@super-protocol/addons-tee 0.8.8 → 0.8.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/bindings/sgx-native/build/Release/libmbedcrypto_gramine.so.15 +0 -0
  2. package/bindings/sgx-native/build/Release/libmbedx509_gramine.so.6 +0 -0
  3. package/bindings/sgx-native/build/Release/sgx_native.node +0 -0
  4. package/dist/sgx-native-module/sgx-tests.js +33 -1
  5. package/package.json +1 -1
  6. package/test_sgx_env/Dockerfile +2 -2
  7. package/test_sgx_env/build-and-run-tests.sh +2 -4
  8. package/bindings/sgx-native/build/Release/libcjson.so.1 +0 -0
  9. package/bindings/sgx-native/build/Release/libmbedcrypto_gramine.so.13 +0 -0
  10. package/bindings/sgx-native/build/Release/libmbedx509_gramine.so.4 +0 -0
  11. package/bindings/sgx-native/build/Release/libsgx_dcap_quoteverify.so.1 +0 -0
package/dist/sgx-native-module/sgx-tests.js CHANGED
@@ -73,10 +73,42 @@ async function GetKeyTest() {
73
73
  });
74
74
  const outDated = await enclaveService.isOutdatedRequest(key.request);
75
75
  (0, assert_1.default)(outDated === false);
76
+ const baseCpuSvn = Buffer.alloc(16);
77
+ key.request.copy(baseCpuSvn, 0, 8, 24);
78
+ let downgradeIndex = -1;
79
+ let upgradeIndex = -1;
80
+ for (let i = 0; i < 16; i++) {
81
+ if (downgradeIndex < 0 && baseCpuSvn[i] < 0xff)
82
+ downgradeIndex = i;
83
+ if (upgradeIndex < 0 && baseCpuSvn[i] > 0)
84
+ upgradeIndex = i;
85
+ if (upgradeIndex >= 0 && downgradeIndex >= 0)
86
+ break;
87
+ }
88
+ const modifiedRequestDowngrade = Buffer.alloc(key.request.length);
89
+ key.request.copy(modifiedRequestDowngrade);
90
+ const modifiedRequestUpgrade = Buffer.alloc(key.request.length);
91
+ key.request.copy(modifiedRequestUpgrade);
92
+ modifiedRequestDowngrade[8 + downgradeIndex] = modifiedRequestDowngrade[8 + downgradeIndex] - 1;
93
+ modifiedRequestUpgrade[8 + upgradeIndex] = modifiedRequestUpgrade[8 + upgradeIndex] + 1;
94
+ const outDated2 = await enclaveService.isOutdatedRequest(modifiedRequestDowngrade);
95
+ (0, assert_1.default)(outDated2 === true);
96
+ await assert_1.default.rejects(async () => {
97
+ await enclaveService.isOutdatedRequest(modifiedRequestUpgrade);
98
+ }, {
99
+ name: "TypeError",
100
+ message: /Failed to obtain the key with the passed request*/,
101
+ });
102
+ await assert_1.default.rejects(async () => {
103
+ await enclaveService.getSecretKey(SgxNative.KeyType.SGX_KEYSELECT_SEAL, SgxNative.KeyPolicy.SGX_KEYPOLICY_MRSIGNER, modifiedRequestUpgrade);
104
+ }, {
105
+ name: "TypeError",
106
+ message: /Failed to obtain the key with the passed request*/,
107
+ });
76
108
  console.log("GetKeyTest: Success");
77
109
  }
78
110
  (async () => {
79
111
  await GenCertWithQouteTest();
80
112
  await GetKeyTest();
81
113
  })();
82
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2d4LXRlc3RzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3NneC1uYXRpdmUtbW9kdWxlL3NneC10ZXN0cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsZ0VBQWtEO0FBQ2xELG9EQUE0QjtBQUU1QixNQUFNLGlCQUFpQixHQUFHLElBQUksU0FBUyxDQUFDLHNCQUFzQixFQUFFLENBQUM7QUFDakUsTUFBTSxVQUFVLEdBQUcsSUFBSSxTQUFTLENBQUMsVUFBVSxFQUFFLENBQUM7QUFDOUMsTUFBTSxjQUFjLEdBQUcsSUFBSSxTQUFTLENBQUMsY0FBYyxFQUFFLENBQUM7QUFFdEQsS0FBSyxVQUFVLG9CQUFvQjtJQUMvQixNQUFNLEdBQUcsR0FBRyxNQUFNLFVBQVUsQ0FBQyxzQkFBc0IsQ0FBQztRQUNoRCxJQUFJLEVBQUUsRUFBRTtRQUNSLFFBQVEsRUFBRSxDQUFDLG1CQUFtQixFQUFFLFFBQVEsQ0FBQztRQUN6QyxHQUFHLEVBQUUsQ0FBQyxTQUFTLEVBQUUseUNBQXlDLENBQUM7UUFDM0QsTUFBTSxFQUFFLFNBQVMsQ0FBQyxpQkFBaUIsQ0FBQyxHQUFHO1FBQ3ZDLE9BQU8sRUFBRSxTQUFTLENBQUMsa0JBQWtCLENBQUMsR0FBRztRQUN6QyxRQUFRLEVBQUUsU0FBUyxDQUFDLFFBQVEsQ0FBQyxTQUFTO1FBQ3RDLE9BQU8sRUFBRTtZQUNMLFVBQVUsRUFBRSxXQUFXO1NBQzFCO1FBQ0QsWUFBWSxFQUFFLE9BQU87UUFDckIsU0FBUyxFQUFFLElBQUk7S0FDbEIsQ0FBQyxDQUFDO0lBQ0gsSUFBSTtRQUNBLE1BQU0sS0FBSyxHQUFHLE1BQU0saUJBQWlCLENBQUMsb0JBQW9CLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3JFLE1BQU0saUJBQWlCLENBQUMsNEJBQTRCLENBQUMsS0FBSyxDQUFDLENBQUM7S0FDL0Q7SUFBQyxPQUFPLEtBQUssRUFBRTtRQUNaLElBQUksS0FBSyxZQUFZLFNBQVMsQ0FBQyxvQkFBb0IsRUFBRTtZQUNqRCxnQkFBTSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsYUFBYSxFQUFFLEtBQUssQ0FBQyxDQUFDO1NBQzVDO2FBQU07WUFDSCxJQUFBLGdCQUFNLEVBQUMsS0FBSyxDQUFDLENBQUM7U0FDakI7S0FDSjtJQUNELE9BQU8sQ0FBQyxHQUFHLENBQUMsK0JBQStCLENBQUMsQ0FBQztBQUNqRCxDQUFDO0FBRUQsS0FBSyxVQUFVLFVBQVU7SUFDckIsTUFBTSxHQUFHLEdBQUcsTUFBTSxjQUFjLENBQUMsWUFBWSxDQUN6QyxTQUFTLENBQUMsT0FBTyxDQUFDLGtCQUFrQixFQUNwQyxTQUFTLENBQUMsU0FBUyxDQUFDLHNCQUFzQixDQUM3QyxDQUFDO0lBRUYsTUFBTSxJQUFJLEdBQUcsTUFBTSxjQUFjLENBQUMsWUFBWSxDQUMxQyxTQUFTLENBQUMsT0FBTyxDQUFDLGtCQUFrQixFQUNwQyxTQUFTLENBQUMsU0FBUyxDQUFDLHNCQUFzQixFQUMxQyxHQUFHLENBQUMsT0FBTyxDQUNkLENBQUM7SUFFRixNQUFNLElBQUksR0FBRyxNQUFNLGNBQWMsQ0FBQyxZQUFZLENBQzFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsa0JBQWtCLEVBQ3BDLFNBQVMsQ0FBQyxTQUFTLENBQUMsc0JBQXNCLENBQzdDLENBQUM7SUFFRixJQUFBLGdCQUFNLEVBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLElBQUksQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztJQUNoRCxJQUFBLGdCQUFNLEVBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLElBQUksQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztJQUVoRCxNQUFNLGdCQUFNLENBQUMsT0FBTyxDQUNoQixLQUFLLElBQUksRUFBRTtRQUNQLE1BQU0sY0FBYyxDQUFDLFlBQVksQ0FDN0IsU0FBUyxDQUFDLE9BQU8sQ0FBQyxrQkFBa0IsRUFDcEMsU0FBUyxDQUFDLFNBQVMsQ0FBQyx1QkFBdUIsRUFDM0MsR0FBRyxDQUFDLE9BQU8sQ0FDZCxDQUFDO0lBQ04sQ0FBQyxFQUNEO1FBQ0ksSUFBSSxFQUFFLFdBQVc7UUFDakIsT0FBTyxFQUFFLHlFQUF5RTtLQUNyRixDQUNKLENBQUM7SUFFRixNQUFNLFFBQVEsR0FBRyxNQUFNLGNBQWMsQ0FBQyxpQkFBaUIsQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDckUsSUFBQSxnQkFBTSxFQUFDLFFBQVEsS0FBSyxLQUFLLENBQUMsQ0FBQztJQUUzQixPQUFPLENBQUMsR0FBRyxDQUFDLHFCQUFxQixDQUFDLENBQUM7QUFDdkMsQ0FBQztBQUVELENBQUMsS0FBSyxJQUFJLEVBQUU7SUFDUixNQUFNLG9CQUFvQixFQUFFLENBQUM7SUFDN0IsTUFBTSxVQUFVLEVBQUUsQ0FBQztBQUN2QixDQUFDLENBQUMsRUFBRSxDQUFDIn0=
114
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2d4LXRlc3RzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3NneC1uYXRpdmUtbW9kdWxlL3NneC10ZXN0cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsZ0VBQWtEO0FBQ2xELG9EQUE0QjtBQUU1QixNQUFNLGlCQUFpQixHQUFHLElBQUksU0FBUyxDQUFDLHNCQUFzQixFQUFFLENBQUM7QUFDakUsTUFBTSxVQUFVLEdBQUcsSUFBSSxTQUFTLENBQUMsVUFBVSxFQUFFLENBQUM7QUFDOUMsTUFBTSxjQUFjLEdBQUcsSUFBSSxTQUFTLENBQUMsY0FBYyxFQUFFLENBQUM7QUFFdEQsS0FBSyxVQUFVLG9CQUFvQjtJQUMvQixNQUFNLEdBQUcsR0FBRyxNQUFNLFVBQVUsQ0FBQyxzQkFBc0IsQ0FBQztRQUNoRCxJQUFJLEVBQUUsRUFBRTtRQUNSLFFBQVEsRUFBRSxDQUFDLG1CQUFtQixFQUFFLFFBQVEsQ0FBQztRQUN6QyxHQUFHLEVBQUUsQ0FBQyxTQUFTLEVBQUUseUNBQXlDLENBQUM7UUFDM0QsTUFBTSxFQUFFLFNBQVMsQ0FBQyxpQkFBaUIsQ0FBQyxHQUFHO1FBQ3ZDLE9BQU8sRUFBRSxTQUFTLENBQUMsa0JBQWtCLENBQUMsR0FBRztRQUN6QyxRQUFRLEVBQUUsU0FBUyxDQUFDLFFBQVEsQ0FBQyxTQUFTO1FBQ3RDLE9BQU8sRUFBRTtZQUNMLFVBQVUsRUFBRSxXQUFXO1NBQzFCO1FBQ0QsWUFBWSxFQUFFLE9BQU87UUFDckIsU0FBUyxFQUFFLElBQUk7S0FDbEIsQ0FBQyxDQUFDO0lBQ0gsSUFBSTtRQUNBLE1BQU0sS0FBSyxHQUFHLE1BQU0saUJBQWlCLENBQUMsb0JBQW9CLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3JFLE1BQU0saUJBQWlCLENBQUMsNEJBQTRCLENBQUMsS0FBSyxDQUFDLENBQUM7S0FDL0Q7SUFBQyxPQUFPLEtBQUssRUFBRTtRQUNaLElBQUksS0FBSyxZQUFZLFNBQVMsQ0FBQyxvQkFBb0IsRUFBRTtZQUNqRCxnQkFBTSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsYUFBYSxFQUFFLEtBQUssQ0FBQyxDQUFDO1NBQzVDO2FBQU07WUFDSCxJQUFBLGdCQUFNLEVBQUMsS0FBSyxDQUFDLENBQUM7U0FDakI7S0FDSjtJQUNELE9BQU8sQ0FBQyxHQUFHLENBQUMsK0JBQStCLENBQUMsQ0FBQztBQUNqRCxDQUFDO0FBRUQsS0FBSyxVQUFVLFVBQVU7SUFDckIsTUFBTSxHQUFHLEdBQUcsTUFBTSxjQUFjLENBQUMsWUFBWSxDQUN6QyxTQUFTLENBQUMsT0FBTyxDQUFDLGtCQUFrQixFQUNwQyxTQUFTLENBQUMsU0FBUyxDQUFDLHNCQUFzQixDQUM3QyxDQUFDO0lBRUYsTUFBTSxJQUFJLEdBQUcsTUFBTSxjQUFjLENBQUMsWUFBWSxDQUMxQyxTQUFTLENBQUMsT0FBTyxDQUFDLGtCQUFrQixFQUNwQyxTQUFTLENBQUMsU0FBUyxDQUFDLHNCQUFzQixFQUMxQyxHQUFHLENBQUMsT0FBTyxDQUNkLENBQUM7SUFFRixNQUFNLElBQUksR0FBRyxNQUFNLGNBQWMsQ0FBQyxZQUFZLENBQzFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsa0JBQWtCLEVBQ3BDLFNBQVMsQ0FBQyxTQUFTLENBQUMsc0JBQXNCLENBQzdDLENBQUM7SUFFRixJQUFBLGdCQUFNLEVBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLElBQUksQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztJQUNoRCxJQUFBLGdCQUFNLEVBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLElBQUksQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztJQUVoRCxNQUFNLGdCQUFNLENBQUMsT0FBTyxDQUNoQixLQUFLLElBQUksRUFBRTtRQUNQLE1BQU0sY0FBYyxDQUFDLFlBQVksQ0FDN0IsU0FBUyxDQUFDLE9BQU8sQ0FBQyxrQkFBa0IsRUFDcEMsU0FBUyxDQUFDLFNBQVMsQ0FBQyx1QkFBdUIsRUFDM0MsR0FBRyxDQUFDLE9BQU8sQ0FDZCxDQUFDO0lBQ04sQ0FBQyxFQUNEO1FBQ0ksSUFBSSxFQUFFLFdBQVc7UUFDakIsT0FBTyxFQUFFLHlFQUF5RTtLQUNyRixDQUNKLENBQUM7SUFFRixNQUFNLFFBQVEsR0FBRyxNQUFNLGNBQWMsQ0FBQyxpQkFBaUIsQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDckUsSUFBQSxnQkFBTSxFQUFDLFFBQVEsS0FBSyxLQUFLLENBQUMsQ0FBQztJQUUzQixNQUFNLFVBQVUsR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDO0lBRXBDLEdBQUcsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBRXZDLElBQUksY0FBYyxHQUFHLENBQUMsQ0FBQyxDQUFDO0lBQ3hCLElBQUksWUFBWSxHQUFHLENBQUMsQ0FBQyxDQUFDO0lBRXRCLEtBQUssSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxFQUFFLEVBQUU7UUFDekIsSUFBSSxjQUFjLEdBQUcsQ0FBQyxJQUFJLFVBQVUsQ0FBQyxDQUFDLENBQUMsR0FBRyxJQUFJO1lBQUUsY0FBYyxHQUFHLENBQUMsQ0FBQztRQUNuRSxJQUFJLFlBQVksR0FBRyxDQUFDLElBQUksVUFBVSxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUM7WUFBRSxZQUFZLEdBQUcsQ0FBQyxDQUFDO1FBQzVELElBQUksWUFBWSxJQUFJLENBQUMsSUFBSSxjQUFjLElBQUksQ0FBQztZQUFFLE1BQU07S0FDdkQ7SUFFRCxNQUFNLHdCQUF3QixHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUNsRSxHQUFHLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDO0lBRTNDLE1BQU0sc0JBQXNCLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQ2hFLEdBQUcsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFFekMsd0JBQXdCLENBQUMsQ0FBQyxHQUFHLGNBQWMsQ0FBQyxHQUFHLHdCQUF3QixDQUFDLENBQUMsR0FBRyxjQUFjLENBQUMsR0FBRyxDQUFDLENBQUM7SUFDaEcsc0JBQXNCLENBQUMsQ0FBQyxHQUFHLFlBQVksQ0FBQyxHQUFHLHNCQUFzQixDQUFDLENBQUMsR0FBRyxZQUFZLENBQUMsR0FBRyxDQUFDLENBQUM7SUFFeEYsTUFBTSxTQUFTLEdBQUcsTUFBTSxjQUFjLENBQUMsaUJBQWlCLENBQUMsd0JBQXdCLENBQUMsQ0FBQztJQUNuRixJQUFBLGdCQUFNLEVBQUMsU0FBUyxLQUFLLElBQUksQ0FBQyxDQUFDO0lBRTNCLE1BQU0sZ0JBQU0sQ0FBQyxPQUFPLENBQ2hCLEtBQUssSUFBSSxFQUFFO1FBQ1AsTUFBTSxjQUFjLENBQUMsaUJBQWlCLENBQUMsc0JBQXNCLENBQUMsQ0FBQztJQUNuRSxDQUFDLEVBQ0Q7UUFDSSxJQUFJLEVBQUUsV0FBVztRQUNqQixPQUFPLEVBQUUsbURBQW1EO0tBQy9ELENBQ0osQ0FBQztJQUVGLE1BQU0sZ0JBQU0sQ0FBQyxPQUFPLENBQ2hCLEtBQUssSUFBSSxFQUFFO1FBQ1AsTUFBTSxjQUFjLENBQUMsWUFBWSxDQUM3QixTQUFTLENBQUMsT0FBTyxDQUFDLGtCQUFrQixFQUNwQyxTQUFTLENBQUMsU0FBUyxDQUFDLHNCQUFzQixFQUMxQyxzQkFBc0IsQ0FDekIsQ0FBQztJQUNOLENBQUMsRUFDRDtRQUNJLElBQUksRUFBRSxXQUFXO1FBQ2pCLE9BQU8sRUFBRSxtREFBbUQ7S0FDL0QsQ0FDSixDQUFDO0lBRUYsT0FBTyxDQUFDLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0FBQ3ZDLENBQUM7QUFFRCxDQUFDLEtBQUssSUFBSSxFQUFFO0lBQ1IsTUFBTSxvQkFBb0IsRUFBRSxDQUFDO0lBQzdCLE1BQU0sVUFBVSxFQUFFLENBQUM7QUFDdkIsQ0FBQyxDQUFDLEVBQUUsQ0FBQyJ9
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@super-protocol/addons-tee",
3
- "version": "0.8.8",
3
+ "version": "0.8.10",
4
4
  "description": "The TEE trusted loader addons",
5
5
  "tags": [
6
6
  "tee"
package/test_sgx_env/Dockerfile CHANGED
@@ -3,8 +3,8 @@ FROM node:16-buster-slim
3
3
  RUN apt update && apt install -y libcurl4 libcjson1 curl gnupg2 && rm -rf /var/lib/apt/lists/*
4
4
  RUN curl -fsSL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add - \
5
5
  && echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main' >> /etc/apt/sources.list.d/intel-sgx.list \
6
- && apt-get update \
7
- && apt install libsgx-dcap-default-qpl libsgx-urts -y
6
+ && apt-get update \
7
+ && apt install libsgx-dcap-default-qpl libsgx-urts libsgx-dcap-quote-verify -y
8
8
 
9
9
  COPY ./sgx_default_qcnl.conf /etc/sgx_default_qcnl.conf
10
10
 
package/test_sgx_env/build-and-run-tests.sh CHANGED
@@ -2,7 +2,7 @@
2
2
  set -e
3
3
  SCRIPT_DIR="$( cd "$( dirname "$0" )" && pwd )"
4
4
 
5
- GSC_FIXED_COMMIT="v1.4"
5
+ GSC_FIXED_COMMIT="v1.6"
6
6
  BASE_IMAGE_NAME="node16-sgx-tests"
7
7
 
8
8
  docker rmi gsc-${BASE_IMAGE_NAME} -f
@@ -15,9 +15,7 @@ rm -f enclave-key.pem
15
15
  openssl genrsa -3 -out enclave-key.pem 3072
16
16
 
17
17
  rm -rf ./gsc
18
- git clone https://github.com/gramineproject/gsc && cd gsc && git reset --hard "${GSC_FIXED_COMMIT}" && git config user.email "super@user.com" && git config user.name "SuperUser" && git cherry-pick 4bf7976
19
- curl https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key -o ./keys/intel-sgx-deb.key
20
- sed -i 's/\(gramine-sgx \/gramine\/app_files\/entrypoint\)/exec \1/g; s/\(gramine-direct \/gramine\/app_files\/entrypoint\)/exec \1/g' ./templates/apploader.common.template
18
+ git clone https://github.com/gramineproject/gsc && cd gsc && git reset --hard "${GSC_FIXED_COMMIT}"
21
19
 
22
20
  ./gsc build ${BASE_IMAGE_NAME} ../node16-base.manifest -c ../gsc-config.yaml
23
21
  ./gsc sign-image ${BASE_IMAGE_NAME} ../enclave-key.pem -c ../gsc-config.yaml