- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Does enclave support using third party library in the enclave? Like the openssl library?
If so, how should I configure this? Because I configure the enclave like a normal Win32 console application but a lot of errors coming up. All the erro rs are about the openssl library.
For example
120 IntelliSense: identifier "FILE" is undefined c:\OpenSSL-Win32\include\openssl\ec.h 983 21 Enclave1 (Intel C++ 16.0)
But I didn't get any errors in a normal application.
Any help is appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Anything that you can build and statically link can be incorporated into an enclave, however, porting a library to work in an enclave is not a trivial task. Enclaves have limited memory, restrictions on what instructions can be executed, and most importantly cannot depend on dynamically loaded libraries. Because of the latter restriction, enclave programs also depend on Intel-provided C and C++ template libraries which are linked statically at build time. I would not expect a large, complex package like OpenSSL to just build and work. Significant porting would probably be needed.
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Anything that you can build and statically link can be incorporated into an enclave, however, porting a library to work in an enclave is not a trivial task. Enclaves have limited memory, restrictions on what instructions can be executed, and most importantly cannot depend on dynamically loaded libraries. Because of the latter restriction, enclave programs also depend on Intel-provided C and C++ template libraries which are linked statically at build time. I would not expect a large, complex package like OpenSSL to just build and work. Significant porting would probably be needed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I am trying to integrate a third party library archive file into SGX Enclave. When the function in the third party library is being called from the trusted function call, I am getting the errors like the below
relocation R_X86_64_32S against `_ZNSs4_Rep20_S_empty_rep_storageE' can not be used when making a shared object; recompile with -fPIC
error adding symbols: Bad value
Does this mean that I have to compile the third part source code with -fPIC option and link that library to create the trusted shared object ? As per your comments, I guess lot of porting also is needed to make the third party library to be compatible for SGX. Do we have any porting guidance or manual for such exercise ? Any tool which will scan the third party source code and highlight the incompatible portion of the code with the suggestion for modification. I understand that the trusted shared object along with all the needed third party library also will be enclaved. Is there any size restriction we have on this ?
Kinda struck on this. Any help and suggestion will be highly appreciated.
Regards,Sathya
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
Please look into sample application shipped with SDK.
\Intel\IntelSGXSDK\src\X509Verifier.
-Surenthar
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page