feat: enable TDX tasks support

gradle.properties

@@ -1,8 +1,8 @@
 # x-release-please-start-version
 version=9.0.0
 # x-release-please-end
-iexecCommonVersion=9.0.0
-iexecCommonsPocoVersion=5.0.0
+iexecCommonsPocoVersion=5.3.1
+iexecCommonVersion=9.2.0
 
 nexusUser
 nexusPassword

src/main/java/com/iexec/resultproxy/authorization/AuthorizationService.java

@@ -92,7 +92,7 @@ public Optional<AuthorizationError> isAuthorizedOnExecutionWithDetailedIssue(fin
         }
 
         final boolean isTeeTask = !workerpoolAuthorization.getEnclaveChallenge().equals(BytesUtils.EMPTY_ADDRESS);
-        final boolean isTeeTaskOnchain = TeeUtils.isTeeTag(chainDeal.getTag());
+        final boolean isTeeTaskOnchain = TeeUtils.getTeeFramework(chainDeal.getTag()) != null;
         if (isTeeTask != isTeeTaskOnchain) {
             log.error("Could not match on-chain task type [isTeeTask:{}, isTeeTaskOnchain:{}, chainTaskId:{}, walletAddress:{}]",
                     isTeeTask, isTeeTaskOnchain, chainTaskId, workerpoolAuthorization.getWorkerWallet());

src/main/java/com/iexec/resultproxy/proxy/ProxyService.java

@@ -103,7 +103,7 @@ boolean canUploadResult(ResultModel model, String walletAddress) {
             return false;
         }
 
-        final boolean isTeeTask = TeeUtils.isTeeTag(chainDeal.getTag());
+        final boolean isTeeTask = TeeUtils.getTeeFramework(chainDeal.getTag()) != null;
 
         // Standard tasks
         if (!isTeeTask) {

src/main/java/com/iexec/resultproxy/result/Result.java

@@ -5,6 +5,10 @@
 import lombok.Data;
 import lombok.NoArgsConstructor;
 
+/**
+ * @deprecated never used
+ */
+@Deprecated(forRemoval = true)
 @Data
 @AllArgsConstructor
 @NoArgsConstructor

src/test/java/com/iexec/resultproxy/TestUtils.java

@@ -19,12 +19,13 @@
 import com.iexec.commons.poco.chain.ChainDeal;
 import com.iexec.commons.poco.chain.ChainTask;
 import com.iexec.commons.poco.chain.ChainTaskStatus;
-import com.iexec.commons.poco.tee.TeeUtils;
+import com.iexec.commons.poco.order.OrderTag;
 import lombok.AccessLevel;
 import lombok.NoArgsConstructor;
 
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
+import java.util.Optional;
 
 @NoArgsConstructor(access = AccessLevel.PRIVATE)
 public class TestUtils {
@@ -36,18 +37,24 @@ public class TestUtils {
     public static final String POOL_WRONG_SIGNATURE = "0xf869daaca2407b7eabd27c3c4c5a3f3565172ca7211ac1d8bfacea2beb511a4029446a07cccc0884"
             + "c2193b269dfb341461db8c680a8898bb53862d6e48340c2e1b";
 
-    public static ChainDeal getChainDeal() {
-        return ChainDeal.builder()
+    public static final String RESULT_DIGEST = "0x3210";
+    public static final String RESULT_HASH = "0x97f68778e2fa9d60e58ceb64de2c0e72e309400c3168c69499db2140fad28039";
+    public static final String WALLET_ADDRESS = "0x123abc";
+    public static final String WORKER_ADDRESS = "0xabc123";
+
+    public static Optional<ChainDeal> getChainDeal(final OrderTag tag) {
+        return Optional.of(ChainDeal.builder()
                 .poolOwner(POOL_ADDRESS)
-                .tag(TeeUtils.TEE_SCONE_ONLY_TAG)
-                .build();
+                .tag(tag.getValue())
+                .requester(WALLET_ADDRESS)
+                .build());
     }
 
-    public static ChainTask getChainTask(ChainTaskStatus status) {
-        return ChainTask.builder()
+    public static Optional<ChainTask> getChainTask(final ChainTaskStatus status) {
+        return Optional.of(ChainTask.builder()
                 .dealid(CHAIN_DEAL_ID)
                 .finalDeadline(Instant.now().plus(5L, ChronoUnit.SECONDS).toEpochMilli())
                 .status(status)
-                .build();
+                .build());
     }
 }

src/test/java/com/iexec/resultproxy/authorization/AuthorizationServiceTests.java

@@ -17,9 +17,9 @@
 package com.iexec.resultproxy.authorization;
 
 import com.iexec.common.result.ResultModel;
-import com.iexec.commons.poco.chain.ChainDeal;
 import com.iexec.commons.poco.chain.ChainTask;
 import com.iexec.commons.poco.chain.WorkerpoolAuthorization;
+import com.iexec.commons.poco.order.OrderTag;
 import com.iexec.commons.poco.security.Signature;
 import com.iexec.commons.poco.utils.BytesUtils;
 import com.iexec.commons.poco.utils.HashUtils;
@@ -28,6 +28,8 @@
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.EnumSource;
 import org.mockito.Mock;
 import org.mockito.junit.jupiter.MockitoExtension;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -63,8 +65,6 @@
 @ExtendWith(MockitoExtension.class)
 class AuthorizationServiceTests {
 
-    private static final String RESULT_DIGEST = "0x3210";
-
     @Container
     private static final MongoDBContainer mongoDBContainer = new MongoDBContainer(DockerImageName.parse(System.getProperty("mongo.image")));
 
@@ -93,13 +93,12 @@ void beforeEach() throws GeneralSecurityException {
     }
 
     // region isAuthorizedOnExecutionWithDetailedIssue
-    @Test
-    void shouldBeAuthorizedOnExecutionOfTeeTaskWithDetails() {
-        final ChainDeal chainDeal = getChainDeal();
-        final ChainTask chainTask = getChainTask(ACTIVE);
+    @ParameterizedTest
+    @EnumSource(value = OrderTag.class, names = {"TEE_GRAMINE", "TEE_SCONE", "TEE_TDX"})
+    void shouldBeAuthorizedOnExecutionOfTeeTaskWithDetails(final OrderTag tag) {
         final WorkerpoolAuthorization auth = getWorkerpoolAuthorization(true);
-        when(iexecHubService.getChainTask(auth.getChainTaskId())).thenReturn(Optional.of(chainTask));
-        when(iexecHubService.getChainDeal(chainTask.getDealid())).thenReturn(Optional.of(chainDeal));
+        when(iexecHubService.getChainTask(auth.getChainTaskId())).thenReturn(getChainTask(ACTIVE));
+        when(iexecHubService.getChainDeal(CHAIN_DEAL_ID)).thenReturn(getChainDeal(tag));
 
         final Optional<AuthorizationError> isAuth = authorizationService.isAuthorizedOnExecutionWithDetailedIssue(auth);
         assertThat(isAuth).isEmpty();
@@ -118,17 +117,16 @@ void shouldNotBeAuthorizedOnExecutionOfTeeTaskWithEmptyAuthorizationWithDetails(
         assertThat(isAuth).isEqualTo(Optional.of(EMPTY_PARAMS_UNAUTHORIZED));
     }
 
-    @Test
-    void shouldNotBeAuthorizedOnExecutionOfTeeTaskWhenTaskTypeNotMatchedOnchainWithDetails() {
-        final ChainDeal chainDeal = getChainDeal();
-        final ChainTask chainTask = getChainTask(ACTIVE);
+    @ParameterizedTest
+    @EnumSource(value = OrderTag.class, names = {"TEE_GRAMINE", "TEE_SCONE", "TEE_TDX"})
+    void shouldNotBeAuthorizedOnExecutionOfTeeTaskWhenTaskTypeNotMatchedOnchainWithDetails(final OrderTag tag) {
         final WorkerpoolAuthorization auth = WorkerpoolAuthorization.builder()
                 .chainTaskId("0x1111111111111111111111111111111111111111111111111111111111111111")
                 .workerWallet("0x87ae2b87b5db23830572988fb1f51242fbc471ce")
                 .enclaveChallenge(BytesUtils.EMPTY_ADDRESS)
                 .build();
-        when(iexecHubService.getChainTask(auth.getChainTaskId())).thenReturn(Optional.of(chainTask));
-        when(iexecHubService.getChainDeal(chainTask.getDealid())).thenReturn(Optional.of(chainDeal));
+        when(iexecHubService.getChainTask(auth.getChainTaskId())).thenReturn(getChainTask(ACTIVE));
+        when(iexecHubService.getChainDeal(CHAIN_DEAL_ID)).thenReturn(getChainDeal(tag));
 
         final Optional<AuthorizationError> isAuth = authorizationService.isAuthorizedOnExecutionWithDetailedIssue(auth);
         assertThat(isAuth).isEqualTo(Optional.of(NO_MATCH_ONCHAIN_TYPE));
@@ -158,26 +156,24 @@ void shouldNotBeAuthorizedOnExecutionOfTeeTaskWhenFinalDeadlineReached() {
 
     @Test
     void shouldNotBeAuthorizedOnExecutionOfTeeTaskWhenGetDealFailedWithDetails() {
-        final ChainTask chainTask = getChainTask(ACTIVE);
         final Signature wrongSignature = new Signature(POOL_WRONG_SIGNATURE);
         final WorkerpoolAuthorization auth = getWorkerpoolAuthorizationWithWrongSignature(wrongSignature);
 
-        when(iexecHubService.getChainTask(auth.getChainTaskId())).thenReturn(Optional.of(chainTask));
-        when(iexecHubService.getChainDeal(chainTask.getDealid())).thenReturn(Optional.empty());
+        when(iexecHubService.getChainTask(CHAIN_TASK_ID)).thenReturn(getChainTask(ACTIVE));
+        when(iexecHubService.getChainDeal(CHAIN_DEAL_ID)).thenReturn(Optional.empty());
 
         final Optional<AuthorizationError> isAuth = authorizationService.isAuthorizedOnExecutionWithDetailedIssue(auth);
         assertThat(isAuth).isEqualTo(Optional.of(GET_CHAIN_DEAL_FAILED));
     }
 
-    @Test
-    void shouldNotBeAuthorizedOnExecutionOfTeeTaskWhenPoolSignatureIsNotValidWithDetails() {
-        final ChainDeal chainDeal = getChainDeal();
-        final ChainTask chainTask = getChainTask(ACTIVE);
+    @ParameterizedTest
+    @EnumSource(value = OrderTag.class, names = {"TEE_GRAMINE", "TEE_SCONE", "TEE_TDX"})
+    void shouldNotBeAuthorizedOnExecutionOfTeeTaskWhenPoolSignatureIsNotValidWithDetails(final OrderTag tag) {
         final Signature wrongSignature = new Signature(POOL_WRONG_SIGNATURE);
         final WorkerpoolAuthorization auth = getWorkerpoolAuthorizationWithWrongSignature(wrongSignature);
 
-        when(iexecHubService.getChainTask(auth.getChainTaskId())).thenReturn(Optional.of(chainTask));
-        when(iexecHubService.getChainDeal(chainTask.getDealid())).thenReturn(Optional.of(chainDeal));
+        when(iexecHubService.getChainTask(auth.getChainTaskId())).thenReturn(getChainTask(ACTIVE));
+        when(iexecHubService.getChainDeal(CHAIN_DEAL_ID)).thenReturn(getChainDeal(tag));
 
         final Optional<AuthorizationError> isAuth = authorizationService.isAuthorizedOnExecutionWithDetailedIssue(auth);
         assertThat(isAuth).isEqualTo(Optional.of(INVALID_SIGNATURE));
@@ -277,7 +273,7 @@ void shouldNotAddAuthorizationTwiceInCollection() {
     // endregion
 
     // region utils
-    String getEnclaveSignature(final ECKeyPair ecKeyPair) {
+    private String getEnclaveSignature(final ECKeyPair ecKeyPair) {
         final String resultHash = HashUtils.concatenateAndHash(CHAIN_TASK_ID, RESULT_DIGEST);
         final String resultSeal = HashUtils.concatenateAndHash(workerCreds.getAddress(), CHAIN_TASK_ID, RESULT_DIGEST);
         final String messageHash = HashUtils.concatenateAndHash(resultHash, resultSeal);