def test_hyper_relation(self): # Set up the validator. fetcher = CertificateFetcherOffline() validator = ValidatorConfig(fetcher) validator.load( os.path.join(self._policyConfigDirectory, "hyperrelation_ruleset.conf")) # Set up a Data packet and result object. data = Data() KeyLocator.getFromSignature(data.getSignature()).setType( KeyLocatorType.KEYNAME) result = TestValidationResult(data) data.setName(Name("/SecurityTestSecRule/Basic/Longer/Data2")) KeyLocator.getFromSignature(data.getSignature()).setKeyName( Name("/SecurityTestSecRule/Basic/Longer/KEY/123")) result.checkPolicy(validator) self.assertTrue(result._calledFailure and not result.calledContinue_) KeyLocator.getFromSignature(data.getSignature()).setKeyName( Name("/SecurityTestSecRule/Basic/KEY/123")) result.checkPolicy(validator) self.assertTrue(result._calledFailure and not result.calledContinue_) data.setName(Name("/SecurityTestSecRule/Basic/Other/Data1")) KeyLocator.getFromSignature(data.getSignature()).setKeyName( Name("/SecurityTestSecRule/Basic/Longer/KEY/123")) result.checkPolicy(validator) self.assertTrue(result._calledFailure and not result.calledContinue_) KeyLocator.getFromSignature(data.getSignature()).setKeyName( Name("/SecurityTestSecRule/Basic/KEY/123")) result.checkPolicy(validator) self.assertTrue(result._calledFailure and not result.calledContinue_)
def test_hyper_relation(self): # Set up the validator. fetcher = CertificateFetcherOffline() validator = ValidatorConfig(fetcher) validator.load( os.path.join(self._policyConfigDirectory, "hyperrelation_ruleset.conf")) # Set up a Data packet and result object. data = Data() KeyLocator.getFromSignature(data.getSignature()).setType(KeyLocatorType.KEYNAME) result = TestValidationResult(data) data.setName(Name("/SecurityTestSecRule/Basic/Longer/Data2")) KeyLocator.getFromSignature(data.getSignature()).setKeyName( Name("/SecurityTestSecRule/Basic/Longer/KEY/123")) result.checkPolicy(validator) self.assertTrue(result._calledFailure and not result.calledContinue_) KeyLocator.getFromSignature(data.getSignature()).setKeyName( Name("/SecurityTestSecRule/Basic/KEY/123")) result.checkPolicy(validator) self.assertTrue(result._calledFailure and not result.calledContinue_) data.setName(Name("/SecurityTestSecRule/Basic/Other/Data1")) KeyLocator.getFromSignature(data.getSignature()).setKeyName( Name("/SecurityTestSecRule/Basic/Longer/KEY/123")) result.checkPolicy(validator) self.assertTrue(result._calledFailure and not result.calledContinue_) KeyLocator.getFromSignature(data.getSignature()).setKeyName( Name("/SecurityTestSecRule/Basic/KEY/123")) result.checkPolicy(validator) self.assertTrue(result._calledFailure and not result.calledContinue_)
def test_hyperrelation(self): policyManager = ConfigPolicyManager("policy_config/hyperrelation_ruleset.conf") dataName = Name('/SecurityTestSecRule/Basic/Longer/Data2') data1 = Data(dataName) data2 = Data(dataName) matchedRule = policyManager._findMatchingRule(dataName, 'data') self.keyChain.sign(data1, self.defaultCertName) self.keyChain.sign(data2, self.shortCertName) signatureName1 = data1.getSignature().getKeyLocator().getKeyName() signatureName2 = data2.getSignature().getKeyLocator().getKeyName() self.assertTrue(policyManager._checkSignatureMatch(signatureName1, dataName, matchedRule)) self.assertFalse(policyManager._checkSignatureMatch(signatureName2, dataName, matchedRule)) dataName = Name('/SecurityTestSecRule/Basic/Other/Data1') data1 = Data(dataName) data2 = Data(dataName) matchedRule = policyManager._findMatchingRule(dataName, 'data') self.keyChain.sign(data1, self.defaultCertName) self.keyChain.sign(data2, self.shortCertName) signatureName1 = data1.getSignature().getKeyLocator().getKeyName() signatureName2 = data2.getSignature().getKeyLocator().getKeyName() self.assertFalse(policyManager._checkSignatureMatch(signatureName1, dataName, matchedRule)) self.assertTrue(policyManager._checkSignatureMatch(signatureName2, dataName, matchedRule))
def test_hyperrelation(self): policyManager = ConfigPolicyManager("policy_config/hyperrelation_ruleset.conf") dataName = Name('/SecurityTestSecRule/Basic/Longer/Data2') data1 = Data(dataName) data2 = Data(dataName) matchedRule = policyManager._findMatchingRule(dataName, 'data') self.keyChain.sign(data1, self.defaultCertName) self.keyChain.sign(data2, self.shortCertName) signatureName1 = data1.getSignature().getKeyLocator().getKeyName() signatureName2 = data2.getSignature().getKeyLocator().getKeyName() self.assertTrue(policyManager._checkSignatureMatch(signatureName1, dataName, matchedRule)) self.assertFalse(policyManager._checkSignatureMatch(signatureName2, dataName, matchedRule)) dataName = Name('/SecurityTestSecRule/Basic/Other/Data1') data1 = Data(dataName) data2 = Data(dataName) matchedRule = policyManager._findMatchingRule(dataName, 'data') self.keyChain.sign(data1, self.defaultCertName) self.keyChain.sign(data2, self.shortCertName) signatureName1 = data1.getSignature().getKeyLocator().getKeyName() signatureName2 = data2.getSignature().getKeyLocator().getKeyName() self.assertFalse(policyManager._checkSignatureMatch(signatureName1, dataName, matchedRule)) self.assertTrue(policyManager._checkSignatureMatch(signatureName2, dataName, matchedRule))
def test_name_relation(self): # Set up the validators. fetcher = CertificateFetcherOffline() validatorPrefix = ValidatorConfig(fetcher) validatorEqual = ValidatorConfig(fetcher) validatorStrict = ValidatorConfig(fetcher) validatorPrefix.load( os.path.join(self._policyConfigDirectory, "relation_ruleset_prefix.conf")) validatorEqual.load( os.path.join(self._policyConfigDirectory, "relation_ruleset_equal.conf")) validatorStrict.load( os.path.join(self._policyConfigDirectory, "relation_ruleset_strict.conf")) # Set up a Data packet and result object. data = Data() KeyLocator.getFromSignature(data.getSignature()).setType( KeyLocatorType.KEYNAME) KeyLocator.getFromSignature(data.getSignature()).setKeyName( Name("/SecurityTestSecRule/KEY/123")) result = TestValidationResult(data) data.setName(Name("/TestRule1")) result.checkPolicy(validatorPrefix) self.assertTrue(result.calledContinue_ and not result._calledFailure, "Prefix relation should match prefix name") result.checkPolicy(validatorEqual) self.assertTrue(result.calledContinue_ and not result._calledFailure, "Equal relation should match prefix name") result.checkPolicy(validatorStrict) self.assertTrue(result._calledFailure and not result.calledContinue_, "Strict-prefix relation should not match prefix name") data.setName(Name("/TestRule1/hi")) result.checkPolicy(validatorPrefix) self.assertTrue(result.calledContinue_ and not result._calledFailure, "Prefix relation should match longer name") result.checkPolicy(validatorEqual) self.assertTrue(result._calledFailure and not result.calledContinue_, "Equal relation should not match longer name") result.checkPolicy(validatorStrict) self.assertTrue(result.calledContinue_ and not result._calledFailure, "Strict-prefix relation should match longer name") data.setName(Name("/Bad/TestRule1/")) result.checkPolicy(validatorPrefix) self.assertTrue(result._calledFailure and not result.calledContinue_, "Prefix relation should not match inner components") result.checkPolicy(validatorEqual) self.assertTrue(result._calledFailure and not result.calledContinue_, "Equal relation should not match inner components") result.checkPolicy(validatorStrict) self.assertTrue( result._calledFailure and not result.calledContinue_, "Strict-prefix relation should not match inner components")
def test_name_relation(self): # Set up the validators. fetcher = CertificateFetcherOffline() validatorPrefix = ValidatorConfig(fetcher) validatorEqual = ValidatorConfig(fetcher) validatorStrict = ValidatorConfig(fetcher) validatorPrefix.load( os.path.join(self._policyConfigDirectory, "relation_ruleset_prefix.conf")) validatorEqual.load( os.path.join(self._policyConfigDirectory, "relation_ruleset_equal.conf")) validatorStrict.load( os.path.join(self._policyConfigDirectory, "relation_ruleset_strict.conf")) # Set up a Data packet and result object. data = Data() KeyLocator.getFromSignature(data.getSignature()).setType( KeyLocatorType.KEYNAME) KeyLocator.getFromSignature(data.getSignature()).setKeyName( Name("/SecurityTestSecRule/KEY/123")) result = TestValidationResult(data) data.setName(Name("/TestRule1")) result.checkPolicy(validatorPrefix) self.assertTrue(result.calledContinue_ and not result._calledFailure, "Prefix relation should match prefix name") result.checkPolicy(validatorEqual) self.assertTrue(result.calledContinue_ and not result._calledFailure, "Equal relation should match prefix name") result.checkPolicy(validatorStrict) self.assertTrue(result._calledFailure and not result.calledContinue_, "Strict-prefix relation should not match prefix name") data.setName(Name("/TestRule1/hi")) result.checkPolicy(validatorPrefix) self.assertTrue(result.calledContinue_ and not result._calledFailure, "Prefix relation should match longer name") result.checkPolicy(validatorEqual) self.assertTrue(result._calledFailure and not result.calledContinue_, "Equal relation should not match longer name") result.checkPolicy(validatorStrict) self.assertTrue(result.calledContinue_ and not result._calledFailure, "Strict-prefix relation should match longer name") data.setName(Name("/Bad/TestRule1/")) result.checkPolicy(validatorPrefix) self.assertTrue(result._calledFailure and not result.calledContinue_, "Prefix relation should not match inner components") result.checkPolicy(validatorEqual) self.assertTrue(result._calledFailure and not result.calledContinue_, "Equal relation should not match inner components") result.checkPolicy(validatorStrict) self.assertTrue(result._calledFailure and not result.calledContinue_, "Strict-prefix relation should not match inner components")
def test_empty_signature(self): # make sure nothing is set in the signature of newly created data data = Data() signature = data.getSignature() self.assertIsNone( signature.getKeyLocator().getType(), 'Key locator type on unsigned data should not be set') self.assertTrue(signature.getSignature().isNull(), 'Non-empty signature on unsigned data')
def test_checker_hierarchical(self): policyManager = ConfigPolicyManager( "policy_config/hierarchical_ruleset.conf") dataName1 = Name('/SecurityTestSecRule/Basic/Data1') dataName2 = Name('/SecurityTestSecRule/Basic/Longer/Data2') data1 = Data(dataName1) data2 = Data(dataName2) matchedRule = policyManager._findMatchingRule(dataName1, 'data') self.assertEqual(matchedRule, policyManager._findMatchingRule(dataName2, 'data')) self.keyChain.sign(data1, self.defaultCertName) self.keyChain.sign(data2, self.defaultCertName) signatureName1 = data1.getSignature().getKeyLocator().getKeyName() signatureName2 = data2.getSignature().getKeyLocator().getKeyName() failureReason = ["unknown"] self.assertFalse( policyManager._checkSignatureMatch(signatureName1, dataName1, matchedRule, failureReason), "Hierarchical matcher matched short data name to long key name") self.assertTrue( policyManager._checkSignatureMatch(signatureName2, dataName2, matchedRule, failureReason)) self.keyChain.sign(data1, self.shortCertName) self.keyChain.sign(data2, self.shortCertName) signatureName1 = data1.getSignature().getKeyLocator().getKeyName() signatureName2 = data2.getSignature().getKeyLocator().getKeyName() self.assertTrue( policyManager._checkSignatureMatch(signatureName1, dataName1, matchedRule, failureReason)) self.assertTrue( policyManager._checkSignatureMatch(signatureName2, dataName2, matchedRule, failureReason))
def test_generic_signature(self): # Test correct encoding. signature = GenericSignature() signature.setSignatureInfoEncoding( Blob(experimentalSignatureInfo, False), None) signatureValue = Blob([1, 2, 3, 4], False) signature.setSignature(signatureValue) self.freshData.setSignature(signature) encoding = self.freshData.wireEncode() decodedData = Data() decodedData.wireDecode(encoding) decodedSignature = decodedData.getSignature() self.assertEqual(decodedSignature.getTypeCode(), experimentalSignatureType) self.assertTrue( Blob(experimentalSignatureInfo, False).equals(decodedSignature.getSignatureInfoEncoding())) self.assertTrue(signatureValue.equals(decodedSignature.getSignature())) # Test bad encoding. signature = GenericSignature() signature.setSignatureInfoEncoding( Blob(experimentalSignatureInfoNoSignatureType, False), None) signature.setSignature(signatureValue) self.freshData.setSignature(signature) gotError = True try: self.freshData.wireEncode() gotError = False except: pass if not gotError: self.fail( "Expected encoding error for experimentalSignatureInfoNoSignatureType" ) signature = GenericSignature() signature.setSignatureInfoEncoding( Blob(experimentalSignatureInfoBadTlv, False), None) signature.setSignature(signatureValue) self.freshData.setSignature(signature) gotError = True try: self.freshData.wireEncode() gotError = False except: pass if not gotError: self.fail( "Expected encoding error for experimentalSignatureInfoBadTlv")
def test_checker_hierarchical(self): policyManager = ConfigPolicyManager("policy_config/hierarchical_ruleset.conf") dataName1 = Name('/SecurityTestSecRule/Basic/Data1') dataName2 = Name('/SecurityTestSecRule/Basic/Longer/Data2') data1 = Data(dataName1) data2 = Data(dataName2) matchedRule = policyManager._findMatchingRule(dataName1, 'data') self.assertEqual(matchedRule, policyManager._findMatchingRule(dataName2, 'data')) self.keyChain.sign(data1, self.defaultCertName) self.keyChain.sign(data2, self.defaultCertName) signatureName1 = data1.getSignature().getKeyLocator().getKeyName() signatureName2 = data2.getSignature().getKeyLocator().getKeyName() failureReason = ["unknown"] self.assertFalse(policyManager._checkSignatureMatch(signatureName1, dataName1, matchedRule, failureReason), "Hierarchical matcher matched short data name to long key name") self.assertTrue(policyManager._checkSignatureMatch(signatureName2, dataName2, matchedRule, failureReason)) self.keyChain.sign(data1, self.shortCertName) self.keyChain.sign(data2, self.shortCertName) signatureName1 = data1.getSignature().getKeyLocator().getKeyName() signatureName2 = data2.getSignature().getKeyLocator().getKeyName() self.assertTrue(policyManager._checkSignatureMatch(signatureName1, dataName1, matchedRule, failureReason)) self.assertTrue(policyManager._checkSignatureMatch(signatureName2, dataName2, matchedRule, failureReason))
def test_generic_signature(self): # Test correct encoding. signature = GenericSignature() signature.setSignatureInfoEncoding( Blob(experimentalSignatureInfo, False), None) signatureValue = Blob([1, 2, 3, 4], False) signature.setSignature(signatureValue) self.freshData.setSignature(signature) encoding = self.freshData.wireEncode() decodedData = Data() decodedData.wireDecode(encoding) decodedSignature = decodedData.getSignature() self.assertEqual(decodedSignature.getTypeCode(), experimentalSignatureType) self.assertTrue(Blob(experimentalSignatureInfo, False).equals (decodedSignature.getSignatureInfoEncoding())) self.assertTrue(signatureValue.equals(decodedSignature.getSignature())) # Test bad encoding. signature = GenericSignature() signature.setSignatureInfoEncoding( Blob(experimentalSignatureInfoNoSignatureType, False), None) signature.setSignature(signatureValue) self.freshData.setSignature(signature) gotError = True try: self.freshData.wireEncode() gotError = False except: pass if not gotError: self.fail("Expected encoding error for experimentalSignatureInfoNoSignatureType") signature = GenericSignature() signature.setSignatureInfoEncoding( Blob(experimentalSignatureInfoBadTlv, False), None) signature.setSignature(signatureValue) self.freshData.setSignature(signature) gotError = True try: self.freshData.wireEncode() gotError = False except: pass if not gotError: self.fail("Expected encoding error for experimentalSignatureInfoBadTlv")
def test_empty_signature(self): # make sure nothing is set in the signature of newly created data data = Data() signature = data.getSignature() self.assertIsNone(signature.getKeyLocator().getType(), 'Key locator type on unsigned data should not be set') self.assertTrue(signature.getSignature().isNull(), 'Non-empty signature on unsigned data')
def benchmarkEncodeDataSeconds(nIterations, useComplex, useCrypto): """ Loop to encode a data packet nIterations times. :param int nIterations: The number of iterations. :param bool useComplex: If true, use a large name, large content and all fields. If false, use a small name, small content and only required fields. :param bool useCrypto: If true, sign the data packet. If false, use a blank signature. :return: A tuple (duration, encoding) where duration is the number of seconds for all iterations and encoding is the wire encoding. :rtype: (float, Blob) """ if useComplex: # Use a large name and content. name = Name( "/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00") contentString = "" count = 1 contentString += "%d" % count count += 1 while len(contentString) < 1115: contentString += " %d" % count count += 1 content = Name.fromEscapedString(contentString) else: # Use a small name and content. name = Name("/test") content = Name.fromEscapedString("abc") finalBlockId = Name("/%00")[0] # Initialize the private key storage in case useCrypto is true. identityStorage = MemoryIdentityStorage() privateKeyStorage = MemoryPrivateKeyStorage() keyChain = KeyChain(IdentityManager(identityStorage, privateKeyStorage), SelfVerifyPolicyManager(identityStorage)) keyName = Name("/testname/DSK-123") certificateName = keyName.getSubName(0, keyName.size() - 1).append( "KEY").append(keyName[-1]).append("ID-CERT").append("0") identityStorage.addKey(keyName, KeyType.RSA, Blob(DEFAULT_RSA_PUBLIC_KEY_DER)) privateKeyStorage.setKeyPairForKeyName( keyName, KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER) # Set up signatureBits in case useCrypto is false. signatureBits = Blob(bytearray(256)) emptyBlob = Blob([]) start = getNowSeconds() for i in range(nIterations): data = Data(name) data.setContent(content) if useComplex: data.getMetaInfo().setFreshnessPeriod(1000) data.getMetaInfo().setFinalBlockId(finalBlockId) if useCrypto: # This sets the signature fields. keyChain.sign(data, certificateName) else: # Imitate IdentityManager.signByCertificate to set up the signature # fields, but don't sign. sha256Signature = data.getSignature() keyLocator = sha256Signature.getKeyLocator() keyLocator.setType(KeyLocatorType.KEYNAME) keyLocator.setKeyName(certificateName) sha256Signature.setSignature(signatureBits) encoding = data.wireEncode() finish = getNowSeconds() return (finish - start, encoding)
def benchmarkEncodeDataSeconds(nIterations, useComplex, useCrypto, keyType): """ Loop to encode a data packet nIterations times. :param int nIterations: The number of iterations. :param bool useComplex: If true, use a large name, large content and all fields. If false, use a small name, small content and only required fields. :param bool useCrypto: If true, sign the data packet. If false, use a blank signature. :param KeyType keyType: KeyType.RSA or EC, used if useCrypto is True. :return: A tuple (duration, encoding) where duration is the number of seconds for all iterations and encoding is the wire encoding. :rtype: (float, Blob) """ if useComplex: # Use a large name and content. name = Name( "/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00" ) contentString = "" count = 1 contentString += "%d" % count count += 1 while len(contentString) < 1115: contentString += " %d" % count count += 1 content = Name.fromEscapedString(contentString) else: # Use a small name and content. name = Name("/test") content = Name.fromEscapedString("abc") finalBlockId = Name("/%00")[0] # Initialize the KeyChain in case useCrypto is true. keyChain = KeyChain("pib-memory:", "tpm-memory:") keyChain.importSafeBag( SafeBag( Name("/testname/KEY/123"), Blob( DEFAULT_EC_PRIVATE_KEY_DER if keyType == KeyType.EC else DEFAULT_RSA_PRIVATE_KEY_DER, False), Blob( DEFAULT_EC_PUBLIC_KEY_DER if keyType == KeyType.EC else DEFAULT_RSA_PUBLIC_KEY_DER, False))) certificateName = keyChain.getDefaultCertificateName() # Set up signatureBits in case useCrypto is false. signatureBits = Blob(bytearray(256)) start = getNowSeconds() for i in range(nIterations): data = Data(name) data.setContent(content) if useComplex: data.getMetaInfo().setFreshnessPeriod(1000) data.getMetaInfo().setFinalBlockId(finalBlockId) if useCrypto: # This sets the signature fields. keyChain.sign(data) else: # Imitate IdentityManager.signByCertificate to set up the signature # fields, but don't sign. sha256Signature = data.getSignature() keyLocator = sha256Signature.getKeyLocator() keyLocator.setType(KeyLocatorType.KEYNAME) keyLocator.setKeyName(certificateName) sha256Signature.setSignature(signatureBits) encoding = data.wireEncode() finish = getNowSeconds() return (finish - start, encoding)
def benchmarkEncodeDataSeconds(nIterations, useComplex, useCrypto): """ Loop to encode a data packet nIterations times. :param int nIterations: The number of iterations. :param bool useComplex: If true, use a large name, large content and all fields. If false, use a small name, small content and only required fields. :param bool useCrypto: If true, sign the data packet. If false, use a blank signature. :return: A tuple (duration, encoding) where duration is the number of seconds for all iterations and encoding is the wire encoding. :rtype: (float, Blob) """ if useComplex: # Use a large name and content. name = Name( "/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00" ) contentString = "" count = 1 contentString += "%d" % count count += 1 while len(contentString) < 1115: contentString += " %d" % count count += 1 content = Name.fromEscapedString(contentString) else: # Use a small name and content. name = Name("/test") content = Name.fromEscapedString("abc") finalBlockId = Name("/%00")[0] # Initialize the private key storage in case useCrypto is true. identityStorage = MemoryIdentityStorage() privateKeyStorage = MemoryPrivateKeyStorage() keyChain = KeyChain(IdentityManager(identityStorage, privateKeyStorage), SelfVerifyPolicyManager(identityStorage)) keyName = Name("/testname/DSK-123") certificateName = keyName.getSubName( 0, keyName.size() - 1).append("KEY").append( keyName[-1]).append("ID-CERT").append("0") identityStorage.addKey(keyName, KeyType.RSA, Blob(DEFAULT_RSA_PUBLIC_KEY_DER)) privateKeyStorage.setKeyPairForKeyName(keyName, KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER) # Set up signatureBits in case useCrypto is false. signatureBits = Blob(bytearray(256)) emptyBlob = Blob([]) start = getNowSeconds() for i in range(nIterations): data = Data(name) data.setContent(content) if useComplex: data.getMetaInfo().setFreshnessPeriod(1000) data.getMetaInfo().setFinalBlockId(finalBlockId) if useCrypto: # This sets the signature fields. keyChain.sign(data, certificateName) else: # Imitate IdentityManager.signByCertificate to set up the signature # fields, but don't sign. sha256Signature = data.getSignature() keyLocator = sha256Signature.getKeyLocator() keyLocator.setType(KeyLocatorType.KEYNAME) keyLocator.setKeyName(certificateName) sha256Signature.setSignature(signatureBits) encoding = data.wireEncode() finish = getNowSeconds() return (finish - start, encoding)
def benchmarkEncodeDataSeconds(nIterations, useComplex, useCrypto, keyType): """ Loop to encode a data packet nIterations times. :param int nIterations: The number of iterations. :param bool useComplex: If true, use a large name, large content and all fields. If false, use a small name, small content and only required fields. :param bool useCrypto: If true, sign the data packet. If false, use a blank signature. :param KeyType keyType: KeyType.RSA or EC, used if useCrypto is True. :return: A tuple (duration, encoding) where duration is the number of seconds for all iterations and encoding is the wire encoding. :rtype: (float, Blob) """ if useComplex: # Use a large name and content. name = Name( "/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00") contentString = "" count = 1 contentString += "%d" % count count += 1 while len(contentString) < 1115: contentString += " %d" % count count += 1 content = Name.fromEscapedString(contentString) else: # Use a small name and content. name = Name("/test") content = Name.fromEscapedString("abc") finalBlockId = Name("/%00")[0] # Initialize the KeyChain in case useCrypto is true. keyChain = KeyChain("pib-memory:", "tpm-memory:") keyChain.importSafeBag(SafeBag (Name("/testname/KEY/123"), Blob(DEFAULT_EC_PRIVATE_KEY_DER if keyType == KeyType.EC else DEFAULT_RSA_PRIVATE_KEY_DER, False), Blob(DEFAULT_EC_PUBLIC_KEY_DER if keyType == KeyType.EC else DEFAULT_RSA_PUBLIC_KEY_DER, False))) certificateName = keyChain.getDefaultCertificateName() # Set up signatureBits in case useCrypto is false. signatureBits = Blob(bytearray(256)) start = getNowSeconds() for i in range(nIterations): data = Data(name) data.setContent(content) if useComplex: data.getMetaInfo().setFreshnessPeriod(1000) data.getMetaInfo().setFinalBlockId(finalBlockId) if useCrypto: # This sets the signature fields. keyChain.sign(data) else: # Imitate IdentityManager.signByCertificate to set up the signature # fields, but don't sign. sha256Signature = data.getSignature() keyLocator = sha256Signature.getKeyLocator() keyLocator.setType(KeyLocatorType.KEYNAME) keyLocator.setKeyName(certificateName) sha256Signature.setSignature(signatureBits) encoding = data.wireEncode() finish = getNowSeconds() return (finish - start, encoding)