def __decrypt_response(self, response) :
"""
decrypt the response using the session key
:param response string: base64 encoded, encrypted with session key
"""
decoded_response = crypto.base64_to_byte_array(response)
return crypto.SKENC_DecryptMessage(self.session_key, decoded_response)
def evaluate(self) :
"""
evaluate the request using the enclave service
"""
assert self.operation == 'update'
# Encrypt the request
serialized_byte_array = crypto.string_to_byte_array(self.__serialize_for_encryption())
encrypted_request = bytes(crypto.SKENC_EncryptMessage(self.session_key, serialized_byte_array))
encrypted_key = bytes(self.enclave_keys.encrypt(self.session_key))
try :
self.contract_state.push_state_to_eservice(self.enclave_service)
encrypted_response = self.enclave_service.send_to_contract(encrypted_key, encrypted_request)
except Exception as e:
logger.warn('contract invocation failed; %s', str(e))
raise InvocationException('contract invocation failed') from e
try :
decrypted_response = crypto.SKENC_DecryptMessage(self.session_key, encrypted_response)
except Exception as e:
logger.exception('failed to decrypt response; %s', encrypted_response)
raise InvocationException('contract response cannot be decrypted')
try :
response_string = crypto.byte_array_to_string(decrypted_response)
response_parsed = json.loads(response_string[0:-1])
logger.debug("parsed response: %s", response_parsed)
except Exception as e:
logger.exception('contract response is invalid; %s', str(e))
raise InvocationException('failed to parse contract response') from e
# if response_parsed['Status'] is False :
# raise InvocationException(response_parsed['InvocationResponse'])
try :
if response_parsed['Status'] and response_parsed['StateChanged'] :
contract_response = UpdateStateResponse(self, response_parsed)
else :
contract_response = ContractResponse(self, response_parsed)
except Exception as e:
logger.exception('contract response is invalid; %s', str(e))
raise InvocationException('contract response is invalid') from e
return contract_response
def load(cls, config, profile_name, password):
"""load an existing profile from disk
"""
logger.info('load profile for %s', profile_name)
profile_file = Profile.__profile_file_name__(config, profile_name)
if not os.path.exists(profile_file):
return None
with open(profile_file, "rb") as pf:
encrypted_profile = pf.read()
logger.info('profile loaded from %s', profile_file)
skenc_key = Profile.__encryption_key__(password)
serialized_profile = crypto.SKENC_DecryptMessage(
skenc_key, encrypted_profile)
serialized_profile = bytes(serialized_profile)
return cls(profile_name, serialized_profile)
def __decrypt_response(self, response):
decoded_response = crypto.base64_to_byte_array(response)
return crypto.SKENC_DecryptMessage(self.session_key, decoded_response)
"ERROR: Symmetric encryption invalid iv detection test failed: not detected."
)
sys.exit(-1)
except Exception as exc:
if (type(exc) == ValueError):
logger.debug(
"Symmetric encryption invalid iv detection test successful!")
else:
logger.error(
"ERROR: Symmetric encryption invalid iv detection test failed: ",
exc)
sys.exit(-1)
try:
ciphertext = crypto.SKENC_EncryptMessage(key, iv, msg)
crypto.SKENC_DecryptMessage(key, iv, ciphertext)
except Exception as exc:
logger.error("ERROR: Symmetric encryption test failed: ", exc)
sys.exit(-1)
if (bytearray(plaintext) == bytearray(msg)):
logger.debug("Symmetric encryption/decryption test successful!\n")
else:
logger.errpr(
"ERROR:Symmetric encryption/decryption test failed: decrypted text and plaintext mismatch.\n"
)
exit(-1)
c = list(ciphertext)
c[0] = (
c[0] + 1