detee-sgx/examples/mratls_grpcs_client.rs

pub mod pb {
    tonic::include_proto!("/grpc.examples.unaryecho");
}

use hyper::Uri;
use hyper_util::{client::legacy::connect::HttpConnector, rt::TokioExecutor};
use occlum_ratls::prelude::*;
use occlum_ratls::RaTlsConfigBuilder;
use pb::{echo_client::EchoClient, EchoRequest};
use tokio_rustls::rustls::ClientConfig;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    env_logger::init_from_env(env_logger::Env::default().default_filter_or("trace"));

    let mrsigner_hex = "83E8A0C3ED045D9747ADE06C3BFC70FCA661A4A65FF79A800223621162A88B76";
    let mut mrsigner = [0u8; 32];
    hex::decode_to_slice(mrsigner_hex, &mut mrsigner).expect("mrsigner decoding failed");

    let config = RaTlsConfig::new()
        .allow_instance_measurement(InstanceMeasurement::new().with_mrsigners(vec![mrsigner]));

    let tls = ClientConfig::from_ratls_config(config)
        .map_err(|e| std::io::Error::new(std::io::ErrorKind::Other, format!("{}", e)))?;

    let mut http = HttpConnector::new();
    http.enforce_http(false);

    // We have to do some wrapping here to map the request type from
    // `https://example.com` -> `https://[::1]:50051` because `rustls`
    // doesn't accept ip's as `ServerName`.
    let connector = tower::ServiceBuilder::new()
        .layer_fn(move |s| {
            let tls = tls.clone();

            hyper_rustls::HttpsConnectorBuilder::new()
                .with_tls_config(tls)
                .https_or_http()
                .enable_http2()
                .wrap_connector(s)
        })
        .map_request(|_| Uri::from_static("https://[::1]:50051"))
        .service(http);

    let client = hyper_util::client::legacy::Client::builder(TokioExecutor::new()).build(connector);

    let uri = Uri::from_static("https://example.com");
    let mut client = EchoClient::with_origin(client, uri);

    let request = tonic::Request::new(EchoRequest {
        message: "hello".into(),
    });

    let response = client.unary_echo(request).await?;

    println!("RESPONSE={:?}", response);

    Ok(())
}