Replace serde deps with minicbor

Cargo.toml

@@ -21,6 +21,4 @@ lto = true
 nix = "0.20"
 libc = "0.2"
 log = "0.4"
-serde = { version = "1.0", features = ["derive"] }
-serde_bytes = "0.11"
-serde_cbor = "0.11"
+minicbor = { version = "0.18", features = ["derive", "alloc"] }

Makefile

@@ -1,7 +1,7 @@
 # Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 
 SRC_PATH         = $(dir $(realpath $(lastword $(MAKEFILE_LIST))))
-HOST_MACHINE     = $(shell uname -m)
+HOST_MACHINE     = x86_64
 CONTAINER_TAG    = nsm-api
 DOCKERFILES_PATH = ${SRC_PATH}/Dockerfiles
 BUILD_DOCKERFILE = ${DOCKERFILES_PATH}/Dockerfile.build
@@ -14,42 +14,50 @@ NIGHTLY          = nightly
 	docker image build \
 		--build-arg HOST_MACHINE=${HOST_MACHINE} \
 		--build-arg RUST_VERSION=${COMP_VERSION} \
+		--platform=linux/$(HOST_MACHINE) \
 		-t ${CONTAINER_TAG}-${COMP_VERSION} -f ${BUILD_DOCKERFILE} ${SRC_PATH}
 
 .build-${HOST_MACHINE}-${STABLE}:
 	docker image build \
 		--build-arg HOST_MACHINE=${HOST_MACHINE} \
 		--build-arg RUST_VERSION=${STABLE} \
+		--platform=linux/$(HOST_MACHINE) \
 		-t ${CONTAINER_TAG}-${STABLE} -f ${BUILD_DOCKERFILE} ${SRC_PATH}
 
 .build-${HOST_MACHINE}-${NIGHTLY}: ${DOCKERFILES_PATH}
 	docker image build \
 		--build-arg HOST_MACHINE=${HOST_MACHINE} \
 		--build-arg RUST_VERSION=${NIGHTLY} \
+		--platform=linux/$(HOST_MACHINE) \
 		-t ${CONTAINER_TAG}-${NIGHTLY} -f ${BUILD_DOCKERFILE} ${SRC_PATH}
 
 nsm-api-${COMP_VERSION}: .build-${HOST_MACHINE}-${COMP_VERSION}
 	docker run \
+		--platform=linux/$(HOST_MACHINE) \
 		${CONTAINER_TAG}-${COMP_VERSION} \
 		cargo test --all
 
 nsm-api-${STABLE}: .build-${HOST_MACHINE}-${STABLE}
 	docker run \
+		--platform=linux/$(HOST_MACHINE) \
 		${CONTAINER_TAG}-${STABLE} \
 		/bin/bash -c "cargo build && cargo test --all"
 
 nsm-api-${NIGHTLY}: .build-${HOST_MACHINE}-${NIGHTLY}
 	docker run \
+		--platform=linux/$(HOST_MACHINE) \
 		${CONTAINER_TAG}-${NIGHTLY} \
 		cargo test --all
 
 rustfmt: nsm-api-${STABLE}
 	docker run \
+		--platform=linux/$(HOST_MACHINE) \
 		${CONTAINER_TAG}-${STABLE} \
 		cargo fmt -v --all -- --check
 
 clippy: nsm-api-${STABLE}
 	docker run \
+		--platform=linux/$(HOST_MACHINE) \
 		${CONTAINER_TAG}-${STABLE} \
 		cargo clippy --all
 
@@ -65,15 +73,18 @@ command-executer-build:
 .build-nsm-test-cpp-docker: command-executer-build
 	docker build \
 		--build-arg HOST_MACHINE=${HOST_MACHINE} \
+		--platform=linux/$(HOST_MACHINE) \
 		-f ${TEST_DOCKERFILE} -t nsm-test-cpp --target nsm-test-cpp ${SRC_PATH}
 
 .build-nsm-check-docker: command-executer-build
 	docker build \
 		--build-arg HOST_MACHINE=${HOST_MACHINE} \
+		--platform=linux/$(HOST_MACHINE) \
 		-f ${TEST_DOCKERFILE} -t nsm-check --target nsm-check ${SRC_PATH}
 
 .build-nsm-multithread-docker: command-executer-build
 	docker build \
+		--platform=linux/$(HOST_MACHINE) \
 		--build-arg HOST_MACHINE=${HOST_MACHINE} \
 		-f ${TEST_DOCKERFILE} -t nsm-multithread --target nsm-multithread ${SRC_PATH}
 

nsm-lib/Cargo.toml

@@ -7,7 +7,6 @@ license = "Apache-2.0"
 
 [dependencies]
 aws-nitro-enclaves-nsm-api = { path = "../" }
-serde_bytes = "0.11"
 
 [build-dependencies]
 cbindgen = { version = "0.21", default-features = false }

nsm-lib/src/lib.rs

@@ -11,7 +11,6 @@
 pub use aws_nitro_enclaves_nsm_api::api::{Digest, ErrorCode};
 use aws_nitro_enclaves_nsm_api::api::{Request, Response};
 use aws_nitro_enclaves_nsm_api::driver::{nsm_exit, nsm_init, nsm_process_request};
-use serde_bytes::ByteBuf;
 use std::ptr::copy_nonoverlapping;
 use std::{cmp, slice};
 
@@ -197,9 +196,8 @@ pub extern "C" fn nsm_get_description(fd: i32, nsm_description: &mut NsmDescript
 /// *Argument 1 (input)*: User data.  
 /// *Argument 2 (input)*: Size of the user data buffer.  
 /// *Returns*: The optional byte buffer.
-unsafe fn get_byte_buf_from_user_data(data: *const u8, len: u32) -> Option<ByteBuf> {
-    let data_vec = nsm_get_vec_from_raw(data, len);
-    data_vec.map(ByteBuf::from)
+unsafe fn get_byte_buf_from_user_data(data: *const u8, len: u32) -> Option<Vec<u8>> {
+    nsm_get_vec_from_raw(data, len)
 }
 
 /// NSM `GetAttestationDoc` operation for non-Rust callers.  

nsm-test/Cargo.toml

@@ -8,8 +8,6 @@ edition = "2018"
 config_emulated = []
 
 [dependencies]
-serde_bytes = "0.11"
-serde_cbor = "0.11"
 aws-nitro-enclaves-nsm-api = { path = "../" }
 nsm-lib = { path = "../nsm-lib" }
 nix = "0.20"

nsm-test/src/bin/nsm-check.rs

@@ -9,7 +9,6 @@
 
 use aws_nitro_enclaves_nsm_api::api::{Digest, Request, Response};
 use aws_nitro_enclaves_nsm_api::driver::{nsm_exit, nsm_init, nsm_process_request};
-use serde_bytes::ByteBuf;
 use std::collections::BTreeSet;
 
 const RESERVED_PCRS: u16 = 5;
@@ -337,9 +336,9 @@ fn check_pcr_locks(ctx: i32, description: &NsmDescription) {
 /// *Argument 4 (input)*: Optional public key.
 fn check_single_attestation(
     ctx: i32,
-    user_data: Option<ByteBuf>,
-    nonce: Option<ByteBuf>,
-    public_key: Option<ByteBuf>,
+    user_data: Option<Vec<u8>>,
+    nonce: Option<Vec<u8>>,
+    public_key: Option<Vec<u8>>,
 ) {
     let response = nsm_process_request(
         ctx,
@@ -369,16 +368,16 @@ fn check_attestation(ctx: i32) {
     check_single_attestation(ctx, None, None, None);
     println!("Checked Request::Attestation without any data.");
 
-    check_single_attestation(ctx, Some(ByteBuf::from(&dummy_data[..])), None, None);
+    check_single_attestation(ctx, Some(dummy_data.clone()), None, None);
     println!(
         "Checked Request::Attestation with user data ({} bytes).",
         DATA_LEN
     );
 
     check_single_attestation(
         ctx,
-        Some(ByteBuf::from(&dummy_data[..])),
-        Some(ByteBuf::from(&dummy_data[..])),
+        Some(dummy_data.clone()),
+        Some(dummy_data.clone()),
         None,
     );
     println!(
@@ -388,9 +387,9 @@ fn check_attestation(ctx: i32) {
 
     check_single_attestation(
         ctx,
-        Some(ByteBuf::from(&dummy_data[..])),
-        Some(ByteBuf::from(&dummy_data[..])),
-        Some(ByteBuf::from(&dummy_data[..])),
+        Some(dummy_data.clone()),
+        Some(dummy_data.clone()),
+        Some(dummy_data),
     );
     println!(
         "Checked Request::Attestation with user data, nonce and public key ({} bytes each).",

nsm-test/src/bin/nsm-multithread.rs

@@ -10,7 +10,6 @@
 
 use aws_nitro_enclaves_nsm_api::api::{Request, Response};
 use aws_nitro_enclaves_nsm_api::driver::{nsm_exit, nsm_init, nsm_process_request};
-use serde_bytes::ByteBuf;
 use std::convert::TryInto;
 use std::sync::atomic;
 use std::sync::Arc;
@@ -54,9 +53,9 @@ fn extend_pcr(ctx: i32, j: usize) {
 /// Returns Ok(()) in case of success
 fn check_single_attestation(
     ctx: i32,
-    user_data: Option<ByteBuf>,
-    nonce: Option<ByteBuf>,
-    public_key: Option<ByteBuf>,
+    user_data: Option<Vec<u8>>,
+    nonce: Option<Vec<u8>>,
+    public_key: Option<Vec<u8>>,
 ) -> Result<(), ErrorCode> {
     let response = nsm_process_request(
         ctx,
@@ -100,7 +99,7 @@ fn check_attestation(ctx: i32, lp: usize) -> Result<(), ErrorCode> {
     );
     now = time::Instant::now();
 
-    check_single_attestation(ctx, Some(ByteBuf::from(&dummy_data[..])), None, None)?;
+    check_single_attestation(ctx, Some(dummy_data[..].to_vec()), None, None)?;
     println!(
         "attestation loop={} w/data took {} ns",
         lp,
@@ -110,8 +109,8 @@ fn check_attestation(ctx: i32, lp: usize) -> Result<(), ErrorCode> {
 
     check_single_attestation(
         ctx,
-        Some(ByteBuf::from(&dummy_data[..])),
-        Some(ByteBuf::from(&dummy_data[..])),
+        Some(dummy_data[..].to_vec()),
+        Some(dummy_data[..].to_vec()),
         None,
     )?;
     println!(
@@ -123,9 +122,9 @@ fn check_attestation(ctx: i32, lp: usize) -> Result<(), ErrorCode> {
 
     check_single_attestation(
         ctx,
-        Some(ByteBuf::from(&dummy_data[..])),
-        Some(ByteBuf::from(&dummy_data[..])),
-        Some(ByteBuf::from(&dummy_data[..])),
+        Some(dummy_data[..].to_vec()),
+        Some(dummy_data[..].to_vec()),
+        Some(dummy_data[..].to_vec()),
     )?;
     println!(
         "attestation loop={} w/user_data, nonce, PK took {} ns",