From a700fd0d065f3a73c3a0170f7aa3220cf8cc8211 Mon Sep 17 00:00:00 2001
From: Amaury Chamayou <amchamay@microsoft.com>
Date: Thu, 19 Oct 2023 12:22:01 +0000
Subject: [PATCH] snp attestation wrapper

---
 .daily_canary               |   2 +-
 src/js/snp_attestation.cpp  | 243 +++++++++++++++++-------------------
 src/js/wrap.h               |   7 +-
 tests/js-modules/modules.py |  16 +--
 4 files changed, 129 insertions(+), 139 deletions(-)

diff --git a/.daily_canary b/.daily_canary
index 24cfa1bb0840..107a6db4c254 100644
--- a/.daily_canary
+++ b/.daily_canary
@@ -1,4 +1,4 @@
    -^-     ___           ___
   (- -)   (= =)   |     Y   &  +--?
  (  V  ) /  .  \  |    +---=---'
-/--x-m- /--n-n---xXx--/--yY------>>>----<<<>>
+/--x-m- /--n-n---xXx--/--yY------>>>----<<<>>]]
diff --git a/src/js/snp_attestation.cpp b/src/js/snp_attestation.cpp
index bb0297c4f5c0..20e0e499c657 100644
--- a/src/js/snp_attestation.cpp
+++ b/src/js/snp_attestation.cpp
@@ -17,7 +17,8 @@ namespace ccf::js
 {
 #pragma clang diagnostic push
 
-  static JSValue make_js_tcb_version(js::Context& jsctx, pal::snp::TcbVersion tcb)
+  static JSValue make_js_tcb_version(
+    js::Context& jsctx, pal::snp::TcbVersion tcb)
   {
     auto js_tcb = jsctx.new_obj();
     JS_CHECK_EXC(js_tcb);
@@ -112,7 +113,6 @@ namespace ccf::js
     auto attestation =
       *reinterpret_cast<const pal::snp::Attestation*>(quote_info.quote.data());
 
-
     auto r = jsctx.new_obj();
     JS_CHECK_EXC(r);
 
@@ -128,13 +128,13 @@ namespace ccf::js
     JS_CHECK_SET(policy.set_uint32("abi_minor", attestation.policy.abi_minor));
     JS_CHECK_SET(policy.set_uint32("abi_major", attestation.policy.abi_major));
     JS_CHECK_SET(policy.set_uint32("smt", attestation.policy.smt));
-    JS_CHECK_SET(policy.set_uint32("migrate_ma", attestation.policy.migrate_ma));
+    JS_CHECK_SET(
+      policy.set_uint32("migrate_ma", attestation.policy.migrate_ma));
     JS_CHECK_SET(policy.set_uint32("debug", attestation.policy.debug));
-    JS_CHECK_SET(policy.set_uint32("single_socket", attestation.policy.single_socket));
+    JS_CHECK_SET(
+      policy.set_uint32("single_socket", attestation.policy.single_socket));
 
-    auto policy_atom = JSWrappedAtom(ctx, "policy");
-    JS_CHECK_NULL(policy_atom);
-    JS_CHECK_SET(a.set(std::move(policy_atom), std::move(policy)));
+    JS_CHECK_SET(a.set("policy", std::move(policy)));
 
     auto family_id = jsctx.new_array_buffer_copy(attestation.family_id);
     JS_CHECK_EXC(family_id);
@@ -145,135 +145,126 @@ namespace ccf::js
     JS_CHECK_SET(a.set("image_id", std::move(image_id)));
 
     JS_CHECK_SET(a.set_uint32("vmpl", attestation.vmpl));
-    JS_CHECK_SET(a.set_uint32("signature_algo", static_cast<uint32_t>(attestation.signature_algo)));
+    JS_CHECK_SET(a.set_uint32(
+      "signature_algo", static_cast<uint32_t>(attestation.signature_algo)));
 
-    auto platform_version = JSWrappedValue(ctx, make_js_tcb_version(jsctx, attestation.platform_version));
+    auto platform_version = JSWrappedValue(
+      ctx, make_js_tcb_version(jsctx, attestation.platform_version));
     JS_CHECK_EXC(platform_version);
     JS_CHECK_SET(a.set("platform_version", std::move(platform_version)));
 
     auto platform_info = jsctx.new_obj();
     JS_CHECK_EXC(platform_info);
-    JS_CHECK_SET(platform_info.set_uint32("smt_en", attestation.platform_info.smt_en));
-    JS_CHECK_SET(platform_info.set_uint32("tsme_en", attestation.platform_info.tsme_en));
-
-    auto platform_info_atom = JSWrappedAtom(ctx, "platform_info");
-    JS_CHECK_NULL(platform_info_atom);
-    JS_CHECK_SET(a.set(std::move(platform_info_atom), std::move(platform_info)));
-
-    auto flags = JS_NewObject(ctx);
-    JS_SetPropertyStr(
-      ctx,
-      flags,
-      "author_key_en",
-      JS_NewUint32(ctx, attestation.flags.author_key_en));
-    JS_SetPropertyStr(
-      ctx,
-      flags,
-      "mask_chip_key",
-      JS_NewUint32(ctx, attestation.flags.mask_chip_key));
-    JS_SetPropertyStr(
-      ctx,
-      flags,
-      "signing_key",
-      JS_NewUint32(ctx, attestation.flags.signing_key));
-    JS_SetProperty(ctx, a, JS_NewAtom(ctx, "flags"), flags);
-
-    JS_SetPropertyStr(
-      ctx, a, "report_data", JS_NewArrayBuffer2(ctx, attestation.report_data));
-    JS_SetPropertyStr(
-      ctx, a, "measurement", JS_NewArrayBuffer2(ctx, attestation.measurement));
-
-    JS_SetPropertyStr(
-      ctx, a, "host_data", JS_NewArrayBuffer2(ctx, attestation.host_data));
-    JS_SetPropertyStr(
-      ctx,
-      a,
-      "id_key_digest",
-      JS_NewArrayBuffer2(ctx, attestation.id_key_digest));
-    JS_SetPropertyStr(
-      ctx,
-      a,
-      "author_key_digest",
-      JS_NewArrayBuffer2(ctx, attestation.author_key_digest));
-    JS_SetPropertyStr(
-      ctx, a, "report_id", JS_NewArrayBuffer2(ctx, attestation.report_id));
-    JS_SetPropertyStr(
-      ctx,
-      a,
-      "report_id_ma",
-      JS_NewArrayBuffer2(ctx, attestation.report_id_ma));
-    JS_SetProperty(
-      ctx,
-      a,
-      JS_NewAtom(ctx, "reported_tcb"),
-      make_js_tcb_version(jsctx, attestation.reported_tcb));
-    JS_SetPropertyStr(
-      ctx, a, "chip_id", JS_NewArrayBuffer2(ctx, attestation.chip_id));
-    JS_SetProperty(
-      ctx,
-      a,
-      JS_NewAtom(ctx, "committed_tcb"),
-      make_js_tcb_version(jsctx, attestation.committed_tcb));
-    JS_SetPropertyStr(
-      ctx, a, "current_minor", JS_NewUint32(ctx, attestation.current_minor));
-    JS_SetPropertyStr(
-      ctx, a, "current_build", JS_NewUint32(ctx, attestation.current_build));
-    JS_SetPropertyStr(
-      ctx, a, "current_major", JS_NewUint32(ctx, attestation.current_major));
-    JS_SetPropertyStr(
-      ctx,
-      a,
-      "committed_build",
-      JS_NewUint32(ctx, attestation.committed_build));
-    JS_SetPropertyStr(
-      ctx,
-      a,
-      "committed_minor",
-      JS_NewUint32(ctx, attestation.committed_minor));
-    JS_SetPropertyStr(
-      ctx,
-      a,
-      "committed_major",
-      JS_NewUint32(ctx, attestation.committed_major));
-    JS_SetProperty(
-      ctx,
-      a,
-      JS_NewAtom(ctx, "launch_tcb"),
-      make_js_tcb_version(jsctx, attestation.launch_tcb));
-
-    auto signature = JS_NewObject(ctx);
-    JS_SetProperty(
-      ctx,
-      signature,
-      JS_NewAtom(ctx, "r"),
-      JS_NewArrayBuffer2(ctx, attestation.signature.r));
-    JS_SetProperty(
-      ctx,
-      signature,
-      JS_NewAtom(ctx, "s"),
-      JS_NewArrayBuffer2(ctx, attestation.signature.s));
-    JS_SetProperty(ctx, a, JS_NewAtom(ctx, "signature"), signature);
+    JS_CHECK_SET(
+      platform_info.set_uint32("smt_en", attestation.platform_info.smt_en));
+    JS_CHECK_SET(
+      platform_info.set_uint32("tsme_en", attestation.platform_info.tsme_en));
+    JS_CHECK_SET(a.set("plaform_info", std::move(platform_info)));
+
+    auto flags = jsctx.new_obj();
+    JS_CHECK_EXC(flags);
+    JS_CHECK_SET(
+      flags.set_uint32("author_key_en", attestation.flags.author_key_en));
+    JS_CHECK_SET(
+      flags.set_uint32("mask_chip_key", attestation.flags.mask_chip_key));
+    JS_CHECK_SET(
+      flags.set_uint32("signing_key", attestation.flags.signing_key));
+    JS_CHECK_SET(a.set("flags", std::move(flags)));
+
+    auto attestation_report_data =
+      jsctx.new_array_buffer_copy(attestation.report_data);
+    JS_CHECK_EXC(attestation_report_data);
+    JS_CHECK_SET(a.set("report_data", std::move(attestation_report_data)));
+
+    auto attestation_measurement =
+      jsctx.new_array_buffer_copy(attestation.measurement);
+    JS_CHECK_EXC(attestation_measurement);
+    JS_CHECK_SET(a.set("measurement", std::move(attestation_measurement)));
+
+    auto attestation_host_data =
+      jsctx.new_array_buffer_copy(attestation.host_data);
+    JS_CHECK_EXC(attestation_host_data);
+    JS_CHECK_SET(a.set("host_data", std::move(attestation_host_data)));
+
+    auto attestation_id_key_digest =
+      jsctx.new_array_buffer_copy(attestation.id_key_digest);
+    JS_CHECK_EXC(attestation_id_key_digest);
+    JS_CHECK_SET(a.set("id_key_digest", std::move(attestation_id_key_digest)));
+
+    auto attestation_author_key_digest =
+      jsctx.new_array_buffer_copy(attestation.author_key_digest);
+    JS_CHECK_EXC(attestation_author_key_digest);
+    JS_CHECK_SET(
+      a.set("author_key_digest", std::move(attestation_id_key_digest)));
+
+    auto attestation_report_id =
+      jsctx.new_array_buffer_copy(attestation.report_id);
+    JS_CHECK_EXC(attestation_report_id);
+    JS_CHECK_SET(a.set("report_id", std::move(attestation_id_key_digest)));
+
+    auto attestation_report_id_ma =
+      jsctx.new_array_buffer_copy(attestation.report_id_ma);
+    JS_CHECK_EXC(attestation_report_id_ma);
+    JS_CHECK_SET(a.set("report_id_ma", std::move(attestation_report_id_ma)));
+
+    auto reported_tcb =
+      JSWrappedValue(ctx, make_js_tcb_version(jsctx, attestation.reported_tcb));
+    JS_CHECK_EXC(reported_tcb);
+    JS_CHECK_SET(a.set("reported_tcb", std::move(reported_tcb)));
+
+    auto attestation_chip_id = jsctx.new_array_buffer_copy(attestation.chip_id);
+    JS_CHECK_EXC(attestation_chip_id);
+    JS_CHECK_SET(a.set("chip_id", std::move(attestation_chip_id)));
+
+    auto committed_tcb = JSWrappedValue(
+      ctx, make_js_tcb_version(jsctx, attestation.committed_tcb));
+    JS_CHECK_EXC(committed_tcb);
+    JS_CHECK_SET(a.set("committed_tcb", std::move(committed_tcb)));
+
+    JS_CHECK_SET(a.set_uint32("current_minor", attestation.current_minor));
+    JS_CHECK_SET(a.set_uint32("current_build", attestation.current_build));
+    JS_CHECK_SET(a.set_uint32("current_major", attestation.current_major));
+    JS_CHECK_SET(a.set_uint32("committed_build", attestation.committed_build));
+    JS_CHECK_SET(a.set_uint32("committed_minor", attestation.committed_minor));
+    JS_CHECK_SET(a.set_uint32("committed_major", attestation.committed_major));
+
+    auto launch_tcb =
+      JSWrappedValue(ctx, make_js_tcb_version(jsctx, attestation.launch_tcb));
+    JS_CHECK_EXC(launch_tcb);
+    JS_CHECK_SET(a.set("launch_tcb", std::move(launch_tcb)));
+
+    auto signature = jsctx.new_obj();
+    JS_CHECK_EXC(signature);
+
+    auto signature_r = jsctx.new_array_buffer_copy(attestation.signature.r);
+    JS_CHECK_EXC(signature_r);
+    JS_CHECK_SET(signature.set("r", std::move(signature_r)));
+
+    auto signature_s = jsctx.new_array_buffer_copy(attestation.signature.s);
+    JS_CHECK_EXC(signature_s);
+    JS_CHECK_SET(signature.set("s", std::move(signature_s)));
+
+    JS_CHECK_SET(a.set("signature", std::move(signature)));
     JS_CHECK_SET(r.set("attestation", std::move(a)));
 
     if (parsed_uvm_endorsements.has_value())
     {
-      auto u = JS_NewObject(ctx);
-      JS_SetPropertyStr(
-        ctx,
-        u,
-        "did",
-        JS_NewString(ctx, parsed_uvm_endorsements.value().did.c_str()));
-      JS_SetPropertyStr(
-        ctx,
-        u,
-        "feed",
-        JS_NewString(ctx, parsed_uvm_endorsements.value().feed.c_str()));
-      JS_SetPropertyStr(
-        ctx,
-        u,
-        "svn",
-        JS_NewString(ctx, parsed_uvm_endorsements.value().svn.c_str()));
-      JS_SetProperty(ctx, r, JS_NewAtom(ctx, "uvm_endorsements"), u);
+      auto u = jsctx.new_obj();
+      JS_CHECK_EXC(u);
+
+      auto did = jsctx.new_string(parsed_uvm_endorsements.value().did.c_str());
+      JS_CHECK_EXC(did);
+      JS_CHECK_SET(u.set("did", std::move(did)));
+
+      auto feed =
+        jsctx.new_string(parsed_uvm_endorsements.value().feed.c_str());
+      JS_CHECK_EXC(feed);
+      JS_CHECK_SET(u.set("feed", std::move(feed)));
+
+      auto svn = jsctx.new_string(parsed_uvm_endorsements.value().svn.c_str());
+      JS_CHECK_EXC(svn);
+      JS_CHECK_SET(u.set("svn", std::move(svn)));
+      JS_CHECK_SET(r.set("uvm_endorsements", std::move(u)));
     }
 
     return r.take();
diff --git a/src/js/wrap.h b/src/js/wrap.h
index a35a3fabf57c..34774de2ff05 100644
--- a/src/js/wrap.h
+++ b/src/js/wrap.h
@@ -281,8 +281,7 @@ namespace ccf::js
 
     int set_uint32(const std::string& prop, uint32_t i) const
     {
-      return JS_SetPropertyStr(
-        ctx, val, prop.c_str(), JS_NewUint32(ctx, i));
+      return JS_SetPropertyStr(ctx, val, prop.c_str(), JS_NewUint32(ctx, i));
     }
 
     bool is_exception() const
@@ -540,7 +539,8 @@ namespace ccf::js
 
     JSWrappedValue new_array_buffer_copy(std::span<const uint8_t> data) const
     {
-      return JSWrappedValue(ctx, JS_NewArrayBufferCopy(ctx, data.data(), data.size()));
+      return JSWrappedValue(
+        ctx, JS_NewArrayBufferCopy(ctx, data.data(), data.size()));
     }
 
     JSWrappedValue new_string(const char* str) const
@@ -557,7 +557,6 @@ namespace ccf::js
     {
       va_list ap;
       va_start(ap, fmt);
-      // TODO: that does not seem right, it will attempt to free a JS_EXCEPTION
       auto r = W(JS_ThrowTypeError(ctx, fmt, ap));
       va_end(ap);
       return r;
diff --git a/tests/js-modules/modules.py b/tests/js-modules/modules.py
index ce419f91d63c..c9114ba369b2 100644
--- a/tests/js-modules/modules.py
+++ b/tests/js-modules/modules.py
@@ -1372,15 +1372,15 @@ def run(args):
         args.nodes, args.binary_dir, args.debug_nodes, args.perf_nodes, pdb=args.pdb
     ) as network:
         network.start_and_open(args)
-        # network = test_module_import(network, args)
-        # network = test_bytecode_cache(network, args)
-        # network = test_app_bundle(network, args)
-        # network = test_dynamic_endpoints(network, args)
-        # network = test_set_js_runtime(network, args)
+        network = test_module_import(network, args)
+        network = test_bytecode_cache(network, args)
+        network = test_app_bundle(network, args)
+        network = test_dynamic_endpoints(network, args)
+        network = test_set_js_runtime(network, args)
         network = test_npm_app(network, args)
-        # network = test_js_execution_time(network, args)
-        # network = test_js_exception_output(network, args)
-        # network = test_user_cose_authentication(network, args)
+        network = test_js_execution_time(network, args)
+        network = test_js_exception_output(network, args)
+        network = test_user_cose_authentication(network, args)
 
 
 if __name__ == "__main__":