def make_ursulas(how_many_ursulas: int, ursula_starting_port: int) -> list:
"""
:param how_many_ursulas: How many Ursulas to create.
:param ursula_starting_port: The port of the first created Ursula; subsequent Ursulas will increment the port number by 1.
:return: A list of created Ursulas
"""
event_loop = asyncio.get_event_loop()
URSULAS = []
for _u in range(how_many_ursulas):
port = ursula_starting_port + _u
_URSULA = Ursula(dht_port=port,
dht_interface="127.0.0.1",
db_name="test-{}".format(port))
class MockDatastoreThreadPool(object):
def callInThread(self, f, *args, **kwargs):
return f(*args, **kwargs)
_URSULA.datastore_threadpool = MockDatastoreThreadPool()
_URSULA.listen()
URSULAS.append(_URSULA)
for _counter, ursula in enumerate(URSULAS):
event_loop.run_until_complete(
ursula.server.bootstrap([("127.0.0.1", ursula_starting_port + _c)
for _c in range(how_many_ursulas)]))
ursula.publish_dht_information()
return URSULAS
def find_ursula(self, contract=None):
ursula = Ursula.as_discovered_on_network(dhr_port=None,
dht_interface=None,
pubkey_sig_bytes=bytes(
URSULA.stamp),
rest_address="localhost",
rest_port=3500)
response = requests.post("http://localhost:3500/consider_contract",
bytes(contract))
response.was_accepted = True
return ursula, response
def test_anybody_can_encrypt():
"""
Similar to anybody_can_verify() above; we show that anybody can encrypt.
"""
everyman = Character()
ursula = Ursula(is_me=False)
cleartext = b"This is Officer Rod Farva. Come in, Ursula! Come in Ursula!"
ciphertext, signature = everyman.encrypt_for(ursula, cleartext, sign=False)
assert signature == NOT_SIGNED
assert ciphertext is not None
def test_alice_can_get_ursulas_keys_via_rest(alice, ursulas):
mock_client = TestClient(ursulas[0].rest_app)
response = mock_client.get('http://localhost/public_keys')
splitter = BytestringSplitter((UmbralPublicKey, PUBLIC_KEY_LENGTH, {
"as_b64": False
}), (UmbralPublicKey, PUBLIC_KEY_LENGTH, {
"as_b64": False
}))
signing_key, encrypting_key = splitter(response.content)
stranger_ursula_from_public_keys = Ursula.from_public_keys(
(SigningPower, signing_key), (EncryptingPower, encrypting_key))
assert stranger_ursula_from_public_keys == ursulas[0]
def make_ursulas(how_many_ursulas: int, ursula_starting_port: int) -> list:
"""
:param how_many_ursulas: How many Ursulas to create.
:param ursula_starting_port: The port of the first created Ursula; subsequent Ursulas will increment the port number by 1.
:return: A list of created Ursulas
"""
event_loop = asyncio.get_event_loop()
URSULAS = []
for _u in range(how_many_ursulas):
engine = create_engine('sqlite:///:memory:')
Base.metadata.create_all(engine)
ursulas_keystore = keystore.KeyStore(engine)
_URSULA = Ursula(urulsas_keystore=ursulas_keystore)
_URSULA.attach_server()
_URSULA.listen(ursula_starting_port + _u, "127.0.0.1")
URSULAS.append(_URSULA)
for _counter, ursula in enumerate(URSULAS):
event_loop.run_until_complete(
ursula.server.bootstrap([("127.0.0.1", ursula_starting_port + _c)
for _c in range(how_many_ursulas)]))
ursula.publish_dht_information()
return URSULAS
def test_character_with_encrypting_power_can_encrypt():
"""
Now, a Character *with* EncryptingKeyPair can encrypt.
"""
can_sign_and_encrypt = Character(crypto_power_ups=[SigningPower, EncryptingPower])
ursula = Ursula()
can_sign_and_encrypt.learn_about_actor(ursula)
cleartext = b"This is Officer Rod Farva. Come in, Ursula! Come in Ursula!"
# TODO: Make encrypt_for actually encrypt.
ciphertext, signature = can_sign_and_encrypt.encrypt_for(ursula, cleartext, sign=False)
assert signature == NOT_SIGNED
assert ciphertext is not None # annnd fail.
def find_ursula(self, contract=None):
ursula = Ursula.as_discovered_on_network(
dht_port=None,
dht_interface=None,
rest_address="https://localhost",
rest_port=3550,
powers_and_keys={
SigningPower: URSULA.stamp.as_umbral_pubkey(),
EncryptingPower: URSULA.public_key(EncryptingPower)
})
response = requests.post("https://localhost:3550/consider_contract",
bytes(contract),
verify=False)
response.was_accepted = True
return ursula, response
def test_anybody_can_encrypt():
"""
Similar to anybody_can_verify() above; we show that anybody can encrypt.
"""
can_sign_and_encrypt = Character(
crypto_power_ups=[SigningPower, EncryptingPower])
ursula = Ursula()
cleartext = b"This is Officer Rod Farva. Come in, Ursula! Come in Ursula!"
ciphertext, signature = can_sign_and_encrypt.encrypt_for(ursula,
cleartext,
sign=False)
assert signature == NOT_SIGNED
assert ciphertext is not None
def find_ursula(self, contract=None):
ursula = Ursula.as_discovered_on_network(
dht_port=None,
ip_address="localhost",
rest_port=3601,
powers_and_keys={
SigningPower: self.ursulas[0].stamp.as_umbral_pubkey(),
EncryptingPower: self.ursulas[0].public_key(EncryptingPower)
})
response = requests.post("https://localhost:3601/consider_arrangement",
bytes(contract),
verify=False)
if response.status_code == 200:
response.was_accepted = True
else:
raise RuntimeError(
"Something went terribly wrong. What'd you do?!")
return ursula, response
def make_fake_ursulas(how_many):
URSULAS = []
for _u in range(how_many):
_URSULA = Ursula()
_URSULA.attach_server()
_URSULA.listen(URSULA_PORT + _u, "127.0.0.1")
URSULAS.append(_URSULA)
for _counter, ursula in enumerate(URSULAS):
EVENT_LOOP.run_until_complete(ursula.server.bootstrap([("127.0.0.1", URSULA_PORT)]))
EVENT_LOOP.run_until_complete(ursula.server.bootstrap([("127.0.0.1", URSULA_PORT + _counter)]))
ursula.publish_interface_information()
return URSULAS
def test_signing_only_power_cannot_encrypt():
"""
Similar to the above with signing, here we show that a Character without the EncryptingKeypair
PowerUp can't encrypt.
"""
# Here's somebody who can sign but not encrypt.
can_sign_but_not_encrypt = Character(crypto_power_ups=[SigningPower])
# ..and here's Ursula, for whom our Character above wants to encrypt.
ursula = Ursula()
# They meet.
can_sign_but_not_encrypt.learn_about_actor(ursula)
# The Character has the message ready...
cleartext = "This is Officer Rod Farva. Come in, Ursula! Come in Ursula!"
# But without the proper PowerUp, no encryption happens.
with pytest.raises(NoEncryptingPower) as e_info:
can_sign_but_not_encrypt.encrypt_for(ursula, cleartext)
# WIP w/ hendrix@8227c4abcb37ee6d27528a13ec22d55ee106107f
import datetime
import sys
import requests
from nkms.characters import Alice, Bob, Ursula
from nkms.crypto.kits import MessageKit
from nkms.crypto.powers import SigningPower, EncryptingPower
from nkms.network.node import NetworkyStuff
from umbral import pre
ALICE = Alice()
BOB = Bob()
URSULA = Ursula.from_rest_url(address="https://localhost", port="3550")
class SandboxNetworkyStuff(NetworkyStuff):
def find_ursula(self, contract=None):
ursula = Ursula.as_discovered_on_network(
dht_port=None,
dht_interface=None,
rest_address="https://localhost",
rest_port=3550,
powers_and_keys={
SigningPower: URSULA.stamp.as_umbral_pubkey(),
EncryptingPower: URSULA.public_key(EncryptingPower)
})
response = requests.post("https://localhost:3550/consider_contract",
bytes(contract),
# This is an example of Alice setting a Policy on the NuCypher network.
# In this example, Alice uses n=1, which is almost always a bad idea. Don't do it.
# WIP w/ hendrix@8227c4abcb37ee6d27528a13ec22d55ee106107f
import datetime
import requests
from nkms.characters import Alice, Bob, Ursula
from nkms.network.node import NetworkyStuff
ALICE = Alice()
BOB = Bob()
URSULA = Ursula.from_rest_url("http://localhost:3500/public_keys")
ALICE.learn_about_actor(URSULA)
class SandboxNetworkyStuff(NetworkyStuff):
def find_ursula(self, contract=None):
ursula = Ursula.as_discovered_on_network(dhr_port=None,
dht_interface=None,
pubkey_sig_bytes=bytes(
URSULA.stamp),
rest_address="localhost",
rest_port=3500)
response = requests.post("http://localhost:3500/consider_contract",
bytes(contract))
response.was_accepted = True
return ursula, response
import os
from cryptography.hazmat.primitives.asymmetric import ec
from hendrix.deploy.ssl import HendrixDeployTLS
from hendrix.facilities.services import ExistingKeyTLSContextFactory
from nkms.characters import Ursula
from OpenSSL.crypto import X509
from OpenSSL.SSL import TLSv1_2_METHOD
from nkms.crypto.api import generate_self_signed_certificate
DB_NAME = "non-mining-proxy-node"
_URSULA = Ursula(dht_port=3501, dht_interface="localhost", db_name=DB_NAME)
_URSULA.listen()
CURVE = ec.SECP256R1
cert, private_key = generate_self_signed_certificate(
_URSULA.stamp.fingerprint().decode(), CURVE)
deployer = HendrixDeployTLS("start", {
"wsgi": _URSULA.rest_app,
"https_port": 3550
},
key=private_key,
cert=X509.from_cryptography(cert),
context_factory=ExistingKeyTLSContextFactory,
context_factory_kwargs={
"curve_name": "prime256v1",
import os
from cryptography.hazmat.primitives.asymmetric import ec
from hendrix.deploy.tls import HendrixDeployTLS
from hendrix.facilities.services import ExistingKeyTLSContextFactory
from nkms.characters import Ursula
from OpenSSL.crypto import X509
from OpenSSL.SSL import TLSv1_2_METHOD
from nkms.crypto.api import generate_self_signed_certificate
DB_NAME = "non-mining-proxy-node"
_URSULA = Ursula(dht_port=3501,
rest_port=3601,
ip_address="localhost",
db_name=DB_NAME)
_URSULA.dht_listen()
CURVE = ec.SECP256R1
cert, private_key = generate_self_signed_certificate(
_URSULA.stamp.fingerprint().decode(), CURVE)
deployer = HendrixDeployTLS("start", {
"wsgi": _URSULA.rest_app,
"https_port": _URSULA.rest_port
},
key=private_key,
cert=X509.from_cryptography(cert),
context_factory=ExistingKeyTLSContextFactory,
context_factory_kwargs={
def test_ursula_generates_self_signed_cert():
ursula = Ursula(attach_server=False)
cert, cert_private_key = ursula.generate_self_signed_certificate()
public_key_numbers = ursula.public_key(SigningPower).to_cryptography_pubkey().public_numbers()
assert cert.public_key().public_numbers() == public_key_numbers
# This is not an actual mining script. Don't use this to mine - you won't
# perform any re-encryptions, and you won't get paid.
# It might be (but might not be) useful for determining whether you have
# the proper depedencies and configuration to run an actual mining node.
# WIP w/ hendrix@8227c4abcb37ee6d27528a13ec22d55ee106107f
from sqlalchemy.engine import create_engine
from nkms.characters import Ursula
from nkms.keystore import keystore
from nkms.keystore.db import Base
engine = create_engine('sqlite:///:memory:')
Base.metadata.create_all(engine)
ursulas_keystore = keystore.KeyStore(engine)
_URSULA = Ursula(urulsas_keystore=ursulas_keystore)
_URSULA.attach_server()
from hendrix.deploy.base import HendrixDeploy
deployer = HendrixDeploy("start", {
"wsgi": _URSULA._rest_app,
"http_port": 3500
})
deployer.run()
def find_ursula(self, id, offer=None):
if offer:
return Ursula(), MockPolicyOfferResponse()
else:
return super().find_ursula(id)
