def test_prefix(self):
name = Name("/edu/cmu/andrew/user/3498478")
prefix1 = name.getPrefix(2)
self.assertEqual(len(prefix1), 2, 'Name prefix has ' + str(len(prefix1)) + ' components instead of 2')
for i in range(2):
self.assertTrue(name[i].getValue() == prefix1[i].getValue())
prefix2 = name.getPrefix(100)
self.assertEqual(prefix2, name, 'Prefix with more components than original should stop at end of original name')
def test_prefix(self):
name = Name("/edu/cmu/andrew/user/3498478")
prefix1 = name.getPrefix(2)
self.assertEqual(len(prefix1), 2, 'Name prefix has ' + str(len(prefix1)) + ' components instead of 2')
for i in range(2):
self.assertTrue(name[i].getValue() == prefix1[i].getValue())
prefix2 = name.getPrefix(100)
self.assertEqual(prefix2, name, 'Prefix with more components than original should stop at end of original name')
def test_prepare_unsigned_certificate(self):
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
identityManager = IdentityManager(identityStorage, privateKeyStorage)
keyName = Name("/test/ksk-1457560485494")
identityStorage.addKey(keyName, KeyType.RSA, Blob(PUBLIC_KEY))
subjectDescriptions = []
subjectDescriptions.append(
CertificateSubjectDescription(TEST_OID, "TEST NAME"))
newCertificate = identityManager.prepareUnsignedIdentityCertificate(
keyName, keyName.getPrefix(1), self.toyCertNotBefore,
self.toyCertNotAfter, subjectDescriptions)
# Update the generated certificate version to equal the one in toyCert.
newCertificate.setName(
Name(newCertificate.getName().getPrefix(-1).append(
self.toyCert.getName().get(-1))))
# Make a copy to test encoding.
certificateCopy = IdentityCertificate(newCertificate)
self.assertEqual(
str(self.toyCert), str(certificateCopy),
"Prepared unsigned certificate dump does not have the expected format"
)
def test_prepare_unsigned_certificate(self):
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
identityManager = IdentityManager(identityStorage, privateKeyStorage)
keyName = Name("/test/ksk-1457560485494")
identityStorage.addKey(keyName, KeyType.RSA, Blob(PUBLIC_KEY))
subjectDescriptions = []
subjectDescriptions.append(CertificateSubjectDescription(
TEST_OID, "TEST NAME"))
newCertificate = identityManager.prepareUnsignedIdentityCertificate(
keyName,
keyName.getPrefix(1), self.toyCertNotBefore,
self.toyCertNotAfter, subjectDescriptions)
# Update the generated certificate version to equal the one in toyCert.
newCertificate.setName(
Name(newCertificate.getName().getPrefix(-1).append
(self.toyCert.getName().get(-1))))
# Make a copy to test encoding.
certificateCopy = IdentityCertificate(newCertificate)
self.assertEqual(
str(self.toyCert), str(certificateCopy),
"Prepared unsigned certificate dump does not have the expected format")
def test_match(self):
name = Name("/edu/cmu/andrew/user/3498478")
name2 = Name(name)
self.assertTrue(name.match(name2), 'Name does not match deep copy of itself')
name2 = name.getPrefix(2)
self.assertTrue(name2.match(name), 'Name did not match prefix')
self.assertFalse(name.match(name2), 'Name should not match shorter name')
self.assertTrue(Name().match(name), 'Empty name should always match another')
def test_match(self):
name = Name("/edu/cmu/andrew/user/3498478")
name2 = Name(name)
self.assertTrue(name.match(name2), 'Name does not match deep copy of itself')
name2 = name.getPrefix(2)
self.assertTrue(name2.match(name), 'Name did not match prefix')
self.assertFalse(name.match(name2), 'Name should not match shorter name')
self.assertTrue(Name().match(name), 'Empty name should always match another')
def test_prefix(self):
name = Name(self.expectedURI)
name2 = name.getPrefix(2)
self.assertEqual(name2.size(),2, 'Name prefix has ' + str(name2.size()) + ' components instead of 2')
for i in range(2):
self.assertTrue(name.get(i).getValue().equals(name2.get(i).getValue()))
def test_content_key_request(self):
prefix = Name("/prefix")
suffix = Name("/a/b/c")
expectedInterest = Name(prefix)
expectedInterest.append(Encryptor.NAME_COMPONENT_READ)
expectedInterest.append(suffix)
expectedInterest.append(Encryptor.NAME_COMPONENT_E_KEY)
cKeyName = Name(prefix)
cKeyName.append(Encryptor.NAME_COMPONENT_SAMPLE)
cKeyName.append(suffix)
cKeyName.append(Encryptor.NAME_COMPONENT_C_KEY)
timeMarker = Name("20150101T100000/20150101T120000")
testTime1 = Schedule.fromIsoString("20150101T100001")
testTime2 = Schedule.fromIsoString("20150101T110001")
testTimeRounded1 = Name.Component("20150101T100000")
testTimeRounded2 = Name.Component("20150101T110000")
testTimeComponent2 = Name.Component("20150101T110001")
# Create content keys required for this test case:
for i in range(suffix.size()):
self.createEncryptionKey(expectedInterest, timeMarker)
expectedInterest = expectedInterest.getPrefix(-2).append(
Encryptor.NAME_COMPONENT_E_KEY)
expressInterestCallCount = [0]
# Prepare a TestFace to instantly answer calls to expressInterest.
class TestFace(object):
def __init__(self, handleExpressInterest):
self.handleExpressInterest = handleExpressInterest
def expressInterest(self, interest, onData, onTimeout,
onNetworkNack):
return self.handleExpressInterest(interest, onData, onTimeout,
onNetworkNack)
def handleExpressInterest(interest, onData, onTimeout, onNetworkNack):
expressInterestCallCount[0] += 1
interestName = Name(interest.getName())
interestName.append(timeMarker)
self.assertTrue(interestName in self.encryptionKeys)
onData(interest, self.encryptionKeys[interestName])
return 0
face = TestFace(handleExpressInterest)
# Verify that the content key is correctly encrypted for each domain, and
# the produce method encrypts the provided data with the same content key.
testDb = Sqlite3ProducerDb(self.databaseFilePath)
producer = Producer(prefix, suffix, face, self.keyChain, testDb)
contentKey = [None] # Blob
def checkEncryptionKeys(result, testTime, roundedTime,
expectedExpressInterestCallCount):
self.assertEqual(expectedExpressInterestCallCount,
expressInterestCallCount[0])
self.assertEqual(True, testDb.hasContentKey(testTime))
contentKey[0] = testDb.getContentKey(testTime)
params = EncryptParams(EncryptAlgorithmType.RsaOaep)
for i in range(len(result)):
key = result[i]
keyName = key.getName()
self.assertEqual(cKeyName, keyName.getSubName(0, 6))
self.assertEqual(keyName.get(6), roundedTime)
self.assertEqual(keyName.get(7), Encryptor.NAME_COMPONENT_FOR)
self.assertEqual(True,
keyName.getSubName(8) in self.decryptionKeys)
decryptionKey = self.decryptionKeys[keyName.getSubName(8)]
self.assertEqual(True, decryptionKey.size() != 0)
encryptedKeyEncoding = key.getContent()
content = EncryptedContent()
content.wireDecode(encryptedKeyEncoding)
encryptedKey = content.getPayload()
retrievedKey = RsaAlgorithm.decrypt(decryptionKey,
encryptedKey, params)
self.assertTrue(contentKey[0].equals(retrievedKey))
self.assertEqual(3, len(result))
# An initial test to confirm that keys are created for this time slot.
contentKeyName1 = producer.createContentKey(
testTime1, lambda keys: checkEncryptionKeys(
keys, testTime1, testTimeRounded1, 3))
# Verify that we do not repeat the search for e-keys. The total
# expressInterestCallCount should be the same.
contentKeyName2 = producer.createContentKey(
testTime2, lambda keys: checkEncryptionKeys(
keys, testTime2, testTimeRounded2, 3))
# Confirm content key names are correct
self.assertEqual(cKeyName, contentKeyName1.getPrefix(-1))
self.assertEqual(testTimeRounded1, contentKeyName1.get(6))
self.assertEqual(cKeyName, contentKeyName2.getPrefix(-1))
self.assertEqual(testTimeRounded2, contentKeyName2.get(6))
# Confirm that produce encrypts with the correct key and has the right name.
testData = Data()
producer.produce(testData, testTime2, Blob(DATA_CONTENT, False))
producedName = testData.getName()
self.assertEqual(cKeyName.getPrefix(-1), producedName.getSubName(0, 5))
self.assertEqual(testTimeComponent2, producedName.get(5))
self.assertEqual(Encryptor.NAME_COMPONENT_FOR, producedName.get(6))
self.assertEqual(cKeyName, producedName.getSubName(7, 6))
self.assertEqual(testTimeRounded2, producedName.get(13))
dataBlob = testData.getContent()
dataContent = EncryptedContent()
dataContent.wireDecode(dataBlob)
encryptedData = dataContent.getPayload()
initialVector = dataContent.getInitialVector()
params = EncryptParams(EncryptAlgorithmType.AesCbc, 16)
params.setInitialVector(initialVector)
decryptTest = AesAlgorithm.decrypt(contentKey[0], encryptedData,
params)
self.assertTrue(decryptTest.equals(Blob(DATA_CONTENT, False)))
def test_prefix(self):
name = Name(self.expectedURI)
name2 = name.getPrefix(2)
self.assertEqual(name2.size(),2, 'Name prefix has ' + str(name2.size()) + ' components instead of 2')
for i in range(2):
self.assertTrue(name.get(i).getValue().equals(name2.get(i).getValue()))
def test_content_key_request(self):
prefix = Name("/prefix")
suffix = Name("/a/b/c")
expectedInterest = Name(prefix)
expectedInterest.append(Encryptor.NAME_COMPONENT_READ)
expectedInterest.append(suffix)
expectedInterest.append(Encryptor.NAME_COMPONENT_E_KEY)
cKeyName = Name(prefix)
cKeyName.append(Encryptor.NAME_COMPONENT_SAMPLE)
cKeyName.append(suffix)
cKeyName.append(Encryptor.NAME_COMPONENT_C_KEY)
timeMarker = Name("20150101T100000/20150101T120000")
testTime1 = Schedule.fromIsoString("20150101T100001")
testTime2 = Schedule.fromIsoString("20150101T110001")
testTimeRounded1 = Name.Component("20150101T100000")
testTimeRounded2 = Name.Component("20150101T110000")
# Create content keys required for this test case:
for i in range(suffix.size()):
self.createEncryptionKey(expectedInterest, timeMarker)
expectedInterest = expectedInterest.getPrefix(-2).append(
Encryptor.NAME_COMPONENT_E_KEY)
expressInterestCallCount = [0]
# Prepare a TestFace to instantly answer calls to expressInterest.
class TestFace(object):
def __init__(self, handleExpressInterest):
self.handleExpressInterest = handleExpressInterest
def expressInterest(self, interest, onData, onTimeout):
return self.handleExpressInterest(interest, onData, onTimeout)
def handleExpressInterest(interest, onData, onTimeout):
expressInterestCallCount[0] += 1
interestName = Name(interest.getName())
interestName.append(timeMarker)
self.assertTrue(interestName in self.encryptionKeys)
onData(interest, self.encryptionKeys[interestName])
return 0
face = TestFace(handleExpressInterest)
# Verify that the content key is correctly encrypted for each domain, and
# the produce method encrypts the provided data with the same content key.
testDb = Sqlite3ProducerDb(self.databaseFilePath)
producer = Producer(prefix, suffix, face, self.keyChain, testDb)
contentKey = [None] # Blob
def checkEncryptionKeys(
result, testTime, roundedTime, expectedExpressInterestCallCount):
self.assertEqual(expectedExpressInterestCallCount,
expressInterestCallCount[0])
self.assertEqual(True, testDb.hasContentKey(testTime))
contentKey[0] = testDb.getContentKey(testTime)
params = EncryptParams(EncryptAlgorithmType.RsaOaep)
for i in range(len(result)):
key = result[i]
keyName = key.getName()
self.assertEqual(cKeyName, keyName.getSubName(0, 6))
self.assertEqual(keyName.get(6), roundedTime)
self.assertEqual(keyName.get(7), Encryptor.NAME_COMPONENT_FOR)
self.assertEqual(
True, keyName.getSubName(8) in self.decryptionKeys)
decryptionKey = self.decryptionKeys[keyName.getSubName(8)]
self.assertEqual(True, decryptionKey.size() != 0)
encryptedKeyEncoding = key.getContent()
content = EncryptedContent()
content.wireDecode(encryptedKeyEncoding)
encryptedKey = content.getPayload()
retrievedKey = RsaAlgorithm.decrypt(
decryptionKey, encryptedKey, params)
self.assertTrue(contentKey[0].equals(retrievedKey))
self.assertEqual(3, len(result))
# An initial test to confirm that keys are created for this time slot.
contentKeyName1 = producer.createContentKey(
testTime1,
lambda keys: checkEncryptionKeys(keys, testTime1, testTimeRounded1, 3))
# Verify that we do not repeat the search for e-keys. The total
# expressInterestCallCount should be the same.
contentKeyName2 = producer.createContentKey(
testTime2,
lambda keys: checkEncryptionKeys(keys, testTime2, testTimeRounded2, 3))
# Confirm content key names are correct
self.assertEqual(cKeyName, contentKeyName1.getPrefix(-1))
self.assertEqual(testTimeRounded1, contentKeyName1.get(6))
self.assertEqual(cKeyName, contentKeyName2.getPrefix(-1))
self.assertEqual(testTimeRounded2, contentKeyName2.get(6))
# Confirm that produce encrypts with the correct key and has the right name.
testData = Data()
producer.produce(testData, testTime2, Blob(DATA_CONTENT, False))
producedName = testData.getName()
self.assertEqual(cKeyName.getPrefix(-1), producedName.getSubName(0, 5))
self.assertEqual(testTimeRounded2, producedName.get(5))
self.assertEqual(Encryptor.NAME_COMPONENT_FOR, producedName.get(6))
self.assertEqual(cKeyName, producedName.getSubName(7, 6))
self.assertEqual(testTimeRounded2, producedName.get(13))
dataBlob = testData.getContent()
dataContent = EncryptedContent()
dataContent.wireDecode(dataBlob)
encryptedData = dataContent.getPayload()
initialVector = dataContent.getInitialVector()
params = EncryptParams(EncryptAlgorithmType.AesCbc, 16)
params.setInitialVector(initialVector)
decryptTest = AesAlgorithm.decrypt(contentKey[0], encryptedData, params)
self.assertTrue(decryptTest.equals(Blob(DATA_CONTENT, False)))
