def make_ursulas(how_many_ursulas: int, ursula_starting_port: int) -> list: """ :param how_many_ursulas: How many Ursulas to create. :param ursula_starting_port: The port of the first created Ursula; subsequent Ursulas will increment the port number by 1. :return: A list of created Ursulas """ event_loop = asyncio.get_event_loop() URSULAS = [] for _u in range(how_many_ursulas): port = ursula_starting_port + _u _URSULA = Ursula(dht_port=port, dht_interface="127.0.0.1", db_name="test-{}".format(port)) class MockDatastoreThreadPool(object): def callInThread(self, f, *args, **kwargs): return f(*args, **kwargs) _URSULA.datastore_threadpool = MockDatastoreThreadPool() _URSULA.listen() URSULAS.append(_URSULA) for _counter, ursula in enumerate(URSULAS): event_loop.run_until_complete( ursula.server.bootstrap([("127.0.0.1", ursula_starting_port + _c) for _c in range(how_many_ursulas)])) ursula.publish_dht_information() return URSULAS
def find_ursula(self, contract=None): ursula = Ursula.as_discovered_on_network(dhr_port=None, dht_interface=None, pubkey_sig_bytes=bytes( URSULA.stamp), rest_address="localhost", rest_port=3500) response = requests.post("http://localhost:3500/consider_contract", bytes(contract)) response.was_accepted = True return ursula, response
def test_anybody_can_encrypt(): """ Similar to anybody_can_verify() above; we show that anybody can encrypt. """ everyman = Character() ursula = Ursula(is_me=False) cleartext = b"This is Officer Rod Farva. Come in, Ursula! Come in Ursula!" ciphertext, signature = everyman.encrypt_for(ursula, cleartext, sign=False) assert signature == NOT_SIGNED assert ciphertext is not None
def test_alice_can_get_ursulas_keys_via_rest(alice, ursulas): mock_client = TestClient(ursulas[0].rest_app) response = mock_client.get('http://localhost/public_keys') splitter = BytestringSplitter((UmbralPublicKey, PUBLIC_KEY_LENGTH, { "as_b64": False }), (UmbralPublicKey, PUBLIC_KEY_LENGTH, { "as_b64": False })) signing_key, encrypting_key = splitter(response.content) stranger_ursula_from_public_keys = Ursula.from_public_keys( (SigningPower, signing_key), (EncryptingPower, encrypting_key)) assert stranger_ursula_from_public_keys == ursulas[0]
def make_ursulas(how_many_ursulas: int, ursula_starting_port: int) -> list: """ :param how_many_ursulas: How many Ursulas to create. :param ursula_starting_port: The port of the first created Ursula; subsequent Ursulas will increment the port number by 1. :return: A list of created Ursulas """ event_loop = asyncio.get_event_loop() URSULAS = [] for _u in range(how_many_ursulas): engine = create_engine('sqlite:///:memory:') Base.metadata.create_all(engine) ursulas_keystore = keystore.KeyStore(engine) _URSULA = Ursula(urulsas_keystore=ursulas_keystore) _URSULA.attach_server() _URSULA.listen(ursula_starting_port + _u, "127.0.0.1") URSULAS.append(_URSULA) for _counter, ursula in enumerate(URSULAS): event_loop.run_until_complete( ursula.server.bootstrap([("127.0.0.1", ursula_starting_port + _c) for _c in range(how_many_ursulas)])) ursula.publish_dht_information() return URSULAS
def test_character_with_encrypting_power_can_encrypt(): """ Now, a Character *with* EncryptingKeyPair can encrypt. """ can_sign_and_encrypt = Character(crypto_power_ups=[SigningPower, EncryptingPower]) ursula = Ursula() can_sign_and_encrypt.learn_about_actor(ursula) cleartext = b"This is Officer Rod Farva. Come in, Ursula! Come in Ursula!" # TODO: Make encrypt_for actually encrypt. ciphertext, signature = can_sign_and_encrypt.encrypt_for(ursula, cleartext, sign=False) assert signature == NOT_SIGNED assert ciphertext is not None # annnd fail.
def find_ursula(self, contract=None): ursula = Ursula.as_discovered_on_network( dht_port=None, dht_interface=None, rest_address="https://localhost", rest_port=3550, powers_and_keys={ SigningPower: URSULA.stamp.as_umbral_pubkey(), EncryptingPower: URSULA.public_key(EncryptingPower) }) response = requests.post("https://localhost:3550/consider_contract", bytes(contract), verify=False) response.was_accepted = True return ursula, response
def test_anybody_can_encrypt(): """ Similar to anybody_can_verify() above; we show that anybody can encrypt. """ can_sign_and_encrypt = Character( crypto_power_ups=[SigningPower, EncryptingPower]) ursula = Ursula() cleartext = b"This is Officer Rod Farva. Come in, Ursula! Come in Ursula!" ciphertext, signature = can_sign_and_encrypt.encrypt_for(ursula, cleartext, sign=False) assert signature == NOT_SIGNED assert ciphertext is not None
def find_ursula(self, contract=None): ursula = Ursula.as_discovered_on_network( dht_port=None, ip_address="localhost", rest_port=3601, powers_and_keys={ SigningPower: self.ursulas[0].stamp.as_umbral_pubkey(), EncryptingPower: self.ursulas[0].public_key(EncryptingPower) }) response = requests.post("https://localhost:3601/consider_arrangement", bytes(contract), verify=False) if response.status_code == 200: response.was_accepted = True else: raise RuntimeError( "Something went terribly wrong. What'd you do?!") return ursula, response
def make_fake_ursulas(how_many): URSULAS = [] for _u in range(how_many): _URSULA = Ursula() _URSULA.attach_server() _URSULA.listen(URSULA_PORT + _u, "127.0.0.1") URSULAS.append(_URSULA) for _counter, ursula in enumerate(URSULAS): EVENT_LOOP.run_until_complete(ursula.server.bootstrap([("127.0.0.1", URSULA_PORT)])) EVENT_LOOP.run_until_complete(ursula.server.bootstrap([("127.0.0.1", URSULA_PORT + _counter)])) ursula.publish_interface_information() return URSULAS
def test_signing_only_power_cannot_encrypt(): """ Similar to the above with signing, here we show that a Character without the EncryptingKeypair PowerUp can't encrypt. """ # Here's somebody who can sign but not encrypt. can_sign_but_not_encrypt = Character(crypto_power_ups=[SigningPower]) # ..and here's Ursula, for whom our Character above wants to encrypt. ursula = Ursula() # They meet. can_sign_but_not_encrypt.learn_about_actor(ursula) # The Character has the message ready... cleartext = "This is Officer Rod Farva. Come in, Ursula! Come in Ursula!" # But without the proper PowerUp, no encryption happens. with pytest.raises(NoEncryptingPower) as e_info: can_sign_but_not_encrypt.encrypt_for(ursula, cleartext)
# WIP w/ hendrix@8227c4abcb37ee6d27528a13ec22d55ee106107f import datetime import sys import requests from nkms.characters import Alice, Bob, Ursula from nkms.crypto.kits import MessageKit from nkms.crypto.powers import SigningPower, EncryptingPower from nkms.network.node import NetworkyStuff from umbral import pre ALICE = Alice() BOB = Bob() URSULA = Ursula.from_rest_url(address="https://localhost", port="3550") class SandboxNetworkyStuff(NetworkyStuff): def find_ursula(self, contract=None): ursula = Ursula.as_discovered_on_network( dht_port=None, dht_interface=None, rest_address="https://localhost", rest_port=3550, powers_and_keys={ SigningPower: URSULA.stamp.as_umbral_pubkey(), EncryptingPower: URSULA.public_key(EncryptingPower) }) response = requests.post("https://localhost:3550/consider_contract", bytes(contract),
# This is an example of Alice setting a Policy on the NuCypher network. # In this example, Alice uses n=1, which is almost always a bad idea. Don't do it. # WIP w/ hendrix@8227c4abcb37ee6d27528a13ec22d55ee106107f import datetime import requests from nkms.characters import Alice, Bob, Ursula from nkms.network.node import NetworkyStuff ALICE = Alice() BOB = Bob() URSULA = Ursula.from_rest_url("http://localhost:3500/public_keys") ALICE.learn_about_actor(URSULA) class SandboxNetworkyStuff(NetworkyStuff): def find_ursula(self, contract=None): ursula = Ursula.as_discovered_on_network(dhr_port=None, dht_interface=None, pubkey_sig_bytes=bytes( URSULA.stamp), rest_address="localhost", rest_port=3500) response = requests.post("http://localhost:3500/consider_contract", bytes(contract)) response.was_accepted = True return ursula, response
import os from cryptography.hazmat.primitives.asymmetric import ec from hendrix.deploy.ssl import HendrixDeployTLS from hendrix.facilities.services import ExistingKeyTLSContextFactory from nkms.characters import Ursula from OpenSSL.crypto import X509 from OpenSSL.SSL import TLSv1_2_METHOD from nkms.crypto.api import generate_self_signed_certificate DB_NAME = "non-mining-proxy-node" _URSULA = Ursula(dht_port=3501, dht_interface="localhost", db_name=DB_NAME) _URSULA.listen() CURVE = ec.SECP256R1 cert, private_key = generate_self_signed_certificate( _URSULA.stamp.fingerprint().decode(), CURVE) deployer = HendrixDeployTLS("start", { "wsgi": _URSULA.rest_app, "https_port": 3550 }, key=private_key, cert=X509.from_cryptography(cert), context_factory=ExistingKeyTLSContextFactory, context_factory_kwargs={ "curve_name": "prime256v1",
import os from cryptography.hazmat.primitives.asymmetric import ec from hendrix.deploy.tls import HendrixDeployTLS from hendrix.facilities.services import ExistingKeyTLSContextFactory from nkms.characters import Ursula from OpenSSL.crypto import X509 from OpenSSL.SSL import TLSv1_2_METHOD from nkms.crypto.api import generate_self_signed_certificate DB_NAME = "non-mining-proxy-node" _URSULA = Ursula(dht_port=3501, rest_port=3601, ip_address="localhost", db_name=DB_NAME) _URSULA.dht_listen() CURVE = ec.SECP256R1 cert, private_key = generate_self_signed_certificate( _URSULA.stamp.fingerprint().decode(), CURVE) deployer = HendrixDeployTLS("start", { "wsgi": _URSULA.rest_app, "https_port": _URSULA.rest_port }, key=private_key, cert=X509.from_cryptography(cert), context_factory=ExistingKeyTLSContextFactory, context_factory_kwargs={
def test_ursula_generates_self_signed_cert(): ursula = Ursula(attach_server=False) cert, cert_private_key = ursula.generate_self_signed_certificate() public_key_numbers = ursula.public_key(SigningPower).to_cryptography_pubkey().public_numbers() assert cert.public_key().public_numbers() == public_key_numbers
# This is not an actual mining script. Don't use this to mine - you won't # perform any re-encryptions, and you won't get paid. # It might be (but might not be) useful for determining whether you have # the proper depedencies and configuration to run an actual mining node. # WIP w/ hendrix@8227c4abcb37ee6d27528a13ec22d55ee106107f from sqlalchemy.engine import create_engine from nkms.characters import Ursula from nkms.keystore import keystore from nkms.keystore.db import Base engine = create_engine('sqlite:///:memory:') Base.metadata.create_all(engine) ursulas_keystore = keystore.KeyStore(engine) _URSULA = Ursula(urulsas_keystore=ursulas_keystore) _URSULA.attach_server() from hendrix.deploy.base import HendrixDeploy deployer = HendrixDeploy("start", { "wsgi": _URSULA._rest_app, "http_port": 3500 }) deployer.run()
def find_ursula(self, id, offer=None): if offer: return Ursula(), MockPolicyOfferResponse() else: return super().find_ursula(id)