-
Notifications
You must be signed in to change notification settings - Fork 166
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
attest: Add attest_len
& attest
ops.
#1591
Conversation
converted to DRAFT till I test on a gimlet |
5010307
to
1bca9d5
Compare
this has been tested with dev & mfg builds with platform identity cert signed by staging root https://github.com/oxidecomputer/evidence-room/blob/main/staging/2023-05-12_provisioning/output/platform-identity-root-a.cert.pem on a PSC rev-b & Gimlet rev-c including |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Calling the `attest` op will cause the `Attest` task to produce the signature: `sign(alias_priv, sha3_256(hubpack(log) | nonce))`. The caller can then use other ops from the `Attest` task to verify the signature.
This is the first op supported by sprot that takes both a read and a write lease. Following the existing structure of `handle_request` we add a new `Attest` variant to the TrailingData enum where we store the appropriately sized slice that holds the read lease. As a result we must be more explicit about the lifetimes in the `handle_request` method because it's return value no longer has the same lifetime as the `self` param (3rd lifetime elision rule). The rest is pretty straight forward with the call to `Attest::attest` happending in the match arm for this new `TrailingData` variant.
Calling the
attest
op will cause theAttest
task to produce the signature:sign(alias_priv, sha3_256(hubpack(log) | nonce))
. The caller can then use other ops from theAttest
task to verify the signature.