Merge branch 'main' into test_endorsed_tcb

achamayou · web-flow · commit 6318f5280a0b · 2026-03-05T09:42:02.000Z
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 [7.0.0-dev12]: https://github.com/microsoft/CCF/releases/tag/ccf-7.0.0-dev12
 
+### Added
+
+- `NetworkIdentitySubsystemInterface` now exposes `get_trusted_keys()`, returning all trusted network identity keys as a `TrustedKeys` map (#7690).
+
 ### Changed
 
 - Refactored the user facing surface of self-healing-open and local sealing. The whole feature is now `sealing-recovery` with `self-healing-open` now referred to as the `recovery-decision-protocol`. (#7679)
diff --git a/cmake/crypto.cmake b/cmake/crypto.cmake
@@ -5,6 +5,7 @@ set(CCFCRYPTO_SRC
     ${CCF_DIR}/src/crypto/base64.cpp
     ${CCF_DIR}/src/crypto/entropy.cpp
     ${CCF_DIR}/src/crypto/hash.cpp
+    ${CCF_DIR}/src/crypto/public_key.cpp
     ${CCF_DIR}/src/crypto/sha256_hash.cpp
     ${CCF_DIR}/src/crypto/symmetric_key.cpp
     ${CCF_DIR}/src/crypto/eddsa_key_pair.cpp
diff --git a/doc/build_apps/api.rst b/doc/build_apps/api.rst
@@ -186,4 +186,23 @@ COSE
    :project: CCF
 
 .. doxygenfunction:: ccf::cose::edit::set_unprotected_header
-   :project: CCF
+   :project: CCF
+
+Network Identity
+----------------
+
+.. doxygentypedef:: ccf::RawCoseEndorsement
+   :project: CCF
+
+.. doxygentypedef:: ccf::CoseEndorsementsChain
+   :project: CCF
+
+.. doxygenenum:: ccf::FetchStatus
+   :project: CCF
+
+.. doxygentypedef:: ccf::TrustedKeys
+   :project: CCF
+
+.. doxygenclass:: ccf::NetworkIdentitySubsystemInterface
+   :project: CCF
+   :members:
diff --git a/doc/schemas/app_openapi.json b/doc/schemas/app_openapi.json
@@ -1434,6 +1434,22 @@
         }
       }
     },
+    "/app/log/public/trusted_keys": {
+      "get": {
+        "operationId": "GetAppLogPublicTrustedKeys",
+        "responses": {
+          "204": {
+            "description": "Default response description"
+          },
+          "default": {
+            "$ref": "#/components/responses/default"
+          }
+        },
+        "x-ccf-forwarding": {
+          "$ref": "#/components/x-ccf-forwarding/never"
+        }
+      }
+    },
     "/app/log/public/verify_cose_receipt": {
       "get": {
         "operationId": "GetAppLogPublicVerifyCoseReceipt",
diff --git a/include/ccf/network_identity_interface.h b/include/ccf/network_identity_interface.h
@@ -5,6 +5,7 @@
 #include "ccf/crypto/ec_public_key.h"
 #include "ccf/node_subsystem_interface.h"
 
+#include <map>
 #include <optional>
 #include <string>
 #include <vector>
@@ -13,16 +14,25 @@ namespace ccf
 {
   struct NetworkIdentity;
 
+  /// A single raw COSE endorsement, stored as an opaque byte vector.
   using RawCoseEndorsement = std::vector<uint8_t>;
+  /// An ordered chain of raw COSE endorsements.
   using CoseEndorsementsChain = std::vector<RawCoseEndorsement>;
 
+  /// Status of the network identity endorsement fetching process.
   enum class FetchStatus : uint8_t
   {
-    Retry,
-    Done,
-    Failed
+    Retry, ///< Fetching should be retried
+    Done, ///< Fetching completed successfully
+    Failed ///< Fetching failed
   };
 
+  /// Map from sequence number to EC public key, representing the trusted
+  /// network identity keys over the history of the service.
+  using TrustedKeys = std::map<ccf::SeqNo, ccf::crypto::ECPublicKeyPtr>;
+
+  /// Interface for accessing the network identity subsystem, which manages
+  /// the service's cryptographic identity and its historical trusted keys.
   class NetworkIdentitySubsystemInterface : public ccf::AbstractNodeSubSystem
   {
   public:
@@ -33,14 +43,33 @@ namespace ccf
       return "NetworkIdentity";
     }
 
+    /// Returns a reference to the current network identity.
     virtual const std::unique_ptr<NetworkIdentity>& get() = 0;
 
+    /// Returns the current status of endorsement fetching.
     [[nodiscard]] virtual FetchStatus endorsements_fetching_status() const = 0;
 
+    /// Returns the COSE endorsements chain for the given sequence number,
+    /// or std::nullopt if endorsement fetching has not completed or the
+    /// chain is not available for the given sequence number.
     [[nodiscard]] virtual std::optional<CoseEndorsementsChain>
     get_cose_endorsements_chain(ccf::SeqNo seqno) const = 0;
 
+    /// Returns the trusted EC public key that was active at the given
+    /// sequence number, or nullptr if the sequence number precedes the
+    /// earliest known trusted key.
+    ///
+    /// @throws std::logic_error if endorsement fetching has not completed
+    /// (i.e. endorsements_fetching_status() != FetchStatus::Done), or if
+    /// no trusted keys have been fetched.
     [[nodiscard]] virtual ccf::crypto::ECPublicKeyPtr get_trusted_identity_for(
       ccf::SeqNo seqno) const = 0;
+
+    /// Returns all trusted network identity keys as a map from sequence
+    /// number to EC public key.
+    ///
+    /// @throws std::logic_error if endorsement fetching has not completed
+    /// (i.e. endorsements_fetching_status() != FetchStatus::Done).
+    [[nodiscard]] virtual TrustedKeys get_trusted_keys() const = 0;
   };
 }
diff --git a/samples/apps/logging/logging.cpp b/samples/apps/logging/logging.cpp
@@ -21,6 +21,7 @@
 #include "ccf/json_handler.h"
 #include "ccf/network_identity_interface.h"
 #include "ccf/version.h"
+#include "crypto/public_key.h"
 
 #include <charconv>
 #define FMT_HEADER_ONLY
@@ -2109,6 +2110,40 @@ namespace loggingapp
         .set_forwarding_required(ccf::endpoints::ForwardingRequired::Never)
         .install();
 
+      auto get_trusted_keys = [&](
+                                ccf::endpoints::ReadOnlyEndpointContext& ctx) {
+        auto network_identity_subsystem =
+          context.get_subsystem<ccf::NetworkIdentitySubsystemInterface>();
+        if (network_identity_subsystem == nullptr)
+        {
+          ctx.rpc_ctx->set_error(
+            HTTP_STATUS_INTERNAL_SERVER_ERROR,
+            ccf::errors::InternalError,
+            "Network identity subsystem not available");
+          return;
+        }
+
+        auto keys = network_identity_subsystem->get_trusted_keys();
+        nlohmann::json jwks = nlohmann::json::object();
+        auto keys_array = nlohmann::json::array();
+        for (const auto& [seqno, key_ptr] : keys)
+        {
+          const auto kid = ccf::crypto::kid_from_key(key_ptr->public_key_der());
+          keys_array.push_back(key_ptr->public_key_jwk(kid));
+        }
+        jwks["keys"] = keys_array;
+
+        ctx.rpc_ctx->set_response_json(jwks, HTTP_STATUS_OK);
+      };
+      make_read_only_endpoint(
+        "/log/public/trusted_keys",
+        HTTP_GET,
+        get_trusted_keys,
+        ccf::no_auth_required)
+        .set_auto_schema<void, void>()
+        .set_forwarding_required(ccf::endpoints::ForwardingRequired::Never)
+        .install();
+
       auto get_cose_signature = [](
                                   ccf::endpoints::ReadOnlyEndpointContext& ctx,
                                   ccf::historical::StatePtr historical_state) {
diff --git a/src/crypto/public_key.cpp b/src/crypto/public_key.cpp
@@ -0,0 +1,14 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the Apache 2.0 License.
+
+#include "crypto/public_key.h"
+
+#include "ccf/crypto/sha256_hash.h"
+
+namespace ccf::crypto
+{
+  std::string kid_from_key(const std::vector<uint8_t>& public_key_der)
+  {
+    return Sha256Hash(public_key_der).hex_str();
+  }
+}
diff --git a/src/crypto/public_key.h b/src/crypto/public_key.h
@@ -0,0 +1,14 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the Apache 2.0 License.
+#pragma once
+
+#include <cstdint>
+#include <string>
+#include <vector>
+
+namespace ccf::crypto
+{
+  // Returns a hex-encoded SHA-256 hash of the DER-encoded public key,
+  // suitable for use as a key identifier (kid).
+  std::string kid_from_key(const std::vector<uint8_t>& public_key_der);
+}
diff --git a/src/node/history.h b/src/node/history.h
@@ -10,6 +10,7 @@
 #include "crypto/openssl/cose_sign.h"
 #include "crypto/openssl/ec_key_pair.h"
 #include "crypto/openssl/hash.h"
+#include "crypto/public_key.h"
 #include "ds/internal_logger.h"
 #include "endian.h"
 #include "kv/kv_types.h"
@@ -356,8 +357,7 @@ namespace ccf
         primary_sig,
         endorsed_cert);
 
-      const auto& service_key_der = service_kp.public_key_der();
-      auto kid = ccf::crypto::Sha256Hash(service_key_der).hex_str();
+      auto kid = ccf::crypto::kid_from_key(service_kp.public_key_der());
       std::span<const uint8_t> kid_span{
         reinterpret_cast<const uint8_t*>(kid.data()), kid.size()};
 
diff --git a/src/node/rpc/network_identity_subsystem.h b/src/node/rpc/network_identity_subsystem.h
@@ -212,6 +212,17 @@ namespace ccf
       return key_ptr;
     }
 
+    [[nodiscard]] TrustedKeys get_trusted_keys() const override
+    {
+      if (fetch_status.load() != FetchStatus::Done)
+      {
+        throw std::logic_error(
+          "Trusted keys requested but endorsements/key fetching has not "
+          "completed yet");
+      }
+      return trusted_keys;
+    }
+
   private:
     void retry_first_fetch()
     {
diff --git a/tests/infra/crypto.py b/tests/infra/crypto.py
@@ -343,6 +343,11 @@ def compute_public_key_der_hash_hex_from_pem(pem: str):
     return hashlib.sha256(pub_key).hexdigest()
 
 
+def compute_public_key_der_hash_hex(der: bytes) -> str:
+    """Compute SHA-256 hex digest of DER-encoded public key bytes (matches CCF's kid)."""
+    return hashlib.sha256(der).hexdigest()
+
+
 def compute_cert_der_hash_hex_from_pem(pem: str):
     cert = load_pem_x509_certificate(pem.encode(), default_backend())
     return cert.fingerprint(hashes.SHA256()).hex()
@@ -370,3 +375,25 @@ def get_validity_period_from_pem_cert(pem: str):
 
 def datetime_to_X509time(datetime: datetime):
     return UTCTime.fromDateTime(datetime)
+
+
+def pub_key_der_from_jwk(jwk: dict) -> bytes:
+    """Convert a JWK (EC public key) to DER-encoded SubjectPublicKeyInfo bytes."""
+    crv_map = {
+        "P-256": ec.SECP256R1(),
+        "P-384": ec.SECP384R1(),
+        "P-521": ec.SECP521R1(),
+    }
+
+    def _decode_b64url(s):
+        pad_len = (-len(s)) % 4
+        return base64.urlsafe_b64decode(s + ("=" * pad_len))
+
+    assert jwk.get("kty") == "EC", f"Expected EC key, got: {jwk.get('kty')}"
+    curve = crv_map[jwk["crv"]]
+    pub_key = ec.EllipticCurvePublicNumbers(
+        x=int.from_bytes(_decode_b64url(jwk["x"]), "big"),
+        y=int.from_bytes(_decode_b64url(jwk["y"]), "big"),
+        curve=curve,
+    ).public_key(default_backend())
+    return pub_key.public_bytes(Encoding.DER, PublicFormat.SubjectPublicKeyInfo)
diff --git a/tests/recovery.py b/tests/recovery.py
@@ -527,6 +527,50 @@ def pull_with_handle():
             response = query_endorsements_chain(primary, tx)
             assert response.status_code == http.HTTPStatus.NOT_FOUND, response
 
+        # Collect expected keys: current service key + all previous from endorsement chain
+        expected_keys_der = set()
+        expected_keys_der.add(
+            bytes(
+                cert.public_key().public_bytes(
+                    serialization.Encoding.DER,
+                    serialization.PublicFormat.SubjectPublicKeyInfo,
+                )
+            )
+        )
+        chain_pubkey = cert.public_key().public_bytes(
+            serialization.Encoding.PEM,
+            serialization.PublicFormat.SubjectPublicKeyInfo,
+        )
+        response = query_endorsements_chain(primary, txids[0])
+        chain_endorsements = [
+            base64.b64decode(x) for x in response.body.json()["endorsements"]
+        ]
+        for endorsement in chain_endorsements:
+            _, _, payload = verify_cose_sign1_with_key(chain_pubkey, endorsement)
+            expected_keys_der.add(bytes(payload))
+            chain_pubkey = infra.crypto.pub_key_der_to_pem(payload).encode("ascii")
+
+        # Verify trusted keys from the endpoint match endorsement keys
+        with primary.client() as cli:
+            r = cli.get("/log/public/trusted_keys")
+            assert r.status_code == http.HTTPStatus.OK, r
+            jwks = r.body.json()
+            assert "keys" in jwks, jwks
+
+            endpoint_keys_der = set()
+            for key in jwks["keys"]:
+                assert "kid" in key, key
+                der = bytes(infra.crypto.pub_key_der_from_jwk(key))
+                expected_kid = infra.crypto.compute_public_key_der_hash_hex(der)
+                assert (
+                    key["kid"] == expected_kid
+                ), f"kid mismatch: got {key['kid']}, expected {expected_kid}"
+                endpoint_keys_der.add(der)
+            assert endpoint_keys_der == expected_keys_der, (
+                f"Keys from trusted_keys endpoint do not match endorsement keys. "
+                f"Expected {len(expected_keys_der)}, got {len(endpoint_keys_der)}"
+            )
+
         return recovered_network
 
 
