Patryk Bęza 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								f3f6ea1dba 
								
							 
						 
						
							
							
								
								Introduce root_hash option  
							
							
							
						 
						
							2024-07-11 11:29:37 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Patryk Bęza 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								f90088be76 
								
							 
						 
						
							
							
								
								SGX attestation & batch signature verification tool  
							
							
							
						 
						
							2024-07-10 14:47:07 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								204aa33f7f 
								
							 
						 
						
							
							
								
								fix(tee-vault-unseal): pick either VAULT_AUTH_TEE_SHA256 string or file  
							
							... 
							
							
							
							Pick either `VAULT_AUTH_TEE_SHA256` or `VAULT_AUTH_TEE_SHA256_FILE`,
with `VAULT_AUTH_TEE_SHA256` having the precedence.
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-07-03 14:42:06 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								f1b8a48a6a 
								
							 
						 
						
							
							
								
								fix: update the common cacert and include it in the unseal container  
							
							... 
							
							
							
							The previous cacert expired. A new one was created and also included in the unseal container.
The path to access the cacert was fixed in the unseal app and made configurable via an environment variable. 
							
						 
						
							2024-07-03 11:26:29 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Patryk Bęza 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								4c76318702 
								
							 
						 
						
							
							
								
								Replace secp256k1 with k256 crate  
							
							... 
							
							
							
							Rationale: we already have secp256k1 in our dependencies, as suggested
by Igor:
https://github.com/matter-labs/zksync-era/pull/2333#discussion_r1656531731  
							
						 
						
							2024-07-01 14:17:13 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								1505b14db0 
								
							 
						 
						
							
							
								
								chore: remove obsolete Dockerfiles  
							
							... 
							
							
							
							all is built via nix and maintaining those files would mean more work.
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-06-21 11:23:41 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								df7973c501 
								
							 
						 
						
							
							
								
								chore: cargo update + taplo fmt  
							
							... 
							
							
							
							Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-06-20 14:00:18 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								d77243b8fd 
								
							 
						 
						
							
							
								
								fix(tee-key-preexec): export the key in PEM  
							
							... 
							
							
							
							makes it easier to import
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-06-13 14:00:43 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								d0c5950c0e 
								
							 
						 
						
							
							
								
								feat: use nixsgx nix function to create containers  
							
							... 
							
							
							
							It refactors the way the SGX containers are built.
This removes all `Dockerfile` and gramine manifest files.
It also enables a single recipe for azure and non-azure variants.
Additionally the `teepot-crate.nix` is now the inherited recipe to
build the rust `teepot` crate.
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-06-10 16:32:02 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								1f850d060e 
								
							 
						 
						
							
							
								
								feat(tee-vault-unseal): add VAULT_AUTH_TEE_SHA256_FILE  
							
							... 
							
							
							
							If `VAULT_AUTH_TEE_SHA256_FILE` is set,
read the sha value from the file,
rather from the environment variable.
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-06-10 14:19:25 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								a9bb266668 
								
							 
						 
						
							
							
								
								chore(deps): update to rust version 1.78  
							
							... 
							
							
							
							and fix the clippy warnings
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-06-10 13:09:05 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									snoppy 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								7c2d3259b1 
								
							 
						 
						
							
							
								
								fix typos  
							
							
							
						 
						
							2024-03-18 22:22:31 +08:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								0654bacdb5 
								
							 
						 
						
							
							
								
								ci: use crane flake to build with nix  
							
							... 
							
							
							
							This enables to add cargo `fmt`, `clippy` and `deny` to nix, using cached results.
Move the `teepot` crate to the `crates` subdir to make the life easier for
the `crane` flake.
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-03-11 10:01:59 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								9f760da23e 
								
							 
						 
						
							
							
								
								docs: add bin/tee-self-attestation-test/README.md  
							
							... 
							
							
							
							Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-03-08 15:50:00 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								97420df006 
								
							 
						 
						
							
							
								
								feat: attestation test on azure and default dcap  
							
							... 
							
							
							
							```
❯ docker run -i --rm --privileged  --device /dev/sgx_enclave --net host \
  matterlabsrobot/teepot-self-attestation-test-sgx-azure:latest \
  | base64 -d --ignore-garbage \
  | docker run -i --rm --net host matterlabsrobot/verify-attestation-sgx-azure:latest
```
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-03-07 16:05:27 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								59807c4286 
								
							 
						 
						
							
							
								
								chore(deps): remove unused dependencies  
							
							... 
							
							
							
							Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-02-28 15:18:28 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								91f1612e0f 
								
							 
						 
						
							
							
								
								chore: cleanup and nixify  
							
							... 
							
							
							
							* create containers with nix
* updated README.md
* added SPDX license headers
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-02-28 11:09:34 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								0b60abc030 
								
							 
						 
						
							
							
								
								feat: use real RA-TLS for everything  
							
							... 
							
							
							
							* add `tee-ratls-preexec` for creating the vault certificate
* remove the old attestation API
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-02-27 16:44:28 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								dc4434938e 
								
							 
						 
						
							
							
								
								fix(tee-key-preexec): don't hash public key  
							
							... 
							
							
							
							No need to hash the public key for the attestation report data.
Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-02-15 10:31:54 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								2591bf0807 
								
							 
						 
						
							
							
								
								chore(deps): rustls-pemfile 2  
							
							... 
							
							
							
							Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-02-15 10:23:29 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Harald Hoyer 
								
							 
						 
						
							
							
								
								
									
										
									
								
							
							
							
								
							
							
								89ffbd35a8 
								
							 
						 
						
							
							
								
								feat: initial commit  
							
							... 
							
							
							
							Signed-off-by: Harald Hoyer <harald@matterlabs.dev> 
							
						 
						
							2024-02-09 10:10:53 +01:00