Git Product home page Git Product logo

sgx-openssl's Introduction

SGX-OpenSSL

Overview

OpenSSL library for SGX application

Description

This project contains modified OpenSSL codes and necessary wrapper functions to be used for SGX-enabled applications.
We first ported an OpenSSL library to SGX for the SGX-Tor project in 2016 and made it public as an open source at Feb 2017.
Then we cleaned up the ported OpenSSL code with the newer version of OpenSSL for other SGX applications.
We also referred to Intel® SGX SSL project after it was released.
This project uses "md_rand.c" and "rand_unix.c" codes from Intel® SGX SSL project for generating random number safely in enclave.

Modified OpenSSL version: OpenSSL-1.0.2l https://github.com/openssl/openssl/releases/tag/OpenSSL_1_0_2l
Tested OS: ubuntu 16.04 LTS, 4.4.0
Tested SGX SDK version: Intel SGX SDK Linux 2.5 https://github.com/01org/linux-sgx/releases/tag/sgx_2.5

Usage:

  1. Go to OpenSSL_SGX/ folder.
  2. Run sgx_openssl_setup.sh to configure OpenSSL.
  3. Type "make" then you will get "libcrypto.a" and "libssl.a".
  4. Include the both static library files to your SGX application project.
  5. Copy and include the wrapper codes in "Wrappers/App" and "Wrappers/Enclave" directory to your own project.
  6. Implement your Makefile, EDL file, Linker script, Enclave configure file to build an SGX-enabled binary.

For the detailed usage, you can refer to the sample codes

Running sample codes

This project contains "Simple SSL/TLS server and client" sample codes.
I hope you can get some hints from the sample applications.

  1. If you did not build OpenSSL_SGX library, build the library first.
  2. Go to SampleCode/Simple_TLS_(Client or Server)/.
  3. Type "make" to build SGX-enabled TLS server and client.
  4. Start the TLS server at SampleCode/Simple_TLS_Server/app.
  5. Start the TLS client at SampleCode/Simple_TLS_Client/app.

References

  1. SGX-Tor: Tor anonymity network in the SGX environment (NSDI'17).
    Paper Link: https://www.usenix.org/system/files/conference/nsdi17/nsdi17-kim-seongmin.pdf.
  2. Intel® SGX SSL.
  3. SGX-Box: Enabling Visibility on Encrypted Traffic using a Secure Middlebox Module (APNet'17)
    Paper Link: http://conferences.sigcomm.org/events/apnet2017/papers/sgxbox-han.pdf.

Contact

Juhyeng Han [email protected]
Seongmin Kim [email protected]

sgx-openssl's People

Contributors

sparkly9399 avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.