commit fb1b24e5040bdd2e4115fa8d10ab22b45f30aa7e
author philoL <philoliang2011@gmail.com> Fri May 15 05:33:25 2015 -0700
committer philoL <philoliang2011@gmail.com> Fri May 15 05:33:25 2015 -0700
tree 39fffd515e0d49190619d81b8c169a38c77bad23
parent a0b49376613465acace8dc87b42c770238c31e1e

	new file:   cert-request.proto
	modified:   end-device.py

cert-request.proto

diff --git a/cert-request.proto b/cert-request.proto
new file mode 100644
index 0000000..6c81dd6
--- /dev/null
+++ b/cert-request.proto
@@ -0,0 +1,11 @@
+message CertificateRequestMessage {
+	message Name {
+		repeated bytes components = 8;
+	}
+	message CertificateRequest {
+		required Name keyName = 220;
+        required uint32 keyType = 221;
+        required bytes keyBits = 222;
+	}
+	required CertificateRequest command = 223;
+}

end-device.py

diff --git a/end-device.py b/end-device.py
index 67fc150..cbcb841 100644
--- a/end-device.py
+++ b/end-device.py
@@ -21,6 +21,7 @@
 from pyndn import Name
 from pyndn import Face
 from base_node import BaseNode
+import CertificateRequestMessage
 
 def dump(*list):
     result = ""
@@ -48,6 +49,60 @@
         self._callbackCount += 1
         dump("Time out for interest", interest.getName().toUri())
 
+    def _sendCertificateRequest(self, keyIdentity):
+        """
+        We compose a command interest with our public key info so the controller
+        can sign us a certificate that can be used with other nodes in the network.
+        """
+
+        #TODO: GENERATE A NEW PUBLIC/PRIVATE PAIR INSTEAD OF COPYING
+        makeKey = False
+        try:
+            defaultKey = self._identityStorage.getDefaultKeyNameForIdentity(keyIdentity)
+            newKeyName = defaultKey
+        except SecurityException:
+            defaultIdentity = self._keyChain.getDefaultIdentity()
+            defaultKey = self._identityStorage.getDefaultKeyNameForIdentity(defaultIdentity)
+            newKeyName = self._identityStorage.getNewKeyName(keyIdentity, True)
+            makeKey = True
+             
+        self.log.debug("Found key: " + defaultKey.toUri()+ " renaming as: " + newKeyName.toUri())
+
+        keyType = self._identityStorage.getKeyType(defaultKey)
+        keyDer = self._identityStorage.getKey(defaultKey)
+
+        if makeKey:
+            try:
+                privateDer = self._identityManager.getPrivateKey(defaultKey)
+            except SecurityException:
+                # XXX: is recovery impossible?
+                pass
+            else:
+                try:
+                    self._identityStorage.addKey(newKeyName, keyType, keyDer)
+                    self._identityManager.addPrivateKey(newKeyName, privateDer)
+                except SecurityException:
+                    # TODO: key shouldn't exist...
+                    pass
+
+        message = CertificateRequestMessage()
+        message.command.keyType = keyType
+        message.command.keyBits = keyDer.toRawStr()
+
+        for component in range(newKeyName.size()):
+            message.command.keyName.components.append(newKeyName.get(component).toEscapedString())
+
+        paramComponent = ProtobufTlv.encode(message)
+
+        interestName = Name(self._policyManager.getTrustRootIdentity()).append("certificateRequest").append(paramComponent)
+        interest = Interest(interestName)
+        interest.setInterestLifetimeMilliseconds(10000) # takes a tick to verify and sign
+        self._hmacHandler.signInterest(interest, keyName=self.prefix)
+
+        self.log.info("Sending certificate request to controller")
+        self.log.debug("Certificate request: "+interest.getName().toUri())
+        self.face.expressInterest(interest, self._onCertificateReceived, self._onCertificateTimeout)
+
 if __name__ == '__main__':
     face = Face("")