nologies/cycles-quartz
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

changed type of tcbinfo

Browse source
This commit is contained in:
Ajinkya Kulkarni 2024-12-04 20:48:38 +01:00
parent f2b6dbfadf
commit 91769c0114
1 changed files with 6 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
crates/utils/tcbinfo-updater/src/main.rs
View file

@ -9,14 +9,14 @@ use std::fs;
use cw_client::{CliClient, CwClient}; use cw_client::{CliClient, CwClient};
use reqwest::Url; use reqwest::Url;
use quartz_tcbinfo_msgs::ExecuteMsg; use quartz_tcbinfo_msgs::ExecuteMsg;
type TcbInfo = Value; type TcbInfo = String;
type Fmspc = String; type Fmspc = String;
type Update = String; type Update = String;
const TCB_SIGNER: &str = include_str!("../tcb_signer.pem"); const TCB_SIGNER: &str = include_str!("../tcb_signer.pem");
async fn get_tcbinfo(fmspc: Fmspc, update: Update) -> Value { async fn get_tcbinfo(fmspc: Fmspc, update: Update) -> String {
let url = format!("https://api.trustedservices.intel.com/sgx/certification/v4/tcb?fmspc={fmspc}&update={update}"); let url = format!("https://api.trustedservices.intel.com/sgx/certification/v4/tcb?fmspc={fmspc}&update={update}");
let body: String = reqwest::get(url) let body: String = reqwest::get(url)
.await .await
@ -25,8 +25,7 @@ async fn get_tcbinfo(fmspc: Fmspc, update: Update) -> Value {
.await .await
.expect("could not read https response"); .expect("could not read https response");
println!("{body}"); println!("{body}");
let tcbinfo: Value = serde_json::from_str(&body).expect("could not convert to JSON"); body
tcbinfo
} }
async fn get_fmspc_list() -> Vec<Fmspc> { async fn get_fmspc_list() -> Vec<Fmspc> {
@ -98,18 +97,11 @@ async fn upsert_tcbinfo() -> Result<(), &'static str> {
// } // }
} }
fn verify_signature (tcbinfo: Value, key: VerifyingKey) -> bool { fn verify_signature (tcbinfo: String, key: VerifyingKey) -> bool {
let tcbinfo_str = tcbinfo.as_str();
if let Some(st) = tcbinfo_str { let signed_tcbinfo = SignedTcbInfo::try_from(tcbinfo.as_ref()).expect("tcbinfo string parsing failed");
let signed_tcbinfo = SignedTcbInfo::try_from(st).expect("tcbinfo string parsing failed");
signed_tcbinfo.verify(Some(&key), None).expect("could not verify signature"); signed_tcbinfo.verify(Some(&key), None).expect("could not verify signature");
true true
}
else {
println!("{tcbinfo:?}");
false
}
} }
#[tokio::main] #[tokio::main]