def create_new_enclave(cls, txn_keys=None, block_store=None):
"""create_new_enclave -- create a new enclave
:param txn_keys: Used to sign the register_enclave transaction. For Sawtooth,
this is of type TransactionKeys, while for CCF, this is of type ServiceKeys
"""
if txn_keys is None:
txn_keys = keys.generate_txn_keys()
nonce = '{0:016X}'.format(random.getrandbits(64))
hashed_identity = txn_keys.hashed_identity
logger.debug("tx hashed identity: %s", hashed_identity)
try:
enclave_data = pdo_enclave.create_signup_info(
hashed_identity, nonce)
except:
raise Exception('failed to create enclave signup data')
enclave_info = dict()
enclave_info['nonce'] = nonce
enclave_info['sealed_data'] = enclave_data.sealed_signup_data
enclave_info['interpreter'] = enclave_data.interpreter
enclave_info['verifying_key'] = enclave_data.verifying_key
enclave_info['encryption_key'] = enclave_data.encryption_key
enclave_info['enclave_id'] = enclave_data.verifying_key
enclave_info['proof_data'] = ''
if not pdo_enclave.enclave.is_sgx_simulator():
enclave_info['proof_data'] = enclave_data.proof_data
return cls(enclave_info, txn_keys, block_store)
def read_from_file(cls,
basename,
data_dir=None,
txn_keys=None,
block_store=None):
"""read_from_file -- read enclave data from a file and initialize a new
Enclave object with the resulting data.
:param file_name: string, name of the file
:param search_path: list of strings, directories to search for the data file
:param txn_keys: Used to sign the register_enclave transaction. For Sawtooth,
this is of type TransactionKeys, while for CCF, this is of type ServiceKeys
"""
if txn_keys is None:
txn_keys = keys.generate_txn_keys()
filename = putils.build_file_name(basename,
data_dir=data_dir,
extension='.enc')
if os.path.exists(filename) is not True:
raise FileNotFoundError(errno.ENOENT,
"enclave information file does not exist",
filename)
logger.debug('load enclave information from %s', filename)
with open(filename, "r") as enclave_file:
enclave_info = json.load(enclave_file)
try:
assert 'nonce' in enclave_info
assert 'sealed_data' in enclave_info
assert 'interpreter' in enclave_info
assert 'verifying_key' in enclave_info
assert 'encryption_key' in enclave_info
assert 'proof_data' in enclave_info
assert 'enclave_id' in enclave_info
except KeyError as ke:
raise Exception('enclave data missing key {0}'.format(str(ke)))
except:
raise Exception('invalid enclave data file {0}'.format(filename))
try:
public_enclave_data = pdo_enclave.get_enclave_public_info(
enclave_info['sealed_data'])
assert public_enclave_data and len(public_enclave_data) == 2
assert enclave_info['verifying_key'] == public_enclave_data[
'verifying_key']
assert enclave_info['encryption_key'] == public_enclave_data[
'encryption_key']
except:
raise Exception(
'sealed storage does not match enclave data file; {}'.format(
filename))
return cls(enclave_info, txn_keys, block_store)