diff --git a/rewrite/Cargo.toml b/rewrite/Cargo.toml index d35910b..d14075d 100644 --- a/rewrite/Cargo.toml +++ b/rewrite/Cargo.toml @@ -37,7 +37,7 @@ hyper-rustls = { version = "0.27", features = ["http2"] } base64 = "0.22" lazy_static = "1.5" # TODO: create a feature for testing, make occlum feature optional and added only if not compiling for testing -occlum-ratls = { git = "ssh://git@gitea.detee.cloud/vfaychuk/occlum-ratls", features = ["tonic", "occlum"] } +detee-sgx = { git = "ssh://git@gitea.detee.cloud/sgx/detee-sgx", features = ["tonic", "occlum"] } env_logger = "0.11" [build-dependencies] @@ -45,4 +45,4 @@ tonic-build = "0.12" [patch.crates-io.curve25519-dalek] git = "https://github.com/anza-xyz/curve25519-dalek.git" -rev = "b500cdc2a920cd5bff9e2dd974d7b97349d61464" \ No newline at end of file +rev = "b500cdc2a920cd5bff9e2dd974d7b97349d61464" diff --git a/rewrite/deploy_ed25519 b/rewrite/deploy_ed25519 new file mode 100644 index 0000000..de8b221 --- /dev/null +++ b/rewrite/deploy_ed25519 @@ -0,0 +1,7 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACBYdHXQVf+0oYwA5YcRlpgqWCuIWgnNmXHi1LpFlI00+wAAAJAEKIh7BCiI +ewAAAAtzc2gtZWQyNTUxOQAAACBYdHXQVf+0oYwA5YcRlpgqWCuIWgnNmXHi1LpFlI00+w +AAAEAO6GnjVnvVtki2igy1aGZ6Jibtas0M7gU2RH1wzNWlaFh0ddBV/7ShjADlhxGWmCpY +K4haCc2ZceLUukWUjTT7AAAADXZmYXljaHVrQHNneDE= +-----END OPENSSH PRIVATE KEY----- diff --git a/rewrite/scripts/package.sh b/rewrite/scripts/package.sh index 1b8abdb..d1a03f8 100755 --- a/rewrite/scripts/package.sh +++ b/rewrite/scripts/package.sh @@ -15,22 +15,27 @@ if [ "$prerequisites" == "--prep" ]; then mkdir -p /root/.ssh echo - echo "docker cp ~/.ssh/config packager:/root/.ssh/config" - echo "docker cp ~/.ssh/gitea_ed25519 packager:/root/.ssh/gitea_ed25519" + #echo "docker cp ~/.ssh/config packager:/root/.ssh/config" + echo "docker cp deploy_ed25519 packager:/root/.ssh/id_ed25519" echo echo "Run above commands in another terminal" while true; do echo -n "." && sleep 1 - if [ -e ~/.ssh/config ] && [ -e ~/.ssh/gitea_ed25519 ]; then + if [ -e ~/.ssh/id_ed25519 ]; then echo && break fi done chown -R root:root /root/.ssh - chmod 600 /root/.ssh/gitea_ed25519 + chmod 600 /root/.ssh/id_ed25519 ssh-keyscan -H gitea.detee.cloud > ~/.ssh/known_hosts fi +echo "Building the occlum fork" +git clone git@gitea.detee.cloud:SGX/occlum.git +(cd occlum && make submodule) +(cd tools/toolchains/utils_lib && ./build.sh) + echo "Building the hacker-challenge signed bundle" occlum-cargo build --release strip target/x86_64-unknown-linux-musl/release/hacker-challenge @@ -47,6 +52,7 @@ targets: copy: - files: - /opt/occlum/toolchains/dcap_lib/musl/libocclum_dcap.so.0.1.0 + - /opt/occlum/toolchains/utils_lib/musl/libutils_dcap.so.0.1.0 EOF rm -rf challenge_instance && mkdir challenge_instance && cd challenge_instance diff --git a/rewrite/src/grpc/client.rs b/rewrite/src/grpc/client.rs index 8c0ecc6..a0e725e 100644 --- a/rewrite/src/grpc/client.rs +++ b/rewrite/src/grpc/client.rs @@ -50,7 +50,7 @@ impl ConnManager { async fn connect(&self, node_ip: String) -> Result<(), Box> { use hyper::Uri; use hyper_util::{client::legacy::connect::HttpConnector, rt::TokioExecutor}; - use occlum_ratls::{prelude::*, RaTlsConfigBuilder}; + use detee_sgx::{prelude::*, RaTlsConfigBuilder}; use tokio_rustls::rustls::ClientConfig; println!("Connecting to {node_ip}..."); @@ -122,7 +122,7 @@ impl ConnManager { pub async fn key_grabber(node_ip: String) -> Result<(Keypair, Pubkey), Box> { use hyper::Uri; use hyper_util::{client::legacy::connect::HttpConnector, rt::TokioExecutor}; - use occlum_ratls::{prelude::*, RaTlsConfigBuilder}; + use detee_sgx::{prelude::*, RaTlsConfigBuilder}; use tokio_rustls::rustls::ClientConfig; println!("Getting key from {node_ip}..."); diff --git a/rewrite/src/grpc/server.rs b/rewrite/src/grpc/server.rs index e04fdd4..ab1fca6 100644 --- a/rewrite/src/grpc/server.rs +++ b/rewrite/src/grpc/server.rs @@ -29,7 +29,7 @@ impl MyServer { use tonic::{body::boxed, service::Routes}; use tower::{ServiceBuilder, ServiceExt}; - use occlum_ratls::{prelude::*, RaTlsConfigBuilder}; + use detee_sgx::{prelude::*, RaTlsConfigBuilder}; // TODO: ratls config should be global // TODO: error handling, shouldn't have expects