Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

SSL function not declared in scope

Setiawan__Johan
Beginner
1,653 Views

i am coding an ssl server. However, whenever i try to make the file, it gives this error.

Enclave/Enclave.cpp: In function ‘SSL_CTX* create_context()’:
Enclave/Enclave.cpp:35:73: error: ‘SSL_load_client_CA_file’ was not declared in this scope
     SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file("client.pem"));
                                                                         ^
Enclave/Enclave.cpp:41:74: error: ‘SSL_CTX_use_certificate_file’ was not declared in this scope
   if (SSL_CTX_use_certificate_file(ctx, "ca.cert.pem", SSL_FILETYPE_PEM) <= 0){
                                                                        ^
Makefile:230: recipe for target 'Enclave/Enclave.o' failed
make: *** [Enclave/Enclave.o] Error 1

This is the function that caused the error.

#include <openssl/ssl.h>
static SSL_CTX *create_context()
{
    const SSL_METHOD *method;
    SSL_CTX *ctx;

    method = TLSv1_2_server_method();

    ctx = SSL_CTX_new(method);
    if (!ctx) {
        printe("Unable to create SSL context");
        exit(EXIT_FAILURE);
    }

   
    SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,NULL);
    
    SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file("client.pem"));
   
    SSL_CTX_load_verify_locations(ctx,"client.pem","/home/sgx/Desktop/Simple_TLS_Server");
    
    if (SSL_CTX_use_certificate_file(ctx, "ca.cert.pem", SSL_FILETYPE_PEM) <= 0){
        printe("error loading server certificate");
        exit(EXIT_FAILURE);
    }
    return ctx;
}

 

 

0 Kudos
1 Reply
Hoang_N_Intel
Employee
1,652 Views

The best way to solve this problem is to look at the current SGX SSL open source on how it imports the cert into the Enclave and make the call. The source code is at https://github.com/intel/intel-sgx-ssl

0 Kudos
Reply