diff --git a/SGX_example/Benchmarks.sln b/SGX_example/Benchmarks.sln new file mode 100755 index 00000000..cd30e294 --- /dev/null +++ b/SGX_example/Benchmarks.sln @@ -0,0 +1,58 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 2013 +VisualStudioVersion = 12.0.31101.0 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "benchmark", "Benchmarks\Benchmarks.vcxproj", "{C1574FBF-5346-480F-8DAD-A547480FF9F1}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Enclave", "Enclave\Enclave.vcxproj", "{BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Win32 = Debug|Win32 + Debug|x64 = Debug|x64 + Prerelease|Win32 = Prerelease|Win32 + Prerelease|x64 = Prerelease|x64 + Release|Win32 = Release|Win32 + Release|x64 = Release|x64 + Simulation|Win32 = Simulation|Win32 + Simulation|x64 = Simulation|x64 + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Debug|Win32.ActiveCfg = Debug|Win32 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Debug|Win32.Build.0 = Debug|Win32 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Debug|x64.ActiveCfg = Debug|x64 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Debug|x64.Build.0 = Debug|x64 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Prerelease|Win32.ActiveCfg = Prerelease|Win32 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Prerelease|Win32.Build.0 = Prerelease|Win32 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Prerelease|x64.ActiveCfg = Prerelease|x64 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Prerelease|x64.Build.0 = Prerelease|x64 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Release|Win32.ActiveCfg = Release|Win32 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Release|Win32.Build.0 = Release|Win32 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Release|x64.ActiveCfg = Release|x64 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Release|x64.Build.0 = Release|x64 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Simulation|Win32.ActiveCfg = Simulation|Win32 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Simulation|Win32.Build.0 = Simulation|Win32 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Simulation|x64.ActiveCfg = Simulation|x64 + {C1574FBF-5346-480F-8DAD-A547480FF9F1}.Simulation|x64.Build.0 = Simulation|x64 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Debug|Win32.ActiveCfg = Debug|Win32 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Debug|Win32.Build.0 = Debug|Win32 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Debug|x64.ActiveCfg = Debug|x64 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Debug|x64.Build.0 = Debug|x64 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Prerelease|Win32.ActiveCfg = Prerelease|Win32 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Prerelease|Win32.Build.0 = Prerelease|Win32 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Prerelease|x64.ActiveCfg = Prerelease|x64 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Prerelease|x64.Build.0 = Prerelease|x64 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Release|Win32.ActiveCfg = Release|Win32 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Release|Win32.Build.0 = Release|Win32 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Release|x64.ActiveCfg = Release|x64 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Release|x64.Build.0 = Release|x64 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Simulation|Win32.ActiveCfg = Simulation|Win32 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Simulation|Win32.Build.0 = Simulation|Win32 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Simulation|x64.ActiveCfg = Simulation|x64 + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C}.Simulation|x64.Build.0 = Simulation|x64 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection +EndGlobal diff --git a/SGX_example/Benchmarks/Benchmarks.cpp b/SGX_example/Benchmarks/Benchmarks.cpp new file mode 100755 index 00000000..c3eec6a6 --- /dev/null +++ b/SGX_example/Benchmarks/Benchmarks.cpp @@ -0,0 +1,484 @@ +/* Benchmarks.cpp +* +* Copyright (C) 2006-2016 wolfSSL Inc. +* +* This file is part of wolfSSL. +* +* wolfSSL is free software; you can redistribute it and/or modify +* it under the terms of the GNU General Public License as published by +* the Free Software Foundation; either version 2 of the License, or +* (at your option) any later version. +* +* wolfSSL is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA +*/ + + +#include "stdafx.h" +#include "Benchmarks.h" /* contains include of Enclave_u.h which has wolfSSL header files */ + +/* Check settings of wolfSSL */ +#if !defined(HAVE_AESGCM) || defined(NO_RSA) || defined(NO_SHA256) +#error please enable AES-GCM, RSA, and SHA256 +#endif + +/* Use Debug SGX ? */ +#if _DEBUG + #define DEBUG_VALUE SGX_DEBUG_FLAG +#else + #define DEBUG_VALUE 1 +#endif + +#define WIN32_LEAN_AND_MEAN +#include + + +/* Choose AES Key size */ +//#define WC_AES_KEY_SZ 16 /* 128 bit key */ +#define WC_AES_KEY_SZ 24 /* 192 bit key */ + +static double current_time(int reset) +{ + static int init = 0; + static LARGE_INTEGER freq; + LARGE_INTEGER count; + + (void)reset; + + if (!init) { + QueryPerformanceFrequency(&freq); + init = 1; + } + + QueryPerformanceCounter(&count); + return (double)count.QuadPart / freq.QuadPart; +} + + +static void free_resources(byte* plain, byte* cipher) { + delete[] plain; + delete[] cipher; +} + + +/* benchmark is performed calling into Enclave on each update + * This function tests speeds at different message sizes during update */ +static double sha256_getTime_multiple(sgx_enclave_id_t id, double* total) { + double start, end; + int ret, sgxStatus; + byte* plain; + byte digest[64]; + int plainSz = (1024 * 1024); + int tSz = (1024 * 1024) * numBlocks; + int i, k; + + Sha256 sha256; + + ret = 0; + k = numBlocks; + printf("\n"); + for (k = 1; k <= numBlocks; k++) { + plainSz = tSz / k; + plain = new byte[plainSz]; + ret |= wc_sha256_init(id, &sgxStatus, &sha256); + start = current_time(1); + for (i = 0; i < k; i++) { + ret |= wc_sha256_update(id, &sgxStatus, &sha256, plain, plainSz); + } + ret |= wc_sha256_final(id, &sgxStatus, &sha256, digest); + end = current_time(0); + + if (ret != SGX_SUCCESS || sgxStatus != 0) { + printf("Error in SHA256 operation with Enclave: %d sgxStatus = %d.\n", ret, sgxStatus); + return -1; + } + *total = end - start; + printf("%8.3f\n", *total); + delete[] plain; + } + printf("\n"); + *total = end - start; + return 1 / *total * numBlocks; +} + + +/* benchmark is performed calling into Enclave on each update */ +static double sha256_getTime(sgx_enclave_id_t id, double* total) { + double start, end; + int ret = 0; + int sgxStatus = 0; + int i; + byte* plain; + byte digest[64]; + int plainSz = (1024 * 1024); + + Sha256 sha256; + + plain = new byte[plainSz]; + ret |= wc_sha256_init(id, &sgxStatus, &sha256); + start = current_time(1); + + /* perform work and get digest */ + for (i = 0; i < numBlocks; i++) { + ret |= wc_sha256_update(id, &sgxStatus, &sha256, plain, plainSz); + } + ret |= wc_sha256_final(id, &sgxStatus, &sha256, digest); + end = current_time(0); + + delete[] plain; + if (ret != SGX_SUCCESS || sgxStatus != 0) { + printf("Error in SHA256 operation with Enclave: %d sgxStatus = %d.\n", ret, sgxStatus); + return -1; + } + + *total = end - start; + return 1 / *total * numBlocks; +} + + +static int sha256_print(sgx_enclave_id_t id) +{ + double total, persec; + + printf("SHA-256 "); + persec = sha256_getTime(id, &total); + printf("%d megs took %5.3f seconds , %8.3f MB/s\n", numBlocks, total, persec); + + return 0; +} + + +/* return time in MB/s with crossing into enclave boundary with each encrypt */ +static double aesgcm_encrypt_getTime(sgx_enclave_id_t id, double* total, byte* plain, byte* cipher, word32 sz, byte* tag, word32 tagSz) +{ + Aes aes; + double start, end; + int i; + int ret, sgxStatus; + + const byte ad[13] = { 0 }; + + const XGEN_ALIGN byte iv[] = + { + 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef, + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, + 0x11, 0x21, 0x31, 0x41, 0x51, 0x61, 0x71, 0x81 + }; + + const XGEN_ALIGN byte key[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xde, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23, 0x45, 0x67 + }; + + ret = wc_aesgcm_setKey(id, &sgxStatus, &aes, key, WC_AES_KEY_SZ); + if (ret != SGX_SUCCESS || sgxStatus != 0) { + printf("AES set key failed %d sgxStatus = %d\n", ret, sgxStatus); + return -1; + } + + start = current_time(1); + for (i = 0; i < numBlocks; i++) { + ret = wc_aesgcm_encrypt(id, &sgxStatus, &aes, cipher, plain, sz, iv, 12, tag, tagSz, ad, 13); + } + end = current_time(0); + + if (ret != SGX_SUCCESS || sgxStatus != 0) { + printf("Error in AES-GCM encrypt operation with Enclave: %d sgxStatus = %d.\n", ret, sgxStatus); + return -1; + } + + *total = end - start; + return 1 / *total * numBlocks; +} + + +static int aesgcm_encrypt_print(sgx_enclave_id_t id, byte* plain, byte* cipher, word32 sz, byte* tag, word32 tagSz) +{ + double total, persec; + + printf("AES-GCM encrypt "); + persec = aesgcm_encrypt_getTime(id, &total, plain, cipher, sz, tag, tagSz); + printf("%d megs took %5.3f seconds , %8.3f MB/s\n", numBlocks, total, persec); + + return 0; +} + + +/* return MB/s with crossing into Enclave boundary with each decrypt */ +static double aesgcm_decrypt_getTime(sgx_enclave_id_t id, double* total, byte* plain, const byte* cipher, word32 sz, const byte* tag, word32 tagSz) +{ + Aes aes; + double start, end; + int ret, sgxStatus; + int i; + + const byte ad[13] = { 0 }; + + const XGEN_ALIGN byte iv[] = + { + 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef, + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, + 0x11, 0x21, 0x31, 0x41, 0x51, 0x61, 0x71, 0x81 + }; + + const XGEN_ALIGN byte key[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xde, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23, 0x45, 0x67 + }; + + ret = wc_aesgcm_setKey(id, &sgxStatus, &aes, key, WC_AES_KEY_SZ); + if (ret != SGX_SUCCESS || sgxStatus != 0) { + printf("AES set key failed %d sgxStatus = %d\n", ret, sgxStatus); + return -1; + } + + start = current_time(1); + for (i = 0; i < numBlocks; i++) { + ret = wc_aesgcm_decrypt(id, &sgxStatus, &aes, plain, cipher, sz, iv, 12, tag, tagSz, ad, 13); + } + end = current_time(0); + + if (ret != SGX_SUCCESS || sgxStatus < 0) { + printf("Error in AES-GCM decrypt operation with Enclave: %d sgxStatus = %d.\n", ret, sgxStatus); + return -1; + } + + *total = end - start; + return 1 / *total * numBlocks; +} + + +static int aesgcm_decrypt_print(sgx_enclave_id_t id, byte* plain, byte* cipher, word32 sz, const byte* tag, word32 tagSz) +{ + double total, persec; + + printf("AES-GCM decrypt "); + persec = aesgcm_decrypt_getTime(id, &total, plain, cipher, sz, tag, tagSz); + printf("%d megs took %5.3f seconds , %8.3f MB/s\n", numBlocks, total, persec); + + return 0; +} + + +/* return time for each in milliseconds */ +static double rsa_encrypt_getTime(sgx_enclave_id_t id, int* sgxStatus, double* total, const byte* message, word32 mSz, byte* cipher, word32 cSz) +{ + double start, end; + int ret, i; + int freeStatus = 0; + RsaKey rsa; + + ret = 0; *sgxStatus = 0; + ret = wc_rsa_init(id, sgxStatus, &rsa); /* loads RSA key from buffer and inits RNG */ + if (ret != SGX_SUCCESS || *sgxStatus != 0) { + printf("Initializing RSA failed %d sgxStatus = %d\n", ret, *sgxStatus); + return -1; + } + + start = current_time(1); + for (i = 0; i < ntimes; i++) { + ret = wc_rsa_encrypt(id, sgxStatus, message, mSz, cipher, cSz, &rsa); + } + end = current_time(0); + + if (ret != SGX_SUCCESS || *sgxStatus < 0) { + printf("Error in rsa encrypt operation with Enclave: %d sgxStatus = %d.\n", ret, *sgxStatus); + return -1; + } + + ret = wc_rsa_free(id, &freeStatus, &rsa); + if (ret != 0 || freeStatus != 0) { + printf("Failed to free RSA key %d sgxStatus = %d\n", ret, freeStatus); + return -1; + } + + *total = end - start; + return (*total / ntimes) * 1000; +} + + +static int rsa_encrypt_print(sgx_enclave_id_t id, int* sgxStatus, byte* plain, word32 pSz, byte* cipher, word32 cSz) +{ + double total, each; + + printf("RSA-2048 encrypt "); + each = rsa_encrypt_getTime(id, sgxStatus, &total, plain, pSz, cipher, cSz); + printf("took %6.3f milliseconds, avg over %d\n", each, ntimes); + + return 0; +} + + +/* return time in milliseconds for each */ +static double rsa_decrypt_getTime(sgx_enclave_id_t id, double* total, byte* m, word32 mSz, const byte* c, word32 cSz) +{ + double start, end; + int ret, sgxStatus, i; + RsaKey rsa; + + ret = wc_rsa_init(id, &sgxStatus, &rsa); /* loads RSA key from buffer and inits RNG */ + if (ret != SGX_SUCCESS || sgxStatus != 0) { + printf("Initializing RSA failed %d sgxStatus = %d\n", ret, sgxStatus); + return -1; + } + + start = current_time(1); + for (i = 0; i < ntimes; i++) { + ret = wc_rsa_decrypt(id, &sgxStatus, c, cSz, m, mSz, &rsa); + } + end = current_time(0); + + if (ret != SGX_SUCCESS || sgxStatus < 0) { + printf("Error in rsa decrypt operation with Enclave: %d sgxStatus = %d.\n", ret, sgxStatus); + return -1; + } + + ret = wc_rsa_free(id, &sgxStatus, &rsa); + if (ret != 0 || sgxStatus != 0) { + printf("Failed to free RSA key %d sgxStatus = %d\n", ret, sgxStatus); + return -1; + } + + *total = end - start; + return (*total / ntimes) * 1000; +} + + +static int rsa_decrypt_print(sgx_enclave_id_t id, byte* m, word32 mSz, const byte* c, word32 cSz) +{ + double total, each; + + printf("RSA-2048 decrypt "); + each = rsa_decrypt_getTime(id, &total, m, mSz, c, cSz); + printf("took %6.3f milliseconds, avg over %d\n", each, ntimes); + + return 0; +} + +int main(int argc, char* argv[]) +{ + sgx_enclave_id_t id; + sgx_launch_token_t t; + + int ret = 0; + int sgxStatus = 0; + int updated = 0; + byte message[] = "Secure wolfSSL."; + + byte* plain = new byte[1024 * 1024]; + byte* cipher = new byte[1024 * 1024]; + const byte tag[16] = { 0 }; + int plainSz = 1024 * 1024; + int i; + + /* only print off if no command line arguments were passed in */ + if (argc == 1) { + printf("Setting up Enclave ... "); + } + + memset(t, 0, sizeof(sgx_launch_token_t)); + + ret = sgx_create_enclave(_T("Enclave.signed.dll"), DEBUG_VALUE, &t, &updated, &id, NULL); + if (ret != SGX_SUCCESS) { + printf("Failed to create Enclave : error %d - %#x.\n", ret, ret); + free_resources(plain, cipher); + return 1; + } + + /* test if only printing off times */ + if (argc > 1) { + double total; + int idx = 1; + while (1) { + for (idx = 1; idx < argc; idx++) { + if (strncmp(argv[idx], "-s256", 6) == 0) { + printf("%8.3f - SHA-256\n", sha256_getTime(id, &total)); + fflush(stdout); + } + else if (strncmp(argv[idx], "-ag", 3) == 0) { + printf("%8.3f - AES-GCM\n", aesgcm_encrypt_getTime(id, &total, plain, cipher, plainSz, (byte*)tag, sizeof(tag))); + fflush(stdout); + } + else if (strncmp(argv[idx], "-re", 4) == 0) { + printf("%8.3f - RSA-ENC\n", rsa_encrypt_getTime(id, &sgxStatus, &total, message, sizeof(message), cipher, plainSz)); + fflush(stdout); + } + else if (strncmp(argv[idx], "-rd", 4) == 0) { + rsa_encrypt_getTime(id, &sgxStatus, &total, message, sizeof(message), cipher, plainSz); + printf("%8.3f - RSA-DEC\n", rsa_decrypt_getTime(id, &total, plain, plainSz, cipher, sgxStatus)); + fflush(stdout); + } + else { + printf("\"%s\" Not yet implemented\n\t-s256 for SHA256\n\t-ag for AES-GCM\n\t-re for RSA encrypt", argv[idx]); + fflush(stdout); + free_resources(plain, cipher); + return 0; + } + } + } + } + + printf("Success\nCollecting benchmark values for wolfSSL using SGX\n"); + + /*********** SHA-256 ***************/ + if (sha256_print(id) != 0) { + free_resources(plain, cipher); + return -1; + } + printf("\n"); + + + /*********** AES-GCM ***************/ + /* place message in first bytes of plain and test encrypt/decrypt with aesgcm */ + memcpy(plain, message, sizeof(message)); + + if (aesgcm_encrypt_print(id, plain, cipher, plainSz, (byte*)tag, sizeof(tag)) != 0) { + free_resources(plain, cipher); + return -1; + } + + memset(plain, 0, plainSz); + if (aesgcm_decrypt_print(id, plain, cipher, plainSz, tag, sizeof(tag)) != 0) { + free_resources(plain, cipher); + return -1; + } + + printf("\tdecrypted message = "); + for (i = 0; i < sizeof(message); i++) { printf("%c", plain[i]); } + printf("\n\n"); + + /*********** RSA ***************/ + memset(cipher, 0, 256); + ret = rsa_encrypt_print(id, &sgxStatus, message, sizeof(message), cipher, plainSz); + if (ret < 0) { + free_resources(plain, cipher); + return -1; + } + + memset(plain, 0, plainSz); + ret = rsa_decrypt_print(id, plain, plainSz, cipher, sgxStatus); + if (ret != 0) { + free_resources(plain, cipher); + return -1; + } + + printf("\tdecrypted message = "); + for (i = 0; i < 15; i++){ printf("%c", plain[i]); } + printf("\n"); + + + /*********** Free arrays and exit ***************/ + free_resources(plain, cipher); + return 0; +} + diff --git a/SGX_example/Benchmarks/Benchmarks.h b/SGX_example/Benchmarks/Benchmarks.h new file mode 100755 index 00000000..409debaf --- /dev/null +++ b/SGX_example/Benchmarks/Benchmarks.h @@ -0,0 +1,39 @@ +/* Benchmarks.h +* +* Copyright (C) 2006-2016 wolfSSL Inc. +* +* This file is part of wolfSSL. +* +* wolfSSL is free software; you can redistribute it and/or modify +* it under the terms of the GNU General Public License as published by +* the Free Software Foundation; either version 2 of the License, or +* (at your option) any later version. +* +* wolfSSL is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA +*/ + +#ifndef BENCHMARKS_H +#define BENCHMARKS_H + +#include "sgx_urts.h" /* Manages Enclave */ +#include /* IO stream Operations */ +#include "sgx_status.h" /* checks the status of the sgx APIs */ +#include "Enclave_u.h" /* contains untrusted wrapper functions used to call enclave functions*/ +#include + +#define BENCH_RSA + +enum BenchmarkBounds { + /* these numbers are lower then default wolfSSL one to collect benchmark values faster for GUI */ + numBlocks = 10, /* how many megs to test */ + ntimes = 30 /* how many itteration to run RSA decrypt/encrypt */ +}; + +#endif \ No newline at end of file diff --git a/SGX_example/Benchmarks/Benchmarks.vcxproj b/SGX_example/Benchmarks/Benchmarks.vcxproj new file mode 100755 index 00000000..f1961be2 --- /dev/null +++ b/SGX_example/Benchmarks/Benchmarks.vcxproj @@ -0,0 +1,363 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Prerelease + Win32 + + + Prerelease + x64 + + + Release + Win32 + + + Release + x64 + + + Simulation + Win32 + + + Simulation + x64 + + + + {C1574FBF-5346-480F-8DAD-A547480FF9F1} + Win32Proj + Benchmarks + benchmark + + + + Application + true + Intel C++ Compiler 16.0 + Unicode + + + Application + true + Intel C++ Compiler 16.0 + Unicode + + + Application + true + Intel C++ Compiler 16.0 + Unicode + + + Application + true + Intel C++ Compiler 16.0 + Unicode + + + Application + false + Intel C++ Compiler 16.0 + true + Unicode + + + Application + false + Intel C++ Compiler 16.0 + true + Unicode + + + Application + false + Intel C++ Compiler 16.0 + true + Unicode + + + Application + false + Intel C++ Compiler 16.0 + true + Unicode + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + true + + + true + + + true + + + true + + + false + + + false + + + false + + + false + + + + Use + Level3 + Disabled + WOLFSSL_SGX;WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions) + true + $(SGXSDKInstallPath)\include;%(AdditionalIncludeDirectories) + + + Console + true + $(SGXSDKInstallPath)\bin\$(Platform)\Debug;%(AdditionalLibraryDirectories) + sgx_urts.lib;sgx_uae_service.lib;%(AdditionalDependencies) + + + + + Use + Level3 + Disabled + WOLFSSL_SGX;WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions) + true + $(SGXSDKInstallPath)\include;%(AdditionalIncludeDirectories) + + + Console + true + $(SGXSDKInstallPath)\bin\$(Platform)\Debug;%(AdditionalLibraryDirectories) + sgx_urts.lib;sgx_uae_service.lib;%(AdditionalDependencies) + + + + + Use + Level3 + Disabled + WOLFSSL_SGX;WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions) + true + $(SGXSDKInstallPath)\include;%(AdditionalIncludeDirectories) + + + Console + true + $(SGXSDKInstallPath)\bin\$(Platform)\Debug;%(AdditionalLibraryDirectories) + sgx_urts_sim.lib;sgx_uae_service_sim.lib;%(AdditionalDependencies) + + + + + Use + Level3 + Disabled + WOLFSSL_SGX;WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions) + true + $(SGXSDKInstallPath)\include;%(AdditionalIncludeDirectories) + + + Console + true + $(SGXSDKInstallPath)\bin\$(Platform)\Debug;%(AdditionalLibraryDirectories) + sgx_urts_sim.lib;sgx_uae_service_sim.lib;%(AdditionalDependencies) + + + + + Level3 + Use + MaxSpeed + true + true + WOLFSSL_SGX;WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions) + true + $(SGXSDKInstallPath)\include;%(AdditionalIncludeDirectories) + + + Console + true + true + true + $(SGXSDKInstallPath)\bin\$(Platform)\Release;%(AdditionalLibraryDirectories) + sgx_urts.lib;sgx_uae_service.lib;%(AdditionalDependencies) + + + + + Level3 + Use + MaxSpeed + true + true + WOLFSSL_SGX;WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions) + true + $(SGXSDKInstallPath)\include;%(AdditionalIncludeDirectories) + + + Console + true + true + true + $(SGXSDKInstallPath)\bin\$(Platform)\Release;%(AdditionalLibraryDirectories) + sgx_urts.lib;sgx_uae_service.lib;%(AdditionalDependencies) + + + + + Level3 + Use + MaxSpeed + true + true + WOLFSSL_SGX;EDEBUG;WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions) + true + $(SGXSDKInstallPath)\include;%(AdditionalIncludeDirectories) + + + Console + true + true + true + $(SGXSDKInstallPath)\bin\$(Platform)\Release;%(AdditionalLibraryDirectories) + sgx_urts.lib;sgx_uae_service.lib;%(AdditionalDependencies) + + + + + Level3 + Use + MaxSpeed + true + true + WOLFSSL_SGX;EDEBUG;WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions) + true + $(SGXSDKInstallPath)\include;%(AdditionalIncludeDirectories) + + + Console + true + true + true + $(SGXSDKInstallPath)\bin\$(Platform)\Release;%(AdditionalLibraryDirectories) + sgx_urts.lib;sgx_uae_service.lib;%(AdditionalDependencies) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Create + Create + Create + Create + Create + Create + Create + Create + + + + + "$(SGXSDKInstallPath)\bin\win32\Release\sgx_edger8r.exe" --untrusted ".\..\Enclave\Enclave.edl" --search-path ".\..\Enclave%3b$(SGXSDKInstallPath)\include" + "$(SGXSDKInstallPath)\bin\win32\Release\sgx_edger8r.exe" --untrusted ".\..\Enclave\Enclave.edl" --search-path ".\..\Enclave%3b$(SGXSDKInstallPath)\include" + Creating untrusted proxy/bridge routines + Creating untrusted proxy/bridge routines + $(ProjectDir)%(Filename)_u.h;$(ProjectDir)%(Filename)_u.c;%(Outputs) + $(ProjectDir)%(Filename)_u.h;$(ProjectDir)%(Filename)_u.c;%(Outputs) + "$(SGXSDKInstallPath)\bin\win32\Release\sgx_edger8r.exe" --untrusted ".\..\Enclave\Enclave.edl" --search-path ".\..\Enclave%3b$(SGXSDKInstallPath)\include" + "$(SGXSDKInstallPath)\bin\win32\Release\sgx_edger8r.exe" --untrusted ".\..\Enclave\Enclave.edl" --search-path ".\..\Enclave%3b$(SGXSDKInstallPath)\include" + Creating untrusted proxy/bridge routines + Creating untrusted proxy/bridge routines + $(ProjectDir)%(Filename)_u.h;$(ProjectDir)%(Filename)_u.c;%(Outputs) + $(ProjectDir)%(Filename)_u.h;$(ProjectDir)%(Filename)_u.c;%(Outputs) + "$(SGXSDKInstallPath)\bin\win32\Release\sgx_edger8r.exe" --untrusted ".\..\Enclave\Enclave.edl" --search-path ".\..\Enclave%3b$(SGXSDKInstallPath)\include" + "$(SGXSDKInstallPath)\bin\win32\Release\sgx_edger8r.exe" --untrusted ".\..\Enclave\Enclave.edl" --search-path ".\..\Enclave%3b$(SGXSDKInstallPath)\include" + Creating untrusted proxy/bridge routines + Creating untrusted proxy/bridge routines + $(ProjectDir)%(Filename)_u.h;$(ProjectDir)%(Filename)_u.c;%(Outputs) + $(ProjectDir)%(Filename)_u.h;$(ProjectDir)%(Filename)_u.c;%(Outputs) + "$(SGXSDKInstallPath)\bin\win32\Release\sgx_edger8r.exe" --untrusted ".\..\Enclave\Enclave.edl" --search-path ".\..\Enclave%3b$(SGXSDKInstallPath)\include" + "$(SGXSDKInstallPath)\bin\win32\Release\sgx_edger8r.exe" --untrusted ".\..\Enclave\Enclave.edl" --search-path ".\..\Enclave%3b$(SGXSDKInstallPath)\include" + Creating untrusted proxy/bridge routines + Creating untrusted proxy/bridge routines + $(ProjectDir)%(Filename)_u.h;$(ProjectDir)%(Filename)_u.c;%(Outputs) + $(ProjectDir)%(Filename)_u.h;$(ProjectDir)%(Filename)_u.c;%(Outputs) + + + + + + \ No newline at end of file diff --git a/SGX_example/Benchmarks/Benchmarks.vcxproj.filters b/SGX_example/Benchmarks/Benchmarks.vcxproj.filters new file mode 100755 index 00000000..09df17e0 --- /dev/null +++ b/SGX_example/Benchmarks/Benchmarks.vcxproj.filters @@ -0,0 +1,53 @@ + + + + + {4FC737F1-C7A5-4376-A066-2A32D752A2FF} + cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx + + + {93995380-89BD-4b04-88EB-625FBE52EBFB} + h;hh;hpp;hxx;hm;inl;inc;xsd + + + {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} + rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms + + + {926368bf-c0ee-493d-a234-f605ef22f69a} + + + + + + + + Header Files + + + Header Files + + + Generated Files + + + Header Files + + + + + Source Files + + + Source Files + + + Generated Files + + + + + Source Files + + + \ No newline at end of file diff --git a/SGX_example/Benchmarks/stdafx.cpp b/SGX_example/Benchmarks/stdafx.cpp new file mode 100755 index 00000000..e5951754 --- /dev/null +++ b/SGX_example/Benchmarks/stdafx.cpp @@ -0,0 +1,8 @@ +// stdafx.cpp : source file that includes just the standard includes +// Benchmarks.pch will be the pre-compiled header +// stdafx.obj will contain the pre-compiled type information + +#include "stdafx.h" + +// TODO: reference any additional headers you need in STDAFX.H +// and not in this file diff --git a/SGX_example/Benchmarks/stdafx.h b/SGX_example/Benchmarks/stdafx.h new file mode 100755 index 00000000..47a0d025 --- /dev/null +++ b/SGX_example/Benchmarks/stdafx.h @@ -0,0 +1,15 @@ +// stdafx.h : include file for standard system include files, +// or project specific include files that are used frequently, but +// are changed infrequently +// + +#pragma once + +#include "targetver.h" + +#include +#include + + + +// TODO: reference additional headers your program requires here diff --git a/SGX_example/Benchmarks/targetver.h b/SGX_example/Benchmarks/targetver.h new file mode 100755 index 00000000..90e767bf --- /dev/null +++ b/SGX_example/Benchmarks/targetver.h @@ -0,0 +1,8 @@ +#pragma once + +// Including SDKDDKVer.h defines the highest available Windows platform. + +// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and +// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. + +#include diff --git a/SGX_example/Enclave/Enclave.config.xml b/SGX_example/Enclave/Enclave.config.xml new file mode 100755 index 00000000..3ed892ba --- /dev/null +++ b/SGX_example/Enclave/Enclave.config.xml @@ -0,0 +1,11 @@ + + 0 + 0 + 0x100000 + 0x200000 + 1 + 1 + 0 + 0 + 0xFFFFFFFF + diff --git a/SGX_example/Enclave/Enclave.cpp b/SGX_example/Enclave/Enclave.cpp new file mode 100755 index 00000000..10180f3b --- /dev/null +++ b/SGX_example/Enclave/Enclave.cpp @@ -0,0 +1,119 @@ +/* Enclave.cpp +* +* Copyright (C) 2006-2016 wolfSSL Inc. +* +* This file is part of wolfSSL. +* +* wolfSSL is free software; you can redistribute it and/or modify +* it under the terms of the GNU General Public License as published by +* the Free Software Foundation; either version 2 of the License, or +* (at your option) any later version. +* +* wolfSSL is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA +*/ + + +#include "Enclave_t.h" /* includes header files from wolfSSL */ +#include "wolfssl/certs_test.h" +#include "sgx_trts.h" + +static volatile byte RNG_unset = 1; +static WC_RNG rng; + +int wc_sha256_init(Sha256* sha256) { + return wc_InitSha256(sha256); +} + +int wc_sha256_update(Sha256* sha256, byte* buf, int bufSz) +{ + return wc_Sha256Update(sha256, buf, bufSz); +} + +int wc_sha256_final(Sha256* sha256, byte* digest) +{ + return wc_Sha256Final(sha256, digest); +} + + +int wc_aesgcm_setKey(Aes* aes, const byte* key, word32 sz) +{ + return wc_AesGcmSetKey(aes, key, sz); +} + +int wc_aesgcm_encrypt(Aes* aes, byte* c, const byte*p, word32 pSz, const byte* iv, word32 ivSz, byte* tag, word32 tagSz, const byte* ad, word32 adSz) +{ + return wc_AesGcmEncrypt(aes, c, p, pSz, iv, ivSz, tag, tagSz, ad, adSz); +} + +int wc_aesgcm_decrypt(Aes* aes, byte* p, const byte* c, word32 cSz, const byte* iv, word32 ivSz, const byte* tag, word32 tagSz, const byte* ad, word32 adSz) +{ + return wc_AesGcmDecrypt(aes, p, c, cSz, iv, 12, tag, 16, ad, 13); +} + + +/* return size of encrypted data */ +int wc_rsa_encrypt(const byte* m, word32 mSz, byte* out, word32 outSz, RsaKey* rsaKey) +{ + return wc_RsaPublicEncrypt(m, mSz, out, outSz, rsaKey, &rng); +} + +int wc_rsa_decrypt(const byte* in, word32 inSz, byte* m, word32 mSz, RsaKey* rsaKey) +{ + return wc_RsaPrivateDecrypt(in, inSz, m, mSz, rsaKey); +} + + +int wc_rsa_free(RsaKey* rsaKey) +{ + return wc_FreeRsaKey(rsaKey); +} + + +/* RSA key is set from wolfSSL certs_test.h */ +int wc_rsa_init(RsaKey* rsaKey) +{ + int ret; + word32 bytes; + word32 idx = 0; + const byte* tmp; + +#ifdef USE_CERT_BUFFERS_1024 + tmp = rsa_key_der_1024; + bytes = sizeof_rsa_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + tmp = rsa_key_der_2048; + bytes = sizeof_rsa_key_der_2048; +#else +#error "need a cert buffer size" +#endif /* USE_CERT_BUFFERS */ + + ret = wc_InitRsaKey(rsaKey, 0); + if (ret < 0) { + return -1; + } + ret = wc_RsaPrivateKeyDecode(tmp, &idx, rsaKey, bytes); + if (ret != 0) { + return -1; + } + + if (RNG_unset) { /* not atomic, for demo only. RNG could be moved to user APP and passed by reference */ + RNG_unset = 0; + ret = wc_InitRng(&rng); + if (ret < 0) { + return -1; + } + } + + #ifdef WC_RSA_BLINDING + wc_RsaSetRNG(rsaKey, rng); + #endif + + return 0; +} diff --git a/SGX_example/Enclave/Enclave.edl b/SGX_example/Enclave/Enclave.edl new file mode 100755 index 00000000..70e28b54 --- /dev/null +++ b/SGX_example/Enclave/Enclave.edl @@ -0,0 +1,47 @@ +enclave { + + include "wolfssl/wolfcrypt/settings.h" + include "wolfssl/wolfcrypt/types.h" + include "wolfssl/wolfcrypt/sha256.h" + include "wolfssl/wolfcrypt/aes.h" + include "wolfssl/wolfcrypt/rsa.h" + include "wolfssl/wolfcrypt/random.h" + + + trusted { + + /* SHA 256 opperations + * Using user_check to increase performance, in copies over the buffer */ + public int wc_sha256_init([user_check]Sha256* sha256); + public int wc_sha256_update([user_check]Sha256* sha256, [user_check]byte* buf, int bufSz); + public int wc_sha256_final([user_check]Sha256* sha256, [user_check]byte* digest); + + + /* AES GCM opperations + * Using user_check to increase performance */ + public int wc_aesgcm_setKey([user_check]Aes* aes, [user_check]const byte* key, word32 len); + public int wc_aesgcm_encrypt([user_check]Aes* aes, [user_check]byte* out, + [user_check]const byte* in, word32 sz, + [user_check]const byte* iv, word32 ivSz, + [user_check]byte* authTag, word32 authTagSz, + [user_check]const byte* authIn, word32 authInSz); + public int wc_aesgcm_decrypt([user_check]Aes* aes, [user_check]byte* out, + [user_check]const byte* in, word32 sz, + [user_check]const byte* iv, word32 ivSz, + [user_check]const byte* authTag, word32 authTagSz, + [user_check]const byte* authIn, word32 authInSz); + + + /* RSA opperations + * Using user_check to increase performance */ + public int wc_rsa_encrypt([user_check]const byte* m, word32 mSz, [user_check]byte* out, word32 outSz, [user_check]RsaKey* key); + public int wc_rsa_decrypt([user_check]const byte* in, word32 inSz, [user_check]byte* out, word32 mSz, [user_check]RsaKey* key); + public int wc_rsa_init([user_check]RsaKey* rsa); + public int wc_rsa_free([user_check]RsaKey* rsa); + }; + + untrusted { + /* define OCALLs here. */ + + }; +}; diff --git a/SGX_example/Enclave/Enclave.vcxproj b/SGX_example/Enclave/Enclave.vcxproj new file mode 100755 index 00000000..36c4ada3 --- /dev/null +++ b/SGX_example/Enclave/Enclave.vcxproj @@ -0,0 +1,426 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Prerelease + Win32 + + + Prerelease + x64 + + + Release + Win32 + + + Release + x64 + + + Simulation + Win32 + + + Simulation + x64 + + + + {BA00CB73-68CC-4BAD-8C00-ABEE66B4EB1C} + v4.5 + + + + DynamicLibrary + Intel C++ Compiler 16.0 + + + DynamicLibrary + Intel C++ Compiler 16.0 + + + DynamicLibrary + v120 + + + DynamicLibrary + v120 + + + DynamicLibrary + Intel C++ Compiler 16.0 + + + DynamicLibrary + Intel C++ Compiler 16.0 + + + DynamicLibrary + v120 + + + DynamicLibrary + v120 + + + DynamicLibrary + Intel C++ Compiler 16.0 + + + DynamicLibrary + Intel C++ Compiler 16.0 + + + DynamicLibrary + Intel C++ Compiler 16.0 + + + DynamicLibrary + Intel C++ Compiler 16.0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + false + false + + + $(NoInherit) + + + false + false + + + $(NoInherit) + + + false + false + $(SolutionDir)\wolfSSLEnclaveLib;$(NoInherit);;$(SolutionDir)\wolfSSLEnclaveLib;$(SolutionDir)\wolfSSLEnclaveLib + $(NoInherit) + + + false + false + $(SolutionDir)\wolfSSLEnclaveLib;$(NoInherit);;$(SolutionDir)\wolfSSLEnclaveLib;$(SolutionDir)\wolfSSLEnclaveLib + $(NoInherit) + + + false + false + + + $(NoInherit) + + + false + false + + + $(NoInherit) + + + false + false + + + $(NoInherit) + + + false + false + + + $(NoInherit) + + + + Default + MultiThreadedDebug + Disabled + Level3 + $(SGXSDKInstallPath)include;$(SGXSDKInstallPath)include\tlibc;$(SGXSDKInstallPath)include\stlport;%(AdditionalIncludeDirectories) + WOLFSSL_SGX;%(PreprocessorDefinitions) + + + wolfssl.lib;sgx_trts.lib;sgx_tstdc.lib;sgx_tservice.lib;sgx_tcrypto.lib;sgx_tstdcxx.lib + $(OutDir);$(SGXSDKInstallPath)bin\$(Platform)\$(Configuration);$(SolutionDir) + true + + true + true + + + "$(SGXSDKInstallPath)bin\win32\release\sgx_sign.exe" sign -key "Enclave_private.pem" -enclave "$(OutDir)Enclave.dll" -out "$(OutDir)Enclave.signed.dll" -config "Enclave.config.xml" + sign the enclave + + + + + Default + MultiThreadedDebug + Disabled + Level3 + $(SGXSDKInstallPath)include;$(SGXSDKInstallPath)include\tlibc;$(SGXSDKInstallPath)include\stlport;%(AdditionalIncludeDirectories) + WOLFSSL_SGX;_WINDLL;%(PreprocessorDefinitions) + + + wolfssl.lib;sgx_trts.lib;sgx_tstdc.lib;sgx_tservice.lib;sgx_tcrypto.lib;sgx_tstdcxx.lib + $(OutDir);$(SGXSDKInstallPath)bin\$(Platform)\$(Configuration);$(OutDir) + true + + + true + true + + + "$(SGXSDKInstallPath)bin\x64\release\sgx_sign.exe" sign -key "Enclave_private.pem" -enclave "$(OutDir)Enclave.dll" -out "$(OutDir)Enclave.signed.dll" -config "Enclave.config.xml" + sign the enclave + + + + + Default + MultiThreadedDebug + Disabled + Level3 + $(SGXSDKInstallPath)include;$(SGXSDKInstallPath)include\tlibc;$(SGXSDKInstallPath)include\stlport;%(AdditionalIncludeDirectories) + WOLFSSL_SGX;_WINDLL;%(PreprocessorDefinitions) + + + wolfSSLEnclaveLib.lib;sgx_trts_sim.lib;sgx_tstdc.lib;sgx_tservice_sim.lib;sgx_tcrypto.lib;sgx_tstdcxx.lib + $(OutDir);$(SGXSDKInstallPath)bin\$(Platform)\Debug + true + + + true + true + + + "$(SGXSDKInstallPath)bin\win32\release\sgx_sign.exe" sign -key "$(ProjectDir)Enclave_private.pem" -enclave "$(OutDir)Enclave.dll" -out "$(OutDir)Enclave.signed.dll" -config "$(ProjectDir)Enclave.config.xml" + sign the enclave + + + + + Default + MultiThreadedDebug + Disabled + Level3 + $(SGXSDKInstallPath)include;$(SGXSDKInstallPath)include\tlibc;$(SGXSDKInstallPath)include\stlport;%(AdditionalIncludeDirectories) + WOLFSSL_SGX;_WINDLL;%(PreprocessorDefinitions) + + + wolfSSLEnclaveLib;sgx_trts_sim.lib;sgx_tstdc.lib;sgx_tservice_sim.lib;sgx_tcrypto.lib;sgx_tstdcxx.lib + $(OutDir);$(SGXSDKInstallPath)bin\$(Platform)\Debug + true + + + true + true + + + "$(SGXSDKInstallPath)bin\win32\release\sgx_sign.exe" sign -key "$(ProjectDir)Enclave_private.pem" -enclave "$(OutDir)Enclave.dll" -out "$(OutDir)Enclave.signed.dll" -config "$(ProjectDir)Enclave.config.xml" + sign the enclave + + + + + Default + MultiThreaded + MaxSpeed + Level3 + $(SGXSDKInstallPath)include;$(SGXSDKInstallPath)include\tlibc;$(SGXSDKInstallPath)include\stlport;%(AdditionalIncludeDirectories) + true + WOLFSSL_SGX;_WINDLL;%(PreprocessorDefinitions) + + + wolfssl.lib;sgx_trts.lib;sgx_tstdc.lib;sgx_tservice.lib;sgx_tcrypto.lib;sgx_tstdcxx.lib + $(OutDir);$(SGXSDKInstallPath)bin\$(Platform)\$(Configuration);$(OutDir) + true + + true + true + true + + + "$(SGXSDKInstallPath)bin\win32\release\sgx_sign.exe" gendata -enclave "$(OutDir)Enclave.dll" -out "$(OutDir)Enclave.hex" -config "$(ProjectDir)Enclave.config.xml" + generate the enclave signing material + + + + + Default + MultiThreaded + MaxSpeed + Level3 + $(SGXSDKInstallPath)include;$(SGXSDKInstallPath)include\tlibc;$(SGXSDKInstallPath)include\stlport;%(AdditionalIncludeDirectories) + true + WOLFSSL_SGX;_WINDLL;%(PreprocessorDefinitions) + + + wolfSSLEnclaveLib.lib;sgx_trts.lib;sgx_tstdc.lib;sgx_tservice.lib;sgx_tcrypto.lib;sgx_tstdcxx.lib;wolfSSLEnclaveLib.lib + $(OutDir);$(SGXSDKInstallPath)bin\$(Platform)\$(Configuration) + true + + + true + true + true + + + "$(SGXSDKInstallPath)bin\win32\release\sgx_sign.exe" gendata -enclave "$(OutDir)Enclave.dll" -out "$(OutDir)Enclave.hex" -config "$(ProjectDir)Enclave.config.xml" + generate the enclave signing material + + + + + Default + MultiThreaded + MaxSpeed + Level3 + $(SGXSDKInstallPath)include;$(SGXSDKInstallPath)include\tlibc;$(SGXSDKInstallPath)include\stlport;%(AdditionalIncludeDirectories) + true + WOLFSSL_SGX;_WINDLL;%(PreprocessorDefinitions) + + + wolfSSLEnclaveLib.lib;sgx_trts.lib;sgx_tstdc.lib;sgx_tservice.lib;sgx_tcrypto.lib;sgx_tstdcxx.lib + $(OutDir);$(SGXSDKInstallPath)bin\$(Platform)\Release;$(SolutionDir) + true + + + true + true + true + + + "$(SGXSDKInstallPath)bin\win32\release\sgx_sign.exe" sign -key "$(ProjectDir)Enclave_private.pem" -enclave "$(OutDir)Enclave.dll" -out "$(OutDir)Enclave.signed.dll" -config "$(ProjectDir)Enclave.config.xml" + sign the enclave + + + + + Default + MultiThreaded + MaxSpeed + Level3 + $(SGXSDKInstallPath)include;$(SGXSDKInstallPath)include\tlibc;$(SGXSDKInstallPath)include\stlport;%(AdditionalIncludeDirectories) + true + WOLFSSL_SGX;_WINDLL;%(PreprocessorDefinitions) + + + wolfssl.lib;sgx_trts.lib;sgx_tstdc.lib;sgx_tservice.lib;sgx_tcrypto.lib;sgx_tstdcxx.lib + $(OutDir);$(SGXSDKInstallPath)bin\$(Platform)\Release;$(SolutionDir) + true + + + true + true + true + + + "$(SGXSDKInstallPath)bin\win32\release\sgx_sign.exe" sign -key "$(ProjectDir)Enclave_private.pem" -enclave "$(OutDir)Enclave.dll" -out "$(OutDir)Enclave.signed.dll" -config "$(ProjectDir)Enclave.config.xml" + sign the enclave + + + + + + + + + + + + "$(SGXSDKInstallPath)bin\win32\release\sgx_edger8r.exe" --trusted "$(ProjectDir)Enclave.edl" --search-path "$(SGXSDKInstallPath)include" + "$(SGXSDKInstallPath)bin\win32\release\sgx_edger8r.exe" --trusted "$(ProjectDir)Enclave.edl" --search-path "$(SGXSDKInstallPath)include" + Creating proxy/bridge routines + Creating proxy/bridge routines + $(ProjectName)_t.h;$(ProjectName)_t.c;%(Outputs) + $(ProjectName)_t.h;$(ProjectName)_t.c;%(Outputs) + Enclave.config.xml;%(AdditionalInputs) + Enclave.config.xml;%(AdditionalInputs) + "$(SGXSDKInstallPath)bin\win32\release\sgx_edger8r.exe" --trusted "$(ProjectDir)Enclave.edl" --search-path "$(SGXSDKInstallPath)include" + "$(SGXSDKInstallPath)bin\win32\release\sgx_edger8r.exe" --trusted "$(ProjectDir)Enclave.edl" --search-path "$(SGXSDKInstallPath)include" + Creating proxy/bridge routines + Creating proxy/bridge routines + $(ProjectName)_t.h;$(ProjectName)_t.c;%(Outputs) + $(ProjectName)_t.h;$(ProjectName)_t.c;%(Outputs) + Enclave.config.xml;%(AdditionalInputs) + Enclave.config.xml;%(AdditionalInputs) + "$(SGXSDKInstallPath)bin\win32\release\sgx_edger8r.exe" --trusted "$(ProjectDir)Enclave.edl" --search-path "$(SGXSDKInstallPath)include" + "$(SGXSDKInstallPath)bin\win32\release\sgx_edger8r.exe" --trusted "$(ProjectDir)Enclave.edl" --search-path "$(SGXSDKInstallPath)include" + Creating proxy/bridge routines + Creating proxy/bridge routines + $(ProjectName)_t.h;$(ProjectName)_t.c;%(Outputs) + $(ProjectName)_t.h;$(ProjectName)_t.c;%(Outputs) + Enclave.config.xml;%(AdditionalInputs) + Enclave.config.xml;%(AdditionalInputs) + "$(SGXSDKInstallPath)bin\win32\release\sgx_edger8r.exe" --trusted "$(ProjectDir)Enclave.edl" --search-path "$(SGXSDKInstallPath)include" + "$(SGXSDKInstallPath)bin\win32\release\sgx_edger8r.exe" --trusted "$(ProjectDir)Enclave.edl" --search-path "$(SGXSDKInstallPath)include" + Creating proxy/bridge routines + Creating proxy/bridge routines + $(ProjectName)_t.h;$(ProjectName)_t.c;%(Outputs) + $(ProjectName)_t.h;$(ProjectName)_t.c;%(Outputs) + Enclave.config.xml;%(AdditionalInputs) + Enclave.config.xml;%(AdditionalInputs) + + + + + + Designer + + + + + + \ No newline at end of file diff --git a/SGX_example/Enclave/Enclave.vcxproj.filters b/SGX_example/Enclave/Enclave.vcxproj.filters new file mode 100755 index 00000000..0b97402c --- /dev/null +++ b/SGX_example/Enclave/Enclave.vcxproj.filters @@ -0,0 +1,48 @@ + + + + + {068eae22-7203-4e1c-854d-a433a15212ff} + + + {10eec786-fad8-432e-8225-ed17e418af2c} + cpp;c;edl;def; .. and other options + + + {30fcb149-c376-4064-84a4-7534d550c8d1} + h;hpp; .. and other options + + + {bf60dc36-c54c-4b85-830b-1446ecf54231} + rc;xml;pem; .. and other options + + + + + Generated Files + + + Source Files + + + + + Generated Files + + + + + Resource Files + + + + + Resource Files + + + + + Source Files + + + \ No newline at end of file diff --git a/SGX_example/Enclave/Enclave_private.pem b/SGX_example/Enclave/Enclave_private.pem new file mode 100755 index 00000000..987ac726 --- /dev/null +++ b/SGX_example/Enclave/Enclave_private.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEA4eKLFIPVBZlRKo/WLIG27A0/9CI7E0fPyEYu+ro3ckIDRoGw +eFLGmp4MpnFWBEbwtWoBhb/uZHiJ3Y+/6b8oooVDmC1/h0dn2/RoKKdHTB5i0PJ6 +wnuxjCAPPGvsbScMQ/GpZpiP7FYGQbzVRh5DjJqgJQgEJS7I7uXBnIY1pNAh1P5w +4dSJQv4VzJI+dfbDsSKGM1KdrFPdaxcNaZqH2NtVgDcbHvVcksHXAa2rcAowvuQR +8B6uU27685qdckof+kX5J8kYCes5qymJxLV27I3pSdTlIjE3hiypBXCrULgaQalB +f/16vbpKQtArVQIes9J+1yCF+9PqUj1ppW2JWsYnFboi4bIAbX16yejw2t8OB7fZ +Su1B7mw0DaMhM51tvKnFYHI0kf+9k7z3D+qqRG2vHzr8BVsQN8zB1joFs5Idp/7R +6loEf5r/qDgrog+Yv4ktio0eFTGGpUy+GDtigm3KHaFn0sOQbMy9fov2hpNu1Q/A +O/PGjMw/o+rsJJz9AgEDAoIBgQCWlwdjAo4Du4txtTlzASSdXiqiwXy3hTUwLsn8 +fCT21qzZq8r64dm8aV3ES46thKB48VZZKp7tpbE+X9VGf3BsWNe6yP+vhO/n+EVw +b4TdaZc19vyBp8uywAooR/Lzb12CoRuZuwqdjq7WfeOEFC0IZxVuBVgYydtJ7oET +BCPDNWvjVEtBOFuB/rkzDCmj+dfLbFl3jGkdjT5HZLObvFqQkjkAJLy/Tj23K+Sr +yRz1XCB/QragFHQ3n1H3vGj23BQQi5elOTewDnIQ7caZM/as0rdNJFClFNrVmFW8 +lWFO4KfP3QOHLqSr1MDIWWZW+Iq6byJO93sxzlJ+1Rdl9Rd6A6HDL53l8AHrWBHj +jbIazF8n3bA1Xtp5TiBqOozW/guHEoMe3kub4DIVvWg0z/vYENKhuDaXM4Wo7aOm +Q9a/idSGwz8vGj6gRiZ8DRgPjXuNC5J0ICb6kHar/AUnafnJ097Jh99dF6ObP9l6 +9ExhWnRdgMBFUbAw052IMI4SbxMCgcEA+9TALDSbzdzFBcCroFacTqtSrGz7O45L +WDsHlx4OAjukatIxFFnFUUNYqfrrRpe1oGM2y7/IDSKu/2b+clFkKo9aV1gir9xx +FvXh/2Fv/0LH7j6FAWIr2jJSiH/31q7nCWfW/fo4IT4Peabl5Lgiwnyjq4RxNMzY +Nz+20/iYbZ63XFi3tCY4Yu/jKijIxUzgN+RLS2YAG8lvAMkwJxPI1YIeSj3AqQqT +H/A8I9et/5KszRSv02RsD+rrjj9TDvG7AoHBAOWf1YO+qLP4yYwEND6Q6Jqmg6mx +cO8Do+2NINNyi1greh8LiyDdvmq30GxPJov1mPvIlJTthSP7v5SWyBosgfkxWhma +k1jtjHWDffUy9bNpt12sy/l8zl5EsOXLVhpxdWimKbQqiwbxYvl59Nv6jb3Xz4Ei +OO3A74MolYjbqyakp4GBO2+MbixB4sP7vsVufzQThpD244GPZaKJhjYIov4t3aUX +2B4Vh+P8uyJF1fT5E3u58ACU0jOj58liw/oEpwKBwQCn4yrIIxKJPdiugHJq5Gg0 +cjcdnfzSXtzlfK+6FAlW0m2cjCC4O9jg15BxUfIvD85q7M8yf9qzbHSqRKmhi5gc +X5GPkBcf6Etko+v/lkqqLIVJfwNWQXKRduGwVU/kdJoGRTn+ptAWKV+mb0Pt0Bcs +UxfHraDN3eV6KnnipbrzvyToOyUixCWXSpdxcIXY3erP7YeHmVVn259V23VvYoXj +rBQxfoBwsbdqoCgX5R6qYciIuHU3mEgKnJ0Jf4y0oScCgcEAmRU5An8bIqXbsq14 +KbXwZxmtG8ugn1fCnl4V4kxc5XJRageyFekpnHqK8t9vB/kQp9sNuJ5YwqfVDbna +vB2r+3Y8ERG3kJ5do6z+o3dOd5vPk8iH+6iJlC3LQ9zkEaD48G7GeBxcr0uXUPv4 +kqcJKTqKVhbQnoCfrMW5BefHbxhvq6t89QhJctaXLVJ/LkmqIrevC09CVl+ZFwZZ +eVsXVB6Tw2U6vrkFQqh8wYPj+KYM/SagAGM2zRfv25ctUVhvAoHBANkD/bSFatBR +w23oEp0bdHEb8zGhvN+gVIv+U2uDwAB9KBnW5I5BKipNLZByoS6+NOT/Lo8LJQbs +8K5XtcjXGy2+gGEw7dHI0rZUIsz8Be/D3WdOycAovoRNNteWoFv7WkCWqzpwuO4M +D/JldsDEXOmHlDgkwyTGs51L9XVDL2fOY6EBieFPuORuxcLo2/j5JQ46vI8pLSkp +dVfPSyZd3XirUKNRJXg3bcKsgDQRqv1qyKbrtkenujomtA+zwZ+4Ng== +-----END RSA PRIVATE KEY----- diff --git a/SGX_example/Enclave/SGX_Benchmark.h b/SGX_example/Enclave/SGX_Benchmark.h new file mode 100755 index 00000000..f417f8a4 --- /dev/null +++ b/SGX_example/Enclave/SGX_Benchmark.h @@ -0,0 +1,15 @@ + +#ifndef SGX_BENCHMARK_H +#define SGX_BENCHMARK_H + +#include + +enum BenchmarkBounds { + numBlocks = 50, /* how many megs to test (en/de)cryption */ + ntimes = 100, + genTimes = 100, + agreeTimes = 100 +}; + +static byte plain[1024 * 1024]; +#endif \ No newline at end of file diff --git a/SGX_example/README-images/expected-results.PNG b/SGX_example/README-images/expected-results.PNG new file mode 100755 index 00000000..6778a076 Binary files /dev/null and b/SGX_example/README-images/expected-results.PNG differ diff --git a/SGX_example/README-images/set-include-path.PNG b/SGX_example/README-images/set-include-path.PNG new file mode 100755 index 00000000..e5932c84 Binary files /dev/null and b/SGX_example/README-images/set-include-path.PNG differ diff --git a/SGX_example/README-images/wolfssl-lib.PNG b/SGX_example/README-images/wolfssl-lib.PNG new file mode 100755 index 00000000..ef4ab9d9 Binary files /dev/null and b/SGX_example/README-images/wolfssl-lib.PNG differ diff --git a/SGX_example/README.md b/SGX_example/README.md new file mode 100644 index 00000000..8e29a3b3 --- /dev/null +++ b/SGX_example/README.md @@ -0,0 +1,37 @@ +wolfSSL Enclave Example +============================ + +This repository contains an example application, written in C++, which +demonstrates how to link with the wolfSSL lightweight SSL/TLS library with a +simple Enclave. First create wolfssl.lib from /IDE/WIN-SGX +then copy wolfssl.lib to SGX_example/ + +![location for wolfssl.lib](README-images/wolfssl-lib.PNG) + +After creating and moving wolfssl.lib add the include path to wolfSSL header +files. It's suggested to add this with all platforms and all configurations +selected so that it only has to be added once. + +![setting the include path](README-images/set-include-path.PNG) + +Next optionally set the platform toolset for the compiler desired to use. +By default it is set to Intel C++ 16.0. + +Below is the expected results when running the created benchmark application. + +![expected results](README-images/expected-results.PNG) + +## Limitations +This code has been developed and tested on Visual Studio 2013 with the +default Intel compiler set. It may work for other versions but building +has not been tested on other versions. + +1)Single Threaded +2)Crypto Only +3)AES-NI intrensics not added + +## Support + +Please contact wolfSSL at support@wolfssl.com with any questions, bug fixes, +or suggested feature additions. +