search

CCC-Attestation / interoperable-ra-tls

Design documents and interoperability tests for Interoperable RA-TLS projects
Apache License 2.0
10 stars 3 forks source link

The interoperability testing between Gramine and rats-tls #8

Closed jiazhang0 closed 1 year ago

jiazhang0 commented 1 year ago

Current testing model is: Gramine as client and attester vs rats-tls as server and verifier (mtls)

The rats-tls contains sample server program (see https://github.com/inclavare-containers/rats-tls/tree/master/samples for the source codes).

At present, the sample server program doesn't run in a TEE, just in host, providing a self-signed TLS certificate.

For the local testing for the case "rats-tls as client and attester vs rats-tls as server and verifier (mtls)", simply run:

git clone https://github.com/inclavare-containers/rats-tls
cd rats-tls
cmake -DRATS_TLS_BUILD_MODE="host" -DBUILD_SAMPLES=on -H. -Bbuild
make -C build install
cd /usr/share/rats-tls/samples
RATS_TLS_GLOBAL_LOG_LEVEL=debug ./rats-tls-server --log-level debug --attester nullattester --verifier sgx_ecdsa --mutual

The client side command is:

./rats-tls-client --log-level debug --attester sgx_ecdsa --verifier nullverifier --mutual

By default, the listening port is 1234. -p option can be used to overwrite the default port.

imlk0 commented 1 year ago 
git clone https://github.com/KB5201314/rats-tls -b dice-extensions

@jiazhang0 This branch has been merged, so we can directly use the code in inclavare-containers/rats-tls repo.

git clone https://github.com/inclavare-containers/rats-tls