def benchmarkDecodeDataSeconds(nIterations, useCrypto, keyType, encoding):
"""
Loop to decode a data packet nIterations times.
:param int nIterations: The number of iterations.
:param bool useCrypto: If true, verify the signature. If false, don't
verify.
:param KeyType keyType: KeyType.RSA or EC, used if useCrypto is True.
:param Blob encoding: The wire encoding to decode.
:return: The number of seconds for all iterations.
:rtype: float
"""
# Initialize the KeyChain in case useCrypto is true.
keyChain = KeyChain("pib-memory:", "tpm-memory:")
# This puts the public key in the pibImpl used by the SelfVerifyPolicyManager.
keyChain.importSafeBag(
SafeBag(
Name("/testname/KEY/123"),
Blob(
DEFAULT_EC_PRIVATE_KEY_DER if keyType == KeyType.EC else
DEFAULT_RSA_PRIVATE_KEY_DER, False),
Blob(
DEFAULT_EC_PUBLIC_KEY_DER if keyType == KeyType.EC else
DEFAULT_RSA_PUBLIC_KEY_DER, False)))
validator = Validator(ValidationPolicyFromPib(keyChain.getPib()))
start = getNowSeconds()
for i in range(nIterations):
data = Data()
data.wireDecode(encoding)
if useCrypto:
validator.validate(data, onVerifySuccess, onVerifyFailed)
finish = getNowSeconds()
return finish - start
def onInterest(self, prefix, interest, transport, registeredPrefixId):
"""
FileSync:
To be written (TBW)
"""
util.dump("Got interest packet with name", interest.getName().toUri())
util.dumpInterest(interest)
content = fileSyncBuf_pb2.FileSync()
sequenceNo = int(interest.getName().get(self.fileFolderPrefix.size() +
1).toEscapedString())
gotContent = False
#loop through all cached data and find out if you have some new content to respond with
for i in range(len(self.syncDataCache) - 1, -1, -1):
data = self.syncDataCache[i]
if data.sequenceNo == sequenceNo:
if data.dataType != fileSyncBuf_pb2.FileSync.UPDATE:
# Use setattr because "from" is a reserved keyword.
setattr(content, "from", self.screenName)
content.to = self.fileFolderName
content.dataType = data.dataType
content.timestamp = int(round(data.time / 1000.0))
else:
setattr(content, "from", self.screenName)
content.to = self.fileFolderName
content.dataType = data.dataType
content.data = data.data
content.timestamp = int(round(data.time / 1000.0))
gotContent = True
break
if gotContent:
logging.info("new content!")
#Serialize the pklistbuf
array = content.SerializeToString()
#Initialize the data with Name
data = Data(interest.getName())
#Set content for the data --> the serialized content to bytes
data.setContent(Blob(array))
#Add sign the data
self.keyChain.sign(data, self.certificateName)
try:
transport.send(data.wireEncode().toBuffer())
except Exception as ex:
logging.getLogger(__name__).error(
"Error in transport.send: %s", str(ex))
return
def getKey(self, keyName):
"""
Get the public key DER blob from the identity storage.
:param Name keyName: The name of the requested public key.
:return: The DER Blob. If not found, return a isNull() Blob.
:rtype: Blob
"""
keyNameUri = keyName.toUri()
if not (keyNameUri in self._keyStore):
# Not found. Silently return a null Blob.
return Blob()
(_, publicKeyDer) = self._keyStore[keyNameUri]
return publicKeyDer
def __init__(self, value=None):
if value == None:
self._keyLocator = ChangeCounter(KeyLocator())
self._signature = Blob()
elif type(value) is Sha256WithIbsWatersSignature:
# Copy its values.
self._keyLocator = ChangeCounter(KeyLocator(value.getKeyLocator()))
self._signature = value._signature
else:
raise RuntimeError(
"Unrecognized type for Sha256WithIbsWatersSignature constructor: "
+ str(type(value)))
self._changeCount = 0
def onObjectNeeded(namespace, neededNamespace, callbackId):
if not (neededNamespace is prefix):
# This is not the expected Namespace.
return False
# Make a version from the current time.
versionNamespace = prefix[
Name.Component.fromVersion(Common.getNowMilliseconds())]
# The metaInfo has the freshness period.
versionNamespace.setNewDataMetaInfo(metaInfo)
dump("Producing the generalized object for", versionNamespace.name)
handler.setObject(
versionNamespace, Blob("Status as of " + str(datetime.datetime.now())),
"text/html")
return True
def test_key_autocreate_identity(self):
keyName1 = Name('/TestSqlIdentityStorage/KeyType/RSA/ksk-12345')
identityName = keyName1[:-1]
decodedKey = base64.b64decode(RSA_DER)
self.identityStorage.addKey(keyName1, KeyType.RSA, Blob(decodedKey))
self.identityStorage.setDefaultKeyNameForIdentity(keyName1)
self.assertTrue(self.identityStorage.doesKeyExist(keyName1),
"Key was not added")
self.assertTrue(self.identityStorage.doesIdentityExist(identityName),
"Identity for key was not automatically created")
self.assertEqual(
self.identityManager.getDefaultKeyNameForIdentity(identityName),
keyName1, "Default key was not set on identity creation")
with self.assertRaises(SecurityException):
self.identityStorage.getDefaultCertificateNameForKey(keyName1)
with self.assertRaises(SecurityException):
# we have no private key for signing
self.identityManager.selfSign(keyName1)
with self.assertRaises(SecurityException):
self.identityStorage.getDefaultCertificateNameForKey(keyName1)
with self.assertRaises(SecurityException):
self.identityManager.getDefaultCertificateNameForIdentity(
identityName)
keyName2 = self.identityManager.generateRSAKeyPairAsDefault(
identityName)
cert = self.identityManager.selfSign(keyName2)
self.identityManager.addCertificateAsIdentityDefault(cert)
certName1 = self.identityManager.getDefaultCertificateNameForIdentity(
identityName)
certName2 = self.identityStorage.getDefaultCertificateNameForKey(
keyName2)
self.assertEqual(
certName1, certName2,
"Key-certificate mapping and identity-certificate mapping are not consistent"
)
self.keyChain.deleteIdentity(identityName)
self.assertFalse(self.identityStorage.doesKeyExist(keyName1))
def getKey(self, keyName):
"""
Get the public key DER blob from the identity storage.
:param Name keyName: The name of the requested public key.
:return: The DER Blob. If not found, return a isNull() Blob.
:rtype: Blob
"""
identityUri = keyName.getPrefix(-1).toUri()
keyId = keyName.get(-1).toEscapedString()
cursor = self._database.cursor()
cursor.execute("SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?",
(identityUri, keyId))
(keyData, ) = cursor.fetchone()
return Blob(bytearray(keyData))
def __init__(self, value=None):
if value == None:
self._type = None
self._keyName = ChangeCounter(Name())
self._keyData = Blob()
elif type(value) is KeyLocator:
# Copy its values.
self._type = value._type
self._keyName = ChangeCounter(Name(value.getKeyName()))
self._keyData = value._keyData
else:
raise RuntimeError(
"Unrecognized type for KeyLocator constructor: " +
repr(type(value)))
self._changeCount = 0
def wireDecode(self, input):
"""
Decode the input and update this ContentMetaInfo.
:param input: The array with the bytes to decode.
:type input: An array type with int elements
"""
meta = ContentMetaInfoMessage()
ProtobufTlv.decode(meta, input)
self.clear()
self._contentType = meta.content_meta_info.content_type
self._timestamp = float(meta.content_meta_info.timestamp)
self._hasSegments = meta.content_meta_info.has_segments
if len(meta.content_meta_info.other) > 0:
self._other = Blob(bytearray(meta.content_meta_info.other), False)
def setUp(self):
self.toyCertNotBefore = 1388100174000
self.toyCertNotAfter = 1388100174000
cert = Certificate()
cert.setName(
Name(
"/test/KEY/ksk-1457560485494/ID-CERT/%FD%00%00%01S%80H%E1%F3"))
cert.setNotBefore(self.toyCertNotBefore)
cert.setNotAfter(self.toyCertNotAfter)
cert.addSubjectDescription(
CertificateSubjectDescription(TEST_OID, "TEST NAME"))
key = PublicKey(Blob(PUBLIC_KEY))
cert.setPublicKeyInfo(key)
self.toyCert = cert
def encodeSignatureValue(self, signature):
"""
Encode the signatureValue in the Signature object as an NDN-TLV
SignatureValue (the signature bits) and return the encoding.
:param signature: An object of a subclass of Signature with the
signature value to encode.
:type signature: An object of a subclass of Signature
:return: A Blob containing the encoding.
:rtype: Blob
"""
encoder = TlvEncoder(256)
encoder.writeBlobTlv(Tlv.SignatureValue,
signature.getSignature().buf())
return Blob(encoder.getOutput(), False)
def encode(message):
"""
Encode the Protobuf message object as NDN-TLV.
:param google.protobuf.message message: The Protobuf message object.
This calls message.IsInitialized() and raises an exception if all
required fields are present.
:return: The encoded buffer in a Blob object.
:rtype: Blob
"""
if not message.IsInitialized():
raise RuntimeError("message is not initialized")
encoder = TlvEncoder(256)
ProtobufTlv._encodeMessageValue(message, encoder)
return Blob(encoder.getOutput(), False)
def main():
data = Data()
data.wireDecode(TlvData)
dump("Decoded Data:")
dumpData(data)
# Set the content again to clear the cached encoding so we encode again.
data.setContent(data.getContent())
encoding = data.wireEncode()
reDecodedData = Data()
reDecodedData.wireDecode(encoding)
dump("")
dump("Re-decoded Data:")
dumpData(reDecodedData)
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
keyChain = KeyChain(IdentityManager(identityStorage, privateKeyStorage),
SelfVerifyPolicyManager(identityStorage))
# Initialize the storage.
keyName = Name("/testname/DSK-123")
certificateName = keyName.getSubName(
0,
keyName.size() - 1).append("KEY").append(
keyName[-1]).append("ID-CERT").append("0")
identityStorage.addKey(keyName, KeyType.RSA,
Blob(DEFAULT_RSA_PUBLIC_KEY_DER))
privateKeyStorage.setKeyPairForKeyName(keyName, KeyType.RSA,
DEFAULT_RSA_PUBLIC_KEY_DER,
DEFAULT_RSA_PRIVATE_KEY_DER)
keyChain.verifyData(reDecodedData, makeOnVerified("Re-decoded Data"),
makeOnVerifyFailed("Re-decoded Data"))
freshData = Data(Name("/ndn/abc"))
freshData.setContent("SUCCESS!")
freshData.getMetaInfo().setFreshnessPeriod(5000)
freshData.getMetaInfo().setFinalBlockId(Name("/%00%09")[0])
keyChain.sign(freshData, certificateName)
dump("")
dump("Freshly-signed Data:")
dumpData(freshData)
keyChain.verifyData(freshData, makeOnVerified("Freshly-signed Data"),
makeOnVerifyFailed("Freshly-signed Data"))
def onInterest(self, prefix, interest, face, interestFilterId, filter):
key = Blob(bytearray([
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31
]))
print "Got onboarding interest with name: %s" % (interest.getName().toUri())
try:
if KeyChain.verifyInterestWithHmacWithSha256(interest, key):
dump("Onboarding interest signature verification: VERIFIED")
else:
dump("Onboarding interest signature verification: FAILED")
except:
print "Exception when attempting to verify onboarding interest signature."
data = Data(interest.getName())
signature = HmacWithSha256Signature()
signature.getKeyLocator().setType(KeyLocatorType.KEYNAME)
signature.getKeyLocator().setKeyName(Name("key1"))
data.setSignature(signature)
data.setContent("")
dump("Signing onboarding response data packet", data.getName().toUri())
KeyChain.signWithHmacWithSha256(data, key)
deviceID = str(interest.getName().getSubName(-3, 1).toUri()[1:])
deviceIP = str(interest.getName().getSubName(-4, 1).toUri()[1:])
print "Device ip: %s" % (deviceIP)
print "Device ID: %s" % (deviceID)
routeToRegister = str(Name(deviceID))
registerRouteWithNameAndIp(routeToRegister, deviceIP)
#commandRouteToRegister = "/device/command/" + deviceID
#registerRouteWithNameAndIp(commandRouteToRegister, deviceIP)
face.putData(data)
with open('%s' % (deviceIDListName), 'a') as the_file:
the_file.seek(0)
read_file = open('%s' % (deviceIDListName), 'r')
if deviceID not in read_file.read():
the_file.write('%s\n' % (deviceID))
def _verifySha256WithRsaSignature(data, publicKeyDer):
"""
Verify the signature on the data packet using the given public key. If
there is no data.getDefaultWireEncoding(), this calls data.wireEncode()
to set it.
TODO: Move this general verification code to a more central location.
:param Data data: The data packet with the signed portion and the
signature to verify. The data packet must have a
Sha256WithRsaSignature.
:param Blob publicKeyDer: The DER-encoded public key used to verify the
signature.
:return: True if the signature verifies, False if not.
:rtype: boolean
:raises SecurityException: if data does not have a
Sha256WithRsaSignature.
"""
signature = data.getSignature()
if not type(signature) is Sha256WithRsaSignature:
raise RuntimeError("signature is not Sha256WithRsaSignature.")
# Get the public key.
if _PyCryptoUsesStr:
# PyCrypto in Python 2 requires a str.
publicKeyDerBytes = publicKeyDer.toRawStr()
else:
publicKeyDerBytes = publicKeyDer.toBuffer()
publicKey = RSA.importKey(publicKeyDerBytes)
# Get the bytes to verify.
# wireEncode returns the cached encoding if available.
signedPortion = data.wireEncode().toSignedBuffer()
# Sign the hash of the data.
if sys.version_info[0] == 2:
# In Python 2.x, we need a str. Use Blob to convert signedPortion.
signedPortion = Blob(signedPortion, False).toRawStr()
# Convert the signature bits to a raw string or bytes as required.
if _PyCryptoUsesStr:
signatureBits = signature.getSignature().toRawStr()
else:
signatureBits = bytes(signature.getSignature().buf())
# Hash and verify.
return PKCS1_v1_5.new(publicKey).verify(SHA256.new(signedPortion),
signatureBits)
def __init__(self):
self.identityStorage = MemoryIdentityStorage()
self.privateKeyStorage = MemoryPrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(self.identityStorage, self.privateKeyStorage),
SelfVerifyPolicyManager(self.identityStorage))
keyName = Name("/testname/DSK-123")
self.defaultCertName = keyName.getSubName(
0,
keyName.size() - 1).append("KEY").append(
keyName[-1]).append("ID-CERT").append("0")
self.identityStorage.addKey(keyName, KeyType.RSA,
Blob(DEFAULT_RSA_PUBLIC_KEY_DER))
self.privateKeyStorage.setKeyPairForKeyName(
keyName, KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER,
DEFAULT_RSA_PRIVATE_KEY_DER)
def createVerifyKeyChain():
"""
Create an in-memory KeyChain with a default public key for verifying.
:return: A new KeyChain.
:rtype: KeyChain
"""
identityStorage = MemoryIdentityStorage()
keyChain = KeyChain(
IdentityManager(identityStorage, MemoryPrivateKeyStorage()),
SelfVerifyPolicyManager(identityStorage))
# Initialize the storage.
keyName = Name("/testname/DSK-123")
identityStorage.addKey(keyName, KeyType.RSA,
Blob(DEFAULT_RSA_PUBLIC_KEY_DER, False))
return keyChain
def test_generate_key(self):
for dataSet in self.keyTestData:
key = TpmPrivateKey.generatePrivateKey(dataSet.keyParams)
publicKeyBits = key.derivePublicKey()
publicKey = PublicKey(publicKeyBits)
data = Blob([0x01, 0x02, 0x03, 0x04])
# Sign and verify.
signature = key.sign(data.toBytes(), DigestAlgorithm.SHA256)
result = VerificationHelpers.verifySignature(
data, signature, publicKey)
self.assertTrue(result)
# Check that another generated private key is different.
key2 = TpmPrivateKey.generatePrivateKey(dataSet.keyParams)
self.assertTrue(not key.toPkcs8().equals(key2.toPkcs8()))
def addKey(self, keyName, keyType, publicKeyDer):
"""
Add a public key to the identity storage.
:param Name keyName: The name of the public key to be added.
:param keyType: Type of the public key to be added.
:type keyType: int from KeyType
:param Blob publicKeyDer: A blob of the public key DER to be added.
"""
identityName = keyName.getSubName(0, keyName.size() - 1)
if not self.doesIdentityExist(identityName):
self.addIdentity(identityName)
if self.doesKeyExist(keyName):
raise SecurityException("A key with the same name already exists!")
self._keyStore[keyName.toUri()] = (keyType, Blob(publicKeyDer))
def generateFakeSignature():
signatureInfo = Sha256WithRsaSignature()
keyLocatorName = Name("/ndn/site1/KEY/ksk-2516425377094")
keyLocator = KeyLocator()
keyLocator.setType(KeyLocatorType.KEYNAME)
keyLocator.setKeyName(keyLocatorName)
signatureInfo.setKeyLocator(keyLocator)
period = ValidityPeriod()
period.setPeriod(fromIsoString("20141111T050000"),
fromIsoString("20141111T060000"))
signatureInfo.setValidityPeriod(period)
block2 = Blob(SIG_VALUE, False)
signatureInfo.setSignature(block2)
return signatureInfo
def encodeControlParameters(self, controlParameters):
"""
Encode controlParameters and return the encoding.
:param controlParameters: The ControlParameters object to encode.
:type controlParameters: ControlParameters
:return: A Blob containing the encoding.
:rtype: Blob
"""
encoder = TlvEncoder(256)
saveLength = len(encoder)
# Encode backwards.
encoder.writeOptionalNonNegativeIntegerTlvFromFloat(
Tlv.ControlParameters_ExpirationPeriod,
controlParameters.getExpirationPeriod())
# TODO: Encode Strategy.
flags = controlParameters.getForwardingFlags().getNfdForwardingFlags()
if (flags != ForwardingFlags().getNfdForwardingFlags()):
# The flags are not the default value.
encoder.writeNonNegativeIntegerTlv(Tlv.ControlParameters_Flags,
flags)
encoder.writeOptionalNonNegativeIntegerTlv(Tlv.ControlParameters_Cost,
controlParameters.getCost())
encoder.writeOptionalNonNegativeIntegerTlv(
Tlv.ControlParameters_Origin, controlParameters.getOrigin())
encoder.writeOptionalNonNegativeIntegerTlv(
Tlv.ControlParameters_LocalControlFeature,
controlParameters.getLocalControlFeature())
# TODO: Encode Uri.
encoder.writeOptionalNonNegativeIntegerTlv(
Tlv.ControlParameters_FaceId, controlParameters.getFaceId())
if controlParameters.getName().size() > 0:
self._encodeName(controlParameters.getName(), encoder)
encoder.writeTypeAndLength(Tlv.ControlParameters_ControlParameters,
len(encoder) - saveLength)
return Blob(encoder.getOutput(), False)
def fromNumber(number):
"""
Create a component whose value is the network-ordered encoding of
the number. Note: if the number is zero, the result is empty.
:param int number: The number to be encoded.
:return: The component value.
:rtype: Name.Component
"""
value = []
# First encode in little endian.
while number != 0:
value.append(number & 0xff)
number >>= 8
# Make it big endian.
value.reverse()
return Name.Component(Blob(value, False))
def test_encode_and_decode(self):
schedule = Schedule()
interval1 = RepetitiveInterval(fromIsoString("20150825T000000"),
fromIsoString("20150828T000000"), 5, 10,
2, RepetitiveInterval.RepeatUnit.DAY)
interval2 = RepetitiveInterval(fromIsoString("20150825T000000"),
fromIsoString("20150828T000000"), 6, 8,
1, RepetitiveInterval.RepeatUnit.DAY)
interval3 = RepetitiveInterval(fromIsoString("20150827T000000"),
fromIsoString("20150827T000000"), 7, 8)
interval4 = RepetitiveInterval(fromIsoString("20150825T000000"),
fromIsoString("20150825T000000"), 4, 7)
schedule.addWhiteInterval(interval1)
schedule.addWhiteInterval(interval2)
schedule.addWhiteInterval(interval4)
schedule.addBlackInterval(interval3)
encoding = schedule.wireEncode()
encoding2 = Blob(SCHEDULE, False)
self.assertTrue(encoding.equals(encoding2))
schedule2 = Schedule()
schedule2.wireDecode(encoding)
# timePoint1 --> positive 8.25 4-10
timePoint1 = fromIsoString("20150825T063000")
result = schedule.getCoveringInterval(timePoint1)
self.assertEqual(result.isPositive, True)
self.assertEqual(toIsoString(result.interval.getStartTime()),
"20150825T040000")
self.assertEqual(toIsoString(result.interval.getEndTime()),
"20150825T100000")
# timePoint2 --> positive 8.26 6-8
timePoint2 = fromIsoString("20150826T073000")
result = schedule.getCoveringInterval(timePoint2)
self.assertEqual(result.isPositive, True)
self.assertEqual(toIsoString(result.interval.getStartTime()),
"20150826T060000")
self.assertEqual(toIsoString(result.interval.getEndTime()),
"20150826T080000")
def test_generate_key(self):
for dataSet in self.keyTestData:
key = TpmPrivateKey.generatePrivateKey(dataSet.keyParams)
publicKeyBits = key.derivePublicKey()
publicKey = PublicKey(publicKeyBits)
data = Blob([0x01, 0x02, 0x03, 0x04])
# Sign and verify.
signature = key.sign(data.toBytes(), DigestAlgorithm.SHA256)
# TODO: Move verify into PublicKey?
if dataSet.keyParams.getKeyType() == KeyType.ECDSA:
cryptoPublicKey = load_der_public_key(
publicKeyBits.toBytes(), backend = default_backend())
verifier = cryptoPublicKey.verifier(
signature.toBytes(), ec.ECDSA(hashes.SHA256()))
verifier.update(data.toBytes())
try:
verifier.verify()
result = True
except InvalidSignature:
result = False
elif dataSet.keyParams.getKeyType() == KeyType.RSA:
cryptoPublicKey = load_der_public_key(
publicKeyBits.toBytes(), backend = default_backend())
verifier = cryptoPublicKey.verifier(
signature.toBytes(), padding.PKCS1v15(), hashes.SHA256())
verifier.update(data.toBytes())
try:
verifier.verify()
result = True
except InvalidSignature:
result = False
else:
# We don't expect this.
self.fail("Unrecognized key type")
self.assertTrue(result)
# Check that another generated private key is different.
key2 = TpmPrivateKey.generatePrivateKey(dataSet.keyParams)
self.assertTrue(not key.toPkcs8().equals(key2.toPkcs8()))
def test_rsa_signing(self):
for tpm in self.backEndList:
# Create an RSA key.
identityName = Name("/Test/KeyName")
key = tpm.createKey(identityName, RsaKeyParams())
keyName = key.getKeyName()
content = Blob([0x01, 0x02, 0x03, 0x04])
signature = key.sign(DigestAlgorithm.SHA256, content.toBytes())
publicKey = key.derivePublicKey()
result = VerificationHelpers.verifySignature(
content, signature, publicKey)
self.assertEquals(True, result)
tpm.deleteKey(keyName)
self.assertEquals(False, tpm.hasKey(keyName))
def test_content_asymmetric_encrypt_small(self):
for input in encryptorRsaTestInputs:
rawContent = Blob(
bytearray([
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc,
0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x63, 0x6f, 0x6e, 0x74,
0x65, 0x6e, 0x74, 0x73
]), False)
data = Data()
rsaParams = RsaKeyParams(1024)
keyName = Name("test")
decryptKey = RsaAlgorithm.generateKey(rsaParams)
encryptKey = RsaAlgorithm.deriveEncryptKey(decryptKey.getKeyBits())
eKey = encryptKey.getKeyBits()
dKey = decryptKey.getKeyBits()
encryptParams = EncryptParams(input.type)
Encryptor.encryptData(data, rawContent, keyName, eKey,
encryptParams)
self.assertTrue(
data.getName().equals(Name("/FOR").append(keyName)),
input.testName)
extractContent = EncryptedContent()
extractContent.wireDecode(data.getContent())
self.assertTrue(
keyName.equals(extractContent.getKeyLocator().getKeyName()),
input.testName)
self.assertEqual(extractContent.getInitialVector().size(), 0,
input.testName)
self.assertEqual(extractContent.getAlgorithmType(), input.type,
input.testName)
recovered = extractContent.getPayload()
decrypted = RsaAlgorithm.decrypt(dKey, recovered, encryptParams)
self.assertTrue(rawContent.equals(decrypted), input.testName)
def __init__(self, value=None):
if isinstance(value, Data):
# Copy the values.
self._name = ChangeCounter(Name(value.getName()))
self._metaInfo = ChangeCounter(MetaInfo(value.getMetaInfo()))
self._signature = ChangeCounter(value.getSignature().clone())
self._content = value._content
self._defaultWireEncoding = value.getDefaultWireEncoding()
self._defaultWireEncodingFormat = value._defaultWireEncodingFormat
else:
self._name = ChangeCounter(
Name(value) if type(value) is Name else Name())
self._metaInfo = ChangeCounter(MetaInfo())
self._signature = ChangeCounter(Sha256WithRsaSignature())
self._content = Blob()
self._defaultWireEncoding = SignedBlob()
self._defaultWireEncodingFormat = None
self._getDefaultWireEncodingChangeCount = 0
self._changeCount = 0
def test_print_certificate_info(self):
expectedCertificateInfo = (
"Certificate name:\n" +
" /ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B\n" +
"Validity:\n" + " NotBefore: 20150814T223739\n" +
" NotAfter: 20150818T223738\n" + "Public key bits:\n" +
"MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCeBj5HhbI0N6qFR6wDJIO1nKgF\n"
+
"OiQe64kBu+mbssMirGjj8GwCzmimxNCnBpCcqhsIHYtDmjNnRG0hoxuImpdeWcQV\n"
+
"C9ksvVEHYYKtwbjXv5vPfSTCY/OXF+v+YiW6W02Kwnq9Q4qPuPLxxWow01CMyJrf\n"
+ "7+0153pi6nZ8uwgmxwIBEQ==\n" + "Signature Information:\n" +
" Signature Type: SignatureSha256WithRsa\n" +
" Key Locator: Name=/ndn/site1/KEY/ksk-2516425377094\n")
certificate = CertificateV2()
certificate.wireDecode(Blob(CERT, False))
actual = str(certificate)
self.assertEqual(expectedCertificateInfo, actual)
def _doSign(self, digestAlgorithm, data):
"""
A protected method to do the work of sign().
:param digestAlgorithm: The digest algorithm.
:type digestAlgorithm: int from DigestAlgorithm
:param data: The input byte buffer.
:type data: an array which implements the buffer protocol
:return: The signature Blob, or an isNull Blob for an unrecognized
digestAlgorithm.
:rtype: Blob
"""
if digestAlgorithm == DigestAlgorithm.SHA256:
try:
return self._key.sign(data, digestAlgorithm)
except TpmPrivateKey.Error as ex:
raise TpmBackEnd.Error("Error in TpmPrivateKey.sign: " +
str(ex))
else:
return Blob()
def test_append_parameters_digest(self):
name = Name("/local/ndn/prefix")
interest = Interest(name)
self.assertTrue(not interest.hasApplicationParameters())
# No parameters yet, so it should do nothing.
interest.appendParametersDigestToName()
self.assertEqual("/local/ndn/prefix", interest.getName().toUri())
applicationParameters = Blob(bytearray([ 0x23, 0x01, 0xC0 ]))
interest.setApplicationParameters(applicationParameters)
self.assertTrue(interest.hasApplicationParameters())
interest.appendParametersDigestToName()
self.assertEqual(name.size() + 1, interest.getName().size())
self.assertTrue(interest.getName().getPrefix(-1).equals(name))
SHA256_LENGTH = 32
self.assertEqual(SHA256_LENGTH, interest.getName().get(-1).getValue().size())
self.assertEqual(interest.getName().toUri(), "/local/ndn/prefix/" +
"params-sha256=a16cc669b4c9ef6801e1569488513f9523ffb28a39e53aa6e11add8d00a413fc")
