Fetch quotes from Marblerun Prometheus REST API endpoint

app-libs/stf/Cargo.toml

@@ -6,7 +6,9 @@ edition = "2021"
 
 [dependencies]
 # crates.io
-codec = { version = "3.0.0", default-features = false, features = ["derive"], package = "parity-scale-codec" }
+codec = { version = "3.0.0", default-features = false, features = [
+    "derive",
+], package = "parity-scale-codec" }
 derive_more = { version = "0.99.5" }
 log = { version = "0.4", default-features = false }
 rlp = { version = "0.5", default-features = false }
@@ -27,7 +29,11 @@ itp-stf-primitives = { default-features = false, path = "../../core-primitives/s
 itp-storage = { default-features = false, path = "../../core-primitives/storage" }
 itp-types = { default-features = false, path = "../../core-primitives/types" }
 itp-utils = { default-features = false, path = "../../core-primitives/utils" }
-sp-io = { default-features = false, features = ["disable_oom", "disable_panic_handler", "disable_allocator"], path = "../../core-primitives/substrate-sgx/sp-io" }
+sp-io = { default-features = false, features = [
+    "disable_oom",
+    "disable_panic_handler",
+    "disable_allocator",
+], path = "../../core-primitives/substrate-sgx/sp-io" }
 
 # Substrate dependencies
 frame-support = { default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.37" }
@@ -49,10 +55,7 @@ sp-keyring = { git = "https://github.com/paritytech/substrate.git", branch = "po
 [features]
 default = ["std"]
 evm = ["ita-sgx-runtime/evm"]
-evm_std = [
-    "evm",
-    "ita-sgx-runtime/evm_std",
-]
+evm_std = ["evm", "ita-sgx-runtime/evm_std"]
 sgx = [
     "sgx_tstd",
     "itp-sgx-externalities/sgx",

cli/Cargo.toml

@@ -9,7 +9,9 @@ base58 = "0.2"
 blake2-rfc = { version = "0.2.18" }
 chrono = "*"
 clap = { version = "3.1.6", features = ["derive"] }
-codec = { version = "3.0.0", package = "parity-scale-codec", features = ["derive"] }
+codec = { version = "3.0.0", package = "parity-scale-codec", features = [
+    "derive",
+] }
 env_logger = "0.9"
 hdrhistogram = "7.5.0"
 hex = "0.4.2"
@@ -51,10 +53,7 @@ itp-utils = { path = "../core-primitives/utils" }
 
 [features]
 default = []
-evm = [
-    "ita-stf/evm_std",
-    "pallet-evm",
-]
+evm = ["ita-stf/evm_std", "pallet-evm"]
 teeracle = []
 sidechain = []
 offchain-worker = []

core-primitives/enclave-api/ffi/src/lib.rs

@@ -7,6 +7,17 @@ use sgx_types::{
 
 extern "C" {
 
+	pub fn generate_dcap_ra_extrinsic_from_quote_internal(
+		eid: sgx_enclave_id_t,
+		retval: *mut sgx_status_t,
+		w_url: *const u8,
+		w_url_size: u32,
+		quote: *const u8,
+		quote_size: u32,
+		unchecked_extrinsic: *mut u8,
+		unchecked_extrinsic_size: u32,
+	) -> sgx_status_t;
+
 	pub fn init(
 		eid: sgx_enclave_id_t,
 		retval: *mut sgx_status_t,
@@ -115,6 +126,16 @@ extern "C" {
 		quote_size: u32,
 	) -> sgx_status_t;
 
+	pub fn generate_dcap_ra_quote(
+		eid: sgx_enclave_id_t,
+		retval: *mut sgx_status_t,
+		skip_ra: c_int,
+		quoting_enclave_target_info: &sgx_target_info_t,
+		quote_size: u32,
+		dcap_quote_p: *mut u8,
+		dcap_quote_size: u32,
+	) -> sgx_status_t;
+
 	pub fn generate_register_quoting_enclave_extrinsic(
 		eid: sgx_enclave_id_t,
 		retval: *mut sgx_status_t,
@@ -199,4 +220,5 @@ extern "C" {
 		shard_size: u32,
 		skip_ra: c_int,
 	) -> sgx_status_t;
+
 }

core-primitives/enclave-api/src/remote_attestation.rs

@@ -48,6 +48,12 @@ pub trait RemoteAttestation {
 	fn generate_ias_ra_extrinsic(&self, w_url: &str, skip_ra: bool) -> EnclaveResult<Vec<u8>>;
 
 	fn generate_dcap_ra_extrinsic(&self, w_url: &str, skip_ra: bool) -> EnclaveResult<Vec<u8>>;
+	fn generate_dcap_ra_extrinsic_from_quote(
+		&self,
+		url: String,
+		quote: &[u8],
+	) -> EnclaveResult<Vec<u8>>;
+	fn generate_dcap_ra_quote(&self, skip_ra: bool) -> EnclaveResult<Vec<u8>>;
 
 	fn generate_register_quoting_enclave_extrinsic(&self, fmspc: Fmspc) -> EnclaveResult<Vec<u8>>;
 
@@ -145,6 +151,60 @@ impl RemoteAttestation for Enclave {
 
 		Ok(unchecked_extrinsic)
 	}
+	fn generate_dcap_ra_extrinsic_from_quote(
+		&self,
+		url: String,
+		quote: &[u8],
+	) -> EnclaveResult<Vec<u8>> {
+		let mut retval = sgx_status_t::SGX_SUCCESS;
+		let mut unchecked_extrinsic: Vec<u8> = vec![0u8; EXTRINSIC_MAX_SIZE];
+		let url = url.encode();
+
+		let result = unsafe {
+			ffi::generate_dcap_ra_extrinsic_from_quote_internal(
+				self.eid,
+				&mut retval,
+				url.as_ptr(),
+				url.len() as u32,
+				quote.as_ptr(),
+				quote.len() as u32,
+				unchecked_extrinsic.as_mut_ptr(),
+				unchecked_extrinsic.len() as u32,
+			)
+		};
+
+		ensure!(result == sgx_status_t::SGX_SUCCESS, Error::Sgx(result));
+		ensure!(retval == sgx_status_t::SGX_SUCCESS, Error::Sgx(retval));
+
+		Ok(unchecked_extrinsic.to_vec())
+	}
+
+	fn generate_dcap_ra_quote(&self, skip_ra: bool) -> EnclaveResult<Vec<u8>> {
+		let mut retval = sgx_status_t::SGX_SUCCESS;
+		let quoting_enclave_target_info = self.qe_get_target_info()?;
+		let quote_size = self.qe_get_quote_size()?;
+
+		let mut dcap_quote_vec: Vec<u8> = vec![0; quote_size as usize];
+		let (dcap_quote_p, dcap_quote_size) =
+			(dcap_quote_vec.as_mut_ptr(), dcap_quote_vec.len() as u32);
+
+		let result = unsafe {
+			ffi::generate_dcap_ra_quote(
+				self.eid,
+				&mut retval,
+				skip_ra.into(),
+				&quoting_enclave_target_info,
+				quote_size,
+				dcap_quote_p,
+				dcap_quote_size,
+			)
+		};
+
+		ensure!(result == sgx_status_t::SGX_SUCCESS, Error::Sgx(result));
+		ensure!(retval == sgx_status_t::SGX_SUCCESS, Error::Sgx(retval));
+
+		Ok(dcap_quote_vec)
+	}
 
 	fn generate_dcap_ra_extrinsic(&self, w_url: &str, skip_ra: bool) -> EnclaveResult<Vec<u8>> {
 		let mut retval = sgx_status_t::SGX_SUCCESS;
@@ -587,7 +647,32 @@ impl TlsRemoteAttestation for Enclave {
 }
 
 fn create_system_path(file_name: &str) -> String {
-	format!("{}{}{}", OS_SYSTEM_PATH, file_name, C_STRING_ENDING)
+	info!("create_system_path:: file_name={}", &file_name);
+	let default_path = format!("{}{}", OS_SYSTEM_PATH, file_name);
+
+	let full_path = find_library_by_name(file_name).unwrap_or(default_path);
+
+	let c_terminated_path = format!("{}{}", full_path, C_STRING_ENDING);
+	info!("create_system_path:: created path={}", &c_terminated_path);
+	c_terminated_path
+}
+fn find_library_by_name(lib_name: &str) -> Option<String> {
+	use std::process::Command;
+	// ldconfig -p | grep libsgx_pce_logic.so.1
+
+	let ldconfig_output = Command::new("ldconfig").args(["-p"]).output().ok()?;
+	let possible_path = String::from_utf8(ldconfig_output.stdout)
+		.ok()?
+		.lines()
+		.filter(|line| line.contains(lib_name))
+		.map(|lib_name_and_path| {
+			lib_name_and_path
+				.rsplit_once("=>")
+				.map(|(_, lib_path)| lib_path.trim().to_owned())
+		})
+		.next()?;
+
+	possible_path
 }
 
 fn set_ql_path(path_type: sgx_ql_path_type_t, path: &str) -> EnclaveResult<()> {

core/rest-client/src/rest_client.rs

@@ -18,14 +18,16 @@
 #[cfg(all(not(feature = "std"), feature = "sgx"))]
 use crate::sgx_reexport_prelude::*;
 
+pub use http_req::{request::Method, response::Headers};
+pub use url::Url;
+
 use crate::{
 	error::Error, http_client::SendHttpRequest, Query, RestDelete, RestGet, RestPatch, RestPath,
 	RestPost, RestPut,
 };
-use http_req::{request::Method, response::Headers};
+
 use log::*;
 use std::string::{String, ToString};
-use url::Url;
 
 /// REST client to make HTTP GET and POST requests.
 pub struct RestClient<H> {

enclave-runtime/Cargo.lock

@@ -101,7 +101,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "fcb51a0695d8f838b1ee009b3fbf66bda078cd64590202a864a8f3e8c4315c47"
 dependencies = [
  "getrandom 0.2.3",
- "once_cell 1.17.0",
+ "once_cell 1.17.1",
  "version_check",
 ]
 
@@ -2556,7 +2556,7 @@ dependencies = [
  "mio",
  "sgx_tstd",
  "sgx_types",
- "slab 0.4.7",
+ "slab 0.4.8",
 ]
 
 [[package]]
@@ -2715,9 +2715,9 @@ dependencies = [
 
 [[package]]
 name = "once_cell"
-version = "1.17.0"
+version = "1.17.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6f61fba1741ea2b3d6a1e3178721804bb716a68a6aeba1149b5d52e3d464ea66"
+checksum = "b7e5500299e16ebb147ae15a00a942af264cf3688f47923b8fc2cd5858f23ad3"
 
 [[package]]
 name = "opaque-debug"
@@ -2822,7 +2822,7 @@ dependencies = [
 [[package]]
 name = "pallet-parentchain"
 version = "0.9.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=polkadot-v0.9.37#50cac490de02a6484751c193da9f8080477b885c"
+source = "git+https://github.com/integritee-network/pallets.git?branch=polkadot-v0.9.37#824c9a50dd8902697bd3e75ab6b5f7c3d663167f"
 dependencies = [
  "frame-support",
  "frame-system",
@@ -3028,7 +3028,7 @@ version = "1.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "66618389e4ec1c7afe67d51a9bf34ff9236480f8d51e7489b7d5ab0303c13f34"
 dependencies = [
- "once_cell 1.17.0",
+ "once_cell 1.17.1",
  "toml_edit",
 ]
 
@@ -3838,9 +3838,9 @@ dependencies = [
 
 [[package]]
 name = "slab"
-version = "0.4.7"
+version = "0.4.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4614a76b2a8be0058caa9dbbaf66d988527d86d003c11a94fbd335d7661edcef"
+checksum = "6528351c9bc8ab22353f9d776db39a20288e8d6c37ef8cfe3317cf875eecfc2d"
 dependencies = [
  "autocfg 1.1.0",
 ]

enclave-runtime/Enclave.edl

@@ -88,6 +88,18 @@ enclave {
 			[out, size=unchecked_extrinsic_size] uint8_t* unchecked_extrinsic, uint32_t unchecked_extrinsic_size,
 			int skip_ra
 		);
+		public sgx_status_t generate_dcap_ra_quote(
+			int skip_ra,
+			[in] const sgx_target_info_t* quoting_enclave_target_info,
+			uint32_t quote_size,
+			[out, size=dcap_quote_size] uint8_t* dcap_quote_p, uint32_t dcap_quote_size
+		);
+
+		public sgx_status_t generate_dcap_ra_extrinsic_from_quote_internal(
+			[in, size=w_url_size] uint8_t* w_url, uint32_t w_url_size,
+			[in, size=quote_size] uint8_t* quote, uint32_t quote_size,
+			[out, size=unchecked_extrinsic_size] uint8_t* unchecked_extrinsic, uint32_t unchecked_extrinsic_size
+		);
 
 		public sgx_status_t generate_dcap_ra_extrinsic(
 			[in, size=w_url_size] uint8_t* w_url, uint32_t w_url_size,