def test_validate_interest(self):
identity = self._fixture.addIdentity(Name("/TestValidator/Null"))
interest = Interest(Name("/Some/Other/Interest/Name"))
self._fixture._keyChain.sign(interest, SigningInfo(identity))
validator = ValidatorNull()
successCount = [0]
failureCount = [0]
def successCallback(interest):
successCount[0] += 1
def failureCallback(interest, error):
failureCount[0] += 1
validator.validate(interest, successCallback, failureCallback)
self.assertTrue(successCount[0] == 1 and failureCount[0] == 0,
"Validation should not have failed")
def prepareData(ckPrefix, keyChain, face):
"""
Create the encrypted CK Data and KDK, and add to the Namespace object.
For the meaning of "CK data", etc. see:
https://github.com/named-data/name-based-access-control/blob/new/docs/spec.rst
:return: The EncryptorV2 for encrypting the content.
:rtype: EncryptorV2
"""
# Imitate TestEncryptorV2 and TestAccessManagerV2 from the integration tests.
accessIdentity = keyChain.createIdentityV2(Name("/access/policy/identity"),
RsaKeyParams())
# This matches memberKeyName in test_nac_consumer.
memberKeyName = Name("/first/user/KEY/%0C%87%EB%E6U%27B%D6")
# The member certificate only needs to have a name and public key.
memberCertificate = CertificateV2()
memberCertificate.setName(Name(memberKeyName).append("self").append("1"))
memberCertificate.setContent(Blob(MEMBER_PUBLIC_KEY, False))
dataset = Name("/dataset")
accessManager = AccessManagerV2(accessIdentity, dataset, keyChain, face)
# The face now has callbacks to the AccessManagerV2 and will keep it alive.
accessManager.addMember(memberCertificate)
def onError(code, message):
print("onError: " + message)
# TODO: Sign with better than SHA256?
return EncryptorV2(
Name(accessIdentity.getName()).append("NAC").append(dataset), ckPrefix,
SigningInfo(SigningInfo.SignerType.SHA256), onError, ValidatorNull(),
keyChain, face)
def main():
# Silence the warning from Interest wire encode.
Interest.setDefaultCanBePrefix(True)
# The default Face will connect using a Unix socket, or to "localhost".
face = Face()
memberName = Name("/first/user")
memberKeyName = Name(memberName).append(Name("/KEY/%0C%87%EB%E6U%27B%D6"))
memberKeyChain = KeyChain("pib-memory:", "tpm-memory:")
memberKeyChain.importSafeBag(SafeBag
(memberKeyName, Blob(MEMBER_PRIVATE_KEY, False),
Blob(MEMBER_PUBLIC_KEY, False)))
# TODO: Use a real Validator.
decryptor = DecryptorV2(
memberKeyChain.getPib().getIdentity(memberName).getDefaultKey(),
ValidatorNull(), memberKeyChain, face)
contentPrefix = Name("/testname/content")
contentNamespace = Namespace(contentPrefix)
contentNamespace.setFace(face)
contentNamespace.setDecryptor(decryptor)
enabled = [True]
def onSegmentedObject(objectNamespace):
dump("Got segmented content", objectNamespace.obj.toRawStr())
enabled[0] = False
SegmentedObjectHandler(contentNamespace, onSegmentedObject).objectNeeded()
while enabled[0]:
face.processEvents()
# We need to sleep for a few milliseconds so we don't use 100% of the CPU.
time.sleep(0.01)
def __init__(self, identityName):
super(DecryptorFixture, self).__init__()
# Include the code here from the NAC unit-tests class
# DecryptorStaticDataEnvironment instead of making it a base class.
self._storage = InMemoryStorageRetaining()
for array in EncryptStaticData.managerPackets:
data = Data()
data.wireDecode(array)
self._storage.insert(data)
for array in EncryptStaticData.encryptorPackets:
data = Data()
data.wireDecode(array)
self._storage.insert(data)
# Import the "/first/user" identity.
self._keyChain.importSafeBag(SafeBag(EncryptStaticData.userIdentity),
Blob("password").buf())
self.addIdentity(Name("/not/authorized"))
self._face = InMemoryStorageFace(self._storage)
self._validator = ValidatorNull()
self._decryptor = DecryptorV2(
self._keyChain.getPib().getIdentity(identityName).getDefaultKey(),
self._validator, self._keyChain, self._face)
def test_validate_interest(self):
identity = self._fixture.addIdentity(Name("/TestValidator/Null"))
interest = Interest(Name("/Some/Other/Interest/Name"))
self._fixture._keyChain.sign(interest, SigningInfo(identity))
validator = ValidatorNull()
successCount = [0]
failureCount = [0]
def successCallback(interest):
successCount[0] += 1
def failureCallback(interest, error):
failureCount[0] += 1
validator.validate(interest, successCallback, failureCallback)
self.assertTrue(successCount[0] == 1 and failureCount[0] == 0,
"Validation should not have failed")
def __init__(self, shouldPublishData, onError):
super(EncryptorFixture, self).__init__()
# Include the code here from the NAC unit-tests class
# EncryptorStaticDataEnvironment instead of making it a base class.
self._storage = InMemoryStorageRetaining()
if shouldPublishData:
self.publishData()
self._face = InMemoryStorageFace(self._storage)
self._validator = ValidatorNull()
self._encryptor = EncryptorV2(
Name("/access/policy/identity/NAC/dataset"),
Name("/some/ck/prefix"),
SigningInfo(SigningInfo.SignerType.SHA256), onError,
self._validator, self._keyChain, self._face)