def read_from_file(cls, basename, data_dir=None):
"""read_from_file -- read enclave data from a file and initialize a new
Enclave object with the resulting data.
:param file_name: string, name of the file
:param search_path: list of strings, directories to search for the data file
"""
filename = putils.build_file_name(basename,
data_dir=data_dir,
extension='.enc')
if os.path.exists(filename) is not True:
raise FileNotFoundError(errno.ENOENT,
"enclave information file does not exist",
filename)
logger.debug('load enclave information from %s', filename)
with open(filename, "r") as enclave_file:
enclave_info = json.load(enclave_file)
try:
assert 'nonce' in enclave_info
assert 'sealed_data' in enclave_info
assert 'verifying_key' in enclave_info
assert 'encryption_key' in enclave_info
assert 'proof_data' in enclave_info
assert 'enclave_id' in enclave_info
except KeyError as ke:
raise Exception('enclave data missing key {0}'.format(str(ke)))
except:
raise Exception('invalid enclave data file {0}'.format(filename))
try:
public_enclave_data = pdo_enclave.get_enclave_public_info(
enclave_info['sealed_data'])
assert public_enclave_data and len(public_enclave_data) == 2
assert enclave_info['verifying_key'] == public_enclave_data[
'verifying_key']
assert enclave_info['encryption_key'] == public_enclave_data[
'encryption_key']
except:
raise Exception(
'sealed storage does not match enclave data file; {}'.format(
filename))
return cls(enclave_info)
def get_enclave_public_info(self):
"""
return information about the enclave; we could short circuit
this and just send back the data that is stored
"""
return pdo_enclave.get_enclave_public_info(self.sealed_data)