modified: controller.py modified: end-device.py new file: test_get_async_threadsafe.py

commit: b09af86400e7ad42534fc19402207e4f7363d194 [log] [tgz]
author: Teng Liang <philo@mario> Mon Jun 01 10:28:12 2015 -0700
committer: Teng Liang <philo@mario> Mon Jun 01 10:28:12 2015 -0700
tree: 7374c4cb8ce46a26c48313cf0a74dfae72d555fb
parent: 4662b3792dbd71bfa7e135d2d32227190089594b [diff] [blame]
diff --git a/end-device.py b/end-device.py
index fb97a23..a77dc47 100644
--- a/end-device.py
+++ b/end-device.py

@@ -22,6 +22,7 @@
 from pyndn import Name, Face, Interest, Data, ThreadsafeFace
 from pyndn import KeyLocator, KeyLocatorType
 from base_node import BaseNode
+from hmac_helper import HmacHelper 
 from pyndn.security.security_exception import SecurityException
 from pyndn.util import Blob
 try:
@@ -44,6 +45,7 @@
         self._symKey = "symmetricKeyForBootstrapping"
         self._category = "sensors"
         self._id = "T9273659"
+        self._hmacHelper = HmacHelper(self._symKey)
 
 
     def expressBootstrapInterest(self):
@@ -53,59 +55,73 @@
 
         deviceParameters = {}
         deviceParameters["category"] = self._category
-        deviceParameters["id"] = self._deviceSerial
+        deviceParameters["id"] = self._id
         bootstrapName.append(json.dumps(deviceParameters))
 
         bootstrapInterest = Interest(bootstrapName)
         bootstrapInterest.setInterestLifetimeMilliseconds(5000)
-        bootstrapKeyLocator = KeyLocator()
-        bootstrapKeyLocator.setType(KeyLocatorType.KEY_LOCATOR_DIGEST)
-        bootstrapKeyLocator.setKeyData(self._symKey)
-        bootstrapInterest.setKeyLocator(bootstrapKeyLocator)
+        #bootstrapKeyLocator = KeyLocator()
+        #bootstrapKeyLocator.setType(KeyLocatorType.KEY_LOCATOR_DIGEST)
+        #bootstrapKeyLocator.setKeyData(self._symKey)
+        #bootstrapInterest.setKeyLocator(bootstrapKeyLocator)
+        self._hmacHelper.signInterest(bootstrapInterest)
 
         dump("Express bootstrap interest : ",bootstrapInterest.toUri())
         self.face.expressInterest(bootstrapInterest, self.onBootstrapData, self.onTimeout)
+    def onInterest():
+        pass
+    def onRegisterFailed():
+	pass
     
     def onBootstrapData(self, interest, data):
         dump("Bootstrap data received.")
-        content = json.loads(data.getContent().toRawStr(), encoding="latin-1")
-        deviceNewIdentity = Name(content["deviceNewIdentity"])
-        controllerIdentity = Name(content["controllerIdentity"])
-        controllerPublicKeyInfo = content["controllerPublicKey"]
 
-        #set new identity as default and generate default key-pair with KSK Certificate
-        self._identityStorage.addIdentity(deviceNewIdentity)
-        self._identityManager.setDefaultIdentity(deviceNewIdentity)
-        try:
-            self._identityManager.getDefaultKeyNameForIdentity(deviceNewIdentity)
-        except SecurityException:
-            #generate new key-pair and certificate for new identity
-            dump("Install new identity as default\nGenerate new key-pair and self signed certificate")
-            newKey = self._identityManager.generateRSAKeyPairAsDefault(Name(deviceNewIdentity), isKsk=True)
-            newCert = self._identityManager.selfSign(newKey)
-            self._identityManager.addCertificateAsIdentityDefault(newCert)
+        if (self._hmacHelper.verifyData(data)):
+            self.log.info("Bootstrap data is verified")
+            content = json.loads(data.getContent().toRawStr(), encoding="latin-1")
+            deviceNewIdentity = Name(content["deviceNewIdentity"])
+            controllerIdentity = Name(content["controllerIdentity"])
+            controllerPublicKeyInfo = content["controllerPublicKey"]
+
+            self.face.registerPrefix(content["deviceNewIdentity"],self.onInterest,self.onRegisterFailed)
+            #set new identity as default and generate default key-pair with KSK Certificate
+            self._identityStorage.addIdentity(deviceNewIdentity)
+            self._identityManager.setDefaultIdentity(deviceNewIdentity)
+            try:
+                self._identityManager.getDefaultKeyNameForIdentity(deviceNewIdentity)
+            except SecurityException:
+                #generate new key-pair and certificate for new identity
+                dump("Install new identity as default\nGenerate new key-pair and self signed certificate")
+                newKey = self._identityManager.generateRSAKeyPairAsDefault(Name(deviceNewIdentity), isKsk=True)
+                newCert = self._identityManager.selfSign(newKey)
+                self._identityManager.addCertificateAsIdentityDefault(newCert)
+            
+            #add controller's identity and public key
+            keyType = controllerPublicKeyInfo["keyType"]
+            keyName = Name(controllerPublicKeyInfo["keyName"])
+            keyDer = Blob().fromRawStr(controllerPublicKeyInfo["publicKeyDer"])
+            dump("Controller's KeyType: ",keyType)
+            dump("Controller's keyName: ",keyName)
+            dump("Controller public key der : ",keyDer)
+
+            self._identityStorage.addIdentity(controllerIdentity)
+            try:
+                self._identityStorage.addKey(keyName, keyType, keyDer)
+                dump("Controller's identity, key and certificate installled.")
+            except SecurityException:
+                dump("Controller's identity, key, certificate already exists.")
+
+            #express an certificate request interest
+            defaultKeyName = self._identityManager.getDefaultKeyNameForIdentity(self._keyChain.getDefaultIdentity() )
+            self.requestCertificate(defaultKeyName)
+        else:
+            self.log.info("Bootstrap data is not verified")
         
-        #add controller's identity and public key
-        keyType = controllerPublicKeyInfo["keyType"]
-        keyName = Name(controllerPublicKeyInfo["keyName"])
-        keyDer = Blob().fromRawStr(controllerPublicKeyInfo["publicKeyDer"])
-        dump("Controller's KeyType: ",keyType)
-        dump("Controller's keyName: ",keyName)
-        dump("Controller public key der : ",keyDer)
-
-        self._identityStorage.addIdentity(controllerIdentity)
-        try:
-            self._identityStorage.addKey(keyName, keyType, keyDer)
-            dump("Controller's identity, key and certificate installled.")
-        except SecurityException:
-            dump("Controller's identity, key, certificate already exists.")
-
-        #express an certificate request interest
-        defaultKeyName = self._identityManager.getDefaultKeyNameForIdentity(self._keyChain.getDefaultIdentity() )
-        self.requestCertificate(defaultKeyName)
+        
 
 
     def beforeLoopStart(self):
+        #self.face.registerPrefix('/', self.onInterest, self.onRegisterFailed)
         self.expressBootstrapInterest()
         
     def onTimeout(self, interest):
@@ -135,10 +151,14 @@
         certificateRequestName.append(json.dumps(keyInfo, encoding="latin-1"))
 
         certificateRequestName.append("ID-CERT")
+
+        certificateRequest = Interest(certificateRequestName)
+        certificateRequest.setInterestLifetimeMilliseconds(5000)
+        self._hmacHelper.signInterest(certificateRequest)
         
         dump("Sending certificate request : ",certificateRequestName)
 
-        self.face.expressInterest(Interest(certificateRequestName), self.onCertificateData, self.onTimeout)
+        self.face.expressInterest(certificateRequest, self.onCertificateData, self.onTimeout)
         #TODO use symmetric key to sign
         
     def onCertificateData(self, interest, data):
@@ -147,7 +167,7 @@
 
 if __name__ == '__main__':
 
-    device = Device("default.conf")
+    device = Device("tmp.conf")
     device.start()
commit	b09af86400e7ad42534fc19402207e4f7363d194	[log] [tgz]
author	Teng Liang <philo@mario>	Mon Jun 01 10:28:12 2015 -0700
committer	Teng Liang <philo@mario>	Mon Jun 01 10:28:12 2015 -0700
tree	7374c4cb8ce46a26c48313cf0a74dfae72d555fb
parent	4662b3792dbd71bfa7e135d2d32227190089594b [diff] [blame]