modified: base_node.py
modified: controller.py
modified: default.conf
modified: end-device.py
diff --git a/base_node.py b/base_node.py
index 1325b4f..728a107 100644
--- a/base_node.py
+++ b/base_node.py
@@ -121,14 +121,14 @@
def getKeyChain(self):
return self._keyChain
- def getDefaultCertificateName(self):
- try:
- certName = self._identityStorage.getDefaultCertificateNameForIdentity(
- self._identityManager.getDefaultIdentity())
- except SecurityException:
- certName = self._keyChain.getDefaultCertificateName()
-
- return certName
+ #def getDefaultCertificateName(self):
+ # try:
+ # certName = self._identityStorage.getDefaultCertificateNameForIdentity(
+ # self._identityManager.getDefaultIdentity())
+ # except SecurityException:
+ # certName = self._keyChain.getDefaultCertificateName()
+#
+ # return certName
def start(self):
"""
diff --git a/controller.py b/controller.py
index 74177c3..d42eca3 100644
--- a/controller.py
+++ b/controller.py
@@ -19,6 +19,7 @@
import time
+import json
from pyndn import Name
from pyndn import Data
from pyndn import Face
@@ -38,64 +39,72 @@
self._responseCount = 0
self._symmetricKey = "symmetricKeyForBootStrapping"
self._prefix = "/home/controller"
+ self._bootStrapPrefix = "/home/controller/bootstrap"
def onInterest(self, prefix, interest, transport, registeredPrefixId):
self._responseCount += 1
interestName = interest.getName()
- dump("Received interest ", interestName)
-
- componentsString = []
- for eachComponent in interestName._components:
- componentsString.append(eachComponent.toEscapedString())
- if (len(componentsString) >= 6 and componentsString[0] == "home" and componentsString[1] == "controller" and componentsString[2] == "bootstrap"):
-
- newDeviceCategory = componentsString[3];
- newDeviceId = componentsString[4];
- signature = componentsString[5];
+ dump("Received interest ", interestName.toUri())
+
+ if(interestName.toUri().startswith(self._bootStrapPrefix) and interest.getKeyLocator().getKeyData().toRawStr() == self._symmetricKey):
+
+ deviceParameters = json.loads(interestName.get(3).getValue().toRawStr())
+ deviceNewIdentity = Name("/home")
+
+ #create new identity for device
+ deviceNewIdentity.append(deviceParameters["category"])
+ deviceNewIdentity.append(deviceParameters["id"])
+ dump("New identity for device: ",deviceNewIdentity)
+
+ #create key-pair and certificate for new identity
+ self.
+
+ data = Data(interestName)
+ content = {}
+ content["deviceNewIdentity"] = deviceNewIdentity.toUri()
+ content[]
+ content["controllerPublicKey"] =
+
- if (signature == self._symmetricKey):
- #newDeviceIdentityName = Name("/home"+newDeviceCategory+newDeviceId)
- content = "/home/"+newDeviceCategory+"/"+newDeviceId+"/"
- #content = content + "/"
- identityName = self._identityManager.getDefaultIdentity()
- keyName = self._identityManager.getDefaultKeyNameForIdentity(identityName)
- key = self._identityManager.getPublicKey(keyName)
- content = content+key.getKeyDer().toHex()
-
- dump("Send data : ",content)
- data = Data(interest.getName())
- data.setContent(content)
+ #dump("Send data : ",content)
+ #data = Data(interest.getName())
+ #data.setContent(content)
#self._keyChain.sign(data, self._certificateName)
- encodedData = data.wireEncode()
-
+ #encodedData = data.wireEncode()
#dump("Sent content", content)
- transport.send(encodedData.toBuffer())
+ #transport.send(encodedData.toBuffer())
+
def onRegisterFailed(self, prefix):
self._responseCount += 1
dump("Register failed for prefix", prefix.toUri())
def beforeLoopStart(self):
identityName = Name(self._prefix)
- dump(identityName)
- defaultIdentityExist = True
+
+ defaultIdentityExists = True
try:
defaultIdentityName = self._identityManager.getDefaultIdentity()
- dump(self._identityManager.getDefaultIdentity())
- dump(self._identityManager.getDefaultKeyNameForIdentity(defaultIdentityName))
except:
- defaultIdentityExist = False
+ defaultIdentityExists = False
#dump(self._identityManager.getDefaultKeyNameForIdentity(self._prefix))
- if not defaultIdentityExist or self._identityManager.getDefaultIdentity() != identityName:
+ if not defaultIdentityExists or self._identityManager.getDefaultIdentity() != identityName:
#make one
+ dump("Set default identity: ",identityName)
+ #self._identityManager.createIdentityAndCertificate(identityName)
+ self._identityStorage.addIdentity(identityName)
self._identityManager.setDefaultIdentity(identityName)
- self.log.warn("Generating controller key pair(this would take a while)......")
- newKey = self._identityManager.generateRSAKeyPairAsDefault(Name(self._prefix), isKsk=True)
- newCert = self._identityManager.selfSign(newKey)
- self._identityManager.addCertificateAsDefault(newCert)
+
+ try:
+ getDefaultKeyNameForIdentity(identityName)
+ except:
+ newKey = self._identityManager.generateRSAKeyPairAsDefault(Name(self._prefix), isKsk=True)
+ newCert = self._identityManager.selfSign(newKey)
+ dump("new certificate", newCert)
+ self._identityManager.addCertificateAsIdentityDefault(newCert)
if __name__ == '__main__':
@@ -108,7 +117,7 @@
controller = Controller("default.conf")
controller.beforeLoopStart()
- face.setCommandSigningInfo(controller.getKeyChain(), controller.getDefaultCertificateName())
+ face.setCommandSigningInfo(controller.getKeyChain(), controller._keyChain.getDefaultCertificateName())
# Also use the default certificate name to sign data packets.
@@ -121,7 +130,7 @@
keyName = controller._identityManager.getDefaultKeyNameForIdentity(identityName)
key = controller._identityManager.getPublicKey(keyName)
- dump("key : ",key.getKeyDer().toHex())
+ #dump("key : ",key.getKeyDer().toHex())
while controller._responseCount < 100:
face.processEvents()
diff --git a/default.conf b/default.conf
index f131e97..77d53eb 100644
--- a/default.conf
+++ b/default.conf
@@ -38,7 +38,7 @@
filter
{
type "name"
- name "/home/default"
+ name "/home"
relation "is-strict-prefix-of"
}
checker
diff --git a/end-device.py b/end-device.py
index a78e3da..4754117 100644
--- a/end-device.py
+++ b/end-device.py
@@ -18,10 +18,14 @@
# A copy of the GNU Lesser General Public License is in the file COPYING.
import time
+import json
from pyndn import Name
from pyndn import Face
+from pyndn import Interest
+from pyndn import KeyLocator, KeyLocatorType
from base_node import BaseNode
-from commands import CertificateRequestMessage
+from pyndn.security.security_exception import SecurityException
+
def dump(*list):
result = ""
@@ -56,52 +60,6 @@
"""
#TODO: GENERATE A NEW PUBLIC/PRIVATE PAIR INSTEAD OF COPYING
- makeKey = False
- try:
- defaultKey = self._identityStorage.getDefaultKeyNameForIdentity(keyIdentity)
- newKeyName = defaultKey
- except SecurityException:
- defaultIdentity = self._keyChain.getDefaultIdentity()
- defaultKey = self._identityStorage.getDefaultKeyNameForIdentity(defaultIdentity)
- newKeyName = self._identityStorage.getNewKeyName(keyIdentity, True)
- makeKey = True
-
- self.log.debug("Found key: " + defaultKey.toUri()+ " renaming as: " + newKeyName.toUri())
-
- keyType = self._identityStorage.getKeyType(defaultKey)
- keyDer = self._identityStorage.getKey(defaultKey)
-
- if makeKey:
- try:
- privateDer = self._identityManager.getPrivateKey(defaultKey)
- except SecurityException:
- # XXX: is recovery impossible?
- pass
- else:
- try:
- self._identityStorage.addKey(newKeyName, keyType, keyDer)
- self._identityManager.addPrivateKey(newKeyName, privateDer)
- except SecurityException:
- # TODO: key shouldn't exist...
- pass
-
- message = CertificateRequestMessage()
- message.command.keyType = keyType
- message.command.keyBits = keyDer.toRawStr()
-
- for component in range(newKeyName.size()):
- message.command.keyName.components.append(newKeyName.get(component).toEscapedString())
-
- paramComponent = ProtobufTlv.encode(message)
-
- interestName = Name(self._policyManager.getTrustRootIdentity()).append("certificateRequest").append(paramComponent)
- interest = Interest(interestName)
- interest.setInterestLifetimeMilliseconds(10000) # takes a tick to verify and sign
- self._hmacHandler.signInterest(interest, keyName=self.prefix)
-
- self.log.info("Sending certificate request to controller")
- self.log.debug("Certificate request: "+interest.getName().toUri())
- self.face.expressInterest(interest, self._onCertificateReceived, self._onCertificateTimeout)
if __name__ == '__main__':
face = Face("")
@@ -109,13 +67,27 @@
device = Device("default.conf")
symKey = "symmetricKeyForBootStrapping"
- bootStrapName = Name("/home/controller/bootstrap/light/id1/"+symKey)
- dump("Express name ",bootStrapName.toUri())
-
- face.expressInterest(bootStrapName, device.onData, device.onTimeout)
+ bootStrapName = Name("/home/controller/bootstrap")
+ deviceParameters = {}
+ deviceParameters["category"] = "sensors"
+ deviceParameters["id"] = "T123456789"
+ bootStrapName.append(json.dumps(deviceParameters))
- while device._callbackCount < 10:
+ bootStrapInterest = Interest(bootStrapName)
+
+ bootStrapInterest.setInterestLifetimeMilliseconds(5000)
+
+ bootStrapKeyLocator = KeyLocator()
+ bootStrapKeyLocator.setType(KeyLocatorType.KEY_LOCATOR_DIGEST)
+ bootStrapKeyLocator.setKeyData(symKey)
+ bootStrapInterest.setKeyLocator(bootStrapKeyLocator)
+
+ dump("Express interest ",bootStrapInterest.toUri())
+ face.expressInterest(bootStrapInterest, device.onData, device.onTimeout)
+
+
+ while device._callbackCount < 100:
face.processEvents()
# We need to sleep for a few milliseconds so we don't use 100% of the CPU.
time.sleep(0.01)