mirror of https://github.com/nucypher/nucypher.git
Storing encrypted key (ie, pfrag) as part of PolicyGroup.
jMyles
parent
c4cbff3359
commit
baa27f53f7
|
|
@ -274,18 +274,19 @@ class Bob(Character):
|
|||
from nkms.policy.models import TreasureMap
|
||||
return TreasureMap(msgpack.loads(packed_node_list))
|
||||
|
||||
def generate_work_orders(self, policy_group, p_frags, num_ursulas=None):
|
||||
def generate_work_orders(self, policy_group, *pfrags, num_ursulas=None):
|
||||
# TODO: Perhaps instead of taking a policy_group, it makes more sense for Bob to reconstruct one with the TreasureMap.
|
||||
from nkms.policy.models import WorkOrder # Prevent circular import
|
||||
|
||||
existing_work_orders = self._work_orders.get(p_frags, {})
|
||||
# existing_work_orders = self._work_orders.get(pfrags, {}) # TODO: lookup whether we've done this reencryption before - see #137.
|
||||
existing_work_orders = {}
|
||||
generated_work_orders = {}
|
||||
|
||||
for ursula_dht_key, ursula in self._ursulas.items():
|
||||
if ursula_dht_key in existing_work_orders:
|
||||
continue
|
||||
else:
|
||||
work_order = WorkOrder.constructed_by_bob(policy_group.hrac(), p_frags, ursula_dht_key, self.seal)
|
||||
work_order = WorkOrder.constructed_by_bob(policy_group.hrac(), pfrags, ursula_dht_key, self.seal)
|
||||
existing_work_orders[ursula_dht_key] = generated_work_orders[ursula_dht_key] = work_order
|
||||
|
||||
if num_ursulas is not None:
|
||||
|
|
@ -394,6 +395,12 @@ class Ursula(Character):
|
|||
from nkms.policy.models import WorkOrder # Avoid circular import
|
||||
hrac = binascii.unhexlify(hrac_as_hex)
|
||||
work_order = WorkOrder.from_rest_payload(hrac, request.body)
|
||||
kfrag = self.keystore.get_kfrag(hrac) # Careful! :-)
|
||||
cfrags = []
|
||||
|
||||
for pfrag in work_order.pfrags:
|
||||
cfrags.append(API.ecies_reencrypt(kfrag, pfrag))
|
||||
|
||||
return # TODO: perform reencryption and return 200.
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -60,15 +60,15 @@ class PolicyManagerForAlice(PolicyManager):
|
|||
re_enc_keys, encrypted_key = self.owner.generate_rekey_frags(alice_priv_enc, bob, m,
|
||||
n) # TODO: Access Alice's private key inside this method.
|
||||
policies = []
|
||||
for kfrag_id, rekey in enumerate(re_enc_keys):
|
||||
for kfrag_id, kfrag in enumerate(re_enc_keys):
|
||||
policy = Policy.from_alice(
|
||||
alice=self.owner,
|
||||
bob=bob,
|
||||
kfrag=rekey,
|
||||
kfrag=kfrag,
|
||||
)
|
||||
policies.append(policy)
|
||||
|
||||
return PolicyGroup(uri, self.owner, bob, policies)
|
||||
return PolicyGroup(uri, self.owner, bob, encrypted_key, policies)
|
||||
|
||||
|
||||
class PolicyGroup(object):
|
||||
|
|
@ -78,10 +78,11 @@ class PolicyGroup(object):
|
|||
|
||||
_id = None
|
||||
|
||||
def __init__(self, uri: bytes, alice: Alice, bob: Bob, policies=None) -> None:
|
||||
def __init__(self, uri: bytes, alice: Alice, bob: Bob, encrypted_key, policies=None) -> None:
|
||||
self.policies = policies or []
|
||||
self.alice = alice
|
||||
self.bob = bob
|
||||
self.encrypted_key = encrypted_key
|
||||
self.uri = uri
|
||||
self.treasure_map = TreasureMap()
|
||||
|
||||
|
|
@ -138,7 +139,6 @@ class PolicyGroup(object):
|
|||
self.hrac(),
|
||||
full_payload) # TODO: Parse response for confirmation.
|
||||
|
||||
|
||||
# Assuming response is what we hope for
|
||||
self.treasure_map.add_ursula(policy.ursula)
|
||||
|
||||
|
|
@ -220,7 +220,7 @@ class Policy(object):
|
|||
alice = Alice.from_pubkey_sig_bytes(alice_pubkey_sig)
|
||||
ursula.learn_about_actor(alice)
|
||||
verified, cleartext = ursula.verify_from(alice, payload_encrypted_for_ursula,
|
||||
decrypt=True, signature_is_on_cleartext=True)
|
||||
decrypt=True, signature_is_on_cleartext=True)
|
||||
|
||||
if not verified:
|
||||
# TODO: What do we do if it's not signed properly?
|
||||
|
|
|
|||
Loading…
Reference in New Issue