Several relatively small fixes primarily motivated by changes in the python setuptools

build/Makefile

@@ -89,6 +89,7 @@ $(DSTDIR) :
 	@mkdir -p $(DSTDIR)/opt/pdo/etc/keys/sgx
 	@mkdir -p $(DSTDIR)/opt/pdo/etc/keys/ledger
 	@mkdir -p $(DSTDIR)/opt/pdo/keys
+	@mkdir -p $(DSTDIR)/opt/pdo/lib
 	@mkdir -p $(DSTDIR)/opt/pdo/logs
 
 verify-pre-build :

build/python_requirements.txt

@@ -1,12 +1,12 @@
 build>=0.10.0
+cachetools>=5.5.2
 colorlog>=6.7.0
 importlib_resources>=6.0.0
 lmdb>=1.4.0
 loguru>=0.6.0
 mergedeep>=1.3.4
 requests>=2.28.2
 requests-toolbelt>=0.10.1
-secp256k1==0.13.2
 toml>=0.10.2
 PyYAML>=6.0
 Twisted>=22.10.0

client/pdo/client/builder/shell.py

@@ -209,5 +209,6 @@ def run_shell_command(command_name, module_name) :
         command(state, bindings, args)
     except Exception as e :
         builder_command_base.display_error("Command failed: {}".format(str(e)))
-        logger.exception(e)
+        if builder_command_base.verbose:
+            logger.exception(e)
         sys.exit(-1)

eservice/Makefile

@@ -25,7 +25,7 @@ endif
 
 EGG_FILE=dist/pdo_eservice-${MOD_VERSION}-py${PY_VERSION}-linux-x86_64.egg
 
-ENCLAVE_LIB=deps/bin/libpdo-enclave.signed.so
+ENCLAVE_LIB=deps/bin/libpdo-eservice-enclave.signed.so
 
 SWIG_SOURCES = \
 	pdo_enclave_internal.i\

eservice/lib/libpdo_enclave/CMakeLists.txt

@@ -14,7 +14,7 @@
 
 CMAKE_MINIMUM_REQUIRED(VERSION 3.10 FATAL_ERROR)
 
-PROJECT(libpdo-enclave CXX C)
+PROJECT(libpdo-eservice-enclave CXX C)
 
 # XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 # Source Code

eservice/pdo/eservice/pdo_enclave.py

@@ -66,7 +66,7 @@
 # -----------------------------------------------------------------
 # -----------------------------------------------------------------
 def __find_enclave_library(config) :
-    enclave_file_name = 'libpdo-enclave.signed.so'
+    enclave_file_name = 'libpdo-eservice-enclave.signed.so'
     enclave_file_path = None
 
     if config :
@@ -78,18 +78,18 @@ def __find_enclave_library(config) :
         if os.path.exists(filep) :
             return filep
     else :
+        install_directory = os.environ.get('PDO_HOME', '/opt/pdo')
         script_directory = os.path.abspath(os.path.dirname(os.path.realpath(__file__)))
+
         search_path = [
             script_directory,
-            os.path.abspath(os.path.join(script_directory, '..')),
-            os.path.abspath(os.path.join(script_directory, '..', 'lib')),
-            os.path.abspath(os.path.join(script_directory, '..', '..')),
-            os.path.abspath(os.path.join(script_directory, '..', '..', 'lib')),
-            os.path.abspath(os.path.join('/usr', 'lib'))
+            os.path.abspath(os.path.join(install_directory, 'lib')),
         ]
 
         return putils.find_file_in_path(enclave_file_name, search_path)
 
+    raise IOError("Could not find enclave shared object: {}".format(enclave_file_name))
+
 # -----------------------------------------------------------------
 # -----------------------------------------------------------------
 def update_sig_rl():
@@ -150,6 +150,8 @@ def initialize_with_configuration(config) :
                     ', '.join(sorted(list(missing_keys)))))
 
     NumberOfEnclaves = int(config.get('NumberOfEnclaves', 1))
+    if NumberOfEnclaves < 1 or NumberOfEnclaves > 16:
+        raise ValueError("NumberOfEnclaves must be between 1 and 16, found {}".format(NumberOfEnclaves))
 
     try:
         spid = Path(os.path.join(config['sgx_key_root'], "sgx_spid.txt")).read_text().strip()
@@ -158,16 +160,18 @@ def initialize_with_configuration(config) :
         raise Exception("Unable to access SGX keys: {}".format(str(e)))
 
     if not _ias:
-        _ias = \
-            ias_client.IasClient(
-                IasServer = config['ias_url'],
-                SpidApiKey = spid_api_key,
-                Spid = spid)
+        _ias = ias_client.IasClient(IasServer = config['ias_url'], SpidApiKey = spid_api_key, Spid = spid)
 
     if not _pdo:
         signed_enclave = __find_enclave_library(config)
-        logger.debug("Attempting to load enclave at: %s", signed_enclave)
-        _pdo = enclave.pdo_enclave_info(signed_enclave, spid, NumberOfEnclaves)
+        logger.info("Attempting to load enclave at: %s", signed_enclave)
+
+        try :
+            _pdo = enclave.pdo_enclave_info(signed_enclave, spid, NumberOfEnclaves)
+        except Exception as e:
+            logger.exception(e)
+            raise e
+
         logger.info("Basename: %s", get_enclave_basename())
         logger.info("MRENCLAVE: %s", get_enclave_measurement())
 

eservice/setup.py

@@ -33,6 +33,7 @@
 bin_dir = os.path.join(install_root_dir, "bin")
 dat_dir = os.path.join(install_root_dir, "data")
 etc_dir = os.path.join(install_root_dir, "etc")
+lib_dir = os.path.join(install_root_dir, "lib")
 log_dir = os.path.join(install_root_dir, "logs")
 key_dir = os.path.join(install_root_dir, "keys")
 
@@ -44,11 +45,11 @@
     (etc_dir, []),
     (log_dir, []),
     (key_dir, []),
-    ('lib', [ os.path.join(script_dir, 'deps/bin/libpdo-enclave.signed.so')])
+    (lib_dir, [ os.path.join(script_dir, 'deps/bin/libpdo-eservice-enclave.signed.so')])
 ]
 
 ext_deps = [
-    'deps/bin/libpdo-enclave.signed.so'
+    'deps/bin/libpdo-eservice-enclave.signed.so'
 ]
 
 ## -----------------------------------------------------------------

pservice/Makefile

@@ -25,7 +25,7 @@ endif
 
 EGG_FILE=dist/pdo_pservice-${MOD_VERSION}-py${PY_VERSION}-linux-x86_64.egg
 
-ENCLAVE_LIB=deps/bin/libpdo-enclave.signed.so
+ENCLAVE_LIB=deps/bin/libpdo-pservice-enclave.signed.so
 
 SWIG_SOURCES = \
 	pdo_enclave_internal.i\

pservice/lib/libpdo_enclave/CMakeLists.txt

@@ -14,7 +14,7 @@
 
 CMAKE_MINIMUM_REQUIRED(VERSION 3.10 FATAL_ERROR)
 
-PROJECT(libpdo-enclave C CXX)
+PROJECT(libpdo-pservice-enclave C CXX)
 
 # XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 # Source Code

pservice/pdo/pservice/pdo_enclave.py

@@ -25,6 +25,7 @@
 from pdo.pservice.utility import ias_client
 
 import pdo.common.crypto as crypto
+import pdo.common.utility as putils
 import pdo.pservice.enclave.pdo_enclave_internal as enclave
 
 import logging
@@ -59,30 +60,29 @@
 # -----------------------------------------------------------------
 # -----------------------------------------------------------------
 def __find_enclave_library(config) :
-    enclave_file_name = config.get('enclave_library', 'libpdo-enclave.signed.so')
-    enclave_file_path = config.get('enclave_library_path')
+    enclave_file_name = 'libpdo-pservice-enclave.signed.so'
+    enclave_file_path = None
+
+    if config :
+        enclave_file_name = config.get('enclave_library', enclave_file_name)
+        enclave_file_path = config.get('enclave_library_path', enclave_file_path)
 
     if enclave_file_path :
         enclave_file = os.path.join(enclave_file_path, enclave_file_name);
         if os.path.exists(enclave_file) :
             return enclave_file
     else :
+        install_directory = os.environ.get('PDO_HOME', '/opt/pdo')
         script_directory = os.path.abspath(os.path.dirname(os.path.realpath(__file__)))
+
         search_path = [
             script_directory,
-            os.path.abspath(os.path.join(script_directory, '..')),
-            os.path.abspath(os.path.join(script_directory, '..', 'lib')),
-            os.path.abspath(os.path.join(script_directory, '..', '..')),
-            os.path.abspath(os.path.join(script_directory, '..', '..', 'lib')),
-            os.path.abspath(os.path.join('/usr', 'lib'))
+            os.path.abspath(os.path.join(install_directory, 'lib')),
         ]
 
-        for path in search_path :
-            enclave_file = os.path.join(path, enclave_file_name)
-            if os.path.exists(enclave_file) :
-                return enclave_file
+        return putils.find_file_in_path(enclave_file_name, search_path)
 
-    raise IOError("Could not find enclave shared object")
+    raise IOError("Could not find enclave shared object: {}".format(enclave_file_name))
 
 # -----------------------------------------------------------------
 # -----------------------------------------------------------------
@@ -138,11 +138,7 @@ def initialize_with_configuration(config) :
 
     missing_keys = valid_keys.difference(found_keys)
     if missing_keys:
-        raise \
-            ValueError(
-                'PDO enclave config file missing the following keys: '
-                '{}'.format(
-                    ', '.join(sorted(list(missing_keys)))))
+        raise ValueError('PDO enclave config file missing the following keys: {}'.format(', '.join(list(missing_keys))))
 
     try:
         spid = Path(os.path.join(config['sgx_key_root'], "sgx_spid.txt")).read_text().strip()
@@ -151,16 +147,18 @@ def initialize_with_configuration(config) :
         raise Exception("Unable to access SGX keys: {}".format(str(e)))
 
     if not _ias:
-        _ias = \
-            ias_client.IasClient(
-                IasServer = config['ias_url'],
-                SpidApiKey = spid_api_key,
-                Spid = spid)
+        _ias = ias_client.IasClient(IasServer = config['ias_url'], SpidApiKey = spid_api_key, Spid = spid)
 
     if not _pdo:
         signed_enclave = __find_enclave_library(config)
-        logger.debug("Attempting to load enclave at: %s", signed_enclave)
-        _pdo = enclave.pdo_enclave_info(signed_enclave, spid)
+        logger.info("Attempting to load enclave at: %s", signed_enclave)
+
+        try :
+            _pdo = enclave.pdo_enclave_info(signed_enclave, spid)
+        except Exception as e:
+            logger.exception(f'Failed to load enclave; {e}')
+            raise e
+
         logger.info("Basename: %s", get_enclave_basename())
         logger.info("MRENCLAVE: %s", get_enclave_measurement())
 

pservice/setup.py

@@ -33,6 +33,7 @@
 bin_dir = os.path.join(install_root_dir, "bin")
 dat_dir = os.path.join(install_root_dir, "data")
 etc_dir = os.path.join(install_root_dir, "etc")
+lib_dir = os.path.join(install_root_dir, "lib")
 log_dir = os.path.join(install_root_dir, "logs")
 key_dir = os.path.join(install_root_dir, "keys")
 
@@ -42,11 +43,11 @@
     (etc_dir, [ 'etc/sample_pservice.toml' ]),
     (log_dir, []),
     (key_dir, []),
-    ('lib', [ os.path.join(script_dir, 'deps/bin/libpdo-enclave.signed.so')])
+    (lib_dir, [ os.path.join(script_dir, 'deps/bin/libpdo-pservice-enclave.signed.so')])
 ]
 
 ext_deps = [
-    'deps/bin/libpdo-enclave.signed.so'
+    'deps/bin/libpdo-pservice-enclave.signed.so'
 ]
 
 ## -----------------------------------------------------------------

python/pdo/common/keys.py

@@ -22,8 +22,6 @@
 logger = logging.getLogger(__name__)
 
 import binascii
-import secp256k1
-
 
 # -----------------------------------------------------------------
 # -----------------------------------------------------------------
@@ -49,51 +47,6 @@ def read_transaction_keys_from_file(key_file, search_path, \
 
     return txn_keys
 
-# -----------------------------------------------------------------
-# -----------------------------------------------------------------
-class TransactionKeys(object) :
-    """
-    Wrapper for managing Sawtooth transaction keys
-    """
-
-    @classmethod
-    def read_from_file(cls, file_name, search_path = ['.', './keys']) :
-        full_file = putils.find_file_in_path(file_name, search_path)
-        with open(full_file, "r") as ff :
-            hex_encoded_private_key = ff.read()
-
-        priv = binascii.unhexlify(hex_encoded_private_key)
-        return cls(secp256k1.PrivateKey(priv))
-
-    @classmethod
-    def from_hex(cls, hex_encoded_private_key) :
-        priv = binascii.unhexlify(hex_encoded_private_key)
-        return cls(secp256k1.PrivateKey(priv))
-
-    def __init__(self, private_key = None) :
-        if private_key == None :
-            private_key = secp256k1.PrivateKey()
-
-        self.public_key = private_key.pubkey
-        self.private_key = private_key
-
-    @property
-    def hashed_identity(self) :
-        key_byte_array = crypto.string_to_byte_array(self.txn_public)
-        hashed_txn_key = crypto.compute_message_hash(key_byte_array)
-        encoded_hashed_key = crypto.byte_array_to_hex(hashed_txn_key)
-        encoded_hashed_key = encoded_hashed_key.lower()
-        return encoded_hashed_key
-
-    @property
-    def txn_private(self) :
-        return self.private_key.serialize()
-
-    @property
-    def txn_public(self) :
-        return self.public_key.serialize().hex()
-
-
 # -----------------------------------------------------------------
 # -----------------------------------------------------------------
 class EnclaveKeys(object) :