mirror of
https://github.com/matter-labs/teepot.git
synced 2025-07-21 07:03:56 +02:00
chore: cargo deps update
with code fixes for the new versions. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
This commit is contained in:
Harald Hoyer
parent
99ab2f2b76
commit
45309e58f4
GPG key ID:
F519A1143B3FBE32
6 changed files with 447 additions and 393 deletions
|
|
@ -1,5 +1,5 @@
|
|||
// SPDX-License-Identifier: Apache-2.0
|
||||
// Copyright (c) 2023-2024 Matter Labs
|
||||
// Copyright (c) 2023-2025 Matter Labs
|
||||
|
||||
//! Ethereum-specific helper functions for on-chain verification of Intel SGX attestation.
|
||||
|
||||
|
|
@ -15,7 +15,7 @@ use sha3::{Digest, Keccak256};
|
|||
pub fn recover_signer(sig: &[u8; 65], root_hash: &Message) -> Result<[u8; 20]> {
|
||||
let sig = RecoverableSignature::from_compact(
|
||||
&sig[0..64],
|
||||
RecoveryId::from_i32(sig[64] as i32 - 27)?,
|
||||
RecoveryId::try_from(sig[64] as i32 - 27)?,
|
||||
)?;
|
||||
let public = SECP256K1.recover_ecdsa(root_hash, &sig)?;
|
||||
Ok(public_key_to_ethereum_address(&public))
|
||||
|
|
@ -50,7 +50,7 @@ mod tests {
|
|||
signature[..64].copy_from_slice(&data);
|
||||
// as defined in the Ethereum Yellow Paper (Appendix F)
|
||||
// https://ethereum.github.io/yellowpaper/paper.pdf
|
||||
signature[64] = 27 + rec_id.to_i32() as u8;
|
||||
signature[64] = 27 + i32::from(rec_id) as u8;
|
||||
|
||||
Ok(signature)
|
||||
}
|
||||
|
|
@ -63,7 +63,8 @@ mod tests {
|
|||
let secret_key_bytes =
|
||||
hex::decode("c87509a1c067bbde78beb793e6fa76530b6382a4c0241e5e4a9ec0a0f44dc0d3")
|
||||
.unwrap();
|
||||
let secret_key = SecretKey::from_slice(&secret_key_bytes).unwrap();
|
||||
let secret_key =
|
||||
SecretKey::from_byte_array(secret_key_bytes.as_slice().try_into().unwrap()).unwrap();
|
||||
let public_key = PublicKey::from_secret_key(&secp, &secret_key);
|
||||
let expected_address = hex::decode("627306090abaB3A6e1400e9345bC60c78a8BEf57").unwrap();
|
||||
let address = public_key_to_ethereum_address(&public_key);
|
||||
|
|
@ -74,7 +75,7 @@ mod tests {
|
|||
// the secret key
|
||||
let root_hash = H256::random();
|
||||
let root_hash_bytes = root_hash.as_bytes();
|
||||
let msg_to_sign = Message::from_digest_slice(root_hash_bytes).unwrap();
|
||||
let msg_to_sign = Message::from_digest(root_hash_bytes.try_into().unwrap());
|
||||
let signature = sign_message(&secret_key, msg_to_sign).unwrap();
|
||||
|
||||
// Recover the signer's Ethereum address from the signature and the message, and verify it
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
// SPDX-License-Identifier: Apache-2.0
|
||||
// Copyright (c) 2023-2024 Matter Labs
|
||||
// Copyright (c) 2023-2025 Matter Labs
|
||||
|
||||
//! Create a private key and a signed and self-signed certificates
|
||||
|
||||
|
|
@ -10,10 +10,10 @@ use const_oid::{
|
|||
db::rfc5280::{ID_KP_CLIENT_AUTH, ID_KP_SERVER_AUTH},
|
||||
AssociatedOid,
|
||||
};
|
||||
use getrandom::getrandom;
|
||||
use intel_tee_quote_verification_rs::tee_qv_get_collateral;
|
||||
use p256::{ecdsa::DerSignature, pkcs8::EncodePrivateKey};
|
||||
use pkcs8::der;
|
||||
use rand::rngs::OsRng;
|
||||
use rustls::pki_types::PrivatePkcs8KeyDer;
|
||||
use sha2::{Digest, Sha256};
|
||||
use signature::Signer;
|
||||
|
|
@ -136,7 +136,7 @@ pub fn make_self_signed_cert(
|
|||
rustls::pki_types::PrivateKeyDer<'static>,
|
||||
)> {
|
||||
// Generate a keypair.
|
||||
let mut rng = rand::thread_rng();
|
||||
let mut rng = OsRng;
|
||||
let signing_key = p256::ecdsa::SigningKey::random(&mut rng);
|
||||
let verifying_key = signing_key.verifying_key();
|
||||
let verifying_key_der = verifying_key
|
||||
|
|
@ -154,7 +154,7 @@ pub fn make_self_signed_cert(
|
|||
let collateral = tee_qv_get_collateral("e).context("Failed to get own collateral")?;
|
||||
|
||||
let mut serial = [0u8; 16];
|
||||
getrandom(&mut serial)?;
|
||||
getrandom::fill(&mut serial)?;
|
||||
|
||||
let mut builder = CertificateBuilder::new(
|
||||
Profile::Leaf {
|
||||
|
|
@ -223,7 +223,7 @@ where
|
|||
S::VerifyingKey: EncodePublicKey,
|
||||
{
|
||||
// Generate a keypair.
|
||||
let mut rng = rand::thread_rng();
|
||||
let mut rng = rand::rngs::OsRng;
|
||||
let signing_key = p256::ecdsa::SigningKey::random(&mut rng);
|
||||
let verifying_key = signing_key.verifying_key();
|
||||
let verifying_key_der = verifying_key
|
||||
|
|
@ -240,7 +240,7 @@ where
|
|||
let subject = Name::from_str(dn)?;
|
||||
|
||||
let mut serial = [0u8; 16];
|
||||
getrandom(&mut serial)?;
|
||||
getrandom::fill(&mut serial)?;
|
||||
|
||||
let mut builder = CertificateBuilder::new(
|
||||
Profile::Leaf {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
// SPDX-License-Identifier: Apache-2.0
|
||||
// Copyright (c) 2023-2024 Matter Labs
|
||||
// Copyright (c) 2023-2025 Matter Labs
|
||||
|
||||
// Copyright (c) The Enarx Project Developers https://github.com/enarx/sgx
|
||||
|
||||
|
|
@ -12,14 +12,12 @@
|
|||
use bytemuck::{bytes_of, Pod, Zeroable};
|
||||
use num_integer::Integer;
|
||||
use num_traits::ToPrimitive;
|
||||
use rand::thread_rng;
|
||||
use rsa::{
|
||||
pkcs1::{DecodeRsaPrivateKey, EncodeRsaPrivateKey, LineEnding},
|
||||
traits::PublicKeyParts,
|
||||
BigUint, Pkcs1v15Sign, RsaPrivateKey,
|
||||
};
|
||||
use sha2::Digest as _;
|
||||
use sha2::Sha256;
|
||||
use sha2::{Digest as _, Sha256};
|
||||
pub use zeroize::Zeroizing;
|
||||
|
||||
/// Enclave CPU attributes
|
||||
|
|
@ -270,7 +268,7 @@ impl PrivateKey for RS256PrivateKey {
|
|||
type Error = rsa::errors::Error;
|
||||
|
||||
fn generate(exponent: u8) -> Result<Self, Self::Error> {
|
||||
let mut rng = thread_rng();
|
||||
let mut rng = rand::rngs::OsRng;
|
||||
let exp = BigUint::from(exponent);
|
||||
let key = RsaPrivateKey::new_with_exp(&mut rng, 384 * 8, &exp)?;
|
||||
Ok(Self::new(key))
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue