!231 [sync] PR-230: sync bugfix from 24.09 to master

From: @openeuler-sync-bot 
Reviewed-by: @houmingyong 
Signed-off-by: @houmingyong

0087-use-id-when-get-policy.patch

@@ -0,0 +1,90 @@
+From 32f9270f0cf4ef2ee9c1ababf66c24c7cf10bd17 Mon Sep 17 00:00:00 2001
+From: xuraoqing <xuraoqing@huawei.com>
+Date: Fri, 13 Sep 2024 17:21:47 +0800
+Subject: [PATCH] use id when get policy
+
+---
+ .../attestation-service/service/src/lib.rs            | 10 +++++++++-
+ .../attestation-service/service/src/restapi/mod.rs    | 11 +++++++++--
+ .../attestation/attestation-service/tests/src/lib.rs  |  6 ++++++
+ 3 files changed, 24 insertions(+), 3 deletions(-)
+
+diff --git a/service/attestation/attestation-service/service/src/lib.rs b/service/attestation/attestation-service/service/src/lib.rs
+index 31e6305..1c5c907 100644
+--- a/service/attestation/attestation-service/service/src/lib.rs
++++ b/service/attestation/attestation-service/service/src/lib.rs
+@@ -185,7 +185,7 @@ impl AttestationService {
+             .await
+     }
+ 
+-    pub async fn get_policy(&self,
++    pub async fn get_all_policy(&self,
+         policy_dir: &String,
+     ) -> Result<String, PolicyEngineError> {
+         let engine = OPA::new(policy_dir).await;
+@@ -203,6 +203,14 @@ impl AttestationService {
+         }
+     }
+ 
++    pub async fn get_policy(&self,
++        policy_dir: &String,
++        id: &String 
++    ) -> Result<String, PolicyEngineError> {
++        let engine = OPA::new(policy_dir).await?;
++        Ok(engine.get_policy(id).await?)
++    }
++
+     pub async fn register_reference(&self,
+         ref_set: &String
+     ) -> Result<(), RefOpError> {
+diff --git a/service/attestation/attestation-service/service/src/restapi/mod.rs b/service/attestation/attestation-service/service/src/restapi/mod.rs
+index f49d175..d47698a 100644
+--- a/service/attestation/attestation-service/service/src/restapi/mod.rs
++++ b/service/attestation/attestation-service/service/src/restapi/mod.rs
+@@ -122,13 +122,20 @@ pub async fn set_policy(
+     Ok(HttpResponse::Ok().body("set policy success"))
+ }
+ 
++#[derive(Deserialize, Serialize, Debug)]
++pub struct PolicyGetRequest {
++    policy_id: String,
++}
++
+ #[get("/policy")]
+ pub async fn get_policy(
+-    request: HttpRequest,
++    request: web::Json<PolicyGetRequest>,
+     service: web::Data<Arc<RwLock<AttestationService>>>,
+ ) -> Result<HttpResponse> {
++    let request = request.0;
+     log::debug!("get policy request: {:?}", request);
++    let id = request.policy_id.clone();
+     let dir:String = String::from(DEFAULT_POLICY_DIR);
+-    let ret = service.read().await.get_policy(&dir).await?;
++    let ret = service.read().await.get_policy(&dir, &id.to_string()).await?;
+     Ok(HttpResponse::Ok().body(ret))
+ }
+diff --git a/service/attestation/attestation-service/tests/src/lib.rs b/service/attestation/attestation-service/tests/src/lib.rs
+index abd099f..b8adb1e 100644
+--- a/service/attestation/attestation-service/tests/src/lib.rs
++++ b/service/attestation/attestation-service/tests/src/lib.rs
+@@ -121,10 +121,16 @@ mod tests {
+ 
+     #[test]
+     fn api_get_policy() {
++        let request_body = json!({
++            "policy_id":"test_policy.rego"
++           }
++        );
+         let client: Client = Client::new();
+         let endpoint = "http://127.0.0.1:8080/policy";
+         let res = client
+             .get(endpoint)
++            .header("Content-Type", "application/json")
++            .body(request_body.to_string())
+             .send()
+             .unwrap();
+         assert_eq!(res.status(), reqwest::StatusCode::OK);
+-- 
+2.33.0
+

0088-fix-evidence-decode-typos.patch

@@ -0,0 +1,26 @@
+From 5f4cbe40acc8197fb2ae140584712e8b3c950805 Mon Sep 17 00:00:00 2001
+From: xuraoqing <xuraoqing@huawei.com>
+Date: Sat, 14 Sep 2024 11:30:52 +0800
+Subject: [PATCH] fix evidence decode typos
+
+Signed-off-by: xuraoqing <xuraoqing@huawei.com>
+---
+ service/attestation/attestation-agent/agent/src/restapi/mod.rs | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/service/attestation/attestation-agent/agent/src/restapi/mod.rs b/service/attestation/attestation-agent/agent/src/restapi/mod.rs
+index 0570060..2745443 100644
+--- a/service/attestation/attestation-agent/agent/src/restapi/mod.rs
++++ b/service/attestation/attestation-agent/agent/src/restapi/mod.rs
+@@ -78,7 +78,7 @@ pub async fn verify_evidence(
+ ) -> Result<HttpResponse> {
+     let request = request.0;
+     log::debug!("verify evidence request: {:?}", request);
+-    let challenge = base64_url::decode(&"request.challenge".to_string())
++    let challenge = base64_url::decode(&request.challenge)
+         .map_err(|err|AgentError::DecodeError(err.to_string()))?;
+     let evidence = request.evidence;
+     let policy_id =  request.policy_id;
+-- 
+2.33.0
+

secGear.spec

@@ -1,6 +1,6 @@
 Name:		secGear
 Version:	0.1.0
-Release:	50
+Release:	52
 Summary:	secGear is an SDK to develop confidential computing apps based on hardware enclave features
 
 
@@ -96,6 +96,8 @@ Patch82:	0083-optimize-log-level.patch
 Patch83:	0084-fix-concurrent-request-error-to-aa-or-as.patch
 Patch84:	0085-fix-multi-thread-request-as-generate-challenge-and-v.patch
 Patch85:	0086-add-error-type-for-api.patch
+Patch86:	0087-use-id-when-get-policy.patch
+Patch87:	0088-fix-evidence-decode-typos.patch
 
 
 BuildRequires:	gcc python automake autoconf libtool
@@ -293,6 +295,12 @@ popd
 systemctl restart rsyslog
 
 %changelog
+* Tue Nov 26 2024 houmingyong<houmingyong@huawei.com> - 0.1.0-52
+- fix evidence decode typos
+
+* Tue Nov 26 2024 houmingyong<houmingyong@huawei.com> - 0.1.0-51
+- get policy with id
+
 * Tue Nov 26 2024 houmingyong<houmingyong@huawei.com> - 0.1.0-50
 - add error type for api