def _addDeviceToNetwork(self, deviceSerial, newDeviceSuffix, pin): h = HmacHelper(pin) self._hmacDevices[deviceSerial] = h d = DeviceConfigurationMessage() for source, dest in [(self.networkPrefix, d.configuration.networkPrefix), (self.deviceSuffix, d.configuration.controllerName), (newDeviceSuffix, d.configuration.deviceSuffix)]: for i in range(source.size()): component = source.get(i) dest.components.append(component.getValue().toRawStr()) interestName = Name('/localhop/configure').append(Name(deviceSerial)) encodedParams = ProtobufTlv.encode(d) interestName.append(encodedParams) interest = Interest(interestName) h.signInterest(interest) self.face.expressInterest(interest, self._deviceAdditionResponse, self._deviceAdditionTimedOut)
def _addDeviceToNetwork(self, deviceSerial, newDeviceSuffix, pin): h = HmacHelper(pin) self._hmacDevices[deviceSerial] = h d = DeviceConfigurationMessage() newDeviceSuffix = Name(newDeviceSuffix) for source, dest in [(self.networkPrefix, d.configuration.networkPrefix), (self.deviceSuffix, d.configuration.controllerName), (newDeviceSuffix, d.configuration.deviceSuffix)]: for i in range(len(source)): component = source.get(i) dest.components.append(component.getValue().toRawStr()) interestName = Name('/localhop/configure').append(Name(deviceSerial)) encodedParams = ProtobufTlv.encode(d) interestName.append(encodedParams) interest = Interest(interestName) interest.setInterestLifetimeMilliseconds(5000) h.signInterest(interest) self.face.expressInterest(interest, self._deviceAdditionResponse, self._deviceAdditionTimedOut)
def _handleCertificateRequest(self, interest, transport): """ Extracts a public key name and key bits from a command interest name component. Generates a certificate if the request is verifiable. This expects an HMAC signed interest. """ message = CertificateRequestMessage() commandParamsTlv = interest.getName().get(self.prefix.size()+1) ProtobufTlv.decode(message, commandParamsTlv.getValue()) signature = HmacHelper.extractInterestSignature(interest) deviceSerial = str(signature.getKeyLocator().getKeyName().get(-1).getValue()) response = Data(interest.getName()) certData = None hmac = None try: hmac = self._hmacDevices[deviceSerial] if hmac.verifyInterest(interest): certData = self._createCertificateFromRequest(message) # remove this hmac; another request will require a new pin self._hmacDevices.pop(deviceSerial) except KeyError: self.log.warn('Received certificate request for device with no registered key') except SecurityException: self.log.warn('Could not create device certificate') else: self.log.info('Creating certificate for device {}'.format(deviceSerial)) if certData is not None: response.setContent(certData.wireEncode()) response.getMetaInfo().setFreshnessPeriod(10000) # should be good even longer else: response.setContent("Denied") if hmac is not None: hmac.signData(response) self.sendData(response, transport, False)