def test_deserialized_wait_timer(self): wait_timer = \ EnclaveWaitTimer( validator_address='1600 Pennsylvania Avenue NW', duration=3.14159, previous_certificate_id='Bond. James Bond.', local_mean=2.71828) serialized = wait_timer.serialize() signing_key = self._create_random_key() wait_timer.signature = \ signing.sign(serialized, signing_key) copy_wait_timer = \ EnclaveWaitTimer.wait_timer_from_serialized( serialized, wait_timer.signature) self.assertEqual(wait_timer.validator_address, copy_wait_timer.validator_address) self.assertAlmostEqual(wait_timer.request_time, copy_wait_timer.request_time) self.assertAlmostEqual(wait_timer.duration, copy_wait_timer.duration) self.assertEqual(wait_timer.previous_certificate_id, copy_wait_timer.previous_certificate_id) self.assertAlmostEqual(wait_timer.local_mean, copy_wait_timer.local_mean) self.assertEqual(wait_timer.signature, copy_wait_timer.signature) self.assertEqual(serialized, copy_wait_timer.serialize())
def create_wait_timer(cls, sealed_signup_data, validator_address, previous_certificate_id, local_mean): with cls._lock: # Extract keys from the 'sealed' signup data signup_data = \ json2dict( base64.b64decode(sealed_signup_data.encode()).decode()) poet_private_key = signup_data['poet_private_key'] if poet_private_key is None: raise \ ValueError( 'Invalid signup data. No poet private key.') try: poet_private_key = Secp256k1PrivateKey.from_hex( poet_private_key) except ParseError: raise \ ValueError( 'Invalid signup data. Badly formatted poet key(s).') # In a TEE implementation we would increment the HW counter here. # We can't usefully simulate a HW counter though. # Create some value from the cert ID. We are just going to use # the seal key to sign the cert ID. We will then use the # low-order 64 bits to change that to a number [0, 1] tag = \ base64.b64decode( cls._context.sign( previous_certificate_id.encode(), cls._seal_private_key)) tagd = float(struct.unpack('Q', tag[-8:])[0]) / (2**64 - 1) # Now compute the duration with a minimum wait time guaranteed duration = \ _PoetEnclaveSimulator.MINIMUM_WAIT_TIME \ - local_mean * math.log(tagd) # Create and sign the wait timer wait_timer = \ EnclaveWaitTimer( validator_address=validator_address, duration=duration, previous_certificate_id=previous_certificate_id, local_mean=local_mean) wait_timer.signature = \ cls._context.sign( wait_timer.serialize().encode(), poet_private_key) return wait_timer
def create_wait_timer(cls, sealed_signup_data, validator_address, previous_certificate_id, local_mean): with cls._lock: # Extract keys from the 'sealed' signup data signup_data = \ json2dict( base64.b64decode(sealed_signup_data.encode()).decode()) poet_private_key = signup_data['poet_private_key'] if poet_private_key is None: raise \ ValueError( 'Invalid signup data. No poet private key.') try: poet_private_key = Secp256k1PrivateKey.from_hex( poet_private_key) except ParseError: raise \ ValueError( 'Invalid signup data. Badly formatted poet key(s).') # In a TEE implementation we would increment the HW counter here. # We can't usefully simulate a HW counter though. # Create some value from the cert ID. We are just going to use # the seal key to sign the cert ID. We will then use the # low-order 64 bits to change that to a number [0, 1] tag = \ base64.b64decode( cls._context.sign( previous_certificate_id.encode(), cls._seal_private_key)) tagd = float(struct.unpack('Q', tag[-8:])[0]) / (2**64 - 1) # Now compute the duration with a minimum wait time guaranteed duration = \ _PoetEnclaveSimulator.MINIMUM_WAIT_TIME \ - local_mean * math.log(tagd) # Create and sign the wait timer wait_timer = \ EnclaveWaitTimer( validator_address=validator_address, duration=duration, previous_certificate_id=previous_certificate_id, local_mean=local_mean) wait_timer.signature = \ cls._context.sign( wait_timer.serialize().encode(), poet_private_key) return wait_timer
def do_deserialized_wait_timer(): wait_timer = \ EnclaveWaitTimer( validator_address='1600 Pennsylvania Avenue NW', duration=3.14159, previous_certificate_id='Bond. James Bond.', local_mean=2.71828) serialized = wait_timer.serialize() private_key = _create_random_key() wait_timer.signature = \ create_context('secp256k1').sign(serialized.encode(), private_key) copy_wait_timer = \ EnclaveWaitTimer.wait_timer_from_serialized( serialized, wait_timer.signature)
def create_wait_timer(cls, validator_address, previous_certificate_id, local_mean, minimum_wait_time): with cls._lock: # If we don't have a PoET private key, then the enclave has not # been properly initialized (either by calling create_signup_info # or unseal_signup_data) if cls._poet_private_key is None: raise \ ValueError( 'Enclave must be initialized before attempting to ' 'create a wait timer') # Create some value from the cert ID. We are just going to use # the seal key to sign the cert ID. We will then use the # low-order 64 bits to change that to a number [0, 1] tag = \ base64.b64decode( signing.sign( previous_certificate_id, cls._seal_private_key)) tagd = float(struct.unpack('Q', tag[-8:])[0]) / (2**64 - 1) # Now compute the duration with a minimum wait time guaranteed duration = minimum_wait_time - local_mean * math.log(tagd) # Create and sign the wait timer wait_timer = \ EnclaveWaitTimer( validator_address=validator_address, duration=duration, previous_certificate_id=previous_certificate_id, local_mean=local_mean) wait_timer.signature = \ signing.sign( wait_timer.serialize(), cls._poet_private_key) # Keep track of the active wait timer cls._active_wait_timer = wait_timer return wait_timer
def test_deserialized_wait_timer(self): wait_timer = \ EnclaveWaitTimer( validator_address='1600 Pennsylvania Avenue NW', duration=3.14159, previous_certificate_id='Bond. James Bond.', local_mean=2.71828) serialized = wait_timer.serialize() signing_key = self._create_random_key() wait_timer.signature = \ signing.sign(serialized, signing_key) copy_wait_timer = \ EnclaveWaitTimer.wait_timer_from_serialized( serialized, wait_timer.signature) self.assertEqual( wait_timer.validator_address, copy_wait_timer.validator_address) self.assertAlmostEqual( wait_timer.request_time, copy_wait_timer.request_time) self.assertAlmostEqual( wait_timer.duration, copy_wait_timer.duration) self.assertEqual( wait_timer.previous_certificate_id, copy_wait_timer.previous_certificate_id) self.assertAlmostEqual( wait_timer.local_mean, copy_wait_timer.local_mean) self.assertEqual( wait_timer.signature, copy_wait_timer.signature) self.assertEqual(serialized, copy_wait_timer.serialize())