ccf 7.0.0.dev1__py3-none-any.whl → 7.0.0.dev3__py3-none-any.whl

ccf/cose.py

@@ -4,18 +4,17 @@
 import argparse
 import sys
 
-from typing import Optional, Type
+from typing import Optional, Any
 
 import base64
+import cwt
+import cwt.const
+import cwt.utils
+import cwt.enums
 import cbor2
 import json
-from hashlib import sha256
+import hashlib
 from datetime import datetime
-import pycose.headers  # type: ignore
-from pycose.keys.ec2 import EC2Key  # type: ignore
-from pycose.keys.curves import P256, P384, P521, CoseCurve  # type: ignore
-from pycose.keys.keyparam import EC2KpCurve, EC2KpX, EC2KpY, EC2KpD  # type: ignore
-from pycose.messages import Sign1Message  # type: ignore
 from cryptography.hazmat.primitives.asymmetric import ec
 from cryptography.hazmat.primitives.asymmetric.ec import (
     EllipticCurvePrivateKey,
@@ -24,7 +23,10 @@ from cryptography.hazmat.primitives.asymmetric.ec import (
 from cryptography.hazmat.backends import default_backend
 from cryptography.x509 import load_pem_x509_certificate
 from cryptography.hazmat.primitives import hashes
-from cryptography.hazmat.primitives.serialization import load_pem_private_key
+from cryptography.hazmat.primitives.serialization import (
+    load_pem_private_key,
+    load_pem_public_key,
+)
 from cryptography.x509.base import CertificatePublicKeyTypes
 from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
 
@@ -41,7 +43,6 @@ GOV_MSG_TYPES = [
 ] + GOV_MSG_TYPES_WITH_PROPOSAL_ID
 
 # See https://datatracker.ietf.org/doc/draft-ietf-cose-merkle-tree-proofs/
-# should move to a pycose.header value after RFC publication
 
 COSE_PHDR_VDP_LABEL = 396
 COSE_PHDR_VDS_LABEL = 395
@@ -54,59 +55,18 @@ CCF_PROOF_LEAF_LABEL = 1
 CCF_PROOF_PATH_LABEL = 2
 
 
-def from_cryptography_eckey_obj(ext_key) -> EC2Key:
-    """
-    Returns an initialized COSE Key object of type EC2Key.
-    :param ext_key: Python cryptography key.
-    :return: an initialized EC key
-    """
-    if hasattr(ext_key, "private_numbers"):
-        priv_nums = ext_key.private_numbers()
-        pub_nums = priv_nums.public_numbers
-    else:
-        priv_nums = None
-        pub_nums = ext_key.public_numbers()
-
-    curve: Type[CoseCurve]
-    if pub_nums.curve.name == "secp256r1":
-        curve = P256
-    elif pub_nums.curve.name == "secp384r1":
-        curve = P384
-    elif pub_nums.curve.name == "secp521r1":
-        curve = P521
-    else:
-        raise NotImplementedError("unsupported curve")
-
-    cose_key = {}
-    if pub_nums:
-        cose_key.update(
-            {
-                EC2KpCurve: curve,
-                EC2KpX: pub_nums.x.to_bytes(curve.size, "big"),
-                EC2KpY: pub_nums.y.to_bytes(curve.size, "big"),
-            }
-        )
-    if priv_nums:
-        cose_key.update(
-            {
-                EC2KpD: priv_nums.private_value.to_bytes(curve.size, "big"),
-            }
-        )
-    return EC2Key.from_dict(cose_key)
-
-
-def default_algorithm_for_key(key) -> str:
+def default_algorithm_for_key(key) -> int:
     """
     Get the default algorithm for a given key, based on its
     type and parameters.
     """
     if isinstance(key, EllipticCurvePublicKey):
         if isinstance(key.curve, ec.SECP256R1):
-            return "ES256"
+            return cwt.enums.COSEAlgs.ES256
         elif isinstance(key.curve, ec.SECP384R1):
-            return "ES384"
+            return cwt.enums.COSEAlgs.ES384
         elif isinstance(key.curve, ec.SECP521R1):
-            return "ES512"
+            return cwt.enums.COSEAlgs.ES512
         else:
             raise NotImplementedError("unsupported curve")
     else:
@@ -125,30 +85,36 @@ def cert_fingerprint(cert_pem: Pem):
     return cert.fingerprint(hashes.SHA256()).hex().encode("utf-8")
 
 
+def key_fingerprint_from_cert(cert_pem: Pem):
+    cert = load_pem_x509_certificate(cert_pem.encode("ascii"), default_backend())
+    pub_key = cert.public_key().public_bytes(
+        Encoding.DER, PublicFormat.SubjectPublicKeyInfo
+    )
+    return hashlib.sha256(pub_key).hexdigest()
+
+
+def key_fingerprint_from_key(key_pem: Pem):
+    key = load_pem_public_key(key_pem.encode("ascii"), default_backend())
+    pub_key = key.public_bytes(Encoding.DER, PublicFormat.SubjectPublicKeyInfo)
+    return hashlib.sha256(pub_key).hexdigest()
+
+
 def create_cose_sign1(
     payload: bytes,
     key_priv_pem: Pem,
     cert_pem: Pem,
     additional_protected_header: Optional[dict] = None,
 ) -> bytes:
-    key_type = get_priv_key_type(key_priv_pem)
-
-    cert = load_pem_x509_certificate(cert_pem.encode("ascii"), default_backend())
-    alg = default_algorithm_for_key(cert.public_key())
-    kid = cert_fingerprint(cert_pem)
-
-    protected_header = {pycose.headers.Algorithm: alg, pycose.headers.KID: kid}
-    protected_header.update(additional_protected_header or {})
-    msg = Sign1Message(phdr=protected_header, payload=payload)
-
-    key = load_pem_private_key(key_priv_pem.encode("ascii"), None, default_backend())
-    if key_type == "ec":
-        cose_key = from_cryptography_eckey_obj(key)
-    else:
-        raise NotImplementedError("unsupported key type")
-    msg.key = cose_key
-
-    return msg.encode()
+    cose_ctx = cwt.COSE.new(alg_auto_inclusion=True, deterministic_header=True)
+    cose_key = cwt.COSEKey.from_pem(key_priv_pem, kid=cert_fingerprint(cert_pem))
+    # kid is passed explicitly in the protected header, because kid_auto_inclusion
+    # sets the kid in the unprotected header
+    phdr: dict[Any, Any] = {int(cwt.COSEHeaders.KID): cert_fingerprint(cert_pem)}
+    additional_header = additional_protected_header or {}
+    phdr.update(additional_header)
+    return cose_ctx.encode_and_sign(
+        payload, cose_key, protected=cwt.utils.ResolvedHeader(phdr)
+    )
 
 
 def create_cose_sign1_prepare(
@@ -160,10 +126,14 @@ def create_cose_sign1_prepare(
     alg = default_algorithm_for_key(cert.public_key())
     kid = cert_fingerprint(cert_pem)
 
-    protected_header = {pycose.headers.Algorithm: alg, pycose.headers.KID: kid}
+    protected_header: dict[str | int, Any] = {
+        int(cwt.COSEHeaders.ALG): alg,
+        int(cwt.COSEHeaders.KID): kid,
+    }
     protected_header.update(additional_protected_header or {})
-    msg = Sign1Message(phdr=protected_header, payload=payload)
-    tbs = cbor2.dumps(["Signature1", msg.phdr_encoded, b"", payload])
+    protected_header = cwt.utils.sort_keys_for_deterministic_encoding(protected_header)
+    phdr_encoded = cbor2.dumps(protected_header)
+    tbs = cbor2.dumps(["Signature1", phdr_encoded, b"", payload])
 
     assert cert.signature_hash_algorithm
     digester = hashes.Hash(cert.signature_hash_algorithm)
@@ -182,25 +152,42 @@ def create_cose_sign1_finish(
     alg = default_algorithm_for_key(cert.public_key())
     kid = cert_fingerprint(cert_pem)
 
-    protected_header = {pycose.headers.Algorithm: alg, pycose.headers.KID: kid}
+    protected_header: dict[str | int, Any] = {
+        int(cwt.COSEHeaders.ALG): alg,
+        int(cwt.COSEHeaders.KID): kid,
+    }
     protected_header.update(additional_protected_header or {})
-    msg = Sign1Message(phdr=protected_header, payload=payload)
-
-    msg._signature = base64.urlsafe_b64decode(signature)
-    return msg.encode(sign=False)
-
-
-def validate_cose_sign1(pubkey, cose_sign1, payload=None):
-    cose_key = from_cryptography_eckey_obj(pubkey)
-    msg = Sign1Message.decode(cose_sign1)
-    msg.key = cose_key
+    protected_header = cwt.utils.sort_keys_for_deterministic_encoding(protected_header)
+    phdr_encoded = cbor2.dumps(protected_header)
+
+    sig = base64.urlsafe_b64decode(signature)
+    assert isinstance(sig, bytes)
+    msg = cbor2.CBORTag(
+        cwt.const.COSE_TYPE_TO_TAG[cwt.const.COSETypes.SIGN1],
+        [phdr_encoded, {}, payload, sig],
+    )
+    return cbor2.dumps(msg)
+
+
+def verify_cose_sign1_with_cert(certificate, cose_sign1, use_key=True, payload=None):
+    cose_ctx = cwt.COSE.new()
+    cert_pem = certificate.decode()
+    cose_key = cwt.COSEKey.from_pem(
+        cert_pem,
+        kid=(
+            key_fingerprint_from_cert(cert_pem)
+            if use_key
+            else cert_fingerprint(cert_pem)
+        ),
+    )
+    return cose_ctx.decode_with_headers(cose_sign1, cose_key, detached_payload=payload)
 
-    if payload:
-        # Detached payload
-        msg.payload = payload
 
-    if not msg.verify_signature():
-        raise ValueError("signature is invalid")
+def verify_cose_sign1_with_key(key, cose_sign1, payload=None):
+    cose_ctx = cwt.COSE.new()
+    key_pem = key.decode()
+    cose_key = cwt.COSEKey.from_pem(key_pem, kid=key_fingerprint_from_key(key_pem))
+    return cose_ctx.decode_with_headers(cose_sign1, cose_key, detached_payload=payload)
 
 
 def verify_receipt(
@@ -210,52 +197,53 @@ def verify_receipt(
     Verify a COSE Sign1 receipt as defined in https://datatracker.ietf.org/doc/draft-ietf-cose-merkle-tree-proofs/,
     using the CCF tree algorithm defined in https://datatracker.ietf.org/doc/draft-birkholz-cose-receipts-ccf-profile/
     """
-    # Extract the expected KID from the public key used for verification,
-    # and check it against the value set in the COSE header before using
-    # it to verify the proofs.
-    expected_kid = (
-        sha256(key.public_bytes(Encoding.DER, PublicFormat.SubjectPublicKeyInfo))
-        .digest()
-        .hex()
-        .encode()
+    key_pem = key.public_bytes(Encoding.PEM, PublicFormat.SubjectPublicKeyInfo).decode(
+        "ascii"
     )
-    receipt = Sign1Message.decode(receipt_bytes)
-    cose_key = from_cryptography_eckey_obj(key)
-    assert receipt.phdr[pycose.headers.KID] == expected_kid
-    receipt.key = cose_key
+    expected_kid = key_fingerprint_from_key(key_pem)
+    cose_key = cwt.COSEKey.from_pem(key_pem, kid=expected_kid)
+    cose_ctx = cwt.COSE.new()
 
+    receipt = cbor2.loads(receipt_bytes)
+    assert receipt.tag == cwt.const.COSE_TYPE_TO_TAG[cwt.const.COSETypes.SIGN1]
+    phdr, uhdr, payload, sig = receipt.value
+    phdr = cbor2.loads(phdr)
+
+    assert phdr[4] == expected_kid.encode("utf-8")
+
+    assert COSE_PHDR_VDS_LABEL in phdr, "Verifiable data structure type is required"
     assert (
-        COSE_PHDR_VDS_LABEL in receipt.phdr
-    ), "Verifiable data structure type is required"
-    assert (
-        receipt.phdr[COSE_PHDR_VDS_LABEL] == COSE_PHDR_VDS_CCF_LEDGER_SHA256
+        phdr[COSE_PHDR_VDS_LABEL] == COSE_PHDR_VDS_CCF_LEDGER_SHA256
     ), "vds(395) protected header must be CCF_LEDGER_SHA256(2)"
 
-    assert COSE_PHDR_VDP_LABEL in receipt.uhdr, "Verifiable data proof is required"
-    proof = receipt.uhdr[COSE_PHDR_VDP_LABEL]
+    assert COSE_PHDR_VDP_LABEL in uhdr, "Verifiable data proof is required"
+    proof = uhdr[COSE_PHDR_VDP_LABEL]
     assert COSE_RECEIPT_INCLUSION_PROOF_LABEL in proof, "Inclusion proof is required"
     inclusion_proofs = proof[COSE_RECEIPT_INCLUSION_PROOF_LABEL]
     assert inclusion_proofs, "At least one inclusion proof is required"
+
+    ic_phdr = None
     for inclusion_proof in inclusion_proofs:
         assert isinstance(inclusion_proof, bytes), "Inclusion proof must be bstr"
         proof = cbor2.loads(inclusion_proof)
         assert CCF_PROOF_LEAF_LABEL in proof, "Leaf must be present"
         leaf = proof[CCF_PROOF_LEAF_LABEL]
-        accumulator = sha256(
-            leaf[0] + sha256(leaf[1].encode()).digest() + leaf[2]
+        if claim_digest != leaf[2]:
+            raise ValueError(f"Claim digest mismatch: {leaf[2]!r} != {claim_digest!r}")
+        accumulator = hashlib.sha256(
+            leaf[0] + hashlib.sha256(leaf[1].encode()).digest() + leaf[2]
         ).digest()
         assert CCF_PROOF_PATH_LABEL in proof, "Path must be present"
         path = proof[CCF_PROOF_PATH_LABEL]
         for left, digest in path:
             if left:
-                accumulator = sha256(digest + accumulator).digest()
+                accumulator = hashlib.sha256(digest + accumulator).digest()
             else:
-                accumulator = sha256(accumulator + digest).digest()
-        if not receipt.verify_signature(accumulator):
-            raise ValueError("Signature verification failed")
-        if claim_digest != leaf[2]:
-            raise ValueError(f"Claim digest mismatch: {leaf[2]!r} != {claim_digest!r}")
-    return receipt.phdr
+                accumulator = hashlib.sha256(accumulator + digest).digest()
+        ic_phdr, _, _ = cose_ctx.decode_with_headers(
+            receipt_bytes, cose_key, detached_payload=accumulator
+        )
+    return ic_phdr
 
 
 _SIGN_DESCRIPTION = """Create and sign a COSE Sign1 message for CCF governance

ccf/ledger.py

@@ -20,7 +20,7 @@ from cryptography.hazmat.primitives.asymmetric import utils, ec
 
 from ccf.merkletree import MerkleTree
 from ccf.tx_id import TxID
-from ccf.cose import validate_cose_sign1
+import ccf.cose
 import ccf.receipt
 from hashlib import sha256
 
@@ -474,11 +474,11 @@ class BaseValidator:
     @staticmethod
     def _verify_root_cose_signature(service_cert, root, cose_sign1):
         try:
-            cert = load_pem_x509_certificate(
-                service_cert.encode("ascii"), default_backend()
-            )
-            validate_cose_sign1(
-                cose_sign1=cose_sign1, pubkey=cert.public_key(), payload=root
+            ccf.cose.verify_cose_sign1_with_cert(
+                certificate=service_cert.encode("ascii"),
+                cose_sign1=cose_sign1,
+                use_key=True,
+                payload=root,
             )
         except Exception as exc:
             raise InvalidRootCoseSignatureException(

ccf/receipt.py

@@ -5,6 +5,7 @@ import base64
 from hashlib import sha256
 from typing import List
 from cryptography.x509 import Certificate
+from cryptography.x509.verification import PolicyBuilder, Store
 from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives.asymmetric import ec, utils
 
@@ -54,7 +55,9 @@ def check_endorsement(endorsee: Certificate, endorser: Certificate):
 
 
 def check_endorsements(
-    node_cert: Certificate, service_cert: Certificate, endorsements: List[Certificate]
+    node_cert: Certificate,
+    service_cert: Certificate,
+    endorsements: List[Certificate],
 ):
     """
     Check a node certificate is endorsed by a service certificate, transitively through a list of endorsements.
@@ -64,3 +67,21 @@ def check_endorsements(
         check_endorsement(cert_i, endorsement)
         cert_i = endorsement
     check_endorsement(cert_i, service_cert)
+
+
+def check_cert_chain(
+    node_cert: Certificate,
+    service_cert: Certificate,
+    endorsements: List[Certificate],
+):
+    """
+    Use default cryptography policy to verify CCF cert chain
+    """
+    builder = PolicyBuilder()
+    builder = builder.store(Store([service_cert]))
+
+    # This would ideally be `build_server_verifier`, but that requires a
+    # Subject which is either a valid DNSName or IPAddress. Our node cert's
+    # Subject is "CCF Node", and we may not have a better value in SAN
+    verifier = builder.build_client_verifier()
+    verifier.verify(leaf=node_cert, intermediates=endorsements)

{ccf-7.0.0.dev1.data → ccf-7.0.0.dev3.data}/scripts/submit_recovery_share.sh

@@ -66,12 +66,10 @@ if [ -z "${member_id_cert}" ]; then
     exit 1
 fi
 
-if [ ! -f "env/bin/activate" ]
-    then
-        python3 -m venv env
+if ! command -v ccf_cose_sign1 > /dev/null; then
+    echo "Error: This script requires the ccf_cose_sign1 CLI tool, distributed as part of the CCF Python package. Please install it via 'pip install ccf' in the current Python environment"
+    exit 1
 fi
-source env/bin/activate
-pip install -q ccf
 
 # Compute member ID, as the SHA-256 fingerprint of the signing certificate
 member_id=$(openssl x509 -in "$member_id_cert" -noout -fingerprint -sha256 | cut -d "=" -f 2 | sed 's/://g' | awk '{print tolower($0)}')

{ccf-7.0.0.dev1.dist-info → ccf-7.0.0.dev3.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ccf
-Version: 7.0.0.dev1
+Version: 7.0.0.dev3
 Summary: Set of tools and utilities for the Confidential Consortium Framework (CCF)
 Author-email: CCF Team <CCF-Sec@microsoft.com>
 Project-URL: Homepage, https://github.com/microsoft/ccf
@@ -11,9 +11,9 @@ Requires-Python: >=3.8
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: loguru==0.*,>=0.5
-Requires-Dist: cryptography<46,>=44
+Requires-Dist: cryptography<47,>=44
 Requires-Dist: string-color==1.*,>=1.2.1
-Requires-Dist: pycose==1.*,>=1.0.1
+Requires-Dist: cwt==3.*,>=3.1.0
 Requires-Dist: setuptools<81,>=74
 Requires-Dist: packaging<26,>=24
 Dynamic: license-file

{ccf-7.0.0.dev1.dist-info → ccf-7.0.0.dev3.dist-info}/RECORD

@@ -1,21 +1,21 @@
 ccf/__init__.py,sha256=7h-KCpYSfH_Z8x5CFAoDlHfY0wqRNqOn8vTsaGW8dGA,101
 ccf/_versionifier.py,sha256=17vUCXFp_VixNCuhBmMS9SCM74JnHR1OIZnMQSspSs4,2951
-ccf/cose.py,sha256=NyeBz7Rs8hriT0xNJ2CUwjRAhfqqxAOhS5ZmMzQjL3I,15157
-ccf/ledger.py,sha256=3y52PazBj5aIsR7uc8qvwXGYCiV36Md_KUXhIIsRcLI,42293
+ccf/cose.py,sha256=hueXb_gvswxRkDAcUacmSIdkfqAFegZIWkA66M4yKVk,14950
+ccf/ledger.py,sha256=X6ljpGPB8HJ6eAw9F3KkEz_meJpMbPALSr0Fbn6R_cg,42240
 ccf/ledger_code.py,sha256=_malocCXly7TdBwBt8ldY6_yNfFwvyCb5Zkp8T4t9fg,3859
 ccf/ledger_viz.py,sha256=l1p2wKgLDayxquVa9-yzsMcLx9vvygCV8EZ_PrVpvMg,6430
 ccf/merkletree.py,sha256=JHUnGYYHJfi18YUNGiHmNCa1AwmCAwLAN3ias5j61ws,2931
 ccf/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 ccf/read_ledger.py,sha256=UzmEKAMS2GJmwuaenKBJbkBDZIWeCa9xcXdpZB51SEg,9370
-ccf/receipt.py,sha256=jK8RGkGJwrW1yJC-GWx7DpxQXCCBdnZHIkrMXZgTOew,2079
+ccf/receipt.py,sha256=dySVvy-IqvsB8pj5uooIokbQR853vpT7uC0TQ-IWIQk,2765
 ccf/split_ledger.py,sha256=wspNZUFPMSvMgGxmwP3QuSbx7QDzTjrC6ecFFJSp14o,5900
 ccf/tx_id.py,sha256=E7XJyUoJ-a8h7Fp36zNQdhSYdyuNdFV-r_aXhoWl1ks,736
 ccf/verify_ledger_secrets_chain.py,sha256=_UDc4wNro2mNUVbErDkhl24jLeJC0Vr-kECeZEdeHME,3590
-ccf-7.0.0.dev1.data/scripts/keygenerator.sh,sha256=r9i8rURcDUPU8c9NKkxrjweU1qU09Hv3SWc3IFQ648A,2391
-ccf-7.0.0.dev1.data/scripts/submit_recovery_share.sh,sha256=jz8ZKmRKfOuRaaMt46xb9gJsH8pQAXSbpYQdRvomJ_s,3151
-ccf-7.0.0.dev1.dist-info/licenses/LICENSE,sha256=z8d0m5b2O9McPEK1xHG_dWgUBT6EfBDz6wA0F7xSPTA,11358
-ccf-7.0.0.dev1.dist-info/METADATA,sha256=dv775g2p1C_gZxEAVKWSfCMv250WRX8vtm-r3h79Iv8,994
-ccf-7.0.0.dev1.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-ccf-7.0.0.dev1.dist-info/entry_points.txt,sha256=3hbXI2LSOY06QitxM8GQqT9NwY7rCp1RtSU9gGG20A4,365
-ccf-7.0.0.dev1.dist-info/top_level.txt,sha256=I0tWtkKe6KRqXt0nIp8W-ln8j431-vDBb39bQGKkL9Q,4
-ccf-7.0.0.dev1.dist-info/RECORD,,
+ccf-7.0.0.dev3.data/scripts/keygenerator.sh,sha256=r9i8rURcDUPU8c9NKkxrjweU1qU09Hv3SWc3IFQ648A,2391
+ccf-7.0.0.dev3.data/scripts/submit_recovery_share.sh,sha256=v1L_PjduUASCVYjOJiG7lDwtcSwQPOd3G2CY9ipSUXU,3289
+ccf-7.0.0.dev3.dist-info/licenses/LICENSE,sha256=z8d0m5b2O9McPEK1xHG_dWgUBT6EfBDz6wA0F7xSPTA,11358
+ccf-7.0.0.dev3.dist-info/METADATA,sha256=xjxa_WRC7OcqnzILwOHCd20okt7bhm__gTZZF5aYdgE,991
+ccf-7.0.0.dev3.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+ccf-7.0.0.dev3.dist-info/entry_points.txt,sha256=3hbXI2LSOY06QitxM8GQqT9NwY7rCp1RtSU9gGG20A4,365
+ccf-7.0.0.dev3.dist-info/top_level.txt,sha256=I0tWtkKe6KRqXt0nIp8W-ln8j431-vDBb39bQGKkL9Q,4
+ccf-7.0.0.dev3.dist-info/RECORD,,