nologies/cycles-quartz
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix(enclave): remove core build.rs and copy data files (#259)

Browse source
This commit is contained in:
Shoaib Ahmed 2024-10-17 12:43:50 +04:00 committed by GitHub
parent 023552c0e6
commit 811771f013
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 42 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Cargo.lock generated
View file

@ -4255,7 +4255,7 @@ dependencies = [
[[package]] [[package]]
name = "quartz-common" name = "quartz-common"
version = "0.1.0" version = "0.1.1"
dependencies = [ dependencies = [
"quartz-contract-core", "quartz-contract-core",
"quartz-enclave-core", "quartz-enclave-core",
@ -4334,7 +4334,7 @@ dependencies = [
[[package]] [[package]]
name = "quartz-enclave-core" name = "quartz-enclave-core"
version = "0.1.0" version = "0.1.1"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"async-trait", "async-trait",

2
Cargo.toml
View file

@ -129,7 +129,7 @@ quartz-cw-proof = { version = "0.1.0", path = "crates/enclave/cw-proof", default
quartz-common = { version = "0.1.0", path = "crates/common", default-features = false } quartz-common = { version = "0.1.0", path = "crates/common", default-features = false }
quartz-contract-core = { version = "0.1.0", path = "crates/contracts/core", default-features = false } quartz-contract-core = { version = "0.1.0", path = "crates/contracts/core", default-features = false }
quartz-dcap-verifier-msgs = { version = "0.1.0", path = "crates/contracts/dcap-verifier/msgs", default-features = false } quartz-dcap-verifier-msgs = { version = "0.1.0", path = "crates/contracts/dcap-verifier/msgs", default-features = false }
quartz-enclave-core = { version = "0.1.0", path = "crates/enclave/core", default-features = false } quartz-enclave-core = { version = "0.1.1", path = "crates/enclave/core", default-features = false }
quartz-proto = { version = "0.1.0", path = "crates/enclave/proto", default-features = false } quartz-proto = { version = "0.1.0", path = "crates/enclave/proto", default-features = false }
quartz-tee-ra = { version = "0.1.0", path = "crates/contracts/tee-ra", default-features = false } quartz-tee-ra = { version = "0.1.0", path = "crates/contracts/tee-ra", default-features = false }
quartz-tcbinfo = { version = "0.1.0", path = "crates/contracts/tcbinfo", default-features = false, features = [ quartz-tcbinfo = { version = "0.1.0", path = "crates/contracts/tcbinfo", default-features = false, features = [

2
crates/common/Cargo.toml
View file

@ -1,6 +1,6 @@
[package] [package]
name = "quartz-common" name = "quartz-common"
version.workspace = true version = "0.1.1"
authors.workspace = true authors.workspace = true
edition.workspace = true edition.workspace = true
rust-version.workspace = true rust-version.workspace = true

2
crates/enclave/core/Cargo.toml
View file

@ -1,6 +1,6 @@
[package] [package]
name = "quartz-enclave-core" name = "quartz-enclave-core"
version.workspace = true version = "0.1.1"
authors.workspace = true authors.workspace = true
edition.workspace = true edition.workspace = true
rust-version.workspace = true rust-version.workspace = true

24
crates/enclave/core/build.rs
View file

@ -1,24 +0,0 @@
use std::{env, fs, path::PathBuf};
fn main() {
let out_dir = PathBuf::from(env::var("OUT_DIR").unwrap());
let source_dir = PathBuf::from(env::var("CARGO_MANIFEST_DIR").unwrap())
.join("../../../crates/contracts/tee-ra/data");
fs::create_dir_all(&out_dir).unwrap();
let files_to_copy = [
"qe_identity.json",
"root_ca.pem",
"root_crl.der",
"tcb_signer.pem",
];
for file in &files_to_copy {
let source_path = source_dir.join(file);
let target_path = out_dir.join(file);
fs::copy(&source_path, &target_path)
.unwrap_or_else(|_| panic!("Failed to copy {:?}", source_path));
}
}

1
crates/enclave/core/data/qe_identity.json Normal file
View file

@ -0,0 +1 @@
{"enclaveIdentity":{"id":"QE","version":2,"issueDate":"2023-07-12T20:48:25Z","nextUpdate":"2023-08-11T20:48:25Z","tcbEvaluationDataNumber":15,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"8C4F5775D796503E96137F77C68A829A0056AC8DED70140B081B094490C57BFF","isvprodid":1,"tcbLevels":[{"tcb":{"isvsvn":8},"tcbDate":"2023-02-15T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":6},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00615"]},{"tcb":{"isvsvn":5},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00477","INTEL-SA-00615"]},{"tcb":{"isvsvn":4},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00334","INTEL-SA-00477","INTEL-SA-00615"]},{"tcb":{"isvsvn":2},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00219","INTEL-SA-00293","INTEL-SA-00334","INTEL-SA-00477","INTEL-SA-00615"]},{"tcb":{"isvsvn":1},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00202","INTEL-SA-00219","INTEL-SA-00293","INTEL-SA-00334","INTEL-SA-00477","INTEL-SA-00615"]}]},"signature":"953add69a564b80c43adb9c9dbc888da81aad8af240cd7dfd751f0209d262a71d9240603a528cb766e9fc3278722e59a43f2a2e43b55c776a7b48acbe8cd61a3"}

16
crates/enclave/core/data/root_ca.pem Normal file
View file

@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE-----
MIICjzCCAjSgAwIBAgIUImUM1lqdNInzg7SVUr9QGzknBqwwCgYIKoZIzj0EAwIw
aDEaMBgGA1UEAwwRSW50ZWwgU0dYIFJvb3QgQ0ExGjAYBgNVBAoMEUludGVsIENv
cnBvcmF0aW9uMRQwEgYDVQQHDAtTYW50YSBDbGFyYTELMAkGA1UECAwCQ0ExCzAJ
BgNVBAYTAlVTMB4XDTE4MDUyMTEwNDUxMFoXDTQ5MTIzMTIzNTk1OVowaDEaMBgG
A1UEAwwRSW50ZWwgU0dYIFJvb3QgQ0ExGjAYBgNVBAoMEUludGVsIENvcnBvcmF0
aW9uMRQwEgYDVQQHDAtTYW50YSBDbGFyYTELMAkGA1UECAwCQ0ExCzAJBgNVBAYT
AlVTMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEC6nEwMDIYZOj/iPWsCzaEKi7
1OiOSLRFhWGjbnBVJfVnkY4u3IjkDYYL0MxO4mqsyYjlBalTVYxFP2sJBK5zlKOB
uzCBuDAfBgNVHSMEGDAWgBQiZQzWWp00ifODtJVSv1AbOScGrDBSBgNVHR8ESzBJ
MEegRaBDhkFodHRwczovL2NlcnRpZmljYXRlcy50cnVzdGVkc2VydmljZXMuaW50
ZWwuY29tL0ludGVsU0dYUm9vdENBLmRlcjAdBgNVHQ4EFgQUImUM1lqdNInzg7SV
Ur9QGzknBqwwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwCgYI
KoZIzj0EAwIDSQAwRgIhAOW/5QkR+S9CiSDcNoowLuPRLsWGf/Yi7GSX94BgwTwg
AiEA4J0lrHoMs+Xo5o/sX6O9QWxHRAvZUGOdRQ7cvqRXaqI=
-----END CERTIFICATE-----

BIN
crates/enclave/core/data/root_crl.der Normal file
View file

Binary file not shown.

16
crates/enclave/core/data/tcb_signer.pem Normal file
View file

@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE-----
MIICizCCAjKgAwIBAgIUfjiC1ftVKUpASY5FhAPpFJG99FUwCgYIKoZIzj0EAwIw
aDEaMBgGA1UEAwwRSW50ZWwgU0dYIFJvb3QgQ0ExGjAYBgNVBAoMEUludGVsIENv
cnBvcmF0aW9uMRQwEgYDVQQHDAtTYW50YSBDbGFyYTELMAkGA1UECAwCQ0ExCzAJ
BgNVBAYTAlVTMB4XDTE4MDUyMTEwNTAxMFoXDTI1MDUyMTEwNTAxMFowbDEeMBwG
A1UEAwwVSW50ZWwgU0dYIFRDQiBTaWduaW5nMRowGAYDVQQKDBFJbnRlbCBDb3Jw
b3JhdGlvbjEUMBIGA1UEBwwLU2FudGEgQ2xhcmExCzAJBgNVBAgMAkNBMQswCQYD
VQQGEwJVUzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABENFG8xzydWRfK92bmGv
P+mAh91PEyV7Jh6FGJd5ndE9aBH7R3E4A7ubrlh/zN3C4xvpoouGlirMba+W2lju
ypajgbUwgbIwHwYDVR0jBBgwFoAUImUM1lqdNInzg7SVUr9QGzknBqwwUgYDVR0f
BEswSTBHoEWgQ4ZBaHR0cHM6Ly9jZXJ0aWZpY2F0ZXMudHJ1c3RlZHNlcnZpY2Vz
LmludGVsLmNvbS9JbnRlbFNHWFJvb3RDQS5kZXIwHQYDVR0OBBYEFH44gtX7VSlK
QEmORYQD6RSRvfRVMA4GA1UdDwEB/wQEAwIGwDAMBgNVHRMBAf8EAjAAMAoGCCqG
SM49BAMCA0cAMEQCIB9C8wOAN/ImxDtGACV246KcqjagZOR0kyctyBrsGGJVAiAj
ftbrNGsGU8YH211dRiYNoPPu19Zp/ze8JmhujB0oBw==
-----END CERTIFICATE-----

8
crates/enclave/core/src/attestor.rs
View file

@ -27,10 +27,10 @@ pub type DefaultAttestor = DcapAttestor;
#[cfg(feature = "mock-sgx")] #[cfg(feature = "mock-sgx")]
pub type DefaultAttestor = MockAttestor; pub type DefaultAttestor = MockAttestor;
const QE_IDENTITY_JSON: &str = include_str!(concat!(env!("OUT_DIR"), "/qe_identity.json")); const QE_IDENTITY_JSON: &str = include_str!("../data/qe_identity.json");
const ROOT_CA: &str = include_str!(concat!(env!("OUT_DIR"), "/root_ca.pem")); const ROOT_CA: &str = include_str!("../data/root_ca.pem");
const ROOT_CRL: &[u8] = include_bytes!(concat!(env!("OUT_DIR"), "/root_crl.der")); const ROOT_CRL: &[u8] = include_bytes!("../data/root_crl.der");
const TCB_SIGNER: &str = include_str!(concat!(env!("OUT_DIR"), "/tcb_signer.pem")); const TCB_SIGNER: &str = include_str!("../data/tcb_signer.pem");
/// The trait defines the interface for generating attestations from within an enclave. /// The trait defines the interface for generating attestations from within an enclave.
pub trait Attestor: Send + Sync + 'static { pub trait Attestor: Send + Sync + 'static {