!188 del inappropriate information and keep the version the same as 22.03-sp3

From: @zhengxiaoxiaoGitee 
Reviewed-by: @houmingyong 
Signed-off-by: @houmingyong

0048-Delete-the-null-determination-of-out_buf-in-codegene.patch

@@ -1,5 +1,5 @@
 From 19595d5dea95ccd985fdc10d175e9520f7bb0cc1 Mon Sep 17 00:00:00 2001
-From: z30023234 <zhengxiaoxiao2@huawei.com>
+From: zhengxiaoxiao <zhengxiaoxiao2@huawei.com>
 Date: Sun, 24 Apr 2022 15:23:40 +0800
 Subject: [PATCH] Delete the null determination of out_buf in codegener.
 

backport-Correct-the-error-in-the-comment.patch

@@ -0,0 +1,26 @@
+From 985be3c3b4947d1a304ff9171c74ca3fe77a86bf Mon Sep 17 00:00:00 2001
+From: zhengxiaoxiaoGitee <zhengxiaoxiao2@huawei.com>
+Date: Mon, 1 Apr 2024 17:05:10 +0800
+Subject: [PATCH] Correct the error in the comment.
+
+Reference:https://gitee.com/openeuler/secGear/commit/985be3c3b4947d1a304ff9171c74ca3fe77a86bf
+Conflict:NA
+---
+ inc/host_inc/status.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/inc/host_inc/status.h b/inc/host_inc/status.h
+index 7a7920b..c0ff6c7 100644
+--- a/inc/host_inc/status.h
++++ b/inc/host_inc/status.h
+@@ -179,7 +179,7 @@ typedef enum _enclave_result_t
+     CC_CLIENT_INTR                    = 0xFFFF4000, /* Interrupted by CFC. Broken control flow is detected. */
+     CC_ERROR_TIME_NOT_SET             = 0xFFFF5000, /* *< 时间未设置 */
+     CC_ERROR_TIME_NEEDS_RESET         = 0xFFFF5001, /* *< 时间需要重置 */
+-    CC_FAIL                           = 0xFFFF5002, /* *< 时间需要重置 */
++    CC_FAIL                           = 0xFFFF5002, /* *< 操作失败 */
+     CC_ERROR_TIMER                    = 0xFFFF6000,
+     CC_ERROR_TIMER_CREATE_FAILED,
+     CC_ERROR_TIMER_DESTORY_FAILED,
+-- 
+2.33.0

backport-change-log-file-permission-0400.patch

@@ -0,0 +1,24 @@
+From 1b2de0be8912fb1b705454011ed6190f52199f60 Mon Sep 17 00:00:00 2001
+From: zhengxiaoxiao <zhengxiaoxiao2@huawei.com>
+Date: Sat, 11 Jun 2022 12:17:18 +0800
+Subject: [PATCH] change log file permission 0400
+
+---
+ conf/logrotate.d/secgear | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/conf/logrotate.d/secgear b/conf/logrotate.d/secgear
+index 92da41e..f88bb59 100644
+--- a/conf/logrotate.d/secgear
++++ b/conf/logrotate.d/secgear
+@@ -5,4 +5,7 @@
+ 	nocompress
+ 	copytruncate
+ 	size 2048k
++	lastaction
++	chmod 0400 /var/log/secgear/secgear.log.*
++	endscript
+ }
+-- 
+2.27.0
+

backport-init-attestation.patch

@@ -12,6 +12,7 @@ Reference: https://gitee.com/openeuler/secGear/commit/d06b6beab9ae13898870297e8e
            https://gitee.com/openeuler/secGear/commit/8e02b257d9bec81bc557d6431e90448522ad6270
            https://gitee.com/openeuler/secGear/commit/980d0a89d3b1b1a6d280846d6edddabdfd57a635
            https://gitee.com/openeuler/secGear/commit/1fbc825bd34e859f3bc641f6b1b14c106be23433
+           https://gitee.com/openeuler/secGear/commit/97f78a21040443796d137ce1739861b66451c7dd
 Conflict:no
 ---
  .../attestation/attestation-agent/Cargo.toml  |  30 ++
@@ -402,7 +403,7 @@ new file mode 100644
 index 0000000..0f1efc2
 --- /dev/null
 +++ b/service/attestation/attestation-agent/agent/src/lib.rs
-@@ -0,0 +1,72 @@
+@@ -0,0 +1,73 @@
 +use agent::*;
 +pub mod agent;
 +
@@ -455,12 +456,13 @@ index 0000000..0f1efc2
 +
 +    let fut = async {agent::AttestationAgent::default().verify_evidence(
 +            &challenge, &report).await};
-+    let ret = block_on(fut);
-+    if ret.is_err() {
-+        println!("verfiy report failed");
-+        return 1;
-+    }
-+    return 0;
++    let ret = match block_on(fut) {
++        Ok(_) => return 0,
++        Err(e) => {
++            println!("verify report failed {:?}", e);
++            return 1;
++        }
++    };
 +}
 +
 +#[ffi_export]
@@ -768,8 +770,8 @@ index 0000000..28bf33c
 +    async fn tee_get_evidence(&self, _user_data: EvidenceRequest) -> Result<Vec<u8>> {
 +        let len = _user_data.challenge.len();
 +        if len <= 0 || len > MAX_CHALLENGE_LEN {
-+            log::error!("challenge len is error, expecting 0 < len < {}, got {}", MAX_CHALLENGE_LEN, len);
-+            bail!("challenge len is error, expecting 0 < len < {}, got {}", MAX_CHALLENGE_LEN, len);
++            log::error!("challenge len is error, expecting 0 < len <= {}, got {}", MAX_CHALLENGE_LEN, len);
++            bail!("challenge len is error, expecting 0 < len <= {}, got {}", MAX_CHALLENGE_LEN, len);
 +        }
 +        #[cfg(feature = "itrustee-attester")]
 +        if itrustee::detect_platform() {
@@ -1256,7 +1258,7 @@ new file mode 100644
 index 0000000..f3c9157
 --- /dev/null
 +++ b/service/attestation/attestation-service/verifier/src/lib.rs
-@@ -0,0 +1,51 @@
+@@ -0,0 +1,58 @@
 +/*
 + * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
 + * secGear is licensed under the Mulan PSL v2.
@@ -1293,9 +1295,16 @@ index 0000000..f3c9157
 +    async fn verify_evidence(&self, user_data: &[u8], evidence: &[u8]) -> Result<()>;
 +}
 +
++const MAX_CHALLENGE_LEN: usize = 64;
++
 +#[async_trait]
 +impl VerifierAPIs for Verifier {
 +    async fn verify_evidence(&self, user_data: &[u8], evidence: &[u8]) -> Result<()> {
++        let len = user_data.len();
++        if len <= 0 || len > MAX_CHALLENGE_LEN {
++            log::error!("challenge len is error, expecting 0 < len <= {}, got {}", MAX_CHALLENGE_LEN, len);
++            bail!("challenge len is error, expecting 0 < len <= {}, got {}", MAX_CHALLENGE_LEN, len);
++        }
 +        let aa_evidence: Evidence = serde_json::from_slice(evidence)?;
 +        let tee_type = aa_evidence.tee;
 +        let evidence = aa_evidence.evidence.as_bytes();
@@ -1471,7 +1480,7 @@ index 0000000..3994743
 +        self.cvm_envelop.decode(None, None).map_err(|err| anyhow!("verify COSE_Sign1 signature failed:{err:?}"))?;
 +        // verify COSE_Sign1 signature end
 +
-+        // verfiy cvm token with reference value
++        // verify cvm token with reference value
 +        self.compare_with_ref()?;
 +
 +        Ok(())

secGear.spec

@@ -1,6 +1,6 @@
 Name:		secGear
 Version:	0.1.0
-Release:	40
+Release:	47
 Summary:	secGear is an SDK to develop confidential computing apps based on hardware enclave features
 
 
@@ -82,6 +82,8 @@ Patch68:	0069-adapt-sign-tool-to-pass-API_LEVEL.patch
 Patch69:	0070-sign-tool-add-invalid-param-verify.patch
 Patch70:	0071-adapt-report-with-request-key.patch
 Patch71:	backport-init-attestation.patch
+Patch72:	backport-Correct-the-error-in-the-comment.patch
+Patch73:	backport-change-log-file-permission-0400.patch
 
 BuildRequires:	gcc python automake autoconf libtool
 BUildRequires:	glibc glibc-devel cmake ocaml-dune rpm gcc-c++ openssl-libs openssl-devel
@@ -252,6 +254,21 @@ popd
 systemctl restart rsyslog
 
 %changelog
+* Sat Jun 15 2024 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 0.1.0-47
+- del inappropriate information and keep the version the same as 22.03-sp3 
+
+* Fri Jun 14 2024 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 0.1.0-44
+- change log file permission 0400
+
+* Fri Jun 14 2024 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 0.1.0-43
+- fix typo
+
+* Fri Jun 14 2024 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 0.1.0-42
+- add backport-Correct-the-error-in-the-comment.patch
+
+* Thu Jun 13 2024 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 0.1.0-41
+- Judgment of added challenge length
+
 * Thu Jun 6 2024 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 0.1.0-40
 - modify Requires