Community
cancel
Showing results for 
Search instead for 
Did you mean: 
kh__Naveen
Beginner
142 Views

std::hash output differs inside and outside enclave

Hi All,

I have an application where I calculate the std::hash in untrusted app layer and this is verified by the enclave by generating the hash again. But as we know std::hash in untrusted layer is provided by C++ stdlib and inside enclave it is provided by Intel sgxlib.

 

For example:- std::hash<std::string>{}(std::to_string(1234567890));

This produces different output inside and outside library.

Is there any way to make use of the C++std lib function std::hash inside enclave ? or std::hash provided by sgxlib outside the enclave ?

0 Kudos
4 Replies
142 Views

The source for the hash functions, __murmur2_or_cityhash, is in the memory header

C:\Program Files (x86)\Intel\IntelSGXSDK\include\libc++\memory

https://github.com/intel/linux-sgx/blob/master/sdk/tlibcxx/include/memory

You should be able to use that header in your untrusted source outside of the enclave.

The compiler you are using for outside the enclave may be using a different hash algorithm, and you can probably find it by following the STL headers.

Hope this helps.

Francisco

142 Views

Clarification: You may not be able to include the entire header file. If you do, you may have issues/conflicts with your compiler's C++ headers and this one and #ifdefs. Consider isolating this functionality to a single .cpp file / copy the hash function to avoid these types of conflicts.

kh__Naveen
Beginner
142 Views

Francisco C. (Intel) wrote:

Clarification: You may not be able to include the entire header file. If you do, you may have issues/conflicts with your compiler's C++ headers and this one and #ifdefs. Consider isolating this functionality to a single .cpp file / copy the hash function to avoid these types of conflicts.

Thank you. This is what I wanted. I am planning to copy the source from the memory header. But, God, it looks so confusing as to what to copy and what not to.

Currently I am calling my hash function like below
 

std::hash<string>{}(<some string>)

I see that inside the enclave when I check where std::hash is defined, it takes me to the below code defined in C:\Program Files (x86)\Intel\IntelSGXSDK\include\libcxx\string. So I am a little confused now, what exactly to copy.

template<class _CharT, class _Traits, class _Allocator>
struct _LIBCPP_TYPE_VIS_ONLY hash<basic_string<_CharT, _Traits, _Allocator> >
    : public unary_function<basic_string<_CharT, _Traits, _Allocator>, size_t>
{
    size_t
        operator()(const basic_string<_CharT, _Traits, _Allocator>& __val) const _NOEXCEPT;
};

 

kh__Naveen
Beginner
142 Views

I was able to achieve this myself. I copied the murmur 64 bit function to seperate file for the untrusted layer and used it.

Reply