Skip to content

Commit

Permalink
use one move api
Browse files Browse the repository at this point in the history
  • Loading branch information
@joyqvq
joyqvq committed Jan 10, 2025
1 parent 8470b4e commit a39e06d
Show file tree
Hide file tree
Showing 12 changed files with 72 additions and 271 deletions.
148 changes: 14 additions & 134 deletions crates/sui-framework/docs/sui-framework/nitro_attestation.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,129 +4,23 @@ title: Module `0x2::attestation`



- [Struct `NitroAttestationPayload`](#0x2_attestation_NitroAttestationPayload)
- [Function `parse_nitro_attestation`](#0x2_attestation_parse_nitro_attestation)
- [Function `verify_nitro_attestation_inner`](#0x2_attestation_verify_nitro_attestation_inner)
- [Function `verify_nitro_attestation_internal`](#0x2_attestation_verify_nitro_attestation_internal)
- [Function `verify_nitro_attestation`](#0x2_attestation_verify_nitro_attestation)


<pre><code><b>use</b> <a href="../move-stdlib/option.md#0x1_option">0x1::option</a>;
<b>use</b> <a href="../move-stdlib/string.md#0x1_string">0x1::string</a>;
<b>use</b> <a href="clock.md#0x2_clock">0x2::clock</a>;
<pre><code><b>use</b> <a href="clock.md#0x2_clock">0x2::clock</a>;
</code></pre>



<a name="0x2_attestation_NitroAttestationPayload"></a>
<a name="0x2_attestation_verify_nitro_attestation_internal"></a>

## Struct `NitroAttestationPayload`
## Function `verify_nitro_attestation_internal`

Internal native function


<pre><code><b>struct</b> <a href="nitro_attestation.md#0x2_attestation_NitroAttestationPayload">NitroAttestationPayload</a>
</code></pre>



<details>
<summary>Fields</summary>


<dl>
<dt>
<code>module_id: <a href="../move-stdlib/string.md#0x1_string_String">string::String</a></code>
</dt>
<dd>

</dd>
<dt>
<code>timestamp: <a href="../move-stdlib/u64.md#0x1_u64">u64</a></code>
</dt>
<dd>

</dd>
<dt>
<code>digest: <a href="../move-stdlib/string.md#0x1_string_String">string::String</a></code>
</dt>
<dd>

</dd>
<dt>
<code>pcrs: <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;</code>
</dt>
<dd>

</dd>
<dt>
<code>certificate: <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;</code>
</dt>
<dd>

</dd>
<dt>
<code>cabundle: <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;</code>
</dt>
<dd>

</dd>
<dt>
<code>public_key: <a href="../move-stdlib/option.md#0x1_option_Option">option::Option</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;</code>
</dt>
<dd>

</dd>
<dt>
<code>user_data: <a href="../move-stdlib/option.md#0x1_option_Option">option::Option</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;</code>
</dt>
<dd>

</dd>
<dt>
<code>nonce: <a href="../move-stdlib/option.md#0x1_option_Option">option::Option</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;</code>
</dt>
<dd>

</dd>
</dl>


</details>

<a name="0x2_attestation_parse_nitro_attestation"></a>

## Function `parse_nitro_attestation`

@param attestation: attesttaion documents bytes data.

Returns the parsed signature, signed_message, and the parsed payload if valid.


<pre><code><b>public</b> <b>fun</b> <a href="nitro_attestation.md#0x2_attestation_parse_nitro_attestation">parse_nitro_attestation</a>(<a href="nitro_attestation.md#0x2_attestation">attestation</a>: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;): (<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, <a href="nitro_attestation.md#0x2_attestation_NitroAttestationPayload">attestation::NitroAttestationPayload</a>)
</code></pre>



<details>
<summary>Implementation</summary>


<pre><code><b>public</b> <b>native</b> <b>fun</b> <a href="nitro_attestation.md#0x2_attestation_parse_nitro_attestation">parse_nitro_attestation</a>(
<a href="nitro_attestation.md#0x2_attestation">attestation</a>: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;
): (<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, <a href="nitro_attestation.md#0x2_attestation_NitroAttestationPayload">NitroAttestationPayload</a>);
</code></pre>



</details>

<a name="0x2_attestation_verify_nitro_attestation_inner"></a>

## Function `verify_nitro_attestation_inner`

Native function for verify_nitro_attestation, returns true if the attestation verifies.


<pre><code><b>public</b> <b>fun</b> <a href="nitro_attestation.md#0x2_attestation_verify_nitro_attestation_inner">verify_nitro_attestation_inner</a>(module_id: <a href="../move-stdlib/string.md#0x1_string_String">string::String</a>, timestamp: <a href="../move-stdlib/u64.md#0x1_u64">u64</a>, digest: <a href="../move-stdlib/string.md#0x1_string_String">string::String</a>, pcrs: <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;, certificate: <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, cabundle: <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;, public_key: <a href="../move-stdlib/option.md#0x1_option_Option">option::Option</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;, user_data: <a href="../move-stdlib/option.md#0x1_option_Option">option::Option</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;, nonce: <a href="../move-stdlib/option.md#0x1_option_Option">option::Option</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;, signature: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, signed_message: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, current_timestamp: <a href="../move-stdlib/u64.md#0x1_u64">u64</a>): bool
<pre><code><b>public</b> <b>fun</b> <a href="nitro_attestation.md#0x2_attestation_verify_nitro_attestation_internal">verify_nitro_attestation_internal</a>(<a href="nitro_attestation.md#0x2_attestation">attestation</a>: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, current_timestamp: <a href="../move-stdlib/u64.md#0x1_u64">u64</a>): <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;
</code></pre>


Expand All @@ -135,20 +29,10 @@ Native function for verify_nitro_attestation, returns true if the attestation ve
<summary>Implementation</summary>


<pre><code><b>public</b> <b>native</b> <b>fun</b> <a href="nitro_attestation.md#0x2_attestation_verify_nitro_attestation_inner">verify_nitro_attestation_inner</a>(
module_id: String,
timestamp: <a href="../move-stdlib/u64.md#0x1_u64">u64</a>,
digest: String,
pcrs: <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;,
certificate: <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;,
cabundle: <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;,
public_key: Option&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;,
user_data: Option&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;,
nonce: Option&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;,
signature: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;,
signed_message: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;,
<pre><code><b>public</b> <b>native</b> <b>fun</b> <a href="nitro_attestation.md#0x2_attestation_verify_nitro_attestation_internal">verify_nitro_attestation_internal</a>(
<a href="nitro_attestation.md#0x2_attestation">attestation</a>: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;,
current_timestamp: <a href="../move-stdlib/u64.md#0x1_u64">u64</a>
): bool;
): <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;;
</code></pre>


Expand All @@ -160,14 +44,12 @@ Native function for verify_nitro_attestation, returns true if the attestation ve
## Function `verify_nitro_attestation`

@param attestation: attesttaion documents bytes data.
@param signature: the signature of the signed_message.
@param signed_message: the signed message of the attestation.
@param clock: the clock object.

Returns true if the attestation verifies.
Returns parsed pcrs after verifying the attestation.


<pre><code><b>public</b> <b>fun</b> <a href="nitro_attestation.md#0x2_attestation_verify_nitro_attestation">verify_nitro_attestation</a>(<a href="nitro_attestation.md#0x2_attestation">attestation</a>: &<a href="nitro_attestation.md#0x2_attestation_NitroAttestationPayload">attestation::NitroAttestationPayload</a>, signature: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, signed_message: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, <a href="clock.md#0x2_clock">clock</a>: &<a href="clock.md#0x2_clock_Clock">clock::Clock</a>): bool
<pre><code><b>public</b> <b>fun</b> <a href="nitro_attestation.md#0x2_attestation_verify_nitro_attestation">verify_nitro_attestation</a>(<a href="nitro_attestation.md#0x2_attestation">attestation</a>: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;, <a href="clock.md#0x2_clock">clock</a>: &<a href="clock.md#0x2_clock_Clock">clock::Clock</a>): <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt;
</code></pre>


Expand All @@ -177,12 +59,10 @@ Returns true if the attestation verifies.


<pre><code><b>public</b> <b>fun</b> <a href="nitro_attestation.md#0x2_attestation_verify_nitro_attestation">verify_nitro_attestation</a>(
<a href="nitro_attestation.md#0x2_attestation">attestation</a>: &<a href="nitro_attestation.md#0x2_attestation_NitroAttestationPayload">NitroAttestationPayload</a>,
signature: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;,
signed_message: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;,
<a href="nitro_attestation.md#0x2_attestation">attestation</a>: &<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;,
<a href="clock.md#0x2_clock">clock</a>: &Clock
): bool {
<a href="nitro_attestation.md#0x2_attestation_verify_nitro_attestation_inner">verify_nitro_attestation_inner</a>(<a href="nitro_attestation.md#0x2_attestation">attestation</a>.module_id, <a href="nitro_attestation.md#0x2_attestation">attestation</a>.timestamp, <a href="nitro_attestation.md#0x2_attestation">attestation</a>.digest, <a href="nitro_attestation.md#0x2_attestation">attestation</a>.pcrs, <a href="nitro_attestation.md#0x2_attestation">attestation</a>.certificate, <a href="nitro_attestation.md#0x2_attestation">attestation</a>.cabundle, <a href="nitro_attestation.md#0x2_attestation">attestation</a>.public_key, <a href="nitro_attestation.md#0x2_attestation">attestation</a>.user_data, <a href="nitro_attestation.md#0x2_attestation">attestation</a>.nonce, signature, signed_message, <a href="clock.md#0x2_clock_timestamp_ms">clock::timestamp_ms</a>(<a href="clock.md#0x2_clock">clock</a>))
): <a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;<a href="../move-stdlib/vector.md#0x1_vector">vector</a>&lt;u8&gt;&gt; {
<a href="nitro_attestation.md#0x2_attestation_verify_nitro_attestation_internal">verify_nitro_attestation_internal</a>(<a href="nitro_attestation.md#0x2_attestation">attestation</a>, <a href="clock.md#0x2_clock_timestamp_ms">clock::timestamp_ms</a>(<a href="clock.md#0x2_clock">clock</a>))
}
</code></pre>

Expand Down
65 changes: 6 additions & 59 deletions crates/sui-framework/packages/sui-framework/sources/crypto/nitro_attestation.move
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,73 +4,20 @@
module sui::attestation;

use sui::clock::{Self, Clock};
use std::string::String;
use std::string::{Self, String};

public struct NitroAttestationPayload {
module_id: String,
timestamp: u64,
digest: String,
pcrs: vector<vector<u8>>,
certificate: vector<u8>,
cabundle: vector<vector<u8>>,
public_key: Option<vector<u8>>,
user_data: Option<vector<u8>>,
nonce: Option<vector<u8>>,
}

/// Internal native function
public native fun parse_nitro_attestation_internal(
attestation: &vector<u8>
): (vector<u8>, vector<u8>, vector<u8>, u64, vector<u8>, vector<vector<u8>>, vector<u8>, Option<vector<u8>>, Option<vector<u8>>, Option<vector<u8>>);

/// @param attestation: attesttaion documents bytes data.
///
/// Returns the parsed signature, signed_message, and the parsed payload if valid.
public fun parse_nitro_attestation(
attestation: &vector<u8>
): (vector<u8>, vector<u8>, NitroAttestationPayload) {
let (signature, signed_message, module_id, timestamp, digest, pcrs, certificate, cabundle, public_key, user_data, nonce) = parse_nitro_attestation_internal(attestation);
(signature, signed_message, NitroAttestationPayload {
module_id: string::utf8(module_id),
timestamp,
digest: string::utf8(digest),
pcrs,
certificate,
cabundle,
public_key,
user_data,
nonce,
})
}

/// Internal native function
public native fun verify_nitro_attestation_internal(
module_id: String,
timestamp: u64,
digest: String,
pcrs: vector<vector<u8>>,
certificate: vector<u8>,
cabundle: vector<vector<u8>>,
public_key: Option<vector<u8>>,
user_data: Option<vector<u8>>,
nonce: Option<vector<u8>>,
signature: &vector<u8>,
signed_message: &vector<u8>,
attestation: &vector<u8>,
current_timestamp: u64
): bool;
): vector<vector<u8>>;

/// @param attestation: attesttaion documents bytes data.
/// @param signature: the signature of the signed_message.
/// @param signed_message: the signed message of the attestation.
/// @param clock: the clock object.
///
/// Returns true if the attestation verifies.
/// Returns parsed pcrs after verifying the attestation.
public fun verify_nitro_attestation(
attestation: &NitroAttestationPayload,
signature: &vector<u8>,
signed_message: &vector<u8>,
attestation: &vector<u8>,
clock: &Clock
): bool {
verify_nitro_attestation_internal(attestation.module_id, attestation.timestamp, attestation.digest, attestation.pcrs, attestation.certificate, attestation.cabundle, attestation.public_key, attestation.user_data, attestation.nonce, signature, signed_message, clock::timestamp_ms(clock))
): vector<vector<u8>> {
verify_nitro_attestation_internal(attestation, clock::timestamp_ms(clock))
}
Loading

0 comments on commit a39e06d

Please sign in to comment.