Removes 'pubkey_sig' from the codebase, In favor of 'verifying_key'.

docs/NuCypher_Beachhead.ipynb

@@ -584,7 +584,7 @@
    "source": [
     "  delivered_cleartext = BOB.retrieve(message_kit=message_kit,\n",
     "                                       data_source=enrico_as_understood_by_bob,\n",
-    "                                       alice_pubkey_sig=alices_pubkey_saved_for_posterity)"
+    "                                       alice_verifying_key=alices_pubkey_saved_for_posterity)"
    ]
   },
   {

examples/finnegans_wake_demo/finnegans-wake-demo.py

@@ -58,7 +58,7 @@ ALICE = Alice(network_middleware=RestMiddleware(),
 # From this moment on, any Data Source that knows the public key
 # can encrypt data originally intended for Alice, but that can be shared with
 # any Bob that Alice grants access.
-policy_pubkey = ALICE.get_policy_pubkey_from_label(label)
+policy_pubkey = ALICE.get_policy_encrypting_key_from_label(label)
 
 BOB = Bob(known_nodes=[ursula],
           network_middleware=RestMiddleware(),

examples/heartbeat_demo/alicia.py

@@ -75,7 +75,7 @@ label = label.encode()
 
 # Alicia can create the public key associated to the policy label,
 # even before creating any associated policy.
-policy_pubkey = alicia.get_policy_pubkey_from_label(label)
+policy_pubkey = alicia.get_policy_encrypting_key_from_label(label)
 
 print("The policy public key for "
       "label '{}' is {}".format(label.decode("utf-8"), policy_pubkey.to_bytes().hex()))

nucypher/characters/control/interfaces.py

@@ -83,7 +83,7 @@ class AliceInterface(CharacterPublicInterface, AliceSpecification):
         return response_data
 
     def derive_policy_encrypting_key(self, label: bytes) -> dict:
-        policy_encrypting_key = self.character.get_policy_pubkey_from_label(label)
+        policy_encrypting_key = self.character.get_policy_encrypting_key_from_label(label)
         response_data = {'policy_encrypting_key': policy_encrypting_key, 'label': label}
         return response_data
 
@@ -133,7 +133,7 @@ class AliceInterface(CharacterPublicInterface, AliceSpecification):
 
         from nucypher.characters.lawful import Enrico
 
-        policy_encrypting_key = self.character.get_policy_pubkey_from_label(label)
+        policy_encrypting_key = self.character.get_policy_encrypting_key_from_label(label)
         message_kit = UmbralMessageKit.from_bytes(message_kit)  # TODO #846: May raise UnknownOpenSSLError and InvalidTag.
 
         data_source = Enrico.from_public_keys(
@@ -169,7 +169,7 @@ class BobInterface(CharacterPublicInterface, BobSpecification):
         """
         Character control endpoint for joining a policy on the network.
         """
-        self.bob.join_policy(label=label, alice_pubkey_sig=alice_verifying_key)
+        self.bob.join_policy(label=label, alice_verifying_key=alice_verifying_key)
         response = dict()  # {'policy_encrypting_key': ''}  # FIXME
         return response
 
@@ -184,17 +184,17 @@ class BobInterface(CharacterPublicInterface, BobSpecification):
         from nucypher.characters.lawful import Enrico
 
         policy_encrypting_key = UmbralPublicKey.from_bytes(policy_encrypting_key)
-        alice_pubkey_sig = UmbralPublicKey.from_bytes(alice_verifying_key)
+        alice_verifying_key = UmbralPublicKey.from_bytes(alice_verifying_key)
         message_kit = UmbralMessageKit.from_bytes(message_kit)  # TODO #846: May raise UnknownOpenSSLError and InvalidTag.
 
         data_source = Enrico.from_public_keys(verifying_key=message_kit.sender_verifying_key,
                                               policy_encrypting_key=policy_encrypting_key,
                                               label=label)
 
-        self.bob.join_policy(label=label, alice_pubkey_sig=alice_pubkey_sig)
+        self.bob.join_policy(label=label, alice_verifying_key=alice_verifying_key)
         plaintexts = self.bob.retrieve(message_kit=message_kit,
                                        data_source=data_source,
-                                       alice_verifying_key=alice_pubkey_sig,
+                                       alice_verifying_key=alice_verifying_key,
                                        label=label)
 
         response_data = {'cleartexts': plaintexts}

nucypher/characters/lawful.py

@@ -249,7 +249,7 @@ class Alice(Character, PolicyAuthor):
         policy.enact(network_middleware=self.network_middleware)
         return policy  # Now with TreasureMap affixed!
 
-    def get_policy_pubkey_from_label(self, label: bytes) -> UmbralPublicKey:
+    def get_policy_encrypting_key_from_label(self, label: bytes) -> UmbralPublicKey:
         alice_delegating_power = self._crypto_power.power_ups(DelegatingPower)
         policy_pubkey = alice_delegating_power.get_pubkey_from_label(label)
         return policy_pubkey
@@ -586,10 +586,10 @@ class Bob(Character):
             work_orders_by_ursula[task.capsule] = work_order
         return cfrags
 
-    def join_policy(self, label, alice_pubkey_sig, node_list=None, block=False):
+    def join_policy(self, label, alice_verifying_key, node_list=None, block=False):
         if node_list:
             self._node_ids_to_learn_about_immediately.update(node_list)
-        treasure_map = self.get_treasure_map(alice_pubkey_sig, label)
+        treasure_map = self.get_treasure_map(alice_verifying_key, label)
         self.follow_treasure_map(treasure_map=treasure_map, block=block)
 
     def retrieve(self, message_kit, data_source, alice_verifying_key, label):
@@ -1213,7 +1213,7 @@ class Enrico(Character):
         :param label: The label with which to derive the key.
         :return:
         """
-        policy_pubkey_enc = alice.get_policy_pubkey_from_label(label)
+        policy_pubkey_enc = alice.get_policy_encrypting_key_from_label(label)
         return cls(crypto_power_ups={SigningPower: alice.stamp.as_umbral_pubkey()},
                    policy_encrypting_key=policy_pubkey_enc)
 

nucypher/keystore/db/models.py

@@ -54,24 +54,25 @@ class PolicyArrangement(Base):
     id = Column(LargeBinary, unique=True, primary_key=True)
     expiration = Column(DateTime)
     kfrag = Column(LargeBinary, unique=True, nullable=True)
-    alice_pubkey_sig_id = Column(Integer, ForeignKey('keys.id'))
-    alice_pubkey_sig = relationship(Key, backref="policies", lazy='joined')
-    # alice_pubkey_enc_id = Column(Integer, ForeignKey('keys.id'))
-    # bob_pubkey_sig_id = Column(Integer, ForeignKey('keys.id'))
+    alice_verifying_key_id = Column(Integer, ForeignKey('keys.id'))
+    alice_verifying_key = relationship(Key, backref="policies", lazy='joined')
+
     # TODO: Maybe this will be two signatures - one for the offer, one for the KFrag.
     alice_signature = Column(LargeBinary, unique=True, nullable=True)
     created_at = Column(DateTime, default=datetime.utcnow)
 
-    def __init__(self, expiration, id,
-                 kfrag=None, alice_pubkey_sig=None,
-                 # alice_pubkey_enc_id, bob_pubkey_sig_id,
-                 alice_signature=None) -> None:
+    def __init__(self,
+                 expiration,
+                 id,
+                 kfrag=None,
+                 alice_verifying_key=None,
+                 alice_signature=None
+                 ) -> None:
+
         self.expiration = expiration
         self.id = id
         self.kfrag = kfrag
-        self.alice_pubkey_sig = alice_pubkey_sig
-        # self.alice_pubkey_enc_id = alice_pubkey_enc_id
-        # self.bob_pubkey_sig_id = bob_pubkey_sig_id
+        self.alice_verifying_key = alice_verifying_key
         self.alice_signature = alice_signature
 
     def __repr__(self):
@@ -82,13 +83,13 @@ class Workorder(Base):
     __tablename__ = 'workorders'
 
     id = Column(Integer, primary_key=True)
-    bob_pubkey_sig_id = Column(Integer, ForeignKey('keys.id'))
+    bob_verifying_key_id = Column(Integer, ForeignKey('keys.id'))
     bob_signature = Column(LargeBinary, unique=True)
     arrangement_id = Column(LargeBinary, unique=False)
     created_at = Column(DateTime, default=datetime.utcnow)
 
-    def __init__(self, bob_pubkey_sig_id, bob_signature, arrangement_id) -> None:
-        self.bob_pubkey_sig_id = bob_pubkey_sig_id
+    def __init__(self, bob_verifying_key_id, bob_signature, arrangement_id) -> None:
+        self.bob_verifying_key_id = bob_verifying_key_id
         self.bob_signature = bob_signature
         self.arrangement_id = arrangement_id
 

nucypher/keystore/keystore.py

@@ -99,7 +99,7 @@ class KeyStore(object):
         session.commit()
 
     def add_policy_arrangement(self, expiration, id, kfrag=None,
-                               alice_pubkey_sig=None,
+                               alice_verifying_key=None,
                                alice_signature=None,
                                session=None) -> PolicyArrangement:
         """
@@ -109,13 +109,13 @@ class KeyStore(object):
         """
         session = session or self._session_on_init_thread
 
-        alice_key_instance = session.query(Key).filter_by(key_data=bytes(alice_pubkey_sig)).first()
+        alice_key_instance = session.query(Key).filter_by(key_data=bytes(alice_verifying_key)).first()
         if not alice_key_instance:
-            alice_key_instance = Key.from_umbral_key(alice_pubkey_sig, is_signing=True)
+            alice_key_instance = Key.from_umbral_key(alice_verifying_key, is_signing=True)
 
         new_policy_arrangement = PolicyArrangement(
-            expiration, id, kfrag, alice_pubkey_sig=alice_key_instance,
-            alice_signature=None, # bob_pubkey_sig.id
+            expiration, id, kfrag, alice_verifying_key=alice_key_instance,
+            alice_signature=None, # bob_verifying_key.id
         )
 
         session.add(new_policy_arrangement)
@@ -154,19 +154,19 @@ class KeyStore(object):
         if policy_arrangement is None:
             raise NotFound("Can't attach a kfrag to non-existent Arrangement {}".format(id_as_hex))
 
-        if policy_arrangement.alice_pubkey_sig.key_data != alice.stamp:
+        if policy_arrangement.alice_verifying_key.key_data != alice.stamp:
             raise alice.SuspiciousActivity
 
         policy_arrangement.kfrag = bytes(kfrag)
         session.commit()
 
-    def add_workorder(self, bob_pubkey_sig, bob_signature, arrangement_id, session=None) -> Workorder:
+    def add_workorder(self, bob_verifying_key, bob_signature, arrangement_id, session=None) -> Workorder:
         """
         Adds a Workorder to the keystore.
         """
         session = session or self._session_on_init_thread
-        bob_pubkey_sig = self.add_key(bob_pubkey_sig)
-        new_workorder = Workorder(bob_pubkey_sig.id, bob_signature, arrangement_id)
+        bob_verifying_key = self.add_key(bob_verifying_key)
+        new_workorder = Workorder(bob_verifying_key.id, bob_signature, arrangement_id)
 
         session.add(new_workorder)
         session.commit()

nucypher/network/server.py

@@ -209,7 +209,7 @@ def make_rest_app(
             new_policy_arrangement = datastore.add_policy_arrangement(
                 arrangement.expiration.datetime(),
                 id=arrangement.id.hex().encode(),
-                alice_pubkey_sig=arrangement.alice.stamp,
+                alice_verifying_key=arrangement.alice.stamp,
                 session=session,
             )
         # TODO: Make the rest of this logic actually work - do something here
@@ -269,7 +269,7 @@ def make_rest_app(
                 policy_arrangement = datastore.get_policy_arrangement(
                     id_as_hex.encode(), session=session)
                 alice_pubkey = UmbralPublicKey.from_bytes(
-                    policy_arrangement.alice_pubkey_sig.key_data)
+                    policy_arrangement.alice_verifying_key.key_data)
 
                 # Check that the request is the same for the provided revocation
                 if id_as_hex != revocation.arrangement_id.hex():
@@ -298,7 +298,7 @@ def make_rest_app(
             policy_arrangement = datastore.get_policy_arrangement(arrangement_id=id_as_hex.encode(),
                                                                   session=session)
         kfrag_bytes = policy_arrangement.kfrag  # Careful!  :-)
-        verifying_key_bytes = policy_arrangement.alice_pubkey_sig.key_data
+        verifying_key_bytes = policy_arrangement.alice_verifying_key.key_data
 
         # TODO: Push this to a lower level. Perhaps to Ursula character? #619
         kfrag = KFrag.from_bytes(kfrag_bytes)

nucypher/policy/models.py

@@ -88,9 +88,9 @@ class Arrangement:
     @classmethod
     def from_bytes(cls, arrangement_as_bytes):
         # Still unclear how to arrive at the correct number of bytes to represent a deposit.  See #148.
-        alice_pubkey_sig, arrangement_id, expiration_bytes = cls.splitter(arrangement_as_bytes)
+        alice_verifying_key, arrangement_id, expiration_bytes = cls.splitter(arrangement_as_bytes)
         expiration = maya.parse(expiration_bytes.decode())
-        alice = Alice.from_public_keys(verifying_key=alice_pubkey_sig)
+        alice = Alice.from_public_keys(verifying_key=alice_verifying_key)
         return cls(alice=alice, arrangement_id=arrangement_id, expiration=expiration)
 
     def encrypt_payload_for_ursula(self):
@@ -643,13 +643,13 @@ class WorkOrder:
         payload_splitter = BytestringSplitter(Signature) + key_splitter
         payload_elements = payload_splitter(rest_payload, msgpack_remainder=True)
 
-        signature, bob_pubkey_sig, (tasks_bytes, blockhash) = payload_elements
+        signature, bob_verifying_key, (tasks_bytes, blockhash) = payload_elements
 
         # TODO: check freshness of blockhash?
 
         # Check receipt
         receipt_bytes = b"wo:" + ursula_pubkey_bytes + msgpack.dumps(tasks_bytes)
-        if not signature.verify(receipt_bytes, bob_pubkey_sig):
+        if not signature.verify(receipt_bytes, bob_verifying_key):
             raise InvalidSignature()
 
         tasks = []
@@ -659,10 +659,10 @@ class WorkOrder:
 
             # Each task signature has to match the original specification
             specification = task.get_specification(ursula_pubkey_bytes, alice_address, blockhash)
-            if not task.signature.verify(specification, bob_pubkey_sig):
+            if not task.signature.verify(specification, bob_verifying_key):
                 raise InvalidSignature()
 
-        bob = Bob.from_public_keys(verifying_key=bob_pubkey_sig)
+        bob = Bob.from_public_keys(verifying_key=bob_verifying_key)
         return cls(bob=bob,
                    arrangement_id=arrangement_id,
                    tasks=tasks,

tests/characters/test_alice_can_grant_and_revoke.py

@@ -214,7 +214,7 @@ def test_alices_powers_are_persistent(federated_ursulas, tmpdir):
     # Even before creating the policies, we can know what will be its public key.
     # This can be used by Enrico (i.e., a Data Source) to encrypt messages
     # before Alice grants access to Bobs.
-    policy_pubkey = alice.get_policy_pubkey_from_label(label)
+    policy_pubkey = alice.get_policy_encrypting_key_from_label(label)
 
     # Now, let's create a policy for some Bob.
     m, n = 3, 4

tests/characters/test_bob_joins_policy_and_retrieves.py

@@ -77,7 +77,7 @@ def test_bob_joins_policy_and_retrieves(federated_alice,
 
     # Now, Bob joins the policy
     bob.join_policy(label=label,
-                    alice_pubkey_sig=federated_alice.stamp,
+                    alice_verifying_key=federated_alice.stamp,
                     block=True)
 
     # In the end, Bob should know all the Ursulas

tests/characters/test_character_control.py

@@ -261,7 +261,7 @@ def test_character_control_lifecycle(alice_control_test_client,
     # This is sidechannel policy metadata. It should be given to Bob by the
     # application developer at some point.
     policy_pubkey_enc_hex = alice_response_data['result']['policy_encrypting_key']
-    alice_pubkey_sig_hex = alice_response_data['result']['alice_verifying_key']
+    alice_verifying_key_hex = alice_response_data['result']['alice_verifying_key']
 
     # Encrypt some data via Enrico control
     # Alice will also be Enrico via Enrico.from_alice
@@ -288,7 +288,7 @@ def test_character_control_lifecycle(alice_control_test_client,
     bob_request_data = {
         'label': random_label,
         'policy_encrypting_key': policy_pubkey_enc_hex,
-        'alice_verifying_key': alice_pubkey_sig_hex,
+        'alice_verifying_key': alice_verifying_key_hex,
         'message_kit': encoded_message_kit,
     }
 

tests/characters/test_crypto_characters_and_their_powers.py

@@ -259,7 +259,7 @@ def test_encrypt_but_do_not_sign(federated_alice, federated_bob):
 def test_alice_can_decrypt(federated_alice):
     label = b"boring test label"
 
-    policy_pubkey = federated_alice.get_policy_pubkey_from_label(label)
+    policy_pubkey = federated_alice.get_policy_encrypting_key_from_label(label)
 
     enrico = Enrico(policy_encrypting_key=policy_pubkey)
 

tests/keystore/test_keystore.py

@@ -43,7 +43,7 @@ def test_policy_arrangement_sqlite_keystore(test_keystore):
 
     # Test add PolicyArrangement
     new_arrangement = test_keystore.add_policy_arrangement(
-            datetime.utcnow(), b'test', arrangement_id, alice_pubkey_sig=alice_keypair_sig.pubkey,
+            datetime.utcnow(), b'test', arrangement_id, alice_verifying_key=alice_keypair_sig.pubkey,
             alice_signature=b'test'
     )