Nucypher
/
nucypher
mirror of https://github.com/nucypher/nucypher.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Updating the codebase to follow the Keyring -> Keystore API.

pull/2701/head
Kieran R. Prasch 2021-06-08 13:58:55 -07:00
parent e3868df4d1
commit 37a944df44
21 changed files with 93 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
nucypher/blockchain/eth/clients.py
View File

@ -513,7 +513,7 @@ class EthereumTesterClient(EthereumClient):
is_local = True
def unlock_account(self, account, password, duration: int = None) -> bool:
"""Returns True if the testing backend keyring has control of the given address."""
"""Returns True if the testing backend keystore has control of the given address."""
account = to_checksum_address(account)
keystore_accounts = self.w3.provider.ethereum_tester.get_accounts()
if account in keystore_accounts:
@ -524,7 +524,7 @@ class EthereumTesterClient(EthereumClient):
unlock_seconds=duration)
def lock_account(self, account) -> bool:
"""Returns True if the testing backend keyring has control of the given address."""
"""Returns True if the testing backend keystore has control of the given address."""
account = to_canonical_address(account)
keystore_accounts = self.w3.provider.ethereum_tester.backend.get_accounts()
if account in keystore_accounts:

17
nucypher/characters/base.py
View File

@ -76,7 +76,7 @@ class Character(Learner):
federated_only: bool = False,
checksum_address: str = None,
network_middleware: RestMiddleware = None,
keyring: Keystore = None,
keystore: Keystore = None,
crypto_power: CryptoPower = None,
crypto_power_ups: List[CryptoPowerUp] = None,
provider_uri: str = None,
@ -138,18 +138,12 @@ class Character(Learner):
# Keys & Powers
#
if keyring:
keyring_root, keyring_checksum_address = keyring.keyring_root, keyring.checksum_address
if checksum_address and (keyring_checksum_address != checksum_address):
raise ValueError(f"Provided checksum address {checksum_address} "
f"does not match character's keyring checksum address {keyring_checksum_address}")
checksum_address = keyring_checksum_address
if keystore:
crypto_power_ups = list()
for power_up in self._default_crypto_powerups:
power = keyring.derive_crypto_power(power_class=power_up)
power = keystore.derive_crypto_power(power_class=power_up)
crypto_power_ups.append(power)
self.keyring = keyring
self.keystore = keystore
if crypto_power and crypto_power_ups:
raise ValueError("Pass crypto_power or crypto_power_ups (or neither), but not both.")
@ -203,6 +197,7 @@ class Character(Learner):
try:
derived_federated_address = self.derive_federated_address()
except NoSigningPower:
# TODO: Why allow such a character (without signing power) to be created at all?
derived_federated_address = NO_SIGNING_POWER.bool_value(False)
if checksum_address and (checksum_address != derived_federated_address):
@ -225,7 +220,7 @@ class Character(Learner):
verifying_key = self.public_keys(SigningPower)
self._stamp = StrangerStamp(verifying_key)
self.keyring_root = STRANGER
self.keystore_dir = STRANGER
self.network_middleware = STRANGER
self.checksum_address = checksum_address

4
nucypher/characters/lawful.py
View File

@ -1186,9 +1186,9 @@ class Ursula(Teacher, Character, Worker):
# Pre-existing or injected power
tls_hosting_power = self._crypto_power.power_ups(TLSHostingPower)
except TLSHostingPower.not_found_error:
if self.keyring:
if self.keystore:
# Derive TLS private key from seed
tls_hosting_power = self.keyring.derive_crypto_power(TLSHostingPower, host=host)
tls_hosting_power = self.keystore.derive_crypto_power(TLSHostingPower, host=host)
else:
# Generate ephemeral private key ("Dev Mode")
tls_hosting_keypair = HostingKeypair(host=host, generate_certificate=True)

2
nucypher/characters/unlawful.py
View File

@ -101,7 +101,7 @@ class Vladimir(Ursula):
password = 'iamverybadass'
blockchain.w3.provider.ethereum_tester.add_account(cls.fraud_key, password=password)
except (ValidationError,):
# check if Vlad's key is already on the keyring...
# check if Vlad's key is already on the keystore...
if cls.fraud_address in blockchain.client.accounts:
return True
else:

19
nucypher/cli/actions/auth.py
View File

@ -27,12 +27,12 @@ from nucypher.characters.control.emitters import StdoutEmitter
from nucypher.cli.literature import (
COLLECT_ETH_PASSWORD,
COLLECT_NUCYPHER_PASSWORD,
DECRYPTING_CHARACTER_KEYRING,
DECRYPTING_CHARACTER_KEYSTORE,
GENERIC_PASSWORD_PROMPT,
PASSWORD_COLLECTION_NOTICE
)
from nucypher.config.base import CharacterConfiguration
from nucypher.config.constants import NUCYPHER_ENVVAR_KEYRING_PASSWORD
from nucypher.config.constants import NUCYPHER_ENVVAR_KEYSTORE_PASSWORD
from nucypher.crypto.keystore import Keystore
@ -78,19 +78,19 @@ def unlock_signer_account(config: CharacterConfiguration, json_ipc: bool) -> Non
config.signer.unlock_account(account=config.checksum_address, password=__password)
def get_nucypher_password(emitter, confirm: bool = False, envvar=NUCYPHER_ENVVAR_KEYRING_PASSWORD) -> str:
def get_nucypher_password(emitter, confirm: bool = False, envvar=NUCYPHER_ENVVAR_KEYSTORE_PASSWORD) -> str:
"""Interactively collect a nucypher password"""
prompt = COLLECT_NUCYPHER_PASSWORD
if confirm:
emitter.message(PASSWORD_COLLECTION_NOTICE)
prompt += f" ({Keystore._MINIMUM_PASSWORD_LENGTH} character minimum)"
keyring_password = get_password_from_prompt(prompt=prompt, confirm=confirm, envvar=envvar)
return keyring_password
keystore_password = get_password_from_prompt(prompt=prompt, confirm=confirm, envvar=envvar)
return keystore_password
def unlock_nucypher_keyring(emitter: StdoutEmitter, password: str, character_configuration: CharacterConfiguration) -> bool:
"""Unlocks a nucypher keyring and attaches it to the supplied configuration if successful."""
emitter.message(DECRYPTING_CHARACTER_KEYRING.format(name=character_configuration.NAME.capitalize()), color='yellow')
def unlock_nucypher_keystore(emitter: StdoutEmitter, password: str, character_configuration: CharacterConfiguration) -> bool:
"""Unlocks a nucypher keystore and attaches it to the supplied configuration if successful."""
emitter.message(DECRYPTING_CHARACTER_KEYSTORE.format(name=character_configuration.NAME.capitalize()), color='yellow')
# precondition
if character_configuration.dev_mode:
@ -98,8 +98,7 @@ def unlock_nucypher_keyring(emitter: StdoutEmitter, password: str, character_con
# unlock
try:
character_configuration.attach_keystore()
character_configuration.keyring.unlock(password=password) # Takes ~3 seconds, ~1GB Ram
character_configuration.keystore.unlock(password=password) # Takes ~3 seconds, ~1GB Ram
except CryptoError:
raise Keystore.AuthenticationFailed
else:

2
nucypher/cli/actions/confirm.py
View File

@ -115,7 +115,7 @@ def confirm_destroy_configuration(config: CharacterConfiguration) -> bool:
database = "No database found"
confirmation = CHARACTER_DESTRUCTION.format(name=config.NAME,
root=config.config_root,
keystore=config.keyring_root,
keystore=config.keystore_dir,
nodestore=config.node_storage.source,
config=config.filepath,
database=database)

2
nucypher/cli/commands/alice.py
View File

@ -264,7 +264,7 @@ class AliceCharacterOptions:
try:
ALICE = make_cli_character(character_config=config,
emitter=emitter,
unlock_keyring=not config.dev_mode,
unlock_keystore=not config.dev_mode,
unlock_signer=not config.federated_only,
teacher_uri=self.teacher_uri,
min_stake=self.min_stake,

2
nucypher/cli/commands/bob.py
View File

@ -200,7 +200,7 @@ class BobCharacterOptions:
config = self.config_options.create_config(emitter, config_file)
BOB = make_cli_character(character_config=config,
emitter=emitter,
unlock_keyring=not self.config_options.dev,
unlock_keystore=not self.config_options.dev,
unlock_signer=not config.federated_only and config.signer_uri,
teacher_uri=self.teacher_uri,
min_stake=self.min_stake,

4
nucypher/cli/commands/felix.py
View File

@ -23,7 +23,7 @@ from nucypher.characters.control.emitters import StdoutEmitter
from nucypher.cli.actions.auth import (
get_client_password,
get_nucypher_password,
unlock_nucypher_keyring
unlock_nucypher_keystore
)
from nucypher.cli.actions.configure import destroy_configuration, handle_missing_configuration_file
from nucypher.cli.actions.select import select_config_file
@ -161,7 +161,7 @@ class FelixCharacterOptions:
try:
# Authenticate
unlock_nucypher_keyring(emitter,
unlock_nucypher_keystore(emitter,
character_configuration=felix_config,
password=get_nucypher_password(emitter=emitter, confirm=False))

2
nucypher/cli/commands/ursula.py
View File

@ -263,7 +263,7 @@ class UrsulaCharacterOptions:
emitter=emitter,
min_stake=self.min_stake,
teacher_uri=self.teacher_uri,
unlock_keyring=not self.config_options.dev,
unlock_keystore=not self.config_options.dev,
client_password=__password,
unlock_signer=False, # Ursula's unlock is managed separately using client_password.
lonely=self.config_options.lonely,

4
nucypher/cli/literature.py
View File

@ -426,11 +426,11 @@ Do not forget this password, and ideally store it using a password manager.
COLLECT_ETH_PASSWORD = "Enter ethereum account password ({checksum_address})"
COLLECT_NUCYPHER_PASSWORD = 'Enter nucypher keyring password'
COLLECT_NUCYPHER_PASSWORD = 'Enter nucypher keystore password'
GENERIC_PASSWORD_PROMPT = "Enter password"
DECRYPTING_CHARACTER_KEYRING = 'Authenticating {name}'
DECRYPTING_CHARACTER_KEYSTORE = 'Authenticating {name}'
#

20
nucypher/cli/painting/help.py
View File

@ -17,11 +17,15 @@ along with nucypher. If not, see <https://www.gnu.org/licenses/>.
import click
import maya
from constant_sorrow.constants import NO_KEYRING_ATTACHED
from constant_sorrow.constants import NO_KEYSTORE_ATTACHED
from nucypher.blockchain.eth.sol.__conf__ import SOLIDITY_COMPILER_VERSION
from nucypher.characters.banners import NUCYPHER_BANNER
from nucypher.config.constants import DEFAULT_CONFIG_ROOT, USER_LOG_DIR, END_OF_POLICIES_PROBATIONARY_PERIOD
from nucypher.config.constants import (
DEFAULT_CONFIG_ROOT,
USER_LOG_DIR,
END_OF_POLICIES_PROBATIONARY_PERIOD
)
def echo_version(ctx, param, value):
@ -56,20 +60,20 @@ def paint_new_installation_help(emitter, new_configuration, filepath):
character_config_class = new_configuration.__class__
character_name = character_config_class.NAME.lower()
if new_configuration.keyring != NO_KEYRING_ATTACHED:
maybe_public_key = bytes(new_configuration.keyring.signing_public_key).hex()
if new_configuration.keyring != NO_KEYSTORE_ATTACHED:
maybe_public_key = bytes(new_configuration.keystore.id).hex()
else:
maybe_public_key = "(no keyring attached)"
emitter.message(f"Generated keyring", color='green')
emitter.message(f"Generated keystore", color='green')
emitter.message(f"""
Public Key: {new_configuration.keyring.id}
Path to Keystore: {new_configuration.keyring_root}
Public Key: {maybe_public_key}
Path to Keystore: {new_configuration.keystore_dir}
- You can share your public key with anyone. Others need it to interact with you.
- Never share secret keys with anyone!
- Backup your keyring! Character keys are required to interact with the protocol!
- Backup your keystore! Character keys are required to interact with the protocol!
- Remember your password! Without the password, it's impossible to decrypt the key!
""")

10
nucypher/cli/utils.py
View File

@ -42,7 +42,7 @@ from nucypher.characters.base import Character
from nucypher.characters.control.emitters import StdoutEmitter
from nucypher.cli.actions.auth import (
get_nucypher_password,
unlock_nucypher_keyring,
unlock_nucypher_keystore,
unlock_signer_account
)
from nucypher.cli.literature import (
@ -68,7 +68,7 @@ def setup_emitter(general_config, banner: str = None) -> StdoutEmitter:
def make_cli_character(character_config,
emitter,
unlock_keyring: bool = True,
unlock_keystore: bool = True,
unlock_signer: bool = True,
teacher_uri: str = None,
min_stake: int = 0,
@ -80,9 +80,9 @@ def make_cli_character(character_config,
# Pre-Init
#
# Handle Keyring
if unlock_keyring:
unlock_nucypher_keyring(emitter,
# Handle KEYSTORE
if unlock_keystore:
unlock_nucypher_keystore(emitter,
character_configuration=character_config,
password=get_nucypher_password(emitter=emitter, confirm=False))

57
nucypher/config/base.py
View File

@ -19,8 +19,10 @@
import json
import os
import re
import tempfile
from abc import ABC, abstractmethod
from decimal import Decimal
from pathlib import Path
from tempfile import TemporaryDirectory
from typing import Union, Callable, Optional, List
@ -312,7 +314,7 @@ class CharacterConfiguration(BaseConfiguration):
'Sideways Engagement' of Character classes; a reflection of input parameters.
"""
VERSION = 2 # bump when static payload scheme changes
VERSION = 3 # bump when static payload scheme changes
CHARACTER_CLASS = NotImplemented
DEFAULT_CONTROLLER_PORT = NotImplemented
@ -337,7 +339,7 @@ class CharacterConfiguration(BaseConfiguration):
'gas_strategy',
'max_gas_price', # gwei
'signer_uri',
'keyring_root'
'keystore_path'
)
def __init__(self,
@ -355,9 +357,9 @@ class CharacterConfiguration(BaseConfiguration):
checksum_address: str = None,
crypto_power: CryptoPower = None,
# Keyring
keyring: Keystore = None,
keyring_root: str = None,
# Keystore
keystore: Keystore = None,
keystore_path: Path = None,
# Learner
learn_on_same_thread: bool = False,
@ -403,10 +405,12 @@ class CharacterConfiguration(BaseConfiguration):
self.is_me = True
self.checksum_address = checksum_address
# Keyring
# Keystore
self.crypto_power = crypto_power
self.keyring = keyring or NO_KEYSTORE_ATTACHED
self.keyring_root = keyring_root or UNINITIALIZED_CONFIGURATION
if keystore_path and not keystore:
keystore = Keystore(keystore_path=keystore_path)
self.__keystore = self.__keystore = keystore or NO_KEYSTORE_ATTACHED.bool_value(False)
self.keystore_dir = Path(keystore.keystore_path).parent if keystore else UNINITIALIZED_CONFIGURATION
# Contract Registry
if registry and registry_filepath:
@ -522,6 +526,10 @@ class CharacterConfiguration(BaseConfiguration):
def __call__(self, **character_kwargs):
return self.produce(**character_kwargs)
@property
def keystore(self) -> Keystore:
return self.__keystore
@classmethod
def checksum_address_from_filepath(cls, filepath: str) -> str:
pattern = re.compile(r'''
@ -588,8 +596,6 @@ class CharacterConfiguration(BaseConfiguration):
def destroy(self) -> None:
"""Parse a node configuration and remove all associated files from the filesystem"""
self.attach_keystore() # TODO: use keystore ID here
self.keyring.destroy()
os.remove(self.config_file_location)
def generate_parameters(self, **overrides) -> dict:
@ -636,7 +642,6 @@ class CharacterConfiguration(BaseConfiguration):
filepath = filepath or cls.default_filepath()
assembled_params = cls.assemble(filepath=filepath, **overrides)
node_configuration = cls(filepath=filepath, **assembled_params)
from nucypher.config.characters import UrsulaConfiguration
return node_configuration
def validate(self) -> bool:
@ -657,13 +662,13 @@ class CharacterConfiguration(BaseConfiguration):
def static_payload(self) -> dict:
"""Exported static configuration values for initializing Ursula"""
keystore_path = str(self.keystore.keystore_path) if self.keystore else None
payload = dict(
# Identity
federated_only=self.federated_only,
checksum_address=self.checksum_address,
keyring_root=self.keyring_root,
keystore_path=keystore_path,
# Behavior
domain=self.domain,
@ -697,9 +702,12 @@ class CharacterConfiguration(BaseConfiguration):
return payload
@property # TODO: Graduate to a method and "derive" dynamic from static payload.
@property
def dynamic_payload(self) -> dict:
"""Exported dynamic configuration values for initializing Ursula"""
"""
Exported dynamic configuration values for initializing Ursula.
These values are used to init a character instance but are not saved to the JSON configuration.
"""
payload = dict()
if not self.federated_only:
payload.update(dict(registry=self.registry, signer=self.signer))
@ -707,7 +715,7 @@ class CharacterConfiguration(BaseConfiguration):
payload.update(dict(network_middleware=self.network_middleware or self.DEFAULT_NETWORK_MIDDLEWARE(),
known_nodes=self.known_nodes,
node_storage=self.node_storage,
keyring=self.keyring,
keystore=self.keystore,
crypto_power_ups=self.derive_node_power_ups()))
return payload
@ -720,7 +728,7 @@ class CharacterConfiguration(BaseConfiguration):
@property
def runtime_filepaths(self) -> dict:
filepaths = dict(config_root=self.config_root,
keyring_root=self.keyring_root,
keystore_dir=self.keystore_dir,
registry_filepath=self.registry_filepath)
return filepaths
@ -729,7 +737,7 @@ class CharacterConfiguration(BaseConfiguration):
"""Dynamically generate paths based on configuration root directory"""
filepaths = dict(config_root=config_root,
config_file_location=os.path.join(config_root, cls.generate_filename()),
keyring_root=os.path.join(config_root, 'keyring'))
keystore_dir=os.path.join(config_root, 'keystore'))
return filepaths
def _cache_runtime_filepaths(self) -> None:
@ -739,14 +747,11 @@ class CharacterConfiguration(BaseConfiguration):
if getattr(self, field) is UNINITIALIZED_CONFIGURATION:
setattr(self, field, filepath)
def attach_keystore(self, keystore_id, *args, **kwargs) -> None:
self.keyring = Keystore.load(keystore_id)
def derive_node_power_ups(self) -> List[CryptoPowerUp]:
power_ups = list()
if self.is_me and not self.dev_mode:
for power_class in self.CHARACTER_CLASS._default_crypto_powerups:
power_up = self.keyring.derive_crypto_power(power_class)
power_up = self.keystore.derive_crypto_power(power_class)
power_ups.append(power_up)
return power_ups
@ -761,7 +766,7 @@ class CharacterConfiguration(BaseConfiguration):
# Persistent
else:
self._ensure_config_root_exists()
self.write_keyring(password=password)
self.write_keystore(password=password)
self._cache_runtime_filepaths()
self.node_storage.initialize()
@ -775,9 +780,9 @@ class CharacterConfiguration(BaseConfiguration):
self.log.debug(message)
return self.config_root
def write_keyring(self, password: str) -> Keystore:
self.keyring = Keystore.generate(password=password, keystore_dir=self.keyring_root)
return self.keyring
def write_keystore(self, password: str) -> Keystore:
self.__keystore = Keystore.generate(password=password, keystore_dir=self.keystore_dir)
return self.keystore
@classmethod
def load_node_storage(cls, storage_payload: dict, federated_only: bool):

26
nucypher/config/characters.py
View File

@ -33,7 +33,6 @@ from nucypher.config.constants import (
NUCYPHER_ENVVAR_ALICE_ETH_PASSWORD,
NUCYPHER_ENVVAR_BOB_ETH_PASSWORD
)
from nucypher.crypto.keystore import Keystore
from nucypher.utilities.networking import LOOPBACK_ADDRESS
@ -100,7 +99,7 @@ class UrsulaConfiguration(CharacterConfiguration):
return base_filepaths
def generate_filepath(self, modifier: str = None, *args, **kwargs) -> str:
filepath = super().generate_filepath(modifier=modifier or self.keyring.id[:8], *args, **kwargs)
filepath = super().generate_filepath(modifier=modifier or self.keystore.id[:8], *args, **kwargs)
return filepath
def static_payload(self) -> dict:
@ -137,9 +136,6 @@ class UrsulaConfiguration(CharacterConfiguration):
return ursula
def attach_keystore(self, keystore_id: str, *args, **kwargs) -> None:
return super().attach_keystore(keystore_id=keystore_id)
def destroy(self) -> None:
if os.path.isfile(self.db_filepath):
os.remove(self.db_filepath)
@ -203,12 +199,6 @@ class AliceConfiguration(CharacterConfiguration):
payload['payment_periods'] = self.payment_periods
return {**super().static_payload(), **payload}
def write_keyring(self, password: str, **generation_kwargs) -> Keystore:
return super().write_keyring(password=password,
encrypting=True,
rest=False,
**generation_kwargs)
class BobConfiguration(CharacterConfiguration):
from nucypher.characters.lawful import Bob
@ -234,12 +224,6 @@ class BobConfiguration(CharacterConfiguration):
self.store_policies = store_policies
self.store_cards = store_cards
def write_keyring(self, password: str, **generation_kwargs) -> Keystore:
return super().write_keyring(password=password,
encrypting=True,
rest=False,
**generation_kwargs)
def static_payload(self) -> dict:
payload = dict(
store_policies=self.store_policies,
@ -288,14 +272,6 @@ class FelixConfiguration(CharacterConfiguration):
)
return {**super().static_payload(), **payload}
def write_keyring(self, password: str, **generation_kwargs) -> Keystore:
return super().write_keyring(password=password,
encrypting=True, # TODO: #668
rest=True,
host=self.rest_host,
curve=self.tls_curve,
**generation_kwargs)
class StakeHolderConfiguration(CharacterConfiguration):

3
nucypher/config/constants.py
View File

@ -27,7 +27,7 @@ from maya import MayaDT
import nucypher
# Environment variables
NUCYPHER_ENVVAR_KEYRING_PASSWORD = "NUCYPHER_KEYRING_PASSWORD"
NUCYPHER_ENVVAR_KEYSTORE_PASSWORD = "NUCYPHER_KEYSTORE_PASSWORD"
NUCYPHER_ENVVAR_WORKER_ADDRESS = "NUCYPHER_WORKER_ADDRESS"
NUCYPHER_ENVVAR_WORKER_ETH_PASSWORD = "NUCYPHER_WORKER_ETH_PASSWORD"
NUCYPHER_ENVVAR_ALICE_ETH_PASSWORD = "NUCYPHER_ALICE_ETH_PASSWORD"
@ -72,5 +72,6 @@ TEMPORARY_DOMAIN = ":temporary-domain:" # for use with `--dev` node runtimes
# Event Blocks Throttling
NUCYPHER_EVENTS_THROTTLE_MAX_BLOCKS = 'NUCYPHER_EVENTS_THROTTLE_MAX_BLOCKS'
# Probationary period (see #2353, #2584)
END_OF_POLICIES_PROBATIONARY_PERIOD = MayaDT.from_iso8601('2021-08-31T23:59:59.0Z')

5
nucypher/crypto/keypairs.py
View File

@ -152,9 +152,8 @@ class HostingKeypair(Keypair):
) -> None:
if private_key:
if not certificate_filepath:
raise ValueError('public certificate required to load a hosting keypair.')
certificate = _read_tls_certificate(filepath=certificate_filepath)
if certificate_filepath:
certificate = _read_tls_certificate(filepath=certificate_filepath)
super().__init__(private_key=private_key)
elif certificate:

5
nucypher/crypto/keystore.py
View File

@ -20,6 +20,7 @@ import json
import os
import stat
import string
import tempfile
from json import JSONDecodeError
from os.path import abspath
from pathlib import Path
@ -250,8 +251,8 @@ def _parse_path(path: Path) -> Tuple[int, str]:
def _derive_hosting_power(host: str, private_key: UmbralPrivateKey) -> TLSHostingPower:
certificate, _private_key = generate_self_signed_certificate(host=host, private_key=private_key)
keypair = HostingKeypair(host=host, certificate=certificate, generate_certificate=False)
certificate, private_key = generate_self_signed_certificate(host=host, private_key=private_key)
keypair = HostingKeypair(host=host, private_key=private_key, certificate=certificate, generate_certificate=False)
power = TLSHostingPower(keypair=keypair, host=host)
return power

2
nucypher/crypto/tls.py
View File

@ -32,7 +32,7 @@ from cryptography.x509 import Certificate
from cryptography.x509.oid import NameOID
_TLS_CERTIFICATE_ENCODING = Encoding.PEM
_TLS_CURVE = ec.SECP256R1
_TLS_CURVE = ec.SECP384R1
def _write_tls_certificate(certificate: Certificate,

5
nucypher/policy/policies.py
View File

@ -471,6 +471,11 @@ class Policy(ABC):
Attempts to enact the policy, returns an `EnactedPolicy` object on success.
"""
# TODO: Why/is this needed here?
# Workaround for `RuntimeError: Learning loop is not running. Start it with start_learning().`
if not self.alice._learning_task.running:
self.alice.start_learning_loop()
arrangements = self._make_arrangements(network_middleware=network_middleware,
handpicked_ursulas=handpicked_ursulas)

6
nucypher/utilities/clouddeploy.py
View File

@ -36,7 +36,7 @@ from pathlib import Path
from ansible import context as ansible_context
from nucypher.blockchain.eth.clients import PUBLIC_CHAINS
from nucypher.blockchain.eth.networks import NetworksInventory
from nucypher.config.constants import DEFAULT_CONFIG_ROOT, DEPLOY_DIR, NUCYPHER_ENVVAR_KEYRING_PASSWORD, \
from nucypher.config.constants import DEFAULT_CONFIG_ROOT, DEPLOY_DIR, NUCYPHER_ENVVAR_KEYSTORE_PASSWORD, \
NUCYPHER_ENVVAR_WORKER_ETH_PASSWORD
NODE_CONFIG_STORAGE_KEY = 'worker-configs'
@ -230,7 +230,7 @@ class BaseCloudNodeConfigurator:
self.config = {
"namespace": self.namespace_network,
"keyringpassword": b64encode(os.urandom(64)).decode('utf-8'),
"keystorepassword": b64encode(os.urandom(64)).decode('utf-8'),
"ethpassword": b64encode(os.urandom(64)).decode('utf-8'),
}
# configure provider specific attributes
@ -311,7 +311,7 @@ class BaseCloudNodeConfigurator:
defaults = {
'envvars':
[
(NUCYPHER_ENVVAR_KEYRING_PASSWORD, self.config['keyringpassword']),
(NUCYPHER_ENVVAR_KEYSTORE_PASSWORD, self.config['keystorepassword']),
(NUCYPHER_ENVVAR_WORKER_ETH_PASSWORD, self.config['ethpassword']),
],
'cliargs': [