Inclavared
Introduction
Inclavared is a coordinator which creates a m-TLS(Mutal Transport Layer Security) connection between stub enclave and other enclaves with remote attestation (aka "RA-TLS").
Design
Installation
TODO
Build Source Code
Requirements
- rust-lang
Setup Environment
cargo install protobuf
cargo install bindgen
# Linux(Centos/RHEL)
yum install -y clang-libs clang-devel
# MacOS
brew install clang
git clone https://github.com/alibaba/inclavare-containers.git
cd inclavare-containers/
export ROOT_DIR=`pwd`Based On Enclave-TLS
Build
- inclavared
cd ${ROOT_DIR}/inclavared/
makeRun
Inclavared supports tcp socket and unix socket at the same time, and sockaddr can be an address form similar to 127.0.0.1:1234 or /path/to/unixsock.sock.
- Run as server
${ROOT_DIR}/inclavared/bin/inclavared --listen <sockaddr>- Xfer data between client and server
recv data from sockaddr1 and send to sockaddr2, and recv data from sockaddr2 and send to sockaddr1
${ROOT_DIR}/inclavared/bin/inclavared --listen <sockaddr1> --xfer <sockaddr2>
# enable mutual for xfer stream
${ROOT_DIR}/inclavared/bin/inclavared --listen <sockaddr1> --xfer <sockaddr2> --mutual- Run as client
${ROOT_DIR}/inclavared/bin/inclavared --connect <sockaddr>Third Party Dependencies
Direct Dependencies
| Name | Repo URL | Licenses |
|---|---|---|
| libc | https://github.com/rust-lang/libc | MIT |
| log | https://github.com/rust-lang/log | MIT |
| env_logger | https://github.com/env-logger-rs/env_logger | MIT |
| clap | https://github.com/clap-rs/clap | MIT |
| json | https://github.com/serde-rs/json | MIT |
| rust-hex | https://github.com/KokaKiwi/rust-hex | MIT |
| foreign-types | https://github.com/sfackler/foreign-types | MIT |
| incubator-teaclave-sgx-sdk | https://github.com/apache/incubator-teaclave-sgx-sdk | Apache-2.0 |