def generateData(baseName): ''' This appends the segment number to the data name ''' # just make up some data and return it ts = (time.time()) segmentId = 0 # compatible with repo-ng test: may change to test segmented data versionComponent = baseName.get(-1) # should have a ts dataName = Name(baseName) dataName.appendSegment(segmentId) d = Data(dataName) content = "(" + str(ts) + ") Data named " + dataName.toUri() d.setContent(content) d.getMetaInfo().setFinalBlockID(segmentId) d.getMetaInfo().setFreshnessPeriod(-1) if shouldSign: keychain.sign(d, certName) else: d.setSignature(fakeSignature) if shouldCollectStats: info = getInfoForVersion(versionComponent.toEscapedString()) if info is not None: info['publish_time'] = ts return d
def main(): data = Data() data.wireDecode(TlvData) # Use a hard-wired secret for testing. In a real application the signer # ensures that the verifier knows the shared key and its keyName. key = Blob( bytearray([ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31 ])) if KeyChain.verifyDataWithHmacWithSha256(data, key): dump("Hard-coded data signature verification: VERIFIED") else: dump("Hard-coded data signature verification: FAILED") freshData = Data(Name("/ndn/abc")) signature = HmacWithSha256Signature() signature.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature.getKeyLocator().setKeyName(Name("key1")) freshData.setSignature(signature) freshData.setContent("SUCCESS!") dump("Signing fresh data packet", freshData.getName().toUri()) KeyChain.signWithHmacWithSha256(freshData, key) if KeyChain.verifyDataWithHmacWithSha256(freshData, key): dump("Freshly-signed data signature verification: VERIFIED") else: dump("Freshly-signed data signature verification: FAILED")
def main(): data = Data() data.wireDecode(TlvData) # Use a hard-wired secret for testing. In a real application the signer # ensures that the verifier knows the shared key and its keyName. key = Blob(bytearray([ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31 ])) if KeyChain.verifyDataWithHmacWithSha256(data, key): dump("Hard-coded data signature verification: VERIFIED") else: dump("Hard-coded data signature verification: FAILED") freshData = Data(Name("/ndn/abc")) signature = HmacWithSha256Signature() signature.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature.getKeyLocator().setKeyName(Name("key1")) freshData.setSignature(signature) freshData.setContent("SUCCESS!") dump("Signing fresh data packet", freshData.getName().toUri()) KeyChain.signWithHmacWithSha256(freshData, key) if KeyChain.verifyDataWithHmacWithSha256(freshData, key): dump("Freshly-signed data signature verification: VERIFIED") else: dump("Freshly-signed data signature verification: FAILED")
def generateData(self, baseName): ''' This appends the segment number to the data name, since repo-ng tends to expect it ''' # just make up some data and return it ts = (time.time()) segmentId = 0 # compatible with repo-ng test: may change to test segmented data versionStr = baseName.get(-1).toEscapedString() dataName = Name(baseName) dataName.appendSegment(segmentId) d = Data(dataName) content = "(" + str(ts) + ") Data named " + dataName.toUri() d.setContent(content) d.getMetaInfo().setFinalBlockID(segmentId) d.getMetaInfo().setFreshnessPeriod(-1) if shouldSign: self.keychain.sign(d, self.certificateName) else: d.setSignature(self.fakeSignature) stats.insertDataForVersion(versionStr, {'publish_time':time.time()}) logger.debug('Publishing: '+d.getName().toUri()) return d
def onInterest(self, prefix, interest, face, interestFilterId, filter): key = Blob( bytearray([ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31 ])) print "Got onboarding interest with name: %s" % ( interest.getName().toUri()) try: if KeyChain.verifyInterestWithHmacWithSha256(interest, key): dump("Onboarding interest signature verification: VERIFIED") else: dump("Onboarding interest signature verification: FAILED") except: print "Exception when attempting to verify onboarding interest signature." data = Data(interest.getName()) signature = HmacWithSha256Signature() signature.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature.getKeyLocator().setKeyName(Name("key1")) data.setSignature(signature) data.setContent("") dump("Signing onboarding response data packet", data.getName().toUri()) KeyChain.signWithHmacWithSha256(data, key) deviceID = str(interest.getName().getSubName(-3, 1).toUri()[1:]) deviceIP = str(interest.getName().getSubName(-4, 1).toUri()[1:]) print "Device ip: %s" % (deviceIP) print "Device ID: %s" % (deviceID) routeToRegister = str(Name(deviceID)) registerRouteWithNameAndIp(routeToRegister, deviceIP) thread = threading.Thread(target=run_data_fetcher, args=(deviceID)) thread.daemon = True # Daemonize thread thread.start() #commandRouteToRegister = "/device/command/" + deviceID #registerRouteWithNameAndIp(commandRouteToRegister, deviceIP) face.putData(data) with open('%s' % (deviceIDListName), 'a') as the_file: the_file.seek(0) read_file = open('%s' % (deviceIDListName), 'r') if deviceID not in read_file.read(): the_file.write('%s\n' % (deviceID))
def onInterest(self, prefix, interest, face, interestFilterId, filter): print "Got interest for device ID list." file = open("%s" % (deviceIDListName), "r") deviceIDList = file.read() data = Data(interest.getName()) signature = HmacWithSha256Signature() signature.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature.getKeyLocator().setKeyName(Name("key1")) data.setSignature(signature) data.setContent(deviceIDList) dump("Signing device ID List data packet", data.getName().toUri()) KeyChain.signWithHmacWithSha256(data, key) face.putData(data)
def onInterest(self, prefix, interest, face, interestFilterId, filter): print "Got interest for latest device seq num." deviceID = str(interest.getName().getSubName(-1, 1).toUri()[1:]) file = open("../repo-ng/seq/%s.seq" % (deviceID), "r") deviceIDList = file.read() data = Data(interest.getName()) signature = HmacWithSha256Signature() signature.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature.getKeyLocator().setKeyName(Name("key1")) data.setSignature(signature) data.setContent(deviceIDList) dump("Signing device ID List data packet", data.getName().toUri()) KeyChain.signWithHmacWithSha256(data, key) face.putData(data)
def test_matches_data(self): interest = Interest(Name("/A")) interest.setMinSuffixComponents(2) interest.setMaxSuffixComponents(2) interest.getKeyLocator().setType(KeyLocatorType.KEYNAME) interest.getKeyLocator().setKeyName(Name("/B")) interest.getExclude().appendComponent(Name.Component("J")) interest.getExclude().appendAny() data = Data(Name("/A/D")) signature = Sha256WithRsaSignature() signature.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature.getKeyLocator().setKeyName(Name("/B")) data.setSignature(signature) self.assertEqual(interest.matchesData(data), True) # Check violating MinSuffixComponents. data1 = Data(data) data1.setName(Name("/A")) self.assertEqual(interest.matchesData(data1), False) interest1 = Interest(interest) interest1.setMinSuffixComponents(1) self.assertEqual(interest1.matchesData(data1), True) # Check violating MaxSuffixComponents. data2 = Data(data) data2.setName(Name("/A/E/F")) self.assertEqual(interest.matchesData(data2), False) interest2 = Interest(interest) interest2.setMaxSuffixComponents(3) self.assertEqual(interest2.matchesData(data2), True) # Check violating PublisherPublicKeyLocator. data3 = Data(data) signature3 = Sha256WithRsaSignature() signature3.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature3.getKeyLocator().setKeyName(Name("/G")) data3.setSignature(signature3) self.assertEqual(interest.matchesData(data3), False) interest3 = Interest(interest) interest3.getKeyLocator().setType(KeyLocatorType.KEYNAME) interest3.getKeyLocator().setKeyName(Name("/G")) self.assertEqual(interest3.matchesData(data3), True) data4 = Data(data) data4.setSignature(DigestSha256Signature()) self.assertEqual(interest.matchesData(data4), False) interest4 = Interest(interest) interest4.setKeyLocator(KeyLocator()) self.assertEqual(interest4.matchesData(data4), True) # Check violating Exclude. data5 = Data(data) data5.setName(Name("/A/J")) self.assertEqual(interest.matchesData(data5), False) interest5 = Interest(interest) interest5.getExclude().clear() interest5.getExclude().appendComponent(Name.Component("K")) interest5.getExclude().appendAny() self.assertEqual(interest5.matchesData(data5), True) # Check violating Name. data6 = Data(data) data6.setName(Name("/H/I")) self.assertEqual(interest.matchesData(data6), False) data7 = Data(data) data7.setName(Name("/A/B")) interest7 = Interest( Name("/A/B/sha256digest=" + "54008e240a7eea2714a161dfddf0dd6ced223b3856e9da96792151e180f3b128")) self.assertEqual(interest7.matchesData(data7), True) # Check violating the implicit digest. interest7b = Interest( Name("/A/B/%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00" + "%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00")) self.assertEqual(interest7b.matchesData(data7), False) # Check excluding the implicit digest. interest8 = Interest(Name("/A/B")) interest8.getExclude().appendComponent(interest7.getName().get(2)) self.assertEqual(interest8.matchesData(data7), False)
def scanForNistSensors(): scanner = Scanner().withDelegate(ScanDelegate()) scanner.scan(.1) if foundNistSensor == 0: print "Didn't find any nist sensors..." return False p = Peripheral(esp32Address) p.setMTU(500) #svcList = p.getServices() #print "Handle UUID Properties" #print "-------------------------------------------------------" #for svc in svcList: # print (str(svc.uuid)) #chList = p.getCharacteristics() #print "Handle UUID Properties" #print "-------------------------------------------------------" #for ch in chList: # print (" 0x"+ format(ch.getHandle(),'02X') +" "+str(ch.uuid) +" " + ch.propertiesToString()) nist_service_uuid = UUID("0000ffe0-0000-1000-8000-00805f9b34fb") nist_characteristic_uuid = UUID("beb5483e-36e1-4688-b7f5-ea07361b26a8") nistService = p.getServiceByUUID(nist_service_uuid) #nistCharacteristic = p.getCharacteristics(nist_characteristic_uuid)[0] nistCharacteristic = nistService.getCharacteristics("beb5483e-36e1-4688-b7f5-ea07361b26a8")[0] #readBytes = bytes(p.readCharacteristic(0x2A)) #readBytes = bytes(nistCharacteristic.read()) #print binascii.hexlify(readBytes) #with open('/home/pi/Desktop/esp32-ndn-ble/src/readBytes.txt', 'a') as the_file: # the_file.seek(0) # the_file.truncate() # the_file.write(binascii.hexlify(readBytes)) #TlvData = Blob(readBytes) #data = Data() #data.wireDecode(TlvData) # Use a hard-wired secret for testing. In a real application the signer # ensures that the verifier knows the shared key and its keyName. key = Blob(bytearray([ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31 ])) #if KeyChain.verifyDataWithHmacWithSha256(data, key): # dump("Hard-coded data signature verification: VERIFIED") #else: # dump("Hard-coded data signature verification: FAILED") freshData = Data(Name("/netInfo")) signature = HmacWithSha256Signature() signature.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature.getKeyLocator().setKeyName(Name("key1")) freshData.setSignature(signature) freshData.setContent("EdwardPi\n11111111\n192.168.4.1\n") dump("Signing fresh data packet", freshData.getName().toUri()) KeyChain.signWithHmacWithSha256(freshData, key) if KeyChain.verifyDataWithHmacWithSha256(freshData, key): dump("Freshly-signed data signature verification: VERIFIED") else: dump("Freshly-signed data signature verification: FAILED") bytesSend = freshData.wireEncode() print binascii.hexlify(bytes(bytesSend)) try: nistCharacteristic.write(bytes(bytesSend), True) except: print "Exception when trying to write to BLE characteristic."
def readDataAndCreateManifests(self, filename, groupSize, keepData): if groupSize < 1: raise RuntimeError("Group size cannot be less than 1") self.allChunks = [ ] # for holding the generated data packets, including unsigned manifests self.allManifests = [ ] # for storing first unsigned manifest packets, which are then signed in-place self.rawDataCount = 0 self.ndnChunkCount = 0 seqNo = 0 # sequence number of data packets chunkNo = 0 # number of the chunk in the group with open(filename, 'rb') as f: # prepare space to store all manifests of the group (last manifest will not use all the space) def allocateBufferForDigests(): return bytearray(groupSize * SHA256_DIGEST_SIZE) digests = allocateBufferForDigests() while f.readable(): chunkPayload = f.read(self._maxSegmentPayloadLength) if len(chunkPayload) == 0: break self.rawDataCount = self.rawDataCount + len(chunkPayload) chunk = Data( Name("/icn2019/test/data").appendSequenceNumber(seqNo)) seqNo = seqNo + 1 chunk.setContent(chunkPayload) digestSignature = DigestSha256Signature() digestSignature.setSignature( Blob(bytearray(SHA256_DIGEST_SIZE)) ) # not real a valid signature, but ok for the experiment chunk.setSignature(digestSignature) if keepData: self.allChunks.append(chunk) # only data chunks; manifest sizes counted separatedly, as they are signed self.ndnChunkCount = self.ndnChunkCount + chunk.wireEncode( ).size() # For storing data packet to a file # with open(writepath + "-1.txt", "wb") as dataf # dataf.write(dpacket_bytes) implicitDigest = chunk.getFullName()[-1].getValue() offset = chunkNo * SHA256_DIGEST_SIZE digests[offset:offset + SHA256_DIGEST_SIZE] = implicitDigest.toBytes()[:] chunkNo = chunkNo + 1 if chunkNo == groupSize: manifest = self._createManifest( Name("/icn2019/test/data").appendSequenceNumber(seqNo), digests, groupSize) # full group seqNo = seqNo + 1 self.allChunks.append(manifest) self.allManifests.append(manifest) chunkNo = 0 digests = allocateBufferForDigests() if chunkNo != 0: manifest = self._createManifest( Name("/icn2019/test/data").appendSequenceNumber(seqNo), digests, groupSize) # partial group self.allChunks.append(manifest) self.allManifests.append(manifest) self.nDataChunks = seqNo - len( self.allManifests ) # number of data packets, excluding the manifests
def setObject(self, namespace, obj, useSignatureManifest=False): """ Segment the object and create child segment packets of the given Namespace. :param Namespace namespace: The Namespace to append segment packets to. This ignores the Namespace from setNamespace(). :param Blob obj: The object to segment. :param bool useSignatureManifest: (optional) If True, only use a DigestSha256Signature on the segment packets and create a signed _manifest packet as a child of the given Namespace. If omitted or False, sign each segment packet individually. """ keyChain = namespace._getKeyChain() if keyChain == None: raise RuntimeError( "SegmentStreamHandler.setObject: There is no KeyChain") # Get the final block ID. finalSegment = 0 # Instead of a brute calculation, imitate the loop we will use below. segment = 0 offset = 0 while offset < obj.size(): finalSegment = segment segment += 1 offset += self._maxSegmentPayloadLength finalBlockId = Name().appendSegment(finalSegment)[0] SHA256_DIGEST_SIZE = 32 if useSignatureManifest: # Get ready to save the segment implicit digests. manifestContent = bytearray( (finalSegment + 1) * SHA256_DIGEST_SIZE) # Use a DigestSha256Signature with all zeros. digestSignature = DigestSha256Signature() digestSignature.setSignature(Blob(bytearray(SHA256_DIGEST_SIZE))) segment = 0 offset = 0 while offset < obj.size(): payloadLength = self._maxSegmentPayloadLength if offset + payloadLength > obj.size(): payloadLength = obj.size() - offset # Make the Data packet. segmentNamespace = namespace[Name.Component.fromSegment(segment)] data = Data(segmentNamespace.getName()) metaInfo = namespace._getNewDataMetaInfo() if metaInfo != None: # Start with a copy of the provided MetaInfo. data.setMetaInfo(metaInfo) data.getMetaInfo().setFinalBlockId(finalBlockId) data.setContent(obj.toBytes()[offset:offset + payloadLength]) if useSignatureManifest: data.setSignature(digestSignature) # Append the implicit digest to the manifestContent. implicitDigest = data.getFullName()[-1].getValue() digestOffset = segment * SHA256_DIGEST_SIZE manifestContent[digestOffset:digestOffset + SHA256_DIGEST_SIZE] = \ implicitDigest.toBytes()[:] else: keyChain.sign(data) segmentNamespace.setData(data) segment += 1 offset += self._maxSegmentPayloadLength if useSignatureManifest: # Create the _manifest data packet. namespace[self.NAME_COMPONENT_MANIFEST].serializeObject( Blob(manifestContent)) # TODO: Do this in a canSerialize callback from Namespace.serializeObject? namespace._setObject(obj)
def test_matches_data(self): interest = Interest(Name("/A")) interest.setMinSuffixComponents(2) interest.setMaxSuffixComponents(2) interest.getKeyLocator().setType(KeyLocatorType.KEYNAME) interest.getKeyLocator().setKeyName(Name("/B")) interest.getExclude().appendComponent(Name.Component("J")) interest.getExclude().appendAny() data = Data(Name("/A/D")) signature = Sha256WithRsaSignature() signature.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature.getKeyLocator().setKeyName(Name("/B")) data.setSignature(signature) self.assertEqual(interest.matchesData(data), True) # Check violating MinSuffixComponents. data1 = Data(data) data1.setName(Name("/A")) self.assertEqual(interest.matchesData(data1), False) interest1 = Interest(interest) interest1.setMinSuffixComponents(1) self.assertEqual(interest1.matchesData(data1), True) # Check violating MaxSuffixComponents. data2 = Data(data) data2.setName(Name("/A/E/F")) self.assertEqual(interest.matchesData(data2), False) interest2 = Interest(interest) interest2.setMaxSuffixComponents(3) self.assertEqual(interest2.matchesData(data2), True) # Check violating PublisherPublicKeyLocator. data3 = Data(data) signature3 = Sha256WithRsaSignature() signature3.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature3.getKeyLocator().setKeyName(Name("/G")) data3.setSignature(signature3) self.assertEqual(interest.matchesData(data3), False) interest3 = Interest(interest) interest3.getKeyLocator().setType(KeyLocatorType.KEYNAME) interest3.getKeyLocator().setKeyName(Name("/G")) self.assertEqual(interest3.matchesData(data3), True) data4 = Data(data) data4.setSignature(DigestSha256Signature()) self.assertEqual(interest.matchesData(data4), False) interest4 = Interest(interest) interest4.setKeyLocator(KeyLocator()) self.assertEqual(interest4.matchesData(data4), True) # Check violating Exclude. data5 = Data(data) data5.setName(Name("/A/J")) self.assertEqual(interest.matchesData(data5), False) interest5 = Interest(interest) interest5.getExclude().clear() interest5.getExclude().appendComponent(Name.Component("K")) interest5.getExclude().appendAny() self.assertEqual(interest5.matchesData(data5), True) # Check violating Name. data6 = Data(data) data6.setName(Name("/H/I")) self.assertEqual(interest.matchesData(data6), False) data7 = Data(data) data7.setName(Name("/A/B")) interest7 = Interest( Name("/A/B/sha256digest=" + "54008e240a7eea2714a161dfddf0dd6ced223b3856e9da96792151e180f3b128")) self.assertEqual(interest7.matchesData(data7), True) # Check violating the implicit digest. interest7b = Interest( Name("/A/B/%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00" + "%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00")) self.assertEqual(interest7b.matchesData(data7), False) # Check excluding the implicit digest. interest8 = Interest(Name("/A/B")) interest8.getExclude().appendComponent(interest7.getName().get(2)) self.assertEqual(interest8.matchesData(data7), False)
def test_matches_data(self): interest = Interest(Name("/A")) interest.setCanBePrefix(False) # Check violating CanBePrefix. data = Data(Name("/A/D")) self.assertEqual(interest.matchesData(data), False) # Check violating PublisherPublicKeyLocator. data3 = Data(data) signature3 = Sha256WithRsaSignature() signature3.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature3.getKeyLocator().setKeyName(Name("/G")) data3.setSignature(signature3) self.assertEqual(interest.matchesData(data3), False) # Do not test keylocator in interest packet #interest3 = Interest(interest) #interest3.getKeyLocator().setType(KeyLocatorType.KEYNAME) #interest3.getKeyLocator().setKeyName(Name("/G")) #self.assertEqual(interest3.matchesData(data3), True) data4 = Data(data) data4.setSignature(DigestSha256Signature()) self.assertEqual(interest.matchesData(data4), False) # Do not test keylocator in interest packet #interest4 = Interest(interest) #interest4.setKeyLocator(KeyLocator()) #self.assertEqual(interest4.matchesData(data4), True) # Check violating Exclude. data5 = Data(data) data5.setName(Name("/A/J")) self.assertEqual(interest.matchesData(data5), False) # Check violating Name. data6 = Data(data) data6.setName(Name("/H/I")) self.assertEqual(interest.matchesData(data6), False) data7 = Data(data) data7.setName(Name("/A/B")) interest7 = Interest( Name( "/A/B/sha256digest=" + "54008e240a7eea2714a161dfddf0dd6ced223b3856e9da96792151e180f3b128" )) self.assertEqual(interest7.matchesData(data7), True) # Check violating the implicit digest. interest7b = Interest( Name("/A/B/%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00" + "%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00")) self.assertEqual(interest7b.matchesData(data7), False) # Check excluding the implicit digest. interest8 = Interest(Name("/A/B")) interest8.getExclude().appendComponent(interest7.getName().get(2)) self.assertEqual(interest8.matchesData(data7), False)