def __init__(self, identityStorage=None, privateKeyStorage=None): if identityStorage == None: identityStorage = BasicIdentityStorage() if privateKeyStorage == None: if sys.platform == 'darwin': # Use the OS X Keychain privateKeyStorage = OSXPrivateKeyStorage() else: privateKeyStorage = FilePrivateKeyStorage() self._identityStorage = identityStorage self._privateKeyStorage = privateKeyStorage
def main(): # Params parsing parser = argparse.ArgumentParser( description= 'bms gateway node to Parse or follow Cascade Datahub log and publish to MiniNdn.' ) parser.add_argument('filename', help='datahub log file') parser.add_argument('-f', dest='follow', action='store_true', help='follow (tail -f) the log file') parser.add_argument('--namespace', default='/ndn/edu/ucla/remap/bms', help='root of ndn name, no trailing slash') args = parser.parse_args() # Setup logging logger = Logger() logger.prepareLogging() # Face, KeyChain, memoryContentCache and asio event loop initialization loop = asyncio.get_event_loop() face = ThreadsafeFace(loop, "128.97.98.7") keyChain = KeyChain( IdentityManager(BasicIdentityStorage(), FilePrivateKeyStorage())) # For the gateway publisher, we create one identity for it to sign nfd command interests #certificateName = keyChain.createIdentityAndCertificate(Name("/ndn/bms/gateway-publisher")) face.setCommandSigningInfo(keyChain, keyChain.getDefaultCertificateName()) print "Using certificate name " + keyChain.getDefaultCertificateName( ).toUri() cache = MemoryContentCache(face) dataPublisher = DataPublisher(face, keyChain, loop, cache, args.namespace) cache.registerPrefix(Name(args.namespace), dataPublisher.onRegisterFailed, dataPublisher.onDataNotFound) # Parse csv to decide the mapping between sensor JSON -> <NDN name, data type> dataPublisher.populateSensorNDNDictFromCSV( 'bms-sensor-data-types-sanitized.csv') loop.call_later(dataPublisher._restartInterval, dataPublisher.checkAlive) if args.follow: #asyncio.async(loop.run_in_executor(executor, followfile, args.filename, args.namespace, cache)) loop.run_until_complete(dataPublisher.followfile(args.filename)) else: loop.run_until_complete(dataPublisher.readfile(args.filename)) loop.run_forever() face.shutdown()
def _getDefaultPrivateKeyStorage(config, canonicalTpmLocator): """ Get the PrivateKeyStorage from the tpm value in the configuration file if supplied. Otherwise, get the default for this platform. :param ConfigFile config: The configuration file to check. :param list<str> canonicalTpmLocator Set canonicalTpmLocator[0] to the canonical value including the colon, * e.g. "tpm-file:". :return: A new PrivateKeyStorage. :rtype: PrivateKeyStorage """ tpmLocator = config.get("tpm", "") if tpmLocator == "": # Use the system default. if sys.platform == 'darwin': # Use the OS X Keychain. canonicalTpmLocator[0] = "tpm-osxkeychain:" return OSXPrivateKeyStorage() else: canonicalTpmLocator[0] = "tpm-file:" return FilePrivateKeyStorage() elif tpmLocator == "tpm-osxkeychain": if sys.platform == 'darwin': canonicalTpmLocator[0] = "tpm-osxkeychain:" return OSXPrivateKeyStorage() else: raise SecurityException( "Can't use config file tpm=tpm-osxkeychain because the system doesn't support it." ) elif tpmLocator == "tpm-file": # Don't support non-default locations for now. canonicalTpmLocator[0] = "tpm-file:" return FilePrivateKeyStorage() else: raise SecurityException("Invalid config file tpm value: " + tpmLocator)
def startPublishing(self): # One-time security setup self.prepareLogging() privateKeyStorage = FilePrivateKeyStorage() identityStorage = BasicIdentityStorage() policyManager = ConfigPolicyManager(self._trustSchemaFile) self._keyChain = KeyChain( IdentityManager(identityStorage, privateKeyStorage), policyManager) self._certificateName = self._keyChain.createIdentityAndCertificate( self._identityName) print("My Identity name: " + self._identityName.toUri()) print("My certificate name: " + self._certificateName.toUri()) certificateData = self._keyChain.getIdentityManager( )._identityStorage.getCertificate(self._certificateName) print("My certificate string: " + b64encode(certificateData.wireEncode().toBuffer())) # self._keyChain.getIdentityCertificate(self._certificateName).) self._loop = asyncio.get_event_loop() self._face = ThreadsafeFace(self._loop) self._keyChain.setFace(self._face) self._face.setCommandSigningInfo(self._keyChain, self._certificateName) self._memoryContentCache = MemoryContentCache(self._face) # We should only ask for cert to be signed upon the first run of a certain aggregator if DO_CERT_SETUP: if (KeyLocator.getFromSignature( certificateData.getSignature()).getKeyName().equals( self._certificateName.getPrefix(-1))): # Need to configure for mini-ndn; aggregation node runs outside of mini-ndn first so that signed cert get installed and mini-ndn won't ask for this again print("certificate " + self._certificateName.toUri() + " asking for signature") response = urllib2.urlopen( "http://192.168.56.1:5000/bms-cert-hack?cert=" + b64encode(certificateData.wireEncode().toBuffer()) + "&cert_prefix=" + self._identityName.toUri() + '&subject_name=' + self._identityName.toUri()).read() signedCertData = Data() signedCertData.wireDecode(Blob(b64decode(response))) self._memoryContentCache.add(signedCertData) cmdline = ['ndnsec-install-cert', '-'] p = subprocess.Popen(cmdline, stdin=subprocess.PIPE, stdout=subprocess.PIPE) # desanitize + sign in GET request cert, err = p.communicate(response) if p.returncode != 0: raise RuntimeError("ndnsec-install-cert error") else: self._memoryContentCache.add(certificateData) else: self._memoryContentCache.add(certificateData) dataNode = self.conf.getDataNode() childrenNode = self.conf.getChildrenNode() self._memoryContentCache.registerPrefix(Name(self._identityName), self.onRegisterFailed, self.onDataNotFound) # For each type of data, we refresh each type of aggregation according to the interval in the configuration for i in range(len(dataNode.subtrees)): dataType = dataNode.subtrees.keys()[i] aggregationParams = self.conf.getProducingParamsForAggregationType( dataNode.subtrees.items()[i][1]) if childrenNode == None: self._dataQueue[dataType] = DataQueue(None, None, None) self.generateData(dataType, 2, 0) for aggregationType in aggregationParams: childrenList = OrderedDict() if childrenNode != None: for j in range(len(childrenNode.subtrees)): if dataType in childrenNode.subtrees.items( )[j][1].subtrees['data'].subtrees: if aggregationType in childrenNode.subtrees.items( )[j][1].subtrees['data'].subtrees[ dataType].subtrees: childrenList[childrenNode.subtrees.items()[j][ 0]] = self.conf.getProducingParamsForAggregationType( childrenNode.subtrees.items()[j] [1].subtrees['data'].subtrees[dataType] )[aggregationType] self.startPublishingAggregation( aggregationParams[aggregationType], childrenList, dataType, aggregationType) return