From 0234821ab4ddd23123bb65a36286f4287cac3688 Mon Sep 17 00:00:00 2001 From: mudler Date: Wed, 6 Nov 2024 16:02:25 +0100 Subject: [PATCH] chore: delete unused code This code isn't currently used, was used with the initial implementation Signed-off-by: mudler --- internal/api/start.go | 20 ------------------ pkg/tee/report.go | 49 ------------------------------------------- tee/embed.go | 6 ------ tee/public.pem | 11 ---------- 4 files changed, 86 deletions(-) delete mode 100644 pkg/tee/report.go delete mode 100644 tee/embed.go delete mode 100644 tee/public.pem diff --git a/internal/api/start.go b/internal/api/start.go index 4ba69604..23b4e442 100644 --- a/internal/api/start.go +++ b/internal/api/start.go @@ -84,26 +84,6 @@ func Start(ctx context.Context, listenAddress string) { return c.String(http.StatusOK, b64) }) - e.GET("/job/:job_id/status", func(c echo.Context) error { - res, exists := jobServer.GetJobResult(c.Param("job_id")) - if !exists { - return c.JSON(http.StatusNotFound, types.JobError{Error: "Job not found"}) - } - - dat, err := json.Marshal(res.Data) - if err != nil { - return err - } - sealedData, err := tee.Seal(dat) - if err != nil { - return err - } - - b64 := base64.StdEncoding.EncodeToString(sealedData) - - return c.String(http.StatusOK, b64) - }) - /* curl localhost:8080/decrypt -H "Content-Type: application/json" -d '{ "encrypted_result": "'$result'" }' diff --git a/pkg/tee/report.go b/pkg/tee/report.go deleted file mode 100644 index dd6ca79d..00000000 --- a/pkg/tee/report.go +++ /dev/null @@ -1,49 +0,0 @@ -package tee - -import ( - "bytes" - "crypto/sha256" - "encoding/binary" - "errors" - "fmt" - - "github.com/edgelesssys/ego/attestation" - "github.com/edgelesssys/ego/attestation/tcbstatus" - "github.com/edgelesssys/ego/enclave" -) - -func VerifyReport(reportBytes, certBytes, signer []byte, production bool) error { - report, err := enclave.VerifyRemoteReport(reportBytes) - if err == attestation.ErrTCBLevelInvalid { - fmt.Printf("Warning: TCB level is invalid: %v\n%v\n", report.TCBStatus, tcbstatus.Explain(report.TCBStatus)) - // XXX: We'll ignore this issue for now. For an app that should run in production, you must decide which of the different TCBStatus values are acceptable for you to continue.") - if production { - return errors.New("TCB level is invalid") - } - } else if err != nil { - return err - } - - hash := sha256.Sum256(certBytes) - if !bytes.Equal(report.Data[:len(hash)], hash[:]) { - return errors.New("report data does not match the certificate's hash") - } - - // You can either verify the UniqueID or the tuple (SignerID, ProductID, SecurityVersion, Debug). - if report.SecurityVersion < 2 { - return errors.New("invalid security version") - } - if binary.LittleEndian.Uint16(report.ProductID) != 1234 { - return errors.New("invalid product") - } - if !bytes.Equal(report.SignerID, signer) { - return errors.New("invalid signer") - } - - // For production, you must also verify that report.Debug == false - if production && report.Debug { - return errors.New("debug is true") - } - - return nil -} diff --git a/tee/embed.go b/tee/embed.go deleted file mode 100644 index 6bda1d6f..00000000 --- a/tee/embed.go +++ /dev/null @@ -1,6 +0,0 @@ -package teekeys - -import "embed" - -//go:embed * -var EmbeddedCertificates embed.FS diff --git a/tee/public.pem b/tee/public.pem deleted file mode 100644 index 94325c0a..00000000 --- a/tee/public.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBoDANBgkqhkiG9w0BAQEFAAOCAY0AMIIBiAKCAYEA4bIGCf6JzsB3Bn2gLcid -nqtiTb08Y2r/7JZYn5QXPWZYneu2bKGYsd+BuAC7ILH0Z7ldMrzqwpWADbNg5Uwf -IA3ao5V9aeikt3SdIoaCtGJiCFqFkqe5a8SlS1momiID3tSMMpgC6B9DGHJRbadJ -zLl3cL8X7AKX3BaDK8StUMEbqOI8/lhBpSyuJrqA9+kplUD9CL5GkSvTXwAK0yks -/bTI47D80AvemmWtiVhsGvf/YPZUw5fylTTfyxjmh9mloCVfyp5IyAj13aaWnSyk -wbknzxsaiN8yb5hNbYtlyf1TAaOsKtlZunnM8gY3DKz0QXjHU5nv4DXPK8yO3NAx -rUIN68M+sMdE6MqIejSrgRJaQdEwWBbRzsfe9iU5YzNJm3YFwGNhqn8LMPOsUYt4 -ngkXjBENbwZDHbWOzvdPLR6oD/Z9yae0OCcWs9X2ic9bbM01kvBFlVR44u2CAkk1 -4i3shZGMBNRVPsKI9uacVd/C+H5nYBMKsSX0epZPfx/1AgED ------END PUBLIC KEY-----