def produce(self, data, timeSlot, content, onError=defaultOnError):
"""
Encrypt the given content with the content key that covers timeSlot, and
update the data packet with the encrypted content and an appropriate
data name.
:param Data data: An empty Data object which is updated.
:param float timeSlot: The time slot as milliseconds since Jan 1, 1970 UTC.
:param Blob content: The content to encrypt.
:param onError: (optional) This calls onError(errorCode, message) for an
error, where errorCode is from EncryptError.ErrorCode and message is a
str. If omitted, use a default callback which does nothing.
NOTE: The library will log any exceptions raised by this callback, but
for better error handling the callback should catch and properly
handle any exceptions.
:type onError: function object
"""
# Get a content key.
contentKeyName = self.createContentKey(timeSlot, None, onError)
contentKey = self._database.getContentKey(timeSlot)
# Produce data.
dataName = Name(self._namespace)
dataName.append(Schedule.toIsoString(timeSlot))
data.setName(dataName)
params = EncryptParams(EncryptAlgorithmType.AesCbc, 16)
Encryptor.encryptData(data, content, contentKeyName, contentKey,
params)
self._keyChain.sign(data)
def _createDKeyData(self, startTimeStamp, endTimeStamp, keyName,
privateKeyBlob, certificateKey):
"""
Create a D-KEY Data packet with an EncryptedContent for the given
private key, encrypted with the certificate key.
:param str startTimeStamp: The start time stamp string to put in the name.
:param str endTimeStamp: The end time stamp string to put in the name.
:param Name keyName The key name to put in the data packet name and the
EncryptedContent key locator.
:param Blob privateKeyBlob: A Blob of the encoded private key.
:param Blob certificateKey: The certificate key encoding, used to
encrypt the private key.
:return: The Data packet.
:rtype: Data
"""
name = Name(self._namespace)
name.append(Encryptor.NAME_COMPONENT_D_KEY)
name.append(startTimeStamp).append(endTimeStamp)
data = Data(name)
data.getMetaInfo().setFreshnessPeriod(
self._freshnessHours * GroupManager.MILLISECONDS_IN_HOUR)
encryptParams = EncryptParams(EncryptAlgorithmType.RsaOaep)
Encryptor.encryptData(data, privateKeyBlob, keyName, certificateKey,
encryptParams)
self._keyChain.sign(data)
return data
def produce(self, data, timeSlot, content, onError=defaultOnError):
"""
Encrypt the given content with the content key that covers timeSlot, and
update the data packet with the encrypted content and an appropriate
data name.
:param Data data: An empty Data object which is updated.
:param float timeSlot: The time slot as milliseconds since Jan 1, 1970 UTC.
:param Blob content: The content to encrypt.
:param onError: (optional) This calls onError(errorCode, message) for an
error, where errorCode is from EncryptError.ErrorCode and message is a
str. If omitted, use a default callback which does nothing.
NOTE: The library will log any exceptions raised by this callback, but
for better error handling the callback should catch and properly
handle any exceptions.
:type onError: function object
"""
# Get a content key.
contentKeyName = self.createContentKey(timeSlot, None, onError)
contentKey = self._database.getContentKey(timeSlot)
# Produce data.
dataName = Name(self._namespace)
dataName.append(Schedule.toIsoString(timeSlot))
data.setName(dataName)
params = EncryptParams(EncryptAlgorithmType.AesCbc, 16)
Encryptor.encryptData(data, content, contentKeyName, contentKey, params)
self._keyChain.sign(data)
def _createDKeyData(self, startTimeStamp, endTimeStamp, keyName,
privateKeyBlob, certificateKey):
"""
Create a D-KEY Data packet with an EncryptedContent for the given
private key, encrypted with the certificate key.
:param str startTimeStamp: The start time stamp string to put in the name.
:param str endTimeStamp: The end time stamp string to put in the name.
:param Name keyName The key name to put in the data packet name and the
EncryptedContent key locator.
:param Blob privateKeyBlob: A Blob of the encoded private key.
:param Blob certificateKey: The certificate key encoding, used to
encrypt the private key.
:return: The Data packet.
:rtype: Data
"""
name = Name(self._namespace)
name.append(Encryptor.NAME_COMPONENT_D_KEY)
name.append(startTimeStamp).append(endTimeStamp)
data = Data(name)
data.getMetaInfo().setFreshnessPeriod(
self._freshnessHours * GroupManager.MILLISECONDS_IN_HOUR)
encryptParams = EncryptParams(EncryptAlgorithmType.RsaOaep)
Encryptor.encryptData(
data, privateKeyBlob, keyName, certificateKey, encryptParams)
self._keyChain.sign(data)
return data
def _encryptContentKey(self, encryptionKey, eKeyName, timeSlot,
onEncryptedKeys, onError):
"""
Get the content key from the database_ and encrypt it for the timeSlot
using encryptionKey.
:param Blob encryptionKey: The encryption key value.
:param Name eKeyName: The key name for the EncryptedContent.
:param float timeSlot: The time slot as milliseconds since Jan 1, 1970 UTC.
:param onEncryptedKeys: When there are no more interests to process,
this calls onEncryptedKeys(keys) where keys is a list of encrypted
content key Data packets. If onEncryptedKeys is None, this does not
use it.
:type onEncryptedKeys: function object
:param onError: This calls onError(errorCode, message) for an error.
:type onError: function object
:return: True if encryption succeeds, otherwise False.
:rtype: bool
"""
timeCount = round(timeSlot)
keyRequest = self._keyRequests[timeCount]
keyName = Name(self._namespace)
keyName.append(Encryptor.NAME_COMPONENT_C_KEY)
keyName.append(
Schedule.toIsoString(Producer._getRoundedTimeSlot(timeSlot)))
contentKey = self._database.getContentKey(timeSlot)
cKeyData = Data()
cKeyData.setName(keyName)
params = EncryptParams(EncryptAlgorithmType.RsaOaep)
try:
Encryptor.encryptData(cKeyData, contentKey, eKeyName,
encryptionKey, params)
except Exception as ex:
try:
onError(EncryptError.ErrorCode.EncryptionFailure,
"encryptData error: " + repr(ex))
except:
logging.exception("Error in onError")
return False
self._keyChain.sign(cKeyData)
keyRequest.encryptedKeys.append(cKeyData)
self._updateKeyRequest(keyRequest, timeCount, onEncryptedKeys)
return True
def _encryptContentKey(self, encryptionKey, eKeyName, timeSlot,
onEncryptedKeys, onError):
"""
Get the content key from the database_ and encrypt it for the timeSlot
using encryptionKey.
:param Blob encryptionKey: The encryption key value.
:param Name eKeyName: The key name for the EncryptedContent.
:param float timeSlot: The time slot as milliseconds since Jan 1, 1970 UTC.
:param onEncryptedKeys: When there are no more interests to process,
this calls onEncryptedKeys(keys) where keys is a list of encrypted
content key Data packets. If onEncryptedKeys is None, this does not
use it.
:type onEncryptedKeys: function object
:param onError: This calls onError(errorCode, message) for an error.
:type onError: function object
:return: True if encryption succeeds, otherwise False.
:rtype: bool
"""
timeCount = round(timeSlot)
keyRequest = self._keyRequests[timeCount]
keyName = Name(self._namespace)
keyName.append(Encryptor.NAME_COMPONENT_C_KEY)
keyName.append(
Schedule.toIsoString(Producer._getRoundedTimeSlot(timeSlot)))
contentKey = self._database.getContentKey(timeSlot)
cKeyData = Data()
cKeyData.setName(keyName)
params = EncryptParams(EncryptAlgorithmType.RsaOaep)
try:
Encryptor.encryptData(
cKeyData, contentKey, eKeyName, encryptionKey, params)
except Exception as ex:
try:
onError(EncryptError.ErrorCode.EncryptionFailure,
"encryptData error: " + repr(ex))
except:
logging.exception("Error in onError")
return False
self._keyChain.sign(cKeyData)
keyRequest.encryptedKeys.append(cKeyData)
self._updateKeyRequest(keyRequest, timeCount, onEncryptedKeys)
return True