Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

How to use Sgxsdk to protect the function in a class?

dai_c_
Beginner
446 Views

Hello,I want to protect the function in a class,for exampe

class test{
public:
	void  test_fun(char *buf,size_t len)
        {
        const char *secret="Hello Enclave!";
	if(len>=0)
	     {
		memcpy(buf,secret,strlen(secret)+1);
	    }
        }

};

I want to protect    void test_fun(char *buf,size_t len)

also when I read the document:Intel_SGX_SDK_Developer_Reference_Linux_1.8_Open_Source,I notice that it suppouted to Call C++ class methods,but I can't find good way to protect the class function,Thank you very much!

0 Kudos
1 Solution
Haitao_H_Intel
Employee
446 Views

C++ is not supported at enclave interface level, but supported inside enclave.

Enclave interfaces are defined in EDL files. The SDK tool (edger8r) generate stubs and proxies in c only.  What you can do is to separate test_fun in a c file to be included in enclave for protection. Then define an ecall in EDL interface with the same/compatible signature as test_fun, call the untrusted stub from the class.

View solution in original post

0 Kudos
3 Replies
Haitao_H_Intel
Employee
447 Views

C++ is not supported at enclave interface level, but supported inside enclave.

Enclave interfaces are defined in EDL files. The SDK tool (edger8r) generate stubs and proxies in c only.  What you can do is to separate test_fun in a c file to be included in enclave for protection. Then define an ecall in EDL interface with the same/compatible signature as test_fun, call the untrusted stub from the class.

0 Kudos
Hoang_N_Intel
Employee
446 Views

And when you said that you want to "protect this method", do you mean that you want to call this method only inside the Enclave? and not protect the visibility of the source code? It is because your example has hard-coded secret. The complete implementation of the method will be available as part of the DLL and it is unprotected.

0 Kudos
dai_c_
Beginner
446 Views

ok,I put the class in enclave,not in the edl file,the problem solved

0 Kudos
Reply