def benchmarkDecodeDataSeconds(nIterations, useCrypto, keyType, encoding): """ Loop to decode a data packet nIterations times. :param int nIterations: The number of iterations. :param bool useCrypto: If true, verify the signature. If false, don't verify. :param KeyType keyType: KeyType.RSA or EC, used if useCrypto is True. :param Blob encoding: The wire encoding to decode. :return: The number of seconds for all iterations. :rtype: float """ # Initialize the KeyChain in case useCrypto is true. keyChain = KeyChain("pib-memory:", "tpm-memory:") # This puts the public key in the pibImpl used by the SelfVerifyPolicyManager. keyChain.importSafeBag( SafeBag( Name("/testname/KEY/123"), Blob( DEFAULT_EC_PRIVATE_KEY_DER if keyType == KeyType.EC else DEFAULT_RSA_PRIVATE_KEY_DER, False), Blob( DEFAULT_EC_PUBLIC_KEY_DER if keyType == KeyType.EC else DEFAULT_RSA_PUBLIC_KEY_DER, False))) validator = Validator(ValidationPolicyFromPib(keyChain.getPib())) start = getNowSeconds() for i in range(nIterations): data = Data() data.wireDecode(encoding) if useCrypto: validator.validate(data, onVerifySuccess, onVerifyFailed) finish = getNowSeconds() return finish - start
def onInterest(self, prefix, interest, transport, registeredPrefixId): """ FileSync: To be written (TBW) """ util.dump("Got interest packet with name", interest.getName().toUri()) util.dumpInterest(interest) content = fileSyncBuf_pb2.FileSync() sequenceNo = int(interest.getName().get(self.fileFolderPrefix.size() + 1).toEscapedString()) gotContent = False #loop through all cached data and find out if you have some new content to respond with for i in range(len(self.syncDataCache) - 1, -1, -1): data = self.syncDataCache[i] if data.sequenceNo == sequenceNo: if data.dataType != fileSyncBuf_pb2.FileSync.UPDATE: # Use setattr because "from" is a reserved keyword. setattr(content, "from", self.screenName) content.to = self.fileFolderName content.dataType = data.dataType content.timestamp = int(round(data.time / 1000.0)) else: setattr(content, "from", self.screenName) content.to = self.fileFolderName content.dataType = data.dataType content.data = data.data content.timestamp = int(round(data.time / 1000.0)) gotContent = True break if gotContent: logging.info("new content!") #Serialize the pklistbuf array = content.SerializeToString() #Initialize the data with Name data = Data(interest.getName()) #Set content for the data --> the serialized content to bytes data.setContent(Blob(array)) #Add sign the data self.keyChain.sign(data, self.certificateName) try: transport.send(data.wireEncode().toBuffer()) except Exception as ex: logging.getLogger(__name__).error( "Error in transport.send: %s", str(ex)) return
def getKey(self, keyName): """ Get the public key DER blob from the identity storage. :param Name keyName: The name of the requested public key. :return: The DER Blob. If not found, return a isNull() Blob. :rtype: Blob """ keyNameUri = keyName.toUri() if not (keyNameUri in self._keyStore): # Not found. Silently return a null Blob. return Blob() (_, publicKeyDer) = self._keyStore[keyNameUri] return publicKeyDer
def __init__(self, value=None): if value == None: self._keyLocator = ChangeCounter(KeyLocator()) self._signature = Blob() elif type(value) is Sha256WithIbsWatersSignature: # Copy its values. self._keyLocator = ChangeCounter(KeyLocator(value.getKeyLocator())) self._signature = value._signature else: raise RuntimeError( "Unrecognized type for Sha256WithIbsWatersSignature constructor: " + str(type(value))) self._changeCount = 0
def onObjectNeeded(namespace, neededNamespace, callbackId): if not (neededNamespace is prefix): # This is not the expected Namespace. return False # Make a version from the current time. versionNamespace = prefix[ Name.Component.fromVersion(Common.getNowMilliseconds())] # The metaInfo has the freshness period. versionNamespace.setNewDataMetaInfo(metaInfo) dump("Producing the generalized object for", versionNamespace.name) handler.setObject( versionNamespace, Blob("Status as of " + str(datetime.datetime.now())), "text/html") return True
def test_key_autocreate_identity(self): keyName1 = Name('/TestSqlIdentityStorage/KeyType/RSA/ksk-12345') identityName = keyName1[:-1] decodedKey = base64.b64decode(RSA_DER) self.identityStorage.addKey(keyName1, KeyType.RSA, Blob(decodedKey)) self.identityStorage.setDefaultKeyNameForIdentity(keyName1) self.assertTrue(self.identityStorage.doesKeyExist(keyName1), "Key was not added") self.assertTrue(self.identityStorage.doesIdentityExist(identityName), "Identity for key was not automatically created") self.assertEqual( self.identityManager.getDefaultKeyNameForIdentity(identityName), keyName1, "Default key was not set on identity creation") with self.assertRaises(SecurityException): self.identityStorage.getDefaultCertificateNameForKey(keyName1) with self.assertRaises(SecurityException): # we have no private key for signing self.identityManager.selfSign(keyName1) with self.assertRaises(SecurityException): self.identityStorage.getDefaultCertificateNameForKey(keyName1) with self.assertRaises(SecurityException): self.identityManager.getDefaultCertificateNameForIdentity( identityName) keyName2 = self.identityManager.generateRSAKeyPairAsDefault( identityName) cert = self.identityManager.selfSign(keyName2) self.identityManager.addCertificateAsIdentityDefault(cert) certName1 = self.identityManager.getDefaultCertificateNameForIdentity( identityName) certName2 = self.identityStorage.getDefaultCertificateNameForKey( keyName2) self.assertEqual( certName1, certName2, "Key-certificate mapping and identity-certificate mapping are not consistent" ) self.keyChain.deleteIdentity(identityName) self.assertFalse(self.identityStorage.doesKeyExist(keyName1))
def getKey(self, keyName): """ Get the public key DER blob from the identity storage. :param Name keyName: The name of the requested public key. :return: The DER Blob. If not found, return a isNull() Blob. :rtype: Blob """ identityUri = keyName.getPrefix(-1).toUri() keyId = keyName.get(-1).toEscapedString() cursor = self._database.cursor() cursor.execute("SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", (identityUri, keyId)) (keyData, ) = cursor.fetchone() return Blob(bytearray(keyData))
def __init__(self, value=None): if value == None: self._type = None self._keyName = ChangeCounter(Name()) self._keyData = Blob() elif type(value) is KeyLocator: # Copy its values. self._type = value._type self._keyName = ChangeCounter(Name(value.getKeyName())) self._keyData = value._keyData else: raise RuntimeError( "Unrecognized type for KeyLocator constructor: " + repr(type(value))) self._changeCount = 0
def wireDecode(self, input): """ Decode the input and update this ContentMetaInfo. :param input: The array with the bytes to decode. :type input: An array type with int elements """ meta = ContentMetaInfoMessage() ProtobufTlv.decode(meta, input) self.clear() self._contentType = meta.content_meta_info.content_type self._timestamp = float(meta.content_meta_info.timestamp) self._hasSegments = meta.content_meta_info.has_segments if len(meta.content_meta_info.other) > 0: self._other = Blob(bytearray(meta.content_meta_info.other), False)
def setUp(self): self.toyCertNotBefore = 1388100174000 self.toyCertNotAfter = 1388100174000 cert = Certificate() cert.setName( Name( "/test/KEY/ksk-1457560485494/ID-CERT/%FD%00%00%01S%80H%E1%F3")) cert.setNotBefore(self.toyCertNotBefore) cert.setNotAfter(self.toyCertNotAfter) cert.addSubjectDescription( CertificateSubjectDescription(TEST_OID, "TEST NAME")) key = PublicKey(Blob(PUBLIC_KEY)) cert.setPublicKeyInfo(key) self.toyCert = cert
def encodeSignatureValue(self, signature): """ Encode the signatureValue in the Signature object as an NDN-TLV SignatureValue (the signature bits) and return the encoding. :param signature: An object of a subclass of Signature with the signature value to encode. :type signature: An object of a subclass of Signature :return: A Blob containing the encoding. :rtype: Blob """ encoder = TlvEncoder(256) encoder.writeBlobTlv(Tlv.SignatureValue, signature.getSignature().buf()) return Blob(encoder.getOutput(), False)
def encode(message): """ Encode the Protobuf message object as NDN-TLV. :param google.protobuf.message message: The Protobuf message object. This calls message.IsInitialized() and raises an exception if all required fields are present. :return: The encoded buffer in a Blob object. :rtype: Blob """ if not message.IsInitialized(): raise RuntimeError("message is not initialized") encoder = TlvEncoder(256) ProtobufTlv._encodeMessageValue(message, encoder) return Blob(encoder.getOutput(), False)
def main(): data = Data() data.wireDecode(TlvData) dump("Decoded Data:") dumpData(data) # Set the content again to clear the cached encoding so we encode again. data.setContent(data.getContent()) encoding = data.wireEncode() reDecodedData = Data() reDecodedData.wireDecode(encoding) dump("") dump("Re-decoded Data:") dumpData(reDecodedData) identityStorage = MemoryIdentityStorage() privateKeyStorage = MemoryPrivateKeyStorage() keyChain = KeyChain(IdentityManager(identityStorage, privateKeyStorage), SelfVerifyPolicyManager(identityStorage)) # Initialize the storage. keyName = Name("/testname/DSK-123") certificateName = keyName.getSubName( 0, keyName.size() - 1).append("KEY").append( keyName[-1]).append("ID-CERT").append("0") identityStorage.addKey(keyName, KeyType.RSA, Blob(DEFAULT_RSA_PUBLIC_KEY_DER)) privateKeyStorage.setKeyPairForKeyName(keyName, KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER) keyChain.verifyData(reDecodedData, makeOnVerified("Re-decoded Data"), makeOnVerifyFailed("Re-decoded Data")) freshData = Data(Name("/ndn/abc")) freshData.setContent("SUCCESS!") freshData.getMetaInfo().setFreshnessPeriod(5000) freshData.getMetaInfo().setFinalBlockId(Name("/%00%09")[0]) keyChain.sign(freshData, certificateName) dump("") dump("Freshly-signed Data:") dumpData(freshData) keyChain.verifyData(freshData, makeOnVerified("Freshly-signed Data"), makeOnVerifyFailed("Freshly-signed Data"))
def onInterest(self, prefix, interest, face, interestFilterId, filter): key = Blob(bytearray([ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31 ])) print "Got onboarding interest with name: %s" % (interest.getName().toUri()) try: if KeyChain.verifyInterestWithHmacWithSha256(interest, key): dump("Onboarding interest signature verification: VERIFIED") else: dump("Onboarding interest signature verification: FAILED") except: print "Exception when attempting to verify onboarding interest signature." data = Data(interest.getName()) signature = HmacWithSha256Signature() signature.getKeyLocator().setType(KeyLocatorType.KEYNAME) signature.getKeyLocator().setKeyName(Name("key1")) data.setSignature(signature) data.setContent("") dump("Signing onboarding response data packet", data.getName().toUri()) KeyChain.signWithHmacWithSha256(data, key) deviceID = str(interest.getName().getSubName(-3, 1).toUri()[1:]) deviceIP = str(interest.getName().getSubName(-4, 1).toUri()[1:]) print "Device ip: %s" % (deviceIP) print "Device ID: %s" % (deviceID) routeToRegister = str(Name(deviceID)) registerRouteWithNameAndIp(routeToRegister, deviceIP) #commandRouteToRegister = "/device/command/" + deviceID #registerRouteWithNameAndIp(commandRouteToRegister, deviceIP) face.putData(data) with open('%s' % (deviceIDListName), 'a') as the_file: the_file.seek(0) read_file = open('%s' % (deviceIDListName), 'r') if deviceID not in read_file.read(): the_file.write('%s\n' % (deviceID))
def _verifySha256WithRsaSignature(data, publicKeyDer): """ Verify the signature on the data packet using the given public key. If there is no data.getDefaultWireEncoding(), this calls data.wireEncode() to set it. TODO: Move this general verification code to a more central location. :param Data data: The data packet with the signed portion and the signature to verify. The data packet must have a Sha256WithRsaSignature. :param Blob publicKeyDer: The DER-encoded public key used to verify the signature. :return: True if the signature verifies, False if not. :rtype: boolean :raises SecurityException: if data does not have a Sha256WithRsaSignature. """ signature = data.getSignature() if not type(signature) is Sha256WithRsaSignature: raise RuntimeError("signature is not Sha256WithRsaSignature.") # Get the public key. if _PyCryptoUsesStr: # PyCrypto in Python 2 requires a str. publicKeyDerBytes = publicKeyDer.toRawStr() else: publicKeyDerBytes = publicKeyDer.toBuffer() publicKey = RSA.importKey(publicKeyDerBytes) # Get the bytes to verify. # wireEncode returns the cached encoding if available. signedPortion = data.wireEncode().toSignedBuffer() # Sign the hash of the data. if sys.version_info[0] == 2: # In Python 2.x, we need a str. Use Blob to convert signedPortion. signedPortion = Blob(signedPortion, False).toRawStr() # Convert the signature bits to a raw string or bytes as required. if _PyCryptoUsesStr: signatureBits = signature.getSignature().toRawStr() else: signatureBits = bytes(signature.getSignature().buf()) # Hash and verify. return PKCS1_v1_5.new(publicKey).verify(SHA256.new(signedPortion), signatureBits)
def __init__(self): self.identityStorage = MemoryIdentityStorage() self.privateKeyStorage = MemoryPrivateKeyStorage() self.keyChain = KeyChain( IdentityManager(self.identityStorage, self.privateKeyStorage), SelfVerifyPolicyManager(self.identityStorage)) keyName = Name("/testname/DSK-123") self.defaultCertName = keyName.getSubName( 0, keyName.size() - 1).append("KEY").append( keyName[-1]).append("ID-CERT").append("0") self.identityStorage.addKey(keyName, KeyType.RSA, Blob(DEFAULT_RSA_PUBLIC_KEY_DER)) self.privateKeyStorage.setKeyPairForKeyName( keyName, KeyType.RSA, DEFAULT_RSA_PUBLIC_KEY_DER, DEFAULT_RSA_PRIVATE_KEY_DER)
def createVerifyKeyChain(): """ Create an in-memory KeyChain with a default public key for verifying. :return: A new KeyChain. :rtype: KeyChain """ identityStorage = MemoryIdentityStorage() keyChain = KeyChain( IdentityManager(identityStorage, MemoryPrivateKeyStorage()), SelfVerifyPolicyManager(identityStorage)) # Initialize the storage. keyName = Name("/testname/DSK-123") identityStorage.addKey(keyName, KeyType.RSA, Blob(DEFAULT_RSA_PUBLIC_KEY_DER, False)) return keyChain
def test_generate_key(self): for dataSet in self.keyTestData: key = TpmPrivateKey.generatePrivateKey(dataSet.keyParams) publicKeyBits = key.derivePublicKey() publicKey = PublicKey(publicKeyBits) data = Blob([0x01, 0x02, 0x03, 0x04]) # Sign and verify. signature = key.sign(data.toBytes(), DigestAlgorithm.SHA256) result = VerificationHelpers.verifySignature( data, signature, publicKey) self.assertTrue(result) # Check that another generated private key is different. key2 = TpmPrivateKey.generatePrivateKey(dataSet.keyParams) self.assertTrue(not key.toPkcs8().equals(key2.toPkcs8()))
def addKey(self, keyName, keyType, publicKeyDer): """ Add a public key to the identity storage. :param Name keyName: The name of the public key to be added. :param keyType: Type of the public key to be added. :type keyType: int from KeyType :param Blob publicKeyDer: A blob of the public key DER to be added. """ identityName = keyName.getSubName(0, keyName.size() - 1) if not self.doesIdentityExist(identityName): self.addIdentity(identityName) if self.doesKeyExist(keyName): raise SecurityException("A key with the same name already exists!") self._keyStore[keyName.toUri()] = (keyType, Blob(publicKeyDer))
def generateFakeSignature(): signatureInfo = Sha256WithRsaSignature() keyLocatorName = Name("/ndn/site1/KEY/ksk-2516425377094") keyLocator = KeyLocator() keyLocator.setType(KeyLocatorType.KEYNAME) keyLocator.setKeyName(keyLocatorName) signatureInfo.setKeyLocator(keyLocator) period = ValidityPeriod() period.setPeriod(fromIsoString("20141111T050000"), fromIsoString("20141111T060000")) signatureInfo.setValidityPeriod(period) block2 = Blob(SIG_VALUE, False) signatureInfo.setSignature(block2) return signatureInfo
def encodeControlParameters(self, controlParameters): """ Encode controlParameters and return the encoding. :param controlParameters: The ControlParameters object to encode. :type controlParameters: ControlParameters :return: A Blob containing the encoding. :rtype: Blob """ encoder = TlvEncoder(256) saveLength = len(encoder) # Encode backwards. encoder.writeOptionalNonNegativeIntegerTlvFromFloat( Tlv.ControlParameters_ExpirationPeriod, controlParameters.getExpirationPeriod()) # TODO: Encode Strategy. flags = controlParameters.getForwardingFlags().getNfdForwardingFlags() if (flags != ForwardingFlags().getNfdForwardingFlags()): # The flags are not the default value. encoder.writeNonNegativeIntegerTlv(Tlv.ControlParameters_Flags, flags) encoder.writeOptionalNonNegativeIntegerTlv(Tlv.ControlParameters_Cost, controlParameters.getCost()) encoder.writeOptionalNonNegativeIntegerTlv( Tlv.ControlParameters_Origin, controlParameters.getOrigin()) encoder.writeOptionalNonNegativeIntegerTlv( Tlv.ControlParameters_LocalControlFeature, controlParameters.getLocalControlFeature()) # TODO: Encode Uri. encoder.writeOptionalNonNegativeIntegerTlv( Tlv.ControlParameters_FaceId, controlParameters.getFaceId()) if controlParameters.getName().size() > 0: self._encodeName(controlParameters.getName(), encoder) encoder.writeTypeAndLength(Tlv.ControlParameters_ControlParameters, len(encoder) - saveLength) return Blob(encoder.getOutput(), False)
def fromNumber(number): """ Create a component whose value is the network-ordered encoding of the number. Note: if the number is zero, the result is empty. :param int number: The number to be encoded. :return: The component value. :rtype: Name.Component """ value = [] # First encode in little endian. while number != 0: value.append(number & 0xff) number >>= 8 # Make it big endian. value.reverse() return Name.Component(Blob(value, False))
def test_encode_and_decode(self): schedule = Schedule() interval1 = RepetitiveInterval(fromIsoString("20150825T000000"), fromIsoString("20150828T000000"), 5, 10, 2, RepetitiveInterval.RepeatUnit.DAY) interval2 = RepetitiveInterval(fromIsoString("20150825T000000"), fromIsoString("20150828T000000"), 6, 8, 1, RepetitiveInterval.RepeatUnit.DAY) interval3 = RepetitiveInterval(fromIsoString("20150827T000000"), fromIsoString("20150827T000000"), 7, 8) interval4 = RepetitiveInterval(fromIsoString("20150825T000000"), fromIsoString("20150825T000000"), 4, 7) schedule.addWhiteInterval(interval1) schedule.addWhiteInterval(interval2) schedule.addWhiteInterval(interval4) schedule.addBlackInterval(interval3) encoding = schedule.wireEncode() encoding2 = Blob(SCHEDULE, False) self.assertTrue(encoding.equals(encoding2)) schedule2 = Schedule() schedule2.wireDecode(encoding) # timePoint1 --> positive 8.25 4-10 timePoint1 = fromIsoString("20150825T063000") result = schedule.getCoveringInterval(timePoint1) self.assertEqual(result.isPositive, True) self.assertEqual(toIsoString(result.interval.getStartTime()), "20150825T040000") self.assertEqual(toIsoString(result.interval.getEndTime()), "20150825T100000") # timePoint2 --> positive 8.26 6-8 timePoint2 = fromIsoString("20150826T073000") result = schedule.getCoveringInterval(timePoint2) self.assertEqual(result.isPositive, True) self.assertEqual(toIsoString(result.interval.getStartTime()), "20150826T060000") self.assertEqual(toIsoString(result.interval.getEndTime()), "20150826T080000")
def test_generate_key(self): for dataSet in self.keyTestData: key = TpmPrivateKey.generatePrivateKey(dataSet.keyParams) publicKeyBits = key.derivePublicKey() publicKey = PublicKey(publicKeyBits) data = Blob([0x01, 0x02, 0x03, 0x04]) # Sign and verify. signature = key.sign(data.toBytes(), DigestAlgorithm.SHA256) # TODO: Move verify into PublicKey? if dataSet.keyParams.getKeyType() == KeyType.ECDSA: cryptoPublicKey = load_der_public_key( publicKeyBits.toBytes(), backend = default_backend()) verifier = cryptoPublicKey.verifier( signature.toBytes(), ec.ECDSA(hashes.SHA256())) verifier.update(data.toBytes()) try: verifier.verify() result = True except InvalidSignature: result = False elif dataSet.keyParams.getKeyType() == KeyType.RSA: cryptoPublicKey = load_der_public_key( publicKeyBits.toBytes(), backend = default_backend()) verifier = cryptoPublicKey.verifier( signature.toBytes(), padding.PKCS1v15(), hashes.SHA256()) verifier.update(data.toBytes()) try: verifier.verify() result = True except InvalidSignature: result = False else: # We don't expect this. self.fail("Unrecognized key type") self.assertTrue(result) # Check that another generated private key is different. key2 = TpmPrivateKey.generatePrivateKey(dataSet.keyParams) self.assertTrue(not key.toPkcs8().equals(key2.toPkcs8()))
def test_rsa_signing(self): for tpm in self.backEndList: # Create an RSA key. identityName = Name("/Test/KeyName") key = tpm.createKey(identityName, RsaKeyParams()) keyName = key.getKeyName() content = Blob([0x01, 0x02, 0x03, 0x04]) signature = key.sign(DigestAlgorithm.SHA256, content.toBytes()) publicKey = key.derivePublicKey() result = VerificationHelpers.verifySignature( content, signature, publicKey) self.assertEquals(True, result) tpm.deleteKey(keyName) self.assertEquals(False, tpm.hasKey(keyName))
def test_content_asymmetric_encrypt_small(self): for input in encryptorRsaTestInputs: rawContent = Blob( bytearray([ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x73 ]), False) data = Data() rsaParams = RsaKeyParams(1024) keyName = Name("test") decryptKey = RsaAlgorithm.generateKey(rsaParams) encryptKey = RsaAlgorithm.deriveEncryptKey(decryptKey.getKeyBits()) eKey = encryptKey.getKeyBits() dKey = decryptKey.getKeyBits() encryptParams = EncryptParams(input.type) Encryptor.encryptData(data, rawContent, keyName, eKey, encryptParams) self.assertTrue( data.getName().equals(Name("/FOR").append(keyName)), input.testName) extractContent = EncryptedContent() extractContent.wireDecode(data.getContent()) self.assertTrue( keyName.equals(extractContent.getKeyLocator().getKeyName()), input.testName) self.assertEqual(extractContent.getInitialVector().size(), 0, input.testName) self.assertEqual(extractContent.getAlgorithmType(), input.type, input.testName) recovered = extractContent.getPayload() decrypted = RsaAlgorithm.decrypt(dKey, recovered, encryptParams) self.assertTrue(rawContent.equals(decrypted), input.testName)
def __init__(self, value=None): if isinstance(value, Data): # Copy the values. self._name = ChangeCounter(Name(value.getName())) self._metaInfo = ChangeCounter(MetaInfo(value.getMetaInfo())) self._signature = ChangeCounter(value.getSignature().clone()) self._content = value._content self._defaultWireEncoding = value.getDefaultWireEncoding() self._defaultWireEncodingFormat = value._defaultWireEncodingFormat else: self._name = ChangeCounter( Name(value) if type(value) is Name else Name()) self._metaInfo = ChangeCounter(MetaInfo()) self._signature = ChangeCounter(Sha256WithRsaSignature()) self._content = Blob() self._defaultWireEncoding = SignedBlob() self._defaultWireEncodingFormat = None self._getDefaultWireEncodingChangeCount = 0 self._changeCount = 0
def test_print_certificate_info(self): expectedCertificateInfo = ( "Certificate name:\n" + " /ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B\n" + "Validity:\n" + " NotBefore: 20150814T223739\n" + " NotAfter: 20150818T223738\n" + "Public key bits:\n" + "MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCeBj5HhbI0N6qFR6wDJIO1nKgF\n" + "OiQe64kBu+mbssMirGjj8GwCzmimxNCnBpCcqhsIHYtDmjNnRG0hoxuImpdeWcQV\n" + "C9ksvVEHYYKtwbjXv5vPfSTCY/OXF+v+YiW6W02Kwnq9Q4qPuPLxxWow01CMyJrf\n" + "7+0153pi6nZ8uwgmxwIBEQ==\n" + "Signature Information:\n" + " Signature Type: SignatureSha256WithRsa\n" + " Key Locator: Name=/ndn/site1/KEY/ksk-2516425377094\n") certificate = CertificateV2() certificate.wireDecode(Blob(CERT, False)) actual = str(certificate) self.assertEqual(expectedCertificateInfo, actual)
def _doSign(self, digestAlgorithm, data): """ A protected method to do the work of sign(). :param digestAlgorithm: The digest algorithm. :type digestAlgorithm: int from DigestAlgorithm :param data: The input byte buffer. :type data: an array which implements the buffer protocol :return: The signature Blob, or an isNull Blob for an unrecognized digestAlgorithm. :rtype: Blob """ if digestAlgorithm == DigestAlgorithm.SHA256: try: return self._key.sign(data, digestAlgorithm) except TpmPrivateKey.Error as ex: raise TpmBackEnd.Error("Error in TpmPrivateKey.sign: " + str(ex)) else: return Blob()
def test_append_parameters_digest(self): name = Name("/local/ndn/prefix") interest = Interest(name) self.assertTrue(not interest.hasApplicationParameters()) # No parameters yet, so it should do nothing. interest.appendParametersDigestToName() self.assertEqual("/local/ndn/prefix", interest.getName().toUri()) applicationParameters = Blob(bytearray([ 0x23, 0x01, 0xC0 ])) interest.setApplicationParameters(applicationParameters) self.assertTrue(interest.hasApplicationParameters()) interest.appendParametersDigestToName() self.assertEqual(name.size() + 1, interest.getName().size()) self.assertTrue(interest.getName().getPrefix(-1).equals(name)) SHA256_LENGTH = 32 self.assertEqual(SHA256_LENGTH, interest.getName().get(-1).getValue().size()) self.assertEqual(interest.getName().toUri(), "/local/ndn/prefix/" + "params-sha256=a16cc669b4c9ef6801e1569488513f9523ffb28a39e53aa6e11add8d00a413fc")