From 378652eda0da95310f3f728a0453b5d1bec6da97 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Thu, 2 Mar 2023 11:31:43 +0100 Subject: [PATCH 01/20] rpc: add attesteer_forward_dcap_quote call --- enclave-runtime/src/rpc/worker_api_direct.rs | 34 ++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/enclave-runtime/src/rpc/worker_api_direct.rs b/enclave-runtime/src/rpc/worker_api_direct.rs index a746f5e2ea..78702fcf7a 100644 --- a/enclave-runtime/src/rpc/worker_api_direct.rs +++ b/enclave-runtime/src/rpc/worker_api_direct.rs @@ -15,6 +15,7 @@ */ +use crate::attestation::generate_dcap_ra_extrinsic_from_quote_internal; use codec::Encode; use core::result::Result; use ita_sgx_runtime::Runtime; @@ -28,6 +29,7 @@ use itp_utils::{FromHexPrefixed, ToHexPrefixed}; use its_primitives::types::block::SignedBlock; use its_sidechain::rpc_handler::{direct_top_pool_api, import_block_api}; use jsonrpc_core::{serde_json::json, IoHandler, Params, Value}; +use sp_runtime::OpaqueExtrinsic; use std::{borrow::ToOwned, format, str, string::String, sync::Arc, vec::Vec}; fn compute_hex_encoded_return_error(error_msg: &str) -> String { @@ -143,6 +145,22 @@ where Ok(json!(json_value)) }); + // attesteer_forward_dcap_quote + let attesteer_forward_dcap_quote: &str = "attesteer_forward_dcap_quote"; + io.add_sync_method(attesteer_forward_dcap_quote, move |params: Params| { + let json_value = match forward_dcap_quote_inner(params) { + Ok(val) => RpcReturnValue { + do_watch: false, + value: val.encode(), + status: DirectRequestStatus::Ok, + } + .to_hex(), + Err(error) => compute_hex_encoded_return_error(error.as_str()), + }; + + Ok(json!(json_value)) + }); + // system_health let state_health_name: &str = "system_health"; io.add_sync_method(state_health_name, |_: Params| { @@ -192,6 +210,22 @@ fn execute_getter_inner( Ok(getter_result) } +fn forward_dcap_quote_inner(params: Params) -> Result { + let hex_encoded_params = params.parse::>().map_err(|e| format!("{:?}", e))?; + + let request = + Request::from_hex(&hex_encoded_params[0].clone()).map_err(|e| format!("{:?}", e))?; + + let shard: ShardIdentifier = request.shard; + let encoded_quote_to_forward: Vec = request.cyphertext; + + let url = String::new(); + let ext = generate_dcap_ra_extrinsic_from_quote_internal(url, &encoded_quote_to_forward) + .map_err(|e| format!("{:?}", e))?; + + Ok(ext) +} + pub fn sidechain_io_handler(import_fn: ImportFn) -> IoHandler where ImportFn: Fn(SignedBlock) -> Result<(), Error> + Sync + Send + 'static, From 5862ee0e24196d54045b461ee1e88632b7bc8279 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Thu, 2 Mar 2023 13:33:13 +0100 Subject: [PATCH 02/20] rpc: add attesteer_forward_ias_attestation_report --- enclave-runtime/src/attestation.rs | 19 ++++++++++ enclave-runtime/src/rpc/worker_api_direct.rs | 39 +++++++++++++++++++- 2 files changed, 57 insertions(+), 1 deletion(-) diff --git a/enclave-runtime/src/attestation.rs b/enclave-runtime/src/attestation.rs index 44b9629dad..3bf67d5ccb 100644 --- a/enclave-runtime/src/attestation.rs +++ b/enclave-runtime/src/attestation.rs @@ -307,6 +307,25 @@ fn generate_ias_ra_extrinsic_internal( Ok(extrinsics[0].clone()) } +pub fn generate_ias_ra_extrinsic_from_der_cert_internal( + url: String, + cert_der: &[u8], +) -> EnclaveResult { + let extrinsics_factory = get_extrinsic_factory_from_solo_or_parachain()?; + let node_metadata_repo = get_node_metadata_repository_from_solo_or_parachain()?; + + info!(" [Enclave] Compose register enclave call"); + let call_ids = node_metadata_repo + .get_from_metadata(|m| m.register_ias_enclave_call_indexes())? + .map_err(MetadataProviderError::MetadataError)?; + + let call = OpaqueCall::from_tuple(&(call_ids, cert_der, url)); + + let extrinsics = extrinsics_factory.create_extrinsics(&[call], None)?; + + Ok(extrinsics[0].clone()) +} + #[no_mangle] pub unsafe extern "C" fn generate_register_quoting_enclave_extrinsic( collateral: *const sgx_ql_qve_collateral_t, diff --git a/enclave-runtime/src/rpc/worker_api_direct.rs b/enclave-runtime/src/rpc/worker_api_direct.rs index 78702fcf7a..28d4e62a3c 100644 --- a/enclave-runtime/src/rpc/worker_api_direct.rs +++ b/enclave-runtime/src/rpc/worker_api_direct.rs @@ -15,7 +15,10 @@ */ -use crate::attestation::generate_dcap_ra_extrinsic_from_quote_internal; +use crate::attestation::{ + generate_dcap_ra_extrinsic_from_quote_internal, + generate_ias_ra_extrinsic_from_der_cert_internal, +}; use codec::Encode; use core::result::Result; use ita_sgx_runtime::Runtime; @@ -161,6 +164,22 @@ where Ok(json!(json_value)) }); + // attesteer_forward_ias_attestation_report + let attesteer_forward_ias_attestation_report: &str = "attesteer_forward_ias_attestation_report"; + io.add_sync_method(attesteer_forward_ias_attestation_report, move |params: Params| { + let json_value = match attesteer_forward_ias_attestation_report_inner(params) { + Ok(val) => RpcReturnValue { + do_watch: false, + value: val.encode(), + status: DirectRequestStatus::Ok, + } + .to_hex(), + Err(error) => compute_hex_encoded_return_error(error.as_str()), + }; + + Ok(json!(json_value)) + }); + // system_health let state_health_name: &str = "system_health"; io.add_sync_method(state_health_name, |_: Params| { @@ -226,6 +245,24 @@ fn forward_dcap_quote_inner(params: Params) -> Result { Ok(ext) } +fn attesteer_forward_ias_attestation_report_inner( + params: Params, +) -> Result { + let hex_encoded_params = params.parse::>().map_err(|e| format!("{:?}", e))?; + + let request = + Request::from_hex(&hex_encoded_params[0].clone()).map_err(|e| format!("{:?}", e))?; + + let shard: ShardIdentifier = request.shard; + let ias_attestation_report: Vec = request.cyphertext; + + let url = String::new(); + let ext = generate_ias_ra_extrinsic_from_der_cert_internal(url, &ias_attestation_report) + .map_err(|e| format!("{:?}", e))?; + + Ok(ext) +} + pub fn sidechain_io_handler(import_fn: ImportFn) -> IoHandler where ImportFn: Fn(SignedBlock) -> Result<(), Error> + Sync + Send + 'static, From 3865f5909fb183f323e2fe5e484c7c39562be6d4 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Thu, 2 Mar 2023 13:33:40 +0100 Subject: [PATCH 03/20] remove unused variables --- enclave-runtime/src/rpc/worker_api_direct.rs | 2 -- 1 file changed, 2 deletions(-) diff --git a/enclave-runtime/src/rpc/worker_api_direct.rs b/enclave-runtime/src/rpc/worker_api_direct.rs index 28d4e62a3c..186d63f679 100644 --- a/enclave-runtime/src/rpc/worker_api_direct.rs +++ b/enclave-runtime/src/rpc/worker_api_direct.rs @@ -235,7 +235,6 @@ fn forward_dcap_quote_inner(params: Params) -> Result { let request = Request::from_hex(&hex_encoded_params[0].clone()).map_err(|e| format!("{:?}", e))?; - let shard: ShardIdentifier = request.shard; let encoded_quote_to_forward: Vec = request.cyphertext; let url = String::new(); @@ -253,7 +252,6 @@ fn attesteer_forward_ias_attestation_report_inner( let request = Request::from_hex(&hex_encoded_params[0].clone()).map_err(|e| format!("{:?}", e))?; - let shard: ShardIdentifier = request.shard; let ias_attestation_report: Vec = request.cyphertext; let url = String::new(); From 296ce9c7f9bf9ab6ddf34ec848d3b596050436ae Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Thu, 2 Mar 2023 13:43:55 +0100 Subject: [PATCH 04/20] enclave-runtime/attestation: remove duplicate code --- enclave-runtime/src/attestation.rs | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/enclave-runtime/src/attestation.rs b/enclave-runtime/src/attestation.rs index 3bf67d5ccb..d784342e7c 100644 --- a/enclave-runtime/src/attestation.rs +++ b/enclave-runtime/src/attestation.rs @@ -290,21 +290,9 @@ fn generate_ias_ra_extrinsic_internal( skip_ra: bool, ) -> EnclaveResult { let attestation_handler = GLOBAL_ATTESTATION_HANDLER_COMPONENT.get()?; - let extrinsics_factory = get_extrinsic_factory_from_solo_or_parachain()?; - let node_metadata_repo = get_node_metadata_repository_from_solo_or_parachain()?; - let cert_der = attestation_handler.generate_ias_ra_cert(skip_ra)?; - info!(" [Enclave] Compose register enclave call"); - let call_ids = node_metadata_repo - .get_from_metadata(|m| m.register_ias_enclave_call_indexes())? - .map_err(MetadataProviderError::MetadataError)?; - - let call = OpaqueCall::from_tuple(&(call_ids, cert_der, url)); - - let extrinsics = extrinsics_factory.create_extrinsics(&[call], None)?; - - Ok(extrinsics[0].clone()) + generate_ias_ra_extrinsic_from_der_cert_internal(url, &cert_der) } pub fn generate_ias_ra_extrinsic_from_der_cert_internal( From ad76638ff2ee2ddc02c63ebf822d4cfc36f99534 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Thu, 2 Mar 2023 13:58:52 +0100 Subject: [PATCH 05/20] enclave-runtime/attestation: extract extrinsic sending --- enclave-runtime/src/attestation.rs | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/enclave-runtime/src/attestation.rs b/enclave-runtime/src/attestation.rs index d784342e7c..cda7302a6c 100644 --- a/enclave-runtime/src/attestation.rs +++ b/enclave-runtime/src/attestation.rs @@ -177,7 +177,6 @@ pub fn generate_dcap_ra_extrinsic_internal( skip_ra, )?; - let extrinsics_factory = get_extrinsic_factory_from_solo_or_parachain()?; let node_metadata_repo = get_node_metadata_repository_from_solo_or_parachain()?; let call_ids = node_metadata_repo @@ -186,8 +185,7 @@ pub fn generate_dcap_ra_extrinsic_internal( info!(" [Enclave] Compose register enclave call DCAP IDs: {:?}", call_ids); let call = OpaqueCall::from_tuple(&(call_ids, dcap_quote, url)); - let extrinsic = extrinsics_factory.create_extrinsics(&[call], None)?; - Ok(extrinsic[0].clone()) + create_extrinsics(call) } #[no_mangle] @@ -270,7 +268,6 @@ pub fn generate_dcap_ra_extrinsic_from_quote_internal( url: String, quote: &[u8], ) -> EnclaveResult { - let extrinsics_factory = get_extrinsic_factory_from_solo_or_parachain()?; let node_metadata_repo = get_node_metadata_repository_from_solo_or_parachain()?; info!(" [Enclave] Compose register enclave getting callIDs:"); @@ -280,9 +277,8 @@ pub fn generate_dcap_ra_extrinsic_from_quote_internal( info!(" [Enclave] Compose register enclave call DCAP IDs: {:?}", call_ids); let call = OpaqueCall::from_tuple(&(call_ids, quote, url)); - let extrinsic = extrinsics_factory.create_extrinsics(&[call], None)?; info!(" [Enclave] Compose register enclave got extrinsic, returning"); - Ok(extrinsic[0].clone()) + create_extrinsics(call) } fn generate_ias_ra_extrinsic_internal( @@ -299,7 +295,6 @@ pub fn generate_ias_ra_extrinsic_from_der_cert_internal( url: String, cert_der: &[u8], ) -> EnclaveResult { - let extrinsics_factory = get_extrinsic_factory_from_solo_or_parachain()?; let node_metadata_repo = get_node_metadata_repository_from_solo_or_parachain()?; info!(" [Enclave] Compose register enclave call"); @@ -309,6 +304,11 @@ pub fn generate_ias_ra_extrinsic_from_der_cert_internal( let call = OpaqueCall::from_tuple(&(call_ids, cert_der, url)); + create_extrinsics(call) +} + +fn create_extrinsics(call: OpaqueCall) -> EnclaveResult { + let extrinsics_factory = get_extrinsic_factory_from_solo_or_parachain()?; let extrinsics = extrinsics_factory.create_extrinsics(&[call], None)?; Ok(extrinsics[0].clone()) From 3b21f0a6fe760982199eb94b109efeedb2b668b1 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Thu, 2 Mar 2023 14:05:32 +0100 Subject: [PATCH 06/20] enclave-runtime/attestaion: refactor generate_dcap_ra_extrinsic_internal to reduce code duplication --- enclave-runtime/src/attestation.rs | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/enclave-runtime/src/attestation.rs b/enclave-runtime/src/attestation.rs index cda7302a6c..cab21dea9f 100644 --- a/enclave-runtime/src/attestation.rs +++ b/enclave-runtime/src/attestation.rs @@ -177,15 +177,7 @@ pub fn generate_dcap_ra_extrinsic_internal( skip_ra, )?; - let node_metadata_repo = get_node_metadata_repository_from_solo_or_parachain()?; - - let call_ids = node_metadata_repo - .get_from_metadata(|m| m.register_dcap_enclave_call_indexes())? - .map_err(MetadataProviderError::MetadataError)?; - info!(" [Enclave] Compose register enclave call DCAP IDs: {:?}", call_ids); - let call = OpaqueCall::from_tuple(&(call_ids, dcap_quote, url)); - - create_extrinsics(call) + generate_dcap_ra_extrinsic_from_quote_internal(url, &dcap_quote) } #[no_mangle] From 5f1c56ffa810c5f4c3796812a87a9b1945933989 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Thu, 9 Mar 2023 15:57:05 +0100 Subject: [PATCH 07/20] attesteer: add attesteer RPC calls to the CLI --- cli/src/attesteer/commands/mod.rs | 23 ++++++++ cli/src/attesteer/commands/send_dcap_quote.rs | 56 +++++++++++++++++++ .../commands/send_ias_attestation.rs | 51 +++++++++++++++++ cli/src/attesteer/mod.rs | 41 ++++++++++++++ cli/src/commands.rs | 7 +++ cli/src/main.rs | 1 + 6 files changed, 179 insertions(+) create mode 100644 cli/src/attesteer/commands/mod.rs create mode 100644 cli/src/attesteer/commands/send_dcap_quote.rs create mode 100644 cli/src/attesteer/commands/send_ias_attestation.rs create mode 100644 cli/src/attesteer/mod.rs diff --git a/cli/src/attesteer/commands/mod.rs b/cli/src/attesteer/commands/mod.rs new file mode 100644 index 0000000000..77d4bd9308 --- /dev/null +++ b/cli/src/attesteer/commands/mod.rs @@ -0,0 +1,23 @@ +/* + Copyright 2021 Integritee AG and Supercomputing Systems AG + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*/ + +mod send_dcap_quote; +mod send_ias_attestation; + +pub use self::{ + send_dcap_quote::SendDCAPQuoteCmd, send_ias_attestation::SendIASAttestationReportCmd, +}; diff --git a/cli/src/attesteer/commands/send_dcap_quote.rs b/cli/src/attesteer/commands/send_dcap_quote.rs new file mode 100644 index 0000000000..2a4d3b8b80 --- /dev/null +++ b/cli/src/attesteer/commands/send_dcap_quote.rs @@ -0,0 +1,56 @@ +/* + Copyright 2021 Integritee AG and Supercomputing Systems AG + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*/ + +use crate::{command_utils::get_worker_api_direct, Cli}; +use itc_rpc_client::direct_client::DirectApi; +use itp_rpc::{RpcRequest, RpcResponse, RpcReturnValue}; +//use itp_types::Request; +use itp_utils::FromHexPrefixed; +use log::*; + +/// Forward DCAP quote for verification. +#[derive(Debug, Clone, Parser)] +pub struct SendDCAPQuoteCmd { + /// Hex encoded DCAP quote. + quote: String, +} + +impl SendDCAPQuoteCmd { + pub fn run(&self, cli: &Cli) { + let direct_api = get_worker_api_direct(&cli); + let hex_encoded_quote = self.quote.clone(); + + //let request = Request { shard, cyphertext: hex_encoded_quote.to_vec() }; + + let rpc_method = "attesteer_forward_dcap_quote".to_owned(); + let jsonrpc_call: String = + RpcRequest::compose_jsonrpc_call(rpc_method, vec![hex_encoded_quote]).unwrap(); + + let rpc_response_str = direct_api.get(&jsonrpc_call).unwrap(); + + // Decode RPC response. + let rpc_response: RpcResponse = serde_json::from_str(&rpc_response_str).ok().unwrap(); + let rpc_return_value = RpcReturnValue::from_hex(&rpc_response.result) + // Replace with `inspect_err` once it's stable. + .map_err(|e| { + error!("Failed to decode RpcReturnValue: {:?}", e); + e + }) + .ok() + .unwrap(); + } +} diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs new file mode 100644 index 0000000000..8aab9e845b --- /dev/null +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -0,0 +1,51 @@ +/* + Copyright 2021 Integritee AG and Supercomputing Systems AG + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*/ + +use crate::{command_utils::get_chain_api, Cli}; + +/// Forward IAS attestation report for verification. +#[derive(Debug, Clone, Parser)] +pub struct SendIASAttestationReportCmd { + /// Hex encoded IAS attestation report. + report: String, +} + +impl SendIASAttestationReportCmd { + pub fn run(&self, cli: &Cli) { + let direct_api = get_worker_api_direct(&cli); + let hex_encoded_report = self.report.clone(); + + //let request = Request { shard, cyphertext: hex_encoded_quote.to_vec() }; + + let rpc_method = "attesteer_forward_ias_attestation_report".to_owned(); + let jsonrpc_call: String = + RpcRequest::compose_jsonrpc_call(rpc_method, vec![hex_encoded_report]).unwrap(); + + let rpc_response_str = direct_api.get(&jsonrpc_call).unwrap(); + + // Decode RPC response. + let rpc_response: RpcResponse = serde_json::from_str(&rpc_response_str).ok().unwrap(); + let rpc_return_value = RpcReturnValue::from_hex(&rpc_response.result) + // Replace with `inspect_err` once it's stable. + .map_err(|e| { + error!("Failed to decode RpcReturnValue: {:?}", e); + e + }) + .ok() + .unwrap(); + } +} diff --git a/cli/src/attesteer/mod.rs b/cli/src/attesteer/mod.rs new file mode 100644 index 0000000000..5ecd718344 --- /dev/null +++ b/cli/src/attesteer/mod.rs @@ -0,0 +1,41 @@ +/* + Copyright 2021 Integritee AG and Supercomputing Systems AG + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*/ + +use crate::Cli; + +use self::commands::{SendDCAPQuoteCmd, SendIASAttestationReportCmd}; + +mod commands; + +/// Attesteer subcommands for the CLI. +#[derive(Debug, clap::Subcommand)] +pub enum AttesteerCommand { + /// Forward DCAP quote for verification. + SendDCAPQuote(SendDCAPQuoteCmd), + + /// Forward IAS attestation report for verification. + SendIASAttestationReport(SendIASAttestationReportCmd), +} + +impl AttesteerCommand { + pub fn run(&self, cli: &Cli) { + match self { + AttesteerCommand::SendDCAPQuote(cmd) => cmd.run(cli), + AttesteerCommand::SendIASAttestationReport(cmd) => cmd.run(cli), + } + } +} diff --git a/cli/src/commands.rs b/cli/src/commands.rs index 853c1d125d..5fdd6f0383 100644 --- a/cli/src/commands.rs +++ b/cli/src/commands.rs @@ -22,6 +22,8 @@ use clap::Subcommand; #[cfg(feature = "teeracle")] use crate::oracle::OracleCommand; +use crate::attesteer::AttesteerCommand; + #[derive(Subcommand)] pub enum Commands { #[clap(flatten)] @@ -35,6 +37,10 @@ pub enum Commands { #[cfg(feature = "teeracle")] #[clap(subcommand)] Oracle(OracleCommand), + + /// Subcommand for the attesteer. + #[clap(subcommand)] + Attesteer(AttesteerCommand), } pub fn match_command(cli: &Cli) { @@ -43,5 +49,6 @@ pub fn match_command(cli: &Cli) { Commands::Trusted(trusted_cli) => trusted_cli.run(cli), #[cfg(feature = "teeracle")] Commands::Oracle(cmd) => cmd.run(cli), + Commands::Attesteer(cmd) => cmd.run(cli), }; } diff --git a/cli/src/main.rs b/cli/src/main.rs index 0cb45e3e05..17f0ba5370 100644 --- a/cli/src/main.rs +++ b/cli/src/main.rs @@ -27,6 +27,7 @@ extern crate chrono; extern crate env_logger; extern crate log; +mod attesteer; mod base_cli; mod benchmark; mod command_utils; From 6e4a5c192c389150f010501925c5de806211c1b7 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Mon, 13 Mar 2023 09:05:18 +0100 Subject: [PATCH 08/20] compiling --- cli/src/attesteer/commands/send_ias_attestation.rs | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs index 8aab9e845b..ae2cb3913a 100644 --- a/cli/src/attesteer/commands/send_ias_attestation.rs +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -15,7 +15,12 @@ */ -use crate::{command_utils::get_chain_api, Cli}; +use itc_rpc_client::direct_client::DirectApi; +use itp_rpc::{RpcRequest, RpcResponse, RpcReturnValue}; +use itp_utils::FromHexPrefixed; +use log::error; + +use crate::{command_utils::get_worker_api_direct, Cli}; /// Forward IAS attestation report for verification. #[derive(Debug, Clone, Parser)] From 9a11f6b3d0f663cc177f535430619ad648c8fc40 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Mon, 13 Mar 2023 13:17:19 +0100 Subject: [PATCH 09/20] cli: attesteer dcap quote verification takes a filename (to a hex encoded quote) instead of contents --- cli/src/attesteer/commands/send_dcap_quote.rs | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/cli/src/attesteer/commands/send_dcap_quote.rs b/cli/src/attesteer/commands/send_dcap_quote.rs index 2a4d3b8b80..1493fbae86 100644 --- a/cli/src/attesteer/commands/send_dcap_quote.rs +++ b/cli/src/attesteer/commands/send_dcap_quote.rs @@ -18,23 +18,24 @@ use crate::{command_utils::get_worker_api_direct, Cli}; use itc_rpc_client::direct_client::DirectApi; use itp_rpc::{RpcRequest, RpcResponse, RpcReturnValue}; -//use itp_types::Request; +use itp_types::DirectRequestStatus; use itp_utils::FromHexPrefixed; use log::*; +use std::fs::read_to_string; /// Forward DCAP quote for verification. #[derive(Debug, Clone, Parser)] pub struct SendDCAPQuoteCmd { - /// Hex encoded DCAP quote. + /// Hex encoded DCAP quote filename. quote: String, } impl SendDCAPQuoteCmd { pub fn run(&self, cli: &Cli) { let direct_api = get_worker_api_direct(&cli); - let hex_encoded_quote = self.quote.clone(); - - //let request = Request { shard, cyphertext: hex_encoded_quote.to_vec() }; + let hex_encoded_quote = read_to_string(&self.quote) + .map_err(|e| error!("Opening hex encoded DCAP quote file failed: {:#?}", e)) + .unwrap(); let rpc_method = "attesteer_forward_dcap_quote".to_owned(); let jsonrpc_call: String = @@ -52,5 +53,10 @@ impl SendDCAPQuoteCmd { }) .ok() .unwrap(); + + match rpc_return_value.status { + DirectRequestStatus::Ok => println!("DCAP quote verification succeded."), + _ => error!("DCAP quote verification failed"), + } } } From 3c184f44c3fbe25d29227d8f5193e407f01ca696 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Mon, 13 Mar 2023 13:26:14 +0100 Subject: [PATCH 10/20] cli: attesteer ias attestation report takes a filename (to a hex encoded report) instead of its contents --- cli/src/attesteer/commands/send_ias_attestation.rs | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs index ae2cb3913a..9b83f755a3 100644 --- a/cli/src/attesteer/commands/send_ias_attestation.rs +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -17,22 +17,26 @@ use itc_rpc_client::direct_client::DirectApi; use itp_rpc::{RpcRequest, RpcResponse, RpcReturnValue}; +use itp_types::DirectRequestStatus; use itp_utils::FromHexPrefixed; use log::error; +use std::fs::read_to_string; use crate::{command_utils::get_worker_api_direct, Cli}; /// Forward IAS attestation report for verification. #[derive(Debug, Clone, Parser)] pub struct SendIASAttestationReportCmd { - /// Hex encoded IAS attestation report. + /// Hex encoded IAS attestation report filename. report: String, } impl SendIASAttestationReportCmd { pub fn run(&self, cli: &Cli) { let direct_api = get_worker_api_direct(&cli); - let hex_encoded_report = self.report.clone(); + let hex_encoded_report = read_to_string(&self.report) + .map_err(|e| error!("Opening hex encoded IAS attestation report file failed: {:#?}", e)) + .unwrap(); //let request = Request { shard, cyphertext: hex_encoded_quote.to_vec() }; @@ -52,5 +56,10 @@ impl SendIASAttestationReportCmd { }) .ok() .unwrap(); + + match rpc_return_value.status { + DirectRequestStatus::Ok => println!("IAS attestation report verification succeded."), + _ => error!("IAS attestation report verification failed"), + } } } From 74c7597b6ce344ee4ba22b02fd99ab1fbe1c0349 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Mon, 13 Mar 2023 13:28:13 +0100 Subject: [PATCH 11/20] clippy: fix needless borrow --- cli/src/attesteer/commands/send_dcap_quote.rs | 2 +- cli/src/attesteer/commands/send_ias_attestation.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cli/src/attesteer/commands/send_dcap_quote.rs b/cli/src/attesteer/commands/send_dcap_quote.rs index 1493fbae86..28ea246db5 100644 --- a/cli/src/attesteer/commands/send_dcap_quote.rs +++ b/cli/src/attesteer/commands/send_dcap_quote.rs @@ -32,7 +32,7 @@ pub struct SendDCAPQuoteCmd { impl SendDCAPQuoteCmd { pub fn run(&self, cli: &Cli) { - let direct_api = get_worker_api_direct(&cli); + let direct_api = get_worker_api_direct(cli); let hex_encoded_quote = read_to_string(&self.quote) .map_err(|e| error!("Opening hex encoded DCAP quote file failed: {:#?}", e)) .unwrap(); diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs index 9b83f755a3..4b09f54024 100644 --- a/cli/src/attesteer/commands/send_ias_attestation.rs +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -33,7 +33,7 @@ pub struct SendIASAttestationReportCmd { impl SendIASAttestationReportCmd { pub fn run(&self, cli: &Cli) { - let direct_api = get_worker_api_direct(&cli); + let direct_api = get_worker_api_direct(cli); let hex_encoded_report = read_to_string(&self.report) .map_err(|e| error!("Opening hex encoded IAS attestation report file failed: {:#?}", e)) .unwrap(); From 376dc0bf6f39681923ed6699530b0c6cc574b670 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Mon, 13 Mar 2023 14:01:29 +0100 Subject: [PATCH 12/20] rename: match substrate convention for RPC method names --- cli/src/attesteer/commands/send_dcap_quote.rs | 2 +- cli/src/attesteer/commands/send_ias_attestation.rs | 2 +- enclave-runtime/src/rpc/worker_api_direct.rs | 5 +++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/cli/src/attesteer/commands/send_dcap_quote.rs b/cli/src/attesteer/commands/send_dcap_quote.rs index 28ea246db5..0d3ee481be 100644 --- a/cli/src/attesteer/commands/send_dcap_quote.rs +++ b/cli/src/attesteer/commands/send_dcap_quote.rs @@ -37,7 +37,7 @@ impl SendDCAPQuoteCmd { .map_err(|e| error!("Opening hex encoded DCAP quote file failed: {:#?}", e)) .unwrap(); - let rpc_method = "attesteer_forward_dcap_quote".to_owned(); + let rpc_method = "attesteer_callForwardDCAPQuote".to_owned(); let jsonrpc_call: String = RpcRequest::compose_jsonrpc_call(rpc_method, vec![hex_encoded_quote]).unwrap(); diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs index 4b09f54024..336ef8da11 100644 --- a/cli/src/attesteer/commands/send_ias_attestation.rs +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -40,7 +40,7 @@ impl SendIASAttestationReportCmd { //let request = Request { shard, cyphertext: hex_encoded_quote.to_vec() }; - let rpc_method = "attesteer_forward_ias_attestation_report".to_owned(); + let rpc_method = "attesteer_callForwardIASAttestationReport".to_owned(); let jsonrpc_call: String = RpcRequest::compose_jsonrpc_call(rpc_method, vec![hex_encoded_report]).unwrap(); diff --git a/enclave-runtime/src/rpc/worker_api_direct.rs b/enclave-runtime/src/rpc/worker_api_direct.rs index 186d63f679..22f25d464b 100644 --- a/enclave-runtime/src/rpc/worker_api_direct.rs +++ b/enclave-runtime/src/rpc/worker_api_direct.rs @@ -149,7 +149,7 @@ where }); // attesteer_forward_dcap_quote - let attesteer_forward_dcap_quote: &str = "attesteer_forward_dcap_quote"; + let attesteer_forward_dcap_quote: &str = "attesteer_callForwardDCAPQuote"; io.add_sync_method(attesteer_forward_dcap_quote, move |params: Params| { let json_value = match forward_dcap_quote_inner(params) { Ok(val) => RpcReturnValue { @@ -165,7 +165,8 @@ where }); // attesteer_forward_ias_attestation_report - let attesteer_forward_ias_attestation_report: &str = "attesteer_forward_ias_attestation_report"; + let attesteer_forward_ias_attestation_report: &str = + "attesteer_callForwardIASAttestationReport"; io.add_sync_method(attesteer_forward_ias_attestation_report, move |params: Params| { let json_value = match attesteer_forward_ias_attestation_report_inner(params) { Ok(val) => RpcReturnValue { From ac5fcc54df781939bd2a6e8b5322aadac0a6e1b0 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Mon, 13 Mar 2023 17:02:12 +0100 Subject: [PATCH 13/20] rename: SendDCAPQuoteCmd -> SendDcapQuoteCmd --- cli/src/attesteer/commands/mod.rs | 2 +- cli/src/attesteer/commands/send_dcap_quote.rs | 4 ++-- cli/src/attesteer/mod.rs | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cli/src/attesteer/commands/mod.rs b/cli/src/attesteer/commands/mod.rs index 77d4bd9308..e4596d9b7c 100644 --- a/cli/src/attesteer/commands/mod.rs +++ b/cli/src/attesteer/commands/mod.rs @@ -19,5 +19,5 @@ mod send_dcap_quote; mod send_ias_attestation; pub use self::{ - send_dcap_quote::SendDCAPQuoteCmd, send_ias_attestation::SendIASAttestationReportCmd, + send_dcap_quote::SendDcapQuoteCmd, send_ias_attestation::SendIASAttestationReportCmd, }; diff --git a/cli/src/attesteer/commands/send_dcap_quote.rs b/cli/src/attesteer/commands/send_dcap_quote.rs index 0d3ee481be..3af575d9d2 100644 --- a/cli/src/attesteer/commands/send_dcap_quote.rs +++ b/cli/src/attesteer/commands/send_dcap_quote.rs @@ -25,12 +25,12 @@ use std::fs::read_to_string; /// Forward DCAP quote for verification. #[derive(Debug, Clone, Parser)] -pub struct SendDCAPQuoteCmd { +pub struct SendDcapQuoteCmd { /// Hex encoded DCAP quote filename. quote: String, } -impl SendDCAPQuoteCmd { +impl SendDcapQuoteCmd { pub fn run(&self, cli: &Cli) { let direct_api = get_worker_api_direct(cli); let hex_encoded_quote = read_to_string(&self.quote) diff --git a/cli/src/attesteer/mod.rs b/cli/src/attesteer/mod.rs index 5ecd718344..3660f655a4 100644 --- a/cli/src/attesteer/mod.rs +++ b/cli/src/attesteer/mod.rs @@ -17,7 +17,7 @@ use crate::Cli; -use self::commands::{SendDCAPQuoteCmd, SendIASAttestationReportCmd}; +use self::commands::{SendDcapQuoteCmd, SendIASAttestationReportCmd}; mod commands; @@ -25,7 +25,7 @@ mod commands; #[derive(Debug, clap::Subcommand)] pub enum AttesteerCommand { /// Forward DCAP quote for verification. - SendDCAPQuote(SendDCAPQuoteCmd), + SendDCAPQuote(SendDcapQuoteCmd), /// Forward IAS attestation report for verification. SendIASAttestationReport(SendIASAttestationReportCmd), From 43aa983e6d97bd5274ffa160cc3f95c0c986118e Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Mon, 13 Mar 2023 17:02:48 +0100 Subject: [PATCH 14/20] rename: SendIASAttestationReportCmd -> SendIasAttestationReportCmd --- cli/src/attesteer/commands/mod.rs | 2 +- cli/src/attesteer/commands/send_ias_attestation.rs | 4 ++-- cli/src/attesteer/mod.rs | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cli/src/attesteer/commands/mod.rs b/cli/src/attesteer/commands/mod.rs index e4596d9b7c..70119bf399 100644 --- a/cli/src/attesteer/commands/mod.rs +++ b/cli/src/attesteer/commands/mod.rs @@ -19,5 +19,5 @@ mod send_dcap_quote; mod send_ias_attestation; pub use self::{ - send_dcap_quote::SendDcapQuoteCmd, send_ias_attestation::SendIASAttestationReportCmd, + send_dcap_quote::SendDcapQuoteCmd, send_ias_attestation::SendIasAttestationReportCmd, }; diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs index 336ef8da11..c95fceebe6 100644 --- a/cli/src/attesteer/commands/send_ias_attestation.rs +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -26,12 +26,12 @@ use crate::{command_utils::get_worker_api_direct, Cli}; /// Forward IAS attestation report for verification. #[derive(Debug, Clone, Parser)] -pub struct SendIASAttestationReportCmd { +pub struct SendIasAttestationReportCmd { /// Hex encoded IAS attestation report filename. report: String, } -impl SendIASAttestationReportCmd { +impl SendIasAttestationReportCmd { pub fn run(&self, cli: &Cli) { let direct_api = get_worker_api_direct(cli); let hex_encoded_report = read_to_string(&self.report) diff --git a/cli/src/attesteer/mod.rs b/cli/src/attesteer/mod.rs index 3660f655a4..9f03c59065 100644 --- a/cli/src/attesteer/mod.rs +++ b/cli/src/attesteer/mod.rs @@ -17,7 +17,7 @@ use crate::Cli; -use self::commands::{SendDcapQuoteCmd, SendIASAttestationReportCmd}; +use self::commands::{SendDcapQuoteCmd, SendIasAttestationReportCmd}; mod commands; @@ -28,7 +28,7 @@ pub enum AttesteerCommand { SendDCAPQuote(SendDcapQuoteCmd), /// Forward IAS attestation report for verification. - SendIASAttestationReport(SendIASAttestationReportCmd), + SendIASAttestationReport(SendIasAttestationReportCmd), } impl AttesteerCommand { From 554eea93603dce9f6a6d02c33f7050d38061814b Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Mon, 13 Mar 2023 17:03:46 +0100 Subject: [PATCH 15/20] rename: attesteer_callForwardIASAttestationReport -> attesteer_ForwardIasAttestationReport --- cli/src/attesteer/commands/send_ias_attestation.rs | 2 +- enclave-runtime/src/rpc/worker_api_direct.rs | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs index c95fceebe6..6c3a97ec2e 100644 --- a/cli/src/attesteer/commands/send_ias_attestation.rs +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -40,7 +40,7 @@ impl SendIasAttestationReportCmd { //let request = Request { shard, cyphertext: hex_encoded_quote.to_vec() }; - let rpc_method = "attesteer_callForwardIASAttestationReport".to_owned(); + let rpc_method = "attesteer_ForwardIasAttestationReport".to_owned(); let jsonrpc_call: String = RpcRequest::compose_jsonrpc_call(rpc_method, vec![hex_encoded_report]).unwrap(); diff --git a/enclave-runtime/src/rpc/worker_api_direct.rs b/enclave-runtime/src/rpc/worker_api_direct.rs index 22f25d464b..8a9dd8dc0a 100644 --- a/enclave-runtime/src/rpc/worker_api_direct.rs +++ b/enclave-runtime/src/rpc/worker_api_direct.rs @@ -165,8 +165,7 @@ where }); // attesteer_forward_ias_attestation_report - let attesteer_forward_ias_attestation_report: &str = - "attesteer_callForwardIASAttestationReport"; + let attesteer_forward_ias_attestation_report: &str = "attesteer_ForwardIasAttestationReport"; io.add_sync_method(attesteer_forward_ias_attestation_report, move |params: Params| { let json_value = match attesteer_forward_ias_attestation_report_inner(params) { Ok(val) => RpcReturnValue { From a7e5f80ff4dd15cdb50a3aba41015ed0c33bde48 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Mon, 13 Mar 2023 17:04:43 +0100 Subject: [PATCH 16/20] rename: attesteer_callForwardDCAPQuote -> attesteer_ForwardDcapQuote --- cli/src/attesteer/commands/send_dcap_quote.rs | 2 +- enclave-runtime/src/rpc/worker_api_direct.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cli/src/attesteer/commands/send_dcap_quote.rs b/cli/src/attesteer/commands/send_dcap_quote.rs index 3af575d9d2..b844b65462 100644 --- a/cli/src/attesteer/commands/send_dcap_quote.rs +++ b/cli/src/attesteer/commands/send_dcap_quote.rs @@ -37,7 +37,7 @@ impl SendDcapQuoteCmd { .map_err(|e| error!("Opening hex encoded DCAP quote file failed: {:#?}", e)) .unwrap(); - let rpc_method = "attesteer_callForwardDCAPQuote".to_owned(); + let rpc_method = "attesteer_ForwardDcapQuote".to_owned(); let jsonrpc_call: String = RpcRequest::compose_jsonrpc_call(rpc_method, vec![hex_encoded_quote]).unwrap(); diff --git a/enclave-runtime/src/rpc/worker_api_direct.rs b/enclave-runtime/src/rpc/worker_api_direct.rs index 8a9dd8dc0a..ca80005814 100644 --- a/enclave-runtime/src/rpc/worker_api_direct.rs +++ b/enclave-runtime/src/rpc/worker_api_direct.rs @@ -149,7 +149,7 @@ where }); // attesteer_forward_dcap_quote - let attesteer_forward_dcap_quote: &str = "attesteer_callForwardDCAPQuote"; + let attesteer_forward_dcap_quote: &str = "attesteer_ForwardDcapQuote"; io.add_sync_method(attesteer_forward_dcap_quote, move |params: Params| { let json_value = match forward_dcap_quote_inner(params) { Ok(val) => RpcReturnValue { From e6cdaccd219dfeef75989bc120c902f483bec26b Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Tue, 14 Mar 2023 08:46:59 +0100 Subject: [PATCH 17/20] cli: refactor attesteer comamnds to use a neat match expressions --- cli/src/attesteer/commands/send_dcap_quote.rs | 19 ++++++++----------- .../commands/send_ias_attestation.rs | 19 ++++++++----------- 2 files changed, 16 insertions(+), 22 deletions(-) diff --git a/cli/src/attesteer/commands/send_dcap_quote.rs b/cli/src/attesteer/commands/send_dcap_quote.rs index b844b65462..137cdf5b1d 100644 --- a/cli/src/attesteer/commands/send_dcap_quote.rs +++ b/cli/src/attesteer/commands/send_dcap_quote.rs @@ -33,9 +33,10 @@ pub struct SendDcapQuoteCmd { impl SendDcapQuoteCmd { pub fn run(&self, cli: &Cli) { let direct_api = get_worker_api_direct(cli); - let hex_encoded_quote = read_to_string(&self.quote) - .map_err(|e| error!("Opening hex encoded DCAP quote file failed: {:#?}", e)) - .unwrap(); + let hex_encoded_quote = match read_to_string(&self.quote) { + Ok(hex_encoded_quote) => hex_encoded_quote, + Err(e) => panic!("Opening hex encoded DCAP quote file failed: {:#?}", e), + }; let rpc_method = "attesteer_ForwardDcapQuote".to_owned(); let jsonrpc_call: String = @@ -45,14 +46,10 @@ impl SendDcapQuoteCmd { // Decode RPC response. let rpc_response: RpcResponse = serde_json::from_str(&rpc_response_str).ok().unwrap(); - let rpc_return_value = RpcReturnValue::from_hex(&rpc_response.result) - // Replace with `inspect_err` once it's stable. - .map_err(|e| { - error!("Failed to decode RpcReturnValue: {:?}", e); - e - }) - .ok() - .unwrap(); + let rpc_return_value = match RpcReturnValue::from_hex(&rpc_response.result) { + Ok(rpc_return_value) => rpc_return_value, + Err(e) => panic!("Failed to decode RpcReturnValue: {:?}", e), + }; match rpc_return_value.status { DirectRequestStatus::Ok => println!("DCAP quote verification succeded."), diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs index 6c3a97ec2e..acd159ae98 100644 --- a/cli/src/attesteer/commands/send_ias_attestation.rs +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -34,9 +34,10 @@ pub struct SendIasAttestationReportCmd { impl SendIasAttestationReportCmd { pub fn run(&self, cli: &Cli) { let direct_api = get_worker_api_direct(cli); - let hex_encoded_report = read_to_string(&self.report) - .map_err(|e| error!("Opening hex encoded IAS attestation report file failed: {:#?}", e)) - .unwrap(); + let hex_encoded_report = match read_to_string(&self.report) { + Ok(hex_encoded_report) => hex_encoded_report, + Err(e) => panic!("Opening hex encoded IAS attestation report file failed: {:#?}", e), + }; //let request = Request { shard, cyphertext: hex_encoded_quote.to_vec() }; @@ -48,14 +49,10 @@ impl SendIasAttestationReportCmd { // Decode RPC response. let rpc_response: RpcResponse = serde_json::from_str(&rpc_response_str).ok().unwrap(); - let rpc_return_value = RpcReturnValue::from_hex(&rpc_response.result) - // Replace with `inspect_err` once it's stable. - .map_err(|e| { - error!("Failed to decode RpcReturnValue: {:?}", e); - e - }) - .ok() - .unwrap(); + let rpc_return_value = match RpcReturnValue::from_hex(&rpc_response.result) { + Ok(rpc_return_value) => rpc_return_value, + Err(e) => panic!("Failed to decode RpcReturnValue: {:?}", e), + }; match rpc_return_value.status { DirectRequestStatus::Ok => println!("IAS attestation report verification succeded."), From 6875baa0ff9c2793dc717f7447bdd70a909d7ef4 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Tue, 14 Mar 2023 09:09:12 +0100 Subject: [PATCH 18/20] cli: attesteer commands use let-else pattern --- cli/src/attesteer/commands/send_dcap_quote.rs | 4 +++- cli/src/attesteer/commands/send_ias_attestation.rs | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/cli/src/attesteer/commands/send_dcap_quote.rs b/cli/src/attesteer/commands/send_dcap_quote.rs index 137cdf5b1d..601a59f4cf 100644 --- a/cli/src/attesteer/commands/send_dcap_quote.rs +++ b/cli/src/attesteer/commands/send_dcap_quote.rs @@ -45,7 +45,9 @@ impl SendDcapQuoteCmd { let rpc_response_str = direct_api.get(&jsonrpc_call).unwrap(); // Decode RPC response. - let rpc_response: RpcResponse = serde_json::from_str(&rpc_response_str).ok().unwrap(); + let Ok(rpc_response) = serde_json::from_str::(&rpc_response_str) else { + panic!("Can't parse RPC response: '{rpc_response_str}'"); + }; let rpc_return_value = match RpcReturnValue::from_hex(&rpc_response.result) { Ok(rpc_return_value) => rpc_return_value, Err(e) => panic!("Failed to decode RpcReturnValue: {:?}", e), diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs index acd159ae98..e545f22a43 100644 --- a/cli/src/attesteer/commands/send_ias_attestation.rs +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -48,7 +48,9 @@ impl SendIasAttestationReportCmd { let rpc_response_str = direct_api.get(&jsonrpc_call).unwrap(); // Decode RPC response. - let rpc_response: RpcResponse = serde_json::from_str(&rpc_response_str).ok().unwrap(); + let Ok(rpc_response) = serde_json::from_str::(&rpc_response_str) else { + panic!("Can't parse RPC response: '{rpc_response_str}'"); + }; let rpc_return_value = match RpcReturnValue::from_hex(&rpc_response.result) { Ok(rpc_return_value) => rpc_return_value, Err(e) => panic!("Failed to decode RpcReturnValue: {:?}", e), From c92056114ac74e998616387c62196b1773bd9241 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Tue, 14 Mar 2023 14:29:08 +0100 Subject: [PATCH 19/20] cli: attesteer commands send to chain --- .../commands/send_ias_attestation.rs | 2 +- enclave-runtime/src/rpc/worker_api_direct.rs | 44 +++++++++++++++---- 2 files changed, 36 insertions(+), 10 deletions(-) diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs index e545f22a43..190aea5034 100644 --- a/cli/src/attesteer/commands/send_ias_attestation.rs +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -19,7 +19,7 @@ use itc_rpc_client::direct_client::DirectApi; use itp_rpc::{RpcRequest, RpcResponse, RpcReturnValue}; use itp_types::DirectRequestStatus; use itp_utils::FromHexPrefixed; -use log::error; +use log::*; use std::fs::read_to_string; use crate::{command_utils::get_worker_api_direct, Cli}; diff --git a/enclave-runtime/src/rpc/worker_api_direct.rs b/enclave-runtime/src/rpc/worker_api_direct.rs index ca80005814..9b0f84847c 100644 --- a/enclave-runtime/src/rpc/worker_api_direct.rs +++ b/enclave-runtime/src/rpc/worker_api_direct.rs @@ -15,13 +15,17 @@ */ -use crate::attestation::{ - generate_dcap_ra_extrinsic_from_quote_internal, - generate_ias_ra_extrinsic_from_der_cert_internal, +use crate::{ + attestation::{ + generate_dcap_ra_extrinsic_from_quote_internal, + generate_ias_ra_extrinsic_from_der_cert_internal, + }, + utils::get_validator_accessor_from_solo_or_parachain, }; use codec::Encode; use core::result::Result; use ita_sgx_runtime::Runtime; +use itc_parentchain::light_client::{concurrent_access::ValidatorAccess, ExtrinsicSender}; use itp_primitives_cache::{GetPrimitives, GLOBAL_PRIMITIVES_CACHE}; use itp_rpc::RpcReturnValue; use itp_sgx_crypto::Rsa3072Seal; @@ -232,15 +236,26 @@ fn execute_getter_inner( fn forward_dcap_quote_inner(params: Params) -> Result { let hex_encoded_params = params.parse::>().map_err(|e| format!("{:?}", e))?; - let request = - Request::from_hex(&hex_encoded_params[0].clone()).map_err(|e| format!("{:?}", e))?; + if hex_encoded_params.len() != 1 { + return Err(format!( + "Wrong number of arguments for IAS attestation report forwarding: {}, expected: {}", + hex_encoded_params.len(), + 1 + )) + } - let encoded_quote_to_forward: Vec = request.cyphertext; + let encoded_quote_to_forward: Vec = + itp_utils::hex::decode_hex(&hex_encoded_params[0]).map_err(|e| format!("{:?}", e))?; let url = String::new(); let ext = generate_dcap_ra_extrinsic_from_quote_internal(url, &encoded_quote_to_forward) .map_err(|e| format!("{:?}", e))?; + let validator_access = get_validator_accessor_from_solo_or_parachain().unwrap(); + validator_access + .execute_mut_on_validator(|v| v.send_extrinsics(vec![ext.clone()])) + .unwrap(); + Ok(ext) } @@ -249,15 +264,26 @@ fn attesteer_forward_ias_attestation_report_inner( ) -> Result { let hex_encoded_params = params.parse::>().map_err(|e| format!("{:?}", e))?; - let request = - Request::from_hex(&hex_encoded_params[0].clone()).map_err(|e| format!("{:?}", e))?; + if hex_encoded_params.len() != 1 { + return Err(format!( + "Wrong number of arguments for IAS attestation report forwarding: {}, expected: {}", + hex_encoded_params.len(), + 1 + )) + } - let ias_attestation_report: Vec = request.cyphertext; + let ias_attestation_report = + itp_utils::hex::decode_hex(&hex_encoded_params[0]).map_err(|e| format!("{:?}", e))?; let url = String::new(); let ext = generate_ias_ra_extrinsic_from_der_cert_internal(url, &ias_attestation_report) .map_err(|e| format!("{:?}", e))?; + let validator_access = get_validator_accessor_from_solo_or_parachain().unwrap(); + validator_access + .execute_mut_on_validator(|v| v.send_extrinsics(vec![ext.clone()])) + .unwrap(); + Ok(ext) } From 5b94a6c55ac617c39a2aa94cee56f250378953c0 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Thu, 16 Mar 2023 08:14:20 +0100 Subject: [PATCH 20/20] rename: attesteer_Forward -> attesteer_forward --- cli/src/attesteer/commands/send_dcap_quote.rs | 2 +- cli/src/attesteer/commands/send_ias_attestation.rs | 2 +- enclave-runtime/src/rpc/worker_api_direct.rs | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cli/src/attesteer/commands/send_dcap_quote.rs b/cli/src/attesteer/commands/send_dcap_quote.rs index 601a59f4cf..bfba053d36 100644 --- a/cli/src/attesteer/commands/send_dcap_quote.rs +++ b/cli/src/attesteer/commands/send_dcap_quote.rs @@ -38,7 +38,7 @@ impl SendDcapQuoteCmd { Err(e) => panic!("Opening hex encoded DCAP quote file failed: {:#?}", e), }; - let rpc_method = "attesteer_ForwardDcapQuote".to_owned(); + let rpc_method = "attesteer_forwardDcapQuote".to_owned(); let jsonrpc_call: String = RpcRequest::compose_jsonrpc_call(rpc_method, vec![hex_encoded_quote]).unwrap(); diff --git a/cli/src/attesteer/commands/send_ias_attestation.rs b/cli/src/attesteer/commands/send_ias_attestation.rs index 190aea5034..ba242a995f 100644 --- a/cli/src/attesteer/commands/send_ias_attestation.rs +++ b/cli/src/attesteer/commands/send_ias_attestation.rs @@ -41,7 +41,7 @@ impl SendIasAttestationReportCmd { //let request = Request { shard, cyphertext: hex_encoded_quote.to_vec() }; - let rpc_method = "attesteer_ForwardIasAttestationReport".to_owned(); + let rpc_method = "attesteer_forwardIasAttestationReport".to_owned(); let jsonrpc_call: String = RpcRequest::compose_jsonrpc_call(rpc_method, vec![hex_encoded_report]).unwrap(); diff --git a/enclave-runtime/src/rpc/worker_api_direct.rs b/enclave-runtime/src/rpc/worker_api_direct.rs index 9b0f84847c..9a1624ba89 100644 --- a/enclave-runtime/src/rpc/worker_api_direct.rs +++ b/enclave-runtime/src/rpc/worker_api_direct.rs @@ -153,7 +153,7 @@ where }); // attesteer_forward_dcap_quote - let attesteer_forward_dcap_quote: &str = "attesteer_ForwardDcapQuote"; + let attesteer_forward_dcap_quote: &str = "attesteer_forwardDcapQuote"; io.add_sync_method(attesteer_forward_dcap_quote, move |params: Params| { let json_value = match forward_dcap_quote_inner(params) { Ok(val) => RpcReturnValue { @@ -169,7 +169,7 @@ where }); // attesteer_forward_ias_attestation_report - let attesteer_forward_ias_attestation_report: &str = "attesteer_ForwardIasAttestationReport"; + let attesteer_forward_ias_attestation_report: &str = "attesteer_forwardIasAttestationReport"; io.add_sync_method(attesteer_forward_ias_attestation_report, move |params: Params| { let json_value = match attesteer_forward_ias_attestation_report_inner(params) { Ok(val) => RpcReturnValue {