update local store + execute contract
This commit is contained in:
parent
b1b6272fdb
commit
5cea6489e1
5 changed files with 77 additions and 33 deletions
5
Cargo.lock
generated
5
Cargo.lock
generated
|
|
@ -5708,10 +5708,14 @@ name = "tcbinfo-updater"
|
|||
version = "0.1.0"
|
||||
dependencies = [
|
||||
"bincode",
|
||||
"cosmrs",
|
||||
"cw-client",
|
||||
"quartz-tcbinfo-msgs 0.1.0",
|
||||
"quoted-string",
|
||||
"reqwest 0.12.8",
|
||||
"serde_json",
|
||||
"tendermint",
|
||||
"tokio",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
|
@ -6018,6 +6022,7 @@ dependencies = [
|
|||
"bytes",
|
||||
"libc",
|
||||
"mio 1.0.2",
|
||||
"parking_lot",
|
||||
"pin-project-lite",
|
||||
"signal-hook-registry",
|
||||
"socket2",
|
||||
|
|
|
|||
|
|
@ -14,4 +14,8 @@ quoted-string = "0.6.1"
|
|||
reqwest.workspace = true
|
||||
serde_json.workspace = true
|
||||
cw-client = { path = "../cw-client", default-features = false }
|
||||
bincode = {version = "1.3.3"}
|
||||
bincode = {version = "1.3.3"}
|
||||
quartz-tcbinfo-msgs = {path = "../../contracts/tcbinfo/msgs"}
|
||||
tendermint.workspace = true
|
||||
cosmrs.workspace = true
|
||||
tokio = {version = "1", features = ["full"]}
|
||||
|
|
@ -2,15 +2,30 @@ use quoted_string::strip_dquotes;
|
|||
use serde_json::Value;
|
||||
use std::collections::HashMap;
|
||||
use std::fs;
|
||||
use cw_client::CliClient;
|
||||
use cw_client::{CliClient, CwClient};
|
||||
use reqwest::Url;
|
||||
use quartz_tcbinfo_msgs::ExecuteMsg;
|
||||
type TcbInfo = Value;
|
||||
type Fmspc = String;
|
||||
type Update = String;
|
||||
|
||||
|
||||
const TCB_SIGNER: &str = include_str!("../tcb_signer.pem");
|
||||
|
||||
struct ExecMsg {
|
||||
msg: ExecuteMsg
|
||||
}
|
||||
|
||||
impl ToString for ExecMsg {
|
||||
fn to_string (&self) -> String {
|
||||
format!("\"tcb_info\": {0}, \"certificate\": {1}", self.msg.tcb_info, self.msg.certificate)
|
||||
}
|
||||
}
|
||||
|
||||
fn get_tcbinfo(fmspc: Fmspc, update: Update) -> Value {
|
||||
let url = format!("https://api.trustedservices.intel.com/sgx/certification/v4/tcb?fmspc={fmspc}&update={update}");
|
||||
println!("{url}");
|
||||
let body: String = reqwest::blocking::get(url)
|
||||
|
||||
.expect("url retrieval failed")
|
||||
.text()
|
||||
.expect("could not read https response");
|
||||
|
|
@ -21,9 +36,9 @@ fn get_tcbinfo(fmspc: Fmspc, update: Update) -> Value {
|
|||
fn get_fmspc_list() -> Vec<Fmspc> {
|
||||
let body: String =
|
||||
reqwest::blocking::get("https://api.trustedservices.intel.com/sgx/certification/v4/fmspcs")
|
||||
.expect("url retrieval failed")
|
||||
.text()
|
||||
.expect("could not read https response");
|
||||
.expect("url retrieval failed")
|
||||
.text()
|
||||
.expect("could not read https response");
|
||||
let fmspc_data: Vec<Value> = serde_json::from_str(&body).expect("could not convert to JSON");
|
||||
let mut fmspc_list: Vec<Fmspc> = Vec::new();
|
||||
for item in fmspc_data.iter() {
|
||||
|
|
@ -34,45 +49,48 @@ fn get_fmspc_list() -> Vec<Fmspc> {
|
|||
fmspc_list
|
||||
}
|
||||
|
||||
fn init_database(update: &'static str) -> Result<(), &'static str> {
|
||||
if !(update == "early" || update == "standard") {
|
||||
return Err("invalid update argument");
|
||||
}
|
||||
let mut store: HashMap<Fmspc, TcbInfo> = HashMap::new();
|
||||
let fmspc_list = get_fmspc_list();
|
||||
for fmspc in fmspc_list {
|
||||
store.insert(fmspc.clone(), get_tcbinfo(fmspc, update.to_string()));
|
||||
}
|
||||
let serialized = serde_json::to_string(&store).unwrap();
|
||||
let path = format!("../{update}");
|
||||
fs::write(path, serialized).expect("Unable to write file");
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn main() {
|
||||
let data = fs::read_to_string("../standard").expect("Unable to read file");
|
||||
let store: HashMap<Fmspc, TcbInfo> = serde_json::from_str(&data).unwrap();
|
||||
fn upsert_tcbinfo() -> Result<(), &'static str> {
|
||||
let data = fs::read_to_string("./standard").expect("Unable to read file");
|
||||
let mut store: HashMap<Fmspc, TcbInfo> = serde_json::from_str(&data).unwrap();
|
||||
|
||||
let fmspc_list = get_fmspc_list();
|
||||
for fmspc in fmspc_list {
|
||||
let tcbinfo = get_tcbinfo(fmspc.clone(), "standard".to_string());
|
||||
let store_entry = &store[&fmspc];
|
||||
if *store_entry != tcbinfo {
|
||||
println!("updating {fmspc}");
|
||||
let testnet = "https://rpc-falcron.pion-1.ntrn.tech";
|
||||
let contract_address = "neutron1r4m59786vmxrx866585ze5ugjx9egcyja0nuxhn2y6d7ht6680sspa89zk";
|
||||
let chain_id = tendermint::chain::id("pion-1");
|
||||
println!("updating local TCBInfo for FMSPC: {fmspc}");
|
||||
store.insert(fmspc.clone(), tcbinfo.clone());
|
||||
println!("updating on-chain TCBInfo for FMSPC: {fmspc}");
|
||||
let testnet = Url::parse("https://rpc-falcron.pion-1.ntrn.tech").expect("couldn't parse network URL");
|
||||
let contract_address = cosmrs::AccountId::new("neutrontcbinfo", "neutron1r4m59786vmxrx866585ze5ugjx9egcyja0nuxhn2y6d7ht6680sspa89zk".as_bytes()).expect("failed to parse contract address");
|
||||
let chain_id = tendermint::chain::id::Id::try_from("pion-1").expect("invalid chain id");
|
||||
let sender = "ajinkya";
|
||||
let client = CliClient::neutrond(testnet);
|
||||
let tx_hash = client.tx_execute(&contract_address, , );
|
||||
let execute_msg = ExecMsg { msg: ExecuteMsg {
|
||||
tcb_info: tcbinfo.to_string(),
|
||||
certificate: TCB_SIGNER.to_string(),
|
||||
time: None,
|
||||
}};
|
||||
// if let Err(e) =
|
||||
let _ = client.tx_execute(&contract_address, &chain_id, 200000, &sender, execute_msg, "200000untrn");
|
||||
// {
|
||||
// eprintln!("Error: {}", e);
|
||||
// }
|
||||
println!("done");
|
||||
}
|
||||
else {
|
||||
println!("{fmspc} data up to date")
|
||||
println!("TCBInfo for FMSPC: {fmspc} up to date")
|
||||
}
|
||||
}
|
||||
// let _ = init_database("standard");
|
||||
|
||||
println!("ok")
|
||||
let serialized = serde_json::to_string(&store).unwrap();
|
||||
fs::write("./standard", serialized).expect("Unable to write file");
|
||||
|
||||
Ok(())
|
||||
// }
|
||||
// }
|
||||
}
|
||||
|
||||
// #[tokio::main]
|
||||
pub fn main() {
|
||||
upsert_tcbinfo().expect("TCBInfo update failed");
|
||||
}
|
||||
|
|
|
|||
1
crates/utils/tcbinfo-updater/standard
Normal file
1
crates/utils/tcbinfo-updater/standard
Normal file
File diff suppressed because one or more lines are too long
16
crates/utils/tcbinfo-updater/tcb_signer.pem
Normal file
16
crates/utils/tcbinfo-updater/tcb_signer.pem
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIICizCCAjKgAwIBAgIUfjiC1ftVKUpASY5FhAPpFJG99FUwCgYIKoZIzj0EAwIw
|
||||
aDEaMBgGA1UEAwwRSW50ZWwgU0dYIFJvb3QgQ0ExGjAYBgNVBAoMEUludGVsIENv
|
||||
cnBvcmF0aW9uMRQwEgYDVQQHDAtTYW50YSBDbGFyYTELMAkGA1UECAwCQ0ExCzAJ
|
||||
BgNVBAYTAlVTMB4XDTE4MDUyMTEwNTAxMFoXDTI1MDUyMTEwNTAxMFowbDEeMBwG
|
||||
A1UEAwwVSW50ZWwgU0dYIFRDQiBTaWduaW5nMRowGAYDVQQKDBFJbnRlbCBDb3Jw
|
||||
b3JhdGlvbjEUMBIGA1UEBwwLU2FudGEgQ2xhcmExCzAJBgNVBAgMAkNBMQswCQYD
|
||||
VQQGEwJVUzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABENFG8xzydWRfK92bmGv
|
||||
P+mAh91PEyV7Jh6FGJd5ndE9aBH7R3E4A7ubrlh/zN3C4xvpoouGlirMba+W2lju
|
||||
ypajgbUwgbIwHwYDVR0jBBgwFoAUImUM1lqdNInzg7SVUr9QGzknBqwwUgYDVR0f
|
||||
BEswSTBHoEWgQ4ZBaHR0cHM6Ly9jZXJ0aWZpY2F0ZXMudHJ1c3RlZHNlcnZpY2Vz
|
||||
LmludGVsLmNvbS9JbnRlbFNHWFJvb3RDQS5kZXIwHQYDVR0OBBYEFH44gtX7VSlK
|
||||
QEmORYQD6RSRvfRVMA4GA1UdDwEB/wQEAwIGwDAMBgNVHRMBAf8EAjAAMAoGCCqG
|
||||
SM49BAMCA0cAMEQCIB9C8wOAN/ImxDtGACV246KcqjagZOR0kyctyBrsGGJVAiAj
|
||||
ftbrNGsGU8YH211dRiYNoPPu19Zp/ze8JmhujB0oBw==
|
||||
-----END CERTIFICATE-----
|
||||
Loading…
Reference in a new issue