Skip to content

@KeithMoyer KeithMoyer released this Jul 30, 2020 · 11 commits to master since this release

Changes since 0.5.3 include:

  • LVI vulnerability mitigations
  • Bazel transitions support
  • Efficient synchronization primitives
  • Remote attestation support complete. See SgxIntelEcdsaQeRemoteAssertionGenerator and EnclaveCredentialsOptions.
  • Utility provided to fetch PCK certificates from Intel’s PCS
  • Support for Intel’s (soon-to-be) upstream SGX kernel driver. Asylo now supports both Intel’s separate GitHub SGX kernel driver and the version being integrated with the main Linux kernel tree.
  • Additional input validation for fork() and recvfrom(). Fixes vulnerabilities reported by Baidu Security (commits: e582f36, 299f804).
  • Updated to newer versions of dependencies
  • Improved documentation and testing
  • Maintenance work and bug fixes


  • AesGcmSivCryptor was previously deprecated and is now removed. Use AeadCryptor instead (commits: 7220263, df55fa1)
  • The ENCLAVE_STORAGE_SET_KEY ioctl definition (needed for using Asylo’s secure storage) is no longer included in <sys/ioctl.h> (deprecated previously). Users must now include “asylo/secure_storage.h” to get this macro. (commit: 0e0f9e0)
  • The Match method on expectation matches is deprecated. Use MatchAndExplain instead (commit: 03b767d)
  • Bazel transitions support enabled by default. --config=<backend> flags should no longer be given on the Bazel command line. If you need to block this change for any of your targets, the non-transition-based build style can be reactivated from your WORKSPACE file during a transitional period. See Building documentation. (commit: 66f4184)
  • Identity-related headers were previously moved, but the old locations remained for compatibility. Those old locations have now been removed. (commit: 2fd415c)
  • In order to use gRPC, a project’s WORKSPACE file should call grpc_deps() and grpc_extra_deps(). In the past, Asylo implicitly imported some of gRPC’s dependencies, but this should not be relied upon. (commit: 806eeff)
  • Support for legacy SgxIdentity messages (previously deprecated) has been removed. (commit: e7abad7)
Assets 2
Jul 22, 2020
Fix vulnerability in enc_untrusted_recvfrom
Change recvfrom memcpy to check for received_buffer size to avoid
copying extra buffer.

This issue was reported by Qinkun Bao, Zhaofeng Chen, Mingshen Sun, and
Kang Li from Baidu Security.

PiperOrigin-RevId: 322476299
Change-Id: I3606ff9ec51ec7cc4312c7555c645a2fc6e09b21

@KeithMoyer KeithMoyer released this Apr 2, 2020

Changes since 0.5.2 include:

  • Updated to the latest Intel SGX SDK to pick up fixes and improvements
  • Added bindings for calling into Asylo enclaves from Java applications
  • Stability fixes for signal handling in SGX simulation mode
  • Performance improvements through more efficient locking mechanisms
  • Updated to newer versions of dependencies
  • Additional POSIX interface implementations
  • Improved documentation and testing
  • Maintenance work and bug fixes


  • The SGX SDK update included changes that are not binary compatible with previous releases. When updating to Asylo 0.5.3, ensure you rebuild both your enclave and its loader. (c667347, 9948912)
  • The non-standard ENCLAVE_STORAGE_SET_KEY ioctl request has been moved to <asylo/secure_storage.h>. The implicit definition by including <sys/ioctl.h> is deprecated and will be removed in a future release. If using Asylo secure storage, ensure that the secure_storage.h header is included where needed. (4a9d2f2)
Assets 2
Mar 24, 2020
Extract identity from ReportBody, not Report
This updates ParseSgxIdentityFromHardwareReport to accept a ReportBody
parameter, as the identity is extracted from the ReportBody. None of the
other fields in Report are used by this function.

PiperOrigin-RevId: 302560636
Change-Id: I30ed1e7540f75bf479ddfc1c3aca47d00e18d786

@KeithMoyer KeithMoyer released this Jan 22, 2020 · 392 commits to master since this release

Changes since 0.5.1 include:

  • Security fix for sanitization of returned buffer sizes from host calls commit
  • Maintenance work and bug fixes


  • SgxLoader and SgxEmbeddedLoader classes have been deprecated, as well as the EnclaveManager LoadEnclave method that accepted them. Instead, one should pass an EnclaveLoadConfig to LoadEnclave. commit
  • asylo/grpc/util:grpc_enclave_config is now configured to provide much less stack and TCS. If you need more, you can still specify a custom sgx_enclave_configuration. commit
  • In order to prepare for upcoming changes in Bazel, we've taken dependencies on fairly recent versions of rules_cc, rules_proto, rules_python, and rules_java. If your WORKSPACE file pulls in older versions of these dependencies (even transitively) prior to calling asylo_deps(), you may run into issues requiring you to include these newer versions. commit
Assets 2
Jan 16, 2020
Listen on both IPv4 and IPv6 in grpc examples
Use "localhost" instead of "[::1]", as it resolves to IPv4 and/or IPv6
addresses depending on what the system supports.

PiperOrigin-RevId: 290139289
Change-Id: I5c289a7e30699a8798a792863b728e11da687f2e

@KeithMoyer KeithMoyer released this Jan 10, 2020 · 431 commits to master since this release

Changes since 0.5.0 include:

  • Fix for SGX hardware enclaves with Bazel 1.0+ commit
  • Updated to newer versions of dependencies
  • Improved documentation and testing
  • Maintenance work and bug fixes


  • The sgx_unsigned_enclave Bazel macro is deprecated in favor of cc_unsigned_enclave (asylo.bzl) with a specified sgx backend, or sgx_cc_unsigned_enclave (sgx_rules.bzl) as a shorthand for the former. commit
  • The previously deprecated sgx_enclave macro has been removed. Instead cc_unsigned_enclave or debug_sign_enclave should be used, specifying backends = sgx.backend_labels. commit
  • The HostConfig proto field in EnclaveConfig is deprecated. Related methods for creating configs in enclave_config_util.h have been updated so that they do not require a HostConfig parameter. commit, commit
  • AesGcmSivCryptor is deprecated in favor of AeadCryptor. commit
  • The deprecated SGXLoader/SimLoader/SimEmbeddedLoader aliases have been removed. The EnclaveLoadConfig/SgxLoadConfig proto should be used instead. commit, commit
  • A number of items under asylo/identity have been moved. The old locations have been deprecated in favor of the new ones.
    • asylo/identity/null_identity/... -> asylo/identity/attestation/null/…
    • asylo/identity/sgx/... -> asylo/identity/attestation/sgx/…
    • asylo/identity/util/... -> asylo/crypto/…
    • asylo/identity:sealed_secret_proto -> asylo/identity/sealing:sealed_secret_proto
    • asylo/identity:sealed_secret_cc_proto -> asylo/identity/sealing:sealed_secret_cc_proto
    • asylo/identity:secret_sealer -> asylo/identity/sealing:secret_sealer
    • asylo/identity:enclave_assertion_generator -> asylo/identity/attestation:enclave_assertion_generator
    • asylo/identity:enclave_assertion_verifier -> asylo/identity/attestation:enclave_assertion_verifier
Assets 2
Jan 7, 2020
Make SGX AGE test enclave reusable
The entry points into the SgxAgeRemoteAssertionGeneratorTestEnclave are
applicable to any SGX assertion generator. Rename the class to
SgxRemoteAssertionGeneratorTestEnclave and set the type of assertion
generator in enclave initialization routine. This way, the enclave may
be used for different assertion generators beyond the AGE one.

PiperOrigin-RevId: 288501012
Change-Id: I77822a70d4f7918c9e60674126d69d02c7dc10a3

@KeithMoyer KeithMoyer released this Nov 26, 2019 · 616 commits to master since this release

Changes since 0.4.1 include:

  • Addition of remote backend
  • Documentation of the Enclave Key Exchange Protocol
  • Added ability to apply channel-level authorization to EKEP-based gRPC connections
  • Guide for gRPC authentication and authorization in EKEP-based connections
  • fork() implementation is now thread-safe
  • Additional POSIX interface implementations
  • Updated to newer versions of dependencies
  • Improved documentation and testing
  • Maintenance work and bug fixes


  • The EnclaveManager::LoadEnclave API has been simplified to take a protobuf instead of requiring the creation of a backend-specific EnclaveLoader object. The old APIs are deprecated and will be removed in a future release.
  • The sgx_enclave bazel macro is now deprecated. To make it clearer how to create signed enclaves, it is replaced by sgx_unsigned_enclave and sgx_debug_enclave/sgx_signed_enclave (see our Quickstart and SGX Release guides for examples).
  • SgxLocalSecretSealer has changed the format of its sealed secrets. It will continue to be able to unseal old secrets for a compatibility period, but any data previously sealed with SgxLocalSecretSealer should be resealed at v0.5.0 to maintain compatibility moving forward.
  • The sgx_code_identity_expectation_matcher library is deprecated in favor of sgx_identity_expectation_matcher.
  • Aliasing of SGX simulation as just “sim” has been deprecated. As we’re adding more backend modes, it was determined that being more explicit on which is being used was appropriate. This includes --config=enc-sim (use --config=sgx-sim), sim_enclave bazel macro (see sgx_enclave bullet above), SimLoader (use SgxLoadConfig), and SimEmbeddedLoader (use SgxLoadConfig).
  • The CleansingString type is deprecated in favor of CleansingVector.
  • The asylo_py_proto_library bazel macro (deprecated in v0.4.1) has been removed. Now that the issues with grpc_proto_library and proto_library have been resolved, the standard py_proto_library should be used directly instead.
Assets 2
Nov 21, 2019
Rename generate_sigstruct build rule
The new name, generate_enclave_signing_material, is closer to
its intended function. The SIGSTRUCT, enclave_css_t type, contains
this signing material, but also a signature of it, the signing key's
public key, and some derived information from the public key. Therefore
calling the output of this rule a sigstruct is a misnomer.

Resolves #51.

PiperOrigin-RevId: 281841345
Change-Id: Ie71b45207bcf9484b4f8cdd6619c5efbbe7aeb1d
You can’t perform that action at this time.