Nucypher
/
nucypher
mirror of https://github.com/nucypher/nucypher.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Renames secret_key -> key_material for CLI BYOK.

pull/2742/head
Kieran R. Prasch 2021-07-12 16:13:19 -07:00
parent 0d5123f8d6
commit 8e4c7c1594
4 changed files with 19 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nucypher/cli/commands/ursula.py
View File

@ -161,7 +161,7 @@ class UrsulaConfigOptions:
# TODO: Exit codes (not only for this, but for other exceptions)
return click.get_current_context().exit(1)
def generate_config(self, emitter, config_root, force, secret_key):
def generate_config(self, emitter, config_root, force, key_material):
if self.dev:
raise RuntimeError('Persistent configurations cannot be created in development mode.')
@ -180,7 +180,7 @@ class UrsulaConfigOptions:
self.rest_host = collect_worker_ip_address(emitter, network=self.domain, force=force)
return UrsulaConfiguration.generate(password=get_nucypher_password(emitter=emitter, confirm=True),
secret_key=bytes.fromhex(secret_key),
key_material=bytes.fromhex(key_material) if key_material else None,
config_root=config_root,
rest_host=self.rest_host,
rest_port=self.rest_port,
@ -296,8 +296,8 @@ def ursula():
@option_force
@option_config_root
@group_general_config
@click.option('--secret-key', help="An custom pre-secured secret hex blob to use for key derivations", type=click.STRING)
def init(general_config, config_options, force, config_root, secret_key):
@click.option('--key-material', help="An custom pre-secured secret hex blob to use for key derivations", type=click.STRING)
def init(general_config, config_options, force, config_root, key_material):
"""Create a new Ursula node configuration."""
emitter = setup_emitter(general_config, config_options.worker_address)
_pre_launch_warnings(emitter, dev=None, force=force)
@ -307,7 +307,7 @@ def init(general_config, config_options, force, config_root, secret_key):
raise click.BadOptionUsage('--provider', message="--provider is required to initialize a new ursula.")
if not config_options.federated_only and not config_options.domain:
config_options.domain = select_network(emitter)
ursula_config = config_options.generate_config(emitter, config_root, force, secret_key)
ursula_config = config_options.generate_config(emitter, config_root, force, key_material)
filepath = ursula_config.to_configuration_file()
paint_new_installation_help(emitter, new_configuration=ursula_config, filepath=filepath)

18
nucypher/config/base.py
View File

@ -579,10 +579,10 @@ class CharacterConfiguration(BaseConfiguration):
return super().update(filepath=self.config_file_location, **kwargs)
@classmethod
def generate(cls, password: str, secret_key: bytes, *args, **kwargs):
def generate(cls, password: str, key_material: Optional[bytes] = None, *args, **kwargs):
"""Shortcut: Hook-up a new initial installation and configuration."""
node_config = cls(dev_mode=False, *args, **kwargs)
node_config.initialize(secret_key=secret_key, password=password)
node_config.initialize(key_material=key_material, password=password)
return node_config
def cleanup(self) -> None:
@ -769,7 +769,7 @@ class CharacterConfiguration(BaseConfiguration):
power_ups.append(power_up)
return power_ups
def initialize(self, password: str, secret_key: Optional[bytes] = None) -> Path:
def initialize(self, password: str, key_material: Optional[bytes] = None) -> str:
"""Initialize a new configuration and write installation files to disk."""
# Development
@ -780,7 +780,9 @@ class CharacterConfiguration(BaseConfiguration):
# Persistent
else:
self._ensure_config_root_exists()
self.write_keystore(secret_key=secret_key, password=password, interactive=self.MNEMONIC_KEYSTORE)
self.write_keystore(key_material=key_material,
password=password,
interactive=self.MNEMONIC_KEYSTORE)
self._cache_runtime_filepaths()
self.node_storage.initialize()
@ -792,11 +794,11 @@ class CharacterConfiguration(BaseConfiguration):
# Success
message = "Created nucypher installation files at {}".format(self.config_root)
self.log.debug(message)
return self.config_root
return Path(self.config_root)
def write_keystore(self, password: str, secret_key: Optional[bytes] = None, interactive: bool = True) -> Keystore:
if secret_key:
self.__keystore = Keystore.import_secure(secret=secret_key,
def write_keystore(self, password: str, key_material: Optional[bytes] = None, interactive: bool = True) -> Keystore:
if key_material:
self.__keystore = Keystore.import_secure(key_material=key_material,
password=password,
keystore_dir=self.keystore_dir)
else:

4
nucypher/crypto/keystore.py
View File

@ -321,13 +321,13 @@ class Keystore:
return instance
@classmethod
def import_secure(cls, secret: bytes, password: str, keystore_dir: Optional[Path] = None) -> 'Keystore':
def import_secure(cls, key_material: bytes, password: str, keystore_dir: Optional[Path] = None) -> 'Keystore':
"""
Generate a Keystore using a a custom pre-secured entropy blob.
This method of keystore creation does not generate a mnemonic phrase - it is assumed
that the provided blob is recoverable and secure.
"""
path = Keystore.__save(secret=secret, password=password, keystore_dir=keystore_dir)
path = Keystore.__save(secret=key_material, password=password, keystore_dir=keystore_dir)
keystore = cls(keystore_path=path)
return keystore

4
tests/unit/crypto/test_keystore.py
View File

@ -246,13 +246,13 @@ def test_import_custom_keystore(tmpdir):
# Too short - 32 bytes is required
custom_secret = b'tooshort'
with pytest.raises(ValueError, match="Entropy must be at least 32 bytes."):
_keystore = Keystore.import_secure(secret=custom_secret,
_keystore = Keystore.import_secure(key_material=custom_secret,
password=INSECURE_DEVELOPMENT_PASSWORD,
keystore_dir=tmpdir)
# Import private key
custom_secret = os.urandom(32) # not secure but works
keystore = Keystore.import_secure(secret=custom_secret,
keystore = Keystore.import_secure(key_material=custom_secret,
password=INSECURE_DEVELOPMENT_PASSWORD,
keystore_dir=tmpdir)
keystore.unlock(password=INSECURE_DEVELOPMENT_PASSWORD)