Dummy client for tests

2017-08-20 10:43:29 -07:00 · 2017-08-20 10:43:29 -07:00 · ddd91d1ea2
parent 7350fc52c8
commit ddd91d1ea2
3 changed files with 22 additions and 10 deletions
--- a/architecture.rst
+++ b/architecture.rst
@ -121,7 +121,7 @@ to be anonymous in later versions of the protocol.

 Mapping in the rekey store:

-    * pubkey -> hash(path) -> rekey
+    * pubkey -> hash(path) -> (rekey, algorithm)

 The pubkey here is *not* the encryption key, it's a separate signing key.

--- a/nkms/client.py
+++ b/nkms/client.py
@ -1,8 +1,12 @@
+from nkms.network import dummy
+
+
 class Client(object):
    """
    Client which will be used by Python developers to interact with the
    decentralized KMS. For now, this is just the skeleton.
    """
+    network_client_factory = dummy.Client

    def __init__(self, conf=None):
        """
@ -10,7 +14,7 @@ class Client(object):
            not given, a default one in the home directory is used
            or created
        """
-        pass
+        self._nclient = Client.network_client_factory()

    def encrypt(self, data, path=None, algorithm=None):
        """
--- a/nkms/network/dummy.py
+++ b/nkms/network/dummy.py
@ -1,5 +1,8 @@
+from collections import defaultdict
 from nkms import crypto

+_storage = defaultdict(dict)
+

 class Client(object):
    """
@ -19,32 +22,37 @@ class Client(object):
    """

    def __init__(self, **kw):
-        self._storage = {}  # This will actually be remote!
+        pass

-    def store_rekeys(self, k, rekeys, algorithm):
+    def store_rekeys(self, pub, k, rekeys, algorithm):
        """
+        :param bytes pub: Public (signing) key
        :param bytes k: ID for the rekeys (or key in a key-value store sense)
        :param tuple rekeys: Rekeys to store. If bytes, it's just one rekey. If
            a tuple or a list of length > 1 - m-of-n reencryption is used.
        :param dict algorithm: Parameters of the re-encryption algo
+        :param bytes sig: Digital signature of hash(k, metainfo)
        """
        if type(rekeys) in (list, tuple):
            if len(rekeys) > 1:
                raise NotImplementedError(
                        'm-of-n reencryption not yet available')
            rekeys = rekeys[0]
-        self._storage[k] = {'rk': rekeys, 'algorithm': algorithm}
+        # Should specify and check signature also
+        _storage[pub][k] = {'rk': rekeys, 'algorithm': algorithm}

-    def remove_rekeys(self, k):
-        del self._storage[k]
+    def remove_rekeys(self, pub, k):
+        # Should specify and check signature also
+        del _storage[pub][k]

-    def reencrypt(self, k, ekey):
+    def reencrypt(self, pub, k, ekey):
        """
+        :param bytes pub: Public (signing) key
        :param bytes k: Address of the rekey derived from the path/pubkey
        :param bytes ekey: Encrypted symmetric key to reencrypt
        """
-        rekey = self._storage[k]['rk']
-        algorithm = self._storage[k]['algorithm']
+        rekey = _storage[pub][k]['rk']
+        algorithm = _storage[pub][k]['algorithm']
        pre = crypto.pre_from_algorithm(algorithm)
        return pre.reencrypt(rekey, ekey)