本文整理汇总了Python中pyndn.security.KeyChain.getIdentityManager方法的典型用法代码示例。如果您正苦于以下问题:Python KeyChain.getIdentityManager方法的具体用法?Python KeyChain.getIdentityManager怎么用?Python KeyChain.getIdentityManager使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类pyndn.security.KeyChain的用法示例。
在下文中一共展示了KeyChain.getIdentityManager方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: TestGroupManager
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import getIdentityManager [as 别名]
class TestGroupManager(ut.TestCase):
def setUp(self):
# Reuse the policy_config subdirectory for the temporary SQLite files.
self.dKeyDatabaseFilePath = "policy_config/manager-d-key-test.db"
try:
os.remove(self.dKeyDatabaseFilePath)
except OSError:
# no such file
pass
self.eKeyDatabaseFilePath = "policy_config/manager-e-key-test.db"
try:
os.remove(self.eKeyDatabaseFilePath)
except OSError:
# no such file
pass
self.intervalDatabaseFilePath = "policy_config/manager-interval-test.db"
try:
os.remove(self.intervalDatabaseFilePath)
except OSError:
# no such file
pass
self.groupKeyDatabaseFilePath = "policy_config/manager-group-key-test.db"
try:
os.remove(self.groupKeyDatabaseFilePath)
except OSError:
# no such file
pass
params = RsaKeyParams()
memberDecryptKey = RsaAlgorithm.generateKey(params)
self.decryptKeyBlob = memberDecryptKey.getKeyBits()
memberEncryptKey = RsaAlgorithm.deriveEncryptKey(self.decryptKeyBlob)
self.encryptKeyBlob = memberEncryptKey.getKeyBits()
# Generate the certificate.
self.certificate = IdentityCertificate()
self.certificate.setName(Name("/ndn/memberA/KEY/ksk-123/ID-CERT/123"))
contentPublicKey = PublicKey(self.encryptKeyBlob)
self.certificate.setPublicKeyInfo(contentPublicKey)
self.certificate.setNotBefore(0)
self.certificate.setNotAfter(0)
self.certificate.encode()
signatureInfoBlob = Blob(SIG_INFO, False)
signatureValueBlob = Blob(SIG_VALUE, False)
signature = TlvWireFormat.get().decodeSignatureInfoAndValue(
signatureInfoBlob.buf(), signatureValueBlob.buf())
self.certificate.setSignature(signature)
self.certificate.wireEncode()
# Set up the keyChain.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(identityStorage, privateKeyStorage),
NoVerifyPolicyManager())
identityName = Name("TestGroupManager")
self.keyChain.createIdentityAndCertificate(identityName)
self.keyChain.getIdentityManager().setDefaultIdentity(identityName)
def tearDown(self):
try:
os.remove(self.dKeyDatabaseFilePath)
except OSError:
pass
try:
os.remove(self.eKeyDatabaseFilePath)
except OSError:
pass
try:
os.remove(self.intervalDatabaseFilePath)
except OSError:
pass
try:
os.remove(self.groupKeyDatabaseFilePath)
except OSError:
pass
def setManager(self, manager):
# Set up the first schedule.
schedule1 = Schedule()
interval11 = RepetitiveInterval(
Schedule.fromIsoString("20150825T000000"),
Schedule.fromIsoString("20150827T000000"), 5, 10, 2,
RepetitiveInterval.RepeatUnit.DAY)
interval12 = RepetitiveInterval(
Schedule.fromIsoString("20150825T000000"),
Schedule.fromIsoString("20150827T000000"), 6, 8, 1,
RepetitiveInterval.RepeatUnit.DAY)
interval13 = RepetitiveInterval(
Schedule.fromIsoString("20150827T000000"),
Schedule.fromIsoString("20150827T000000"), 7, 8)
schedule1.addWhiteInterval(interval11)
schedule1.addWhiteInterval(interval12)
schedule1.addBlackInterval(interval13)
#.........这里部分代码省略.........
示例2: SampleProducer
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import getIdentityManager [as 别名]
class SampleProducer(object):
def __init__(self, face, username, memoryContentCache):
# Set up face
self.face = face
# Set up the keyChain.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(identityStorage, privateKeyStorage),
NoVerifyPolicyManager())
identityName = Name(username)
self.certificateName = self.keyChain.createIdentityAndCertificate(identityName)
self.keyChain.getIdentityManager().setDefaultIdentity(identityName)
self.face.setCommandSigningInfo(self.keyChain, self.certificateName)
self.databaseFilePath = "policy_config/test_producer.db"
self.catalogDatabaseFilePath = "policy_config/test_producer_catalog.db"
try:
os.remove(self.databaseFilePath)
except OSError:
# no such file
pass
try:
os.remove(self.catalogDatabaseFilePath)
except OSError:
# no such file
pass
self.testDb = Sqlite3ProducerDb(self.databaseFilePath)
self.catalogDb = Sqlite3ProducerDb(self.catalogDatabaseFilePath)
# TODO: as of right now, catalog has a different suffix, so need another instance of producer; that producer cannot share
# the same DB with the first producer, otherwise there won't be a self.onEncryptedKeys call; as the catalog producer uses
# its own C-key, and that key won't be encrypted by an E-key as no interest goes out
# This sounds like something problematic from the library
prefix = Name(username)
suffix = Name("fitness/physical_activity/time_location")
self.producer = Producer(Name(prefix), suffix, self.face, self.keyChain, self.testDb)
catalogSuffix = Name(suffix).append("catalog")
self.catalogProducer = Producer(Name(prefix), catalogSuffix, self.face, self.keyChain, self.catalogDb)
self.memoryContentCache = memoryContentCache
return
def createContentKey(self, timeSlot):
print "debug: createContentKey for data and catalog"
contentKeyName = self.producer.createContentKey(timeSlot, self.onEncryptedKeys, self.onError)
catalogKeyName = self.catalogProducer.createContentKey(timeSlot, self.onEncryptedKeys, self.onError)
print contentKeyName.toUri()
print catalogKeyName.toUri()
def onError(self, code, msg):
print str(code) + " : " + msg
return
def initiateContentStoreInsertion(self, repoCommandPrefix, data):
fetchName = data.getName()
parameter = repo_command_parameter_pb2.RepoCommandParameterMessage()
# Add the Name.
for i in range(fetchName.size()):
parameter.repo_command_parameter.name.component.append(
fetchName[i].getValue().toBytes())
# Create the command interest.
interest = Interest(Name(repoCommandPrefix).append("insert")
.append(Name.Component(ProtobufTlv.encode(parameter))))
self.face.makeCommandInterest(interest)
self.face.expressInterest(interest, self.onRepoData, self.onRepoTimeout)
def onRepoData(self, interest, data):
#print "received repo data: " + interest.getName().toUri()
return
def onRepoTimeout(self, interest):
#print "repo command times out: " + interest.getName().getPrefix(-1).toUri()
return
def onEncryptedKeys(self, keys):
print "debug: onEncryptedKeys called"
if not keys:
print "onEncryptedKeys: no keys in callback!"
for i in range(0, len(keys)):
print "onEncryptedKeys: produced encrypted key " + keys[i].getName().toUri()
self.memoryContentCache.add(keys[i])
self.initiateContentStoreInsertion("/ndn/edu/ucla/remap/ndnfit/repo", keys[i])
return示例3: TestProducer
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import getIdentityManager [as 别名]
class TestProducer(ut.TestCase):
def setUp(self):
self.decryptionKeys = {} # key: Name, value: Blob
self.encryptionKeys = {} # key: Name, value: Data
# Reuse the policy_config subdirectory for the temporary SQLite files.
self.databaseFilePath = "policy_config/test.db"
try:
os.remove(self.databaseFilePath)
except OSError:
# no such file
pass
# Set up the keyChain.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(identityStorage, privateKeyStorage),
NoVerifyPolicyManager())
identityName = Name("TestProducer")
self.certificateName = self.keyChain.createIdentityAndCertificate(identityName)
self.keyChain.getIdentityManager().setDefaultIdentity(identityName)
def tearDown(self):
try:
os.remove(self.databaseFilePath)
except OSError:
pass
def createEncryptionKey(self, eKeyName, timeMarker):
params = RsaKeyParams()
eKeyName = Name(eKeyName)
eKeyName.append(timeMarker)
dKeyBlob = RsaAlgorithm.generateKey(params).getKeyBits()
eKeyBlob = RsaAlgorithm.deriveEncryptKey(dKeyBlob).getKeyBits()
self.decryptionKeys[eKeyName] = dKeyBlob
keyData = Data(eKeyName)
keyData.setContent(eKeyBlob)
self.keyChain.sign(keyData, self.certificateName)
self.encryptionKeys[eKeyName] = keyData
def test_content_key_request(self):
prefix = Name("/prefix")
suffix = Name("/a/b/c")
expectedInterest = Name(prefix)
expectedInterest.append(Encryptor.NAME_COMPONENT_READ)
expectedInterest.append(suffix)
expectedInterest.append(Encryptor.NAME_COMPONENT_E_KEY)
cKeyName = Name(prefix)
cKeyName.append(Encryptor.NAME_COMPONENT_SAMPLE)
cKeyName.append(suffix)
cKeyName.append(Encryptor.NAME_COMPONENT_C_KEY)
timeMarker = Name("20150101T100000/20150101T120000")
testTime1 = Schedule.fromIsoString("20150101T100001")
testTime2 = Schedule.fromIsoString("20150101T110001")
testTimeRounded1 = Name.Component("20150101T100000")
testTimeRounded2 = Name.Component("20150101T110000")
# Create content keys required for this test case:
for i in range(suffix.size()):
self.createEncryptionKey(expectedInterest, timeMarker)
expectedInterest = expectedInterest.getPrefix(-2).append(
Encryptor.NAME_COMPONENT_E_KEY)
expressInterestCallCount = [0]
# Prepare a TestFace to instantly answer calls to expressInterest.
class TestFace(object):
def __init__(self, handleExpressInterest):
self.handleExpressInterest = handleExpressInterest
def expressInterest(self, interest, onData, onTimeout):
return self.handleExpressInterest(interest, onData, onTimeout)
def handleExpressInterest(interest, onData, onTimeout):
expressInterestCallCount[0] += 1
interestName = Name(interest.getName())
interestName.append(timeMarker)
self.assertTrue(interestName in self.encryptionKeys)
onData(interest, self.encryptionKeys[interestName])
return 0
face = TestFace(handleExpressInterest)
# Verify that the content key is correctly encrypted for each domain, and
# the produce method encrypts the provided data with the same content key.
testDb = Sqlite3ProducerDb(self.databaseFilePath)
producer = Producer(prefix, suffix, face, self.keyChain, testDb)
contentKey = [None] # Blob
def checkEncryptionKeys(
result, testTime, roundedTime, expectedExpressInterestCallCount):
self.assertEqual(expectedExpressInterestCallCount,
expressInterestCallCount[0])
self.assertEqual(True, testDb.hasContentKey(testTime))
#.........这里部分代码省略.........
示例4: TestSqlIdentityStorage
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import getIdentityManager [as 别名]
class TestSqlIdentityStorage(ut.TestCase):
def setUp(self):
# Reuse the policy_config subdirectory for the temporary SQLite file.
self.databaseFilePath = "policy_config/test-public-info.db"
try:
os.remove(self.databaseFilePath)
except OSError:
# no such file
pass
self.identityStorage = BasicIdentityStorage(self.databaseFilePath)
self.identityManager = IdentityManager(self.identityStorage,
FilePrivateKeyStorage())
self.policyManager = SelfVerifyPolicyManager(self.identityStorage)
self.keyChain = KeyChain(self.identityManager, self.policyManager)
def tearDown(self):
try:
os.remove(self.databaseFilePath)
except OSError:
pass
def test_identity_create_delete(self):
identityName = Name('/TestIdentityStorage/Identity').appendVersion(
int(time.time()))
certificateName = self.keyChain.createIdentityAndCertificate(identityName)
keyName = IdentityCertificate.certificateNameToPublicKeyName(certificateName)
self.assertTrue(self.identityStorage.doesIdentityExist(identityName),
"Identity was not added to IdentityStorage")
self.assertIsNotNone(keyName, "New identity has no key")
self.assertTrue(self.identityStorage.doesKeyExist(keyName),
"Key was not added to IdentityStorage")
self.assertIsNotNone(certificateName,
"Certificate was not added to IdentityStorage")
self.keyChain.deleteIdentity(identityName)
self.assertFalse(self.identityStorage.doesIdentityExist(identityName),
"Identity still in IdentityStorage after identity was deleted")
self.assertFalse(self.identityStorage.doesKeyExist(keyName),
"Key still in IdentityStorage after identity was deleted")
self.assertFalse(self.identityStorage.doesCertificateExist(certificateName),
"Certificate still in IdentityStorage after identity was deleted")
with self.assertRaises(SecurityException):
self.identityManager.getDefaultCertificateNameForIdentity(identityName)
def test_key_create_delete(self):
identityName = Name('/TestIdentityStorage/Identity').appendVersion(
int(time.time()))
keyName1 = self.keyChain.generateRSAKeyPair(identityName, True)
self.keyChain.getIdentityManager().setDefaultKeyForIdentity(keyName1)
keyName2 = self.keyChain.generateRSAKeyPair(identityName, False)
self.assertEqual(self.identityManager.getDefaultKeyNameForIdentity(identityName),
keyName1, "Default key name was changed without explicit request")
self.assertNotEqual(self.identityManager.getDefaultKeyNameForIdentity(identityName),
keyName2, "Newly created key replaced default key without explicit request")
self.identityStorage.deletePublicKeyInfo(keyName2)
self.assertFalse(self.identityStorage.doesKeyExist(keyName2))
self.keyChain.deleteIdentity(identityName)
def test_key_autocreate_identity(self):
keyName1 = Name('/TestSqlIdentityStorage/KeyType/RSA/ksk-12345')
identityName = keyName1[:-1]
decodedKey = base64.b64decode(RSA_DER)
self.identityStorage.addKey(keyName1, KeyType.RSA, Blob(decodedKey))
self.identityStorage.setDefaultKeyNameForIdentity(keyName1)
self.assertTrue(self.identityStorage.doesKeyExist(keyName1),
"Key was not added")
self.assertTrue(self.identityStorage.doesIdentityExist(identityName),
"Identity for key was not automatically created")
self.assertEqual(self.identityManager.getDefaultKeyNameForIdentity(identityName),
keyName1, "Default key was not set on identity creation")
with self.assertRaises(SecurityException):
self.identityStorage.getDefaultCertificateNameForKey(keyName1)
with self.assertRaises(SecurityException):
# we have no private key for signing
self.identityManager.selfSign(keyName1)
with self.assertRaises(SecurityException):
self.identityStorage.getDefaultCertificateNameForKey(keyName1)
with self.assertRaises(SecurityException):
self.identityManager.getDefaultCertificateNameForIdentity(identityName)
keyName2 = self.identityManager.generateRSAKeyPairAsDefault(identityName)
cert = self.identityManager.selfSign(keyName2)
self.identityManager.addCertificateAsIdentityDefault(cert)
certName1 = self.identityManager.getDefaultCertificateNameForIdentity(identityName)
#.........这里部分代码省略.........
示例5: BmsNode
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import getIdentityManager [as 别名]
class BmsNode(object):
def __init__(self):
self.conf = None
self._keyChain = None
self._certificateName = None
self._dataQueue = dict()
self._memoryContentCache = None
self._identityName = None
self._aggregation = Aggregation()
def setConfiguration(self, fileName, trustSchemaFile):
self.conf = BoostInfoParser()
self.conf.read(fileName)
self._identityName = Name(self.conf.getNodePrefix())
self._trustSchemaFile = trustSchemaFile
def onDataNotFound(self, prefix, interest, face, interestFilterId, filter):
#print('Data not found for ' + interest.getName().toUri())
return
def startPublishing(self):
# One-time security setup
self.prepareLogging()
privateKeyStorage = FilePrivateKeyStorage()
identityStorage = BasicIdentityStorage()
policyManager = ConfigPolicyManager(self._trustSchemaFile)
self._keyChain = KeyChain(IdentityManager(identityStorage, privateKeyStorage), policyManager)
self._certificateName = self._keyChain.createIdentityAndCertificate(self._identityName)
print("My Identity name: " + self._identityName.toUri())
print("My certificate name: " + self._certificateName.toUri())
certificateData = self._keyChain.getIdentityManager()._identityStorage.getCertificate(self._certificateName, True)
print("My certificate string: " + b64encode(certificateData.wireEncode().toBuffer()))
# self._keyChain.getIdentityCertificate(self._certificateName).)
self._loop = asyncio.get_event_loop()
self._face = ThreadsafeFace(self._loop)
self._keyChain.setFace(self._face)
self._face.setCommandSigningInfo(self._keyChain, self._certificateName)
self._memoryContentCache = MemoryContentCache(self._face)
# We should only ask for cert to be signed upon the first run of a certain aggregator
if DO_CERT_SETUP:
if (KeyLocator.getFromSignature(certificateData.getSignature()).getKeyName().equals(self._certificateName.getPrefix(-1))):
# Need to configure for mini-ndn; aggregation node runs outside of mini-ndn first so that signed cert get installed and mini-ndn won't ask for this again
print("certificate " + self._certificateName.toUri() + " asking for signature")
response = urllib2.urlopen("http://192.168.56.1:5000/bms-cert-hack?cert=" + b64encode(certificateData.wireEncode().toBuffer()) + "&cert_prefix=" + self._identityName.toUri() + '&subject_name=' + self._identityName.toUri()).read()
signedCertData = Data()
signedCertData.wireDecode(Blob(b64decode(response)))
self._memoryContentCache.add(signedCertData)
cmdline = ['ndnsec-install-cert', '-']
p = subprocess.Popen(cmdline, stdin=subprocess.PIPE, stdout=subprocess.PIPE)
# desanitize + sign in GET request
cert, err = p.communicate(response)
if p.returncode != 0:
raise RuntimeError("ndnsec-install-cert error")
else:
self._memoryContentCache.add(certificateData)
else:
self._memoryContentCache.add(certificateData)
dataNode = self.conf.getDataNode()
childrenNode = self.conf.getChildrenNode()
self._memoryContentCache.registerPrefix(Name(self._identityName), self.onRegisterFailed, self.onDataNotFound)
# For each type of data, we refresh each type of aggregation according to the interval in the configuration
for i in range(len(dataNode.subtrees)):
dataType = dataNode.subtrees.keys()[i]
aggregationParams = self.conf.getProducingParamsForAggregationType(dataNode.subtrees.items()[i][1])
if childrenNode == None:
self._dataQueue[dataType] = DataQueue(None, None, None)
self.generateData(dataType, 2, 0)
for aggregationType in aggregationParams:
childrenList = OrderedDict()
if childrenNode != None:
for j in range(len(childrenNode.subtrees)):
if dataType in childrenNode.subtrees.items()[j][1].subtrees['data'].subtrees:
if aggregationType in childrenNode.subtrees.items()[j][1].subtrees['data'].subtrees[dataType].subtrees:
childrenList[childrenNode.subtrees.items()[j][0]] = self.conf.getProducingParamsForAggregationType(childrenNode.subtrees.items()[j][1].subtrees['data'].subtrees[dataType])[aggregationType]
self.startPublishingAggregation(aggregationParams[aggregationType], childrenList, dataType, aggregationType)
return
def startPublishingAggregation(self, params, childrenList, dataType, aggregationType):
if __debug__:
print('Start publishing for ' + dataType + '-' + aggregationType)
# aggregation calculating and publishing mechanism
publishingPrefix = Name(self._identityName).append(DATA_COMPONENT).append(dataType).append(AGGREGATION_COMPONENT).append(aggregationType)
#.........这里部分代码省略.........