Collateral handling for DCAP (integritee-network#1134)

* First version that manages to register a quoting enclave

* Move collateral to attestation-handler

* Work on collateral handling

* Use the real collateral data for quoting enclave

* Make the dump-ra CLI command work

* Work towards register_tcb_info

* Add all the boilerplate code to register TCB info

* Reduce code duplication for extrinsic encoding

* Reduce code duplication for extrinsic sending

* Extract method for collateral

* Remove duplicated code

* Fix clippy issues

* Fix compilation error in teeracle

* Return certificate and dcap quote

* Cleanup

* Switch to updated docker image

* Disable DCAP for now

* Register collateral only for DCAP

* Register collateral only for DCAP

* Cleanup

* Update core-primitives/attestation-handler/src/attestation_handler.rs

Co-authored-by: Szilárd Parrag <szilard.parrag@gmail.com>

* Update enclave-runtime/src/attestation.rs

Co-authored-by: Szilárd Parrag <szilard.parrag@gmail.com>

* Extract shared logic into separate method

* Improve documentation

* Extract DCAP logic into separate function

* Get rid of two unwrap() calls

* Move getting the call_ids into the shared function

* Use the correct Error for metadata

* Add type alias for Fmspc

* Improve separate_json_data_and_signature and add unit test

* Fix clippy issues

* Incorporate review feedback

* Fix unsafe

* Switch implementation of separate_json_data_and_signature

* Make clippy happy

* Add missing `use`

* Add missing feature `preserve_order` to `serde_json_sgx`

* Add compiler flag for std case

* Make separate_json_data_and_signature robust to potential C-style null terminators

Co-authored-by: Szilárd Parrag <szilard.parrag@gmail.com>

.github/workflows/build_and_test.yml

@@ -94,7 +94,7 @@ jobs:
 
   clippy:
     runs-on: ubuntu-latest
-    container: "integritee/integritee-dev:0.1.10"
+    container: "integritee/integritee-dev:0.1.11"
     steps:
       - uses: actions/checkout@v3
       - name: init rust

Cargo.lock

@@ -725,7 +725,7 @@ dependencies = [
  "bitflags",
  "clap_derive",
  "clap_lex",
- "indexmap",
+ "indexmap 1.9.2",
  "once_cell 1.17.0",
  "strsim 0.10.0",
  "termcolor",
@@ -2095,7 +2095,7 @@ dependencies = [
  "futures-sink 0.3.26",
  "futures-util 0.3.26",
  "http 0.2.8",
- "indexmap",
+ "indexmap 1.9.2",
  "slab 0.4.7",
  "tokio",
  "tokio-util 0.7.4",
@@ -2123,6 +2123,12 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "29fba9abe4742d586dfd0c06ae4f7e73a1c2d86b856933509b269d82cdf06e18"
 
+[[package]]
+name = "hashbrown"
+version = "0.9.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d7afe4a420e3fe79967a00898cc1f4db7c8a49a9333a29f8a4bd76a253d5cd04"
+
 [[package]]
 name = "hashbrown"
 version = "0.12.3"
@@ -2486,6 +2492,16 @@ dependencies = [
  "syn",
 ]
 
+[[package]]
+name = "indexmap"
+version = "1.6.1"
+source = "git+https://github.com/mesalock-linux/indexmap-sgx#19f52458ba64dd7349a5d3a62227619a17e4db85"
+dependencies = [
+ "autocfg 1.1.0",
+ "hashbrown 0.9.1",
+ "sgx_tstd",
+]
+
 [[package]]
 name = "indexmap"
 version = "1.9.2"
@@ -4960,7 +4976,7 @@ checksum = "21158b2c33aa6d4561f1c0a6ea283ca92bc54802a93b263e910746d679a7eb53"
 dependencies = [
  "crc32fast",
  "hashbrown 0.12.3",
- "indexmap",
+ "indexmap 1.9.2",
  "memchr 2.5.0",
 ]
 
@@ -6764,6 +6780,7 @@ name = "serde_json"
 version = "1.0.60"
 source = "git+https://github.com/mesalock-linux/serde-json-sgx?tag=sgx_1.1.3#380893814ad2a057758d825bab798aa117f7362a"
 dependencies = [
+ "indexmap 1.6.1",
  "itoa 0.4.5",
  "ryu",
  "serde 1.0.118 (git+https://github.com/mesalock-linux/serde-sgx)",
@@ -6787,6 +6804,7 @@ version = "1.0.91"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "877c235533714907a8c2464236f5c4b2a17262ef1bd71f38f35ea592c8da6883"
 dependencies = [
+ "indexmap 1.9.2",
  "itoa 1.0.5",
  "ryu",
  "serde 1.0.152",
@@ -8373,7 +8391,7 @@ version = "0.18.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "56c59d8dd7d0dcbc6428bf7aa2f0e823e26e43b3c9aca15bbc9475d23e5fa12b"
 dependencies = [
- "indexmap",
+ "indexmap 1.9.2",
  "nom8",
  "toml_datetime",
 ]
@@ -8977,7 +8995,7 @@ version = "0.89.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ab5d3e08b13876f96dd55608d03cd4883a0545884932d5adf11925876c96daef"
 dependencies = [
- "indexmap",
+ "indexmap 1.9.2",
 ]
 
 [[package]]
@@ -8989,7 +9007,7 @@ dependencies = [
  "anyhow",
  "bincode",
  "cfg-if 1.0.0",
- "indexmap",
+ "indexmap 1.9.2",
  "libc",
  "log 0.4.17",
  "object 0.29.0",
@@ -9023,7 +9041,7 @@ dependencies = [
  "anyhow",
  "cranelift-entity",
  "gimli 0.26.2",
- "indexmap",
+ "indexmap 1.9.2",
  "log 0.4.17",
  "object 0.29.0",
  "serde 1.0.152",
@@ -9075,7 +9093,7 @@ dependencies = [
  "anyhow",
  "cc",
  "cfg-if 1.0.0",
- "indexmap",
+ "indexmap 1.9.2",
  "libc",
  "log 0.4.17",
  "mach",

Dockerfile

@@ -1,4 +1,4 @@
-FROM integritee/integritee-dev:0.1.10
+FROM integritee/integritee-dev:0.1.11
 LABEL maintainer="zoltan@integritee.network"
 
 # By default we warp the service

build.Dockerfile

@@ -17,7 +17,7 @@
 
 ### Builder Stage
 ##################################################
-FROM integritee/integritee-dev:0.1.10 AS builder
+FROM integritee/integritee-dev:0.1.11 AS builder
 LABEL maintainer="zoltan@integritee.network"
 
 # set environment variables
@@ -49,7 +49,7 @@ RUN cargo test --release
 # A builder stage that uses sccache to speed up local builds with docker
 # Installation and setup of sccache should be moved to the integritee-dev image, so we don't
 # always need to compile and install sccache on CI (where we have no caching so far).
-FROM integritee/integritee-dev:0.1.10 AS cached-builder
+FROM integritee/integritee-dev:0.1.11 AS cached-builder
 LABEL maintainer="zoltan@integritee.network"
 
 # set environment variables

core-primitives/attestation-handler/Cargo.toml

@@ -17,7 +17,7 @@ log = { version = "0.4", default-features = false }
 base64 = { version = "0.13", features = ["alloc"], optional = true }
 chrono = { version = "0.4.19", features = ["alloc"], optional = true }
 rustls = { version = "0.19", optional = true }
-serde_json = { version = "1.0", optional = true }
+serde_json = { version = "1.0", features = ["preserve_order"], optional = true }
 thiserror = { version = "1.0", optional = true }
 webpki = { version = "0.21", optional = true }
 
@@ -26,7 +26,7 @@ base64_sgx = { package = "base64", rev = "sgx_1.1.3", git = "https://github.com/
 chrono_sgx = { package = "chrono", git = "https://github.com/mesalock-linux/chrono-sgx", optional = true }
 num-bigint = { optional = true, git = "https://github.com/mesalock-linux/num-bigint-sgx" }
 rustls_sgx = { package = "rustls", rev = "sgx_1.1.3", features = ["dangerous_configuration"], git = "https://github.com/mesalock-linux/rustls", optional = true }
-serde_json_sgx = { package = "serde_json", tag = "sgx_1.1.3", git = "https://github.com/mesalock-linux/serde-json-sgx", optional = true }
+serde_json_sgx = { package = "serde_json", tag = "sgx_1.1.3", features = ["preserve_order"], git = "https://github.com/mesalock-linux/serde-json-sgx", optional = true }
 thiserror_sgx = { package = "thiserror", git = "https://github.com/mesalock-linux/thiserror-sgx", tag = "sgx_1.1.3", optional = true }
 webpki-roots = { git = "https://github.com/mesalock-linux/webpki-roots", branch = "mesalock_sgx" }
 webpki_sgx = { package = "webpki", git = "https://github.com/mesalock-linux/webpki", branch = "mesalock_sgx", optional = true }
@@ -50,7 +50,6 @@ itp-types = { path = "../types", default-features = false }
 # integritee
 httparse = { default-features = false, git = "https://github.com/integritee-network/httparse-sgx", branch = "sgx-experimental" }
 
-
 # substrate deps
 sp-core = { default-features = false, features = ["full_crypto"], git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.36" }
 sp-runtime = { default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.36" }

core-primitives/attestation-handler/src/attestation_handler.rs

@@ -78,11 +78,14 @@ pub const REPORT_SUFFIX: &str = "/sgx/dev/attestation/v4/report";
 
 /// Trait to provide an abstraction to the attestation logic
 pub trait AttestationHandler {
-	/// Generates an encoded remote attestation certificate.
+	/// Generates an encoded remote attestation certificate. Returns DER encoded certificate.
 	/// If skip_ra is set, it will not perform a remote attestation via IAS
 	/// but instead generate a mock certificate.
 	fn generate_ias_ra_cert(&self, skip_ra: bool) -> EnclaveResult<Vec<u8>>;
 
+	/// Returns the DER encoded certificate and the raw DCAP quote.
+	/// If skip_ra is set, it will not perform a remote attestation via IAS
+	/// but instead generate a mock certificate.
 	fn generate_dcap_ra_cert(
 		&self,
 		quoting_enclave_target_info: &sgx_target_info_t,
@@ -170,13 +173,13 @@ where
 		quoting_enclave_target_info: &sgx_target_info_t,
 		quote_size: u32,
 	) -> EnclaveResult<()> {
-		let (_key_der, cert_der) =
+		let (_cert_der, dcap_quote) =
 			match self.generate_dcap_ra_cert(quoting_enclave_target_info, quote_size, false) {
 				Ok(r) => r,
 				Err(e) => return Err(e),
 			};
 
-		if let Err(err) = io::write(&cert_der, RA_DUMP_CERT_DER_FILE) {
+		if let Err(err) = io::write(&dcap_quote, RA_DUMP_CERT_DER_FILE) {
 			error!(
 				"    [Enclave] failed to write RA file ({}), status: {:?}",
 				RA_DUMP_CERT_DER_FILE, err
@@ -254,7 +257,7 @@ where
 		let (prv_k, pub_k) = ecc_handle.create_key_pair()?;
 		info!("Enclave Attestation] Generated ephemeral ECDSA keypair:");
 
-		let payload = if !skip_ra {
+		let qe_quote = if !skip_ra {
 			let qe_quote = match self.retrieve_qe_dcap_quote(
 				&chain_signer.public().0,
 				quoting_enclave_target_info,
@@ -266,15 +269,15 @@ where
 					return Err(e.into())
 				},
 			};
-			// Verify the quote via qve enclave
-			self.ecdsa_quote_verification(qe_quote)?
+			qe_quote
 		} else {
 			Default::default()
 		};
 
 		// generate an ECC certificate
 		debug!("[Enclave] Generate ECC Certificate");
-		let (key_der, cert_der) = match cert::gen_ecc_cert(&payload, &prv_k, &pub_k, &ecc_handle) {
+		let (_key_der, cert_der) = match cert::gen_ecc_cert(&qe_quote, &prv_k, &pub_k, &ecc_handle)
+		{
 			Ok(r) => r,
 			Err(e) => {
 				error!("[Enclave] gen_ecc_cert failed: {:?}", e);
@@ -284,7 +287,7 @@ where
 
 		let _ = ecc_handle.close();
 
-		Ok((key_der, cert_der))
+		Ok((cert_der, qe_quote))
 	}
 }
 
@@ -640,7 +643,8 @@ where
 			.map_err(|e| EnclaveError::Other(e.into()))
 	}
 
-	pub fn ecdsa_quote_verification(&self, quote: Vec<u8>) -> SgxResult<Vec<u8>> {
+	/// Returns Ok if the verification of the quote by the quote verification enclave (QVE) was successful  
+	pub fn ecdsa_quote_verification(&self, quote: Vec<u8>) -> SgxResult<()> {
 		let mut app_enclave_target_info: sgx_target_info_t = unsafe { std::mem::zeroed() };
 		let quote_collateral: sgx_ql_qve_collateral_t = unsafe { std::mem::zeroed() };
 		let mut qve_report_info: sgx_ql_qe_report_info_t = unsafe { std::mem::zeroed() };
@@ -724,8 +728,7 @@ where
 			return Err(sgx_status_t::SGX_ERROR_UNEXPECTED)
 		}
 
-		// TODO. What to send to our teerex pallet?
-		Ok(vec![])
+		Ok(())
 	}
 
 	pub fn retrieve_qe_dcap_quote(