def createConfigFile(self):
tmp_conf = "/tmp/nlsr.conf"
configFile = open(tmp_conf, 'w')
configFile.write(self.__getConfig())
configFile.close()
# If this node is a remote node scp the nlsr.conf file to its /tmp/nlsr.conf
if isinstance(self.node, RemoteMixin) and self.node.isRemote:
login = "******" % self.node.server
src = tmp_conf
dst = "%s:%s" % (login, tmp_conf)
scp(src, dst)
# Copy nlsr.conf to home folder
self.node.cmd("mv %s nlsr.conf" % tmp_conf)
def createKeysAndCertificates(net, workDir):
securityDir = "{}/security".format(workDir)
if not os.path.exists(securityDir):
os.mkdir(securityDir)
# Create root certificate
rootName = NETWORK
sh("ndnsec-keygen {}".format(
rootName)) # Installs a self-signed cert into the system
sh("ndnsec-cert-dump -i {} > {}/root.cert".format(
rootName, securityDir))
# Create necessary certificates for each site
for host in net.hosts:
nodeSecurityFolder = "{}/security".format(host.homeFolder)
host.cmd("mkdir -p %s" % nodeSecurityFolder)
# Create temp folders for remote nodes on this machine (localhost) to store site.key file
# from RemoteNodes
if not os.path.exists(nodeSecurityFolder) and isinstance(
host, RemoteMixin) and host.isRemote:
os.makedirs(nodeSecurityFolder)
shutil.copyfile("{}/root.cert".format(securityDir),
"{}/root.cert".format(nodeSecurityFolder))
# Create site certificate
siteName = "{}{}-site".format(NETWORK, host.name)
siteKeyFile = "{}/site.keys".format(nodeSecurityFolder)
siteCertFile = "{}/site.cert".format(nodeSecurityFolder)
Nlsr.createKey(host, siteName, siteKeyFile)
# Copy siteKeyFile from remote for ndnsec-certgen
if isinstance(host, RemoteMixin) and host.isRemote:
login = "******".format(host.server)
src = "{}:{}".format(login, siteKeyFile)
dst = siteKeyFile
scp(src, dst)
# Root key is in root namespace, must sign site key and then install on host
sh("ndnsec-certgen -s {} -r {} > {}".format(
rootName, siteKeyFile, siteCertFile))
# Copy root.cert and site.cert from localhost to remote host
if isinstance(host, RemoteMixin) and host.isRemote:
login = "******".format(host.server)
src = "{}/site.cert".format(nodeSecurityFolder)
src2 = "{}/root.cert".format(nodeSecurityFolder)
dst = "{}:/tmp/".format(login)
scp(src, src2, dst)
host.cmd("mv /tmp/*.cert {}".format(nodeSecurityFolder))
host.cmd("ndnsec-cert-install -f {}".format(siteCertFile))
# Create and install operator certificate
opName = "{}/%C1.Operator/op".format(siteName)
opKeyFile = "{}/op.keys".format(nodeSecurityFolder)
opCertFile = "{}/op.cert".format(nodeSecurityFolder)
Nlsr.createKey(host, opName, opKeyFile)
Nlsr.createCertificate(host, siteName, opKeyFile, opCertFile)
host.cmd("ndnsec-cert-install -f {}".format(opCertFile))
# Create and install router certificate
routerName = "{}/%C1.Router/cs/{}".format(siteName, host.name)
routerKeyFile = "{}/router.keys".format(nodeSecurityFolder)
routerCertFile = "{}/router.cert".format(nodeSecurityFolder)
Nlsr.createKey(host, routerName, routerKeyFile)
Nlsr.createCertificate(host, opName, routerKeyFile, routerCertFile)
host.cmd("ndnsec-cert-install -f {}".format(routerCertFile))