Integrate with timestamp verification when remembering node by saving the cert to disk first.

nucypher/characters/base.py

@@ -96,18 +96,19 @@ class Learner(ABC):
                 # This node is already known.  We can safely return.
                 return
 
+        certificate_filepath = node.save_certificate_to_disk(directory=self.known_certificates_dir)
         node.verify_node(self.network_middleware,  # TODO: Take middleware directly in this class?
                          force=force_verification_check,
-                         accept_federated_only=self.federated_only)  # TODO: 466
+                         accept_federated_only=self.federated_only,
+                         certificate_filepath=certificate_filepath)  # TODO: 466
 
-        listeners = self._learning_listeners.pop(node.checksum_public_address, ())
+        listeners = self._learning_listeners.pop(node.checksum_public_address, tuple())
         address = node.checksum_public_address
 
         self.__known_nodes[address] = node
 
         if self.save_metadata:
             node.write_node_metadata(node=node)
-            node.save_certificate_to_disk()
 
         self.log.info("Remembering {}, popping {} listeners.".format(node.checksum_public_address, len(listeners)))
         for listener in listeners:

nucypher/crypto/api.py

@@ -121,7 +121,8 @@ def _save_tls_certificate(certificate: Certificate,
                           force: bool = True,  # TODO: Make configurable, or set to False by default.
                           ) -> str:
 
-    if force is False and os.path.isfile(full_filepath):
+    cert_already_exists = os.path.isfile(full_filepath)
+    if force is False and cert_already_exists:
         raise FileExistsError('A TLS certificate already exists at {}.'.format(full_filepath))
 
     with open(full_filepath, 'wb') as certificate_file:

nucypher/network/nodes.py

@@ -1,4 +1,5 @@
 import os
+from logging import getLogger
 
 import OpenSSL
 import maya
@@ -29,6 +30,8 @@ class VerifiableNode:
                  timestamp=constants.NOT_SIGNED,
                  ) -> None:
 
+        self.log = getLogger(self.__class__.__name__)
+
         self.certificate = certificate
         self.certificate_filepath = certificate_filepath
         self._interface_signature_object = interface_signature
@@ -104,7 +107,12 @@ class VerifiableNode:
                 if not accept_federated_only:
                     raise
 
-    def verify_node(self, network_middleware, accept_federated_only=False, force=False, certificate_filepath=None):
+    def verify_node(self,
+                    network_middleware,
+                    certificate_filepath: str,
+                    accept_federated_only: bool = False,
+                    force: bool = False
+                    ) -> bool:
         """
         Three things happening here:
 
@@ -207,3 +215,5 @@ class VerifiableNode:
         certificate_filepath = self.get_certificate_filepath(certificates_dir=directory)
         _save_tls_certificate(self.certificate, full_filepath=certificate_filepath)
         self.certificate_filepath = certificate_filepath
+        self.log.info("Saved new TLS certificate {}".format(certificate_filepath))
+        return self.certificate_filepath

nucypher/utilities/sandbox/middleware.py

@@ -51,7 +51,7 @@ class MockRestMiddleware(RestMiddleware):
         mock_client = self._get_mock_client_by_ursula(node)
         return mock_client.get("http://localhost/treasure_map/{}".format(map_id))
 
-    def node_information(self, host, port, certificate_filepath=None):
+    def node_information(self, host, port, certificate_filepath):
         mock_client = self._get_mock_client_by_port(port)
         response = mock_client.get("http://localhost/public_information")
         return response