From 20d80ca5eab2fd7448121d866403ee0430585e90 Mon Sep 17 00:00:00 2001 From: Raoul Strackx Date: Wed, 14 Aug 2024 12:36:06 +0200 Subject: [PATCH 1/6] Resolve `time` compilation error --- Cargo.lock | 52 +++++++++++++++++++++++++++++++++++----------------- 1 file changed, 35 insertions(+), 17 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index e33c816c..c9f91b68 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -682,6 +682,9 @@ name = "deranged" version = "0.3.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b42b6fa04a440b495c8b04d0e71b707c585f83cb9cb28cf8cd0d976c315e31b4" +dependencies = [ + "powerfmt", +] [[package]] name = "digest" @@ -1625,7 +1628,7 @@ name = "iron" version = "0.1.0" dependencies = [ "iron 0.6.1", - "time 0.3.26", + "time 0.3.36", ] [[package]] @@ -2128,6 +2131,12 @@ dependencies = [ "num-traits", ] +[[package]] +name = "num-conv" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9" + [[package]] name = "num-derive" version = "0.2.5" @@ -2502,6 +2511,12 @@ dependencies = [ "typemap", ] +[[package]] +name = "powerfmt" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391" + [[package]] name = "ppv-lite86" version = "0.2.9" @@ -3032,13 +3047,13 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.130" -source = "git+https://github.com/fortanix/serde.git?branch=master#80449547025fc4a016a333e96c0cdaf7e4a96f67" +version = "1.0.204" +source = "git+https://github.com/fortanix/serde.git?branch=master#1755f934942d36f9caf6cb73177fda1d25ca20f4" dependencies = [ "compiler_builtins", "rustc-std-workspace-alloc", "rustc-std-workspace-core", - "serde_derive 1.0.130", + "serde_derive 1.0.204", ] [[package]] @@ -3073,8 +3088,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.130" -source = "git+https://github.com/fortanix/serde.git?branch=master#80449547025fc4a016a333e96c0cdaf7e4a96f67" +version = "1.0.132" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ecc0db5cb2556c0e558887d9bbdcf6ac4471e83ff66cf696e5419024d1606276" dependencies = [ "proc-macro2 1.0.78", "quote 1.0.35", @@ -3083,13 +3099,12 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.132" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ecc0db5cb2556c0e558887d9bbdcf6ac4471e83ff66cf696e5419024d1606276" +version = "1.0.204" +source = "git+https://github.com/fortanix/serde.git?branch=master#1755f934942d36f9caf6cb73177fda1d25ca20f4" dependencies = [ "proc-macro2 1.0.78", "quote 1.0.35", - "syn 1.0.81", + "syn 2.0.50", ] [[package]] @@ -3203,7 +3218,7 @@ dependencies = [ "sgx-isa", "sha2 0.8.2", "thiserror", - "time 0.3.26", + "time 0.3.36", ] [[package]] @@ -3532,14 +3547,16 @@ dependencies = [ [[package]] name = "time" -version = "0.3.26" +version = "0.3.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a79d09ac6b08c1ab3906a2f7cc2e81a0e27c7ae89c63812df75e52bef0751e07" +checksum = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885" dependencies = [ "deranged", "itoa 1.0.1", "libc", + "num-conv", "num_threads", + "powerfmt", "serde", "time-core", "time-macros", @@ -3547,16 +3564,17 @@ dependencies = [ [[package]] name = "time-core" -version = "0.1.1" +version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb" +checksum = "ef927ca75afb808a4d64dd374f00a2adf8d0fcff8e7b184af886c3c87ec4a3f3" [[package]] name = "time-macros" -version = "0.2.12" +version = "0.2.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75c65469ed6b3a4809d987a41eb1dc918e9bc1d92211cbad7ae82931846f7451" +checksum = "3f252a68540fde3a3877aeea552b832b40ab9a69e318efd078774a01ddee1ccf" dependencies = [ + "num-conv", "time-core", ] From 0de42161d5536dd894fe660dcf2489cf5c818543 Mon Sep 17 00:00:00 2001 From: Raoul Strackx Date: Wed, 14 Aug 2024 12:41:59 +0200 Subject: [PATCH 2/6] Allow renamed and removed lints --- intel-sgx/aesm-client/src/lib.rs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/intel-sgx/aesm-client/src/lib.rs b/intel-sgx/aesm-client/src/lib.rs index 96a9f2c0..6b5164fd 100644 --- a/intel-sgx/aesm-client/src/lib.rs +++ b/intel-sgx/aesm-client/src/lib.rs @@ -12,6 +12,10 @@ html_favicon_url = "https://edp.fortanix.com/favicon.ico", html_root_url = "https://edp.fortanix.com/docs/api/")] #![allow(non_local_definitions)] // Required by failure +/* The latest rust compiler has removed the lint box_pointers. This lint + * is used and generated by protobuf which is a dependency in this project. + * In order to avoid CI failures, allow the below lint. */ +#![allow(renamed_and_removed_lints)] #![deny(warnings)] extern crate byteorder; From 36e1961d3ffb6da3e778c515ed68c39dc6796b85 Mon Sep 17 00:00:00 2001 From: Raoul Strackx Date: Wed, 14 Aug 2024 15:40:38 +0200 Subject: [PATCH 3/6] Resolve aws-nitro-enclaves-cose issues --- Cargo.lock | 5 ++--- Cargo.toml | 2 ++ .../aws-nitro-enclaves/nitro-attestation-verify/Cargo.toml | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index c9f91b68..877eab57 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -104,8 +104,7 @@ checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" [[package]] name = "aws-nitro-enclaves-cose" version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ced66cf8fabb128c1f9aa335bdacf3009fbc4b6ad66bd42fa447f6a219736bfc" +source = "git+https://github.com/fortanix/aws-nitro-enclaves-cose.git?branch=raoul/0.1.1#fe2558390c13cbd0e82f9c1610e74c4a4ddfd7e1" dependencies = [ "openssl", "serde", @@ -118,7 +117,7 @@ dependencies = [ [[package]] name = "aws-nitro-enclaves-cose" version = "0.5.0" -source = "git+https://github.com/fortanix/aws-nitro-enclaves-cose.git?branch=raoul/crypto_abstraction_pinned#1021a397acc56d4d3ed935991f205754e5a2d2c5" +source = "git+https://github.com/fortanix/aws-nitro-enclaves-cose.git?branch=raoul/crypto_abstraction_pinned#917f95a5e0c69e81a573ada98a5047e7080b44c3" dependencies = [ "serde", "serde_bytes", diff --git a/Cargo.toml b/Cargo.toml index 069a108c..d18b6934 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -48,6 +48,8 @@ exclude = [ resolver = "2" [patch.crates-io] +aws-nitro-enclaves-cose_0_1 = { git = "https://github.com/fortanix/aws-nitro-enclaves-cose.git", branch = "raoul/0.1.1", package = "aws-nitro-enclaves-cose" } +aws-nitro-enclaves-cose_0_5 = { git = "https://github.com/fortanix/aws-nitro-enclaves-cose.git", branch = "raoul/crypto_abstraction_pinned", package = "aws-nitro-enclaves-cose" } libc = { git = "https://github.com/fortanix/libc.git", branch = "fortanixvme" } nix = { git = "https://github.com/fortanix/nix.git", branch = "raoul/fortanixvme_r0.20.2" } rustc-serialize = { git = "https://github.com/fortanix/rustc-serialize.git", branch = "portability" } diff --git a/fortanix-vme/aws-nitro-enclaves/nitro-attestation-verify/Cargo.toml b/fortanix-vme/aws-nitro-enclaves/nitro-attestation-verify/Cargo.toml index 25f9bac3..b71e2790 100644 --- a/fortanix-vme/aws-nitro-enclaves/nitro-attestation-verify/Cargo.toml +++ b/fortanix-vme/aws-nitro-enclaves/nitro-attestation-verify/Cargo.toml @@ -10,7 +10,7 @@ chrono = "0.4" serde_cbor = "0.11" # Required until PR36 is accepted # https://github.com/awslabs/aws-nitro-enclaves-cose/pull/36 -aws-nitro-enclaves-cose = { version = "0.5.0", git = "https://github.com/fortanix/aws-nitro-enclaves-cose.git", branch = "raoul/crypto_abstraction_pinned", default-features = false } +aws-nitro-enclaves-cose = { version = "0.5.0", default-features = false } mbedtls = { version = "0.12", features = ["rdrand", "std", "time", "ssl"], default-features = false, optional = true } num-bigint = "0.4" serde = { version = "1.0", features = ["derive"] } From bb1058a37bafe64c9a1311f6f266036b31fe406e Mon Sep 17 00:00:00 2001 From: Raoul Strackx Date: Wed, 14 Aug 2024 16:10:21 +0200 Subject: [PATCH 4/6] Allow unexpected cfgs --- em-app/src/lib.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/em-app/src/lib.rs b/em-app/src/lib.rs index 42a28c57..3ae84dd5 100644 --- a/em-app/src/lib.rs +++ b/em-app/src/lib.rs @@ -3,6 +3,7 @@ * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +#![allow(unexpected_cfgs)] // fortanixvme platform hasn't been upstreamed yet, but used in cfg pub extern crate serde_derive; pub mod mbedtls_hyper; From eae86692885462f783760689dae3524f4266afa1 Mon Sep 17 00:00:00 2001 From: Raoul Strackx Date: Wed, 14 Aug 2024 16:12:35 +0200 Subject: [PATCH 5/6] Resolve serde issue on sdkms --- Cargo.lock | 15 +++++++-------- em-app/Cargo.toml | 4 ++-- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 877eab57..d0ac329c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -808,7 +808,7 @@ dependencies = [ "sgx_pkix", "url 1.7.2", "uuid 0.6.5", - "uuid 0.7.4", + "uuid 0.8.2", "vme-pkix", "yasna 0.3.2", ] @@ -3005,9 +3005,9 @@ checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" [[package]] name = "sdkms" -version = "0.2.1" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c843377a2ed87d63e487c7b41b1a82446ab7dc836addd66d63010ea05b14aaf7" +checksum = "5b12e3cb05862db268118482cbad26eee384b479de1924fe5404028e3444481a" dependencies = [ "bitflags 1.2.1", "chrono", @@ -3015,10 +3015,9 @@ dependencies = [ "log 0.4.21", "rustc-serialize", "serde", - "serde_derive 1.0.132", "serde_json", "url 1.7.2", - "uuid 0.7.4", + "uuid 0.8.2", ] [[package]] @@ -3860,11 +3859,11 @@ dependencies = [ [[package]] name = "uuid" -version = "0.7.4" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90dbc611eb48397705a6b0f6e917da23ae517e4d127123d2cf7674206627d32a" +checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7" dependencies = [ - "rand 0.6.5", + "getrandom 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", "serde", ] diff --git a/em-app/Cargo.toml b/em-app/Cargo.toml index 205a305b..8f2e7951 100644 --- a/em-app/Cargo.toml +++ b/em-app/Cargo.toml @@ -18,14 +18,14 @@ mbedtls = { version = "0.12", default-features = false, features = ["rdrand", "s pkix = ">=0.1.2, <0.3.0" rustc-serialize = "0.3.24" -sdkms = { version = "0.2.1", default-features = false } +sdkms = { version = "0.3", default-features = false } serde = "1.0.123" serde_bytes = "0.11" serde_derive = "1.0.123" serde_json = "1.0" url = "1" uuid = { version = "0.6.3", features = ["v4", "serde"] } -uuid_sdkms = { package = "uuid", version = "0.7.4", features = ["v4", "serde"] } +uuid_sdkms = { package = "uuid", version = "0.8", features = ["v4", "serde"] } yasna = { version = "0.3", features = ["num-bigint", "bit-vec"] } From 7550ebd95e86d9f77a44fd63cfedc4dc24539eb6 Mon Sep 17 00:00:00 2001 From: Raoul Strackx Date: Thu, 15 Aug 2024 15:00:03 +0200 Subject: [PATCH 6/6] Remove patch for aws-nitro-enclaves-cose v0.5 --- Cargo.lock | 9 +++++---- Cargo.toml | 3 +-- .../nitro-attestation-verify/Cargo.toml | 2 -- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d0ac329c..80950b11 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -104,7 +104,7 @@ checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" [[package]] name = "aws-nitro-enclaves-cose" version = "0.1.0" -source = "git+https://github.com/fortanix/aws-nitro-enclaves-cose.git?branch=raoul/0.1.1#fe2558390c13cbd0e82f9c1610e74c4a4ddfd7e1" +source = "git+https://github.com/fortanix/aws-nitro-enclaves-cose.git?branch=v0.1.0-patched#fe2558390c13cbd0e82f9c1610e74c4a4ddfd7e1" dependencies = [ "openssl", "serde", @@ -116,8 +116,9 @@ dependencies = [ [[package]] name = "aws-nitro-enclaves-cose" -version = "0.5.0" -source = "git+https://github.com/fortanix/aws-nitro-enclaves-cose.git?branch=raoul/crypto_abstraction_pinned#917f95a5e0c69e81a573ada98a5047e7080b44c3" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ce1d9954a5cb2841ad8ab206a050cd07ed34200ea6aafb7fa73a33771aaf48c" dependencies = [ "serde", "serde_bytes", @@ -1937,7 +1938,7 @@ dependencies = [ name = "nitro-attestation-verify" version = "0.1.1" dependencies = [ - "aws-nitro-enclaves-cose 0.5.0", + "aws-nitro-enclaves-cose 0.5.1", "chrono", "lazy_static", "mbedtls", diff --git a/Cargo.toml b/Cargo.toml index d18b6934..516fc759 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -48,8 +48,7 @@ exclude = [ resolver = "2" [patch.crates-io] -aws-nitro-enclaves-cose_0_1 = { git = "https://github.com/fortanix/aws-nitro-enclaves-cose.git", branch = "raoul/0.1.1", package = "aws-nitro-enclaves-cose" } -aws-nitro-enclaves-cose_0_5 = { git = "https://github.com/fortanix/aws-nitro-enclaves-cose.git", branch = "raoul/crypto_abstraction_pinned", package = "aws-nitro-enclaves-cose" } +aws-nitro-enclaves-cose_0_1 = { git = "https://github.com/fortanix/aws-nitro-enclaves-cose.git", branch = "v0.1.0-patched", package = "aws-nitro-enclaves-cose" } libc = { git = "https://github.com/fortanix/libc.git", branch = "fortanixvme" } nix = { git = "https://github.com/fortanix/nix.git", branch = "raoul/fortanixvme_r0.20.2" } rustc-serialize = { git = "https://github.com/fortanix/rustc-serialize.git", branch = "portability" } diff --git a/fortanix-vme/aws-nitro-enclaves/nitro-attestation-verify/Cargo.toml b/fortanix-vme/aws-nitro-enclaves/nitro-attestation-verify/Cargo.toml index b71e2790..999637de 100644 --- a/fortanix-vme/aws-nitro-enclaves/nitro-attestation-verify/Cargo.toml +++ b/fortanix-vme/aws-nitro-enclaves/nitro-attestation-verify/Cargo.toml @@ -8,8 +8,6 @@ publish = false [dependencies] chrono = "0.4" serde_cbor = "0.11" -# Required until PR36 is accepted -# https://github.com/awslabs/aws-nitro-enclaves-cose/pull/36 aws-nitro-enclaves-cose = { version = "0.5.0", default-features = false } mbedtls = { version = "0.12", features = ["rdrand", "std", "time", "ssl"], default-features = false, optional = true } num-bigint = "0.4"