Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: intel sgx attestation #630

Merged
merged 14 commits into from
Oct 28, 2024
Merged

feat: intel sgx attestation #630

merged 14 commits into from
Oct 28, 2024

Conversation

maceip
Copy link
Collaborator

@maceip maceip commented Oct 9, 2024

sgx signed quote with notary-server pub key used as report-data

@maceip maceip requested a review from yuroitaki October 9, 2024 09:56
Copy link

codecov bot commented Oct 9, 2024

Codecov Report

Attention: Patch coverage is 46.98795% with 44 lines in your changes missing coverage. Please review.

Project coverage is 54.53%. Comparing base (30e4e37) to head (3d92843).
Report is 15 commits behind head on dev.

Files with missing lines Patch % Lines
crates/notary/server/src/tee.rs 46.15% 42 Missing ⚠️
crates/notary/server/src/server.rs 60.00% 2 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##              dev     #630      +/-   ##
==========================================
- Coverage   54.55%   54.53%   -0.03%     
==========================================
  Files         192      193       +1     
  Lines       20518    20599      +81     
==========================================
+ Hits        11194    11233      +39     
- Misses       9324     9366      +42     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

crates/notary/server/build.rs Outdated Show resolved Hide resolved
crates/notary/server/build.rs Outdated Show resolved Hide resolved
crates/notary/server/src/tee.rs Outdated Show resolved Hide resolved
crates/notary/server/src/tee.rs Outdated Show resolved Hide resolved
crates/notary/server/src/tee.rs Outdated Show resolved Hide resolved
crates/notary/server/tee/Dockerfile Outdated Show resolved Hide resolved
@maceip maceip closed this Oct 9, 2024
@maceip maceip reopened this Oct 9, 2024
maceip and others added 4 commits October 9, 2024 14:57
Co-authored-by: yuroitaki <25913766+yuroitaki@users.noreply.github.com>
Co-authored-by: yuroitaki <25913766+yuroitaki@users.noreply.github.com>
Copy link
Member

@yuroitaki yuroitaki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👯‍♂️

@yuroitaki
Copy link
Member

@sinui0 i've reviewed this but thought you should check this out too since you been reviewing notary server code - but no rush you can do it whenever you're free - if needed we can merge this first and address your reviews if there is any later. Thoughts? cc. @maceip

@maceip
Copy link
Collaborator Author

maceip commented Oct 10, 2024

@sinui0 i've reviewed this but thought you should check this out too since you been reviewing notary server code - but no rush you can do it whenever you're free - if needed we can merge this first and address your reviews if there is any later. Thoughts? cc. @maceip

👴

Copy link
Member

@sinui0 sinui0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm modulo a couple nits

crates/notary/server/src/server.rs Outdated Show resolved Hide resolved
crates/notary/server/src/tee.rs Outdated Show resolved Hide resolved
}
}

static PUBLIC_KEY: OnceCell<PublicKey> = OnceCell::new();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this needed?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sinui0 i wanted to make it explicit that the key can only be set once. so if someone figured out a way to exec the calling function again it couldnt be reset. not sure if thats possible or even if oncecell is the right way to do it

@maceip maceip merged commit d157325 into dev Oct 28, 2024
6 of 8 checks passed
@maceip maceip deleted the notary-server-sgx branch October 30, 2024 00:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants