Merge pull request #21 from Amnesic-Systems/remove-key-synchronization

Delete remnants of key synchronization.
Amnesic-Systems · Nov 12, 2024 · 37257cb · 37257cb
2 parents 74348c4 + 69f3065
commit 37257cb
Show file tree

Hide file tree

Showing 6 changed files with 3 additions and 291 deletions.
diff --git a/internal/enclave/keys.go b/internal/enclave/keys.go
diff --git a/internal/enclave/keys_test.go b/internal/enclave/keys_test.go
diff --git a/internal/service/handle/handlers.go b/internal/service/handle/handlers.go
@@ -3,7 +3,6 @@ package handle
 import (
 	"crypto/sha256"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -17,18 +16,6 @@ import (
 	"github.com/Amnesic-Systems/veil/internal/util"
 )
 
-const (
-	// The maximum length of the key material (in bytes) that enclave
-	// applications can PUT to our HTTP API.
-	maxKeyMaterialLen = 1024 * 1024
-)
-
-var (
-	errFailedReqBody         = errors.New("failed to read request body")
-	errDesignationInProgress = errors.New("leader designation in progress")
-	errEndpointGone          = errors.New("endpoint not meant to be used")
-)
-
 // Index informs the visitor that this host runs inside an enclave. This is
 // useful for testing.
 func Index(cfg *config.Config) http.HandlerFunc {

diff --git a/internal/service/handle/state.go b/internal/service/handle/state.go
diff --git a/internal/service/routes.go b/internal/service/routes.go
@@ -4,7 +4,6 @@ import (
 	"net/http/httputil"
 
 	"github.com/Amnesic-Systems/veil/internal/config"
-	"github.com/Amnesic-Systems/veil/internal/enclave"
 	"github.com/Amnesic-Systems/veil/internal/service/attestation"
 	"github.com/Amnesic-Systems/veil/internal/service/handle"
 	"github.com/go-chi/chi/v5"
@@ -38,7 +37,6 @@ func addExternalPublicRoutes(
 func addInternalRoutes(
 	r *chi.Mux,
 	config *config.Config,
-	keys *enclave.Keys,
 	hashes *attestation.Hashes,
 	appReady chan struct{},
 ) {
@@ -51,5 +49,4 @@ func addInternalRoutes(
 	}
 	r.Get("/enclave/hashes", handle.Hashes(hashes))
 	r.Post("/enclave/hash", handle.AppHash(hashes.SetAppHash))
-	r.Handle("/enclave/state", handle.NewState(keys))
 }
diff --git a/internal/service/service.go b/internal/service/service.go
@@ -38,20 +38,18 @@ func Run(
 		log.Fatalf("Failed to set up system: %v", err)
 	}
 
-	// Initialize the enclave keys for enclave synchronization.
+	// Create a TLS certificate for the external Web server.
 	cert, key, err := httputil.CreateCertificate(config.FQDN)
 	if err != nil {
 		log.Fatalf("Failed to create certificate: %v", err)
 	}
-	keys := new(enclave.Keys)
-	keys.SetVeilKeys(key, cert)
 
 	// Initialize hashes for the attestation document.
 	hashes := new(attestation.Hashes)
 	hashes.SetTLSHash(addr.Of(sha256.Sum256(cert)))
 
 	// Initialize Web servers.
-	intSrv := newIntSrv(config, keys, hashes, appReady)
+	intSrv := newIntSrv(config, hashes, appReady)
 	builder := attestation.NewBuilder(
 		attester,
 		attestation.WithHashes(hashes),
@@ -143,12 +141,11 @@ func startAllWebSrvs(
 
 func newIntSrv(
 	config *config.Config,
-	keys *enclave.Keys,
 	hashes *attestation.Hashes,
 	appReady chan struct{},
 ) *http.Server {
 	r := chi.NewRouter()
-	addInternalRoutes(r, config, keys, hashes, appReady)
+	addInternalRoutes(r, config, hashes, appReady)
 
 	return &http.Server{
 		Addr:    net.JoinHostPort("127.0.0.1", config.IntPort),