Skip to content

Commit

Permalink
chore: bump several dependencies
Browse files Browse the repository at this point in the history
Signed-off-by: Richard Zak <[email protected]>
  • Loading branch information
rjzak authored and haraldh committed Jan 31, 2023
1 parent dbae020 commit bde9e8e
Show file tree
Hide file tree
Showing 6 changed files with 117 additions and 38 deletions.
115 changes: 97 additions & 18 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 7 additions & 7 deletions Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[patch.crates-io]
hyper = { git = "https://github.com/rjzak/hyper", branch = "wasi_wip" }
sgx = { git = "https://github.com/enarx/sgx", rev = "81ddf248a2dd485dadda3a28c8ed09a5c9d4c62d" }
sgx = { git = "https://github.com/enarx/sgx", rev = "c9bf274dd1a843b084bae92e182d9f95d0557bcc" }

[package]
name = "steward"
Expand All @@ -25,11 +25,11 @@ flagset = { version = "0.4.3", default-features = false }
hex = { version = "0.4.3", default-features = false }
http = { version = "^0.2.6", default-features = false }
hyper = { git = "https://github.com/rjzak/hyper", branch = "wasi_wip", default-features = false }
memoffset = { version = "0.7.1", default-features = false }
p256 = { version = "0.11", default-features = false }
p384 = { version = "0.11", default-features = false }
memoffset = { version = "0.8.0", default-features = false }
p256 = { version = "0.12.0", default-features = false }
p384 = { version = "0.12.0", default-features = false }
rand = { version = "0.8", default-features = false }
rsa = { version = "0.7.2", default-features = false }
rsa = { version = "0.8.1", default-features = false }
rstest = { version = "0.16", default-features = false }
rustls-pemfile = {version = "1.0.2", default-features = false }
sec1 = { version = "0.3", default-features = false }
Expand All @@ -38,11 +38,11 @@ serde = { version = "1.0", default-features = false }
serde_json = { version = "1.0", default-features = false }
sgx = { version = "0.6.0", default-features = false }
sha2 = { version = "^0.10.2", default-features = false }
signature = {version = "1.6", default-features = false }
signature = {version = "2.0.0", default-features = false }
spki = { version = "0.6", default-features = false }
testaso = { version = "0.1", default-features = false }
tokio = { version = "^1.25.0", default-features = false }
toml = { version = "0.5", default-features = false }
toml = { version = "0.7.1", default-features = false }
tower = { version = "^0.4.11", default-features = false }
tower-http = { version = "^0.3.5", default-features = false }
tracing = { version = "^0.1.29", default-features = false }
Expand Down
14 changes: 8 additions & 6 deletions crates/attestation/src/crypto/pki.rs
Original file line number Diff line number Diff line change
Expand Up @@ -94,16 +94,18 @@ impl<'a> PrivateKeyInfoExt for PrivateKeyInfo<'a> {
match (self.algorithm.oids()?, algo) {
((ECPK, Some(P256)), ES256) => {
use p256::ecdsa::signature::Signer;
let private_key = p256::SecretKey::from_be_bytes(ec.private_key)?;
let sign_key = p256::ecdsa::SigningKey::from(private_key);
Ok(sign_key.sign(body).to_der().as_bytes().to_vec())
use p256::ecdsa::Signature;
let sign_key = p256::ecdsa::SigningKey::from_bytes(ec.private_key)?;
let signed: Signature = sign_key.sign(body);
Ok(signed.to_der().as_bytes().to_vec())
}

((ECPK, Some(P384)), ES384) => {
use p384::ecdsa::signature::Signer;
let private_key = p384::SecretKey::from_be_bytes(ec.private_key)?;
let sign_key = p384::ecdsa::SigningKey::from(private_key);
Ok(sign_key.sign(body).to_der().as_bytes().to_vec())
use p384::ecdsa::Signature;
let sign_key = p384::ecdsa::SigningKey::from_bytes(ec.private_key)?;
let signed: Signature = sign_key.sign(body);
Ok(signed.to_der().as_bytes().to_vec())
}

_ => bail!("unsupported"),
Expand Down
4 changes: 2 additions & 2 deletions crates/attestation/src/crypto/spki.rs
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ impl<'a> SubjectPublicKeyInfoExt for SubjectPublicKeyInfo<'a> {
}

((RSA, None), (ID_RSASSA_PSS, Some(p))) => {
use signature::{Signature, Verifier};
use signature::Verifier;
// Decompose the RSA PSS parameters.
let RsaSsaPssParams {
hash_algorithm: hash,
Expand All @@ -70,7 +70,7 @@ impl<'a> SubjectPublicKeyInfoExt for SubjectPublicKeyInfo<'a> {
} = p.decode_into()?;

let pkey = rsa::RsaPublicKey::from_pkcs1_der(self.subject_public_key)?;
let s = rsa::pss::Signature::from_bytes(sign)?;
let s = rsa::pss::Signature::from(Box::from(sign));

// Validate the sanity of the mask algorithm.
let algo = match (mask.oid, mask.parameters) {
Expand Down
6 changes: 2 additions & 4 deletions crates/attestation/src/sgx/quote/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ pub mod traits;

use super::super::crypto::{CrlList, TbsCertificateExt};
use body::Body;
use std::str::FromStr;
use traits::{FromBytes, ParseBytes, Steal};

use anyhow::anyhow;
Expand All @@ -26,7 +27,6 @@ use p256::ecdsa::signature::Verifier;
use rustls_pemfile::ec_private_keys;
use sgx::ReportBody;
use sha2::{digest::DynDigest, Sha256};
use signature::Signature;
use tcb::{TcbInfo, TcbRoot};
use x509::{Certificate, TbsCertificate};

Expand Down Expand Up @@ -79,11 +79,9 @@ impl<'a> FromBytes<'a> for Quote<'a> {
let tcb_bytes = String::from_utf8(tcb_bytes).unwrap();

let tcb_root: TcbRoot = serde_json::from_slice(evidence.tcb.report)?;
let tcb_signature = hex::decode(tcb_root.signature)
.map_err(|_| anyhow::Error::msg("Failed to convert TCB signature to bytes"))?;

// Convert the signature to DER, as that's the expected format in spki.rs for validation.
let tcb_signature = p256::ecdsa::Signature::from_bytes(&tcb_signature)?;
let tcb_signature = p256::ecdsa::Signature::from_str(&tcb_root.signature)?;
let tcb_signature = tcb_signature.to_der().to_bytes().to_vec();
let mut tcb_report = tcb_root.tcb_info;

Expand Down
2 changes: 1 addition & 1 deletion crates/server/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ rustls-pemfile = { workspace = true }
sec1 = { workspace = true, features = ["std", "pkcs8"] }
serde = { workspace = true, features = ["derive", "std"] }
tokio = { workspace = true, features = ["rt", "macros"] }
toml = { workspace = true }
toml = { workspace = true, features = ["parse"] }
tower-http = { workspace = true, features = ["trace"] }
tracing = { workspace = true }
tracing-subscriber = { workspace = true, features = ["env-filter", "json", "fmt"] }
Expand Down

0 comments on commit bde9e8e

Please sign in to comment.