Skip to content

KMS as Tapp #91

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kvinwang merged 116 commits into from
Feb 26, 2025
Merged

KMS as Tapp #91

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
116 commits
Select commit Hold shift + click to select a range
44f3eb5
Add key-provider build files
kvinwang Dec 24, 2024
8b41acf
Support for local key provider
kvinwang Dec 25, 2024
81c5491
KMS key provider takes precedence
kvinwang Dec 27, 2024
827c031
cvm: Add device-id in RTMR3
kvinwang Dec 27, 2024
83795bd
Add ci for next branch
kvinwang Dec 27, 2024
58aa9e2
Merge pull request #81 from Dstack-TEE/key-provider
kvinwang Dec 27, 2024
b9a30b0
Update .gitignore
kvinwang Dec 28, 2024
5760c20
Add workaround for the network issue of the keyprovider
kvinwang Dec 31, 2024
39d4df6
Merge pull request #87 from Dstack-TEE/kp-compose
kvinwang Dec 31, 2024
b5588fc
docker-compose: Don't redirect stderr to /dev/null
kvinwang Jan 1, 2025
c8b6ed4
Merge remote-tracking branch 'ds/master' into next
kvinwang Jan 8, 2025
9c69207
Update Cargo.lock
kvinwang Jan 8, 2025
aa2d2b1
cvm: Put rootfs_hash to kernel args
kvinwang Dec 30, 2024
e8546f7
kms: Support for webhook
kvinwang Dec 30, 2024
4f156ff
kms: Add ecdsa key provision
kvinwang Dec 30, 2024
71cf1d7
ra-tls: Add more fields in AppInfo
kvinwang Jan 6, 2025
e7e18d4
kms: Onboard
kvinwang Jan 7, 2025
390f67e
Derive k256 keys
kvinwang Jan 7, 2025
dc56737
kms: Add test for contract
kvinwang Jan 7, 2025
16175a2
auth-eth in ts
kvinwang Jan 7, 2025
1e6cefe
contracts: Tested
kvinwang Jan 7, 2025
c4d20f9
Update kms Config
kvinwang Jan 7, 2025
c2da80a
Refactor the contracts
kvinwang Jan 8, 2025
230d724
kms contracts: Remove appController method
kvinwang Jan 8, 2025
3421d18
tappd: Display compose hash
kvinwang Jan 8, 2025
29518b6
Fix hardhat typechain error
kvinwang Jan 8, 2025
2fc9384
Fix rootfs_hash parsing in tdxctl
kvinwang Jan 8, 2025
474bbcd
Fix minor issues
kvinwang Jan 9, 2025
50ad81e
Update kms config
kvinwang Jan 9, 2025
e1c82e2
Fix boot auth url path
kvinwang Jan 9, 2025
f3950dd
Better error report
kvinwang Jan 9, 2025
8e8604f
auth-eth: Fix 0x prefix when checking App authority
kvinwang Jan 9, 2025
1eb3a97
Optimize onboard UI
kvinwang Jan 9, 2025
d01a714
Consistent appid
kvinwang Jan 9, 2025
00829da
kms: Change default onboard port
kvinwang Jan 9, 2025
5495294
Add kms tapp
kvinwang Jan 9, 2025
b6095f1
Default kms port 8000
kvinwang Jan 9, 2025
ecb0a9c
Print key provider MR
kvinwang Jan 9, 2025
4d9011d
use mr-kp instead of kp-info to calc mr_enclave
kvinwang Jan 10, 2025
fec647b
kms: Providing trusted tproxy id
kvinwang Jan 10, 2025
105adbc
No short arg for certgen
kvinwang Jan 11, 2025
c54c757
certgen: Write full certchain in cert
kvinwang Jan 11, 2025
49d028d
Support for escape ansi color for docker logs
kvinwang Jan 11, 2025
0cf50ad
chore: root-ca default filename
kvinwang Jan 11, 2025
0aca32a
tappd: Fix cert chain in derived key
kvinwang Jan 11, 2025
0673992
wip
kvinwang Jan 12, 2025
0b8f114
kms: Max cert chain len = 2
kvinwang Jan 12, 2025
cc84a36
Extract cert-client to seperate crate
kvinwang Jan 12, 2025
304ad92
Fix cert issue in tproxy setup
kvinwang Jan 12, 2025
b8e443b
Add random seed for DeriveKey
kvinwang Jan 12, 2025
8006e25
tproxy: Auto generate certs for dev
kvinwang Jan 12, 2025
ae75c86
kms: Support for auto-bootstrap
kvinwang Jan 12, 2025
d0c7c77
teepod: Remove certs copying
kvinwang Jan 12, 2025
93ce815
Remove mr ca-cert-hash
kvinwang Jan 12, 2025
4d815c2
Update .gitignore
kvinwang Jan 12, 2025
6d5b9e2
Add demo cert in tappd
kvinwang Jan 12, 2025
4d7d244
tappd: Print error log to console
kvinwang Jan 12, 2025
96b73ca
tappd: Remove a debug print
kvinwang Jan 12, 2025
fa7a12a
Fix cargo clippy and warnings
kvinwang Jan 12, 2025
4fbdaf9
Add transfer ownership to AppAuth.sol
kvinwang Jan 13, 2025
6c62fa2
Add kms/README.md
kvinwang Jan 13, 2025
a5125ea
Layout adjustment for README
kvinwang Jan 13, 2025
cc5b997
cargo fmt
kvinwang Jan 13, 2025
0302f19
chore: Update README
kvinwang Jan 13, 2025
a271e91
chore: Update kms app compose
kvinwang Jan 13, 2025
55e7e1a
Add event digest validation in event logs replay
kvinwang Jan 13, 2025
124c6d4
Update README.md
kvinwang Jan 13, 2025
8880448
tappd: Fix potential start failure
kvinwang Jan 14, 2025
32f2505
cert-client: Add api get_root_ca
kvinwang Jan 14, 2025
45689d8
kms-auth: Update contract deployment script
kvinwang Jan 14, 2025
3993a03
kms-auth: Update typechain types
kvinwang Jan 14, 2025
19fe128
Better auto cert gen for kms & tproxy
kvinwang Jan 14, 2025
94cc329
ra-tls: Add option tls_no_check_hostname
kvinwang Jan 14, 2025
c4fdc78
teepod: No default pccs_url
kvinwang Jan 14, 2025
75d172a
teepod: Add optional app_id set in UI
kvinwang Jan 14, 2025
78057c9
tproxy: Auto apply certs from tappd
kvinwang Jan 14, 2025
ee9b33c
KmsAuth: use string as type of tproxyAppId
kvinwang Jan 14, 2025
37de859
KmsAuth: Add tasks
kvinwang Jan 14, 2025
58d07ee
teepod: Hide Upgrade button for local instances
kvinwang Jan 14, 2025
86c627b
auth-eth: Fix response data schema
kvinwang Jan 14, 2025
9f75700
Better mrs display in the log
kvinwang Jan 14, 2025
72ae3da
Add eventlog in KmsInfo
kvinwang Jan 15, 2025
501c92f
chore: Show tx hash
kvinwang Jan 15, 2025
f67edc0
teepod: default to 50 lines of log
kvinwang Jan 15, 2025
4c25ffe
kms: Add eventlog in bootstrap result
kvinwang Jan 15, 2025
b076f72
Update hardhat config
kvinwang Jan 15, 2025
288fd59
hardhat: Show deploy tx hash
kvinwang Jan 15, 2025
c9572cf
Fix ts error in unittest
kvinwang Jan 15, 2025
042dfb7
Add kms compose-dev.yaml
kvinwang Jan 15, 2025
6900f54
kms: Store bootstrap info on disk
kvinwang Jan 15, 2025
93b9f9c
KmsAuth: Add function to set quote and eventlog
kvinwang Jan 15, 2025
006f0ae
Update contract address
kvinwang Jan 15, 2025
a844cf2
Fix cargo clippy
kvinwang Jan 15, 2025
f2d8fff
cvm: Validate kms cert
kvinwang Jan 15, 2025
c78a4a0
Update dependency versions
kvinwang Jan 16, 2025
94f431d
Rename mr_enclave to mr_aggregated
kvinwang Jan 16, 2025
4d56b08
Update kms/tapp/compose-dev.yaml
kvinwang Jan 16, 2025
fdba5f4
Merge remote-tracking branch 'master' into kms-onchain
kvinwang Jan 17, 2025
0154940
kms: Use intermediate cert to sign app certs
kvinwang Jan 17, 2025
3ccbf7c
make docker restart always and run as daemon
0xshawn Jan 21, 2025
0d0d5db
Merge pull request #98 from 0xshawn/key-provider-enhancement
kvinwang Jan 21, 2025
68880dc
Add Attestation doc
kvinwang Jan 22, 2025
dbcf517
Add example code
kvinwang Jan 23, 2025
9f89842
Merge pull request #99 from Dstack-TEE/attestation-doc
kvinwang Jan 26, 2025
0ae0f07
Update README.md
kvinwang Jan 26, 2025
01b814e
kms: Refined key derivation
kvinwang Feb 5, 2025
9c16946
Minor rename
kvinwang Feb 7, 2025
16d815a
kms: RPC Comment
kvinwang Feb 8, 2025
6b77340
kms: Append some RPC description
kvinwang Feb 8, 2025
8d8dd48
auth-contract: Add fn initialize
kvinwang Feb 25, 2025
208a7a5
contracts: implement OwnableUpgradable
kvinwang Feb 25, 2025
f326cc4
contracts: Add proxy deployment script
kvinwang Feb 25, 2025
aafe2a4
contracts: Support Upgrade for AppAuth
kvinwang Feb 25, 2025
f365e4d
contracts: Adjust the deployment scripts
kvinwang Feb 26, 2025
a749b75
contracts: Fix unittests
kvinwang Feb 26, 2025
b5de517
Minor rename
kvinwang Feb 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/rust.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ name: Rust checks

on:
push:
branches: [ master ]
branches: [ master, next ]
pull_request:
branches: [ master ]
branches: [ master, next ]

env:
CARGO_TERM_COLOR: always
Expand Down
2 changes: 2 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,5 @@
/build-config.sh
/build
generated/
node_modules/
/.cargo
Loading