diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..1685375 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,33 @@ +name: Create and publish images + +on: + push: + branches: + - main + paths: + - 'VERSION' + +jobs: + build-and-push: + runs-on: ubuntu-latest + steps: + - name: Check out the repo + uses: actions/checkout@v5 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to the GitHub Container Registry + uses: docker/login-action@v3.6.0 + with: + registry: ghcr.io + username: faasm + password: ${{ secrets.GHCR_PAT }} + + - name: Tag the current version + run: ./scripts/accli_wrapper.sh dev tag --force + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push images + run: ./scripts/accli_wrapper.sh docker build-all --push diff --git a/.github/workflows/checks.yml b/.github/workflows/tests.yml similarity index 61% rename from .github/workflows/checks.yml rename to .github/workflows/tests.yml index 46ae611..453fb5d 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/tests.yml @@ -1,4 +1,4 @@ -name: "Formatting checks" +name: "Integration Tests" on: push: @@ -17,6 +17,18 @@ concurrency: cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} jobs: + unit-tests: + if: github.event.pull_request.draft == false + runs-on: ubuntu-24.04 + steps: + - name: "Checkout code" + uses: actions/checkout@v4 + - name: "Run Rust unit tests" + run: | + source ./scripts/workon.sh + # TODO: move to accli dev test + cargo test + checks: if: github.event.pull_request.draft == false runs-on: ubuntu-24.04 @@ -25,7 +37,5 @@ jobs: uses: actions/checkout@v4 - name: "Install clang-format" run: sudo apt install -y clang-format - - name: "Cargo version" - run: cargo version - name: "Run formatting checks" - run: ./bin/invrs_wrapper.sh format-code --check + run: ./scripts/accli_wrapper.sh dev format-code diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index a1a6ed3..0000000 --- a/.gitmodules +++ /dev/null @@ -1,3 +0,0 @@ -[submodule "accless/libs/rabe"] - path = accless/libs/rabe - url = https://github.com/faasm/rabe.git diff --git a/invrs/Cargo.lock b/Cargo.lock similarity index 67% rename from invrs/Cargo.lock rename to Cargo.lock index 7d4cd9e..9caf089 100644 --- a/invrs/Cargo.lock +++ b/Cargo.lock @@ -2,6 +2,131 @@ # It is not intended for manual editing. version = 4 +[[package]] +name = "accless-abe4" +version = "0.8.0" +dependencies = [ + "anyhow", + "ark-bls12-377", + "ark-bls12-381", + "ark-ec", + "ark-ff", + "ark-mnt4-298", + "ark-std", + "sha2", +] + +[[package]] +name = "accless-finra-cloudevent-handler" +version = "0.8.0" +dependencies = [ + "cloudevents-sdk", + "futures-util", + "minio", + "once_cell", + "rand 0.9.2", + "reqwest 0.12.24", + "serde_json", + "tokio", + "uuid", + "warp", +] + +[[package]] +name = "accless-jwt" +version = "0.8.0" +dependencies = [ + "anyhow", + "base64 0.22.1", + "rsa", + "serde", + "serde_json", + "x509-parser", +] + +[[package]] +name = "accless-ml-inference-cloudevent-handler" +version = "0.8.0" +dependencies = [ + "cloudevents-sdk", + "futures-util", + "minio", + "once_cell", + "rand 0.9.2", + "reqwest 0.12.24", + "serde_json", + "tokio", + "uuid", + "warp", +] + +[[package]] +name = "accless-ml-training-cloudevent-handler" +version = "0.8.0" +dependencies = [ + "cloudevents-sdk", + "futures-util", + "minio", + "once_cell", + "rand 0.9.2", + "reqwest 0.12.24", + "serde_json", + "tokio", + "uuid", + "warp", +] + +[[package]] +name = "accless-word-count-cloudevent-handler" +version = "0.8.0" +dependencies = [ + "cloudevents-sdk", + "futures-util", + "minio", + "once_cell", + "rand 0.9.2", + "reqwest 0.12.24", + "serde_json", + "tokio", + "uuid", + "warp", +] + +[[package]] +name = "accli" +version = "0.8.0" +dependencies = [ + "aes-gcm", + "aes-gcm-siv", + "anyhow", + "base64 0.22.1", + "bytes", + "chrono", + "clap", + "csv", + "env_logger 0.11.8", + "futures", + "futures-util", + "hex", + "indicatif", + "log", + "minio", + "plotters", + "rabe", + "rand 0.9.2", + "regex", + "reqwest 0.12.24", + "serde", + "serde_json", + "serde_yaml", + "sha2", + "shell-words", + "shellexpand", + "subtle", + "tokio", + "walkdir", +] + [[package]] name = "adler2" version = "2.0.1" @@ -58,6 +183,18 @@ dependencies = [ "zeroize", ] +[[package]] +name = "ahash" +version = "0.8.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a15f179cd60c4584b8a8c596927aadc462e27f2ca70c04e0071964a73ba7a75" +dependencies = [ + "cfg-if", + "once_cell", + "version_check", + "zerocopy", +] + [[package]] name = "aho-corasick" version = "1.1.3" @@ -132,6 +269,185 @@ version = "1.0.100" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a23eb6b1614318a8071c9b2521f36b424b2c83db5eb3a0fead4a6c0809af6e61" +[[package]] +name = "ark-bls12-377" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fb00293ba84f51ce3bd026bd0de55899c4e68f0a39a5728cebae3a73ffdc0a4f" +dependencies = [ + "ark-ec", + "ark-ff", + "ark-std", +] + +[[package]] +name = "ark-bls12-381" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c775f0d12169cba7aae4caeb547bb6a50781c7449a8aa53793827c9ec4abf488" +dependencies = [ + "ark-ec", + "ark-ff", + "ark-serialize", + "ark-std", +] + +[[package]] +name = "ark-ec" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "defd9a439d56ac24968cca0571f598a61bc8c55f71d50a89cda591cb750670ba" +dependencies = [ + "ark-ff", + "ark-poly", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", + "itertools 0.10.5", + "num-traits", + "zeroize", +] + +[[package]] +name = "ark-ff" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec847af850f44ad29048935519032c33da8aa03340876d351dfab5660d2966ba" +dependencies = [ + "ark-ff-asm", + "ark-ff-macros", + "ark-serialize", + "ark-std", + "derivative", + "digest", + "itertools 0.10.5", + "num-bigint", + "num-traits", + "paste", + "rustc_version", + "zeroize", +] + +[[package]] +name = "ark-ff-asm" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ed4aa4fe255d0bc6d79373f7e31d2ea147bcf486cba1be5ba7ea85abdb92348" +dependencies = [ + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-ff-macros" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7abe79b0e4288889c4574159ab790824d0033b9fdcb2a112a3182fac2e514565" +dependencies = [ + "num-bigint", + "num-traits", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-mnt4-298" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ecb284f9f38cbedcae7e78f33e9a1f813db4e6b8103dacc3a143c2ddf32941aa" +dependencies = [ + "ark-ec", + "ark-ff", + "ark-std", +] + +[[package]] +name = "ark-poly" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf" +dependencies = [ + "ark-ff", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", +] + +[[package]] +name = "ark-serialize" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "adb7b85a02b83d2f22f89bd5cac66c9c89474240cb6207cb1efc16d098e822a5" +dependencies = [ + "ark-serialize-derive", + "ark-std", + "digest", + "num-bigint", +] + +[[package]] +name = "ark-serialize-derive" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae3281bc6d0fd7e549af32b52511e1302185bd688fd3359fa36423346ff682ea" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-std" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94893f1e0c6eeab764ade8dc4c0db24caf4fe7cbbaafc0eba0a9030f447b5185" +dependencies = [ + "num-traits", + "rand 0.8.5", +] + +[[package]] +name = "asn1-rs" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5493c3bedbacf7fd7382c6346bbd66687d12bbaad3a89a2d2c303ee6cf20b048" +dependencies = [ + "asn1-rs-derive", + "asn1-rs-impl", + "displaydoc", + "nom", + "num-traits", + "rusticata-macros", + "thiserror 1.0.69", + "time", +] + +[[package]] +name = "asn1-rs-derive" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "965c2d33e53cb6b267e148a4cb0760bc01f4904c1cd4bb4002a085bb016d1490" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.108", + "synstructure", +] + +[[package]] +name = "asn1-rs-impl" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7b18050c2cd6fe86c3a76584ef5e0baf286d038cda203eb6223df2cc413565f7" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.108", +] + [[package]] name = "async-recursion" version = "1.1.1" @@ -140,7 +456,7 @@ checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -151,7 +467,7 @@ checksum = "9035ad2d096bed7955a320ee7e2230574d28fd3c3a0f186cbea1ff3c7eed5dbb" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -160,18 +476,174 @@ version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0" +[[package]] +name = "attestation-service" +version = "0.8.0" +dependencies = [ + "aes-gcm", + "anyhow", + "axum", + "base64 0.22.1", + "bytes", + "chrono", + "hyper 1.7.0", + "hyper-util", + "jsonwebtoken", + "p256", + "ring", + "rustls", + "rustls-pemfile", + "serde", + "serde_json", + "snpguest", + "tokio", + "tokio-rustls", + "ureq", +] + [[package]] name = "autocfg" version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" +[[package]] +name = "aws-lc-rs" +version = "1.14.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "879b6c89592deb404ba4dc0ae6b58ffd1795c78991cbb5b8bc441c48a070440d" +dependencies = [ + "aws-lc-sys", + "zeroize", +] + +[[package]] +name = "aws-lc-sys" +version = "0.32.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "107a4e9d9cab9963e04e84bb8dee0e25f2a987f9a8bad5ed054abd439caa8f8c" +dependencies = [ + "bindgen", + "cc", + "cmake", + "dunce", + "fs_extra", +] + +[[package]] +name = "axum" +version = "0.7.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "edca88bc138befd0323b20752846e6587272d3b03b0343c8ea28a6f819e6e71f" +dependencies = [ + "async-trait", + "axum-core", + "bytes", + "futures-util", + "http 1.3.1", + "http-body 1.0.1", + "http-body-util", + "hyper 1.7.0", + "hyper-util", + "itoa", + "matchit", + "memchr", + "mime", + "percent-encoding", + "pin-project-lite", + "rustversion", + "serde", + "serde_json", + "serde_path_to_error", + "serde_urlencoded", + "sync_wrapper 1.0.2", + "tokio", + "tower", + "tower-layer", + "tower-service", + "tracing", +] + +[[package]] +name = "axum-core" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09f2bd6146b97ae3359fa0cc6d6b376d9539582c7b4220f041a33ec24c226199" +dependencies = [ + "async-trait", + "bytes", + "futures-util", + "http 1.3.1", + "http-body 1.0.1", + "http-body-util", + "mime", + "pin-project-lite", + "rustversion", + "sync_wrapper 1.0.2", + "tower-layer", + "tower-service", + "tracing", +] + +[[package]] +name = "base16ct" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c7f02d4ea65f2c1853089ffd8d2787bdbc63de2f0d29dedbcf8ccdfa0ccd4cf" + +[[package]] +name = "base64" +version = "0.21.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" + [[package]] name = "base64" version = "0.22.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" +[[package]] +name = "base64ct" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "55248b47b0caf0546f7988906588779981c43bb1bc9d0c44087278f80cdb44ba" + +[[package]] +name = "bincode" +version = "1.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1f45e9417d87227c7a56d22e471c6206462cba514c7590c09aff4cf6d1ddcad" +dependencies = [ + "serde", +] + +[[package]] +name = "bindgen" +version = "0.72.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "993776b509cfb49c750f11b8f07a46fa23e0a1386ffc01fb1e7d343efc387895" +dependencies = [ + "bitflags 2.10.0", + "cexpr", + "clang-sys", + "itertools 0.13.0", + "log", + "prettyplease", + "proc-macro2", + "quote", + "regex", + "rustc-hash", + "shlex", + "syn 2.0.108", +] + +[[package]] +name = "bitfield" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c821a6e124197eb56d907ccc2188eab1038fb919c914f47976e64dd8dbc855d1" + [[package]] name = "bitflags" version = "1.3.2" @@ -224,9 +696,20 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ac9fe6cdbb24b6ade63616c0a0688e45bb56732262c158df3c0c4bea4ca47cb7" dependencies = [ "find-msvc-tools", + "jobserver", + "libc", "shlex", ] +[[package]] +name = "cexpr" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fac387a98bb7c37292057cffc56d62ecb629900026402633ae9160df93a8766" +dependencies = [ + "nom", +] + [[package]] name = "cfg-if" version = "1.0.4" @@ -248,6 +731,7 @@ dependencies = [ "iana-time-zone", "js-sys", "num-traits", + "serde", "wasm-bindgen", "windows-link 0.2.1", ] @@ -262,6 +746,17 @@ dependencies = [ "inout", ] +[[package]] +name = "clang-sys" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b023947811758c97c59bf9d1c188fd619ad4718dcaa767947df1cadb14f39f4" +dependencies = [ + "glob", + "libc", + "libloading", +] + [[package]] name = "clap" version = "4.5.50" @@ -272,6 +767,15 @@ dependencies = [ "clap_derive", ] +[[package]] +name = "clap-num" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "822c4000301ac390e65995c62207501e3ef800a1fc441df913a5e8e4dc374816" +dependencies = [ + "num-traits", +] + [[package]] name = "clap_builder" version = "4.5.50" @@ -293,7 +797,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -302,6 +806,47 @@ version = "0.7.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a1d728cc89cf3aee9ff92b05e62b19ee65a02b5702cff7d5a377e32c6ae29d8d" +[[package]] +name = "cloudevents-sdk" +version = "0.8.0" +source = "git+https://github.com/cloudevents/sdk-rust.git?rev=fa0aadb31de82956d44fba4b50c6a002d5bd0b7b#fa0aadb31de82956d44fba4b50c6a002d5bd0b7b" +dependencies = [ + "async-trait", + "base64 0.22.1", + "bitflags 2.10.0", + "bytes", + "chrono", + "delegate-attr", + "hostname", + "http 0.2.12", + "http 1.3.1", + "http-body-util", + "hyper 0.14.32", + "reqwest 0.12.24", + "serde", + "serde_json", + "snafu", + "url", + "uuid", + "warp", + "web-sys", +] + +[[package]] +name = "cmake" +version = "0.1.54" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7caa3f9de89ddbe2c607f4101924c5abec803763ae9534e4f4d7d8f84aa81f0" +dependencies = [ + "cc", +] + +[[package]] +name = "codicon" +version = "3.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "12170080f3533d6f09a19f81596f836854d0fa4867dc32c8172b8474b4e9de61" + [[package]] name = "color_quant" version = "1.1.0" @@ -314,6 +859,12 @@ version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b05b61dc5112cbb17e4b6cd61790d9845d13888356391624cbe7e41efeac1e75" +[[package]] +name = "colorful" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97af0562545a7d7f3d9222fcf909963bec36dcb502afaacab98c6ffac8da47ce" + [[package]] name = "console" version = "0.15.11" @@ -327,6 +878,12 @@ dependencies = [ "windows-sys 0.59.0", ] +[[package]] +name = "const-oid" +version = "0.9.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" + [[package]] name = "core-foundation" version = "0.9.4" @@ -412,6 +969,18 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "crypto-bigint" +version = "0.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0dc92fb57ca44df6db8059111ab3af99a63d5d0f8375d9972e319a379c6bab76" +dependencies = [ + "generic-array", + "rand_core 0.6.4", + "subtle", + "zeroize", +] + [[package]] name = "crypto-common" version = "0.1.6" @@ -466,6 +1035,48 @@ dependencies = [ "parking_lot_core", ] +[[package]] +name = "data-encoding" +version = "2.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a2330da5de22e8a3cb63252ce2abb30116bf5265e89c0e01bc17015ce30a476" + +[[package]] +name = "delegate-attr" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "51aac4c99b2e6775164b412ea33ae8441b2fde2dbf05a20bc0052a63d08c475b" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.108", +] + +[[package]] +name = "der" +version = "0.7.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7c1832837b905bbfb5101e07cc24c8deddf52f93225eee6ead5f4d63d53ddcb" +dependencies = [ + "const-oid", + "pem-rfc7468", + "zeroize", +] + +[[package]] +name = "der-parser" +version = "9.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5cd0a5c643689626bec213c4d8bd4d96acc8ffdb4ad4bb6bc16abf27d5f4b553" +dependencies = [ + "asn1-rs", + "displaydoc", + "nom", + "num-bigint", + "num-traits", + "rusticata-macros", +] + [[package]] name = "deranged" version = "0.5.4" @@ -493,17 +1104,39 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" dependencies = [ "block-buffer", + "const-oid", "crypto-common", "subtle", ] +[[package]] +name = "dirs" +version = "5.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44c45a9d03d6676652bcb5e724c7e988de1acad23a711b5217ab9cbecbec2225" +dependencies = [ + "dirs-sys 0.4.1", +] + [[package]] name = "dirs" version = "6.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c3e8aa94d75141228480295a7d0e7feb620b1a5ad9f12bc40be62411e38cce4e" dependencies = [ - "dirs-sys", + "dirs-sys 0.5.0", +] + +[[package]] +name = "dirs-sys" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "520f05a5cbd335fae5a99ff7a6ab8627577660ee5cfd6a94a6a929b52ff0321c" +dependencies = [ + "libc", + "option-ext", + "redox_users 0.4.6", + "windows-sys 0.48.0", ] [[package]] @@ -514,7 +1147,7 @@ checksum = "e01a3366d27ee9890022452ee61b2b63a67e6f13f58900b651ff5665f0bb1fab" dependencies = [ "libc", "option-ext", - "redox_users", + "redox_users 0.5.2", "windows-sys 0.61.2", ] @@ -526,7 +1159,7 @@ checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -538,6 +1171,12 @@ dependencies = [ "libloading", ] +[[package]] +name = "dunce" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813" + [[package]] name = "dwrote" version = "0.11.5" @@ -550,6 +1189,46 @@ dependencies = [ "wio", ] +[[package]] +name = "ecdsa" +version = "0.16.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee27f32b5c5292967d2d4a9d7f1e0b0aed2c15daded5a60300e4abb9d8020bca" +dependencies = [ + "der", + "digest", + "elliptic-curve", + "rfc6979", + "signature", + "spki", +] + +[[package]] +name = "either" +version = "1.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719" + +[[package]] +name = "elliptic-curve" +version = "0.13.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5e6043086bf7973472e0c7dff2142ea0b680d30e18d9cc40f267efbf222bd47" +dependencies = [ + "base16ct", + "crypto-bigint", + "digest", + "ff", + "generic-array", + "group", + "pem-rfc7468", + "pkcs8", + "rand_core 0.6.4", + "sec1", + "subtle", + "zeroize", +] + [[package]] name = "encode_unicode" version = "1.0.0" @@ -575,6 +1254,19 @@ dependencies = [ "regex", ] +[[package]] +name = "env_logger" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4cd405aab171cb85d6735e5c8d9db038c17d3ca007a4d2c25f337935c3d90580" +dependencies = [ + "humantime", + "is-terminal", + "log", + "regex", + "termcolor", +] + [[package]] name = "env_logger" version = "0.11.8" @@ -619,6 +1311,16 @@ dependencies = [ "simd-adler32", ] +[[package]] +name = "ff" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0b50bfb653653f9ca9095b427bed08ab8d75a137839d9ad64eb11810d5b6393" +dependencies = [ + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "find-msvc-tools" version = "0.1.4" @@ -627,9 +1329,9 @@ checksum = "52051878f80a721bb68ebfbc930e07b65ba72f2da88968ea5c06fd6ca3d3a127" [[package]] name = "flate2" -version = "1.1.4" +version = "1.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc5a4e564e38c699f2880d3fda590bedc2e69f3f84cd48b457bd892ce61d0aa9" +checksum = "bfe33edd8e85a12a67454e37f8c75e730830d83e313556ab9ebf9ee7fbeb3bfb" dependencies = [ "crc32fast", "miniz_oxide", @@ -658,7 +1360,7 @@ dependencies = [ "core-foundation", "core-graphics", "core-text", - "dirs", + "dirs 6.0.0", "dwrote", "float-ord", "freetype-sys", @@ -699,7 +1401,7 @@ checksum = "1a5c6c585bc94aaf2c7b51dd4c2ba22680844aba4c687be581871a6f518c5742" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -734,6 +1436,12 @@ dependencies = [ "pkg-config", ] +[[package]] +name = "fs_extra" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c" + [[package]] name = "futures" version = "0.3.31" @@ -790,7 +1498,7 @@ checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -831,6 +1539,7 @@ checksum = "4bb6743198531e02858aeaea5398fcc883e71851fcbcb5a2f773e2fb6cb1edf2" dependencies = [ "typenum", "version_check", + "zeroize", ] [[package]] @@ -880,6 +1589,42 @@ dependencies = [ "weezl", ] +[[package]] +name = "glob" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280" + +[[package]] +name = "group" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" +dependencies = [ + "ff", + "rand_core 0.6.4", + "subtle", +] + +[[package]] +name = "h2" +version = "0.3.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0beca50380b1fc32983fc1cb4587bfa4bb9e78fc259aad4a0032d2080309222d" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http 0.2.12", + "indexmap", + "slab", + "tokio", + "tokio-util", + "tracing", +] + [[package]] name = "h2" version = "0.4.12" @@ -891,7 +1636,7 @@ dependencies = [ "fnv", "futures-core", "futures-sink", - "http", + "http 1.3.1", "indexmap", "slab", "tokio", @@ -899,6 +1644,15 @@ dependencies = [ "tracing", ] +[[package]] +name = "hashbrown" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43a3c133739dddd0d2990f9a4bdf8eb4b21ef50e4851ca85ab661199821d510e" +dependencies = [ + "ahash", +] + [[package]] name = "hashbrown" version = "0.14.5" @@ -911,12 +1665,42 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5419bdc4f6a9207fbeba6d11b604d481addf78ecd10c11ad51e76c2f6482748d" +[[package]] +name = "headers" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06683b93020a07e3dbcf5f8c0f6d40080d725bea7936fc01ad345c01b97dc270" +dependencies = [ + "base64 0.21.7", + "bytes", + "headers-core", + "http 0.2.12", + "httpdate", + "mime", + "sha1", +] + +[[package]] +name = "headers-core" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7f66481bfee273957b1f20485a4ff3362987f85b2c236580d81b4eb7a326429" +dependencies = [ + "http 0.2.12", +] + [[package]] name = "heck" version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" +[[package]] +name = "hermit-abi" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc0fef456e4baa96da950455cd02c081ca953b141298e41db3fc7e36b1da849c" + [[package]] name = "hex" version = "0.4.3" @@ -934,11 +1718,33 @@ dependencies = [ [[package]] name = "home" -version = "0.5.11" +version = "0.5.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "589533453244b0995c858700322199b2becb13b627df2851f64a2775d024abcf" +checksum = "cc627f471c528ff0c4a49e1d5e60450c8f6461dd6d10ba9dcd3a61d3dff7728d" dependencies = [ - "windows-sys 0.59.0", + "windows-sys 0.61.2", +] + +[[package]] +name = "hostname" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a56f203cd1c76362b69e3863fd987520ac36cf70a8c92627449b2f64a8cf7d65" +dependencies = [ + "cfg-if", + "libc", + "windows-link 0.1.3", +] + +[[package]] +name = "http" +version = "0.2.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1" +dependencies = [ + "bytes", + "fnv", + "itoa", ] [[package]] @@ -952,6 +1758,17 @@ dependencies = [ "itoa", ] +[[package]] +name = "http-body" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2" +dependencies = [ + "bytes", + "http 0.2.12", + "pin-project-lite", +] + [[package]] name = "http-body" version = "1.0.1" @@ -959,7 +1776,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184" dependencies = [ "bytes", - "http", + "http 1.3.1", ] [[package]] @@ -970,8 +1787,8 @@ checksum = "b021d93e26becf5dc7e1b75b1bed1fd93124b374ceb73f43d4d4eafec896a64a" dependencies = [ "bytes", "futures-core", - "http", - "http-body", + "http 1.3.1", + "http-body 1.0.1", "pin-project-lite", ] @@ -987,6 +1804,36 @@ version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" +[[package]] +name = "humantime" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "135b12329e5e3ce057a9f972339ea52bc954fe1e9358ef27f95e89716fbc5424" + +[[package]] +name = "hyper" +version = "0.14.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41dfc780fdec9373c01bae43289ea34c972e40ee3c9f6b3c8801a35f35586ce7" +dependencies = [ + "bytes", + "futures-channel", + "futures-core", + "futures-util", + "h2 0.3.27", + "http 0.2.12", + "http-body 0.4.6", + "httparse", + "httpdate", + "itoa", + "pin-project-lite", + "socket2 0.5.10", + "tokio", + "tower-service", + "tracing", + "want", +] + [[package]] name = "hyper" version = "1.7.0" @@ -997,9 +1844,9 @@ dependencies = [ "bytes", "futures-channel", "futures-core", - "h2", - "http", - "http-body", + "h2 0.4.12", + "http 1.3.1", + "http-body 1.0.1", "httparse", "httpdate", "itoa", @@ -1016,15 +1863,28 @@ version = "0.27.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e3c93eb611681b207e1fe55d5a71ecf91572ec8a6705cdb6857f7d8d5242cf58" dependencies = [ - "http", - "hyper", + "http 1.3.1", + "hyper 1.7.0", "hyper-util", "rustls", "rustls-pki-types", "tokio", "tokio-rustls", "tower-service", - "webpki-roots", + "webpki-roots 1.0.3", +] + +[[package]] +name = "hyper-tls" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" +dependencies = [ + "bytes", + "hyper 0.14.32", + "native-tls", + "tokio", + "tokio-native-tls", ] [[package]] @@ -1035,7 +1895,7 @@ checksum = "70206fc6890eaca9fde8a0bf71caa2ddfc9fe045ac9e5c70df101a7dbde866e0" dependencies = [ "bytes", "http-body-util", - "hyper", + "hyper 1.7.0", "hyper-util", "native-tls", "tokio", @@ -1049,20 +1909,20 @@ version = "0.1.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3c6995591a8f1380fcb4ba966a252a4b29188d51d2b89e3a252f5305be65aea8" dependencies = [ - "base64", + "base64 0.22.1", "bytes", "futures-channel", "futures-core", "futures-util", - "http", - "http-body", - "hyper", + "http 1.3.1", + "http-body 1.0.1", + "hyper 1.7.0", "ipnet", "libc", "percent-encoding", "pin-project-lite", - "socket2", - "system-configuration", + "socket2 0.6.1", + "system-configuration 0.6.1", "tokio", "tower-service", "tracing", @@ -1247,38 +2107,10 @@ dependencies = [ ] [[package]] -name = "invrs" -version = "0.1.0" -dependencies = [ - "aes-gcm", - "aes-gcm-siv", - "anyhow", - "base64", - "bytes", - "chrono", - "clap", - "csv", - "env_logger", - "futures", - "futures-util", - "hex", - "indicatif", - "log", - "minio", - "plotters", - "rabe", - "rand 0.9.2", - "reqwest", - "serde", - "serde_json", - "serde_yaml", - "sha2", - "shell-words", - "shellexpand", - "subtle", - "tokio", - "walkdir", -] +name = "iocuddle" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d8972d5be69940353d5347a1344cb375d9b457d6809b428b05bb1ca2fb9ce007" [[package]] name = "ipnet" @@ -1296,12 +2128,41 @@ dependencies = [ "serde", ] +[[package]] +name = "is-terminal" +version = "0.4.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3640c1c38b8e4e43584d8df18be5fc6b0aa314ce6ebf51b53313d4306cca8e46" +dependencies = [ + "hermit-abi", + "libc", + "windows-sys 0.61.2", +] + [[package]] name = "is_terminal_polyfill" version = "1.70.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a6cb138bb79a146c1bd460005623e142ef0181e3d0219cb493e02f7d08a35695" +[[package]] +name = "itertools" +version = "0.10.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473" +dependencies = [ + "either", +] + +[[package]] +name = "itertools" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "413ee7dfc52ee1a4949ceeb7dbc8a33f2d6c088194d9f922fb8318faf1f01186" +dependencies = [ + "either", +] + [[package]] name = "itoa" version = "1.0.15" @@ -1329,7 +2190,17 @@ checksum = "03343451ff899767262ec32146f6d559dd759fdadf42ff0e227c7c48f72594b4" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", +] + +[[package]] +name = "jobserver" +version = "0.1.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9afb3de4395d6b3e67a780b6de64b51c978ecf11cb9a462c66be7d4ca9039d33" +dependencies = [ + "getrandom 0.3.4", + "libc", ] [[package]] @@ -1348,6 +2219,21 @@ dependencies = [ "wasm-bindgen", ] +[[package]] +name = "jsonwebtoken" +version = "9.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a87cc7a48537badeae96744432de36f4be2b4a34a05a5ef32e9dd8a1c169dde" +dependencies = [ + "base64 0.22.1", + "js-sys", + "pem", + "ring", + "serde", + "serde_json", + "simple_asn1", +] + [[package]] name = "keccak" version = "0.1.5" @@ -1362,6 +2248,9 @@ name = "lazy_static" version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" +dependencies = [ + "spin", +] [[package]] name = "libc" @@ -1379,6 +2268,12 @@ dependencies = [ "windows-link 0.2.1", ] +[[package]] +name = "libm" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f9fbbcab51052fe104eb5e5d351cf728d30a5be1fe14d9be8a3b097481fb97de" + [[package]] name = "libredox" version = "0.1.10" @@ -1422,6 +2317,12 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "112b39cec0b298b6c1999fee3e31427f74f676e4cb9879ed1a121b43661a4154" +[[package]] +name = "matchit" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e7465ac9959cc2b1404e8e2367b43684a6d13790fe23056cc8c6c5a6b7bcb94" + [[package]] name = "md5" version = "0.7.0" @@ -1434,12 +2335,37 @@ version = "2.7.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f52b00d39961fc5b2736ea853c9cc86238e165017a493d1d5c8eac6bdc4cc273" +[[package]] +name = "memoffset" +version = "0.6.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce" +dependencies = [ + "autocfg", +] + [[package]] name = "mime" version = "0.3.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" +[[package]] +name = "mime_guess" +version = "2.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f7c44f8e672c00fe5308fa235f821cb4198414e1c77935c1ab6948d3fd78550e" +dependencies = [ + "mime", + "unicase", +] + +[[package]] +name = "minimal-lexical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" + [[package]] name = "minio" version = "0.2.0-alpha" @@ -1447,20 +2373,20 @@ source = "git+https://github.com/minio/minio-rs.git?rev=b254b2f7aeaf18a1588a8800 dependencies = [ "async-recursion", "async-trait", - "base64", + "base64 0.22.1", "byteorder", "bytes", "chrono", "crc", "dashmap", "derivative", - "env_logger", + "env_logger 0.11.8", "futures-util", "hex", "hmac", "home", - "http", - "hyper", + "http 1.3.1", + "hyper 1.7.0", "lazy_static", "log", "md5", @@ -1469,7 +2395,7 @@ dependencies = [ "percent-encoding", "rand 0.8.5", "regex", - "reqwest", + "reqwest 0.12.24", "serde", "serde_json", "sha2", @@ -1494,11 +2420,35 @@ dependencies = [ name = "mio" version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69d83b0086dc8ecf3ce9ae2874b2d1290252e2a30720bea58a5c6639b0092873" +checksum = "69d83b0086dc8ecf3ce9ae2874b2d1290252e2a30720bea58a5c6639b0092873" +dependencies = [ + "libc", + "wasi", + "windows-sys 0.61.2", +] + +[[package]] +name = "msru" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "15a014208ef068fd9eed02eceb063ecba151d9922de4f8b4bb3703ff3d2a3eaa" + +[[package]] +name = "multer" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01acbdc23469fd8fe07ab135923371d5f5a422fbf9c522158677c8eb15bc51c2" dependencies = [ - "libc", - "wasi", - "windows-sys 0.61.2", + "bytes", + "encoding_rs", + "futures-util", + "http 0.2.12", + "httparse", + "log", + "memchr", + "mime", + "spin", + "version_check", ] [[package]] @@ -1527,12 +2477,82 @@ dependencies = [ "tempfile", ] +[[package]] +name = "nix" +version = "0.23.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f3790c00a0150112de0f4cd161e3d7fc4b2d8a5542ffc35f099a2562aecb35c" +dependencies = [ + "bitflags 1.3.2", + "cc", + "cfg-if", + "libc", + "memoffset", +] + +[[package]] +name = "nom" +version = "7.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" +dependencies = [ + "memchr", + "minimal-lexical", +] + +[[package]] +name = "num-bigint" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9" +dependencies = [ + "num-integer", + "num-traits", +] + +[[package]] +name = "num-bigint-dig" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc84195820f291c7697304f3cbdadd1cb7199c0efc917ff5eafd71225c136151" +dependencies = [ + "byteorder", + "lazy_static", + "libm", + "num-integer", + "num-iter", + "num-traits", + "rand 0.8.5", + "smallvec", + "zeroize", +] + [[package]] name = "num-conv" version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9" +[[package]] +name = "num-integer" +version = "0.1.46" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" +dependencies = [ + "num-traits", +] + +[[package]] +name = "num-iter" +version = "0.1.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1429034a0490724d0075ebb2bc9e875d6503c3cf69e235a8941aa757d83ef5bf" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + [[package]] name = "num-traits" version = "0.2.19" @@ -1540,6 +2560,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" dependencies = [ "autocfg", + "libm", ] [[package]] @@ -1548,6 +2569,15 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "830b246a0e5f20af87141b25c173cd1b609bd7779a4617d6ec582abaf90870f3" +[[package]] +name = "oid-registry" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8d8034d9489cdaf79228eb9f6a3b8d7bb32ba00d6645ebd48eef4077ceb5bd9" +dependencies = [ + "asn1-rs", +] + [[package]] name = "once_cell" version = "1.21.3" @@ -1589,7 +2619,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -1598,6 +2628,15 @@ version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" +[[package]] +name = "openssl-src" +version = "300.5.4+3.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a507b3792995dae9b0df8a1c1e3771e8418b7c2d9f0baeba32e6fe8b06c7cb72" +dependencies = [ + "cc", +] + [[package]] name = "openssl-sys" version = "0.9.110" @@ -1606,6 +2645,7 @@ checksum = "0a9f0075ba3c21b09f8e8b2026584b1d18d49388648f2fbbf3c97ea8deced8e2" dependencies = [ "cc", "libc", + "openssl-src", "pkg-config", "vcpkg", ] @@ -1628,6 +2668,18 @@ dependencies = [ "windows-sys 0.52.0", ] +[[package]] +name = "p256" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c9863ad85fa8f4460f9c48cb909d38a0d689dba1f6f6988a5e3e0d31071bcd4b" +dependencies = [ + "ecdsa", + "elliptic-curve", + "primeorder", + "sha2", +] + [[package]] name = "parking_lot" version = "0.12.5" @@ -1651,6 +2703,12 @@ dependencies = [ "windows-link 0.2.1", ] +[[package]] +name = "paste" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57c0d7b74b563b49d38dae00a0c37d4d6de9b432382b2892f0574ddcae73fd0a" + [[package]] name = "pathfinder_geometry" version = "0.5.1" @@ -1670,6 +2728,25 @@ dependencies = [ "rustc_version", ] +[[package]] +name = "pem" +version = "3.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d30c53c26bc5b31a98cd02d20f25a7c8567146caf63ed593a9d87b2775291be" +dependencies = [ + "base64 0.22.1", + "serde_core", +] + +[[package]] +name = "pem-rfc7468" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412" +dependencies = [ + "base64ct", +] + [[package]] name = "percent-encoding" version = "2.3.2" @@ -1712,7 +2789,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -1725,6 +2802,26 @@ dependencies = [ "sha2", ] +[[package]] +name = "pin-project" +version = "1.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677f1add503faace112b9f1373e43e9e054bfdd22ff1a63c1bc485eaec6a6a8a" +dependencies = [ + "pin-project-internal", +] + +[[package]] +name = "pin-project-internal" +version = "1.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e918e4ff8c4549eb882f14b3a4bc8c8bc93de829416eacf579f1207a8fbf861" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.108", +] + [[package]] name = "pin-project-lite" version = "0.2.16" @@ -1737,6 +2834,27 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" +[[package]] +name = "pkcs1" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8ffb9f10fa047879315e6625af03c164b16962a5368d724ed16323b68ace47f" +dependencies = [ + "der", + "pkcs8", + "spki", +] + +[[package]] +name = "pkcs8" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" +dependencies = [ + "der", + "spki", +] + [[package]] name = "pkg-config" version = "0.3.32" @@ -1749,7 +2867,7 @@ version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "740ebea15c5d1428f910cd1a5f52cebf8d25006245ed8ade92702f4943d91e07" dependencies = [ - "base64", + "base64 0.22.1", "indexmap", "quick-xml", "serde", @@ -1866,11 +2984,30 @@ dependencies = [ "zerocopy", ] +[[package]] +name = "prettyplease" +version = "0.2.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "479ca8adacdd7ce8f1fb39ce9ecccbfe93a3f1344b3d0d97f20bc0196208f62b" +dependencies = [ + "proc-macro2", + "syn 2.0.108", +] + +[[package]] +name = "primeorder" +version = "0.13.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "353e1ca18966c16d9deb1c69278edbc5f194139612772bd9537af60ac231e1e6" +dependencies = [ + "elliptic-curve", +] + [[package]] name = "proc-macro2" -version = "1.0.101" +version = "1.0.103" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89ae43fd86e4158d6db51ad8e2b80f313af9cc74f5c0e03ccb87de09998732de" +checksum = "5ee95bc4ef87b8d5ba32e8b7714ccc834865276eab0aed5c9958d00ec45f49e8" dependencies = [ "unicode-ident", ] @@ -1897,8 +3034,8 @@ dependencies = [ "quinn-udp", "rustc-hash", "rustls", - "socket2", - "thiserror", + "socket2 0.6.1", + "thiserror 2.0.17", "tokio", "tracing", "web-time", @@ -1919,7 +3056,7 @@ dependencies = [ "rustls", "rustls-pki-types", "slab", - "thiserror", + "thiserror 2.0.17", "tinyvec", "tracing", "web-time", @@ -1934,7 +3071,7 @@ dependencies = [ "cfg_aliases", "libc", "once_cell", - "socket2", + "socket2 0.6.1", "tracing", "windows-sys 0.60.2", ] @@ -2041,6 +3178,15 @@ dependencies = [ "getrandom 0.3.4", ] +[[package]] +name = "rdrand" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d92195228612ac8eed47adbc2ed0f04e513a4ccb98175b6f2bd04d963b533655" +dependencies = [ + "rand_core 0.6.4", +] + [[package]] name = "redox_syscall" version = "0.5.18" @@ -2050,6 +3196,17 @@ dependencies = [ "bitflags 2.10.0", ] +[[package]] +name = "redox_users" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43" +dependencies = [ + "getrandom 0.2.16", + "libredox", + "thiserror 1.0.69", +] + [[package]] name = "redox_users" version = "0.5.2" @@ -2058,7 +3215,7 @@ checksum = "a4e608c6638b9c18977b00b475ac1f28d14e84b27d8d42f70e0bf1e3dec127ac" dependencies = [ "getrandom 0.2.16", "libredox", - "thiserror", + "thiserror 2.0.17", ] [[package]] @@ -2090,25 +3247,65 @@ version = "0.8.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7a2d987857b319362043e95f5353c0535c1f58eec5336fdfcf626430af7def58" +[[package]] +name = "reqwest" +version = "0.11.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd67538700a17451e7cba03ac727fb961abb7607553461627b97de0b89cf4a62" +dependencies = [ + "base64 0.21.7", + "bytes", + "encoding_rs", + "futures-core", + "futures-util", + "h2 0.3.27", + "http 0.2.12", + "http-body 0.4.6", + "hyper 0.14.32", + "hyper-tls 0.5.0", + "ipnet", + "js-sys", + "log", + "mime", + "native-tls", + "once_cell", + "percent-encoding", + "pin-project-lite", + "rustls-pemfile", + "serde", + "serde_json", + "serde_urlencoded", + "sync_wrapper 0.1.2", + "system-configuration 0.5.1", + "tokio", + "tokio-native-tls", + "tower-service", + "url", + "wasm-bindgen", + "wasm-bindgen-futures", + "web-sys", + "winreg", +] + [[package]] name = "reqwest" version = "0.12.24" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9d0946410b9f7b082a427e4ef5c8ff541a88b357bc6c637c40db3a68ac70a36f" dependencies = [ - "base64", + "base64 0.22.1", "bytes", "encoding_rs", "futures-channel", "futures-core", "futures-util", - "h2", - "http", - "http-body", + "h2 0.4.12", + "http 1.3.1", + "http-body 1.0.1", "http-body-util", - "hyper", + "hyper 1.7.0", "hyper-rustls", - "hyper-tls", + "hyper-tls 0.6.0", "hyper-util", "js-sys", "log", @@ -2122,7 +3319,7 @@ dependencies = [ "serde", "serde_json", "serde_urlencoded", - "sync_wrapper", + "sync_wrapper 1.0.2", "tokio", "tokio-native-tls", "tokio-rustls", @@ -2135,7 +3332,17 @@ dependencies = [ "wasm-bindgen-futures", "wasm-streams", "web-sys", - "webpki-roots", + "webpki-roots 1.0.3", +] + +[[package]] +name = "rfc6979" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8dd2a808d456c4a54e300a23e9f5a67e122c3024119acbfd73e3bf664491cb2" +dependencies = [ + "hmac", + "subtle", ] [[package]] @@ -2152,6 +3359,27 @@ dependencies = [ "windows-sys 0.52.0", ] +[[package]] +name = "rsa" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78928ac1ed176a5ca1d17e578a1825f3d81ca54cf41053a592584b020cfd691b" +dependencies = [ + "const-oid", + "digest", + "num-bigint-dig", + "num-integer", + "num-traits", + "pkcs1", + "pkcs8", + "rand_core 0.6.4", + "sha2", + "signature", + "spki", + "subtle", + "zeroize", +] + [[package]] name = "rustc-hash" version = "2.1.1" @@ -2167,6 +3395,15 @@ dependencies = [ "semver", ] +[[package]] +name = "rusticata-macros" +version = "4.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "faf0c4a6ece9950b9abdb62b1cfcf2a68b3b67a10ba445b3bb85be2a293d0632" +dependencies = [ + "nom", +] + [[package]] name = "rustix" version = "1.1.2" @@ -2186,6 +3423,8 @@ version = "0.23.34" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a9586e9ee2b4f8fab52a0048ca7334d7024eef48e2cb9407e3497bb7cab7fa7" dependencies = [ + "aws-lc-rs", + "log", "once_cell", "ring", "rustls-pki-types", @@ -2194,6 +3433,15 @@ dependencies = [ "zeroize", ] +[[package]] +name = "rustls-pemfile" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c" +dependencies = [ + "base64 0.21.7", +] + [[package]] name = "rustls-pki-types" version = "1.12.0" @@ -2210,6 +3458,7 @@ version = "0.103.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e10b3f4191e8a80e6b43eebabfac91e5dcecebb27a71f04e820c47ec41d314bf" dependencies = [ + "aws-lc-rs", "ring", "rustls-pki-types", "untrusted", @@ -2245,12 +3494,32 @@ dependencies = [ "windows-sys 0.61.2", ] +[[package]] +name = "scoped-tls" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e1cf6437eb19a8f4a6cc0f7dca544973b0b78843adbfeb3683d1a94a0024a294" + [[package]] name = "scopeguard" version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" +[[package]] +name = "sec1" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3e97a565f76233a6003f9f5c54be1d9c5bdfa3eccfb189469f11ec4901c47dc" +dependencies = [ + "base16ct", + "der", + "generic-array", + "pkcs8", + "subtle", + "zeroize", +] + [[package]] name = "security-framework" version = "2.11.1" @@ -2290,6 +3559,25 @@ dependencies = [ "serde_derive", ] +[[package]] +name = "serde-big-array" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11fc7cc2c76d73e0f27ee52abbd64eec84d46f370c88371120433196934e4b7f" +dependencies = [ + "serde", +] + +[[package]] +name = "serde_bytes" +version = "0.11.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a5d440709e79d88e51ac01c4b72fc6cb7314017bb7da9eeff678aa94c10e3ea8" +dependencies = [ + "serde", + "serde_core", +] + [[package]] name = "serde_core" version = "1.0.228" @@ -2307,7 +3595,7 @@ checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -2323,6 +3611,17 @@ dependencies = [ "serde_core", ] +[[package]] +name = "serde_path_to_error" +version = "0.1.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "10a9ff822e371bb5403e391ecd83e182e0e77ba7f6fe0160b795797109d1b457" +dependencies = [ + "itoa", + "serde", + "serde_core", +] + [[package]] name = "serde_urlencoded" version = "0.7.1" @@ -2336,16 +3635,53 @@ dependencies = [ ] [[package]] -name = "serde_yaml" -version = "0.9.34+deprecated" +name = "serde_yaml" +version = "0.9.34+deprecated" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" +dependencies = [ + "indexmap", + "itoa", + "ryu", + "serde", + "unsafe-libyaml", +] + +[[package]] +name = "sev" +version = "5.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b06afe5192a43814047ea0072f4935f830a1de3c8cb43b56c90ae6918468b94d" +dependencies = [ + "base64 0.22.1", + "bincode", + "bitfield", + "bitflags 1.3.2", + "byteorder", + "codicon", + "dirs 5.0.1", + "hex", + "iocuddle", + "lazy_static", + "libc", + "openssl", + "rdrand", + "serde", + "serde-big-array", + "serde_bytes", + "static_assertions", + "uuid", +] + +[[package]] +name = "sha1" +version = "0.10.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" +checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" dependencies = [ - "indexmap", - "itoa", - "ryu", - "serde", - "unsafe-libyaml", + "cfg-if", + "cpufeatures", + "digest", ] [[package]] @@ -2381,7 +3717,7 @@ version = "3.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b1fdf65dd6331831494dd616b30351c38e96e45921a27745cf98490458b90bb" dependencies = [ - "dirs", + "dirs 6.0.0", ] [[package]] @@ -2399,12 +3735,34 @@ dependencies = [ "libc", ] +[[package]] +name = "signature" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" +dependencies = [ + "digest", + "rand_core 0.6.4", +] + [[package]] name = "simd-adler32" version = "0.3.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d66dc143e6b11c1eddc06d5c423cfc97062865baf299914ab64caa38182078fe" +[[package]] +name = "simple_asn1" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "297f631f50729c8c99b84667867963997ec0b50f32b2a7dbcab828ef0541e8bb" +dependencies = [ + "num-bigint", + "num-traits", + "thiserror 2.0.17", + "time", +] + [[package]] name = "slab" version = "0.4.11" @@ -2417,6 +3775,62 @@ version = "1.15.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03" +[[package]] +name = "snafu" +version = "0.8.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e84b3f4eacbf3a1ce05eac6763b4d629d60cbc94d632e4092c54ade71f1e1a2" +dependencies = [ + "snafu-derive", +] + +[[package]] +name = "snafu-derive" +version = "0.8.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1c97747dbf44bb1ca44a561ece23508e99cb592e862f22222dcf42f51d1e451" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn 2.0.108", +] + +[[package]] +name = "snpguest" +version = "0.8.3" +source = "git+https://github.com/faasm/snpguest.git#d3697058d4981db9c8dca1f6321cab3ca5cb029d" +dependencies = [ + "anyhow", + "asn1-rs", + "base64 0.22.1", + "bincode", + "bitfield", + "clap", + "clap-num", + "colorful", + "env_logger 0.10.2", + "hex", + "msru", + "nix", + "openssl", + "rand 0.8.5", + "reqwest 0.11.27", + "serde", + "sev", + "x509-parser", +] + +[[package]] +name = "socket2" +version = "0.5.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e22376abed350d73dd1cd119b57ffccad95b4e585a7cda43e286245ce23c0678" +dependencies = [ + "libc", + "windows-sys 0.52.0", +] + [[package]] name = "socket2" version = "0.6.1" @@ -2427,12 +3841,34 @@ dependencies = [ "windows-sys 0.60.2", ] +[[package]] +name = "spin" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" + +[[package]] +name = "spki" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" +dependencies = [ + "base64ct", + "der", +] + [[package]] name = "stable_deref_trait" version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6ce2be8dc25455e1f91df71bfa12ad37d7af1092ae736f3a6cd0e37bc7810596" +[[package]] +name = "static_assertions" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" + [[package]] name = "strsim" version = "0.11.1" @@ -2458,15 +3894,21 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.107" +version = "2.0.108" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a26dbd934e5451d21ef060c018dae56fc073894c5a7896f882928a76e6d081b" +checksum = "da58917d35242480a05c2897064da0a80589a2a0476c9a3f2fdc83b53502e917" dependencies = [ "proc-macro2", "quote", "unicode-ident", ] +[[package]] +name = "sync_wrapper" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" + [[package]] name = "sync_wrapper" version = "1.0.2" @@ -2484,7 +3926,18 @@ checksum = "728a70f3dbaf5bab7f0c4b1ac8d7ae5ea60a4b5549c8a5914361c99147a709d2" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", +] + +[[package]] +name = "system-configuration" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7" +dependencies = [ + "bitflags 1.3.2", + "core-foundation", + "system-configuration-sys 0.5.0", ] [[package]] @@ -2495,7 +3948,17 @@ checksum = "3c879d448e9d986b661742763247d3693ed13609438cf3d006f51f5368a5ba6b" dependencies = [ "bitflags 2.10.0", "core-foundation", - "system-configuration-sys", + "system-configuration-sys 0.6.0", +] + +[[package]] +name = "system-configuration-sys" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a75fb188eb626b924683e3b95e3a48e63551fcfb51949de2f06a9d91dbee93c9" +dependencies = [ + "core-foundation-sys", + "libc", ] [[package]] @@ -2521,13 +3984,42 @@ dependencies = [ "windows-sys 0.61.2", ] +[[package]] +name = "termcolor" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06794f8f6c5c898b3275aebefa6b8a1cb24cd2c6c79397ab15774837a0bc5755" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "thiserror" +version = "1.0.69" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52" +dependencies = [ + "thiserror-impl 1.0.69", +] + [[package]] name = "thiserror" version = "2.0.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f63587ca0f12b72a0600bcba1d40081f830876000bb46dd2337a3051618f4fc8" dependencies = [ - "thiserror-impl", + "thiserror-impl 2.0.17", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.69" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.108", ] [[package]] @@ -2538,7 +4030,7 @@ checksum = "3ff15c8ecd7de3849db632e14d18d2571fa09dfc5ed93479bc4485c7a517c913" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -2609,7 +4101,7 @@ dependencies = [ "parking_lot", "pin-project-lite", "signal-hook-registry", - "socket2", + "socket2 0.6.1", "tokio-macros", "windows-sys 0.61.2", ] @@ -2622,7 +4114,7 @@ checksum = "af407857209536a95c8e56f8231ef2c2e2aff839b22e07a1ffcbc617e9db9fa5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -2656,6 +4148,18 @@ dependencies = [ "tokio", ] +[[package]] +name = "tokio-tungstenite" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c83b561d025642014097b66e6c1bb422783339e0909e4429cde4749d1990bc38" +dependencies = [ + "futures-util", + "log", + "tokio", + "tungstenite", +] + [[package]] name = "tokio-util" version = "0.7.16" @@ -2678,10 +4182,11 @@ dependencies = [ "futures-core", "futures-util", "pin-project-lite", - "sync_wrapper", + "sync_wrapper 1.0.2", "tokio", "tower-layer", "tower-service", + "tracing", ] [[package]] @@ -2693,8 +4198,8 @@ dependencies = [ "bitflags 2.10.0", "bytes", "futures-util", - "http", - "http-body", + "http 1.3.1", + "http-body 1.0.1", "iri-string", "pin-project-lite", "tower", @@ -2720,6 +4225,7 @@ version = "0.1.41" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0" dependencies = [ + "log", "pin-project-lite", "tracing-core", ] @@ -2745,6 +4251,25 @@ version = "0.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "17f77d76d837a7830fe1d4f12b7b4ba4192c1888001c7164257e4bc6d21d96b4" +[[package]] +name = "tungstenite" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ef1a641ea34f399a848dea702823bbecfb4c486f911735368f1f137cb8257e1" +dependencies = [ + "byteorder", + "bytes", + "data-encoding", + "http 1.3.1", + "httparse", + "log", + "rand 0.8.5", + "sha1", + "thiserror 1.0.69", + "url", + "utf-8", +] + [[package]] name = "typenum" version = "1.19.0" @@ -2757,6 +4282,12 @@ version = "0.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2896d95c02a80c6d6a5d6e953d479f5ddf2dfdb6a244441010e373ac0fb88971" +[[package]] +name = "unicase" +version = "2.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75b844d17643ee918803943289730bec8aac480150456169e647ed0b576ba539" + [[package]] name = "unicode-ident" version = "1.0.20" @@ -2791,6 +4322,24 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" +[[package]] +name = "ureq" +version = "2.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02d1a66277ed75f640d608235660df48c8e3c19f3b4edb6a263315626cc3c01d" +dependencies = [ + "base64 0.22.1", + "flate2", + "log", + "once_cell", + "rustls", + "rustls-pki-types", + "serde", + "serde_json", + "url", + "webpki-roots 0.26.11", +] + [[package]] name = "url" version = "2.5.7" @@ -2809,6 +4358,12 @@ version = "2.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da" +[[package]] +name = "utf-8" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9" + [[package]] name = "utf8_iter" version = "1.0.4" @@ -2821,6 +4376,18 @@ version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" +[[package]] +name = "uuid" +version = "1.18.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2f87b8aa10b915a06587d0dec516c282ff295b475d94abf425d62b57710070a2" +dependencies = [ + "getrandom 0.3.4", + "js-sys", + "serde", + "wasm-bindgen", +] + [[package]] name = "vcpkg" version = "0.2.15" @@ -2852,6 +4419,35 @@ dependencies = [ "try-lock", ] +[[package]] +name = "warp" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4378d202ff965b011c64817db11d5829506d3404edeadb61f190d111da3f231c" +dependencies = [ + "bytes", + "futures-channel", + "futures-util", + "headers", + "http 0.2.12", + "hyper 0.14.32", + "log", + "mime", + "mime_guess", + "multer", + "percent-encoding", + "pin-project", + "scoped-tls", + "serde", + "serde_json", + "serde_urlencoded", + "tokio", + "tokio-tungstenite", + "tokio-util", + "tower-service", + "tracing", +] + [[package]] name = "wasi" version = "0.11.1+wasi-snapshot-preview1" @@ -2890,7 +4486,7 @@ dependencies = [ "log", "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", "wasm-bindgen-shared", ] @@ -2925,7 +4521,7 @@ checksum = "9f07d2f20d4da7b26400c9f4a0511e6e0345b040694e8a75bd41d578fa4421d7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2972,6 +4568,15 @@ dependencies = [ "wasm-bindgen", ] +[[package]] +name = "webpki-roots" +version = "0.26.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "521bc38abb08001b01866da9f51eb7c5d647a19260e00054a8c7fd5f9e57f7a9" +dependencies = [ + "webpki-roots 1.0.3", +] + [[package]] name = "webpki-roots" version = "1.0.3" @@ -3039,7 +4644,7 @@ checksum = "053e2e040ab57b9dc951b72c264860db7eb3b0200ba345b4e4c3b14f67855ddf" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -3050,7 +4655,7 @@ checksum = "3f316c4a2570ba26bbec722032c4099d8c8bc095efccdc15688708623367e358" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -3112,6 +4717,15 @@ dependencies = [ "windows-link 0.2.1", ] +[[package]] +name = "windows-sys" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +dependencies = [ + "windows-targets 0.48.5", +] + [[package]] name = "windows-sys" version = "0.52.0" @@ -3148,6 +4762,21 @@ dependencies = [ "windows-link 0.2.1", ] +[[package]] +name = "windows-targets" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" +dependencies = [ + "windows_aarch64_gnullvm 0.48.5", + "windows_aarch64_msvc 0.48.5", + "windows_i686_gnu 0.48.5", + "windows_i686_msvc 0.48.5", + "windows_x86_64_gnu 0.48.5", + "windows_x86_64_gnullvm 0.48.5", + "windows_x86_64_msvc 0.48.5", +] + [[package]] name = "windows-targets" version = "0.52.6" @@ -3181,6 +4810,12 @@ dependencies = [ "windows_x86_64_msvc 0.53.1", ] +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" + [[package]] name = "windows_aarch64_gnullvm" version = "0.52.6" @@ -3193,6 +4828,12 @@ version = "0.53.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a9d8416fa8b42f5c947f8482c43e7d89e73a173cead56d044f6a56104a6d1b53" +[[package]] +name = "windows_aarch64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" + [[package]] name = "windows_aarch64_msvc" version = "0.52.6" @@ -3205,6 +4846,12 @@ version = "0.53.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b9d782e804c2f632e395708e99a94275910eb9100b2114651e04744e9b125006" +[[package]] +name = "windows_i686_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" + [[package]] name = "windows_i686_gnu" version = "0.52.6" @@ -3229,6 +4876,12 @@ version = "0.53.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fa7359d10048f68ab8b09fa71c3daccfb0e9b559aed648a8f95469c27057180c" +[[package]] +name = "windows_i686_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" + [[package]] name = "windows_i686_msvc" version = "0.52.6" @@ -3241,6 +4894,12 @@ version = "0.53.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1e7ac75179f18232fe9c285163565a57ef8d3c89254a30685b57d83a38d326c2" +[[package]] +name = "windows_x86_64_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" + [[package]] name = "windows_x86_64_gnu" version = "0.52.6" @@ -3253,6 +4912,12 @@ version = "0.53.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9c3842cdd74a865a8066ab39c8a7a473c0778a3f29370b5fd6b4b9aa7df4a499" +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" + [[package]] name = "windows_x86_64_gnullvm" version = "0.52.6" @@ -3265,6 +4930,12 @@ version = "0.53.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0ffa179e2d07eee8ad8f57493436566c7cc30ac536a3379fdf008f47f6bb7ae1" +[[package]] +name = "windows_x86_64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" + [[package]] name = "windows_x86_64_msvc" version = "0.52.6" @@ -3277,6 +4948,16 @@ version = "0.53.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d6bbff5f0aada427a1e5a6da5f1f98158182f26556f345ac9e04d36d0ebed650" +[[package]] +name = "winreg" +version = "0.50.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1" +dependencies = [ + "cfg-if", + "windows-sys 0.48.0", +] + [[package]] name = "wio" version = "0.2.2" @@ -3298,6 +4979,24 @@ version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ea2f10b9bb0928dfb1b42b65e1f9e36f7f54dbdf08457afefb38afcdec4fa2bb" +[[package]] +name = "x509-parser" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fcbc162f30700d6f3f82a24bf7cc62ffe7caea42c0b2cba8bf7f3ae50cf51f69" +dependencies = [ + "asn1-rs", + "data-encoding", + "der-parser", + "lazy_static", + "nom", + "oid-registry", + "ring", + "rusticata-macros", + "thiserror 1.0.69", + "time", +] + [[package]] name = "xml-rs" version = "0.8.27" @@ -3344,7 +5043,7 @@ checksum = "38da3c9736e16c5d3c8c597a9aaa5d1fa565d0532ae05e27c24aa62fb32c0ab6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", "synstructure", ] @@ -3365,7 +5064,7 @@ checksum = "88d2b8d9c68ad2b9e4340d7832716a4d21a22a1154777ad56ea55c51a9cf3831" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] [[package]] @@ -3385,7 +5084,7 @@ checksum = "d71e5d6e06ab090c67b5e44993ec16b72dcbaabc526db883a360057678b48502" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", "synstructure", ] @@ -3394,6 +5093,20 @@ name = "zeroize" version = "1.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0" +dependencies = [ + "zeroize_derive", +] + +[[package]] +name = "zeroize_derive" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.108", +] [[package]] name = "zerotrie" @@ -3425,5 +5138,5 @@ checksum = "5b96237efa0c878c64bd89c436f661be4e46b2f3eff1ebb976f7ef2321d2f58f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.107", + "syn 2.0.108", ] diff --git a/Cargo.toml b/Cargo.toml new file mode 100644 index 0000000..87e0394 --- /dev/null +++ b/Cargo.toml @@ -0,0 +1,73 @@ +[workspace] +resolver = "2" +members = [ + "accli", + "attestation-service", + "accless/libs/abe4", + "accless/libs/jwt", + "workflows/finra/knative", + "workflows/word-count/knative", + "workflows/ml-inference/knative", + "workflows/ml-training/knative", +] + +[workspace.package] +version = "0.8.0" +license-file = "LICENSE" +authors = ["Large-Scale Data & Systems Group - Imperial College London"] +edition = "2024" +homepage = "https://github.com/faasm/tless" + +[workspace.dependencies] +aes-gcm = "0.10.3" +aes-gcm-siv = { version = "0.11.1"} +anyhow = "^1.0.0" +ark-bls12-377 = "0.4.0" +ark-bls12-381 = "0.4.0" +ark-mnt4-298 = "0.4.0" +ark-ec = "0.4.2" +ark-ff = "0.4.2" +ark-std = "0.4.0" +axum = "0.7" +base64 = "^0.22" +bytes = "1.4" +chrono = "^0.4.38" +clap = { version = "4.0" } +cloudevents-sdk = { git = "https://github.com/cloudevents/sdk-rust.git", rev = "fa0aadb31de82956d44fba4b50c6a002d5bd0b7b" } +csv = "^1.1" +env_logger = "0.11.8" +futures = "^0.3" +futures-util = "0.3" +hex = "0.4.3" +hyper = { version = "1.6.0" } +hyper-util = { version = "0.1" } +indicatif = "^0.17" +jsonwebtoken = { version = "9" } +log = "^0.4" +minio = { git = "https://github.com/minio/minio-rs.git", rev = "b254b2f7aeaf18a1588a8800ff9b877b7885236e" } +once_cell = "^1.19.0" +p256 = "0.13.2" +plotters = "^0.3.7" +rabe = { git = "https://github.com/faasm/rabe.git", rev = "0dc7696a95eef44dd051e1d9c2e5c2c8c35211bf" } +rand = "0.9.2" +regex = "1" +reqwest = "0.12.24" +ring = "0.17.14" +rsa = { version = "0.9.6" } +rustls = "0.23" +rustls-pemfile = "1" +serde = { version = "^1.0", features = ["derive"] } +serde_json = "^1.0" +serde_yaml = "0.9" +shellexpand = "^3.1" +sha2 = "0.10" +shell-words = "^1.1.0" +snpguest = { git = "https://github.com/faasm/snpguest.git" } +subtle = "2.6.1" +tokio = { version = "1" } +tokio-rustls = "0.26.2" +ureq = { version = "2" } +uuid = { version = "^1.3" } +walkdir = "2" +warp = "^0.3" +x509-parser = { version = "0.16.0" } diff --git a/GEMINI.md b/GEMINI.md new file mode 100644 index 0000000..2a84d70 --- /dev/null +++ b/GEMINI.md @@ -0,0 +1,79 @@ +# Accless Gemini Instructions + +You are an AI coding assistant helping in the development of Accless. Accless +is an access control system for confidential serverless. Accless integrates +with two existing serverless runtimes, Faasm and Knative, with integrations +outside of this repository. + +Before executing any instructions, make sure you have activated the virtual +environment using: + +```bash +source ./scripts/workon.sh +``` + +## Project Description + +Accless is a mono-repo for a research project regarding access control for +confidential serverless. Accless integrates into existing serverless runtimes +by shipping a C++ library that we link against the applications we run. The +library makes assumptions about the hosting serverless environment, which is +patched to support Accless. + +Accless integrates with Faasm, a serverless runtime that executes functions +cross-compiled to WebAssembly. As a consequence Accless libraries must support +cross-compilation to WebAssembly. Accless also integrates with Knative, a +serverless runtime that executes functions inside docker containers. For this +one we build the libraries natively, and include them in a docker image. + +Applications in Accless are called workflows (i.e. are serverless workflows) +defined by a workflow graph. Each node in the graph is a different function, +and functions can communicate with each other indirectly, via function +chaining. + +In confidential serverless, functions execute inside TEEs. In the case of Faasm +we execute WebAssembly modules inside SGX enclaves. In the case of Knative we +execute containers inside confidential VMs. Accless implements remote +attestation protocols for each platform. + +Accless access control is based on attribute-based encryption. Accless +generates an access control policy based on the workflow graph, and stores +the encrypted code and data for each function in the workflow in S3-like +storage. Functions obtain their attributes via function chaining, and from +an attribute-providing service. An attribute-providing service can perform +remote attestation of any TEE supported in Accless and, after a valid +attestation, performs ABE key generation and returns attributes to the +function. + +Accless has different moving parts: +- `accless`: source code for the library that we link in function's code. + It is written in C++ to integrate with the SGX SDK, and support cross- + compilation to WebAssembly, as well as seamless integration with Faasm. +- `accli`: is the command-line tool to run most tasks. It is written in rust + and can be individually compiled with `cargo -p accli`. + +## Code Formatting + +Before you suggest any changes, make sure they pass the code formatting checks. +You can run the code formatting checks with: + +```bash +# To format code. +accli dev format-code + +# To check formatting. +accli dev format-code --check +``` + +after applying any changes, make sure they compile by running: + +```bash +cargo build +``` + +## Code Style + +- Whenever you edit a file, make sure you add a trailing newline to the end of + the file. +- In rust code, do not allow the use of unwrap() or panic(). Instead, enforce + proper error handling. diff --git a/README.md b/README.md index 15c05f0..94fcec7 100644 --- a/README.md +++ b/README.md @@ -27,43 +27,24 @@ deploy services inside confidential VMs (as pods in k8s) based on [SC2]( https://github.com/sc2-sys). To execute any code snippet in this repository, we will assume that you have -activated your virtual environment: +installed rust, and activated your virtual environment: ```bash -source ./bin/workon.sh +source ./scripts/workon.sh ``` -## Pre-requisites +only then you will have access to `accli`, Accless CLI tool: -Install `rust` and `rust-analyzer`. Then `rustup component add rust-analyzer`. - -## Baselines - -TLess currently supports being deployed on top of two serverless runtimes, -[Faasm](https://github.com/faasm/faasm) and [Knative](https://knative.dev). - -For instructions to deploy each one of them, see: -- [Deploying on top of Faasm](./docs/tless_on_faasm.md) -- [Deploying on top of Knative](./docs/tless_on_knative.md) - -## Workflows - -This repository implements four different workflows: -- [FINRA](./workflows/finra/README.md) - Based on the AWS FINRA [case study](https://aws.amazon.com/solutions/case-studies/finra-data-validation/). -- [ML Training](./workflows/ml-training/README.md) - Ported from [Orion](https://www.usenix.org/conference/osdi22/presentation/mahgoub) and [RMMap](https://dl.acm.org/doi/abs/10.1145/3627703.3629568). -- [ML Inference](./workflows/ml-inference/README.md) - Ported from [RMMap](https://dl.acm.org/doi/abs/10.1145/3627703.3629568). -- [Word Count](./workflows/word-count/README.md) - Ported from the MapReduce [example](https://github.com/ddps-lab/serverless-faas-workbench/tree/master/aws/cpu-memory/mapreduce) in the FunctionBench paper. - -### Progress Summary +```bash +# Print help message +accli --help -| Workflow\Baseline | Faasm | SGX-Faasm | TLess-Faasm | Knative | CC-Knative | TLess-Knative | -|---|---|---|---|---|---|---| -| FINRA | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| ML Training | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| ML Inference | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| Word Count | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +# All sub-commands accept the `help` command +accli azure --help +``` -## Experiments +## Further reading -We run the following experiments: -- [End-to-end latency](./eval/e2e-latency/README.md): measures the end-to-end execution latency for each workflow. +* [Baselines](./docs/baselines.md) - baselines where we integrate Accless. +* [Experiments](./experiments/README.md) - reproduce the results in the Accless paper. +* [Workflows](./docs/workflows.md) - different workflow applications we run. diff --git a/VERSION b/VERSION index faef31a..a3df0a6 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.7.0 +0.8.0 diff --git a/accless/libs/abe4/Cargo.toml b/accless/libs/abe4/Cargo.toml new file mode 100644 index 0000000..f3f163c --- /dev/null +++ b/accless/libs/abe4/Cargo.toml @@ -0,0 +1,23 @@ +[package] +name = "accless-abe4" +version.workspace = true +license-file.workspace = true +edition.workspace = true +authors.workspace = true +description = "Decentralized CP-ABE Implementation" +homepage.workspace = true + +[lib] +name="accless_abe4" +crate-type=["staticlib", "rlib"] +path = "src/lib.rs" + +[dependencies] +anyhow.workspace = true +ark-bls12-377.workspace = true +ark-bls12-381.workspace = true +ark-mnt4-298.workspace = true +ark-ec.workspace = true +ark-ff.workspace = true +ark-std.workspace = true +sha2.workspace = true diff --git a/accless/libs/abe4/src/curve.rs b/accless/libs/abe4/src/curve.rs new file mode 100644 index 0000000..aee9d0b --- /dev/null +++ b/accless/libs/abe4/src/curve.rs @@ -0,0 +1,38 @@ +use crate::hashing::swift_ec::SwiftConfig; +use ark_bls12_381::Bls12_381; +// Use the regular group assignment: G is G and H is H +pub use ark_bls12_381::{ + Fq, Fq12 as Gt, Fr as ScalarField, G1Affine as GAffine, G1Projective as G, G2Projective as H, + g1::Config as G1Config, +}; +use ark_ec::pairing::{Pairing, PairingOutput}; +use ark_ff::MontFp; + +impl SwiftConfig for G1Config { + const SQRT_MINUS3: Fq = MontFp!( + "1586958781458431025242759403266842894121773480562120986020912974854563298150952611241517463240701" + ); +} + +pub fn pairing( + p: impl Into<::G1Prepared>, + q: impl Into<::G2Prepared>, +) -> PairingOutput { + Bls12_381::pairing(p, q) +} + +// Flip the groups, i.e. each G is actually H and each H is actually G +// pub use ark_bls12_381::{ +// g2::Config as G1Config, Fq12 as Gt, Fr as ScalarField, G2Affine as +// GAffine, G2Projective as G, G1Projective as H +// }; + +// use ark_bls12_381::Bls12_381; +// use ark_ec::pairing::{Pairing, PairingOutput}; + +// pub fn pairing( +// p: impl Into<::G2Prepared>, +// q: impl Into<::G1Prepared>) +// -> PairingOutput { +// Bls12_381::pairing(q, p) +// } diff --git a/accless/libs/abe4/src/hashing/mod.rs b/accless/libs/abe4/src/hashing/mod.rs new file mode 100644 index 0000000..d6578e9 --- /dev/null +++ b/accless/libs/abe4/src/hashing/mod.rs @@ -0,0 +1,65 @@ +use crate::curve::{G1Config, GAffine, ScalarField}; +use ark_ec::{hashing::HashToCurve, short_weierstrass::Projective}; +use ark_ff::field_hashers::{DefaultFieldHasher, HashToField}; +use sha2::{Digest, Sha256}; +use swift_ec::SwiftECMap; +use swift_hasher::SwiftMapToCurveBasedHasher; + +pub mod swift_ec; +pub mod swift_hasher; + +const DEFAULT_FIELD_HASHER_SEC_PARAM: usize = 128; +const GID_DOMAIN: &str = "GID"; +const AUTH_ID_DOMAIN: &str = "AID"; +const XATTR_DOMAIN: &str = "XAT"; +const HASH_SIGN_POS: &str = "POS"; +const HASH_SIGN_NEG: &str = "NEG"; + +#[derive(Copy, Clone)] +pub enum HashSign { + Pos, + Neg, +} + +fn sha256(data: impl AsRef<[u8]>) -> Vec { + let mut hasher = Sha256::new(); + hasher.update(data); + hasher.finalize().to_vec() +} + +pub fn hash_gid(gid: &str) -> GAffine { + let domain = GID_DOMAIN.as_bytes(); + let g_mapper = SwiftMapToCurveBasedHasher::< + Projective, + DefaultFieldHasher, + SwiftECMap, + >::new(domain) + .unwrap(); + g_mapper.hash(gid.as_bytes()).unwrap() +} + +pub fn hash_attr(attr: &str) -> ScalarField { + let domain = XATTR_DOMAIN.as_bytes(); + let hasher = as HashToField>::new(domain); + hasher.hash_to_field(attr.as_bytes(), 1)[0] +} + +pub fn hash_lbl(auth_id: &str, lbl: &str, sign: HashSign, i: u64) -> GAffine { + let domain = AUTH_ID_DOMAIN.as_bytes(); + let g_mapper = SwiftMapToCurveBasedHasher::< + Projective, + DefaultFieldHasher, + SwiftECMap, + >::new(domain) + .unwrap(); + let sign = match sign { + HashSign::Pos => HASH_SIGN_POS, + HashSign::Neg => HASH_SIGN_NEG, + }; + let mut input = Vec::new(); + input.extend_from_slice(&sha256(auth_id)); + input.extend_from_slice(&sha256(lbl)); + input.extend_from_slice(&sha256(sign)); + input.extend_from_slice(&i.to_be_bytes()); + g_mapper.hash(input.as_slice()).unwrap() +} diff --git a/accless/libs/abe4/src/hashing/swift_ec.rs b/accless/libs/abe4/src/hashing/swift_ec.rs new file mode 100644 index 0000000..8eaecf6 --- /dev/null +++ b/accless/libs/abe4/src/hashing/swift_ec.rs @@ -0,0 +1,109 @@ +use ark_ec::{ + hashing::{HashToCurveError, map_to_curve_hasher::MapToCurve}, + models::short_weierstrass::{Affine, Projective, SWCurveConfig}, +}; +use ark_ff::{ + BigInteger, Field, One, PrimeField, Zero, + field_hashers::{DefaultFieldHasher, HashToField}, +}; +use core::marker::PhantomData; +use sha2::Sha256; + +pub struct SwiftECMap(PhantomData P>); + +/// Trait defining a parity method on the Field elements based on [\[1\]] +/// Section 4.1 +/// +/// - [\[1\]] +pub fn parity(element: &F) -> bool { + element + .to_base_prime_field_elements() + .find(|&x| !x.is_zero()) + .is_some_and(|x| x.into_bigint().is_odd()) +} + +pub trait SwiftConfig: SWCurveConfig { + /// An element of the base field corresponding to the square root of -3. + const SQRT_MINUS3: Self::BaseField; +} + +impl MapToCurve> for SwiftECMap

{ + fn new() -> Result { + let one = ::one(); + let minus3 = -(one + one + one); + if !minus3.legendre().is_qr() { + return Err(HashToCurveError::MapToCurveError( + "-3 should be a QR in the field".to_string(), + )); + } + + // Verifying the prerequisite for applicability of SWU map + if !P::COEFF_A.is_zero() || P::COEFF_B.is_zero() { + return Err(HashToCurveError::MapToCurveError("Simplified SwiftEC requires a == 0 and b != 0 in the short Weierstrass form of y^2 = x^3 + a*x + b ".to_string())); + } + + Ok(SwiftECMap(PhantomData)) + } + + /// Map an arbitrary base field element to a curve point. + /// Based on + /// . + fn map_to_curve(&self, t1: P::BaseField) -> Result, HashToCurveError> { + let b = P::COEFF_B; + let field_hasher = as HashToField>::new(&[0]); + let str = t1.to_string(); + // We need to hash again because trait only allows one field element. + let t2: P::BaseField = field_hasher.hash_to_field(str.as_bytes(), 1)[0]; + + // h_0 = t1^3, h1 = t2^2, h2 = h0 + b - h1, h3 = 2h1 + h2. + let h0 = t1 * t1.square(); + let h1 = t2.square(); + let h2 = h0 + b - h1; + let h3 = h1.double() + h2; + + // h6 = t1\tau, v = h7 = h2h6, h8 = 2h6t2. + let h6 = t1 * P::SQRT_MINUS3; + let h7 = h2 * h6; + let h8 = (h6 * t2).double(); + + // n1 = h8(h7 - t1h3), n2 = (2h3)^2, d1 = 2h3h8 + let n1 = h8 * (h7 - t1 * h3); + let n2 = h3.double().square(); + let d1 = (h3 * h8).double(); + + if d1.is_zero() { + return Ok(Affine::identity()); + } + + let inv = d1.inverse().unwrap(); + let x1 = n1 * inv; + let x2 = -(t1 + x1); + let x3 = (n2 * inv).square() + t1; + + let u = x1.square() * x1 + b; + let v = x2.square() * x2 + b; + let w = x3.square() * x3 + b; + + let x_affine; + let y; + if w.legendre().is_qr() { + x_affine = x3; + y = w.sqrt().unwrap(); + } else if v.legendre().is_qr() { + x_affine = x2; + y = v.sqrt().unwrap(); + } else { + x_affine = x1; + y = u.sqrt().unwrap(); + } + + let y_affine = if parity(&y) != parity(&t1) { -y } else { y }; + + let point_on_curve = Affine::new_unchecked(x_affine, y_affine); + debug_assert!( + point_on_curve.is_on_curve(), + "SwiftEC mapped to a point off the curve" + ); + Ok(point_on_curve) + } +} diff --git a/accless/libs/abe4/src/hashing/swift_hasher.rs b/accless/libs/abe4/src/hashing/swift_hasher.rs new file mode 100644 index 0000000..11bcac5 --- /dev/null +++ b/accless/libs/abe4/src/hashing/swift_hasher.rs @@ -0,0 +1,49 @@ +use ark_ec::{ + AffineRepr, CurveGroup, + hashing::{HashToCurve, HashToCurveError, map_to_curve_hasher::MapToCurve}, +}; +use ark_ff::field_hashers::HashToField; +use ark_std::marker::PhantomData; + +/// Helper struct that can be used to construct elements on the elliptic curve +/// from arbitrary messages, by first hashing the message onto a field element +/// and then mapping it to the elliptic curve defined over that field. +#[derive(Default)] +pub struct SwiftMapToCurveBasedHasher +where + T: CurveGroup, + H2F: HashToField, + M2C: MapToCurve, +{ + field_hasher: H2F, + curve_mapper: M2C, + _params_t: PhantomData, +} + +impl HashToCurve for SwiftMapToCurveBasedHasher +where + T: CurveGroup, + H2F: HashToField, + M2C: MapToCurve, +{ + fn new(domain: &[u8]) -> Result { + let field_hasher = H2F::new(domain); + let curve_mapper = M2C::new()?; + let _params_t = PhantomData; + Ok(SwiftMapToCurveBasedHasher { + field_hasher, + curve_mapper, + _params_t, + }) + } + + fn hash(&self, msg: &[u8]) -> Result { + let rand_field_elem = self.field_hasher.hash_to_field(msg, 1)[0]; + + let rand_curve_elem = self.curve_mapper.map_to_curve(rand_field_elem)?; + + let rand_subgroup_elem = rand_curve_elem.clear_cofactor(); + + Ok(rand_subgroup_elem) + } +} diff --git a/accless/libs/abe4/src/lib.rs b/accless/libs/abe4/src/lib.rs new file mode 100644 index 0000000..6dbc7cd --- /dev/null +++ b/accless/libs/abe4/src/lib.rs @@ -0,0 +1,9 @@ +mod curve; +mod hashing; +mod policy; +mod scheme; + +/// Public API that we export. +pub use curve::Gt; +pub use policy::{Policy, UserAttribute}; +pub use scheme::{decrypt, encrypt, iota, keygen, tau, setup}; diff --git a/accless/libs/abe4/src/policy/mod.rs b/accless/libs/abe4/src/policy/mod.rs new file mode 100644 index 0000000..40355e4 --- /dev/null +++ b/accless/libs/abe4/src/policy/mod.rs @@ -0,0 +1,181 @@ +use anyhow::Result; +use ark_std::iterable::Iterable; +use core::fmt; +use std::fmt::{Debug, Write}; + +mod parser; +mod secret_sharing; + +// ----------------------------------------------------------------------------------------------- +// Structure And Enum Definitions +// ----------------------------------------------------------------------------------------------- + +#[derive(Debug, PartialEq)] +enum Expr { + Lit(T), + And(Box>, Box>), + Or(Box>, Box>), +} + +/// Structure representing a user attribute in decentralized CP-ABE. A user +/// attribute is a triple of strings: (authority, label, attribute) indicating +/// the authority that provides keys for this attribute, the attribute label, +/// and the value itself. +#[derive(PartialEq, Clone)] +pub struct UserAttribute { + authority: String, + label: String, + attribute: String, +} + +/// Structure representing an access control policy. +#[derive(PartialEq)] +pub struct Policy { + expr: Expr<(bool, UserAttribute)>, + attrs: Vec, + negs: Vec, +} + +// ----------------------------------------------------------------------------------------------- +// Implementations +// ----------------------------------------------------------------------------------------------- + +impl UserAttribute { + pub fn new(auth: &str, lbl: &str, attr: &str) -> Self { + UserAttribute { + authority: String::from(auth), + label: String::from(lbl), + attribute: String::from(attr), + } + } + + pub fn authority(&self) -> &str { + &self.authority + } + + pub fn label(&self) -> &str { + &self.label + } + + pub fn attribute(&self) -> &str { + &self.attribute + } + + pub fn parse(s: &str) -> Result { + let (auth, lbl, attr) = parser::Parser::parse_user_attr(s)?; + Ok(UserAttribute { + authority: auth, + label: lbl, + attribute: attr, + }) + } + + pub fn auth_lbl_attr(&self) -> (String, String, String) { + ( + self.authority.clone(), + self.label.clone(), + self.attribute.clone(), + ) + } + + pub fn auth_attr(&self) -> (String, String) { + (self.authority.clone(), self.attribute.clone()) + } + + pub fn auth_lbl(&self) -> (String, String) { + (self.authority.clone(), self.label.clone()) + } +} + +impl Debug for UserAttribute { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + f.write_str(&self.authority)?; + f.write_char('.')?; + f.write_str(&self.label)?; + f.write_char(':')?; + f.write_str(&self.attribute) + } +} +impl Policy { + pub fn len(&self) -> usize { + self.attrs.len() + } + + pub fn is_empty(&self) -> bool { + self.attrs.is_empty() + } + + pub fn get(&self, idx: usize) -> (UserAttribute, bool) { + (self.attrs[idx].clone(), self.negs[idx]) + } + + pub fn parse(s: &str) -> Result { + let (expr, attrs, negs) = parser::Parser::parse_policy(s)?; + Ok(Policy { expr, attrs, negs }) + } + + pub fn conjunction_of(user_attrs: &Vec, num_negs: usize) -> Self { + if num_negs > user_attrs.len() { + panic!("Cannot have more negated attributes than total length of policy"); + } + let mut negs = 0; + let mut expr = if negs >= num_negs { + Expr::Lit((false, user_attrs[0].clone())) + } else { + negs += 1; + Expr::Lit((true, user_attrs[0].clone())) + }; + // the parser produces left-associative Expr trees, so we do the same here + for ua in user_attrs.iter().skip(1) { + expr = if negs >= num_negs { + Expr::And(Box::new(expr), Box::new(Expr::Lit((false, ua.clone())))) + } else { + negs += 1; + Expr::And(Box::new(expr), Box::new(Expr::Lit((true, ua.clone())))) + }; + } + let attrs = user_attrs.clone(); + let mut negs = vec![false; user_attrs.len()]; + for neg in negs.iter_mut() { + *neg = true; + } + Policy { expr, attrs, negs } + } + + pub fn share_secret(&self) -> Vec<(UserAttribute, Vec)> { + secret_sharing::share_secret(self) + } + + pub fn reconstruct_secret(&self, user_attrs: &Vec) -> Option> { + secret_sharing::reconstruct_secret(user_attrs, self) + } +} + +/// Helper method to format an expression. +fn fmt_expr( + expr: &Expr<(bool, UserAttribute)>, + f: &mut std::fmt::Formatter<'_>, +) -> std::fmt::Result { + match expr { + Expr::Lit((is_neg, t)) => { + if *is_neg { + write!(f, "!")?; + } + write!(f, "{:?}", t) + } + Expr::And(lhs, rhs) => { + fmt_expr(lhs, f)?; + write!(f, " & ")?; + fmt_expr(rhs, f) + } + Expr::Or(_, _) => { + panic!("Not implemented") + } + } +} + +impl fmt::Debug for Policy { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + fmt_expr(&self.expr, f) + } +} diff --git a/accless/libs/abe4/src/policy/parser/lexer.rs b/accless/libs/abe4/src/policy/parser/lexer.rs new file mode 100644 index 0000000..dae0e7d --- /dev/null +++ b/accless/libs/abe4/src/policy/parser/lexer.rs @@ -0,0 +1,110 @@ +use std::str::from_utf8; + +#[derive(PartialEq, Debug, Clone)] +pub enum Token { + LParen, + RParen, + And, + Or, + Not, + Colon, + Dot, + Ident(String), +} + +pub fn lex(input: &str) -> Vec { + if !input.is_ascii() { + panic!("Lexing error: policy must only contain ASCII character"); + } + let mut tokens = Vec::new(); + let mut idx = 0; + let input = input.as_bytes(); + while idx < input.len() { + match input[idx] { + b' ' | b'\r' | b'\t' | b'\n' => idx += 1, + b'(' => { + tokens.push(Token::LParen); + idx += 1 + } + b')' => { + tokens.push(Token::RParen); + idx += 1 + } + b':' => { + tokens.push(Token::Colon); + idx += 1 + } + b'.' => { + tokens.push(Token::Dot); + idx += 1 + } + b'!' => { + tokens.push(Token::Not); + idx += 1 + } + b'&' => { + tokens.push(Token::And); + idx += 1 + } + b'|' => { + tokens.push(Token::Or); + idx += 1 + } + _ => { + let (token, i) = ident(input, idx); + tokens.push(token); + idx = i + } + } + } + tokens +} + +fn ident(input: &[u8], start: usize) -> (Token, usize) { + let mut end = start; + while end < input.len() && (input[end].is_ascii_alphanumeric() || input[end] == b'_') { + end += 1; + } + let str = from_utf8(&input[start..end]).unwrap(); + if str.is_empty() { + panic!( + "Illegal character '{}' found at index {}", + from_utf8(&input[start..start + 1]).unwrap(), + end + ); + } + (Token::Ident(String::from(str)), end) +} + +#[test] +fn test_lexer() { + let input = "x.b:a & (!x.b:a2 | orr.y:u) | anda.z:z"; + let tokens = lex(input); + assert_eq!(tokens.len(), 26); + assert_eq!(tokens[0], Token::Ident(String::from("x"))); + assert_eq!(tokens[1], Token::Dot); + assert_eq!(tokens[2], Token::Ident(String::from("b"))); + assert_eq!(tokens[3], Token::Colon); + assert_eq!(tokens[4], Token::Ident(String::from("a"))); + assert_eq!(tokens[5], Token::And); + assert_eq!(tokens[6], Token::LParen); + assert_eq!(tokens[7], Token::Not); + assert_eq!(tokens[8], Token::Ident(String::from("x"))); + assert_eq!(tokens[9], Token::Dot); + assert_eq!(tokens[10], Token::Ident(String::from("b"))); + assert_eq!(tokens[11], Token::Colon); + assert_eq!(tokens[12], Token::Ident(String::from("a2"))); + assert_eq!(tokens[13], Token::Or); + assert_eq!(tokens[14], Token::Ident(String::from("orr"))); + assert_eq!(tokens[15], Token::Dot); + assert_eq!(tokens[16], Token::Ident(String::from("y"))); + assert_eq!(tokens[17], Token::Colon); + assert_eq!(tokens[18], Token::Ident(String::from("u"))); + assert_eq!(tokens[19], Token::RParen); + assert_eq!(tokens[20], Token::Or); + assert_eq!(tokens[21], Token::Ident(String::from("anda"))); + assert_eq!(tokens[22], Token::Dot); + assert_eq!(tokens[23], Token::Ident(String::from("z"))); + assert_eq!(tokens[24], Token::Colon); + assert_eq!(tokens[25], Token::Ident(String::from("z"))); +} diff --git a/accless/libs/abe4/src/policy/parser/mod.rs b/accless/libs/abe4/src/policy/parser/mod.rs new file mode 100644 index 0000000..8fba788 --- /dev/null +++ b/accless/libs/abe4/src/policy/parser/mod.rs @@ -0,0 +1,213 @@ +use crate::policy::{ + Expr, UserAttribute, + parser::lexer::{Token, lex}, +}; +use anyhow::Result; + +mod lexer; + +type ParsedPolicy = (Expr<(bool, UserAttribute)>, Vec, Vec); + +pub struct Parser { + tokens: Vec, + attrs: Vec, + negs: Vec, + curr: usize, + is_neg: bool, + err_msg: Option, + had_error: bool, +} + +impl Parser { + fn new(tokens: Vec) -> Self { + Parser { + tokens, + attrs: Vec::new(), + negs: Vec::new(), + curr: 0, + is_neg: false, + err_msg: None, + had_error: false, + } + } + + fn set_err_msg(&mut self, msg: &str) { + if !self.had_error { + self.err_msg = Some(String::from(msg)); + } + self.had_error = true; + } + + fn advance(&mut self) { + self.curr += 1; + } + + fn next(&mut self) -> Option { + let t = self.peek(); + self.advance(); + t + } + + fn try_next(&mut self, token: Token) -> Option<()> { + let t = self.peek()?; + if t == token { + self.advance(); + Some(()) + } else { + None + } + } + + fn peek(&mut self) -> Option { + if self.curr >= self.tokens.len() { + None + } else { + let t = self.tokens[self.curr].clone(); + Some(t) + } + } + + fn require(&mut self, token: Token) -> Option<()> { + let t = self.next()?; + if t == token { + Some(()) + } else { + self.set_err_msg(&format!( + "Found token '{:?}' but '{:?}' was expected", + t, token + )); + None + } + } + + pub fn parse_policy(input: &str) -> Result { + let tokens = lex(input); + let mut parser = Parser::new(tokens); + + let res = parser.or(); + if parser.had_error { + match parser.err_msg.as_ref() { + Some(msg) => { + return Err(anyhow::anyhow!(msg.clone())); + } + None => { + return Err(anyhow::anyhow!("error parsing policy")); + } + } + } + match res { + None => panic!("Unreachable"), + Some(exp) => Ok((exp, parser.attrs, parser.negs)), + } + } + + pub fn parse_user_attr(attr: &str) -> Result<(String, String, String), String> { + let tokens = lex(attr); + let mut parser = Parser::new(tokens); + let res = parser.lit(); + if parser.had_error { + return Err(parser.err_msg.as_ref().unwrap().clone()); + } + match res { + Some(Expr::Lit((_, user_attr))) => Ok(( + user_attr.authority().to_string(), + user_attr.label().to_string(), + user_attr.attribute().to_string(), + )), + _ => panic!("Unreachable"), + } + } + + fn or(&mut self) -> Option> { + let mut lhs = self.and()?; + while self.try_next(Token::Or).is_some() { + let rhs = self.and()?; + if self.is_neg { + lhs = Expr::And(Box::new(lhs), Box::new(rhs)); + } else { + lhs = Expr::Or(Box::new(lhs), Box::new(rhs)); + } + } + Some(lhs) + } + + fn and(&mut self) -> Option> { + let mut lhs = self.not()?; + while self.try_next(Token::And).is_some() { + let rhs = self.not()?; + if self.is_neg { + lhs = Expr::Or(Box::new(lhs), Box::new(rhs)) + } else { + lhs = Expr::And(Box::new(lhs), Box::new(rhs)) + } + } + Some(lhs) + } + + fn not(&mut self) -> Option> { + if self.try_next(Token::Not).is_some() { + self.is_neg = !self.is_neg; + let exp = self.not()?; + self.is_neg = !self.is_neg; + return Some(exp); + } + self.prim() + } + + fn prim(&mut self) -> Option> { + if self.try_next(Token::LParen).is_some() { + let exp = self.or()?; + self.require(Token::RParen); + return Some(exp); + } + self.lit() + } + + fn lit(&mut self) -> Option> { + if let Some(Token::Ident(auth)) = self.next() { + self.require(Token::Dot); + if let Some(Token::Ident(lbl)) = self.next() { + self.require(Token::Colon); + if let Some(Token::Ident(attr)) = self.next() { + let user_attr = UserAttribute::new(&auth, &lbl, &attr); + self.attrs.push(user_attr.clone()); + self.negs.push(self.is_neg); + return Some(Expr::Lit((self.is_neg, user_attr))); + } + } + } + None + } +} + +#[test] +fn test_parser() { + fn pos(s: &str) -> Expr<(bool, UserAttribute)> { + let user_attr = UserAttribute::parse(s).unwrap(); + Expr::Lit((false, user_attr)) + } + + fn neg(s: &str) -> Expr<(bool, UserAttribute)> { + let user_attr = UserAttribute::parse(s).unwrap(); + Expr::Lit((true, user_attr)) + } + + fn and(lhs: Expr, rhs: Expr) -> Expr { + Expr::And(Box::new(lhs), Box::new(rhs)) + } + + fn or(lhs: Expr, rhs: Expr) -> Expr { + Expr::Or(Box::new(lhs), Box::new(rhs)) + } + + let policy = "x.b:a & !(!x.b:a2 | orr.y:u) | anda.z:z"; + let (expr, _, _) = Parser::parse_policy(&policy).unwrap(); + + assert_eq!( + expr, + or( + and(pos("x.b:a"), and(pos("x.b:a2"), neg("orr.y:u"))), + pos("anda.z:z") + ) + ); +} diff --git a/accless/libs/abe4/src/policy/secret_sharing.rs b/accless/libs/abe4/src/policy/secret_sharing.rs new file mode 100644 index 0000000..3a3b7a1 --- /dev/null +++ b/accless/libs/abe4/src/policy/secret_sharing.rs @@ -0,0 +1,162 @@ +use super::UserAttribute; +use crate::policy::{Expr, Policy}; + +pub fn share_secret(policy: &Policy) -> Vec<(UserAttribute, Vec)> { + let mut n = 0; + let mut result = Vec::new(); + helper(&mut n, &mut result, vec![0], &policy.expr); + result +} + +fn helper( + n: &mut i64, + result: &mut Vec<(UserAttribute, Vec)>, + idcs: Vec, + expr: &Expr<(bool, UserAttribute)>, +) { + match expr { + Expr::Lit((_, user_attr)) => result.push((user_attr.clone(), idcs)), + Expr::Or(lhs, rhs) => { + helper(n, result, idcs.clone(), lhs); + helper(n, result, idcs, rhs) + } + Expr::And(lhs, rhs) => { + let mut idcs_l = idcs.clone(); + *n += 1; + idcs_l.push(*n); + let idcs_r = vec![-*n]; + helper(n, result, idcs_l, lhs); + helper(n, result, idcs_r, rhs) + } + } +} + +fn satisfies(user_attrs: &Vec, curr: &UserAttribute, is_neg: bool) -> Option { + let mut matches = 0; + let mut others = 0; + for user_attr in user_attrs { + if user_attr.authority() == curr.authority() && user_attr.label() == curr.label() { + if user_attr.attribute() == curr.attribute() { + matches += 1; + } else { + others += 1; + } + } + } + + if !is_neg && matches > 0 { + Some(1) + } else if is_neg && matches == 0 && others > 0 { + Some(others) + } else { + None + } +} + +pub fn reconstruct_secret(user_attrs: &Vec, policy: &Policy) -> Option> { + let mut idx = 0; + let (_, idcs) = aux(&mut idx, user_attrs, &policy.expr)?; + Some(idcs) +} + +fn aux( + idx: &mut usize, + user_attrs: &Vec, + expr: &Expr<(bool, UserAttribute)>, +) -> Option<(usize, Vec)> { + match expr { + Expr::Lit((is_neg, user_attr)) => match satisfies(user_attrs, user_attr, *is_neg) { + None => { + *idx += 1; + None + } + Some(cost) => { + let idcs = vec![*idx]; + *idx += 1; + Some((cost, idcs)) + } + }, + Expr::And(lhs, rhs) => { + let l = aux(idx, user_attrs, lhs); + let r = aux(idx, user_attrs, rhs); + match (l, r) { + (Some((cost_l, mut idcs_l)), Some((cost_r, mut idcs_r))) => { + idcs_l.append(&mut idcs_r); + Some((cost_l + cost_r, idcs_l)) + } + (_, _) => None, + } + } + Expr::Or(lhs, rhs) => { + let l = aux(idx, user_attrs, lhs); + let r = aux(idx, user_attrs, rhs); + match (l, r) { + (None, None) => None, + (Some((cost_l, idcs_l)), None) => Some((cost_l, idcs_l)), + (None, Some((cost_r, idcs_r))) => Some((cost_r, idcs_r)), + (Some((cost_l, idcs_l)), Some((cost_r, idcs_r))) => { + if cost_l < cost_r { + Some((cost_l, idcs_l)) + } else { + Some((cost_r, idcs_r)) + } + } + } + } + } +} + +#[test] +fn test_secret_reconstruction() { + let user_1 = vec!["anda.z:z"] + .iter() + .map(|ua| UserAttribute::parse(ua).unwrap()) + .collect(); + let user_2 = vec!["x.b:a"] + .iter() + .map(|ua| UserAttribute::parse(ua).unwrap()) + .collect(); + let user_3 = vec!["x.b:a", "orr.y:u"] + .iter() + .map(|ua| UserAttribute::parse(ua).unwrap()) + .collect(); + let user_4 = vec!["x.b:a", "x.b:a2", "orr.y:u", "anda.z:z"] + .iter() + .map(|ua| UserAttribute::parse(ua).unwrap()) + .collect(); + let user_5 = vec!["x.b:a", "x.b:a2", "orr.y:u", "anda.z:z2"] + .iter() + .map(|ua| UserAttribute::parse(ua).unwrap()) + .collect(); + let user_6 = vec!["x.b:a", "x.b:a3", "orr.y:u", "anda.z:z"] + .iter() + .map(|ua| UserAttribute::parse(ua).unwrap()) + .collect(); + + let policy = Policy::parse("x.b:a & !(x.b:a2 | !orr.y:u) | anda.z:z").unwrap(); + + let eps_1 = reconstruct_secret(&user_1, &policy); + let eps_2 = reconstruct_secret(&user_2, &policy); + let eps_3 = reconstruct_secret(&user_3, &policy); + let eps_4 = reconstruct_secret(&user_4, &policy); + let eps_5 = reconstruct_secret(&user_5, &policy); + let eps_6 = reconstruct_secret(&user_6, &policy); + + assert_eq!(eps_1, Some(vec![3])); + assert_eq!(eps_2, None); + assert_eq!(eps_3, Some(vec![0, 1, 2])); + assert_eq!(eps_4, Some(vec![3])); + assert_eq!(eps_5, None); + assert_eq!(eps_6, Some(vec![3])); +} + +#[test] +fn test_secret_sharing() { + let policy = Policy::parse("x.b:a & !(!x.b:a2 | orr.y:u) | anda.z:z").unwrap(); + let sharing = share_secret(&policy); + assert_eq!(sharing.len(), 4); + assert_eq!(sharing[0].1, vec![0, 1]); + assert_eq!(sharing[1].1, vec![-1, 2]); + assert_eq!(sharing[2].1, vec![-2]); + assert_eq!(sharing[3].1, vec![0]); +} diff --git a/accless/libs/abe4/src/scheme/decrypt.rs b/accless/libs/abe4/src/scheme/decrypt.rs new file mode 100644 index 0000000..67161f3 --- /dev/null +++ b/accless/libs/abe4/src/scheme/decrypt.rs @@ -0,0 +1,215 @@ +use crate::{ + curve::{G, Gt, H, ScalarField, pairing}, + hashing::{hash_attr, hash_gid}, + policy::Policy, + scheme::{ + group_pairs::group_pairs, + iota::Iota, + tau::Tau, + types::{Ciphertext, USK}, + }, +}; +use ark_ec::{CurveGroup, Group, VariableBaseMSM}; +use ark_ff::Field; +use ark_std::{Zero, ops::Neg}; +use std::collections::HashSet; + +fn solve_lse(usk: &USK, policy: &Policy) -> Option<(Vec, Vec)> { + let user_attrs = usk.get_user_attributes(); + let eps_all = policy.reconstruct_secret(&user_attrs)?; + let (eps_not_vec, eps_vec) = eps_all.into_iter().partition(|i| policy.get(*i).1); + Some((eps_vec, eps_not_vec)) +} + +pub fn decrypt( + usk: &USK, + gid: &str, + iota: &Iota, + tau: &Tau, + policy: &Policy, + ct: &Ciphertext, +) -> Option { + let (eps_vec, eps_not_vec) = solve_lse(usk, policy)?; + let mut k = Gt::ONE; + let mut c_1 = H::zero(); + let mut c_3 = H::zero(); + for j in eps_vec.iter().chain(eps_not_vec.iter()) { + c_1 += ct.c_1_vec[*j]; + c_3 += ct.c_3_vec[*j]; + } + k *= pairing(G::generator(), c_3).0; + k *= pairing(hash_gid(gid), c_1).0; + + let eps_by_auth_iota = group_pairs(&eps_vec, |j| { + let (auth, lbl, attr) = policy.get(j).0.auth_lbl_attr(); + (auth.clone(), iota.get(&auth, &lbl, &attr)) + }); + let eps_by_tau = group_pairs(&eps_vec, |j| { + let (auth, lbl, attr) = policy.get(j).0.auth_lbl_attr(); + tau.get(&auth, &lbl, &attr) + }); + let eps_by_tau_tilde = group_pairs(&eps_vec, |j| { + let (auth, lbl, attr) = policy.get(j).0.auth_lbl_attr(); + tau.get_tilde(&auth, &lbl, &attr) + }); + let eps_not_by_tau_tilde = group_pairs(&eps_not_vec, |j| { + let (auth, lbl, attr) = policy.get(j).0.auth_lbl_attr(); + tau.get_tilde(&auth, &lbl, &attr) + }); + let eps_not_by_auth_lbl_attr = group_pairs(&eps_not_vec, |j| policy.get(j).0.auth_lbl_attr()); + + let mut domain_pos = HashSet::new(); + for k in eps_by_tau.keys() { + domain_pos.insert(k); + } + for k in eps_by_tau_tilde.keys() { + domain_pos.insert(k); + } + + let cost_a_pos = eps_by_auth_iota.len() + eps_by_tau.len(); + let cost_b_pos = domain_pos.len(); + + if cost_a_pos < cost_b_pos { + for ((auth, iota), js) in eps_by_auth_iota.iter() { + let k_1_1 = usk.get_partial_key(auth).unwrap().k_1_1_vec[*iota].neg(); + let mut c_4 = H::zero(); + for &j in js { + let ua = policy.get(j).0; + let auth = ua.authority(); + let lbl = ua.label(); + let attr = ua.attribute(); + let s_tilde = tau.get_tilde(auth, lbl, attr); + c_4 += ct.c_4_vec[s_tilde]; + } + k *= pairing(k_1_1, c_4).0; + } + + for (j_under_tau, js) in eps_by_tau { + let c_4 = ct.c_4_vec[j_under_tau]; + let mut k_1 = G::zero(); + for j in js { + let (auth, lbl, attr) = policy.get(j).0.auth_lbl_attr(); + let usk = usk.get_partial_key(&auth).unwrap(); + k_1 += usk.k_1_2_map.get(&(lbl, attr)).unwrap().neg(); + } + k *= pairing(k_1, c_4).0; + } + } else { + for j_under_tau_or_tau_tilde in domain_pos { + let c_4 = ct.c_4_vec[*j_under_tau_or_tau_tilde]; + + let tmp = Vec::new(); + let js = eps_by_tau.get(j_under_tau_or_tau_tilde).unwrap_or(&tmp); + let mut k_1_2 = G::zero(); + for j in js { + let (auth, lbl, attr) = policy.get(*j).0.auth_lbl_attr(); + let usk = usk.get_partial_key(&auth).unwrap(); + k_1_2 += usk.k_1_2_map.get(&(lbl, attr)).unwrap().neg(); + } + + let js = eps_by_tau_tilde + .get(j_under_tau_or_tau_tilde) + .unwrap_or(&tmp); + let mut k_1_1 = G::zero(); + for j in js { + let (auth, lbl, attr) = policy.get(*j).0.auth_lbl_attr(); + let iota = iota.get(&auth, &lbl, &attr); + k_1_1 += usk.get_partial_key(&auth).unwrap().k_1_1_vec[iota].neg(); + } + k *= pairing(k_1_1 + k_1_2, c_4).0; + } + } + + for ((auth, iota), js) in eps_by_auth_iota { + let mut c_2 = G::zero(); + for j in js { + c_2 += ct.c_2_vec[j]; + } + let usk = usk.get_partial_key(&auth).unwrap(); + let k_4 = usk.k_4_vec[iota]; + k *= pairing(c_2, k_4).0; + } + + for (j_under_tau, js) in eps_not_by_tau_tilde { + let c_4 = ct.c_4_vec[j_under_tau]; + + let mut k_2 = G::zero(); + for j in js.iter() { + let (auth, lbl) = policy.get(*j).0.auth_lbl(); + let usk = usk.get_partial_key(&auth).unwrap(); + k_2 += usk.k_2_map.get(&lbl).unwrap().neg(); + } + + let mut k_3 = G::zero(); + for j in js { + let (auth, lbl, attr) = policy.get(j).0.auth_lbl_attr(); + let x_attr_not = hash_attr(&attr); + let usk = usk.get_partial_key(&auth).unwrap(); + + let attrs: Vec = usk + .k_1_2_map + .keys() + .filter_map(|k| { + if k.0.eq(&lbl) { + Some(k.1.clone()) + } else { + None + } + }) + .collect(); + + let mut k_3_bases = Vec::with_capacity(attrs.len()); + let mut k_3_exps = Vec::with_capacity(attrs.len()); + let one = ScalarField::from(1); + for attr in attrs { + let x_attr = hash_attr(&attr); + let e = -one / (x_attr_not - x_attr); + k_3_exps.push(e); + k_3_bases.push( + usk.k_3_map + .get(&(lbl.clone(), attr.clone())) + .unwrap() + .into_affine(), + ); + } + k_3 += G::msm(&k_3_bases, &k_3_exps).unwrap(); + } + k *= pairing(k_2 + k_3, c_4).0; + } + + for ((auth, lbl, attr), js) in eps_not_by_auth_lbl_attr { + let mut c_2 = G::zero(); + for j in js { + c_2 += ct.c_2_vec[j]; + } + + let x_attr_not = hash_attr(&attr); + let usk = usk.get_partial_key(&auth).unwrap(); + + let attrs: Vec = usk + .k_1_2_map + .keys() + .filter_map(|k| { + if k.0.eq(&lbl) { + Some(k.1.clone()) + } else { + None + } + }) + .collect(); + let mut k_5_bases = Vec::with_capacity(attrs.len()); + let mut k_5_exps = Vec::with_capacity(attrs.len()); + let one = ScalarField::from(1); + for attr in attrs { + let x_attr = hash_attr(&attr); + let e = one / (x_attr_not - x_attr); + let iota = iota.get(&auth, &lbl, &attr); + k_5_exps.push(e); + k_5_bases.push(usk.k_5_vec[iota].into_affine()); + } + let k_5 = H::msm(&k_5_bases, &k_5_exps).unwrap(); + k *= pairing(c_2, k_5).0; + } + + Some(k) +} diff --git a/accless/libs/abe4/src/scheme/encrypt.rs b/accless/libs/abe4/src/scheme/encrypt.rs new file mode 100644 index 0000000..ccfecea --- /dev/null +++ b/accless/libs/abe4/src/scheme/encrypt.rs @@ -0,0 +1,125 @@ +use crate::{ + curve::{G, Gt, H, ScalarField, pairing}, + hashing::{ + HashSign::{Neg, Pos}, + hash_attr, hash_lbl, + }, + policy::Policy, + scheme::{ + tau::Tau, + types::{Ciphertext, MPK}, + }, +}; +use ark_ec::{Group, VariableBaseMSM}; +use ark_ff::UniformRand; +use ark_std::{ops::Mul, rand::Rng}; +use std::collections::HashMap; + +fn share_secret( + mut rng: impl Rng, + secret: ScalarField, + policy: &Policy, +) -> (Vec, Vec, usize) { + let n = policy.len(); + let splits = policy.share_secret(); + let mut v_vec = Vec::with_capacity(n); + let mut v_prime_vec = Vec::with_capacity(n); + let mut lambda_vec = Vec::with_capacity(n); + let mut mu_vec = Vec::with_capacity(n); + let zero = ScalarField::from(0); + for _ in 0..n { + v_vec.push(ScalarField::rand(&mut rng)); + v_prime_vec.push(ScalarField::rand(&mut rng)); + lambda_vec.push(zero); + mu_vec.push(zero); + } + v_vec[0] = secret; + v_prime_vec[0] = zero; + for (i, (_, idcs)) in splits.iter().enumerate() { + for j in idcs { + if *j >= 0 { + let k = *j as usize; + lambda_vec[i] += v_vec[k]; + mu_vec[i] += v_prime_vec[k]; + } else { + let k = (0 - *j) as usize; + lambda_vec[i] -= v_vec[k]; + mu_vec[i] -= v_prime_vec[k]; + } + } + } + (lambda_vec, mu_vec, n) +} + +pub fn encrypt(mut rng: impl Rng, mpk: &MPK, policy: &Policy, tau: &Tau) -> (Gt, Ciphertext) { + let s = ScalarField::rand(&mut rng); + let m = std::cmp::max(tau.get_max(), tau.get_tilde_max()); + let mut s_vec = Vec::with_capacity(m + 1); + for _ in 0..=m { + s_vec.push(ScalarField::rand(&mut rng)); + } + let (lambda_vec, mu_vec, n) = share_secret(&mut rng, s, policy); + let mut lbl_pos_0 = HashMap::new(); + let mut lbl_pos_1 = HashMap::new(); + let mut lbl_neg_0 = HashMap::new(); + let mut lbl_neg_1 = HashMap::new(); + for j in 0..n { + let (user_attr, is_neg) = policy.get(j); + let auth = user_attr.authority().to_string(); + let lbl = user_attr.label().to_string(); + let key = (auth.clone(), lbl.clone()); + if is_neg && !lbl_neg_0.contains_key(&key) { + lbl_neg_0.insert(key.clone(), hash_lbl(&auth, &lbl, Neg, 0)); + lbl_neg_1.insert(key, hash_lbl(&auth, &lbl, Neg, 1)); + } else if !lbl_pos_0.contains_key(&key) { + lbl_pos_0.insert(key.clone(), hash_lbl(&auth, &lbl, Pos, 0)); + lbl_pos_1.insert(key.clone(), hash_lbl(&auth, &lbl, Pos, 1)); + } + } + let mut c_1_vec = Vec::with_capacity(n); + let mut c_2_vec = Vec::with_capacity(n); + let mut c_3_vec = Vec::with_capacity(n); + for j in 0..n { + let (user_attr, is_neg) = policy.get(j); + let auth = user_attr.authority().to_string(); + let attr = user_attr.attribute().to_string(); + let lbl = user_attr.label().to_string(); + let mu = mu_vec[j]; + let lambda = lambda_vec[j]; + let s_tilde = s_vec[tau.get_tilde(&auth, &lbl, &attr)]; + let s = s_vec[tau.get(&auth, &lbl, &attr)]; + let x_attr = hash_attr(&attr); + let mpk = mpk.get_partial_key(&auth).unwrap(); + let b = if is_neg { mpk.b_not } else { mpk.b }; + let h = H::generator(); + let key = (auth.clone(), lbl.clone()); + let (lbl_0, lbl_1) = if is_neg { + (*lbl_neg_0.get(&key).unwrap(), *lbl_neg_1.get(&key).unwrap()) + } else { + (*lbl_pos_0.get(&key).unwrap(), *lbl_pos_1.get(&key).unwrap()) + }; + if is_neg { + c_1_vec.push(h.mul(mu) + b.mul(s_tilde)); + let c_2 = G::msm(&[lbl_0, lbl_1], &[s_tilde, s_tilde * x_attr]).unwrap(); + c_2_vec.push(c_2); + } else { + c_1_vec.push(h.mul(mu) + b.mul(s_tilde)); + let c_2 = G::msm(&[lbl_0, lbl_1], &[s, s * x_attr]).unwrap(); + c_2_vec.push(mpk.b_prime.mul(s_tilde) + c_2); + } + c_3_vec.push(h.mul(lambda) + mpk.a.mul(s_tilde)); + } + let mut c_4_vec = Vec::with_capacity(m + 1); + for s in s_vec.iter() { + let h = H::generator(); + c_4_vec.push(h.mul(s)); + } + let k = pairing(G::generator(), H::generator()).mul(s).0; + let ct = Ciphertext { + c_1_vec, + c_2_vec, + c_3_vec, + c_4_vec, + }; + (k, ct) +} diff --git a/accless/libs/abe4/src/scheme/group_pairs.rs b/accless/libs/abe4/src/scheme/group_pairs.rs new file mode 100644 index 0000000..3899c7f --- /dev/null +++ b/accless/libs/abe4/src/scheme/group_pairs.rs @@ -0,0 +1,13 @@ +use std::{collections::HashMap, hash::Hash}; + +pub fn group_pairs( + js: &Vec, + f: impl Fn(usize) -> T, +) -> HashMap> { + let mut map: HashMap> = HashMap::new(); + for &j in js { + let key = f(j); + map.entry(key).or_default().push(j); + } + map +} diff --git a/accless/libs/abe4/src/scheme/iota.rs b/accless/libs/abe4/src/scheme/iota.rs new file mode 100644 index 0000000..8781ee7 --- /dev/null +++ b/accless/libs/abe4/src/scheme/iota.rs @@ -0,0 +1,107 @@ +use crate::policy::UserAttribute; +use std::collections::HashMap; + +pub struct Iota { + storage: HashMap>, + m: usize, +} + +impl Iota { + pub fn new(user_attrs: &[UserAttribute]) -> Self { + let mut user_attr_by_auth = HashMap::new(); + for ua in user_attrs { + let uas = user_attr_by_auth + .entry(ua.authority().to_string()) + .or_insert(Vec::new()); + uas.push(ua); + } + + let mut storage = HashMap::new(); + + let mut m = 0; + for (auth, uas) in user_attr_by_auth { + let mut attrs_by_lbl = HashMap::new(); + for ua in uas { + let attrs = attrs_by_lbl + .entry(ua.label().to_string()) + .or_insert(Vec::new()); + attrs.push(ua.attribute().to_string()); + } + let mut inner = HashMap::new(); + for (lbl, attrs) in attrs_by_lbl { + for (i, a) in attrs.into_iter().enumerate() { + let key: (String, String) = (lbl.clone().to_string(), a); + inner.insert(key, i); + m = std::cmp::max(m, i); + } + } + storage.insert(auth.to_string(), inner); + } + Iota { storage, m } + } + + pub fn get_max(&self) -> usize { + self.m + } + + pub fn get(&self, auth: &str, lbl: &str, attr: &str) -> usize { + let key = (String::from(lbl), String::from(attr)); + *self.storage.get(auth).unwrap().get(&key).unwrap() + } +} + +#[test] +fn test_iota_simple() { + let user_attrs = vec![ + UserAttribute::new("0", "0", "0"), + UserAttribute::new("0", "1", "1"), + UserAttribute::new("0", "2", "2"), + UserAttribute::new("0", "3", "3"), + UserAttribute::new("0", "4", "4"), + UserAttribute::new("1", "5", "5"), + UserAttribute::new("1", "6", "6"), + UserAttribute::new("1", "7", "7"), + UserAttribute::new("1", "8", "8"), + UserAttribute::new("1", "9", "9"), + ]; + let iota = Iota::new(&user_attrs); + assert_eq!(iota.m, 0); + assert_eq!(iota.get("0", "0", "0"), 0); + assert_eq!(iota.get("0", "1", "1"), 0); + assert_eq!(iota.get("0", "2", "2"), 0); + assert_eq!(iota.get("0", "3", "3"), 0); + assert_eq!(iota.get("0", "4", "4"), 0); + assert_eq!(iota.get("1", "5", "5"), 0); + assert_eq!(iota.get("1", "6", "6"), 0); + assert_eq!(iota.get("1", "7", "7"), 0); + assert_eq!(iota.get("1", "8", "8"), 0); + assert_eq!(iota.get("1", "9", "9"), 0); +} + +#[test] +fn test_iota_complex() { + let user_attrs = vec![ + UserAttribute::new("0", "0", "0"), + UserAttribute::new("0", "0", "1"), + UserAttribute::new("0", "0", "2"), + UserAttribute::new("0", "1", "3"), + UserAttribute::new("0", "1", "4"), + UserAttribute::new("1", "1", "0"), + UserAttribute::new("1", "2", "1"), + UserAttribute::new("1", "2", "2"), + UserAttribute::new("1", "2", "3"), + UserAttribute::new("1", "2", "4"), + ]; + let iota = Iota::new(&user_attrs); + assert_eq!(iota.m, 3); + assert_eq!(iota.get("0", "0", "0"), 0); + assert_eq!(iota.get("0", "0", "1"), 1); + assert_eq!(iota.get("0", "0", "2"), 2); + assert_eq!(iota.get("0", "1", "3"), 0); + assert_eq!(iota.get("0", "1", "4"), 1); + assert_eq!(iota.get("1", "1", "0"), 0); + assert_eq!(iota.get("1", "2", "1"), 0); + assert_eq!(iota.get("1", "2", "2"), 1); + assert_eq!(iota.get("1", "2", "3"), 2); + assert_eq!(iota.get("1", "2", "4"), 3); +} diff --git a/accless/libs/abe4/src/scheme/keygen.rs b/accless/libs/abe4/src/scheme/keygen.rs new file mode 100644 index 0000000..e063015 --- /dev/null +++ b/accless/libs/abe4/src/scheme/keygen.rs @@ -0,0 +1,166 @@ +use crate::{ + curve::{G, H, ScalarField}, + hashing::{ + HashSign::{Neg, Pos}, + hash_attr, hash_gid, hash_lbl, + }, + policy::UserAttribute, + scheme::{ + iota::Iota, + types::{MSK, PartialMSK, PartialUSK, USK}, + }, +}; +use ark_ec::{Group, VariableBaseMSM}; +use ark_ff::UniformRand; +use ark_std::{ops::Mul, rand::Rng}; +use std::collections::{HashMap, HashSet}; + +pub fn keygen( + mut rng: impl Rng, + gid: &str, + msk: &MSK, + user_attrs: &[UserAttribute], + iota: &Iota, +) -> USK { + // Group the given array of `UserAttribute`s by authority. + let mut user_attr_by_auth: HashMap<&str, Vec<&UserAttribute>> = HashMap::new(); + for ua in user_attrs { + user_attr_by_auth + .entry(ua.authority()) + .or_default() + .push(ua); + } + + // Run partial key generation for each authority. + let mut usk = USK::new(); + for (auth, uas) in user_attr_by_auth { + match msk.get_partial_key(auth) { + None => panic!("No partial MSK given for authority in user's attribute set"), + Some(partial_msk) => { + let partial_usk = keygen_partial(&mut rng, gid, partial_msk, &uas, iota); + usk.add_partial_key(partial_usk); + } + } + } + usk +} + +pub fn keygen_partial( + mut rng: impl Rng, + gid: &str, + msk: &PartialMSK, + user_attrs: &[&UserAttribute], + iota: &Iota, +) -> PartialUSK { + let zero = ScalarField::from(0); + let mut r_vec = Vec::new(); + let mut r_not_vec = Vec::new(); + let mut r_lab_map = HashMap::new(); + let mut r_lab_done = HashSet::new(); + + for _ in 0..=iota.get_max() { + r_vec.push(ScalarField::rand(&mut rng)); + r_not_vec.push(ScalarField::rand(&mut rng)); + } + + for user_attr in user_attrs.iter() { + if user_attr.authority() != msk.auth { + panic!( + "Fatal error: cannot generate key for attribute which is managed by a different authority" + ); + } + if !r_lab_done.contains(&(user_attr.label(), user_attr.attribute())) { + let iota = iota.get( + user_attr.authority(), + user_attr.label(), + user_attr.attribute(), + ); + let r_not = r_not_vec[iota]; + let r_lab = *r_lab_map.get(&user_attr.label()).unwrap_or(&zero) + r_not; + r_lab_map.insert(user_attr.label(), r_lab); + r_lab_done.insert((user_attr.label(), user_attr.attribute())); + } + } + let g = G::generator().mul(msk.beta); + let gid_hashed = hash_gid(gid); + let gid = gid_hashed.mul(msk.b); + let gid_not = gid_hashed.mul(msk.b_not); + let mut k_1_1_vec = Vec::new(); + for r_val in r_vec.iter().take(iota.get_max() + 1) { + let k_1 = g + gid + G::generator().mul(*r_val * msk.b_prime); + k_1_1_vec.push(k_1); + } + let mut k_1_2_map = HashMap::new(); + let mut k_3_map = HashMap::new(); + let mut lbl_pos_0 = HashMap::new(); + let mut lbl_pos_1 = HashMap::new(); + let mut lbl_neg_0 = HashMap::new(); + let mut lbl_neg_1 = HashMap::new(); + for user_attr in user_attrs.iter() { + let key = (msk.auth.clone(), user_attr.label()); + if !lbl_pos_0.contains_key(&key) { + lbl_pos_0.insert(key.clone(), hash_lbl(&msk.auth, user_attr.label(), Pos, 0)); + lbl_pos_1.insert(key.clone(), hash_lbl(&msk.auth, user_attr.label(), Pos, 1)); + lbl_neg_0.insert(key.clone(), hash_lbl(&msk.auth, user_attr.label(), Neg, 0)); + lbl_neg_1.insert(key, hash_lbl(&msk.auth, user_attr.label(), Neg, 1)); + } + } + for user_attr in user_attrs.iter() { + let key = (msk.auth.clone(), user_attr.label()); + let lbl_pos_0 = *lbl_pos_0.get(&key).unwrap(); + let lbl_pos_1 = *lbl_pos_1.get(&key).unwrap(); + let lbl_neg_0 = *lbl_neg_0.get(&key).unwrap(); + let lbl_neg_1 = *lbl_neg_1.get(&key).unwrap(); + let x_attr = hash_attr(user_attr.attribute()); + let iota = iota.get( + user_attr.authority(), + user_attr.label(), + user_attr.attribute(), + ); + let r = r_vec[iota]; + let r_not = r_not_vec[iota]; + let k_1 = G::msm(&[lbl_pos_0, lbl_pos_1], &[r, r * x_attr]).unwrap(); + k_1_2_map.insert( + ( + user_attr.label().to_string(), + user_attr.attribute().to_string(), + ), + k_1, + ); + let k_3 = G::msm(&[lbl_neg_0, lbl_neg_1], &[r_not, r_not * x_attr]).unwrap(); + k_3_map.insert( + ( + user_attr.label().to_string(), + user_attr.attribute().to_string(), + ), + k_3, + ); + } + let mut k_2_map = HashMap::new(); + for user_attr in user_attrs.iter() { + if !k_2_map.contains_key(user_attr.label()) { + let r_lab = r_lab_map.get(user_attr.label()).unwrap(); + let key = (msk.auth.clone(), user_attr.label()); + let k_2 = (*lbl_neg_1.get(&key).unwrap()).mul(r_lab); + k_2_map.insert(user_attr.label().to_string(), g + gid_not + k_2); + } + } + let mut k_4_vec = Vec::with_capacity(r_vec.len()); + let mut k_5_vec = Vec::with_capacity(r_vec.len()); + for iota in 0..r_vec.len() { + let r = r_vec[iota]; + let r_not = r_not_vec[iota]; + k_4_vec.push(H::generator().mul(r)); + k_5_vec.push(H::generator().mul(r_not)); + } + + PartialUSK { + auth: msk.auth.clone(), + k_1_1_vec, + k_1_2_map, + k_2_map, + k_3_map, + k_4_vec, + k_5_vec, + } +} diff --git a/accless/libs/abe4/src/scheme/mod.rs b/accless/libs/abe4/src/scheme/mod.rs new file mode 100644 index 0000000..6fbadd0 --- /dev/null +++ b/accless/libs/abe4/src/scheme/mod.rs @@ -0,0 +1,50 @@ +use crate::{ + curve::Gt, + policy::{Policy, UserAttribute}, +}; +use iota::Iota; +use tau::Tau; +use types::{Ciphertext, MPK, MSK, USK}; + +mod decrypt; +mod encrypt; +mod group_pairs; +pub mod iota; +mod keygen; +mod setup; +pub mod tau; +mod types; + +pub fn setup(rng: impl ark_std::rand::RngCore, auths: &Vec<&str>) -> (MSK, MPK) { + setup::setup(rng, auths) +} + +pub fn keygen( + rng: impl ark_std::rand::RngCore, + gid: &str, + msk: &MSK, + user_attrs: &[UserAttribute], + iota: &Iota, +) -> USK { + keygen::keygen(rng, gid, msk, user_attrs, iota) +} + +pub fn encrypt( + rng: impl ark_std::rand::RngCore, + mpk: &MPK, + policy: &Policy, + tau: &Tau, +) -> (Gt, Ciphertext) { + encrypt::encrypt(rng, mpk, policy, tau) +} + +pub fn decrypt( + usk: &USK, + gid: &str, + iota: &Iota, + tau: &Tau, + policy: &Policy, + ct: &Ciphertext, +) -> Option { + decrypt::decrypt(usk, gid, iota, tau, policy, ct) +} diff --git a/accless/libs/abe4/src/scheme/setup.rs b/accless/libs/abe4/src/scheme/setup.rs new file mode 100644 index 0000000..7249978 --- /dev/null +++ b/accless/libs/abe4/src/scheme/setup.rs @@ -0,0 +1,53 @@ +use crate::{ + curve::{G, H, ScalarField}, + scheme::types::{MPK, MSK, PartialMPK, PartialMSK}, +}; +use ark_ec::Group; +use ark_ff::UniformRand; +use ark_std::{ops::Mul, rand::Rng}; + +/// This function sets up the decentralized CP-ABE crypto-system. Based +/// on an array of authorities identified by their global identifier, it +/// generates a key-pair that is a collection of each individual partial key. +pub fn setup(mut rng: impl Rng, authorities: &Vec<&str>) -> (MSK, MPK) { + let mut msk = MSK::new(); + let mut mpk = MPK::new(); + + for auth in authorities { + let (partial_msk, partial_mpk) = setup_partial(&mut rng, auth); + msk.add_partial_key(partial_msk); + mpk.add_partial_key(partial_mpk); + } + + (msk, mpk) +} + +/// Given an authority identified by its global identifier (GID), generate a +/// parial keypair. +pub fn setup_partial(mut rng: impl Rng, authority: &str) -> (PartialMSK, PartialMPK) { + let beta = ScalarField::rand(&mut rng); + let b = ScalarField::rand(&mut rng); + let b_not = ScalarField::rand(&mut rng); + let b_prime = ScalarField::rand(&mut rng); + let msk = PartialMSK { + auth: authority.to_string(), + beta, + b, + b_not, + b_prime, + }; + + let a = H::generator().mul(beta); + let b = H::generator().mul(b); + let b_not = H::generator().mul(b_not); + let b_prime = G::generator().mul(b_prime); + let mpk = PartialMPK { + auth: authority.to_string(), + a, + b, + b_not, + b_prime, + }; + + (msk, mpk) +} diff --git a/accless/libs/abe4/src/scheme/tau.rs b/accless/libs/abe4/src/scheme/tau.rs new file mode 100644 index 0000000..2465c60 --- /dev/null +++ b/accless/libs/abe4/src/scheme/tau.rs @@ -0,0 +1,203 @@ +use crate::policy::{Policy, UserAttribute}; +use std::collections::HashMap; + +pub struct Tau { + storage_tilde: HashMap<(String, String, String), usize>, + m_tilde: usize, + storage: HashMap<(String, String, String), usize>, + m: usize, +} + +impl Tau { + pub fn new(policy: &Policy) -> Self { + let n = policy.len(); + let mut user_attributes_by_authority: HashMap> = HashMap::new(); + let mut user_attributes_by_authority_label: HashMap<(String, String), Vec> = + HashMap::new(); + + for i in 0..n { + let (user_attribute, _) = policy.get(i); + user_attributes_by_authority + .entry(user_attribute.authority().to_string()) + .or_default() + .push(user_attribute.clone()); + let key = ( + user_attribute.authority().to_string(), + user_attribute.label().to_string(), + ); + user_attributes_by_authority_label + .entry(key) + .or_default() + .push(user_attribute); + } + + let mut storage_tilde: HashMap<(String, String, String), usize> = HashMap::new(); + let mut m_tilde = 0; + for (_, uas) in user_attributes_by_authority { + for (i, ua) in uas.into_iter().enumerate() { + let key = ( + ua.authority().to_string(), + ua.label().to_string(), + ua.attribute().to_string(), + ); + storage_tilde.insert(key, i); + m_tilde = std::cmp::max(m_tilde, i); + } + } + + let mut storage: HashMap<(String, String, String), usize> = HashMap::new(); + let mut m = 0; + for ((_, _), uas) in user_attributes_by_authority_label { + for (i, ua) in uas.into_iter().enumerate() { + let key = ( + ua.authority().to_string(), + ua.label().to_string(), + ua.attribute().to_string(), + ); + storage.insert(key, i); + m = std::cmp::max(m, i); + } + } + + Tau { + storage_tilde, + m_tilde, + storage, + m, + } + } + + pub fn get_tilde_max(&self) -> usize { + self.m_tilde + } + + pub fn get_tilde(&self, auth: &str, lbl: &str, attr: &str) -> usize { + let key = (String::from(auth), String::from(lbl), String::from(attr)); + *self.storage_tilde.get(&key).unwrap() + } + + pub fn get_max(&self) -> usize { + self.m + } + + pub fn get(&self, auth: &str, lbl: &str, attr: &str) -> usize { + let key = (String::from(auth), String::from(lbl), String::from(attr)); + *self.storage.get(&key).unwrap() + } +} + +#[test] +fn test_tau_simple() { + let user_attrs = vec![ + UserAttribute::new("0", "0", "0"), + UserAttribute::new("0", "0", "1"), + UserAttribute::new("0", "0", "2"), + UserAttribute::new("0", "0", "3"), + UserAttribute::new("1", "0", "0"), + UserAttribute::new("2", "0", "0"), + ]; + let policy = Policy::conjunction_of(&user_attrs, 0); + let tau = Tau::new(&policy); + assert_eq!(tau.m, 3); + assert_eq!(tau.get("0", "0", "0"), 0); + assert_eq!(tau.get("0", "0", "1"), 1); + assert_eq!(tau.get("0", "0", "2"), 2); + assert_eq!(tau.get("0", "0", "3"), 3); + assert_eq!(tau.get("1", "0", "0"), 0); + assert_eq!(tau.get("2", "0", "0"), 0); +} + +#[test] +fn test_tau_complex() { + let user_attrs = vec![ + UserAttribute::new("0", "0", "0"), + UserAttribute::new("0", "0", "1"), + UserAttribute::new("0", "1", "2"), + UserAttribute::new("0", "1", "3"), + UserAttribute::new("0", "1", "4"), + UserAttribute::new("1", "0", "5"), + UserAttribute::new("1", "1", "6"), + UserAttribute::new("1", "2", "7"), + UserAttribute::new("1", "3", "8"), + UserAttribute::new("1", "3", "9"), + ]; + let policy = Policy::conjunction_of(&user_attrs, 0); + let tau = Tau::new(&policy); + assert_eq!(tau.m, 2); + assert_eq!(tau.get("0", "0", "0"), 0); + assert_eq!(tau.get("0", "0", "1"), 1); + assert_eq!(tau.get("0", "1", "2"), 0); + assert_eq!(tau.get("0", "1", "3"), 1); + assert_eq!(tau.get("0", "1", "4"), 2); + assert_eq!(tau.get("1", "0", "5"), 0); + assert_eq!(tau.get("1", "1", "6"), 0); + assert_eq!(tau.get("1", "2", "7"), 0); + assert_eq!(tau.get("1", "3", "8"), 0); + assert_eq!(tau.get("1", "3", "9"), 1); +} + +#[test] +fn test_tau_tilde_simple() { + let user_attrs = vec![ + UserAttribute::new("0", "0", "0"), + UserAttribute::new("0", "1", "1"), + UserAttribute::new("0", "2", "2"), + UserAttribute::new("0", "3", "3"), + UserAttribute::new("0", "4", "4"), + UserAttribute::new("1", "5", "5"), + UserAttribute::new("1", "6", "6"), + UserAttribute::new("1", "7", "7"), + UserAttribute::new("1", "8", "8"), + UserAttribute::new("1", "9", "9"), + ]; + let policy = Policy::conjunction_of(&user_attrs, 0); + let tau = Tau::new(&policy); + assert_eq!(tau.m_tilde, 4); + assert_eq!(tau.get_tilde("0", "0", "0"), 0); + assert_eq!(tau.get_tilde("0", "1", "1"), 1); + assert_eq!(tau.get_tilde("0", "2", "2"), 2); + assert_eq!(tau.get_tilde("0", "3", "3"), 3); + assert_eq!(tau.get_tilde("0", "4", "4"), 4); + assert_eq!(tau.get_tilde("1", "5", "5"), 0); + assert_eq!(tau.get_tilde("1", "6", "6"), 1); + assert_eq!(tau.get_tilde("1", "7", "7"), 2); + assert_eq!(tau.get_tilde("1", "8", "8"), 3); + assert_eq!(tau.get_tilde("1", "9", "9"), 4); +} + +#[test] +fn test_tau_tilde_complex() { + let user_attrs = vec![ + UserAttribute::new("0", "0", "0"), + UserAttribute::new("0", "0", "1"), + UserAttribute::new("0", "0", "2"), + UserAttribute::new("0", "1", "3"), + UserAttribute::new("1", "1", "0"), + UserAttribute::new("1", "2", "1"), + UserAttribute::new("1", "2", "2"), + UserAttribute::new("1", "2", "3"), + UserAttribute::new("1", "2", "4"), + UserAttribute::new("2", "1", "0"), + UserAttribute::new("2", "2", "1"), + UserAttribute::new("3", "1", "1"), + UserAttribute::new("3", "1", "2"), + UserAttribute::new("3", "2", "1"), + ]; + let policy = Policy::conjunction_of(&user_attrs, 0); + let tau = Tau::new(&policy); + assert_eq!(tau.m_tilde, 4); + assert_eq!(tau.get_tilde("0", "0", "0"), 0); + assert_eq!(tau.get_tilde("0", "0", "1"), 1); + assert_eq!(tau.get_tilde("0", "0", "2"), 2); + assert_eq!(tau.get_tilde("0", "1", "3"), 3); + assert_eq!(tau.get_tilde("1", "1", "0"), 0); + assert_eq!(tau.get_tilde("1", "2", "1"), 1); + assert_eq!(tau.get_tilde("1", "2", "2"), 2); + assert_eq!(tau.get_tilde("1", "2", "3"), 3); + assert_eq!(tau.get_tilde("1", "2", "4"), 4); + assert_eq!(tau.get_tilde("2", "1", "0"), 0); + assert_eq!(tau.get_tilde("2", "2", "1"), 1); + assert_eq!(tau.get_tilde("3", "1", "1"), 0); + assert_eq!(tau.get_tilde("3", "1", "2"), 1); + assert_eq!(tau.get_tilde("3", "2", "1"), 2); +} diff --git a/accless/libs/abe4/src/scheme/types.rs b/accless/libs/abe4/src/scheme/types.rs new file mode 100644 index 0000000..8300674 --- /dev/null +++ b/accless/libs/abe4/src/scheme/types.rs @@ -0,0 +1,125 @@ +use crate::{ + curve::{G, H, ScalarField}, + policy::UserAttribute, +}; +use std::collections::{HashMap, hash_map::Entry}; + +// ----------------------------------------------------------------------------------------------- +// Structure and Trait Definitions +// ----------------------------------------------------------------------------------------------- + +/// Structure representing a cipher-text. +pub struct Ciphertext { + pub c_1_vec: Vec, + pub c_2_vec: Vec, + pub c_3_vec: Vec, + pub c_4_vec: Vec, +} + +/// Trait shared by all partial key structures. +pub trait PartialKey { + /// Returns the authority that generated this key. + fn get_authority(&self) -> String; +} + +/// Struct representing a partial Master Secret Key (MSK). +pub struct PartialMSK { + pub auth: String, + pub beta: ScalarField, + pub b: ScalarField, + pub b_not: ScalarField, + pub b_prime: ScalarField, +} + +/// Struct representing a partial Master Public Key (MPK). +pub struct PartialMPK { + pub auth: String, + pub a: H, + pub b: H, + pub b_not: H, + pub b_prime: G, +} + +pub struct PartialUSK { + pub auth: String, + pub k_1_1_vec: Vec, + pub k_1_2_map: HashMap<(String, String), G>, + pub k_2_map: HashMap, + pub k_3_map: HashMap<(String, String), G>, + pub k_4_vec: Vec, + pub k_5_vec: Vec, +} + +/// Struct representing a full key given a set of partial keys. +pub struct FullKey { + pub partial_keys: HashMap, +} + +/// Master Public Key. +#[allow(clippy::upper_case_acronyms)] +pub type MPK = FullKey; +/// Master Secret Key. +#[allow(clippy::upper_case_acronyms)] +pub type MSK = FullKey; +/// User Secret Key. +#[allow(clippy::upper_case_acronyms)] +pub type USK = FullKey; + +// ----------------------------------------------------------------------------------------------- +// Implementations +// ----------------------------------------------------------------------------------------------- + +impl PartialKey for PartialMSK { + fn get_authority(&self) -> String { + self.auth.clone() + } +} + +impl PartialKey for PartialMPK { + fn get_authority(&self) -> String { + self.auth.clone() + } +} + +impl PartialKey for PartialUSK { + fn get_authority(&self) -> String { + self.auth.clone() + } +} + +impl FullKey { + pub fn new() -> Self { + FullKey { + partial_keys: HashMap::new(), + } + } + + pub fn add_partial_key(&mut self, new_key: T) { + match self.partial_keys.entry(new_key.get_authority()) { + Entry::Vacant(entry) => entry.insert(new_key), + Entry::Occupied(_) => { + panic!( + "Partial key for authority '{}' already exists", + new_key.get_authority() + ); + } + }; + } + + pub fn get_partial_key(&self, auth: &str) -> Option<&T> { + self.partial_keys.get(auth) + } +} + +impl FullKey { + pub fn get_user_attributes(&self) -> Vec { + let mut user_attrs = Vec::new(); + for (auth, usk) in self.partial_keys.iter() { + for (lbl, attr) in usk.k_1_2_map.keys() { + user_attrs.push(UserAttribute::new(auth, lbl, attr)); + } + } + + user_attrs + } +} diff --git a/accless/libs/abe4/tests/api_tests.rs b/accless/libs/abe4/tests/api_tests.rs new file mode 100644 index 0000000..b1cb787 --- /dev/null +++ b/accless/libs/abe4/tests/api_tests.rs @@ -0,0 +1,1770 @@ +use accless_abe4::{ + decrypt, + encrypt, + Gt, + iota::Iota, + keygen, + Policy, + UserAttribute, + tau::Tau, + setup, +}; +use std::collections::HashSet; + +const USER_ID: &str = "TEST_USER_ID"; + +fn prepare_test(user_attrs: &Vec<&str>, policy: &str) -> (Vec, Vec, Policy) { + let policy = Policy::parse(policy).unwrap(); + let user_attrs: Vec = user_attrs + .iter() + .map(|ua| UserAttribute::parse(ua).unwrap()) + .collect(); + let mut auths: HashSet = HashSet::new(); + for ua in user_attrs.iter() { + auths.insert(ua.authority().to_string()); + } + for idx in 0..policy.len() { + auths.insert(policy.get(idx).0.authority().to_string()); + } + if auths.is_empty() { + panic!( + "Fatal error: cannot execute test case if both user attributes and policy are empty" + ); + } + (auths.into_iter().collect(), user_attrs, policy) +} + +fn test_scheme(user_attrs: Vec<&str>, policy: &str) -> (Gt, Option) { + let (auths, user_attrs, policy) = prepare_test(&user_attrs, &policy); + let mut rng = ark_std::test_rng(); + let auths: Vec<&str> = auths.iter().map(|s| s as &str).collect(); + let iota = Iota::new(&user_attrs); + let (msk, mpk) = setup(&mut rng, &auths); + let usk = keygen(&mut rng, USER_ID, &msk, &user_attrs, &iota); + let tau = Tau::new(&policy); + let (k_enc, ct) = encrypt(&mut rng, &mpk, &policy, &tau); + let k_dec = decrypt(&usk, USER_ID, &iota, &tau, &policy, &ct); + (k_enc, k_dec) +} + +pub fn assert_decryption_ok(user_attrs: Vec<&str>, policy: &str) { + let (k_enc, k_dec) = test_scheme(user_attrs, policy); + assert!(k_dec.is_some_and(|k| Gt::eq(&k_enc, &k))); +} + +pub fn assert_decryption_fail(user_attrs: Vec<&str>, policy: &str) { + let (_, k_dec) = test_scheme(user_attrs, policy); + assert!(k_dec.is_none()); +} + +// Handcrafted test cases (single auth) + +#[test] +fn single_auth_single_ok() { + let user_attrs = vec!["A.a:0"]; + let policy = "A.a:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_single_multi_attr_ok() { + let user_attrs = vec!["A.a:0", "A.a:0"]; + let policy = "A.a:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_single_fail() { + let user_attrs = vec![]; + let policy = "A.a:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_conjunction_ok() { + let user_attrs = vec!["A.a:0", "A.b:0"]; + let policy = "A.a:0 & A.b:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_conjunction_no_left_fail() { + let user_attrs = vec!["A.b:0"]; + let policy = "A.a:rainy & A.b:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_conjunction_no_right_fail() { + let user_attrs = vec!["A.a:0"]; + let policy = "A.a:0 & A.b:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_negation_ok() { + let user_attrs = vec!["A.a:0"]; + let policy = "!A.a:1"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_negation_multi_alternative_ok() { + let user_attrs = vec!["A.a:1", "A.a:2", "A.a:3"]; + let policy = "!A.a:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_negation_contradiction_fail() { + let user_attrs = vec!["A.a:1"]; + let policy = "!A.a:1"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_negation_no_alternative_fail() { + let user_attrs = vec!["A.b:0"]; + let policy = "!A.a:1"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_disjunction_left_ok() { + let user_attrs = vec!["A.a:0"]; + let policy = "A.a:0 | A.a:1"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_disjunction_right_ok() { + let user_attrs = vec!["A.a:1"]; + let policy = "A.a:0 | A.a:1"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_disjunction_both_ok() { + let user_attrs = vec!["A.a:0", "A.a:1"]; + let policy = "A.a:0 | A.a:1"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_disjunction_fail() { + let user_attrs = vec![]; + let policy = "A.a:0 | A.b:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_conjunction_left_negated_ok() { + let user_attrs = vec!["A.a:1", "A.b:0"]; + let policy = "!A.a:0 & A.b:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_conjunction_left_negated_contradiction_fail() { + let user_attrs = vec!["A.a:0", "A.b:0"]; + let policy = "!A.a:0 & A.b:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_conjunction_left_negated_no_alternative_fail() { + let user_attrs = vec!["A.b:0"]; + let policy = "!A.a:0 & A.b:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_conjunction_left_negated_no_right_fail() { + let user_attrs = vec!["A.a:2"]; + let policy = "!A.a:0 & A.b:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_conjunction_both_negated_ok() { + let user_attrs = vec!["A.a:2", "A.b:1"]; + let policy = "!A.a:0 & !A.b:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_disjunction_right_negated_ok() { + let user_attrs = vec!["A.b:1"]; + let policy = "A.a:1 | !A.b:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_disjunction_right_negated_both_ok() { + let user_attrs = vec!["A.a:1", "A.b:0"]; + let policy = "A.a:1 | !A.b:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_disjunction_right_negated_contradiction_fail() { + let user_attrs = vec!["A.b:0"]; + let policy = "A.a:1 | !A.b:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_disjunction_right_negated_no_alternative_fail() { + let user_attrs = vec![]; + let policy = "A.a:1 | !A.b:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn single_auth_disjunction_both_negated_ok() { + let user_attrs = vec!["A.a:1", "A.b:0"]; + let policy = "!A.a:0 | !A.b:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_complex_1_ok() { + let user_attrs = vec!["A.a:0", "A.c:0"]; + let policy = "A.a:0 | (!A.b:0 & A.a:2) & !(A.c:1 | A.c:2)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_complex_2_ok() { + let user_attrs = vec!["A.a:2", "A.b:1", "A.c:0"]; + let policy = "A.a:0 | (!A.b:0 & A.a:2) & !(A.c:1 | A.c:2)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn single_auth_complex_fail() { + let user_attrs = vec!["A.a:2", "A.c:2"]; + let policy = "A.a:0 | (!A.b:0 & A.a:2) & !(A.c:1 | A.c:2)"; + assert_decryption_fail(user_attrs, policy); +} + +// Handcrafted test cases (multi auth) + +#[test] +fn multi_auth_disjunction_left_ok() { + let user_attrs = vec!["A.a:0"]; + let policy = "A.a:0 | B.a:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn multi_auth_disjunction_right_ok() { + let user_attrs = vec!["B.a:0"]; + let policy = "A.a:0 | B.a:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn multi_auth_disjunction_both_ok() { + let user_attrs = vec!["A.a:0", "B.a:0"]; + let policy = "A.a:0 | B.a:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn multi_auth_disjunction_wrong_auth_fail() { + let user_attrs = vec!["C.a:0"]; + let policy = "A.a:0 | B.a:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn multi_auth_conjunction_ok() { + let user_attrs = vec!["A.a:0", "B.a:0"]; + let policy = "A.a:0 & B.a:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn multi_auth_conjunction_missing_left_fail() { + let user_attrs = vec!["B.a:0"]; + let policy = "A.a:0 & B.a:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn multi_auth_conjunction_missing_right_fail() { + let user_attrs = vec!["A.a:0"]; + let policy = "A.a:0 & B.a:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn multi_auth_negation_ok() { + let user_attrs = vec!["A.a:1", "A.a:2", "A.a:3", "A.a:4", "A.a:5", "B.a:0"]; + let policy = "!A.a:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn multi_auth_negation_cross_auth_fail() { + let user_attrs = vec!["B.a:0"]; + let policy = "!A.a:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn multi_auth_complex_1_ok() { + let user_attrs = vec!["A.a:0", "A.b:2", "A.c:1", "B.b:0", "B.b:1"]; + let policy = "A.a:1 | (!A.a:1 & A.b:2) & !(B.b:2 | A.c:2)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn multi_auth_complex_2_ok() { + let user_attrs = vec!["A.a:2", "A.b:1", "A.c:0", "B.c:0", "C.c:0", "C.c:1"]; + let policy = "A.a:0 | (!A.b:0 & A.a:2) & !(B.c:1 | A.c:2)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn multi_auth_complex_fail() { + let user_attrs = vec!["A.a:2", "A.c:1", "B.c:2"]; + let policy = "A.a:0 | (!A.b:0 & A.a:2) & !(A.c:1 | A.c:2)"; + assert_decryption_fail(user_attrs, policy); +} + +// Auto-generated test cases + +#[test] +fn generated_test_case_000_ok() { + let user_attrs = vec!["C.a:6"]; + let policy = "(B.a:0 | C.a:6)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_000_fail() { + let user_attrs = vec![]; + let policy = "(B.a:0 | C.a:6)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_001_ok() { + let user_attrs = vec!["D.c:1"]; + let policy = "(D.c:1 | (A.e:5 & B.b:2))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_001_fail() { + let user_attrs = vec![]; + let policy = "(D.c:1 | (A.e:5 & B.b:2))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_002_ok() { + let user_attrs = vec!["D.e:0"]; + let policy = "(A.e:6 | D.e:0)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_002_fail() { + let user_attrs = vec![]; + let policy = "(A.e:6 | D.e:0)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_003_ok() { + let user_attrs = vec!["B.a:3"]; + let policy = "B.a:3"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_003_fail() { + let user_attrs = vec![]; + let policy = "B.a:3"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_004_ok() { + let user_attrs = vec!["A.a:0", "B.d:1", "A.d:5_00", "A.d:5_01", "A.d:5_02"]; + let policy = "(!B.c:0 | ((A.a:0 & B.d:1) & (((B.d:5 | (A.d:5 & (C.a:1 | ((B.a:3 & (C.c:2 & A.a:5)) | C.b:2)))) | C.c:1) | !A.d:5)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_004_fail() { + let user_attrs = vec!["A.a:0", "A.d:5_01"]; + let policy = "(!B.c:0 | ((A.a:0 & B.d:1) & (((B.d:5 | (A.d:5 & (C.a:1 | ((B.a:3 & (C.c:2 & A.a:5)) | C.b:2)))) | C.c:1) | !A.d:5)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_005_ok() { + let user_attrs = vec!["B.d:0"]; + let policy = "(B.d:0 | D.a:6)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_005_fail() { + let user_attrs = vec![]; + let policy = "(B.d:0 | D.a:6)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_006_ok() { + let user_attrs = vec!["C.a:5"]; + let policy = "(C.a:5 | ((!A.c:2 & C.a:0) & (D.b:0 | (C.a:0 | ((C.b:0 & B.a:1) & A.c:1)))))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_006_fail() { + let user_attrs = vec![]; + let policy = "(C.a:5 | ((!A.c:2 & C.a:0) & (D.b:0 | (C.a:0 | ((C.b:0 & B.a:1) & A.c:1)))))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_007_ok() { + let user_attrs = vec!["B.c:0"]; + let policy = "(B.c:0 | ((C.a:6 | A.d:2) | (B.d:6 & B.a:2)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_007_fail() { + let user_attrs = vec![]; + let policy = "(B.c:0 | ((C.a:6 | A.d:2) | (B.d:6 & B.a:2)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_008_ok() { + let user_attrs = vec!["A.c:2"]; + let policy = "((!C.a:3 | (!D.b:2 & ((D.e:6 | (A.e:6 & (D.a:1 | (B.a:4 | A.d:4)))) & D.e:1))) | (D.c:1 | A.c:2))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_008_fail() { + let user_attrs = vec![]; + let policy = "((!C.a:3 | (!D.b:2 & ((D.e:6 | (A.e:6 & (D.a:1 | (B.a:4 | A.d:4)))) & D.e:1))) | (D.c:1 | A.c:2))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_009_ok() { + let user_attrs = vec!["C.d:0", "A.e:0"]; + let policy = "((B.c:0 & C.e:5) | (C.d:0 & A.e:0))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_009_fail() { + let user_attrs = vec!["C.d:0"]; + let policy = "((B.c:0 & C.e:5) | (C.d:0 & A.e:0))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_010_ok() { + let user_attrs = vec!["D.b:5_00", "D.b:5_01", "D.b:5_02", "D.b:5_03"]; + let policy = "!D.b:5"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_010_fail() { + let user_attrs = vec![]; + let policy = "!D.b:5"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_011_ok() { + let user_attrs = vec!["D.b:6", "D.d:2_00", "C.c:3"]; + let policy = "((D.b:6 & !D.d:2) & C.c:3)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_011_fail() { + let user_attrs = vec!["C.c:3", "D.d:2_00"]; + let policy = "((D.b:6 & !D.d:2) & C.c:3)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_012_ok() { + let user_attrs = vec![ + "C.b:4_00", "C.b:4_01", "D.a:0", "A.d:6", "A.e:4_00", "A.e:4_01", "A.e:4_02", "A.e:4_03", + ]; + let policy = "((!C.b:4 & (D.b:6 | (D.a:0 & A.d:6))) & !A.e:4)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_012_fail() { + let user_attrs = vec![ + "A.d:6", "A.e:4_00", "A.e:4_03", "A.e:4_02", "C.b:4_01", "A.e:4_01", + ]; + let policy = "((!C.b:4 & (D.b:6 | (D.a:0 & A.d:6))) & !A.e:4)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_013_ok() { + let user_attrs = vec![ + "B.d:6", "C.b:4", "A.e:1", "D.b:5_00", "D.b:5_01", "D.b:5_02", "D.b:5_03", + ]; + let policy = "(B.d:6 & (C.b:4 & ((C.d:6 | ((A.e:1 | C.c:0) & !D.b:5)) | B.a:2)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_013_fail() { + let user_attrs = vec!["A.e:1", "B.d:6", "D.b:5_01"]; + let policy = "(B.d:6 & (C.b:4 & ((C.d:6 | ((A.e:1 | C.c:0) & !D.b:5)) | B.a:2)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_014_ok() { + let user_attrs = vec!["D.b:6"]; + let policy = "(D.b:6 | ((((A.b:1 | D.c:6) | B.b:6) | B.a:1) & D.d:2))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_014_fail() { + let user_attrs = vec![]; + let policy = "(D.b:6 | ((((A.b:1 | D.c:6) | B.b:6) | B.a:1) & D.d:2))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_015_ok() { + let user_attrs = vec!["B.d:5", "A.e:5", "C.c:5", "A.c:5", "D.d:3", "B.d:0"]; + let policy = "((((A.d:0 | (B.d:4 | D.c:6)) | B.d:5) & (A.e:5 & ((C.c:5 & (A.c:5 & D.d:3)) | A.d:3))) & B.d:0)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_015_fail() { + let user_attrs = vec!["B.d:5", "C.c:5", "A.c:5", "B.d:0", "A.e:5"]; + let policy = "((((A.d:0 | (B.d:4 | D.c:6)) | B.d:5) & (A.e:5 & ((C.c:5 & (A.c:5 & D.d:3)) | A.d:3))) & B.d:0)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_016_ok() { + let user_attrs = vec![ + "C.e:5_00", "C.e:5_01", "C.e:5_02", "A.d:2_00", "A.d:2_01", "A.d:2_02", + ]; + let policy = + "(!C.e:5 & (((B.a:4 | ((D.e:4 & ((D.b:0 | A.a:3) | C.c:5)) | B.b:5)) & D.a:6) | !A.d:2))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_016_fail() { + let user_attrs = vec!["C.e:5_02", "C.e:5_01"]; + let policy = + "(!C.e:5 & (((B.a:4 | ((D.e:4 & ((D.b:0 | A.a:3) | C.c:5)) | B.b:5)) & D.a:6) | !A.d:2))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_017_ok() { + let user_attrs = vec!["D.e:6"]; + let policy = "(C.b:0 | (D.c:5 | D.e:6))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_017_fail() { + let user_attrs = vec![]; + let policy = "(C.b:0 | (D.c:5 | D.e:6))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_018_ok() { + let user_attrs = vec!["B.d:3_00", "B.d:3_01", "B.d:3_02", "B.d:3_03"]; + let policy = "!B.d:3"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_018_fail() { + let user_attrs = vec![]; + let policy = "!B.d:3"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_019_ok() { + let user_attrs = vec!["A.b:4", "D.c:5", "C.d:5", "B.c:2"]; + let policy = "((((A.b:4 & D.c:5) & C.d:5) & B.c:2) | A.e:0)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_019_fail() { + let user_attrs = vec!["A.b:4", "D.c:5", "C.d:5"]; + let policy = "((((A.b:4 & D.c:5) & C.d:5) & B.c:2) | A.e:0)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_020_ok() { + let user_attrs = vec!["B.a:0"]; + let policy = "B.a:0"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_020_fail() { + let user_attrs = vec![]; + let policy = "B.a:0"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_021_ok() { + let user_attrs = vec!["A.a:0_00"]; + let policy = "((B.b:6 | !A.a:0) | (B.a:0 & B.e:4))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_021_fail() { + let user_attrs = vec![]; + let policy = "((B.b:6 | !A.a:0) | (B.a:0 & B.e:4))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_022_ok() { + let user_attrs = vec!["C.d:4"]; + let policy = "C.d:4"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_022_fail() { + let user_attrs = vec![]; + let policy = "C.d:4"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_023_ok() { + let user_attrs = vec!["B.c:5", "C.b:0"]; + let policy = "((B.c:5 | (D.a:4 & (!B.c:2 | (C.c:0 & (C.d:5 | D.e:1))))) & C.b:0)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_023_fail() { + let user_attrs = vec!["B.c:5"]; + let policy = "((B.c:5 | (D.a:4 & (!B.c:2 | (C.c:0 & (C.d:5 | D.e:1))))) & C.b:0)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_024_ok() { + let user_attrs = vec!["D.b:0"]; + let policy = "(B.e:6 | D.b:0)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_024_fail() { + let user_attrs = vec![]; + let policy = "(B.e:6 | D.b:0)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_025_ok() { + let user_attrs = vec!["C.c:1", "B.b:1", "D.a:3", "C.d:0"]; + let policy = "((C.c:1 & (B.b:1 & D.a:3)) & (C.d:0 | A.e:5))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_025_fail() { + let user_attrs = vec!["C.c:1", "C.d:0", "B.b:1"]; + let policy = "((C.c:1 & (B.b:1 & D.a:3)) & (C.d:0 | A.e:5))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_026_ok() { + let user_attrs = vec![ + "C.e:2", "D.a:5_00", "D.a:5_01", "D.a:1_00", "D.a:1_01", "D.a:1_02", "D.a:1_03", + ]; + let policy = "((C.e:2 | !D.c:2) & (!D.a:5 & ((!D.a:1 | (C.a:0 | (B.a:0 | (A.e:3 | (D.b:3 & !A.c:5))))) | B.b:5)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_026_fail() { + let user_attrs = vec!["D.a:1_03", "D.a:1_02", "D.a:5_01", "D.a:5_00", "D.a:1_00"]; + let policy = "((C.e:2 | !D.c:2) & (!D.a:5 & ((!D.a:1 | (C.a:0 | (B.a:0 | (A.e:3 | (D.b:3 & !A.c:5))))) | B.b:5)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_027_ok() { + let user_attrs = vec!["C.b:4", "D.e:6"]; + let policy = "(C.b:4 & (D.e:6 | (!B.c:6 | D.d:1)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_027_fail() { + let user_attrs = vec!["C.b:4"]; + let policy = "(C.b:4 & (D.e:6 | (!B.c:6 | D.d:1)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_028_ok() { + let user_attrs = vec!["D.c:5"]; + let policy = "((A.d:1 & (B.e:6 & A.d:5)) | D.c:5)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_028_fail() { + let user_attrs = vec![]; + let policy = "((A.d:1 & (B.e:6 & A.d:5)) | D.c:5)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_029_ok() { + let user_attrs = vec!["C.e:6"]; + let policy = "C.e:6"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_029_fail() { + let user_attrs = vec![]; + let policy = "C.e:6"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_030_ok() { + let user_attrs = vec!["B.b:2", "A.d:2", "A.c:6"]; + let policy = "(((B.e:4 | D.c:3) & !A.a:0) | ((B.b:2 & (A.d:2 | A.d:0)) & A.c:6))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_030_fail() { + let user_attrs = vec![]; + let policy = "(((B.e:4 | D.c:3) & !A.a:0) | ((B.b:2 & (A.d:2 | A.d:0)) & A.c:6))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_031_ok() { + let user_attrs = vec!["A.a:4"]; + let policy = "A.a:4"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_031_fail() { + let user_attrs = vec![]; + let policy = "A.a:4"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_032_ok() { + let user_attrs = vec!["A.c:5"]; + let policy = "(((A.b:4 | (C.c:6 | (C.b:3 | B.c:4))) & B.e:4) | (A.c:5 | !C.e:0))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_032_fail() { + let user_attrs = vec![]; + let policy = "(((A.b:4 | (C.c:6 | (C.b:3 | B.c:4))) & B.e:4) | (A.c:5 | !C.e:0))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_033_ok() { + let user_attrs = vec!["C.a:2", "A.a:4", "D.a:1"]; + let policy = "((C.a:2 & A.a:4) & D.a:1)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_033_fail() { + let user_attrs = vec!["A.a:4", "D.a:1"]; + let policy = "((C.a:2 & A.a:4) & D.a:1)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_034_ok() { + let user_attrs = vec!["A.b:6_00", "A.b:6_01", "A.b:6_02", "B.c:0", "A.c:2"]; + let policy = "(((!A.b:6 & (((B.d:6 & B.a:6) & !D.c:0) | B.c:0)) & A.c:2) | (C.b:2 & C.e:3))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_034_fail() { + let user_attrs = vec!["A.b:6_00", "B.c:0", "A.b:6_01", "A.b:6_02"]; + let policy = "(((!A.b:6 & (((B.d:6 & B.a:6) & !D.c:0) | B.c:0)) & A.c:2) | (C.b:2 & C.e:3))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_035_ok() { + let user_attrs = vec!["A.d:2_00", "A.d:2_01", "A.d:2_02"]; + let policy = "!A.d:2"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_035_fail() { + let user_attrs = vec![]; + let policy = "!A.d:2"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_036_ok() { + let user_attrs = vec!["D.d:1", "D.d:6_00", "D.d:6_01"]; + let policy = "((D.d:1 & (!D.d:3 | !D.d:6)) | D.a:4)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_036_fail() { + let user_attrs = vec!["D.d:6_01"]; + let policy = "((D.d:1 & (!D.d:3 | !D.d:6)) | D.a:4)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_037_ok() { + let user_attrs = vec!["A.e:3"]; + let policy = "((!D.c:1 | D.c:2) | A.e:3)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_037_fail() { + let user_attrs = vec![]; + let policy = "((!D.c:1 | D.c:2) | A.e:3)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_038_ok() { + let user_attrs = vec!["D.c:4_00", "D.c:4_01", "D.c:4_02"]; + let policy = "!D.c:4"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_038_fail() { + let user_attrs = vec![]; + let policy = "!D.c:4"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_039_ok() { + let user_attrs = vec!["D.a:6", "A.b:6"]; + let policy = "(D.a:6 & A.b:6)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_039_fail() { + let user_attrs = vec!["A.b:6"]; + let policy = "(D.a:6 & A.b:6)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_040_ok() { + let user_attrs = vec!["B.d:6", "A.d:2", "D.c:4"]; + let policy = "((B.d:6 & (A.d:2 & D.c:4)) | ((!A.e:1 | (B.e:1 | B.a:2)) & A.a:6))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_040_fail() { + let user_attrs = vec!["D.c:4", "A.d:2"]; + let policy = "((B.d:6 & (A.d:2 & D.c:4)) | ((!A.e:1 | (B.e:1 | B.a:2)) & A.a:6))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_041_ok() { + let user_attrs = vec!["D.e:1"]; + let policy = "(((B.b:5 & A.b:5) & ((B.c:0 | B.a:1) | C.a:1)) | D.e:1)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_041_fail() { + let user_attrs = vec![]; + let policy = "(((B.b:5 & A.b:5) & ((B.c:0 | B.a:1) | C.a:1)) | D.e:1)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_042_ok() { + let user_attrs = vec!["A.b:6"]; + let policy = "(A.b:6 | (A.b:3 & ((((D.e:4 & B.e:4) | A.b:4) & !D.e:5) & C.b:1)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_042_fail() { + let user_attrs = vec![]; + let policy = "(A.b:6 | (A.b:3 & ((((D.e:4 & B.e:4) | A.b:4) & !D.e:5) & C.b:1)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_043_ok() { + let user_attrs = vec!["B.b:1", "A.a:5", "B.a:0"]; + let policy = "(B.b:1 & (A.a:5 & ((!A.a:3 | B.a:0) | D.a:4)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_043_fail() { + let user_attrs = vec!["B.b:1", "B.a:0"]; + let policy = "(B.b:1 & (A.a:5 & ((!A.a:3 | B.a:0) | D.a:4)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_044_ok() { + let user_attrs = vec!["B.d:0", "D.e:0", "A.c:6"]; + let policy = "((!B.d:0 & A.c:2) | ((B.d:0 & D.e:0) & A.c:6))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_044_fail() { + let user_attrs = vec!["A.c:6", "D.e:0"]; + let policy = "((!B.d:0 & A.c:2) | ((B.d:0 & D.e:0) & A.c:6))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_045_ok() { + let user_attrs = vec!["B.b:4"]; + let policy = "(((!C.e:6 | (!B.e:2 & (B.c:3 & D.e:6))) | (A.b:0 | B.b:4)) | C.c:4)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_045_fail() { + let user_attrs = vec![]; + let policy = "(((!C.e:6 | (!B.e:2 & (B.c:3 & D.e:6))) | (A.b:0 | B.b:4)) | C.c:4)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_046_ok() { + let user_attrs = vec![ + "D.c:5_00", "B.e:5", "C.a:3", "A.c:0_00", "A.c:0_01", "D.e:1", "D.d:6", + ]; + let policy = + "((!D.c:5 & (B.e:5 & (C.a:3 & ((!A.c:0 & D.e:1) | A.b:1)))) & (D.d:6 | (A.a:6 | D.b:5)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_046_fail() { + let user_attrs = vec![ + "D.d:6", "D.c:5_00", "A.c:0_00", "A.c:0_01", "C.a:3", "B.e:5", + ]; + let policy = + "((!D.c:5 & (B.e:5 & (C.a:3 & ((!A.c:0 & D.e:1) | A.b:1)))) & (D.d:6 | (A.a:6 | D.b:5)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_047_ok() { + let user_attrs = vec!["C.a:2", "B.b:2"]; + let policy = "(C.a:2 & B.b:2)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_047_fail() { + let user_attrs = vec!["B.b:2"]; + let policy = "(C.a:2 & B.b:2)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_048_ok() { + let user_attrs = vec!["A.b:5", "A.a:2_00", "A.a:2_01"]; + let policy = "(((((!C.b:0 & ((((B.e:2 | !B.a:4) | C.e:2) & D.b:3) | A.b:0)) | A.b:5) | C.d:2) & (!A.a:2 | D.a:3)) | D.c:1)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_048_fail() { + let user_attrs = vec!["A.a:2_00", "A.a:2_01"]; + let policy = "(((((!C.b:0 & ((((B.e:2 | !B.a:4) | C.e:2) & D.b:3) | A.b:0)) | A.b:5) | C.d:2) & (!A.a:2 | D.a:3)) | D.c:1)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_049_ok() { + let user_attrs = vec![ + "D.b:0_00", "D.b:0_01", "D.b:0_02", "D.b:0_03", "A.e:6_00", "A.e:6_01", + ]; + let policy = "((!D.b:0 & (C.b:3 | (!A.e:6 | D.b:5))) | D.e:0)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_049_fail() { + let user_attrs = vec![]; + let policy = "((!D.b:0 & (C.b:3 | (!A.e:6 | D.b:5))) | D.e:0)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_050_ok() { + let user_attrs = vec!["D.e:0", "C.c:4", "A.c:5", "C.d:5", "B.a:1"]; + let policy = "((D.e:0 & (((((A.c:4 & ((!A.c:5 | (((C.e:6 & !B.a:0) | A.d:4) | A.b:6)) | D.d:1)) | C.c:4) | !D.e:2) & A.c:5) & C.d:5)) & B.a:1)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_050_fail() { + let user_attrs = vec!["C.d:5", "B.a:1", "D.e:0", "C.c:4"]; + let policy = "((D.e:0 & (((((A.c:4 & ((!A.c:5 | (((C.e:6 & !B.a:0) | A.d:4) | A.b:6)) | D.d:1)) | C.c:4) | !D.e:2) & A.c:5) & C.d:5)) & B.a:1)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_051_ok() { + let user_attrs = vec!["A.b:5", "D.c:6"]; + let policy = "(((A.b:1 | A.b:5) & D.c:6) | ((B.b:6 & !C.e:4) & D.e:0))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_051_fail() { + let user_attrs = vec!["A.b:5"]; + let policy = "(((A.b:1 | A.b:5) & D.c:6) | ((B.b:6 & !C.e:4) & D.e:0))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_052_ok() { + let user_attrs = vec!["D.b:2"]; + let policy = "D.b:2"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_052_fail() { + let user_attrs = vec![]; + let policy = "D.b:2"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_053_ok() { + let user_attrs = vec![ + "D.e:2_00", "B.e:4_00", "B.e:4_01", "B.e:4_02", "D.e:3", "B.e:1", + ]; + let policy = "(((!D.e:2 & (!B.e:4 | !D.a:0)) & D.e:3) & B.e:1)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_053_fail() { + let user_attrs = vec!["D.e:2_00", "B.e:4_02", "B.e:1", "B.e:4_01"]; + let policy = "(((!D.e:2 & (!B.e:4 | !D.a:0)) & D.e:3) & B.e:1)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_054_ok() { + let user_attrs = vec!["B.b:3", "D.a:1", "C.b:5_00", "D.a:4", "D.e:3", "C.e:1_00"]; + let policy = "(B.b:3 & (((D.a:1 & ((((B.a:3 | A.d:3) & B.d:6) & !B.b:5) | !C.b:5)) | A.b:1) & ((D.a:4 & D.e:3) & !C.e:1)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_054_fail() { + let user_attrs = vec!["B.b:3", "D.a:1", "C.e:1_00", "D.a:4", "C.b:5_00"]; + let policy = "(B.b:3 & (((D.a:1 & ((((B.a:3 | A.d:3) & B.d:6) & !B.b:5) | !C.b:5)) | A.b:1) & ((D.a:4 & D.e:3) & !C.e:1)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_055_ok() { + let user_attrs = vec!["B.c:0", "C.e:6"]; + let policy = "((B.c:0 & C.e:6) | (B.c:3 | C.a:2))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_055_fail() { + let user_attrs = vec!["C.e:6"]; + let policy = "((B.c:0 & C.e:6) | (B.c:3 | C.a:2))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_056_ok() { + let user_attrs = vec!["B.e:1", "B.a:6"]; + let policy = "((B.e:1 & (A.e:3 | B.a:6)) | D.c:0)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_056_fail() { + let user_attrs = vec!["B.e:1"]; + let policy = "((B.e:1 & (A.e:3 | B.a:6)) | D.c:0)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_057_ok() { + let user_attrs = vec!["B.a:0", "D.d:0", "C.b:6", "C.c:2"]; + let policy = "((B.a:0 & ((D.d:0 & C.b:6) & C.c:2)) | B.a:6)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_057_fail() { + let user_attrs = vec!["B.a:0", "D.d:0", "C.c:2"]; + let policy = "((B.a:0 & ((D.d:0 & C.b:6) & C.c:2)) | B.a:6)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_058_ok() { + let user_attrs = vec!["A.d:3_00", "A.d:3_01", "B.c:1", "D.e:3", "B.e:3", "B.c:4"]; + let policy = "(!A.d:3 & (((B.c:1 & (D.e:3 & (((A.b:3 | B.d:1) & D.c:2) | B.e:3))) & B.c:4) | (C.c:4 | B.e:6)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_058_fail() { + let user_attrs = vec!["D.e:3", "B.c:4", "B.e:3", "A.d:3_01"]; + let policy = "(!A.d:3 & (((B.c:1 & (D.e:3 & (((A.b:3 | B.d:1) & D.c:2) | B.e:3))) & B.c:4) | (C.c:4 | B.e:6)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_059_ok() { + let user_attrs = vec!["A.e:4"]; + let policy = "A.e:4"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_059_fail() { + let user_attrs = vec![]; + let policy = "A.e:4"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_060_ok() { + let user_attrs = vec!["B.e:6_00", "B.e:6_01", "B.e:6_02", "A.a:4", "B.e:1"]; + let policy = "(A.b:3 | (!B.e:6 & (A.a:4 & (B.d:3 | B.e:1))))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_060_fail() { + let user_attrs = vec!["B.e:6_02", "B.e:1"]; + let policy = "(A.b:3 | (!B.e:6 & (A.a:4 & (B.d:3 | B.e:1))))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_061_ok() { + let user_attrs = vec!["D.d:5"]; + let policy = "D.d:5"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_061_fail() { + let user_attrs = vec![]; + let policy = "D.d:5"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_062_ok() { + let user_attrs = vec!["D.c:6"]; + let policy = "D.c:6"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_062_fail() { + let user_attrs = vec![]; + let policy = "D.c:6"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_063_ok() { + let user_attrs = vec!["A.c:6", "A.c:5", "D.a:2", "D.d:4", "A.c:1", "C.c:3"]; + let policy = "(((A.c:6 & A.c:5) & (D.a:2 & (D.d:4 & A.c:1))) & C.c:3)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_063_fail() { + let user_attrs = vec!["D.d:4", "A.c:1", "D.a:2", "A.c:5", "C.c:3"]; + let policy = "(((A.c:6 & A.c:5) & (D.a:2 & (D.d:4 & A.c:1))) & C.c:3)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_064_ok() { + let user_attrs = vec!["C.d:1_00", "C.d:1_01", "C.d:1_02", "A.c:0"]; + let policy = "((!C.d:1 | A.c:5) & A.c:0)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_064_fail() { + let user_attrs = vec!["A.c:0"]; + let policy = "((!C.d:1 | A.c:5) & A.c:0)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_065_ok() { + let user_attrs = vec!["D.a:5", "A.b:4"]; + let policy = "(B.e:6 | ((B.a:5 | (((C.d:0 | A.b:1) | D.a:5) & A.b:4)) | (D.d:0 & !C.d:1)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_065_fail() { + let user_attrs = vec!["D.a:5"]; + let policy = "(B.e:6 | ((B.a:5 | (((C.d:0 | A.b:1) | D.a:5) & A.b:4)) | (D.d:0 & !C.d:1)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_066_ok() { + let user_attrs = vec![ + "C.a:1_00", "C.a:1_01", "C.a:1_02", "A.d:6", "C.c:6", "B.a:4", "A.a:2", "A.c:6_00", + "A.c:6_01", + ]; + let policy = "((!C.a:1 & (A.d:6 & (C.c:6 & ((B.a:4 | D.e:2) & A.a:2)))) & !A.c:6)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_066_fail() { + let user_attrs = vec![ + "A.c:6_01", "B.a:4", "C.a:1_02", "C.c:6", "C.a:1_01", "A.c:6_00", "A.a:2", + ]; + let policy = "((!C.a:1 & (A.d:6 & (C.c:6 & ((B.a:4 | D.e:2) & A.a:2)))) & !A.c:6)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_067_ok() { + let user_attrs = vec!["D.d:6_00", "D.d:6_01", "D.d:6_02", "D.d:6_03", "C.a:3"]; + let policy = "(!D.d:6 & C.a:3)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_067_fail() { + let user_attrs = vec!["D.d:6_00", "D.d:6_03"]; + let policy = "(!D.d:6 & C.a:3)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_068_ok() { + let user_attrs = vec!["A.b:4_00"]; + let policy = "(!A.b:4 | C.a:4)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_068_fail() { + let user_attrs = vec![]; + let policy = "(!A.b:4 | C.a:4)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_069_ok() { + let user_attrs = vec!["B.c:1"]; + let policy = "B.c:1"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_069_fail() { + let user_attrs = vec![]; + let policy = "B.c:1"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_070_ok() { + let user_attrs = vec!["B.a:5_00", "B.a:5_01", "B.a:5_02", "A.c:4", "B.e:3_00"]; + let policy = "(!B.a:5 & (A.c:4 & (((D.d:6 | D.b:0) | A.e:4) | !B.e:3)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_070_fail() { + let user_attrs = vec!["B.a:5_01", "B.e:3_00", "B.a:5_00"]; + let policy = "(!B.a:5 & (A.c:4 & (((D.d:6 | D.b:0) | A.e:4) | !B.e:3)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_071_ok() { + let user_attrs = vec![ + "B.e:3_00", "B.e:3_01", "B.e:3_02", "B.e:3_03", "B.c:3", "C.d:1", + ]; + let policy = "(!B.e:3 & (B.c:3 & (C.a:1 | C.d:1)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_071_fail() { + let user_attrs = vec!["B.e:3_02", "B.e:3_03", "C.d:1"]; + let policy = "(!B.e:3 & (B.c:3 & (C.a:1 | C.d:1)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_072_ok() { + let user_attrs = vec!["A.a:6", "A.a:2"]; + let policy = "((((A.c:6 | A.a:6) | !B.d:5) & A.a:2) | (B.c:0 & B.b:3))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_072_fail() { + let user_attrs = vec!["A.a:2"]; + let policy = "((((A.c:6 | A.a:6) | !B.d:5) & A.a:2) | (B.c:0 & B.b:3))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_073_ok() { + let user_attrs = vec!["A.c:3"]; + let policy = "A.c:3"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_073_fail() { + let user_attrs = vec![]; + let policy = "A.c:3"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_074_ok() { + let user_attrs = vec!["C.c:4"]; + let policy = "(((D.d:6 & ((D.c:1 | B.c:1) | C.d:0)) & C.b:1) | (C.c:4 | A.c:3))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_074_fail() { + let user_attrs = vec![]; + let policy = "(((D.d:6 & ((D.c:1 | B.c:1) | C.d:0)) & C.b:1) | (C.c:4 | A.c:3))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_075_ok() { + let user_attrs = vec!["B.c:6"]; + let policy = "(B.c:6 | !A.e:0)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_075_fail() { + let user_attrs = vec![]; + let policy = "(B.c:6 | !A.e:0)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_076_ok() { + let user_attrs = vec!["A.d:4", "B.c:6", "B.e:3", "C.d:4"]; + let policy = "(((((C.d:1 & D.d:1) | B.a:1) | A.d:4) & (B.c:6 & B.e:3)) & C.d:4)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_076_fail() { + let user_attrs = vec!["C.d:4", "B.e:3", "A.d:4"]; + let policy = "(((((C.d:1 & D.d:1) | B.a:1) | A.d:4) & (B.c:6 & B.e:3)) & C.d:4)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_077_ok() { + let user_attrs = vec!["D.c:0"]; + let policy = "(D.c:0 | (B.a:0 & (C.a:5 & ((!B.d:6 | !A.c:1) | !D.d:2))))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_077_fail() { + let user_attrs = vec![]; + let policy = "(D.c:0 | (B.a:0 & (C.a:5 & ((!B.d:6 | !A.c:1) | !D.d:2))))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_078_ok() { + let user_attrs = vec!["D.c:4_00", "D.c:4_01", "D.c:4_02", "D.c:4_03"]; + let policy = "((B.a:6 | (!D.c:4 | A.d:6)) | !B.b:6)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_078_fail() { + let user_attrs = vec![]; + let policy = "((B.a:6 | (!D.c:4 | A.d:6)) | !B.b:6)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_079_ok() { + let user_attrs = vec![ + "A.c:4", "D.d:0_00", "D.d:0_01", "D.d:0_02", "D.d:0_03", "A.a:4", + ]; + let policy = "((A.c:4 & !D.d:0) & A.a:4)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_079_fail() { + let user_attrs = vec!["D.d:0_02", "A.c:4", "D.d:0_01", "D.d:0_00", "D.d:0_03"]; + let policy = "((A.c:4 & !D.d:0) & A.a:4)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_080_ok() { + let user_attrs = vec!["C.b:3", "D.a:0_00"]; + let policy = "(C.b:3 & (!D.a:0 | B.b:5))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_080_fail() { + let user_attrs = vec!["D.a:0_00"]; + let policy = "(C.b:3 & (!D.a:0 | B.b:5))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_081_ok() { + let user_attrs = vec!["A.a:2_00"]; + let policy = "(!A.a:2 | (((!D.d:4 | (C.b:3 | (D.e:1 | B.a:2))) & C.a:4) | D.d:4))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_081_fail() { + let user_attrs = vec![]; + let policy = "(!A.a:2 | (((!D.d:4 | (C.b:3 | (D.e:1 | B.a:2))) & C.a:4) | D.d:4))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_082_ok() { + let user_attrs = vec!["D.b:1", "C.a:4"]; + let policy = "((D.b:1 & C.a:4) | (B.e:6 & (A.d:3 & !C.d:5)))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_082_fail() { + let user_attrs = vec!["D.b:1"]; + let policy = "((D.b:1 & C.a:4) | (B.e:6 & (A.d:3 & !C.d:5)))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_083_ok() { + let user_attrs = vec!["D.b:3"]; + let policy = "D.b:3"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_083_fail() { + let user_attrs = vec![]; + let policy = "D.b:3"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_084_ok() { + let user_attrs = vec!["A.b:4"]; + let policy = "A.b:4"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_084_fail() { + let user_attrs = vec![]; + let policy = "A.b:4"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_085_ok() { + let user_attrs = vec!["D.d:2", "D.d:1"]; + let policy = "((B.d:3 & !B.d:1) | (D.d:2 & D.d:1))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_085_fail() { + let user_attrs = vec!["D.d:2"]; + let policy = "((B.d:3 & !B.d:1) | (D.d:2 & D.d:1))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_086_ok() { + let user_attrs = vec!["B.e:5_00", "B.e:5_01", "B.e:5_02"]; + let policy = "!B.e:5"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_086_fail() { + let user_attrs = vec![]; + let policy = "!B.e:5"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_087_ok() { + let user_attrs = vec!["D.e:5"]; + let policy = "D.e:5"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_087_fail() { + let user_attrs = vec![]; + let policy = "D.e:5"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_088_ok() { + let user_attrs = vec!["D.e:1"]; + let policy = "D.e:1"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_088_fail() { + let user_attrs = vec![]; + let policy = "D.e:1"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_089_ok() { + let user_attrs = vec!["A.e:0", "B.a:3"]; + let policy = "((A.e:0 & B.a:3) | (C.c:6 & (A.c:0 & (!B.c:0 | B.d:0))))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_089_fail() { + let user_attrs = vec!["A.e:0"]; + let policy = "((A.e:0 & B.a:3) | (C.c:6 & (A.c:0 & (!B.c:0 | B.d:0))))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_090_ok() { + let user_attrs = vec!["A.c:4"]; + let policy = "A.c:4"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_090_fail() { + let user_attrs = vec![]; + let policy = "A.c:4"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_091_ok() { + let user_attrs = vec!["C.a:0", "A.b:1", "C.e:3"]; + let policy = "((C.a:0 | (C.d:5 | A.b:6)) & (A.b:1 & (C.e:3 | ((((C.a:1 & A.b:3) & A.d:5) | C.e:1) | C.a:5))))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_091_fail() { + let user_attrs = vec!["C.a:0", "A.b:1"]; + let policy = "((C.a:0 | (C.d:5 | A.b:6)) & (A.b:1 & (C.e:3 | ((((C.a:1 & A.b:3) & A.d:5) | C.e:1) | C.a:5))))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_092_ok() { + let user_attrs = vec!["C.a:1"]; + let policy = "((C.b:4 | C.a:1) | C.c:3)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_092_fail() { + let user_attrs = vec![]; + let policy = "((C.b:4 | C.a:1) | C.c:3)"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_093_ok() { + let user_attrs = vec!["A.e:3"]; + let policy = "A.e:3"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_093_fail() { + let user_attrs = vec![]; + let policy = "A.e:3"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_094_ok() { + let user_attrs = vec!["A.a:6", "C.b:5", "C.e:5", "B.e:1", "A.a:6", "B.a:1"]; + let policy = "((((A.a:6 & (C.b:5 & C.e:5)) & B.e:1) & A.a:6) & ((B.a:1 | !C.b:2) | D.e:0))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_094_fail() { + let user_attrs = vec!["A.a:6", "A.a:6", "C.e:5", "C.b:5"]; + let policy = "((((A.a:6 & (C.b:5 & C.e:5)) & B.e:1) & A.a:6) & ((B.a:1 | !C.b:2) | D.e:0))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_095_ok() { + let user_attrs = vec!["A.d:3"]; + let policy = "((!B.e:1 | ((!A.b:2 | (D.b:0 | (A.e:4 & A.c:3))) | D.e:5)) | (A.d:3 | B.d:4))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_095_fail() { + let user_attrs = vec![]; + let policy = "((!B.e:1 | ((!A.b:2 | (D.b:0 | (A.e:4 & A.c:3))) | D.e:5)) | (A.d:3 | B.d:4))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_096_ok() { + let user_attrs = vec!["D.c:1"]; + let policy = "D.c:1"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_096_fail() { + let user_attrs = vec![]; + let policy = "D.c:1"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_097_ok() { + let user_attrs = vec!["C.d:0", "D.e:0", "B.b:5"]; + let policy = "(C.d:0 & ((D.e:0 & B.b:5) | B.b:3))"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_097_fail() { + let user_attrs = vec!["D.e:0", "C.d:0"]; + let policy = "(C.d:0 & ((D.e:0 & B.b:5) | B.b:3))"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_098_ok() { + let user_attrs = vec!["B.a:1"]; + let policy = "B.a:1"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_098_fail() { + let user_attrs = vec![]; + let policy = "B.a:1"; + assert_decryption_fail(user_attrs, policy); +} + +#[test] +fn generated_test_case_099_ok() { + let user_attrs = vec![ + "C.a:0", "B.a:0", "A.c:3", "B.a:4_00", "B.a:4_01", "B.c:5", "A.c:5", + ]; + let policy = "((C.a:0 & (((B.a:0 & A.c:3) & !B.a:4) & (B.c:5 & A.c:5))) | D.a:6)"; + assert_decryption_ok(user_attrs, policy); +} + +#[test] +fn generated_test_case_099_fail() { + let user_attrs = vec!["B.c:5", "B.a:4_01", "B.a:0", "A.c:5", "A.c:3", "B.a:4_00"]; + let policy = "((C.a:0 & (((B.a:0 & A.c:3) & !B.a:4) & (B.c:5 & A.c:5))) | D.a:6)"; + assert_decryption_fail(user_attrs, policy); +} diff --git a/accless/libs/attestation/attestation.cpp b/accless/libs/attestation/attestation.cpp index 7c8e115..e60d249 100644 --- a/accless/libs/attestation/attestation.cpp +++ b/accless/libs/attestation/attestation.cpp @@ -20,6 +20,13 @@ using namespace attest; #define SNP_GET_REPORT \ _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x0, struct snp_guest_request_ioctl) +/* Accless Attestation Library + * + * This library is only used for SNP attestation, and it supports fetching + * the SNP attestation report from either /dev/sev-guest, in a bare-metal + * deployment, or from a TPM when deployed in an Azure cVM. For the latter + * it relies on some Azure-provided libraries. + */ namespace accless::attestation { void Logger::Log(const char *log_tag, AttestationLogger::LogLevel level, const char *function, const int line, const char *fmt, ...) { diff --git a/accless/libs/jwt/Cargo.lock b/accless/libs/jwt/Cargo.lock deleted file mode 100644 index 783af6e..0000000 --- a/accless/libs/jwt/Cargo.lock +++ /dev/null @@ -1,660 +0,0 @@ -# This file is automatically @generated by Cargo. -# It is not intended for manual editing. -version = 4 - -[[package]] -name = "accless-jwt" -version = "0.1.0" -dependencies = [ - "anyhow", - "base64", - "rsa", - "serde", - "serde_json", - "x509-parser", -] - -[[package]] -name = "anyhow" -version = "1.0.97" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcfed56ad506cb2c684a14971b8861fdc3baaaae314b9e5f9bb532cbe3ba7a4f" - -[[package]] -name = "arrayvec" -version = "0.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b" - -[[package]] -name = "autocfg" -version = "1.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26" - -[[package]] -name = "base64" -version = "0.13.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" - -[[package]] -name = "base64ct" -version = "1.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" - -[[package]] -name = "bitflags" -version = "1.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" - -[[package]] -name = "bitvec" -version = "0.19.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55f93d0ef3363c364d5976646a38f04cf67cfe1d4c8d160cdea02cab2c116b33" -dependencies = [ - "funty", - "radium", - "tap", - "wyz", -] - -[[package]] -name = "block-buffer" -version = "0.10.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" -dependencies = [ - "generic-array", -] - -[[package]] -name = "byteorder" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" - -[[package]] -name = "cfg-if" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" - -[[package]] -name = "chrono" -version = "0.4.38" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a21f936df1771bf62b77f047b726c4625ff2e8aa607c01ec06e5a05bd8463401" -dependencies = [ - "num-traits", -] - -[[package]] -name = "const-oid" -version = "0.9.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" - -[[package]] -name = "cpufeatures" -version = "0.2.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "608697df725056feaccfa42cffdaeeec3fccc4ffc38358ecd19b243e716a78e0" -dependencies = [ - "libc", -] - -[[package]] -name = "crypto-common" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" -dependencies = [ - "generic-array", - "typenum", -] - -[[package]] -name = "data-encoding" -version = "2.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e8566979429cf69b49a5c740c60791108e86440e8be149bbea4fe54d2c32d6e2" - -[[package]] -name = "der" -version = "0.7.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f55bf8e7b65898637379c1b74eb1551107c8294ed26d855ceb9fd1a09cfc9bc0" -dependencies = [ - "const-oid", - "pem-rfc7468", - "zeroize", -] - -[[package]] -name = "der-oid-macro" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4cccf60bb98c0fca115a581f894aed0e43fa55bf289fdac5599bec440bb4fd6" -dependencies = [ - "nom", - "num-bigint", - "num-traits", - "syn 1.0.109", -] - -[[package]] -name = "der-parser" -version = "5.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2d7ededb7525bb4114bc209685ce7894edc2965f4914312a1ea578a645a237f0" -dependencies = [ - "der-oid-macro", - "nom", - "num-bigint", - "num-traits", - "rusticata-macros", -] - -[[package]] -name = "digest" -version = "0.10.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" -dependencies = [ - "block-buffer", - "const-oid", - "crypto-common", -] - -[[package]] -name = "funty" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fed34cd105917e91daa4da6b3728c47b068749d6a62c59811f06ed2ac71d9da7" - -[[package]] -name = "generic-array" -version = "0.14.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" -dependencies = [ - "typenum", - "version_check", -] - -[[package]] -name = "getrandom" -version = "0.2.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7" -dependencies = [ - "cfg-if", - "libc", - "wasi", -] - -[[package]] -name = "itoa" -version = "1.0.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b" - -[[package]] -name = "lazy_static" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" -dependencies = [ - "spin", -] - -[[package]] -name = "lexical-core" -version = "0.7.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6607c62aa161d23d17a9072cc5da0be67cdfc89d3afb1e8d9c842bebc2525ffe" -dependencies = [ - "arrayvec", - "bitflags", - "cfg-if", - "ryu", - "static_assertions", -] - -[[package]] -name = "libc" -version = "0.2.159" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "561d97a539a36e26a9a5fad1ea11a3039a67714694aaa379433e580854bc3dc5" - -[[package]] -name = "libm" -version = "0.2.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4ec2a862134d2a7d32d7983ddcdd1c4923530833c9f2ea1a44fc5fa473989058" - -[[package]] -name = "memchr" -version = "2.3.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ee1c47aaa256ecabcaea351eae4a9b01ef39ed810004e298d2511ed284b1525" - -[[package]] -name = "nom" -version = "6.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c6a7a9657c84d5814c6196b68bb4429df09c18b1573806259fba397ea4ad0d44" -dependencies = [ - "bitvec", - "funty", - "lexical-core", - "memchr", - "version_check", -] - -[[package]] -name = "num-bigint" -version = "0.4.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9" -dependencies = [ - "num-integer", - "num-traits", -] - -[[package]] -name = "num-bigint-dig" -version = "0.8.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc84195820f291c7697304f3cbdadd1cb7199c0efc917ff5eafd71225c136151" -dependencies = [ - "byteorder", - "lazy_static", - "libm", - "num-integer", - "num-iter", - "num-traits", - "rand", - "smallvec", - "zeroize", -] - -[[package]] -name = "num-integer" -version = "0.1.46" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" -dependencies = [ - "num-traits", -] - -[[package]] -name = "num-iter" -version = "0.1.45" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1429034a0490724d0075ebb2bc9e875d6503c3cf69e235a8941aa757d83ef5bf" -dependencies = [ - "autocfg", - "num-integer", - "num-traits", -] - -[[package]] -name = "num-traits" -version = "0.2.19" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" -dependencies = [ - "autocfg", - "libm", -] - -[[package]] -name = "oid-registry" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f6aae73e474f83beacd8ae2179e328e03d63d9223949d97e1b7c108059a34715" -dependencies = [ - "der-parser", -] - -[[package]] -name = "pem-rfc7468" -version = "0.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412" -dependencies = [ - "base64ct", -] - -[[package]] -name = "pkcs1" -version = "0.7.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8ffb9f10fa047879315e6625af03c164b16962a5368d724ed16323b68ace47f" -dependencies = [ - "der", - "pkcs8", - "spki", -] - -[[package]] -name = "pkcs8" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" -dependencies = [ - "der", - "spki", -] - -[[package]] -name = "ppv-lite86" -version = "0.2.20" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04" -dependencies = [ - "zerocopy", -] - -[[package]] -name = "proc-macro2" -version = "1.0.86" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" -dependencies = [ - "unicode-ident", -] - -[[package]] -name = "quote" -version = "1.0.37" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af" -dependencies = [ - "proc-macro2", -] - -[[package]] -name = "radium" -version = "0.5.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "941ba9d78d8e2f7ce474c015eea4d9c6d25b6a3327f9832ee29a4de27f91bbb8" - -[[package]] -name = "rand" -version = "0.8.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" -dependencies = [ - "rand_chacha", - "rand_core", -] - -[[package]] -name = "rand_chacha" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" -dependencies = [ - "ppv-lite86", - "rand_core", -] - -[[package]] -name = "rand_core" -version = "0.6.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" -dependencies = [ - "getrandom", -] - -[[package]] -name = "rsa" -version = "0.9.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d0e5124fcb30e76a7e79bfee683a2746db83784b86289f6251b54b7950a0dfc" -dependencies = [ - "const-oid", - "digest", - "num-bigint-dig", - "num-integer", - "num-traits", - "pkcs1", - "pkcs8", - "rand_core", - "sha2", - "signature", - "spki", - "subtle", - "zeroize", -] - -[[package]] -name = "rusticata-macros" -version = "3.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbbee512c633ecabd4481c40111b6ded03ddd9ab10ba6caa5a74e14c889921ad" -dependencies = [ - "nom", -] - -[[package]] -name = "ryu" -version = "1.0.18" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f" - -[[package]] -name = "serde" -version = "1.0.210" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" -dependencies = [ - "serde_derive", -] - -[[package]] -name = "serde_derive" -version = "1.0.210" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.79", -] - -[[package]] -name = "serde_json" -version = "1.0.128" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ff5456707a1de34e7e37f2a6fd3d3f808c318259cbd01ab6377795054b483d8" -dependencies = [ - "itoa", - "memchr", - "ryu", - "serde", -] - -[[package]] -name = "sha2" -version = "0.10.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" -dependencies = [ - "cfg-if", - "cpufeatures", - "digest", -] - -[[package]] -name = "signature" -version = "2.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" -dependencies = [ - "digest", - "rand_core", -] - -[[package]] -name = "smallvec" -version = "1.13.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67" - -[[package]] -name = "spin" -version = "0.9.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" - -[[package]] -name = "spki" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" -dependencies = [ - "base64ct", - "der", -] - -[[package]] -name = "static_assertions" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" - -[[package]] -name = "subtle" -version = "2.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292" - -[[package]] -name = "syn" -version = "1.0.109" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" -dependencies = [ - "proc-macro2", - "quote", - "unicode-ident", -] - -[[package]] -name = "syn" -version = "2.0.79" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89132cd0bf050864e1d38dc3bbc07a0eb8e7530af26344d3d2bbbef83499f590" -dependencies = [ - "proc-macro2", - "quote", - "unicode-ident", -] - -[[package]] -name = "tap" -version = "1.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" - -[[package]] -name = "thiserror" -version = "1.0.64" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d50af8abc119fb8bb6dbabcfa89656f46f84aa0ac7688088608076ad2b459a84" -dependencies = [ - "thiserror-impl", -] - -[[package]] -name = "thiserror-impl" -version = "1.0.64" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08904e7672f5eb876eaaf87e0ce17857500934f4981c4a0ab2b4aa98baac7fc3" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.79", -] - -[[package]] -name = "typenum" -version = "1.17.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" - -[[package]] -name = "unicode-ident" -version = "1.0.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e91b56cd4cadaeb79bbf1a5645f6b4f8dc5bde8834ad5894a8db35fda9efa1fe" - -[[package]] -name = "version_check" -version = "0.9.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" - -[[package]] -name = "wasi" -version = "0.11.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" - -[[package]] -name = "wyz" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85e60b0d1b5f99db2556934e21937020776a5d31520bf169e851ac44e6420214" - -[[package]] -name = "x509-parser" -version = "0.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9fdb27e60230e9d42a67fc3893ed5273b3dc74b4173e29ac52da8084014778d9" -dependencies = [ - "base64", - "chrono", - "data-encoding", - "der-parser", - "lazy_static", - "nom", - "oid-registry", - "rusticata-macros", - "thiserror", -] - -[[package]] -name = "zerocopy" -version = "0.7.35" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0" -dependencies = [ - "byteorder", - "zerocopy-derive", -] - -[[package]] -name = "zerocopy-derive" -version = "0.7.35" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.79", -] - -[[package]] -name = "zeroize" -version = "1.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde" diff --git a/accless/libs/jwt/Cargo.toml b/accless/libs/jwt/Cargo.toml index 68c6cc8..321fa5f 100644 --- a/accless/libs/jwt/Cargo.toml +++ b/accless/libs/jwt/Cargo.toml @@ -1,7 +1,11 @@ [package] name = "accless-jwt" -version = "0.1.0" -edition = "2021" +version.workspace = true +license-file.workspace = true +edition.workspace = true +authors.workspace = true +description = "JWT manipulation library" +homepage.workspace = true [lib] name="accless_jwt" @@ -9,9 +13,9 @@ crate-type=["staticlib"] path = "src/lib.rs" [dependencies] -anyhow = "1.0.97" -base64 = "0.13" -rsa = { version = "0.9.6", features = ["sha2"] } -serde = { version = "1.0", features = ["derive"] } -serde_json = "1.0" -x509-parser = { version = "0.10.0" } +anyhow.workspace = true +base64.workspace = true +rsa = { workspace = true, features = ["sha2"] } +serde.workspace = true +serde_json.workspace = true +x509-parser.workspace = true diff --git a/accless/libs/jwt/src/lib.rs b/accless/libs/jwt/src/lib.rs index 6aadea3..ea7af2a 100644 --- a/accless/libs/jwt/src/lib.rs +++ b/accless/libs/jwt/src/lib.rs @@ -1,16 +1,13 @@ -use base64::{decode_config, URL_SAFE_NO_PAD}; -use rsa::pkcs1::DecodeRsaPublicKey; -use rsa::sha2::Sha256; -use rsa::signature::Verifier; -use rsa::RsaPublicKey; +use base64::{Engine, engine::general_purpose::URL_SAFE_NO_PAD}; +use rsa::{RsaPublicKey, pkcs1::DecodeRsaPublicKey, sha2::Sha256, signature::Verifier}; use serde_json::Value; use std::{ - ffi::{c_char, CStr, CString}, + ffi::{CStr, CString, c_char}, ptr, }; fn base64_url_decode(input: &str) -> Vec { - decode_config(input, URL_SAFE_NO_PAD).unwrap() + URL_SAFE_NO_PAD.decode(input).unwrap() } fn verify_jwt_signature(jwt: &str, x5c_certs: &[&str]) -> bool { @@ -22,19 +19,25 @@ fn verify_jwt_signature(jwt: &str, x5c_certs: &[&str]) -> bool { let header_and_payload = format!("{}.{}", parts[0], parts[1]); let tmp = base64_url_decode(parts[2]); - let signature = tmp.as_slice(); + let signature: rsa::pkcs1v15::Signature = match tmp.as_slice().try_into() { + Ok(signature) => signature, + Err(_) => return false, + }; for cert_pem in x5c_certs { - let certpem = x509_parser::pem::parse_x509_pem(cert_pem.as_bytes()) - .unwrap() - .1; - let certpem = certpem.parse_x509().unwrap(); + let certpem = match x509_parser::pem::parse_x509_pem(cert_pem.as_bytes()) { + Ok(certpem) => certpem.1, + Err(_) => return false, + }; + let certpem = match certpem.parse_x509() { + Ok(certpem) => certpem, + Err(_) => return false, + }; let public_key = certpem.public_key(); - let rsa_pub_key = RsaPublicKey::from_pkcs1_der(public_key.subject_public_key.data).unwrap(); - let is_valid = rsa::pkcs1v15::VerifyingKey::::new(rsa_pub_key).verify( - header_and_payload.as_bytes(), - &signature.try_into().unwrap(), - ); + let rsa_pub_key = + RsaPublicKey::from_pkcs1_der(&public_key.subject_public_key.data).unwrap(); + let is_valid = rsa::pkcs1v15::VerifyingKey::::new(rsa_pub_key) + .verify(header_and_payload.as_bytes(), &signature); if is_valid.is_ok() { return true; @@ -56,32 +59,32 @@ fn check_jwt_property(jwt: &str, property: &str, exp_value: &str) -> bool { let payload: Value = serde_json::from_slice(&payload_bytes).unwrap(); // Check in header - if let Some(obj) = header.as_object() { - if obj.contains_key(property) { - let value = obj - .get(property) - .and_then(|value| value.as_str().map(|s| s.to_string())) - .unwrap(); - return value == exp_value; - } + if let Some(obj) = header.as_object() + && obj.contains_key(property) + { + let value = obj + .get(property) + .and_then(|value| value.as_str().map(|s| s.to_string())) + .unwrap(); + return value == exp_value; } // Check in body - if let Some(obj) = payload.as_object() { - if obj.contains_key(property) { - let value = obj - .get(property) - .and_then(|value| value.as_str().map(|s| s.to_string())) - .unwrap(); - return value == exp_value; - } + if let Some(obj) = payload.as_object() + && obj.contains_key(property) + { + let value = obj + .get(property) + .and_then(|value| value.as_str().map(|s| s.to_string())) + .unwrap(); + return value == exp_value; } false } #[allow(clippy::missing_safety_doc)] -#[no_mangle] +#[unsafe(no_mangle)] pub unsafe extern "C" fn get_property( jwt_cstr: *const c_char, prop_cstr: *const c_char, @@ -128,7 +131,7 @@ pub unsafe extern "C" fn get_property( /// Free a C string returned from `get_property` #[allow(clippy::missing_safety_doc)] -#[no_mangle] +#[unsafe(no_mangle)] pub unsafe extern "C" fn free_string(s: *mut c_char) { if !s.is_null() { unsafe { @@ -138,14 +141,16 @@ pub unsafe extern "C" fn free_string(s: *mut c_char) { } #[allow(clippy::missing_safety_doc)] -#[no_mangle] +#[unsafe(no_mangle)] pub unsafe extern "C" fn verify_jwt(jwt_cstr: *const c_char) -> bool { let x5c_certs = [ // This is the certificate of the attestation service, which can be // found in tless/attestation-service/certs/cert.pem + // BEGIN: AUTO-INJECTED CERT r#"-----BEGIN CERTIFICATE----- MIIFCTCCAvGgAwIBAgIUIfCvnY9eL7gCAMnilTlwJTjV1ekwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTI1MDQxMzA5MzM1MFoXDTI2MDQxMzA5MzM1MFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxiqavAStTeJz0b2fEbIOzzJBBdxKlZhkixFd1IbHbxCwp+pAkPSoMuNr4zhbQNMOCqTWx0yIsKA2rJw2DohFtQWQSIUor8OLyMV/I2XIJydR9pcW/ZLx4LcSbv5Q9PiJXk1VB+IjYoW/2b2BHc9lCEZB+RLVDCVXGex1Wi3IeGcNhTDJHquwIojo+1HGtEH/a3K9wgRdy1D0PmDQCNCxQoBajATA0u4/TpsVsjsZzB7ZJpI020m7BCMvi7Dy68kDq18CZpAW0ZT7YsvCY1X+D0BvXd0NVNg/udqMPeQvhSXkQsiPqWar3zsR8JC5oKGVei6bHhtX17/9PiOChyIDzWwcrVNtJnmdS4jzuFdNOaBlCFGseXf3Pxkee3N/9vF3mn6RPYJfgj7yjr9qmxnRj02L8wbw3E8YjhOkznLiARDVCivzggEaHRNgDv7p3bQACkYae2gzJh+roBSm7fVmUH46Rgk8rz54uh/kKqoGpyxFV9njVZ8Q5JO+LI2aUjAxE13mZqkd89DYuvgHp7K5UDw/Bi5S2CWb/mLTX/WKur53t+B7iE3kJFx0A8G2UxLg3q9yhH+n2p64suLMq9iZcIlU+pSQj3jMSpuJH/6IHRHvJojgnx1T0bPxFtevIkXCNCXdgAHXmr+J5M60au2xIODk974QMfin8rGhwKdkpP0CAwEAAaNTMFEwHQYDVR0OBBYEFOc0rW9L90ySukKVg879piXRzDU0MB8GA1UdIwQYMBaAFOc0rW9L90ySukKVg879piXRzDU0MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAD5pxBGpsYvEfhppvVfMakn9DaEKmDp2GGs5SElJY5QS89dWjV4h4GGSVHPlPJ3TIdM9Qkvr34JMsLvkBNrAhlmPMQJAPnjqo6kuLoDCk1PNTQPZA9rO9ljoTMNcTCZue3Hu5G96PwV9z3kzGZZaBndmEnBVQ5JLXxZ/2221kyPxeV5sKoSfR2ZhfQcZiaiudY89kdJSg+2KovUoRzxoWvkZZyRz2UZX/VGF8luUbw6UFZf/SlV+JK7bcD5kNuMrFVZdm8hLu07wrRuRVSmM9wbZtdpjcRNtledNd1a7Nd9k1Oqqn/JZO3DfzoPzclje26mNh2ASNhqmO1SifoBgJDMU7ZmO4KS/Euqb2hgzQbjOG1FRflz1XJ5yKjY1T/4YwBqw8zUVVtmMUj0ksNWvYByh1+ZWZZNm03ioWkER4z+9MwTbPUVPwtg+HwnJXoV8C6Er16/blCuS1xgYMrBB5mK86MXFgNdJ3xrdvuukDhE7Eil9iC5419giya4Rli81VUdSvdzd6bldXAKQqCf0jB3kjTx0lno5CtgTG1s23Gnm/mitSWbnoy5TGjgX8wsIFdYmGhljouan7kOKiOkSgfnsbhd/aqCwt5NuU5WQMSfQ50BsIkT0HftXqaagNqXGUgQ8vrUa4wo8vlgGv5fwS6kzPDJW45w0uwIS1uEbHN1T -----END CERTIFICATE-----"#, + // END: AUTO-INJECTED CERT ]; let jwt = unsafe { CStr::from_ptr(jwt_cstr).to_str().unwrap() }; @@ -154,7 +159,7 @@ MIIFCTCCAvGgAwIBAgIUIfCvnY9eL7gCAMnilTlwJTjV1ekwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UE } #[allow(clippy::missing_safety_doc)] -#[no_mangle] +#[unsafe(no_mangle)] pub unsafe extern "C" fn check_property( jwt_cstr: *const c_char, property_cstr: *const c_char, @@ -167,30 +172,96 @@ pub unsafe extern "C" fn check_property( check_jwt_property(jwt, property, exp_value) } -/* -fn main() -> anyhow::Result<()> { - let x5c_certs = [ - // This is the good one - r#"-----BEGIN CERTIFICATE----- -MIIFCTCCAvGgAwIBAgIUIfCvnY9eL7gCAMnilTlwJTjV1ekwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTI1MDQxMzA5MzM1MFoXDTI2MDQxMzA5MzM1MFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxiqavAStTeJz0b2fEbIOzzJBBdxKlZhkixFd1IbHbxCwp+pAkPSoMuNr4zhbQNMOCqTWx0yIsKA2rJw2DohFtQWQSIUor8OLyMV/I2XIJydR9pcW/ZLx4LcSbv5Q9PiJXk1VB+IjYoW/2b2BHc9lCEZB+RLVDCVXGex1Wi3IeGcNhTDJHquwIojo+1HGtEH/a3K9wgRdy1D0PmDQCNCxQoBajATA0u4/TpsVsjsZzB7ZJpI020m7BCMvi7Dy68kDq18CZpAW0ZT7YsvCY1X+D0BvXd0NVNg/udqMPeQvhSXkQsiPqWar3zsR8JC5oKGVei6bHhtX17/9PiOChyIDzWwcrVNtJnmdS4jzuFdNOaBlCFGseXf3Pxkee3N/9vF3mn6RPYJfgj7yjr9qmxnRj02L8wbw3E8YjhOkznLiARDVCivzggEaHRNgDv7p3bQACkYae2gzJh+roBSm7fVmUH46Rgk8rz54uh/kKqoGpyxFV9njVZ8Q5JO+LI2aUjAxE13mZqkd89DYuvgHp7K5UDw/Bi5S2CWb/mLTX/WKur53t+B7iE3kJFx0A8G2UxLg3q9yhH+n2p64suLMq9iZcIlU+pSQj3jMSpuJH/6IHRHvJojgnx1T0bPxFtevIkXCNCXdgAHXmr+J5M60au2xIODk974QMfin8rGhwKdkpP0CAwEAAaNTMFEwHQYDVR0OBBYEFOc0rW9L90ySukKVg879piXRzDU0MB8GA1UdIwQYMBaAFOc0rW9L90ySukKVg879piXRzDU0MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAD5pxBGpsYvEfhppvVfMakn9DaEKmDp2GGs5SElJY5QS89dWjV4h4GGSVHPlPJ3TIdM9Qkvr34JMsLvkBNrAhlmPMQJAPnjqo6kuLoDCk1PNTQPZA9rO9ljoTMNcTCZue3Hu5G96PwV9z3kzGZZaBndmEnBVQ5JLXxZ/2221kyPxeV5sKoSfR2ZhfQcZiaiudY89kdJSg+2KovUoRzxoWvkZZyRz2UZX/VGF8luUbw6UFZf/SlV+JK7bcD5kNuMrFVZdm8hLu07wrRuRVSmM9wbZtdpjcRNtledNd1a7Nd9k1Oqqn/JZO3DfzoPzclje26mNh2ASNhqmO1SifoBgJDMU7ZmO4KS/Euqb2hgzQbjOG1FRflz1XJ5yKjY1T/4YwBqw8zUVVtmMUj0ksNWvYByh1+ZWZZNm03ioWkER4z+9MwTbPUVPwtg+HwnJXoV8C6Er16/blCuS1xgYMrBB5mK86MXFgNdJ3xrdvuukDhE7Eil9iC5419giya4Rli81VUdSvdzd6bldXAKQqCf0jB3kjTx0lno5CtgTG1s23Gnm/mitSWbnoy5TGjgX8wsIFdYmGhljouan7kOKiOkSgfnsbhd/aqCwt5NuU5WQMSfQ50BsIkT0HftXqaagNqXGUgQ8vrUa4wo8vlgGv5fwS6kzPDJW45w0uwIS1uEbHN1T ------END CERTIFICATE-----"#, - r#"-----BEGIN CERTIFICATE----- -MIIFCTCCAvGgAwIBAgIUIfCvnY9eL7gCAMnilTlwJTjV1ekwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTI1MDQxMzA5MzM1MFoXDTI2MDQxMzA5MzM1MFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxiqavAStTeJz0b2fEbIOzzJBBdxKlZhkixFd1IbHbxCwp+pAkPSoMuNr4zhbQNMOCqTWx0yIsKA2rJw2DohFtQWQSIUor8OLyMV/I2XIJydR9pcW/ZLx4LcSbv5Q9PiJXk1VB+IjYoW/2b2BHc9lCEZB+RLVDCVXGex1Wi3IeGcNhTDJHquwIojo+1HGtEH/a3K9wgRdy1D0PmDQCNCxQoBajATA0u4/TpsVsjsZzB7ZJpI020m7BCMvi7Dy68kDq18CZpAW0ZT7YsvCY1X+D0BvXd0NVNg/udqMPeQvhSXkQsiPqWar3zsR8JC5oKGVei6bHhtX17/9PiOChyIDzWwcrVNtJnmdS4jzuFdNOaBlCFGseXf3Pxkee3N/9vF3mn6RPYJfgj7yjr9qmxnRj02L8wbw3E8YjhOkznLiARDVCivzggEaHRNgDv7p3bQACkYae2gzJh+roBSm7fVmUH46Rgk8rz54uh/kKqoGpyxFV9njVZ8Q5JO+LI2aUjAxE13mZqkd89DYuvgHp7K5UDw/Bi5S2CWb/mLTX/WKur53t+B7iE3kJFx0A8G2UxLg3q9yhH+n2p64suLMq9iZcIlU+pSQj3jMSpuJH/6IHRHvJojgnx1T0bPxFtevIkXCNCXdgAHXmr+J5M60au2xIODk974QMfin8rGhwKdkpP0CAwEAAaNTMFEwHQYDVR0OBBYEFOc0rW9L90ySukKVg879piXRzDU0MB8GA1UdIwQYMBaAFOc0rW9L90ySukKVg879piXRzDU0MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAD5pxBGpsYvEfhppvVfMakn9DaEKmDp2GGs5SElJY5QS89dWjV4h4GGSVHPlPJ3TIdM9Qkvr34JMsLvkBNrAhlmPMQJAPnjqo6kuLoDCk1PNTQPZA9rO9ljoTMNcTCZue3Hu5G96PwV9z3kzGZZaBndmEnBVQ5JLXxZ/2221kyPxeV5sKoSfR2ZhfQcZiaiudY89kdJSg+2KovUoRzxoWvkZZyRz2UZX/VGF8luUbw6UFZf/SlV+JK7bcD5kNuMrFVZdm8hLu07wrRuRVSmM9wbZtdpjcRNtledNd1a7Nd9k1Oqqn/JZO3DfzoPzclje26mNh2ASNhqmO1SifoBgJDMU7ZmO4KS/Euqb2hgzQbjOG1FRflz1XJ5yKjY1T/4YwBqw8zUVVtmMUj0ksNWvYByh1+ZWZZNm03ioWkER4z+9MwTbPUVPwtg+HwnJXoV8C6Er16/blCuS1xgYMrBB5mK86MXFgNdJ3xrdvuukDhE7Eil9iC5419giya4Rli81VUdSvdzd6bldXAKQqCf0jB3kjTx0lno5CtgTG1s23Gnm/mitSWbnoy5TGjgX8wsIFdYmGhljouan7kOKiOkSgfnsbhd/aqCwt5NuU5WQMSfQ50BsIkT0HftXqaagNqXGUgQ8vrUa4wo8vlgGv5fwS6kzPDJW45w0uwIS1uEbHN1T ------END CERTIFICATE-----"#, - ]; +#[cfg(test)] +mod tests { + use super::*; + use std::ffi::{CStr, CString}; - // Example JWT token - let jwt = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhdHRlc3RlZC1jbGllbnQiLCJleHAiOjE3NDQ1NTM2NjAsImF1ZCI6ImFjY2xlc3MtYXR0ZXN0YXRpb24tc2VydmljZSIsInRlZSI6InNneCIsInRlZV9pZGVudGl0eSI6Ikc0TnUxTjNfNENDTDM1NSIsImFlc19rZXlfYjY0IjoiMm1LVHZNWjd1aWVKRldHWUFyR3JZc3FjOURLUklSK3h4VkhDSzEzVCtiaz0ifQ.b5b42FyN7qLtxek1-2gFjZFawBc9NQnTVzjv4zWdSjA5-sIH6yz8USmYlv_YiwAR_-L8sPrNKmNuhpMDHu2dd6wETauMVxf1S8nLYp2gI0Ehs8zyZKUZnY_yJMoZxbAFIBAna0ZpjvkAwp_wOZW-Cw3yRF0MX90PRryFrMdaUAy-B3JI3rGorm-4S_Rqw9E-dXONYJgmHZT0Qf-u1dVpRULGz2mXLexTao0npGiUP-l3cXuMKcWqa9skkGM8hP3M8p_OWA18zB1yxVvVNKzFCA8WaMrORsqFUaj3Tg-8NsbpM0roqAgeUh63C_STab1s7NzovZ-0JhxrMJ9iwJmfXl6V6o5HoXsRwQKqN89dmk0VgYVdh4UtacByliTn-lncwoSlb6AAVuQNVDTvgOloEfTjmthaojK7TIaI2riO4r-LLC46w0TgzA9ilYSulo4WQP2D-1xnhTcJzw7QCKll8W85czQvKWVZkrNPBL7-6s4yXc_5WvYBQeRfqjdJICqz-27TvxfHaLR2OZ7zb3lfYrwcEUh-RThjlZWIkwO3tMcCgdeOhseaLyJgzObsLcNPOIJdJOLdpZeSjJzvXm51WJwENXcty5cnQ_PIjJYhj91LSfhB2Onmtna6a-FQHpswAxTOAe2GWPBGvKI5HTNyaXp78UW3_Iq5SBSuLE9S-tM"; + const TEST_JWT: &str = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhdHRlc3RlZC1jbGllbnQiLCJleHAiOjE3NDQ1NTM2NjAsImF1ZCI6ImFjY2xlc3MtYXR0ZXN0YXRpb24tc2VydmljZSIsInRlZSI6InNneCIsInRlZV9pZGVudGl0eSI6Ikc0TnUxTjNfNENDTDM1NSIsImFlc19rZXlfYjY0IjoiMm1LVHZNWjd1aWVKRldHWUFyR3JZc3FjOURLUklSK3h4VkhDSzEzVCtiaz0ifQ.b5b42FyN7qLtxek1-2gFjZFawBc9NQnTVzjv4zWdSjA5-sIH6yz8USmYlv_YiwAR_-L8sPrNKmNuhpMDHu2dd6wETauMVxf1S8nLYp2gI0Ehs8zyZKUZnY_yJMoZxbAFIBAna0ZpjvkAwp_wOZW-Cw3yRF0MX90PRryFrMdaUAy-B3JI3rGorm-4S_Rqw9E-dXONYJgmHZT0Qf-u1dVpRULGz2mXLexTao0npGiUP-l3cXuMKcWqa9skkGM8hP3M8p_OWA18zB1yxVvVNKzFCA8WaMrORsqFUaj3Tg-8NsbpM0roqAgeUh63C_STab1s7NzovZ-0JhxrMJ9iwJmfXl6V6o5HoXsRwQKqN89dmk0VgYVdh4UtacByliTn-lncwoSlb6AAVuQNVDTvgOloEfTjmthaojK7TIaI2riO4r-LLC46w0TgzA9ilYSulo4WQP2D-1xnhTcJzw7QCKll8W85czQvKWVZkrNPBL7-6s4yXc_5WvYBQeRfqjdJICqz-27TvxfHaLR2OZ7zb3lfYrwcEUh-RThjlZWIkwO3tMcCgdeOhseaLyJgzObsLcNPOIJdJOLdpZeSjJzvXm51WJwENXcty5cnQ_PIjJYhj91LSfhB2Onmtna6a-FQHpswAxTOAe2GWPBGvKI5HTNyaXp78UW3_Iq5SBSuLE9S-tM"; - // Verify if the JWT is signed by any of the certificates in x5c - let is_valid = verify_jwt_signature(jwt, &x5c_certs); + const TEST_CERTS: [&str; 1] = [r#"-----BEGIN CERTIFICATE----- +MIIFCTCCAvGgAwIBAgIUIfCvnY9eL7gCAMnilTlwJTjV1ekwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTI1MDQxMzA5MzM1MFoXDTI2MDQxMzA5MzM1MFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxiqavAStTeJz0b2fEbIOzzJBBdxKlZhkixFd1IbHbxCwp+pAkPSoMuNr4zhbQNMOCqTWx0yIsKA2rJw2DohFtQWQSIUor8OLyMV/I2XIJydR9pcW/ZLx4LcSbv5Q9PiJXk1VB+IjYoW/2b2BHc9lCEZB+RLVDCVXGex1Wi3IeGcNhTDJHquwIojo+1HGtEH/a3K9wgRdy1D0PmDQCNCxQoBajATA0u4/TpsVsjsZzB7ZJpI020m7BCMvi7Dy68kDq18CZpAW0ZT7YsvCY1X+D0BvXd0NVNg/udqMPeQvhSXkQsiPqWar3zsR8JC5oKGVei6bHhtX17/9PiOChyIDzWwcrVNtJnmdS4jzuFdNOaBlCFGseXf3Pxkee3N/9vF3mn6RPYJfgj7yjr9qmxnRj02L8wbw3E8YjhOkznLiARDVCivzggEaHRNgDv7p3bQACkYae2gzJh+roBSm7fVmUH46Rgk8rz54uh/kKqoGpyxFV9njVZ8Q5JO+LI2aUjAxE13mZqkd89DYuvgHp7K5UDw/Bi5S2CWb/mLTX/WKur53t+B7iE3kJFx0A8G2UxLg3q9yhH+n2p64suLMq9iZcIlU+pSQj3jMSpuJH/6IHRHvJojgnx1T0bPxFtevIkXCNCXdgAHXmr+J5M60au2xIODk974QMfin8rGhwKdkpP0CAwEAAaNTMFEwHQYDVR0OBBYEFOc0rW9L90ySukKVg879piXRzDU0MB8GA1UdIwQYMBaAFOc0rW9L90ySukKVg879piXRzDU0MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAD5pxBGpsYvEfhppvVfMakn9DaEKmDp2GGs5SElJY5QS89dWjV4h4GGSVHPlPJ3TIdM9Qkvr34JMsLvkBNrAhlmPMQJAPnjqo6kuLoDCk1PNTQPZA9rO9ljoTMNcTCZue3Hu5G96PwV9z3kzGZZaBndmEnBVQ5JLXxZ/2221kyPxeV5sKoSfR2ZhfQcZiaiudY89kdJSg+2KovUoRzxoWvkZZyRz2UZX/VGF8luUbw6UFZf/SlV+JK7bcD5kNuMrFVZdm8hLu07wrRuRVSmM9wbZtdpjcRNtledNd1a7Nd9k1Oqqn/JZO3DfzoPzclje26mNh2ASNhqmO1SifoBgJDMU7ZmO4KS/Euqb2hgzQbjOG1FRflz1XJ5yKjY1T/4YwBqw8zUVVtmMUj0ksNWvYByh1+ZWZZNm03ioWkER4z+9MwTbPUVPwtg+HwnJXoV8C6Er16/blCuS1xgYMrBB5mK86MXFgNdJ3xrdvuukDhE7Eil9iC5419giya4Rli81VUdSvdzd6bldXAKQqCf0jB3kjTx0lno5CtgTG1s23Gnm/mitSWbnoy5TGjgX8wsIFdYmGhljouan7kOKiOkSgfnsbhd/aqCwt5NuU5WQMSfQ50BsIkT0HftXqaagNqXGUgQ8vrUa4wo8vlgGv5fwS6kzPDJW45w0uwIS1tEbHN1T +-----END CERTIFICATE-----"#]; - if is_valid { - println!("JWT signature is valid!"); - } else { - println!("JWT signature is invalid."); + #[test] + fn test_verify_jwt_signature_valid() { + let is_valid = verify_jwt_signature(TEST_JWT, &TEST_CERTS); + assert!(is_valid, "JWT signature should be valid"); } - Ok(()) + #[test] + fn test_verify_jwt_signature_invalid_signature() { + // Tampered JWT (changed first char of signature from 'b' to 'B') + let tampered_jwt = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhdHRlc3RlZC1jbGllbnQiLCJleHAiOjE3NDQ1NTM2NjAsImF1ZCI6ImFjY2xlc3MtYXR0ZXN0YXRpb24tc2VydmljZSIsInRlZSI6InNneCIsInRlZV9pZGVudGl0eSI6Ikc0TnUxTjNfNENDTDM1NSIsImFlc19rZXlfYjY0IjoiMm1LVHZNWjd1aWVKRldHWUFyR3JZc3FjOURLUklSK3h4VkhDSzEzVCtiaz0ifQ.B5b42FyN7qLtxek1-2gFjZFawBc9NQnTVzjv4zWdSjA5-sIH6yz8USmYlv_YiwAR_-L8sPrNKmNuhpMDHu2dd6wETauMVxf1S8nLYp2gI0Ehs8zyZKUZnY_yJMoZxbAFIBAna0ZpjvkAwp_wOZW-Cw3yRF0MX90PRryFrMdaUAy-B3JI3rGorm-4S_Rqw9E-dXONYJgmHZT0Qf-u1dVpRULGz2mXLexTao0npGiUP-l3cXuMKcWqa9skkGM8hP3M8p_OWA18zB1yxVvVNKzFCA8WaMrORsqFUaj3Tg-8NsbpM0roqAgeUh63C_STab1s7NzovZ-0JhxrMJ9iwJmfXl6V6o5HoXsRwQKqN89dmk0VgYVdh4UtacByliTn-lncwoSlb6AAVuQNVDTvgOloEfTjmthaojK7TIaI2riO4r-LLC46w0TgzA9ilYSulo4WQP2D-1xnhTcJzw7QCKll8W85czQvKWVZkrNPBL7-6s4yXc_5WvYBQeRfqjdJICqz-27TvxfHaLR2OZ7zb3lfYrwcEUh-RThjlZWIkwO3tMcCgdeOhseaLyJgzObsLcNPOIJdJOLdpZeSjJzvXm51WJwENXcty5cnQ_PIjJYhj91LSfhB2Onmtna6a-FQHpswAxTOAe2GWPBGvKI5HTNyaXp78UW3_Iq5SBSuLE9S-tM"; + let is_valid = verify_jwt_signature(tampered_jwt, &TEST_CERTS); + assert!(!is_valid, "Tampered JWT signature should be invalid"); + } + + #[test] + fn test_verify_jwt_signature_invalid_cert() { + // Modified (invalid) certificate. + let invalid_certs = [r#"-----BEGIN CERTIFICATE----- +MIIFCTCCAvGgAwIBAgIUIfCvnY9eL7gCAMnilTlwJTjV1ekwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTI1MDQxMzA5MzM1MFoXDTI2MDQxMzA5MzM1MFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxiqavAStTeJz0b2fEbIOzzJBBdxKlZhkixFd1IbHbxCwp+pAkPSoMuNr4zhbQNMOCqTWx0yIsKA2rJw2DohFtQWQSIUor8OLyMV/I2XIJydR9pcW/ZLx4LcSbv5Q9PiJXk1VB+IjYoW/2b2BHc9lCEZB+RLVDCVXGex1Wi3IeGcNhTDJHquwIojo+1HGtEH/a3K9wgRdy1D0PmDQCNCxQoBajATA0u4/TpsVsjsZzB7ZJpI020m7BCMvi7Dy68kDq18CZpAW0ZT7YsvCY1X+D0BvXd0NVNg/udqMPeQvhSXkQsiPqWar3zsR8JC5oKGVei6bHhtX17/9PiOChyIDzWwcrVNtJnmdS4jzuFdNOaBlCFGseXf3Pxkee3N/9vF3mn6RPYJfgj7yjr9qmxnRj02L8wbw3E8YjhOkznLiARDVCivzggEaHRNgDv7p3bQACkYae2gzJh+roBSm7fVmUH46Rgk8rz54uh/kKqoGpyxFV9njVZ8Q5JO+LI2aUjAxE13mZqkd89DYuvgHp7K5UDw/Bi5S2CWb/mLTX/WKur53t+B7iE3kJFx0A8G2UxLg3q9yhH+n2p64suLMq9iZcIlU+pSQj3jMSpuJH/6IHRHvJojgnx1T0bPxFtevIkXCNCXdgAHXmr+J5M60au2xIODk974QMfin8rGhwKdkpP0CAwEAAaNTMFEwHQYDVR0OBBYEFOc0rW9L90ySukKVg879piXRzDU0MB8GA1UdIwQYMBaAFOc0rW9L90ySukKVg879piXRzDU0MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-----END CERTIFICATE-----"#]; + let is_valid = verify_jwt_signature(TEST_JWT, &invalid_certs); + assert!( + !is_valid, + "JWT signature should be invalid with a wrong certificate" + ); + } + + #[test] + fn test_check_jwt_property() { + // Check header property + assert!(check_jwt_property(TEST_JWT, "typ", "JWT")); + assert!(check_jwt_property(TEST_JWT, "alg", "RS256")); + assert!(!check_jwt_property(TEST_JWT, "typ", "wrong")); + assert!(!check_jwt_property(TEST_JWT, "kty", "RSA")); // Key doesn't exist + + // Check payload property + assert!(check_jwt_property(TEST_JWT, "sub", "attested-client")); + assert!(check_jwt_property( + TEST_JWT, + "aud", + "accless-attestation-service" + )); + assert!(!check_jwt_property(TEST_JWT, "sub", "wrong-client")); + assert!(!check_jwt_property(TEST_JWT, "iss", "some-issuer")); // Key doesn't exist + } + + #[test] + fn test_get_property_ffi() { + // We need C-style strings + let jwt_cstr = CString::new(TEST_JWT).unwrap(); + let prop_sub_cstr = CString::new("sub").unwrap(); + let prop_aud_cstr = CString::new("aud").unwrap(); + let prop_missing_cstr = CString::new("iss").unwrap(); + let prop_not_string_cstr = CString::new("exp").unwrap(); // 'exp' is a number + + unsafe { + // Test "sub" + let sub_ptr = get_property(jwt_cstr.as_ptr(), prop_sub_cstr.as_ptr()); + assert!(!sub_ptr.is_null()); + let sub_val = CStr::from_ptr(sub_ptr).to_str().unwrap(); + assert_eq!(sub_val, "attested-client"); + free_string(sub_ptr); + + // Test "aud" + let aud_ptr = get_property(jwt_cstr.as_ptr(), prop_aud_cstr.as_ptr()); + assert!(!aud_ptr.is_null()); + let aud_val = CStr::from_ptr(aud_ptr).to_str().unwrap(); + assert_eq!(aud_val, "accless-attestation-service"); + free_string(aud_ptr); + + // Test missing property "iss" + let iss_ptr = get_property(jwt_cstr.as_ptr(), prop_missing_cstr.as_ptr()); + assert!(iss_ptr.is_null()); + free_string(iss_ptr); // free_string handles null + + // Test property that isn't a string "exp" + let exp_ptr = get_property(jwt_cstr.as_ptr(), prop_not_string_cstr.as_ptr()); + assert!(exp_ptr.is_null()); // .as_str() will fail for a number + free_string(exp_ptr); + } + } } -*/ diff --git a/accless/libs/rabe b/accless/libs/rabe deleted file mode 160000 index 9601f80..0000000 --- a/accless/libs/rabe +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 9601f80cc87fb3dea2f719d82171f8db1b9c3704 diff --git a/accli/Cargo.toml b/accli/Cargo.toml new file mode 100644 index 0000000..831f239 --- /dev/null +++ b/accli/Cargo.toml @@ -0,0 +1,39 @@ +[package] +name = "accli" +version.workspace = true +license-file.workspace = true +edition.workspace = true +authors.workspace = true +description = "CLI tool for Accless" +homepage.workspace = true + +[dependencies] +aes-gcm.workspace = true +aes-gcm-siv.workspace = true +anyhow.workspace = true +base64.workspace = true +bytes.workspace = true +chrono.workspace = true +clap = { workspace = true, features = ["derive"] } +csv.workspace = true +env_logger.workspace = true +futures.workspace = true +futures-util.workspace = true +hex.workspace = true +indicatif.workspace = true +log.workspace = true +minio.workspace = true +plotters.workspace = true +rabe.workspace = true +rand.workspace = true +regex.workspace = true +reqwest.workspace = true +serde = { workspace = true, features = ["derive"] } +serde_json.workspace = true +serde_yaml.workspace = true +shellexpand.workspace = true +sha2.workspace = true +shell-words.workspace = true +subtle.workspace = true +tokio = { workspace = true, features = ["full"] } +walkdir.workspace = true diff --git a/invrs/src/attestation_service.rs b/accli/src/attestation_service.rs similarity index 92% rename from invrs/src/attestation_service.rs rename to accli/src/attestation_service.rs index 9cac023..15471ff 100644 --- a/invrs/src/attestation_service.rs +++ b/accli/src/attestation_service.rs @@ -1,7 +1,7 @@ use crate::Env; -use anyhow::{bail, Context, Result}; -use base64::{engine::general_purpose, Engine as _}; -use reqwest::{tls, Client}; +use anyhow::{Context, Result, bail}; +use base64::{Engine as _, engine::general_purpose}; +use reqwest::{Client, tls}; use std::{env, fs}; fn get_as_url() -> Result { diff --git a/invrs/src/env.rs b/accli/src/env.rs similarity index 87% rename from invrs/src/env.rs rename to accli/src/env.rs index bdd4951..b9ebc2f 100644 --- a/invrs/src/env.rs +++ b/accli/src/env.rs @@ -1,7 +1,9 @@ -use std::env; -use std::fs::File; -use std::io::{self, BufReader, Read}; -use std::path::PathBuf; +use std::{ + env, + fs::File, + io::{self, BufReader, Read}, + path::PathBuf, +}; pub struct Env {} @@ -16,12 +18,14 @@ impl Env { pub fn ansible_root() -> PathBuf { let mut path = Self::proj_root(); + path.push("config"); path.push("ansible"); path } pub fn docker_root() -> PathBuf { let mut path = Self::proj_root(); + path.push("config"); path.push("docker"); path } diff --git a/invrs/src/main.rs b/accli/src/main.rs similarity index 84% rename from invrs/src/main.rs rename to accli/src/main.rs index 62b0fb2..f829c50 100644 --- a/invrs/src/main.rs +++ b/accli/src/main.rs @@ -1,13 +1,17 @@ -use crate::env::Env; -use crate::tasks::azure::Azure; -use crate::tasks::dag::Dag; -use crate::tasks::docker::{Docker, DockerContainer}; -use crate::tasks::eval::{Eval, EvalExperiment, EvalRunArgs}; -use crate::tasks::s3::S3; -use crate::tasks::ubench::{MicroBenchmarks, Ubench, UbenchRunArgs}; +use crate::{ + env::Env, + tasks::{ + azure::Azure, + dag::Dag, + dev::Dev, + docker::{Docker, DockerContainer}, + eval::{Eval, EvalExperiment, EvalRunArgs}, + s3::S3, + ubench::{MicroBenchmarks, Ubench, UbenchRunArgs}, + }, +}; use clap::{Parser, Subcommand}; -use log::error; -use std::{collections::HashMap, path::Path, process}; +use std::{collections::HashMap, process}; pub mod attestation_service; pub mod env; @@ -30,6 +34,11 @@ enum Command { #[command(subcommand)] dag_command: DagCommand, }, + /// Development-related tasks + Dev { + #[command(subcommand)] + dev_command: DevCommand, + }, /// Build and push different docker images Docker { #[command(subcommand)] @@ -40,12 +49,6 @@ enum Command { #[command(subcommand)] eval_command: EvalCommand, }, - /// Run code formatting: clang-format, cargo fmt, and cargo clippy - FormatCode { - /// Dry-run and report errors if not formatted well - #[arg(long)] - check: bool, - }, /// Run microbenchmark Ubench { #[command(subcommand)] @@ -73,6 +76,31 @@ enum DagCommand { }, } +#[derive(Debug, Subcommand)] +enum DevCommand { + /// Bump the code version + BumpVersion { + #[arg(long)] + major: bool, + #[arg(long)] + minor: bool, + #[arg(long)] + patch: bool, + }, + /// Run code formatting: clang-format, cargo fmt, and cargo clippy + FormatCode { + /// Dry-run and report errors if not formatted well + #[arg(long)] + check: bool, + }, + /// Tag the current commit with the version from the VERSION file + Tag { + /// Force push the tag + #[arg(long)] + force: bool, + }, +} + #[derive(Debug, Subcommand)] enum DockerCommand { Build { @@ -300,6 +328,26 @@ async fn main() -> anyhow::Result<()> { Dag::upload(name, yaml_path).await?; } }, + Command::Dev { dev_command } => match dev_command { + DevCommand::BumpVersion { + major, + minor, + patch, + } => { + let num_true = [*major, *minor, *patch].iter().filter(|&&x| x).count(); + if num_true != 1 { + log::error!("exactly one of --major, --minor, or --patch must be specified"); + process::exit(1); + } + Dev::bump_code_version(*major, *minor, *patch)?; + } + DevCommand::FormatCode { check } => { + Dev::format_code(*check); + } + DevCommand::Tag { force } => { + Dev::tag_code(*force)?; + } + }, Command::Docker { docker_command } => match docker_command { DockerCommand::Build { ctr, push, nocache } => { for c in ctr { @@ -390,139 +438,6 @@ async fn main() -> anyhow::Result<()> { } }, }, - Command::FormatCode { check } => { - // First, format all CPP "projects" - if !process::Command::new("clang-format") - .arg("--version") - .output() - .map(|output| output.status.success()) - .unwrap_or(false) - { - error!("clang-format must be installed and in your path"); - process::exit(1); - } - - let clang_format_cfg = Env::proj_root().join("config").join(".clang-format"); - - let extensions = ["cpp", "c", "h", "hpp"]; - - fn is_source_file(path: &Path, exts: &[&str]) -> bool { - path.is_file() - && path - .extension() - .and_then(|e| e.to_str()) - .map(|ext| exts.contains(&ext)) - .unwrap_or(false) - } - - fn is_excluded(entry: &walkdir::DirEntry) -> bool { - let excluded_dirs = ["build-wasm", "build-native", "target", "venv"]; - entry.file_type().is_dir() - && entry - .file_name() - .to_str() - .map(|name| excluded_dirs.contains(&name)) - .unwrap_or(false) - } - - for entry in walkdir::WalkDir::new(".") - .into_iter() - .filter_entry(|e| !is_excluded(e)) - .filter_map(Result::ok) - { - let path = entry.path(); - if is_source_file(path, &extensions) { - let mut cmd = process::Command::new("clang-format"); - cmd.arg("-i").arg(path); - cmd.arg(format!("--style=file:{}", clang_format_cfg.display())); - - if *check { - cmd.arg("--dry-run").arg("--Werror").arg(path); - } - - match cmd.status() { - Ok(status) if status.success() => {} - Ok(status) => { - error!( - "clang-format failed on {} with status {}", - path.display(), - status - ); - process::exit(1); - } - Err(err) => { - error!("Failed to run clang-format on {}: {}", path.display(), err); - process::exit(1); - } - } - } - } - - // Now format rust code - let dirs = [ - "accless/libs/jwt", - // We skip formatting rabe as the upstream fork is not - // formatted - // "accless/libs/rabe", - "attestation-service", - "invrs", - "workflows/finra/knative", - "workflows/word-count/knative", - "workflows/ml-inference/knative", - "workflows/ml-training/knative", - ]; - for dir in dirs { - let cwd = Env::proj_root().join(dir); - - // cargo fmt - let mut fmt_cmd = process::Command::new("cargo"); - fmt_cmd.arg("fmt"); - if *check { - fmt_cmd.arg("--").arg("--check"); - } - fmt_cmd.current_dir(&cwd); - - match fmt_cmd.status() { - Ok(status) if status.success() => {} - Ok(status) => { - error!( - "cargo fmt failed on {} with status {}", - cwd.clone().display(), - status - ); - process::exit(1); - } - Err(err) => { - error!("Failed to run cargo fmt on {}: {}", cwd.display(), err); - process::exit(1); - } - } - - // cargo clippy - let mut clippy_cmd = process::Command::new("cargo"); - clippy_cmd.arg("clippy"); - if *check { - clippy_cmd.arg("--").arg("-D").arg("warnings"); - } - clippy_cmd.current_dir(&cwd); - - match clippy_cmd.status() { - Ok(status) if status.success() => {} - Ok(status) => { - error!( - "cargo clippy failed on {} with status {}", - cwd.clone().display(), - status - ); - process::exit(1); - } - Err(err) => { - error!("Failed to run cargo clippy on {}: {}", cwd.display(), err); - process::exit(1); - } - } - } - } Command::Ubench { ubench_command } => match ubench_command { UbenchCommand::EscrowCost { ubench_sub_command } => match ubench_sub_command { UbenchSubCommand::Run(run_args) => { diff --git a/invrs/src/tasks.rs b/accli/src/tasks.rs similarity index 92% rename from invrs/src/tasks.rs rename to accli/src/tasks.rs index 9275c20..18cf7fe 100644 --- a/invrs/src/tasks.rs +++ b/accli/src/tasks.rs @@ -2,6 +2,7 @@ pub mod azure; pub mod color; pub mod dag; +pub mod dev; pub mod docker; pub mod eval; pub mod s3; diff --git a/invrs/src/tasks/azure.rs b/accli/src/tasks/azure.rs similarity index 94% rename from invrs/src/tasks/azure.rs rename to accli/src/tasks/azure.rs index 7bea36f..6a27a01 100644 --- a/invrs/src/tasks/azure.rs +++ b/accli/src/tasks/azure.rs @@ -3,7 +3,11 @@ use base64::Engine; use log::info; use serde_json::Value; use shellexpand; -use std::{collections::HashMap, fs, process::Command, process::ExitStatus}; +use std::{ + collections::HashMap, + fs, + process::{Command, ExitStatus}, +}; const AZURE_RESOURCE_GROUP: &str = "faasm"; const AZURE_USERNAME: &str = "tless"; @@ -13,8 +17,7 @@ const AZURE_SSH_PRIV_KEY: &str = "~/.ssh/id_rsa"; const AZURE_SSH_PUB_KEY: &str = "~/.ssh/id_rsa.pub"; const AZURE_SGX_VM_IMAGE: &str = "Canonical:ubuntu-24_04-lts:server:latest"; -const AZURE_SNP_CC_VM_SIZE: &str = - "/CommunityGalleries/cocopreview-91c44057-c3ab-4652-bf00-9242d5a90170/Images/ubu2204-snp-host-upm/Versions/latest"; +const AZURE_SNP_CC_VM_SIZE: &str = "/CommunityGalleries/cocopreview-91c44057-c3ab-4652-bf00-9242d5a90170/Images/ubu2204-snp-host-upm/Versions/latest"; // Specifies order in which to delete resource types const RESOURCE_TYPE_PRECEDENCE: [&str; 4] = [ @@ -84,7 +87,7 @@ impl Azure { /// domain #[allow(dead_code)] fn activate_managed_hsm(mhsm_name: &str) { - let key_dir = Env::proj_root().join("azure").join("keys"); + let key_dir = Env::proj_root().join("config").join("azure").join("keys"); fs::create_dir_all(&key_dir).expect("invrs: failed to create key directory"); Self::create_self_signed_cert( @@ -303,12 +306,15 @@ impl Azure { info!("creating snp guest: {vm_name} (sku: {vm_sku})"); let parameter_file = Env::proj_root() + .join("config") .join("azure") .join("snp_guest_parameters.json"); let template_file = Env::proj_root() + .join("config") .join("azure") .join("snp_guest_template.json"); let cloud_init_file = Env::proj_root() + .join("config") .join("azure") .join("snp_guest_cloud-init.txt"); @@ -389,18 +395,17 @@ impl Azure { info!("creating managed hsm: {mhsm_name} (paired with vm: {vm_name})"); // Create managed HSM - /* FIXME: allocating a mHSM can take between 15 to 30'. To avoid this, - * and for the time being, we run the tests with an AKV with the - * `premium` SKU. - let az_cmd = "az ad signed-in-user show --query id -o tsv"; - let oid = Self::run_cmd_get_output(az_cmd, "error showing user id"); - let az_cmd = format!( - "az keyvault create --hsm-name {mhsm_name} \ - --resource-group {AZURE_RESOURCE_GROUP} \ - --location {AZURE_LOCATION} --administrators {} \ - --enable-rbac-authorization false \ - --retention-days 7", oid.trim()); - */ + // FIXME: allocating a mHSM can take between 15 to 30'. To avoid this, + // and for the time being, we run the tests with an AKV with the + // `premium` SKU. + // let az_cmd = "az ad signed-in-user show --query id -o tsv"; + // let oid = Self::run_cmd_get_output(az_cmd, "error showing user id"); + // let az_cmd = format!( + // "az keyvault create --hsm-name {mhsm_name} \ + // --resource-group {AZURE_RESOURCE_GROUP} \ + // --location {AZURE_LOCATION} --administrators {} \ + // --enable-rbac-authorization false \ + // --retention-days 7", oid.trim()); let az_cmd = format!( "az keyvault create --name {mhsm_name} \ --resource-group {AZURE_RESOURCE_GROUP} --sku premium \ @@ -428,6 +433,7 @@ impl Azure { "az keyvault key create --exportable true --vault-name {mhsm_name} \ --kty RSA-HSM --name {key_name} --policy {}", Env::proj_root() + .join("config") .join("azure") .join("mhsm_skr_policy.json") .display() @@ -436,18 +442,18 @@ impl Azure { } pub fn delete_mhsm(mhsm_name: &str) { - /* FIXME: see above - let az_cmd = format!( - "az keyvault delete --hsm-name {mhsm_name} \ - --resource-group {AZURE_RESOURCE_GROUP}"); - */ + // FIXME: see above + // let az_cmd = format!( + // "az keyvault delete --hsm-name {mhsm_name} \ + // --resource-group {AZURE_RESOURCE_GROUP}"); let az_cmd = format!( "az keyvault delete --name {mhsm_name} \ --resource-group {AZURE_RESOURCE_GROUP}" ); Self::run_cmd(&az_cmd, "error deleting mhsm"); - // let az_cmd = format!("az keyvault purge --hsm-name {mhsm_name} --location {AZURE_LOCATION}"); + // let az_cmd = format!("az keyvault purge --hsm-name {mhsm_name} --location + // {AZURE_LOCATION}"); let az_cmd = format!("az keyvault purge --name {mhsm_name} --location {AZURE_LOCATION}"); Self::run_cmd(&az_cmd, "error deleting mhsm"); } diff --git a/invrs/src/tasks/color.rs b/accli/src/tasks/color.rs similarity index 100% rename from invrs/src/tasks/color.rs rename to accli/src/tasks/color.rs diff --git a/invrs/src/tasks/dag.rs b/accli/src/tasks/dag.rs similarity index 97% rename from invrs/src/tasks/dag.rs rename to accli/src/tasks/dag.rs index 4fe5f73..f9defc5 100644 --- a/invrs/src/tasks/dag.rs +++ b/accli/src/tasks/dag.rs @@ -1,13 +1,13 @@ -use crate::attestation_service; -use crate::tasks::s3::S3; -use aes_gcm::aead::{Aead, AeadCore, KeyInit, OsRng}; -use aes_gcm::Aes256Gcm; +use crate::{attestation_service, tasks::s3::S3}; +use aes_gcm::{ + Aes256Gcm, + aead::{Aead, AeadCore, KeyInit, OsRng}, +}; use rabe; use serde::{Deserialize, Serialize}; use serde_yaml; use sha2::{Digest, Sha256}; -use std::fs::File; -use std::io::Read; +use std::{fs::File, io::Read}; // Struct a node in our workflow DAG #[derive(Debug, Serialize, Deserialize)] diff --git a/accli/src/tasks/dev.rs b/accli/src/tasks/dev.rs new file mode 100644 index 0000000..7fab31a --- /dev/null +++ b/accli/src/tasks/dev.rs @@ -0,0 +1,272 @@ +use crate::Env; +use anyhow::Result; +use log::{error, info}; +use regex::Regex; +use std::{ + fmt, + fs::{self, File}, + io::{self, Write}, + path::Path, + process, +}; + +/// Represents the version components. +#[derive(Debug, PartialEq, Eq)] +struct Version { + major: u32, + minor: u32, + patch: u32, +} + +impl fmt::Display for Version { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + write!(f, "{}.{}.{}", self.major, self.minor, self.patch) + } +} + +impl Version { + /// Parses a version string (e.g., "1.2.3") into a Version struct. + fn parse(version_str: &str) -> Result { + let parts: Vec<&str> = version_str.trim().split('.').collect(); + if parts.len() != 3 { + error!("Invalid version format: {}", version_str); + return Err(anyhow::anyhow!("Invalid version format: {}", version_str)); + } + + let major = parts[0].parse()?; + let minor = parts[1].parse()?; + let patch = parts[2].parse()?; + + Ok(Version { + major, + minor, + patch, + }) + } + + /// Increments the version based on the specified bump type. + fn bump(&mut self, major: bool, minor: bool, patch: bool) { + if major { + self.major += 1; + self.minor = 0; + self.patch = 0; + } else if minor { + self.minor += 1; + self.patch = 0; + } else if patch { + self.patch += 1; + } + // If none are true, the version remains the same. + } +} + +#[derive(Debug)] +pub struct Dev {} + +impl Dev { + /// Helper function to overwrite the VERSION file. + fn update_version_file(path: &Path, new_version: &str) -> io::Result<()> { + let mut file = File::create(path)?; + // The VERSION file contains only the version string, so we overwrite it. + file.write_all(new_version.as_bytes())?; + file.write_all(b"\n")?; // Add a newline for clean file ending + Ok(()) + } + + /// Helper function to update the version in Cargo.toml using regex. + fn update_cargo_toml(path: &Path, new_version: &str) -> Result<()> { + let cargo_toml_content = fs::read_to_string(path)?; + + // Regex to find 'version = "X.Y.Z"' + // It captures everything before and after the version string to replace only + // the version. + let re = Regex::new(r#"(version\s*=\s*)"(\d+\.\d+\.\d+)""#)?; + + let replacement = format!("$1\"{}\"", new_version); + let new_content = re + .replace(&cargo_toml_content, replacement.as_str()) + .to_string(); + + // Overwrite Cargo.toml with the new content + fs::write(path, new_content)?; + + Ok(()) + } + + /// Bumps the version tag in both the VERSION file and Cargo.toml + pub fn bump_code_version(major: bool, minor: bool, patch: bool) -> Result<()> { + // Read current version from version file + let current_version_str = Env::get_version()?; + + // 2. PARSE AND BUMP THE VERSION + let mut version = Version::parse(¤t_version_str)?; + version.bump(major, minor, patch); + let new_version_str = version.to_string(); + + info!("current version: {}", current_version_str.trim()); + info!("new version: {}", new_version_str); + + // Update the version file + let version_file_path = Env::proj_root().join("VERSION"); + Self::update_version_file(&version_file_path, &new_version_str)?; + + // Update the cargo.toml file + let cargo_toml_path = Env::proj_root().join("Cargo.toml"); + Self::update_cargo_toml(&cargo_toml_path, &new_version_str)?; + + Ok(()) + } + + /// Tags the current commit with the version from the VERSION file. + pub fn tag_code(force: bool) -> Result<()> { + let current_version_str = Env::get_version()?; + let version = Version::parse(¤t_version_str)?; + let tag_name = format!("v{}", version); + + info!("Creating git tag: {}", tag_name); + let mut tag_cmd = process::Command::new("git"); + tag_cmd.arg("tag").arg(&tag_name); + if force { + tag_cmd.arg("--force"); + } + let tag_output = tag_cmd.output()?; + + if !tag_output.status.success() { + error!( + "Failed to create git tag: {}", + String::from_utf8_lossy(&tag_output.stderr) + ); + return Err(anyhow::anyhow!("Failed to create git tag")); + } + + info!("Pushing git tag to origin: {}", tag_name); + let mut push_cmd = process::Command::new("git"); + push_cmd.arg("push").arg("origin").arg(&tag_name); + if force { + push_cmd.arg("--force"); + } + let push_output = push_cmd.output()?; + + if !push_output.status.success() { + error!( + "Failed to push git tag: {}", + String::from_utf8_lossy(&push_output.stderr) + ); + return Err(anyhow::anyhow!("Failed to push git tag")); + } + + info!("Successfully tagged and pushed version {}", tag_name); + Ok(()) + } + + /// Format all source code. + pub fn format_code(check: bool) { + // First, format all CPP "projects" + if !process::Command::new("clang-format") + .arg("--version") + .output() + .map(|output| output.status.success()) + .unwrap_or(false) + { + error!("clang-format must be installed and in your path"); + process::exit(1); + } + + let clang_format_cfg = Env::proj_root().join("config").join(".clang-format"); + + let extensions = ["cpp", "c", "h", "hpp"]; + + fn is_source_file(path: &Path, exts: &[&str]) -> bool { + path.is_file() + && path + .extension() + .and_then(|e| e.to_str()) + .map(|ext| exts.contains(&ext)) + .unwrap_or(false) + } + + fn is_excluded(entry: &walkdir::DirEntry) -> bool { + let excluded_dirs = ["build-wasm", "build-native", "target", "venv"]; + entry.file_type().is_dir() + && entry + .file_name() + .to_str() + .map(|name| excluded_dirs.contains(&name)) + .unwrap_or(false) + } + + for entry in walkdir::WalkDir::new(".") + .into_iter() + .filter_entry(|e| !is_excluded(e)) + .filter_map(Result::ok) + { + let path = entry.path(); + if is_source_file(path, &extensions) { + let mut cmd = process::Command::new("clang-format"); + cmd.arg("-i").arg(path); + cmd.arg(format!("--style=file:{}", clang_format_cfg.display())); + + if check { + cmd.arg("--dry-run").arg("--Werror").arg(path); + } + + match cmd.status() { + Ok(status) if status.success() => {} + Ok(status) => { + error!( + "clang-format failed on {} with status {}", + path.display(), + status + ); + process::exit(1); + } + Err(err) => { + error!("Failed to run clang-format on {}: {}", path.display(), err); + process::exit(1); + } + } + } + } + + // Now format rust code + // cargo fmt + let mut fmt_cmd = process::Command::new("cargo"); + fmt_cmd.arg("fmt"); + if check { + fmt_cmd.arg("--").arg("--check"); + } + fmt_cmd.current_dir(Env::proj_root()); + + match fmt_cmd.status() { + Ok(status) if status.success() => {} + Ok(status) => { + error!("cargo fmt failed with status {}", status); + process::exit(1); + } + Err(err) => { + error!("failed to run cargo fmt (err={err:?})"); + process::exit(1); + } + } + + // cargo clippy + let mut clippy_cmd = process::Command::new("cargo"); + clippy_cmd.arg("clippy"); + if check { + clippy_cmd.arg("--").arg("-D").arg("warnings"); + } + clippy_cmd.current_dir(Env::proj_root()); + + match clippy_cmd.status() { + Ok(status) if status.success() => {} + Ok(status) => { + error!("cargo clippy failed with status {}", status); + process::exit(1); + } + Err(err) => { + error!("failed to run cargo clippy (error={err:?})"); + process::exit(1); + } + } + } +} diff --git a/invrs/src/tasks/docker.rs b/accli/src/tasks/docker.rs similarity index 90% rename from invrs/src/tasks/docker.rs rename to accli/src/tasks/docker.rs index 9906b94..dd08c31 100644 --- a/invrs/src/tasks/docker.rs +++ b/accli/src/tasks/docker.rs @@ -1,9 +1,10 @@ use crate::env::Env; use clap::ValueEnum; -use rand::Rng; -use std::fmt; -use std::process::{Command, Stdio}; -use std::str::FromStr; +use std::{ + fmt, + process::{Command, Stdio}, + str::FromStr, +}; #[derive(Clone, Debug, ValueEnum, PartialEq, Eq, PartialOrd, Ord)] pub enum DockerContainer { @@ -74,10 +75,7 @@ impl Docker { .arg("-f") .arg(dockerfile_path.to_string_lossy().into_owned()) .arg("--build-arg") - .arg(format!("TLESS_VERSION={}", Env::get_version().unwrap())) - // TODO: delete this build arg - .arg("--build-arg") - .arg(format!("TMP_VER={}", rand::rng().random_range(0..1000))) + .arg(format!("ACCLESS_VERSION={}", Env::get_version().unwrap())) .arg("."); if nocache { diff --git a/invrs/src/tasks/eval.rs b/accli/src/tasks/eval.rs similarity index 98% rename from invrs/src/tasks/eval.rs rename to accli/src/tasks/eval.rs index 91319f5..8ad79e6 100644 --- a/invrs/src/tasks/eval.rs +++ b/accli/src/tasks/eval.rs @@ -1,8 +1,12 @@ -use crate::env::Env; -use crate::tasks::color::{get_color_from_label, FONT_SIZE, STROKE_WIDTH}; -use crate::tasks::docker::{Docker, DockerContainer}; -use crate::tasks::s3::S3; -use crate::tasks::workflows::{AvailableWorkflow, Workflows}; +use crate::{ + env::Env, + tasks::{ + color::{FONT_SIZE, STROKE_WIDTH, get_color_from_label}, + docker::{Docker, DockerContainer}, + s3::S3, + workflows::{AvailableWorkflow, Workflows}, + }, +}; use chrono::{DateTime, Duration, TimeZone, Utc}; use clap::{Args, ValueEnum}; use csv::ReaderBuilder; @@ -11,10 +15,16 @@ use log::{debug, error}; use plotters::prelude::*; use serde::Deserialize; use shell_words; -use std::path::PathBuf; -use std::process::{Command, Stdio}; -use std::str::FromStr; -use std::{collections::BTreeMap, env, fmt, fs, io::Write, str, thread, time}; +use std::{ + collections::BTreeMap, + env, fmt, fs, + io::Write, + path::PathBuf, + process::{Command, Stdio}, + str, + str::FromStr, + thread, time, +}; static EVAL_BUCKET_NAME: &str = "tless"; @@ -274,7 +284,9 @@ impl Eval { loop { thread::sleep(time::Duration::from_secs(2)); - let output = Self::run_kubectl_cmd(&format!("-n {namespace} get pods -l {label} -o jsonpath='{{..status.conditions[?(@.type==\"Ready\")].status}}'")); + let output = Self::run_kubectl_cmd(&format!( + "-n {namespace} get pods -l {label} -o jsonpath='{{..status.conditions[?(@.type==\"Ready\")].status}}'" + )); let values: Vec<&str> = output.split_whitespace().collect(); debug!( @@ -465,7 +477,9 @@ impl Eval { async fn wait_for_scale_to_zero() { loop { - let output = Self::run_kubectl_cmd("-n accless get pods -o jsonpath={{..status.conditions[?(@.type==\"Ready\")].status}}"); + let output = Self::run_kubectl_cmd( + "-n accless get pods -o jsonpath={{..status.conditions[?(@.type==\"Ready\")].status}}", + ); debug!("invrs: waiting for a scale-down: out: {output}"); let values: Vec<&str> = output.split_whitespace().collect(); @@ -633,7 +647,9 @@ impl Eval { let baseline = args.baseline[args_offset].clone(); // Get the MinIO URL - let minio_url = Self::run_kubectl_cmd("-n accless get services -o jsonpath={.items[?(@.metadata.name==\"minio\")].spec.clusterIP}"); + let minio_url = Self::run_kubectl_cmd( + "-n accless get services -o jsonpath={.items[?(@.metadata.name==\"minio\")].spec.clusterIP}", + ); unsafe { env::set_var("MINIO_URL", minio_url); } @@ -643,7 +659,8 @@ impl Eval { EvalExperiment::ScaleUpLatency => [AvailableWorkflow::Finra].iter(), EvalExperiment::ColdStart => [AvailableWorkflow::WordCount].iter(), // TODO: remove me delete me - // EvalExperiment::E2eLatencyCold => [AvailableWorkflow::MlInference, AvailableWorkflow::WordCount].iter(), + // EvalExperiment::E2eLatencyCold => [AvailableWorkflow::MlInference, + // AvailableWorkflow::WordCount].iter(), _ => AvailableWorkflow::iter_variants(), }; diff --git a/invrs/src/tasks/s3.rs b/accli/src/tasks/s3.rs similarity index 98% rename from invrs/src/tasks/s3.rs rename to accli/src/tasks/s3.rs index 297cbdc..41f541c 100644 --- a/invrs/src/tasks/s3.rs +++ b/accli/src/tasks/s3.rs @@ -3,13 +3,15 @@ use bytes::Bytes; use chrono::{DateTime, Utc}; use futures_util::StreamExt; use log::{debug, error, info, warn}; -use minio::s3::args::*; -use minio::s3::builders::ObjectContent; -use minio::s3::client::{Client, ClientBuilder}; -use minio::s3::creds::StaticProvider; -use minio::s3::error::Error; -use minio::s3::http::BaseUrl; -use minio::s3::types::{S3Api, ToStream}; +use minio::s3::{ + args::*, + builders::ObjectContent, + client::{Client, ClientBuilder}, + creds::StaticProvider, + error::Error, + http::BaseUrl, + types::{S3Api, ToStream}, +}; use std::{ env, fs, io::{Read, Write}, diff --git a/invrs/src/tasks/ubench.rs b/accli/src/tasks/ubench.rs similarity index 99% rename from invrs/src/tasks/ubench.rs rename to accli/src/tasks/ubench.rs index 4ba19e0..91220da 100644 --- a/invrs/src/tasks/ubench.rs +++ b/accli/src/tasks/ubench.rs @@ -1,5 +1,7 @@ -use crate::env::Env; -use crate::tasks::color::{get_color_from_label, FONT_SIZE, STROKE_WIDTH}; +use crate::{ + env::Env, + tasks::color::{FONT_SIZE, STROKE_WIDTH, get_color_from_label}, +}; use anyhow::Result; use clap::{Args, ValueEnum}; use csv::ReaderBuilder; diff --git a/invrs/src/tasks/workflows.rs b/accli/src/tasks/workflows.rs similarity index 97% rename from invrs/src/tasks/workflows.rs rename to accli/src/tasks/workflows.rs index 9ae6a06..7d91e94 100644 --- a/invrs/src/tasks/workflows.rs +++ b/accli/src/tasks/workflows.rs @@ -1,11 +1,10 @@ -use crate::env::Env; -use crate::tasks::dag::Dag; -use crate::tasks::s3::S3; +use crate::{ + env::Env, + tasks::{dag::Dag, s3::S3}, +}; use clap::ValueEnum; use log::debug; -use std::path::PathBuf; -use std::str::FromStr; -use std::{env, fmt}; +use std::{env, fmt, path::PathBuf, str::FromStr}; #[derive(Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ValueEnum)] pub enum AvailableWorkflow { diff --git a/attestation-service/Cargo.lock b/attestation-service/Cargo.lock deleted file mode 100644 index 76591d1..0000000 --- a/attestation-service/Cargo.lock +++ /dev/null @@ -1,3292 +0,0 @@ -# This file is automatically @generated by Cargo. -# It is not intended for manual editing. -version = 4 - -[[package]] -name = "adler2" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa" - -[[package]] -name = "aead" -version = "0.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0" -dependencies = [ - "crypto-common", - "generic-array", -] - -[[package]] -name = "aes" -version = "0.8.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0" -dependencies = [ - "cfg-if", - "cipher", - "cpufeatures", -] - -[[package]] -name = "aes-gcm" -version = "0.10.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "831010a0f742e1209b3bcea8fab6a8e149051ba6099432c8cb2cc117dec3ead1" -dependencies = [ - "aead", - "aes", - "cipher", - "ctr", - "ghash", - "subtle", -] - -[[package]] -name = "aho-corasick" -version = "1.1.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8e60d3430d3a69478ad0993f19238d2df97c507009a52b3c10addcd7f6bcb916" -dependencies = [ - "memchr", -] - -[[package]] -name = "android_system_properties" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" -dependencies = [ - "libc", -] - -[[package]] -name = "anstream" -version = "0.6.21" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43d5b281e737544384e969a5ccad3f1cdd24b48086a0fc1b2a5262a26b8f4f4a" -dependencies = [ - "anstyle", - "anstyle-parse", - "anstyle-query", - "anstyle-wincon", - "colorchoice", - "is_terminal_polyfill", - "utf8parse", -] - -[[package]] -name = "anstyle" -version = "1.0.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5192cca8006f1fd4f7237516f40fa183bb07f8fbdfedaa0036de5ea9b0b45e78" - -[[package]] -name = "anstyle-parse" -version = "0.2.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e7644824f0aa2c7b9384579234ef10eb7efb6a0deb83f9630a49594dd9c15c2" -dependencies = [ - "utf8parse", -] - -[[package]] -name = "anstyle-query" -version = "1.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e231f6134f61b71076a3eab506c379d4f36122f2af15a9ff04415ea4c3339e2" -dependencies = [ - "windows-sys 0.60.2", -] - -[[package]] -name = "anstyle-wincon" -version = "3.0.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e0633414522a32ffaac8ac6cc8f748e090c5717661fddeea04219e2344f5f2a" -dependencies = [ - "anstyle", - "once_cell_polyfill", - "windows-sys 0.60.2", -] - -[[package]] -name = "anyhow" -version = "1.0.100" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a23eb6b1614318a8071c9b2521f36b424b2c83db5eb3a0fead4a6c0809af6e61" - -[[package]] -name = "asn1-rs" -version = "0.6.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5493c3bedbacf7fd7382c6346bbd66687d12bbaad3a89a2d2c303ee6cf20b048" -dependencies = [ - "asn1-rs-derive", - "asn1-rs-impl", - "displaydoc", - "nom", - "num-traits", - "rusticata-macros", - "thiserror 1.0.69", - "time", -] - -[[package]] -name = "asn1-rs-derive" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "965c2d33e53cb6b267e148a4cb0760bc01f4904c1cd4bb4002a085bb016d1490" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "synstructure", -] - -[[package]] -name = "asn1-rs-impl" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b18050c2cd6fe86c3a76584ef5e0baf286d038cda203eb6223df2cc413565f7" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "async-trait" -version = "0.1.89" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9035ad2d096bed7955a320ee7e2230574d28fd3c3a0f186cbea1ff3c7eed5dbb" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "atomic-waker" -version = "1.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0" - -[[package]] -name = "attestation-service" -version = "0.1.0" -dependencies = [ - "aes-gcm", - "anyhow", - "axum", - "base64 0.22.1", - "bytes", - "chrono", - "hyper 1.7.0", - "hyper-util", - "jsonwebtoken", - "p256", - "ring", - "rustls", - "rustls-pemfile", - "serde", - "serde_json", - "snpguest", - "tokio", - "tokio-rustls", - "ureq", -] - -[[package]] -name = "autocfg" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" - -[[package]] -name = "aws-lc-rs" -version = "1.14.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "879b6c89592deb404ba4dc0ae6b58ffd1795c78991cbb5b8bc441c48a070440d" -dependencies = [ - "aws-lc-sys", - "zeroize", -] - -[[package]] -name = "aws-lc-sys" -version = "0.32.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "107a4e9d9cab9963e04e84bb8dee0e25f2a987f9a8bad5ed054abd439caa8f8c" -dependencies = [ - "bindgen", - "cc", - "cmake", - "dunce", - "fs_extra", -] - -[[package]] -name = "axum" -version = "0.7.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "edca88bc138befd0323b20752846e6587272d3b03b0343c8ea28a6f819e6e71f" -dependencies = [ - "async-trait", - "axum-core", - "bytes", - "futures-util", - "http 1.3.1", - "http-body 1.0.1", - "http-body-util", - "hyper 1.7.0", - "hyper-util", - "itoa", - "matchit", - "memchr", - "mime", - "percent-encoding", - "pin-project-lite", - "rustversion", - "serde", - "serde_json", - "serde_path_to_error", - "serde_urlencoded", - "sync_wrapper 1.0.2", - "tokio", - "tower", - "tower-layer", - "tower-service", - "tracing", -] - -[[package]] -name = "axum-core" -version = "0.4.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09f2bd6146b97ae3359fa0cc6d6b376d9539582c7b4220f041a33ec24c226199" -dependencies = [ - "async-trait", - "bytes", - "futures-util", - "http 1.3.1", - "http-body 1.0.1", - "http-body-util", - "mime", - "pin-project-lite", - "rustversion", - "sync_wrapper 1.0.2", - "tower-layer", - "tower-service", - "tracing", -] - -[[package]] -name = "base16ct" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c7f02d4ea65f2c1853089ffd8d2787bdbc63de2f0d29dedbcf8ccdfa0ccd4cf" - -[[package]] -name = "base64" -version = "0.21.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" - -[[package]] -name = "base64" -version = "0.22.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" - -[[package]] -name = "base64ct" -version = "1.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55248b47b0caf0546f7988906588779981c43bb1bc9d0c44087278f80cdb44ba" - -[[package]] -name = "bincode" -version = "1.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1f45e9417d87227c7a56d22e471c6206462cba514c7590c09aff4cf6d1ddcad" -dependencies = [ - "serde", -] - -[[package]] -name = "bindgen" -version = "0.72.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "993776b509cfb49c750f11b8f07a46fa23e0a1386ffc01fb1e7d343efc387895" -dependencies = [ - "bitflags 2.10.0", - "cexpr", - "clang-sys", - "itertools", - "log", - "prettyplease", - "proc-macro2", - "quote", - "regex", - "rustc-hash", - "shlex", - "syn", -] - -[[package]] -name = "bitfield" -version = "0.15.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c821a6e124197eb56d907ccc2188eab1038fb919c914f47976e64dd8dbc855d1" - -[[package]] -name = "bitflags" -version = "1.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" - -[[package]] -name = "bitflags" -version = "2.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "812e12b5285cc515a9c72a5c1d3b6d46a19dac5acfef5265968c166106e31dd3" - -[[package]] -name = "block-buffer" -version = "0.10.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" -dependencies = [ - "generic-array", -] - -[[package]] -name = "bumpalo" -version = "3.19.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46c5e41b57b8bba42a04676d81cb89e9ee8e859a1a66f80a5a72e1cb76b34d43" - -[[package]] -name = "byteorder" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" - -[[package]] -name = "bytes" -version = "1.10.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a" - -[[package]] -name = "cc" -version = "1.2.41" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ac9fe6cdbb24b6ade63616c0a0688e45bb56732262c158df3c0c4bea4ca47cb7" -dependencies = [ - "find-msvc-tools", - "jobserver", - "libc", - "shlex", -] - -[[package]] -name = "cexpr" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6fac387a98bb7c37292057cffc56d62ecb629900026402633ae9160df93a8766" -dependencies = [ - "nom", -] - -[[package]] -name = "cfg-if" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9330f8b2ff13f34540b44e946ef35111825727b38d33286ef986142615121801" - -[[package]] -name = "chrono" -version = "0.4.42" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "145052bdd345b87320e369255277e3fb5152762ad123a901ef5c262dd38fe8d2" -dependencies = [ - "iana-time-zone", - "js-sys", - "num-traits", - "wasm-bindgen", - "windows-link", -] - -[[package]] -name = "cipher" -version = "0.4.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad" -dependencies = [ - "crypto-common", - "inout", -] - -[[package]] -name = "clang-sys" -version = "1.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b023947811758c97c59bf9d1c188fd619ad4718dcaa767947df1cadb14f39f4" -dependencies = [ - "glob", - "libc", - "libloading", -] - -[[package]] -name = "clap" -version = "4.5.50" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c2cfd7bf8a6017ddaa4e32ffe7403d547790db06bd171c1c53926faab501623" -dependencies = [ - "clap_builder", - "clap_derive", -] - -[[package]] -name = "clap-num" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "822c4000301ac390e65995c62207501e3ef800a1fc441df913a5e8e4dc374816" -dependencies = [ - "num-traits", -] - -[[package]] -name = "clap_builder" -version = "4.5.50" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a4c05b9e80c5ccd3a7ef080ad7b6ba7d6fc00a985b8b157197075677c82c7a0" -dependencies = [ - "anstream", - "anstyle", - "clap_lex", - "strsim", -] - -[[package]] -name = "clap_derive" -version = "4.5.49" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a0b5487afeab2deb2ff4e03a807ad1a03ac532ff5a2cee5d86884440c7f7671" -dependencies = [ - "heck", - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "clap_lex" -version = "0.7.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1d728cc89cf3aee9ff92b05e62b19ee65a02b5702cff7d5a377e32c6ae29d8d" - -[[package]] -name = "cmake" -version = "0.1.54" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e7caa3f9de89ddbe2c607f4101924c5abec803763ae9534e4f4d7d8f84aa81f0" -dependencies = [ - "cc", -] - -[[package]] -name = "codicon" -version = "3.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12170080f3533d6f09a19f81596f836854d0fa4867dc32c8172b8474b4e9de61" - -[[package]] -name = "colorchoice" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b05b61dc5112cbb17e4b6cd61790d9845d13888356391624cbe7e41efeac1e75" - -[[package]] -name = "colorful" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97af0562545a7d7f3d9222fcf909963bec36dcb502afaacab98c6ffac8da47ce" - -[[package]] -name = "const-oid" -version = "0.9.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" - -[[package]] -name = "core-foundation" -version = "0.9.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f" -dependencies = [ - "core-foundation-sys", - "libc", -] - -[[package]] -name = "core-foundation-sys" -version = "0.8.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" - -[[package]] -name = "cpufeatures" -version = "0.2.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280" -dependencies = [ - "libc", -] - -[[package]] -name = "crc32fast" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9481c1c90cbf2ac953f07c8d4a58aa3945c425b7185c9154d67a65e4230da511" -dependencies = [ - "cfg-if", -] - -[[package]] -name = "crypto-bigint" -version = "0.5.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0dc92fb57ca44df6db8059111ab3af99a63d5d0f8375d9972e319a379c6bab76" -dependencies = [ - "generic-array", - "rand_core", - "subtle", - "zeroize", -] - -[[package]] -name = "crypto-common" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" -dependencies = [ - "generic-array", - "rand_core", - "typenum", -] - -[[package]] -name = "ctr" -version = "0.9.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0369ee1ad671834580515889b80f2ea915f23b8be8d0daa4bbaf2ac5c7590835" -dependencies = [ - "cipher", -] - -[[package]] -name = "data-encoding" -version = "2.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a2330da5de22e8a3cb63252ce2abb30116bf5265e89c0e01bc17015ce30a476" - -[[package]] -name = "der" -version = "0.7.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e7c1832837b905bbfb5101e07cc24c8deddf52f93225eee6ead5f4d63d53ddcb" -dependencies = [ - "const-oid", - "pem-rfc7468", - "zeroize", -] - -[[package]] -name = "der-parser" -version = "9.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5cd0a5c643689626bec213c4d8bd4d96acc8ffdb4ad4bb6bc16abf27d5f4b553" -dependencies = [ - "asn1-rs", - "displaydoc", - "nom", - "num-bigint", - "num-traits", - "rusticata-macros", -] - -[[package]] -name = "deranged" -version = "0.5.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a41953f86f8a05768a6cda24def994fd2f424b04ec5c719cf89989779f199071" -dependencies = [ - "powerfmt", -] - -[[package]] -name = "digest" -version = "0.10.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" -dependencies = [ - "block-buffer", - "const-oid", - "crypto-common", - "subtle", -] - -[[package]] -name = "dirs" -version = "5.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44c45a9d03d6676652bcb5e724c7e988de1acad23a711b5217ab9cbecbec2225" -dependencies = [ - "dirs-sys", -] - -[[package]] -name = "dirs-sys" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "520f05a5cbd335fae5a99ff7a6ab8627577660ee5cfd6a94a6a929b52ff0321c" -dependencies = [ - "libc", - "option-ext", - "redox_users", - "windows-sys 0.48.0", -] - -[[package]] -name = "displaydoc" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "dunce" -version = "1.0.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813" - -[[package]] -name = "ecdsa" -version = "0.16.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee27f32b5c5292967d2d4a9d7f1e0b0aed2c15daded5a60300e4abb9d8020bca" -dependencies = [ - "der", - "digest", - "elliptic-curve", - "rfc6979", - "signature", - "spki", -] - -[[package]] -name = "either" -version = "1.15.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719" - -[[package]] -name = "elliptic-curve" -version = "0.13.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5e6043086bf7973472e0c7dff2142ea0b680d30e18d9cc40f267efbf222bd47" -dependencies = [ - "base16ct", - "crypto-bigint", - "digest", - "ff", - "generic-array", - "group", - "pem-rfc7468", - "pkcs8", - "rand_core", - "sec1", - "subtle", - "zeroize", -] - -[[package]] -name = "encoding_rs" -version = "0.8.35" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75030f3c4f45dafd7586dd6780965a8c7e8e285a5ecb86713e63a79c5b2766f3" -dependencies = [ - "cfg-if", -] - -[[package]] -name = "env_logger" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4cd405aab171cb85d6735e5c8d9db038c17d3ca007a4d2c25f337935c3d90580" -dependencies = [ - "humantime", - "is-terminal", - "log", - "regex", - "termcolor", -] - -[[package]] -name = "equivalent" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f" - -[[package]] -name = "errno" -version = "0.3.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39cab71617ae0d63f51a36d69f866391735b51691dbda63cf6f96d042b63efeb" -dependencies = [ - "libc", - "windows-sys 0.61.2", -] - -[[package]] -name = "fastrand" -version = "2.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" - -[[package]] -name = "ff" -version = "0.13.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c0b50bfb653653f9ca9095b427bed08ab8d75a137839d9ad64eb11810d5b6393" -dependencies = [ - "rand_core", - "subtle", -] - -[[package]] -name = "find-msvc-tools" -version = "0.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "52051878f80a721bb68ebfbc930e07b65ba72f2da88968ea5c06fd6ca3d3a127" - -[[package]] -name = "flate2" -version = "1.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc5a4e564e38c699f2880d3fda590bedc2e69f3f84cd48b457bd892ce61d0aa9" -dependencies = [ - "crc32fast", - "miniz_oxide", -] - -[[package]] -name = "fnv" -version = "1.0.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" - -[[package]] -name = "foreign-types" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" -dependencies = [ - "foreign-types-shared", -] - -[[package]] -name = "foreign-types-shared" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" - -[[package]] -name = "form_urlencoded" -version = "1.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb4cb245038516f5f85277875cdaa4f7d2c9a0fa0468de06ed190163b1581fcf" -dependencies = [ - "percent-encoding", -] - -[[package]] -name = "fs_extra" -version = "1.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c" - -[[package]] -name = "futures-channel" -version = "0.3.31" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2dff15bf788c671c1934e366d07e30c1814a8ef514e1af724a602e8a2fbe1b10" -dependencies = [ - "futures-core", -] - -[[package]] -name = "futures-core" -version = "0.3.31" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e" - -[[package]] -name = "futures-io" -version = "0.3.31" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e5c1b78ca4aae1ac06c48a526a655760685149f0d465d21f37abfe57ce075c6" - -[[package]] -name = "futures-sink" -version = "0.3.31" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e575fab7d1e0dcb8d0c7bcf9a63ee213816ab51902e6d244a95819acacf1d4f7" - -[[package]] -name = "futures-task" -version = "0.3.31" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988" - -[[package]] -name = "futures-util" -version = "0.3.31" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9fa08315bb612088cc391249efdc3bc77536f16c91f6cf495e6fbe85b20a4a81" -dependencies = [ - "futures-core", - "futures-io", - "futures-task", - "memchr", - "pin-project-lite", - "pin-utils", - "slab", -] - -[[package]] -name = "generic-array" -version = "0.14.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4bb6743198531e02858aeaea5398fcc883e71851fcbcb5a2f773e2fb6cb1edf2" -dependencies = [ - "typenum", - "version_check", - "zeroize", -] - -[[package]] -name = "getrandom" -version = "0.2.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "335ff9f135e4384c8150d6f27c6daed433577f86b4750418338c01a1a2528592" -dependencies = [ - "cfg-if", - "js-sys", - "libc", - "wasi", - "wasm-bindgen", -] - -[[package]] -name = "getrandom" -version = "0.3.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "899def5c37c4fd7b2664648c28120ecec138e4d395b459e5ca34f9cce2dd77fd" -dependencies = [ - "cfg-if", - "libc", - "r-efi", - "wasip2", -] - -[[package]] -name = "ghash" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0d8a4362ccb29cb0b265253fb0a2728f592895ee6854fd9bc13f2ffda266ff1" -dependencies = [ - "opaque-debug", - "polyval", -] - -[[package]] -name = "glob" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280" - -[[package]] -name = "group" -version = "0.13.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" -dependencies = [ - "ff", - "rand_core", - "subtle", -] - -[[package]] -name = "h2" -version = "0.3.27" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0beca50380b1fc32983fc1cb4587bfa4bb9e78fc259aad4a0032d2080309222d" -dependencies = [ - "bytes", - "fnv", - "futures-core", - "futures-sink", - "futures-util", - "http 0.2.12", - "indexmap", - "slab", - "tokio", - "tokio-util", - "tracing", -] - -[[package]] -name = "hashbrown" -version = "0.16.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5419bdc4f6a9207fbeba6d11b604d481addf78ecd10c11ad51e76c2f6482748d" - -[[package]] -name = "heck" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" - -[[package]] -name = "hermit-abi" -version = "0.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc0fef456e4baa96da950455cd02c081ca953b141298e41db3fc7e36b1da849c" - -[[package]] -name = "hex" -version = "0.4.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" - -[[package]] -name = "hmac" -version = "0.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" -dependencies = [ - "digest", -] - -[[package]] -name = "http" -version = "0.2.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1" -dependencies = [ - "bytes", - "fnv", - "itoa", -] - -[[package]] -name = "http" -version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4a85d31aea989eead29a3aaf9e1115a180df8282431156e533de47660892565" -dependencies = [ - "bytes", - "fnv", - "itoa", -] - -[[package]] -name = "http-body" -version = "0.4.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2" -dependencies = [ - "bytes", - "http 0.2.12", - "pin-project-lite", -] - -[[package]] -name = "http-body" -version = "1.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184" -dependencies = [ - "bytes", - "http 1.3.1", -] - -[[package]] -name = "http-body-util" -version = "0.1.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b021d93e26becf5dc7e1b75b1bed1fd93124b374ceb73f43d4d4eafec896a64a" -dependencies = [ - "bytes", - "futures-core", - "http 1.3.1", - "http-body 1.0.1", - "pin-project-lite", -] - -[[package]] -name = "httparse" -version = "1.10.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6dbf3de79e51f3d586ab4cb9d5c3e2c14aa28ed23d180cf89b4df0454a69cc87" - -[[package]] -name = "httpdate" -version = "1.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" - -[[package]] -name = "humantime" -version = "2.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "135b12329e5e3ce057a9f972339ea52bc954fe1e9358ef27f95e89716fbc5424" - -[[package]] -name = "hyper" -version = "0.14.32" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41dfc780fdec9373c01bae43289ea34c972e40ee3c9f6b3c8801a35f35586ce7" -dependencies = [ - "bytes", - "futures-channel", - "futures-core", - "futures-util", - "h2", - "http 0.2.12", - "http-body 0.4.6", - "httparse", - "httpdate", - "itoa", - "pin-project-lite", - "socket2 0.5.10", - "tokio", - "tower-service", - "tracing", - "want", -] - -[[package]] -name = "hyper" -version = "1.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb3aa54a13a0dfe7fbe3a59e0c76093041720fdc77b110cc0fc260fafb4dc51e" -dependencies = [ - "atomic-waker", - "bytes", - "futures-channel", - "futures-core", - "http 1.3.1", - "http-body 1.0.1", - "httparse", - "httpdate", - "itoa", - "pin-project-lite", - "pin-utils", - "smallvec", - "tokio", -] - -[[package]] -name = "hyper-tls" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" -dependencies = [ - "bytes", - "hyper 0.14.32", - "native-tls", - "tokio", - "tokio-native-tls", -] - -[[package]] -name = "hyper-util" -version = "0.1.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c6995591a8f1380fcb4ba966a252a4b29188d51d2b89e3a252f5305be65aea8" -dependencies = [ - "bytes", - "futures-core", - "http 1.3.1", - "http-body 1.0.1", - "hyper 1.7.0", - "pin-project-lite", - "tokio", - "tower-service", -] - -[[package]] -name = "iana-time-zone" -version = "0.1.64" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33e57f83510bb73707521ebaffa789ec8caf86f9657cad665b092b581d40e9fb" -dependencies = [ - "android_system_properties", - "core-foundation-sys", - "iana-time-zone-haiku", - "js-sys", - "log", - "wasm-bindgen", - "windows-core", -] - -[[package]] -name = "iana-time-zone-haiku" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f" -dependencies = [ - "cc", -] - -[[package]] -name = "icu_collections" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "200072f5d0e3614556f94a9930d5dc3e0662a652823904c3a75dc3b0af7fee47" -dependencies = [ - "displaydoc", - "potential_utf", - "yoke", - "zerofrom", - "zerovec", -] - -[[package]] -name = "icu_locale_core" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0cde2700ccaed3872079a65fb1a78f6c0a36c91570f28755dda67bc8f7d9f00a" -dependencies = [ - "displaydoc", - "litemap", - "tinystr", - "writeable", - "zerovec", -] - -[[package]] -name = "icu_normalizer" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "436880e8e18df4d7bbc06d58432329d6458cc84531f7ac5f024e93deadb37979" -dependencies = [ - "displaydoc", - "icu_collections", - "icu_normalizer_data", - "icu_properties", - "icu_provider", - "smallvec", - "zerovec", -] - -[[package]] -name = "icu_normalizer_data" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "00210d6893afc98edb752b664b8890f0ef174c8adbb8d0be9710fa66fbbf72d3" - -[[package]] -name = "icu_properties" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "016c619c1eeb94efb86809b015c58f479963de65bdb6253345c1a1276f22e32b" -dependencies = [ - "displaydoc", - "icu_collections", - "icu_locale_core", - "icu_properties_data", - "icu_provider", - "potential_utf", - "zerotrie", - "zerovec", -] - -[[package]] -name = "icu_properties_data" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "298459143998310acd25ffe6810ed544932242d3f07083eee1084d83a71bd632" - -[[package]] -name = "icu_provider" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03c80da27b5f4187909049ee2d72f276f0d9f99a42c306bd0131ecfe04d8e5af" -dependencies = [ - "displaydoc", - "icu_locale_core", - "stable_deref_trait", - "tinystr", - "writeable", - "yoke", - "zerofrom", - "zerotrie", - "zerovec", -] - -[[package]] -name = "idna" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b0875f23caa03898994f6ddc501886a45c7d3d62d04d2d90788d47be1b1e4de" -dependencies = [ - "idna_adapter", - "smallvec", - "utf8_iter", -] - -[[package]] -name = "idna_adapter" -version = "1.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3acae9609540aa318d1bc588455225fb2085b9ed0c4f6bd0d9d5bcd86f1a0344" -dependencies = [ - "icu_normalizer", - "icu_properties", -] - -[[package]] -name = "indexmap" -version = "2.12.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6717a8d2a5a929a1a2eb43a12812498ed141a0bcfb7e8f7844fbdbe4303bba9f" -dependencies = [ - "equivalent", - "hashbrown", -] - -[[package]] -name = "inout" -version = "0.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "879f10e63c20629ecabbb64a8010319738c66a5cd0c29b02d63d272b03751d01" -dependencies = [ - "generic-array", -] - -[[package]] -name = "iocuddle" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8972d5be69940353d5347a1344cb375d9b457d6809b428b05bb1ca2fb9ce007" - -[[package]] -name = "ipnet" -version = "2.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "469fb0b9cefa57e3ef31275ee7cacb78f2fdca44e4765491884a2b119d4eb130" - -[[package]] -name = "is-terminal" -version = "0.4.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e04d7f318608d35d4b61ddd75cbdaee86b023ebe2bd5a66ee0915f0bf93095a9" -dependencies = [ - "hermit-abi", - "libc", - "windows-sys 0.59.0", -] - -[[package]] -name = "is_terminal_polyfill" -version = "1.70.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a6cb138bb79a146c1bd460005623e142ef0181e3d0219cb493e02f7d08a35695" - -[[package]] -name = "itertools" -version = "0.13.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "413ee7dfc52ee1a4949ceeb7dbc8a33f2d6c088194d9f922fb8318faf1f01186" -dependencies = [ - "either", -] - -[[package]] -name = "itoa" -version = "1.0.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c" - -[[package]] -name = "jobserver" -version = "0.1.34" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9afb3de4395d6b3e67a780b6de64b51c978ecf11cb9a462c66be7d4ca9039d33" -dependencies = [ - "getrandom 0.3.4", - "libc", -] - -[[package]] -name = "js-sys" -version = "0.3.81" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec48937a97411dcb524a265206ccd4c90bb711fca92b2792c407f268825b9305" -dependencies = [ - "once_cell", - "wasm-bindgen", -] - -[[package]] -name = "jsonwebtoken" -version = "9.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a87cc7a48537badeae96744432de36f4be2b4a34a05a5ef32e9dd8a1c169dde" -dependencies = [ - "base64 0.22.1", - "js-sys", - "pem", - "ring", - "serde", - "serde_json", - "simple_asn1", -] - -[[package]] -name = "lazy_static" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" - -[[package]] -name = "libc" -version = "0.2.177" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2874a2af47a2325c2001a6e6fad9b16a53b802102b528163885171cf92b15976" - -[[package]] -name = "libloading" -version = "0.8.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7c4b02199fee7c5d21a5ae7d8cfa79a6ef5bb2fc834d6e9058e89c825efdc55" -dependencies = [ - "cfg-if", - "windows-link", -] - -[[package]] -name = "libredox" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "416f7e718bdb06000964960ffa43b4335ad4012ae8b99060261aa4a8088d5ccb" -dependencies = [ - "bitflags 2.10.0", - "libc", -] - -[[package]] -name = "linux-raw-sys" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df1d3c3b53da64cf5760482273a98e575c651a67eec7f77df96b5b642de8f039" - -[[package]] -name = "litemap" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "241eaef5fd12c88705a01fc1066c48c4b36e0dd4377dcdc7ec3942cea7a69956" - -[[package]] -name = "lock_api" -version = "0.4.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "224399e74b87b5f3557511d98dff8b14089b3dadafcab6bb93eab67d3aace965" -dependencies = [ - "scopeguard", -] - -[[package]] -name = "log" -version = "0.4.28" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34080505efa8e45a4b816c349525ebe327ceaa8559756f0356cba97ef3bf7432" - -[[package]] -name = "matchit" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0e7465ac9959cc2b1404e8e2367b43684a6d13790fe23056cc8c6c5a6b7bcb94" - -[[package]] -name = "memchr" -version = "2.7.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f52b00d39961fc5b2736ea853c9cc86238e165017a493d1d5c8eac6bdc4cc273" - -[[package]] -name = "memoffset" -version = "0.6.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce" -dependencies = [ - "autocfg", -] - -[[package]] -name = "mime" -version = "0.3.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" - -[[package]] -name = "minimal-lexical" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" - -[[package]] -name = "miniz_oxide" -version = "0.8.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316" -dependencies = [ - "adler2", - "simd-adler32", -] - -[[package]] -name = "mio" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69d83b0086dc8ecf3ce9ae2874b2d1290252e2a30720bea58a5c6639b0092873" -dependencies = [ - "libc", - "wasi", - "windows-sys 0.61.2", -] - -[[package]] -name = "msru" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "15a014208ef068fd9eed02eceb063ecba151d9922de4f8b4bb3703ff3d2a3eaa" - -[[package]] -name = "native-tls" -version = "0.2.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87de3442987e9dbec73158d5c715e7ad9072fda936bb03d19d7fa10e00520f0e" -dependencies = [ - "libc", - "log", - "openssl", - "openssl-probe", - "openssl-sys", - "schannel", - "security-framework", - "security-framework-sys", - "tempfile", -] - -[[package]] -name = "nix" -version = "0.23.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f3790c00a0150112de0f4cd161e3d7fc4b2d8a5542ffc35f099a2562aecb35c" -dependencies = [ - "bitflags 1.3.2", - "cc", - "cfg-if", - "libc", - "memoffset", -] - -[[package]] -name = "nom" -version = "7.1.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" -dependencies = [ - "memchr", - "minimal-lexical", -] - -[[package]] -name = "num-bigint" -version = "0.4.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9" -dependencies = [ - "num-integer", - "num-traits", -] - -[[package]] -name = "num-conv" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9" - -[[package]] -name = "num-integer" -version = "0.1.46" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" -dependencies = [ - "num-traits", -] - -[[package]] -name = "num-traits" -version = "0.2.19" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" -dependencies = [ - "autocfg", -] - -[[package]] -name = "oid-registry" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a8d8034d9489cdaf79228eb9f6a3b8d7bb32ba00d6645ebd48eef4077ceb5bd9" -dependencies = [ - "asn1-rs", -] - -[[package]] -name = "once_cell" -version = "1.21.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" - -[[package]] -name = "once_cell_polyfill" -version = "1.70.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "384b8ab6d37215f3c5301a95a4accb5d64aa607f1fcb26a11b5303878451b4fe" - -[[package]] -name = "opaque-debug" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" - -[[package]] -name = "openssl" -version = "0.10.74" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "24ad14dd45412269e1a30f52ad8f0664f0f4f4a89ee8fe28c3b3527021ebb654" -dependencies = [ - "bitflags 2.10.0", - "cfg-if", - "foreign-types", - "libc", - "once_cell", - "openssl-macros", - "openssl-sys", -] - -[[package]] -name = "openssl-macros" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "openssl-probe" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" - -[[package]] -name = "openssl-src" -version = "300.5.4+3.5.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507b3792995dae9b0df8a1c1e3771e8418b7c2d9f0baeba32e6fe8b06c7cb72" -dependencies = [ - "cc", -] - -[[package]] -name = "openssl-sys" -version = "0.9.110" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a9f0075ba3c21b09f8e8b2026584b1d18d49388648f2fbbf3c97ea8deced8e2" -dependencies = [ - "cc", - "libc", - "openssl-src", - "pkg-config", - "vcpkg", -] - -[[package]] -name = "option-ext" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "04744f49eae99ab78e0d5c0b603ab218f515ea8cfe5a456d7629ad883a3b6e7d" - -[[package]] -name = "p256" -version = "0.13.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c9863ad85fa8f4460f9c48cb909d38a0d689dba1f6f6988a5e3e0d31071bcd4b" -dependencies = [ - "ecdsa", - "elliptic-curve", - "primeorder", - "sha2", -] - -[[package]] -name = "parking_lot" -version = "0.12.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "93857453250e3077bd71ff98b6a65ea6621a19bb0f559a85248955ac12c45a1a" -dependencies = [ - "lock_api", - "parking_lot_core", -] - -[[package]] -name = "parking_lot_core" -version = "0.9.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2621685985a2ebf1c516881c026032ac7deafcda1a2c9b7850dc81e3dfcb64c1" -dependencies = [ - "cfg-if", - "libc", - "redox_syscall", - "smallvec", - "windows-link", -] - -[[package]] -name = "pem" -version = "3.0.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d30c53c26bc5b31a98cd02d20f25a7c8567146caf63ed593a9d87b2775291be" -dependencies = [ - "base64 0.22.1", - "serde_core", -] - -[[package]] -name = "pem-rfc7468" -version = "0.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412" -dependencies = [ - "base64ct", -] - -[[package]] -name = "percent-encoding" -version = "2.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b4f627cb1b25917193a259e49bdad08f671f8d9708acfd5fe0a8c1455d87220" - -[[package]] -name = "pin-project-lite" -version = "0.2.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b3cff922bd51709b605d9ead9aa71031d81447142d828eb4a6eba76fe619f9b" - -[[package]] -name = "pin-utils" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" - -[[package]] -name = "pkcs8" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" -dependencies = [ - "der", - "spki", -] - -[[package]] -name = "pkg-config" -version = "0.3.32" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c" - -[[package]] -name = "polyval" -version = "0.6.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d1fe60d06143b2430aa532c94cfe9e29783047f06c0d7fd359a9a51b729fa25" -dependencies = [ - "cfg-if", - "cpufeatures", - "opaque-debug", - "universal-hash", -] - -[[package]] -name = "potential_utf" -version = "0.1.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84df19adbe5b5a0782edcab45899906947ab039ccf4573713735ee7de1e6b08a" -dependencies = [ - "zerovec", -] - -[[package]] -name = "powerfmt" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391" - -[[package]] -name = "ppv-lite86" -version = "0.2.21" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9" -dependencies = [ - "zerocopy", -] - -[[package]] -name = "prettyplease" -version = "0.2.37" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "479ca8adacdd7ce8f1fb39ce9ecccbfe93a3f1344b3d0d97f20bc0196208f62b" -dependencies = [ - "proc-macro2", - "syn", -] - -[[package]] -name = "primeorder" -version = "0.13.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "353e1ca18966c16d9deb1c69278edbc5f194139612772bd9537af60ac231e1e6" -dependencies = [ - "elliptic-curve", -] - -[[package]] -name = "proc-macro2" -version = "1.0.101" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89ae43fd86e4158d6db51ad8e2b80f313af9cc74f5c0e03ccb87de09998732de" -dependencies = [ - "unicode-ident", -] - -[[package]] -name = "quote" -version = "1.0.41" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce25767e7b499d1b604768e7cde645d14cc8584231ea6b295e9c9eb22c02e1d1" -dependencies = [ - "proc-macro2", -] - -[[package]] -name = "r-efi" -version = "5.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" - -[[package]] -name = "rand" -version = "0.8.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" -dependencies = [ - "libc", - "rand_chacha", - "rand_core", -] - -[[package]] -name = "rand_chacha" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" -dependencies = [ - "ppv-lite86", - "rand_core", -] - -[[package]] -name = "rand_core" -version = "0.6.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" -dependencies = [ - "getrandom 0.2.16", -] - -[[package]] -name = "rdrand" -version = "0.8.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d92195228612ac8eed47adbc2ed0f04e513a4ccb98175b6f2bd04d963b533655" -dependencies = [ - "rand_core", -] - -[[package]] -name = "redox_syscall" -version = "0.5.18" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed2bf2547551a7053d6fdfafda3f938979645c44812fbfcda098faae3f1a362d" -dependencies = [ - "bitflags 2.10.0", -] - -[[package]] -name = "redox_users" -version = "0.4.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43" -dependencies = [ - "getrandom 0.2.16", - "libredox", - "thiserror 1.0.69", -] - -[[package]] -name = "regex" -version = "1.12.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "843bc0191f75f3e22651ae5f1e72939ab2f72a4bc30fa80a066bd66edefc24d4" -dependencies = [ - "aho-corasick", - "memchr", - "regex-automata", - "regex-syntax", -] - -[[package]] -name = "regex-automata" -version = "0.4.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5276caf25ac86c8d810222b3dbb938e512c55c6831a10f3e6ed1c93b84041f1c" -dependencies = [ - "aho-corasick", - "memchr", - "regex-syntax", -] - -[[package]] -name = "regex-syntax" -version = "0.8.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a2d987857b319362043e95f5353c0535c1f58eec5336fdfcf626430af7def58" - -[[package]] -name = "reqwest" -version = "0.11.27" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd67538700a17451e7cba03ac727fb961abb7607553461627b97de0b89cf4a62" -dependencies = [ - "base64 0.21.7", - "bytes", - "encoding_rs", - "futures-core", - "futures-util", - "h2", - "http 0.2.12", - "http-body 0.4.6", - "hyper 0.14.32", - "hyper-tls", - "ipnet", - "js-sys", - "log", - "mime", - "native-tls", - "once_cell", - "percent-encoding", - "pin-project-lite", - "rustls-pemfile", - "serde", - "serde_json", - "serde_urlencoded", - "sync_wrapper 0.1.2", - "system-configuration", - "tokio", - "tokio-native-tls", - "tower-service", - "url", - "wasm-bindgen", - "wasm-bindgen-futures", - "web-sys", - "winreg", -] - -[[package]] -name = "rfc6979" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8dd2a808d456c4a54e300a23e9f5a67e122c3024119acbfd73e3bf664491cb2" -dependencies = [ - "hmac", - "subtle", -] - -[[package]] -name = "ring" -version = "0.17.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4689e6c2294d81e88dc6261c768b63bc4fcdb852be6d1352498b114f61383b7" -dependencies = [ - "cc", - "cfg-if", - "getrandom 0.2.16", - "libc", - "untrusted", - "windows-sys 0.52.0", -] - -[[package]] -name = "rustc-hash" -version = "2.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "357703d41365b4b27c590e3ed91eabb1b663f07c4c084095e60cbed4362dff0d" - -[[package]] -name = "rusticata-macros" -version = "4.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "faf0c4a6ece9950b9abdb62b1cfcf2a68b3b67a10ba445b3bb85be2a293d0632" -dependencies = [ - "nom", -] - -[[package]] -name = "rustix" -version = "1.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd15f8a2c5551a84d56efdc1cd049089e409ac19a3072d5037a17fd70719ff3e" -dependencies = [ - "bitflags 2.10.0", - "errno", - "libc", - "linux-raw-sys", - "windows-sys 0.61.2", -] - -[[package]] -name = "rustls" -version = "0.23.34" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a9586e9ee2b4f8fab52a0048ca7334d7024eef48e2cb9407e3497bb7cab7fa7" -dependencies = [ - "aws-lc-rs", - "log", - "once_cell", - "ring", - "rustls-pki-types", - "rustls-webpki", - "subtle", - "zeroize", -] - -[[package]] -name = "rustls-pemfile" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c" -dependencies = [ - "base64 0.21.7", -] - -[[package]] -name = "rustls-pki-types" -version = "1.12.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "229a4a4c221013e7e1f1a043678c5cc39fe5171437c88fb47151a21e6f5b5c79" -dependencies = [ - "zeroize", -] - -[[package]] -name = "rustls-webpki" -version = "0.103.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e10b3f4191e8a80e6b43eebabfac91e5dcecebb27a71f04e820c47ec41d314bf" -dependencies = [ - "aws-lc-rs", - "ring", - "rustls-pki-types", - "untrusted", -] - -[[package]] -name = "rustversion" -version = "1.0.22" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b39cdef0fa800fc44525c84ccb54a029961a8215f9619753635a9c0d2538d46d" - -[[package]] -name = "ryu" -version = "1.0.20" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f" - -[[package]] -name = "schannel" -version = "0.1.28" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "891d81b926048e76efe18581bf793546b4c0eaf8448d72be8de2bbee5fd166e1" -dependencies = [ - "windows-sys 0.61.2", -] - -[[package]] -name = "scopeguard" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" - -[[package]] -name = "sec1" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3e97a565f76233a6003f9f5c54be1d9c5bdfa3eccfb189469f11ec4901c47dc" -dependencies = [ - "base16ct", - "der", - "generic-array", - "pkcs8", - "subtle", - "zeroize", -] - -[[package]] -name = "security-framework" -version = "2.11.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02" -dependencies = [ - "bitflags 2.10.0", - "core-foundation", - "core-foundation-sys", - "libc", - "security-framework-sys", -] - -[[package]] -name = "security-framework-sys" -version = "2.15.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc1f0cbffaac4852523ce30d8bd3c5cdc873501d96ff467ca09b6767bb8cd5c0" -dependencies = [ - "core-foundation-sys", - "libc", -] - -[[package]] -name = "serde" -version = "1.0.228" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e" -dependencies = [ - "serde_core", - "serde_derive", -] - -[[package]] -name = "serde-big-array" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "11fc7cc2c76d73e0f27ee52abbd64eec84d46f370c88371120433196934e4b7f" -dependencies = [ - "serde", -] - -[[package]] -name = "serde_bytes" -version = "0.11.19" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5d440709e79d88e51ac01c4b72fc6cb7314017bb7da9eeff678aa94c10e3ea8" -dependencies = [ - "serde", - "serde_core", -] - -[[package]] -name = "serde_core" -version = "1.0.228" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad" -dependencies = [ - "serde_derive", -] - -[[package]] -name = "serde_derive" -version = "1.0.228" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "serde_json" -version = "1.0.145" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "402a6f66d8c709116cf22f558eab210f5a50187f702eb4d7e5ef38d9a7f1c79c" -dependencies = [ - "itoa", - "memchr", - "ryu", - "serde", - "serde_core", -] - -[[package]] -name = "serde_path_to_error" -version = "0.1.20" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "10a9ff822e371bb5403e391ecd83e182e0e77ba7f6fe0160b795797109d1b457" -dependencies = [ - "itoa", - "serde", - "serde_core", -] - -[[package]] -name = "serde_urlencoded" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" -dependencies = [ - "form_urlencoded", - "itoa", - "ryu", - "serde", -] - -[[package]] -name = "sev" -version = "5.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b06afe5192a43814047ea0072f4935f830a1de3c8cb43b56c90ae6918468b94d" -dependencies = [ - "base64 0.22.1", - "bincode", - "bitfield", - "bitflags 1.3.2", - "byteorder", - "codicon", - "dirs", - "hex", - "iocuddle", - "lazy_static", - "libc", - "openssl", - "rdrand", - "serde", - "serde-big-array", - "serde_bytes", - "static_assertions", - "uuid", -] - -[[package]] -name = "sha2" -version = "0.10.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283" -dependencies = [ - "cfg-if", - "cpufeatures", - "digest", -] - -[[package]] -name = "shlex" -version = "1.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" - -[[package]] -name = "signal-hook-registry" -version = "1.4.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b2a4719bff48cee6b39d12c020eeb490953ad2443b7055bd0b21fca26bd8c28b" -dependencies = [ - "libc", -] - -[[package]] -name = "signature" -version = "2.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" -dependencies = [ - "digest", - "rand_core", -] - -[[package]] -name = "simd-adler32" -version = "0.3.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d66dc143e6b11c1eddc06d5c423cfc97062865baf299914ab64caa38182078fe" - -[[package]] -name = "simple_asn1" -version = "0.6.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "297f631f50729c8c99b84667867963997ec0b50f32b2a7dbcab828ef0541e8bb" -dependencies = [ - "num-bigint", - "num-traits", - "thiserror 2.0.17", - "time", -] - -[[package]] -name = "slab" -version = "0.4.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a2ae44ef20feb57a68b23d846850f861394c2e02dc425a50098ae8c90267589" - -[[package]] -name = "smallvec" -version = "1.15.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03" - -[[package]] -name = "snpguest" -version = "0.8.3" -source = "git+https://github.com/faasm/snpguest.git#d3697058d4981db9c8dca1f6321cab3ca5cb029d" -dependencies = [ - "anyhow", - "asn1-rs", - "base64 0.22.1", - "bincode", - "bitfield", - "clap", - "clap-num", - "colorful", - "env_logger", - "hex", - "msru", - "nix", - "openssl", - "rand", - "reqwest", - "serde", - "sev", - "x509-parser", -] - -[[package]] -name = "socket2" -version = "0.5.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e22376abed350d73dd1cd119b57ffccad95b4e585a7cda43e286245ce23c0678" -dependencies = [ - "libc", - "windows-sys 0.52.0", -] - -[[package]] -name = "socket2" -version = "0.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17129e116933cf371d018bb80ae557e889637989d8638274fb25622827b03881" -dependencies = [ - "libc", - "windows-sys 0.60.2", -] - -[[package]] -name = "spki" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" -dependencies = [ - "base64ct", - "der", -] - -[[package]] -name = "stable_deref_trait" -version = "1.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ce2be8dc25455e1f91df71bfa12ad37d7af1092ae736f3a6cd0e37bc7810596" - -[[package]] -name = "static_assertions" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" - -[[package]] -name = "strsim" -version = "0.11.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" - -[[package]] -name = "subtle" -version = "2.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292" - -[[package]] -name = "syn" -version = "2.0.107" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a26dbd934e5451d21ef060c018dae56fc073894c5a7896f882928a76e6d081b" -dependencies = [ - "proc-macro2", - "quote", - "unicode-ident", -] - -[[package]] -name = "sync_wrapper" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" - -[[package]] -name = "sync_wrapper" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0bf256ce5efdfa370213c1dabab5935a12e49f2c58d15e9eac2870d3b4f27263" - -[[package]] -name = "synstructure" -version = "0.13.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "728a70f3dbaf5bab7f0c4b1ac8d7ae5ea60a4b5549c8a5914361c99147a709d2" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "system-configuration" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7" -dependencies = [ - "bitflags 1.3.2", - "core-foundation", - "system-configuration-sys", -] - -[[package]] -name = "system-configuration-sys" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a75fb188eb626b924683e3b95e3a48e63551fcfb51949de2f06a9d91dbee93c9" -dependencies = [ - "core-foundation-sys", - "libc", -] - -[[package]] -name = "tempfile" -version = "3.23.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2d31c77bdf42a745371d260a26ca7163f1e0924b64afa0b688e61b5a9fa02f16" -dependencies = [ - "fastrand", - "getrandom 0.3.4", - "once_cell", - "rustix", - "windows-sys 0.61.2", -] - -[[package]] -name = "termcolor" -version = "1.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06794f8f6c5c898b3275aebefa6b8a1cb24cd2c6c79397ab15774837a0bc5755" -dependencies = [ - "winapi-util", -] - -[[package]] -name = "thiserror" -version = "1.0.69" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52" -dependencies = [ - "thiserror-impl 1.0.69", -] - -[[package]] -name = "thiserror" -version = "2.0.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f63587ca0f12b72a0600bcba1d40081f830876000bb46dd2337a3051618f4fc8" -dependencies = [ - "thiserror-impl 2.0.17", -] - -[[package]] -name = "thiserror-impl" -version = "1.0.69" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "thiserror-impl" -version = "2.0.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ff15c8ecd7de3849db632e14d18d2571fa09dfc5ed93479bc4485c7a517c913" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "time" -version = "0.3.44" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "91e7d9e3bb61134e77bde20dd4825b97c010155709965fedf0f49bb138e52a9d" -dependencies = [ - "deranged", - "itoa", - "num-conv", - "powerfmt", - "serde", - "time-core", - "time-macros", -] - -[[package]] -name = "time-core" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "40868e7c1d2f0b8d73e4a8c7f0ff63af4f6d19be117e90bd73eb1d62cf831c6b" - -[[package]] -name = "time-macros" -version = "0.2.24" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30cfb0125f12d9c277f35663a0a33f8c30190f4e4574868a330595412d34ebf3" -dependencies = [ - "num-conv", - "time-core", -] - -[[package]] -name = "tinystr" -version = "0.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d4f6d1145dcb577acf783d4e601bc1d76a13337bb54e6233add580b07344c8b" -dependencies = [ - "displaydoc", - "zerovec", -] - -[[package]] -name = "tokio" -version = "1.48.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ff360e02eab121e0bc37a2d3b4d4dc622e6eda3a8e5253d5435ecf5bd4c68408" -dependencies = [ - "bytes", - "libc", - "mio", - "parking_lot", - "pin-project-lite", - "signal-hook-registry", - "socket2 0.6.1", - "tokio-macros", - "windows-sys 0.61.2", -] - -[[package]] -name = "tokio-macros" -version = "2.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af407857209536a95c8e56f8231ef2c2e2aff839b22e07a1ffcbc617e9db9fa5" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "tokio-native-tls" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2" -dependencies = [ - "native-tls", - "tokio", -] - -[[package]] -name = "tokio-rustls" -version = "0.26.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1729aa945f29d91ba541258c8df89027d5792d85a8841fb65e8bf0f4ede4ef61" -dependencies = [ - "rustls", - "tokio", -] - -[[package]] -name = "tokio-util" -version = "0.7.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14307c986784f72ef81c89db7d9e28d6ac26d16213b109ea501696195e6e3ce5" -dependencies = [ - "bytes", - "futures-core", - "futures-sink", - "pin-project-lite", - "tokio", -] - -[[package]] -name = "tower" -version = "0.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d039ad9159c98b70ecfd540b2573b97f7f52c3e8d9f8ad57a24b916a536975f9" -dependencies = [ - "futures-core", - "futures-util", - "pin-project-lite", - "sync_wrapper 1.0.2", - "tokio", - "tower-layer", - "tower-service", - "tracing", -] - -[[package]] -name = "tower-layer" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e" - -[[package]] -name = "tower-service" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3" - -[[package]] -name = "tracing" -version = "0.1.41" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0" -dependencies = [ - "log", - "pin-project-lite", - "tracing-core", -] - -[[package]] -name = "tracing-core" -version = "0.1.34" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9d12581f227e93f094d3af2ae690a574abb8a2b9b7a96e7cfe9647b2b617678" -dependencies = [ - "once_cell", -] - -[[package]] -name = "try-lock" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" - -[[package]] -name = "typenum" -version = "1.19.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "562d481066bde0658276a35467c4af00bdc6ee726305698a55b86e61d7ad82bb" - -[[package]] -name = "unicode-ident" -version = "1.0.20" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "462eeb75aeb73aea900253ce739c8e18a67423fadf006037cd3ff27e82748a06" - -[[package]] -name = "universal-hash" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc1de2c688dc15305988b563c3854064043356019f97a4b46276fe734c4f07ea" -dependencies = [ - "crypto-common", - "subtle", -] - -[[package]] -name = "untrusted" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" - -[[package]] -name = "ureq" -version = "2.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02d1a66277ed75f640d608235660df48c8e3c19f3b4edb6a263315626cc3c01d" -dependencies = [ - "base64 0.22.1", - "flate2", - "log", - "once_cell", - "rustls", - "rustls-pki-types", - "serde", - "serde_json", - "url", - "webpki-roots 0.26.11", -] - -[[package]] -name = "url" -version = "2.5.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08bc136a29a3d1758e07a9cca267be308aeebf5cfd5a10f3f67ab2097683ef5b" -dependencies = [ - "form_urlencoded", - "idna", - "percent-encoding", - "serde", -] - -[[package]] -name = "utf8_iter" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be" - -[[package]] -name = "utf8parse" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" - -[[package]] -name = "uuid" -version = "1.18.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f87b8aa10b915a06587d0dec516c282ff295b475d94abf425d62b57710070a2" -dependencies = [ - "js-sys", - "serde", - "wasm-bindgen", -] - -[[package]] -name = "vcpkg" -version = "0.2.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" - -[[package]] -name = "version_check" -version = "0.9.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" - -[[package]] -name = "want" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfa7760aed19e106de2c7c0b581b509f2f25d3dacaf737cb82ac61bc6d760b0e" -dependencies = [ - "try-lock", -] - -[[package]] -name = "wasi" -version = "0.11.1+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ccf3ec651a847eb01de73ccad15eb7d99f80485de043efb2f370cd654f4ea44b" - -[[package]] -name = "wasip2" -version = "1.0.1+wasi-0.2.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0562428422c63773dad2c345a1882263bbf4d65cf3f42e90921f787ef5ad58e7" -dependencies = [ - "wit-bindgen", -] - -[[package]] -name = "wasm-bindgen" -version = "0.2.104" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1da10c01ae9f1ae40cbfac0bac3b1e724b320abfcf52229f80b547c0d250e2d" -dependencies = [ - "cfg-if", - "once_cell", - "rustversion", - "wasm-bindgen-macro", - "wasm-bindgen-shared", -] - -[[package]] -name = "wasm-bindgen-backend" -version = "0.2.104" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "671c9a5a66f49d8a47345ab942e2cb93c7d1d0339065d4f8139c486121b43b19" -dependencies = [ - "bumpalo", - "log", - "proc-macro2", - "quote", - "syn", - "wasm-bindgen-shared", -] - -[[package]] -name = "wasm-bindgen-futures" -version = "0.4.54" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e038d41e478cc73bae0ff9b36c60cff1c98b8f38f8d7e8061e79ee63608ac5c" -dependencies = [ - "cfg-if", - "js-sys", - "once_cell", - "wasm-bindgen", - "web-sys", -] - -[[package]] -name = "wasm-bindgen-macro" -version = "0.2.104" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ca60477e4c59f5f2986c50191cd972e3a50d8a95603bc9434501cf156a9a119" -dependencies = [ - "quote", - "wasm-bindgen-macro-support", -] - -[[package]] -name = "wasm-bindgen-macro-support" -version = "0.2.104" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f07d2f20d4da7b26400c9f4a0511e6e0345b040694e8a75bd41d578fa4421d7" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "wasm-bindgen-backend", - "wasm-bindgen-shared", -] - -[[package]] -name = "wasm-bindgen-shared" -version = "0.2.104" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bad67dc8b2a1a6e5448428adec4c3e84c43e561d8c9ee8a9e5aabeb193ec41d1" -dependencies = [ - "unicode-ident", -] - -[[package]] -name = "web-sys" -version = "0.3.81" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9367c417a924a74cae129e6a2ae3b47fabb1f8995595ab474029da749a8be120" -dependencies = [ - "js-sys", - "wasm-bindgen", -] - -[[package]] -name = "webpki-roots" -version = "0.26.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "521bc38abb08001b01866da9f51eb7c5d647a19260e00054a8c7fd5f9e57f7a9" -dependencies = [ - "webpki-roots 1.0.3", -] - -[[package]] -name = "webpki-roots" -version = "1.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32b130c0d2d49f8b6889abc456e795e82525204f27c42cf767cf0d7734e089b8" -dependencies = [ - "rustls-pki-types", -] - -[[package]] -name = "winapi-util" -version = "0.1.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2a7b1c03c876122aa43f3020e6c3c3ee5c05081c9a00739faf7503aeba10d22" -dependencies = [ - "windows-sys 0.61.2", -] - -[[package]] -name = "windows-core" -version = "0.62.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b8e83a14d34d0623b51dce9581199302a221863196a1dde71a7663a4c2be9deb" -dependencies = [ - "windows-implement", - "windows-interface", - "windows-link", - "windows-result", - "windows-strings", -] - -[[package]] -name = "windows-implement" -version = "0.60.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "053e2e040ab57b9dc951b72c264860db7eb3b0200ba345b4e4c3b14f67855ddf" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "windows-interface" -version = "0.59.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f316c4a2570ba26bbec722032c4099d8c8bc095efccdc15688708623367e358" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "windows-link" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0805222e57f7521d6a62e36fa9163bc891acd422f971defe97d64e70d0a4fe5" - -[[package]] -name = "windows-result" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7781fa89eaf60850ac3d2da7af8e5242a5ea78d1a11c49bf2910bb5a73853eb5" -dependencies = [ - "windows-link", -] - -[[package]] -name = "windows-strings" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7837d08f69c77cf6b07689544538e017c1bfcf57e34b4c0ff58e6c2cd3b37091" -dependencies = [ - "windows-link", -] - -[[package]] -name = "windows-sys" -version = "0.48.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" -dependencies = [ - "windows-targets 0.48.5", -] - -[[package]] -name = "windows-sys" -version = "0.52.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" -dependencies = [ - "windows-targets 0.52.6", -] - -[[package]] -name = "windows-sys" -version = "0.59.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" -dependencies = [ - "windows-targets 0.52.6", -] - -[[package]] -name = "windows-sys" -version = "0.60.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb" -dependencies = [ - "windows-targets 0.53.5", -] - -[[package]] -name = "windows-sys" -version = "0.61.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae137229bcbd6cdf0f7b80a31df61766145077ddf49416a728b02cb3921ff3fc" -dependencies = [ - "windows-link", -] - -[[package]] -name = "windows-targets" -version = "0.48.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" -dependencies = [ - "windows_aarch64_gnullvm 0.48.5", - "windows_aarch64_msvc 0.48.5", - "windows_i686_gnu 0.48.5", - "windows_i686_msvc 0.48.5", - "windows_x86_64_gnu 0.48.5", - "windows_x86_64_gnullvm 0.48.5", - "windows_x86_64_msvc 0.48.5", -] - -[[package]] -name = "windows-targets" -version = "0.52.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" -dependencies = [ - "windows_aarch64_gnullvm 0.52.6", - "windows_aarch64_msvc 0.52.6", - "windows_i686_gnu 0.52.6", - "windows_i686_gnullvm 0.52.6", - "windows_i686_msvc 0.52.6", - "windows_x86_64_gnu 0.52.6", - "windows_x86_64_gnullvm 0.52.6", - "windows_x86_64_msvc 0.52.6", -] - -[[package]] -name = "windows-targets" -version = "0.53.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4945f9f551b88e0d65f3db0bc25c33b8acea4d9e41163edf90dcd0b19f9069f3" -dependencies = [ - "windows-link", - "windows_aarch64_gnullvm 0.53.1", - "windows_aarch64_msvc 0.53.1", - "windows_i686_gnu 0.53.1", - "windows_i686_gnullvm 0.53.1", - "windows_i686_msvc 0.53.1", - "windows_x86_64_gnu 0.53.1", - "windows_x86_64_gnullvm 0.53.1", - "windows_x86_64_msvc 0.53.1", -] - -[[package]] -name = "windows_aarch64_gnullvm" -version = "0.48.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" - -[[package]] -name = "windows_aarch64_gnullvm" -version = "0.52.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" - -[[package]] -name = "windows_aarch64_gnullvm" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a9d8416fa8b42f5c947f8482c43e7d89e73a173cead56d044f6a56104a6d1b53" - -[[package]] -name = "windows_aarch64_msvc" -version = "0.48.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" - -[[package]] -name = "windows_aarch64_msvc" -version = "0.52.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" - -[[package]] -name = "windows_aarch64_msvc" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9d782e804c2f632e395708e99a94275910eb9100b2114651e04744e9b125006" - -[[package]] -name = "windows_i686_gnu" -version = "0.48.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" - -[[package]] -name = "windows_i686_gnu" -version = "0.52.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" - -[[package]] -name = "windows_i686_gnu" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "960e6da069d81e09becb0ca57a65220ddff016ff2d6af6a223cf372a506593a3" - -[[package]] -name = "windows_i686_gnullvm" -version = "0.52.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" - -[[package]] -name = "windows_i686_gnullvm" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa7359d10048f68ab8b09fa71c3daccfb0e9b559aed648a8f95469c27057180c" - -[[package]] -name = "windows_i686_msvc" -version = "0.48.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" - -[[package]] -name = "windows_i686_msvc" -version = "0.52.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" - -[[package]] -name = "windows_i686_msvc" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e7ac75179f18232fe9c285163565a57ef8d3c89254a30685b57d83a38d326c2" - -[[package]] -name = "windows_x86_64_gnu" -version = "0.48.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" - -[[package]] -name = "windows_x86_64_gnu" -version = "0.52.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" - -[[package]] -name = "windows_x86_64_gnu" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c3842cdd74a865a8066ab39c8a7a473c0778a3f29370b5fd6b4b9aa7df4a499" - -[[package]] -name = "windows_x86_64_gnullvm" -version = "0.48.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" - -[[package]] -name = "windows_x86_64_gnullvm" -version = "0.52.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" - -[[package]] -name = "windows_x86_64_gnullvm" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ffa179e2d07eee8ad8f57493436566c7cc30ac536a3379fdf008f47f6bb7ae1" - -[[package]] -name = "windows_x86_64_msvc" -version = "0.48.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" - -[[package]] -name = "windows_x86_64_msvc" -version = "0.52.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" - -[[package]] -name = "windows_x86_64_msvc" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6bbff5f0aada427a1e5a6da5f1f98158182f26556f345ac9e04d36d0ebed650" - -[[package]] -name = "winreg" -version = "0.50.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1" -dependencies = [ - "cfg-if", - "windows-sys 0.48.0", -] - -[[package]] -name = "wit-bindgen" -version = "0.46.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f17a85883d4e6d00e8a97c586de764dabcc06133f7f1d55dce5cdc070ad7fe59" - -[[package]] -name = "writeable" -version = "0.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea2f10b9bb0928dfb1b42b65e1f9e36f7f54dbdf08457afefb38afcdec4fa2bb" - -[[package]] -name = "x509-parser" -version = "0.16.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcbc162f30700d6f3f82a24bf7cc62ffe7caea42c0b2cba8bf7f3ae50cf51f69" -dependencies = [ - "asn1-rs", - "data-encoding", - "der-parser", - "lazy_static", - "nom", - "oid-registry", - "ring", - "rusticata-macros", - "thiserror 1.0.69", - "time", -] - -[[package]] -name = "yoke" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f41bb01b8226ef4bfd589436a297c53d118f65921786300e427be8d487695cc" -dependencies = [ - "serde", - "stable_deref_trait", - "yoke-derive", - "zerofrom", -] - -[[package]] -name = "yoke-derive" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38da3c9736e16c5d3c8c597a9aaa5d1fa565d0532ae05e27c24aa62fb32c0ab6" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "synstructure", -] - -[[package]] -name = "zerocopy" -version = "0.8.27" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0894878a5fa3edfd6da3f88c4805f4c8558e2b996227a3d864f47fe11e38282c" -dependencies = [ - "zerocopy-derive", -] - -[[package]] -name = "zerocopy-derive" -version = "0.8.27" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88d2b8d9c68ad2b9e4340d7832716a4d21a22a1154777ad56ea55c51a9cf3831" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "zerofrom" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50cc42e0333e05660c3587f3bf9d0478688e15d870fab3346451ce7f8c9fbea5" -dependencies = [ - "zerofrom-derive", -] - -[[package]] -name = "zerofrom-derive" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d71e5d6e06ab090c67b5e44993ec16b72dcbaabc526db883a360057678b48502" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "synstructure", -] - -[[package]] -name = "zeroize" -version = "1.8.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0" - -[[package]] -name = "zerotrie" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "36f0bbd478583f79edad978b407914f61b2972f5af6fa089686016be8f9af595" -dependencies = [ - "displaydoc", - "yoke", - "zerofrom", -] - -[[package]] -name = "zerovec" -version = "0.11.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e7aa2bd55086f1ab526693ecbe444205da57e25f4489879da80635a46d90e73b" -dependencies = [ - "yoke", - "zerofrom", - "zerovec-derive", -] - -[[package]] -name = "zerovec-derive" -version = "0.11.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b96237efa0c878c64bd89c436f661be4e46b2f3eff1ebb976f7ef2321d2f58f" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] diff --git a/attestation-service/Cargo.toml b/attestation-service/Cargo.toml index 6e32152..eacaeb4 100644 --- a/attestation-service/Cargo.toml +++ b/attestation-service/Cargo.toml @@ -1,25 +1,29 @@ [package] name = "attestation-service" -version = "0.1.0" -edition = "2024" +version.workspace = true +license-file.workspace = true +edition.workspace = true +authors.workspace = true +description = "Reference attribute providing service implementation" +homepage.workspace = true [dependencies] -aes-gcm = "0.10.3" -anyhow = "1" -axum = "0.7" -base64 = "0.22.1" -bytes = "1" -chrono = "0.4.40" -hyper = { version = "1.6.0", features = ["http1", "server"] } -hyper-util = { version = "0.1", features = ["tokio", "server", "http1", "service"] } -jsonwebtoken = { version = "9" } -p256 = "0.13.2" -ring = "0.17.14" -rustls = "0.23" -rustls-pemfile = "1" -serde = { version = "1", features = ["derive"] } -serde_json = "1" -snpguest = { git = "https://github.com/faasm/snpguest.git" } -tokio = { version = "1", features = ["full"] } -tokio-rustls = "0.26.2" -ureq = { version = "2", features = ["json"] } +aes-gcm.workspace = true +anyhow.workspace = true +axum.workspace = true +base64.workspace = true +bytes.workspace = true +chrono.workspace = true +hyper = { workspace = true, features = ["http1", "server"] } +hyper-util = { workspace = true, features = ["tokio", "server", "http1", "service"] } +jsonwebtoken.workspace = true +p256.workspace = true +ring.workspace = true +rustls.workspace = true +rustls-pemfile.workspace = true +serde = { workspace = true, features = ["derive"] } +serde_json.workspace = true +snpguest.workspace = true +tokio = { workspace = true, features = ["full"] } +tokio-rustls.workspace = true +ureq = { workspace = true, features = ["json"] } diff --git a/attestation-service/src/main.rs b/attestation-service/src/main.rs index 041f8a5..cbd832f 100644 --- a/attestation-service/src/main.rs +++ b/attestation-service/src/main.rs @@ -1,5 +1,7 @@ -use aes_gcm::aead::{Aead, OsRng, rand_core::RngCore}; -use aes_gcm::{Aes128Gcm, KeyInit, Nonce}; +use aes_gcm::{ + Aes128Gcm, KeyInit, Nonce, + aead::{Aead, OsRng, rand_core::RngCore}, +}; use anyhow::Context; use axum::{ Extension, Json, Router, @@ -13,8 +15,10 @@ use hyper::server::conn::http1; use hyper_util::{rt::tokio::TokioIo, service::TowerToHyperService}; use jsonwebtoken::{EncodingKey, Header, encode}; use p256::PublicKey; -use ring::agreement::{self, ECDH_P256, UnparsedPublicKey}; -use ring::rand::SystemRandom; +use ring::{ + agreement::{self, ECDH_P256, UnparsedPublicKey}, + rand::SystemRandom, +}; use rustls::{ ServerConfig, crypto::CryptoProvider, @@ -131,37 +135,36 @@ fn sec1_pubkey_to_sgx(sec1_pubkey: &[u8]) -> anyhow::Result> { // SNP stuff // ---------------------------------------------------------------------------- -#[derive(Deserialize)] -#[serde(rename_all = "camelCase")] -struct VcekResponse { - vcek_cert: String, - certificate_chain: String, -} +// #[derive(Deserialize)] +// #[serde(rename_all = "camelCase")] +// struct VcekResponse { +// vcek_cert: String, +// certificate_chain: String, +// } /// This method can only be called from an Azure cVM pub fn fetch_vcek_pem() -> Result, Box> { - return Ok(vec![]); - - #[allow(unreachable_code)] - match ureq::get("http://169.254.169.254/metadata/THIM/amd/certification") - .set("Metadata", "true") - .call() - { - Ok(resp) => match resp.into_json::() { - Ok(data) => { - let pem = format!("{}\n{}", data.vcek_cert, data.certificate_chain); - Ok(pem.into_bytes()) - } - Err(e) => { - eprintln!("WARNING: failed to parse VCECK response JSON: {e}"); - Ok(vec![]) - } - }, - Err(e) => { - eprintln!("WARNING: failed to fetch VCECK certificates: {e}"); - Ok(vec![]) - } - } + Ok(vec![]) + + // match ureq::get("http://169.254.169.254/metadata/THIM/amd/certification") + // .set("Metadata", "true") + // .call() + // { + // Ok(resp) => match resp.into_json::() { + // Ok(data) => { + // let pem = format!("{}\n{}", data.vcek_cert, data.certificate_chain); + // Ok(pem.into_bytes()) + // } + // Err(e) => { + // eprintln!("WARNING: failed to parse VCECK response JSON: {e}"); + // Ok(vec![]) + // } + // }, + // Err(e) => { + // eprintln!("WARNING: failed to fetch VCECK certificates: {e}"); + // Ok(vec![]) + // } + // } } fn generate_jwt_encoding_key() -> Result { diff --git a/ansible/accless.yaml b/config/ansible/accless.yaml similarity index 100% rename from ansible/accless.yaml rename to config/ansible/accless.yaml diff --git a/ansible/ansible.cfg b/config/ansible/ansible.cfg similarity index 100% rename from ansible/ansible.cfg rename to config/ansible/ansible.cfg diff --git a/ansible/attestationservice.yaml b/config/ansible/attestationservice.yaml similarity index 100% rename from ansible/attestationservice.yaml rename to config/ansible/attestationservice.yaml diff --git a/ansible/inventory/.gitkeep b/config/ansible/inventory/.gitkeep similarity index 100% rename from ansible/inventory/.gitkeep rename to config/ansible/inventory/.gitkeep diff --git a/config/ansible/inventory/vms.ini b/config/ansible/inventory/vms.ini new file mode 100644 index 0000000..d37765b --- /dev/null +++ b/config/ansible/inventory/vms.ini @@ -0,0 +1,2 @@ +[sgxfaasm] +sgx-faasm-vm ansible_host=20.169.144.17 ansible_user=tless diff --git a/ansible/mhsm.yaml b/config/ansible/mhsm.yaml similarity index 100% rename from ansible/mhsm.yaml rename to config/ansible/mhsm.yaml diff --git a/ansible/sgxfaasm.yaml b/config/ansible/sgxfaasm.yaml similarity index 100% rename from ansible/sgxfaasm.yaml rename to config/ansible/sgxfaasm.yaml diff --git a/ansible/snpknative.yaml b/config/ansible/snpknative.yaml similarity index 100% rename from ansible/snpknative.yaml rename to config/ansible/snpknative.yaml diff --git a/ansible/tasks/accless.yaml b/config/ansible/tasks/accless.yaml similarity index 100% rename from ansible/tasks/accless.yaml rename to config/ansible/tasks/accless.yaml diff --git a/ansible/tasks/accless/apt.yaml b/config/ansible/tasks/accless/apt.yaml similarity index 100% rename from ansible/tasks/accless/apt.yaml rename to config/ansible/tasks/accless/apt.yaml diff --git a/ansible/tasks/accless/az_guest_attestation_prereq.yaml b/config/ansible/tasks/accless/az_guest_attestation_prereq.yaml similarity index 100% rename from ansible/tasks/accless/az_guest_attestation_prereq.yaml rename to config/ansible/tasks/accless/az_guest_attestation_prereq.yaml diff --git a/ansible/tasks/accless/code.yaml b/config/ansible/tasks/accless/code.yaml similarity index 100% rename from ansible/tasks/accless/code.yaml rename to config/ansible/tasks/accless/code.yaml diff --git a/ansible/tasks/accless/rabe.yaml b/config/ansible/tasks/accless/rabe.yaml similarity index 100% rename from ansible/tasks/accless/rabe.yaml rename to config/ansible/tasks/accless/rabe.yaml diff --git a/ansible/tasks/attestation-service/apt.yaml b/config/ansible/tasks/attestation-service/apt.yaml similarity index 100% rename from ansible/tasks/attestation-service/apt.yaml rename to config/ansible/tasks/attestation-service/apt.yaml diff --git a/ansible/tasks/attestation-service/code.yaml b/config/ansible/tasks/attestation-service/code.yaml similarity index 100% rename from ansible/tasks/attestation-service/code.yaml rename to config/ansible/tasks/attestation-service/code.yaml diff --git a/ansible/tasks/attestationservice.yaml b/config/ansible/tasks/attestationservice.yaml similarity index 100% rename from ansible/tasks/attestationservice.yaml rename to config/ansible/tasks/attestationservice.yaml diff --git a/ansible/tasks/mhsm.yaml b/config/ansible/tasks/mhsm.yaml similarity index 100% rename from ansible/tasks/mhsm.yaml rename to config/ansible/tasks/mhsm.yaml diff --git a/ansible/tasks/mhsm/apt.yaml b/config/ansible/tasks/mhsm/apt.yaml similarity index 100% rename from ansible/tasks/mhsm/apt.yaml rename to config/ansible/tasks/mhsm/apt.yaml diff --git a/ansible/tasks/mhsm/code.yaml b/config/ansible/tasks/mhsm/code.yaml similarity index 100% rename from ansible/tasks/mhsm/code.yaml rename to config/ansible/tasks/mhsm/code.yaml diff --git a/ansible/tasks/sgx-faasm/apt.yaml b/config/ansible/tasks/sgx-faasm/apt.yaml similarity index 100% rename from ansible/tasks/sgx-faasm/apt.yaml rename to config/ansible/tasks/sgx-faasm/apt.yaml diff --git a/ansible/tasks/sgx-faasm/code.yaml b/config/ansible/tasks/sgx-faasm/code.yaml similarity index 100% rename from ansible/tasks/sgx-faasm/code.yaml rename to config/ansible/tasks/sgx-faasm/code.yaml diff --git a/ansible/tasks/sgx-faasm/sgx_setup.yaml b/config/ansible/tasks/sgx-faasm/sgx_setup.yaml similarity index 100% rename from ansible/tasks/sgx-faasm/sgx_setup.yaml rename to config/ansible/tasks/sgx-faasm/sgx_setup.yaml diff --git a/ansible/tasks/sgxfaasm.yaml b/config/ansible/tasks/sgxfaasm.yaml similarity index 100% rename from ansible/tasks/sgxfaasm.yaml rename to config/ansible/tasks/sgxfaasm.yaml diff --git a/ansible/tasks/snp-knative/apt.yaml b/config/ansible/tasks/snp-knative/apt.yaml similarity index 100% rename from ansible/tasks/snp-knative/apt.yaml rename to config/ansible/tasks/snp-knative/apt.yaml diff --git a/ansible/tasks/snp-knative/code.yaml b/config/ansible/tasks/snp-knative/code.yaml similarity index 100% rename from ansible/tasks/snp-knative/code.yaml rename to config/ansible/tasks/snp-knative/code.yaml diff --git a/ansible/tasks/snp-knative/nydus_image.yaml b/config/ansible/tasks/snp-knative/nydus_image.yaml similarity index 100% rename from ansible/tasks/snp-knative/nydus_image.yaml rename to config/ansible/tasks/snp-knative/nydus_image.yaml diff --git a/ansible/tasks/snp-knative/qemu.yaml b/config/ansible/tasks/snp-knative/qemu.yaml similarity index 100% rename from ansible/tasks/snp-knative/qemu.yaml rename to config/ansible/tasks/snp-knative/qemu.yaml diff --git a/ansible/tasks/snp-knative/update_host_kernel.yaml b/config/ansible/tasks/snp-knative/update_host_kernel.yaml similarity index 100% rename from ansible/tasks/snp-knative/update_host_kernel.yaml rename to config/ansible/tasks/snp-knative/update_host_kernel.yaml diff --git a/ansible/tasks/snpknative.yaml b/config/ansible/tasks/snpknative.yaml similarity index 100% rename from ansible/tasks/snpknative.yaml rename to config/ansible/tasks/snpknative.yaml diff --git a/ansible/tasks/trustee.yaml b/config/ansible/tasks/trustee.yaml similarity index 100% rename from ansible/tasks/trustee.yaml rename to config/ansible/tasks/trustee.yaml diff --git a/ansible/tasks/trustee/apt.yaml b/config/ansible/tasks/trustee/apt.yaml similarity index 100% rename from ansible/tasks/trustee/apt.yaml rename to config/ansible/tasks/trustee/apt.yaml diff --git a/ansible/tasks/trustee/code.yaml b/config/ansible/tasks/trustee/code.yaml similarity index 100% rename from ansible/tasks/trustee/code.yaml rename to config/ansible/tasks/trustee/code.yaml diff --git a/ansible/tasks/util/az_guest_attestation.yaml b/config/ansible/tasks/util/az_guest_attestation.yaml similarity index 100% rename from ansible/tasks/util/az_guest_attestation.yaml rename to config/ansible/tasks/util/az_guest_attestation.yaml diff --git a/ansible/tasks/util/docker.yaml b/config/ansible/tasks/util/docker.yaml similarity index 100% rename from ansible/tasks/util/docker.yaml rename to config/ansible/tasks/util/docker.yaml diff --git a/ansible/tasks/util/rust.yaml b/config/ansible/tasks/util/rust.yaml similarity index 100% rename from ansible/tasks/util/rust.yaml rename to config/ansible/tasks/util/rust.yaml diff --git a/ansible/tasks/util/vim.yaml b/config/ansible/tasks/util/vim.yaml similarity index 100% rename from ansible/tasks/util/vim.yaml rename to config/ansible/tasks/util/vim.yaml diff --git a/ansible/trustee.yaml b/config/ansible/trustee.yaml similarity index 100% rename from ansible/trustee.yaml rename to config/ansible/trustee.yaml diff --git a/azure/.gitignore b/config/azure/.gitignore similarity index 100% rename from azure/.gitignore rename to config/azure/.gitignore diff --git a/azure/mhsm_skr_policy.json b/config/azure/mhsm_skr_policy.json similarity index 100% rename from azure/mhsm_skr_policy.json rename to config/azure/mhsm_skr_policy.json diff --git a/azure/snp_guest_cloud-init.txt b/config/azure/snp_guest_cloud-init.txt similarity index 100% rename from azure/snp_guest_cloud-init.txt rename to config/azure/snp_guest_cloud-init.txt diff --git a/azure/snp_guest_parameters.json b/config/azure/snp_guest_parameters.json similarity index 100% rename from azure/snp_guest_parameters.json rename to config/azure/snp_guest_parameters.json diff --git a/azure/snp_guest_template.json b/config/azure/snp_guest_template.json similarity index 100% rename from azure/snp_guest_template.json rename to config/azure/snp_guest_template.json diff --git a/docker/accless-experiments.dockerfile b/config/docker/accless-experiments.dockerfile similarity index 81% rename from docker/accless-experiments.dockerfile rename to config/docker/accless-experiments.dockerfile index f97cf08..66ed298 100644 --- a/docker/accless-experiments.dockerfile +++ b/config/docker/accless-experiments.dockerfile @@ -1,10 +1,13 @@ -FROM ghcr.io/faasm/cpp-sysroot:0.6.0 +FROM ghcr.io/faasm/cpp-sysroot:0.8.0 # Install rust RUN rm -rf /root/.rustup \ + && apt update && apt install -y --no-install-recommends \ + build-essential \ + curl \ + wget \ && curl --proto '=https' --tlsv1.3 https://sh.rustup.rs -sSf | sh -s -- -y \ - && . "$HOME/.cargo/env" \ - && rustup target add wasm32-wasip1 + && . "$HOME/.cargo/env" # Deps for Azure's cVM guest library: OpenSSL + libcurl + TPM2-TSS. # The versions are taken from the pre-requisite script in the repo, and the @@ -45,22 +48,23 @@ RUN wget https://www.openssl.org/source/openssl-3.3.2.tar.gz \ && env \ PKG_CONFIG_PATH=/usr/local/attestationcurl/lib/pkgconfig:/usr/local/attestationssl/lib64/pkgconfig \ LDFLAGS='-Wl,-R/usr/local/attestationssl/lib64 -Wl,-R/usr/local/attestationcurl/lib' \ + CPPFLAGS='-I/usr/local/attestationcurl/include' \ ./configure --prefix=/usr/local/attestationtpm2-tss \ && make -j$(nproc) \ && make install \ && rm -rf /opt/tpm2-tss # Prepare repository structure +ARG ACCLESS_VERSION RUN rm -rf /code \ && mkdir -p /code \ && cd /code \ # Checkout to examples repo to a specific commit && git clone https://github.com/faasm/examples /code/faasm-examples \ && cd /code/faasm-examples \ - && git checkout 59d4d2c2e2a004f132cf61fc9c15c3faa7d61336 \ + && git checkout 3cd09e9cf41979fe73c8a9417b661ba08b5b3a75 \ && git submodule update --init -f cpp \ - && pip3 install /code/faasm-examples/cpp \ - && git clone https://github.com/faasm/tless /code/tless \ + && git clone -b v${ACCLESS_VERSION} https://github.com/faasm/tless /code/tless \ && cd /code/tless \ && git submodule update --init @@ -76,7 +80,9 @@ RUN cd /code/faasm-examples/cpp \ opencv opencv --native # Build workflow code (WASM for Faasm + Native for Knative) -ENV PATH=${PATH}:/root/.cargo/bin -RUN cd /code/tless \ - && python3 ./ubench/build.py \ - && python3 ./workflows/build.py +# ENV PATH=${PATH}:/root/.cargo/bin +# RUN cd /code/tless \ + # # Activate faasmtools +# && source /code/faasm-examples/cpp/bin/workon.sh \ + # && python3 ./ubench/build.py \ + # && python3 ./workflows/build.py diff --git a/docker/accless-knative-worker.dockerfile b/config/docker/accless-knative-worker.dockerfile similarity index 78% rename from docker/accless-knative-worker.dockerfile rename to config/docker/accless-knative-worker.dockerfile index 2dfb1b9..e0b06dd 100644 --- a/docker/accless-knative-worker.dockerfile +++ b/config/docker/accless-knative-worker.dockerfile @@ -2,8 +2,8 @@ ARG TLESS_VERSION FROM ghcr.io/faasm/accless-experiments:${TLESS_VERSION:-d34d} AS build -FROM ubuntu:22.04 -LABEL org.opencontainers.image.source=https://github.com/faasm/experiment-tless +FROM ubuntu:24.04 +LABEL org.opencontainers.image.source=https://github.com/faasm/tless # Some built shared libraries depend on the absolute path COPY --from=build \ @@ -20,29 +20,29 @@ COPY --from=build \ # FINRA COPY --from=build \ - /code/tless/workflows/finra/knative/target/ \ - /workflows/finra/knative/target + /code/tless/workflows/target/release/accless-finra-cloudevent-handler \ + /workflows/finra/knative/ COPY --from=build \ /code/tless/workflows/build-native/finra/ \ /workflows/build-native/finra # ML Training COPY --from=build \ - /code/tless/workflows/ml-training/knative/target/ \ - /workflows/ml-training/knative/target + /code/tless/workflows/target/release/accless-ml-training-cloudevent-handler \ + /workflows/ml-training/knative/ COPY --from=build \ /code/tless/workflows/build-native/ml-training/ \ /workflows/build-native/ml-training # ML Infenrence COPY --from=build \ - /code/tless/workflows/ml-inference/knative/target/ \ - /workflows/ml-inference/knative/target + /code/tless/workflows/target/release/accless-ml-inference-cloudevent-handler \ + /workflows/ml-inference/knative/ COPY --from=build \ /code/tless/workflows/build-native/ml-inference/ \ /workflows/build-native/ml-inference # Word Cont COPY --from=build \ - /code/tless/workflows/word-count/knative/target/ \ - /workflows/word-count/knative/target + /code/tless/workflows/target/release/accless-word-count-cloudevent-handler \ + /workflows/word-count/knative/ COPY --from=build \ /code/tless/workflows/build-native/word-count/ \ /workflows/build-native/word-count diff --git a/k8s/common.yaml b/config/k8s/common.yaml similarity index 100% rename from k8s/common.yaml rename to config/k8s/common.yaml diff --git a/docs/baselines.md b/docs/baselines.md new file mode 100644 index 0000000..0b9b5bd --- /dev/null +++ b/docs/baselines.md @@ -0,0 +1,9 @@ +## Baselines + +Accless currently supports being deployed on top of two serverless runtimes, +[Faasm](https://github.com/faasm/faasm) and [Knative](https://knative.dev). + +For instructions to deploy each one of them, see: +- [Deploying on top of Faasm](./docs/tless_on_faasm.md) +- [Deploying on top of Knative](./docs/tless_on_knative.md) + diff --git a/docs/workflows.md b/docs/workflows.md new file mode 100644 index 0000000..5a5eb71 --- /dev/null +++ b/docs/workflows.md @@ -0,0 +1,9 @@ +## Workflows + +As part of Accless experiments, we implement four different serverless +applications with different workflow graphs, all based on related work: +* [FINRA](./workflows/finra/README.md) - Based on the AWS FINRA [case study](https://aws.amazon.com/solutions/case-studies/finra-data-validation/). +* [ML Training](./workflows/ml-training/README.md) - Ported from [Orion](https://www.usenix.org/conference/osdi22/presentation/mahgoub) and [RMMap](https://dl.acm.org/doi/abs/10.1145/3627703.3629568). +* [ML Inference](./workflows/ml-inference/README.md) - Ported from [RMMap](https://dl.acm.org/doi/abs/10.1145/3627703.3629568). +* [Word Count](./workflows/word-count/README.md) - Ported from the MapReduce [example](https://github.com/ddps-lab/serverless-faas-workbench/tree/master/aws/cpu-memory/mapreduce) in the FunctionBench paper. + diff --git a/eval/README.md b/eval/README.md new file mode 100644 index 0000000..553a096 --- /dev/null +++ b/eval/README.md @@ -0,0 +1,53 @@ +## Accless Experiments + +This document covers the different experiments in Accless, and how to reproduce +them. + +Table of contents: +- [Hardware set-up](#hardware-set-up) + - [Faasm baselines](#faasm-baselines) + - [Knative baselines](#knative-baselines) + - [Application workflows](#application-workflows) +- [Macro-benchmarks](#macro-benchmarks) + +### Hardware Set-Up + +You first need to deploy and provision the cluster corresponding to each +baseline. + +#### Faasm Baselines + +For Faasm-based baselines, we deploy a single IceLake server on Azure, and +deploy Faasm using docker-compose inside. To deploy and provision the server +node, run: + +```bash +accli azure sgx-faasm create +accli azure sgx-faasm provision +``` + +#### Knative Baselines + +To-Do + +#### Application Workflows + +The [applications](../docs/workflows.md) we run as part of our experiments +are written in C++ and support native compilation, for their execution in +Knative, and cross-compilation to WebAssembly, for their execution with Faasm. + +To aid with cross-compilation, we provide a docker image to build the different +application workflows with our cross-compilation toolchain. To build the +container image you may run: + +```bash +accli docker build -c experiments +``` + +FIXME: the JWT library has some hard-coded certs, so we need to re-build +the experiments when we have already deployed an APS + +To-Do: how to build applications and how to generate the dataset! +CONTINUE HERE! + +### Macro-benchmarks diff --git a/eval/cold-start/README.md b/eval/cold-start/README.md index e66dfa4..cafce13 100644 --- a/eval/cold-start/README.md +++ b/eval/cold-start/README.md @@ -21,8 +21,7 @@ is running: To run the experiment, first upload the corresponding WASM files and state: ```bash -cd ~/git/faasm/tless -source ./bin/workon.sh +source ./scripts/workon.sh invrs eval cold-start upload-state invrs eval cold-start upload-wasm ``` @@ -50,7 +49,7 @@ Once inside, you can deploy the microbenchmark: ```bash cd git/faasm/tless -source ./bin/workon.sh +source ./scripts/workon.sh kubectl apply -f k8s/common.yaml envsubst < ./ubench/cold-start/deployment.yaml | kubectl apply -f - ``` diff --git a/eval/escrow-xput/README.md b/eval/escrow-xput/README.md index 7f12eb6..b4ccdfc 100644 --- a/eval/escrow-xput/README.md +++ b/eval/escrow-xput/README.md @@ -130,7 +130,7 @@ then, SSH into the client and: cd git/faasm/tless # TODO: set this env. var as part of provisioning export TLESS_KBS_URL="https://${server_ip_from_above}:8080" -source ./bin/workon.sh +source ./scripts/workon.sh invrs ubench escrow-xput run --baseline trustee ``` diff --git a/invrs/Cargo.toml b/invrs/Cargo.toml deleted file mode 100644 index 4ac3b21..0000000 --- a/invrs/Cargo.toml +++ /dev/null @@ -1,34 +0,0 @@ -[package] -name = "invrs" -version = "0.1.0" -edition = "2021" - -[dependencies] -aes-gcm = "0.10.3" -aes-gcm-siv = { version = "0.11.1", optional = true } -anyhow = "^1.0.0" -base64 = "^0.22" -bytes = "1.4" -chrono = "^0.4.38" -clap = { version = "4.0", features = ["derive"] } -csv = "^1.1" -env_logger = "0.11.8" -futures = "^0.3" -futures-util = "0.3" -hex = "0.4.3" -indicatif = "^0.17" -log = "^0.4" -minio = { git = "https://github.com/minio/minio-rs.git", rev = "b254b2f7aeaf18a1588a8800ff9b877b7885236e" } -plotters = "^0.3.7" -rabe = { git = "https://github.com/faasm/rabe.git", rev = "0dc7696a95eef44dd051e1d9c2e5c2c8c35211bf" } -rand = "0.9.2" -reqwest = "0.12.15" -serde = { version = "^1.0", features = ["derive"] } -serde_json = "^1.0" -serde_yaml = "0.9" -shellexpand = "^3.1" -sha2 = "0.10" -shell-words = "^1.1.0" -subtle = "2.6.1" -tokio = { version = "1", features = ["full"] } -walkdir = "2" diff --git a/rust-toolchain.toml b/rust-toolchain.toml new file mode 100644 index 0000000..90608aa --- /dev/null +++ b/rust-toolchain.toml @@ -0,0 +1,4 @@ +[toolchain] +channel = "nightly" +targets = ["wasm32-wasip1"] +components = [ "rustfmt", "clippy", "rust-analyzer" ] diff --git a/rustfmt.toml b/rustfmt.toml new file mode 100644 index 0000000..1abcfc5 --- /dev/null +++ b/rustfmt.toml @@ -0,0 +1,33 @@ +edition = "2024" + +# Set the maximum line length +max_width = 100 + +# Use spaces instead of tabs +hard_tabs = false + +# ---- Imports ---- + +imports_granularity = "Crate" +group_imports = "One" +# group_imports = "StdExternalCrate" + +# ---- Formatting ---- + +# Add a trailing comma on the last item in multi-line lists/structs/enums +# This makes version control diffs much cleaner! +trailing_comma = "Vertical" + +# Sort modules alphabetically +reorder_modules = true + +# ---- Comments ---- + +# Format code examples inside your doc comments +format_code_in_doc_comments = true + +# Wrap long comments at `max_width` +wrap_comments = true + +# Ensure comments start with a space (e.g., `// Foo` not `//Foo`) +normalize_comments = true diff --git a/bin/invrs_wrapper.sh b/scripts/accli_wrapper.sh similarity index 64% rename from bin/invrs_wrapper.sh rename to scripts/accli_wrapper.sh index d0f1cb8..3e930ca 100755 --- a/bin/invrs_wrapper.sh +++ b/scripts/accli_wrapper.sh @@ -1,10 +1,10 @@ #!/bin/bash set -e -source ./bin/workon.sh +source ./scripts/workon.sh THIS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" >/dev/null 2>&1 && pwd )" PROJ_ROOT="${THIS_DIR}/.." RUST_ROOT="${PROJ_ROOT}/invrs" -cargo run --release --manifest-path ${RUST_ROOT}/Cargo.toml -q -- "$@" +cargo run --release -p accli -q -- "$@" diff --git a/bin/build_cli.sh b/scripts/build_cli.sh similarity index 100% rename from bin/build_cli.sh rename to scripts/build_cli.sh diff --git a/bin/create_venv.sh b/scripts/create_venv.sh similarity index 100% rename from bin/create_venv.sh rename to scripts/create_venv.sh diff --git a/bin/env.sh b/scripts/env.sh similarity index 100% rename from bin/env.sh rename to scripts/env.sh diff --git a/scripts/patch_jwt_cert.sh b/scripts/patch_jwt_cert.sh new file mode 100755 index 0000000..e82643a --- /dev/null +++ b/scripts/patch_jwt_cert.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +# This script patches the known-good X509 certificate in the JWT parsing +# library after we deploy one instance of the attribute-providing-service. +# The service's certificate depends on the IP of where it is deployed, and +# it must be hard-coded inside the function code (for correct measurement). +# This file patches the source code once we have the deployed the service. + +set -euo pipefail + +# Get directories +THIS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" >/dev/null 2>&1 && pwd )" +PROJ_ROOT="${THIS_DIR}/.." + +# Define file paths +CERT_FILE="${PROJ_ROOT}/attestation-service/certs/cert.pem" +RUST_FILE="${PROJ_ROOT}/accless/libs/jwt/src/lib.rs" + +# Define markers +START_MARKER="// BEGIN: AUTO-INJECTED CERT" +END_MARKER="// END: AUTO-INJECTED CERT" + +if [[ ! -f "${CERT_FILE}" ]]; then + echo "accless: patch: error: Certificate file not found at ${CERT_FILE}" + echo "accless: patch: please run 'attestation-service/bin/gen_keys.sh' first." + exit 1 +fi + +if [[ ! -f "${RUST_FILE}" ]]; then + echo "accless: patch: error: JWT library file not found at ${RUST_FILE}" + exit 1 +fi + +echo "accless: patch: Reading new certificate from ${CERT_FILE}" + +# Read the certificate and format it as a Rust raw string literal +# We use awk to wrap the file content in `r#"` and `"#,\n` +NEW_CERT_BLOCK=$(awk 'BEGIN {print "r#\""} {print} END {print "\"#,"}' "${CERT_FILE}") + +# Use sed to replace the block between the markers +# This command finds the block, including the marker lines, and replaces it +# with the markers *plus* the new certificate block. +sed -i.bak "/${START_MARKER}/,/${END_MARKER}/c\\ +${START_MARKER}\ +${NEW_CERT_BLOCK}\ +${END_MARKER}\ +" "${RUST_FILE}" + +# Remove the backup file created by sed +rm -f "${RUST_FILE}.bak" + +echo "accless: patch: Successfully patched ${RUST_FILE} with new certificate." diff --git a/bin/run_minio.sh b/scripts/run_minio.sh similarity index 100% rename from bin/run_minio.sh rename to scripts/run_minio.sh diff --git a/bin/upload_wflow.sh b/scripts/upload_wflow.sh similarity index 100% rename from bin/upload_wflow.sh rename to scripts/upload_wflow.sh diff --git a/bin/workon.sh b/scripts/workon.sh similarity index 84% rename from bin/workon.sh rename to scripts/workon.sh index 7de2945..86c0686 100755 --- a/bin/workon.sh +++ b/scripts/workon.sh @@ -2,7 +2,6 @@ THIS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" >/dev/null 2>&1 && pwd )" PROJ_ROOT="${THIS_DIR}/.." -RUST_ROOT="${PROJ_ROOT}/invrs" pushd ${PROJ_ROOT}>>/dev/null @@ -13,9 +12,9 @@ pushd ${PROJ_ROOT}>>/dev/null export PROJ_ROOT=${PROJ_ROOT} export TLESS_VERSION=$(cat ${PROJ_ROOT}/VERSION) export PS1="(accless) $PS1" -source ${PROJ_ROOT}/bin/env.sh +source ${PROJ_ROOT}/scripts/env.sh -alias invrs="cargo run --release --manifest-path ${RUST_ROOT}/Cargo.toml -q --" +alias accli="cargo run --release -p accli -q --" # ---------------------------- # Knative vars (TODO FIXME consider changing) @@ -34,12 +33,6 @@ alias kubectl=${COCO_SOURCE}/bin/kubectl export FAASM_INI_FILE=/home/tless/git/faasm/faasm/faasm.ini export FAASM_VERSION=0.33.0 -# ---------------------------- -# Git config -# ---------------------------- - -git submodule update --init - # ---------------------------- # APT deps # ---------------------------- @@ -56,7 +49,7 @@ sudo apt install -y \ VENV_PATH=${PROJ_ROOT}/venv if [ ! -d ${VENV_PATH} ]; then - ${PROJ_ROOT}/bin/create_venv.sh + ${PROJ_ROOT}/scripts/create_venv.sh fi export VIRTUAL_ENV_DISABLE_PROMPT=1 diff --git a/workflows/build.py b/workflows/build.py index e52c94b..cd5cdd1 100644 --- a/workflows/build.py +++ b/workflows/build.py @@ -6,6 +6,7 @@ from sys import argv WORKFLOWS_ROOT = dirname(realpath(__file__)) +PROJ_ROOT = dirname(WORKFLOWS_ROOT) WORKFLOWS = { "finra": ["driver", "fetch-public", "fetch-private", "audit", "merge"], @@ -67,8 +68,8 @@ def compile_driver(debug=False): """ for workflow in list(WORKFLOWS.keys()): build_dir = join(WORKFLOWS_ROOT, workflow, "knative") - cargo_cmd = "cargo build --{}".format("debug" if debug else "release") - run(cargo_cmd, shell=True, check=True, cwd=build_dir) + cargo_cmd = "cargo build -p accless-{}-cloudevent-handler --{}".format(workflow, "debug" if debug else "release") + run(cargo_cmd, shell=True, check=True, cwd=PROJ_ROOT) if __name__ == "__main__": diff --git a/workflows/finra/knative/Cargo.toml b/workflows/finra/knative/Cargo.toml index c05ad26..46d303b 100644 --- a/workflows/finra/knative/Cargo.toml +++ b/workflows/finra/knative/Cargo.toml @@ -1,16 +1,20 @@ [package] -name = "accless-cloudevent-handler" -version = "0.1.0" -edition = "2024" +name = "accless-finra-cloudevent-handler" +version.workspace = true +license-file.workspace = true +edition.workspace = true +authors.workspace = true +description = "Cloud-Event Handler for the FINRA Workflow" +homepage.workspace = true [dependencies] -cloudevents-sdk = { git = "https://github.com/cloudevents/sdk-rust.git", revision = "fa0aadb31de82956d44fba4b50c6a002d5bd0b7b", features = ["reqwest", "warp"] } -futures-util = "0.3" -minio = { git = "https://github.com/minio/minio-rs.git", rev = "b254b2f7aeaf18a1588a8800ff9b877b7885236e" } -once_cell = "^1.19.0" -rand = { version = "^0.9.0-alpha.2" } -reqwest = { version = "^0.12" } -serde_json = { version = "^1.0" } -tokio = { version = "^1.0", features = ["full"] } -uuid = { version = "^1.3", features = ["v4"] } -warp = "^0.3" +cloudevents-sdk = { workspace = true, features = ["reqwest", "warp"] } +futures-util.workspace = true +minio.workspace = true +once_cell.workspace = true +rand.workspace = true +reqwest.workspace = true +serde_json.workspace = true +tokio = { workspace = true, features = ["full"] } +uuid = { workspace = true, features = ["v4"] } +warp.workspace = true diff --git a/workflows/finra/knative/src/main.rs b/workflows/finra/knative/src/main.rs index e36517e..db14871 100644 --- a/workflows/finra/knative/src/main.rs +++ b/workflows/finra/knative/src/main.rs @@ -1,18 +1,23 @@ -use cloudevents::binding::reqwest::RequestBuilderExt; -use cloudevents::binding::warp::{filter, reply}; -use cloudevents::{AttributesReader, AttributesWriter, Event}; +use cloudevents::{ + AttributesReader, AttributesWriter, Event, + binding::{ + reqwest::RequestBuilderExt, + warp::{filter, reply}, + }, +}; use futures_util::StreamExt; -use minio::s3::args::*; -use minio::s3::client::ClientBuilder; -use minio::s3::creds::StaticProvider; -use minio::s3::error::Error; -use minio::s3::http::BaseUrl; -use minio::s3::types::ToStream; +use minio::s3::{ + args::*, client::ClientBuilder, creds::StaticProvider, error::Error, http::BaseUrl, + types::ToStream, +}; use once_cell::sync::Lazy; use serde_json::{Value, json}; -use std::process::{Command, Stdio}; -use std::sync::{Arc, Mutex}; -use std::{env, fs, thread, time}; +use std::{ + env, fs, + process::{Command, Stdio}, + sync::{Arc, Mutex}, + thread, time, +}; use tokio::task::JoinHandle; use warp::Filter; diff --git a/workflows/finra/knative/workflow.yaml b/workflows/finra/knative/workflow.yaml index 8ececc8..2e82e43 100644 --- a/workflows/finra/knative/workflow.yaml +++ b/workflows/finra/knative/workflow.yaml @@ -58,7 +58,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/finra/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-finra-cloudevent-handler" ] env: - name: ACCLESS_MODE value: "${ACCLESS_MODE}" @@ -82,7 +82,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/finra/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-finra-cloudevent-handler" ] env: - name: ACCLESS_MODE value: "${ACCLESS_MODE}" @@ -115,7 +115,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/finra/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-finra-cloudevent-handler" ] env: - name: CE_FROM_FILE value: "on" @@ -141,7 +141,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/finra/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-finra-cloudevent-handler" ] env: - name: ACCLESS_MODE value: "${ACCLESS_MODE}" diff --git a/workflows/ml-inference/knative/Cargo.toml b/workflows/ml-inference/knative/Cargo.toml index 1cf6f34..b966df2 100644 --- a/workflows/ml-inference/knative/Cargo.toml +++ b/workflows/ml-inference/knative/Cargo.toml @@ -1,16 +1,20 @@ [package] -name = "accless-cloudevent-handler" -version = "0.1.0" -edition = "2021" +name = "accless-ml-inference-cloudevent-handler" +version.workspace = true +license-file.workspace = true +edition.workspace = true +authors.workspace = true +description = "Cloud-Event Handler for the ML Inference Workflow" +homepage.workspace = true [dependencies] -cloudevents-sdk = { git = "https://github.com/cloudevents/sdk-rust.git", revision = "fa0aadb31de82956d44fba4b50c6a002d5bd0b7b", features = ["reqwest", "warp"] } -futures-util = "0.3" -minio = { git = "https://github.com/minio/minio-rs.git", rev = "b254b2f7aeaf18a1588a8800ff9b877b7885236e" } -once_cell = "^1.19.0" -rand = { version = "^0.9.0-alpha.2" } -reqwest = { version = "^0.12" } -serde_json = { version = "^1.0" } -tokio = { version = "^1.0", features = ["full"] } -uuid = { version = "^1.3", features = ["v4"] } -warp = "^0.3" +cloudevents-sdk = { workspace = true, features = ["reqwest", "warp"] } +futures-util.workspace = true +minio.workspace = true +once_cell.workspace = true +rand.workspace = true +reqwest.workspace = true +serde_json.workspace = true +tokio = { workspace = true, features = ["full"] } +uuid = { workspace = true, features = ["v4"] } +warp.workspace = true diff --git a/workflows/ml-inference/knative/src/main.rs b/workflows/ml-inference/knative/src/main.rs index 9740205..2f77c48 100644 --- a/workflows/ml-inference/knative/src/main.rs +++ b/workflows/ml-inference/knative/src/main.rs @@ -1,16 +1,21 @@ -use cloudevents::binding::reqwest::RequestBuilderExt; -use cloudevents::binding::warp::{filter, reply}; -use cloudevents::{AttributesReader, AttributesWriter, Event}; +use cloudevents::{ + AttributesReader, AttributesWriter, Event, + binding::{ + reqwest::RequestBuilderExt, + warp::{filter, reply}, + }, +}; use futures_util::StreamExt; -use minio::s3::args::*; -use minio::s3::client::ClientBuilder; -use minio::s3::creds::StaticProvider; -use minio::s3::error::Error; -use minio::s3::http::BaseUrl; -use minio::s3::types::ToStream; -use serde_json::{json, Value}; -use std::process::{Command, Stdio}; -use std::{env, fs, thread, time}; +use minio::s3::{ + args::*, client::ClientBuilder, creds::StaticProvider, error::Error, http::BaseUrl, + types::ToStream, +}; +use serde_json::{Value, json}; +use std::{ + env, fs, + process::{Command, Stdio}, + thread, time, +}; use tokio::task::JoinHandle; use warp::Filter; diff --git a/workflows/ml-inference/knative/workflow.yaml b/workflows/ml-inference/knative/workflow.yaml index 65b3dc8..022dae7 100644 --- a/workflows/ml-inference/knative/workflow.yaml +++ b/workflows/ml-inference/knative/workflow.yaml @@ -48,7 +48,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/ml-inference/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-ml-inference-cloudevent-handler" ] env: - name: ACCLESS_MODE value: "${ACCLESS_MODE}" @@ -72,7 +72,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/ml-inference/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-ml-inference-cloudevent-handler" ] env: - name: ACCLESS_MODE value: "${ACCLESS_MODE}" @@ -106,7 +106,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/ml-inference/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-ml-inference-cloudevent-handler" ] env: - name: CE_FROM_FILE value: "on" diff --git a/workflows/ml-training/knative/Cargo.toml b/workflows/ml-training/knative/Cargo.toml index 1cf6f34..00a992b 100644 --- a/workflows/ml-training/knative/Cargo.toml +++ b/workflows/ml-training/knative/Cargo.toml @@ -1,16 +1,20 @@ [package] -name = "accless-cloudevent-handler" -version = "0.1.0" -edition = "2021" +name = "accless-ml-training-cloudevent-handler" +version.workspace = true +license-file.workspace = true +edition.workspace = true +authors.workspace = true +description = "Cloud-Event Handler for the ML Training Workflow" +homepage.workspace = true [dependencies] -cloudevents-sdk = { git = "https://github.com/cloudevents/sdk-rust.git", revision = "fa0aadb31de82956d44fba4b50c6a002d5bd0b7b", features = ["reqwest", "warp"] } -futures-util = "0.3" -minio = { git = "https://github.com/minio/minio-rs.git", rev = "b254b2f7aeaf18a1588a8800ff9b877b7885236e" } -once_cell = "^1.19.0" -rand = { version = "^0.9.0-alpha.2" } -reqwest = { version = "^0.12" } -serde_json = { version = "^1.0" } -tokio = { version = "^1.0", features = ["full"] } -uuid = { version = "^1.3", features = ["v4"] } -warp = "^0.3" +cloudevents-sdk = { workspace = true, features = ["reqwest", "warp"] } +futures-util.workspace = true +minio.workspace = true +once_cell.workspace = true +rand.workspace = true +reqwest.workspace = true +serde_json.workspace = true +tokio = { workspace = true, features = ["full"] } +uuid = { workspace = true, features = ["v4"] } +warp.workspace = true diff --git a/workflows/ml-training/knative/src/main.rs b/workflows/ml-training/knative/src/main.rs index c70aedd..620a766 100644 --- a/workflows/ml-training/knative/src/main.rs +++ b/workflows/ml-training/knative/src/main.rs @@ -1,11 +1,17 @@ -use cloudevents::binding::reqwest::RequestBuilderExt; -use cloudevents::binding::warp::{filter, reply}; -use cloudevents::{AttributesReader, AttributesWriter, Event}; +use cloudevents::{ + AttributesReader, AttributesWriter, Event, + binding::{ + reqwest::RequestBuilderExt, + warp::{filter, reply}, + }, +}; use once_cell::sync::Lazy; -use serde_json::{json, Value}; -use std::process::{Command, Stdio}; -use std::sync::{Arc, Mutex}; -use std::{env, fs}; +use serde_json::{Value, json}; +use std::{ + env, fs, + process::{Command, Stdio}, + sync::{Arc, Mutex}, +}; use tokio::task::JoinHandle; use uuid::Uuid; use warp::Filter; diff --git a/workflows/ml-training/knative/workflow.yaml b/workflows/ml-training/knative/workflow.yaml index b3905de..13331c5 100644 --- a/workflows/ml-training/knative/workflow.yaml +++ b/workflows/ml-training/knative/workflow.yaml @@ -62,7 +62,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/ml-training/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-ml-training-cloudevent-handler" ] env: - name: ACCLESS_MODE value: "${ACCLESS_MODE}" @@ -95,7 +95,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/ml-training/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-ml-training-cloudevent-handler" ] env: - name: CE_FROM_FILE value: "on" @@ -130,7 +130,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/ml-training/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-ml-training-cloudevent-handler" ] env: - name: CE_FROM_FILE value: "on" @@ -156,7 +156,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/ml-training/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-ml-training-cloudevent-handler" ] env: - name: ACCLESS_MODE value: "${ACCLESS_MODE}" diff --git a/workflows/word-count/knative/Cargo.toml b/workflows/word-count/knative/Cargo.toml index b6d1fb7..cb0ab2f 100644 --- a/workflows/word-count/knative/Cargo.toml +++ b/workflows/word-count/knative/Cargo.toml @@ -1,14 +1,20 @@ [package] -name = "accless-cloudevent-handler" -version = "0.1.0" -edition = "2021" +name = "accless-word-count-cloudevent-handler" +version.workspace = true +license-file.workspace = true +edition.workspace = true +authors.workspace = true +description = "Cloud-Event Handler for the Word Count Workflow" +homepage.workspace = true [dependencies] -cloudevents-sdk = { git = "https://github.com/cloudevents/sdk-rust.git", revision = "fa0aadb31de82956d44fba4b50c6a002d5bd0b7b", features = ["reqwest", "warp"] } -once_cell = "^1.19.0" -rand = { version = "^0.9.0-alpha.2" } -reqwest = { version = "^0.12" } -serde_json = { version = "^1.0" } -tokio = { version = "^1.0", features = ["full"] } -uuid = { version = "^1.3", features = ["v4"] } -warp = "^0.3" +cloudevents-sdk = { workspace = true, features = ["reqwest", "warp"] } +futures-util.workspace = true +minio.workspace = true +once_cell.workspace = true +rand.workspace = true +reqwest.workspace = true +serde_json.workspace = true +tokio = { workspace = true, features = ["full"] } +uuid = { workspace = true, features = ["v4"] } +warp.workspace = true diff --git a/workflows/word-count/knative/src/main.rs b/workflows/word-count/knative/src/main.rs index ab6ebf5..67df680 100644 --- a/workflows/word-count/knative/src/main.rs +++ b/workflows/word-count/knative/src/main.rs @@ -1,11 +1,19 @@ -use cloudevents::binding::reqwest::RequestBuilderExt; -use cloudevents::binding::warp::{filter, reply}; -use cloudevents::{AttributesReader, AttributesWriter, Event}; +use cloudevents::{ + AttributesReader, AttributesWriter, Event, + binding::{ + reqwest::RequestBuilderExt, + warp::{filter, reply}, + }, +}; use once_cell::sync::Lazy; -use serde_json::{json, Value}; -use std::process::{Command, Stdio}; -use std::sync::{Arc, Mutex}; -use std::{env, fs, io::BufRead, io::BufReader, thread, time}; +use serde_json::{Value, json}; +use std::{ + env, fs, + io::{BufRead, BufReader}, + process::{Command, Stdio}, + sync::{Arc, Mutex}, + thread, time, +}; use tokio::task::JoinHandle; use uuid::Uuid; use warp::Filter; diff --git a/workflows/word-count/knative/workflow.yaml b/workflows/word-count/knative/workflow.yaml index 73e9b1d..e3e4850 100644 --- a/workflows/word-count/knative/workflow.yaml +++ b/workflows/word-count/knative/workflow.yaml @@ -55,7 +55,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/word-count/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-word-count-cloudevent-handler" ] env: - name: ACCLESS_MODE value: "${ACCLESS_MODE}" @@ -95,7 +95,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/word-count/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-word-count-cloudevent-handler" ] env: - name: CE_FROM_FILE value: "on" @@ -123,7 +123,7 @@ spec: ports: - containerPort: 8080 workingDir: /workflows/word-count/knative - command: [ "./target/release/accless-cloudevent-handler" ] + command: [ "./accless-word-count-cloudevent-handler" ] env: - name: ACCLESS_MODE value: "${ACCLESS_MODE}"