Print size of private domain in read_ledger.py utility (#2424)

doc/audit/python_library.rst

@@ -7,6 +7,20 @@ This page describes the Python API of the :py:class:`ccf.ledger` module which ca
 
     $ pip install ccf
 
+.. tip::
+
+    The ``read_ledger.py`` command line utility can be used to parse and display the public content of the ledger directory:
+
+    .. code-block:: bash
+
+        $ read_ledger.py /path/to/ledger/dir
+        Initialised CCF ledger from directory '/path/to/ledger/dir' (found 6 files)
+        seqno 1 (11 public tables)
+        table "public:ccf.gov.constitution":
+        ...
+        Ledger verification complete (found 12 signatures). Ledger verified till seqno 79 in view 2
+
+
 Tutorial
 --------
 
@@ -72,4 +86,4 @@ API
     :members:
 
 .. automodule:: ccf.receipt
-    :members:
+    :members:

python/ccf/ledger.py

@@ -384,6 +384,14 @@ class Transaction:
             self._public_domain = PublicDomain(buffer)
         return self._public_domain
 
+    def get_private_domain_size(self) -> int:
+        """
+        Retrieve the size of the private (i.e. encrypted) domain for that transaction.
+        """
+        return self._total_size - (
+            GcmHeader.size() + LEDGER_DOMAIN_SIZE + self._public_domain_size
+        )
+
     def get_raw_tx(self) -> bytes:
         """
         Returns raw transaction bytes.

python/ccf/read_ledger.py

@@ -40,9 +40,13 @@ if __name__ == "__main__":
             public_tables = public_transaction.get_tables()
 
             LOG.success(
-                f"seqno {public_transaction.get_seqno()} ({len(public_tables)} table{'s' if len(public_tables) > 1 else ''})"
+                f"seqno {public_transaction.get_seqno()} ({len(public_tables)} public table{'s' if len(public_tables) > 1 else ''})"
             )
 
+            private_table_size = transaction.get_private_domain_size()
+            if private_table_size:
+                LOG.error(f"-- private: {private_table_size} bytes")
+
             for table_name, records in public_tables.items():
                 LOG.warning(f'table "{table_name}":')
                 for key, value in records.items():

python/ledger_tutorial.py

@@ -1,7 +1,6 @@
 # Copyright (c) Microsoft Corporation. All rights reserved.
 # Licensed under the Apache 2.0 License.
 
-import ccf.ledger
 import sys
 from loguru import logger as LOG
 import json
@@ -23,6 +22,7 @@ if len(sys.argv) < 2:
 ledger_dir = sys.argv[1]
 
 # SNIPPET: import_ledger
+import ccf.ledger
 
 # SNIPPET: create_ledger
 ledger = ccf.ledger.Ledger(ledger_dir)
@@ -36,7 +36,6 @@ for chunk in ledger:
         # Retrieve all public tables changed in transaction
         public_tables = transaction.get_public_domain().get_tables()
 
-        # If target_table was changed, count the number of keys changed
         if target_table in public_tables:
             # Ledger verification is happening implicitly in ccf.ledger.Ledger()
             for key, value in public_tables[target_table].items():