def consider_arrangement(self, request: http.Request): from nkms.policy.models import Arrangement arrangement = Arrangement.from_bytes(request.body) with ThreadedSession(self.db_engine) as session: new_policyarrangement = self.datastore.add_policy_arrangement( arrangement.expiration.datetime(), bytes(arrangement.deposit), hrac=arrangement.hrac.hex().encode(), alice_pubkey_sig=arrangement.alice.stamp, session=session, ) # TODO: Make the rest of this logic actually work - do something here # to decide if this Arrangement is worth accepting. headers = {'Content-Type': 'application/octet-stream'} # TODO: Make this a legit response #234. return Response(b"This will eventually be an actual acceptance of the arrangement.", headers=headers)
def consider_contract(self, hrac_as_hex, request: http.Request): from nkms.policy.models import Contract contract, deposit_as_bytes = \ BytestringSplitter(Contract)(request.body, return_remainder=True) contract.deposit = deposit_as_bytes with ThreadedSession(self.db_engine) as session: self.datastore.add_policy_contract( contract.expiration.datetime(), contract.deposit, hrac=contract.hrac.hex().encode(), alice_pubkey_sig=contract.alice.stamp, session=session, ) # TODO: Make the rest of this logic actually work - do something here # to decide if this Contract is worth accepting. return Response( b"This will eventually be an actual acceptance of the contract.", content_type="application/octet-stream")
def reencrypt_via_rest(self, hrac_as_hex, request: http.Request): from nkms.policy.models import WorkOrder # Avoid circular import hrac = binascii.unhexlify(hrac_as_hex) work_order = WorkOrder.from_rest_payload(hrac, request.body) with ThreadedSession(self.db_engine) as session: kfrag_bytes = self.datastore.get_policy_contract( hrac.hex().encode(), session=session).k_frag # Careful! :-) # TODO: Push this to a lower level. kfrag = KFrag.from_bytes(kfrag_bytes) cfrag_byte_stream = b"" for capsule in work_order.capsules: # TODO: Sign the result of this. See #141. cfrag_byte_stream += bytes(pre.reencrypt(kfrag, capsule)) # TODO: Put this in Ursula's datastore self._work_orders.append(work_order) return Response(content=cfrag_byte_stream, content_type="application/octet-stream")
def consider_arrangement(self, request: http.Request): from nkms.policy.models import Arrangement arrangement, deposit_as_bytes = BytestringSplitter(Arrangement)( request.body, return_remainder=True) arrangement.deposit = deposit_as_bytes with ThreadedSession(self.db_engine) as session: self.datastore.add_policy_arrangement( arrangement.expiration.datetime(), arrangement.deposit, hrac=arrangement.hrac.hex().encode(), alice_pubkey_sig=arrangement.alice.stamp, session=session, ) # TODO: Make the rest of this logic actually work - do something here # to decide if this Arrangement is worth accepting. headers = {'Content-Type': 'application/octet-stream'} return Response( b"This will eventually be an actual acceptance of the arrangement.", headers=headers)
def set_policy(self, hrac_as_hex, request: http.Request): """ REST endpoint for setting a kFrag. TODO: Instead of taking a Request, use the apistar typing system to type a payload and validate / split it. TODO: Validate that the kfrag being saved is pursuant to an approved Policy (see #121). """ hrac = binascii.unhexlify(hrac_as_hex) policy_message_kit = MessageKit.from_bytes(request.body) # group_payload_splitter = BytestringSplitter(PublicKey) # policy_payload_splitter = BytestringSplitter((KFrag, KFRAG_LENGTH)) alice = self._alice_class.from_public_keys( {SigningPower: policy_message_kit.alice_pubkey}) verified, cleartext = self.verify_from(alice, policy_message_kit, decrypt=True, signature_is_on_cleartext=True) if not verified: # TODO: What do we do if the Policy isn't signed properly? pass # # alices_signature, policy_payload =\ # BytestringSplitter(Signature)(cleartext, return_remainder=True) # TODO: If we're not adding anything else in the payload, stop using the # splitter here. # kfrag = policy_payload_splitter(policy_payload)[0] kfrag = KFrag.from_bytes(cleartext) with ThreadedSession(self.db_engine) as session: self.datastore.attach_kfrag_to_saved_contract(alice, hrac_as_hex, kfrag, session=session) return # TODO: Return A 200, with whatever policy metadata.