refactor collateral service

Signed-off-by: Jun Kimura <jun.kimura@datachain.jp>

Author: bluele

app/src/commands/attestation.rs

@@ -10,6 +10,7 @@ use host::store::transaction::CommitStore;
 use remote_attestation::{
     dcap,
     dcap_simulation::{DCAP_SIM_ROOT_CA_PEM, DCAP_SIM_ROOT_KEY_PKCS8},
+    dcap_utils::CollateralService,
     ias, zkdcap, IASMode,
 };
 use remote_attestation::{
@@ -262,6 +263,16 @@ impl SgxCollateralService {
     }
 }
 
+impl From<SgxCollateralService> for CollateralService {
+    fn from(service: SgxCollateralService) -> Self {
+        Self {
+            pccs_url: service.get_pccs_url(),
+            certs_service_url: service.get_certs_service_url(),
+            is_early_update: service.is_early_update,
+        }
+    }
+}
+
 #[derive(Clone, Debug, Parser, PartialEq)]
 pub struct DCAPRemoteAttestation {
     /// Options for enclave
@@ -284,9 +295,7 @@ fn run_dcap_remote_attestation<E: EnclaveCommandAPI<S>, S: CommitStore>(
     dcap::run_dcap_ra(
         enclave.get_key_manager(),
         Address::from_hex_string(&cmd.enclave_key)?,
-        &cmd.collateral_service.get_pccs_url(),
-        &cmd.collateral_service.get_certs_service_url(),
-        cmd.collateral_service.is_early_update,
+        cmd.collateral_service.clone().into(),
     )?;
     Ok(())
 }
@@ -380,9 +389,7 @@ fn run_zkdcap_remote_attestation<E: EnclaveCommandAPI<S>, S: CommitStore>(
         mode,
         cmd.get_zkvm_program()?.as_ref(),
         cmd.disable_pre_execution,
-        &cmd.collateral_service.get_pccs_url(),
-        &cmd.collateral_service.get_certs_service_url(),
-        cmd.collateral_service.is_early_update,
+        cmd.collateral_service.clone().into(),
     )?;
     Ok(())
 }

modules/remote-attestation/src/dcap.rs

@@ -1,12 +1,9 @@
-use crate::dcap_utils::DCAPRemoteAttestationResult;
+use crate::dcap_utils::{CollateralService, DCAPRemoteAttestationResult};
 use crate::errors::Error;
 use attestation_report::QEType;
 use crypto::Address;
-use dcap_quote_verifier::cert::{get_x509_subject_cn, parse_certchain};
-use dcap_quote_verifier::sgx_extensions::extract_sgx_extensions;
+use dcap_quote_verifier::quotes::version_3::verify_quote_v3;
 use dcap_quote_verifier::types::quotes::version_3::QuoteV3;
-use dcap_quote_verifier::types::utils::parse_pem;
-use dcap_quote_verifier::{collaterals::IntelCollateral, quotes::version_3::verify_quote_v3};
 use keymanager::EnclaveKeyManager;
 use lcp_types::Time;
 use log::*;
@@ -27,18 +24,14 @@ pub const INTEL_ROOT_CA_HASH: [u8; 32] = [
 pub fn run_dcap_ra(
     key_manager: &EnclaveKeyManager,
     target_enclave_key: Address,
-    pccs_url: &str,
-    certs_service_url: &str,
-    is_early_update: bool,
+    collateral_service: CollateralService,
 ) -> Result<(), Error> {
     let current_time = Time::now();
     let result = dcap_ra(
         key_manager,
         target_enclave_key,
         current_time,
-        pccs_url,
-        certs_service_url,
-        is_early_update,
+        collateral_service,
     )?;
 
     key_manager
@@ -53,9 +46,7 @@ pub(crate) fn dcap_ra(
     key_manager: &EnclaveKeyManager,
     target_enclave_key: Address,
     current_time: Time,
-    pccs_url: &str,
-    certs_service_url: &str,
-    is_early_update: bool,
+    collateral_service: CollateralService,
 ) -> Result<DCAPRemoteAttestationResult, Error> {
     let ek_info = key_manager.load(target_enclave_key).map_err(|e| {
         Error::key_manager(
@@ -74,7 +65,7 @@ pub(crate) fn dcap_ra(
 
     let quote = QuoteV3::from_bytes(&raw_quote).map_err(Error::dcap_quote_verifier)?;
 
-    let collateral = get_collateral(pccs_url, certs_service_url, is_early_update, &quote)?;
+    let collateral = collateral_service.get_collateral(&quote.signature.qe_cert_data)?;
     let output = verify_quote_v3(&quote, &collateral, current_time.as_unix_timestamp_secs())
         .map_err(Error::dcap_quote_verifier)?;
 
@@ -107,104 +98,6 @@ fn rsgx_qe_get_quote(app_report: &sgx_report_t) -> Result<Vec<u8>, sgx_quote3_er
     }
 }
 
-fn get_collateral(
-    pccs_url: &str,
-    certs_service_url: &str,
-    is_early_update: bool,
-    quote: &QuoteV3,
-) -> Result<IntelCollateral, Error> {
-    let pccs_url = pccs_url.trim_end_matches('/');
-    let certs_service_url = certs_service_url.trim_end_matches('/');
-    let base_url = format!("{pccs_url}/sgx/certification/v4");
-    if quote.signature.qe_cert_data.cert_data_type != 5 {
-        return Err(Error::collateral("QE Cert Type must be 5".to_string()));
-    }
-    let certchain_pems = parse_pem(&quote.signature.qe_cert_data.cert_data)
-        .map_err(|e| Error::collateral(format!("cannot parse QE cert chain: {}", e)))?;
-
-    let certchain = parse_certchain(&certchain_pems).map_err(Error::dcap_quote_verifier)?;
-    if certchain.len() != 3 {
-        return Err(Error::collateral(
-            "QE Cert chain must have 3 certs".to_string(),
-        ));
-    }
-
-    let update_policy = if is_early_update { "early" } else { "standard" };
-
-    // get the pck certificate
-    let pck_cert = &certchain[0];
-    let pck_cert_issuer = &certchain[1];
-
-    // get the SGX extension
-    let sgx_extensions = extract_sgx_extensions(pck_cert).map_err(Error::dcap_quote_verifier)?;
-    let (tcbinfo_bytes, sgx_tcb_signing_der) = {
-        let fmspc = hex::encode_upper(sgx_extensions.fmspc);
-        let res = http_get(format!(
-            "{base_url}/tcb?fmspc={fmspc}&update={update_policy}"
-        ))?;
-        let issuer_chain =
-            extract_raw_certs(get_header(&res, "TCB-Info-Issuer-Chain")?.as_bytes())?;
-        (res.bytes()?.to_vec(), issuer_chain[0].clone())
-    };
-
-    let qeidentity_bytes = http_get(format!("{base_url}/qe/identity?update={update_policy}"))?
-        .bytes()?
-        .to_vec();
-    let sgx_intel_root_ca_crl_der = http_get(format!("{certs_service_url}/IntelSGXRootCA.der"))?
-        .bytes()?
-        .to_vec();
-
-    let pck_crl_url = match get_x509_subject_cn(pck_cert_issuer).as_str() {
-        "Intel SGX PCK Platform CA" => format!("{base_url}/pckcrl?ca=platform&encoding=der"),
-        "Intel SGX PCK Processor CA" => format!("{base_url}/pckcrl?ca=processor&encoding=der"),
-        cn => {
-            return Err(Error::collateral(format!(
-                "Unknown PCK Cert Subject CN: {}",
-                cn
-            )));
-        }
-    };
-    let sgx_pck_crl_der = http_get(pck_crl_url)?.bytes()?.to_vec();
-
-    Ok(IntelCollateral {
-        tcbinfo_bytes,
-        qeidentity_bytes,
-        sgx_intel_root_ca_der: INTEL_ROOT_CA.to_vec(),
-        sgx_tcb_signing_der,
-        sgx_intel_root_ca_crl_der,
-        sgx_pck_crl_der,
-    })
-}
-
-fn get_header(res: &reqwest::blocking::Response, name: &str) -> Result<String, Error> {
-    let value = res
-        .headers()
-        .get(name)
-        .ok_or_else(|| Error::collateral(format!("missing header {}", name)))?
-        .to_str()
-        .map_err(|e| Error::collateral(format!("invalid header value: {}", e)))?;
-    let value = urlencoding::decode(value)
-        .map_err(|e| Error::collateral(format!("invalid header value: {}", e)))?;
-    Ok(value.into_owned())
-}
-
-fn extract_raw_certs(cert_chain: &[u8]) -> Result<Vec<Vec<u8>>, Error> {
-    Ok(pem::parse_many(cert_chain)
-        .map_err(Error::pem)?
-        .iter()
-        .map(|i| i.contents().to_vec())
-        .collect())
-}
-
-fn http_get(url: String) -> Result<reqwest::blocking::Response, Error> {
-    info!("get collateral from {}", url);
-    let res = reqwest::blocking::get(&url).map_err(Error::reqwest_get)?;
-    if !res.status().is_success() {
-        return Err(Error::invalid_http_status(url, res.status()));
-    }
-    Ok(res)
-}
-
 #[cfg(test)]
 mod tests {
     use super::*;
@@ -219,13 +112,14 @@ mod tests {
     fn test_dcap_collateral() {
         let quote = get_test_quote();
         let quote = QuoteV3::from_bytes(&quote).unwrap();
-        let collateral = get_collateral(
+        let service = CollateralService::new(
             "https://api.trustedservices.intel.com/",
             "https://certificates.trustedservices.intel.com/",
             false,
-            &quote,
-        )
-        .unwrap();
+        );
+        let collateral = service
+            .get_collateral(&quote.signature.qe_cert_data)
+            .unwrap();
         let res = verify_quote_v3(&quote, &collateral, Time::now().as_unix_timestamp_secs());
         assert!(res.is_ok(), "{:?}", res);
         let output = res.unwrap();

modules/remote-attestation/src/dcap_utils.rs

@@ -1,8 +1,131 @@
+use crate::dcap::INTEL_ROOT_CA;
+use crate::errors::Error;
 use attestation_report::DCAPQuote;
+use dcap_quote_verifier::cert::{get_x509_subject_cn, parse_certchain};
 use dcap_quote_verifier::collaterals::IntelCollateral;
+use dcap_quote_verifier::sgx_extensions::extract_sgx_extensions;
+use dcap_quote_verifier::types::quotes::CertData;
+use dcap_quote_verifier::types::utils::parse_pem;
 use dcap_quote_verifier::verifier::QuoteVerificationOutput;
 use lcp_types::proto::lcp::service::enclave::v1::DcapCollateral;
 use lcp_types::Time;
+use log::info;
+
+#[derive(Debug)]
+pub struct CollateralService {
+    pub pccs_url: String,
+    pub certs_service_url: String,
+    pub is_early_update: bool,
+}
+
+impl CollateralService {
+    pub fn new(pccs_ur: &str, certs_service_url: &str, is_early_update: bool) -> Self {
+        CollateralService {
+            pccs_url: pccs_ur.to_string(),
+            certs_service_url: certs_service_url.to_string(),
+            is_early_update,
+        }
+    }
+
+    pub fn get_collateral(&self, qe_cert_data: &CertData) -> Result<IntelCollateral, Error> {
+        let pccs_url = self.pccs_url.trim_end_matches('/');
+        let certs_service_url = self.certs_service_url.trim_end_matches('/');
+        let base_url = format!("{pccs_url}/sgx/certification/v4");
+        if qe_cert_data.cert_data_type != 5 {
+            return Err(Error::collateral("QE Cert Type must be 5".to_string()));
+        }
+        let certchain_pems = parse_pem(&qe_cert_data.cert_data)
+            .map_err(|e| Error::collateral(format!("cannot parse QE cert chain: {}", e)))?;
+
+        let certchain = parse_certchain(&certchain_pems).map_err(Error::dcap_quote_verifier)?;
+        if certchain.len() != 3 {
+            return Err(Error::collateral(
+                "QE Cert chain must have 3 certs".to_string(),
+            ));
+        }
+
+        let update_policy = if self.is_early_update {
+            "early"
+        } else {
+            "standard"
+        };
+
+        // get the pck certificate
+        let pck_cert = &certchain[0];
+        let pck_cert_issuer = &certchain[1];
+
+        // get the SGX extension
+        let sgx_extensions =
+            extract_sgx_extensions(pck_cert).map_err(Error::dcap_quote_verifier)?;
+        let (tcbinfo_bytes, sgx_tcb_signing_der) = {
+            let fmspc = hex::encode_upper(sgx_extensions.fmspc);
+            let res = http_get(format!(
+                "{base_url}/tcb?fmspc={fmspc}&update={update_policy}"
+            ))?;
+            let issuer_chain =
+                extract_raw_certs(get_header(&res, "TCB-Info-Issuer-Chain")?.as_bytes())?;
+            (res.bytes()?.to_vec(), issuer_chain[0].clone())
+        };
+
+        let qeidentity_bytes = http_get(format!("{base_url}/qe/identity?update={update_policy}"))?
+            .bytes()?
+            .to_vec();
+        let sgx_intel_root_ca_crl_der =
+            http_get(format!("{certs_service_url}/IntelSGXRootCA.der"))?
+                .bytes()?
+                .to_vec();
+
+        let pck_crl_url = match get_x509_subject_cn(pck_cert_issuer).as_str() {
+            "Intel SGX PCK Platform CA" => format!("{base_url}/pckcrl?ca=platform&encoding=der"),
+            "Intel SGX PCK Processor CA" => format!("{base_url}/pckcrl?ca=processor&encoding=der"),
+            cn => {
+                return Err(Error::collateral(format!(
+                    "Unknown PCK Cert Subject CN: {}",
+                    cn
+                )));
+            }
+        };
+        let sgx_pck_crl_der = http_get(pck_crl_url)?.bytes()?.to_vec();
+
+        Ok(IntelCollateral {
+            tcbinfo_bytes,
+            qeidentity_bytes,
+            sgx_intel_root_ca_der: INTEL_ROOT_CA.to_vec(),
+            sgx_tcb_signing_der,
+            sgx_intel_root_ca_crl_der,
+            sgx_pck_crl_der,
+        })
+    }
+}
+
+fn get_header(res: &reqwest::blocking::Response, name: &str) -> Result<String, Error> {
+    let value = res
+        .headers()
+        .get(name)
+        .ok_or_else(|| Error::collateral(format!("missing header {}", name)))?
+        .to_str()
+        .map_err(|e| Error::collateral(format!("invalid header value: {}", e)))?;
+    let value = urlencoding::decode(value)
+        .map_err(|e| Error::collateral(format!("invalid header value: {}", e)))?;
+    Ok(value.into_owned())
+}
+
+fn extract_raw_certs(cert_chain: &[u8]) -> Result<Vec<Vec<u8>>, Error> {
+    Ok(pem::parse_many(cert_chain)
+        .map_err(Error::pem)?
+        .iter()
+        .map(|i| i.contents().to_vec())
+        .collect())
+}
+
+fn http_get(url: String) -> Result<reqwest::blocking::Response, Error> {
+    info!("get collateral from {}", url);
+    let res = reqwest::blocking::get(&url).map_err(Error::reqwest_get)?;
+    if !res.status().is_success() {
+        return Err(Error::invalid_http_status(url, res.status()));
+    }
+    Ok(res)
+}
 
 #[derive(Debug)]
 pub struct DCAPRemoteAttestationResult {

modules/remote-attestation/src/zkdcap.rs

@@ -1,7 +1,7 @@
 use crate::{
     dcap::dcap_ra,
     dcap_simulation::{dcap_ra_simulation, DCAPRASimulationOpts},
-    dcap_utils::DCAPRemoteAttestationResult,
+    dcap_utils::{CollateralService, DCAPRemoteAttestationResult},
     errors::Error,
 };
 use anyhow::anyhow;
@@ -18,16 +18,13 @@ use zkvm::{
     verifier::verify_groth16_proof,
 };
 
-#[allow(clippy::too_many_arguments)]
 pub fn run_zkdcap_ra(
     key_manager: &EnclaveKeyManager,
     target_enclave_key: Address,
     prover_mode: Risc0ProverMode,
     elf: &[u8],
     disable_pre_execution: bool,
-    pccs_url: &str,
-    certs_server_url: &str,
-    is_early_update: bool,
+    collateral_service: CollateralService,
 ) -> Result<(), Error> {
     let image_id = compute_image_id(elf)
         .map_err(|e| Error::anyhow(anyhow!("cannot compute image id: {}", e)))?;
@@ -41,9 +38,7 @@ pub fn run_zkdcap_ra(
         key_manager,
         target_enclave_key,
         current_time,
-        pccs_url,
-        certs_server_url,
-        is_early_update,
+        collateral_service,
     )?;
 
     zkdcap_ra(