From 1c3588da6c193b20f3097d7df16ea36cc8bb6c1c Mon Sep 17 00:00:00 2001
From: houmingyong <houmingyong@huawei.com>
Date: Tue, 26 Nov 2024 14:22:01 +0800
Subject: [PATCH 1/2] get policy with id

---
 0087-use-id-when-get-policy.patch | 90 +++++++++++++++++++++++++++++++
 secGear.spec                      |  6 ++-
 2 files changed, 95 insertions(+), 1 deletion(-)
 create mode 100644 0087-use-id-when-get-policy.patch

diff --git a/0087-use-id-when-get-policy.patch b/0087-use-id-when-get-policy.patch
new file mode 100644
index 0000000..a710c91
--- /dev/null
+++ b/0087-use-id-when-get-policy.patch
@@ -0,0 +1,90 @@
+From 32f9270f0cf4ef2ee9c1ababf66c24c7cf10bd17 Mon Sep 17 00:00:00 2001
+From: xuraoqing <xuraoqing@huawei.com>
+Date: Fri, 13 Sep 2024 17:21:47 +0800
+Subject: [PATCH] use id when get policy
+
+---
+ .../attestation-service/service/src/lib.rs            | 10 +++++++++-
+ .../attestation-service/service/src/restapi/mod.rs    | 11 +++++++++--
+ .../attestation/attestation-service/tests/src/lib.rs  |  6 ++++++
+ 3 files changed, 24 insertions(+), 3 deletions(-)
+
+diff --git a/service/attestation/attestation-service/service/src/lib.rs b/service/attestation/attestation-service/service/src/lib.rs
+index 31e6305..1c5c907 100644
+--- a/service/attestation/attestation-service/service/src/lib.rs
++++ b/service/attestation/attestation-service/service/src/lib.rs
+@@ -185,7 +185,7 @@ impl AttestationService {
+             .await
+     }
+ 
+-    pub async fn get_policy(&self,
++    pub async fn get_all_policy(&self,
+         policy_dir: &String,
+     ) -> Result<String, PolicyEngineError> {
+         let engine = OPA::new(policy_dir).await;
+@@ -203,6 +203,14 @@ impl AttestationService {
+         }
+     }
+ 
++    pub async fn get_policy(&self,
++        policy_dir: &String,
++        id: &String 
++    ) -> Result<String, PolicyEngineError> {
++        let engine = OPA::new(policy_dir).await?;
++        Ok(engine.get_policy(id).await?)
++    }
++
+     pub async fn register_reference(&self,
+         ref_set: &String
+     ) -> Result<(), RefOpError> {
+diff --git a/service/attestation/attestation-service/service/src/restapi/mod.rs b/service/attestation/attestation-service/service/src/restapi/mod.rs
+index f49d175..d47698a 100644
+--- a/service/attestation/attestation-service/service/src/restapi/mod.rs
++++ b/service/attestation/attestation-service/service/src/restapi/mod.rs
+@@ -122,13 +122,20 @@ pub async fn set_policy(
+     Ok(HttpResponse::Ok().body("set policy success"))
+ }
+ 
++#[derive(Deserialize, Serialize, Debug)]
++pub struct PolicyGetRequest {
++    policy_id: String,
++}
++
+ #[get("/policy")]
+ pub async fn get_policy(
+-    request: HttpRequest,
++    request: web::Json<PolicyGetRequest>,
+     service: web::Data<Arc<RwLock<AttestationService>>>,
+ ) -> Result<HttpResponse> {
++    let request = request.0;
+     log::debug!("get policy request: {:?}", request);
++    let id = request.policy_id.clone();
+     let dir:String = String::from(DEFAULT_POLICY_DIR);
+-    let ret = service.read().await.get_policy(&dir).await?;
++    let ret = service.read().await.get_policy(&dir, &id.to_string()).await?;
+     Ok(HttpResponse::Ok().body(ret))
+ }
+diff --git a/service/attestation/attestation-service/tests/src/lib.rs b/service/attestation/attestation-service/tests/src/lib.rs
+index abd099f..b8adb1e 100644
+--- a/service/attestation/attestation-service/tests/src/lib.rs
++++ b/service/attestation/attestation-service/tests/src/lib.rs
+@@ -121,10 +121,16 @@ mod tests {
+ 
+     #[test]
+     fn api_get_policy() {
++        let request_body = json!({
++            "policy_id":"test_policy.rego"
++           }
++        );
+         let client: Client = Client::new();
+         let endpoint = "http://127.0.0.1:8080/policy";
+         let res = client
+             .get(endpoint)
++            .header("Content-Type", "application/json")
++            .body(request_body.to_string())
+             .send()
+             .unwrap();
+         assert_eq!(res.status(), reqwest::StatusCode::OK);
+-- 
+2.33.0
+
diff --git a/secGear.spec b/secGear.spec
index 39c0409..27d7dd0 100644
--- a/secGear.spec
+++ b/secGear.spec
@@ -1,6 +1,6 @@
 Name:		secGear
 Version:	0.1.0
-Release:	50
+Release:	51
 Summary:	secGear is an SDK to develop confidential computing apps based on hardware enclave features
 
 
@@ -96,6 +96,7 @@ Patch82:	0083-optimize-log-level.patch
 Patch83:	0084-fix-concurrent-request-error-to-aa-or-as.patch
 Patch84:	0085-fix-multi-thread-request-as-generate-challenge-and-v.patch
 Patch85:	0086-add-error-type-for-api.patch
+Patch86:	0087-use-id-when-get-policy.patch
 
 
 BuildRequires:	gcc python automake autoconf libtool
@@ -293,6 +294,9 @@ popd
 systemctl restart rsyslog
 
 %changelog
+* Tue Nov 26 2024 houmingyong<houmingyong@huawei.com> - 0.1.0-51
+- get policy with id
+
 * Tue Nov 26 2024 houmingyong<houmingyong@huawei.com> - 0.1.0-50
 - add error type for api
 
-- 
Gitee


From 92f00acc4dabc52c35fba793ec9dbfa0bb24195a Mon Sep 17 00:00:00 2001
From: houmingyong <houmingyong@huawei.com>
Date: Tue, 26 Nov 2024 14:24:40 +0800
Subject: [PATCH 2/2] fix evidence decode typos

---
 0088-fix-evidence-decode-typos.patch | 26 ++++++++++++++++++++++++++
 secGear.spec                         |  6 +++++-
 2 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 0088-fix-evidence-decode-typos.patch

diff --git a/0088-fix-evidence-decode-typos.patch b/0088-fix-evidence-decode-typos.patch
new file mode 100644
index 0000000..1e2a1c7
--- /dev/null
+++ b/0088-fix-evidence-decode-typos.patch
@@ -0,0 +1,26 @@
+From 5f4cbe40acc8197fb2ae140584712e8b3c950805 Mon Sep 17 00:00:00 2001
+From: xuraoqing <xuraoqing@huawei.com>
+Date: Sat, 14 Sep 2024 11:30:52 +0800
+Subject: [PATCH] fix evidence decode typos
+
+Signed-off-by: xuraoqing <xuraoqing@huawei.com>
+---
+ service/attestation/attestation-agent/agent/src/restapi/mod.rs | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/service/attestation/attestation-agent/agent/src/restapi/mod.rs b/service/attestation/attestation-agent/agent/src/restapi/mod.rs
+index 0570060..2745443 100644
+--- a/service/attestation/attestation-agent/agent/src/restapi/mod.rs
++++ b/service/attestation/attestation-agent/agent/src/restapi/mod.rs
+@@ -78,7 +78,7 @@ pub async fn verify_evidence(
+ ) -> Result<HttpResponse> {
+     let request = request.0;
+     log::debug!("verify evidence request: {:?}", request);
+-    let challenge = base64_url::decode(&"request.challenge".to_string())
++    let challenge = base64_url::decode(&request.challenge)
+         .map_err(|err|AgentError::DecodeError(err.to_string()))?;
+     let evidence = request.evidence;
+     let policy_id =  request.policy_id;
+-- 
+2.33.0
+
diff --git a/secGear.spec b/secGear.spec
index 27d7dd0..5c41f32 100644
--- a/secGear.spec
+++ b/secGear.spec
@@ -1,6 +1,6 @@
 Name:		secGear
 Version:	0.1.0
-Release:	51
+Release:	52
 Summary:	secGear is an SDK to develop confidential computing apps based on hardware enclave features
 
 
@@ -97,6 +97,7 @@ Patch83:	0084-fix-concurrent-request-error-to-aa-or-as.patch
 Patch84:	0085-fix-multi-thread-request-as-generate-challenge-and-v.patch
 Patch85:	0086-add-error-type-for-api.patch
 Patch86:	0087-use-id-when-get-policy.patch
+Patch87:	0088-fix-evidence-decode-typos.patch
 
 
 BuildRequires:	gcc python automake autoconf libtool
@@ -294,6 +295,9 @@ popd
 systemctl restart rsyslog
 
 %changelog
+* Tue Nov 26 2024 houmingyong<houmingyong@huawei.com> - 0.1.0-52
+- fix evidence decode typos
+
 * Tue Nov 26 2024 houmingyong<houmingyong@huawei.com> - 0.1.0-51
 - get policy with id
 
-- 
Gitee