diff --git a/Cargo.lock b/Cargo.lock index 32ad38f2..ca5222de 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -111,6 +111,125 @@ version = "0.2.21" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "683d7910e743518b0e34f1186f92494becacb047c7b6bf616c96772180fef923" +[[package]] +name = "alloy-json-abi" +version = "0.8.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24acd2f5ba97c7a320e67217274bc81fe3c3174b8e6144ec875d9d54e760e278" +dependencies = [ + "alloy-primitives", + "alloy-sol-type-parser", + "serde", + "serde_json", +] + +[[package]] +name = "alloy-primitives" +version = "0.8.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec878088ec6283ce1e90d280316aadd3d6ce3de06ff63d68953c855e7e447e92" +dependencies = [ + "alloy-rlp", + "bytes", + "cfg-if", + "const-hex", + "derive_more 1.0.0", + "foldhash", + "hashbrown 0.15.2", + "indexmap 2.7.1", + "itoa", + "k256 0.13.4", + "keccak-asm", + "paste", + "proptest", + "rand", + "ruint", + "rustc-hash 2.1.0", + "serde", + "sha3", + "tiny-keccak", +] + +[[package]] +name = "alloy-rlp" +version = "0.3.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d6c1d995bff8d011f7cd6c81820d51825e6e06d6db73914c1630ecf544d83d6" +dependencies = [ + "arrayvec", + "bytes", +] + +[[package]] +name = "alloy-sol-macro" +version = "0.8.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d039d267aa5cbb7732fa6ce1fd9b5e9e29368f580f80ba9d7a8450c794de4b2" +dependencies = [ + "alloy-sol-macro-expander", + "alloy-sol-macro-input", + "proc-macro-error2", + "proc-macro2", + "quote", + "syn 2.0.96", +] + +[[package]] +name = "alloy-sol-macro-expander" +version = "0.8.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "620ae5eee30ee7216a38027dec34e0585c55099f827f92f50d11e3d2d3a4a954" +dependencies = [ + "alloy-sol-macro-input", + "const-hex", + "heck 0.5.0", + "indexmap 2.7.1", + "proc-macro-error2", + "proc-macro2", + "quote", + "syn 2.0.96", + "syn-solidity", + "tiny-keccak", +] + +[[package]] +name = "alloy-sol-macro-input" +version = "0.8.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ad9f7d057e00f8c5994e4ff4492b76532c51ead39353aa2ed63f8c50c0f4d52e" +dependencies = [ + "const-hex", + "dunce", + "heck 0.5.0", + "proc-macro2", + "quote", + "syn 2.0.96", + "syn-solidity", +] + +[[package]] +name = "alloy-sol-type-parser" +version = "0.8.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "74e60b084fe1aef8acecda2743ff2d93c18ff3eb67a2d3b12f62582a1e66ef5e" +dependencies = [ + "serde", + "winnow", +] + +[[package]] +name = "alloy-sol-types" +version = "0.8.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1382302752cd751efd275f4d6ef65877ddf61e0e6f5ac84ef4302b79a33a31a" +dependencies = [ + "alloy-json-abi", + "alloy-primitives", + "alloy-sol-macro", + "const-hex", + "serde", +] + [[package]] name = "android-tzdata" version = "0.1.1" @@ -158,7 +277,7 @@ dependencies = [ "tokio-util", "tower 0.4.13", "tracing", - "x509-parser", + "x509-parser 0.14.0", ] [[package]] @@ -263,8 +382,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a22f4561524cd949590d78d7d4c5df8f592430d221f7f3c9497bbafd8972120f" dependencies = [ "ark-ec", - "ark-ff", - "ark-std", + "ark-ff 0.4.2", + "ark-std 0.4.0", ] [[package]] @@ -274,11 +393,11 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1f3a13b34da09176a8baba701233fdffbaa7c1b1192ce031a3da4e55ce1f1a56" dependencies = [ "ark-ec", - "ark-ff", + "ark-ff 0.4.2", "ark-relations", - "ark-serialize", + "ark-serialize 0.4.2", "ark-snark", - "ark-std", + "ark-std 0.4.0", "blake2", "derivative", "digest 0.10.7", @@ -291,10 +410,10 @@ version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "defd9a439d56ac24968cca0571f598a61bc8c55f71d50a89cda591cb750670ba" dependencies = [ - "ark-ff", + "ark-ff 0.4.2", "ark-poly", - "ark-serialize", - "ark-std", + "ark-serialize 0.4.2", + "ark-std 0.4.0", "derivative", "hashbrown 0.13.2", "itertools 0.10.5", @@ -302,26 +421,54 @@ dependencies = [ "zeroize", ] +[[package]] +name = "ark-ff" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b3235cc41ee7a12aaaf2c575a2ad7b46713a8a50bda2fc3b003a04845c05dd6" +dependencies = [ + "ark-ff-asm 0.3.0", + "ark-ff-macros 0.3.0", + "ark-serialize 0.3.0", + "ark-std 0.3.0", + "derivative", + "num-bigint 0.4.6", + "num-traits", + "paste", + "rustc_version 0.3.3", + "zeroize", +] + [[package]] name = "ark-ff" version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec847af850f44ad29048935519032c33da8aa03340876d351dfab5660d2966ba" dependencies = [ - "ark-ff-asm", - "ark-ff-macros", - "ark-serialize", - "ark-std", + "ark-ff-asm 0.4.2", + "ark-ff-macros 0.4.2", + "ark-serialize 0.4.2", + "ark-std 0.4.0", "derivative", "digest 0.10.7", "itertools 0.10.5", "num-bigint 0.4.6", "num-traits", "paste", - "rustc_version", + "rustc_version 0.4.1", "zeroize", ] +[[package]] +name = "ark-ff-asm" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db02d390bf6643fb404d3d22d31aee1c4bc4459600aef9113833d17e786c6e44" +dependencies = [ + "quote", + "syn 1.0.109", +] + [[package]] name = "ark-ff-asm" version = "0.4.2" @@ -332,6 +479,18 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "ark-ff-macros" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db2fd794a08ccb318058009eefdf15bcaaaaf6f8161eb3345f907222bac38b20" +dependencies = [ + "num-bigint 0.4.6", + "num-traits", + "quote", + "syn 1.0.109", +] + [[package]] name = "ark-ff-macros" version = "0.4.2" @@ -353,11 +512,11 @@ checksum = "20ceafa83848c3e390f1cbf124bc3193b3e639b3f02009e0e290809a501b95fc" dependencies = [ "ark-crypto-primitives", "ark-ec", - "ark-ff", + "ark-ff 0.4.2", "ark-poly", "ark-relations", - "ark-serialize", - "ark-std", + "ark-serialize 0.4.2", + "ark-std 0.4.0", ] [[package]] @@ -366,9 +525,9 @@ version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf" dependencies = [ - "ark-ff", - "ark-serialize", - "ark-std", + "ark-ff 0.4.2", + "ark-serialize 0.4.2", + "ark-std 0.4.0", "derivative", "hashbrown 0.13.2", ] @@ -379,8 +538,8 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "00796b6efc05a3f48225e59cb6a2cda78881e7c390872d5786aaf112f31fb4f0" dependencies = [ - "ark-ff", - "ark-std", + "ark-ff 0.4.2", + "ark-std 0.4.0", "tracing", ] @@ -391,8 +550,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3975a01b0a6e3eae0f72ec7ca8598a6620fc72fa5981f6f5cca33b7cd788f633" dependencies = [ "ark-ec", - "ark-ff", - "ark-std", + "ark-ff 0.4.2", + "ark-std 0.4.0", +] + +[[package]] +name = "ark-serialize" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d6c2b318ee6e10f8c2853e73a83adc0ccb88995aa978d8a3408d492ab2ee671" +dependencies = [ + "ark-std 0.3.0", + "digest 0.9.0", ] [[package]] @@ -402,7 +571,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "adb7b85a02b83d2f22f89bd5cac66c9c89474240cb6207cb1efc16d098e822a5" dependencies = [ "ark-serialize-derive", - "ark-std", + "ark-std 0.4.0", "digest 0.10.7", "num-bigint 0.4.6", ] @@ -424,10 +593,20 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "84d3cc6833a335bb8a600241889ead68ee89a3cf8448081fb7694c0fe503da63" dependencies = [ - "ark-ff", + "ark-ff 0.4.2", "ark-relations", - "ark-serialize", - "ark-std", + "ark-serialize 0.4.2", + "ark-std 0.4.0", +] + +[[package]] +name = "ark-std" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1df2c09229cbc5a028b1d70e00fdb2acee28b1055dfb5ca73eea49c5a25c4e7c" +dependencies = [ + "num-traits", + "rand", ] [[package]] @@ -568,7 +747,7 @@ dependencies = [ "anyhow", "atoma-state", "atoma-sui", - "atoma-utils", + "atoma-utils 0.1.0 (git+https://github.com/atoma-network/atoma-node.git?branch=main)", "base64 0.22.1", "bcs", "blake2", @@ -596,6 +775,31 @@ dependencies = [ "tracing", ] +[[package]] +name = "atoma-confidential" +version = "0.1.0" +source = "git+https://github.com/atoma-network/atoma-node.git?branch=feat%2Fsev-snp-support#4902d570fcbf65922b892573cbcfece4d190295a" +dependencies = [ + "aes-gcm", + "anyhow", + "atoma-sui", + "atoma-utils 0.1.0 (git+https://github.com/atoma-network/atoma-node.git?branch=feat%2Fsev-snp-support)", + "bincode", + "blake2", + "dcap-rs", + "flume", + "p384", + "rand", + "sev 5.0.0", + "sha2 0.10.8", + "strum 0.26.3", + "tdx", + "thiserror 2.0.11", + "tokio", + "tracing", + "x25519-dalek", +] + [[package]] name = "atoma-proxy" version = "0.1.0" @@ -608,9 +812,11 @@ dependencies = [ "atoma-sui", "atoma-utils", "axum 0.7.9", + "atoma-utils 0.1.0 (git+https://github.com/atoma-network/atoma-node.git?branch=main)", + "axum", "base64 0.22.1", "blake2", - "clap", + "clap 4.5.27", "config", "fastcrypto 0.1.8", "flume", @@ -670,6 +876,7 @@ dependencies = [ name = "atoma-state" version = "0.1.0" dependencies = [ + "atoma-confidential", "atoma-sui", "chrono", "config", @@ -713,7 +920,7 @@ source = "git+https://github.com/atoma-network/atoma-node.git?branch=main#d2fa28 dependencies = [ "aes-gcm", "anyhow", - "axum 0.7.9", + "axum", "blake2", "fastcrypto 0.1.9", "hkdf", @@ -733,6 +940,28 @@ version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0" +[[package]] +name = "atty" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" +dependencies = [ + "hermit-abi 0.1.19", + "libc", + "winapi", +] + +[[package]] +name = "auto_impl" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e12882f59de5360c748c4cbf569a042d5fb0eb515f7bea9c1f470b47f6ffbd73" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.96", +] + [[package]] name = "auto_ops" version = "0.3.0" @@ -934,6 +1163,15 @@ version = "0.22.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" +[[package]] +name = "base64-url" +version = "3.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38e2b6c78c06f7288d5e3c3d683bde35a79531127c83b087e5d0d77c974b4b28" +dependencies = [ + "base64 0.22.1", +] + [[package]] name = "base64ct" version = "1.6.0" @@ -1017,7 +1255,7 @@ checksum = "b30ed1d6f8437a487a266c8293aeb95b61a23261273e3e02912cdb8b68bf798b" dependencies = [ "bs58 0.4.0", "hmac", - "k256", + "k256 0.11.6", "once_cell", "pbkdf2", "rand_core", @@ -1057,6 +1295,18 @@ dependencies = [ "bitcoin-private", ] +[[package]] +name = "bitfield" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d7e60934ceec538daadb9d8432424ed043a904d8e0243f3c6446bce549a46ac" + +[[package]] +name = "bitfield" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c821a6e124197eb56d907ccc2188eab1038fb919c914f47976e64dd8dbc855d1" + [[package]] name = "bitflags" version = "1.3.2" @@ -1284,6 +1534,25 @@ dependencies = [ "cipher", ] +[[package]] +name = "cbindgen" +version = "0.24.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b922faaf31122819ec80c4047cc684c6979a087366c069611e33649bf98e18d" +dependencies = [ + "clap 3.2.25", + "heck 0.4.1", + "indexmap 1.9.3", + "log", + "proc-macro2", + "quote", + "serde", + "serde_json", + "syn 1.0.109", + "tempfile", + "toml 0.5.11", +] + [[package]] name = "cc" version = "1.2.10" @@ -1365,6 +1634,21 @@ dependencies = [ "inout", ] +[[package]] +name = "clap" +version = "3.2.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ea181bf566f71cb9a5d17a59e1871af638180a18fb0035c92ae62b705207123" +dependencies = [ + "atty", + "bitflags 1.3.2", + "clap_lex 0.2.4", + "indexmap 1.9.3", + "strsim 0.10.0", + "termcolor", + "textwrap", +] + [[package]] name = "clap" version = "4.5.27" @@ -1383,7 +1667,7 @@ checksum = "1b26884eb4b57140e4d2d93652abfa49498b938b3c9179f9fc487b0acc3edad7" dependencies = [ "anstream", "anstyle", - "clap_lex", + "clap_lex 0.7.4", "strsim 0.11.1", "terminal_size", ] @@ -1400,12 +1684,37 @@ dependencies = [ "syn 2.0.96", ] +[[package]] +name = "clap_lex" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5" +dependencies = [ + "os_str_bytes", +] + [[package]] name = "clap_lex" version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f46ad14479a25103f283c0f10005961cf086d8dc42205bb44c46ac563475dca6" +[[package]] +name = "coco-provider" +version = "0.1.0" +source = "git+https://github.com/automata-network/tdx-attestation-sdk.git?branch=main#9b6a8f096b7630ee59597ecd9805e65c19a39e0f" +dependencies = [ + "bincode", + "log", + "rand", + "serde", + "serde-big-array", + "sev 4.0.0", + "sysinfo", + "tss-esapi", + "users", +] + [[package]] name = "codespan" version = "0.11.1" @@ -1427,6 +1736,12 @@ dependencies = [ "unicode-width 0.1.14", ] +[[package]] +name = "codicon" +version = "3.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "12170080f3533d6f09a19f81596f836854d0fa4867dc32c8172b8474b4e9de61" + [[package]] name = "colorchoice" version = "1.0.3" @@ -1506,6 +1821,19 @@ dependencies = [ "windows-sys 0.59.0", ] +[[package]] +name = "const-hex" +version = "1.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b0485bab839b018a8f1723fc5391819fea5f8f0f32288ef8a735fd096b6160c" +dependencies = [ + "cfg-if", + "cpufeatures", + "hex", + "proptest", + "serde", +] + [[package]] name = "const-oid" version = "0.9.6" @@ -1755,7 +2083,7 @@ dependencies = [ "cpufeatures", "curve25519-dalek-derive", "fiat-crypto", - "rustc_version", + "rustc_version 0.4.1", "subtle", "zeroize", ] @@ -1923,6 +2251,23 @@ dependencies = [ "x509-cert", ] +[[package]] +name = "dcap-rs" +version = "0.1.0" +source = "git+https://github.com/automata-network/dcap-rs.git#4c162176961276986cf6f242487e3a8c519c74fc" +dependencies = [ + "alloy-sol-types", + "chrono", + "hex", + "p256", + "serde", + "serde_json", + "sha2 0.10.8", + "sha3", + "time", + "x509-parser 0.15.1", +] + [[package]] name = "der" version = "0.6.1" @@ -2055,7 +2400,7 @@ dependencies = [ "convert_case 0.4.0", "proc-macro2", "quote", - "rustc_version", + "rustc_version 0.4.1", "syn 2.0.96", ] @@ -2305,6 +2650,7 @@ dependencies = [ "ff 0.13.0", "generic-array", "group 0.13.0", + "hkdf", "pem-rfc7468 0.7.0", "pkcs8 0.10.2", "rand_core", @@ -2360,6 +2706,26 @@ dependencies = [ "syn 2.0.96", ] +[[package]] +name = "enumflags2" +version = "0.7.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba2f4b465f5318854c6f8dd686ede6c0a9dc67d4b1ac241cf0eb51521a309147" +dependencies = [ + "enumflags2_derive", +] + +[[package]] +name = "enumflags2_derive" +version = "0.7.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc4caf64a58d7a6d65ab00639b046ff54399a39f5f2554728895ace4b297cd79" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.96", +] + [[package]] name = "equivalent" version = "1.0.1" @@ -2431,9 +2797,9 @@ dependencies = [ "aes", "aes-gcm", "ark-ec", - "ark-ff", + "ark-ff 0.4.2", "ark-secp256r1", - "ark-serialize", + "ark-serialize 0.4.2", "auto_ops", "base64ct", "bech32", @@ -2484,9 +2850,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e06674cac3bf7ec9a951971285e6051a45273dc4e265cca27c02a0d4ebcb46f8" dependencies = [ "ark-ec", - "ark-ff", + "ark-ff 0.4.2", "ark-secp256r1", - "ark-serialize", + "ark-serialize 0.4.2", "auto_ops", "base64ct", "bech32", @@ -2575,10 +2941,10 @@ source = "git+https://github.com/MystenLabs/fastcrypto?rev=69d496c71fb37e3d22fe8 dependencies = [ "ark-bn254", "ark-ec", - "ark-ff", + "ark-ff 0.4.2", "ark-groth16", "ark-relations", - "ark-serialize", + "ark-serialize 0.4.2", "ark-snark", "bcs", "byte-slice-cast", @@ -2605,6 +2971,17 @@ version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" +[[package]] +name = "fastrlp" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "139834ddba373bbdd213dffe02c8d110508dcf1726c2be27e8d1f7d7e1856418" +dependencies = [ + "arrayvec", + "auto_impl", + "bytes", +] + [[package]] name = "ff" version = "0.12.1" @@ -2662,6 +3039,18 @@ dependencies = [ "static_assertions", ] +[[package]] +name = "fixed-hash" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "835c052cb0c08c1acf6ffd71c022172e18723949c8282f2b9f27efbc51e64534" +dependencies = [ + "byteorder", + "rand", + "rustc-hex", + "static_assertions", +] + [[package]] name = "fixedbitset" version = "0.2.0" @@ -3035,6 +3424,7 @@ dependencies = [ "allocator-api2", "equivalent", "foldhash", + "serde", ] [[package]] @@ -3077,6 +3467,15 @@ version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" +[[package]] +name = "hermit-abi" +version = "0.1.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" +dependencies = [ + "libc", +] + [[package]] name = "hermit-abi" version = "0.3.9" @@ -3204,6 +3603,12 @@ dependencies = [ "winapi", ] +[[package]] +name = "hostname-validator" +version = "1.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f558a64ac9af88b5ba400d99b579451af0d39c6d360980045b91aac966d705e2" + [[package]] name = "http" version = "0.2.12" @@ -3614,6 +4019,15 @@ dependencies = [ "parity-scale-codec 2.3.1", ] +[[package]] +name = "impl-codec" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba6a270039626615617f3f36d15fc827041df3b78c439da2cadfa47455a77f2f" +dependencies = [ + "parity-scale-codec 3.6.12", +] + [[package]] name = "impl-serde" version = "0.3.2" @@ -3707,6 +4121,12 @@ dependencies = [ "similar", ] +[[package]] +name = "iocuddle" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d8972d5be69940353d5347a1344cb375d9b457d6809b428b05bb1ca2fb9ce007" + [[package]] name = "ipconfig" version = "0.3.2" @@ -4025,6 +4445,19 @@ dependencies = [ "sha3", ] +[[package]] +name = "k256" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6e3919bbaa2945715f0bb6d3934a173d1e9a59ac23767fbaaef277265a7411b" +dependencies = [ + "cfg-if", + "ecdsa 0.16.9", + "elliptic-curve 0.13.8", + "once_cell", + "sha2 0.10.8", +] + [[package]] name = "keccak" version = "0.1.5" @@ -4034,6 +4467,16 @@ dependencies = [ "cpufeatures", ] +[[package]] +name = "keccak-asm" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "505d1856a39b200489082f90d897c3f07c455563880bc5952e38eabf731c83b6" +dependencies = [ + "digest 0.10.7", + "sha3-asm", +] + [[package]] name = "lazy_static" version = "1.5.0" @@ -4199,6 +4642,16 @@ version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0e7465ac9959cc2b1404e8e2367b43684a6d13790fe23056cc8c6c5a6b7bcb94" +[[package]] +name = "mbox" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26d142aeadbc4e8c679fc6d93fbe7efe1c021fa7d80629e615915b519e3bc6de" +dependencies = [ + "libc", + "stable_deref_trait", +] + [[package]] name = "md-5" version = "0.10.6" @@ -4391,7 +4844,7 @@ source = "git+https://github.com/mystenlabs/sui?tag=testnet-v1.41.1#5612ba3005e9 dependencies = [ "anyhow", "bcs", - "clap", + "clap 4.5.27", "codespan-reporting", "dunce", "hex", @@ -4432,7 +4885,7 @@ dependencies = [ "move-proc-macros", "num", "once_cell", - "primitive-types", + "primitive-types 0.10.1", "rand", "ref-cast", "serde", @@ -4449,7 +4902,7 @@ source = "git+https://github.com/mystenlabs/sui?tag=testnet-v1.41.1#5612ba3005e9 dependencies = [ "anyhow", "bcs", - "clap", + "clap 4.5.27", "codespan", "colored", "indexmap 2.7.1", @@ -4470,7 +4923,7 @@ source = "git+https://github.com/mystenlabs/sui?tag=testnet-v1.41.1#5612ba3005e9 dependencies = [ "anyhow", "bcs", - "clap", + "clap 4.5.27", "hex", "inline_colorization", "move-abstract-interpreter", @@ -4808,6 +5261,15 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "38bf9645c8b145698bb0b18a4637dcacbc421ea49bef2317e4fd8065a387cf21" +[[package]] +name = "ntapi" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8a3895c6391c39d7fe7ebc444a87eb2991b2a0bc718fdabd071eec617fc68e4" +dependencies = [ + "winapi", +] + [[package]] name = "nu-ansi-term" version = "0.46.0" @@ -4886,6 +5348,17 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9" +[[package]] +name = "num-derive" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed3955f1a9c7c0c15e092f9c887db08b1fc683305fdf6eb6684f22555355e202" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.96", +] + [[package]] name = "num-integer" version = "0.1.46" @@ -4933,7 +5406,7 @@ version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" dependencies = [ - "hermit-abi", + "hermit-abi 0.3.9", "libc", ] @@ -5004,6 +5477,15 @@ dependencies = [ "walkdir", ] +[[package]] +name = "oid" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c19903c598813dba001b53beeae59bb77ad4892c5c1b9b3500ce4293a0d06c2" +dependencies = [ + "serde", +] + [[package]] name = "oid-registry" version = "0.6.1" @@ -5173,6 +5655,12 @@ dependencies = [ "hashbrown 0.14.5", ] +[[package]] +name = "os_str_bytes" +version = "6.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2355d85b9a3786f481747ced0e0ff2ba35213a1f9bd406ed906554d7af805a1" + [[package]] name = "ouroboros" version = "0.17.2" @@ -5508,12 +5996,47 @@ dependencies = [ ] [[package]] -name = "phf_shared" -version = "0.11.3" +name = "phf_shared" +version = "0.11.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "67eabc2ef2a60eb7faa00097bd1ffdb5bd28e62bf39990626a582201b7a754e5" +dependencies = [ + "siphasher", +] + +[[package]] +name = "picky-asn1" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "295eea0f33c16be21e2a98b908fdd4d73c04dd48c8480991b76dbcf0cb58b212" +dependencies = [ + "oid", + "serde", + "serde_bytes", +] + +[[package]] +name = "picky-asn1-der" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5df7873a9e36d42dadb393bea5e211fe83d793c172afad5fb4ec846ec582793f" +dependencies = [ + "picky-asn1", + "serde", + "serde_bytes", +] + +[[package]] +name = "picky-asn1-x509" +version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67eabc2ef2a60eb7faa00097bd1ffdb5bd28e62bf39990626a582201b7a754e5" +checksum = "2c5f20f71a68499ff32310f418a6fad8816eac1a2859ed3f0c5c741389dd6208" dependencies = [ - "siphasher", + "base64 0.21.7", + "oid", + "picky-asn1", + "picky-asn1-der", + "serde", ] [[package]] @@ -5645,12 +6168,23 @@ version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "05e4722c697a58a99d5d06a08c30821d7c082a4632198de1eaa5a6c22ef42373" dependencies = [ - "fixed-hash", - "impl-codec", + "fixed-hash 0.7.0", + "impl-codec 0.5.1", "impl-serde", "uint", ] +[[package]] +name = "primitive-types" +version = "0.12.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b34d9fd68ae0b74a41b21c03c2f62847aa0ffea044eee893b4c140b37e244e2" +dependencies = [ + "fixed-hash 0.8.0", + "impl-codec 0.6.0", + "uint", +] + [[package]] name = "proc-macro-crate" version = "1.1.3" @@ -5694,6 +6228,28 @@ dependencies = [ "version_check", ] +[[package]] +name = "proc-macro-error-attr2" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96de42df36bb9bba5542fe9f1a054b8cc87e172759a1868aa05c1f3acc89dfc5" +dependencies = [ + "proc-macro2", + "quote", +] + +[[package]] +name = "proc-macro-error2" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11ec05c52be0a07b08061f7dd003e7d7092e0472bc731b4af7bb1ef876109802" +dependencies = [ + "proc-macro-error-attr2", + "proc-macro2", + "quote", + "syn 2.0.96", +] + [[package]] name = "proc-macro2" version = "1.0.93" @@ -5932,6 +6488,7 @@ dependencies = [ "libc", "rand_chacha", "rand_core", + "serde", ] [[package]] @@ -6284,6 +6841,16 @@ dependencies = [ "digest 0.10.7", ] +[[package]] +name = "rlp" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bb919243f34364b6bd2fc10ef797edbfa75f33c252e7998527479c6d6b47e1ec" +dependencies = [ + "bytes", + "rustc-hex", +] + [[package]] name = "roaring" version = "0.10.10" @@ -6353,6 +6920,36 @@ dependencies = [ "zeroize", ] +[[package]] +name = "ruint" +version = "1.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c3cc4c2511671f327125da14133d0c5c5d137f006a1017a16f557bc85b16286" +dependencies = [ + "alloy-rlp", + "ark-ff 0.3.0", + "ark-ff 0.4.2", + "bytes", + "fastrlp", + "num-bigint 0.4.6", + "num-traits", + "parity-scale-codec 3.6.12", + "primitive-types 0.12.2", + "proptest", + "rand", + "rlp", + "ruint-macro", + "serde", + "valuable", + "zeroize", +] + +[[package]] +name = "ruint-macro" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48fd7bd8a6377e15ad9d42a8ec25371b94ddc67abe7c8b9127bec79bebaaae18" + [[package]] name = "rust-embed" version = "8.5.0" @@ -6421,13 +7018,22 @@ version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3e75f6a532d0fd9f7f13144f392b6ad56a32696bfcd9c78f797f16bbb6f072d6" +[[package]] +name = "rustc_version" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0dfe2087c51c460008730de8b57e6a320782fbfb312e1f4d520e6c6fae155ee" +dependencies = [ + "semver 0.11.0", +] + [[package]] name = "rustc_version" version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92" dependencies = [ - "semver", + "semver 1.0.25", ] [[package]] @@ -6798,12 +7404,30 @@ dependencies = [ "libc", ] +[[package]] +name = "semver" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6" +dependencies = [ + "semver-parser", +] + [[package]] name = "semver" version = "1.0.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f79dfe2d285b0488816f30e700a7438c5a73d816b5b7d3ac72fbc48b0d185e03" +[[package]] +name = "semver-parser" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9900206b54a3527fdc7b8a938bffd94a568bac4f4aa8113b209df75a09c0dec2" +dependencies = [ + "pest", +] + [[package]] name = "serde" version = "1.0.217" @@ -6813,6 +7437,15 @@ dependencies = [ "serde_derive", ] +[[package]] +name = "serde-big-array" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11fc7cc2c76d73e0f27ee52abbd64eec84d46f370c88371120433196934e4b7f" +dependencies = [ + "serde", +] + [[package]] name = "serde-env" version = "0.2.0" @@ -7010,6 +7643,58 @@ dependencies = [ "syn 2.0.96", ] +[[package]] +name = "sev" +version = "4.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a97bd0b2e2d937951add10c8512a2dacc6ad29b39e5c5f26565a3e443329857d" +dependencies = [ + "base64 0.22.1", + "bincode", + "bitfield 0.15.0", + "bitflags 1.3.2", + "byteorder", + "codicon", + "dirs 5.0.1", + "hex", + "iocuddle", + "lazy_static", + "libc", + "serde", + "serde-big-array", + "serde_bytes", + "static_assertions", + "uuid", +] + +[[package]] +name = "sev" +version = "5.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b06afe5192a43814047ea0072f4935f830a1de3c8cb43b56c90ae6918468b94d" +dependencies = [ + "base64 0.22.1", + "bincode", + "bitfield 0.15.0", + "bitflags 1.3.2", + "byteorder", + "codicon", + "dirs 5.0.1", + "hex", + "iocuddle", + "lazy_static", + "libc", + "p384", + "rsa 0.9.7", + "serde", + "serde-big-array", + "serde_bytes", + "sha2 0.10.8", + "static_assertions", + "uuid", + "x509-cert", +] + [[package]] name = "sha1" version = "0.10.6" @@ -7055,6 +7740,16 @@ dependencies = [ "keccak", ] +[[package]] +name = "sha3-asm" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c28efc5e327c837aa837c59eae585fc250715ef939ac32881bcc11677cd02d46" +dependencies = [ + "cc", + "cfg-if", +] + [[package]] name = "sharded-slab" version = "0.1.7" @@ -7552,6 +8247,15 @@ dependencies = [ "strum_macros 0.25.3", ] +[[package]] +name = "strum" +version = "0.26.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06" +dependencies = [ + "strum_macros 0.26.4", +] + [[package]] name = "strum_macros" version = "0.24.3" @@ -7578,6 +8282,19 @@ dependencies = [ "syn 2.0.96", ] +[[package]] +name = "strum_macros" +version = "0.26.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c6bee85a5a24955dc440386795aa378cd9cf82acd5f764469152d2270e581be" +dependencies = [ + "heck 0.5.0", + "proc-macro2", + "quote", + "rustversion", + "syn 2.0.96", +] + [[package]] name = "subtle" version = "2.6.1" @@ -7598,7 +8315,7 @@ dependencies = [ "anemo", "anyhow", "bcs", - "clap", + "clap 4.5.27", "consensus-config", "csv", "dirs 4.0.0", @@ -7808,7 +8525,7 @@ name = "sui-protocol-config" version = "0.1.0" source = "git+https://github.com/mystenlabs/sui?tag=testnet-v1.41.1#5612ba3005e94b1eaf2dc0dcdbddb0e45668a6fc" dependencies = [ - "clap", + "clap 4.5.27", "insta", "move-vm-config", "schemars", @@ -7878,7 +8595,7 @@ dependencies = [ "async-trait", "base64 0.21.7", "bcs", - "clap", + "clap 4.5.27", "colored", "fastcrypto 0.1.8", "futures", @@ -7959,7 +8676,7 @@ dependencies = [ "tokio", "tokio-rustls 0.26.1", "tower-layer", - "x509-parser", + "x509-parser 0.14.0", ] [[package]] @@ -8060,7 +8777,7 @@ dependencies = [ "tonic 0.12.3", "tracing", "typed-store-error", - "x509-parser", + "x509-parser 0.14.0", ] [[package]] @@ -8085,6 +8802,18 @@ dependencies = [ "unicode-ident", ] +[[package]] +name = "syn-solidity" +version = "0.8.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b84e4d83a0a6704561302b917a932484e1cae2d8c6354c64be8b7bac1c1fe057" +dependencies = [ + "paste", + "proc-macro2", + "quote", + "syn 2.0.96", +] + [[package]] name = "sync_wrapper" version = "0.1.2" @@ -8123,6 +8852,21 @@ dependencies = [ "syn 2.0.96", ] +[[package]] +name = "sysinfo" +version = "0.30.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a5b4ddaee55fb2bea2bf0e5000747e5f5c0de765e5a5ff87f4cd106439f4bb3" +dependencies = [ + "cfg-if", + "core-foundation-sys", + "libc", + "ntapi", + "once_cell", + "rayon", + "windows", +] + [[package]] name = "system-configuration" version = "0.5.1" @@ -8195,6 +8939,27 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" +[[package]] +name = "target-lexicon" +version = "0.12.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61c41af27dd6d1e27b1b16b489db798443478cef1f06a660c96db617ba5de3b1" + +[[package]] +name = "tdx" +version = "0.1.0" +source = "git+https://github.com/automata-network/tdx-attestation-sdk.git?branch=main#9b6a8f096b7630ee59597ecd9805e65c19a39e0f" +dependencies = [ + "base64-url", + "cbindgen", + "coco-provider", + "dcap-rs", + "hex", + "rand", + "serde", + "ureq", +] + [[package]] name = "tempfile" version = "3.16.0" @@ -8228,6 +8993,12 @@ dependencies = [ "windows-sys 0.59.0", ] +[[package]] +name = "textwrap" +version = "0.16.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23d434d3f8967a09480fb04132ebe0a3e088c173e6d0ee7897abbdf4eab0f8b9" + [[package]] name = "thiserror" version = "1.0.69" @@ -8371,6 +9142,27 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" +[[package]] +name = "tls_codec" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5e78c9c330f8c85b2bae7c8368f2739157db9991235123aa1b15ef9502bfb6a" +dependencies = [ + "tls_codec_derive", + "zeroize", +] + +[[package]] +name = "tls_codec_derive" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d9ef545650e79f30233c0003bcc2504d7efac6dad25fca40744de773fe2049c" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.96", +] + [[package]] name = "tokenizers" version = "0.21.0" @@ -8861,6 +9653,39 @@ version = "0.2.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" +[[package]] +name = "tss-esapi" +version = "7.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78ea9ccde878b029392ac97b5be1f470173d06ea41d18ad0bb3c92794c16a0f2" +dependencies = [ + "bitfield 0.14.0", + "enumflags2", + "getrandom", + "hostname-validator", + "log", + "mbox", + "num-derive", + "num-traits", + "oid", + "picky-asn1", + "picky-asn1-x509", + "regex", + "serde", + "tss-esapi-sys", + "zeroize", +] + +[[package]] +name = "tss-esapi-sys" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "535cd192581c2ec4d5f82e670b1d3fbba6a23ccce8c85de387642051d7cad5b5" +dependencies = [ + "pkg-config", + "target-lexicon", +] + [[package]] name = "tungstenite" version = "0.24.0" @@ -9089,6 +9914,16 @@ version = "2.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da" +[[package]] +name = "users" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24cc0f6d6f267b73e5a2cadf007ba8f9bc39c6a6f9666f8cf25ea809a153b032" +dependencies = [ + "libc", + "log", +] + [[package]] name = "utf-8" version = "0.7.6" @@ -9163,6 +9998,7 @@ checksum = "b3758f5e68192bb96cc8f9b7e2c2cfdabb435499a28499a42f8f984092adad4b" dependencies = [ "getrandom 0.2.15", "rand", + "serde", ] [[package]] @@ -9424,6 +10260,16 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" +[[package]] +name = "windows" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e48a53791691ab099e5e2ad123536d0fff50652600abaf43bbf952894110d0be" +dependencies = [ + "windows-core", + "windows-targets 0.52.6", +] + [[package]] name = "windows-core" version = "0.52.0" @@ -9696,6 +10542,7 @@ dependencies = [ "const-oid", "der 0.7.9", "spki 0.7.3", + "tls_codec", ] [[package]] @@ -9717,6 +10564,23 @@ dependencies = [ "time", ] +[[package]] +name = "x509-parser" +version = "0.15.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7069fba5b66b9193bd2c5d3d4ff12b839118f6bcbef5328efafafb5395cf63da" +dependencies = [ + "asn1-rs", + "data-encoding", + "der-parser", + "lazy_static", + "nom", + "oid-registry", + "rusticata-macros", + "thiserror 1.0.69", + "time", +] + [[package]] name = "yaml-rust" version = "0.4.5" diff --git a/Cargo.toml b/Cargo.toml index 8460a70e..c3a924c3 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,6 +11,7 @@ license = "Apache-2.0" anyhow = "1.0.91" async-trait = "0.1.86" atoma-auth = { path = "./atoma-auth" } +atoma-confidential = { git = "https://github.com/atoma-network/atoma-node.git", package = "atoma-confidential", branch = "main", features = ["sev-snp", "tdx"] } atoma-proxy-service = { path = "./atoma-proxy-service" } atoma-state = { path = "./atoma-state" } atoma-sui = { git = "https://github.com/atoma-network/atoma-node.git", package = "atoma-sui", branch = "main" } diff --git a/atoma-state/Cargo.toml b/atoma-state/Cargo.toml index bf6b8887..3e9146ad 100644 --- a/atoma-state/Cargo.toml +++ b/atoma-state/Cargo.toml @@ -5,6 +5,7 @@ edition.workspace = true license.workspace = true [dependencies] +atoma-confidential = { workspace = true, optional = true } atoma-sui = { workspace = true } chrono.workspace = true config = { workspace = true } @@ -22,3 +23,7 @@ utoipa = { workspace = true } futures = { workspace = true } serial_test = { workspace = true } uuid = { workspace = true } + +[features] +default = [] +confidential = ["dep:atoma-confidential"] \ No newline at end of file diff --git a/atoma-state/src/handlers.rs b/atoma-state/src/handlers.rs index b8d02085..5c686db8 100644 --- a/atoma-state/src/handlers.rs +++ b/atoma-state/src/handlers.rs @@ -15,6 +15,9 @@ use crate::{ AtomaStateManager, AtomaStateManagerError, }; +#[cfg(feature = "confidential")] +use atoma_confidential::types::TEEProvider; + #[instrument(level = "trace", skip_all)] pub async fn handle_atoma_event( event: AtomaEvent, @@ -1313,11 +1316,29 @@ pub async fn handle_node_key_rotation_event( node_id, new_public_key, tee_remote_attestation_bytes, + #[cfg(feature = "confidential")] + tee_provider, + #[cfg(not(feature = "confidential"))] + tee_provider: _, } = event; - let is_valid = - utils::verify_quote_v4_attestation(&tee_remote_attestation_bytes, &new_public_key) - .await - .is_ok(); + + #[cfg(feature = "confidential")] + let is_valid = match event.tee_provider { + atoma_confidential::types::TEEProvider::Tdx => { + utils::tdx::verify_quote_v4_attestation(&tee_remote_attestation_bytes, &new_public_key) + .await + .is_ok() + }, + atoma_confidential::types::TEEProvider::Snp => { + utils::snp::verify_snp_attestation(&tee_remote_attestation_bytes, &new_public_key) + .await + .is_ok() + }, + atoma_confidential::types::TEEProvider::Arm => { + todo!() + } + }; + state_manager .state .update_node_public_key( @@ -1333,106 +1354,154 @@ pub async fn handle_node_key_rotation_event( } mod utils { - use super::{AtomaStateManagerError, Result}; + #[cfg(feature = "confidential")] + pub(crate) mod tdx { + use super::*; - use dcap_qvl::collateral::get_collateral; - use dcap_qvl::quote::{Quote, Report}; - use dcap_qvl::verify::verify; - use std::time::Duration; + use dcap_qvl::collateral::get_collateral; + use dcap_qvl::quote::{Quote, Report}; + use dcap_qvl::verify::verify; + use std::time::Duration; - /// The timeout to use for quote verification. - const TIMEOUT: Duration = Duration::from_secs(10); + /// The timeout to use for quote verification. + const TIMEOUT: Duration = Duration::from_secs(10); - /// The TCB update mode to use for quote verification. - const TCB_UPDATE_MODE: &str = "early"; + /// The TCB update mode to use for quote verification. + const TCB_UPDATE_MODE: &str = "early"; - /// Verifies a TEE (Trusted Execution Environment) remote attestation quote using Intel's DCAP Quote Verification Library. - /// - /// This function performs verification of a Quote V4 attestation by: - /// 1. Retrieving collateral data from Intel's Provisioning Certificate Caching Service (PCCS) - /// 2. Verifying the quote against the collateral using the current timestamp - /// - /// # Arguments - /// - /// * `tee_remote_attestation_bytes` - A byte slice containing the TEE remote attestation quote data - /// * `new_public_key` - A byte slice containing the public key to be verified (currently unused in verification) - /// - /// # Returns - /// - /// * `Result<()>` - Ok(()) if verification succeeds, or an error if verification fails - /// - /// # Errors - /// - /// This function will return an error in the following cases: - /// * If collateral retrieval from PCCS fails - /// * If the system time cannot be determined - /// * If quote verification fails - /// - /// # Example - /// - /// ```rust,ignore - /// use your_crate::verify_quote_v4_attestation; - /// - /// async fn verify_attestation() { - /// let quote_data = vec![/* quote data */]; - /// let public_key = vec![/* public key data */]; - /// - /// match verify_quote_v4_attestation("e_data, &public_key).await { - /// Ok(()) => println!("Attestation verified successfully"), - /// Err(e) => eprintln!("Attestation verification failed: {:?}", e), - /// } - /// } - /// ``` - /// - /// # Notes - /// - /// * Uses Intel's PCCS service at a hardcoded URL with a 10-second timeout - /// * The `new_public_key` parameter is currently passed through but not used in the verification process - /// * This function is specifically for Quote V4 format attestations - pub async fn verify_quote_v4_attestation( - quote_bytes: &[u8], - new_public_key: &[u8], - ) -> Result<()> { - let quote = Quote::parse(quote_bytes) - .map_err(|e| AtomaStateManagerError::FailedToParseQuote(format!("{e:?}")))?; - let fmspc = quote - .fmspc() - .map_err(|e| AtomaStateManagerError::FailedToRetrieveFmspc(format!("{e:?}")))?; - #[allow(clippy::uninlined_format_args)] - let certification_tcb_url = format!( - "https://api.trustedservices.intel.com/tdx/certification/v4/tcb?fmspc={:?}&update={TCB_UPDATE_MODE}", - fmspc - ); - let collateral = get_collateral(&certification_tcb_url, quote_bytes, TIMEOUT) - .await - .map_err(|e| AtomaStateManagerError::FailedToRetrieveCollateral(format!("{e:?}")))?; - let now = std::time::SystemTime::now() - .duration_since(std::time::UNIX_EPOCH) - .map_err(|e| AtomaStateManagerError::UnixTimeWentBackwards(e.to_string()))? - .as_secs(); - match quote.report { - Report::SgxEnclave(_) => { - return Err(AtomaStateManagerError::FailedToVerifyQuote( - "Report SGX type not supported".to_string(), - )); - } - Report::TD10(report) => { - if report.report_data != new_public_key { - return Err(AtomaStateManagerError::FailedToVerifyQuote( - "Report TD10 data does not match new public key".to_string(), + /// Verifies a TEE (Trusted Execution Environment) remote attestation quote using Intel's DCAP Quote Verification Library. + /// + /// This function performs verification of a Quote V4 attestation by: + /// 1. Retrieving collateral data from Intel's Provisioning Certificate Caching Service (PCCS) + /// 2. Verifying the quote against the collateral using the current timestamp + /// + /// # Arguments + /// + /// * `tee_remote_attestation_bytes` - A byte slice containing the TEE remote attestation quote data + /// * `new_public_key` - A byte slice containing the public key to be verified (currently unused in verification) + /// + /// # Returns + /// + /// * `Result<()>` - Ok(()) if verification succeeds, or an error if verification fails + /// + /// # Errors + /// + /// This function will return an error in the following cases: + /// * If collateral retrieval from PCCS fails + /// * If the system time cannot be determined + /// * If quote verification fails + /// + /// # Example + /// + /// ```rust,ignore + /// use your_crate::verify_quote_v4_attestation; + /// + /// async fn verify_attestation() { + /// let quote_data = vec![/* quote data */]; + /// let public_key = vec![/* public key data */]; + /// + /// match verify_quote_v4_attestation("e_data, &public_key).await { + /// Ok(()) => println!("Attestation verified successfully"), + /// Err(e) => eprintln!("Attestation verification failed: {:?}", e), + /// } + /// } + /// ``` + /// + /// # Notes + /// + /// * Uses Intel's PCCS service at a hardcoded URL with a 10-second timeout + /// * The `new_public_key` parameter is currently passed through but not used in the verification process + /// * This function is specifically for Quote V4 format attestations + pub(crate) async fn verify_quote_v4_attestation( + quote_bytes: &[u8], + new_public_key: &[u8], + ) -> Result<()> { + let quote = Quote::parse(quote_bytes) + .map_err(|e| crate::AtomaStateManagerError::FailedToParseQuote(format!("{e:?}")))?; + let fmspc = quote + .fmspc() + .map_err(|e| crate::AtomaStateManagerError::FailedToRetrieveFmspc(format!("{e:?}")))?; + let certification_tcb_url = format!( + "https://api.trustedservices.intel.com/tdx/certification/v4/tcb?fmspc={:?}&update={TCB_UPDATE_MODE}", + fmspc + ); + let collateral = get_collateral(&certification_tcb_url, quote_bytes, TIMEOUT) + .await + .map_err(|e| crate::AtomaStateManagerError::FailedToRetrieveCollateral(format!("{e:?}")))?; + let now = std::time::SystemTime::now() + .duration_since(std::time::UNIX_EPOCH) + .map_err(|e| crate::AtomaStateManagerError::UnixTimeWentBackwards(e.to_string()))? + .as_secs(); + match quote.report { + Report::SgxEnclave(_) => { + return Err(crate::AtomaStateManagerError::FailedToVerifyQuote( + "Report SGX type not supported".to_string(), )); } + Report::TD10(report) => { + if report.report_data != new_public_key { + return Err(crate::AtomaStateManagerError::FailedToVerifyQuote( + "Report TD10 data does not match new public key".to_string(), + )); + } + } + Report::TD15(report) => { + if report.base.report_data != new_public_key { + return Err(crate::AtomaStateManagerError::FailedToVerifyQuote( + "Report TD15 data does not match new public key".to_string(), + )); + } + } } - Report::TD15(report) => { - if report.base.report_data != new_public_key { - return Err(AtomaStateManagerError::FailedToVerifyQuote( - "Report TD15 data does not match new public key".to_string(), - )); + verify(quote_bytes, &collateral, now) + .map_err(|e| crate::AtomaStateManagerError::FailedToVerifyQuote(format!("{e:?}")))?; + + Ok(()) + } + } + + /// Module specifically made for SNP AttestationReport verification + #[cfg(feature = "confidential")] + pub(crate) mod snp { + use super::*; + use atoma_confidential::sev_snp::SNPAttestationReport; + + pub(crate) async fn verify_snp_attestation( + tee_remote_attestation_bytes: &[u8], + new_public_key: &[u8], + ) -> Result<()> { + let snp_attestation: SNPAttestationReport = SNPAttestationReport::from_bytes(tee_remote_attestation_bytes) + .map_err(|e| AtomaStateManagerError::FailedToParseQuote(format!("{e:?}")))?; + + // First check if the report data matches the newly committed public key + if snp_attestation.report.report_data != new_public_key { + return Err(AtomaStateManagerError::FailedToVerifyQuote( + "Report data does not match new public key".to_string(), + )); + } + + // Verify the SNPAttestationReport using its implementation of the Verifiable trait + match snp_attestation.verify() { + Ok(_) => (), + Err(e) => { + return Err(AtomaStateManagerError::FailedToVerifyQuote(format!("{e:?}"))); } } + + Ok(()) } - verify(quote_bytes, &collateral, now) - .map_err(|e| AtomaStateManagerError::FailedToVerifyQuote(format!("{e:?}")))?; - Ok(()) } + + // TODO: Implement ARM attestation verification + // #[cfg(feature = "confidential")] + // pub(crate) mod arm { + // use super::*; + + // pub(crate) async fn verify_arm_attestation( + // tee_remote_attestation_bytes: &[u8], + // new_public_key: &[u8], + // ) -> Result<()> { + // todo!() + // } + // } }