compilation flow: add release mode

Author: bl4ck5un

cmake/ConfigSGX.cmake

@@ -48,7 +48,6 @@ endif()
 find_package(SGXPSW REQUIRED)
 
 message(STATUS "SGX_SDK: ${SGX_SDK}")
-message(STATUS "SGX_COMMON_CFLAGS: ${SGX_COMMON_CFLAGS}")
 message(STATUS "SGX_ARCH: ${SGX_ARCH}")
 message(STATUS "SGX_MODE: ${SGX_MODE}")
 message(STATUS "SGX_BUILD: ${SGX_BUILD}")
@@ -61,3 +60,4 @@ message(STATUS "SGX_TRTS_LIB: ${SGX_TRTS_LIB}")
 message(STATUS "SGX_TSVC_LIB: ${SGX_TSVC_LIB}")
 message (STATUS "SGX uRTS path: ${SGX_URTS_LIBRARY}")
 message (STATUS "SGX uSVC path: ${SGX_USVC_LIBRARY}")
+message(STATUS "SGX_COMMON_CFLAGS: ${SGX_COMMON_CFLAGS}")

dockerfiles/deployment/Dockerfile.build

@@ -8,8 +8,9 @@ COPY . /code
 
 RUN mkdir /tc && \
     cp /code/dockerfiles/deployment/Dockerfile.runtime /tc/Dockerfile && \
-    cp /code/dockerfiles/deployment/supervisord.conf /tc
-
+    mv /code/dockerfiles/deployment/sign_enclave.sh \
+       /code/dockerfiles/deployment/build_release_docker.sh \
+       /code/dockerfiles/deployment/supervisord.conf /tc
 RUN cd /code && \
     make -C src/Enclave/mbedtls-SGX && \
     mkdir -p tmp && \

dockerfiles/deployment/Dockerfile.runtime

@@ -8,6 +8,7 @@ ENV LD_LIBRARY_PATH=${SGX_SDK}/sdk_libs
 COPY . /tc
 
 RUN apt-get update && apt-get install --yes supervisor
+RUN /tc/sign_enclave.sh
 
 EXPOSE 8123
 

dockerfiles/deployment/build_release_docker.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+CORE_IMAGE=bl4ck5un/tc-core
+BUILD=Release
+
+docker run --rm tc/core-builder | docker build --rm --force-rm -t ${CORE_IMAGE}:${BUILD} .

dockerfiles/deployment/sign_enclave.sh

@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+SGX_SDK=${SGX_SDK:-"/opt/intel/sgxsdk"}
+SGX_ENCLAVE_SIGNER=${SGX_SDK}/bin/x64/sgx_sign
+
+SIGNATURE_FILE=signature.hex
+SIGNING_WORKING_DIR=signing
+
+if [[ -f  ${SIGNATURE_FILE} ]]; then
+pushd ${SIGNING_WORKING_DIR}
+    ${SGX_ENCLAVE_SIGNER} catsig
+        -enclave enclave.debug.so \
+        -config Enclave.config.xml \
+        -key release_pubkey.pem \
+        -out enclave.release.so \
+        -sig signature.hex \
+        -unsigned enclave.hex
+popd
+else
+    echo "nothing to do";
+fi

scripts/Makefile

@@ -20,6 +20,17 @@ core:
 core-debug:
 	$(MAKE) BUILD=Debug build
 
+release:
+	cd ${BASE_DIR} && \
+	docker build \
+		--build-arg BUILD=Release \
+		--build-arg MAKE_FLAGS=-j \
+		--force-rm \
+		-t tc/core-builder \
+		-f dockerfiles/deployment/Dockerfile.build . && \
+	rm -rf build/release && mkdir -p build/release && \
+	docker run --rm tc/core-builder | tar xvzf - -C build/release
+
 build:
 	cd ${BASE_DIR} && \
 	docker build \

src/App/debug.cpp

@@ -43,8 +43,7 @@
 
 #include "App/debug.h"
 
-#include <stdio.h>
-#define printf_sgx printf
+#include <cstdio>
 
 void hexdump(const char *title, void const *data, size_t len) {
 #if(defined(DEBUG))
@@ -54,38 +53,38 @@ void hexdump(const char *title, void const *data, size_t len) {
   if (!data)
     return;
 
-  printf_sgx("%s\n", title);
+  std::printf("%s\n", title);
 
   for (r = 0, i = 0; r < (len / 16 + (len % 16 != 0)); r++, i += 16) {
-    printf_sgx("0x%04X:   ", i); /* location of first byte in line */
+    std::printf("0x%04X:   ", i); /* location of first byte in line */
 
     for (c = i; c < i + 8; c++) /* left half of hex dump */
       if (c < len)
-        printf_sgx("%02X ", ((unsigned char const *) data)[c]);
+        std::printf("%02X ", ((unsigned char const *) data)[c]);
       else
-        printf_sgx("   "); /* pad if short line */
+        std::printf("   "); /* pad if short line */
 
-    printf_sgx("  ");
+    std::printf("  ");
 
     for (c = i + 8; c < i + 16; c++) /* right half of hex dump */
       if (c < len)
-        printf_sgx("%02X ", ((unsigned char const *) data)[c]);
+        std::printf("%02X ", ((unsigned char const *) data)[c]);
       else
-        printf_sgx("   "); /* pad if short line */
+        std::printf("   "); /* pad if short line */
 
-    printf_sgx("   ");
+    std::printf("   ");
 
     for (c = i; c < i + 16; c++) /* ASCII dump */
       if (c < len) {
         if (((unsigned char const *) data)[c] >= 32 &&
             ((unsigned char const *) data)[c] < 127)
-          printf_sgx("%c", ((char const *) data)[c]);
+          std::printf("%c", ((char const *) data)[c]);
         else
-          printf_sgx("."); /* put this for non-printables */
+          std::printf("."); /* put this for non-printables */
       } else {
-        printf_sgx(" "); /* pad if short line */
+        std::printf(" "); /* pad if short line */
       }
-    printf_sgx("\n");
+    std::printf("\n");
   }
 #endif
 }

src/Enclave/CMakeLists.txt

@@ -107,17 +107,9 @@ add_custom_command(TARGET enclave
         -out enclave.hex
         COMMENT "Generating signing materials. Written to ${CMAKE_CURRENT_BINARY_DIR}/enclave.hex")
 
-add_custom_target(release-enclave
-        DEPENDS enclave Enclave.config.xml release_pubkey.pem
-        COMMAND ${SGX_ENCLAVE_SIGNER} catsig
-        -enclave libenclave.so
-        -config ${CMAKE_CURRENT_SOURCE_DIR}/Enclave.config.xml
-        -key ${CMAKE_CURRENT_SOURCE_DIR}/release_pubkey.pem
-        -out ${RELEASE_ENCLAVE_NAME}
-        -sig signature.hex
-        -unsigned enclave.hex
-        WORKING_DIRECTORY ${CMAKE_LIBRARY_OUTPUT_DIRECTORY})
-
-install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${DEBUG_ENCLAVE_NAME} DESTINATION enclave
-        CONFIGURATIONS Debug Prerelease)
-install(FILES ${CMAKE_CURRENT_BINARY_DIR}/enclave.hex DESTINATION enclave)
+install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${DEBUG_ENCLAVE_NAME} DESTINATION enclave)
+install(FILES ${CMAKE_CURRENT_BINARY_DIR}/enclave.hex
+        ${CMAKE_CURRENT_SOURCE_DIR}/release_pubkey.pem
+        ${CMAKE_CURRENT_SOURCE_DIR}/Enclave.config.xml
+        DESTINATION signing
+        CONFIGURATIONS Release)

src/Enclave/debug.c

@@ -92,6 +92,7 @@ void hexdump(const char *title, void const *data, size_t len) {
   }
 }
 
+#ifdef DEBUG
 static void bin_to_strhex(const unsigned char *bin, size_t binsz, char *result) {
   char hex_str[] = "0123456789abcdef";
   unsigned int i;
@@ -106,6 +107,7 @@ static void bin_to_strhex(const unsigned char *bin, size_t binsz, char *result)
     result[i * 2 + 1] = hex_str[(bin[i]) & 0x0F];
   }
 }
+#endif
 
 void print_str_dbg(const char *title, const unsigned char *data, size_t len) {
 #ifdef DEBUG

src/Enclave/encoding.cpp

@@ -44,6 +44,7 @@
 #include "encoding.h"
 
 #include <string>
+#include <iterator>
 
 #include "commons.h"
 #include "debug.h"
@@ -78,14 +79,6 @@ int append_as_uint256(bytes &out, uint64_t in, int len) {
   return 0;
 }
 
-// compute how many (non-zero) bytes there are in _i
-template<typename T>
-static uint8_t byte_length(T _i) {
-  uint8_t i = 0;
-  for (; _i != 0; ++i, _i >>= 8) {}
-  return i;
-}
-
 uint8_t bytesRequired(uint64_t _i) { return byte_length<uint64_t>(_i); }
 
 void bytes::replace(const bytes &in) {
@@ -99,39 +92,6 @@ void bytes::from_hex(const char *src) {
   this->insert(this->begin(), b.begin(), b.end());
 }
 
-#include <iterator>
-
-template <typename Iter>
-void rlp_string(Iter begin, Iter end, std::vector<uint8_t>& out) {
-  static_assert(std::is_same<typename std::iterator_traits<Iter>::value_type, uint8_t>::value, "Iter must point to uint8_t");
-
-  long len = std::distance(begin, end);
-  if (len < 0)
-    throw std::invalid_argument("String too long to be encoded.");
-
-  int32_t len_len;
-  if (len == 1 && (*begin) < 0x80) {
-    out.push_back(*begin);
-    return;
-  }
-
-  // longer than 1
-  if (len < 56) {
-    out.push_back(0x80 + static_cast<uint8_t>(len));
-    out.insert(out.end(), begin, end);
-  } else {
-    len_len = byte_length<size_t>(len);
-    if (len_len > 8) {
-      throw std::invalid_argument("String too long to be encoded.");
-    }
-
-    out.push_back(0xb7 + static_cast<uint8_t>(len_len));
-
-    std::vector<uint8_t> b_len = itob(len);
-    out.insert(out.end(), b_len.begin(), b_len.end());
-    out.insert(out.end(), begin, end);
-  }
-}
 
 void bytes::to_rlp(bytes &out) {
   rlp_string(this->begin(), this->end(), out);

src/Enclave/encoding.h

@@ -44,43 +44,80 @@
 #define TOWN_CRIER_ENCODING_H
 
 #include "commons.h"
+#include "debug.h"
 #include "log.h"
 
 #include <vector>
 #include <array>
 
-
 using std::vector;
 using std::invalid_argument;
 using std::string;
 using std::array;
 typedef std::vector<uint8_t> BYTE;
 
-
 //! split an integer @code{num} to an byte array
 //! prepend 0 until reaching @code{width}
 std::vector<uint8_t> itob(uint64_t num, size_t width = 0);
 
+// compute how many (non-zero) bytes there are in _i
+template<typename T>
+static uint8_t byte_length(T _i) {
+  uint8_t i = 0;
+  for (; _i != 0; ++i, _i >>= 8) {}
+  return i;
+}
+
+template<typename Iter>
+void rlp_string(Iter begin, Iter end, std::vector<uint8_t> &out) {
+  static_assert(std::is_same<typename std::iterator_traits<Iter>::value_type, uint8_t>::value,
+                "Iter must point to uint8_t");
+
+  long len = std::distance(begin, end);
+  if (len < 0)
+    throw std::invalid_argument("String too long to be encoded.");
+
+  int32_t len_len;
+  if (len == 1 && (*begin) < 0x80) {
+    out.push_back(*begin);
+    return;
+  }
+
+  // longer than 1
+  if (len < 56) {
+    out.push_back(0x80 + static_cast<uint8_t>(len));
+    out.insert(out.end(), begin, end);
+  } else {
+    len_len = byte_length<size_t>(len);
+    if (len_len > 8) {
+      throw std::invalid_argument("String too long to be encoded.");
+    }
+
+    out.push_back(0xb7 + static_cast<uint8_t>(len_len));
+
+    std::vector<uint8_t> b_len = itob(len);
+    out.insert(out.end(), b_len.begin(), b_len.end());
+    out.insert(out.end(), begin, end);
+  }
+}
+
 class RLPSerializable {
  public:
-  virtual void to_rlp(std::vector<uint8_t>& out) = 0;
+  virtual void to_rlp(std::vector<uint8_t> &out) = 0;
 };
 
-template <typename Iter>
-void rlp_string(Iter begin, Iter end, std::vector<uint8_t>& out);
-
 class bytes : public std::vector<uint8_t> {
  public:
   bytes() = default;
-  bytes(const bytes& a, const bytes& b) {
+  bytes(const bytes &a, const bytes &b) {
     std::vector<uint8_t>::insert(std::vector<uint8_t>::end(), a.begin(), a.end());
     std::vector<uint8_t>::insert(std::vector<uint8_t>::end(), b.begin(), b.end());
   }
   explicit bytes(size_t len) : std::vector<uint8_t>(len, static_cast<uint8_t>(0)) {}
-  explicit bytes(const std::vector<uint8_t>& data) : std::vector<uint8_t>(data) {}
+  explicit bytes(const std::vector<uint8_t> &data) : std::vector<uint8_t>(data) {}
   void replace(const bytes &);
   virtual void from_hex(const char *src);
-  virtual void parseUInt64(uint64_t i){
+  virtual void parseUInt64(uint64_t i) {
     this->clear();
     vector<uint8_t> b = itob(i);
     this->insert(this->begin(), b.begin(), b.end());
@@ -90,20 +127,18 @@ class bytes : public std::vector<uint8_t> {
   void toString();
 };
 
-#include "debug.h"
-
-class bytes20: public RLPSerializable {
+class bytes20 : public RLPSerializable {
  private:
-  static const size_t SIZE=20;
+  static const size_t SIZE = 20;
   array<uint8_t, SIZE> _b;
 
  public:
   bytes20() = default;
-  explicit bytes20(const char* hex);
-  void to_rlp(std::vector<uint8_t>& out) override {
+  explicit bytes20(const char *hex);
+  void to_rlp(std::vector<uint8_t> &out) override {
     rlp_string(_b.begin(), _b.end(), out);
   }
-  void dump(const char* title) {
+  void dump(const char *title) {
 #ifndef NDEBUG
     hexdump(title, _b.data(), _b.size());
 #endif
@@ -112,7 +147,7 @@ class bytes20: public RLPSerializable {
 
 class bytes32 : public bytes {
  private:
-  const size_t SIZE=32;
+  const size_t SIZE = 32;
  public:
   bytes32() {
     vector<uint8_t>::resize(SIZE);
@@ -132,8 +167,7 @@ class bytes32 : public bytes {
   void replace(const bytes32 &in) { bytes::replace(in); }
   void replace(const BYTE &in);
 
-
-  void reset(){}
+  void reset() {}
 };
 
 uint8_t get_n_th_byte(uint64_t in, int n);

src/Enclave/eth_transaction.cpp

@@ -234,9 +234,8 @@ int form_transaction(int nonce,
   tx.m_data = encoded_delivery_call;
 
   try {
-    LL_DEBUG("before rlpEncode");
     tx.rlpEncode(out, false);
-    LL_DEBUG("after rlpEncode");
+    LL_DEBUG("rlpEncode done");
   }
   catch (const std::invalid_argument &e) {
     LL_CRITICAL("%s", e.what());