diff --git a/Cargo.toml b/Cargo.toml
index 9d57df6..8a24426 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -28,6 +28,10 @@ hyper-rustls = { version = "0.27", features = ["http2"] }
 prost = "0.13"
 base64 = "0.22"
 lazy_static = "1.5"
+#sgx_tse = { version = "1.1", features = ["capi"] }
+#sgx_tse = "1.1"
+#sgx_types = "1.1"
+sgx_tseal = "1.1"
 
 [dependencies.tonic]
 version = "0.12"
diff --git a/build.rs b/build.rs
index ef14947..3a075aa 100644
--- a/build.rs
+++ b/build.rs
@@ -1,13 +1,22 @@
 fn main() {
-    // TODO: should be conditional on the target platform (musl vs glibc)
+    //println!("cargo:rerun-if-env-changed=CARGO_CFG_TARGET_ENV");
 
     #[cfg(feature = "occlum")]
     {
-        println!("cargo:rustc-link-search=/opt/occlum/toolchains/dcap_lib/musl");
-        println!("cargo:rustc-link-lib=occlum_dcap");
-    }
+        let target = std::env::var("CARGO_CFG_TARGET_ENV").unwrap_or_default();
+        let dcap_lib_path = match target.as_str() {
+            "musl" => "/opt/occlum/toolchains/dcap_lib/musl",
+            _ => "/opt/occlum/toolchains/dcap_lib/glibc", // gnu, msvc, sgx...
+        };
 
-    // Cargo will automatically know it must look for `libocclum_dcap.a`
+        // Doesn't use standard C library, safe to compile with both musl and glibc
+        println!("cargo:rustc-link-search=crate=/opt/intel/sgxsdk/lib64");
+        println!("cargo:rustc-link-search=crate={}", dcap_lib_path);
+
+        // Cargo will look for `libocclum_dcap.a` and `libsgx_tservice.a`
+        println!("cargo:rustc-link-lib=static:+whole-archive=occlum_dcap");
+        println!("cargo:rustc-link-lib=static:+whole-archive=sgx_tservice");
+    }
 
     #[cfg(feature = "tonic")]
     tonic_build::configure()
diff --git a/examples/sealing.rs b/examples/sealing.rs
new file mode 100644
index 0000000..9cfadb1
--- /dev/null
+++ b/examples/sealing.rs
@@ -0,0 +1,12 @@
+use sgx_tseal::SgxSealedData;
+
+fn main() {
+    println!("Example of sealing");
+    let text = "sealed text";
+    let additional_text = "additional";
+    let sealed_data =
+        SgxSealedData::seal_data(additional_text.as_bytes(), text.as_bytes()).unwrap();
+    let unsealed_data = SgxSealedData::unseal_data(&sealed_data).unwrap();
+    let text: &str = unsealed_data.get_decrypt_text();
+    println!("Unsealed text: {}", text);
+}