class IdentityManagementFixture(object): def __init__(self): self._keyChain = KeyChain("pib-memory:", "tpm-memory:") self._identityNames = set() self._certificateFiles = set() def saveCertificateToFile(self, data, filePath): """ :param Data data: The certificate to save. :param str filePath: The file path, which should be writable. :return: True if successful. :rtype: bool """ self._certificateFiles.add(filePath) try: encoding = data.wireEncode() encodedCertificate = Common.base64Encode(encoding.toBytes(), True) with open(filePath, 'w') as keyFile: keyFile.write(encodedCertificate) return True except Exception: return False def addIdentity(self, identityName, params = None): """ Add an identity for the identityName. :param Name identityName: The name of the identity. :param KeyParams params: (optional) The key parameters if a key needs to be generated for the identity. If omitted, use KeyChain.getDefaultKeyParams(). :return: The created PibIdentity instance. :rtype: PibIdentity """ if params == None: params = KeyChain.getDefaultKeyParams() identity = self._keyChain.createIdentityV2(identityName, params) self._identityNames.add(identityName) return identity def saveCertificate(identity, filePath): """ Save the identity's certificate to a file. :param PibIdentity identity: The PibIdentity. :param str filePath: The file path, which should be writable. :return: True if successful. :rtype: str """ try: certificate = identity.getDefaultKey().getDefaultCertificate() return self.saveCertificateToFile(certificate, filePath) except Pib.Error: return False def addSubCertificate(self, subIdentityName, issuer, params = None): """ Issue a certificate for subIdentityName signed by issuer. If the identity does not exist, it is created. A new key is generated as the default key for the identity. A default certificate for the key is signed by the issuer using its default certificate. """ if params == None: params = KeyChain.getDefaultKeyParams() subIdentity = self.addIdentity(subIdentityName, params) request = subIdentity.getDefaultKey().getDefaultCertificate() request.setName(request.getKeyName().append("parent").appendVersion(1)) certificateParams = SigningInfo(issuer) # Validity period of 20 years. now = Common.getNowMilliseconds() certificateParams.setValidityPeriod( ValidityPeriod(now, now + 20 * 365 * 24 * 3600 * 1000.0)) # Skip the AdditionalDescription. self._keyChain.sign(request, certificateParams) self._keyChain.setDefaultCertificate(subIdentity.getDefaultKey(), request) return subIdentity def addCertificate(self, key, issuerId): """ Add a self-signed certificate made from the key and issuer ID. :param PibKey key: The key for the certificate. :param str issuerId: The issuer ID name component for the certificate name. :return: The new certificate. :rtype: CertificateV2 """ certificateName = Name(key.getName()) certificateName.append(issuerId).appendVersion(3) certificate = CertificateV2() certificate.setName(certificateName) # Set the MetaInfo. certificate.getMetaInfo().setType(ContentType.KEY) # One hour. certificate.getMetaInfo().setFreshnessPeriod(3600 * 1000.0) # Set the content. certificate.setContent(key.getPublicKey()) params = SigningInfo(key) # Validity period of 10 days. now = Common.getNowMilliseconds() params.setValidityPeriod( ValidityPeriod(now, now + 10 * 24 * 3600 * 1000.0)) self._keyChain.sign(certificate, params) return certificate