void destroy_Enclave(){
sgx_status_t ret = SGX_SUCCESS;
ret=sgx_destroy_enclave(global_eid);
if(ret!=SGX_SUCCESS){
printf("App: error %#x, failed to destroy enclave.\n", ret);
}
}
/* Application entry */
int SGX_CDECL main(int argc, char *argv[])
{
(void)(argc);
(void)(argv);
/* Initialize the enclave */
if ( initialize_enclave ( ENCLAVE_FILENAME, &global_eid ) < 0 ){
return -1;
}
/* Utilize edger8r attributes */
edger8r_array_attributes();
edger8r_pointer_attributes();
edger8r_type_attributes();
edger8r_function_attributes();
/* Utilize trusted libraries */
ecall_libc_functions();
ecall_libcxx_functions();
ecall_thread_functions();
/* Destroy the enclave */
sgx_destroy_enclave(global_eid);
printf("Info: SampleEnclavePCL successfully returned.\n");
return 0;
}
/* Application entry */
int SGX_CDECL main(int argc, char *argv[])
{
(void)(argc);
(void)(argv);
/* Initialize the enclave */
if(initialize_enclave() < 0){
printf("Enter a character before exit ...\n");
getchar();
return -1;
}
/* Utilize trusted libraries */
ecall_libcxx_functions();
/* Destroy the enclave */
sgx_destroy_enclave(global_eid);
printf("Info: Cxx11DemoEnclave successfully returned.\n");
//printf("Enter a character before exit ...\n");
//getchar();
return 0;
}
/* Application entry */
int SGX_CDECL main(int argc, char *argv[])
{
/* Initialize the enclave */
if(initialize_enclave() < 0){
printf("Enter a character before exit ...\n");
getchar();
return -1;
}
app_main(argc, argv);
/* Destroy the enclave */
sgx_destroy_enclave(global_eid);
printf("Info: SampleEnclave successfully returned.\n");
return 0;
}
/* Application entry */
int SGX_CDECL main(int argc, char *argv[])
{
sgx_status_t sgx_ret = SGX_SUCCESS;
sgx_status_t enclave_ret = SGX_SUCCESS;
uint32_t sealed_log_size = 1024;
uint8_t sealed_log[1024] = {0};
sgx_sealed_data_t * sealed_data = 0;
(void)(argc);
(void)(argv);
/* Initialize the enclave */
if(initialize_enclave() < 0){
printf("Enter a character before exit ...\n");
getchar();
return -1;
}
const char* str = "This is c str passed into enclave!";
size_t len = strlen(str);
sgx_ret = say_something(global_eid,
&enclave_ret,
(const uint8_t *) str,
len);
if(sgx_ret != SGX_SUCCESS) {
print_error_message(sgx_ret);
return -1;
}
if(enclave_ret != SGX_SUCCESS) {
print_error_message(enclave_ret);
return -1;
}
printf("[+] say_something success ...\n");
/* Destroy the enclave */
sgx_destroy_enclave(global_eid);
return 0;
}
/* Application entry */
int SGX_CDECL main(int argc, char *argv[])
{
(void)(argc);
(void)(argv);
/* Changing dir to where the executable is.*/
char absolutePath [MAX_PATH];
char *ptr = NULL;
ptr = realpath(dirname(argv[0]),absolutePath);
if( chdir(absolutePath) != 0)
abort();
/* Initialize the enclave */
if(initialize_enclave() < 0){
return -1;
}
sgx_status_t ret = SGX_ERROR_UNEXPECTED;
int ecall_return = 0;
ret = ecall_$(enclaveName)_sample(global_eid, &ecall_return);
if (ret != SGX_SUCCESS)
abort();
if (ecall_return == 0) {
printf("Application ran with success\n");
}
else
{
printf("Application failed %d \n", ecall_return);
}
sgx_destroy_enclave(global_eid);
return ecall_return;
}
int _tmain(int argc, _TCHAR* argv[])
{
uint32_t ret_status;
sgx_status_t status;
UNUSED(argc);
UNUSED(argv);
if(load_enclaves() != SGX_SUCCESS)
{
printf("\nLoad Enclave Failure");
}
printf("\nAvaliable Enclaves");
printf("\nEnclave1 - EnclaveID %llx",e1_enclave_id);
printf("\nEnclave2 - EnclaveID %llx",e2_enclave_id);
printf("\nEnclave3 - EnclaveID %llx",e3_enclave_id);
do
{
//Test Create session between Enclave1(Source) and Enclave2(Destination)
status = Enclave1_test_create_session(e1_enclave_id, &ret_status, e1_enclave_id, e2_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave1_test_create_session Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nSecure Channel Establishment between Source (E1) and Destination (E2) Enclaves successful !!!");
}
else
{
printf("\nSession establishment and key exchange failure between Source (E1) and Destination (E2): Error code is %x", ret_status);
break;
}
}
//Test Enclave to Enclave call between Enclave1(Source) and Enclave2(Destination)
status = Enclave1_test_enclave_to_enclave_call(e1_enclave_id, &ret_status, e1_enclave_id, e2_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave1_test_enclave_to_enclave_call Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nEnclave to Enclave Call between Source (E1) and Destination (E2) Enclaves successful !!!");
}
else
{
printf("\n\nEnclave to Enclave Call failure between Source (E1) and Destination (E2): Error code is %x", ret_status);
break;
}
}
//Test message exchange between Enclave1(Source) and Enclave2(Destination)
status = Enclave1_test_message_exchange(e1_enclave_id, &ret_status, e1_enclave_id, e2_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave1_test_message_exchange Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nMessage Exchange between Source (E1) and Destination (E2) Enclaves successful !!!");
}
else
{
printf("\n\nMessage Exchange failure between Source (E1) and Destination (E2): Error code is %x", ret_status);
break;
}
}
//Test Create session between Enclave1(Source) and Enclave3(Destination)
status = Enclave1_test_create_session(e1_enclave_id, &ret_status, e1_enclave_id, e3_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave1_test_create_session Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nSecure Channel Establishment between Source (E1) and Destination (E3) Enclaves successful !!!");
}
else
{
printf("\n\nSession establishment and key exchange failure between Source (E1) and Destination (E3): Error code is %x", ret_status);
break;
}
}
//Test Enclave to Enclave call between Enclave1(Source) and Enclave3(Destination)
status = Enclave1_test_enclave_to_enclave_call(e1_enclave_id, &ret_status, e1_enclave_id, e3_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave1_test_enclave_to_enclave_call Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nEnclave to Enclave Call between Source (E1) and Destination (E3) Enclaves successful !!!");
}
else
{
printf("\n\nEnclave to Enclave Call failure between Source (E1) and Destination (E3): Error code is %x", ret_status);
break;
}
}
//Test message exchange between Enclave1(Source) and Enclave3(Destination)
status = Enclave1_test_message_exchange(e1_enclave_id, &ret_status, e1_enclave_id, e3_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave1_test_message_exchange Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nMessage Exchange between Source (E1) and Destination (E3) Enclaves successful !!!");
}
else
{
printf("\n\nMessage Exchange failure between Source (E1) and Destination (E3): Error code is %x", ret_status);
break;
}
}
//Test Create session between Enclave2(Source) and Enclave3(Destination)
status = Enclave2_test_create_session(e2_enclave_id, &ret_status, e2_enclave_id, e3_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave2_test_create_session Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nSecure Channel Establishment between Source (E2) and Destination (E3) Enclaves successful !!!");
}
else
{
printf("\n\nSession establishment and key exchange failure between Source (E2) and Destination (E3): Error code is %x", ret_status);
break;
}
}
//Test Enclave to Enclave call between Enclave2(Source) and Enclave3(Destination)
status = Enclave2_test_enclave_to_enclave_call(e2_enclave_id, &ret_status, e2_enclave_id, e3_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave2_test_enclave_to_enclave_call Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nEnclave to Enclave Call between Source (E2) and Destination (E3) Enclaves successful !!!");
}
else
{
printf("\n\nEnclave to Enclave Call failure between Source (E2) and Destination (E3): Error code is %x", ret_status);
break;
}
}
//Test message exchange between Enclave2(Source) and Enclave3(Destination)
status = Enclave2_test_message_exchange(e2_enclave_id, &ret_status, e2_enclave_id, e3_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave2_test_message_exchange Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nMessage Exchange between Source (E2) and Destination (E3) Enclaves successful !!!");
}
else
{
printf("\n\nMessage Exchange failure between Source (E2) and Destination (E3): Error code is %x", ret_status);
break;
}
}
//Test Create session between Enclave3(Source) and Enclave1(Destination)
status = Enclave3_test_create_session(e3_enclave_id, &ret_status, e3_enclave_id, e1_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave3_test_create_session Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nSecure Channel Establishment between Source (E3) and Destination (E1) Enclaves successful !!!");
}
else
{
printf("\n\nSession establishment and key exchange failure between Source (E3) and Destination (E1): Error code is %x", ret_status);
break;
}
}
//Test Enclave to Enclave call between Enclave3(Source) and Enclave1(Destination)
status = Enclave3_test_enclave_to_enclave_call(e3_enclave_id, &ret_status, e3_enclave_id, e1_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave3_test_enclave_to_enclave_call Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nEnclave to Enclave Call between Source (E3) and Destination (E1) Enclaves successful !!!");
}
else
{
printf("\n\nEnclave to Enclave Call failure between Source (E3) and Destination (E1): Error code is %x", ret_status);
break;
}
}
//Test message exchange between Enclave3(Source) and Enclave1(Destination)
status = Enclave3_test_message_exchange(e3_enclave_id, &ret_status, e3_enclave_id, e1_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave3_test_message_exchange Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nMessage Exchange between Source (E3) and Destination (E1) Enclaves successful !!!");
}
else
{
printf("\n\nMessage Exchange failure between Source (E3) and Destination (E1): Error code is %x", ret_status);
break;
}
}
//Test Closing Session between Enclave1(Source) and Enclave2(Destination)
status = Enclave1_test_close_session(e1_enclave_id, &ret_status, e1_enclave_id, e2_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave1_test_close_session Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nClose Session between Source (E1) and Destination (E2) Enclaves successful !!!");
}
else
{
printf("\n\nClose session failure between Source (E1) and Destination (E2): Error code is %x", ret_status);
break;
}
}
//Test Closing Session between Enclave1(Source) and Enclave3(Destination)
status = Enclave1_test_close_session(e1_enclave_id, &ret_status, e1_enclave_id, e3_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave1_test_close_session Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nClose Session between Source (E1) and Destination (E3) Enclaves successful !!!");
}
else
{
printf("\n\nClose session failure between Source (E1) and Destination (E3): Error code is %x", ret_status);
break;
}
}
//Test Closing Session between Enclave2(Source) and Enclave3(Destination)
status = Enclave2_test_close_session(e2_enclave_id, &ret_status, e2_enclave_id, e3_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave2_test_close_session Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nClose Session between Source (E2) and Destination (E3) Enclaves successful !!!");
}
else
{
printf("\n\nClose session failure between Source (E2) and Destination (E3): Error code is %x", ret_status);
break;
}
}
//Test Closing Session between Enclave3(Source) and Enclave1(Destination)
status = Enclave3_test_close_session(e3_enclave_id, &ret_status, e3_enclave_id, e1_enclave_id);
if (status!=SGX_SUCCESS)
{
printf("Enclave3_test_close_session Ecall failed: Error code is %x", status);
break;
}
else
{
if(ret_status==0)
{
printf("\n\nClose Session between Source (E3) and Destination (E1) Enclaves successful !!!");
}
else
{
printf("\n\nClose session failure between Source (E3) and Destination (E1): Error code is %x", ret_status);
break;
}
}
#pragma warning (push)
#pragma warning (disable : 4127)
}while(0);
#pragma warning (pop)
sgx_destroy_enclave(e1_enclave_id);
sgx_destroy_enclave(e2_enclave_id);
sgx_destroy_enclave(e3_enclave_id);
waitForKeyPress();
return 0;
}
sgx_status_t destroy_enclave(sgx_enclave_id_t eid) {
return check(sgx_destroy_enclave(eid), "Failed to destroy enclave");
}
/* Application entry */
int SGX_CDECL main(int argc, char *argv[])
{
sgx_status_t sgx_ret = SGX_SUCCESS;
sgx_status_t enclave_ret = SGX_SUCCESS;
uint32_t sealed_log_size = 1024;
uint8_t sealed_log[1024] = {0};
sgx_sealed_data_t * sealed_data = 0;
(void)(argc);
(void)(argv);
/* Initialize the enclave */
if(initialize_enclave() < 0){
printf("Enter a character before exit ...\n");
getchar();
return -1;
}
// SHA-256 test case comes from
// https://tools.ietf.org/html/rfc4634
// TEST1
const char* str = "abc";
size_t len = strlen(str);
uint8_t * output_hash = (uint8_t *) malloc (32 + 1);
printf("[+] sha256 input string is %s\n", str);
printf("[+] Expected SHA256 hash: %s\n",
"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad");
sgx_ret = calc_sha256(global_eid,
&enclave_ret,
(const uint8_t *) str,
len,
output_hash);
if(sgx_ret != SGX_SUCCESS) {
print_error_message(sgx_ret);
return -1;
}
if(enclave_ret != SGX_SUCCESS) {
print_error_message(enclave_ret);
return -1;
}
printf("[+] SHA256 result is ");
int i;
for(i = 0; i < 32; i ++) {
printf("%02x", output_hash[i]);
}
printf("\n");
printf("[+] calc_sha256 success ...\n");
// AES-GCM-128 test case comes from
// http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
// Test case 2
printf("[+] Starting aes-gcm-128 encrypt calculation\n");
uint8_t aes_gcm_plaintext[16] = {0};
uint8_t aes_gcm_key[16] = {0};
uint8_t aes_gcm_iv[12] = {0};
uint8_t aes_gcm_ciphertext[16] = {0};
uint8_t aes_gcm_mac[16] = {0};
printf("[+] aes-gcm-128 args prepared!\n");
printf("[+] aes-gcm-128 expected ciphertext: %s\n",
"0388dace60b6a392f328c2b971b2fe78");
sgx_ret = aes_gcm_128_encrypt(global_eid,
&enclave_ret,
aes_gcm_key,
aes_gcm_plaintext,
16,
aes_gcm_iv,
aes_gcm_ciphertext,
aes_gcm_mac);
printf("[+] aes-gcm-128 returned from enclave!\n");
if(sgx_ret != SGX_SUCCESS) {
print_error_message(sgx_ret);
return -1;
}
if(enclave_ret != SGX_SUCCESS) {
print_error_message(enclave_ret);
return -1;
}
printf("[+] aes-gcm-128 ciphertext is: ");
for(i = 0; i < 16; i ++) {
printf("%02x", aes_gcm_ciphertext[i]);
}
printf("\n");
printf("[+] aes-gcm-128 result mac is: ");
for(i = 0; i < 16; i ++) {
printf("%02x", aes_gcm_mac[i]);
}
printf("\n");
printf("[+] Starting aes-gcm-128 decrypt calculation\n");
printf("[+] aes-gcm-128 expected plaintext: %s", aes_gcm_plaintext);
uint8_t aes_gcm_decrypted_text[16] = {0};
sgx_ret = aes_gcm_128_decrypt(global_eid,
&enclave_ret,
aes_gcm_key,
aes_gcm_ciphertext,
16,
aes_gcm_iv,
aes_gcm_mac,
aes_gcm_decrypted_text);
if(sgx_ret != SGX_SUCCESS) {
print_error_message(sgx_ret);
return -1;
}
if(enclave_ret != SGX_SUCCESS) {
print_error_message(enclave_ret);
return -1;
}
printf("[+] aes-gcm-128 decrypted plaintext is: ");
for(i = 0; i < 16; i ++) {
printf("%02x", aes_gcm_decrypted_text[i]);
}
printf("\n");
printf("[+] aes-gcm-128 decrypt complete \n");
// AES-CMAC test case comes from
// https://tools.ietf.org/html/rfc4493
// Example 3
printf("[+] Starting aes-cmac test \n");
printf("[+] aes-cmac expected digest: %s\n",
"51f0bebf7e3b9d92fc49741779363cfe");
uint8_t cmac_key[] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
};
uint8_t cmac_msg[] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
uint8_t cmac_result[16] = {0};
sgx_ret = aes_cmac(global_eid,
&enclave_ret,
cmac_msg,
sizeof(cmac_msg),
cmac_key,
cmac_result);
if(sgx_ret != SGX_SUCCESS) {
print_error_message(sgx_ret);
return -1;
}
if(enclave_ret != SGX_SUCCESS) {
print_error_message(enclave_ret);
return -1;
}
printf("[+] aes-cmac result is: ");
for(i = 0; i < 16; i ++){
printf("%02x", cmac_result[i]);
}
printf("\n");
/* Destroy the enclave */
sgx_destroy_enclave(global_eid);
return 0;
}
/* Initialize the enclave:
* Call sgx_create_enclave to initialize an enclave instance
*/
sgx_status_t initialize_enclave ( const char *file_name, sgx_enclave_id_t* eid )
{
sgx_status_t ret = SGX_ERROR_UNEXPECTED;
size_t read_num = 0;
/* Call sgx_create_enclave to initialize an enclave instance */
/* Debug Support: set 2nd parameter to 1 */
#ifdef SGX_USE_PCL
bool open_seal_enclave = true;
uint8_t* sealed_blob = NULL;
FILE *fsealp = fopen(SEALED_KEY_FILE_NAME, "rb");
size_t sealed_blob_size = 0;
if(NULL != fsealp)
{
// Read file size:
fseek(fsealp, 0L, SEEK_END);
sealed_blob_size = ftell(fsealp);
fseek(fsealp, 0L, SEEK_SET);
// Read file into buffer:
sealed_blob = new uint8_t[sealed_blob_size];
read_num = fread(sealed_blob, 1, sealed_blob_size, fsealp);
if ( read_num != sealed_blob_size )
{
printf ( "Warning: Failed to read sealed blob.\n" );
}
else
{
open_seal_enclave = false;
}
fclose(fsealp);
}
if (true == open_seal_enclave)
{
printf ("Open Seal Enclave: %s\n", SEAL_FILENAME );
sgx_enclave_id_t seal_eid = 0;
ret = sgx_create_enclave(
SEAL_FILENAME,
SGX_DEBUG_FLAG,
NULL,
NULL,
&seal_eid,
NULL);
if (SGX_SUCCESS != ret)
{
print_error_message(ret);
return ret;
}
ret = ecall_get_sealed_blob_size(seal_eid, &sealed_blob_size);
if (ret != SGX_SUCCESS || UINT32_MAX == sealed_blob_size)
{
printf("ecall_get_sealed_blob_size: ret = %d, sealed_blob_size = %ld\n", ret, sealed_blob_size);
sgx_destroy_enclave(seal_eid);
return ret;
}
//printf("ecall_get_sealed_blob_size: ret = %d, sealed_blob_size = %ld\n", ret, sealed_blob_size);
sealed_blob = new uint8_t[sealed_blob_size];
sgx_status_t gret = SGX_ERROR_UNEXPECTED;
ret = ecall_generate_sealed_blob(seal_eid, &gret, sealed_blob, sealed_blob_size);
if ((SGX_SUCCESS != ret) || (SGX_SUCCESS != gret))
{
printf("ecall_generate_sealed_blob: ret = %d, gret = 0x%x\n", ret, gret);
sgx_destroy_enclave(seal_eid);
delete sealed_blob;
return ret;
}
sgx_destroy_enclave(seal_eid);
fsealp = fopen(SEALED_KEY_FILE_NAME, "wb");
if(NULL != fsealp)
{
fwrite(sealed_blob, 1, sealed_blob_size, fsealp);
fclose(fsealp);
}
}
// Load the PCL protected Enclave:
ret = sgx_create_encrypted_enclave(file_name, SGX_DEBUG_FLAG, NULL, NULL, eid, NULL, sealed_blob);
delete sealed_blob;
#else // SGX_USE_PCL
ret = sgx_create_enclave(file_name, SGX_DEBUG_FLAG, NULL, NULL, eid, NULL);
#endif // SGX_USE_PCL
if (ret != SGX_SUCCESS) {
print_error_message(ret);
return ret;
}
return SGX_SUCCESS;
}
