Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1485 Discussions

How to use Sgxsdk to protect the function in a class?

dai_c_
Beginner
‎09-20-2017 08:02 PM
676 Views
Solved Jump to solution

Hello,I want to protect the function in a class,for exampe

class test{
public:
	void  test_fun(char *buf,size_t len)
        {
        const char *secret="Hello Enclave!";
	if(len>=0)
	     {
		memcpy(buf,secret,strlen(secret)+1);
	    }
        }

};

I want to protect    void test_fun(char *buf,size_t len)

also when I read the document:Intel_SGX_SDK_Developer_Reference_Linux_1.8_Open_Source,I notice that it suppouted to Call C++ class methods,but I can't find good way to protect the class function,Thank you very much!

0 Kudos
1 Solution
Haitao_H_Intel
Employee
‎09-21-2017 08:04 AM
676 Views
Solved Jump to solution

C++ is not supported at enclave interface level, but supported inside enclave.

Enclave interfaces are defined in EDL files. The SDK tool (edger8r) generate stubs and proxies in c only.  What you can do is to separate test_fun in a c file to be included in enclave for protection. Then define an ecall in EDL interface with the same/compatible signature as test_fun, call the untrusted stub from the class.

View solution in original post

0 Kudos
Copy link

Link Copied

3 Replies
Haitao_H_Intel
Employee
‎09-21-2017 08:04 AM
677 Views
Solved Jump to solution

C++ is not supported at enclave interface level, but supported inside enclave.

Enclave interfaces are defined in EDL files. The SDK tool (edger8r) generate stubs and proxies in c only.  What you can do is to separate test_fun in a c file to be included in enclave for protection. Then define an ecall in EDL interface with the same/compatible signature as test_fun, call the untrusted stub from the class.

0 Kudos
Copy link
Hoang_N_Intel
Employee
‎09-21-2017 08:38 AM
676 Views
Solved Jump to solution

And when you said that you want to "protect this method", do you mean that you want to call this method only inside the Enclave? and not protect the visibility of the source code? It is because your example has hard-coded secret. The complete implementation of the method will be available as part of the DLL and it is unprotected.

0 Kudos
Copy link
dai_c_
Beginner
‎09-21-2017 06:45 PM
676 Views
Solved Jump to solution

ok,I put the class in enclave,not in the edl file,the problem solved

0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.