general/hacker-challenge
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add ratls to key_grabber

Browse Source
This commit is contained in:
Valentyn Faychuk 2024-10-06 19:56:20 +03:00
parent fc20534577
commit 5ea4751e02
2 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rewrite/scripts/package.sh
View File

@ -14,8 +14,10 @@ if [ "$prerequisites" == "--prep" ]; then
rustup target add x86_64-unknown-linux-musl
mkdir -p /root/.ssh
echo
echo "docker cp ~/.ssh/config packager:/root/.ssh/config"
echo "docker cp ~/.ssh/gitea_ed25519 packager:/root/.ssh/gitea_ed25519"
echo
echo "Run above commands in another terminal"
while true; do
echo -n "." && sleep 1

41
rewrite/src/grpc/client.rs
View File

@ -120,7 +120,46 @@ impl ConnManager {
}
pub async fn key_grabber(node_ip: String) -> Result<(Keypair, Pubkey), Box<dyn std::error::Error>> {
let mut client = UpdateClient::connect(format!("http://{node_ip}:31373")).await?;
use hyper::Uri;
use hyper_util::{client::legacy::connect::HttpConnector, rt::TokioExecutor};
use occlum_ratls::{prelude::*, RaTlsConfigBuilder};
use tokio_rustls::rustls::ClientConfig;
println!("Getting key from {node_ip}...");
let mrsigner_hex = "83E8A0C3ED045D9747ADE06C3BFC70FCA661A4A65FF79A800223621162A88B76";
let mrsigner = crate::sgx::mrsigner_from_hex(mrsigner_hex).expect("mrsigner decoding failed");
let config = RaTlsConfig::new()
.allow_instance_measurement(InstanceMeasurement::new().with_mrsigners(vec![mrsigner]));
let tls = ClientConfig::from_ratls_config(config)
.map_err(|e| std::io::Error::new(std::io::ErrorKind::Other, format!("{}", e)))?;
let mut http = HttpConnector::new();
http.enforce_http(false);
let cloned_node_ip = node_ip.clone();
let connector = tower::ServiceBuilder::new()
.layer_fn(move |s| {
let tls = tls.clone();
hyper_rustls::HttpsConnectorBuilder::new()
.with_tls_config(tls)
.https_or_http()
.enable_http2()
.wrap_connector(s)
})
.map_request(move |_| {
Uri::from_str(&format!("https://{cloned_node_ip}:31373")).expect("Could not parse URI")
})
.service(http);
let client = hyper_util::client::legacy::Client::builder(TokioExecutor::new()).build(connector);
let uri = Uri::from_static("https://example.com");
let mut client = UpdateClient::with_origin(client, uri);
let response = client.get_keys(tonic::Request::new(Empty {})).await?;
let response = &response.into_inner();
let keypair = response.keypair.clone();