class PolicyBaseSchema(BaseSchema):
bob_encrypting_key = character_fields.Key(
required=True, load_only=True,
click=click.option(
'--bob-encrypting-key',
'-bek',
help="Bob's encrypting key as a hexadecimal string",
type=click.STRING, required=False))
bob_verifying_key = character_fields.Key(
required=True, load_only=True,
click=click.option(
'--bob-verifying-key',
'-bvk',
help="Bob's verifying key as a hexadecimal string",
type=click.STRING, required=False))
threshold = base_fields.PositiveInteger(
required=True, load_only=True,
click=options.option_threshold)
shares = base_fields.PositiveInteger(
required=True, load_only=True,
click=options.option_shares)
expiration = character_fields.DateTime(
required=True, load_only=True,
click=click.option(
'--expiration',
help="Expiration Datetime of a policy",
type=click.DateTime())
)
# optional input
value = character_fields.Wei(
load_only=True,
click=click.option('--value', help="Total policy value (in Wei)", type=types.WEI))
rate = character_fields.Wei(
load_only=True,
required=False,
click=options.option_rate
)
# output
policy_encrypting_key = character_fields.Key(dump_only=True)
@validates_schema
def check_valid_n_and_m(self, data, **kwargs):
# ensure that n is greater than or equal to m
if not (0 < data['threshold'] <= data['shares']):
raise InvalidArgumentCombo(f"`shares` and `threshold` must satisfy 0 < threshold ≤ shares")
@validates_schema
def check_rate_or_value_not_both(self, data, **kwargs):
if (data.get('rate') is not None) and (data.get('value') is not None):
raise InvalidArgumentCombo("Choose either rate (per period in duration) OR value (total for duration)")
class PolicyBaseSchema(BaseSchema):
bob_encrypting_key = fields.Key(
required=True,
load_only=True,
click=click.option(
'--bob-encrypting-key',
help="Bob's encrypting key as a hexadecimal string",
type=click.STRING,
required=True,
))
bob_verifying_key = fields.Key(
required=True,
load_only=True,
click=click.option('--bob-verifying-key',
help="Bob's verifying key as a hexadecimal string",
type=click.STRING,
required=True))
m = fields.M(required=True, load_only=True, click=options.option_m)
n = fields.N(required=True, load_only=True, click=options.option_n)
expiration = fields.DateTime(required=True,
load_only=True,
click=click.option(
'--expiration',
help="Expiration Datetime of a policy",
type=click.STRING))
# optional input
value = fields.Wei(load_only=True,
click=click.option('--value',
help="Total policy value (in Wei)",
type=types.WEI))
rate = fields.Wei(load_only=True,
required=False,
click=options.option_rate)
# output
policy_encrypting_key = fields.Key(dump_only=True)
@validates_schema
def check_valid_n_and_m(self, data, **kwargs):
# ensure that n is greater than or equal to m
if not (0 < data['m'] <= data['n']):
raise InvalidArgumentCombo(f"N and M must satisfy 0 < M ≤ N")
@validates_schema
def check_rate_or_value_not_both(self, data, **kwargs):
if (data.get('rate') is not None) and (data.get('value') is not None):
raise InvalidArgumentCombo(
"Choose either rate (per period in duration) OR value (total for duration)"
)
class DerivePolicyEncryptionKey(BaseSchema):
label = fields.Label(required=True,
click=options.option_label(required=True))
# output
policy_encrypting_key = fields.Key(dump_only=True)
class GrantPolicy(PolicyBaseSchema):
label = fields.Label(
load_only=True, required=True,
click=options.option_label(required=True))
# output fields
treasure_map = fields.TreasureMap(dump_only=True)
alice_verifying_key = fields.Key(dump_only=True)
class BobRetrieveCFrags(BaseSchema):
treasure_map = character_fields.TreasureMap(
required=True,
load_only=True,
click=click.option('--treasure-map',
'-t',
help="Unencrypted Treasure Map for retrieval",
type=click.STRING,
required=True))
retrieval_kits = base_fields.StringList(
fields.RetrievalKit(),
click=click.option('--retrieval-kits',
'-r',
help="Retrieval kits for reencryption",
multiple=True,
type=click.STRING,
required=True,
default=[]),
required=True,
load_only=True)
alice_verifying_key = character_fields.Key(
required=True,
load_only=True,
click=click.option(
'--alice-verifying-key',
'-avk',
help="Alice's verifying key as a hexadecimal string",
type=click.STRING,
required=True))
bob_encrypting_key = character_fields.Key(
required=True, load_only=True, click=option_bob_encrypting_key())
bob_verifying_key = character_fields.Key(
required=True,
load_only=True,
click=click.option('--bob-verifying-key',
'-bvk',
help="Bob's verifying key as a hexadecimal string",
type=click.STRING,
required=True))
# output
retrieval_results = marshmallow_fields.List(marshmallow_fields.Nested(
fields.RetrievalResultSchema),
dump_only=True)
class GrantPolicy(PolicyBaseSchema):
label = character_fields.Label(
load_only=True, required=True,
click=options.option_label(required=False))
# output fields
# treasure map only used for serialization so no need to provide federated/non-federated context
treasure_map = character_fields.EncryptedTreasureMap(dump_only=True)
alice_verifying_key = character_fields.Key(dump_only=True)
class Retrieve(BaseSchema):
label = fields.Label(
required=True, load_only=True,
click=options.option_label(required=True))
policy_encrypting_key = fields.Key(
required=True,
load_only=True,
click=options.option_policy_encrypting_key(required=True))
alice_verifying_key = fields.Key(
required=True, load_only=True,
click=click.option(
'--alice-verifying-key',
help="Alice's verifying key as a hexadecimal string",
type=click.STRING,
required=True))
message_kit = fields.UmbralMessageKit(
required=True, load_only=True,
click=options.option_message_kit(required=True))
cleartexts = fields.List(fields.Cleartext(), dump_only=True)
class JoinPolicy(BaseSchema): #TODO: this doesn't have a cli implementation
label = fields.Label(
load_only=True, required=True,
click=options.option_label(required=True))
alice_verifying_key = fields.Key(
load_only=True, required=True,
click=click.option(
'--alice-verifying-key',
help="Alice's verifying key as a hexadecimal string",
required=True, type=click.STRING,))
policy_encrypting_key = fields.String(dump_only=True)
class Revoke(BaseSchema):
label = fields.Label(
required=True, load_only=True,
click=options.option_label(required=True))
bob_verifying_key = fields.Key(
required=True, load_only=True,
click=click.option(
'--bob-verifying-key',
help="Bob's verifying key as a hexadecimal string", type=click.STRING,
required=True))
# output
failed_revocations = fields.Integer(dump_only=True)
class RetrieveAndDecrypt(BaseSchema):
alice_verifying_key = character_fields.Key(
required=True,
load_only=True,
click=options.option_alice_verifying_key(required=True))
message_kits = base_fields.StringList(character_fields.MessageKit(),
required=True,
load_only=True,
click=options.option_message_kit(
required=True, multiple=True))
encrypted_treasure_map = EncryptedTreasureMap(
required=True, load_only=True, click=options.option_treasure_map)
# output
cleartexts = base_fields.List(character_fields.Cleartext(), dump_only=True)
class EncryptMessage(BaseSchema):
# input
message = fields.Cleartext(
required=True, load_only=True,
click=click.option('--message', help="A unicode message to encrypt for a policy")
)
policy_encrypting_key = fields.Key(
required=False,
load_only=True,
click=options.option_policy_encrypting_key())
# output
message_kit = fields.UmbralMessageKit(dump_only=True)
signature = fields.String(dump_only=True) # maybe we need a signature field?
class EncryptMessage(BaseSchema):
# input
message = fields.Cleartext(
load_only=True,
allow_none=True,
click=click.option('--message',
help="A unicode message to encrypt for a policy"))
file = fields.FileField(load_only=True,
allow_none=True,
click=click.option(
'--file',
help="Filepath to plaintext file to encrypt",
type=EXISTING_READABLE_FILE))
policy_encrypting_key = fields.Key(
required=False,
load_only=True,
click=options.option_policy_encrypting_key())
@post_load()
def format_method_arguments(self, data, **kwargs):
"""
input can be through either the file input or a raw message,
we output one of them as the "plaintext" arg to enrico.encrypt_message
"""
if data.get('message') and data.get('file'):
raise exceptions.InvalidArgumentCombo(
"choose either a message or a filepath but not both.")
if data.get('message'):
data = bytes(data['message'], encoding='utf-8')
else:
data = data['file']
return {"plaintext": data}
# output
message_kit = fields.UmbralMessageKit(dump_only=True)
signature = fields.UmbralSignature(dump_only=True)
class PublicKeys(BaseSchema):
alice_verifying_key = fields.Key(dump_only=True)
class BobKeyInputRequirer(BaseSchema):
bobkey = fields.Key()
class PublicKeys(BaseSchema):
bob_encrypting_key = fields.Key(dump_only=True)
bob_verifying_key = fields.Key(dump_only=True)
