def _build_chains(self): for topo_id, cert in self.certs.items(): chain = [cert] issuer = TopoID(cert.issuer) while issuer in self.certs: cert = self.certs[issuer] if str(issuer) == cert.issuer: break chain.append(cert) issuer = TopoID(cert.issuer) cert_path = get_cert_chain_file_path("", topo_id, INITIAL_CERT_VERSION) self.cert_files[topo_id][cert_path] = \ CertificateChain(chain).to_json()
def test(self): """ Create a certificate chain and verify it with a TRC file. Sign a message with the private key of the last certificate in the chain and verify it. """ cert10 = CertificateChain(get_cert_chain_file_path(1, 10, 1, 10, 0)) trc = TRC(get_trc_file_path(1, 10, 1, 0)) print('TRC verification', trc.verify()) print('Cert Chain verification:', cert10.verify('ISD:1-AD:10', trc, 0)) sig_priv10 = read_file(get_sig_key_file_path(1, 10)) sig_priv10 = base64.b64decode(sig_priv10) msg = b'abcd' sig = sign(msg, sig_priv10) print('Sig test:', verify_sig_chain_trc(msg, sig, 'ISD:1-AD:10', cert10, trc, 0)) sig_priv13 = read_file(get_sig_key_file_path(1, 13)) sig_priv13 = base64.b64decode(sig_priv13) msg = b'abd' sig = sign(msg, sig_priv13) CertificateChain.from_values([]) print('Sig test 2:', verify_sig_chain_trc(msg, sig, 'ISD:1-AD:13', cert10, trc, 0), '\n') topology = Topology.from_file( "topology/ISD1/topologies/ISD:1-AD:10.json") src_addr = SCIONAddr.from_values(topology.isd_id, topology.ad_id, IPv4Address("127.0.0.1")) dst_addr = topology.certificate_servers[0].addr sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.bind((str(src_addr.host_addr), SCION_UDP_PORT)) print("Sending TRC request (ISD:1-V:0) to local CS.") msg = TRCRequest.from_values( PT.TRC_REQ_LOCAL, src_addr, topology.parent_border_routers[0].interface.if_id, topology.isd_id, topology.ad_id, 1, 0).pack() sock.sendto(msg, (str(dst_addr), SCION_UDP_PORT)) temp_file = './temp.txt' timeout = 5 ready = select.select([sock], [], [], timeout) if not ready[0]: print("Error: no TRC reply was received!") sock.close() return data, _ = sock.recvfrom(SCION_BUFLEN) print("Received TRC reply from local CS.") trc_reply = TRCReply(data) write_file(temp_file, trc_reply.trc.decode('utf-8')) trc = TRC(temp_file) assert trc.verify() print("Sending cert chain request (ISD:1-AD:16-V:0) to local CS.") msg = CertChainRequest.from_values( PT.CERT_CHAIN_REQ_LOCAL, src_addr, topology.parent_border_routers[0].interface.if_id, topology.isd_id, topology.ad_id, 1, 16, 0).pack() sock.sendto(msg, (str(dst_addr), SCION_UDP_PORT)) ready = select.select([sock], [], [], timeout) if not ready[0]: print("Error: no cert chain reply was received!") sock.close() return data, _ = sock.recvfrom(SCION_BUFLEN) print("Received cert chain reply from local CS.") cert_chain_reply = CertChainReply(data) write_file(temp_file, cert_chain_reply.cert_chain.decode('utf-8')) cert_chain = CertificateChain(temp_file) assert cert_chain.verify('ISD:1-AD:16', trc, 0) os.remove(temp_file) sock.close()