Merge #391

391: Use `aws-nitro-enclaves-nsm-api` package from cates.io r=AdrianCX a=raoulstrackx

In order to publish crates on crates.io, they must not contain dependencies from git repositories. This PR replaces git dependencies of `em-app` to crates.io dependencies. No functional changes should have been made.

Co-authored-by: Raoul Strackx <[email protected]>

Author: bors[bot]

Cargo.lock

@@ -34,16 +34,13 @@ sgx_pkix = { version = "0.1.0", path = "../intel-sgx/sgx_pkix" }
 sgx-isa = { version = "0.3", path = "../intel-sgx/sgx-isa", default-features = false }
 
 [target.x86_64-unknown-linux-musl.dependencies]
-nsm-driver = { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api", package = "nsm-driver", rev = "6745598d0e0e8af57e9b96ee2bf3d11b216fe649" }
-nsm-io = { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api", package = "nsm-io", rev = "6745598d0e0e8af57e9b96ee2bf3d11b216fe649" }
+aws-nitro-enclaves-nsm-api = "0.2.0"
 vme-pkix = { path = "../fortanix-vme/vme-pkix/" }
 
 [target.x86_64-unknown-linux-gnu.dependencies]
-nsm-driver = { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api", package = "nsm-driver", rev = "6745598d0e0e8af57e9b96ee2bf3d11b216fe649" }
-nsm-io = { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api", package = "nsm-io", rev = "6745598d0e0e8af57e9b96ee2bf3d11b216fe649" }
+aws-nitro-enclaves-nsm-api = "0.2.0"
 vme-pkix = { path = "../fortanix-vme/vme-pkix/" }
 
 [target.x86_64-unknown-linux-fortanixvme.dependencies]
-nsm-driver = { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api", package = "nsm-driver", rev = "6745598d0e0e8af57e9b96ee2bf3d11b216fe649" }
-nsm-io = { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api", package = "nsm-io", rev = "6745598d0e0e8af57e9b96ee2bf3d11b216fe649" }
+aws-nitro-enclaves-nsm-api = "0.2.0"
 vme-pkix = { path = "../fortanix-vme/vme-pkix/" }

em-app/Cargo.toml

@@ -6,7 +6,8 @@
 use std::borrow::Cow;
 
 use mbedtls::rng::{Rdrand, Random};
-use nsm_io::{Response};
+use aws_nitro_enclaves_nsm_api::api::{Response, Request};
+use aws_nitro_enclaves_nsm_api::driver;
 use pkix::types::{ObjectIdentifier};
 use pkix::x509::DnsAltNames;
 use pkix::{DerWrite, ToDer};
@@ -40,20 +41,20 @@ pub(crate) fn get_nitro_attestation(user_data: &[u8;64]) -> Result<Vec<(ObjectId
     let mut nonce = [0; NONCE_SIZE];
     Rdrand.random(&mut nonce[..]).map_err(|e| Error::NonceGeneration(Box::new(e)))?;
 
-    let nsm_fd = nsm_driver::nsm_init();
+    let nsm_fd = driver::nsm_init();
 
     let user_data = serde_bytes::ByteBuf::from(user_data.to_vec());
     let nonce = serde_bytes::ByteBuf::from(nonce);
 
-    let request = nsm_io::Request::Attestation {
+    let request = Request::Attestation {
         public_key: None,
         user_data: Some(user_data),
         nonce: Some(nonce),
     };
 
-    let response = nsm_driver::nsm_process_request(nsm_fd, request);
+    let response = driver::nsm_process_request(nsm_fd, request);
 
-    nsm_driver::nsm_exit(nsm_fd);
+    driver::nsm_exit(nsm_fd);
 
     let buffer = match response {
         Response::Attestation { document: attestation_doc } => Ok(attestation_doc),