def benchmarkDecodeDataSeconds(nIterations, useCrypto, keyType, encoding): """ Loop to decode a data packet nIterations times. :param int nIterations: The number of iterations. :param bool useCrypto: If true, verify the signature. If false, don't verify. :param KeyType keyType: KeyType.RSA or EC, used if useCrypto is True. :param Blob encoding: The wire encoding to decode. :return: The number of seconds for all iterations. :rtype: float """ # Initialize the KeyChain in case useCrypto is true. keyChain = KeyChain("pib-memory:", "tpm-memory:") # This puts the public key in the pibImpl used by the SelfVerifyPolicyManager. keyChain.importSafeBag(SafeBag (Name("/testname/KEY/123"), Blob(DEFAULT_EC_PRIVATE_KEY_DER if keyType == KeyType.EC else DEFAULT_RSA_PRIVATE_KEY_DER, False), Blob(DEFAULT_EC_PUBLIC_KEY_DER if keyType == KeyType.EC else DEFAULT_RSA_PUBLIC_KEY_DER, False))) validator = Validator(ValidationPolicyFromPib(keyChain.getPib())) start = getNowSeconds() for i in range(nIterations): data = Data() data.wireDecode(encoding) if useCrypto: validator.validate(data,onVerifySuccess, onVerifyFailed) finish = getNowSeconds() return finish - start
def __init__(self, absPath, maxAttributes): self.keyChain = KeyChain("pib-memory:", "tpm-memory:") self.keyChain.createIdentityV2("/test/identity") self.validator = Validator( ValidationPolicyFromPib(self.keyChain.getPib())) # , filename, groupSize, nAttributes, absPath, keepData = False): # sys.stderr.write ("Using NDN-ABS authority, signer, and verifier database from %s\n" % absPath) self.db = ndnabs.PickleDb(absPath) self.signer = ndnabs.Signer(self.db) self.verifier = ndnabs.Verifier(self.db) try: info = self.signer.get_public_params_info() if info.getName().getPrefix( -2).toUri() != "/icn2019/test/authority": raise RuntimeError( 'NDN-ABS authority exists, but not setup for experiment. Use `ndnabs setup -f /icn2019/test/authority` to force-setup the authority' ) except: raise RuntimeError( "Public parameters are not properly installed for the signer/verifier" ) maxAttributes = [ b'attribute%d' % i for i in range(1, maxAttributes + 1) ] for attr in maxAttributes: if not attr in self.signer.get_attributes(): raise RuntimeError( "%s attribute missing. Generate attributes for the experiment using `ndnabs gen-secret %s | ndnabs install-secret`" % (str(attr, 'utf-8'), ' '.join( [str(i, 'utf-8') for i in maxAttributes])))
def main(): # Silence the warning from Interest wire encode. Interest.setDefaultCanBePrefix(True) interest = Interest() interest.wireDecode(TlvInterest) dump("Interest:") dumpInterest(interest) # Set the name again to clear the cached encoding so we encode again. interest.setName(interest.getName()) encoding = interest.wireEncode() dump("") dump("Re-encoded interest", encoding.toHex()) reDecodedInterest = Interest() reDecodedInterest.wireDecode(encoding) dump("Re-decoded Interest:") dumpInterest(reDecodedInterest) freshInterest = (Interest(Name("/ndn/abc")) .setMustBeFresh(False) .setMinSuffixComponents(4) .setMaxSuffixComponents(6) .setInterestLifetimeMilliseconds(30000) .setChildSelector(1) .setMustBeFresh(True)) freshInterest.getKeyLocator().setType(KeyLocatorType.KEY_LOCATOR_DIGEST) freshInterest.getKeyLocator().setKeyData(bytearray( [0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F])) freshInterest.getExclude().appendComponent(Name("abc")[0]).appendAny() freshInterest.getForwardingHint().add(1, Name("/A")) dump(freshInterest.toUri()) # Set up the KeyChain. keyChain = KeyChain("pib-memory:", "tpm-memory:") keyChain.importSafeBag(SafeBag (Name("/testname/KEY/123"), Blob(DEFAULT_RSA_PRIVATE_KEY_DER, False), Blob(DEFAULT_RSA_PUBLIC_KEY_DER, False))) validator = Validator(ValidationPolicyFromPib(keyChain.getPib())) # Make a Face just so that we can sign the interest. face = Face("localhost") face.setCommandSigningInfo(keyChain, keyChain.getDefaultCertificateName()) face.makeCommandInterest(freshInterest) reDecodedFreshInterest = Interest() reDecodedFreshInterest.wireDecode(freshInterest.wireEncode()) dump("") dump("Re-decoded fresh Interest:") dumpInterest(reDecodedFreshInterest) validator.validate( reDecodedFreshInterest, makeSuccessCallback("Freshly-signed Interest"), makeFailureCallback("Freshly-signed Interest"))
def main(): # Silence the warning from Interest wire encode. Interest.setDefaultCanBePrefix(True) interest = Interest() interest.wireDecode(TlvInterest) dump("Interest:") dumpInterest(interest) # Set the name again to clear the cached encoding so we encode again. interest.setName(interest.getName()) encoding = interest.wireEncode() dump("") dump("Re-encoded interest", encoding.toHex()) reDecodedInterest = Interest() reDecodedInterest.wireDecode(encoding) dump("Re-decoded Interest:") dumpInterest(reDecodedInterest) freshInterest = (Interest( Name("/ndn/abc")).setMustBeFresh(False).setMinSuffixComponents( 4).setMaxSuffixComponents(6).setInterestLifetimeMilliseconds( 30000).setChildSelector(1).setMustBeFresh(True)) freshInterest.getKeyLocator().setType(KeyLocatorType.KEY_LOCATOR_DIGEST) freshInterest.getKeyLocator().setKeyData( bytearray([ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F ])) freshInterest.getExclude().appendComponent(Name("abc")[0]).appendAny() freshInterest.getForwardingHint().add(1, Name("/A")) dump(freshInterest.toUri()) # Set up the KeyChain. keyChain = KeyChain("pib-memory:", "tpm-memory:") keyChain.importSafeBag( SafeBag(Name("/testname/KEY/123"), Blob(DEFAULT_RSA_PRIVATE_KEY_DER, False), Blob(DEFAULT_RSA_PUBLIC_KEY_DER, False))) validator = Validator(ValidationPolicyFromPib(keyChain.getPib())) # Make a Face just so that we can sign the interest. face = Face("localhost") face.setCommandSigningInfo(keyChain, keyChain.getDefaultCertificateName()) face.makeCommandInterest(freshInterest) reDecodedFreshInterest = Interest() reDecodedFreshInterest.wireDecode(freshInterest.wireEncode()) dump("") dump("Re-decoded fresh Interest:") dumpInterest(reDecodedFreshInterest) validator.validate(reDecodedFreshInterest, makeSuccessCallback("Freshly-signed Interest"), makeFailureCallback("Freshly-signed Interest"))
def main(): data = Data() data.wireDecode(TlvData) dump("Decoded Data:") dumpData(data) # Set the content again to clear the cached encoding so we encode again. data.setContent(data.getContent()) encoding = data.wireEncode() reDecodedData = Data() reDecodedData.wireDecode(encoding) dump("") dump("Re-decoded Data:") dumpData(reDecodedData) # Set up the KeyChain. keyChain = KeyChain("pib-memory:", "tpm-memory:") keyChain.importSafeBag(SafeBag (Name("/testname/KEY/123"), Blob(DEFAULT_RSA_PRIVATE_KEY_DER, False), Blob(DEFAULT_RSA_PUBLIC_KEY_DER, False))) validator = Validator(ValidationPolicyFromPib(keyChain.getPib())) validator.validate(reDecodedData, makeSuccessCallback("Re-decoded Data"), makeFailureCallback("Re-decoded Data")) freshData = Data(Name("/ndn/abc")) freshData.setContent("SUCCESS!") freshData.getMetaInfo().setFreshnessPeriod(5000) freshData.getMetaInfo().setFinalBlockId(Name("/%00%09")[0]) keyChain.sign(freshData) dump("") dump("Freshly-signed Data:") dumpData(freshData) validator.validate(freshData, makeSuccessCallback("Freshly-signed Data"), makeFailureCallback("Freshly-signed Data"))
def benchmarkDecodeDataSeconds(nIterations, useCrypto, keyType, encoding): """ Loop to decode a data packet nIterations times. :param int nIterations: The number of iterations. :param bool useCrypto: If true, verify the signature. If false, don't verify. :param KeyType keyType: KeyType.RSA or EC, used if useCrypto is True. :param Blob encoding: The wire encoding to decode. :return: The number of seconds for all iterations. :rtype: float """ # Initialize the KeyChain in case useCrypto is true. keyChain = KeyChain("pib-memory:", "tpm-memory:") # This puts the public key in the pibImpl used by the SelfVerifyPolicyManager. keyChain.importSafeBag( SafeBag( Name("/testname/KEY/123"), Blob( DEFAULT_EC_PRIVATE_KEY_DER if keyType == KeyType.EC else DEFAULT_RSA_PRIVATE_KEY_DER, False), Blob( DEFAULT_EC_PUBLIC_KEY_DER if keyType == KeyType.EC else DEFAULT_RSA_PUBLIC_KEY_DER, False))) validator = Validator(ValidationPolicyFromPib(keyChain.getPib())) start = getNowSeconds() for i in range(nIterations): data = Data() data.wireDecode(encoding) if useCrypto: validator.validate(data, onVerifySuccess, onVerifyFailed) finish = getNowSeconds() return finish - start
def __init__(self, policy): super(ValidatorFixture, self).__init__() self._face = ValidatorFixture.TestFace() # Set maxLifetime to 100 days. self._cache = CertificateCacheV2(100 * 24 * 3600 * 1000.0) self._validator = Validator(policy, CertificateFetcherFromNetwork(self._face)) self._policy = policy def processInterest(interest, onData, onTimeout, onNetworkNack): certificate = self._cache.find(interest) if certificate != None: onData(interest, certificate) else: onTimeout(interest) self._face._processInterest = processInterest
def main(): data = Data() data.wireDecode(TlvData) dump("Decoded Data:") dumpData(data) # Set the content again to clear the cached encoding so we encode again. data.setContent(data.getContent()) encoding = data.wireEncode() reDecodedData = Data() reDecodedData.wireDecode(encoding) dump("") dump("Re-decoded Data:") dumpData(reDecodedData) # Set up the KeyChain. keyChain = KeyChain("pib-memory:", "tpm-memory:") keyChain.importSafeBag( SafeBag(Name("/testname/KEY/123"), Blob(DEFAULT_RSA_PRIVATE_KEY_DER, False), Blob(DEFAULT_RSA_PUBLIC_KEY_DER, False))) validator = Validator(ValidationPolicyFromPib(keyChain.getPib())) validator.validate(reDecodedData, makeSuccessCallback("Re-decoded Data"), makeFailureCallback("Re-decoded Data")) freshData = Data(Name("/ndn/abc")) freshData.setContent("SUCCESS!") freshData.getMetaInfo().setFreshnessPeriod(5000) freshData.getMetaInfo().setFinalBlockId(Name("/%00%09")[0]) keyChain.sign(freshData) dump("") dump("Freshly-signed Data:") dumpData(freshData) validator.validate(freshData, makeSuccessCallback("Freshly-signed Data"), makeFailureCallback("Freshly-signed Data"))
class Experiment: _maxSegmentPayloadLength = 8192 def __init__(self, absPath, maxAttributes): self.keyChain = KeyChain("pib-memory:", "tpm-memory:") self.keyChain.createIdentityV2("/test/identity") self.validator = Validator( ValidationPolicyFromPib(self.keyChain.getPib())) # , filename, groupSize, nAttributes, absPath, keepData = False): # sys.stderr.write ("Using NDN-ABS authority, signer, and verifier database from %s\n" % absPath) self.db = ndnabs.PickleDb(absPath) self.signer = ndnabs.Signer(self.db) self.verifier = ndnabs.Verifier(self.db) try: info = self.signer.get_public_params_info() if info.getName().getPrefix( -2).toUri() != "/icn2019/test/authority": raise RuntimeError( 'NDN-ABS authority exists, but not setup for experiment. Use `ndnabs setup -f /icn2019/test/authority` to force-setup the authority' ) except: raise RuntimeError( "Public parameters are not properly installed for the signer/verifier" ) maxAttributes = [ b'attribute%d' % i for i in range(1, maxAttributes + 1) ] for attr in maxAttributes: if not attr in self.signer.get_attributes(): raise RuntimeError( "%s attribute missing. Generate attributes for the experiment using `ndnabs gen-secret %s | ndnabs install-secret`" % (str(attr, 'utf-8'), ' '.join( [str(i, 'utf-8') for i in maxAttributes]))) # self.attributes = [b'attribute%d' % i for i in range(1, nAttributes + 1)] # self._setupAbs(absPath) # self._readDataAndCreateManifests(filename, groupSize, keepData) def setupAbs(self, nAttributes): self.attributes = [ b'attribute%d' % i for i in range(1, nAttributes + 1) ] def _createManifest(self, name, manifestBuffer, nManifests): manifest = Data(name) manifest.setContent(manifestBuffer[0:nManifests * SHA256_DIGEST_SIZE]) return manifest def readDataAndCreateManifests(self, filename, groupSize, keepData): if groupSize < 1: raise RuntimeError("Group size cannot be less than 1") self.allChunks = [ ] # for holding the generated data packets, including unsigned manifests self.allManifests = [ ] # for storing first unsigned manifest packets, which are then signed in-place self.rawDataCount = 0 self.ndnChunkCount = 0 seqNo = 0 # sequence number of data packets chunkNo = 0 # number of the chunk in the group with open(filename, 'rb') as f: # prepare space to store all manifests of the group (last manifest will not use all the space) def allocateBufferForDigests(): return bytearray(groupSize * SHA256_DIGEST_SIZE) digests = allocateBufferForDigests() while f.readable(): chunkPayload = f.read(self._maxSegmentPayloadLength) if len(chunkPayload) == 0: break self.rawDataCount = self.rawDataCount + len(chunkPayload) chunk = Data( Name("/icn2019/test/data").appendSequenceNumber(seqNo)) seqNo = seqNo + 1 chunk.setContent(chunkPayload) digestSignature = DigestSha256Signature() digestSignature.setSignature( Blob(bytearray(SHA256_DIGEST_SIZE)) ) # not real a valid signature, but ok for the experiment chunk.setSignature(digestSignature) if keepData: self.allChunks.append(chunk) # only data chunks; manifest sizes counted separatedly, as they are signed self.ndnChunkCount = self.ndnChunkCount + chunk.wireEncode( ).size() # For storing data packet to a file # with open(writepath + "-1.txt", "wb") as dataf # dataf.write(dpacket_bytes) implicitDigest = chunk.getFullName()[-1].getValue() offset = chunkNo * SHA256_DIGEST_SIZE digests[offset:offset + SHA256_DIGEST_SIZE] = implicitDigest.toBytes()[:] chunkNo = chunkNo + 1 if chunkNo == groupSize: manifest = self._createManifest( Name("/icn2019/test/data").appendSequenceNumber(seqNo), digests, groupSize) # full group seqNo = seqNo + 1 self.allChunks.append(manifest) self.allManifests.append(manifest) chunkNo = 0 digests = allocateBufferForDigests() if chunkNo != 0: manifest = self._createManifest( Name("/icn2019/test/data").appendSequenceNumber(seqNo), digests, groupSize) # partial group self.allChunks.append(manifest) self.allManifests.append(manifest) self.nDataChunks = seqNo - len( self.allManifests ) # number of data packets, excluding the manifests def signManifestsABS(self): self.manifestCount = 0 self.signatureCounts = [] for manifest in self.allManifests: self.signer.sign(manifest, self.attributes) self.manifestCount = self.manifestCount + manifest.wireEncode( ).size() self.signatureCounts.append( manifest.getSignature().getSignature().size()) def verifyManifestsABS(self): for manifest in self.allManifests: if not self.signer.verify(manifest.wireEncode()): sys.stderr.write("Failed to verify %s\n" % manifest.getName()) def signManifestsRSA(self): self.manifestCount = 0 self.signatureCounts = [] for manifest in self.allManifests: self.keyChain.sign(manifest) self.manifestCount = self.manifestCount + manifest.wireEncode( ).size() self.signatureCounts.append( manifest.getSignature().getSignature().size()) def verifyManifestsRSA(self): def onSuccess(*k, **kw): pass def onFailure(data, *k, **kw): sys.stderr.write("Failed to verify %s\n" % manifest.getName()) for manifest in self.allManifests: self.validator.validate(manifest, onSuccess, onFailure)