TDX DCAP verification precompile #17
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
amiller
reviewed
Jul 8, 2024
src/precompiles/tdx_dcap.rs
Outdated
| const INCORRECT_INPUTS: PrecompileError = | ||
| PrecompileError::CustomPrecompileError("incorrect inputs passed in"); | ||
|
|
||
| fn tgx_verify_quote_run(input: &[u8], gas_limit: u64) -> PrecompileResult { |
Collaborator
There was a problem hiding this comment.
tgx_verify_quote should be tdx_verify_quote
| interface TDX_DCAP { | ||
| function verifyQuote(bytes memory quote, string memory pckCertPem, string memory pckCrlPem, string memory tcbInfoJson, string memory qeIdentityJson) external returns (uint status); | ||
| /* | ||
| TODO: also add the following |
Collaborator
There was a problem hiding this comment.
Are all of these needed, more detail on which ones we can skip is probably helpful.
gakonst
reviewed
Jul 20, 2024
src/precompiles/tdx_dcap.rs
Outdated
Comment on lines
29
to
47
| // Redefined here to avoid having to import from external services | ||
| pub static TDX_DCAP_ABI: Lazy<BaseContract> = Lazy::new(|| { | ||
| let contract: Contract = | ||
| serde_json::from_str(include_str!("../out/TdxDcap.sol/TDX_DCAP.abi.json")).unwrap(); | ||
| BaseContract::from(contract) | ||
| }); | ||
|
|
||
| pub static VERIFY_QUOTE_ABI: Lazy<Function> = Lazy::new(|| { | ||
| TDX_DCAP_ABI | ||
| .abi() | ||
| .function("verifyQuote") | ||
| .expect("verifyQuote signature not available in TDX DCAP abi") | ||
| .clone() | ||
| }); | ||
|
|
||
| const INPUTS_TOO_BIG: PrecompileError = | ||
| PrecompileError::CustomPrecompileError("inputs passed in are unreasonably big"); | ||
| const INCORRECT_INPUTS: PrecompileError = | ||
| PrecompileError::CustomPrecompileError("incorrect inputs passed in"); |
There was a problem hiding this comment.
nit would use alloy for this https://docs.rs/alloy-core/latest/alloy_core/sol_types/macro.sol.html,
gakonst
reviewed
Jul 20, 2024
src/precompiles/tdx_dcap.rs
Outdated
Comment on lines
30
to
42
| pub static TDX_DCAP_ABI: Lazy<BaseContract> = Lazy::new(|| { | ||
| let contract: Contract = | ||
| serde_json::from_str(include_str!("../out/TdxDcap.sol/TDX_DCAP.abi.json")).unwrap(); | ||
| BaseContract::from(contract) | ||
| }); | ||
|
|
||
| pub static VERIFY_QUOTE_ABI: Lazy<Function> = Lazy::new(|| { | ||
| TDX_DCAP_ABI | ||
| .abi() | ||
| .function("verifyQuote") | ||
| .expect("verifyQuote signature not available in TDX DCAP abi") | ||
| .clone() | ||
| }); |
There was a problem hiding this comment.
nit would use alloy for this https://docs.rs/alloy-core/latest/alloy_core/sol_types/macro.sol.html,
more efficient and easier to use API
Ruteri
force-pushed
the
tdx-dcap-verification
branch
from
57a9b9c to
0078bd8
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds
verifyTDXDCAPQuoteprecompile and Suave library call that allows offchain verification of TDX DCAP quotes through https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary.