def test_hyper_relation(self):
# Set up the validator.
fetcher = CertificateFetcherOffline()
validator = ValidatorConfig(fetcher)
validator.load(
os.path.join(self._policyConfigDirectory,
"hyperrelation_ruleset.conf"))
# Set up a Data packet and result object.
data = Data()
KeyLocator.getFromSignature(data.getSignature()).setType(
KeyLocatorType.KEYNAME)
result = TestValidationResult(data)
data.setName(Name("/SecurityTestSecRule/Basic/Longer/Data2"))
KeyLocator.getFromSignature(data.getSignature()).setKeyName(
Name("/SecurityTestSecRule/Basic/Longer/KEY/123"))
result.checkPolicy(validator)
self.assertTrue(result._calledFailure and not result.calledContinue_)
KeyLocator.getFromSignature(data.getSignature()).setKeyName(
Name("/SecurityTestSecRule/Basic/KEY/123"))
result.checkPolicy(validator)
self.assertTrue(result._calledFailure and not result.calledContinue_)
data.setName(Name("/SecurityTestSecRule/Basic/Other/Data1"))
KeyLocator.getFromSignature(data.getSignature()).setKeyName(
Name("/SecurityTestSecRule/Basic/Longer/KEY/123"))
result.checkPolicy(validator)
self.assertTrue(result._calledFailure and not result.calledContinue_)
KeyLocator.getFromSignature(data.getSignature()).setKeyName(
Name("/SecurityTestSecRule/Basic/KEY/123"))
result.checkPolicy(validator)
self.assertTrue(result._calledFailure and not result.calledContinue_)
def test_hyper_relation(self):
# Set up the validator.
fetcher = CertificateFetcherOffline()
validator = ValidatorConfig(fetcher)
validator.load(
os.path.join(self._policyConfigDirectory, "hyperrelation_ruleset.conf"))
# Set up a Data packet and result object.
data = Data()
KeyLocator.getFromSignature(data.getSignature()).setType(KeyLocatorType.KEYNAME)
result = TestValidationResult(data)
data.setName(Name("/SecurityTestSecRule/Basic/Longer/Data2"))
KeyLocator.getFromSignature(data.getSignature()).setKeyName(
Name("/SecurityTestSecRule/Basic/Longer/KEY/123"))
result.checkPolicy(validator)
self.assertTrue(result._calledFailure and not result.calledContinue_)
KeyLocator.getFromSignature(data.getSignature()).setKeyName(
Name("/SecurityTestSecRule/Basic/KEY/123"))
result.checkPolicy(validator)
self.assertTrue(result._calledFailure and not result.calledContinue_)
data.setName(Name("/SecurityTestSecRule/Basic/Other/Data1"))
KeyLocator.getFromSignature(data.getSignature()).setKeyName(
Name("/SecurityTestSecRule/Basic/Longer/KEY/123"))
result.checkPolicy(validator)
self.assertTrue(result._calledFailure and not result.calledContinue_)
KeyLocator.getFromSignature(data.getSignature()).setKeyName(
Name("/SecurityTestSecRule/Basic/KEY/123"))
result.checkPolicy(validator)
self.assertTrue(result._calledFailure and not result.calledContinue_)
def test_hyperrelation(self):
policyManager = ConfigPolicyManager("policy_config/hyperrelation_ruleset.conf")
dataName = Name('/SecurityTestSecRule/Basic/Longer/Data2')
data1 = Data(dataName)
data2 = Data(dataName)
matchedRule = policyManager._findMatchingRule(dataName, 'data')
self.keyChain.sign(data1, self.defaultCertName)
self.keyChain.sign(data2, self.shortCertName)
signatureName1 = data1.getSignature().getKeyLocator().getKeyName()
signatureName2 = data2.getSignature().getKeyLocator().getKeyName()
self.assertTrue(policyManager._checkSignatureMatch(signatureName1,
dataName, matchedRule))
self.assertFalse(policyManager._checkSignatureMatch(signatureName2,
dataName, matchedRule))
dataName = Name('/SecurityTestSecRule/Basic/Other/Data1')
data1 = Data(dataName)
data2 = Data(dataName)
matchedRule = policyManager._findMatchingRule(dataName, 'data')
self.keyChain.sign(data1, self.defaultCertName)
self.keyChain.sign(data2, self.shortCertName)
signatureName1 = data1.getSignature().getKeyLocator().getKeyName()
signatureName2 = data2.getSignature().getKeyLocator().getKeyName()
self.assertFalse(policyManager._checkSignatureMatch(signatureName1,
dataName, matchedRule))
self.assertTrue(policyManager._checkSignatureMatch(signatureName2,
dataName, matchedRule))
def test_hyperrelation(self):
policyManager = ConfigPolicyManager("policy_config/hyperrelation_ruleset.conf")
dataName = Name('/SecurityTestSecRule/Basic/Longer/Data2')
data1 = Data(dataName)
data2 = Data(dataName)
matchedRule = policyManager._findMatchingRule(dataName, 'data')
self.keyChain.sign(data1, self.defaultCertName)
self.keyChain.sign(data2, self.shortCertName)
signatureName1 = data1.getSignature().getKeyLocator().getKeyName()
signatureName2 = data2.getSignature().getKeyLocator().getKeyName()
self.assertTrue(policyManager._checkSignatureMatch(signatureName1,
dataName, matchedRule))
self.assertFalse(policyManager._checkSignatureMatch(signatureName2,
dataName, matchedRule))
dataName = Name('/SecurityTestSecRule/Basic/Other/Data1')
data1 = Data(dataName)
data2 = Data(dataName)
matchedRule = policyManager._findMatchingRule(dataName, 'data')
self.keyChain.sign(data1, self.defaultCertName)
self.keyChain.sign(data2, self.shortCertName)
signatureName1 = data1.getSignature().getKeyLocator().getKeyName()
signatureName2 = data2.getSignature().getKeyLocator().getKeyName()
self.assertFalse(policyManager._checkSignatureMatch(signatureName1,
dataName, matchedRule))
self.assertTrue(policyManager._checkSignatureMatch(signatureName2,
dataName, matchedRule))
def test_name_relation(self):
# Set up the validators.
fetcher = CertificateFetcherOffline()
validatorPrefix = ValidatorConfig(fetcher)
validatorEqual = ValidatorConfig(fetcher)
validatorStrict = ValidatorConfig(fetcher)
validatorPrefix.load(
os.path.join(self._policyConfigDirectory,
"relation_ruleset_prefix.conf"))
validatorEqual.load(
os.path.join(self._policyConfigDirectory,
"relation_ruleset_equal.conf"))
validatorStrict.load(
os.path.join(self._policyConfigDirectory,
"relation_ruleset_strict.conf"))
# Set up a Data packet and result object.
data = Data()
KeyLocator.getFromSignature(data.getSignature()).setType(
KeyLocatorType.KEYNAME)
KeyLocator.getFromSignature(data.getSignature()).setKeyName(
Name("/SecurityTestSecRule/KEY/123"))
result = TestValidationResult(data)
data.setName(Name("/TestRule1"))
result.checkPolicy(validatorPrefix)
self.assertTrue(result.calledContinue_ and not result._calledFailure,
"Prefix relation should match prefix name")
result.checkPolicy(validatorEqual)
self.assertTrue(result.calledContinue_ and not result._calledFailure,
"Equal relation should match prefix name")
result.checkPolicy(validatorStrict)
self.assertTrue(result._calledFailure and not result.calledContinue_,
"Strict-prefix relation should not match prefix name")
data.setName(Name("/TestRule1/hi"))
result.checkPolicy(validatorPrefix)
self.assertTrue(result.calledContinue_ and not result._calledFailure,
"Prefix relation should match longer name")
result.checkPolicy(validatorEqual)
self.assertTrue(result._calledFailure and not result.calledContinue_,
"Equal relation should not match longer name")
result.checkPolicy(validatorStrict)
self.assertTrue(result.calledContinue_ and not result._calledFailure,
"Strict-prefix relation should match longer name")
data.setName(Name("/Bad/TestRule1/"))
result.checkPolicy(validatorPrefix)
self.assertTrue(result._calledFailure and not result.calledContinue_,
"Prefix relation should not match inner components")
result.checkPolicy(validatorEqual)
self.assertTrue(result._calledFailure and not result.calledContinue_,
"Equal relation should not match inner components")
result.checkPolicy(validatorStrict)
self.assertTrue(
result._calledFailure and not result.calledContinue_,
"Strict-prefix relation should not match inner components")
def test_name_relation(self):
# Set up the validators.
fetcher = CertificateFetcherOffline()
validatorPrefix = ValidatorConfig(fetcher)
validatorEqual = ValidatorConfig(fetcher)
validatorStrict = ValidatorConfig(fetcher)
validatorPrefix.load(
os.path.join(self._policyConfigDirectory, "relation_ruleset_prefix.conf"))
validatorEqual.load(
os.path.join(self._policyConfigDirectory, "relation_ruleset_equal.conf"))
validatorStrict.load(
os.path.join(self._policyConfigDirectory, "relation_ruleset_strict.conf"))
# Set up a Data packet and result object.
data = Data()
KeyLocator.getFromSignature(data.getSignature()).setType(
KeyLocatorType.KEYNAME)
KeyLocator.getFromSignature(data.getSignature()).setKeyName(
Name("/SecurityTestSecRule/KEY/123"))
result = TestValidationResult(data)
data.setName(Name("/TestRule1"))
result.checkPolicy(validatorPrefix)
self.assertTrue(result.calledContinue_ and not result._calledFailure,
"Prefix relation should match prefix name")
result.checkPolicy(validatorEqual)
self.assertTrue(result.calledContinue_ and not result._calledFailure,
"Equal relation should match prefix name")
result.checkPolicy(validatorStrict)
self.assertTrue(result._calledFailure and not result.calledContinue_,
"Strict-prefix relation should not match prefix name")
data.setName(Name("/TestRule1/hi"))
result.checkPolicy(validatorPrefix)
self.assertTrue(result.calledContinue_ and not result._calledFailure,
"Prefix relation should match longer name")
result.checkPolicy(validatorEqual)
self.assertTrue(result._calledFailure and not result.calledContinue_,
"Equal relation should not match longer name")
result.checkPolicy(validatorStrict)
self.assertTrue(result.calledContinue_ and not result._calledFailure,
"Strict-prefix relation should match longer name")
data.setName(Name("/Bad/TestRule1/"))
result.checkPolicy(validatorPrefix)
self.assertTrue(result._calledFailure and not result.calledContinue_,
"Prefix relation should not match inner components")
result.checkPolicy(validatorEqual)
self.assertTrue(result._calledFailure and not result.calledContinue_,
"Equal relation should not match inner components")
result.checkPolicy(validatorStrict)
self.assertTrue(result._calledFailure and not result.calledContinue_,
"Strict-prefix relation should not match inner components")
def test_empty_signature(self):
# make sure nothing is set in the signature of newly created data
data = Data()
signature = data.getSignature()
self.assertIsNone(
signature.getKeyLocator().getType(),
'Key locator type on unsigned data should not be set')
self.assertTrue(signature.getSignature().isNull(),
'Non-empty signature on unsigned data')
def test_checker_hierarchical(self):
policyManager = ConfigPolicyManager(
"policy_config/hierarchical_ruleset.conf")
dataName1 = Name('/SecurityTestSecRule/Basic/Data1')
dataName2 = Name('/SecurityTestSecRule/Basic/Longer/Data2')
data1 = Data(dataName1)
data2 = Data(dataName2)
matchedRule = policyManager._findMatchingRule(dataName1, 'data')
self.assertEqual(matchedRule,
policyManager._findMatchingRule(dataName2, 'data'))
self.keyChain.sign(data1, self.defaultCertName)
self.keyChain.sign(data2, self.defaultCertName)
signatureName1 = data1.getSignature().getKeyLocator().getKeyName()
signatureName2 = data2.getSignature().getKeyLocator().getKeyName()
failureReason = ["unknown"]
self.assertFalse(
policyManager._checkSignatureMatch(signatureName1, dataName1,
matchedRule, failureReason),
"Hierarchical matcher matched short data name to long key name")
self.assertTrue(
policyManager._checkSignatureMatch(signatureName2, dataName2,
matchedRule, failureReason))
self.keyChain.sign(data1, self.shortCertName)
self.keyChain.sign(data2, self.shortCertName)
signatureName1 = data1.getSignature().getKeyLocator().getKeyName()
signatureName2 = data2.getSignature().getKeyLocator().getKeyName()
self.assertTrue(
policyManager._checkSignatureMatch(signatureName1, dataName1,
matchedRule, failureReason))
self.assertTrue(
policyManager._checkSignatureMatch(signatureName2, dataName2,
matchedRule, failureReason))
def test_generic_signature(self):
# Test correct encoding.
signature = GenericSignature()
signature.setSignatureInfoEncoding(
Blob(experimentalSignatureInfo, False), None)
signatureValue = Blob([1, 2, 3, 4], False)
signature.setSignature(signatureValue)
self.freshData.setSignature(signature)
encoding = self.freshData.wireEncode()
decodedData = Data()
decodedData.wireDecode(encoding)
decodedSignature = decodedData.getSignature()
self.assertEqual(decodedSignature.getTypeCode(),
experimentalSignatureType)
self.assertTrue(
Blob(experimentalSignatureInfo,
False).equals(decodedSignature.getSignatureInfoEncoding()))
self.assertTrue(signatureValue.equals(decodedSignature.getSignature()))
# Test bad encoding.
signature = GenericSignature()
signature.setSignatureInfoEncoding(
Blob(experimentalSignatureInfoNoSignatureType, False), None)
signature.setSignature(signatureValue)
self.freshData.setSignature(signature)
gotError = True
try:
self.freshData.wireEncode()
gotError = False
except:
pass
if not gotError:
self.fail(
"Expected encoding error for experimentalSignatureInfoNoSignatureType"
)
signature = GenericSignature()
signature.setSignatureInfoEncoding(
Blob(experimentalSignatureInfoBadTlv, False), None)
signature.setSignature(signatureValue)
self.freshData.setSignature(signature)
gotError = True
try:
self.freshData.wireEncode()
gotError = False
except:
pass
if not gotError:
self.fail(
"Expected encoding error for experimentalSignatureInfoBadTlv")
def test_checker_hierarchical(self):
policyManager = ConfigPolicyManager("policy_config/hierarchical_ruleset.conf")
dataName1 = Name('/SecurityTestSecRule/Basic/Data1')
dataName2 = Name('/SecurityTestSecRule/Basic/Longer/Data2')
data1 = Data(dataName1)
data2 = Data(dataName2)
matchedRule = policyManager._findMatchingRule(dataName1, 'data')
self.assertEqual(matchedRule,
policyManager._findMatchingRule(dataName2, 'data'))
self.keyChain.sign(data1, self.defaultCertName)
self.keyChain.sign(data2, self.defaultCertName)
signatureName1 = data1.getSignature().getKeyLocator().getKeyName()
signatureName2 = data2.getSignature().getKeyLocator().getKeyName()
failureReason = ["unknown"]
self.assertFalse(policyManager._checkSignatureMatch(signatureName1,
dataName1, matchedRule, failureReason),
"Hierarchical matcher matched short data name to long key name")
self.assertTrue(policyManager._checkSignatureMatch(signatureName2,
dataName2, matchedRule, failureReason))
self.keyChain.sign(data1, self.shortCertName)
self.keyChain.sign(data2, self.shortCertName)
signatureName1 = data1.getSignature().getKeyLocator().getKeyName()
signatureName2 = data2.getSignature().getKeyLocator().getKeyName()
self.assertTrue(policyManager._checkSignatureMatch(signatureName1,
dataName1, matchedRule, failureReason))
self.assertTrue(policyManager._checkSignatureMatch(signatureName2,
dataName2, matchedRule, failureReason))
def test_generic_signature(self):
# Test correct encoding.
signature = GenericSignature()
signature.setSignatureInfoEncoding(
Blob(experimentalSignatureInfo, False), None)
signatureValue = Blob([1, 2, 3, 4], False)
signature.setSignature(signatureValue)
self.freshData.setSignature(signature)
encoding = self.freshData.wireEncode()
decodedData = Data()
decodedData.wireDecode(encoding)
decodedSignature = decodedData.getSignature()
self.assertEqual(decodedSignature.getTypeCode(), experimentalSignatureType)
self.assertTrue(Blob(experimentalSignatureInfo, False).equals
(decodedSignature.getSignatureInfoEncoding()))
self.assertTrue(signatureValue.equals(decodedSignature.getSignature()))
# Test bad encoding.
signature = GenericSignature()
signature.setSignatureInfoEncoding(
Blob(experimentalSignatureInfoNoSignatureType, False), None)
signature.setSignature(signatureValue)
self.freshData.setSignature(signature)
gotError = True
try:
self.freshData.wireEncode()
gotError = False
except:
pass
if not gotError:
self.fail("Expected encoding error for experimentalSignatureInfoNoSignatureType")
signature = GenericSignature()
signature.setSignatureInfoEncoding(
Blob(experimentalSignatureInfoBadTlv, False), None)
signature.setSignature(signatureValue)
self.freshData.setSignature(signature)
gotError = True
try:
self.freshData.wireEncode()
gotError = False
except:
pass
if not gotError:
self.fail("Expected encoding error for experimentalSignatureInfoBadTlv")
def test_empty_signature(self):
# make sure nothing is set in the signature of newly created data
data = Data()
signature = data.getSignature()
self.assertIsNone(signature.getKeyLocator().getType(), 'Key locator type on unsigned data should not be set')
self.assertTrue(signature.getSignature().isNull(), 'Non-empty signature on unsigned data')
def benchmarkEncodeDataSeconds(nIterations, useComplex, useCrypto):
"""
Loop to encode a data packet nIterations times.
:param int nIterations: The number of iterations.
:param bool useComplex: If true, use a large name, large content and all
fields. If false, use a small name, small content and only required
fields.
:param bool useCrypto: If true, sign the data packet. If false, use a blank
signature.
:return: A tuple (duration, encoding) where duration is the number of
seconds for all iterations and encoding is the wire encoding.
:rtype: (float, Blob)
"""
if useComplex:
# Use a large name and content.
name = Name(
"/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00")
contentString = ""
count = 1
contentString += "%d" % count
count += 1
while len(contentString) < 1115:
contentString += " %d" % count
count += 1
content = Name.fromEscapedString(contentString)
else:
# Use a small name and content.
name = Name("/test")
content = Name.fromEscapedString("abc")
finalBlockId = Name("/%00")[0]
# Initialize the private key storage in case useCrypto is true.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
keyChain = KeyChain(IdentityManager(identityStorage, privateKeyStorage),
SelfVerifyPolicyManager(identityStorage))
keyName = Name("/testname/DSK-123")
certificateName = keyName.getSubName(0, keyName.size() - 1).append(
"KEY").append(keyName[-1]).append("ID-CERT").append("0")
identityStorage.addKey(keyName, KeyType.RSA, Blob(DEFAULT_RSA_PUBLIC_KEY_DER))
privateKeyStorage.setKeyPairForKeyName(
keyName, KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER)
# Set up signatureBits in case useCrypto is false.
signatureBits = Blob(bytearray(256))
emptyBlob = Blob([])
start = getNowSeconds()
for i in range(nIterations):
data = Data(name)
data.setContent(content)
if useComplex:
data.getMetaInfo().setFreshnessPeriod(1000)
data.getMetaInfo().setFinalBlockId(finalBlockId)
if useCrypto:
# This sets the signature fields.
keyChain.sign(data, certificateName)
else:
# Imitate IdentityManager.signByCertificate to set up the signature
# fields, but don't sign.
sha256Signature = data.getSignature()
keyLocator = sha256Signature.getKeyLocator()
keyLocator.setType(KeyLocatorType.KEYNAME)
keyLocator.setKeyName(certificateName)
sha256Signature.setSignature(signatureBits)
encoding = data.wireEncode()
finish = getNowSeconds()
return (finish - start, encoding)
def benchmarkEncodeDataSeconds(nIterations, useComplex, useCrypto, keyType):
"""
Loop to encode a data packet nIterations times.
:param int nIterations: The number of iterations.
:param bool useComplex: If true, use a large name, large content and all
fields. If false, use a small name, small content and only required
fields.
:param bool useCrypto: If true, sign the data packet. If false, use a blank
signature.
:param KeyType keyType: KeyType.RSA or EC, used if useCrypto is True.
:return: A tuple (duration, encoding) where duration is the number of
seconds for all iterations and encoding is the wire encoding.
:rtype: (float, Blob)
"""
if useComplex:
# Use a large name and content.
name = Name(
"/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00"
)
contentString = ""
count = 1
contentString += "%d" % count
count += 1
while len(contentString) < 1115:
contentString += " %d" % count
count += 1
content = Name.fromEscapedString(contentString)
else:
# Use a small name and content.
name = Name("/test")
content = Name.fromEscapedString("abc")
finalBlockId = Name("/%00")[0]
# Initialize the KeyChain in case useCrypto is true.
keyChain = KeyChain("pib-memory:", "tpm-memory:")
keyChain.importSafeBag(
SafeBag(
Name("/testname/KEY/123"),
Blob(
DEFAULT_EC_PRIVATE_KEY_DER if keyType == KeyType.EC else
DEFAULT_RSA_PRIVATE_KEY_DER, False),
Blob(
DEFAULT_EC_PUBLIC_KEY_DER if keyType == KeyType.EC else
DEFAULT_RSA_PUBLIC_KEY_DER, False)))
certificateName = keyChain.getDefaultCertificateName()
# Set up signatureBits in case useCrypto is false.
signatureBits = Blob(bytearray(256))
start = getNowSeconds()
for i in range(nIterations):
data = Data(name)
data.setContent(content)
if useComplex:
data.getMetaInfo().setFreshnessPeriod(1000)
data.getMetaInfo().setFinalBlockId(finalBlockId)
if useCrypto:
# This sets the signature fields.
keyChain.sign(data)
else:
# Imitate IdentityManager.signByCertificate to set up the signature
# fields, but don't sign.
sha256Signature = data.getSignature()
keyLocator = sha256Signature.getKeyLocator()
keyLocator.setType(KeyLocatorType.KEYNAME)
keyLocator.setKeyName(certificateName)
sha256Signature.setSignature(signatureBits)
encoding = data.wireEncode()
finish = getNowSeconds()
return (finish - start, encoding)
def benchmarkEncodeDataSeconds(nIterations, useComplex, useCrypto):
"""
Loop to encode a data packet nIterations times.
:param int nIterations: The number of iterations.
:param bool useComplex: If true, use a large name, large content and all
fields. If false, use a small name, small content and only required
fields.
:param bool useCrypto: If true, sign the data packet. If false, use a blank
signature.
:return: A tuple (duration, encoding) where duration is the number of
seconds for all iterations and encoding is the wire encoding.
:rtype: (float, Blob)
"""
if useComplex:
# Use a large name and content.
name = Name(
"/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00"
)
contentString = ""
count = 1
contentString += "%d" % count
count += 1
while len(contentString) < 1115:
contentString += " %d" % count
count += 1
content = Name.fromEscapedString(contentString)
else:
# Use a small name and content.
name = Name("/test")
content = Name.fromEscapedString("abc")
finalBlockId = Name("/%00")[0]
# Initialize the private key storage in case useCrypto is true.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
keyChain = KeyChain(IdentityManager(identityStorage, privateKeyStorage),
SelfVerifyPolicyManager(identityStorage))
keyName = Name("/testname/DSK-123")
certificateName = keyName.getSubName(
0,
keyName.size() - 1).append("KEY").append(
keyName[-1]).append("ID-CERT").append("0")
identityStorage.addKey(keyName, KeyType.RSA,
Blob(DEFAULT_RSA_PUBLIC_KEY_DER))
privateKeyStorage.setKeyPairForKeyName(keyName, KeyType.RSA,
DEFAULT_RSA_PUBLIC_KEY_DER,
DEFAULT_RSA_PRIVATE_KEY_DER)
# Set up signatureBits in case useCrypto is false.
signatureBits = Blob(bytearray(256))
emptyBlob = Blob([])
start = getNowSeconds()
for i in range(nIterations):
data = Data(name)
data.setContent(content)
if useComplex:
data.getMetaInfo().setFreshnessPeriod(1000)
data.getMetaInfo().setFinalBlockId(finalBlockId)
if useCrypto:
# This sets the signature fields.
keyChain.sign(data, certificateName)
else:
# Imitate IdentityManager.signByCertificate to set up the signature
# fields, but don't sign.
sha256Signature = data.getSignature()
keyLocator = sha256Signature.getKeyLocator()
keyLocator.setType(KeyLocatorType.KEYNAME)
keyLocator.setKeyName(certificateName)
sha256Signature.setSignature(signatureBits)
encoding = data.wireEncode()
finish = getNowSeconds()
return (finish - start, encoding)
def benchmarkEncodeDataSeconds(nIterations, useComplex, useCrypto, keyType):
"""
Loop to encode a data packet nIterations times.
:param int nIterations: The number of iterations.
:param bool useComplex: If true, use a large name, large content and all
fields. If false, use a small name, small content and only required
fields.
:param bool useCrypto: If true, sign the data packet. If false, use a blank
signature.
:param KeyType keyType: KeyType.RSA or EC, used if useCrypto is True.
:return: A tuple (duration, encoding) where duration is the number of
seconds for all iterations and encoding is the wire encoding.
:rtype: (float, Blob)
"""
if useComplex:
# Use a large name and content.
name = Name(
"/ndn/ucla.edu/apps/lwndn-test/numbers.txt/%FD%05%05%E8%0C%CE%1D/%00")
contentString = ""
count = 1
contentString += "%d" % count
count += 1
while len(contentString) < 1115:
contentString += " %d" % count
count += 1
content = Name.fromEscapedString(contentString)
else:
# Use a small name and content.
name = Name("/test")
content = Name.fromEscapedString("abc")
finalBlockId = Name("/%00")[0]
# Initialize the KeyChain in case useCrypto is true.
keyChain = KeyChain("pib-memory:", "tpm-memory:")
keyChain.importSafeBag(SafeBag
(Name("/testname/KEY/123"),
Blob(DEFAULT_EC_PRIVATE_KEY_DER if keyType == KeyType.EC
else DEFAULT_RSA_PRIVATE_KEY_DER, False),
Blob(DEFAULT_EC_PUBLIC_KEY_DER if keyType == KeyType.EC
else DEFAULT_RSA_PUBLIC_KEY_DER, False)))
certificateName = keyChain.getDefaultCertificateName()
# Set up signatureBits in case useCrypto is false.
signatureBits = Blob(bytearray(256))
start = getNowSeconds()
for i in range(nIterations):
data = Data(name)
data.setContent(content)
if useComplex:
data.getMetaInfo().setFreshnessPeriod(1000)
data.getMetaInfo().setFinalBlockId(finalBlockId)
if useCrypto:
# This sets the signature fields.
keyChain.sign(data)
else:
# Imitate IdentityManager.signByCertificate to set up the signature
# fields, but don't sign.
sha256Signature = data.getSignature()
keyLocator = sha256Signature.getKeyLocator()
keyLocator.setType(KeyLocatorType.KEYNAME)
keyLocator.setKeyName(certificateName)
sha256Signature.setSignature(signatureBits)
encoding = data.wireEncode()
finish = getNowSeconds()
return (finish - start, encoding)
