fixing warnings WIP(3)

cosmwasm/enclaves/execute/src/registration/attestation.rs

@@ -1,4 +1,6 @@
+#[cfg(feature = "SGX_MODE_HW")]
 use core::mem;
+
 use enclave_crypto::KeyPair;
 use std::vec::Vec;
 
@@ -19,12 +21,14 @@ use sgx_tcrypto::rsgx_sha256_slice;
 
 use sgx_tcrypto::SgxEccHandle;
 
+#[cfg(feature = "SGX_MODE_HW")]
 use sgx_types::{
-    sgx_isv_svn_t, sgx_ql_qe_report_info_t, sgx_ql_qv_result_t, sgx_quote3_error_t,
-    sgx_quote_sign_type_t, sgx_quote_t, sgx_report_body_t, sgx_self_target, sgx_status_t,
+    sgx_isv_svn_t, sgx_ql_qe_report_info_t, sgx_quote3_error_t, sgx_quote_t, sgx_self_target,
     sgx_tvl_verify_qve_report_and_identity,
 };
 
+use sgx_types::{sgx_ql_qv_result_t, sgx_quote_sign_type_t, sgx_report_body_t, sgx_status_t};
+
 #[cfg(feature = "SGX_MODE_HW")]
 use sgx_types::{
     c_int, sgx_epid_group_id_t, sgx_quote_nonce_t, sgx_report_data_t, sgx_report_t, sgx_spid_t,
@@ -294,7 +298,7 @@ pub fn in_grace_period(timestamp: u64) -> bool {
 
 #[cfg(not(feature = "SGX_MODE_HW"))]
 pub fn get_mr_enclave() -> [u8; 32] {
-    let mut ret: [u8; 32] = [0; 32];
+    let ret: [u8; 32] = [0; 32];
     ret
 }
 
@@ -305,9 +309,9 @@ pub fn get_mr_enclave() -> [u8; 32] {
 
 #[cfg(not(feature = "SGX_MODE_HW"))]
 pub fn verify_quote_ecdsa(
-    vec_quote: &Vec<u8>,
-    vec_coll: &Vec<u8>,
-    time_s: i64,
+    _vec_quote: &[u8],
+    _vec_coll: &[u8],
+    _time_s: i64,
 ) -> Result<(sgx_report_body_t, sgx_ql_qv_result_t), sgx_status_t> {
     Err(sgx_status_t::SGX_ERROR_NO_DEVICE)
 }
@@ -409,6 +413,7 @@ pub fn verify_quote_ecdsa(
     Ok((report_body, qv_result))
 }
 
+#[cfg(feature = "SGX_MODE_HW")]
 fn test_sgx_call_res(
     res: sgx_status_t,
     retval: sgx_status_t,
@@ -421,11 +426,11 @@ fn test_sgx_call_res(
         return Err(retval);
     }
 
-    return Ok(sgx_status_t::SGX_SUCCESS);
+    Ok(sgx_status_t::SGX_SUCCESS)
 }
 
 #[cfg(not(feature = "SGX_MODE_HW"))]
-pub fn get_quote_ecdsa(pub_k: &[u8; 32]) -> Result<(Vec<u8>, Vec<u8>), sgx_status_t> {
+pub fn get_quote_ecdsa(_pub_k: &[u8; 32]) -> Result<(Vec<u8>, Vec<u8>), sgx_status_t> {
     Err(sgx_status_t::SGX_ERROR_NO_DEVICE)
 }
 

cosmwasm/enclaves/execute/src/registration/offchain.rs

@@ -365,24 +365,22 @@ unsafe fn ecall_get_attestation_report_epid(
     let api_key_slice = slice::from_raw_parts(api_key, api_key_len as usize);
 
     let (_private_key_der, cert) =
-        match create_attestation_certificate(&kp, SIGNATURE_TYPE, api_key_slice, None) {
+        match create_attestation_certificate(kp, SIGNATURE_TYPE, api_key_slice, None) {
             Err(e) => {
                 warn!("Error in create_attestation_certificate: {:?}", e);
                 return Err(e);
             }
             Ok(res) => res,
         };
 
-    if let Err(status) = write_to_untrusted(cert.as_slice(), ATTESTATION_CERT_PATH.as_str()) {
-        return Err(status);
-    }
+    write_to_untrusted(cert.as_slice(), ATTESTATION_CERT_PATH.as_str())?;
 
     #[cfg(feature = "SGX_MODE_HW")]
     {
         crate::registration::print_report::print_local_report_info(cert.as_slice());
     }
 
-    return Ok(cert);
+    Ok(cert)
 }
 
 unsafe fn ecall_get_attestation_report_dcap(
@@ -396,15 +394,11 @@ unsafe fn ecall_get_attestation_report_dcap(
         }
     };
 
-    if let Err(status) = write_to_untrusted(&vec_quote, ATTESTATION_DCAP_PATH.as_str()) {
-        return Err(status);
-    }
+    write_to_untrusted(&vec_quote, ATTESTATION_DCAP_PATH.as_str())?;
 
-    if let Err(status) = write_to_untrusted(&vec_coll, COLLATERAL_DCAP_PATH.as_str()) {
-        return Err(status);
-    }
+    write_to_untrusted(&vec_coll, COLLATERAL_DCAP_PATH.as_str())?;
 
-    return Ok((vec_quote, vec_coll));
+    Ok((vec_quote, vec_coll))
 }
 
 #[no_mangle]
@@ -441,7 +435,7 @@ pub unsafe extern "C" fn ecall_get_attestation_report(
             }
         };
 
-        f_out.write(&kp.get_pubkey().to_vec()).unwrap();
+        f_out.write_all(&kp.get_pubkey().as_ref()).unwrap();
     }
 
     let mut size_epid: u32 = 0;
@@ -467,9 +461,9 @@ pub unsafe extern "C" fn ecall_get_attestation_report(
         }
     };
 
-    f_out.write(&(size_epid as u32).to_le_bytes()).unwrap();
-    f_out.write(&(size_dcap_q as u32).to_le_bytes()).unwrap();
-    f_out.write(&(size_dcap_c as u32).to_le_bytes()).unwrap();
+    f_out.write_all(&size_epid.to_le_bytes()).unwrap();
+    f_out.write_all(&size_dcap_q.to_le_bytes()).unwrap();
+    f_out.write_all(&size_dcap_c.to_le_bytes()).unwrap();
 
     if let Ok(ref vec_cert) = res_epid {
         f_out.write_all(vec_cert.as_slice()).unwrap();

cosmwasm/enclaves/execute/src/registration/onchain.rs

@@ -6,9 +6,9 @@ use std::panic;
 
 use enclave_ffi_types::NodeAuthResult;
 
-use crate::registration::seed_exchange::SeedType;
 use crate::registration::attestation::verify_quote_ecdsa;
 use crate::registration::cert::verify_ra_report;
+use crate::registration::seed_exchange::SeedType;
 
 use enclave_crypto::consts::OUTPUT_ENCRYPTED_SEED_SIZE;
 use enclave_crypto::PUBLIC_KEY_SIZE;
@@ -33,50 +33,42 @@ use enclave_contract_engine::check_cert_in_current_block;
 use block_verifier::VERIFIED_BLOCK_MESSAGES;
 
 #[cfg(feature = "light-client-validation")]
-fn get_current_block_time_s() -> i64
-{
+fn get_current_block_time_s() -> i64 {
     let verified_msgs = VERIFIED_BLOCK_MESSAGES.lock().unwrap();
     let tm_ns = verified_msgs.time();
-    return (tm_ns / 1000000000) as i64;
+    (tm_ns / 1000000000) as i64
 }
 
 #[cfg(not(feature = "light-client-validation"))]
-fn get_current_block_time_s() -> i64
-{
+fn get_current_block_time_s() -> i64 {
     return 0 as i64;
 }
 
-fn split_combined_cert(
-    cert: *const u8,
-    cert_len: u32,
-) -> (Vec<u8>, Vec<u8>, Vec<u8>)
-{
-    let mut vec_cert : Vec<u8> = Vec::new();
-    let mut vec_quote : Vec<u8> = Vec::new();
-    let mut vec_coll : Vec<u8> = Vec::new();
+fn split_combined_cert(cert: *const u8, cert_len: u32) -> (Vec<u8>, Vec<u8>, Vec<u8>) {
+    let mut vec_cert: Vec<u8> = Vec::new();
+    let mut vec_quote: Vec<u8> = Vec::new();
+    let mut vec_coll: Vec<u8> = Vec::new();
 
     let n0 = mem::size_of::<u32>() as u32 * 3;
 
-    if cert_len >= n0
-    {
+    if cert_len >= n0 {
         let p_cert = cert as *const u32;
-        let s0 = u32::from_le( unsafe { *p_cert } );
-        let s1 = u32::from_le( unsafe { *(p_cert.offset(1)) } );
-        let s2 = u32::from_le( unsafe { *(p_cert.offset(2)) } );
-
-        let size_total =
-            (n0 as u64) +
-            (s0 as u64) +
-            (s1 as u64) +
-            (s2 as u64);
-
-        if size_total <= cert_len as u64
-        {
-            vec_cert = unsafe { slice::from_raw_parts(cert.offset(n0 as isize), s0 as usize).to_vec() };
-            vec_quote = unsafe { slice::from_raw_parts(cert.offset((n0 + s0) as isize), s1 as usize).to_vec() };
-            vec_coll = unsafe { slice::from_raw_parts(cert.offset((n0 + s0 + s1) as isize), s2 as usize).to_vec() };
+        let s0 = u32::from_le(unsafe { *p_cert });
+        let s1 = u32::from_le(unsafe { *(p_cert.offset(1)) });
+        let s2 = u32::from_le(unsafe { *(p_cert.offset(2)) });
+
+        let size_total = (n0 as u64) + (s0 as u64) + (s1 as u64) + (s2 as u64);
+
+        if size_total <= cert_len as u64 {
+            vec_cert =
+                unsafe { slice::from_raw_parts(cert.offset(n0 as isize), s0 as usize).to_vec() };
+            vec_quote = unsafe {
+                slice::from_raw_parts(cert.offset((n0 + s0) as isize), s1 as usize).to_vec()
+            };
+            vec_coll = unsafe {
+                slice::from_raw_parts(cert.offset((n0 + s0 + s1) as isize), s2 as usize).to_vec()
+            };
         }
-
     }
 
     (vec_cert, vec_quote, vec_coll)
@@ -100,7 +92,8 @@ fn test_attestation_epid(cert_slice: &[u8], pub_key: &mut [u8; 32]) -> NodeAuthR
     }
 
     pub_key.copy_from_slice(&pk);
-    return NodeAuthResult::Success;
+
+    NodeAuthResult::Success
 }
 
 fn test_attestation_dcap(
@@ -112,7 +105,7 @@ fn test_attestation_dcap(
     trace!("Current block time: {}", tm_s);
 
     // test self
-    let report_body = match verify_quote_ecdsa(&vec_quote, &vec_coll, tm_s) {
+    let report_body = match verify_quote_ecdsa(vec_quote, vec_coll, tm_s) {
         Ok(r) => {
             trace!("Remote quote verified ok");
             if r.1 != sgx_ql_qv_result_t::SGX_QL_QV_RESULT_OK {
@@ -136,9 +129,9 @@ fn test_attestation_dcap(
     }
 
     pub_key.copy_from_slice(&report_body.report_data.d[..32]);
-    return NodeAuthResult::Success;
-}
 
+    NodeAuthResult::Success
+}
 
 ///
 /// `ecall_authenticate_new_node`
@@ -181,21 +174,18 @@ pub unsafe extern "C" fn ecall_authenticate_new_node(
     let (vec_cert, vec_quote, vec_coll) = split_combined_cert(cert, cert_len);
 
     if vec_quote.is_empty() || vec_coll.is_empty() {
-
         if vec_cert.is_empty() {
             warn!("No valid attestation method provided");
             return NodeAuthResult::InvalidCert;
         }
 
         trace!("EPID attestation");
 
-        let res = test_attestation_epid(&vec_cert.as_slice(), &mut target_public_key);
+        let res = test_attestation_epid(vec_cert.as_slice(), &mut target_public_key);
         if NodeAuthResult::Success != res {
             return res;
         }
-
     } else {
-
         trace!("DCAP attestation");
 
         let res = test_attestation_dcap(&vec_quote, &vec_coll, &mut target_public_key);
@@ -205,7 +195,6 @@ pub unsafe extern "C" fn ecall_authenticate_new_node(
     }
 
     let result = panic::catch_unwind(|| -> Result<Vec<u8>, NodeAuthResult> {
-
         trace!(
             "ecall_get_encrypted_seed target_public_key key pk: {:?}",
             &target_public_key.to_vec()