Python library changes.

MoeraOrg · Aug 26, 2024 · 10058c5 · 10058c5
1 parent e1ec74c
commit 10058c5
Show file tree

Hide file tree

Showing 3 changed files with 93 additions and 7 deletions.
diff --git a/_data/py_crypto_classes.yml b/_data/py_crypto_classes.yml
@@ -1,4 +1,13 @@
 functions:
+  - name: digest_fingerprint(fingerprint)
+    params:
+      - name: fingerprint
+        type: bytes
+        description: the fingerprint
+    out:
+      type: bytes
+      description: the digest
+    description: Calculate a cryptographic digest of the fingerprint.
   - name: generate_key()
     out:
       type: ec.EllipticCurvePrivateKey
@@ -18,6 +27,15 @@ functions:
       type: ec.EllipticCurvePrivateKey
       description: the private key
     description: Restore a private key from the given mnemonic.
+  - name: raw_private_key(private_key)
+    params:
+      - name: private_key
+        type: ec.EllipticCurvePrivateKey
+        description: the private key
+    out:
+      type: bytes
+      description: the raw private key
+    description: Convert a private key to the raw format to pass to the client.
   - name: raw_public_key(public_key)
     params:
       - name: public_key
@@ -27,15 +45,15 @@ functions:
       type: bytes
       description: the raw public key
     description: Convert a public key to the raw format used by the naming server.
-  - name: digest_fingerprint(fingerprint)
+  - name: raw_to_private_key(raw_private_key)
     params:
-      - name: fingerprint
+      - name: raw_private_key
         type: bytes
-        description: the fingerprint
+        description: the raw private key
     out:
-      type: bytes
-      description: the digest
-    description: Calculate a cryptographic digest of the fingerprint.
+      type: ec.EllipticCurvePrivateKey
+      description: the private key
+    description: Restore a private key from the raw format.
   - name: sign_fingerprint(fingerprint, private_key)
     params:
       - name: fingerprint

diff --git a/_data/py_node_classes.yml b/_data/py_node_classes.yml
@@ -60,11 +60,24 @@ classes:
     category: class
     description: Class that gets cartes from the given node, caches them and supplies them for authentication.
     functions:
-      - name: MoeraCarteSource(node)
+      - name: MoeraCarteSource(node, client_scope, admin_scope)
         params:
           - name: node
             class: MoeraNode
             description: node to get cartes from
+          - name: client_scope
+            class: Scope
+            array: true
+            optional: true
+            description: >
+              permissions to be granted to the carte; if not set, all permissions of the carte's owner are granted
+          - name: admin_scope
+            class: Scope
+            array: true
+            optional: true
+            description: >
+              additional administrative permissions (of those granted to the carte's owner by the target node) to be
+              granted to the carte
       - name: renew()
         description: Force renewing the cached list of cartes.
       - name: get_carte()
@@ -209,3 +222,43 @@ functions:
       type: str
       description: standard URL
     description: Convert partial node URL to a standardized form.
+  - name: generate_carte(owner_name, signing_key, beginning, ttl, address, node_name, client_scope, admin_scope)
+    params:
+      - name: owner_name
+        type: str
+        optional: true
+        description: name of the node authenticating with the carte
+      - name: signing_key
+        type: ec.EllipticCurvePrivateKey
+        description: the private signing key to sign the carte
+      - name: beginning
+        type: Timestamp
+        optional: true
+        description: timestamp of the beginning of the carte's life
+      - name: ttl
+        type: int
+        optional: true
+        description: length of the carte's life, in seconds
+      - name: address
+        type: str
+        optional: true
+        description: if set, the carte is valid for authentication from the given IP address only
+      - name: node_name
+        type: str
+        optional: true
+        description: if set, the carte is valid for authentication on the specified node only
+      - name: client_scope
+        class: Scope
+        array: true
+        optional: true
+        description: list of permissions granted to the carte
+      - name: admin_scope
+        class: Scope
+        array: true
+        optional: true
+        description: >
+          list of additional administrative permissions (of those granted to the carte's owner by the target node)
+          granted to the carte
+    out:
+      type: str
+      description: the carte
diff --git a/development/python-moeralib/index.md b/development/python-moeralib/index.md
@@ -130,6 +130,21 @@ for story in slice.stories:
         print(story.posting.operations.view, story.posting.heading)
 ```
 
+## Generating cartes
+
+`generate_carte()` function generates a carte with the given parameters and signs
+it with the provided private signing key.
+
+```python
+import time
+
+from moeralib.crypto import raw_to_private_key
+from moeralib.node import generate_carte
+
+signing_key = raw_to_private_key(bytes.fromhex("72d0817beaf1800c5448841e490139b680f134a56e140bdb4f33aeb2c43e3c48"))
+carte = generate_carte("app0_0", signing_key, int(time.time()), node_name='Alice')
+```
+
 ## Universal URLs
 
 <code><a href="universal_location.html">moeralib.universal_location</a></code>