Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Trusted Security TEE Analysis 4 Intel SGX Design and programming

2025-04-01 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

1 、 SGX SDK

SGX SDK provides developers with a stripped-down version of the C standard function library. Because enclave is a running environment isolated from the Windows operating system, this environment does not directly access the computer's graphics card and hard disk file system, so the C standard function library provided by SDK does not include the commonly used printf () or fread (), fopen () and so on.

2. Realize the application of OpenSGX

Implementing an OpenSGX program is similar to a normal C program. Due to the operating system support for SGX programs, OpenSGX supports system call interface and user-level API, users only need to use them to create and execute OpenSGX binaries. The only difference is to use enclave_main () instead of the main main () and sgx_exit (null) instead of return. In OpenSGX programs, when compiling OpenSGX programs, it is possible to use existing libc library functions or through library functions such as polarssl that encrypt archived files. Because OpenSGX provides its own custom link scripts and loaders, they are modified to use enclave binaries in other libraries.

Before writing code, we need to define trusted and untrusted functions. We first create a folder in which we can easily compile (write our own makefie following the makefile in the previous section) and create a new folder based on the folder layout in the example given by sdk:

1.App:

External programs, code that runs outside of enclave

External application source code

2.Enclave:

Enclave.config.xml:enclave configuration file, stack size of configuration enclave, number of links

Enclave_private.pem: the private key used to sign the dynamic link library

Enclave.lds:encalve link script

Enclave.edl:

Used to declare the trusted function inside enclave and the untrusted function in app

If a function in enclave is to be called in app, the function must be declared in the trusted of edl

If a function in app is to be called in enclave, the function must be declared in the untrusted of edl

Other: enclave internal program source code

3.Include:

Header files shared by external applications and enclave programs are mostly definitions of common data types

4.Makefile

Build a project

Focus on:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report