From ecfa84c327d65e1aa027ded1f32ae4f06b67fa7a Mon Sep 17 00:00:00 2001 From: Itzik Grossman Date: Thu, 11 Jan 2024 15:59:54 +0200 Subject: [PATCH] Compiles now (yay) --- .../actions/check-objdump/package-lock.json | 292 +++++++++--------- cosmwasm/Cargo.lock | 174 ++++++++++- .../execute/src/registration/attestation.rs | 68 ++-- .../src/registration/check_patch_level.rs | 227 +++++++------- .../enclaves/execute/src/registration/mod.rs | 7 +- .../execute/src/registration/offchain.rs | 15 +- .../execute/src/registration/verify.rs | 2 - .../sgx-vm/src/attestation/sgx/epid.rs | 86 ------ cosmwasm/packages/sgx-vm/src/lib.rs | 10 +- cosmwasm/packages/sgx-vm/src/seed.rs | 49 ++- go-cosmwasm/Cargo.lock | 60 +++- go-cosmwasm/src/lib.rs | 5 +- 12 files changed, 567 insertions(+), 428 deletions(-) diff --git a/.github/actions/check-objdump/package-lock.json b/.github/actions/check-objdump/package-lock.json index 1976fd2a9..e10e1f2e7 100644 --- a/.github/actions/check-objdump/package-lock.json +++ b/.github/actions/check-objdump/package-lock.json @@ -1,146 +1,146 @@ -{ - "name": "actions-download-file", - "version": "1.3.0", - "lockfileVersion": 3, - "requires": true, - "packages": { - "": { - "name": "actions-download-file", - "version": "1.3.0", - "license": "MIT", - "dependencies": { - "@actions/core": "^1.10.0", - "node-fetch": "3.3.1" - }, - "devDependencies": { - "@vercel/ncc": "^0.36.1" - } - }, - "node_modules/@actions/core": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz", - "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==", - "dependencies": { - "@actions/http-client": "^2.0.1", - "uuid": "^8.3.2" - } - }, - "node_modules/@actions/http-client": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.1.0.tgz", - "integrity": "sha512-BonhODnXr3amchh4qkmjPMUO8mFi/zLaaCeCAJZqch8iQqyDnVIkySjB38VHAC8IJ+bnlgfOqlhpyCUZHlQsqw==", - "dependencies": { - "tunnel": "^0.0.6" - } - }, - "node_modules/@vercel/ncc": { - "version": "0.36.1", - "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.36.1.tgz", - "integrity": "sha512-S4cL7Taa9yb5qbv+6wLgiKVZ03Qfkc4jGRuiUQMQ8HGBD5pcNRnHeYM33zBvJE4/zJGjJJ8GScB+WmTsn9mORw==", - "dev": true, - "bin": { - "ncc": "dist/ncc/cli.js" - } - }, - "node_modules/data-uri-to-buffer": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-4.0.1.tgz", - "integrity": "sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==", - "engines": { - "node": ">= 12" - } - }, - "node_modules/fetch-blob": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/fetch-blob/-/fetch-blob-3.2.0.tgz", - "integrity": "sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/jimmywarting" - }, - { - "type": "paypal", - "url": "https://paypal.me/jimmywarting" - } - ], - "dependencies": { - "node-domexception": "^1.0.0", - "web-streams-polyfill": "^3.0.3" - }, - "engines": { - "node": "^12.20 || >= 14.13" - } - }, - "node_modules/formdata-polyfill": { - "version": "4.0.10", - "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz", - "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==", - "dependencies": { - "fetch-blob": "^3.1.2" - }, - "engines": { - "node": ">=12.20.0" - } - }, - "node_modules/node-domexception": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/node-domexception/-/node-domexception-1.0.0.tgz", - "integrity": "sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/jimmywarting" - }, - { - "type": "github", - "url": "https://paypal.me/jimmywarting" - } - ], - "engines": { - "node": ">=10.5.0" - } - }, - "node_modules/node-fetch": { - "version": "3.3.1", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-3.3.1.tgz", - "integrity": "sha512-cRVc/kyto/7E5shrWca1Wsea4y6tL9iYJE5FBCius3JQfb/4P4I295PfhgbJQBLTx6lATE4z+wK0rPM4VS2uow==", - "dependencies": { - "data-uri-to-buffer": "^4.0.0", - "fetch-blob": "^3.1.4", - "formdata-polyfill": "^4.0.10" - }, - "engines": { - "node": "^12.20.0 || ^14.13.1 || >=16.0.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/node-fetch" - } - }, - "node_modules/tunnel": { - "version": "0.0.6", - "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", - "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==", - "engines": { - "node": ">=0.6.11 <=0.7.0 || >=0.7.3" - } - }, - "node_modules/uuid": { - "version": "8.3.2", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", - "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", - "bin": { - "uuid": "dist/bin/uuid" - } - }, - "node_modules/web-streams-polyfill": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.2.1.tgz", - "integrity": "sha512-e0MO3wdXWKrLbL0DgGnUV7WHVuw9OUvL4hjgnPkIeEvESk74gAITi5G606JtZPp39cd8HA9VQzCIvA49LpPN5Q==", - "engines": { - "node": ">= 8" - } - } - } -} +{ + "name": "actions-download-file", + "version": "1.3.0", + "lockfileVersion": 3, + "requires": true, + "packages": { + "": { + "name": "actions-download-file", + "version": "1.3.0", + "license": "MIT", + "dependencies": { + "@actions/core": "^1.10.0", + "node-fetch": "3.3.1" + }, + "devDependencies": { + "@vercel/ncc": "^0.36.1" + } + }, + "node_modules/@actions/core": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz", + "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==", + "dependencies": { + "@actions/http-client": "^2.0.1", + "uuid": "^8.3.2" + } + }, + "node_modules/@actions/http-client": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.1.0.tgz", + "integrity": "sha512-BonhODnXr3amchh4qkmjPMUO8mFi/zLaaCeCAJZqch8iQqyDnVIkySjB38VHAC8IJ+bnlgfOqlhpyCUZHlQsqw==", + "dependencies": { + "tunnel": "^0.0.6" + } + }, + "node_modules/@vercel/ncc": { + "version": "0.36.1", + "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.36.1.tgz", + "integrity": "sha512-S4cL7Taa9yb5qbv+6wLgiKVZ03Qfkc4jGRuiUQMQ8HGBD5pcNRnHeYM33zBvJE4/zJGjJJ8GScB+WmTsn9mORw==", + "dev": true, + "bin": { + "ncc": "dist/ncc/cli.js" + } + }, + "node_modules/data-uri-to-buffer": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-4.0.1.tgz", + "integrity": "sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==", + "engines": { + "node": ">= 12" + } + }, + "node_modules/fetch-blob": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/fetch-blob/-/fetch-blob-3.2.0.tgz", + "integrity": "sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/jimmywarting" + }, + { + "type": "paypal", + "url": "https://paypal.me/jimmywarting" + } + ], + "dependencies": { + "node-domexception": "^1.0.0", + "web-streams-polyfill": "^3.0.3" + }, + "engines": { + "node": "^12.20 || >= 14.13" + } + }, + "node_modules/formdata-polyfill": { + "version": "4.0.10", + "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz", + "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==", + "dependencies": { + "fetch-blob": "^3.1.2" + }, + "engines": { + "node": ">=12.20.0" + } + }, + "node_modules/node-domexception": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/node-domexception/-/node-domexception-1.0.0.tgz", + "integrity": "sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/jimmywarting" + }, + { + "type": "github", + "url": "https://paypal.me/jimmywarting" + } + ], + "engines": { + "node": ">=10.5.0" + } + }, + "node_modules/node-fetch": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-3.3.1.tgz", + "integrity": "sha512-cRVc/kyto/7E5shrWca1Wsea4y6tL9iYJE5FBCius3JQfb/4P4I295PfhgbJQBLTx6lATE4z+wK0rPM4VS2uow==", + "dependencies": { + "data-uri-to-buffer": "^4.0.0", + "fetch-blob": "^3.1.4", + "formdata-polyfill": "^4.0.10" + }, + "engines": { + "node": "^12.20.0 || ^14.13.1 || >=16.0.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/node-fetch" + } + }, + "node_modules/tunnel": { + "version": "0.0.6", + "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", + "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==", + "engines": { + "node": ">=0.6.11 <=0.7.0 || >=0.7.3" + } + }, + "node_modules/uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "bin": { + "uuid": "dist/bin/uuid" + } + }, + "node_modules/web-streams-polyfill": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.2.1.tgz", + "integrity": "sha512-e0MO3wdXWKrLbL0DgGnUV7WHVuw9OUvL4hjgnPkIeEvESk74gAITi5G606JtZPp39cd8HA9VQzCIvA49LpPN5Q==", + "engines": { + "node": ">= 8" + } + } + } +} diff --git a/cosmwasm/Cargo.lock b/cosmwasm/Cargo.lock index c7adc0ee7..b3e0d31b9 100644 --- a/cosmwasm/Cargo.lock +++ b/cosmwasm/Cargo.lock @@ -64,6 +64,12 @@ version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b41b7ea54a0c9d92199de89e20e58d49f02f8e699814ef3fdf266f6f748d15c7" +[[package]] +name = "base64" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ea22880d78093b0cbe17c89f64a7d457941e65759157ec6cb31a31d652b05e5" + [[package]] name = "base64" version = "0.21.5" @@ -101,8 +107,8 @@ dependencies = [ "log", "proc-macro2", "quote", - "serde", - "serde_json", + "serde 1.0.188", + "serde_json 1.0.108", "syn 1.0.86", "tempfile", "toml", @@ -163,10 +169,11 @@ dependencies = [ "num_cpus", "parity-wasm", "parking_lot", + "secret-attestation-token", "secret-cosmwasm-std", - "serde", - "serde_json", - "sgx_types", + "serde 1.0.188", + "serde_json 1.0.108", + "sgx_types 1.1.6", "sgx_urts", "sha2", "snafu", @@ -280,6 +287,11 @@ version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8be18de09a56b60ed0edf84bc9df007e30040691af7acd1c41874faac5895bfb" +[[package]] +name = "hashbrown_tstd" +version = "0.9.0" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" + [[package]] name = "hermit-abi" version = "0.1.19" @@ -310,6 +322,14 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "itoa" +version = "0.4.5" +source = "git+https://github.com/mesalock-linux/itoa-sgx#295ee451f5ec74f25c299552b481beb445ea3eb7" +dependencies = [ + "sgx_tstd", +] + [[package]] name = "itoa" version = "1.0.1" @@ -502,8 +522,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "be77ed66abed6954aabf6a3e31a84706bedbf93750d267e92ef4a6d90bbd6a61" dependencies = [ "schemars_derive", - "serde", - "serde_json", + "serde 1.0.188", + "serde_json 1.0.108", ] [[package]] @@ -524,6 +544,16 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +[[package]] +name = "secret-attestation-token" +version = "0.1.0" +dependencies = [ + "base64 0.20.0", + "hex", + "serde 1.0.118", + "serde_json 1.0.60", +] + [[package]] name = "secret-cosmwasm-std" version = "0.10.1" @@ -532,7 +562,7 @@ checksum = "f5d4b8fed972d924458d9c3c0e6c9fbf6c4c5e30655571e3d2b78be056d316e9" dependencies = [ "base64 0.11.0", "schemars", - "serde", + "serde 1.0.188", "serde-json-wasm", "snafu", ] @@ -543,13 +573,22 @@ version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0486718e92ec9a68fbed73bb5ef687d71103b142595b406835649bebd33f72c7" +[[package]] +name = "serde" +version = "1.0.118" +source = "git+https://github.com/mesalock-linux/serde-sgx#db0226f1d5d70fca6b96af2c285851502204e21c" +dependencies = [ + "serde_derive 1.0.118", + "sgx_tstd", +] + [[package]] name = "serde" version = "1.0.188" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf9e0fcba69a370eed61bcf2b728575f726b50b55cba78064753d708ddc7549e" dependencies = [ - "serde_derive", + "serde_derive 1.0.188", ] [[package]] @@ -558,7 +597,17 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "120bad73306616e91acd7ceed522ba96032a51cffeef3cc813de7f367df71e37" dependencies = [ - "serde", + "serde 1.0.188", +] + +[[package]] +name = "serde_derive" +version = "1.0.118" +source = "git+https://github.com/mesalock-linux/serde-sgx#db0226f1d5d70fca6b96af2c285851502204e21c" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.86", ] [[package]] @@ -583,27 +632,118 @@ dependencies = [ "syn 1.0.86", ] +[[package]] +name = "serde_json" +version = "1.0.60" +source = "git+https://github.com/mesalock-linux/serde-json-sgx#380893814ad2a057758d825bab798aa117f7362a" +dependencies = [ + "itoa 0.4.5", + "ryu", + "serde 1.0.118", + "sgx_tstd", +] + [[package]] name = "serde_json" version = "1.0.108" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3d1c7e3eac408d115102c4c24ad393e0821bb3a5df4d506a80f85f7a742a526b" dependencies = [ - "itoa", + "itoa 1.0.1", "ryu", - "serde", + "serde 1.0.188", +] + +[[package]] +name = "sgx_alloc" +version = "1.1.3" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" + +[[package]] +name = "sgx_backtrace_sys" +version = "1.1.3" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" +dependencies = [ + "cc", + "sgx_build_helper", + "sgx_libc", +] + +[[package]] +name = "sgx_build_helper" +version = "0.1.3" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" + +[[package]] +name = "sgx_demangle" +version = "1.1.3" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" + +[[package]] +name = "sgx_libc" +version = "1.1.3" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" +dependencies = [ + "sgx_types 1.1.3", ] +[[package]] +name = "sgx_tprotected_fs" +version = "1.1.3" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" +dependencies = [ + "sgx_trts", + "sgx_types 1.1.3", +] + +[[package]] +name = "sgx_trts" +version = "1.1.3" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" +dependencies = [ + "sgx_libc", + "sgx_types 1.1.3", +] + +[[package]] +name = "sgx_tstd" +version = "1.1.3" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" +dependencies = [ + "hashbrown_tstd", + "sgx_alloc", + "sgx_backtrace_sys", + "sgx_demangle", + "sgx_libc", + "sgx_tprotected_fs", + "sgx_trts", + "sgx_types 1.1.3", + "sgx_unwind", +] + +[[package]] +name = "sgx_types" +version = "1.1.3" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" + [[package]] name = "sgx_types" version = "1.1.6" +[[package]] +name = "sgx_unwind" +version = "0.1.1" +source = "git+https://github.com/apache/teaclave-sgx-sdk.git?rev=v1.1.3#a6a172e652b4db4eaa17e4faa078fda8922abdd0" +dependencies = [ + "sgx_build_helper", +] + [[package]] name = "sgx_urts" version = "1.1.6" dependencies = [ "libc", - "sgx_types", + "sgx_types 1.1.6", ] [[package]] @@ -721,7 +861,7 @@ version = "0.5.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a31142970826733df8241ef35dc040ef98c679ab14d7c3e54d827099b3acecaa" dependencies = [ - "serde", + "serde 1.0.188", ] [[package]] @@ -766,9 +906,9 @@ version = "0.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94b5f5d6984ca42df66280baa8a15ac188a173ddaf4580b574a98931c01920e7" dependencies = [ - "serde", - "serde_derive", - "serde_json", + "serde 1.0.188", + "serde_derive 1.0.188", + "serde_json 1.0.108", "wabt-sys", ] diff --git a/cosmwasm/enclaves/execute/src/registration/attestation.rs b/cosmwasm/enclaves/execute/src/registration/attestation.rs index 8762d351b..ca5f1a6c9 100644 --- a/cosmwasm/enclaves/execute/src/registration/attestation.rs +++ b/cosmwasm/enclaves/execute/src/registration/attestation.rs @@ -190,40 +190,40 @@ pub unsafe extern "C" fn ecall_generate_authentication_material( sgx_status_t::SGX_SUCCESS } -// -// /// -// /// This function generates the registration_key, which is used in the attestation and registration -// /// process -// /// -// #[no_mangle] -// pub unsafe extern "C" fn ecall_generate_registration_key( -// public_key: &mut [u8; PUBLIC_KEY_SIZE], -// ) -> sgx_types::sgx_status_t { -// if let Err(_e) = validate_mut_slice(public_key) { -// return sgx_status_t::SGX_ERROR_UNEXPECTED; -// } -// -// let mut key_manager = Keychain::new(); -// if let Err(_e) = key_manager.create_registration_key() { -// error!("Failed to create registration key"); -// return sgx_status_t::SGX_ERROR_UNEXPECTED; -// }; -// -// let reg_key = key_manager.get_registration_key(); -// -// if reg_key.is_err() { -// error!("Failed to unlock node key. Please make sure the file is accessible or reinitialize the node"); -// return sgx_status_t::SGX_ERROR_UNEXPECTED; -// } -// -// let pubkey = reg_key.unwrap().get_pubkey(); -// public_key.clone_from_slice(&pubkey); -// trace!( -// "ecall_generate_registration_key key pk: {:?}", -// public_key.to_vec() -// ); -// sgx_status_t::SGX_SUCCESS -// } + +/// +/// This function generates the registration_key, which is used in the attestation and registration +/// process +/// +#[no_mangle] +pub unsafe extern "C" fn ecall_generate_registration_key( + public_key: &mut [u8; PUBLIC_KEY_SIZE], +) -> sgx_types::sgx_status_t { + if let Err(_e) = validate_mut_slice(public_key) { + return sgx_status_t::SGX_ERROR_UNEXPECTED; + } + + let mut key_manager = Keychain::new(); + if let Err(_e) = key_manager.create_registration_key() { + error!("Failed to create registration key"); + return sgx_status_t::SGX_ERROR_UNEXPECTED; + }; + + let reg_key = key_manager.get_registration_key(); + + if reg_key.is_err() { + error!("Failed to unlock node key. Please make sure the file is accessible or reinitialize the node"); + return sgx_status_t::SGX_ERROR_UNEXPECTED; + } + + let pubkey = reg_key.unwrap().get_pubkey(); + public_key.clone_from_slice(&pubkey); + trace!( + "ecall_generate_registration_key key pk: {:?}", + public_key.to_vec() + ); + sgx_status_t::SGX_SUCCESS +} // #[cfg(not(feature = "SGX_MODE_HW"))] // pub fn create_attestation_certificate( diff --git a/cosmwasm/enclaves/execute/src/registration/check_patch_level.rs b/cosmwasm/enclaves/execute/src/registration/check_patch_level.rs index 3df2c7839..8a89ed44b 100644 --- a/cosmwasm/enclaves/execute/src/registration/check_patch_level.rs +++ b/cosmwasm/enclaves/execute/src/registration/check_patch_level.rs @@ -8,20 +8,9 @@ use enclave_crypto::consts::SIGNATURE_TYPE; use enclave_ffi_types::NodeAuthResult; use enclave_utils::validate_const_ptr; -#[cfg(feature = "SGX_MODE_HW")] -use crate::registration::attestation::create_attestation_report; - -#[cfg(feature = "SGX_MODE_HW")] -use crate::registration::cert::verify_quote_status; - #[cfg(not(feature = "epid_whitelist_disabled"))] use crate::registration::cert::check_epid_gid_is_whitelisted; -#[cfg(feature = "SGX_MODE_HW")] -use crate::registration::print_report::print_platform_info; - -use crate::registration::report::AttestationReport; - /// # Safety #[no_mangle] #[cfg(not(feature = "SGX_MODE_HW"))] @@ -40,105 +29,119 @@ pub unsafe extern "C" fn ecall_check_patch_level( api_key: *const u8, api_key_len: u32, ) -> NodeAuthResult { - validate_const_ptr!(api_key, api_key_len as usize, NodeAuthResult::InvalidInput); - if api_key_len > 100 { - error!("API key malformed"); - return NodeAuthResult::InvalidInput; - } - - let api_key_slice = slice::from_raw_parts(api_key, api_key_len as usize); - - // CREATE THE ATTESTATION REPORT - // generate temporary key for attestation - let temp_key_result = enclave_crypto::KeyPair::new().unwrap(); - - let signed_report = match create_attestation_report( - &temp_key_result.get_pubkey(), - SIGNATURE_TYPE, - api_key_slice, - None, - true, - ) { - Ok(r) => r, - Err(_e) => { - error!("Error creating attestation report"); - return NodeAuthResult::InvalidCert; - } - }; - - let payload: String = serde_json::to_string(&signed_report) - .map_err(|_| { - error!("Error serializing report. May be malformed, or badly encoded"); - NodeAuthResult::InvalidCert - }) - .unwrap(); - - // extract private key from KeyPair - let ecc_handle = sgx_tcrypto::SgxEccHandle::new(); - let _result = ecc_handle.open(); - - let (prv_k, pub_k) = ecc_handle.create_key_pair().unwrap(); - - let _result = ecc_handle.open(); - let (_key_der, cert) = super::cert::gen_ecc_cert(payload, &prv_k, &pub_k, &ecc_handle).unwrap(); - let _result = ecc_handle.close(); - - let report = AttestationReport::from_cert(&cert) - .map_err(|_| { - error!("Failed to create report from certificate"); - NodeAuthResult::InvalidCert - }) - .unwrap(); - - // PERFORM EPID CHECK - #[cfg(not(feature = "epid_whitelist_disabled"))] - if !check_epid_gid_is_whitelisted(&report.sgx_quote_body.gid) { - error!( - "Platform verification error: quote status {:?}", - &report.sgx_quote_body.gid - ); - error!("Your current platform is probably not up to date, and may require a BIOS or PSW update. \n \ - Please see https://docs.scrt.network/secret-network-documentation/infrastructure/setting-up-a-node-validator/hardware-setup/patching-your-node \ - for more information"); - error!("If you think this message appeared in error, please contact us on Telegram or Discord, and attach your quote status from the message above"); - return NodeAuthResult::BadQuoteStatus; - } - - if report.tcb_eval_data_number < 16 { - error!("Your current platform is probably not up to date, and may require a BIOS or PSW update. \n \ - Please see https://docs.scrt.network/secret-network-documentation/infrastructure/setting-up-a-node-validator/hardware-setup/patching-your-node \ - for more information"); - println!( - "Tried to attest using old data: {}", - report.tcb_eval_data_number - ); - return NodeAuthResult::GroupOutOfDate; - } - - // PERFORM STATUS CHECKS - let node_auth_result = NodeAuthResult::from(&report.sgx_quote_status); - // print - match verify_quote_status(&report, &report.advisory_ids) { - Err(status) => match status { - NodeAuthResult::SwHardeningAndConfigurationNeeded => { - println!("Platform status is SW_HARDENING_AND_CONFIGURATION_NEEDED. This means is updated but requires further BIOS configuration"); - } - NodeAuthResult::GroupOutOfDate => { - println!("Platform status is GROUP_OUT_OF_DATE. This means that one of the system components is missing a security update"); - } - _ => { - println!("Platform status is {:?}", status); - } - }, - _ => println!("Platform Okay!"), - } - - // print platform blob info - match node_auth_result { - NodeAuthResult::GroupOutOfDate | NodeAuthResult::SwHardeningAndConfigurationNeeded => unsafe { - print_platform_info(&report); - node_auth_result - }, - _ => NodeAuthResult::Success, - } + panic!("TBD"); + // validate_const_ptr!(api_key, api_key_len as usize, NodeAuthResult::InvalidInput); + // if api_key_len > 100 { + // error!("API key malformed"); + // return NodeAuthResult::InvalidInput; + // } + // + // let api_key_slice = slice::from_raw_parts(api_key, api_key_len as usize); + // + // // CREATE THE ATTESTATION REPORT + // // generate temporary key for attestation + // let temp_key_result = enclave_crypto::KeyPair::new().unwrap(); + // let cert = match epid::generate_authentication_material( + // &kp.get_pubkey(), + // SIGNATURE_TYPE, + // api_key_slice, + // secret_attestation_token::AttestationType::SgxEpid, + // None, + // ) { + // Err(_) => { + // error!("Failed to get certificate from intel for seed service"); + // return NodeAuthResult::InvalidCert; + // } + // Ok(res) => res, + // }; + // + // let signed_report = match create_attestation_report( + // &temp_key_result.get_pubkey(), + // SIGNATURE_TYPE, + // api_key_slice, + // None, + // true, + // ) { + // Ok(r) => r, + // Err(_e) => { + // error!("Error creating attestation report"); + // return NodeAuthResult::InvalidCert; + // } + // }; + // + // // let payload: String = serde_json::to_string(&signed_report) + // // .map_err(|_| { + // // error!("Error serializing report. May be malformed, or badly encoded"); + // // NodeAuthResult::InvalidCert + // // }) + // // .unwrap(); + // // + // // // extract private key from KeyPair + // // let ecc_handle = sgx_tcrypto::SgxEccHandle::new(); + // // let _result = ecc_handle.open(); + // // + // // let (prv_k, pub_k) = ecc_handle.create_key_pair().unwrap(); + // // + // // let _result = ecc_handle.open(); + // // let (_key_der, cert) = super::cert::gen_ecc_cert(payload, &prv_k, &pub_k, &ecc_handle).unwrap(); + // // let _result = ecc_handle.close(); + // // + // // let report = AttestationReport::from_cert(&cert) + // // .map_err(|_| { + // // error!("Failed to create report from certificate"); + // // NodeAuthResult::InvalidCert + // // }) + // // .unwrap(); + // + // // PERFORM EPID CHECK + // #[cfg(not(feature = "epid_whitelist_disabled"))] + // if !check_epid_gid_is_whitelisted(&report.sgx_quote_body.gid) { + // error!( + // "Platform verification error: quote status {:?}", + // &report.sgx_quote_body.gid + // ); + // error!("Your current platform is probably not up to date, and may require a BIOS or PSW update. \n \ + // Please see https://docs.scrt.network/secret-network-documentation/infrastructure/setting-up-a-node-validator/hardware-setup/patching-your-node \ + // for more information"); + // error!("If you think this message appeared in error, please contact us on Telegram or Discord, and attach your quote status from the message above"); + // return NodeAuthResult::BadQuoteStatus; + // } + // + // if report.tcb_eval_data_number < 16 { + // error!("Your current platform is probably not up to date, and may require a BIOS or PSW update. \n \ + // Please see https://docs.scrt.network/secret-network-documentation/infrastructure/setting-up-a-node-validator/hardware-setup/patching-your-node \ + // for more information"); + // println!( + // "Tried to attest using old data: {}", + // report.tcb_eval_data_number + // ); + // return NodeAuthResult::GroupOutOfDate; + // } + // + // // PERFORM STATUS CHECKS + // let node_auth_result = NodeAuthResult::from(&report.sgx_quote_status); + // // print + // match verify_quote_status(&report, &report.advisory_ids) { + // Err(status) => match status { + // NodeAuthResult::SwHardeningAndConfigurationNeeded => { + // println!("Platform status is SW_HARDENING_AND_CONFIGURATION_NEEDED. This means is updated but requires further BIOS configuration"); + // } + // NodeAuthResult::GroupOutOfDate => { + // println!("Platform status is GROUP_OUT_OF_DATE. This means that one of the system components is missing a security update"); + // } + // _ => { + // println!("Platform status is {:?}", status); + // } + // }, + // _ => println!("Platform Okay!"), + // } + // + // // print platform blob info + // match node_auth_result { + // NodeAuthResult::GroupOutOfDate | NodeAuthResult::SwHardeningAndConfigurationNeeded => unsafe { + // print_platform_info(&report); + // node_auth_result + // }, + // _ => NodeAuthResult::Success, + // } } diff --git a/cosmwasm/enclaves/execute/src/registration/mod.rs b/cosmwasm/enclaves/execute/src/registration/mod.rs index 2cf4bff72..08a1890d1 100644 --- a/cosmwasm/enclaves/execute/src/registration/mod.rs +++ b/cosmwasm/enclaves/execute/src/registration/mod.rs @@ -1,5 +1,7 @@ -pub use attestation::create_attestation_certificate; -pub use offchain::{ecall_get_attestation_report, ecall_init_bootstrap, ecall_init_node}; +// pub use attestation::create_attestation_certificate; +pub use offchain::{ecall_init_bootstrap, ecall_init_node}; +pub use verify::ecall_legacy_verify_node_on_chain; + // pub use onchain::ecall_authenticate_new_node; mod attestation; @@ -19,6 +21,7 @@ mod seed_exchange; pub mod check_patch_level; pub mod seed_service; +mod verify; #[cfg(feature = "test")] pub mod tests { diff --git a/cosmwasm/enclaves/execute/src/registration/offchain.rs b/cosmwasm/enclaves/execute/src/registration/offchain.rs index fb2fa5aaa..68d656117 100644 --- a/cosmwasm/enclaves/execute/src/registration/offchain.rs +++ b/cosmwasm/enclaves/execute/src/registration/offchain.rs @@ -422,12 +422,13 @@ pub unsafe extern "C" fn ecall_init_node( // /// // /// This function happens off-chain // /// -// #[no_mangle] -// pub unsafe extern "C" fn ecall_get_genesis_seed( -// pk: *const u8, -// pk_len: u32, -// seed: &mut [u8; SINGLE_ENCRYPTED_SEED_SIZE], -// ) -> sgx_types::sgx_status_t { +#[no_mangle] +pub unsafe extern "C" fn ecall_get_genesis_seed( + pk: *const u8, + pk_len: u32, + seed: &mut [u8; SINGLE_ENCRYPTED_SEED_SIZE], +) -> sgx_types::sgx_status_t { + panic!("not implemented yet"); // validate_mut_ptr!( // seed.as_mut_ptr(), // seed.len(), @@ -477,4 +478,4 @@ pub unsafe extern "C" fn ecall_init_node( // warn!("Enclave call ecall_get_genesis_seed panic!"); // sgx_status_t::SGX_ERROR_UNEXPECTED // } -// } +} diff --git a/cosmwasm/enclaves/execute/src/registration/verify.rs b/cosmwasm/enclaves/execute/src/registration/verify.rs index 3710687d0..e6b190678 100644 --- a/cosmwasm/enclaves/execute/src/registration/verify.rs +++ b/cosmwasm/enclaves/execute/src/registration/verify.rs @@ -47,9 +47,7 @@ pub unsafe extern "C" fn ecall_legacy_verify_node_on_chain( } validate_mut_ptr!(seed.as_mut_ptr(), seed.len(), NodeAuthResult::InvalidInput); - validate_const_ptr!(cert, cert_len as usize, NodeAuthResult::InvalidInput); - let cert_slice = std::slice::from_raw_parts(cert, cert_len as usize); validate_const_ptr!( auth_material, auth_material_len as usize, diff --git a/cosmwasm/packages/sgx-vm/src/attestation/sgx/epid.rs b/cosmwasm/packages/sgx-vm/src/attestation/sgx/epid.rs index 96697fc6b..006f62c03 100644 --- a/cosmwasm/packages/sgx-vm/src/attestation/sgx/epid.rs +++ b/cosmwasm/packages/sgx-vm/src/attestation/sgx/epid.rs @@ -30,13 +30,6 @@ extern "C" { auth_material_len: u32, seed: &mut [u8; OUTPUT_ENCRYPTED_SEED_SIZE as usize], ) -> sgx_status_t; - pub fn ecall_get_genesis_seed( - eid: sgx_enclave_id_t, - retval: *mut sgx_status_t, - pk: *const u8, - pk_len: u32, - seed: &mut [u8; SINGLE_ENCRYPTED_SEED_SIZE as usize], - ) -> sgx_status_t; } #[no_mangle] @@ -149,85 +142,6 @@ pub fn create_attestation_token(api_key: &[u8]) -> SgxResult<()> { Ok(()) } -// pub fn untrusted_get_encrypted_seed( -// cert: &[u8], -// ) -> SgxResult> { -// // Bind the token to a local variable to ensure its -// // destructor runs in the end of the function -// let enclave_access_token = ENCLAVE_DOORBELL -// .get_access(1) // This can never be recursive -// .ok_or(sgx_status_t::SGX_ERROR_BUSY)?; -// let enclave = (*enclave_access_token)?; -// let eid = enclave.geteid(); -// let mut retval = NodeAuthResult::Success; -// -// let mut seed = [0u8; OUTPUT_ENCRYPTED_SEED_SIZE as usize]; -// let status = unsafe { -// ecall_authenticate_new_node( -// eid, -// &mut retval, -// cert.as_ptr(), -// cert.len() as u32, -// &mut seed, -// ) -// }; -// -// if status != sgx_status_t::SGX_SUCCESS { -// debug!("Error from authenticate new node"); -// return Err(status); -// } -// -// if retval != NodeAuthResult::Success { -// debug!("Error from authenticate new node, bad NodeAuthResult"); -// return Ok(Err(retval)); -// } -// -// debug!("Done auth, got seed: {:?}", seed); -// -// if seed.is_empty() { -// error!("Got empty seed from encryption"); -// return Err(sgx_status_t::SGX_ERROR_UNEXPECTED); -// } -// -// Ok(Ok(seed)) -// } -// -// pub fn untrusted_get_encrypted_genesis_seed( -// pk: &[u8], -// ) -> SgxResult<[u8; SINGLE_ENCRYPTED_SEED_SIZE as usize]> { -// // Bind the token to a local variable to ensure its -// // destructor runs in the end of the function -// let enclave_access_token = ENCLAVE_DOORBELL -// .get_access(1) // This can never be recursive -// .ok_or(sgx_status_t::SGX_ERROR_BUSY)?; -// let enclave = (*enclave_access_token)?; -// let eid = enclave.geteid(); -// let mut retval = sgx_status_t::SGX_SUCCESS; -// -// let mut seed = [0u8; SINGLE_ENCRYPTED_SEED_SIZE as usize]; -// let status = unsafe { -// ecall_get_genesis_seed(eid, &mut retval, pk.as_ptr(), pk.len() as u32, &mut seed) -// }; -// -// if status != sgx_status_t::SGX_SUCCESS { -// debug!("Error from get genesis seed"); -// return Err(status); -// } -// -// if retval != sgx_status_t::SGX_SUCCESS { -// debug!("Error from get genesis seed, bad NodeAuthResult"); -// return Err(retval); -// } -// -// debug!("Done getting genesis seed, got seed: {:?}", seed); -// -// if seed.is_empty() { -// error!("Got empty seed from encryption"); -// return Err(sgx_status_t::SGX_ERROR_UNEXPECTED); -// } -// -// Ok(seed) -// } #[cfg(test)] mod test { diff --git a/cosmwasm/packages/sgx-vm/src/lib.rs b/cosmwasm/packages/sgx-vm/src/lib.rs index 6802be05d..d7d27545a 100644 --- a/cosmwasm/packages/sgx-vm/src/lib.rs +++ b/cosmwasm/packages/sgx-vm/src/lib.rs @@ -50,11 +50,13 @@ pub use crate::traits::StorageIterator; // Secret Network specific exports pub use crate::attestation::sgx::epid::create_attestation_token; -pub use crate::attestation::{ - create_attestation_report_u, untrusted_get_encrypted_genesis_seed, untrusted_get_encrypted_seed, -}; +// pub use crate::seed::; +// pub use crate::attestation::sgx::epid::{ +// create_attestation_report_u, untrusted_get_encrypted_genesis_seed, untrusted_get_encrypted_seed, +// }; pub use crate::seed::{ - untrusted_health_check, untrusted_init_bootstrap, untrusted_init_node, untrusted_key_gen, + untrusted_get_encrypted_seed, untrusted_health_check, untrusted_init_bootstrap, untrusted_init_node, untrusted_key_gen, untrusted_get_encrypted_genesis_seed + }; pub use crate::random::untrusted_submit_block_signatures; diff --git a/cosmwasm/packages/sgx-vm/src/seed.rs b/cosmwasm/packages/sgx-vm/src/seed.rs index a64e58ed9..88ae038aa 100644 --- a/cosmwasm/packages/sgx-vm/src/seed.rs +++ b/cosmwasm/packages/sgx-vm/src/seed.rs @@ -1,7 +1,6 @@ -use enclave_ffi_types::{HealthCheckResult, INPUT_ENCRYPTED_SEED_SIZE, NEWLY_FORMED_DOUBLE_ENCRYPTED_SEED_SIZE, NEWLY_FORMED_SINGLE_ENCRYPTED_SEED_SIZE, NodeAuthResult, OUTPUT_ENCRYPTED_SEED_SIZE}; +use enclave_ffi_types::{HealthCheckResult, INPUT_ENCRYPTED_SEED_SIZE, NEWLY_FORMED_DOUBLE_ENCRYPTED_SEED_SIZE, NEWLY_FORMED_SINGLE_ENCRYPTED_SEED_SIZE, SINGLE_ENCRYPTED_SEED_SIZE, NodeAuthResult, OUTPUT_ENCRYPTED_SEED_SIZE}; use sgx_types::*; - -use log::{error, info}; +use log::{error, info, debug}; use crate::enclave::ENCLAVE_DOORBELL; @@ -38,6 +37,13 @@ extern "C" { eid: sgx_enclave_id_t, retval: *mut HealthCheckResult, ) -> sgx_status_t; + pub fn ecall_get_genesis_seed( + eid: sgx_enclave_id_t, + retval: *mut sgx_status_t, + pk: *const u8, + pk_len: u32, + seed: &mut [u8; SINGLE_ENCRYPTED_SEED_SIZE as usize], + ) -> sgx_status_t; } pub fn untrusted_health_check() -> SgxResult { @@ -232,3 +238,40 @@ pub fn untrusted_get_encrypted_seed( Ok(Ok(seed)) } + +pub fn untrusted_get_encrypted_genesis_seed( + pk: &[u8], +) -> SgxResult<[u8; SINGLE_ENCRYPTED_SEED_SIZE as usize]> { + // Bind the token to a local variable to ensure its + // destructor runs in the end of the function + let enclave_access_token = ENCLAVE_DOORBELL + .get_access(1) // This can never be recursive + .ok_or(sgx_status_t::SGX_ERROR_BUSY)?; + let enclave = (*enclave_access_token)?; + let eid = enclave.geteid(); + let mut retval = sgx_status_t::SGX_SUCCESS; + + let mut seed = [0u8; SINGLE_ENCRYPTED_SEED_SIZE as usize]; + let status = unsafe { + ecall_get_genesis_seed(eid, &mut retval, pk.as_ptr(), pk.len() as u32, &mut seed) + }; + + if status != sgx_status_t::SGX_SUCCESS { + debug!("Error from get genesis seed"); + return Err(status); + } + + if retval != sgx_status_t::SGX_SUCCESS { + debug!("Error from get genesis seed, bad NodeAuthResult"); + return Err(retval); + } + + debug!("Done getting genesis seed, got seed: {:?}", seed); + + if seed.is_empty() { + error!("Got empty seed from encryption"); + return Err(sgx_status_t::SGX_ERROR_UNEXPECTED); + } + + Ok(seed) +} diff --git a/go-cosmwasm/Cargo.lock b/go-cosmwasm/Cargo.lock index 03d0f4eae..2950b8b0d 100644 --- a/go-cosmwasm/Cargo.lock +++ b/go-cosmwasm/Cargo.lock @@ -59,9 +59,15 @@ checksum = "b41b7ea54a0c9d92199de89e20e58d49f02f8e699814ef3fdf266f6f748d15c7" [[package]] name = "base64" -version = "0.21.3" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ea22880d78093b0cbe17c89f64a7d457941e65759157ec6cb31a31d652b05e5" + +[[package]] +name = "base64" +version = "0.21.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "414dcefbc63d77c526a76b3afcf6fbb9b5e2791c19c3aa2297733208750c6e53" +checksum = "c79fed4cdb43e993fcdadc7e58a09fd0e3e649c4436fa11da71c9f1f3ee7feb9" [[package]] name = "bitflags" @@ -88,7 +94,7 @@ dependencies = [ "log", "proc-macro2", "quote", - "serde", + "serde 1.0.188", "serde_json", "syn 1.0.107", "tempfile", @@ -106,7 +112,7 @@ dependencies = [ "log", "proc-macro2", "quote", - "serde", + "serde 1.0.188", "serde_json", "syn 1.0.107", "tempfile", @@ -144,7 +150,7 @@ dependencies = [ name = "cosmwasm-sgx-vm" version = "0.10.0" dependencies = [ - "base64 0.21.3", + "base64 0.21.6", "enclave-ffi-types", "hex", "lazy_static", @@ -153,8 +159,9 @@ dependencies = [ "num_cpus", "parity-wasm", "parking_lot", + "secret-attestation-token", "secret-cosmwasm-std", - "serde", + "serde 1.0.188", "serde_json", "sgx_types", "sgx_urts", @@ -291,7 +298,7 @@ dependencies = [ "errno", "log", "secret-cosmwasm-std", - "serde", + "serde 1.0.188", "serde_json", "sgx_edl", "simple_logger", @@ -545,7 +552,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "be77ed66abed6954aabf6a3e31a84706bedbf93750d267e92ef4a6d90bbd6a61" dependencies = [ "schemars_derive", - "serde", + "serde 1.0.188", "serde_json", ] @@ -567,6 +574,15 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +[[package]] +name = "secret-attestation-token" +version = "0.1.0" +dependencies = [ + "base64 0.20.0", + "hex", + "serde 1.0.118", +] + [[package]] name = "secret-cosmwasm-std" version = "0.10.1" @@ -575,18 +591,26 @@ checksum = "f5d4b8fed972d924458d9c3c0e6c9fbf6c4c5e30655571e3d2b78be056d316e9" dependencies = [ "base64 0.11.0", "schemars", - "serde", + "serde 1.0.188", "serde-json-wasm", "snafu", ] +[[package]] +name = "serde" +version = "1.0.118" +source = "git+https://github.com/mesalock-linux/serde-sgx#db0226f1d5d70fca6b96af2c285851502204e21c" +dependencies = [ + "serde_derive 1.0.118", +] + [[package]] name = "serde" version = "1.0.188" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf9e0fcba69a370eed61bcf2b728575f726b50b55cba78064753d708ddc7549e" dependencies = [ - "serde_derive", + "serde_derive 1.0.188", ] [[package]] @@ -595,7 +619,17 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "120bad73306616e91acd7ceed522ba96032a51cffeef3cc813de7f367df71e37" dependencies = [ - "serde", + "serde 1.0.188", +] + +[[package]] +name = "serde_derive" +version = "1.0.118" +source = "git+https://github.com/mesalock-linux/serde-sgx#db0226f1d5d70fca6b96af2c285851502204e21c" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.107", ] [[package]] @@ -628,7 +662,7 @@ checksum = "164eacbdb13512ec2745fb09d51fd5b22b0d65ed294a1dcf7285a360c80a675c" dependencies = [ "itoa", "ryu", - "serde", + "serde 1.0.188", ] [[package]] @@ -774,7 +808,7 @@ version = "0.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ffc92d160b1eef40665be3a05630d003936a3bc7da7421277846c2613e92c71a" dependencies = [ - "serde", + "serde 1.0.188", ] [[package]] diff --git a/go-cosmwasm/src/lib.rs b/go-cosmwasm/src/lib.rs index 819fae3f3..545f72c11 100644 --- a/go-cosmwasm/src/lib.rs +++ b/go-cosmwasm/src/lib.rs @@ -25,8 +25,9 @@ use cosmwasm_sgx_vm::{ features_from_csv, Checksum, CosmCache, Extern, }; use cosmwasm_sgx_vm::{ - create_attestation_token, create_attestation_report_u, untrusted_get_encrypted_genesis_seed, - untrusted_get_encrypted_seed, untrusted_health_check, untrusted_init_node, untrusted_key_gen, + create_attestation_token, untrusted_get_encrypted_seed, untrusted_get_encrypted_genesis_seed, + // create_attestation_report_u, untrusted_get_encrypted_genesis_seed, + untrusted_health_check, untrusted_init_node, untrusted_key_gen, }; use ctor::ctor;