ch.epfl.dedis.ocs

Class OnchainSecretsRPC

java.lang.Object

ch.epfl.dedis.ocs.OnchainSecretsRPC

Direct Known Subclasses:

OnchainSecrets

public class OnchainSecretsRPC
extends Object

dedis/lib OnchainSecretsRPC.java Purpose: Implementing all communication with the cothority to set-up, check, write and read documents from the skipchain.

Version:

0.3 2017/11/13

Field Summary

Fields

Modifier and Type	Field and Description
protected Darc	adminDarc
protected SkipblockId	ocsID
protected Roster	roster
protected Point	X

Method Summary

Modifier and Type	Method and Description
ReadRequestId	createReadRequest(ReadRequest rr) Requests read-access to a document from the cothority.
void	createSkipchains(Darc writers) Creates a new skipchain and sets up a new ocs-shard.
WriteRequest	createWriteRequest(WriteRequest wr, DarcSignature signature) Creates a write request on the skipchain.
Darc	getAdminDarc()
SignaturePath	getDarcPath(DarcId base, Identity identity, int role) Gets a darc-path starting from the base to the identity given.
DecryptKey	getDecryptionKey(ReadRequestId id) Requests the re-encryption symmetricKey from the skipchain.
DecryptKey	getDecryptionKeyEphemeral(ReadRequestId id, DarcSignature signature, Point ephemeral) Requests the re-encryption symmetricKey from the skipchain, but uses an ephemeral key for it.
SkipblockId	getGenesis()
SkipblockId	getID()
List<Darc>	getLatestDarc(DarcId id) Requests the whole chain of darcs up to the current latest darc.
OCSProto.Read	getRead(ReadRequestId id) Requests the skipblock representing the read-request 'id' and returns the corresponding OCSRead-structure.
Roster	getRoster()
Point	getSharedPublicKey() returns the shared symmetricKey of the DKG that must be used to encrypt the symmetric encryption symmetricKey.
SkipchainProto.SkipBlock	getSkipblock(SkipblockId id) Returns the skipblock from the skipchain, given its id.
OCSProto.Transaction	getTransaction(SkipblockId id) Returns the transaction of a given skipblock, given the id of the block.
OCSProto.Write	getWrite(WriteRequestId id) Requests the skipblock representing the write-request 'id' and returns the corresponding OCSWrite-structure.
Point	getX()
void	updateDarc(Darc newAccount) Updates an existing account or adds a new account to the skipchain.
boolean	verify() Contacts all nodes in the cothority and returns true only if _all_ nodes returned OK.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ocsID

protected SkipblockId ocsID

X

protected Point X

adminDarc

protected Darc adminDarc

roster

protected Roster roster

Method Detail

verify

public boolean verify()

Contacts all nodes in the cothority and returns true only if _all_ nodes returned OK.

Returns:

true only if all nodes are OK, else false.

createSkipchains

public void createSkipchains(Darc writers)
                      throws CothorityCommunicationException

Creates a new skipchain and sets up a new ocs-shard. If a previous skipchain has been setup, it still exists and can be accessed with another OnchainSecretsRPC-instance.

Parameters:

writers - the darc of allowed writers to the skipchain.

Throws:

CothorityCommunicationException - in case of communication difficulties

updateDarc

public void updateDarc(Darc newAccount)
                throws CothorityCommunicationException,
                       CothorityCryptoException

Updates an existing account or adds a new account to the skipchain. This is mostly useful for accounts that need more access-control than just READ_ACCESS for documents.

Parameters:

newAccount - the new account to be added to the skipchain.

Throws:

CothorityCommunicationException - in case of communication difficulties

CothorityCryptoException

getSharedPublicKey

public Point getSharedPublicKey()
                         throws CothorityCommunicationException

returns the shared symmetricKey of the DKG that must be used to encrypt the symmetric encryption symmetricKey. This will be the same as OnchainSecretsRPC.X stored when creating the skipchain.

Returns:

the aggregate public symmetricKey of the ocs-shard

Throws:

CothorityCommunicationException - in case of communication difficulties

createWriteRequest

public WriteRequest createWriteRequest(WriteRequest wr,
                                       DarcSignature signature)
                                throws CothorityCommunicationException,
                                       CothorityCryptoException

Creates a write request on the skipchain. The signature has to be a valid signature of one of the publishers.

Parameters:

wr - the write-request to store on the skipchain

signature - the publisher with the right to sell read-access to the document

Returns:

Throws:

CothorityCommunicationException - in case of communication difficulties

CothorityCryptoException

getDarcPath

public SignaturePath getDarcPath(DarcId base,
                                 Identity identity,
                                 int role)
                          throws CothorityCommunicationException

Gets a darc-path starting from the base to the identity given. This darc-path is the shortest, most up-to-date path at the moment of reply. Of course an update might happen just before you actually use it, and your signature might be rejected then.

Parameters:

base - where to start the path

identity - which identity to find

Returns:

a DarcPath

Throws:

CothorityCommunicationException - in case of communication difficulties

createReadRequest

public ReadRequestId createReadRequest(ReadRequest rr)
                                throws CothorityCommunicationException,
                                       CothorityCryptoException

Requests read-access to a document from the cothority. If it is successful, the cothority will store the read-request on the skipblock.

Parameters:

rr - the prepared read request

Returns:

the id of the stored request

Throws:

CothorityCommunicationException

CothorityCryptoException

getSkipblock

public SkipchainProto.SkipBlock getSkipblock(SkipblockId id)
                                      throws CothorityCommunicationException

Returns the skipblock from the skipchain, given its id.

Parameters:

id - the id of the skipblock

Returns:

the proto-representation of the skipblock.

Throws:

CothorityCommunicationException - in case of communication difficulties

getTransaction

public OCSProto.Transaction getTransaction(SkipblockId id)
                                    throws CothorityCommunicationException

Returns the transaction of a given skipblock, given the id of the block.

Parameters:

id - the id of the skipblock

Returns:

the proto-representation of the skipblock.

Throws:

CothorityCommunicationException - in case of communication difficulties

getWrite

public OCSProto.Write getWrite(WriteRequestId id)
                        throws CothorityCommunicationException

Requests the skipblock representing the write-request 'id' and returns the corresponding OCSWrite-structure.

Parameters:

id - the id of the write-request

Returns:

[OCSProto.Write] the write-request that can be used for decryption

Throws:

CothorityCommunicationException - in case of communication difficulties

getRead

public OCSProto.Read getRead(ReadRequestId id)
                      throws CothorityCommunicationException

Requests the skipblock representing the read-request 'id' and returns the corresponding OCSRead-structure.

Parameters:

id - the id of the read-request

Returns:

[OCSProto.Read] the read-request

Throws:

CothorityCommunicationException - in case of communication difficulties

getDecryptionKey

public DecryptKey getDecryptionKey(ReadRequestId id)
                            throws CothorityCommunicationException

Requests the re-encryption symmetricKey from the skipchain.

TODO: depending on how we decide to implement the access-rights, this might go away.

Parameters:

id - the read-id

Returns:

a DecryptKey that can be applied to the document to decrypt it.

Throws:

CothorityCommunicationException - in case of communication difficulties

getDecryptionKeyEphemeral

public DecryptKey getDecryptionKeyEphemeral(ReadRequestId id,
                                            DarcSignature signature,
                                            Point ephemeral)
                                     throws CothorityCommunicationException,
                                            CothorityCryptoException

Requests the re-encryption symmetricKey from the skipchain, but uses an ephemeral key for it.

Parameters:

id - the read-id

signature - on the read-darc from the write-request

ephemeral - the ephemeral public key to use

Returns:

an array of bytes with the decrypted keymaterial

Throws:

CothorityCommunicationException - in case of communication difficulties

CothorityCryptoException

getLatestDarc

public List<Darc> getLatestDarc(DarcId id)
                         throws CothorityCommunicationException,
                                CothorityCryptoException

Requests the whole chain of darcs up to the current latest darc.

Parameters:

id - one of the darcs IDs.

Returns:

the darc-list, starting with the darc represented by the id given

Throws:

CothorityCommunicationException

CothorityCryptoException

getGenesis

public SkipblockId getGenesis()

getAdminDarc

public Darc getAdminDarc()
                  throws CothorityCryptoException,
                         CothorityCommunicationException

Throws:

CothorityCryptoException

CothorityCommunicationException

getID

public SkipblockId getID()

getX

public Point getX()

getRoster

public Roster getRoster()