Skip to content
/ SGX-beginner-sample Public

A simple Intel SGX example that can be used by beginners

License

Unlicense license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hstoenescu/SGX-beginner-sample

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits

App

App

 
 

Enclave

Enclave

 
 

02-sgx-initial.tar.gz

02-sgx-initial.tar.gz

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

_config.yml

_config.yml

 
 

enclave.token

enclave.token

 
 

Repository files navigation

Intel SGX - beginner's project

This is a fairly simple Intel SGX project that consists in only just 1 enclave (see .../Enclave folder). The enclave implements general operations, like: add, diff, generate random number, read from a file/write to file using ocalls, seal and unseal data.

Used for inspiration the sample code and exercises found on this lab: https://ocw.cs.pub.ro/courses/isc/labs/03

The skeleton used for this project is found in this repo: 02-sgx-initial.tar.gz

Usage
Clone and change to this directory:

user@hostname $ git clone https://github.com/hstoenescu/SGX-beginner-sample
Cloning into 'SGX-beginner-sample'...
[...]
user@hostname $ cd SGX-beginner-sample

Usage SIM mode
(1.1) Compile the code for SIM mode

user@hostname $ make SGX_MODE=SIM # for simulation mode using SDK
GEN  =>  App/Enclave_u.c
CC   <=  App/Enclave_u.c
CXX  <=  App/App.cpp
CXX  <=  App/sgx_utils/sgx_utils.cpp
LINK =>  app
[...]
# Note that can be compiled with adding SGX_MODE as default value is 1

(2.1) Run from the root folder the executable app (sample output):

user@hostname $ ./app  
Adding numbers inside enclave...
Sum from enclave: 7
Diff between 2 numbers inside the enclave...
Diff from enclave: 5
Random number from enclave: 6
Successfully wrote to file
[...]

Usage HW mode
(1.2) Compile the code for HW mode with SGX_DEBUG or SGX_PRERELEASE set. Only one of it needs to be set - see here.
By using one of these 2 flags, the code will run in enclave-debug mode. For the moment, it doesn't work in release mode.
Moreover, the signature for non-release mode is generated automatically by the makefile - see compilation_signing and signing.

user@hostname $ make SGX_MODE=HW SGX_DEBUG=1 # or make SGX_MODE=HW SGX_PRERELEASE=1
GEN  =>  App/Enclave_u.c
CC   <=  App/Enclave_u.c
CXX  <=  App/App.cpp
CXX  <=  App/sgx_utils/sgx_utils.cpp
LINK =>  app
[...]

(2.2) Run and the same output will appear:

user@hostname $ ./app
Adding numbers inside enclave...
Sum from enclave: 7
Diff between 2 numbers inside the enclave...
Diff from enclave: 5
Random number from enclave: 1
Successfully wrote to file
[...]

(3) To clean the files, simply use:

user@hostname $ make clean # it removes the application, objs, wrappers, signed enclave and created files

(4) optional - fell free to change code, inspect it, add new one or test it

About

A simple Intel SGX example that can be used by beginners

Topics

security hardware sgx tee

Resources

Readme

License

Unlicense license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages