WIP
This commit is contained in:
parent
29c642d64c
commit
7fbbf0fcbb
1 changed files with 13 additions and 20 deletions
|
|
@ -46,16 +46,14 @@ async fn get_fmspc_list() -> Vec<Fmspc> {
|
|||
}
|
||||
|
||||
async fn upsert_tcbinfo() -> Result<(), &'static str> {
|
||||
|
||||
let mut store: HashMap<Fmspc, TcbInfo> = if Path::new("./standard").exists() {
|
||||
let data = fs::read_to_string("./standard").expect("Unable to read file");
|
||||
serde_json::from_str(&data).unwrap()
|
||||
}
|
||||
else {
|
||||
serde_json::from_str(&data).unwrap()
|
||||
} else {
|
||||
fs::File::create("./standard").expect("couldn't create file");
|
||||
HashMap::new()
|
||||
HashMap::new()
|
||||
};
|
||||
|
||||
|
||||
let certificate = TCB_SIGNER.to_string();
|
||||
let parsed_certificate =
|
||||
Certificate::from_pem(certificate.clone()).expect("failed to parse PEM");
|
||||
|
|
@ -68,16 +66,16 @@ async fn upsert_tcbinfo() -> Result<(), &'static str> {
|
|||
.as_bytes()
|
||||
.expect("Failed to parse public key"),
|
||||
)
|
||||
.expect("Failed to decode public key");
|
||||
.expect("Failed to decode public key");
|
||||
|
||||
for fmspc in fmspc_list {
|
||||
let tcbinfo = get_tcbinfo(fmspc.clone(), "standard".to_string()).await;
|
||||
assert!(verify_signature(tcbinfo.clone(), key));
|
||||
let store_entry = if store.contains_key(&fmspc)
|
||||
{
|
||||
let store_entry = if store.contains_key(&fmspc) {
|
||||
&store[&fmspc]
|
||||
}
|
||||
else {""};
|
||||
} else {
|
||||
""
|
||||
};
|
||||
if *store_entry != tcbinfo {
|
||||
println!("updating local TCBInfo for FMSPC: {fmspc}");
|
||||
store.insert(fmspc.clone(), tcbinfo.clone());
|
||||
|
|
@ -100,8 +98,8 @@ async fn upsert_tcbinfo() -> Result<(), &'static str> {
|
|||
.tx_execute(
|
||||
&contract_address,
|
||||
&chain_id,
|
||||
400000,
|
||||
&sender,
|
||||
1000000,
|
||||
sender,
|
||||
json!(execute_msg),
|
||||
"11000untrn",
|
||||
)
|
||||
|
|
@ -114,19 +112,14 @@ async fn upsert_tcbinfo() -> Result<(), &'static str> {
|
|||
}
|
||||
let serialized = serde_json::to_string(&store).unwrap();
|
||||
fs::write("./standard", serialized).expect("Unable to write file");
|
||||
|
||||
Ok(())
|
||||
// }
|
||||
// }
|
||||
}
|
||||
|
||||
fn verify_signature(tcbinfo: String, key: VerifyingKey) -> bool {
|
||||
let signed_tcbinfo =
|
||||
SignedTcbInfo::try_from(tcbinfo.as_ref()).expect("tcbinfo string parsing failed");
|
||||
if let Err(_) = signed_tcbinfo
|
||||
.verify(Some(&key), None)
|
||||
{
|
||||
return false
|
||||
if signed_tcbinfo.verify(Some(&key), None).is_err() {
|
||||
return false;
|
||||
}
|
||||
true
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue