label = policy_data["label"].encode() treasure_map = EncryptedTreasureMap.from_bytes( base64.b64decode(policy_data["treasure_map"].encode())) # The Doctor can retrieve encrypted data which he can decrypt with his private key. # But first we need some encrypted data! # Let's read the file produced by the heart monitor and unpack the MessageKits, # which are the individual ciphertexts. data = msgpack.load(open("heart_data.msgpack", "rb"), raw=False) message_kits = (MessageKit.from_bytes(k) for k in data['kits']) # Now he can ask the NuCypher network to get a re-encrypted version of each MessageKit. for message_kit in message_kits: start = timer() retrieved_plaintexts = doctor.retrieve_and_decrypt( [message_kit], alice_verifying_key=alices_sig_pubkey, encrypted_treasure_map=treasure_map) end = timer() plaintext = msgpack.loads(retrieved_plaintexts[0], raw=False) # Now we can get the heart rate and the associated timestamp, # generated by the heart rate monitor. heart_rate = plaintext['heart_rate'] timestamp = maya.MayaDT(plaintext['timestamp']) # This code block simply pretty prints the heart rate info terminal_size = shutil.get_terminal_size().columns max_width = min(terminal_size, 120) columns = max_width - 12 - 27 scale = columns / 40
for counter, plaintext in enumerate(finnegans_wake): # Enrico knows the policy's public key from a side-channel. # In this demo a new enrico is being constructed for each line of text. # This demonstrates how many individual encryptors may encrypt for a single policy. # In other words -- Many data sources (Enricos) can encrypt for the policy's public key. enrico = Enrico(policy_encrypting_key=policy_public_key) # In this case, the plaintext is a single passage from James Joyce's Finnegan's Wake. # The matter of whether encryption makes the passage more or less readable # is left to the reader to determine. message_kit = enrico.encrypt_message(plaintext) enrico_public_key = bytes(enrico.stamp) del enrico ############### # Back to Bob # ############### # Now Bob can retrieve the original message by requesting re-encryption from nodes. cleartexts = bob.retrieve_and_decrypt( [message_kit], alice_verifying_key=alice_verifying_key, encrypted_treasure_map=policy.treasure_map) # We show that indeed this is the passage originally encrypted by Enrico. assert plaintext == cleartexts[0] print(cleartexts) bob.disenchant()
def test_bob_retrieves(federated_alice, federated_ursulas, certificates_tempdir): # Let's partition Ursulas in two parts a_couple_of_ursulas = list(federated_ursulas)[:2] rest_of_ursulas = list(federated_ursulas)[2:] # Bob becomes bob = Bob( federated_only=True, domain=TEMPORARY_DOMAIN, start_learning_now=True, network_middleware=MockRestMiddleware(), abort_on_learning_error=True, known_nodes=a_couple_of_ursulas, ) # Bob has only connected to - at most - 2 nodes. assert sum(node.verified_node for node in bob.known_nodes) <= 2 # Alice creates a policy granting access to Bob # Just for fun, let's assume she distributes KFrags among Ursulas unknown to Bob shares = NUMBER_OF_URSULAS_IN_DEVELOPMENT_NETWORK - 2 label = b'label://' + os.urandom(32) contract_end_datetime = maya.now() + datetime.timedelta(days=5) policy = federated_alice.grant( bob=bob, label=label, threshold=3, shares=shares, expiration=contract_end_datetime, ursulas=set(rest_of_ursulas), ) assert label == policy.label # Enrico becomes enrico = Enrico(policy_encrypting_key=policy.public_key) plaintext = b"What's your approach? Mississippis or what?" message_kit = enrico.encrypt_message(plaintext) alices_verifying_key = federated_alice.stamp.as_umbral_pubkey() # Bob takes the message_kit and retrieves the message within delivered_cleartexts = bob.retrieve_and_decrypt( [message_kit], alice_verifying_key=alices_verifying_key, encrypted_treasure_map=policy.treasure_map) assert plaintext == delivered_cleartexts[0] cleartexts_delivered_a_second_time = bob.retrieve_and_decrypt( [message_kit], alice_verifying_key=alices_verifying_key, encrypted_treasure_map=policy.treasure_map) # Indeed, they're the same cleartexts. assert delivered_cleartexts == cleartexts_delivered_a_second_time # Let's try retrieve again, but Alice revoked the policy. receipt, failed_revocations = federated_alice.revoke(policy) assert len(failed_revocations) == 0 # One thing to note here is that Bob *can* still retrieve with the cached CFrags, # even though this Policy has been revoked. #892 _cleartexts = bob.retrieve_and_decrypt( [message_kit], alice_verifying_key=alices_verifying_key, encrypted_treasure_map=policy.treasure_map) assert _cleartexts == delivered_cleartexts # TODO: 892 bob.disenchant()