Run RPC server entirely inside enclave, use TLS encryption (#362)

- Based on Tungstenite crate - Entire watch and send update mechanism is subsequently also moved into enclave
integritee-network · Sep 14, 2021 · 0af6918 · 0af6918
1 parent 38d8d7d
commit 0af6918
Show file tree

Hide file tree

Showing 60 changed files with 3,831 additions and 687 deletions.
diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml
@@ -189,10 +189,17 @@ jobs:
         env:
           KEY: ${{ secrets.IAS_PRIMARY_KEY }}
           SPID: ${{ secrets.IAS_SPID }}
+          TLS_CERTIFICATE: ${{ secrets.TLS_WS_SERVER_CERTIFICATE }}
+          TLS_PRIVATE_KEY: ${{ secrets.TLS_WS_SERVER_PRIVATE_KEY }}
         run: |
           cd ${{ env.BIN_DIR }}
           echo "${{ env.KEY }}" > key.txt
-          echo "$$ {{ env.SPID }}" > spid.txt
+          echo "${{ env.SPID }}" > spid.txt
+          echo "${{ env.TLS_CERTIFICATE }}" > end.fullchain
+          echo "${{ env.TLS_PRIVATE_KEY }}" > end.rsa
+          chmod 644 end.fullchain
+          chmod 644 end.rsa
+          ls -al .
 
       - name: Run local setup
         # * `set -eo pipefail` is needed to return an error even if piped to `tee`.