def test_calculate_interval(self):
# Create the group manager.
manager = GroupManager(
Name("Alice"), Name("data_type"),
Sqlite3GroupManagerDb(self.intervalDatabaseFilePath), 1024, 1,
self.keyChain)
self.setManager(manager)
memberKeys = {}
timePoint1 = Schedule.fromIsoString("20150825T093000")
result = manager._calculateInterval(timePoint1, memberKeys)
self.assertEqual("20150825T090000",
Schedule.toIsoString(result.getStartTime()))
self.assertEqual("20150825T100000",
Schedule.toIsoString(result.getEndTime()))
timePoint2 = Schedule.fromIsoString("20150827T073000")
result = manager._calculateInterval(timePoint2, memberKeys)
self.assertEqual("20150827T070000",
Schedule.toIsoString(result.getStartTime()))
self.assertEqual("20150827T080000",
Schedule.toIsoString(result.getEndTime()))
timePoint3 = Schedule.fromIsoString("20150827T043000")
result = manager._calculateInterval(timePoint3, memberKeys)
self.assertEqual(False, result.isValid())
timePoint4 = Schedule.fromIsoString("20150827T053000")
result = manager._calculateInterval(timePoint4, memberKeys)
self.assertEqual("20150827T050000",
Schedule.toIsoString(result.getStartTime()))
self.assertEqual("20150827T060000",
Schedule.toIsoString(result.getEndTime()))
def __init__(self, face, groupManagerName, dataType, dKeyDatabaseFilePath):
# Set up face
self.face = face
#self.loop = eventLoop
# Set up the keyChain.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(identityStorage, privateKeyStorage),
NoVerifyPolicyManager())
self.certificateName = self.keyChain.createIdentityAndCertificate(
groupManagerName)
self.dKeyDatabaseFilePath = dKeyDatabaseFilePath
self.manager = GroupManager(
groupManagerName, dataType,
Sqlite3GroupManagerDb(self.dKeyDatabaseFilePath), 2048, 1,
self.keyChain)
self.memoryContentCache = MemoryContentCache(self.face)
self.memoryContentCache.registerPrefix(groupManagerName,
self.onRegisterFailed,
self.onDataNotFound)
self.needToPublishGroupKeys = False
return
def setUp(self):
# Reuse the policy_config subdirectory for the temporary SQLite file.
self.databaseFilePath = "policy_config/test.db"
try:
os.remove(self.databaseFilePath)
except OSError:
# no such file
pass
self.database = Sqlite3GroupManagerDb(self.databaseFilePath)
def test_get_group_key_without_regeneration(self):
# Create the group manager.
manager = GroupManager(
Name("Alice"), Name("data_type"),
Sqlite3GroupManagerDb(self.groupKeyDatabaseFilePath), 1024, 1,
self.keyChain)
self.setManager(manager)
# Get the data list from the group manager.
timePoint1 = Schedule.fromIsoString("20150825T093000")
result = manager.getGroupKey(timePoint1)
self.assertEqual(4, len(result))
# The first data packet contains the group's encryption key (public key).
data1 = result[0]
self.assertEqual(
"/Alice/READ/data_type/E-KEY/20150825T090000/20150825T100000",
data1.getName().toUri())
groupEKey1 = EncryptKey(data1.getContent())
# Get the second data packet and decrypt.
data = result[1]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberA/ksk-123",
data.getName().toUri())
# Add new members to the database.
dataBlob = self.certificate.wireEncode()
memberD = Data()
memberD.wireDecode(dataBlob)
memberD.setName(Name("/ndn/memberD/KEY/ksk-123/ID-CERT/123"))
manager.addMember("schedule1", memberD)
result2 = manager.getGroupKey(timePoint1, False)
self.assertEqual(5, len(result2))
# Check that the new EKey is the same as the previous one.
data2 = result2[0]
self.assertEqual(
"/Alice/READ/data_type/E-KEY/20150825T090000/20150825T100000",
data2.getName().toUri())
groupEKey2 = EncryptKey(data2.getContent())
self.assertTrue(groupEKey1.getKeyBits().equals(
groupEKey2.getKeyBits()))
# Check the second data packet.
data2 = result2[1]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberA/ksk-123",
data2.getName().toUri())
def test_create_e_key_data(self):
# Create the group manager.
manager = GroupManager(
Name("Alice"), Name("data_type"),
Sqlite3GroupManagerDb(self.eKeyDatabaseFilePath), 1024, 1,
self.keyChain)
self.setManager(manager)
data = manager._createEKeyData(
"20150825T090000", "20150825T110000", self.encryptKeyBlob)
self.assertEqual("/Alice/READ/data_type/E-KEY/20150825T090000/20150825T110000",
data.getName().toUri())
contentBlob = data.getContent()
self.assertTrue(self.encryptKeyBlob.equals(contentBlob))
def test_create_d_key_data(self):
# Create the group manager.
manager = GroupManager(
Name("Alice"), Name("data_type"),
Sqlite3GroupManagerDb(self.dKeyDatabaseFilePath), 2048, 1,
self.keyChain)
newCertificateBlob = self.certificate.wireEncode()
newCertificate = IdentityCertificate()
newCertificate.wireDecode(newCertificateBlob)
# Encrypt the D-KEY.
data = manager._createDKeyData(
"20150825T000000", "20150827T000000", Name("/ndn/memberA/KEY"),
self.decryptKeyBlob,
newCertificate.getPublicKeyInfo().getKeyDer())
# Verify the encrypted D-KEY.
dataContent = data.getContent()
# Get the nonce key.
# dataContent is a sequence of the two EncryptedContent.
encryptedNonce = EncryptedContent()
encryptedNonce.wireDecode(dataContent)
self.assertEqual(0, encryptedNonce.getInitialVector().size())
self.assertEqual(EncryptAlgorithmType.RsaOaep,
encryptedNonce.getAlgorithmType())
blobNonce = encryptedNonce.getPayload()
decryptParams = EncryptParams(EncryptAlgorithmType.RsaOaep)
nonce = RsaAlgorithm.decrypt(self.decryptKeyBlob, blobNonce,
decryptParams)
# Get the D-KEY.
# Use the size of encryptedNonce to find the start of encryptedPayload.
payloadContent = dataContent.buf()[encryptedNonce.wireEncode().size():]
encryptedPayload = EncryptedContent()
encryptedPayload.wireDecode(payloadContent)
self.assertEqual(16, encryptedPayload.getInitialVector().size())
self.assertEqual(EncryptAlgorithmType.AesCbc,
encryptedPayload.getAlgorithmType())
decryptParams.setAlgorithmType(EncryptAlgorithmType.AesCbc)
decryptParams.setInitialVector(encryptedPayload.getInitialVector())
blobPayload = encryptedPayload.getPayload()
largePayload = AesAlgorithm.decrypt(nonce, blobPayload, decryptParams)
self.assertTrue(largePayload.equals(self.decryptKeyBlob))
def __init__(self, face, groupManagerName, dataType, readAccessName,
dKeyDatabaseFilePath):
# Set up face
self.face = face
#self.loop = eventLoop
# Set up the keyChain.
identityStorage = MemoryIdentityStorage()
privateKeyStorage = MemoryPrivateKeyStorage()
self.keyChain = KeyChain(
IdentityManager(identityStorage, privateKeyStorage),
NoVerifyPolicyManager())
self.certificateName = self.keyChain.createIdentityAndCertificate(
groupManagerName)
self.face.setCommandSigningInfo(self.keyChain, self.certificateName)
self.dKeyDatabaseFilePath = dKeyDatabaseFilePath
try:
os.remove(self.dKeyDatabaseFilePath)
except OSError:
# no such file
pass
self.manager = GroupManager(
groupManagerName, dataType,
Sqlite3GroupManagerDb(self.dKeyDatabaseFilePath), 2048, 1,
self.keyChain)
self.memoryContentCache = MemoryContentCache(self.face)
self.memoryContentCache.registerPrefix(
Name(groupManagerName).append("READ"), self.onRegisterFailed,
self.onDataNotFound)
self.face.registerPrefix(readAccessName, self.onAccessInterest,
self.onAccessTimeout)
self.updateGroupKeys = False
return
def test_get_group_key(self):
# Create the group manager.
manager = GroupManager(
Name("Alice"), Name("data_type"),
Sqlite3GroupManagerDb(self.groupKeyDatabaseFilePath), 1024, 1,
self.keyChain)
self.setManager(manager)
# Get the data list from the group manager.
timePoint1 = Schedule.fromIsoString("20150825T093000")
result = manager.getGroupKey(timePoint1)
self.assertEqual(4, len(result))
# The first data packet contains the group's encryption key (public key).
data = result[0]
self.assertEqual(
"/Alice/READ/data_type/E-KEY/20150825T090000/20150825T100000",
data.getName().toUri())
groupEKey = EncryptKey(data.getContent())
# Get the second data packet and decrypt.
data = result[1]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberA/ksk-123",
data.getName().toUri())
####################################################### Start decryption.
dataContent = data.getContent()
# Get the nonce key.
# dataContent is a sequence of the two EncryptedContent.
encryptedNonce = EncryptedContent()
encryptedNonce.wireDecode(dataContent)
self.assertEqual(0, encryptedNonce.getInitialVector().size())
self.assertEqual(EncryptAlgorithmType.RsaOaep,
encryptedNonce.getAlgorithmType())
decryptParams = EncryptParams(EncryptAlgorithmType.RsaOaep)
blobNonce = encryptedNonce.getPayload()
nonce = RsaAlgorithm.decrypt(self.decryptKeyBlob, blobNonce,
decryptParams)
# Get the payload.
# Use the size of encryptedNonce to find the start of encryptedPayload.
payloadContent = dataContent.buf()[encryptedNonce.wireEncode().size():]
encryptedPayload = EncryptedContent()
encryptedPayload.wireDecode(payloadContent)
self.assertEqual(16, encryptedPayload.getInitialVector().size())
self.assertEqual(EncryptAlgorithmType.AesCbc,
encryptedPayload.getAlgorithmType())
decryptParams.setAlgorithmType(EncryptAlgorithmType.AesCbc)
decryptParams.setInitialVector(encryptedPayload.getInitialVector())
blobPayload = encryptedPayload.getPayload()
largePayload = AesAlgorithm.decrypt(nonce, blobPayload, decryptParams)
# Get the group D-KEY.
groupDKey = DecryptKey(largePayload)
####################################################### End decryption.
# Check the D-KEY.
derivedGroupEKey = RsaAlgorithm.deriveEncryptKey(
groupDKey.getKeyBits())
self.assertTrue(groupEKey.getKeyBits().equals(
derivedGroupEKey.getKeyBits()))
# Check the third data packet.
data = result[2]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberB/ksk-123",
data.getName().toUri())
# Check the fourth data packet.
data = result[3]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberC/ksk-123",
data.getName().toUri())
# Check invalid time stamps for getting the group key.
timePoint2 = Schedule.fromIsoString("20150826T083000")
self.assertEqual(0, len(manager.getGroupKey(timePoint2)))
timePoint3 = Schedule.fromIsoString("20150827T023000")
self.assertEqual(0, len(manager.getGroupKey(timePoint3)))