clique-sibyl-commonlib
| Crates.io | clique-sibyl-commonlib |
| lib.rs | clique-sibyl-commonlib |
| version | 2.3.2 |
| source | src |
| created_at | 2024-10-28 06:37:42.935604 |
| updated_at | 2024-10-28 06:37:42.935604 |
| description | Clique Sibyl Common Library, for generating and verifying TEE attestation (Intel SGX, Intel TDX) and providing customized TLS verification with TEE attestation |
| homepage | |
| repository | |
| max_upload_size | |
| id | 1425314 |
| size | 229,964 |
(clique-crates)
documentation
README
clique-sibyl-commonlib
Usage
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2" }
Features
Supports four features: rustls-0_20, rustls-0_21, rustls-0_22, rustls-0_23 and wasm.
If you need to enable rustls, specify the corresponding feature based on the version of rustls you intend to use.
# use rustls-0_23
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2", features = "rustls-0_23" }
# use rustls-0_20
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2", features = "rustls-0_20" }
# use rustls-0_21
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2", features = "rustls-0_21" }
# use rustls-0_22
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2", features = "rustls-0_22" }
TLS Config
You can create a rustls tls server config like this:
use clique_sibyl_commonlib::tls::config::create_tls_server_config;
let tls_config = create_tls_server_config()?;
With this tls server config, you can start a TLS server using server framework like actix-web:
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2", features = "rustls-0_23" }
actix-web = { version = "4.6.0", features = ["rustls-0_23"] }
actix-rt = "2.9.0"
use clique_sibyl_commonlib::tls::config::create_tls_server_config;
use actix_web::{web, App, HttpResponse, HttpServer, Responder};
use std::env;
async fn status() -> impl Responder {
HttpResponse::Ok().body("Server is running!")
}
#[actix_rt::main]
async fn main() {
let tls_config = create_tls_server_config().unwrap();
let server = HttpServer::new(|| {
App::new().route("/status", web::get().to(status))
})
.bind_rustls_0_23("127.0.0.1:8080", tls_config)?
.run()
.await.unwrap();
}
And you can create a rustls tls client config like this:
use clique_sibyl_commonlib::tls::config::create_tls_client_config;
let tls_config = create_tls_client_config(None, None);
This tls client config can help you to verify the attestation in the certificate during TLS handshake.
Attestation Verifier
You can use clique_sibyl_commonlib::attestation::verify_attestation to verify the attestation.
WASM
Install WASM toolchains:
cargo install wasm-bindgen-cli
rustup target add wasm32-unknown-unknown
Build WASM:
cargo build --target wasm32-unknown-unknown --release --features wasm
# For node.js
wasm-bindgen target/wasm32-unknown-unknown/release/clique_sibyl_commonlib.wasm --out-dir ./wasm/pkg-node --target nodejs
# For ReactJS
wasm-bindgen target/wasm32-unknown-unknown/release/clique_sibyl_commonlib.wasm --out-dir ./wasm/pkg-web --target web
Install node.js:
sudo apt update
sudo apt install nodejs
sudo apt install npm
Test WASM for node.js:
cd wasm/wasm-node-test
node index.js
Tests
cargo t
cargo t actix -- --nocapture
cargo t actix --features "rustls-0_23" -- --nocapture
Examples
You can explore examples located in ./tests/actix and ./gramine-examples/actix-example to see how to integrate this crate with both Actix server and client.