From ffcf4aac0e645c36ff05530ddddc37be5bb3f786 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Tue, 21 Mar 2023 08:52:37 +0100 Subject: [PATCH 1/5] service: fix DCAP and --skip-ra flag --- service/src/main.rs | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/service/src/main.rs b/service/src/main.rs index 5f8adfdfec..7acf39ec9e 100644 --- a/service/src/main.rs +++ b/service/src/main.rs @@ -759,14 +759,17 @@ fn register_collateral( is_development_mode: bool, skip_ra: bool, ) { + //TODO generate_dcap_ra_quote() does not really need skip_ra, rethink how many layers skip_ra should be passed along let dcap_quote = enclave.generate_dcap_ra_quote(skip_ra).unwrap(); - let (fmspc, _tcb_info) = extract_tcb_info_from_raw_dcap_quote(&dcap_quote).unwrap(); + if !skip_ra { + let (fmspc, _tcb_info) = extract_tcb_info_from_raw_dcap_quote(&dcap_quote).unwrap(); - let xt = enclave.generate_register_quoting_enclave_extrinsic(fmspc).unwrap(); - send_extrinsic(xt, api, accountid, is_development_mode); + let uxt = enclave.generate_register_quoting_enclave_extrinsic(fmspc).unwrap(); + send_extrinsic(&uxt, api, accountid, is_development_mode); - let xt = enclave.generate_register_tcb_info_extrinsic(fmspc).unwrap(); - send_extrinsic(xt, api, accountid, is_development_mode); + let uxt = enclave.generate_register_tcb_info_extrinsic(fmspc).unwrap(); + send_extrinsic(&uxt, api, accountid, is_development_mode); + } } fn send_extrinsic( From 3f3bb64589b1699160868100ec5a0708ba95e510 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Sun, 26 Mar 2023 12:53:00 +0200 Subject: [PATCH 2/5] attestation_handler: handle HTTP status code 400 - bad request --- core-primitives/attestation-handler/src/attestation_handler.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/core-primitives/attestation-handler/src/attestation_handler.rs b/core-primitives/attestation-handler/src/attestation_handler.rs index 7e6023dd8d..1b6985e988 100644 --- a/core-primitives/attestation-handler/src/attestation_handler.rs +++ b/core-primitives/attestation-handler/src/attestation_handler.rs @@ -357,6 +357,7 @@ where fn log_resp_code(&self, resp_code: &mut Option) { let msg = match resp_code { Some(200) => "OK Operation Successful", + Some(400) => "Bad request, quote is invalid, or linkability of quote/subscription does not match.", Some(401) => "Unauthorized Failed to authenticate or authorize request.", Some(404) => "Not Found GID does not refer to a valid EPID group ID.", Some(500) => "Internal error occurred", From 4d422c5ffd620602d6081f6983f3ded384dccfc3 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Sun, 26 Mar 2023 12:54:27 +0200 Subject: [PATCH 3/5] attestation_handler: handle unknown error better --- core-primitives/attestation-handler/src/attestation_handler.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core-primitives/attestation-handler/src/attestation_handler.rs b/core-primitives/attestation-handler/src/attestation_handler.rs index 1b6985e988..070231cdef 100644 --- a/core-primitives/attestation-handler/src/attestation_handler.rs +++ b/core-primitives/attestation-handler/src/attestation_handler.rs @@ -367,7 +367,7 @@ where temporary state – the same request can be repeated after some time. ", _ => { - error!("DBG:{:?}", resp_code); + error!("Error, received unknown HTTP response: {:?}", resp_code); "Unknown error occured" }, }; From e78fa99537507fe5c296151a7feec5e136cd07e6 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Sun, 26 Mar 2023 12:56:29 +0200 Subject: [PATCH 4/5] attestation_handler: make the error messages format uniform --- .../attestation-handler/src/attestation_handler.rs | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/core-primitives/attestation-handler/src/attestation_handler.rs b/core-primitives/attestation-handler/src/attestation_handler.rs index 070231cdef..eed94ec250 100644 --- a/core-primitives/attestation-handler/src/attestation_handler.rs +++ b/core-primitives/attestation-handler/src/attestation_handler.rs @@ -356,16 +356,16 @@ where fn log_resp_code(&self, resp_code: &mut Option) { let msg = match resp_code { - Some(200) => "OK Operation Successful", + Some(200) => "OK, operation successful", Some(400) => "Bad request, quote is invalid, or linkability of quote/subscription does not match.", - Some(401) => "Unauthorized Failed to authenticate or authorize request.", - Some(404) => "Not Found GID does not refer to a valid EPID group ID.", - Some(500) => "Internal error occurred", + Some(401) => "Unauthorized, failed to authenticate or authorize request.", + Some(404) => "Not found, GID does not refer to a valid EPID group ID.", + Some(500) => "Internal error occurred.", Some(503) => "Service is currently not able to process the request (due to a temporary overloading or maintenance). This is a temporary state – the same request can be repeated after - some time. ", + some time.", _ => { error!("Error, received unknown HTTP response: {:?}", resp_code); "Unknown error occured" From 46b559ca4ef01351bafe2478c4426c78c4d975f0 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Mon, 17 Apr 2023 10:20:30 +0200 Subject: [PATCH 5/5] gha: remove unnecessary dockerhub login --- .github/workflows/build_and_test.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index cc1641130d..d961435ce7 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -291,12 +291,6 @@ jobs: cd docker docker compose -f <(envsubst < docker-compose.yml) -f <(envsubst < ${{ matrix.demo_name }}.yml) -p ${PROJECT} stop - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - name: Integration Test ${{ matrix.test }}-${{ matrix.flavor_id }} run: | cd docker