def consider_arrangement(self, request: http.Request):
from nkms.policy.models import Arrangement
arrangement = Arrangement.from_bytes(request.body)
with ThreadedSession(self.db_engine) as session:
new_policyarrangement = self.datastore.add_policy_arrangement(
arrangement.expiration.datetime(),
bytes(arrangement.deposit),
hrac=arrangement.hrac.hex().encode(),
alice_pubkey_sig=arrangement.alice.stamp,
session=session,
)
# TODO: Make the rest of this logic actually work - do something here
# to decide if this Arrangement is worth accepting.
headers = {'Content-Type': 'application/octet-stream'}
# TODO: Make this a legit response #234.
return Response(b"This will eventually be an actual acceptance of the arrangement.", headers=headers)
def consider_contract(self, hrac_as_hex, request: http.Request):
from nkms.policy.models import Contract
contract, deposit_as_bytes = \
BytestringSplitter(Contract)(request.body, return_remainder=True)
contract.deposit = deposit_as_bytes
with ThreadedSession(self.db_engine) as session:
self.datastore.add_policy_contract(
contract.expiration.datetime(),
contract.deposit,
hrac=contract.hrac.hex().encode(),
alice_pubkey_sig=contract.alice.stamp,
session=session,
)
# TODO: Make the rest of this logic actually work - do something here
# to decide if this Contract is worth accepting.
return Response(
b"This will eventually be an actual acceptance of the contract.",
content_type="application/octet-stream")
def reencrypt_via_rest(self, hrac_as_hex, request: http.Request):
from nkms.policy.models import WorkOrder # Avoid circular import
hrac = binascii.unhexlify(hrac_as_hex)
work_order = WorkOrder.from_rest_payload(hrac, request.body)
with ThreadedSession(self.db_engine) as session:
kfrag_bytes = self.datastore.get_policy_contract(
hrac.hex().encode(), session=session).k_frag # Careful! :-)
# TODO: Push this to a lower level.
kfrag = KFrag.from_bytes(kfrag_bytes)
cfrag_byte_stream = b""
for capsule in work_order.capsules:
# TODO: Sign the result of this. See #141.
cfrag_byte_stream += bytes(pre.reencrypt(kfrag, capsule))
# TODO: Put this in Ursula's datastore
self._work_orders.append(work_order)
return Response(content=cfrag_byte_stream,
content_type="application/octet-stream")
def consider_arrangement(self, request: http.Request):
from nkms.policy.models import Arrangement
arrangement, deposit_as_bytes = BytestringSplitter(Arrangement)(
request.body, return_remainder=True)
arrangement.deposit = deposit_as_bytes
with ThreadedSession(self.db_engine) as session:
self.datastore.add_policy_arrangement(
arrangement.expiration.datetime(),
arrangement.deposit,
hrac=arrangement.hrac.hex().encode(),
alice_pubkey_sig=arrangement.alice.stamp,
session=session,
)
# TODO: Make the rest of this logic actually work - do something here
# to decide if this Arrangement is worth accepting.
headers = {'Content-Type': 'application/octet-stream'}
return Response(
b"This will eventually be an actual acceptance of the arrangement.",
headers=headers)
def set_policy(self, hrac_as_hex, request: http.Request):
"""
REST endpoint for setting a kFrag.
TODO: Instead of taking a Request, use the apistar typing system to type
a payload and validate / split it.
TODO: Validate that the kfrag being saved is pursuant to an approved
Policy (see #121).
"""
hrac = binascii.unhexlify(hrac_as_hex)
policy_message_kit = MessageKit.from_bytes(request.body)
# group_payload_splitter = BytestringSplitter(PublicKey)
# policy_payload_splitter = BytestringSplitter((KFrag, KFRAG_LENGTH))
alice = self._alice_class.from_public_keys(
{SigningPower: policy_message_kit.alice_pubkey})
verified, cleartext = self.verify_from(alice,
policy_message_kit,
decrypt=True,
signature_is_on_cleartext=True)
if not verified:
# TODO: What do we do if the Policy isn't signed properly?
pass
#
# alices_signature, policy_payload =\
# BytestringSplitter(Signature)(cleartext, return_remainder=True)
# TODO: If we're not adding anything else in the payload, stop using the
# splitter here.
# kfrag = policy_payload_splitter(policy_payload)[0]
kfrag = KFrag.from_bytes(cleartext)
with ThreadedSession(self.db_engine) as session:
self.datastore.attach_kfrag_to_saved_contract(alice,
hrac_as_hex,
kfrag,
session=session)
return # TODO: Return A 200, with whatever policy metadata.