Skip to content

sparkly9399/SGX-OpenSSL

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits
OpenSSL_SGX
OpenSSL_SGX
 
 
SampleCode
SampleCode
 
 
Wrappers
Wrappers
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

SGX-OpenSSL

Overview

OpenSSL library for SGX application

Description

This project contains modified OpenSSL codes and necessary wrapper functions to be used for SGX-enabled applications.
We first ported an OpenSSL library to SGX for the SGX-Tor project in 2016 and made it public as an open source at Feb 2017.
Then we cleaned up the ported OpenSSL code with the newer version of OpenSSL for other SGX applications.
We also referred to Intel® SGX SSL project after it was released.
This project uses "md_rand.c" and "rand_unix.c" codes from Intel® SGX SSL project for generating random number safely in enclave.

Modified OpenSSL version: OpenSSL-1.0.2l https://github.com/openssl/openssl/releases/tag/OpenSSL_1_0_2l
Tested OS: ubuntu 16.04 LTS, 4.4.0
Tested SGX SDK version: Intel SGX SDK Linux 2.5 https://github.com/01org/linux-sgx/releases/tag/sgx_2.5

Usage:

  1. Go to OpenSSL_SGX/ folder.
  2. Run sgx_openssl_setup.sh to configure OpenSSL.
  3. Type "make" then you will get "libcrypto.a" and "libssl.a".
  4. Include the both static library files to your SGX application project.
  5. Copy and include the wrapper codes in "Wrappers/App" and "Wrappers/Enclave" directory to your own project.
  6. Implement your Makefile, EDL file, Linker script, Enclave configure file to build an SGX-enabled binary.

For the detailed usage, you can refer to the sample codes

Running sample codes

This project contains "Simple SSL/TLS server and client" sample codes.
I hope you can get some hints from the sample applications.

  1. If you did not build OpenSSL_SGX library, build the library first.
  2. Go to SampleCode/Simple_TLS_(Client or Server)/.
  3. Type "make" to build SGX-enabled TLS server and client.
  4. Start the TLS server at SampleCode/Simple_TLS_Server/app.
  5. Start the TLS client at SampleCode/Simple_TLS_Client/app.

References

  1. SGX-Tor: Tor anonymity network in the SGX environment (NSDI'17).
    Paper Link: https://www.usenix.org/system/files/conference/nsdi17/nsdi17-kim-seongmin.pdf.
  2. Intel® SGX SSL.
  3. SGX-Box: Enabling Visibility on Encrypted Traffic using a Secure Middlebox Module (APNet'17)
    Paper Link: http://conferences.sigcomm.org/events/apnet2017/papers/sgxbox-han.pdf.

Contact

Juhyeng Han sparkly9399@gmail.com
Seongmin Kim dallas1004@gmail.com

About

OpenSSL library for SGX application

Resources

Readme

License

View license
Activity

Stars

22 stars

Watchers

4 watching

Forks

11 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages