def __init__(self,
alice: Alice,
label: bytes,
expiration: maya.MayaDT,
bob: 'Bob' = None,
kfrags: Tuple[KFrag, ...] = (UNKNOWN_KFRAG, ),
public_key=None,
m: int = None,
alice_signature=NOT_SIGNED) -> None:
"""
:param kfrags: A list of KFrags to distribute per this Policy.
:param label: The identity of the resource to which Bob is granted access.
"""
self.alice = alice
self.label = label
self.bob = bob
self.kfrags = kfrags
self.public_key = public_key
self._id = construct_policy_id(self.label, bytes(self.bob.stamp))
self.treasure_map = self._treasure_map_class(m=m)
self.expiration = expiration
self._accepted_arrangements = set() # type: Set[Arrangement]
self._rejected_arrangements = set() # type: Set[Arrangement]
self._spare_candidates = set() # type: Set[Ursula]
self._enacted_arrangements = OrderedDict()
self._published_arrangements = OrderedDict()
self.alice_signature = alice_signature # TODO: This is unused / To Be Implemented?
self.publishing_mutex = None
def revoke(self, label: bytes, bob_verifying_key: bytes):
policy_id = construct_policy_id(label, bob_verifying_key)
policy = self.character.active_policies[policy_id]
failed_revocations = self.character.revoke(policy)
if len(failed_revocations) > 0:
for node_id, attempt in failed_revocations.items():
revocation, fail_reason = attempt
if fail_reason == NotFound:
del(failed_revocations[node_id])
if len(failed_revocations) <= (policy.n - policy.treasure_map.m + 1):
del(self.character.active_policies[policy_id])
response_data = {'failed_revocations': len(failed_revocations)}
return response_data
def __init__(
self,
alice: Alice,
label: bytes,
expiration: maya.MayaDT,
bob: 'Bob',
kfrags: Sequence[KFrag],
public_key: UmbralPublicKey,
m: int,
):
"""
:param kfrags: A list of KFrags to distribute per this Policy.
:param label: The identity of the resource to which Bob is granted access.
"""
self.m = m
self.n = len(kfrags)
self.alice = alice
self.label = label
self.bob = bob
self.kfrags = kfrags
self.public_key = public_key
self.expiration = expiration
self._id = construct_policy_id(self.label, bytes(self.bob.stamp))
"""
# TODO: #180 - This attribute is hanging on for dear life.
After 180 is closed, it can be completely deprecated.
The "hashed resource authentication code".
A hash of:
* Alice's public key
* Bob's public key
* the label
Alice and Bob have all the information they need to construct this.
Ursula does not, so we share it with her.
"""
self.hrac = keccak_digest(
bytes(self.alice.stamp) + bytes(self.bob.stamp) +
self.label)[:HRAC_LENGTH]
def id(self) -> bytes:
return construct_policy_id(self.label, bytes(self.bob.stamp))
