Use the real oak ClientSession/ServerSession for noise handshake instead

of fake stubs. Change-Id: I145b9462bba23536c0e32d4cb1dc2c08449974a1
google-parfait · Aug 15, 2024 · 5c9e80f · 5c9e80f
1 parent 6017476
commit 5c9e80f
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 83 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -11,16 +11,16 @@ members = [
 ]
 
 [workspace.dependencies]
-micro_rpc = { git = "https://github.com/project-oak/oak", rev = "f67f1eb1ac5cdaae75edf467f1937347e6f3728e" }
-micro_rpc_build = { git = "https://github.com/project-oak/oak", rev = "f67f1eb1ac5cdaae75edf467f1937347e6f3728e" }
-oak_attestation = { git = "https://github.com/project-oak/oak", rev = "f67f1eb1ac5cdaae75edf467f1937347e6f3728e" }
-oak_attestation_verification = { git = "https://github.com/project-oak/oak", rev = "f67f1eb1ac5cdaae75edf467f1937347e6f3728e" }
-oak_crypto = { git = "https://github.com/project-oak/oak", rev = "f67f1eb1ac5cdaae75edf467f1937347e6f3728e" }
-oak_enclave_runtime_support = { git = "https://github.com/project-oak/oak", rev = "f67f1eb1ac5cdaae75edf467f1937347e6f3728e" }
-oak_proto_rust = { git = "https://github.com/project-oak/oak", rev = "f67f1eb1ac5cdaae75edf467f1937347e6f3728e" }
-oak_restricted_kernel_sdk = { git = "https://github.com/project-oak/oak", rev = "f67f1eb1ac5cdaae75edf467f1937347e6f3728e" }
-oak_restricted_kernel_interface = { git = "https://github.com/project-oak/oak", rev = "f67f1eb1ac5cdaae75edf467f1937347e6f3728e" }
-oak_session = { git = "https://github.com/project-oak/oak", rev = "f67f1eb1ac5cdaae75edf467f1937347e6f3728e" }
+micro_rpc = { git = "https://github.com/project-oak/oak", rev = "cbea9551e47cf0efadc566e573f6aa44574c5cc9" }
+micro_rpc_build = { git = "https://github.com/project-oak/oak", rev = "cbea9551e47cf0efadc566e573f6aa44574c5cc9" }
+oak_attestation = { git = "https://github.com/project-oak/oak", rev = "cbea9551e47cf0efadc566e573f6aa44574c5cc9" }
+oak_attestation_verification = { git = "https://github.com/project-oak/oak", rev = "cbea9551e47cf0efadc566e573f6aa44574c5cc9" }
+oak_crypto = { git = "https://github.com/project-oak/oak", rev = "cbea9551e47cf0efadc566e573f6aa44574c5cc9" }
+oak_enclave_runtime_support = { git = "https://github.com/project-oak/oak", rev = "cbea9551e47cf0efadc566e573f6aa44574c5cc9" }
+oak_proto_rust = { git = "https://github.com/project-oak/oak", rev = "cbea9551e47cf0efadc566e573f6aa44574c5cc9" }
+oak_restricted_kernel_sdk = { git = "https://github.com/project-oak/oak", rev = "cbea9551e47cf0efadc566e573f6aa44574c5cc9" }
+oak_restricted_kernel_interface = { git = "https://github.com/project-oak/oak", rev = "cbea9551e47cf0efadc566e573f6aa44574c5cc9" }
+oak_session = { git = "https://github.com/project-oak/oak", rev = "cbea9551e47cf0efadc566e573f6aa44574c5cc9" }
 raft = { git = "https://github.com/google-parfait/raft-rs", rev = "10968a112dcc4143ad19a1b35b6dca6e30d2e439", package = "raft", default-features = false, features = ["prost-codec"] }
 raft-proto = { git = "https://github.com/google-parfait/raft-rs", rev = "10968a112dcc4143ad19a1b35b6dca6e30d2e439", package = "raft-proto", default-features = false, features = ["prost-codec"] }
 prost = { version = "0.12.4", default-features = false, features = ["prost-derive"] }

diff --git a/runtime/src/session.rs b/runtime/src/session.rs
@@ -15,13 +15,12 @@
 use alloc::boxed::Box;
 use alloc::vec::Vec;
 use anyhow::Result;
-use oak_proto_rust::oak::session::v1::{
- session_request::Request, session_response::Response, SessionRequest, SessionResponse,
-};
+use oak_proto_rust::oak::session::v1::{SessionRequest, SessionResponse};
 use oak_session::attestation::AttestationType;
 use oak_session::config::SessionConfig;
 use oak_session::handshake::HandshakeType;
-use oak_session::session::{ClientSession, ServerSession};
+use oak_session::session::{ClientSession, ServerSession, Session};
+use oak_session::ProtocolEngine;
 
 // Factory class for creating instances of `OakClientSession` and `OakServerSession`
 // traits.
@@ -73,115 +72,77 @@ impl OakSessionFactory for DefaultOakSessionFactory {
 
 // Default implementation of `OakClientSession`.
 pub struct DefaultOakClientSession {
- _inner: ClientSession,
- incoming_ciphertext: Option<Vec<u8>>,
- outgoing_ciphertext: Option<Vec<u8>>,
+ inner: ClientSession,
 }
 
 impl DefaultOakClientSession {
  pub fn create() -> Result<Self> {
  // TODO: Revisit config parameters.
  Ok(Self {
- _inner: ClientSession::create(
+ inner: ClientSession::create(
  SessionConfig::builder(AttestationType::Bidirectional, HandshakeType::NoiseNN)
  .build(),
  )?,
- incoming_ciphertext: None,
- outgoing_ciphertext: None,
  })
  }
 }
 
 impl OakSession<SessionResponse, SessionRequest> for DefaultOakClientSession {
- // TODO: Delegate to `inner` once the implementation is complete on Oak side.
  fn get_outgoing_message(&mut self) -> Result<Option<SessionRequest>> {
- if self.outgoing_ciphertext.is_some() {
- return Ok(Some(SessionRequest {
- request: Some(Request::Ciphertext(
- self.outgoing_ciphertext.take().unwrap(),
- )),
- }));
- }
- Ok(Some(SessionRequest { request: None }))
+ self.inner.get_outgoing_message()
  }
 
  fn put_incoming_message(&mut self, incoming_message: &SessionResponse) -> Result<Option<()>> {
- match &incoming_message.response {
- Some(Response::Ciphertext(ciphertext)) => {
- self.incoming_ciphertext = Some(ciphertext.to_vec());
- }
- _ => {}
- }
- Ok(Some(()))
+ self.inner.put_incoming_message(incoming_message)
  }
 
  fn is_open(&self) -> bool {
- true
+ self.inner.is_open()
  }
 
  fn write(&mut self, plaintext: &[u8]) -> Result<()> {
- self.outgoing_ciphertext = Some(plaintext.to_vec());
- Ok(())
+ self.inner.write(plaintext)
  }
 
  fn read(&mut self) -> Result<Option<Vec<u8>>> {
- Ok(self.incoming_ciphertext.take())
+ self.inner.read()
  }
 }
 
 // Default implementation of `OakServerSession`.
 pub struct DefaultOakServerSession {
- _inner: ServerSession,
- incoming_ciphertext: Option<Vec<u8>>,
- outgoing_ciphertext: Option<Vec<u8>>,
+ inner: ServerSession,
 }
 
 impl DefaultOakServerSession {
  pub fn create() -> Result<Self> {
  Ok(Self {
- _inner: ServerSession::new(
+ inner: ServerSession::new(
  SessionConfig::builder(AttestationType::Bidirectional, HandshakeType::NoiseNN)
  .build(),
  ),
- incoming_ciphertext: None,
- outgoing_ciphertext: None,
  })
  }
 }
 
 impl OakSession<SessionRequest, SessionResponse> for DefaultOakServerSession {
- // TODO: Delegate to `inner` once the implementation is complete on Oak side.
  fn get_outgoing_message(&mut self) -> Result<Option<SessionResponse>> {
- if self.outgoing_ciphertext.is_some() {
- return Ok(Some(SessionResponse {
- response: Some(Response::Ciphertext(
- self.outgoing_ciphertext.take().unwrap(),
- )),
- }));
- }
- Ok(Some(SessionResponse { response: None }))
+ self.inner.get_outgoing_message()
  }
 
  fn put_incoming_message(&mut self, incoming_message: &SessionRequest) -> Result<Option<()>> {
- match &incoming_message.request {
- Some(Request::Ciphertext(ciphertext)) => {
- self.incoming_ciphertext = Some(ciphertext.to_vec());
- }
- _ => {}
- }
- Ok(Some(()))
+ self.inner.put_incoming_message(incoming_message)
  }
 
  fn is_open(&self) -> bool {
- true
+ self.inner.is_open()
  }
 
  fn write(&mut self, plaintext: &[u8]) -> Result<()> {
- self.outgoing_ciphertext = Some(plaintext.to_vec());
- Ok(())
+ self.inner.write(plaintext)
  }
 
  fn read(&mut self) -> Result<Option<Vec<u8>>> {
- Ok(self.incoming_ciphertext.take())
+ self.inner.read()
  }
 }