Skip to content

S
sgxwallet
Unverified Commit aa697c49 authored by svetaro's avatar svetaro
Browse files
Options

Merge branch 'feature/SKALE-1850-remove-extra-dependencies-from-SGX' of... 

Merge branch 'feature/SKALE-1850-remove-extra-dependencies-from-SGX' of https://github.com/skalenetwork/sgxwallet into feature/SKALE-1850-remove-extra-dependencies-from-SGX
parents 225a82ba f64cb4c7
Expand all Show whitespace changes
Inline Side-by-side
Showing with 199 additions and 173 deletions
README.md
View file @ aa697c49
...@@ -107,7 +107,7 @@ This will run the server in a Docker container named sgxwallet ...@@ -107,7 +107,7 @@ This will run the server in a Docker container named sgxwallet
You can check that the server is running by doing You can check that the server is running by doing
``` ```
telnet localhost 2027 telnet localhost 1030
``` ```
You can start and stop running sgxwallet container by doing You can start and stop running sgxwallet container by doing
...@@ -128,4 +128,58 @@ To add new source and include files to app and enclave, edit the corresponding * ...@@ -128,4 +128,58 @@ To add new source and include files to app and enclave, edit the corresponding *
If you change **.edl** file, you need to re-run configure too. If you change **.edl** file, you need to re-run configure too.
## Example of client certificate instantiation
Go to the project's top directory, then run
```
export CSR_FILE=a.csr
export KEY_FILE=k.key
export CERT_NAME_UNIQUE=someVeryUniqueName
openssl req -new -sha256 -nodes -out $CSR_FILE -newkey rsa:2048 -keyout $KEY_FILE -subj /CN=$CERT_NAME_UNIQUE
cat $CSR_FILE
cat $KEY_FILE
export KEY_PEM_FILE=k.pem
openssl rsa -in $KEY_FILE -text > $KEY_PEM_FILE
cat $KEY_PEM_FILE
```
Next, send content of `a.csr` as single line (by replacing real end of lines with `\n`) to port `1031`:
```
export URL_SGX_WALLET="http://127.0.0.1:1031"
curl -X POST --data '{ "jsonrpc": "2.0", "id": 2, "method": "SignCertificate", "params": { "certificate": "-----BEGIN CERTIFICATE REQUEST-----\nMIICYjCCAUoCAQAwHTEbMBkGA1UEAwwSc29tZVZlcnlVbmlxdWVOYW1lMIIBIjAN\nBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3C4ceRhzMAZnG87PwlkzMROHsm3B\ncPydIeiqs1dieuuvVETJqbXAcOENNsGA+AdXjZwFkDuIS24p2yZ8AwuIMAwdMsGa\n5Hzk0ugOy52iPyGEuooqV94nnL6eWw/zryTvkk7j239wMWn5our5Ia1/CBQlXXo2\n4IWTWfWYOz26SWUh4DuvzMOheMVSxg3KLaxpx7Bq09p32lR9xpl53+HqxSDIMYh9\nC3y3kA6NdkKsGE/Jt4WoZ5S5LlrhYjw+PFTeX2lbGDZpn/sxQIM16Pxo2LCfefIa\nik+aZBEAlpn22ljLZ5sEcVgBmOlL+v3waq9u0AaSYzdGFRA+0ceVwU/QTQIDAQAB\noAAwDQYJKoZIhvcNAQELBQADggEBAJXodL69Q/8zDt24AySXK0ksV3C3l5l10Hno\nfF6zKypsYev33CFbZu6HweSgK2f21+DeI9TsGKJxI7K6MUqyH0pJhwlFSeMB5/qP\nJueqXMuvStZSp0GGTaNy7Al/jzOKYNf0ePsv/Rx8NcOdy7RCZE0gW998B5jKb66x\nPgy6QvD8CkZULiRScYlOC8Ex6nc+1Z54pRC1NFWs/ugGyFgLJHy0J2gNkOv6yfsl\nH3V/ocCYSoF4ToUQAxwx+dcy4PXrL9vKzRNJgWzsI/LzCZkglo8iis9YZQawDOUf\nGmDMDkr0Fx1W1tSEpvkw0flkAXZ8PhIGCC0320jkuPeClt7OWNs=\n-----END CERTIFICATE REQUEST-----\n" } }' -H 'content-type:application/json;' $URL_SGX_WALLET
```
Above produces on success:
```
{"id":2,"jsonrpc":"2.0","result":{"errorMessage":"","result":true,"status":0}}
```
Next, generate client certificate signed by root ones:
```
cd cert
./create_client_cert
ls -1
cat client.crt
openssl x509 -inform PEM -in client.crt > client.pem
cat client.pem
cd ..
```
Finally, do a test call such as importing BLS key:
```
export URL_SGX_WALLET="https://127.0.0.1:1030"
curl \
-X POST --data '{ "jsonrpc": "2.0", "id": 1, "method": "importBLSKeyShare", "params": { "keyShareName": "nBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3C4ceRhzMAZnG87PwlkzMROHsm3B", "n": 2, "t": 2, "index" : 1, "keyShare": "21043165427057050523208250969869713544622230829814517880078280390613973680760" } }' -H 'content-type:application/json;' \
-v --cacert ./cert/rootCA.pem --key $KEY_PEM_FILE --cert ./cert/client.pem $URL_SGX_WALLET -k
```
Above produces on success:
```
{"id":1,"jsonrpc":"2.0","result":{"encryptedKeyShare":"0400020000000000040effffff02000000000000000000000b000000000000ff0000000000000000cecb5d7bd507cb936464fdb6b88cfe80e38eae963af6a39b6b05cdfba5521c60000000f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000080000000000000000000000000000000875c0520e8d6739c440e0e5073633861769fc1d31d627e9a72c66d43871c62bce2cc48e821341e10784242c4c8aad6ca73a491cbf7453c2ff012b6b3d9d96823c0256992d9792ea60269789b2d51ae87c75fe522dbcb8053458c1bca421cbc57f4a58e4e5689d534ca0303db83c7a9e88cd23afe3a39e1a3801371c95e7ffa54e834c6be8853983dcaa1fa9f5e6959a5","errorMessage":"","status":0}}
```
aclocal.m4
View file @ aa697c49
This diff is collapsed.
compile
View file @ aa697c49
/usr/share/automake-1.16/compile /usr/share/automake-1.15/compile
\ No newline at end of file \ No newline at end of file
depcomp
View file @ aa697c49
/usr/share/automake-1.16/depcomp /usr/share/automake-1.15/depcomp
\ No newline at end of file \ No newline at end of file
install-sh
View file @ aa697c49
/usr/share/automake-1.16/install-sh /usr/share/automake-1.15/install-sh
\ No newline at end of file \ No newline at end of file
missing
View file @ aa697c49
/usr/share/automake-1.16/missing /usr/share/automake-1.15/missing
\ No newline at end of file \ No newline at end of file
secure_enclave/Makefile.in
View file @ aa697c49
# Makefile.in generated by automake 1.16.1 from Makefile.am. # Makefile.in generated by automake 1.15.1 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc. # Copyright (C) 1994-2017 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
...@@ -137,15 +137,7 @@ am__v_at_0 = @ ...@@ -137,15 +137,7 @@ am__v_at_0 = @
am__v_at_1 = am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp depcomp = $(SHELL) $(top_srcdir)/depcomp
am__maybe_remake_depfiles = depfiles am__depfiles_maybe = depfiles
am__depfiles_remade = ./$(DEPDIR)/BLSEnclave.Po ./$(DEPDIR)/DH_dkg.Po \
./$(DEPDIR)/DKGUtils.Po ./$(DEPDIR)/alt_bn128_g1.Po \
./$(DEPDIR)/alt_bn128_g2.Po ./$(DEPDIR)/alt_bn128_init.Po \
./$(DEPDIR)/curves.Po ./$(DEPDIR)/domain_parameters.Po \
./$(DEPDIR)/numbertheory.Po ./$(DEPDIR)/point.Po \
./$(DEPDIR)/secure_enclave.Po ./$(DEPDIR)/secure_enclave_t.Po \
./$(DEPDIR)/signature.Po ./$(DEPDIR)/signed_enclave_debug.Po \
./$(DEPDIR)/signed_enclave_rel.Po
am__mv = mv -f am__mv = mv -f
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
...@@ -373,8 +365,8 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status ...@@ -373,8 +365,8 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
*config.status*) \ *config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \ *) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
esac; esac;
$(top_srcdir)/build-aux/sgx_enclave.am $(am__empty): $(top_srcdir)/build-aux/sgx_enclave.am $(am__empty):
...@@ -439,27 +431,21 @@ mostlyclean-compile: ...@@ -439,27 +431,21 @@ mostlyclean-compile:
distclean-compile: distclean-compile:
-rm -f *.tab.c -rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/curves.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/curves.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domain_parameters.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domain_parameters.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numbertheory.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numbertheory.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/point.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/point.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signature.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signature.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@
$(am__depfiles_remade):
@$(MKDIR_P) $(@D)
@echo '# dummy' >$@-t && $(am__mv) $@-t $@
am--depfiles: $(am__depfiles_remade)
.c.o: .c.o:
@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
...@@ -583,10 +569,7 @@ cscopelist-am: $(am__tagged_files) ...@@ -583,10 +569,7 @@ cscopelist-am: $(am__tagged_files)
distclean-tags: distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(BUILT_SOURCES) distdir: $(DISTFILES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
distdir-am: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
list='$(DISTFILES)'; \ list='$(DISTFILES)'; \
...@@ -659,21 +642,7 @@ clean: clean-am ...@@ -659,21 +642,7 @@ clean: clean-am
clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am
distclean: distclean-am distclean: distclean-am
-rm -f ./$(DEPDIR)/BLSEnclave.Po -rm -rf ./$(DEPDIR)
-rm -f ./$(DEPDIR)/DH_dkg.Po
-rm -f ./$(DEPDIR)/DKGUtils.Po
-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
-rm -f ./$(DEPDIR)/alt_bn128_g2.Po
-rm -f ./$(DEPDIR)/alt_bn128_init.Po
-rm -f ./$(DEPDIR)/curves.Po
-rm -f ./$(DEPDIR)/domain_parameters.Po
-rm -f ./$(DEPDIR)/numbertheory.Po
-rm -f ./$(DEPDIR)/point.Po
-rm -f ./$(DEPDIR)/secure_enclave.Po
-rm -f ./$(DEPDIR)/secure_enclave_t.Po
-rm -f ./$(DEPDIR)/signature.Po
-rm -f ./$(DEPDIR)/signed_enclave_debug.Po
-rm -f ./$(DEPDIR)/signed_enclave_rel.Po
-rm -f Makefile -rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \ distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags distclean-tags
...@@ -719,21 +688,7 @@ install-ps-am: ...@@ -719,21 +688,7 @@ install-ps-am:
installcheck-am: installcheck-am:
maintainer-clean: maintainer-clean-am maintainer-clean: maintainer-clean-am
-rm -f ./$(DEPDIR)/BLSEnclave.Po -rm -rf ./$(DEPDIR)
-rm -f ./$(DEPDIR)/DH_dkg.Po
-rm -f ./$(DEPDIR)/DKGUtils.Po
-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
-rm -f ./$(DEPDIR)/alt_bn128_g2.Po
-rm -f ./$(DEPDIR)/alt_bn128_init.Po
-rm -f ./$(DEPDIR)/curves.Po
-rm -f ./$(DEPDIR)/domain_parameters.Po
-rm -f ./$(DEPDIR)/numbertheory.Po
-rm -f ./$(DEPDIR)/point.Po
-rm -f ./$(DEPDIR)/secure_enclave.Po
-rm -f ./$(DEPDIR)/secure_enclave_t.Po
-rm -f ./$(DEPDIR)/signature.Po
-rm -f ./$(DEPDIR)/signed_enclave_debug.Po
-rm -f ./$(DEPDIR)/signed_enclave_rel.Po
-rm -f Makefile -rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic maintainer-clean-am: distclean-am maintainer-clean-generic
...@@ -753,19 +708,19 @@ uninstall-am: uninstall-libexecPROGRAMS ...@@ -753,19 +708,19 @@ uninstall-am: uninstall-libexecPROGRAMS
.MAKE: install-am install-strip .MAKE: install-am install-strip
.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \ .PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
clean-generic clean-libexecPROGRAMS cscopelist-am ctags \ clean-libexecPROGRAMS cscopelist-am ctags ctags-am distclean \
ctags-am distclean distclean-compile distclean-generic \ distclean-compile distclean-generic distclean-tags distdir dvi \
distclean-tags distdir dvi dvi-am html html-am info info-am \ dvi-am html html-am info info-am install install-am \
install install-am install-data install-data-am install-dvi \ install-data install-data-am install-dvi install-dvi-am \
install-dvi-am install-exec install-exec-am install-html \ install-exec install-exec-am install-html install-html-am \
install-html-am install-info install-info-am \ install-info install-info-am install-libexecPROGRAMS \
install-libexecPROGRAMS install-man install-pdf install-pdf-am \ install-man install-pdf install-pdf-am install-ps \
install-ps install-ps-am install-strip installcheck \ install-ps-am install-strip installcheck installcheck-am \
installcheck-am installdirs maintainer-clean \ installdirs maintainer-clean maintainer-clean-generic \
maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean mostlyclean-compile mostlyclean-generic pdf pdf-am \
mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \ ps ps-am tags tags-am uninstall uninstall-am \
uninstall-am uninstall-libexecPROGRAMS uninstall-libexecPROGRAMS
.PRECIOUS: Makefile .PRECIOUS: Makefile
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment