use anyhow::Result; use ed25519_dalek::SigningKey; use log::{info, warn}; use sha2::{Digest, Sha256}; use std::fs::File; use std::io::{Read, Write}; use std::sync::LazyLock; pub const DETEE_ROOT_CA: &str = "/etc/detee/root_ca.pem"; pub const BRAIN_STAGING: (&str, &str) = ("https://159.65.58.38:31337", "staging-brain"); pub const BRAIN_TESTING: (&str, &str) = ("https://164.92.249.180:31337", "testnet-brain"); pub const PACKAGE_ARCHIVE_POSTFIX: &str = "-enclave_package.tar.gz"; pub const PACKAGE_ARCHIVE_DIR_PATH: &str = "./enclave_archives"; pub const PACKAGE_DIR_PATH: &str = "./enclaves"; pub const APP_NAME_PREFIX: &str = "dtpm"; // const DETEE_DIR_ENV_NAME: &str = "DETEE_DIR"; pub static IP_INFO: LazyLock = LazyLock::new(|| tokio::task::block_in_place(|| get_ip_info().unwrap())); pub static DAEMON_CONFIG_BASE_DIR: LazyLock = LazyLock::new(|| "/etc/detee/app_daemon".to_string()); pub static USED_RESOURCES_PATH: LazyLock = LazyLock::new(|| { // let home = home::home_dir().unwrap().to_string_lossy().into_owned(); // std::env::var(DETEE_DIR_ENV_NAME) // .unwrap_or(format!("{home}/.detee/app_daemon/used_resources.yaml")) let base_dir = DAEMON_CONFIG_BASE_DIR.to_string(); format!("{base_dir}/used_resources.yaml") }); pub static DAEMON_CONFIG_PATH: LazyLock = LazyLock::new(|| { // let home = home::home_dir().unwrap().to_string_lossy().into_owned(); // std::env::var(DETEE_DIR_ENV_NAME).unwrap_or(format!("{home}/.detee/app_daemon/config.yaml")) let base_dir = DAEMON_CONFIG_BASE_DIR.to_string(); format!("{base_dir}/config.yaml") }); pub static DEPLOYED_APPS_CONFIG_DIR: LazyLock = LazyLock::new(|| { // let home = home::home_dir().unwrap().to_string_lossy().into_owned(); // std::env::var(DETEE_DIR_ENV_NAME).unwrap_or(format!("{home}/.detee/app_daemon/deployed_apps/")) let base_dir = DAEMON_CONFIG_BASE_DIR.to_string(); format!("{base_dir}/deployed_apps") }); pub static SECRET_KEY_PATH: LazyLock = LazyLock::new(|| { // let home = home::home_dir().unwrap().to_string_lossy().into_owned(); // std::env::var(DETEE_DIR_ENV_NAME) // .unwrap_or(format!("{home}/.detee/app_daemon/node_secret_key.pem")) let base_dir = DAEMON_CONFIG_BASE_DIR.to_string(); format!("{base_dir}/node_secret_key.pem") }); pub static PUBLIC_KEY: LazyLock = LazyLock::new(get_public_key); #[derive(serde::Deserialize, Clone)] pub struct IPInfo { pub country: String, pub region: String, pub city: String, pub ip: String, } fn get_ip_info() -> anyhow::Result { let body = reqwest::blocking::get("https://ipinfo.io/".to_string())?.text()?; log::info!("Got the following data from ipinfo.io: {body}"); Ok(serde_json::de::from_str(&body)?) } fn create_secret_key() -> Result { let key_path = SECRET_KEY_PATH.to_string(); info!("Creating new secret key at {}", key_path); let sk = SigningKey::generate(&mut rand::rngs::OsRng); let private_key_string = bs58::encode(sk.to_bytes()).into_string(); let mut file = File::create(key_path)?; file.write_all(private_key_string.as_bytes())?; Ok(sk) } fn load_secret_key() -> Result { let secret_key_string = match std::fs::read_to_string(SECRET_KEY_PATH.to_string()) { Ok(secret_key_pem) => secret_key_pem, Err(e) => { warn!("Could not load secret key due to error: {e:?}"); return create_secret_key(); } }; Ok(SigningKey::from_bytes( &bs58::decode(secret_key_string) .into_vec()? .try_into() .map_err(|_| bs58::decode::Error::BufferTooSmall)?, )) } pub fn sign_message(msg: &str) -> Result { use ed25519_dalek::Signer; let key = load_secret_key()?; Ok(bs58::encode(key.sign(msg.as_bytes()).to_bytes()).into_string()) } pub fn get_public_key() -> String { let pubkey = bs58::encode(load_secret_key().unwrap().verifying_key().to_bytes()).into_string(); log::info!("Loaded the following public key: {pubkey}"); pubkey } pub fn compute_sha256>(path: P) -> Result { let mut file = File::open(path)?; let mut hasher = Sha256::new(); let mut buffer = [0u8; 8192]; loop { let bytes_read = file.read(&mut buffer).unwrap(); if bytes_read == 0 { break; } hasher.update(&buffer[..bytes_read]); } let result = hasher.finalize(); Ok(format!("{:x}", result)) }