Skip to content

Trust policy configuration example

Sergey Shpak edited this page Mar 26, 2018 · 2 revisions

In this example the user configures the trust policy for public keys received from DataPeps; the details are described on Configuring public keys validation page.

Here the user uses a second channel to verify the authenticity of the received public key of the version one (see this for details). To confirm the key validity and allow the SDK to use it the user enters yes when prompted; to refuse the key the user enters any other answer.

Show code
var DataPeps = require('datapeps-sdk');
var readline = require('readline');
var events = require('events');

global["TextEncoder"] = require('text-encoding').TextEncoder;                                                                                                                                                                                                                           
global["TextDecoder"] = require('text-encoding').TextDecoder;                                                                                                                                                                                              
global["XMLHttpRequest"] = require('xhr2');                                                                                                                                                                                                                                       
global["WebSocket"] = require('ws');                                                                      
global["btoa"] = require('btoa');
global["atob"] = require('atob');

process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0';

DataPeps.configure("https://" + process.env.PEPSCRYPTO_HOST);

var aliceLogin = "[email protected]",
    bobLogin = "[email protected]";

var alicePassword = "aliceP@ssw0rd",
    bobPassword = "bobP@ssw0rd";

class Base64 {
    static decode(s) {
        if (s == null) return null
        var i, d = atob(s), b = new Uint8Array(d.length);
        for (i = 0; i < d.length; i++)
            b[i] = d.charCodeAt(i);
        return b;
    }

    static encode(arr) {
        var i, s = [], len = arr.length;
        for (i = 0; i < len; i++)
            s.push(String.fromCharCode(arr[i]));
        return btoa(s.join(''));
    }
}

function sleep(ms) {
    return new Promise(resolve => setTimeout(resolve, ms));
}

class TrustAskUser {

    constructor(session) {
        this.session = session;
    }

    async askUser(pk) {
        // An event emitter, that fires an event when the user inputs something
        var eventEmitter = new events.EventEmitter();

        // A promise that is fullfiled on the user's input
        var promiseInput = new Promise((resolve) => {
            eventEmitter.on("input", resolve);
        })

        // Reading the user's input
        let rl = readline.createInterface({
            input: process.stdin,
            output: process.stdout
        });
        let question = pk.login + " public keys:"
            + "\n\tBox: " + Base64.encode(pk.box)
            + "\n\tSign: " + Base64.encode(pk.sign)
            + "\nAccept? yes/no: ";
        let isAccepted = null;
        let accepted = function(_isAccepted) {
            isAccepted = _isAccepted;
            // An event fires, when user inputs something
            eventEmitter.emit("input");
        }
        rl.question(question, (answer) => {
            rl.close();

            // The user's input is consumed
            if (answer == "yes") {
                console.log(this.session.login, " trusts ",
                           pk.login, " public key")
                accepted(true);
                return;
            }

            // If the user's answer is not "yes"
            console.log(this.session.login, " does not trust ",
                        pk.login, " public key");
            accepted(false);
        });

        // Waiting for user's input
        await promiseInput;

        // Returning user's input
        return new Promise((resolve) => {
            resolve(isAccepted);
        });
    }

    async trust(pk) {
        // The key is not in the cache, so it must be verified
        await this.askUser(pk).then((isAccepted) => {
            if (isAccepted) {
                return Promise.resolve();
            }
            return Promise.reject();
        });
    }      
}

async function main() {
    // Alice creates a resource
    let aliceSession = await DataPeps.login(aliceLogin, alicePassword);
    let aliceResource = await aliceSession.Resource.create("", null, [bobLogin]);

    // Alice closes her session
    aliceSession.close();

    // Bob configures trust policy
    let bobSession = await DataPeps.login(bobLogin, bobPassword);
    let trustPolicy = new TrustAskUser(bobSession);
    bobSession.setTrustPolicy(trustPolicy);

    // Bob tries to get Alice's resource with a new trust policy
    let noError = true;
    await bobSession.Resource.get(aliceResource.id).catch(_ => {
        console.log("Cannot get Alice's resource, as Bob does not trust the received Alice's public key");
        noError = false;
    })
    if (noError) {
        console.log("Alice's resource received");
    }

    // Bob closes his session
    bobSession.close();
}

main().catch(_ => console.log("An error occurred"));

Running the example

Before running the example make sure you followed the steps described here.

To fetch the code run the following command in the examples directory:

git clone https://gist.github.com/fbac9262453ee406af01b6011c3823d7.git trust-policy-configuration

To run this example execute the following command in the examples directory:

node trust-policy-configuration/trust-policy-configuration.js