diff --git a/setupenv.sh b/setupenv.sh index c588ad3..0a1f59d 100644 --- a/setupenv.sh +++ b/setupenv.sh @@ -19,7 +19,7 @@ fi python3 -m virtualenv -p python3 ${CURR_DIR}/venv source ${CURR_DIR}/venv/bin/activate -python3 -m pip install "cctrusted_base @ git+https://github.com/cc-api/cc-trusted-api.git#subdirectory=common/python" +python3 -m pip install "evidence_api @ git+https://github.com/cc-api/evidence-api.git#subdirectory=common/python" python3 -m pip install -r $CURR_DIR/src/python/requirements.txt if [ ! $? -eq 0 ]; then echo "Failed to install python PIP packages, please check your proxy (https_proxy) or setup PyPi mirror." diff --git a/src/golang/cctrusted_vm/cmd/app/eventlog.go b/src/golang/cctrusted_vm/cmd/app/eventlog.go index 1576567..0017a8c 100644 --- a/src/golang/cctrusted_vm/cmd/app/eventlog.go +++ b/src/golang/cctrusted_vm/cmd/app/eventlog.go @@ -4,7 +4,7 @@ import ( "encoding/hex" "log" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base" + "github.com/cc-api/evidence-api/common/golang/evidence_api" "github.com/spf13/cobra" ) @@ -65,7 +65,7 @@ var eventLogReplayCmd = &cobra.Command{ }, } -func filterEventLog() ([]cctrusted_base.FormatedTcgEvent, error) { +func filterEventLog() ([]evidence_api.FormatedTcgEvent, error) { sdk, err := GetSDK() if err != nil { return nil, err diff --git a/src/golang/cctrusted_vm/cmd/app/imr.go b/src/golang/cctrusted_vm/cmd/app/imr.go index 9cfc2b6..985123e 100644 --- a/src/golang/cctrusted_vm/cmd/app/imr.go +++ b/src/golang/cctrusted_vm/cmd/app/imr.go @@ -4,7 +4,7 @@ import ( "encoding/hex" "log" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base" + "github.com/cc-api/evidence-api/common/golang/evidence_api" "github.com/spf13/cobra" ) @@ -25,7 +25,7 @@ var imrCmd = &cobra.Command{ group := report.IMRGroup() l := log.Default() l.Printf("Measurement Count: %d\n", group.MaxIndex+1) - alg := cctrusted_base.GetDefaultTPMAlg() + alg := evidence_api.GetDefaultTPMAlg() for index, digest := range group.Group { l.Printf("Index: %v\n", index) l.Printf("Algorithms: %v\n", alg) diff --git a/src/golang/cctrusted_vm/cmd/app/report.go b/src/golang/cctrusted_vm/cmd/app/report.go index a158acf..4f8aceb 100644 --- a/src/golang/cctrusted_vm/cmd/app/report.go +++ b/src/golang/cctrusted_vm/cmd/app/report.go @@ -6,7 +6,7 @@ import ( "math" "math/rand" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base" + "github.com/cc-api/evidence-api/common/golang/evidence_api" "github.com/spf13/cobra" ) @@ -26,7 +26,7 @@ var reportCmd = &cobra.Command{ if err != nil { return err } - report.Dump(cctrusted_base.QuoteDumpFormat(FlagFormat)) + report.Dump(evidence_api.QuoteDumpFormat(FlagFormat)) return nil }, } diff --git a/src/golang/cctrusted_vm/cvm.go b/src/golang/cctrusted_vm/cvm.go index c94ca19..3f8731f 100644 --- a/src/golang/cctrusted_vm/cvm.go +++ b/src/golang/cctrusted_vm/cvm.go @@ -8,7 +8,7 @@ import ( "path/filepath" "strconv" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base" + "github.com/cc-api/evidence-api/common/golang/evidence_api" ) const ( @@ -17,20 +17,20 @@ const ( type Device interface { ProbeDevice() error - Report(nonce, userData string, extraArgs map[string]any) (cctrusted_base.CcReport, error) + Report(nonce, userData string, extraArgs map[string]any) (evidence_api.CcReport, error) Name() string - CCType() cctrusted_base.CC_Type - Version() cctrusted_base.DeviceVersion + CCType() evidence_api.CC_Type + Version() evidence_api.DeviceVersion } type GenericDevice struct { Device } -func (d *GenericDevice) Report(nonce, userData string, extraArgs map[string]any) (cctrusted_base.CcReport, error) { +func (d *GenericDevice) Report(nonce, userData string, extraArgs map[string]any) (evidence_api.CcReport, error) { var err error if _, err = os.Stat(TSM_PREFIX); os.IsNotExist(err) { - return cctrusted_base.CcReport{}, errors.New("Configfs TSM is not supported in the current environment.") + return evidence_api.CcReport{}, errors.New("Configfs TSM is not supported in the current environment.") } // concatenate nonce and userData @@ -56,14 +56,14 @@ func (d *GenericDevice) Report(nonce, userData string, extraArgs map[string]any) tempdir, err := os.MkdirTemp(TSM_PREFIX, "report_") if err != nil { - return cctrusted_base.CcReport{}, errors.New("Failed to init entry in Configfs TSM.") + return evidence_api.CcReport{}, errors.New("Failed to init entry in Configfs TSM.") } defer os.RemoveAll(tempdir) if _, err = os.Stat(filepath.Join(tempdir, "inblob")); !os.IsNotExist(err) { err = os.WriteFile(filepath.Join(tempdir, "inblob"), reportData, 0400) if err != nil { - return cctrusted_base.CcReport{}, errors.New("Failed to push report data into inblob.") + return evidence_api.CcReport{}, errors.New("Failed to push report data into inblob.") } } @@ -71,7 +71,7 @@ func (d *GenericDevice) Report(nonce, userData string, extraArgs map[string]any) if val, ok := v.(int); ok { err = os.WriteFile(filepath.Join(tempdir, "privlevel"), []byte(strconv.Itoa(val)), 0400) if err != nil { - return cctrusted_base.CcReport{}, errors.New("Failed to push privilege data to privlevel file.") + return evidence_api.CcReport{}, errors.New("Failed to push privilege data to privlevel file.") } } } @@ -81,37 +81,37 @@ func (d *GenericDevice) Report(nonce, userData string, extraArgs map[string]any) if _, err = os.Stat(filepath.Join(tempdir, "outblob")); !os.IsNotExist(err) { outblob, err = os.ReadFile(filepath.Join(tempdir, "outblob")) if err != nil { - return cctrusted_base.CcReport{}, errors.New("Failed to get outblob.") + return evidence_api.CcReport{}, errors.New("Failed to get outblob.") } } if _, err = os.Stat(filepath.Join(tempdir, "generation")); !os.IsNotExist(err) { rawGeneration, err := os.ReadFile(filepath.Join(tempdir, "generation")) if err != nil { - return cctrusted_base.CcReport{}, errors.New("Failed to get generation info.") + return evidence_api.CcReport{}, errors.New("Failed to get generation info.") } generation, _ = strconv.Atoi(string(rawGeneration)) // Check if the outblob has been corrupted during file open if generation > 1 { - return cctrusted_base.CcReport{}, errors.New("Found corrupted generation.") + return evidence_api.CcReport{}, errors.New("Found corrupted generation.") } } if _, err = os.Stat(filepath.Join(tempdir, "provider")); !os.IsNotExist(err) { provider, err = os.ReadFile(filepath.Join(tempdir, "provider")) if err != nil { - return cctrusted_base.CcReport{}, errors.New("Failed to get provider info.") + return evidence_api.CcReport{}, errors.New("Failed to get provider info.") } } if _, err = os.Stat(filepath.Join(tempdir, "auxblob")); !os.IsNotExist(err) { auxblob, err = os.ReadFile(filepath.Join(tempdir, "auxblob")) if err != nil { - return cctrusted_base.CcReport{}, errors.New("Failed to get auxblob info.") + return evidence_api.CcReport{}, errors.New("Failed to get auxblob info.") } } - return cctrusted_base.CcReport{ + return evidence_api.CcReport{ Outblob: outblob, Provider: string(provider), Generation: generation, @@ -125,18 +125,18 @@ type EventRecorder interface { } type CVMContext struct { - VMType cctrusted_base.CC_Type - Version cctrusted_base.DeviceVersion + VMType evidence_api.CC_Type + Version evidence_api.DeviceVersion } type ConfidentialVM interface { Probe() error CVMContext() CVMContext MaxImrIndex() int - DefaultAlgorithm() cctrusted_base.TCG_ALG + DefaultAlgorithm() evidence_api.TCG_ALG Device EventRecorder - cctrusted_base.IMARecorder + evidence_api.IMARecorder } type CVMInitArgs struct { diff --git a/src/golang/cctrusted_vm/go.mod b/src/golang/cctrusted_vm/go.mod index ddd085b..3970004 100644 --- a/src/golang/cctrusted_vm/go.mod +++ b/src/golang/cctrusted_vm/go.mod @@ -15,7 +15,7 @@ require ( ) require ( - github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base v0.0.0-20240418131523-3b0ab7d9578e + github.com/cc-api/evidence-api/common/golang/evidence_api v0.0.0-20240729064808-21e12aa810c8 //indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect diff --git a/src/golang/cctrusted_vm/go.sum b/src/golang/cctrusted_vm/go.sum index 9003b67..87d1472 100644 --- a/src/golang/cctrusted_vm/go.sum +++ b/src/golang/cctrusted_vm/go.sum @@ -1,5 +1,5 @@ -github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base v0.0.0-20240418131523-3b0ab7d9578e h1:oKNunMQImCfmcSAARhpgPHKgs0bln70tIBETaV/8LVw= -github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base v0.0.0-20240418131523-3b0ab7d9578e/go.mod h1:0rggJ3Z7AxSCbOfi2PBO98sAftWWsI39V7v/aG9xPmQ= +github.com/cc-api/evidence-api/common/golang/evidence_api v0.0.0-20240729064808-21e12aa810c8 h1:IjmvJTssPaDuC/qkSDaLFv6u+9MFFH+nmTr4Duj6KhM= +github.com/cc-api/evidence-api/common/golang/evidence_api v0.0.0-20240729064808-21e12aa810c8/go.mod h1:R1LPex62L4Ftnnw5vWp5sFNI5j8tnHtf0oQKvLvm9Pw= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= diff --git a/src/golang/cctrusted_vm/sdk/sdk.go b/src/golang/cctrusted_vm/sdk/sdk.go index e492bea..be3dd14 100644 --- a/src/golang/cctrusted_vm/sdk/sdk.go +++ b/src/golang/cctrusted_vm/sdk/sdk.go @@ -9,34 +9,34 @@ import ( cctrusted_vm "github.com/cc-api/cc-trusted-vmsdk/src/golang/cctrusted_vm" _ "github.com/cc-api/cc-trusted-vmsdk/src/golang/cctrusted_vm/tdx" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base/tdx" + "github.com/cc-api/evidence-api/common/golang/evidence_api" + "github.com/cc-api/evidence-api/common/golang/evidence_api/tdx" ) -var _ cctrusted_base.CCTrustedAPI = (*SDK)(nil) +var _ evidence_api.EvidenceAPI = (*SDK)(nil) type SDK struct { cvm cctrusted_vm.ConfidentialVM } -// DumpCCReport implements cctrusted_base.CCTrustedAPI. +// DumpCCReport implements evidence_api.EvidenceAPI. func (s *SDK) DumpCCReport(reportBytes []byte) error { vmCtx := s.cvm.CVMContext() switch vmCtx.VMType { - case cctrusted_base.TYPE_CC_TDX: + case evidence_api.TYPE_CC_TDX: report, err := tdx.NewTdxReportFromBytes(reportBytes) if err != nil { return err } - report.Dump(cctrusted_base.QuoteDumpFormatHuman) + report.Dump(evidence_api.QuoteDumpFormatHuman) default: } return nil } -// GetCCMeasurement implements cctrusted_base.CCTrustedAPI. -func (s *SDK) GetCCMeasurement(index int, alg cctrusted_base.TCG_ALG) (cctrusted_base.TcgDigest, error) { - emptyRet := cctrusted_base.TcgDigest{} +// GetCCMeasurement implements evidence_api.EvidenceAPI. +func (s *SDK) GetCCMeasurement(index int, alg evidence_api.TCG_ALG) (evidence_api.TcgDigest, error) { + emptyRet := evidence_api.TcgDigest{} report, err := s.GetCCReport("", "", nil) if err != nil { return emptyRet, err @@ -52,23 +52,23 @@ func (s *SDK) GetCCMeasurement(index int, alg cctrusted_base.TCG_ALG) (cctrusted return entry, nil } -// GetMeasurementCount implements cctrusted_base.CCTrustedAPI. +// GetMeasurementCount implements evidence_api.EvidenceAPI. func (s *SDK) GetMeasurementCount() (int, error) { return s.cvm.MaxImrIndex() + 1, nil } -// ReplayCCEventLog implements cctrusted_base.CCTrustedAPI. -func (s *SDK) ReplayCCEventLog(formatedEventLogs []cctrusted_base.FormatedTcgEvent) map[int]map[cctrusted_base.TCG_ALG][]byte { - return cctrusted_base.ReplayFormatedEventLog(formatedEventLogs) +// ReplayCCEventLog implements evidence_api.EvidenceAPI. +func (s *SDK) ReplayCCEventLog(formatedEventLogs []evidence_api.FormatedTcgEvent) map[int]map[evidence_api.TCG_ALG][]byte { + return evidence_api.ReplayFormatedEventLog(formatedEventLogs) } -// GetDefaultAlgorithm implements cctrusted_base.CCTrustedAPI. -func (s *SDK) GetDefaultAlgorithm() (cctrusted_base.TCG_ALG, error) { +// GetDefaultAlgorithm implements evidence_api.EvidenceAPI. +func (s *SDK) GetDefaultAlgorithm() (evidence_api.TCG_ALG, error) { return s.cvm.DefaultAlgorithm(), nil } -// SelectEventlog implements CCTrustedAPI. -func (s *SDK) GetCCEventLog(params ...int32) ([]cctrusted_base.FormatedTcgEvent, error) { +// SelectEventlog implements EvidenceAPI. +func (s *SDK) GetCCEventLog(params ...int32) ([]evidence_api.FormatedTcgEvent, error) { el, err := s.internelEventlog() if err != nil { return nil, err @@ -101,7 +101,7 @@ func (s *SDK) GetCCEventLog(params ...int32) ([]cctrusted_base.FormatedTcgEvent, return el.EventLog(), nil } -func (s *SDK) internelEventlog() (*cctrusted_base.EventLogger, error) { +func (s *SDK) internelEventlog() (*evidence_api.EventLogger, error) { if s.cvm == nil { return nil, errors.New("no available cvm in sdk") } @@ -116,12 +116,12 @@ func (s *SDK) internelEventlog() (*cctrusted_base.EventLogger, error) { return nil, err } - el := cctrusted_base.NewEventLogger(eventLogBytes, imaLogBytes, cctrusted_base.TCG_PCCLIENT_FORMAT) + el := evidence_api.NewEventLogger(eventLogBytes, imaLogBytes, evidence_api.TCG_PCCLIENT_FORMAT) return el, nil } -// Report implements CCTrustedAPI. -func (s *SDK) GetCCReport(nonce, userData string, extraArgs map[string]any) (cctrusted_base.Report, error) { +// Report implements EvidenceAPI. +func (s *SDK) GetCCReport(nonce, userData string, extraArgs map[string]any) (evidence_api.Report, error) { if s.cvm == nil { return nil, errors.New("no available cvm in sdk") } @@ -133,7 +133,7 @@ func (s *SDK) GetCCReport(nonce, userData string, extraArgs map[string]any) (cct vmCtx := s.cvm.CVMContext() switch vmCtx.VMType { - case cctrusted_base.TYPE_CC_TDX: + case evidence_api.TYPE_CC_TDX: report, err := tdx.NewTdxReportFromBytes(reportStruct.Outblob) if err != nil { return nil, err diff --git a/src/golang/cctrusted_vm/sdk/sdk_test.go b/src/golang/cctrusted_vm/sdk/sdk_test.go index 59b97b5..6417783 100644 --- a/src/golang/cctrusted_vm/sdk/sdk_test.go +++ b/src/golang/cctrusted_vm/sdk/sdk_test.go @@ -5,7 +5,7 @@ import ( "log" "testing" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base" + "github.com/cc-api/evidence-api/common/golang/evidence_api" "github.com/stretchr/testify/assert" ) @@ -18,7 +18,7 @@ func TestSDKReport(t *testing.T) { assert.Nil(t, err) report, err := sdk.GetCCReport("", "", nil) assert.Nil(t, err) - report.Dump(cctrusted_base.QuoteDumpFormatHuman) + report.Dump(evidence_api.QuoteDumpFormatHuman) } @@ -31,6 +31,6 @@ func TestSDKFullEventLog(t *testing.T) { el, err := sdk.GetCCEventLog(0, 0) assert.Nil(t, err) - el.Dump(cctrusted_base.QuoteDumpFormatHuman) + el.Dump(evidence_api.QuoteDumpFormatHuman) } diff --git a/src/golang/cctrusted_vm/tdx/cvm.go b/src/golang/cctrusted_vm/tdx/cvm.go index 0071b58..c637a4d 100644 --- a/src/golang/cctrusted_vm/tdx/cvm.go +++ b/src/golang/cctrusted_vm/tdx/cvm.go @@ -3,8 +3,8 @@ package tdx import ( cctrusted_vm "github.com/cc-api/cc-trusted-vmsdk/src/golang/cctrusted_vm" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base/tdx" + "github.com/cc-api/evidence-api/common/golang/evidence_api" + "github.com/cc-api/evidence-api/common/golang/evidence_api/tdx" ) var _ cctrusted_vm.ConfidentialVM = (*TdxVM)(nil) @@ -12,13 +12,13 @@ var _ cctrusted_vm.ConfidentialVM = (*TdxVM)(nil) type TdxVM struct { cctrusted_vm.Device cctrusted_vm.EventRecorder - cctrusted_base.IMARecorder + evidence_api.IMARecorder } func NewTdxVM(args *cctrusted_vm.CVMInitArgs) *TdxVM { vm := &TdxVM{ Device: &TDXDevice{}, - IMARecorder: &cctrusted_base.DefaultIMARecorder{}, + IMARecorder: &evidence_api.DefaultIMARecorder{}, } r := &TDXEventLogRecorder{} if args != nil { @@ -34,8 +34,8 @@ func NewTdxVM(args *cctrusted_vm.CVMInitArgs) *TdxVM { } // DefaultAlgorithm implements cctrusted_vm.ConfidentialVM. -func (t *TdxVM) DefaultAlgorithm() cctrusted_base.TCG_ALG { - return cctrusted_base.TPM_ALG_SHA384 +func (t *TdxVM) DefaultAlgorithm() evidence_api.TCG_ALG { + return evidence_api.TPM_ALG_SHA384 } // MaxImrIndex implements cctrusted_vm.ConfidentialVM. diff --git a/src/golang/cctrusted_vm/tdx/device.go b/src/golang/cctrusted_vm/tdx/device.go index 914b48f..2ec6ad5 100644 --- a/src/golang/cctrusted_vm/tdx/device.go +++ b/src/golang/cctrusted_vm/tdx/device.go @@ -4,9 +4,9 @@ import ( "errors" "os" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base/tdx" + "github.com/cc-api/evidence-api/common/golang/evidence_api/tdx" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base" + "github.com/cc-api/evidence-api/common/golang/evidence_api" cctrusted_vm "github.com/cc-api/cc-trusted-vmsdk/src/golang/cctrusted_vm" ) @@ -20,13 +20,13 @@ type TDXDevice struct { } // Version implements cctrusted_vm.Device. -func (t *TDXDevice) Version() cctrusted_base.DeviceVersion { +func (t *TDXDevice) Version() evidence_api.DeviceVersion { return t.spec.Version } // CCType implements cctrusted_vm.Device. -func (t *TDXDevice) CCType() cctrusted_base.CC_Type { - return cctrusted_base.TYPE_CC_TDX +func (t *TDXDevice) CCType() evidence_api.CC_Type { + return evidence_api.TYPE_CC_TDX } // Name implements cctrusted_vm.Device. @@ -62,8 +62,8 @@ func (t *TDXDevice) initDevice() error { } // Report implements cctrusted_vm.Device, get CC report -func (t *TDXDevice) Report(nonce, userData string, extraArgs map[string]any) (cctrusted_base.CcReport, error) { - var resp cctrusted_base.CcReport +func (t *TDXDevice) Report(nonce, userData string, extraArgs map[string]any) (evidence_api.CcReport, error) { + var resp evidence_api.CcReport var err error // call parent Report() func to retrieve cc report using Configfs-tsm @@ -75,15 +75,15 @@ func (t *TDXDevice) Report(nonce, userData string, extraArgs map[string]any) (cc // get tdx report tdreport, err := t.TdReport(nonce, userData) if err != nil { - return cctrusted_base.CcReport{}, err + return evidence_api.CcReport{}, err } // get tdx quote, aka. CC report quote, err := t.Quote(tdreport) if err != nil { - return cctrusted_base.CcReport{}, err + return evidence_api.CcReport{}, err } - resp = cctrusted_base.CcReport{ + resp = evidence_api.CcReport{ Outblob: quote, } diff --git a/src/golang/cctrusted_vm/tdx/device_test.go b/src/golang/cctrusted_vm/tdx/device_test.go index ddec85a..664e0c1 100644 --- a/src/golang/cctrusted_vm/tdx/device_test.go +++ b/src/golang/cctrusted_vm/tdx/device_test.go @@ -6,7 +6,7 @@ import ( "log" "testing" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base/tdx" + "github.com/cc-api/evidence-api/common/golang/evidence_api/tdx" "github.com/stretchr/testify/assert" ) diff --git a/src/golang/cctrusted_vm/tdx/quote_handler.go b/src/golang/cctrusted_vm/tdx/quote_handler.go index b5670d9..74aa94e 100644 --- a/src/golang/cctrusted_vm/tdx/quote_handler.go +++ b/src/golang/cctrusted_vm/tdx/quote_handler.go @@ -12,7 +12,7 @@ import ( "time" "unsafe" - "github.com/cc-api/cc-trusted-api/common/golang/cctrusted_base/tdx" + "github.com/cc-api/evidence-api/common/golang/evidence_api/tdx" "github.com/mdlayher/vsock" ) diff --git a/src/python/README.md b/src/python/README.md index e817146..9a1edb1 100644 --- a/src/python/README.md +++ b/src/python/README.md @@ -1,11 +1,11 @@ -# SDK for CC Trusted API in Confidential VM +# SDK for Evidence API in Confidential VM In confidential VM, the trusted primitives (measurement, eventlog, quote) normally can be accessed via device node like /dev/tpm0, sysfs etc, and different vendor may provides the different definitions. -This VMSDK following the CC Trusted API design +This VMSDK following the Evidence API design shields the difference introduced by the platform and provides user with unified usage in the confidential virtual machine environments. diff --git a/src/python/cc_event_log_cli.py b/src/python/cc_event_log_cli.py index 242c48d..223db0a 100644 --- a/src/python/cc_event_log_cli.py +++ b/src/python/cc_event_log_cli.py @@ -4,10 +4,10 @@ import logging import argparse import os -from cctrusted_base.api import CCTrustedApi -from cctrusted_base.eventlog import TcgEventLog -from cctrusted_base.tcgcel import TcgTpmsCelEvent -from cctrusted_base.tcg import TcgAlgorithmRegistry +from evidence_api.api import EvidenceApi +from evidence_api.eventlog import TcgEventLog +from evidence_api.tcgcel import TcgTpmsCelEvent +from evidence_api.tcg import TcgAlgorithmRegistry from cctrusted_vm.cvm import ConfidentialVM from cctrusted_vm.sdk import CCTrustedVmSdk @@ -18,7 +18,7 @@ def main(): """Example cc event log fetching utility.""" - if ConfidentialVM.detect_cc_type() == CCTrustedApi.TYPE_CC_NONE: + if ConfidentialVM.detect_cc_type() == EvidenceApi.TYPE_CC_NONE: LOG.error("This is not a confidential VM!") return if os.geteuid() != 0: @@ -41,7 +41,7 @@ def main(): return LOG.info("Total %d of event logs fetched.", len(event_logs)) - res = CCTrustedApi.replay_cc_eventlog(event_logs) + res = EvidenceApi.replay_cc_eventlog(event_logs) # pylint: disable-next=C0301 LOG.info("Note: If the underlying platform is TDX, the IMR index showing is cc measurement register instead of TDX measurement register.") # pylint: disable-next=C0301 diff --git a/src/python/cc_imr_cli.py b/src/python/cc_imr_cli.py index 6309377..5b505a8 100644 --- a/src/python/cc_imr_cli.py +++ b/src/python/cc_imr_cli.py @@ -4,7 +4,7 @@ """ import logging import os -from cctrusted_base.api import CCTrustedApi +from evidence_api.api import EvidenceApi from cctrusted_vm.cvm import ConfidentialVM from cctrusted_vm.sdk import CCTrustedVmSdk @@ -14,7 +14,7 @@ def main(): """Example to call get_cc_measurement and dump the result to stdout.""" - if ConfidentialVM.detect_cc_type() == CCTrustedApi.TYPE_CC_NONE: + if ConfidentialVM.detect_cc_type() == EvidenceApi.TYPE_CC_NONE: LOG.error("This is not a confidential VM!") return if os.geteuid() != 0: diff --git a/src/python/cc_quote_cli.py b/src/python/cc_quote_cli.py index 84917ed..2fc4acc 100644 --- a/src/python/cc_quote_cli.py +++ b/src/python/cc_quote_cli.py @@ -6,7 +6,7 @@ import logging import os import random -from cctrusted_base.api import CCTrustedApi +from evidence_api.api import EvidenceApi from cctrusted_vm.cvm import ConfidentialVM from cctrusted_vm.sdk import CCTrustedVmSdk @@ -55,7 +55,7 @@ def make_userdata(): def main(): """Example to call get_cc_report and dump the result to stdout.""" - if ConfidentialVM.detect_cc_type() == CCTrustedApi.TYPE_CC_NONE: + if ConfidentialVM.detect_cc_type() == EvidenceApi.TYPE_CC_NONE: LOG.error("This is not a confidential VM!") return if os.geteuid() != 0: @@ -89,7 +89,7 @@ def main(): extra_args["pcr_selection"] = args.pcr_selection extra_args["ak_context"] = args.ak_context - if ConfidentialVM.detect_cc_type() == CCTrustedApi.TYPE_CC_TPM: + if ConfidentialVM.detect_cc_type() == EvidenceApi.TYPE_CC_TPM: quote = CCTrustedVmSdk.inst().get_cc_report(nonce, userdata, extra_args) else: quote = CCTrustedVmSdk.inst().get_cc_report(nonce, userdata) diff --git a/src/python/cctrusted_vm/__init__.py b/src/python/cctrusted_vm/__init__.py index 93490e5..e82ebbf 100644 --- a/src/python/cctrusted_vm/__init__.py +++ b/src/python/cctrusted_vm/__init__.py @@ -1,5 +1,5 @@ """ -Package to provide CC trusted API for confidential VM +Package to provide Evidence API for confidential VM """ # pylint: disable=syntax-error diff --git a/src/python/cctrusted_vm/cvm.py b/src/python/cctrusted_vm/cvm.py index 64472a5..4ae76b4 100644 --- a/src/python/cctrusted_vm/cvm.py +++ b/src/python/cctrusted_vm/cvm.py @@ -15,16 +15,16 @@ import socket import tempfile from abc import abstractmethod -from cctrusted_base.api import CCTrustedApi -from cctrusted_base.imr import TcgIMR -from cctrusted_base.ccreport import CcReport -from cctrusted_base.tcg import TcgAlgorithmRegistry -from cctrusted_base.tdx.common import TDX_VERSION_1_0, TDX_VERSION_1_5 -from cctrusted_base.tdx.rtmr import TdxRTMR -from cctrusted_base.tdx.quote import TdxQuoteReq10, TdxQuoteReq15, TdxQuote, TdxQuoteReq -from cctrusted_base.tpm.pcr import TpmPCR -from cctrusted_base.tpm.quote import Tpm2Quote -from cctrusted_base.tdx.report import TdxReportReq10, TdxReportReq15 +from evidence_api.api import EvidenceApi +from evidence_api.imr import TcgIMR +from evidence_api.ccreport import CcReport +from evidence_api.tcg import TcgAlgorithmRegistry +from evidence_api.tdx.common import TDX_VERSION_1_0, TDX_VERSION_1_5 +from evidence_api.tdx.rtmr import TdxRTMR +from evidence_api.tdx.quote import TdxQuoteReq10, TdxQuoteReq15, TdxQuote, TdxQuoteReq +from evidence_api.tpm.pcr import TpmPCR +from evidence_api.tpm.quote import Tpm2Quote +from evidence_api.tdx.report import TdxReportReq10, TdxReportReq15 from tpm2_pytss import ESAPI from tpm2_pytss.types import TPML_PCR_SELECTION, TPMS_CONTEXT, TPM2B_DATA @@ -69,7 +69,7 @@ def imrs(self) -> list[TcgIMR]: @property def cc_type_str(self): """the CC type string.""" - return CCTrustedApi.cc_type_str[self.cc_type] + return EvidenceApi.cc_type_str[self.cc_type] @property def boot_time_event_log(self): @@ -105,11 +105,11 @@ def detect_cc_type(): #TODO: refine the justification # support TPM as the first priority for now if os.path.exists(TpmVM.DEFAULT_TPM_DEVICE_NODE): - return CCTrustedApi.TYPE_CC_TPM + return EvidenceApi.TYPE_CC_TPM for devpath in TdxVM.DEVICE_NODE_PATH.values(): if os.path.exists(devpath): - return CCTrustedApi.TYPE_CC_TDX - return CCTrustedApi.TYPE_CC_NONE + return EvidenceApi.TYPE_CC_TDX + return EvidenceApi.TYPE_CC_NONE @staticmethod def make_report_data(hash_algo, nonce: bytearray, data: bytearray) -> bytes: @@ -186,7 +186,7 @@ def get_cc_report(self, nonce: bytearray, data: bytearray, extraArgs) -> CcRepor The ``CcReport`` object. """ # In tpm case, skip get report through configfs-tsm - if self.cc_type == CCTrustedApi.TYPE_CC_TPM: + if self.cc_type == EvidenceApi.TYPE_CC_TPM: return None if not os.path.exists(self.tsm_prefix): @@ -272,9 +272,9 @@ def inst(): if ConfidentialVM._inst is None: obj = None cc_type = ConfidentialVM.detect_cc_type() - if cc_type is CCTrustedApi.TYPE_CC_TDX: + if cc_type is EvidenceApi.TYPE_CC_TDX: obj = TdxVM() - elif cc_type is CCTrustedApi.TYPE_CC_TPM: + elif cc_type is EvidenceApi.TYPE_CC_TPM: obj = TpmVM() else: LOG.error("Unsupported confidential environment.") @@ -292,7 +292,7 @@ class TpmVM(ConfidentialVM): BIOS_MEAUSREMENT="/sys/kernel/security/tpm0/binary_bios_measurements" def __init__(self, dev_node=DEFAULT_TPM_DEVICE_NODE): - ConfidentialVM.__init__(self, CCTrustedApi.TYPE_CC_TPM) + ConfidentialVM.__init__(self, EvidenceApi.TYPE_CC_TPM) self._dev_node = dev_node self._esapi = ESAPI("device:" + dev_node) @@ -387,7 +387,7 @@ def get_cc_report(self, nonce: bytearray, data: bytearray, extraArgs) -> CcRepor self._esapi.flush_context(ak_handle) # Save the tpm quote - structured_quote = Tpm2Quote(None, CCTrustedApi.TYPE_CC_TPM) + structured_quote = Tpm2Quote(None, EvidenceApi.TYPE_CC_TPM) structured_quote.set_quoted_data(quote) structured_quote.set_sig(signature) return structured_quote @@ -449,7 +449,7 @@ class TdxVM(ConfidentialVM): CFG_FILE_PATH = "/etc/tdx-attest.conf" def __init__(self): - ConfidentialVM.__init__(self, CCTrustedApi.TYPE_CC_TDX) + ConfidentialVM.__init__(self, EvidenceApi.TYPE_CC_TDX) self._version:str = None self._tdreport = None self._config:dict = self._load_config() diff --git a/src/python/cctrusted_vm/sdk.py b/src/python/cctrusted_vm/sdk.py index 99f5523..96330b1 100644 --- a/src/python/cctrusted_vm/sdk.py +++ b/src/python/cctrusted_vm/sdk.py @@ -4,20 +4,20 @@ import logging # pylint: disable=unused-import -from cctrusted_base.api import CCTrustedApi -from cctrusted_base.imr import TcgIMR -from cctrusted_base.ccreport import CcReport -from cctrusted_base.eventlog import EventLogs -from cctrusted_base.eventlog import TcgEventLog -from cctrusted_base.tcg import TcgAlgorithmRegistry +from evidence_api.api import EvidenceApi +from evidence_api.imr import TcgIMR +from evidence_api.ccreport import CcReport +from evidence_api.eventlog import EventLogs +from evidence_api.eventlog import TcgEventLog +from evidence_api.tcg import TcgAlgorithmRegistry from cctrusted_vm.cvm import ConfidentialVM LOG = logging.getLogger(__name__) -class CCTrustedVmSdk(CCTrustedApi): +class CCTrustedVmSdk(EvidenceApi): - """CC trusted API implementation for a general CVM.""" + """Evidence API implementation for a general CVM.""" _inst = None diff --git a/src/python/cctrusted_vm/tdx.py b/src/python/cctrusted_vm/tdx.py index 5c33356..0e175c6 100644 --- a/src/python/cctrusted_vm/tdx.py +++ b/src/python/cctrusted_vm/tdx.py @@ -2,7 +2,7 @@ Provide addtional TDVM SDK inherited from general CVM SDK. """ -from cctrusted_base.tdx.report import TdReport +from evidence_api.tdx.report import TdReport from cctrusted_vm.sdk import CCTrustedVmSdk from cctrusted_vm.cvm import TdxVM diff --git a/src/python/pyproject.toml b/src/python/pyproject.toml index d37ccb5..1248b05 100644 --- a/src/python/pyproject.toml +++ b/src/python/pyproject.toml @@ -5,7 +5,7 @@ authors = [ { name="Lu, Ken", email="ken.lu@intel.com" }, { name="Zhang, Wenhui", email="wenhui.zhang@bytedance.com" }, ] -description = "CC Trusted API VM SDK" +description = "Evidence API VM SDK" readme = "README.md" license = { text="Apache Software License" } requires-python = ">=3.6" @@ -15,7 +15,7 @@ classifiers = [ "Operating System :: POSIX :: Linux", ] dependencies = [ - "cctrusted_base", + "evidence_api", "pytest", ] diff --git a/src/python/requirements.txt b/src/python/requirements.txt index 7296326..48d1ee3 100644 --- a/src/python/requirements.txt +++ b/src/python/requirements.txt @@ -1,3 +1,3 @@ -cctrusted_base +evidence_api pytest tpm2-pytss diff --git a/src/python/td_report_cli.py b/src/python/td_report_cli.py index 87e801e..e6c6b58 100644 --- a/src/python/td_report_cli.py +++ b/src/python/td_report_cli.py @@ -4,7 +4,7 @@ """ import logging import os -from cctrusted_base.api import CCTrustedApi +from evidence_api.api import EvidenceApi from cctrusted_vm.cvm import ConfidentialVM from cctrusted_vm.tdx import CCTrustedTdvmSdk @@ -14,7 +14,7 @@ def main(): """Example to call get_tdreport and dump the result to stdout.""" - if ConfidentialVM.detect_cc_type() != CCTrustedApi.TYPE_CC_TDX: + if ConfidentialVM.detect_cc_type() != EvidenceApi.TYPE_CC_TDX: LOG.error("This is not a TD VM!") return if os.geteuid() != 0: diff --git a/src/python/tests/conftest.py b/src/python/tests/conftest.py index 006fb76..00d4e3e 100644 --- a/src/python/tests/conftest.py +++ b/src/python/tests/conftest.py @@ -1,15 +1,15 @@ """Local conftest.py containing directory-specific hook implementations.""" import pytest -from cctrusted_base.api import CCTrustedApi -from cctrusted_base.tcg import TcgAlgorithmRegistry -from cctrusted_base.tdx.rtmr import TdxRTMR +from evidence_api.api import EvidenceApi +from evidence_api.tcg import TcgAlgorithmRegistry +from evidence_api.tdx.rtmr import TdxRTMR from cctrusted_vm.cvm import ConfidentialVM from cctrusted_vm.sdk import CCTrustedVmSdk import tdx_check cnf_default_alg = { - CCTrustedApi.TYPE_CC_TDX: TcgAlgorithmRegistry.TPM_ALG_SHA384 + EvidenceApi.TYPE_CC_TDX: TcgAlgorithmRegistry.TPM_ALG_SHA384 } """Configurations of default algorithm. The configurations could be different for different confidential VMs. @@ -17,42 +17,42 @@ """ cnf_measurement_cnt = { - CCTrustedApi.TYPE_CC_TDX: TdxRTMR.RTMR_COUNT + EvidenceApi.TYPE_CC_TDX: TdxRTMR.RTMR_COUNT } """Configurations of measurement count. The configurations could be different for different confidential VMs. """ cnf_measurement_check = { - CCTrustedApi.TYPE_CC_TDX: tdx_check.tdx_check_measurement_imrs + EvidenceApi.TYPE_CC_TDX: tdx_check.tdx_check_measurement_imrs } """Configurations of measurement check functions. The configurations could be different for different confidential VMs. """ cnf_quote_check_valid_input = { - CCTrustedApi.TYPE_CC_TDX: tdx_check.tdx_check_quote_with_valid_input + EvidenceApi.TYPE_CC_TDX: tdx_check.tdx_check_quote_with_valid_input } """Configurations of quote check functions for valid input. The configurations could be different for different confidential VMs. """ cnf_quote_check_invalid_input = { - CCTrustedApi.TYPE_CC_TDX: tdx_check.tdx_check_quote_with_invalid_input + EvidenceApi.TYPE_CC_TDX: tdx_check.tdx_check_quote_with_invalid_input } """Configurations of quote check functions for invalid input. The configurations could be different for different confidential VMs. """ cnf_replay_eventlog_check_valid_input = { - CCTrustedApi.TYPE_CC_TDX: tdx_check.tdx_check_replay_eventlog_with_valid_input + EvidenceApi.TYPE_CC_TDX: tdx_check.tdx_check_replay_eventlog_with_valid_input } """Configurations of replay_eventlog check functions for valid input. The configurations could be different for different confidential VMs. """ cnf_replay_eventlog_check_invalid_input = { - CCTrustedApi.TYPE_CC_TDX: tdx_check.tdx_check_replay_eventlog_with_invalid_input + EvidenceApi.TYPE_CC_TDX: tdx_check.tdx_check_replay_eventlog_with_invalid_input } """Configurations of replay_eventlog check functions for invalid input. The configurations could be different for different confidential VMs. diff --git a/src/python/tests/tdx_check.py b/src/python/tests/tdx_check.py index bcbff4a..802871a 100644 --- a/src/python/tests/tdx_check.py +++ b/src/python/tests/tdx_check.py @@ -6,11 +6,11 @@ import os import random import pytest -from cctrusted_base.api import CCTrustedApi -from cctrusted_base.eventlog import EventLogs -from cctrusted_base.tcg import TcgAlgorithmRegistry -from cctrusted_base.tdx.quote import TdxQuote, TdxQuoteBody -from cctrusted_base.tdx.rtmr import TdxRTMR +from evidence_api.api import EvidenceApi +from evidence_api.eventlog import EventLogs +from evidence_api.tcg import TcgAlgorithmRegistry +from evidence_api.tdx.quote import TdxQuote, TdxQuoteBody +from evidence_api.tdx.rtmr import TdxRTMR from cctrusted_vm.sdk import CCTrustedVmSdk LOG = logging.getLogger(__name__) @@ -22,7 +22,7 @@ def _replay_eventlog(): rtmrs = [bytearray(rtmr_len)] * rtmr_cnt event_logs = CCTrustedVmSdk.inst().get_cc_eventlog() assert event_logs is not None - rtmrs = CCTrustedApi.replay_cc_eventlog(event_logs) + rtmrs = EvidenceApi.replay_cc_eventlog(event_logs) return rtmrs def _check_imr(imr_index: int, alg_id: int, rtmr: bytes): @@ -134,7 +134,7 @@ def _check_quote_rtmrs(quote): def _check_quote_reportdata(quote, nonce=None, userdata=None): """Check the userdata in quote result.""" assert quote is not None and isinstance(quote, TdxQuote) - assert quote.cc_type == CCTrustedApi.TYPE_CC_TDX + assert quote.cc_type == EvidenceApi.TYPE_CC_TDX body = quote.body assert body is not None and isinstance(body, TdxQuoteBody) out_data = body.reportdata @@ -248,6 +248,6 @@ def tdx_check_replay_eventlog_with_invalid_input(): # Check the replay result when input invalid eventlog. invalid_eventlog = _gen_invalid_eventlog() - replay_result = CCTrustedApi.replay_cc_eventlog(invalid_eventlog.event_logs) + replay_result = EvidenceApi.replay_cc_eventlog(invalid_eventlog.event_logs) assert replay_result is not None assert 0 == len(replay_result) diff --git a/src/python/tests/test_sdk.py b/src/python/tests/test_sdk.py index dec10a1..08e46e1 100644 --- a/src/python/tests/test_sdk.py +++ b/src/python/tests/test_sdk.py @@ -1,8 +1,8 @@ """Containing unit test cases for sdk class""" -from cctrusted_base.ccreport import CcReport, CcReportData, CcReportSignature -from cctrusted_base.tcg import TcgImrEvent, TcgPcClientImrEvent -from cctrusted_base.tcgcel import TcgTpmsCelEvent +from evidence_api.ccreport import CcReport, CcReportData, CcReportSignature +from evidence_api.tcg import TcgImrEvent, TcgPcClientImrEvent +from evidence_api.tcgcel import TcgTpmsCelEvent import pytest def test_get_default_algorithms(vm_sdk, default_alg_id): diff --git a/src/rust/README.md b/src/rust/README.md index 6eb8d31..96b01f7 100644 --- a/src/rust/README.md +++ b/src/rust/README.md @@ -1,6 +1,6 @@ -# Rust SDK for CC Trusted API in Confidential VM +# Rust SDK for Evidence API in Confidential VM -This is the Rust version of our VM SDK to help you using the CC Trusted API in your Rust programs. The sub folder "cctrusted_vm" include all the source code for the VMSDK. The sub folder "sample" includes some commandline examples for your reference. +This is the Rust version of our VM SDK to help you using the Evidence API in your Rust programs. The sub folder "cctrusted_vm" include all the source code for the VMSDK. The sub folder "sample" includes some commandline examples for your reference. # Run CLI Samples diff --git a/src/rust/cctrusted_vm/Cargo.toml b/src/rust/cctrusted_vm/Cargo.toml index f11c919..4b66168 100644 --- a/src/rust/cctrusted_vm/Cargo.toml +++ b/src/rust/cctrusted_vm/Cargo.toml @@ -3,8 +3,8 @@ name = "cctrusted_vm" version = "0.4.0" edition = "2021" authors = ["Chen Hairong ", "Lu Ken "] -repository = "https://github.com/cc-api/cc-trusted-api" -description = "CC Trusted API VM SDK" +repository = "https://github.com/cc-api/cc-trusted-vmsdk" +description = "Evidence API VM SDK" license = "Apache-2.0" [lib] @@ -12,7 +12,7 @@ name = "cctrusted_vm" path = "src/lib.rs" [dependencies] -cctrusted_base = { git = "https://github.com/cc-api/cc-trusted-api.git", branch = "main" } +evidence_api = { git = "https://github.com/cc-api/evidence-api.git", branch = "main" } anyhow = "1.0" log = "0.4.20" nix = "0.26.2" diff --git a/src/rust/cctrusted_vm/src/cvm.rs b/src/rust/cctrusted_vm/src/cvm.rs index 4031f0e..0ece440 100644 --- a/src/rust/cctrusted_vm/src/cvm.rs +++ b/src/rust/cctrusted_vm/src/cvm.rs @@ -1,10 +1,10 @@ use crate::tdvm::TdxVM; use anyhow::*; -use cctrusted_base::api_data::CcReport; -use cctrusted_base::cc_type::*; -use cctrusted_base::tcg::EventLogEntry; -use cctrusted_base::tcg::{TcgAlgorithmRegistry, TcgDigest}; use core::result::Result::Ok; +use evidence_api::api_data::CcReport; +use evidence_api::cc_type::*; +use evidence_api::tcg::EventLogEntry; +use evidence_api::tcg::{TcgAlgorithmRegistry, TcgDigest}; use sha2::{Digest, Sha512}; use std::{env, fs, path::Path}; use tempfile::tempdir_in; diff --git a/src/rust/cctrusted_vm/src/sdk.rs b/src/rust/cctrusted_vm/src/sdk.rs index a1d6030..3d964d5 100644 --- a/src/rust/cctrusted_vm/src/sdk.rs +++ b/src/rust/cctrusted_vm/src/sdk.rs @@ -2,17 +2,17 @@ use anyhow::*; use core::result::Result; use core::result::Result::Ok; -use cctrusted_base::binary_blob::dump_data; -use cctrusted_base::tcg::{EventLogEntry, TcgDigest, ALGO_NAME_MAP}; +use evidence_api::binary_blob::dump_data; +use evidence_api::tcg::{EventLogEntry, TcgDigest, ALGO_NAME_MAP}; use crate::cvm::build_cvm; -use cctrusted_base::api::*; -use cctrusted_base::api_data::*; +use evidence_api::api::*; +use evidence_api::api_data::*; pub struct API {} -impl CCTrustedApi for API { - // CCTrustedApi trait function: get report of a CVM +impl EvidenceApi for API { + // EvidenceApi trait function: get report of a CVM fn get_cc_report( nonce: Option, data: Option, @@ -28,12 +28,12 @@ impl CCTrustedApi for API { } } - // CCTrustedApi trait function: dump report of a CVM in hex and char format + // EvidenceApi trait function: dump report of a CVM in hex and char format fn dump_cc_report(report: &Vec) { dump_data(report) } - // CCTrustedApi trait function: get max number of CVM IMRs + // EvidenceApi trait function: get max number of CVM IMRs fn get_measurement_count() -> Result { match build_cvm() { Ok(cvm) => Ok(cvm.get_max_index() + 1), @@ -41,7 +41,7 @@ impl CCTrustedApi for API { } } - // CCTrustedApi trait function: get measurements of a CVM + // EvidenceApi trait function: get measurements of a CVM fn get_cc_measurement(index: u8, algo_id: u16) -> Result { match build_cvm() { Ok(mut cvm) => cvm.process_cc_measurement(index, algo_id), @@ -49,7 +49,7 @@ impl CCTrustedApi for API { } } - // CCTrustedApi trait function: get eventlogs of a CVM + // EvidenceApi trait function: get eventlogs of a CVM fn get_cc_eventlog( start: Option, count: Option, @@ -60,7 +60,7 @@ impl CCTrustedApi for API { } } - // CCTrustedApi trait function: get default algorithm of a CVM + // EvidenceApi trait function: get default algorithm of a CVM fn get_default_algorithm() -> Result { match build_cvm() { Ok(cvm) => { @@ -83,12 +83,12 @@ impl CCTrustedApi for API { mod sdk_api_tests { use super::*; use crate::cvm::get_cvm_type; - use cctrusted_base::cc_type::TeeType; - use cctrusted_base::tcg::{TPM_ALG_SHA256, TPM_ALG_SHA384}; - use cctrusted_base::tdx::common::{ + use evidence_api::cc_type::TeeType; + use evidence_api::tcg::{TPM_ALG_SHA256, TPM_ALG_SHA384}; + use evidence_api::tdx::common::{ AttestationKeyType, IntelTeeType, QeCertDataType, Tdx, QE_VENDOR_INTEL_SGX, }; - use cctrusted_base::tdx::quote::TdxQuote; + use evidence_api::tdx::quote::TdxQuote; use rand::Rng; fn _check_imr(imr_index: u8, algo: u16, digest: &Vec) { @@ -160,7 +160,7 @@ mod sdk_api_tests { } } - // test on cc trusted API [get_cc_report] + // test on Evidence API [get_cc_report] #[test] fn test_get_cc_report() { let nonce = base64::encode(rand::thread_rng().gen::<[u8; 32]>()); @@ -284,7 +284,7 @@ mod sdk_api_tests { }; } - // test on cc trusted API [get_default_algorithm] + // test on Evidence API [get_default_algorithm] #[test] fn test_get_default_algorithm() { let defalt_algo = match API::get_default_algorithm() { @@ -300,7 +300,7 @@ mod sdk_api_tests { } } - // test on cc trusted API [get_measurement_count] + // test on Evidence API [get_measurement_count] #[test] fn test_get_measurement_count() { let count = match API::get_measurement_count() { @@ -316,7 +316,7 @@ mod sdk_api_tests { } } - // test on cc trusted API [get_cc_measurement] + // test on Evidence API [get_cc_measurement] #[test] fn test_get_cc_measurement() { let count = match API::get_measurement_count() { @@ -396,7 +396,7 @@ mod sdk_api_tests { } } - // test on cc trusted API [parse_cc_report] + // test on Evidence API [parse_cc_report] #[test] fn test_parse_cc_report() { let nonce = base64::encode(rand::thread_rng().gen::<[u8; 32]>()); @@ -462,7 +462,7 @@ mod sdk_api_tests { } } - // test on cc trusted API [get_cc_eventlog] + // test on Evidence API [get_cc_eventlog] #[test] fn test_get_cc_eventlog_start_count_normal() { let event_logs = match API::get_cc_eventlog(Some(0), Some(10)) { diff --git a/src/rust/cctrusted_vm/src/tdvm.rs b/src/rust/cctrusted_vm/src/tdvm.rs index 951210f..52599bc 100644 --- a/src/rust/cctrusted_vm/src/tdvm.rs +++ b/src/rust/cctrusted_vm/src/tdvm.rs @@ -2,17 +2,17 @@ use crate::cvm::*; use anyhow::*; -use cctrusted_base::api::ParseCcReport; -use cctrusted_base::api_data::CcReport; -use cctrusted_base::cc_type::*; -use cctrusted_base::eventlog::EventLogs; -use cctrusted_base::tcg::*; -use cctrusted_base::tdx::{common::*, quote::*, report::*, rtmr::TdxRTMR}; use core::convert::TryInto; use core::mem::*; use core::ptr; use core::result::Result; use core::result::Result::Ok; +use evidence_api::api::ParseCcReport; +use evidence_api::api_data::CcReport; +use evidence_api::cc_type::*; +use evidence_api::eventlog::EventLogs; +use evidence_api::tcg::*; +use evidence_api::tdx::{common::*, quote::*, report::*, rtmr::TdxRTMR}; use log::info; use nix::sys::socket::*; use nix::*; @@ -61,7 +61,7 @@ impl TdxVM { let device_node = DeviceNode { device_path: TDX_DEVICE_NODE_MAP.get(&version).unwrap().to_owned(), }; - let algo_id = cctrusted_base::tcg::TPM_ALG_SHA384; + let algo_id = evidence_api::tcg::TPM_ALG_SHA384; TdxVM { cc_type, diff --git a/src/rust/sample/Cargo.toml b/src/rust/sample/Cargo.toml index f1bbede..4c7819e 100644 --- a/src/rust/sample/Cargo.toml +++ b/src/rust/sample/Cargo.toml @@ -18,7 +18,7 @@ path = "src/cc-sample-eventlog.rs" [dependencies] cctrusted_vm = { path = "../cctrusted_vm" } -cctrusted_base = { git = "https://github.com/cc-api/cc-trusted-api.git", branch = "main" } +evidence_api = { git = "https://github.com/cc-api/evidence-api.git", branch = "main" } anyhow = "1.0" log = "0.4.20" env_logger = "0.10.1" diff --git a/src/rust/sample/src/cc-sample-eventlog.rs b/src/rust/sample/src/cc-sample-eventlog.rs index d7c8949..2bad765 100644 --- a/src/rust/sample/src/cc-sample-eventlog.rs +++ b/src/rust/sample/src/cc-sample-eventlog.rs @@ -1,5 +1,5 @@ -use cctrusted_base::api::*; -use cctrusted_base::tcg::EventLogEntry; +use evidence_api::api::*; +use evidence_api::tcg::EventLogEntry; use cctrusted_vm::sdk::API; use log::*; diff --git a/src/rust/sample/src/cc-sample-measurement.rs b/src/rust/sample/src/cc-sample-measurement.rs index 5507683..f598ff4 100644 --- a/src/rust/sample/src/cc-sample-measurement.rs +++ b/src/rust/sample/src/cc-sample-measurement.rs @@ -1,5 +1,5 @@ -use cctrusted_base::api::*; -use cctrusted_base::tcg::TcgAlgorithmRegistry; +use evidence_api::api::*; +use evidence_api::tcg::TcgAlgorithmRegistry; use cctrusted_vm::sdk::API; use log::*; @@ -9,7 +9,7 @@ fn main() { env_logger::init_from_env(env_logger::Env::new().default_filter_or("info")); // get CVM default algorithm with API "get_default_algorithm" - info!("call cc trusted API [get_default_algorithm] to get CVM supported algorithm!"); + info!("call Evidence API [get_default_algorithm] to get CVM supported algorithm!"); let defalt_algo = match API::get_default_algorithm() { Ok(algorithm) => { info!("supported algorithm: {}", algorithm.algo_id_str); @@ -22,7 +22,7 @@ fn main() { }; // get number of measurement registers in CVM - info!("call cc trusted API [get_measurement_count] to get number of measurement registers in CVM!"); + info!("call Evidence API [get_measurement_count] to get number of measurement registers in CVM!"); let count = match API::get_measurement_count() { Ok(count) => { info!("measurement registers count: {}", count); @@ -35,7 +35,7 @@ fn main() { }; // retrive and show measurement registers in CVM - info!("call cc trusted API [get_cc_measurement] to get measurement register content in CVM!"); + info!("call Evidence API [get_cc_measurement] to get measurement register content in CVM!"); for index in 0..count { let tcg_digest = match API::get_cc_measurement(index, defalt_algo.algo_id) { Ok(tcg_digest) => tcg_digest, diff --git a/src/rust/sample/src/cc-sample-quote.rs b/src/rust/sample/src/cc-sample-quote.rs index 472f4bf..a003e66 100644 --- a/src/rust/sample/src/cc-sample-quote.rs +++ b/src/rust/sample/src/cc-sample-quote.rs @@ -1,7 +1,7 @@ -use cctrusted_base::api::*; -use cctrusted_base::api_data::*; -use cctrusted_base::cc_type::TeeType; -use cctrusted_base::tdx::quote::TdxQuote; +use evidence_api::api::*; +use evidence_api::api_data::*; +use evidence_api::cc_type::TeeType; +use evidence_api::tdx::quote::TdxQuote; use cctrusted_vm::sdk::API; use log::*; @@ -20,7 +20,7 @@ fn main() { let data = base64::encode(rand::thread_rng().gen::<[u8; 32]>()); // retrieve cc report with API "get_cc_report" - info!("call cc trusted API [get_cc_report] to retrieve cc report!"); + info!("call Evidence API [get_cc_report] to retrieve cc report!"); let report = match API::get_cc_report(Some(nonce), Some(data), ExtraArgs {}) { Ok(q) => q, Err(e) => { @@ -32,7 +32,7 @@ fn main() { info!("cc report size {}", report.cc_report.len()); // dump the cc report with API "dump_cc_report" - // info!("call cc trusted API [dump_cc_report] to dump cc report!"); + // info!("call Evidence API [dump_cc_report] to dump cc report!"); // API::dump_cc_report(&report.cc_report); // parse the cc report with API "parse_cc_report"