diff --git a/attestation/rats-tls/0003-Delete-useless-code.patch b/attestation/rats-tls/0003-Delete-useless-code.patch new file mode 100644 index 0000000000000000000000000000000000000000..e9ffd347e1ffb2fac3cbce633b5c5157352cb7e7 --- /dev/null +++ b/attestation/rats-tls/0003-Delete-useless-code.patch @@ -0,0 +1,83 @@ +From cc78c83ca704ad858239a7e77cd69e5a5e889d57 Mon Sep 17 00:00:00 2001 +From: lishengjie +Date: Sat, 29 Jun 2024 13:28:02 +0800 +Subject: [PATCH] Delete useless code + +--- + samples/virtcca-client/inc/token_validate.h | 5 +---- + samples/virtcca-client/rats-client.c | 3 +-- + samples/virtcca-client/token_validate.c | 3 +-- + samples/virtcca-server/rats-server.c | 3 ++- + 4 files changed, 5 insertions(+), 9 deletions(-) + +diff --git a/samples/virtcca-client/inc/token_validate.h b/samples/virtcca-client/inc/token_validate.h +index 890618f..6fdbf01 100644 +--- a/samples/virtcca-client/inc/token_validate.h ++++ b/samples/virtcca-client/inc/token_validate.h +@@ -28,13 +28,10 @@ typedef struct { + + bool validate_aik_cert_chain(X509 *x509_aik, X509 *x509_sub, X509 *x509_root); + +-bool verify_plat_cose_sign(qbuf_t signed_cose, X509 *x509_aik); +- + bool verify_cvm_cose_sign(qbuf_t signed_cose, qbuf_t pub_key); + + bool verify_cca_token_signatures(cert_info_t *cert_info, + qbuf_t cvm_cose, +- qbuf_t cvm_pub_key, +- qbuf_t cvm_pub_key_algo); ++ qbuf_t cvm_pub_key); + + #endif /* TOKEN_VALIDATE_H */ +diff --git a/samples/virtcca-client/rats-client.c b/samples/virtcca-client/rats-client.c +index ccb8d35..0be6048 100644 +--- a/samples/virtcca-client/rats-client.c ++++ b/samples/virtcca-client/rats-client.c +@@ -64,8 +64,7 @@ int user_callback(void *args) + + ret = verify_cca_token_signatures(&cert_info, + token.cvm_cose, +- token.cvm_token.pub_key, +- token.cvm_token.pub_key_hash_algo_id); ++ token.cvm_token.pub_key); + if (!ret) { + return false; + } +diff --git a/samples/virtcca-client/token_validate.c b/samples/virtcca-client/token_validate.c +index 219af82..964ee42 100644 +--- a/samples/virtcca-client/token_validate.c ++++ b/samples/virtcca-client/token_validate.c +@@ -238,8 +238,7 @@ bool verify_cvm_cose_sign(qbuf_t signed_cose, qbuf_t pub_key) + + bool verify_cca_token_signatures(cert_info_t *cert_info, + qbuf_t cvm_cose, +- qbuf_t cvm_pub_key, +- qbuf_t cvm_pub_key_algo) ++ qbuf_t cvm_pub_key) + { + X509 *x509_root = X509_new(); + X509 *x509_sub = X509_new(); +diff --git a/samples/virtcca-server/rats-server.c b/samples/virtcca-server/rats-server.c +index e48723c..50fdd00 100644 +--- a/samples/virtcca-server/rats-server.c ++++ b/samples/virtcca-server/rats-server.c +@@ -76,7 +76,7 @@ int rats_tls_server_startup(rats_tls_log_level_t log_level, char *attester_type, + conf.flags |= RATS_TLS_CONF_FLAGS_SERVER; + if (mutual) + conf.flags |= RATS_TLS_CONF_FLAGS_MUTUAL; +- if (ima) ++ if (ima) { + ret = read_ima_measurements(&ima_meas, &ima_size); + if (ret == 0 && ima_size != 0) { + RTLS_INFO("read %zu bytes from binary_runtime_measurements\n", ima_size); +@@ -89,6 +89,7 @@ int rats_tls_server_startup(rats_tls_log_level_t log_level, char *attester_type, + } else { + RTLS_ERR("failed to read binary_runtime_measurements\n"); + } ++ } + if (provide_endorsements) + conf.flags |= RATS_TLS_CONF_FLAGS_PROVIDE_ENDORSEMENTS; + +-- +2.38.1.windows.1 + diff --git a/attestation/samples/include/token_validate.h b/attestation/samples/include/token_validate.h index 890618f07f7a9bf0d3e1681eea76057f39e0231f..6fdbf01e5b12c4589b04bdd5f5c0b9c5a45925bb 100644 --- a/attestation/samples/include/token_validate.h +++ b/attestation/samples/include/token_validate.h @@ -28,13 +28,10 @@ typedef struct { bool validate_aik_cert_chain(X509 *x509_aik, X509 *x509_sub, X509 *x509_root); -bool verify_plat_cose_sign(qbuf_t signed_cose, X509 *x509_aik); - bool verify_cvm_cose_sign(qbuf_t signed_cose, qbuf_t pub_key); bool verify_cca_token_signatures(cert_info_t *cert_info, qbuf_t cvm_cose, - qbuf_t cvm_pub_key, - qbuf_t cvm_pub_key_algo); + qbuf_t cvm_pub_key); #endif /* TOKEN_VALIDATE_H */ diff --git a/attestation/samples/src/client.c b/attestation/samples/src/client.c index 47ade5b50b0d16058d7a2c674dfc11096ab33d11..3de48da891a5652460e6a55f2f2f8f216ebf4e37 100644 --- a/attestation/samples/src/client.c +++ b/attestation/samples/src/client.c @@ -59,8 +59,7 @@ int verify_token(unsigned char *token, size_t token_len) ret = verify_cca_token_signatures(&cert_info, cca_token.cvm_cose, - cca_token.cvm_token.pub_key, - cca_token.cvm_token.pub_key_hash_algo_id); + cca_token.cvm_token.pub_key); if (!ret) { return VERIFY_FAILED; } diff --git a/attestation/samples/src/token_validate.c b/attestation/samples/src/token_validate.c index 9aa6a0aec0f5c5ddcdc8fa1c694ed35a1fe0f97d..794fc5210e1f67d4d7598e9b6a73f728f60d1a27 100644 --- a/attestation/samples/src/token_validate.c +++ b/attestation/samples/src/token_validate.c @@ -226,8 +226,7 @@ bool verify_cvm_cose_sign(qbuf_t signed_cose, qbuf_t pub_key) bool verify_cca_token_signatures(cert_info_t *cert_info, qbuf_t cvm_cose, - qbuf_t cvm_pub_key, - qbuf_t cvm_pub_key_algo) + qbuf_t cvm_pub_key) { X509 *x509_root = X509_new(); X509 *x509_sub = X509_new();