You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@teaclave.apache.org by ms...@apache.org on 2020/09/08 23:48:33 UTC

[incubator-teaclave] branch master updated: Add examples in the CLI's document (#417)

This is an automated email from the ASF dual-hosted git repository.

mssun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave.git


The following commit(s) were added to refs/heads/master by this push:
     new 1203b8f  Add examples in the CLI's document (#417)
1203b8f is described below

commit 1203b8fe661fa72f824ce8696e38e5bb29e2b584
Author: Mingshen Sun <bo...@mssun.me>
AuthorDate: Tue Sep 8 16:48:27 2020 -0700

    Add examples in the CLI's document (#417)
---
 cli/README.md                       | 32 ++++++++++++++++++++++++++++++++
 cli/src/main.rs                     | 18 +++++++++---------
 examples/python/builtin_rsa_sign.py |  2 +-
 3 files changed, 42 insertions(+), 10 deletions(-)

diff --git a/cli/README.md b/cli/README.md
index 81b879e..90e9d76 100644
--- a/cli/README.md
+++ b/cli/README.md
@@ -14,3 +14,35 @@ interactive with the platform. The command line tool has several sub-commands:
   and `MRENCLAVE`) signed by auditors with their public keys. The enclave info
   is used for remote attestation, Please verify it before connecting the
   platform with the client SDK.
+
+## Encrypt/Decrypt
+
+Here are two examples to encrypt and decrypt files with the CLI.
+
+```
+$ ./teaclave_cli encrypt \
+    --algorithm teaclave-file-128 \
+    --key 00000000000000000000000000FF1234 \
+    --input-file ${FILE} \
+    --output-file ${ENCRYPTED_FILE} \
+    --print-cmac
+cfba09e4c2bc72ea9e5392d779c2926c
+
+$ ./teaclave_cli decrypt \
+    --algorithm teaclave-file-128 \
+    --key 00000000000000000000000000FF1234 \
+    --input-file ${ENCRYPTED_FILE} \
+    --output-file ${DECRYPTED_FILE}
+```
+
+## Verify
+
+Here is an example to verify auditors' signatures of the enclave info file.
+
+```
+$ ./teaclave_cli verify \
+    --enclave-info ../examples/enclave_info.toml \
+    --public-keys $(find ../examples -name "*.public.pem") \
+    --signatures $(find ../examples -name "*.sign.sha256")
+Verify successfully.
+```
diff --git a/cli/src/main.rs b/cli/src/main.rs
index 7b4b60e..6d12190 100644
--- a/cli/src/main.rs
+++ b/cli/src/main.rs
@@ -38,25 +38,25 @@ struct EncryptDecryptOpt {
     #[structopt(short, long)]
     algorithm: String,
 
-    /// Key in hex format
+    /// Key in the hex format.
     #[structopt(short, long, parse(try_from_str = decode_hex))]
     key: KeyVec,
 
-    /// IV for AES keys in hex format
+    /// IV for AES keys in the hex format.
     #[structopt(long, parse(try_from_str = decode_hex))]
     iv: Option<KeyVec>,
 
-    /// Path of input file
+    /// Path of input file.
     #[structopt(short, long = "input-file")]
     input_file: PathBuf,
 
-    /// Path of output file
+    /// Path of output file.
     #[structopt(short, long = "output-file")]
     output_file: PathBuf,
 
-    /// Whether to print cmac
-    #[structopt(short, long)]
-    cmac_flag: bool,
+    /// Flag to print out CMAC.
+    #[structopt(short = "c", long = "print-cmac")]
+    print_cmac: bool,
 }
 
 #[derive(Debug, StructOpt)]
@@ -185,7 +185,7 @@ fn main() -> Result<()> {
     let args = Opt::from_args();
     match args.command {
         Command::Decrypt(opt) => {
-            let flag = opt.cmac_flag;
+            let flag = opt.print_cmac;
             let cmac = decrypt(opt)?;
             if flag {
                 let cmac_string = hex::encode(cmac);
@@ -193,7 +193,7 @@ fn main() -> Result<()> {
             }
         }
         Command::Encrypt(opt) => {
-            let flag = opt.cmac_flag;
+            let flag = opt.print_cmac;
             let cmac = encrypt(opt)?;
             if flag {
                 let cmac_string = hex::encode(cmac);
diff --git a/examples/python/builtin_rsa_sign.py b/examples/python/builtin_rsa_sign.py
index 9f95f74..1761550 100644
--- a/examples/python/builtin_rsa_sign.py
+++ b/examples/python/builtin_rsa_sign.py
@@ -53,7 +53,7 @@ def register_input_file(client):
         --input-file ./tests/fixtures/functions/rsa_sign/key.der
         --key 00000000000000000000000000000003
         --output-file ./tests/fixtures/functions/rsa_sign/rsakey.enc
-        --cmac-flag
+        --print-cmac
     """
     url = "http://localhost:6789/fixtures/functions/rsa_sign/rsakey.enc"
     cmac = "4de3bb77327c82923640835c6e5ada66"


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@teaclave.apache.org
For additional commands, e-mail: commits-help@teaclave.apache.org