deploy key for fetching occlum and detee-sgx

rewrite/Cargo.toml

@@ -37,7 +37,7 @@ hyper-rustls = { version = "0.27", features = ["http2"] }
 base64 = "0.22"
 lazy_static = "1.5"
 # TODO: create a feature for testing, make occlum feature optional and added only if not compiling for testing
-occlum-ratls = { git = "ssh://git@gitea.detee.cloud/vfaychuk/occlum-ratls", features = ["tonic", "occlum"] }
+detee-sgx = { git = "ssh://git@gitea.detee.cloud/sgx/detee-sgx", features = ["tonic", "occlum"] }
 env_logger = "0.11"
 
 [build-dependencies]

rewrite/deploy_ed25519

@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACBYdHXQVf+0oYwA5YcRlpgqWCuIWgnNmXHi1LpFlI00+wAAAJAEKIh7BCiI
+ewAAAAtzc2gtZWQyNTUxOQAAACBYdHXQVf+0oYwA5YcRlpgqWCuIWgnNmXHi1LpFlI00+w
+AAAEAO6GnjVnvVtki2igy1aGZ6Jibtas0M7gU2RH1wzNWlaFh0ddBV/7ShjADlhxGWmCpY
+K4haCc2ZceLUukWUjTT7AAAADXZmYXljaHVrQHNneDE=
+-----END OPENSSH PRIVATE KEY-----

rewrite/scripts/package.sh

@@ -15,22 +15,27 @@ if [ "$prerequisites" == "--prep" ]; then
     mkdir -p /root/.ssh
 
     echo
-    echo "docker cp ~/.ssh/config packager:/root/.ssh/config"
+    #echo "docker cp ~/.ssh/config packager:/root/.ssh/config"
-    echo "docker cp ~/.ssh/gitea_ed25519 packager:/root/.ssh/gitea_ed25519"
+    echo "docker cp deploy_ed25519 packager:/root/.ssh/id_ed25519"
     echo
     echo "Run above commands in another terminal"
     while true; do
         echo -n "." && sleep 1
-        if [ -e ~/.ssh/config ] && [ -e ~/.ssh/gitea_ed25519 ]; then
+        if [ -e ~/.ssh/id_ed25519 ]; then
           echo && break
         fi
     done
 
     chown -R root:root /root/.ssh
-    chmod 600 /root/.ssh/gitea_ed25519
+    chmod 600 /root/.ssh/id_ed25519
     ssh-keyscan -H gitea.detee.cloud > ~/.ssh/known_hosts
 fi
 
+echo "Building the occlum fork"
+git clone git@gitea.detee.cloud:SGX/occlum.git
+(cd occlum && make submodule)
+(cd tools/toolchains/utils_lib && ./build.sh)
+
 echo "Building the hacker-challenge signed bundle"
 occlum-cargo build --release
 strip target/x86_64-unknown-linux-musl/release/hacker-challenge
@@ -47,6 +52,7 @@ targets:
     copy:
       - files:
         - /opt/occlum/toolchains/dcap_lib/musl/libocclum_dcap.so.0.1.0
+        - /opt/occlum/toolchains/utils_lib/musl/libutils_dcap.so.0.1.0
 EOF
 
 rm -rf challenge_instance && mkdir challenge_instance && cd challenge_instance

rewrite/src/grpc/client.rs

@@ -50,7 +50,7 @@ impl ConnManager {
     async fn connect(&self, node_ip: String) -> Result<(), Box<dyn std::error::Error>> {
         use hyper::Uri;
         use hyper_util::{client::legacy::connect::HttpConnector, rt::TokioExecutor};
-        use occlum_ratls::{prelude::*, RaTlsConfigBuilder};
+        use detee_sgx::{prelude::*, RaTlsConfigBuilder};
         use tokio_rustls::rustls::ClientConfig;
 
         println!("Connecting to {node_ip}...");
@@ -122,7 +122,7 @@ impl ConnManager {
 pub async fn key_grabber(node_ip: String) -> Result<(Keypair, Pubkey), Box<dyn std::error::Error>> {
     use hyper::Uri;
     use hyper_util::{client::legacy::connect::HttpConnector, rt::TokioExecutor};
-    use occlum_ratls::{prelude::*, RaTlsConfigBuilder};
+    use detee_sgx::{prelude::*, RaTlsConfigBuilder};
     use tokio_rustls::rustls::ClientConfig;
 
     println!("Getting key from {node_ip}...");

rewrite/src/grpc/server.rs

@@ -29,7 +29,7 @@ impl MyServer {
         use tonic::{body::boxed, service::Routes};
         use tower::{ServiceBuilder, ServiceExt};
 
-        use occlum_ratls::{prelude::*, RaTlsConfigBuilder};
+        use detee_sgx::{prelude::*, RaTlsConfigBuilder};
 
         // TODO: ratls config should be global
         // TODO: error handling, shouldn't have expects