pyndn.encrypt package

Subpackages

• pyndn.encrypt.algo package
  • Submodules
  • pyndn.encrypt.algo.aes_algorithm module
  • pyndn.encrypt.algo.encrypt_params module
  • pyndn.encrypt.algo.encryptor module
  • pyndn.encrypt.algo.rsa_algorithm module
  • Module contents

Submodules

pyndn.encrypt.access_manager_v2 module

This module defines the AccessManagerV2 class which controls the decryption policy by publishing granular per-namespace access policies in the form of key encryption (KEK, plaintext public) and key decryption (KDK, encrypted private key) key pairs. This works with EncryptorV2 and DecryptorV2 using security v2. For the meaning of “KDK”, etc. see: https://github.com/named-data/name-based-access-control/blob/new/docs/spec.rst

class pyndn.encrypt.access_manager_v2.AccessManagerV2(identity, dataset, keyChain, face)

Bases: object

Create an AccessManagerV2 to serve the NAC public key for other data producers to fetch, and to serve encrypted versions of the private keys (as safe bags) for authorized consumers to fetch.

KEK and KDK naming:

[identity]/NAC/[dataset]/KEK /[key-id] (== KEK, public key)

[identity]/NAC/[dataset]/KDK/[key-id] /ENCRYPTED-BY/[user]/KEY/[key-id] (== KDK, encrypted private key)

|_____________ ______________/

|/

registered with NFD

Parameters:

• identity (PibIdentity) – The data owner’s namespace identity. (This will be used to sign the KEK and KDK.)
• dataset (Name) – The name of dataset that this manager is controlling.
• keyChain (KeyChain) – The KeyChain used to sign Data packets.
• face (Face) – The Face for calling registerPrefix that will be used to publish the KEK and KDK Data packets.

DEFAULT_KDK_FRESHNESS_PERIOD_MS = 3600000.0

DEFAULT_KEK_FRESHNESS_PERIOD_MS = 3600000.0

addMember(memberCertificate)

Authorize a member identified by memberCertificate to decrypt data under the policy.

Parameters:memberCertificate (CertificateV2) – The certificate that identifies the member to authorize. Returns:The published KDK Data packet. Return type:Data

shutdown()

size()

Get the number of packets stored in in-memory storage.

Returns:The number of packets. Return type:int

pyndn.encrypt.consumer module

This module defines the Consumer class which manages fetched group keys used to decrypt a data packet in the group-based encryption protocol. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.consumer.Consumer(face, keyChain, groupName, consumerName, database, cKeyLink=None, dKeyLink=None)

Bases: object

Create a Consumer to use the given ConsumerDb, Face and other values.

Parameters:

• face (Face) – The face used for data packet and key fetching.
• keyChain (KeyChain) – The keyChain used to verify data packets.
• groupName (Name) – The reading group name that the consumer belongs to. This makes a copy of the Name.
• consumerName (Name) – The identity of the consumer. This makes a copy of the Name.
• database (ConsumerDb) – The ConsumerDb database for storing decryption keys.
• cKeyLink (Link) – (optional) The Link object to use in Interests for C-KEY retrieval. This makes a copy of the Link object. If the Link object’s getDelegations().size() is zero, don’t use it. If omitted, don’t use a Link object.
• dKeyLink (Link) – (optional) The Link object to use in Interests for D-KEY retrieval. This makes a copy of the Link object. If the Link object’s getDelegations().size() is zero, don’t use it. If omitted, don’t use a Link object.

NO_LINK = <pyndn.link.Link object>

addDecryptionKey(keyName, keyBlob)

Add a new decryption key with keyName and keyBlob to the database.

Parameters:

• keyName (Name) – The key name.
• keyBlob (Blob) – The encoded key.

Raises:

• ConsumerDb.Error – If a key with the same keyName already exists in the database, or other database error.
• RuntimeError – if the consumer name is not a prefix of the key name.

consume(contentName, onConsumeComplete, onError, link=None)

Express an Interest to fetch the content packet with contentName, and decrypt it, fetching keys as needed.

Parameters:

• contentName (Name) – The name of the content packet.
• onConsumeComplete – When the content packet is fetched and decrypted, this calls onConsumeComplete(contentData, result) where contentData is the fetched Data packet and result is the decrypted plain text Blob. NOTE: The library will log any exceptions raised by this callback, but for better error handling the callback should catch and properly handle any exceptions.
• onError (function object) – This calls onError(errorCode, message) for an error, where errorCode is from EncryptError.ErrorCode and message is a str. NOTE: The library will log any exceptions raised by this callback, but for better error handling the callback should catch and properly handle any exceptions.
• link (Link) – (optional) The Link object to use in Interests for data retrieval. This makes a copy of the Link object. If the Link object’s getDelegations().size() is zero, don’t use it. If omitted, don’t use a Link object.

setGroup(groupName)

Set the group name.

Parameters:groupName (Name) – The reading group name that the consumer belongs to. This makes a copy of the Name.

pyndn.encrypt.consumer_db module

This module defines the ConsumerDb class which is an abstract base class the storage of decryption keys for the consumer. A subclass must implement the methods. For example, see Sqlite3ConsumerDb. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.consumer_db.ConsumerDb

Bases: object

exception Error(message)

Bases: exceptions.Exception

addKey(keyName, keyBlob)

Add the key with keyName and keyBlob to the database.

Parameters:

• keyName (Name) – The key name.
• keyBlob (Blob) – The encoded key.

Raises:

ConsumerDb.Error – If a key with the same keyName already exists in the database, or other database error.

deleteKey(keyName)

Delete the key with keyName from the database. If there is no key with keyName, do nothing.

Parameters:keyName (Name) – The key name. Raises:ConsumerDb.Error – For a database error.

getKey(keyName)

Get the key with keyName from the database.

Parameters:keyName (Name) – The key name. Returns:A Blob with the encoded key, or an isNull Blob if cannot find the key with keyName. Return type:Blob Raises:ConsumerDb.Error – For a database error.

pyndn.encrypt.decrypt_key module

This module defines the EncryptKey class which supplies the key for decrypt. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.decrypt_key.DecryptKey(value)

Bases: object

Create a DecryptKey with the given key value.

Parameters:value (Blob or DecryptKey) – If value is another DecryptKey then copy it. Otherwise, value is the key value.

getKeyBits()

Get the key value.

Returns:The key value. Return type:Blob

pyndn.encrypt.decryptor_v2 module

This module defines the DecryptorV2 class which decrypts the supplied EncryptedContent element, using asynchronous operations, contingent on the retrieval of the CK Data packet, the KDK, and the successful decryption of both of these. For the meaning of “KDK”, etc. see: https://github.com/named-data/name-based-access-control/blob/new/docs/spec.rst

class pyndn.encrypt.decryptor_v2.DecryptorV2(credentialsKey, validator, keyChain, face)

Bases: object

Create a DecryptorV2 with the given parameters.

Parameters:

• credentialsKey (PibKey) – The credentials key to be used to retrieve and decrypt the KDK.
• validator (Validator) – The validation policy to ensure the validity of the KDK and CK.
• keyChain (KeyChain) – The KeyChain that will be used to decrypt the KDK.
• face (Face) – The Face that will be used to fetch the CK and KDK.

class ContentKey

Bases: object

class PendingDecrypt(encryptedContent, onSuccess, onError)

Bases: object

decrypt(encryptedContent, onSuccess, onError)

Asynchronously decrypt the encryptedContent.

Parameters:

• encryptedContent (EncryptedContent) – The EncryptedContent to decrypt, which must have a KeyLocator with a KEYNAME and and initial vector. This does not copy the EncryptedContent object. If you may change it later, then pass in a copy of the object.
• onSuccess (function object) – On successful decryption, this calls onSuccess(plainData) where plainData is the decrypted Blob. NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.
• onError (function object) – On failure, this calls onError(errorCode, message) where errorCode is from EncryptError.ErrorCode and message is a str. NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.

shutdown()

pyndn.encrypt.encrypt_error module

This module defines the EncryptError class which is used as a namespace to hold the ErrorCode enum for errors from the encrypt library. In the future it may hold more enums or functions.

class pyndn.encrypt.encrypt_error.EncryptError

Bases: object

class ErrorCode

Bases: object

CkInvalidName = 23

CkRetrievalFailure = 21

CkRetrievalTimeout = 22

DataRetrievalFailure = 1036

DecryptionFailure = 104

EncryptionFailure = 103

General = 200

InvalidEncryptedFormat = 1033

KdkDecryptionFailure = 14

KdkInvalidName = 13

KdkRetrievalFailure = 11

KdkRetrievalTimeout = 12

KekInvalidName = 3

KekRetrievalFailure = 1

KekRetrievalTimeout = 2

MissingRequiredInitialVector = 110

MissingRequiredKeyLocator = 101

NoDecryptKey = 1034

Timeout = 1001

TpmKeyNotFound = 102

UnsupportedEncryptionScheme = 1032

Validation = 1002

pyndn.encrypt.encrypt_key module

This module defines the EncryptKey class which supplies the key for encrypt. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.encrypt_key.EncryptKey(value)

Bases: object

Create an EncryptKey with the given key value.

Parameters:value (Blob or EncryptKey) – If value is another EncryptKey then copy it. Otherwise, value is the key value.

getKeyBits()

Get the key value.

Returns:The key value. Return type:Blob

pyndn.encrypt.encrypted_content module

This module defines the EncryptedContent class which holds an encryption type, a payload and other fields representing encrypted content. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.encrypted_content.EncryptedContent(value=None)

Bases: object

Create an EncryptedContent.

Parameters:value (EncryptedContent) – (optional) If value is another EncryptedContent then copy it. If value is omitted then create an EncryptedContent with unspecified values.

clear()

Set all the fields to indicate unspecified values.

getAlgorithmType()

Get the algorithm type from EncryptAlgorithmType.

Returns:The algorithm type from EncryptAlgorithmType, or None if not specified. Return type:int

getInitialVector()

Get the initial vector.

Returns:The initial vector. If not specified, isNull() is True. Return type:Blob

getKeyLocator()

Get the key locator.

Returns:The key locator. If not specified, getType() is None. Return type:KeyLocator

getKeyLocatorName()

Check that the key locator type is KEYNAME and return the key Name.

Returns:The key Name. Return type:Name Raises:RuntimeError if the key locator type is not KEYNAME.

getPayload()

Get the payload.

Returns:The payload. If not specified, isNull() is True. Return type:Blob

getPayloadKey()

Get the encrypted payload key.

Returns:The encrypted payload key. If not specified, isNull() is true. Return type:Blob

hasInitialVector()

Check if the initial vector is specified.

Returns:True if the initial vector is specified. Return type:bool

setAlgorithmType(algorithmType)

Set the algorithm type.

Parameters:algorithmType (int) – The algorithm type from EncryptAlgorithmType. If not specified, set to None. Returns:This EncryptedContent so that you can chain calls to update values. Return type:EncryptedContent

setInitialVector(initialVector)

Set the initial vector.

Parameters:initialVector (Blob) – The initial vector. If not specified, set to the default Blob() where isNull() is True. Returns:This EncryptedContent so that you can chain calls to update values. Return type:EncryptedContent

setKeyLocator(keyLocator)

Set the key locator.

Parameters:keyLocator (KeyLocator) – The key locator. This makes a copy of the object. If not specified, set to the default KeyLocator(). Returns:This EncryptedContent so that you can chain calls to update values. Return type:EncryptedContent

setKeyLocatorName(keyName)

Set the key locator type to KeyLocatorType.KEYNAME and set the key Name.

Parameters:keyName (Name) – The key locator Name, which is copied. Returns:This EncryptedContent so that you can chain calls to update values. Return type:EncryptedContent

setPayload(payload)

Set the encrypted payload.

Parameters:payload (Blob) – The payload. If not specified, set to the default Blob() where isNull() is True. Returns:This EncryptedContent so that you can chain calls to update values. Return type:EncryptedContent

setPayloadKey(payloadKey)

Set the encrypted payload key.

Parameters:payloadKey (Blob) – The encrypted payload key. If not specified, set to the default Blob() where isNull() is True. Returns:This EncryptedContent so that you can chain calls to update values. Return type:EncryptedContent

wireDecode(input, wireFormat=None)

Decode the input as an EncryptedContent v1 using a particular wire format and update this EncryptedContent.

Parameters:

• input (A Blob or an array type with int elements) – The array with the bytes to decode.
• wireFormat (A subclass of WireFormat) – (optional) A WireFormat object used to decode this EncryptedContent. If omitted, use WireFormat.getDefaultWireFormat().

wireDecodeV2(input, wireFormat=None)

Decode the input as an EncryptedContent v2 using a particular wire format and update this EncryptedContent.

Parameters:

• input (A Blob or an array type with int elements) – The array with the bytes to decode.
• wireFormat (A subclass of WireFormat) – (optional) A WireFormat object used to decode this EncryptedContent. If omitted, use WireFormat.getDefaultWireFormat().

wireEncode(wireFormat=None)

Encode this to an EncryptedContent v1 for a particular wire format.

Parameters:wireFormat (A subclass of WireFormat) – (optional) A WireFormat object used to encode this EncryptedContent. If omitted, use WireFormat.getDefaultWireFormat(). Returns:The encoded buffer. Return type:Blob

wireEncodeV2(wireFormat=None)

Encode this to an EncryptedContent v2 for a particular wire format.

Parameters:wireFormat (A subclass of WireFormat) – (optional) A WireFormat object used to encode this EncryptedContent. If omitted, use WireFormat.getDefaultWireFormat(). Returns:The encoded buffer. Return type:Blob

pyndn.encrypt.encryptor_v2 module

This module defines the EncryptorV2 class which encrypts the requested content for name-based access control (NAC) using security v2. For the meaning of “KEK”, etc. see: https://github.com/named-data/name-based-access-control/blob/new/docs/spec.rst

class pyndn.encrypt.encryptor_v2.EncryptorV2(accessPrefix, ckPrefix, ckDataSigningInfo, onError, validator, keyChain, face)

Bases: object

Create an EncryptorV2 with the given parameters. This uses the face to register to receive Interests for the prefix {ckPrefix}/CK.

Parameters:

• accessPrefix (Name) – The NAC prefix to fetch the Key Encryption Key (KEK) (e.g., /access/prefix/NAC/data/subset). This copies the Name.
• ckPrefix (Name) – The prefix under which Content Keys (CK) will be generated. (Each will have a unique version appended.) This copies the Name.
• ckDataSigningInfo (SigningInfo) – The SigningInfo parameters to sign the Content Key (CK) Data packet. This copies the SigningInfo.
• onError (function object) – On failure to create the CK data (failed to fetch the KEK, failed to encrypt with the KEK, etc.), this calls onError(errorCode, message) where errorCode is from EncryptError.ErrorCode and message is a str. The encrypt method will continue trying to retrieve the KEK until success (with each attempt separated by RETRY_DELAY_KEK_RETRIEVAL_MS) and onError may be called multiple times. NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.
• validator (Validator) – The validation policy to ensure correctness of the KEK.
• keyChain (KeyChain) – The KeyChain used to sign Data packets.
• face (Face) – The Face that will be used to fetch the KEK and publish CK data.

AES_IV_SIZE = 16

AES_KEY_SIZE = 32

DEFAULT_CK_FRESHNESS_PERIOD_MS = 3600000.0

NAME_COMPONENT_CK = <pyndn.name.Component object>

NAME_COMPONENT_ENCRYPTED_BY = <pyndn.name.Component object>

NAME_COMPONENT_KDK = <pyndn.name.Component object>

NAME_COMPONENT_KEK = <pyndn.name.Component object>

NAME_COMPONENT_NAC = <pyndn.name.Component object>

N_RETRIES = 3

RETRY_DELAY_AFTER_NACK_MS = 1000.0

RETRY_DELAY_KEK_RETRIEVAL_MS = 60000.0

encrypt(plainData)

Encrypt the plainData using the existing Content Key (CK) and return a new EncryptedContent.

Parameters:plainData (Blob or an array which implements the buffer protocol) – The data to encrypt. Returns:The new EncryptedContent. Return type:EncryptedContent

regenerateCk()

Create a new Content Key (CK) and publish the corresponding CK Data packet. This uses the onError given to the constructor to report errors.

shutdown()

size()

Get the number of packets stored in in-memory storage.

Returns:The number of packets. Return type:int

pyndn.encrypt.group_manager module

This module defines the GroupManager class which manages keys and schedules for group members in a particular namespace. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.group_manager.GroupManager(prefix, dataType, database, keySize, freshnessHours, keyChain)

Bases: object

Create a GroupManager with the given values. The group manager namespace is <prefix>/read/<dataType> .

Parameters:

• prefix (Name) – The prefix for the group manager namespace.
• dataType (Name) – The data type for the group manager namespace.
• database (GroupManagerDb) – The GroupManagerDb for storing the group management information (including user public keys and schedules).
• keySize (int) – The group key will be an RSA key with keySize bits.
• freshnessHours (int) – The number of hours of the freshness period of data packets carrying the keys.
• keyChain (KeyChain) – The KeyChain to use for signing data packets. This signs with the default identity.

MILLISECONDS_IN_HOUR = 3600000

addMember(scheduleName, memberCertificate)

Add a new member with the given memberCertificate into a schedule named scheduleName. If cert is an IdentityCertificate made from memberCertificate, then the member’s identity name is cert.getPublicKeyName().getPrefix(-1).

Parameters:

• scheduleName (str) – The schedule name.
• memberCertificate (Data) – The member’s certificate.

Raises:

• GroupManagerDb.Error – If there’s no schedule named scheduleName, if the member’s identity name already exists, or other database error.
• DerDecodingException – for error decoding memberCertificate as a certificate.

addSchedule(scheduleName, schedule)

Add a schedule with the given scheduleName.

Parameters:

• scheduleName (str) – The name of the schedule. The name cannot be empty.
• schedule (Schedule) – The Schedule to add.

Raises:

GroupManagerDb.Error – If a schedule with the same name already exists, if the name is empty, or other database error.

cleanEKeys()

Delete all the EKeys in the database. The database will keep growing because EKeys will keep being added, so this method should be called periodically.

Raises:GroupManagerDb.Error – For a database error.

deleteSchedule(scheduleName)

Delete the schedule with the given scheduleName. Also delete members which use this schedule. If there is no schedule with the name, then do nothing.

Parameters:scheduleName (str) – The name of the schedule. Raises:GroupManagerDb.Error – For a database error.

getGroupKey(timeSlot, needRegenerate=True)

Create a group key for the interval into which timeSlot falls. This creates a group key if it doesn’t exist, and encrypts the key using the public key of each eligible member.

Parameters:

• timeSlot (float) – The time slot to cover as milliseconds since Jan 1, 1970 UTC.
• needRegenerate (bool) – (optional) needRegenerate should be True if this is the first time this method is called, or a member was removed. needRegenerate can be False if this is not the first time this method is called, or a member was added. If omitted, use True.

Returns:

A List of Data packets where the first is the E-KEY data packet with the group’s public key and the rest are the D-KEY data packets with the group’s private key encrypted with the public key of each eligible member.

Raises:

• GroupManagerDb.Error – For a database error.
• SecurityException – For an error using the security KeyChain.

removeMember(identity)

Remove a member with the given identity name. If there is no member with the identity name, then do nothing.

Parameters:identity (Name) – The member’s identity name. Raises:GroupManagerDb.Error – For a database error.

updateMemberSchedule(identity, scheduleName)

Change the name of the schedule for the given member’s identity name.

Parameters:

• identity (Name) – The member’s identity name.
• scheduleName (str) – The new schedule name.

Raises:

GroupManagerDb.Error – If there’s no member with the given identity name in the database, or there’s no schedule named scheduleName.

updateSchedule(scheduleName, schedule)

Update the schedule with scheduleName and replace the old object with the given schedule. Otherwise, if no schedule with name exists, a new schedule with name and the given schedule will be added to database.

Parameters:

• scheduleName (str) – The name of the schedule. The name cannot be empty.
• schedule (Schedule) – The Schedule to update or add.

Raises:

GroupManagerDb.Error – If the name is empty, or other database error.

pyndn.encrypt.group_manager_db module

This module defines the GroupManagerDb class which is an abstract base class for the storage of data used by the GroupManager. It contains two tables to store Schedules and Members. This is an abstract base class. A subclass must implement the methods. For example, see Sqlite3GroupManagerDb. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.group_manager_db.GroupManagerDb

Bases: object

exception Error(message)

Bases: exceptions.Exception

addEKey(eKeyName, publicKey, privateKey)

Add the EKey with name eKeyName to the database.

Parameters:

• eKeyName (Name) – The name of the EKey. This copies the Name.
• publicKey (Blob) – The encoded public key of the group key pair.
• privateKey (Blob) – The encoded private key of the group key pair.

Raises:

GroupManagerDb.Error – If a key with name eKeyName already exists in the database, or other database error.

addMember(scheduleName, keyName, key)

Add a new member with the given key named keyName into a schedule named scheduleName. The member’s identity name is keyName.getPrefix(-1).

Parameters:

• scheduleName (str) – The schedule name.
• keyName (Name) – The name of the key.
• key (Blob) – A Blob of the public key DER.

Raises:

GroupManagerDb.Error – If there’s no schedule named scheduleName, if the member’s identity name already exists, or other database error.

addSchedule(name, schedule)

Add a schedule with the given name.

Parameters:

• name (str) – The name of the schedule. The name cannot be empty.
• schedule (Schedule) – The Schedule to add.

Raises:

GroupManagerDb.Error – If a schedule with the same name already exists, if the name is empty, or other database error.

cleanEKeys()

Delete all the EKeys in the database. The database will keep growing because EKeys will keep being added, so this method should be called periodically.

Raises:GroupManagerDb.Error – For a database error.

deleteEKey(eKeyName)

Delete the EKey with name eKeyName from the database. If no key with the name exists in the database, do nothing.

Parameters:eKeyName (Name) – The name of the EKey. Raises:GroupManagerDb.Error – For a database error.

deleteMember(identity)

Delete a member with the given identity name. If there is no member with the identity name, then do nothing.

Parameters:identity (Name) – The member’s identity name. Raises:GroupManagerDb.Error – For a database error.

deleteSchedule(name)

Delete the schedule with the given name. Also delete members which use this schedule. If there is no schedule with the name, then do nothing.

Parameters:name (str) – The name of the schedule. Raises:GroupManagerDb.Error – For a database error.

getEKey(eKeyName)

Get the group key pair with the name eKeyName from the database.

Parameters:eKeyName (Name) – The name of the EKey. Returns:A tuple (privateKeyBlob, publicKeyBlob) where “privateKeyBlob” is the encoding Blob of the private key and “publicKeyBlob” is the encoding Blob of the public key. Return type:(Blob, Blob) Raises:GroupManagerDb.Error – If the key with name eKeyName does not exist in the database, or other database error.

getMemberSchedule(identity)

Get the name of the schedule for the given member’s identity name.

Parameters:identity (Name) – The member’s identity name. Returns:The name of the schedule. Return type:str Raises:GroupManagerDb.Error – If there’s no member with the given identity name in the database, or other database error.

getSchedule(name)

Get a schedule with the given name.

Parameters:name (str) – The name of the schedule. Returns:A new Schedule object. Return type:Schedule Raises:GroupManagerDb.Error – If the schedule does not exist or other database error.

getScheduleMembers(name)

For each member using the given schedule, get the name and public key DER of the member’s key.

Parameters:name (str) – The name of the schedule. Returns:a new dictionary where the dictionary’s key is the Name of the public key and the value is the Blob of the public key DER. Note that the member’s identity name is keyName.getPrefix(-1). If the schedule name is not found, the dictionary is empty. Return type:dictionary<Name, Blob> Raises:GroupManagerDb.Error – For a database error.

hasEKey(eKeyName)

Check if there is an EKey with the name eKeyName in the database.

Parameters:eKeyName (Name) – The name of the EKey. Returns:True if the EKey exists. Return type:bool Raises:GroupManagerDb.Error – For a database error.

hasMember(identity)

Check if there is a member with the given identity name.

Parameters:identity (Name) – The member’s identity name. Returns:True if there is a member. Return type:bool Raises:GroupManagerDb.Error – For a database error.

hasSchedule(name)

Check if there is a schedule with the given name.

Parameters:name (str) – The name of the schedule. Returns:True if there is a schedule. Return type:bool Raises:GroupManagerDb.Error – For a database error.

listAllMembers()

List all the members.

Returns:A new List of Name with the names of all members. Return type:Array<Name> Raises:GroupManagerDb.Error – For a database error.

listAllScheduleNames()

List all the names of the schedules.

Returns:A new List of String with the names of all schedules. Return type:Array<str> Raises:GroupManagerDb.Error – For a database error.

renameSchedule(oldName, newName)

Rename a schedule with oldName to newName.

Parameters:

• oldName (str) – The name of the schedule to be renamed.
• newName (str) – The new name of the schedule. The name cannot be empty.

Raises:

GroupManagerDb.Error – If a schedule with newName already exists, if the schedule with oldName does not exist, if newName is empty, or other database error.

updateMemberSchedule(identity, scheduleName)

Change the name of the schedule for the given member’s identity name.

Parameters:

• identity (Name) – The member’s identity name.
• scheduleName (str) – The new schedule name.

Raises:

GroupManagerDb.Error – If there’s no member with the given identity name in the database, or there’s no schedule named scheduleName, or other database error.

updateSchedule(name, schedule)

Update the schedule with name and replace the old object with the given schedule. Otherwise, if no schedule with name exists, a new schedule with name and the given schedule will be added to database.

Parameters:

• name (str) – The name of the schedule. The name cannot be empty.
• schedule (Schedule) – The Schedule to update or add.

Raises:

GroupManagerDb.Error – If the name is empty, or other database error.

pyndn.encrypt.interval module

This module defines the Interval class which defines a time duration which contains a start timestamp and an end timestamp. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.interval.Interval(value=None, endTime=None)

Bases: object

Create an Interval with one of these forms: Interval(isValid). Interval(startTime, endTime). Interval(interval).

Parameters:

• isValid (bool) – True to create a valid empty interval, false to create an invalid interval.
• startTime (float) – The start time as milliseconds since Jan 1, 1970 UTC. The start time must be less than the end time. To create an empty interval (start time equals end time), use the constructor Interval(true).
• endTime (float) – The end time as milliseconds since Jan 1, 1970 UTC.
• interval (Interval) – The other interval with values to copy.

covers(timePoint)

Check if the time point is in this interval.

Parameters:timePoint (float) – The time point to check as milliseconds since Jan 1, 1970 UTC. Returns:True if timePoint is in this interval. Return type:bool Raises:RuntimeError – if this Interval is invalid.

getEndTime()

Get the end time.

Returns:The end time as milliseconds since Jan 1, 1970 UTC. Return type:float Raises:RuntimeError – if this Interval is invalid.

getStartTime()

Get the start time.

Returns:The start time as milliseconds since Jan 1, 1970 UTC. Return type:float Raises:RuntimeError – if this Interval is invalid.

intersectWith(interval)

Set this Interval to the intersection of this and the other interval. This and the other interval should be valid but either can be empty.

Parameters:interval (Interval) – The other Interval to intersect with. Returns:This Interval. Return type:Interval Raises:RuntimeError – if this Interval or the other interval is invalid.

isEmpty()

Check if this Interval is empty.

Returns:True if this Interval is empty (start time equals end time), False if not. Return type:bool Raises:RuntimeError – if this Interval is invalid.

isValid()

Check if this Interval is valid.

Returns:True if this interval is valid, False if invalid. Return type:bool

set(other)

Set this interval to have the same values as the other interval.

Parameters:other (Interval) – The other Interval with values to copy.

unionWith(interval)

Set this Interval to the union of this and the other interval. This and the other interval should be valid but either can be empty. This and the other interval should have an intersection. (Contiguous intervals are not allowed.)

Parameters:interval (Interval) – The other Interval to union with. Returns:This Interval. Return type:Interval Raises:RuntimeError – if this Interval or the other interval is invalid, or if the two intervals do not have an intersection.

pyndn.encrypt.producer module

This module defines the Producer class which manages content keys used to encrypt a data packet in the group-based encryption protocol. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.producer.Producer(prefix, dataType, face, keyChain, database, repeatAttempts=None, keyRetrievalLink=None)

Bases: object

Create a Producer to use the given ProducerDb, Face and other values.

A producer can produce data with a naming convention:

<prefix>/SAMPLE/<dataType>/[timestamp]

The produced data packet is encrypted with a content key, which is stored in the ProducerDb database.

A producer also needs to produce data containing a content key encrypted with E-KEYs. A producer can retrieve E-KEYs through the face, and will re-try for at most repeatAttemps times when E-KEY retrieval fails.

Parameters:

• prefix (Name) – The producer name prefix. This makes a copy of the Name.
• dataType (Name) – The dataType portion of the producer name. This makes a copy of the Name.
• face (Face) – The face used to retrieve keys.
• keyChain (KeyChain) – The keyChain used to sign data packets.
• database (ProducerDb) – The ProducerDb database for storing keys.
• repeatAttempts (int) – (optional) The maximum retry for retrieving keys. If omitted, use a default value of 3.
• keyRetrievalLink (Link) – (optional) The Link object to use in Interests for key retrieval. This makes a copy of the Link object. If the Link object’s getDelegations().size() is zero, don’t use it. If omitted, don’t use a Link object.

END_TIME_STAMP_INDEX = -1

class ExcludeEntry(component, anyFollowsComponent)

Bases: object

Create a new ExcludeEntry.

Parameters:

• component (Name.Component) –
• anyFollowsComponent (bool) –

NO_LINK = <pyndn.link.Link object>

START_TIME_STAMP_INDEX = -2

createContentKey(timeSlot, onEncryptedKeys, onError=<staticmethod object>)

Create the content key corresponding to the timeSlot. This first checks if the content key exists. For an existing content key, this returns the content key name directly. If the key does not exist, this creates one and encrypts it using the corresponding E-KEYs. The encrypted content keys are passed to the onEncryptedKeys callback.

Parameters:

• timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
• onEncryptedKeys (function object) – If this creates a content key, then this calls onEncryptedKeys(keys) where keys is a list of encrypted content key Data packets. If onEncryptedKeys is None, this does not use it. NOTE: The library will log any exceptions raised by this callback, but for better error handling the callback should catch and properly handle any exceptions.
• onError (function object) – (optional) This calls errorCode, message) for an error, where errorCode is from EncryptError.ErrorCode and message is a str. If omitted, use a default callback which does nothing. NOTE: The library will log any exceptions raised by this callback, but for better error handling the callback should catch and properly handle any exceptions.

Returns:

The content key name.

Return type:

Name

static defaultOnError(errorCode, message)

The default onError callback which does nothing.

static excludeAfter(exclude, fromComponent)

Exclude all components in the range beginning at “fromComponent”.

Parameters:

• exclude (Exclude) – The Exclude object to update.
• fromComponent (Name.Component) – The first component in the exclude range.

static excludeBefore(exclude, to)

Exclude all components in the range ending at “to”.

Parameters:

• exclude (Exclude) – The Exclude object to update.
• to (Name.Component) – The last component in the exclude range.

static excludeRange(exclude, fromComponent, to)

Exclude all components in the range beginning at “fromComponent” and ending at “to”.

Parameters:

• exclude (Exclude) – The Exclude object to update.
• fromComponent (Name.Component) – The first component in the exclude range.
• to (Name.Component) – The last component in the exclude range.

static findEntryBeforeOrAt(entries, component)

Get the latest entry in the array whose component is less than or equal to component.

Parameters:

• entries (Array<ExcludeEntry>) – The array of ExcludeEntry.
• component (Name.Component) – The component to compare.

Returns:

The index of the found entry, or -1 if not found.

Return type:

int

static getExcludeEntries(exclude)

Create a list of ExcludeEntry from the Exclude object.

Parameters:exclude (Exclude) – The Exclude object to read. Returns:A new array of ExcludeEntry. Return type:Array<ExcludeEntry>

produce(data, timeSlot, content, onError=<staticmethod object>)

Encrypt the given content with the content key that covers timeSlot, and update the data packet with the encrypted content and an appropriate data name.

Parameters:

• data (Data) – An empty Data object which is updated.
• timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
• content (Blob) – The content to encrypt.
• onError (function object) – (optional) This calls onError(errorCode, message) for an error, where errorCode is from EncryptError.ErrorCode and message is a str. If omitted, use a default callback which does nothing. NOTE: The library will log any exceptions raised by this callback, but for better error handling the callback should catch and properly handle any exceptions.

static setExcludeEntries(exclude, entries)

Set the Exclude object from the array of ExcludeEntry.

Parameters:

• exclude (Exclude) – The Exclude object to update.
• entries (Array<ExcludeEntry>) – The array of ExcludeEntry.

pyndn.encrypt.producer_db module

This module defines the ProducerDb class which is an abstract base class for the storage of keys for the producer. It contains one table that maps time slots (to the nearest hour) to the content key created for that time slot. A subclass must implement the methods. For example, see Sqlite3ProducerDb. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.producer_db.ProducerDb

Bases: object

exception Error(message)

Bases: exceptions.Exception

addContentKey(timeSlot, key)

Add key as the content key for the hour covering timeSlot.

Parameters:

• timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
• key (Blob) – The encoded key.

Raises:

ProducerDb.Error – If a key for the same hour already exists in the database, or other database error.

deleteContentKey(timeSlot)

Delete the content key for the hour covering timeSlot. If there is no key for the time slot, do nothing.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC. Raises:ProducerDb.Error – For a database error.

getContentKey(timeSlot)

Get the content key for the hour covering timeSlot.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC. Returns:A Blob with the encoded key. Return type:Blob Raises:ProducerDb.Error – If there is no key covering timeSlot or other database error.

static getFixedTimeSlot(timeSlot)

Get the hour-based time slot.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC. Returns:The hour-based time slot as hours since Jan 1, 1970 UTC. Return type:int

hasContentKey(timeSlot)

Check if a content key exists for the hour covering timeSlot.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC. Returns:True if there is a content key for timeSlot. Return type:bool Raises:ProducerDb.Error – For a database error.

pyndn.encrypt.repetitive_interval module

This module defines the RepetitiveInterval class which is an advanced interval which can repeat and can be used to find a simple Interval that a time point falls in. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.repetitive_interval.RepetitiveInterval(startDate=None, endDate=None, intervalStartHour=None, intervalEndHour=None, nRepeats=None, repeatUnit=None)

Bases: object

Create a RepetitiveInterval with one of these forms: RepetitiveInterval() A RepetitiveInterval with one day duration, non-repeating.. RepetitiveInterval(startDate, endDate, intervalStartHour, intervalEndHour, nRepeats, repeatUnit). RepetitiveInterval(repetitiveInterval).

Parameters:

• startDate (float) – The start date as milliseconds since Jan 1, 1970 UTC. startDate must be earlier than or same as endDate. Or if repeatUnit is RepetitiveInterval.RepeatUnit.NONE, then it must equal endDate.
• endDate (float) – The end date as milliseconds since Jan 1, 1970 UTC.
• intervalStartHour (int) – The start hour in the day, from 0 to 23. intervalStartHour must be less than intervalEndHour.
• intervalEndHour (int) – The end hour in the day from 1 to 24.
• nRepeats (int) – (optional) Repeat the interval nRepeats repetitions, every unit, until endDate. If ommitted, use 0.
• repeatUnit (int) – (optional) The unit of the repetition, from RepetitiveInterval.RepeatUnit. If ommitted, use NONE. If this is NONE or ommitted, then startDate must equal endDate.

MILLISECONDS_IN_DAY = 86400000

MILLISECONDS_IN_HOUR = 3600000

class RepeatUnit

Bases: object

DAY = 1

MONTH = 2

NONE = 0

YEAR = 3

class Result(isPositive, interval)

Bases: object

compare(other)

Compare this to the other RepetitiveInterval.

Parameters:other (RepetitiveInterval) – The other RepetitiveInterval to compare to. Returns:-1 if this is less than the other, 1 if greater and 0 if equal. Return type:int

getEndDate()

Get the end date.

Returns:The end date as milliseconds since Jan 1, 1970 UTC. Return type:float

getInterval(timePoint)

Get an interval that covers the time point. If there is no interval covering the time point, this returns False for isPositive and returns a negative interval.

Parameters:timePoint (float) – The time point as milliseconds since Jan 1, 1970 UTC. Returns:An object with fields “isPositive” and “interval” where isPositive is True if the returned interval is positive or False if negative, and interval is the Interval covering the time point or a negative interval if not found. Return type:RepetitiveInterval.Result

getIntervalEndHour()

Get the interval end hour.

Returns:The interval end hour. Return type:int

getIntervalStartHour()

Get the interval start hour.

Returns:The interval start hour. Return type:int

getNRepeats()

Get the number of repeats.

Returns:The number of repeats. Return type:int

getRepeatUnit()

Get the repeat unit.

Returns:The repeat unit, from RepetitiveInterval.RepeatUnit. Return type:int

getStartDate()

Get the start date.

Returns:The start date as milliseconds since Jan 1, 1970 UTC. Return type:float

pyndn.encrypt.schedule module

This module defines the Schedule class which is used to manage the times when a member can access data using two sets of RepetitiveInterval as follows. whiteIntervalList is an ordered set for the times a member is allowed to access to data, and blackIntervalList is for the times a member is not allowed. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.schedule.Schedule(value=None)

Bases: object

Create a Schedule with one of these forms: Schedule() A Schedule with empty whiteIntervalList and blackIntervalList. Schedule(schedule). A copy of the given schedule.

class Result(isPositive, interval)

Bases: object

addBlackInterval(repetitiveInterval)

Add the repetitiveInterval to the blackIntervalList.

Parameters:repetitiveInterval (RepetitiveInterval) – The RepetitiveInterval to add. If the list already contains the same RepetitiveInterval, this does nothing. Returns:This Schedule so you can chain calls to add. Return type:Schedule

addWhiteInterval(repetitiveInterval)

Add the repetitiveInterval to the whiteIntervalList.

Parameters:repetitiveInterval (RepetitiveInterval) – The RepetitiveInterval to add. If the list already contains the same RepetitiveInterval, this does nothing. Returns:This Schedule so you can chain calls to add. Return type:Schedule

static fromIsoString(timeString)

Convert an ISO time representation with the “T” in the middle to a UNIX timestamp.

Parameters:timeString (str) – The ISO time representation. Returns:The timestamp as milliseconds since Jan 1, 1970 UTC. Return type:float

getCoveringInterval(timeStamp)

Get the interval that covers the time stamp. This iterates over the two repetitive interval sets and find the shortest interval that allows a group member to access the data. If there is no interval covering the time stamp, this returns False for isPositive and a negative interval.

Parameters:timeStamp (float) – The time stamp as milliseconds since Jan 1, 1970 UTC. Returns:An object with fields “isPositive” and “interval” where isPositive is True if the returned interval is positive or False if negative, and interval is the Interval covering the time stamp, or a negative interval if not found. Return type:Schedule.Result

static toIsoString(msSince1970)

Convert a UNIX timestamp to ISO time representation with the “T” in the middle.

Parameters:msSince1970 (float) – Timestamp as milliseconds since Jan 1, 1970 UTC. Returns:The string representation. Return type:str

wireDecode(input)

Decode the input and update this Schedule object.

Parameters:input (An array type with int elements) – The array with the bytes to decode. Raises:ValueError – For invalid encoding.

wireEncode()

Encode this Schedule.

Returns:The encoded buffer. Return type:Blob

pyndn.encrypt.sqlite3_consumer_db module

This module defines the Sqlite3ConsumerDb class which extends ConsumerDb to implement the storage of decryption keys for the consumer using SQLite3. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.sqlite3_consumer_db.Sqlite3ConsumerDb(databaseFilePath)

Bases: pyndn.encrypt.consumer_db.ConsumerDb

Create an Sqlite3ConsumerDb to use the given SQLite3 file.

Parameters:databaseFilePath (str) – The path of the SQLite file.

addKey(keyName, keyBlob)

Add the key with keyName and keyBlob to the database.

Parameters:

• keyName (Name) – The key name.
• keyBlob (Blob) – The encoded key.

Raises:

ConsumerDb.Error – If a key with the same keyName already exists in the database, or other database error.

deleteKey(keyName)

Delete the key with keyName from the database. If there is no key with keyName, do nothing.

Parameters:keyName (Name) – The key name. Raises:ConsumerDb.Error – For a database error.

getKey(keyName)

Get the key with keyName from the database.

Parameters:keyName (Name) – The key name. Returns:A Blob with the encoded key, or an isNull Blob if cannot find the key with keyName. Return type:Blob Raises:ConsumerDb.Error – For a database error.

pyndn.encrypt.sqlite3_group_manager_db module

This module defines the Sqlite3GroupManagerDb class which extends GroupManagerDb to implement the storage of data used by the GroupManager using SQLite. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.sqlite3_group_manager_db.Sqlite3GroupManagerDb(databaseFilePath)

Bases: pyndn.encrypt.group_manager_db.GroupManagerDb

Create an Sqlite3GroupManagerDb to use the given SQLite3 file.

Parameters:databaseFilePath (str) – The path of the SQLite file.

addEKey(eKeyName, publicKey, privateKey)

Add the EKey with name eKeyName to the database.

Parameters:

• eKeyName (Name) – The name of the EKey. This copies the Name.
• publicKey (Blob) – The encoded public key of the group key pair.
• privateKey (Blob) – The encoded private key of the group key pair.

Raises:

GroupManagerDb.Error – If a key with name eKeyName already exists in the database, or other database error.

addMember(scheduleName, keyName, key)

Add a new member with the given key named keyName into a schedule named scheduleName. The member’s identity name is keyName.getPrefix(-1).

Parameters:

• scheduleName (str) – The schedule name.
• keyName (Name) – The name of the key.
• key (Blob) – A Blob of the public key DER.

Raises:

GroupManagerDb.Error – If there’s no schedule named scheduleName, if the member’s identity name already exists, or other database error.

addSchedule(name, schedule)

Add a schedule with the given name.

Parameters:

• name (str) – The name of the schedule. The name cannot be empty.
• schedule (Schedule) – The Schedule to add.

Raises:

GroupManagerDb.Error – If a schedule with the same name already exists, if the name is empty, or other database error.

cleanEKeys()

Delete all the EKeys in the database. The database will keep growing because EKeys will keep being added, so this method should be called periodically.

Raises:GroupManagerDb.Error – For a database error.

deleteEKey(eKeyName)

Delete the EKey with name eKeyName from the database. If no key with the name exists in the database, do nothing.

Parameters:eKeyName (Name) – The name of the EKey. Raises:GroupManagerDb.Error – For a database error.

deleteMember(identity)

Delete a member with the given identity name. If there is no member with the identity name, then do nothing.

Parameters:identity (Name) – The member’s identity name. Raises:GroupManagerDb.Error – For a database error.

deleteSchedule(name)

Delete the schedule with the given name. Also delete members which use this schedule. If there is no schedule with the name, then do nothing.

Parameters:name (str) – The name of the schedule. Raises:GroupManagerDb.Error – For a database error.

getEKey(eKeyName)

Get the group key pair with the name eKeyName from the database.

Parameters:eKeyName (Name) – The name of the EKey. Returns:A tuple (privateKeyBlob, publicKeyBlob) where “privateKeyBlob” is the encoding Blob of the private key and “publicKeyBlob” is the encoding Blob of the public key. Return type:(Blob, Blob) Raises:GroupManagerDb.Error – If the key with name eKeyName does not exist in the database, or other database error.

getMemberSchedule(identity)

Get the name of the schedule for the given member’s identity name.

Parameters:identity (Name) – The member’s identity name. Returns:The name of the schedule. Return type:str Raises:GroupManagerDb.Error – If there’s no member with the given identity name in the database, or other database error.

getSchedule(name)

Get a schedule with the given name.

Parameters:name (str) – The name of the schedule. Returns:A new Schedule object. Return type:Schedule Raises:GroupManagerDb.Error – If the schedule does not exist or other database error.

getScheduleMembers(name)

For each member using the given schedule, get the name and public key DER of the member’s key.

Parameters:name (str) – The name of the schedule. Returns:a new dictionary where the dictionary’s key is the Name of the public key and the value is the Blob of the public key DER. Note that the member’s identity name is keyName.getPrefix(-1). If the schedule name is not found, the dictionary is empty. Return type:dictionary<Name, Blob> Raises:GroupManagerDb.Error – For a database error.

hasEKey(eKeyName)

Check if there is an EKey with the name eKeyName in the database.

Parameters:eKeyName (Name) – The name of the EKey. Returns:True if the EKey exists. Return type:bool Raises:GroupManagerDb.Error – For a database error.

hasMember(identity)

Check if there is a member with the given identity name.

Parameters:identity (Name) – The member’s identity name. Returns:True if there is a member. Return type:bool Raises:GroupManagerDb.Error – For a database error.

hasSchedule(name)

Check if there is a schedule with the given name.

Parameters:name (str) – The name of the schedule. Returns:True if there is a schedule. Return type:bool Raises:GroupManagerDb.Error – For a database error.

listAllMembers()

List all the members.

Returns:A new List of Name with the names of all members. Return type:Array<Name> Raises:GroupManagerDb.Error – For a database error.

listAllScheduleNames()

List all the names of the schedules.

Returns:A new List of String with the names of all schedules. Return type:Array<str> Raises:GroupManagerDb.Error – For a database error.

renameSchedule(oldName, newName)

Rename a schedule with oldName to newName.

Parameters:

• oldName (str) – The name of the schedule to be renamed.
• newName (str) – The new name of the schedule. The name cannot be empty.

Raises:

GroupManagerDb.Error – If a schedule with newName already exists, if the schedule with oldName does not exist, if newName is empty, or other database error.

updateMemberSchedule(identity, scheduleName)

Change the name of the schedule for the given member’s identity name.

Parameters:

• identity (Name) – The member’s identity name.
• scheduleName (str) – The new schedule name.

Raises:

GroupManagerDb.Error – If there’s no member with the given identity name in the database, or there’s no schedule named scheduleName, or other database error.

updateSchedule(name, schedule)

Update the schedule with name and replace the old object with the given schedule. Otherwise, if no schedule with name exists, a new schedule with name and the given schedule will be added to database.

Parameters:

• name (str) – The name of the schedule. The name cannot be empty.
• schedule (Schedule) – The Schedule to update or add.

Raises:

GroupManagerDb.Error – If the name is empty, or other database error.

pyndn.encrypt.sqlite3_producer_db module

This module defines the Sqlite3ProducerDb class which extends ProducerDb to implement storage of keys for the producer using SQLite3. It contains one table that maps time slots (to the nearest hour) to the content key created for that time slot. Note: This class is an experimental feature. The API may change.

class pyndn.encrypt.sqlite3_producer_db.Sqlite3ProducerDb(databaseFilePath)

Bases: pyndn.encrypt.producer_db.ProducerDb

Create an Sqlite3ProducerDb to use the given SQLite3 file.

Parameters:databaseFilePath (str) – The path of the SQLite file.

addContentKey(timeSlot, key)

Add key as the content key for the hour covering timeSlot.

Parameters:

• timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC.
• key (Blob) – The encoded key.

Raises:

ProducerDb.Error – If a key for the same hour already exists in the database, or other database error.

deleteContentKey(timeSlot)

Delete the content key for the hour covering timeSlot. If there is no key for the time slot, do nothing.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC. Raises:ProducerDb.Error – For a database error.

getContentKey(timeSlot)

Get the content key for the hour covering timeSlot.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC. Returns:A Blob with the encoded key. Return type:Blob Raises:ProducerDb.Error – If there is no key covering timeSlot or other database error.

hasContentKey(timeSlot)

Check if a content key exists for the hour covering timeSlot.

Parameters:timeSlot (float) – The time slot as milliseconds since Jan 1, 1970 UTC. Returns:True if there is a content key for timeSlot. Return type:bool Raises:ProducerDb.Error – For a database error.

Module contents