Skip to content

Commit

Permalink
Fix dev build
Browse files Browse the repository at this point in the history
  • Loading branch information
@delneg
delneg committed May 21, 2024
1 parent 7e1676b commit c64b077
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 6 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/build-deb.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ jobs:
env:
ENCLAVE_PK_BASE64: ${{ secrets.ENCLAVE_PK_BASE64 }}
run: |
rm sgxvm/Enclave_dev_private.pem || true
rm sgxvm/Enclave_private.pem || true
echo $ENCLAVE_PK_BASE64 | base64 --decode > sgxvm/Enclave_private.pem
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
Expand Down
5 changes: 0 additions & 5 deletions .github/workflows/docker-local.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,6 @@ jobs:
docker-local:
runs-on: ubuntu-latest
steps:
- name: Retrieve the secret and decode it to a file
env:
ENCLAVE_PK_BASE64: ${{ secrets.ENCLAVE_PK_BASE64 }}
run: |
echo $ENCLAVE_PK_BASE64 | base64 --decode > sgxvm/Enclave_private.pem
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2

Expand Down
39 changes: 39 additions & 0 deletions sgxvm/Enclave_dev_private.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
-----BEGIN RSA PRIVATE KEY-----
MIIG4gIBAAKCAYEAroOogvsj/fZDZY8XFdkl6dJmky0lRvnWMmpeH41Bla6U1qLZ
AmZuyIF+mQC/cgojIsrBMzBxb1kKqzATF4+XwPwgKz7fmiddmHyYz2WDJfAjIveJ
ZjdMjM4+EytGlkkJ52T8V8ds0/L2qKexJ+NBLxkeQLfV8n1mIk7zX7jguwbCG1Pr
nEMdJ3Sew20vnje+RsngAzdPChoJpVsWi/K7cettX/tbnre1DL02GXc5qJoQYk7b
3zkmhz31TgFrd9VVtmUGyFXAysuSAb3EN+5VnHGr0xKkeg8utErea2FNtNIgua8H
ONfm9Eiyaav1SVKzPHlyqLtcdxH3I8Wg7yqMsaprZ1n5A1v/levxnL8+It02KseD
5HqV4rf/cImSlCt3lpRg8U5E1pyFQ2IVEC/XTDMiI3c+AR+w2jSRB3Bwn9zJtFlW
KHG3m1xGI4ck+Lci1JvWWLXQagQSPtZTsubxTQNx1gsgZhgv1JHVZMdbVlAbbRMC
1nSuJNl7KPAS/VfzAgEDAoIBgHRXxaynbVP5gkO0ug6Qw/E27wzIw4SmjsxG6Wpe
K7kfDeRskKxESdsA/xCrKkwGwhcx1iIgS5+Qscd1Yg+1D9X9asd/P7waPmWoZd+Z
AhlKwhdPsO7PiF3e1AzHhGQwsUTt/Y/aSI1MpHBvy2/s1h9mFCslOUxTmWw0oj/Q
ldIEgWeNR72CE2+jFIJIyml6ftnb6qzPiga8Bm48ubKh0kvySOqnkmnPzgh+JBD6
JnBmtZbfPT97bwTT+N6rnPqOOApvfHPf15kWI8yDbprG1l4OCUaIUH1AszxLd826
5IPM+8gINLRDP1MA6azECPjTyHXhtnSIBZCyWSVkc05vYmNXYUNiXWMajcxW9M02
wKzFELO8NCEAkaTPxwo4SCyIjUxiK1LbQ9h8PSy4c1+gGP4LAMR8xqP4QKg6zdu9
osUGG/xRe/uufgTBFkcjqBHtK5L5VI0jeNIUAgW/6iNbYXjBMJ0GfauLs+g1VsOm
WfdgXzsb9DYdMa0OXXHypmV4GwKBwQDUwQj8RKJ6c8cT4vcWCoJvJF00+RFL+P3i
Gx2DLERxRrDa8AVGfqaCjsR+3vLgG8V/py+z+dxZYSqeB80Qeo6PDITcRKoeAYh9
xlT3LJOS+k1cJcEmlbbO2IjLkTmzSwa80fWexKu8/Xv6vv15gpqYl1ngYoqJM3pd
vzmTIOi7MKSZ0WmEQavrZj8zK4endE3v0eAEeQ55j1GImbypSf7Idh7wOXtjZ7WD
Dg6yWDrri+AP/L3gClMj8wsAxMV4ZR8CgcEA0fzDHkFa6raVOxWnObmRoDhAtE0a
cjUj976NM5yyfdf2MrKy4/RhdTiPZ6b08/lBC/+xRfV3xKVGzacm6QjqjZrUpgHC
0LKiZaMtccCJjLtPwQd0jGQEnKfMFaPsnhOc5y8qVkCzVOSthY5qhz0XNotHHFmJ
gffVgB0iqrMTvSL7IA2yqqpOqNRlhaYhNl8TiFP3gIeMtVa9rZy31JPgT2uJ+kfo
gV7sdTPEjPWZd7OshGxWpT6QfVDj/T9T7L6tAoHBAI3WBf2DFvxNL2KXT2QHAZ9t
k3imC4f7U+wSE6zILaDZyzygA4RUbwG0gv8/TJVn2P/Eynf76DuWHGlaiLWnCbSz
Az2DHBQBBaku409zDQym3j1ugMRjzzSQWzJg0SIyBH3hTmnYcn3+Uqcp/lEBvGW6
O+rsXFt3pukqJmIV8HzLGGaLm62BHUeZf3dyWm+i3p/hQAL7Xvu04QW70xuGqdr5
afV7p5eaeQIJXyGQJ0eylV/90+qxjMKiB1XYg6WYvwKBwQCL/ddpgOdHJGN8uRom
e7Zq0Csi3hGheMKlKbN3vcxT5U7MdyHtTZZOJbTvxKNNUNYH/8uD+PqDGNneb29G
BfGzvI3EASyLIcGZF3OhKwZd0jUrWk2y7Vhob91jwp2+t73vdMbkKyI4mHOuXvGv
fg95si9oO7EBT+Oqvhccd2J+F1IVXncccYnF4u5ZGWt5lLewN/pVr7MjjykeaHqN
t+rfnQam2psA6fL4zS2zTmZPzR2tnY8Y1GBTi0Ko1OKd1HMCgcAb5cB/7/AQlhP9
yQa04PLH9ygQkKKptZp7dy5WcWRx0K/hAHRoi2aw1wZqfm7VBNu2SLcs90kCCCxp
6C5sfJi6b8NpNbIPC+sc9wsFr7pGo9SFzQ78UlcWYK2Gu2FxlMjonhka5hvo4zvg
WxlpXKEkaFt3gLd92m/dMqBrHfafH7VwOJY2zT3WIpjwuk0ZzmRg5p0pG/svVQEH
NZmwRwlopysbR69B/n1nefJ84UO50fLh5s5Zr3gBRwbWNZyzhXk=
-----END RSA PRIVATE KEY-----
5 changes: 4 additions & 1 deletion sgxvm/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ Enclave_build_feature = hardware_mode
# Enable the security flags
Enclave_Security_Link_Flags := -Wl,-z,relro,-z,now,-z,noexecstack
Enclave_config_file = Enclave.config.development.xml
Enclave_signing_key = Enclave_dev_private.pem

# ENCLAVE SETTINGS
ifneq ($(SGX_MODE), HW)
Expand All @@ -33,8 +34,10 @@ endif

ifneq ($(PRODUCTION_MODE), true)
Enclave_config_file := Enclave.config.development.xml
Enclave_signing_key := Enclave_dev_private.pem
else
Enclave_config_file := Enclave.config.production.xml
Enclave_signing_key := Enclave_private.pem
Enclave_build_feature += production
endif

Expand Down Expand Up @@ -124,7 +127,7 @@ define sign_enclave
@echo "Sign enclave using"
@/opt/intel/sgxsdk/bin/x64/sgx_sign -version
@mkdir -p $(CURDIR)/sgx-artifacts/bin
@/opt/intel/sgxsdk/bin/x64/sgx_sign sign -key $(CURDIR)/Enclave_private.pem -enclave $(CURDIR)/enclave.unsigned.so -out $(CURDIR)/sgx-artifacts/bin/enclave.signed.so -config $(CURDIR)/$(Enclave_config_file)
@/opt/intel/sgxsdk/bin/x64/sgx_sign sign -key $(CURDIR)/$(Enclave_signing_key) -enclave $(CURDIR)/enclave.unsigned.so -out $(CURDIR)/sgx-artifacts/bin/enclave.signed.so -config $(CURDIR)/$(Enclave_config_file)
endef

define sgx_build
Expand Down

0 comments on commit c64b077

Please sign in to comment.