1 stable release
new 2.3.2 | Oct 28, 2024 |
---|
#8 in #attestation
230KB
2.5K
SLoC
clique-sibyl-commonlib
Usage
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2" }
Features
Supports four features: rustls-0_20
, rustls-0_21
, rustls-0_22
, rustls-0_23
and wasm
.
If you need to enable rustls
, specify the corresponding feature based on the version of rustls
you intend to use.
# use rustls-0_23
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2", features = "rustls-0_23" }
# use rustls-0_20
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2", features = "rustls-0_20" }
# use rustls-0_21
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2", features = "rustls-0_21" }
# use rustls-0_22
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2", features = "rustls-0_22" }
TLS Config
You can create a rustls
tls server config like this:
use clique_sibyl_commonlib::tls::config::create_tls_server_config;
let tls_config = create_tls_server_config()?;
With this tls server config, you can start a TLS server using server framework like actix-web
:
[dependencies]
clique-sibyl-commonlib = { git = "https://github.com/CliqueOfficial/clique-sibyl-commonlib.git", tag = "v2.3.2", features = "rustls-0_23" }
actix-web = { version = "4.6.0", features = ["rustls-0_23"] }
actix-rt = "2.9.0"
use clique_sibyl_commonlib::tls::config::create_tls_server_config;
use actix_web::{web, App, HttpResponse, HttpServer, Responder};
use std::env;
async fn status() -> impl Responder {
HttpResponse::Ok().body("Server is running!")
}
#[actix_rt::main]
async fn main() {
let tls_config = create_tls_server_config().unwrap();
let server = HttpServer::new(|| {
App::new().route("/status", web::get().to(status))
})
.bind_rustls_0_23("127.0.0.1:8080", tls_config)?
.run()
.await.unwrap();
}
And you can create a rustls
tls client config like this:
use clique_sibyl_commonlib::tls::config::create_tls_client_config;
let tls_config = create_tls_client_config(None, None);
This tls client config can help you to verify the attestation in the certificate during TLS handshake.
Attestation Verifier
You can use clique_sibyl_commonlib::attestation::verify_attestation to verify the attestation.
WASM
Install WASM toolchains:
cargo install wasm-bindgen-cli
rustup target add wasm32-unknown-unknown
Build WASM:
cargo build --target wasm32-unknown-unknown --release --features wasm
# For node.js
wasm-bindgen target/wasm32-unknown-unknown/release/clique_sibyl_commonlib.wasm --out-dir ./wasm/pkg-node --target nodejs
# For ReactJS
wasm-bindgen target/wasm32-unknown-unknown/release/clique_sibyl_commonlib.wasm --out-dir ./wasm/pkg-web --target web
Install node.js:
sudo apt update
sudo apt install nodejs
sudo apt install npm
Test WASM for node.js:
cd wasm/wasm-node-test
node index.js
Tests
cargo t
cargo t actix -- --nocapture
cargo t actix --features "rustls-0_23" -- --nocapture
Examples
You can explore examples located in ./tests/actix
and ./gramine-examples/actix-example
to see how to integrate this crate with both Actix server and client.
Dependencies
~12–24MB
~354K SLoC