CapsuleManager sdk offers several apis to access CapsuleManager Service, which is designed to manage metadata of user data and authorization information.
There are two ways to use CapsuleManager SDK:
pip install capsule-manager-sdk
You can just call functions defined in file python/sdc/capsule_manager_frame.py. The function is as follows:
example:
from sdc.capsule_manager_frame import CapsuleManagerFrame
auth_frame = CapsuleManagerFrame(
"127.0.0.1:8888",
"1083D6017E951017EB29611024D63D4DF73445DD880D1151E776541FEBE4A776",
None,
True,
)
public_key_pem = auth_frame.get_public_key()
print(public_key_pem)
For more examples please see file python/tests/test_capsule_manager.py
There are three commands in terminal, the commands are following:
Command cms is the main command, it includes several subcommands which are following:
cms --help
Usage: cms [OPTIONS] COMMAND [ARGS]...
Options:
--config-file TEXT the config path
--help Show this message and exit.
Commands:
add-data-rule add data rule for a specific...
delete-data-key delete the data key of a...
delete-data-policy delete data policy of a...
delete-data-rule delete data rule for a...
get-data-keys get data_keys of several...
get-data-policys get data policy of the party...
get-export-data-key get the data key of export...
get-public-key get the pem format of public...
register-cert upload the cert of party...
register-data-keys upload data_keys of several...
register-data-policy upload data policy of a...
If you want to know what subcommands or parameters are supported, just use --help
# view supported subcommands
cms --help
# view supported parameters
cms --config-file=cli/cms/cli.yaml delete-data-rule --help
config-file: the path of config file, we will explain it in the cms_config section
commands: each command call one corresponding function in file python/sdc/capsule_manager_frame.py. I believe you can distinguish them from their names, for example, command get-public-key is calling function get_public_key
cms --config-file=cli/cms/cli.yaml get-public-key
# this will print public-key
There are three parts in the config file python/cli/cli-template.yaml.
main section: it will be used to instantiate class CapsuleManagerFrame defined in file python/sdc/capsule_manager_frame.py
host: "127.0.0.1"
mr_enclave: ""
sim: true
root_ca_file: null
private_key_file: null
# List[str], cert chain file
cert_chain_file: null
common section: the common config of function part
common:
# str
party_id: "alice"
# List[str], cert chain file
cert_pems_file: null
# str
scheme: "RSA"
# file contains private key
private_key_file: null
function section: each section corresponds to a function call. for example, the fuction create_data_keys. As you can see, the configuration corresponds to the function parameters one-to-one.(of course, there are some function parameters in the common section)
# function defination
def create_data_keys(
self,
owner_party_id: str,
resource_uris: List[str],
data_keys: List[bytes],
cert_pems: List[bytes] = None,
private_key: Union[bytes, str, rsa.RSAPrivateKey] = None,
):
# the function part of the config file
register_data_keys:
# List[str]
resource_uris:
# List[bytes]
data_key_b64s:
After the above explanation, you should understand the design concept of this configuration file, but there are two points to note:
If the content of a configuration field is too long, it will be changed to read from a file. for example, the RSA key pair:
root_ca_file: null
private_key_file: null
cert_chain_file: null
If the type of the content of a configuration field cannot be represented by a string, it will be changed to be represented by a string. for example, the type of data key is bytes, we will base64 encode it
# List[bytes]
data_key_b64s:
so, How to modify the configuration file by cms_config command?
Command cms_config help modify the config file python/cli/cli-template.yaml which will be used in cms command
Command cms_config is the main command, it includes several subcommands which are following:
cms_config --help
Usage: cms_config [OPTIONS] COMMAND [ARGS]...
Options:
--config-file TEXT config file path
--help Show this message and exit.
Commands:
add-data-rule
common
create-data-policy
delete-data-policy
delete-data-rule
get-data-keys
get-data-policys
init
If you want to know what subcommands or parameters are supported, just use --help
# view supported subcommands
cms_config --help
# view supported parameters
cms_config --config-file=cli/cms/cli.yaml init --help
Since cms_config modifies the config file and the config file has three sections, so the corresponding cms_config has three types of subcommands.
cms_config --config-file=cli/cms/cli.yaml init
cms_config --config-file=cli/cms/cli.yaml common
cms_config --config-file=cli/cms/cli.yaml delete-data-rule
Please note that some parameters cannot be modified via the command cms_config, this is because we follow two principles:
if the parameter type is list, it cannot be modified through the command line because click does not support nested lists.
if the parameter content is too long, we do not support passing it in through the command line.
Command cms_util offers several convenient subcommands to use
cms_util --help
Usage: cms_util [OPTIONS] COMMAND [ARGS]...
Options:
--help Show this message and exit.
Commands:
decrypt-file decrypt file using data key
decrypt-file-inplace decrypt file inplace...
encrypt-file encrypt file using data key
encrypt-file-inplace encrypt file inplace...
generate-data-export-cert generate the vote result...
generate-data-key-b64 generate the base64...
generate-party-id generate the party id...
generate-rsa-keypair generate rsa key pair...
If you want to know what subcommands or parameters are supported, just use --help
# view supported subcommands
cms_util --help
# view supported parameters
cms_config decrypt-file --help
for command cms_util, just use it. for example
cms_util generate-data-key-b64
# output
emK2Imaz9f6nZNWO2hBjdA==
For most functions, you can tell what they do by their names. For a small number of functions that are difficult to understand, here is a detailed description.
generate-data-key-b64: generate data key and encode it with base64
generate-party-id: generate the identifier of party based on its certificate
merge-cert-chain-files: merge multiple certificate files into a certificate chain file. Note that the order of the certificates is important. The last certificate is the CA.
generate-data-export-cert: when exporting data, data participants are required to vote whether to agree to the data export. This function is used to generate the voting results. Since the voting results are more complicated, there is also a file python/cli/data-export-template.yaml to help generate the voting results.
The design idea of this file python/cli/data-export-template.yaml is consistent with the previous file python/cli/cli-template.yaml and is not difficult to understand.
vote_request:
vote_request_id:
type:
initiator:
vote_counter:
voters:
-
executors:
-
approved_threshold:
approved_action:
rejected_action:
# List[str], cert chain file
cert_chain_file:
private_key_file:
vote_request_signature:
vote_invite:
-
vote_request_id:
voter:
action:
# List[str], cert chain file
cert_chain_file:
private_key_file:
voter_signature:
This project is licensed under the Apache License
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。