|
|
@@ -42,29 +42,13 @@ else ifeq ($(findstring -m32, $(CXXFLAGS)), -m32)
|
|
|
SGX_ARCH := x86
|
|
|
endif
|
|
|
|
|
|
-ifeq ($(SGX_ARCH), x86)
|
|
|
- SGX_COMMON_CFLAGS := -m32
|
|
|
- SGX_LIBRARY_PATH := $(SGX_SDK)/lib
|
|
|
- SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x86/sgx_sign
|
|
|
- SGX_EDGER8R := $(SGX_SDK)/bin/x86/sgx_edger8r
|
|
|
-else
|
|
|
- SGX_COMMON_CFLAGS := -m64
|
|
|
- SGX_LIBRARY_PATH := $(SGX_SDK)/lib64
|
|
|
- SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x64/sgx_sign
|
|
|
- SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r
|
|
|
-endif
|
|
|
+SGX_COMMON_CFLAGS := -m64
|
|
|
+SGX_LIBRARY_PATH := $(SGX_SDK)/lib64
|
|
|
+SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x64/sgx_sign
|
|
|
+SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r
|
|
|
|
|
|
-ifeq ($(SGX_DEBUG), 1)
|
|
|
-ifeq ($(SGX_PRERELEASE), 1)
|
|
|
-$(error Cannot set SGX_DEBUG and SGX_PRERELEASE at the same time!!)
|
|
|
-endif
|
|
|
-endif
|
|
|
|
|
|
-ifeq ($(SGX_DEBUG), 1)
|
|
|
- SGX_COMMON_CFLAGS += -O0 -g
|
|
|
-else
|
|
|
- SGX_COMMON_CFLAGS += -O2
|
|
|
-endif
|
|
|
+SGX_COMMON_CFLAGS += -O2
|
|
|
|
|
|
######## Library Settings ########
|
|
|
|
|
|
@@ -87,36 +71,12 @@ TrustLib_Compile_Cxx_Flags := -std=c++11 -nostdinc++
|
|
|
|
|
|
######## App Settings ########
|
|
|
|
|
|
-ifneq ($(SGX_MODE), HW)
|
|
|
- Urts_Library_Name := sgx_urts_sim
|
|
|
-else
|
|
|
- Urts_Library_Name := sgx_urts
|
|
|
-endif
|
|
|
+Urts_Library_Name := sgx_urts
|
|
|
|
|
|
App_Cpp_Files := $(wildcard App/*.cpp)
|
|
|
App_Include_Paths := -I$(SGX_SDK)/include -I$(SGX_SDK)/include/ippcp -I./Include -I./LocalAttestationCode
|
|
|
-
|
|
|
-App_Compile_Flags := $(SGX_COMMON_CFLAGS) -fPIC -Wno-attributes $(App_Include_Paths) -std=c++11 -Wall
|
|
|
-# Three configuration modes - Debug, prerelease, release
|
|
|
-# Debug - Macro DEBUG enabled.
|
|
|
-# Prerelease - Macro NDEBUG and EDEBUG enabled.
|
|
|
-# Release - Macro NDEBUG enabled.
|
|
|
-ifeq ($(SGX_DEBUG), 1)
|
|
|
- App_Compile_Flags += -DDEBUG -UNDEBUG -UEDEBUG
|
|
|
-else ifeq ($(SGX_PRERELEASE), 1)
|
|
|
- App_Compile_Flags += -DNDEBUG -DEDEBUG -UDEBUG
|
|
|
-else
|
|
|
- App_Compile_Flags += -DNDEBUG -UEDEBUG -UDEBUG
|
|
|
-endif
|
|
|
-
|
|
|
-#App_Link_Flags := $(SGX_COMMON_CFLAGS) -L$(SGX_LIBRARY_PATH) -l$(Urts_Library_Name) -L. -lpthread -lprotobuf
|
|
|
-App_Link_Flags := $(SGX_COMMON_CFLAGS) $(Security_Link_Flags) -L$(SGX_LIBRARY_PATH) -l$(Urts_Library_Name) -lsgx_uae_service -L$(OPENSSL_LIBRARY_PATH) -lsgx_usgxssl -lpthread -lprotobuf #-L$(OPENSSL_BAREBONES_LIBRARY_PATH) -lcrypto
|
|
|
-
|
|
|
-ifneq ($(SGX_MODE), HW)
|
|
|
- App_Link_Flags += -lsgx_uae_service_sim
|
|
|
-else
|
|
|
- App_Link_Flags += -lsgx_uae_service
|
|
|
-endif
|
|
|
+App_Compile_Flags := $(SGX_COMMON_CFLAGS) -fPIC -Wno-attributes $(App_Include_Paths) -std=c++11 -Wall -DDEBUG -UNDEBUG -UEDEBUG
|
|
|
+App_Link_Flags := $(SGX_COMMON_CFLAGS) $(Security_Link_Flags) -L$(SGX_LIBRARY_PATH) -l$(Urts_Library_Name) -lsgx_uae_service -L$(OPENSSL_LIBRARY_PATH) -lsgx_usgxssl -lpthread -lprotobuf -lsgx_uae_service
|
|
|
|
|
|
App_Cpp_Objects := App/App.o App/LocalAttestationUntrusted.o App/protobufLAInitiator.o App/protobufSgxLATransformsInitiator.o App/ProtobufLAMessages.pb.o #$(App_Cpp_Files:.cpp=.o)
|
|
|
App_Name := app
|
|
|
@@ -125,13 +85,8 @@ App_Name := app
|
|
|
|
|
|
Decryptor_Version_Script := Decryptor/Decryptor.lds
|
|
|
|
|
|
-ifneq ($(SGX_MODE), HW)
|
|
|
- Trts_Library_Name := sgx_trts_sim
|
|
|
- Service_Library_Name := sgx_tservice_sim
|
|
|
-else
|
|
|
- Trts_Library_Name := sgx_trts
|
|
|
- Service_Library_Name := sgx_tservice
|
|
|
-endif
|
|
|
+Trts_Library_Name := sgx_trts
|
|
|
+Service_Library_Name := sgx_tservice
|
|
|
Crypto_Library_Name := sgx_tcrypto
|
|
|
|
|
|
Enclave_Cpp_Files_2 := $(wildcard Decryptor/*.cpp)
|
|
|
@@ -164,49 +119,7 @@ Decryptor_Link_Flags := $(Common_Enclave_Link_Flags) -Wl,--version-script=$(Decr
|
|
|
Enclave_Cpp_Objects_2 := $(Enclave_Cpp_Files_2:.cpp=.o)
|
|
|
Enclave_Name_2 := libDecryptor.so
|
|
|
|
|
|
-
|
|
|
-ifeq ($(SGX_MODE), HW)
|
|
|
-ifeq ($(SGX_DEBUG), 1)
|
|
|
- Build_Mode = HW_DEBUG
|
|
|
-else ifeq ($(SGX_PRERELEASE), 1)
|
|
|
- Build_Mode = HW_PRERELEASE
|
|
|
-else
|
|
|
- Build_Mode = HW_RELEASE
|
|
|
-endif
|
|
|
-else
|
|
|
-ifeq ($(SGX_DEBUG), 1)
|
|
|
- Build_Mode = SIM_DEBUG
|
|
|
-else ifeq ($(SGX_PRERELEASE), 1)
|
|
|
- Build_Mode = SIM_PRERELEASE
|
|
|
-else
|
|
|
- Build_Mode = SIM_RELEASE
|
|
|
-endif
|
|
|
-endif
|
|
|
-
|
|
|
-ifeq ($(Build_Mode), HW_RELEASE)
|
|
|
-all: .config_$(Build_Mode)_$(SGX_ARCH) $(Trust_Lib_Name) $(UnTrustLib_Name) Decryptor.so $(App_Name)
|
|
|
- @echo "The project has been built in release hardware mode."
|
|
|
- @echo "Please sign the enclaves (PHP.so, Decryptor.so, Enclave3.so) first with your signing keys before you run the $(App_Name) to launch and access the enclave."
|
|
|
- @echo "To sign the enclaves use the following commands:"
|
|
|
- @echo " $(SGX_ENCLAVE_SIGNER) sign -key <key1> -enclave PHP.so -out <$(Enclave_Name_1)> -config PHP/PHP.config.xml"
|
|
|
- @echo " $(SGX_ENCLAVE_SIGNER) sign -key <key2> -enclave Decryptor.so -out <$(Enclave_Name_2)> -config Decryptor/Decryptor.config.xml"
|
|
|
-# @echo " $(SGX_ENCLAVE_SIGNER) sign -key <key3> -enclave Enclave3.so -out <$(Enclave_Name_3)> -config Enclave3/Enclave3.config.xml"
|
|
|
- @echo "You can also sign the enclaves using an external signing tool."
|
|
|
- @echo "To build the project in simulation mode set SGX_MODE=SIM. To build the project in prerelease mode set SGX_PRERELEASE=1 and SGX_MODE=HW."
|
|
|
-else
|
|
|
all: .config_$(Build_Mode)_$(SGX_ARCH) $(Trust_Lib_Name) $(UnTrustLib_Name) $(Enclave_Name_2) $(App_Name)
|
|
|
-ifeq ($(Build_Mode), HW_DEBUG)
|
|
|
- @echo "The project has been built in debug hardware mode."
|
|
|
-else ifeq ($(Build_Mode), SIM_DEBUG)
|
|
|
- @echo "The project has been built in debug simulation mode."
|
|
|
-else ifeq ($(Build_Mode), HW_PRERELEASE)
|
|
|
- @echo "The project has been built in pre-release hardware mode."
|
|
|
-else ifeq ($(Build_Mode), SIM_PRERELEASE)
|
|
|
- @echo "The project has been built in pre-release simulation mode."
|
|
|
-else
|
|
|
- @echo "The project has been built in release simulation mode."
|
|
|
-endif
|
|
|
-endif
|
|
|
|
|
|
.config_$(Build_Mode)_$(SGX_ARCH):
|
|
|
@rm -rf .config_* $(App_Name) *.so *.a App/*.o Decryptor/*.o Decryptor/*_t.* Decryptor/*_u.* LocalAttestationCode/*.o LocalAttestationCode/*_t.* #Enclave3/*.o Enclave3/*_t.* Enclave3/*_u.*
|
|
|
@@ -238,14 +151,6 @@ CommonOpensslCode/Openssl_crypto.o: CommonOpensslCode/Openssl_crypto.cpp
|
|
|
@$(CXX) -std=c++11 -nostdinc++ $(Enclave_Compile_Flags) -I$(OPENSSL_INCLUDES) -c $< -o $@
|
|
|
@echo "CXX <= $<"
|
|
|
|
|
|
-#Untrusted_LocalAttestation/%.o: Untrusted_LocalAttestation/%.cpp
|
|
|
-# @$(CXX) $(UnTrustLib_Compile_Flags) -c $< -o $@
|
|
|
-# @echo "CC <= $<"
|
|
|
-
|
|
|
-#$(UnTrustLib_Name): $(UnTrustLib_Cpp_Objects)
|
|
|
-# @$(AR) rcs $@ $^
|
|
|
-# @echo "GEN => $@"
|
|
|
-
|
|
|
######## App Objects ########
|
|
|
Include/Decryptor_u.h: $(SGX_EDGER8R) Decryptor/Decryptor.edl
|
|
|
@cd Decryptor && $(SGX_EDGER8R) --use-prefix --untrusted ../Decryptor/Decryptor.edl --search-path $(SGX_SDK)/include --untrusted-dir ../Include/
|
|
|
@@ -291,7 +196,7 @@ Decryptor/DecryptorWrapper.o: Decryptor/DecryptorWrapper.cpp
|
|
|
@$(CXX) -std=c++11 -nostdinc++ $(Enclave_Compile_Flags) -c $< -o $@
|
|
|
@echo "CXX <= $<"
|
|
|
|
|
|
-Decryptor/Decryptor.o: Decryptor/Decryptor.cpp #Decryptor/HybridEncryptionBox.cpp Decryptor/ECDSASignatureBox.cpp Decryptor/ECDHKeypair.cpp Decryptor/SymmetricEncryptionBox.cpp
|
|
|
+Decryptor/Decryptor.o: Decryptor/Decryptor.cpp
|
|
|
@$(CXX) -std=c++11 -nostdinc++ $(Enclave_Compile_Flags) -c $< -o $@
|
|
|
@echo "CXX <= $<"
|
|
|
|
dettanym