def onInterest(self, prefix, interest, *k): print >> sys.stderr, "<< PyNDN %s" % interest.name intrestUri = interest.name.toUri() prefixUri = prefix.toUri() parameters = '' if intrestUri != prefixUri: parameters = intrestUri[len(prefixUri) + 1:] print prefixUri += "/%3Cdata%3E" d = self.a[prefixUri] if self.methods[prefixUri] == "POST": content = json.dumps( d(interest.getContent().toRawStr().decode('string_escape'))) else: if parameters: content = json.dumps(d(parameters)) else: content = json.dumps(d()) self.counter += 1 data = ndn.Data(interest.getName()) meta = ndn.MetaInfo() meta.setFreshnessPeriod(5000) data.setMetaInfo(meta) data.setContent(content) self.keyChain.sign(data, self.keyChain.getDefaultCertificateName()) self.face.putData(data)
def send_find_coordinator_data(interest, face, entity): logger.debug('Sending FindCoordinatorData for entity %s', entity) final_object = entity.serialize(entity) find_coordinator_data = pyndn.Data(interest.getName()) find_coordinator_data.setContent(final_object) face.putData(find_coordinator_data)
def send_chunk_entities_data(interest, face, chunk): logger.debug('Sending ChunkEntitiesData for chunk %d (%d, %d)', chunk.uid, chunk.map.x, chunk.map.y) chunk = entities.Chunk.serialize(chunk) chunk_data = pyndn.Data(interest.getName()) chunk_data.setContent(chunk) face.putData(chunk_data)
def install_public_params(self, publicParams): self.db.save('publicParams', publicParams) self.publicParams = pyndn.Data() self.publicParams.wireDecode(base64.b64decode(publicParams)) # TODO: verify validity of public parameters encodedPk = self.publicParams.getContent().toBytes() self._install_pk(encodedPk)
def test_ndn_sign(self): data = pyndn.Data() data.setName(pyndn.Name("/foo/bar")) data.setContent("Hello, world!") self.signer.sign(data, [b'Monday', b'Tuesday']) self.assertEqual(data.getSignature().getTypeCode(), 42) self.assertEqual(data.getSignature().getKeyLocator().getKeyName().toUri(), pyndn.Name("/test/authority/ABS/%FD%5C%CC%C8%C3/Monday%26Tuesday").toUri())
def send_deleted_entity_data(interest, face): logger.debug('Sending DeletedEntityData for interest %s', interest.getName().toUri()) result = entities.Result( status=const.status_code.DELETED_ENTITY, value=None) name = interest.getName().appendVersion(utils.get_timestamp()) deleted_entity_data = pyndn.Data(name) deleted_entity_data.setContent(entities.Result.serialize(result)) face.putData(deleted_entity_data)
def handleCompletion(self): # print(self.segments) content = bytearray() for i in sorted(self.segments): segment = self.segments[i] content.extend(segment.getContent().buf()) blob = pyndn.Blob(content) data = pyndn.Data(self.interest.getName()) data.setContent(blob) self.data = data self.onData(self)
def sign(self, args): data = pyndn.Data() data.setName(pyndn.Name(args.name)) data.setContent(sys.stdin.buffer.read()) signer = Signer(self.db) attributes = [i.encode('utf-8') for i in args.attribute] signer.sign(data, attributes) print(str(base64.b64encode(data.wireEncode().toBytes()), 'utf-8')) return 0
def __init__(self, db): self.db = db self.abs = ABS() try: self.pk = utils.deserialize(self.db.load('pk'), self.abs.group) self.publicParams = pyndn.Data() self.publicParams.wireDecode( base64.b64decode(self.db.load('publicParams'))) except: # print("PK not available") pass
def verify(self, wire): data = pyndn.Data() data.wireDecode(wire) signature = Sha256WithAbsSignature(data.getSignature()) name = signature.getKeyLocator().getKeyName() attributes = name[-1].getValue().toBytes().split(b'&') # print ("Data name: %s; KeyLocator: %s" % (data.getName().toUri(), signature.getKeyLocator().getKeyName().toUri())) # print ("Verifying using: %s" % str(b' & '.join(attributes), 'utf-8')) return self._verify(signature.getSignature().toBytes(), data.wireEncode().toSignedBytes(), attributes)
def send_chunk_update_data(chunk_x, chunk_y, update): logger.debug('Sending ChunkUpdateData for chunk (%d, %d): %s', chunk_x, chunk_y, update) name = pyndn.Name(mngt.context.local_name) \ .append('chunk') \ .append(str(chunk_x)) \ .append(str(chunk_y)) \ .append('updates') \ .append('touch') chunk_update_data = pyndn.Data(name) chunk_update_data.setContent(entities.Result.serialize(update)) mngt.context.face.putData(chunk_update_data)
def send_entity_update_data(uid, version, update): logger.trace('Sending EntityUpdateData for entity %d %s', uid, update) name = pyndn.Name(mngt.context.local_name) \ .append('entity') \ .append(str(uid)) \ .append('updates') \ .append(str(version)) \ .append('touch') entity_update_data = pyndn.Data(name) entity_update_data.setContent(entities.Update.serialize(update)) mngt.context.face.putData(entity_update_data)
def _onInterest(self, prefix, interest, *k): print >> sys.stderr, "<< PyNDN %s" % interest.name content = "PyNDN LINE #%d\n" % self.counter self.counter += 1 data = ndn.Data(interest.getName()) meta = ndn.MetaInfo() meta.setFreshnessPeriod(5000) data.setMetaInfo(meta) data.setContent(content) self.keyChain.sign(data, self.keyChain.getDefaultCertificateName()) self.face.putData(data)
def send_fetch_entity_data(interest, face, entity_or_uid): if isinstance(entity_or_uid, int): entity = mngt.context.object_store.get(entity_or_uid) else: entity = entity_or_uid logger.debug('Sending FetchEntityData for entity %d', entity.uid) result = entities.Result( status=const.status_code.OK, value=entity) name = interest.getName() if hasattr(entity, 'version'): name.appendVersion(entity.version) fetch_entity_data = pyndn.Data(interest.getName()) fetch_entity_data.setContent(entities.Result.serialize(result)) face.putData(fetch_entity_data)
def sign(self, args): data = pyndn.Data() data.setName(pyndn.Name(args.name)) data.setContent(sys.stdin.buffer.read()) attributes = [args.attribute] producer = Signer(self.db) csvData = [] for i in range(100): attributes.append('%s' % i) attr = [i.encode('utf-8') for i in attributes] p = time.process_time() producer.sign(data, attr) csvData.append(str(time.process_time() - p)) with open('signingtime.csv', 'w') as csvFile: writer = csv.writer(csvFile) writer.writerows([csvData]) return 0
def onInterest(self, prefix, interest, *k): print >> sys.stderr, "<< PyNDN %s" % interest.name print prefix d = self.a[prefix] if self.methods[prefix] == "POST": content = json.dumps( d(interest.getContent().toRawStr().decode('string_escape'))) else: content = json.dumps(d()) self.counter += 1 #print interest.getContent().toRawStr().decode('string_escape') data = ndn.Data(interest.getName()) meta = ndn.MetaInfo() meta.setFreshnessPeriod(5000) data.setMetaInfo(meta) data.setContent(content) self.keyChain.sign(data, self.keyChain.getDefaultCertificateName()) self.face.putData(data)
def setup(self, name): self.apk, self.ask = self.abs.authSetup() self.self_attributes = [b'self', name.toUri().encode('utf-8')] self.db.save('apk', utils.serialize(self.apk, self.abs.group)) self.db.save('ask', utils.serialize(self.ask, self.abs.group)) data = pyndn.Data( pyndn.Name(name).append("ABS").appendVersion( datetime.timestamp(datetime.now()))) meta = pyndn.MetaInfo() meta.setType(pyndn.ContentType.KEY) meta.setFreshnessPeriod(86400 * 1000.0) # 1 day data.setMetaInfo(meta) data.setContent(self.db.load('apk')) signer = Signer(self.db) signer._install_pk(self.db.load('apk')) signer.install_secret(self.gen_attr_keys(self.self_attributes)) signer.sign(data, self.self_attributes, selfSign=True) signer.install_public_params( base64.b64encode(data.wireEncode().toBytes()))
def submit_certificate(): data = ndn.Data() # data.wireDecode(ndn.Blob(buffer(base64.b64decode(request.form['data'])))) data.wireDecode( ndn.Blob(memoryview(base64.b64decode(request.form['data'])))) cert_request = mongo.db.requests.find_one( {'_id': ObjectId(str(request.form['id']))}) if cert_request == None: abort(403) operator = mongo.db.operators.find_one( {"_id": ObjectId(cert_request['operator_id'])}) if operator == None: mongo.db.requests.remove(cert_request) # remove invalid request abort(403) # # @todo verify data packet # # @todo verify timestamp if len(data.getContent()) == 0: # (no deny reason for now) # eventually, need to check data.type: if NACK, then content contains reason for denial # if KEY, then content is the certificate msg = Message("[NDN Certification] Rejected certification", sender=app.config['MAIL_FROM'], recipients=[cert_request['email']], body=render_template('cert-rejected-email.txt', URL=app.config['URL'], **cert_request), html=render_template('cert-rejected-email.html', URL=app.config['URL'], **cert_request)) mail.send(msg) mongo.db.requests.remove(cert_request) return "OK. Certificate has been denied" else: cert = { 'name': data.getName().toUri(), 'cert': request.form['data'], 'operator': operator, 'created_on': datetime.datetime.utcnow( ), # to periodically remove unverified tokens } mongo.db.certs.insert(cert) msg = Message("[NDN Certification] NDN certificate issued", sender=app.config['MAIL_FROM'], recipients=[cert_request['email']], body=render_template('cert-issued-email.txt', URL=app.config['URL'], quoted_cert_name=urllib.parse.quote( cert['name'], ''), cert_id=str(data.getName()[-3]), **cert_request), html=render_template('cert-issued-email.html', URL=app.config['URL'], quoted_cert_name=urllib.parse.quote( cert['name'], ''), cert_id=str(data.getName()[-3]), **cert_request)) mail.send(msg) mongo.db.requests.remove(cert_request) return "OK. Certificate has been approved and notification sent to the requester"
def submit_request(): if request.method == 'GET': # Email and token (to authorize the request==validate email) user_email = request.args.get('email') user_token = request.args.get('token') token = mongo.db.tokens.find_one({ 'email': user_email, 'token': user_token }) if (token == None): abort(403) site_prefix = token['site_prefix'] if site_prefix != "": try: params = get_operator_for_guest_site(user_email, site_prefix) except: abort(403) else: # infer parameters from email try: # pre-validation params = get_operator_for_email(user_email) except: abort(403) # don't delete token for now, just give user a form to input stuff return render_template('request-form.html', URL=app.config['URL'], email=user_email, token=user_token, **params) else: # 'POST' # Email and token (to authorize the request==validate email) user_email = request.form['email'] user_token = request.form['token'] token = mongo.db.tokens.find_one({ 'email': user_email, 'token': user_token }) if (token == None): abort(403) # Now, do basic validation of correctness of user input, save request in the database # and notify the operator #optional parameters user_fullname = request.form[ 'fullname'] if 'fullname' in request.form else "" user_homeurl = request.form[ 'homeurl'] if 'homeurl' in request.form else "" user_group = request.form['group'] if 'group' in request.form else "" user_advisor = request.form[ 'advisor'] if 'advisor' in request.form else "" site_prefix = token['site_prefix'] if site_prefix != "": try: params = get_operator_for_guest_site(user_email, site_prefix) except: abort(403) else: # infer parameters from email try: # pre-validation params = get_operator_for_email(user_email) except: abort(403) if site_prefix == "" and user_fullname == "": return render_template('request-form.html', error="Full Name field cannot be empty", URL=app.config['URL'], email=user_email, token=user_token, **params) try: user_cert_request = base64.b64decode(request.form['cert-request']) user_cert_data = ndn.Data() # user_cert_data.wireDecode(ndn.Blob(buffer(user_cert_request))) user_cert_data.wireDecode(ndn.Blob(memoryview(user_cert_request))) except: return render_template( 'request-form.html', error="Incorrectly generated NDN certificate request, " "please try again", URL=app.config['URL'], email=user_email, token=user_token, **params) # check if the user supplied correct name for the certificate request if not params['assigned_namespace'].isPrefixOf( user_cert_data.getName()): return render_template( 'request-form.html', error="Incorrectly generated NDN certificate request, " "please try again", URL=app.config['URL'], email=user_email, token=user_token, **params) # cert_name = extract_cert_name(user_cert_data.getName()).toUri() # # remove any previous requests for the same certificate name # mongo.db.requests.remove({'cert_name': cert_name}) cert_request = { 'operator_id': str(params['operator']['_id']), 'site_prefix': token['site_prefix'], 'assigned_namespace': str(params['assigned_namespace']), 'fullname': user_fullname, 'organization': params['operator']['site_name'], 'email': user_email, 'homeurl': user_homeurl, 'group': user_group, 'advisor': user_advisor, 'cert_request': base64.b64encode(user_cert_request), 'created_on': datetime.datetime.utcnow( ), # to periodically remove unverified tokens } mongo.db.requests.insert(cert_request) # OK. authorized, proceed to the next step mongo.db.tokens.remove(token) if (token['site_prefix'] != "" and not params['operator']['doNotSendOpRequestsForGuests']) or \ (token['site_prefix'] == "" and not params['operator']['doNotSendOpRequests']): msg = Message( "[NDN Certification] User certification request", sender=app.config['MAIL_FROM'], recipients=[params['operator']['email']], body=render_template('operator-notify-email.txt', URL=app.config['URL'], operator_name=params['operator']['name'], **cert_request), html=render_template('operator-notify-email.html', URL=app.config['URL'], operator_name=params['operator']['name'], **cert_request)) mail.send(msg) return render_template('request-thankyou.html')
def process_submitted_cert(cert_data, email, user_fullname): data = ndn.Data() data.wireDecode(ndn.Blob(buffer(base64.b64decode(cert_data)))) # @todo verify data packet # Additional operator verification needed? Operator key should be verified operator_prefix = extract_cert_name( data.getSignature().getKeyLocator().getKeyName()) operator = mongo.db.operators.find_one( {'site_prefix': operator_prefix.toUri()}) if operator == None: return json.dumps({ "status": 500, "message": "operator not found [%s]" % operator_prefix }) # @todo verify timestamp if (not app.config['AUTO_APPROVE']): cert_name = extract_cert_name(data.getName()) cert_request = mongo.db.requests.find_one( {'cert_name': cert_name.toUri()}) if cert_request == None: return json.dumps({ "status": 403, "message": "No cert request entry" }) if len(data.getContent()) == 0: # (no deny reason for now) # eventually, need to check data.type: if NACK, then content contains reason for denial # if KEY, then content is the certificate msg = Message( "[NDN Open mHealth Certification] Rejected certification", sender=app.config['MAIL_FROM'], recipients=[email], body=render_template('cert-rejected-email.txt', URL=app.config['URL'], fullname=user_fullname), html=render_template('cert-rejected-email.html', URL=app.config['URL'], fullname=user_fullname)) mail.send(msg) if (not app.config['AUTO_APPROVE']): mongo.db.requests.remove(cert_request) return json.dumps({ "status": 200, "message": "Certificate request denied" }) else: # may want to store assigned_namespace here as well cert = { 'name': data.getName().toUri(), 'cert': cert_data, 'operator': operator, 'created_on': datetime.datetime.utcnow(), } mongo.db.certs.insert(cert) msg = Message("[NDN Open mHealth Certification] Certificate issued", sender=app.config['MAIL_FROM'], recipients=[email], body=render_template('cert-issued-email.txt', URL=app.config['URL'], quoted_cert_name=urllib.quote( cert['name'], ), cert_id=str(data.getName()[-3]), fullname=user_fullname), html=render_template('cert-issued-email.html', URL=app.config['URL'], quoted_cert_name=urllib.quote( cert['name'], ''), cert_id=str(data.getName()[-3]), fullname=user_fullname)) mail.send(msg) if (not app.config['AUTO_APPROVE']): mongo.db.requests.remove(cert_request) return json.dumps({ "status": 200, "message": "OK. Certificate has been approved and notification sent to the requester" })
def submit_request(): if request.method == 'GET': # print 'GET' # Email and token (to authorize the request==validate email) user_email = request.args.get('email') user_token = request.args.get('token') token = mongo.db.tokens.find_one({ 'email': user_email, 'token': user_token }) if (token == None): abort(403, "No such token for this email address") # if getting operator fails, don't process this get request try: operator = get_operator() except Exception as e: print(e) abort(500, str(e)) # don't delete token for now, just give user a form to input stuff return render_template('request-form.html', URL=app.config['URL'], email=user_email, token=user_token, assigned_namespace=token['assigned_namespace']) else: # 'POST' # print "POST" # Email and token (to authorize the request==validate email) if ('email' in request.form): user_email = request.form['email'] else: print('Expected email in request') abort(400, 'Expected email in request') if ('token' in request.form): user_token = request.form['token'] else: print('Expected token in request') abort(400, 'Expected token in request') if ('full_name' in request.form): user_fullname = request.form['full_name'] else: print('Expected full_name in request') abort(400, 'Expected full_name in request') token = mongo.db.tokens.find_one({ 'email': user_email, 'token': user_token }) if (token == None): print("No such token for this email address") abort(403, "No such token for this email address") # Now, do basic validation of correctness of user input, save request in the database # and notify the operator # if getting operator fails, don't process this post request try: operator = get_operator() except Exception as e: print(e) abort(500, str(e)) if user_fullname == "": print("User full name should not be empty") abort(400, "User full name should not be empty") try: user_cert_request = base64.b64decode(request.form['cert_request']) user_cert_data = ndn.Data() user_cert_data.wireDecode(ndn.Blob(buffer(user_cert_request))) except: print("Malformed cert request") abort(400, "Malformed cert request") # check if the user supplied correct name for the certificate request if not ndn.Name(token['assigned_namespace']).match( user_cert_data.getName()): print("cert name does not match with assigned namespace") abort(400, "cert name does not match with assigned namespace") cert_name = extract_cert_name(user_cert_data.getName()).toUri() if (not app.config['AUTO_APPROVE']): # manual approval of request needed # remove any previous requests for the same certificate name mongo.db.requests.remove({'cert_name': cert_name}) cert_request = { 'operator_id': str(operator['_id']), 'full_name': user_fullname, 'organization': operator['site_name'], 'email': user_email, 'cert_name': cert_name, 'cert_request': base64.b64encode(user_cert_request), 'created_on': datetime.datetime.utcnow( ), # to periodically remove unverified tokens } mongo.db.requests.insert(cert_request) # OK. authorized, proceed to the next step mongo.db.tokens.remove(token) msg = Message( "[NDN Open mHealth Certification] User certification request", sender=app.config['MAIL_FROM'], recipients=[operator['email']], body=render_template('operator-notify-email.txt', URL=app.config['URL'], operator_name=operator['name'], **cert_request), html=render_template('operator-notify-email.html', URL=app.config['URL'], operator_name=operator['name'], **cert_request)) mail.send(msg) return json.dumps({"status": 200}) else: # automatically approve any cert request # print request try: mongo.db.tokens.remove(token) cert = issue_certificate(request.form) ret = process_submitted_cert(cert, user_email, user_fullname) ret_obj = json.loads(ret) if (ret_obj['status'] != 200): abort(ret_obj['status'], ret_obj['message']) else: return json.dumps({"status": 200}) except Exception as e: print(e) abort(500)
def send_peer_info_list_data(self, interest, face): peer_list_info_data = pyndn.Data(interest.getName()) peer_list_info_data.setContent( entities.PeerArray.serialize(self.context.peer_store.values())) face.putData(peer_list_info_data)
def submit_certificate(): data = ndn.Data() # data.wireDecode(ndn.Blob(buffer(base64.b64decode(request.form['data'])))) data.wireDecode( ndn.Blob(memoryview(base64.b64decode(request.form['data'])))) cert_request = mongo.db.requests.find_one( {'_id': ObjectId(str(request.form['id']))}) if cert_request == None: abort(403) # TODO: haitao remove this hack after test # operator = mongo.db.operators.find_one({"_id": ObjectId(cert_request['operator_id'])}) operator = { '_id': 1, 'site_name': 'UCLA', 'email': '*****@*****.**', 'doNotSendOpRequests': False, 'name': 'haitao' } if operator == None: mongo.db.requests.remove(cert_request) # remove invalid request abort(403) # # @todo verify data packet # # @todo verify timestamp if len(data.getContent()) == 0: # (no deny reason for now) # eventually, need to check data.type: if NACK, then content contains reason for denial # if KEY, then content is the certificate msg = Message("[NDN Certification] Rejected certification", sender=app.config['MAIL_FROM'], recipients=[cert_request['email']], body=render_template('cert-rejected-email.txt', URL=app.config['URL'], **cert_request), html=render_template('cert-rejected-email.html', URL=app.config['URL'], **cert_request)) mail.send(msg) mongo.db.requests.remove(cert_request) return "OK. Certificate has been denied" else: cert = { 'name': data.getName().toUri(), 'cert': request.form['data'], 'operator': operator, 'created_on': datetime.datetime.utcnow( ), # to periodically remove unverified tokens, 'token': cert_request['token'] if 'token' in cert_request else '' } mongo.db.certs.insert(cert) # for nfd-android applicatin, use a token to fetch the certificate but not install it # using command line if 'token' in cert and len(cert['token']) != 0: msg = Message( "[NDN Certification] NDN certificate issued", sender=app.config['MAIL_FROM'], recipients=[cert_request['email']], body=render_template('nfd-android-cert-issued-email.txt', URL=app.config['URL'], quoted_cert_name=urllib.parse.quote( cert['name'], ''), cert_id=str(data.getName()[-3]), **cert_request), html=render_template('nfd-android-cert-issued-email.html', URL=app.config['URL'], quoted_cert_name=urllib.parse.quote( cert['name'], ''), cert_id=str(data.getName()[-3]), **cert_request)) else: msg = Message( "[NDN Certification] NDN certificate issued", sender=app.config['MAIL_FROM'], recipients=[cert_request['email']], body=render_template('web-cert-issued-email.txt', URL=app.config['URL'], quoted_cert_name=urllib.parse.quote( cert['name'], ''), cert_id=str(data.getName()[-3]), **cert_request), html=render_template('web-cert-issued-email.html', URL=app.config['URL'], quoted_cert_name=urllib.parse.quote( cert['name'], ''), cert_id=str(data.getName()[-3]), **cert_request)) mail.send(msg) mongo.db.requests.remove(cert_request) return "OK. Certificate has been approved and notification sent to the requester"