Google Git
Sign in
apache / incubator-teaclave / 21cf3bbee75fad82cd61ce74929f6c590d91f514 / . / teaclave_cli
tree: 8e11ef64b53b4c67aa991d43953ab1596d3362a4 [path history] [tgz]
  1. src/
  2. Cargo.toml
  3. README.md
teaclave_cli/README.md

Teaclave Command Line Tool

teaclave_cli is a command-line tool to communicate with Teaclave's services.

Usage

There are two sub-commands: teaclave_cli audit is for auditing enclave info with auditors' public keys and signatures and teaclave_cli connect is for communicating with Teclave's services.

Here are details of the arguments for teaclave_cli audit:

$ ./teaclave_cli audit --help
teaclave_cli-audit 0.1.0
MesaTEE Authors <developers@mesatee.org>
Audit enclave info with auditors' public keys and signatures.

USAGE:
    teaclave_cli audit --enclave_info <ENCLAVE_INFO_FILE> --auditor_public_keys <auditor_public_keys>... --auditor_signatures <auditor_signatures>...

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information

OPTIONS:
    -c, --enclave_info <ENCLAVE_INFO_FILE>                Path to Enclave info file.
    -k, --auditor_public_keys <auditor_public_keys>...    SPACE separated paths of Teaclave auditor public keys
    -s, --auditor_signatures <auditor_signatures>...
            SPACE separated paths of Teaclave auditor endorsement signatures.

Here are details of the arguments for teaclave_cli connect:

./teaclave_cli connect --help
teaclave_cli-connect 0.1.0
MesaTEE Authors <developers@mesatee.org>
Connect and send messages to Teaclave services

USAGE:
    teaclave_cli connect [OPTIONS] <IP_ADDRESS:PORT> --enclave_info <ENCLAVE_INFO_FILE> --endpoint <endpoint>

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information

OPTIONS:
    -c, --enclave_info <ENCLAVE_INFO_FILE>    Path to Enclave info file.
    -o, --output <INPUT_FILE>                 Write to FILE instead of stdout.
    -i, --input <OUTPUT_FILE>                 Read from FILE instead of stdin.
    -e, --endpoint <endpoint>                 Teaclave endpoint to connect to. Possible values are: tms, tdfs, fns.

ARGS:
    <IP_ADDRESS:PORT>    Address and port of the Teaclave endpoint.

Example

The following is an example of verifying the enclave info with auditors' public keys and signatures.

$ ./teaclave_cli audit \
  -c enclave_info.toml \
  -k auditors/albus_dumbledore/albus_dumbledore.public.der \
     auditors/godzilla/godzilla.public.der \
     auditors/optimus_prime/optimus_prime.public.der \
  -s auditors/albus_dumbledore/albus_dumbledore.sign.sha256 \
     auditors/godzilla/godzilla.sign.sha256 \
     auditors/optimus_prime/optimus_prime.sign.sha256
Enclave info is successfully verified.

This example is to create a task and invoke the “echo” function.

# create a task
$ cat create_task.json
{
  "type":"Create",
  "function_name":"echo",
  "collaborator_list":[],
  "files":[],
  "user_id":"user1",
  "user_token":"token1"
}
$ cat create_task.json | ./teaclave_cli connect 127.0.0.1:5554 -c enclave_info.toml -e tms
{"type":"Create","task_id":"20937006-2718-4f33-bae2-567933807436","task_token":"d20ce53ab743d69320712fd98555f5e5","ip":"127.0.0.1","port":3444}

Compose a invoke task request with task_id, task_token, ip and port in the previous response.

# invoke the "echo" function
$ cat invoke_task.json
{
  "task_id":"20937006-2718-4f33-bae2-567933807436",
  "function_name":"echo",
  "task_token":"d20ce53ab743d69320712fd98555f5e5",
  "payload":"Hello, World!"
}

$ cat invoke_task.json | ./teaclave_cli connect 127.0.0.1:3444 -c enclave_info.toml -e fns
{"result":"Hello, World!"}