ethernity-cloud-sdk-py 0.3.0__tar.gz → 0.3.2__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (94) hide show
  1. {ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py.egg-info → ethernity_cloud_sdk_py-0.3.2}/PKG-INFO +1 -1
  2. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/__pycache__/__init__.cpython-311.pyc +0 -0
  3. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/__pycache__/build.cpython-311.pyc +0 -0
  4. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/__pycache__/config.cpython-311.pyc +0 -0
  5. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/__pycache__/enums.cpython-311.pyc +0 -0
  6. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/__pycache__/init.cpython-311.pyc +0 -0
  7. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/__pycache__/private_key.cpython-311.pyc +0 -0
  8. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/__pycache__/publish.cpython-311.pyc +0 -0
  9. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/__pycache__/spinner.cpython-311.pyc +0 -0
  10. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/__pycache__/__init__.cpython-311.pyc +0 -0
  11. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/__pycache__/build.cpython-311.pyc +0 -0
  12. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/__pycache__/ipfs_client.cpython-311.pyc +0 -0
  13. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/__pycache__/publish.cpython-311.pyc +0 -0
  14. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/Dockerfile.base.tpl +1 -0
  15. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/Dockerfile.tpl +12 -2
  16. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/scripts/binary-fs-build.sh +1 -0
  17. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/__pycache__/etny_crypto.cpython-311.pyc +0 -0
  18. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/__pycache__/etny_exec.cpython-311.pyc +0 -0
  19. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/__pycache__/etny_exec_flask.cpython-311.pyc +0 -0
  20. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/__pycache__/etny_exec_serv.cpython-311.pyc +0 -0
  21. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/__pycache__/key_generation.cpython-311.pyc +0 -0
  22. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/__pycache__/models.cpython-311.pyc +0 -0
  23. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/__pycache__/swift_stream_service.cpython-311.pyc +0 -0
  24. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/etny_crypto.py +54 -13
  25. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/etny_exec.py +0 -2
  26. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/get_sgx_report.c +142 -0
  27. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/models.py +21 -14
  28. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/securelock.py.tmpl +432 -0
  29. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build.py +12 -4
  30. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/publish.py +124 -22
  31. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/run/__pycache__/__init__.cpython-311.pyc +0 -0
  32. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/run/__pycache__/image_registry.cpython-311.pyc +0 -0
  33. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/run/__pycache__/image_registry_runner.cpython-311.pyc +0 -0
  34. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/run/__pycache__/public_key_service.cpython-311.pyc +0 -0
  35. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/run/image_registry.abi +1 -0
  36. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/run/image_registry.py +1 -1
  37. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/templates/src/__pycache__/ethernity_task.cpython-311.pyc +0 -0
  38. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/templates/src/ethernity_task.py +1 -1
  39. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/templates/src/serverless/__pycache__/__init__.cpython-311.pyc +0 -0
  40. ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/templates/src/serverless/__pycache__/backend.cpython-311.pyc +0 -0
  41. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py.egg-info}/PKG-INFO +1 -1
  42. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py.egg-info/SOURCES.txt +26 -13
  43. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/setup.py +1 -1
  44. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/__pycache__/__init__.cpython-311.pyc +0 -0
  45. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/Dockerfile.base +0 -20
  46. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/app/cert1-ca1-clean.crt +0 -10
  47. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/app/cert1-ca1-clean.key +0 -6
  48. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/app/enclave_pub_cert.pem +0 -10
  49. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/app/input.txt +0 -1
  50. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/app/payload.py +0 -25
  51. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/app/public-cert-clean.pem +0 -10
  52. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/app/result.txt +0 -1
  53. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/app/transaction.txt +0 -1
  54. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/securelock.py.tmpl +0 -468
  55. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/run/docker-compose-final.yml.tmpl +0 -66
  56. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/run/docker-compose-swift-stream.yml.tmpl +0 -27
  57. ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/run/docker-compose.yml.tmpl +0 -61
  58. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/LICENSE +0 -0
  59. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/MANIFEST.in +0 -0
  60. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/README.md +0 -0
  61. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/__init__.py +0 -0
  62. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/cli.py +0 -0
  63. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/__init__.py +0 -0
  64. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/build.py +0 -0
  65. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/config.py +0 -0
  66. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/enums.py +0 -0
  67. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/init.py +0 -0
  68. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/private_key.py +0 -0
  69. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/publish.py +0 -0
  70. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/__init__.py +0 -0
  71. /ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/pox.abi → /ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/abi/etnyImplementationV2.abi +0 -0
  72. {ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src → ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/abi}/image_registry.abi +0 -0
  73. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/etny_exec_flask.py +0 -0
  74. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/etny_exec_serv.py +0 -0
  75. {ethernity_cloud_sdk_py-0.3.0/ethernity_cloud_sdk_py/commands/pynithy/run → ethernity_cloud_sdk_py-0.3.2/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src}/image_registry.abi +0 -0
  76. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/key_generation.py +0 -0
  77. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/build/securelock/src/swift_stream_service.py +0 -0
  78. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/ipfs_client.py +0 -0
  79. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/run/__init__.py +0 -0
  80. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/run/etny-securelock-test.yaml.tpl +0 -0
  81. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/run/image_registry_runner.py +0 -0
  82. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/pynithy/run/public_key_service.py +0 -0
  83. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/commands/spinner.py +0 -0
  84. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/templates/src/serverless/Dockerfile.serverless +0 -0
  85. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/templates/src/serverless/__init__.py +0 -0
  86. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/templates/src/serverless/backend.py +0 -0
  87. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py/templates/src/serverless/requirements.txt +0 -0
  88. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py.egg-info/dependency_links.txt +0 -0
  89. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py.egg-info/entry_points.txt +0 -0
  90. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py.egg-info/requires.txt +0 -0
  91. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/ethernity_cloud_sdk_py.egg-info/top_level.txt +0 -0
  92. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/setup.cfg +0 -0
  93. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/tests/__init__.py +0 -0
  94. {ethernity_cloud_sdk_py-0.3.0 → ethernity_cloud_sdk_py-0.3.2}/tests/test_example.py +0 -0
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: ethernity-cloud-sdk-py
3
- Version: 0.3.0
3
+ Version: 0.3.2
4
4
  Summary: Ethernity Cloud SDK Python
5
5
  Home-page: https://github.com/ethernity-cloud/ethernity-cloud-sdk-py
6
6
  Author: Ethernity Cloud Team
@@ -18,3 +18,4 @@ RUN pip3 install pyinstaller
18
18
  RUN pip3 install pyngrok
19
19
  RUN pip3 install flask
20
20
  RUN pip3 install flask_limiter
21
+ RUN pip3 install ecdsa
@@ -1,3 +1,9 @@
1
+ FROM registry.ethernity.cloud:443/debuggingdelight/ethernity-cloud-sdk-registry/sconecuratedimages/crosscompilers AS build-sgx-module
2
+
3
+ COPY src/get_sgx_report.c /etny-securelock/
4
+
5
+ RUN cd /etny-securelock/ && scone-gcc -shared -fPIC -O3 -o get_sgx_report.so get_sgx_report.c
6
+
1
7
  FROM etny-securelock-serverless AS release
2
8
 
3
9
  COPY ./src/serverless/requirements.txt /requirements.txt
@@ -11,12 +17,15 @@ ENV IMAGE_REGISTRY_ADDRESS=__IMAGE_REGISTRY_ADDRESS__
11
17
  ENV RPC_URL=__RPC_URL__
12
18
  ENV CHAIN_ID=__CHAIN_ID__
13
19
  ENV TRUSTED_ZONE_IMAGE=__TRUSTED_ZONE_IMAGE__
20
+ ENV NETWORK_TYPE=__NETWORK_TYPE__
14
21
 
15
22
  RUN mkdir binary-fs-dir
16
23
 
17
24
  COPY ./src /etny-securelock/
18
25
  COPY ./scripts/* /etny-securelock/
19
26
 
27
+ COPY --from=build-sgx-module /etny-securelock/get_sgx_report.so /etny-securelock/get_sgx_report.so
28
+
20
29
  RUN /etny-securelock/binary-fs-build.sh
21
30
 
22
31
  FROM registry.ethernity.cloud:443/debuggingdelight/ethernity-cloud-sdk-registry/sconecuratedimages/crosscompilers AS build
@@ -38,12 +47,13 @@ RUN openssl genrsa -3 -out /enclave-key.pem 3072
38
47
 
39
48
  ENV SCONE_HEAP=__MEMORY_TO_ALLOCATE__
40
49
  ENV SCONE_LOG=FATAL
50
+ ENV SCONE_DEBUG=0
41
51
  ENV SCONE_STACK=4M
42
- ENV SCONE_ALLOW_DLOPEN=1
52
+ ENV SCONE_ALLOW_DLOPEN=2
43
53
  ENV SCONE_EXTENSIONS_PATH=/lib/libbinary-fs.so
44
54
 
45
55
  # Disabled production mode for testnet
46
- # RUN scone-signer sign --key=/enclave-key.pem --env --production /usr/local/bin/python3
56
+ __SCONE_SIGN__
47
57
 
48
58
  RUN rm -rf /enclave-key.pem
49
59
 
@@ -11,6 +11,7 @@ sed -i "s/__IMAGE_REGISTRY_ADDRESS__/${IMAGE_REGISTRY_ADDRESS}/g" securelock.py.
11
11
  sed -i "s/__RPC_URL__/${RPC_URL}/g" securelock.py.tmp
12
12
  sed -i "s/__CHAIN_ID__/${CHAIN_ID}/g" securelock.py.tmp
13
13
  sed -i "s/__TRUSTED_ZONE_IMAGE__/${TRUSTED_ZONE_IMAGE}/g" securelock.py.tmp
14
+ sed -i "s/__NETWORK_TYPE__/${NETWORK_TYPE}/g" securelock.py.tmp
14
15
  mv securelock.py.tmp securelock.py
15
16
 
16
17
  pyinstaller securelock.py
@@ -13,6 +13,9 @@ from tinyec import ec
13
13
  from Crypto.PublicKey import ECC
14
14
  from nacl.public import Box, PrivateKey, PublicKey
15
15
  from base64 import a85encode
16
+ from eth_account import Account
17
+ import ecdsa
18
+ from ecdsa.util import sigencode_der, sigdecode_der
16
19
 
17
20
 
18
21
  class etny_crypto:
@@ -44,7 +47,7 @@ class etny_crypto:
44
47
  return (ciphertext, nonce, auth_tag, cipher_text_public_key)
45
48
 
46
49
  @staticmethod
47
- def decrypt_ase_gcm(ciphertext, nonce, auth_tag, secret_key):
50
+ def decrypt_aes_gcm(ciphertext, nonce, auth_tag, secret_key):
48
51
  aes_cipher = AES.new(secret_key, AES.MODE_GCM, nonce)
49
52
  plaintext = aes_cipher.decrypt_and_verify(ciphertext, auth_tag)
50
53
  return plaintext
@@ -54,7 +57,7 @@ class etny_crypto:
54
57
  (ciphertext, nonce, authTag, ciphertextPubKey) = encrypted_msg
55
58
  shared_ecc_key = priv_key * ciphertextPubKey
56
59
  secret_key = etny_crypto.ecc_point_to_256_bit_key(shared_ecc_key)
57
- plaintext = etny_crypto.decrypt_ase_gcm(ciphertext, nonce, authTag, secret_key)
60
+ plaintext = etny_crypto.decrypt_aes_gcm(ciphertext, nonce, authTag, secret_key)
58
61
  return plaintext
59
62
 
60
63
  @staticmethod
@@ -88,12 +91,8 @@ class etny_crypto:
88
91
  return private_key_data
89
92
 
90
93
  @staticmethod
91
- def decrypt(private_key_file, encrypted_msg):
92
- # Reading and calculating Private Key from PEM
93
- with open(private_key_file) as f:
94
- private_key_data = str.encode(f.read())
95
-
96
- private_key_data = etny_crypto.clean_private_key(private_key_data)
94
+ def decrypt(private_key_pem, encrypted_msg):
95
+ private_key_data = etny_crypto.clean_private_key(private_key_pem)
97
96
  # decode der with asn1 library
98
97
  # - get the octet string (field-2) containing the raw key
99
98
  asn1_object, _ = decoder.decode(private_key_data)
@@ -159,9 +158,51 @@ class etny_crypto:
159
158
  result = bytes(emph_key.public_key) + ciphertext
160
159
  return result.hex()
161
160
 
161
+ @staticmethod
162
+ def get_private_key_int(private_key_pem: bytes) -> int:
163
+ """
164
+ Extracts the raw private key integer from a PEM-encoded private key via ASN.1 decoding.
165
+ Args:
166
+ private_key_pem (bytes): PEM-encoded private key.
167
+ Returns:
168
+ int: The private key scalar.
169
+ """
170
+ private_key = etny_crypto.clean_private_key(private_key_pem)
171
+ asn1_object, _ = decoder.decode(private_key)
172
+ raw_keys = asn1_object.getComponentByName('field-2').asOctets()
173
+ asn1_object, _ = decoder.decode(raw_keys)
174
+ private_key_bytes = asn1_object.getComponentByName('field-1').asOctets()
175
+ return int.from_bytes(private_key_bytes, byteorder="big")
162
176
 
163
- if __name__ == '__main__':
164
- encrypted_msg_ = etny_crypto.encrypt('./app/cert1-ca1-clean.crt', b'test')
165
- #print(encrypted_msg_)
166
- # etny_crypto.decrypt('./certs/cert1-ca1-clean.key', encrypted_msg_)
167
- #print(etny_crypto.encrypted_data_to_base64_json(encrypted_msg_))
177
+ @staticmethod
178
+ def sign_data(private_key_pem: bytes, data: bytes) -> bytes:
179
+ """
180
+ Signs data using the private key with ECDSA (secp384r1, SHA-256) and returns DER-encoded signature.
181
+ Args:
182
+ private_key_pem (bytes): PEM-encoded private key.
183
+ data (bytes): Data to sign.
184
+ Returns:
185
+ bytes: DER-encoded signature.
186
+ """
187
+ priv_int = etny_crypto.get_private_key_int(private_key_pem)
188
+ sk = ecdsa.SigningKey.from_secret_exponent(priv_int, curve=ecdsa.curves.NIST384p, hashfunc=hashlib.sha256)
189
+ sig_der = sk.sign_deterministic(data, hashfunc=hashlib.sha256, sigencode=sigencode_der)
190
+ return sig_der
191
+
192
+ @staticmethod
193
+ def verify_signature(public_key_hex: str, data: bytes, sig_der: bytes) -> bool:
194
+ if public_key_hex.startswith('0x'):
195
+ public_key_hex = public_key_hex[2:]
196
+ pub_bytes = bytes.fromhex(public_key_hex)
197
+ curve = ecdsa.curves.NIST384p
198
+ try:
199
+ vk = ecdsa.VerifyingKey.from_string(
200
+ pub_bytes,
201
+ curve=curve,
202
+ hashfunc=hashlib.sha256,
203
+ valid_encodings={"raw", "compressed", "uncompressed", "hybrid"} # Add 'raw' here
204
+ )
205
+ assert vk.verify(sig_der, data, hashfunc=hashlib.sha256, sigdecode=sigdecode_der)
206
+ return True
207
+ except:
208
+ return False
@@ -33,14 +33,12 @@ class TaskStatus:
33
33
  INPUT_CHECKSUM_ERROR = 7
34
34
  EXECVE = 8
35
35
 
36
-
37
36
  def execute_task_v3(payload_data, input_data, extra_globals=None):
38
37
  base_globals = {"___etny_result___": ___etny_result___, **sdkFunctions}
39
38
  if extra_globals:
40
39
  base_globals.update(extra_globals)
41
40
  return Exec(payload_data, input_data, globals=base_globals)
42
41
 
43
-
44
42
  def Exec(payload_data, input_data, globals=None, locals=None):
45
43
  try:
46
44
  if globals is None:
@@ -0,0 +1,142 @@
1
+ #include <stdint.h>
2
+ #include <stdio.h>
3
+ #include <string.h>
4
+ #include <stdlib.h>
5
+ // Define sgx_status_t as uint32_t (from public SGX docs)
6
+ typedef uint32_t sgx_status_t;
7
+ #define SGX_SUCCESS 0x0000
8
+ #define SGX_ERROR_UNEXPECTED 0x0001 // Add other error codes as needed
9
+ // Function to generate report using inline assembly (invokes ENCLU[EREPORT])
10
+ sgx_status_t generate_sgx_report(const void* target_info, const void* report_data, void* report) {
11
+ sgx_status_t status;
12
+ __asm__ volatile (
13
+ "movl $0, %%eax;\n\t" // Set EAX = 0 (EREPORT leaf)
14
+ "enclu;\n\t"
15
+ : "=a" (status) // Output: status from RAX (EAX for 32-bit)
16
+ : "b" (target_info), // RBX = address of target_info
17
+ "c" (report_data), // RCX = address of report_data
18
+ "d" (report) // RDX = address of report (output)
19
+ : "memory", "cc" // Clobbers: memory and condition codes (if affected)
20
+ );
21
+ return status;
22
+ }
23
+ // Function to convert byte array to hex string (uses static buffer to avoid malloc)
24
+ const char* bytes_to_hex(const uint8_t* buf, size_t len) {
25
+ static char hex_buffer[65]; // 32 bytes -> 64 chars + null
26
+ if (len != 32) return NULL;
27
+ for (size_t i = 0; i < len; ++i) {
28
+ sprintf(hex_buffer + 2 * i, "%02x", buf[i]);
29
+ }
30
+ hex_buffer[64] = '\0';
31
+ return hex_buffer;
32
+ }
33
+ const char* get_mr_enclave() {
34
+ // Stack allocation with required alignments
35
+ uint8_t target_info[512] __attribute__((aligned(512)));
36
+ uint8_t report_data[64] __attribute__((aligned(128)));
37
+ uint8_t report[432] __attribute__((aligned(512)));
38
+ // Zero-initialize for a simple self-report (target_info all zeros means report for current enclave)
39
+ memset(target_info, 0, sizeof(target_info));
40
+ memset(report_data, 0, sizeof(report_data));
41
+ memset(report, 0, sizeof(report));
42
+ // Generate the report
43
+ sgx_status_t status = generate_sgx_report(target_info, report_data, report);
44
+ if (status == SGX_SUCCESS) {
45
+ // Extract mr_enclave from correct offset (bytes 64-96 in sgx_report_t)
46
+ return bytes_to_hex(report + 64, 32);
47
+ }
48
+ return NULL;
49
+ }
50
+ // Helper function for left rotation of uint8_t
51
+ static inline uint8_t rotl(uint8_t x, uint8_t n) {
52
+ return (x << n) | (x >> (8 - n));
53
+ }
54
+ // Obfuscated function to generate a deterministic 32-byte string based on MR_ENCLAVE
55
+ void generate_obfuscated_string(const uint8_t* mr_enclave, uint8_t* output) {
56
+ uint8_t temp[32];
57
+ memcpy(temp, mr_enclave, 32);
58
+ // Initial bogus mix to alter even indices (different constant for variety)
59
+ for (int j = 0; j < 32; j += 2) {
60
+ temp[j] ^= 0xA7; // Arbitrary XOR, changed from original
61
+ }
62
+ // PRNG state for deterministic pseudo-random mixing (LCG parameters from PCG for good period)
63
+ uint64_t prng_state = 0x853C49E6748FBA28ULL; // Arbitrary fixed seed
64
+ const uint64_t multiplier = 6364136223846793005ULL;
65
+ const uint64_t increment = 1442695040888963407ULL;
66
+ // High iteration count for debugger tedium (increased from original)
67
+ const int max_iter = 1024;
68
+ uint8_t mix_var = 0;
69
+ for (int iter = 0; iter < max_iter; iter++) {
70
+ // Opaque predicate (always false for integer iter >=0, as discriminant isn't perfect square)
71
+ // Checked more frequently than original for added conditional branching tedium
72
+ if (iter % 3 == 0) {
73
+ if ((5 * iter * iter + 2) == (iter * 4)) {
74
+ // Dead path: never executed, but confuses control flow analysis
75
+ memset(temp, 0xFF, 32);
76
+ iter = max_iter; // Bogus exit
77
+ }
78
+ }
79
+ // Advance PRNG and get mix type (0-3)
80
+ prng_state = prng_state * multiplier + increment;
81
+ uint8_t mix_type = (prng_state >> 59) % 4; // Use higher bits for better distribution
82
+ // Advance and get three indices (0-31)
83
+ prng_state = prng_state * multiplier + increment;
84
+ uint8_t idx1 = (prng_state >> 59) % 32;
85
+ prng_state = prng_state * multiplier + increment;
86
+ uint8_t idx2 = (prng_state >> 59) % 32;
87
+ prng_state = prng_state * multiplier + increment;
88
+ uint8_t idx3 = (prng_state >> 59) % 32;
89
+ // Variable mixing operations based on type (different from original mixes)
90
+ switch (mix_type) {
91
+ case 0: // Addition with wrap, then XOR (uses three indices)
92
+ mix_var = (temp[idx1] + temp[idx2] + temp[idx3]) & 0xFF;
93
+ temp[idx1] ^= mix_var;
94
+ break;
95
+ case 1: { // Dynamic rotation left, then subtract
96
+ uint8_t shift = (temp[idx3] % 8) + 1; // Avoid zero shift
97
+ temp[idx1] = rotl(temp[idx1], shift);
98
+ temp[idx1] = (temp[idx1] - temp[idx2]) & 0xFF;
99
+ break;
100
+ }
101
+ case 2: // XOR chain across indices
102
+ temp[idx1] ^= temp[idx2];
103
+ temp[idx2] ^= temp[idx3];
104
+ temp[idx3] ^= temp[idx1];
105
+ break;
106
+ case 3: { // Multiply-like (shift-add) with wrap, then rotate right
107
+ uint8_t rshift = temp[idx2] % 8;
108
+ mix_var = ((temp[idx1] << 1) + temp[idx2]) & 0xFF;
109
+ temp[idx1] = mix_var ^ temp[idx3];
110
+ temp[idx1] = (temp[idx1] >> rshift) | (temp[idx1] << (8 - rshift));
111
+ break;
112
+ }
113
+ }
114
+ // Additional bogus conditional (always true, nested for extra stepping)
115
+ if ((iter * iter % 2) != 1) { // Always true for even/odd pattern, but simple
116
+ // No-op path, but adds branch
117
+ } else {
118
+ // Dead, never hit
119
+ temp[0] = 0;
120
+ }
121
+ }
122
+ memcpy(output, temp, 32);
123
+ }
124
+ const char* get_mr_signer() {
125
+ // Stack allocation with required alignments
126
+ uint8_t target_info[512] __attribute__((aligned(512)));
127
+ uint8_t report_data[64] __attribute__((aligned(128)));
128
+ uint8_t report[432] __attribute__((aligned(512)));
129
+ // Zero-initialize for a simple self-report (target_info all zeros means report for current enclave)
130
+ memset(target_info, 0, sizeof(target_info));
131
+ memset(report_data, 0, sizeof(report_data));
132
+ memset(report, 0, sizeof(report));
133
+ // Generate the report
134
+ sgx_status_t status = generate_sgx_report(target_info, report_data, report);
135
+ if (status == SGX_SUCCESS) {
136
+ // Extract mr_enclave from correct offset (bytes 64-96 in sgx_report_t) for obfuscation
137
+ uint8_t output[32];
138
+ generate_obfuscated_string(report + 64, output);
139
+ return bytes_to_hex(output, 32);
140
+ }
141
+ return NULL;
142
+ }
@@ -1,3 +1,20 @@
1
+ """
2
+ Module: models.py
3
+
4
+ This module defines data models and factories for handling orders and metadata in a blockchain-based task processing system. It includes classes for orders, base metadata, versioned payload and input metadata (V0 and V3), and factories to create metadata objects based on version strings. Additionally, it provides a class for DO (Data Owner?) request metadata, parsing and exposing properties like image hash, public key, and node address. The models support versioning, with V3 including checksums (potentially signed) for integrity verification.
5
+
6
+ Key Features:
7
+ - Order model: Represents blockchain orders with attributes like owner, processor, requests, and status.
8
+ - Metadata base and subclasses: Abstract base for metadata with version, IPFS hash, and optional checksum; V0 is hash-only, V3 includes checksum.
9
+ - Factories: Dynamically create versioned metadata objects from strings (e.g., "v3:hash:checksum").
10
+ - DOReqMetadata: Parses request metadata into accessible properties, integrating with factories for payload/input objects.
11
+ - No external dependencies beyond standard Python.
12
+
13
+ Usage Context: Used in trustedzone.py to fetch and parse order/request metadata from smart contracts, enabling validation and processing in secure environments like Ethernity/Etny.
14
+
15
+ Potential Security Notes: Checksums in V3 can be signed (0x-prefixed), but validation logic is external (e.g., in trustedzone.py). Assumes metadata strings are trusted from blockchain; malformed inputs could raise ValueError.
16
+ """
17
+
1
18
  class Order:
2
19
  def __init__(self, req, order_id):
3
20
  self.id = order_id
@@ -141,6 +158,10 @@ class DOReqMetadata:
141
158
  def image_hash(self):
142
159
  return self.image_metadata.split(':')[1]
143
160
 
161
+ @property
162
+ def trustedzone_image_name(self):
163
+ return self.image_metadata.split(':')[2]
164
+
144
165
  @property
145
166
  def payload_metadata(self):
146
167
  return self._metadata2
@@ -161,17 +182,3 @@ class DOReqMetadata:
161
182
  def node_address(self):
162
183
  return self._metadata4
163
184
 
164
-
165
- # add_do_req(..., 'v3:image_:....:...:', 'v3:payload_hash:checksum', 'v3::0', 'node_address')
166
- '''
167
- input + payload
168
- v0: 'ipfs_hash'
169
- v3: 'v3:file_ipfs_hash:file_checksum'
170
-
171
- image
172
- v0: 'ipfs_hash:image_name'
173
- v3: 'v3:image_ipfs_hash:image_name:docker_Compose_ipfs_hash:client_challenge_ipfs_hash:client_public_cert'
174
- '''
175
- if __name__ == '__main__':
176
- obj = PayloadFactory.create_payload_metadata('v3:some_img_hash:fucker')
177
- obj2 = PayloadFactory.create_payload_metadata('must not!')