本文整理汇总了Python中pyndn.security.KeyChain.verifyData方法的典型用法代码示例。如果您正苦于以下问题:Python KeyChain.verifyData方法的具体用法?Python KeyChain.verifyData怎么用?Python KeyChain.verifyData使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类pyndn.security.KeyChain的用法示例。
在下文中一共展示了KeyChain.verifyData方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: benchmarkDecodeDataSeconds
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import verifyData [as 别名]
def benchmarkDecodeDataSeconds(nIterations, useCrypto, encoding):
"""
Loop to decode a data packet nIterations times.
:param int nIterations: The number of iterations.
:param bool useCrypto: If true, verify the signature. If false, don't
verify.
:param Blob encoding: The wire encoding to decode.
"""
# Initialize the private key storage in case useCrypto is true.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
keyChain = KeyChain(IdentityManager(identityStorage, privateKeyStorage),
SelfVerifyPolicyManager(identityStorage))
keyName = Name("/testname/DSK-123")
certificateName = keyName.getSubName(0, keyName.size() - 1).append(
"KEY").append(keyName[-1]).append("ID-CERT").append("0")
identityStorage.addKey(keyName, KeyType.RSA, Blob(DEFAULT_RSA_PUBLIC_KEY_DER))
start = getNowSeconds()
for i in range(nIterations):
data = Data()
data.wireDecode(encoding)
if useCrypto:
keyChain.verifyData(data, onVerified, onVerifyFailed)
finish = getNowSeconds()
return finish - start示例2: main
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import verifyData [as 别名]
def main():
data = Data()
data.wireDecode(TlvData)
dump("Decoded Data:")
dumpData(data)
# Set the content again to clear the cached encoding so we encode again.
data.setContent(data.getContent())
encoding = data.wireEncode()
reDecodedData = Data()
reDecodedData.wireDecode(encoding)
dump("")
dump("Re-decoded Data:")
dumpData(reDecodedData)
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
keyChain = KeyChain(IdentityManager(identityStorage, privateKeyStorage),
SelfVerifyPolicyManager(identityStorage))
# Initialize the storage.
keyName = Name("/testname/DSK-123")
certificateName = keyName.getSubName(0, keyName.size() - 1).append(
"KEY").append(keyName[-1]).append("ID-CERT").append("0")
identityStorage.addKey(keyName, KeyType.RSA, Blob(DEFAULT_RSA_PUBLIC_KEY_DER))
privateKeyStorage.setKeyPairForKeyName(
keyName, KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER)
keyChain.verifyData(reDecodedData, makeOnVerified("Re-decoded Data"),
makeOnVerifyFailed("Re-decoded Data"))
freshData = Data(Name("/ndn/abc"))
freshData.setContent("SUCCESS!")
freshData.getMetaInfo().setFreshnessPeriod(5000)
freshData.getMetaInfo().setFinalBlockId(Name("/%00%09")[0])
keyChain.sign(freshData, certificateName)
dump("")
dump("Freshly-signed Data:")
dumpData(freshData)
keyChain.verifyData(freshData, makeOnVerified("Freshly-signed Data"),
makeOnVerifyFailed("Freshly-signed Data"))示例3: Bootstrap
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import verifyData [as 别名]
#.........这里部分代码省略.........
# TODO: handling signature with direct bits instead of keylocator keyname
if "signer" in confObj:
if confObj["signer"] == "default":
signerName = None
else:
signerName = Name(confObj["signer"])
else:
signerName = None
print "Deriving from " + signerName.toUri() + " for controller name"
helper(defaultIdentity, signerName)
else:
if isinstance(defaultIdentityOrFileName, Name):
helper(defaultIdentityOrFileName, signerName)
else:
raise RuntimeError("Please call setupDefaultIdentityAndRoot with identity name and root key name")
return
def onControllerCertData(self, interest, data, onSetupComplete, onSetupFailed):
# TODO: verification rule for received self-signed cert.
# So, if a controller comes masquerading in at this point with the right name, it is problematic. Similar with ndn-pi's implementation
self._controllerCertificate = IdentityCertificate(data)
# insert root certificate so that we could verify initial trust schemas
# TODO: this does not seem a good approach, implementation-wise and security implication
self._keyChain.getPolicyManager()._certificateCache.insertCertificate(self._controllerCertificate)
try:
self._identityManager.addCertificate(self._controllerCertificate)
except SecurityException as e:
print str(e)
for schema in self._trustSchemas:
# TODO: remove the concept of pending-schema
if "pending-schema" in self._trustSchemas[schema]:
self._keyChain.verifyData(self._trustSchemas[schema]["pending-schema"], self.onSchemaVerified, self.onSchemaVerificationFailed)
if onSetupComplete:
onSetupComplete(Name(self._defaultCertificateName), self._keyChain)
return
def onControllerCertTimeout(self, interest, onSetupComplete, onSetupFailed, controllerCertRetries):
print "Controller certificate interest times out"
newInterest = Interest(interest)
newInterest.refreshNonce()
if controllerCertRetries == 0:
if onSetupFailed:
onSetupFailed("Controller certificate interest times out")
else:
print "Set up failed: controller certificate interest times out"
else:
self._face.expressInterest(newInterest,
lambda interest, data: self.onControllerCertData(interest, data, onSetupComplete, onSetupFailed),
lambda interest: self.onControllerCertTimeout(interest, onSetupComplete, onSetupFailed, controllerCertRetries - 1))
return
#########################################################
# Handling application consumption (trust schema updates)
#########################################################
# TODO: if trust schema gets over packet size limit, segmentation
def startTrustSchemaUpdate(self, appPrefix, onUpdateSuccess = None, onUpdateFailed = None):
"""
Starts trust schema update for under an application prefix: initial
interest asks for the rightMostChild, and later interests are sent
with previous version excluded. Each verified trust schema will trigger
onUpdateSuccess and update the ConfigPolicyManager for the keyChain
in this instance, and unverified ones will trigger onUpdateFailed.
The keyChain and trust anchor should be set up using setupDefaultIdentityAndRoot示例4: TestSqlIdentityStorage
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import verifyData [as 别名]
#.........这里部分代码省略.........
self.keyChain.deleteIdentity(identityName)
self.assertFalse(self.identityStorage.doesKeyExist(keyName1))
def test_certificate_add_delete(self):
identityName = Name('/TestIdentityStorage/Identity').appendVersion(
int(time.time()))
self.identityManager.createIdentityAndCertificate(
identityName, KeyChain.getDefaultKeyParams())
keyName1 = self.identityManager.getDefaultKeyNameForIdentity(identityName)
cert2 = self.identityManager.selfSign(keyName1)
self.identityStorage.addCertificate(cert2)
certName2 = cert2.getName()
certName1 = self.identityManager.getDefaultCertificateNameForIdentity(identityName)
self.assertNotEqual(certName1, certName2,
"New certificate was set as default without explicit request")
self.identityStorage.deleteCertificateInfo(certName1)
self.assertTrue(self.identityStorage.doesCertificateExist(certName2))
self.assertFalse(self.identityStorage.doesCertificateExist(certName1))
self.keyChain.deleteIdentity(identityName)
self.assertFalse(self.identityStorage.doesCertificateExist(certName2))
def test_stress(self):
# ndn-cxx/tests/unit-tests/security/test-sec-public-info-sqlite3.cpp
identityName = Name("/TestSecPublicInfoSqlite3/Delete").appendVersion(
int(time.time()))
# ndn-cxx returns the cert name, but the IndentityManager docstring
# specifies a key
certName1 = self.keyChain.createIdentityAndCertificate(identityName)
keyName1 = IdentityCertificate.certificateNameToPublicKeyName(certName1)
keyName2 = self.keyChain.generateRSAKeyPairAsDefault(identityName)
cert2 = self.identityManager.selfSign(keyName2)
certName2 = cert2.getName()
self.identityManager.addCertificateAsDefault(cert2)
keyName3 = self.keyChain.generateRSAKeyPairAsDefault(identityName)
cert3 = self.identityManager.selfSign(keyName3)
certName3 = cert3.getName()
self.identityManager.addCertificateAsDefault(cert3)
cert4 = self.identityManager.selfSign(keyName3)
self.identityManager.addCertificateAsDefault(cert4)
certName4 = cert4.getName()
cert5 = self.identityManager.selfSign(keyName3)
self.identityManager.addCertificateAsDefault(cert5)
certName5 = cert5.getName()
self.assertTrue(self.identityStorage.doesIdentityExist(identityName))
self.assertTrue(self.identityStorage.doesKeyExist(keyName1))
self.assertTrue(self.identityStorage.doesKeyExist(keyName2))
self.assertTrue(self.identityStorage.doesKeyExist(keyName3))
self.assertTrue(self.identityStorage.doesCertificateExist(certName1))
self.assertTrue(self.identityStorage.doesCertificateExist(certName2))
self.assertTrue(self.identityStorage.doesCertificateExist(certName3))
self.assertTrue(self.identityStorage.doesCertificateExist(certName4))
self.assertTrue(self.identityStorage.doesCertificateExist(certName5))
self.identityStorage.deleteCertificateInfo(certName5)
self.assertFalse(self.identityStorage.doesCertificateExist(certName5))
self.assertTrue(self.identityStorage.doesCertificateExist(certName4))
self.assertTrue(self.identityStorage.doesCertificateExist(certName3))
self.assertTrue(self.identityStorage.doesKeyExist(keyName2))
self.identityStorage.deletePublicKeyInfo(keyName3)
self.assertFalse(self.identityStorage.doesCertificateExist(certName4))
self.assertFalse(self.identityStorage.doesCertificateExist(certName3))
self.assertFalse(self.identityStorage.doesKeyExist(keyName3))
self.assertTrue(self.identityStorage.doesKeyExist(keyName2))
self.assertTrue(self.identityStorage.doesKeyExist(keyName1))
self.assertTrue(self.identityStorage.doesIdentityExist(identityName))
self.keyChain.deleteIdentity(identityName)
self.assertFalse(self.identityStorage.doesCertificateExist(certName2))
self.assertFalse(self.identityStorage.doesKeyExist(keyName2))
self.assertFalse(self.identityStorage.doesCertificateExist(certName1))
self.assertFalse(self.identityStorage.doesKeyExist(keyName1))
self.assertFalse(self.identityStorage.doesIdentityExist(identityName))
def test_ecdsa_identity(self):
identityName = Name("/TestSqlIdentityStorage/KeyType/ECDSA")
keyName = self.identityManager.generateEcdsaKeyPairAsDefault(identityName)
cert = self.identityManager.selfSign(keyName)
self.identityManager.addCertificateAsIdentityDefault(cert)
# Check the self-signature.
failedCallback = Mock()
verifiedCallback = Mock()
self.keyChain.verifyData(cert, verifiedCallback, failedCallback)
self.assertEqual(verifiedCallback.call_count, 1,
"Verification callback was not used.")
self.keyChain.deleteIdentity(identityName)
self.assertFalse(self.identityStorage.doesKeyExist(keyName))示例5: BmsNode
# 需要导入模块: from pyndn.security import KeyChain [as 别名]
# 或者: from pyndn.security.KeyChain import verifyData [as 别名]
#.........这里部分代码省略.........
publishData.setContent(str(content))
publishData.getMetaInfo().setFreshnessPeriod(DEFAULT_DATA_LIFETIME)
self._keyChain.sign(publishData, self._certificateName)
self._memoryContentCache.add(publishData)
for childName in childrenList.keys():
dataDictKey = self.getDataDictKey(startTime, (startTime + interval), childName)
if dataDictKey in self._dataQueue[dataType + aggregationType]._dataDict:
del self._dataQueue[dataType + aggregationType]._dataDict[dataDictKey]
if __debug__:
print("Produced: " + publishData.getName().toUri() + "; " + publishData.getContent().toRawStr())
# repetition of this function only happens for raw data producer, otherwise calculateAggregation is called by each onData
if repeat:
self._loop.call_later(interval, self.calculateAggregation, dataType, aggregationType, childrenList, startTime + interval, interval, publishingPrefix, repeat)
return
def generateData(self, dataType, interval, startTime):
self._dataQueue[dataType]._dataDict[str(startTime)] = random.randint(0,9)
self._loop.call_later(interval, self.generateData, dataType, interval, startTime + interval)
return
def onRegisterFailed(self, prefix):
raise RuntimeError("Register failed for prefix", prefix.toUri())
def onVerified(self, data):
print('Data verified: ' + data.getName().toUri())
return
def onVerifyFailed(self, data):
print('Data verification failed: ' + data.getName().toUri())
return
def onData(self, interest, data):
self._keyChain.verifyData(data, self.onVerified, self.onVerifyFailed)
dataName = data.getName()
dataQueue = None
if __debug__:
print("Got data: " + dataName.toUri() + "; " + data.getContent().toRawStr())
for i in range(0, len(dataName)):
if dataName.get(i).toEscapedString() == AGGREGATION_COMPONENT:
dataType = dataName.get(i - 1).toEscapedString()
aggregationType = dataName.get(i + 1).toEscapedString()
startTime = int(dataName.get(i + 2).toEscapedString())
endTime = int(dataName.get(i + 3).toEscapedString())
childName = dataName.get(i - 3).toEscapedString()
dataAndAggregationType = dataType + aggregationType
dataDictKey = self.getDataDictKey(startTime, endTime, childName)
dataQueue = self._dataQueue[dataAndAggregationType]
dataQueue._dataDict[dataDictKey] = data
break
# TODO: check what if interval/starttime is misconfigured
if dataQueue:
self.calculateAggregation(dataType, aggregationType, dataQueue._childrenList, startTime, endTime - startTime, dataQueue._publishingPrefix)
# Always ask for the next piece of data when we receive this one; assumes interval does not change; this also assumes there are no more components after endTime
#newInterestName = dataName.getPrefix(i + 2).append(str(endTime)).append(str(endTime + (endTime - startTime)))
# We don't expect aggregated data name to be continuous within our given time window, so we ask with exclusion instead
newInterestName = dataName.getPrefix(i + 2)
newInterest = Interest(interest)