nologies/cycles-quartz
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

WIP

Browse source
This commit is contained in:
Ajinkya Kulkarni 2024-12-05 12:26:03 +01:00
parent 29c642d64c
commit 7fbbf0fcbb
1 changed files with 13 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
crates/utils/tcbinfo-updater/src/main.rs
View file

@ -46,16 +46,14 @@ async fn get_fmspc_list() -> Vec<Fmspc> {
} }
async fn upsert_tcbinfo() -> Result<(), &'static str> { async fn upsert_tcbinfo() -> Result<(), &'static str> {
let mut store: HashMap<Fmspc, TcbInfo> = if Path::new("./standard").exists() { let mut store: HashMap<Fmspc, TcbInfo> = if Path::new("./standard").exists() {
let data = fs::read_to_string("./standard").expect("Unable to read file"); let data = fs::read_to_string("./standard").expect("Unable to read file");
serde_json::from_str(&data).unwrap() serde_json::from_str(&data).unwrap()
} } else {
else {
fs::File::create("./standard").expect("couldn't create file"); fs::File::create("./standard").expect("couldn't create file");
HashMap::new() HashMap::new()
}; };
let certificate = TCB_SIGNER.to_string(); let certificate = TCB_SIGNER.to_string();
let parsed_certificate = let parsed_certificate =
Certificate::from_pem(certificate.clone()).expect("failed to parse PEM"); Certificate::from_pem(certificate.clone()).expect("failed to parse PEM");
@ -68,16 +66,16 @@ async fn upsert_tcbinfo() -> Result<(), &'static str> {
.as_bytes() .as_bytes()
.expect("Failed to parse public key"), .expect("Failed to parse public key"),
) )
.expect("Failed to decode public key"); .expect("Failed to decode public key");
for fmspc in fmspc_list { for fmspc in fmspc_list {
let tcbinfo = get_tcbinfo(fmspc.clone(), "standard".to_string()).await; let tcbinfo = get_tcbinfo(fmspc.clone(), "standard".to_string()).await;
assert!(verify_signature(tcbinfo.clone(), key)); assert!(verify_signature(tcbinfo.clone(), key));
let store_entry = if store.contains_key(&fmspc) let store_entry = if store.contains_key(&fmspc) {
{
&store[&fmspc] &store[&fmspc]
} } else {
else {""}; ""
};
if *store_entry != tcbinfo { if *store_entry != tcbinfo {
println!("updating local TCBInfo for FMSPC: {fmspc}"); println!("updating local TCBInfo for FMSPC: {fmspc}");
store.insert(fmspc.clone(), tcbinfo.clone()); store.insert(fmspc.clone(), tcbinfo.clone());
@ -100,8 +98,8 @@ async fn upsert_tcbinfo() -> Result<(), &'static str> {
.tx_execute( .tx_execute(
&contract_address, &contract_address,
&chain_id, &chain_id,
400000, 1000000,
&sender, sender,
json!(execute_msg), json!(execute_msg),
"11000untrn", "11000untrn",
) )
@ -114,19 +112,14 @@ async fn upsert_tcbinfo() -> Result<(), &'static str> {
} }
let serialized = serde_json::to_string(&store).unwrap(); let serialized = serde_json::to_string(&store).unwrap();
fs::write("./standard", serialized).expect("Unable to write file"); fs::write("./standard", serialized).expect("Unable to write file");
Ok(()) Ok(())
// }
// }
} }
fn verify_signature(tcbinfo: String, key: VerifyingKey) -> bool { fn verify_signature(tcbinfo: String, key: VerifyingKey) -> bool {
let signed_tcbinfo = let signed_tcbinfo =
SignedTcbInfo::try_from(tcbinfo.as_ref()).expect("tcbinfo string parsing failed"); SignedTcbInfo::try_from(tcbinfo.as_ref()).expect("tcbinfo string parsing failed");
if let Err(_) = signed_tcbinfo if signed_tcbinfo.verify(Some(&key), None).is_err() {
.verify(Some(&key), None) return false;
{
return false
} }
true true
} }