Navigation

pyndn.encrypt package

Submodules

pyndn.encrypt.consumer module

This module defines the Consumer class which manages fetched group keys used to decrypt a data packet in the group-based encryption protocol. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.consumer.Consumer(face, keyChain, groupName, consumerName, database)[source]

Bases: object

Create a Consumer to use the given ConsumerDb, Face and other values.

Parameters:
  • face (Face) – The face used for data packet and key fetching.
  • keyChain (KeyChain) – The keyChain used to verify data packets.
  • groupName (Name) – The reading group name that the consumer belongs to. This makes a copy of the Name.
  • consumerName (Name) – The identity of the consumer. This makes a copy of the Name.
  • database (ConsumerDb) – The ConsumerDb database for storing decryption keys.
addDecryptionKey(keyName, keyBlob)[source]

Add a new decryption key with keyName and keyBlob to the database.

Parameters:
  • keyName (Name) – The key name.
  • keyBlob (Blob) – The encoded key.
Raises:
  • ConsumerDb.Error – If a key with the same keyName already exists in the database, or other database error.
  • RuntimeError – if the consumer name is not a prefix of the key name.
consume(contentName, onConsumeComplete, onError)[source]

Express an Interest to fetch the content packet with contentName, and decrypt it, fetching keys as needed.

Parameters:
  • contentName (Name) – The name of the content packet.
  • onConsumeComplete – When the content packet is fetched and decrypted, this calls onConsumeComplete(contentData, result) where contentData is the fetched Data packet and result is the decrypted plain text Blob. NOTE: The library will log any exceptions raised by this callback, but for better error handling the callback should catch and properly handle any exceptions.
  • onError (function object) – This calls onError(errorCode, message) for an error, where errorCode is from EncryptError.ErrorCode and message is a str. NOTE: The library will log any exceptions raised by this callback, but for better error handling the callback should catch and properly handle any exceptions.
setGroup(groupName)[source]

Set the group name.

Parameters:groupName (Name) – The reading group name that the consumer belongs to. This makes a copy of the Name.

pyndn.encrypt.consumer_db module

This module defines the ConsumerDb class which is an abstract base class the storage of decryption keys for the consumer. A subclass must implement the methods. For example, see Sqlite3ConsumerDb. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.consumer_db.ConsumerDb[source]

Bases: object

exception Error(message)[source]

Bases: exceptions.Exception

ConsumerDb.addKey(keyName, keyBlob)[source]

Add the key with keyName and keyBlob to the database.

Parameters:
  • keyName (Name) – The key name.
  • keyBlob (Blob) – The encoded key.
Raises ConsumerDb.Error:
 

If a key with the same keyName already exists in the database, or other database error.
ConsumerDb.deleteKey(keyName)[source]

Delete the key with keyName from the database. If there is no key with keyName, do nothing.

Parameters:keyName (Name) – The key name.
Raises ConsumerDb.Error:
 For a database error.
ConsumerDb.getKey(keyName)[source]

Get the key with keyName from the database.

Parameters:keyName (Name) – The key name.
Returns:A Blob with the encoded key, or an isNull Blob if cannot find the key with keyName.
Return type:Blob
Raises ConsumerDb.Error:
 For a database error.

pyndn.encrypt.decrypt_key module

This module defines the EncryptKey class which supplies the key for decrypt. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.decrypt_key.DecryptKey(value)[source]

Bases: object

Create a DecryptKey with the given key value.

Parameters:value (Blob or DecryptKey) – If value is another DecryptKey then copy it. Otherwise, value is the key value.
getKeyBits()[source]

Get the key value.

Returns:The key value.
Return type:Blob

pyndn.encrypt.encrypt_error module

This module defines the EncryptError class which is used as a namespace to hold the ErrorCode enum for errors from the encrypt library. In the future it may hold more enums or functions.

class pyndn.encrypt.encrypt_error.EncryptError[source]

Bases: object

class ErrorCode[source]

Bases: object

EncryptionFailure = 35
General = 100
InvalidEncryptedFormat = 33
NoDecryptKey = 34
Timeout = 1
UnsupportedEncryptionScheme = 32
Validation = 2

pyndn.encrypt.encrypt_key module

This module defines the EncryptKey class which supplies the key for encrypt. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.encrypt_key.EncryptKey(value)[source]

Bases: object

Create an EncryptKey with the given key value.

Parameters:value (Blob or EncryptKey) – If value is another EncryptKey then copy it. Otherwise, value is the key value.
getKeyBits()[source]

Get the key value.

Returns:The key value.
Return type:Blob

pyndn.encrypt.encrypted_content module

This module defines the EncryptedContent class which holds an encryption type, a payload and other fields representing encrypted content. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.encrypted_content.EncryptedContent(value=None)[source]

Bases: object

Create an EncryptedContent.

Parameters:value (EncryptedContent) – (optional) If value is another EncryptedContent then copy it. If value is omitted then create an EncryptedContent with unspecified values.
getAlgorithmType()[source]

Get the algorithm type from EncryptAlgorithmType.

Returns:The algorithm type from EncryptAlgorithmType, or None if not specified.
Return type:int
getInitialVector()[source]

Get the initial vector.

Returns:The initial vector. If not specified, isNull() is True.
Return type:Blob
getKeyLocator()[source]

Get the key locator.

Returns:The key locator. If not specified, getType() is None.
Return type:KeyLocator
getPayload()[source]

Get the payload.

Returns:The payload. If not specified, isNull() is True.
Return type:Blob
setAlgorithmType(algorithmType)[source]

Set the algorithm type.

Parameters:algorithmType (int) – The algorithm type from EncryptAlgorithmType. If not specified, set to None.
Returns:This EncryptedContent so that you can chain calls to update values.
Return type:EncryptedContent
setInitialVector(initialVector)[source]

Set the initial vector.

Parameters:initialVector (Blob) – The initial vector. If not specified, set to the default Blob() where isNull() is True.
Returns:This EncryptedContent so that you can chain calls to update values.
Return type:EncryptedContent
setKeyLocator(keyLocator)[source]

Set the key locator.

Parameters:keyLocator (KeyLocator) – The key locator. This makes a copy of the object. If not specified, set to the default KeyLocator().
Returns:This EncryptedContent so that you can chain calls to update values.
Return type:EncryptedContent
setPayload(payload)[source]

Set the encrypted payload.

Parameters:payload (Blob) – The payload. If not specified, set to the default Blob() where isNull() is True.
Returns:This EncryptedContent so that you can chain calls to update values.
Return type:EncryptedContent
wireDecode(input, wireFormat=None)[source]

Decode the input using a particular wire format and update this EncryptedContent.

Parameters:
  • input (A Blob or an array type with int elements) – The array with the bytes to decode.
  • wireFormat (A subclass of WireFormat) – (optional) A WireFormat object used to decode this EncryptedContent. If omitted, use WireFormat.getDefaultWireFormat().
wireEncode(wireFormat=None)[source]

Encode this EncryptedContent for a particular wire format.

Parameters:wireFormat (A subclass of WireFormat) – (optional) A WireFormat object used to encode this EncryptedContent. If omitted, use WireFormat.getDefaultWireFormat().
Returns:The encoded buffer.
Return type:Blob

pyndn.encrypt.group_manager module

This module defines the GroupManager class which manages keys and schedules for group members in a particular namespace. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.group_manager.GroupManager(prefix, dataType, database, keySize, freshnessHours, keyChain)[source]

Bases: object

Create a GroupManager with the given values. The group manager namespace is <prefix>/read/<dataType> .

Parameters:
  • prefix (Name) – The prefix for the group manager namespace.
  • dataType (Name) – The data type for the group manager namespace.
  • database (GroupManagerDb) – The GroupManagerDb for storing the group management information (including user public keys and schedules).
  • keySize (int) – The group key will be an RSA key with keySize bits.
  • freshnessHours (int) – The number of hours of the freshness period of data packets carrying the keys.
  • keyChain (KeyChain) – The KeyChain to use for signing data packets. This signs with the default identity.
MILLISECONDS_IN_HOUR = 3600000
addMember(scheduleName, memberCertificate)[source]

Add a new member with the given memberCertificate into a schedule named scheduleName. If cert is an IdentityCertificate made from memberCertificate, then the member’s identity name is cert.getPublicKeyName().getPrefix(-1).

Parameters:
  • scheduleName (str) – The schedule name.
  • memberCertificate (Data) – The member’s certificate.
Raises:
  • GroupManagerDb.Error – If there’s no schedule named scheduleName, if the member’s identity name already exists, or other database error.
  • DerDecodingException – for error decoding memberCertificate as a certificate.
addSchedule(scheduleName, schedule)[source]

Add a schedule with the given scheduleName.

Parameters:
  • scheduleName (str) – The name of the schedule. The name cannot be empty.
  • schedule (Schedule) – The Schedule to add.
Raises GroupManagerDb.Error:
 

If a schedule with the same name already exists, if the name is empty, or other database error.
deleteSchedule(scheduleName)[source]

Delete the schedule with the given scheduleName. Also delete members which use this schedule. If there is no schedule with the name, then do nothing.

Parameters:scheduleName (str) – The name of the schedule.
Raises GroupManagerDb.Error:
 For a database error.
getGroupKey(timeSlot)[source]

Create a group key for the interval into which timeSlot falls. This creates a group key if it doesn’t exist, and encrypts the key using the public key of each eligible member.

Parameters:

timeSlot (float) – The time slot to cover as milliseconds since Jan 1, 1970 UTC.
Returns:

A List of Data packets where the first is the E-KEY data packet with the group’s public key and the rest are the D-KEY data packets with the group’s private key encrypted with the public key of each eligible member.
Raises:
  • GroupManagerDb.Error – For a database error.
  • SecurityException – For an error using the security KeyChain.
removeMember(identity)[source]

Remove a member with the given identity name. If there is no member with the identity name, then do nothing.

Parameters:identity (Name) – The member’s identity name.
Raises GroupManagerDb.Error:
 For a database error.
updateMemberSchedule(identity, scheduleName)[source]

Change the name of the schedule for the given member’s identity name.

Parameters:
  • identity (Name) – The member’s identity name.
  • scheduleName (str) – The new schedule name.
Raises GroupManagerDb.Error:
 

If there’s no member with the given identity name in the database, or there’s no schedule named scheduleName.
updateSchedule(scheduleName, schedule)[source]

Update the schedule with scheduleName and replace the old object with the given schedule. Otherwise, if no schedule with name exists, a new schedule with name and the given schedule will be added to database.

Parameters:
  • scheduleName (str) – The name of the schedule. The name cannot be empty.
  • schedule (Schedule) – The Schedule to update or add.
Raises GroupManagerDb.Error:
 

If the name is empty, or other database error.

pyndn.encrypt.group_manager_db module

This module defines the GroupManagerDb class which is an abstract base class for the storage of data used by the GroupManager. It contains two tables to store Schedules and Members. This is an abstract base class. A subclass must implement the methods. For example, see Sqlite3GroupManagerDb. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.group_manager_db.GroupManagerDb[source]

Bases: object

exception Error(message)[source]

Bases: exceptions.Exception

GroupManagerDb.addMember(scheduleName, keyName, key)[source]

Add a new member with the given key named keyName into a schedule named scheduleName. The member’s identity name is keyName.getPrefix(-1).

Parameters:
  • scheduleName (str) – The schedule name.
  • keyName (Name) – The name of the key.
  • key (Blob) – A Blob of the public key DER.
Raises GroupManagerDb.Error:
 

If there’s no schedule named scheduleName, if the member’s identity name already exists, or other database error.
GroupManagerDb.addSchedule(name, schedule)[source]

Add a schedule with the given name.

Parameters:
  • name (str) – The name of the schedule. The name cannot be empty.
  • schedule (Schedule) – The Schedule to add.
Raises GroupManagerDb.Error:
 

If a schedule with the same name already exists, if the name is empty, or other database error.
GroupManagerDb.deleteMember(identity)[source]

Delete a member with the given identity name. If there is no member with the identity name, then do nothing.

Parameters:identity (Name) – The member’s identity name.
Raises GroupManagerDb.Error:
 For a database error.
GroupManagerDb.deleteSchedule(name)[source]

Delete the schedule with the given name. Also delete members which use this schedule. If there is no schedule with the name, then do nothing.

Parameters:name (str) – The name of the schedule.
Raises GroupManagerDb.Error:
 For a database error.
GroupManagerDb.getMemberSchedule(identity)[source]

Get the name of the schedule for the given member’s identity name.

Parameters:identity (Name) – The member’s identity name.
Returns:The name of the schedule.
Return type:str
Raises GroupManagerDb.Error:
 If there’s no member with the given identity name in the database, or other database error.
GroupManagerDb.getSchedule(name)[source]

Get a schedule with the given name.

Parameters:name (str) – The name of the schedule.
Returns:A new Schedule object.
Return type:Schedule
Raises GroupManagerDb.Error:
 If the schedule does not exist or other database error.
GroupManagerDb.getScheduleMembers(name)[source]

For each member using the given schedule, get the name and public key DER of the member’s key.

Parameters:name (str) – The name of the schedule.
Returns:a new dictionary where the dictionary’s key is the Name of the public key and the value is the Blob of the public key DER. Note that the member’s identity name is keyName.getPrefix(-1). If the schedule name is not found, the dictionary is empty.
Return type:dictionary<Name, Blob>
Raises GroupManagerDb.Error:
 For a database error.
GroupManagerDb.hasMember(identity)[source]

Check if there is a member with the given identity name.

Parameters:identity (Name) – The member’s identity name.
Returns:True if there is a member.
Return type:bool
Raises GroupManagerDb.Error:
 For a database error.
GroupManagerDb.hasSchedule(name)[source]

Check if there is a schedule with the given name.

Parameters:name (str) – The name of the schedule.
Returns:True if there is a schedule.
Return type:bool
Raises GroupManagerDb.Error:
 For a database error.
GroupManagerDb.listAllMembers()[source]

List all the members.

Returns:A new List of Name with the names of all members.
Return type:Array<Name>
Raises GroupManagerDb.Error:
 For a database error.
GroupManagerDb.listAllScheduleNames()[source]

List all the names of the schedules.

Returns:A new List of String with the names of all schedules.
Return type:Array<str>
Raises GroupManagerDb.Error:
 For a database error.
GroupManagerDb.renameSchedule(oldName, newName)[source]

Rename a schedule with oldName to newName.

Parameters:
  • oldName (str) – The name of the schedule to be renamed.
  • newName (str) – The new name of the schedule. The name cannot be empty.
Raises GroupManagerDb.Error:
 

If a schedule with newName already exists, if the schedule with oldName does not exist, if newName is empty, or other database error.
GroupManagerDb.updateMemberSchedule(identity, scheduleName)[source]

Change the name of the schedule for the given member’s identity name.

Parameters:
  • identity (Name) – The member’s identity name.
  • scheduleName (str) – The new schedule name.
Raises GroupManagerDb.Error:
 

If there’s no member with the given identity name in the database, or there’s no schedule named scheduleName, or other database error.
GroupManagerDb.updateSchedule(name, schedule)[source]

Update the schedule with name and replace the old object with the given schedule. Otherwise, if no schedule with name exists, a new schedule with name and the given schedule will be added to database.

Parameters:
  • name (str) – The name of the schedule. The name cannot be empty.
  • schedule (Schedule) – The Schedule to update or add.
Raises GroupManagerDb.Error:
 

If the name is empty, or other database error.

pyndn.encrypt.interval module

This module defines the Interval class which defines a time duration which contains a start timestamp and an end timestamp. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.interval.Interval(value=None, endTime=None)[source]

Bases: object

Create an Interval with one of these forms: Interval(isValid). Interval(startTime, endTime). Interval(interval).

Parameters:
  • isValid (bool) – True to create a valid empty interval, false to create an invalid interval.
  • startTime (float) – The start time as milliseconds since Jan 1, 1970 UTC. The start time must be less than the end time. To create an empty interval (start time equals end time), use the constructor Interval(true).
  • endTime (float) – The end time as milliseconds since Jan 1, 1970 UTC.
  • interval (Interval) – The other interval with values to copy.
covers(timePoint)[source]

Check if the time point is in this interval.

Parameters:timePoint (float) – The time point to check as milliseconds since Jan 1, 1970 UTC.
Returns:True if timePoint is in this interval.
Return type:bool
Raises RuntimeError:
 if this Interval is invalid.
getEndTime()[source]

Get the end time.

Returns:The end time as milliseconds since Jan 1, 1970 UTC.
Return type:float
Raises RuntimeError:
 if this Interval is invalid.
getStartTime()[source]

Get the start time.

Returns:The start time as milliseconds since Jan 1, 1970 UTC.
Return type:float
Raises RuntimeError:
 if this Interval is invalid.
intersectWith(interval)[source]

Set this Interval to the intersection of this and the other interval. This and the other interval should be valid but either can be empty.

Parameters:interval (Interval) – The other Interval to intersect with.
Returns:This Interval.
Return type:Interval
Raises RuntimeError:
 if this Interval or the other interval is invalid.
isEmpty()[source]

Check if this Interval is empty.

Returns:True if this Interval is empty (start time equals end time), False if not.
Return type:bool
Raises RuntimeError:
 if this Interval is invalid.
isValid()[source]

Check if this Interval is valid.

Returns:True if this interval is valid, False if invalid.
Return type:bool
set(other)[source]

Set this interval to have the same values as the other interval.

Parameters:other (Interval) – The other Interval with values to copy.
unionWith(interval)[source]

Set this Interval to the union of this and the other interval. This and the other interval should be valid but either can be empty. This and the other interval should have an intersection. (Contiguous intervals are not allowed.)

Parameters:interval (Interval) – The other Interval to union with.
Returns:This Interval.
Return type:Interval
Raises RuntimeError:
 if this Interval or the other interval is invalid, or if the two intervals do not have an intersection.

pyndn.encrypt.producer module

This module defines the Producer class which manages content keys used to encrypt a data packet in the group-based encryption protocol. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.producer.Producer(prefix, dataType, face, keyChain, database, repeatAttempts=None)[source]

Bases: object

Create a Producer to use the given ProducerDb, Face and other values.

A producer can produce data with a naming convention:
<prefix>/SAMPLE/<dataType>/[timestamp]

The produced data packet is encrypted with a content key, which is stored in the ProducerDb database.

A producer also needs to produce data containing a content key encrypted with E-KEYs. A producer can retrieve E-KEYs through the face, and will re-try for at most repeatAttemps times when E-KEY retrieval fails.

Parameters:
  • prefix (Name) – The producer name prefix. This makes a copy of the Name.
  • dataType (Name) – The dataType portion of the producer name. This makes a copy of the Name.
  • face (Face) – The face used to retrieve keys.
  • keyChain (KeyChain) – The keyChain used to sign data packets.
  • database (ProducerDb) – The ProducerDb database for storing keys.
  • repeatAttempts (int) – (optional) The maximum retry for retrieving keys. If omitted, use a default value of 3.
END_TIME_STAMP_INDEX = -1
class ExcludeEntry(component, anyFollowsComponent)[source]

Bases: object

Create a new ExcludeEntry.

Parameters:
  • component (Name.Component) –
  • anyFollowsComponent (bool) –
Producer.START_TIME_STAMP_INDEX = -2
Producer.createContentKey(timeSlot, onEncryptedKeys, onError=<staticmethod object at 0x5e1ee18>)[source]

Create the content key corresponding to the timeSlot. This first checks if the content key exists. For an existing content key, this returns the content key name directly. If the key does not exist, this creates one and encrypts it using the corresponding E-KEYs. The encrypted content keys are passed to the onEncryptedKeys callback.

Parameters:
  • timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
  • onEncryptedKeys (function object) – If this creates a content key, then this calls onEncryptedKeys(keys) where keys is a list of encrypted content key Data packets. If onEncryptedKeys is None, this does not use it. NOTE: The library will log any exceptions raised by this callback, but for better error handling the callback should catch and properly handle any exceptions.
  • onError (function object) – (optional) This calls errorCode, message) for an error, where errorCode is from EncryptError.ErrorCode and message is a str. If omitted, use a default callback which does nothing. NOTE: The library will log any exceptions raised by this callback, but for better error handling the callback should catch and properly handle any exceptions.
Returns:

The content key name.
Return type:

Name
static Producer.defaultOnError(errorCode, message)[source]

The default onError callback which does nothing.

static Producer.excludeAfter(exclude, fromComponent)[source]

Exclude all components in the range beginning at “fromComponent”.

Parameters:
  • exclude (Exclude) – The Exclude object to update.
  • fromComponent (Name.Component) – The first component in the exclude range.
static Producer.excludeBefore(exclude, to)[source]

Exclude all components in the range ending at “to”.

Parameters:
  • exclude (Exclude) – The Exclude object to update.
  • to (Name.Component) – The last component in the exclude range.
static Producer.excludeRange(exclude, fromComponent, to)[source]

Exclude all components in the range beginning at “fromComponent” and ending at “to”.

Parameters:
  • exclude (Exclude) – The Exclude object to update.
  • fromComponent (Name.Component) – The first component in the exclude range.
  • to (Name.Component) – The last component in the exclude range.
static Producer.findEntryBeforeOrAt(entries, component)[source]

Get the latest entry in the array whose component is less than or equal to component.

Parameters:
  • entries (Array<ExcludeEntry>) – The array of ExcludeEntry.
  • component (Name.Component) – The component to compare.
Returns:

The index of the found entry, or -1 if not found.
Return type:

int
static Producer.getExcludeEntries(exclude)[source]

Create a list of ExcludeEntry from the Exclude object.

Parameters:exclude (Exclude) – The Exclude object to read.
Returns:A new array of ExcludeEntry.
Return type:Array<ExcludeEntry>
Producer.produce(data, timeSlot, content, onError=<staticmethod object at 0x5e1ee18>)[source]

Encrypt the given content with the content key that covers timeSlot, and update the data packet with the encrypted content and an appropriate data name.

Parameters:
  • data (Data) – An empty Data object which is updated.
  • timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
  • content (Blob) – The content to encrypt.
  • onError (function object) – (optional) This calls onError(errorCode, message) for an error, where errorCode is from EncryptError.ErrorCode and message is a str. If omitted, use a default callback which does nothing. NOTE: The library will log any exceptions raised by this callback, but for better error handling the callback should catch and properly handle any exceptions.
static Producer.setExcludeEntries(exclude, entries)[source]

Set the Exclude object from the array of ExcludeEntry.

Parameters:
  • exclude (Exclude) – The Exclude object to update.
  • entries (Array<ExcludeEntry>) – The array of ExcludeEntry.

pyndn.encrypt.producer_db module

This module defines the ProducerDb class which is an abstract base class the storage of keys for the producer. It contains one table that maps time slots (to the nearest hour) to the content key created for that time slot. A subclass must implement the methods. For example, see Sqlite3ProducerDb. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.producer_db.ProducerDb[source]

Bases: object

exception Error(message)[source]

Bases: exceptions.Exception

ProducerDb.addContentKey(timeSlot, key)[source]

Add key as the content key for the hour covering timeSlot.

Parameters:
  • timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
  • key (Blob) – The encoded key.
Raises ProducerDb.Error:
 

If a key for the same hour already exists in the database, or other database error.
ProducerDb.deleteContentKey(timeSlot)[source]
Delete the content key for the hour covering timeSlot. If there is no
key for the time slot, do nothing.
Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
Raises ProducerDb.Error:
 For a database error.
ProducerDb.getContentKey(timeSlot)[source]

Get the content key for the hour covering timeSlot.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
Returns:A Blob with the encoded key.
Return type:Blob
Raises ProducerDb.Error:
 If there is no key covering timeSlot or other database error.
static ProducerDb.getFixedTimeSlot(timeSlot)[source]

Get the hour-based time slot.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
Returns:The hour-based time slot as hours since Jan 1, 1970 UTC.
Return type:int
ProducerDb.hasContentKey(timeSlot)[source]

Check if a content key exists for the hour covering timeSlot.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
Returns:True if there is a content key for timeSlot.
Return type:bool
Raises ProducerDb.Error:
 For a database error.

pyndn.encrypt.repetitive_interval module

This module defines the RepetitiveInterval class which is an advanced interval which can repeat and can be used to find a simple Interval that a time point falls in. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.repetitive_interval.RepetitiveInterval(startDate=None, endDate=None, intervalStartHour=None, intervalEndHour=None, nRepeats=None, repeatUnit=None)[source]

Bases: object

Create a RepetitiveInterval with one of these forms: RepetitiveInterval() A RepetitiveInterval with one day duration, non-repeating.. RepetitiveInterval(startDate, endDate, intervalStartHour, intervalEndHour, nRepeats, repeatUnit). RepetitiveInterval(repetitiveInterval).

Parameters:
  • startDate (float) – The start date as milliseconds since Jan 1, 1970 UTC. startDate must be earlier than or same as endDate. Or if repeatUnit is RepetitiveInterval.RepeatUnit.NONE, then it must equal endDate.
  • endDate (float) – The end date as milliseconds since Jan 1, 1970 UTC.
  • intervalStartHour (int) – The start hour in the day, from 0 to 23. intervalStartHour must be less than intervalEndHour.
  • intervalEndHour (int) – The end hour in the day from 1 to 24.
  • nRepeats (int) – (optional) Repeat the interval nRepeats repetitions, every unit, until endDate. If ommitted, use 0.
  • repeatUnit (int) – (optional) The unit of the repetition, from RepetitiveInterval.RepeatUnit. If ommitted, use NONE. If this is NONE or ommitted, then startDate must equal endDate.
MILLISECONDS_IN_DAY = 86400000
MILLISECONDS_IN_HOUR = 3600000
class RepeatUnit[source]

Bases: object

DAY = 1
MONTH = 2
NONE = 0
YEAR = 3
class RepetitiveInterval.Result(isPositive, interval)[source]

Bases: object

RepetitiveInterval.SECONDS_IN_DAY = 86400
RepetitiveInterval.compare(other)[source]

Compare this to the other RepetitiveInterval.

Parameters:other (RepetitiveInterval) – The other RepetitiveInterval to compare to.
Returns:-1 if this is less than the other, 1 if greater and 0 if equal.
Return type:int
RepetitiveInterval.getEndDate()[source]

Get the end date.

Returns:The end date as milliseconds since Jan 1, 1970 UTC.
Return type:float
RepetitiveInterval.getInterval(timePoint)[source]

Get an interval that covers the time point. If there is no interval covering the time point, this returns False for isPositive and returns a negative interval.

Parameters:timePoint (float) – The time point as milliseconds since Jan 1, 1970 UTC.
Returns:An object with fields “isPositive” and “interval” where isPositive is True if the returned interval is positive or False if negative, and interval is the Interval covering the time point or a negative interval if not found.
Return type:RepetitiveInterval.Result
RepetitiveInterval.getIntervalEndHour()[source]

Get the interval end hour.

Returns:The interval end hour.
Return type:int
RepetitiveInterval.getIntervalStartHour()[source]

Get the interval start hour.

Returns:The interval start hour.
Return type:int
RepetitiveInterval.getNRepeats()[source]

Get the number of repeats.

Returns:The number of repeats.
Return type:int
RepetitiveInterval.getRepeatUnit()[source]

Get the repeat unit.

Returns:The repeat unit, from RepetitiveInterval.RepeatUnit.
Return type:int
RepetitiveInterval.getStartDate()[source]

Get the start date.

Returns:The start date as milliseconds since Jan 1, 1970 UTC.
Return type:float

pyndn.encrypt.schedule module

This module defines the Schedule class which is used to manage the times when a member can access data using two sets of RepetitiveInterval as follows. whiteIntervalList is an ordered set for the times a member is allowed to access to data, and blackIntervalList is for the times a member is not allowed. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.schedule.Schedule(value=None)[source]

Bases: object

Create a Schedule with one of these forms: Schedule() A Schedule with empty whiteIntervalList and blackIntervalList. Schedule(schedule). A copy of the given schedule.

class Result(isPositive, interval)[source]

Bases: object

Schedule.addBlackInterval(repetitiveInterval)[source]

Add the repetitiveInterval to the blackIntervalList.

Parameters:repetitiveInterval (RepetitiveInterval) – The RepetitiveInterval to add. If the list already contains the same RepetitiveInterval, this does nothing.
Returns:This Schedule so you can chain calls to add.
Return type:Schedule
Schedule.addWhiteInterval(repetitiveInterval)[source]

Add the repetitiveInterval to the whiteIntervalList.

Parameters:repetitiveInterval (RepetitiveInterval) – The RepetitiveInterval to add. If the list already contains the same RepetitiveInterval, this does nothing.
Returns:This Schedule so you can chain calls to add.
Return type:Schedule
static Schedule.fromIsoString(timeString)[source]

Convert an ISO time representation with the “T” in the middle to a UNIX timestamp.

Parameters:timeString (str) – The ISO time representation.
Returns:The timestamp as milliseconds since Jan 1, 1970 UTC.
Return type:float
Schedule.getCoveringInterval(timeStamp)[source]

Get the interval that covers the time stamp. This iterates over the two repetitive interval sets and find the shortest interval that allows a group member to access the data. If there is no interval covering the time stamp, this returns False for isPositive and a negative interval.

Parameters:timeStamp (float) – The time stamp as milliseconds since Jan 1, 1970 UTC.
Returns:An object with fields “isPositive” and “interval” where isPositive is True if the returned interval is positive or False if negative, and interval is the Interval covering the time stamp, or a negative interval if not found.
Return type:Schedule.Result
static Schedule.toIsoString(msSince1970)[source]

Convert a UNIX timestamp to ISO time representation with the “T” in the middle.

Parameters:msSince1970 (float) – Timestamp as milliseconds since Jan 1, 1970 UTC.
Returns:The string representation.
Return type:str
Schedule.wireDecode(input)[source]

Decode the input and update this Schedule object.

Parameters:input (An array type with int elements) – The array with the bytes to decode.
Raises ValueError:
 For invalid encoding.
Schedule.wireEncode()[source]

Encode this Schedule.

Returns:The encoded buffer.
Return type:Blob

pyndn.encrypt.sqlite3_consumer_db module

This module defines the Sqlite3ConsumerDb class which extends ConsumerDb to implement the storage of decryption keys for the consumer using SQLite3. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.sqlite3_consumer_db.Sqlite3ConsumerDb(databaseFilePath)[source]

Bases: pyndn.encrypt.consumer_db.ConsumerDb

Create an Sqlite3ConsumerDb to use the given SQLite3 file.

Parameters:databaseFilePath (str) – The path of the SQLite file.
addKey(keyName, keyBlob)[source]

Add the key with keyName and keyBlob to the database.

Parameters:
  • keyName (Name) – The key name.
  • keyBlob (Blob) – The encoded key.
Raises ConsumerDb.Error:
 

If a key with the same keyName already exists in the database, or other database error.
deleteKey(keyName)[source]

Delete the key with keyName from the database. If there is no key with keyName, do nothing.

Parameters:keyName (Name) – The key name.
Raises ConsumerDb.Error:
 For a database error.
getKey(keyName)[source]

Get the key with keyName from the database.

Parameters:keyName (Name) – The key name.
Returns:A Blob with the encoded key, or an isNull Blob if cannot find the key with keyName.
Return type:Blob
Raises ConsumerDb.Error:
 For a database error.

pyndn.encrypt.sqlite3_group_manager_db module

This module defines the Sqlite3GroupManagerDb class which extends GroupManagerDb to implement the storage of data used by the GroupManager using SQLite. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.sqlite3_group_manager_db.Sqlite3GroupManagerDb(databaseFilePath)[source]

Bases: pyndn.encrypt.group_manager_db.GroupManagerDb

Create an Sqlite3GroupManagerDb to use the given SQLite3 file.

Parameters:databaseFilePath (str) – The path of the SQLite file.
addMember(scheduleName, keyName, key)[source]

Add a new member with the given key named keyName into a schedule named scheduleName. The member’s identity name is keyName.getPrefix(-1).

Parameters:
  • scheduleName (str) – The schedule name.
  • keyName (Name) – The name of the key.
  • key (Blob) – A Blob of the public key DER.
Raises GroupManagerDb.Error:
 

If there’s no schedule named scheduleName, if the member’s identity name already exists, or other database error.
addSchedule(name, schedule)[source]

Add a schedule with the given name.

Parameters:
  • name (str) – The name of the schedule. The name cannot be empty.
  • schedule (Schedule) – The Schedule to add.
Raises GroupManagerDb.Error:
 

If a schedule with the same name already exists, if the name is empty, or other database error.
deleteMember(identity)[source]

Delete a member with the given identity name. If there is no member with the identity name, then do nothing.

Parameters:identity (Name) – The member’s identity name.
Raises GroupManagerDb.Error:
 For a database error.
deleteSchedule(name)[source]

Delete the schedule with the given name. Also delete members which use this schedule. If there is no schedule with the name, then do nothing.

Parameters:name (str) – The name of the schedule.
Raises GroupManagerDb.Error:
 For a database error.
getMemberSchedule(identity)[source]

Get the name of the schedule for the given member’s identity name.

Parameters:identity (Name) – The member’s identity name.
Returns:The name of the schedule.
Return type:str
Raises GroupManagerDb.Error:
 If there’s no member with the given identity name in the database, or other database error.
getSchedule(name)[source]

Get a schedule with the given name.

Parameters:name (str) – The name of the schedule.
Returns:A new Schedule object.
Return type:Schedule
Raises GroupManagerDb.Error:
 If the schedule does not exist or other database error.
getScheduleMembers(name)[source]

For each member using the given schedule, get the name and public key DER of the member’s key.

Parameters:name (str) – The name of the schedule.
Returns:a new dictionary where the dictionary’s key is the Name of the public key and the value is the Blob of the public key DER. Note that the member’s identity name is keyName.getPrefix(-1). If the schedule name is not found, the dictionary is empty.
Return type:dictionary<Name, Blob>
Raises GroupManagerDb.Error:
 For a database error.
hasMember(identity)[source]

Check if there is a member with the given identity name.

Parameters:identity (Name) – The member’s identity name.
Returns:True if there is a member.
Return type:bool
Raises GroupManagerDb.Error:
 For a database error.
hasSchedule(name)[source]

Check if there is a schedule with the given name.

Parameters:name (str) – The name of the schedule.
Returns:True if there is a schedule.
Return type:bool
Raises GroupManagerDb.Error:
 For a database error.
listAllMembers()[source]

List all the members.

Returns:A new List of Name with the names of all members.
Return type:Array<Name>
Raises GroupManagerDb.Error:
 For a database error.
listAllScheduleNames()[source]

List all the names of the schedules.

Returns:A new List of String with the names of all schedules.
Return type:Array<str>
Raises GroupManagerDb.Error:
 For a database error.
renameSchedule(oldName, newName)[source]

Rename a schedule with oldName to newName.

Parameters:
  • oldName (str) – The name of the schedule to be renamed.
  • newName (str) – The new name of the schedule. The name cannot be empty.
Raises GroupManagerDb.Error:
 

If a schedule with newName already exists, if the schedule with oldName does not exist, if newName is empty, or other database error.
updateMemberSchedule(identity, scheduleName)[source]

Change the name of the schedule for the given member’s identity name.

Parameters:
  • identity (Name) – The member’s identity name.
  • scheduleName (str) – The new schedule name.
Raises GroupManagerDb.Error:
 

If there’s no member with the given identity name in the database, or there’s no schedule named scheduleName, or other database error.
updateSchedule(name, schedule)[source]

Update the schedule with name and replace the old object with the given schedule. Otherwise, if no schedule with name exists, a new schedule with name and the given schedule will be added to database.

Parameters:
  • name (str) – The name of the schedule. The name cannot be empty.
  • schedule (Schedule) – The Schedule to update or add.
Raises GroupManagerDb.Error:
 

If the name is empty, or other database error.

pyndn.encrypt.sqlite3_producer_db module

This module defines the Sqlite3ProducerDb class which extends ProducerDb to implement storage of keys for the producer using SQLite3. It contains one table that maps time slots (to the nearest hour) to the content key created for that time slot. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.sqlite3_producer_db.Sqlite3ProducerDb(databaseFilePath)[source]

Bases: pyndn.encrypt.producer_db.ProducerDb

Create an Sqlite3ProducerDb to use the given SQLite3 file.

Parameters:databaseFilePath (str) – The path of the SQLite file.
addContentKey(timeSlot, key)[source]

Add key as the content key for the hour covering timeSlot.

Parameters:
  • timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
  • key (Blob) – The encoded key.
Raises ProducerDb.Error:
 

If a key for the same hour already exists in the database, or other database error.
deleteContentKey(timeSlot)[source]
Delete the content key for the hour covering timeSlot. If there is no
key for the time slot, do nothing.
Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
Raises ProducerDb.Error:
 For a database error.
getContentKey(timeSlot)[source]

Get the content key for the hour covering timeSlot.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
Returns:A Blob with the encoded key.
Return type:Blob
Raises ProducerDb.Error:
 If there is no key covering timeSlot or other database error.
hasContentKey(timeSlot)[source]

Check if a content key exists for the hour covering timeSlot.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
Returns:True if there is a content key for timeSlot.
Return type:bool
Raises ProducerDb.Error:
 For a database error.

Module contents

Table Of Contents

Previous topic

pyndn.encoding.tlv package

Next topic

pyndn.encrypt.algo package

This Page

Navigation

© Copyright 2016, Regents of the University of California. Created using Sphinx 1.1.3.