data.getName()
parameter = repo_command_parameter_pb2.RepoCommandParameterMessage()
# Add the Name.
for i in range(fetchName.size()):
parameter.repo_command_parameter.name.component.append(
fetchName[i].getValue().toBytes())
# Create the command interest.
interest = Interest(Name(repoCommandPrefix).append("insert")
.append(Name.Component(ProtobufTlv.encode(parameter))))
self.face.makeCommandInterest(interest)
self.face.expressInterest(interest, self.onRepoData, self.onRepoTimeout)
def onRepoData(self, interest, data):
#print "received repo data: " + interest.getName().toUri()
return
def onRepoTimeout(self, interest):
#print "repo command times out: " + interest.getName().getPrefix(-1).toUri()
return
def onEncryptedKeys(self, keys):
print "debug: onEncryptedKeys called"
if not keys:
print "onEncryptedKeys: no keys in callback!"
for i in range(0, len(keys)):
print "onEncryptedKeys: produced encrypted key " + keys[i].getName().toUri()
self.memoryContentCache.add(keys[i])
self.initiateContentStoreInsertion("/ndn/edu/ucla/remap/ndnfit/repo", keys[i])
return示例7: TestSqlIdentityStorage
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
class TestSqlIdentityStorage(ut.TestCase):
def setUp(self):
# Reuse the policy_config subdirectory for the temporary SQLite file.
self.databaseFilePath = "policy_config/test-public-info.db"
try:
os.remove(self.databaseFilePath)
except OSError:
# no such file
pass
self.identityStorage = BasicIdentityStorage(self.databaseFilePath)
self.identityManager = IdentityManager(self.identityStorage,
FilePrivateKeyStorage())
self.policyManager = SelfVerifyPolicyManager(self.identityStorage)
self.keyChain = KeyChain(self.identityManager, self.policyManager)
def tearDown(self):
try:
os.remove(self.databaseFilePath)
except OSError:
pass
def test_identity_create_delete(self):
identityName = Name('/TestIdentityStorage/Identity').appendVersion(
int(time.time()))
certificateName = self.keyChain.createIdentityAndCertificate(identityName)
keyName = IdentityCertificate.certificateNameToPublicKeyName(certificateName)
self.assertTrue(self.identityStorage.doesIdentityExist(identityName),
"Identity was not added to IdentityStorage")
self.assertIsNotNone(keyName, "New identity has no key")
self.assertTrue(self.identityStorage.doesKeyExist(keyName),
"Key was not added to IdentityStorage")
self.assertIsNotNone(certificateName,
"Certificate was not added to IdentityStorage")
self.keyChain.deleteIdentity(identityName)
self.assertFalse(self.identityStorage.doesIdentityExist(identityName),
"Identity still in IdentityStorage after identity was deleted")
self.assertFalse(self.identityStorage.doesKeyExist(keyName),
"Key still in IdentityStorage after identity was deleted")
self.assertFalse(self.identityStorage.doesCertificateExist(certificateName),
"Certificate still in IdentityStorage after identity was deleted")
with self.assertRaises(SecurityException):
self.identityManager.getDefaultCertificateNameForIdentity(identityName)
def test_key_create_delete(self):
identityName = Name('/TestIdentityStorage/Identity').appendVersion(
int(time.time()))
keyName1 = self.keyChain.generateRSAKeyPair(identityName, True)
self.keyChain.getIdentityManager().setDefaultKeyForIdentity(keyName1)
keyName2 = self.keyChain.generateRSAKeyPair(identityName, False)
self.assertEqual(self.identityManager.getDefaultKeyNameForIdentity(identityName),
keyName1, "Default key name was changed without explicit request")
self.assertNotEqual(self.identityManager.getDefaultKeyNameForIdentity(identityName),
keyName2, "Newly created key replaced default key without explicit request")
self.identityStorage.deletePublicKeyInfo(keyName2)
self.assertFalse(self.identityStorage.doesKeyExist(keyName2))
self.keyChain.deleteIdentity(identityName)
def test_key_autocreate_identity(self):
keyName1 = Name('/TestSqlIdentityStorage/KeyType/RSA/ksk-12345')
identityName = keyName1[:-1]
decodedKey = base64.b64decode(RSA_DER)
self.identityStorage.addKey(keyName1, KeyType.RSA, Blob(decodedKey))
self.identityStorage.setDefaultKeyNameForIdentity(keyName1)
self.assertTrue(self.identityStorage.doesKeyExist(keyName1),
"Key was not added")
self.assertTrue(self.identityStorage.doesIdentityExist(identityName),
"Identity for key was not automatically created")
self.assertEqual(self.identityManager.getDefaultKeyNameForIdentity(identityName),
keyName1, "Default key was not set on identity creation")
with self.assertRaises(SecurityException):
self.identityStorage.getDefaultCertificateNameForKey(keyName1)
with self.assertRaises(SecurityException):
# we have no private key for signing
self.identityManager.selfSign(keyName1)
with self.assertRaises(SecurityException):
self.identityStorage.getDefaultCertificateNameForKey(keyName1)
with self.assertRaises(SecurityException):
self.identityManager.getDefaultCertificateNameForIdentity(identityName)
keyName2 = self.identityManager.generateRSAKeyPairAsDefault(identityName)
cert = self.identityManager.selfSign(keyName2)
self.identityManager.addCertificateAsIdentityDefault(cert)
certName1 = self.identityManager.getDefaultCertificateNameForIdentity(identityName)
#.........这里部分代码省略.........
示例8: TestProducer
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
class TestProducer(ut.TestCase):
def setUp(self):
self.decryptionKeys = {} # key: Name, value: Blob
self.encryptionKeys = {} # key: Name, value: Data
# Reuse the policy_config subdirectory for the temporary SQLite files.
self.databaseFilePath = "policy_config/test.db"
try:
os.remove(self.databaseFilePath)
except OSError:
# no such file
pass
# Set up the keyChain.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(identityStorage, privateKeyStorage),
NoVerifyPolicyManager())
identityName = Name("TestProducer")
self.certificateName = self.keyChain.createIdentityAndCertificate(identityName)
self.keyChain.getIdentityManager().setDefaultIdentity(identityName)
def tearDown(self):
try:
os.remove(self.databaseFilePath)
except OSError:
pass
def createEncryptionKey(self, eKeyName, timeMarker):
params = RsaKeyParams()
eKeyName = Name(eKeyName)
eKeyName.append(timeMarker)
dKeyBlob = RsaAlgorithm.generateKey(params).getKeyBits()
eKeyBlob = RsaAlgorithm.deriveEncryptKey(dKeyBlob).getKeyBits()
self.decryptionKeys[eKeyName] = dKeyBlob
keyData = Data(eKeyName)
keyData.setContent(eKeyBlob)
self.keyChain.sign(keyData, self.certificateName)
self.encryptionKeys[eKeyName] = keyData
def test_content_key_request(self):
prefix = Name("/prefix")
suffix = Name("/a/b/c")
expectedInterest = Name(prefix)
expectedInterest.append(Encryptor.NAME_COMPONENT_READ)
expectedInterest.append(suffix)
expectedInterest.append(Encryptor.NAME_COMPONENT_E_KEY)
cKeyName = Name(prefix)
cKeyName.append(Encryptor.NAME_COMPONENT_SAMPLE)
cKeyName.append(suffix)
cKeyName.append(Encryptor.NAME_COMPONENT_C_KEY)
timeMarker = Name("20150101T100000/20150101T120000")
testTime1 = Schedule.fromIsoString("20150101T100001")
testTime2 = Schedule.fromIsoString("20150101T110001")
testTimeRounded1 = Name.Component("20150101T100000")
testTimeRounded2 = Name.Component("20150101T110000")
# Create content keys required for this test case:
for i in range(suffix.size()):
self.createEncryptionKey(expectedInterest, timeMarker)
expectedInterest = expectedInterest.getPrefix(-2).append(
Encryptor.NAME_COMPONENT_E_KEY)
expressInterestCallCount = [0]
# Prepare a TestFace to instantly answer calls to expressInterest.
class TestFace(object):
def __init__(self, handleExpressInterest):
self.handleExpressInterest = handleExpressInterest
def expressInterest(self, interest, onData, onTimeout):
return self.handleExpressInterest(interest, onData, onTimeout)
def handleExpressInterest(interest, onData, onTimeout):
expressInterestCallCount[0] += 1
interestName = Name(interest.getName())
interestName.append(timeMarker)
self.assertTrue(interestName in self.encryptionKeys)
onData(interest, self.encryptionKeys[interestName])
return 0
face = TestFace(handleExpressInterest)
# Verify that the content key is correctly encrypted for each domain, and
# the produce method encrypts the provided data with the same content key.
testDb = Sqlite3ProducerDb(self.databaseFilePath)
producer = Producer(prefix, suffix, face, self.keyChain, testDb)
contentKey = [None] # Blob
def checkEncryptionKeys(
result, testTime, roundedTime, expectedExpressInterestCallCount):
self.assertEqual(expectedExpressInterestCallCount,
expressInterestCallCount[0])
self.assertEqual(True, testDb.hasContentKey(testTime))
#.........这里部分代码省略.........
示例9: BaseNode
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
class BaseNode(object):
"""
This class contains methods/attributes common to both node and controller.
"""
def __init__(self, transport = None, conn = None):
"""
Initialize the network and security classes for the node
"""
super(BaseNode, self).__init__()
self.faceTransport = transport
self.faceConn = conn
self._identityStorage = BasicIdentityStorage()
self._identityManager = IdentityManager(self._identityStorage, FilePrivateKeyStorage())
self._policyManager = IotPolicyManager(self._identityStorage)
# hopefully there is some private/public key pair available
self._keyChain = KeyChain(self._identityManager, self._policyManager)
self._registrationFailures = 0
self._prepareLogging()
self._setupComplete = False
##
# Logging
##
def _prepareLogging(self):
self.log = logging.getLogger(str(self.__class__))
self.log.setLevel(logging.DEBUG)
logFormat = "%(asctime)-15s %(name)-20s %(funcName)-20s (%(levelname)-8s):\n\t%(message)s"
self._console = logging.StreamHandler()
self._console.setFormatter(logging.Formatter(logFormat))
self._console.setLevel(logging.INFO)
# without this, a lot of ThreadsafeFace errors get swallowed up
logging.getLogger("trollius").addHandler(self._console)
self.log.addHandler(self._console)
def setLogLevel(self, level):
"""
Set the log level that will be output to standard error
:param level: A log level constant defined in the logging module (e.g. logging.INFO)
"""
self._console.setLevel(level)
def getLogger(self):
"""
:return: The logger associated with this node
:rtype: logging.Logger
"""
return self.log
###
# Startup and shutdown
###
def beforeLoopStart(self):
"""
Called before the event loop starts.
"""
pass
def getDefaultCertificateName(self):
try:
certName = self._identityStorage.getDefaultCertificateNameForIdentity(
self._policyManager.getDeviceIdentity())
except SecurityException as e:
# zhehao: in the case of producer's /localhop prefixes, the default key is not defined in ndnsec-public-info.db
certName = self._keyChain.createIdentityAndCertificate(self._policyManager.getDeviceIdentity())
#certName = self._keyChain.getDefaultCertificateName()
#print(certName.toUri())
return certName
def start(self):
"""
Begins the event loop. After this, the node's Face is set up and it can
send/receive interests+data
"""
self.log.info("Starting up")
self.loop = asyncio.get_event_loop()
if (self.faceTransport == None or self.faceTransport == ''):
self.face = ThreadsafeFace(self.loop)
else:
self.face = ThreadsafeFace(self.loop, self.faceTransport, self.faceConn)
self.face.setCommandSigningInfo(self._keyChain, self.getDefaultCertificateName())
self._keyChain.setFace(self.face)
self._isStopped = False
self.beforeLoopStart()
try:
self.loop.run_forever()
except Exception as e:
self.log.exception(exc_info=True)
finally:
self.stop()
#.........这里部分代码省略.........
示例10: BmsNode
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
class BmsNode(object):
def __init__(self):
self.conf = None
self._keyChain = None
self._certificateName = None
self._dataQueue = dict()
self._memoryContentCache = None
self._identityName = None
self._aggregation = Aggregation()
def setConfiguration(self, fileName, trustSchemaFile):
self.conf = BoostInfoParser()
self.conf.read(fileName)
self._identityName = Name(self.conf.getNodePrefix())
self._trustSchemaFile = trustSchemaFile
def onDataNotFound(self, prefix, interest, face, interestFilterId, filter):
#print('Data not found for ' + interest.getName().toUri())
return
def startPublishing(self):
# One-time security setup
self.prepareLogging()
privateKeyStorage = FilePrivateKeyStorage()
identityStorage = BasicIdentityStorage()
policyManager = ConfigPolicyManager(self._trustSchemaFile)
self._keyChain = KeyChain(IdentityManager(identityStorage, privateKeyStorage), policyManager)
self._certificateName = self._keyChain.createIdentityAndCertificate(self._identityName)
print("My Identity name: " + self._identityName.toUri())
print("My certificate name: " + self._certificateName.toUri())
certificateData = self._keyChain.getIdentityManager()._identityStorage.getCertificate(self._certificateName, True)
print("My certificate string: " + b64encode(certificateData.wireEncode().toBuffer()))
# self._keyChain.getIdentityCertificate(self._certificateName).)
self._loop = asyncio.get_event_loop()
self._face = ThreadsafeFace(self._loop)
self._keyChain.setFace(self._face)
self._face.setCommandSigningInfo(self._keyChain, self._certificateName)
self._memoryContentCache = MemoryContentCache(self._face)
# We should only ask for cert to be signed upon the first run of a certain aggregator
if DO_CERT_SETUP:
if (KeyLocator.getFromSignature(certificateData.getSignature()).getKeyName().equals(self._certificateName.getPrefix(-1))):
# Need to configure for mini-ndn; aggregation node runs outside of mini-ndn first so that signed cert get installed and mini-ndn won't ask for this again
print("certificate " + self._certificateName.toUri() + " asking for signature")
response = urllib2.urlopen("http://192.168.56.1:5000/bms-cert-hack?cert=" + b64encode(certificateData.wireEncode().toBuffer()) + "&cert_prefix=" + self._identityName.toUri() + '&subject_name=' + self._identityName.toUri()).read()
signedCertData = Data()
signedCertData.wireDecode(Blob(b64decode(response)))
self._memoryContentCache.add(signedCertData)
cmdline = ['ndnsec-install-cert', '-']
p = subprocess.Popen(cmdline, stdin=subprocess.PIPE, stdout=subprocess.PIPE)
# desanitize + sign in GET request
cert, err = p.communicate(response)
if p.returncode != 0:
raise RuntimeError("ndnsec-install-cert error")
else:
self._memoryContentCache.add(certificateData)
else:
self._memoryContentCache.add(certificateData)
dataNode = self.conf.getDataNode()
childrenNode = self.conf.getChildrenNode()
self._memoryContentCache.registerPrefix(Name(self._identityName), self.onRegisterFailed, self.onDataNotFound)
# For each type of data, we refresh each type of aggregation according to the interval in the configuration
for i in range(len(dataNode.subtrees)):
dataType = dataNode.subtrees.keys()[i]
aggregationParams = self.conf.getProducingParamsForAggregationType(dataNode.subtrees.items()[i][1])
if childrenNode == None:
self._dataQueue[dataType] = DataQueue(None, None, None)
self.generateData(dataType, 2, 0)
for aggregationType in aggregationParams:
childrenList = OrderedDict()
if childrenNode != None:
for j in range(len(childrenNode.subtrees)):
if dataType in childrenNode.subtrees.items()[j][1].subtrees['data'].subtrees:
if aggregationType in childrenNode.subtrees.items()[j][1].subtrees['data'].subtrees[dataType].subtrees:
childrenList[childrenNode.subtrees.items()[j][0]] = self.conf.getProducingParamsForAggregationType(childrenNode.subtrees.items()[j][1].subtrees['data'].subtrees[dataType])[aggregationType]
self.startPublishingAggregation(aggregationParams[aggregationType], childrenList, dataType, aggregationType)
return
def startPublishingAggregation(self, params, childrenList, dataType, aggregationType):
if __debug__:
print('Start publishing for ' + dataType + '-' + aggregationType)
# aggregation calculating and publishing mechanism
publishingPrefix = Name(self._identityName).append(DATA_COMPONENT).append(dataType).append(AGGREGATION_COMPONENT).append(aggregationType)
#.........这里部分代码省略.........
示例11: TestDPU
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import createIdentityAndCertificate [as 别名]
class TestDPU(object):
def __init__(self, face, encryptResult, defaultPrefix, link = None):
# Set up face
self.face = face
self._encryptResult = encryptResult
self._link = link
self.databaseFilePath = "policy_config/test_consumer_dpu.db"
try:
os.remove(self.databaseFilePath)
except OSError:
# no such file
pass
self.groupName = Name(defaultPrefix)
# Set up the keyChain.
identityStorage = BasicIdentityStorage()
privateKeyStorage = FilePrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(identityStorage, privateKeyStorage),
NoVerifyPolicyManager())
# Authorized identity
identityName = Name("/ndn/edu/basel/dpu")
# Function name: the function that this DPU provides
self._functionName = "bounding_box"
self._identityName = identityName
self.certificateName = self.keyChain.createIdentityAndCertificate(identityName)
# TODO: if using BasicIdentityStorage and FilePrivateKeyStorage
# For some reason this newly generated cert is not installed by default, calling keyChain sign later would result in error
#self.keyChain.installIdentityCertificate()
self.memoryContentCache = MemoryContentCache(self.face)
try:
commandSigningKeyChain = KeyChain()
print "Default certificate name is: " + self.keyChain.getDefaultCertificateName().toUri()
self.face.setCommandSigningInfo(commandSigningKeyChain, commandSigningKeyChain.getDefaultCertificateName())
self.memoryContentCache.registerPrefix(identityName, self.onRegisterFailed, self.onDataNotFound)
except SecurityException as e:
print str(e)
print "Cannot use default certificate, use created certificate in FilePrivateKeyStorage"
self.face.setCommandSigningInfo(self.keyChain, self.certificateName)
self.memoryContentCache.registerPrefix(identityName, self.onRegisterFailed, self.onDataNotFound)
consumerKeyName = IdentityCertificate.certificateNameToPublicKeyName(self.certificateName)
consumerCertificate = identityStorage.getCertificate(self.certificateName)
self.consumer = Consumer(
face, self.keyChain, self.groupName, identityName,
Sqlite3ConsumerDb(self.databaseFilePath))
# TODO: Read the private key to decrypt d-key...this may or may not be ideal
base64Content = None
with open(privateKeyStorage.nameTransform(consumerKeyName.toUri(), ".pri")) as keyFile:
print privateKeyStorage.nameTransform(consumerKeyName.toUri(), ".pri")
base64Content = keyFile.read()
#print base64Content
der = Blob(base64.b64decode(base64Content), False)
self.consumer.addDecryptionKey(consumerKeyName, der)
self.memoryContentCache.add(consumerCertificate)
accessRequestInterest = Interest(Name(self.groupName).append("read_access_request").append(self.certificateName).appendVersion(int(time.time())))
self.face.expressInterest(accessRequestInterest, self.onAccessRequestData, self.onAccessRequestTimeout)
print "Access request interest name: " + accessRequestInterest.getName().toUri()
self._tasks = dict()
return
def onAccessRequestData(self, interest, data):
print "Access request data: " + data.getName().toUri()
return
def onAccessRequestTimeout(self, interest):
print "Access request times out: " + interest.getName().toUri()
print "Assuming certificate sent and D-key generated"
return
def startConsuming(self, userId, basetimeString, producedDataName, dataNum, outerDataName):
contentName = Name(userId).append(Name("/SAMPLE/fitness/physical_activity/time_location/"))
baseZFill = 3
for i in range(0, dataNum):
timeString = basetimeString + str(i).zfill(baseZFill)
timeFloat = Schedule.fromIsoString(timeString)
self.consume(Name(contentName).append(timeString), producedDataName, outerDataName)
print "Trying to consume: " + Name(contentName).append(timeString).toUri()
def onDataNotFound(self, prefix, interest, face, interestFilterId, filter):
print "Data not found for interest: " + interest.getName().toUri()
functionComponentIdx = len(self._identityName)
if interest.getName().get(functionComponentIdx).toEscapedString() == self._functionName:
try:
parameters = interest.getName().get(functionComponentIdx + 1).toEscapedString()
pattern = re.compile('([^,]*),([^,]*),([^,]*)')
matching = pattern.match(str(Name.fromEscapedString(parameters)))
#.........这里部分代码省略.........