FROM graphene ENV SGX_SDK=/opt/intel/sgxsdk/ RUN mkdir source WORKDIR source ## Setting up prereqs for decryptor - Intel SGX SSL # Just curling the tar.gz file and then running the build script didn't work as the extracted folder had a different name (dependent on the foldername which was compressed) --- I didnt want to make a new fork of the sgxssl script for that. RUN git clone OpenSSL_1.1.1d && \ cd OpenSSL_1.1.1d && git checkout tags/OpenSSL_1_1_1d && \ cd ../ && tar -cf OpenSSL_1.1.1d.tar.gz OpenSSL_1.1.1d/ #Setting up SGXSSL with the version of OpenSSL that we downloaded in the previous step. RUN git clone && \ cd intel-sgx-ssl && git checkout tags/lin_2.5_1.1.1d && \ cp ../OpenSSL_1.1.1d.tar.gz ./openssl_source/ && \ cd Linux && make && make install #Setting up protobuf definitions for exchanging LA and post-LA messages between enclaves. RUN git clone && \ cd dhmsgs_proto_defs/ && protoc --cpp_out=./ ./*.proto #Setting up the decryptor enclave itself. RUN git clone && \ cd Decryptor/ && make #Setting up common files used in the verifier, PHP extension for LA/post-LA message processing. RUN git clone #Setting up a patched version of the linux-sgx repo's SDK for running LA on graphene. RUN git clone && \ cd linux-sgx-trts-modified && git checkout local_attestation_for_graphene && \ bash ./ && make USE_OPT_LIBS=0 #Setting up the verifier. RUN git clone && \ cd verifier/ && git checkout recreating_state_for_teeter && \ export SGX_SDK_TRTS_MODIFIED=/root/source/linux-sgx-trts-modified/build/linux && make && \ cp verifier /root/graphene/LibOS/shim/test/native && \ git checkout master && \ cp verifier.manifest.template /root/graphene/LibOS/shim/test/native && \ cp grapheneMakefile /root/graphene/LibOS/shim/test/native/Makefile #Build the verifier WORKDIR /root/graphene/LibOS/shim/test/native RUN make SGX=1 RUN apt update && apt install -y php7.0-dev tmux libxml2-dev WORKDIR /root/source RUN git clone --recursive && \ cd PHP-CPP/ && git checkout tags/v2.1.4 && make all && \ cp* /usr/lib/ && make install RUN git clone && \ cd Apache_PHP_extension && git checkout recreating_state_for_teeter && \ make #WORKDIR /root/graphene/LibOS/shim/test/apps/apache #RUN cp /root/source/Apache_PHP_extension/apacheMakefile ./Makefile #RUN cp /root/source/Apache_PHP_extension/*.tar.gz ./ #Don't make the manifest yet - make the apache/php build first and then the manifest. #RUN make SGX=1 build-apache #Add the updated httpd.manifest.template #RUN cp /root/source/Apache_PHP_extension/httpd.manifest.template ./ #Add the PHP .ini file from the PHP folder to /obj/lib #RUN cp ./php-7.0.7/php.ini-development ./obj/lib/php.ini #Add the extension to the obj/modules folder. #RUN cp /root/source/Apache_PHP_extension/ ./obj/modules/ #Add the extension directory and the extension name to the php.ini #RUN echo "extension_dir=/root/graphene/LibOS/shim/test/apps/apache/LibOS/shim/test/apps/apache/obj/modules" >> obj/lib/php.ini && \ # echo "" >> obj/lib/php.ini #Add all php source code files to the right place. #RUN cp /root/source/Apache_PHP_extension/*.php ./obj/htdocs #RUN make SGX=1 WORKDIR /root COPY ./ RUN chmod 755 ./