Upgrade to Linux 1.6 gold release

switch code to linux 1.6 opensource gold release

.gitignore

@@ -13,3 +13,7 @@
 *_u.h
 *_t.c
 *_t.h
+
+#output files
+/build/
+/linux/installer/bin/*.bin

License.txt

@@ -37,7 +37,7 @@ http://www.eclipse.org/legal/epl-v10.html
 
 ==============================================================
 
-libsgx_le.signed.so, libsgx_pve.signed.so and libsgx_qe.signed.so are licensed as Intel redistributable binary firmware and other blobs.
+libsgx_le.signed.so, libsgx_pce.signed.so, libsgx_pve.signed.so and libsgx_qe.signed.so are licensed as Intel redistributable binary firmware and other blobs.
 
  
 Copyright (c) Intel Corporation.

Linux_SGXEclipsePlugin/build.sh

@@ -11,7 +11,7 @@ TRUNK_HOME=$(cd $(pwd)/../../ ; pwd)
 [ -n "${ECLIPSE_HOME}" ] || { echo "using default ECLIPSE_HOME=${TRUNK_HOME}/eclipse"; ECLIPSE_HOME=${TRUNK_HOME}/eclipse; }
 
 
-BUILD_RELEASE_ID_PREFIX=Linux_SGX_1.5
+BUILD_RELEASE_ID_PREFIX=Linux_SGX_1.6
 
 if [ "$RELEASE_ID" != "${RELEASE_ID%$BUILD_RELEASE_ID_PREFIX*}" ]; then
     echo "$BUILD_RELEASE_ID_PREFIX IS in $RELEASE_ID, so it is an triggered build. Change the RELEASE_ID to an accepted form."
@@ -126,6 +126,51 @@ ${ECLIPSE_HOME}/eclipse -nosplash \
   -installIU org.eclipse.pde.feature.group
 }
 
+function preBuild() {
+  local BUILDDIR="$1"
+  local BUILDDIRWORK="$2"
+  
+  local SITEFILE="$BUILDDIRWORK/sites/site.xml"
+  local FEATUREDIR="$BUILDDIRWORK/features"
+  local FEATUREFILE="feature.xml"
+  local PLUGINDIR="$BUILDDIRWORK/plugins"
+  local PLUGINFILE="META-INF/MANIFEST.MF"  
+
+  local ROOTDIR=$(dirname "$0")"/.."
+  local VERSION=$(awk '/STRFILEVER/ {print $3}' ${ROOTDIR}/common/inc/internal/se_version.h|sed 's/^\"\(.*\)\"$/\1/')
+  VERSION=$(echo "$VERSION" | awk -F'.' '{for(i=1; i<=NF&&i<=3; i++) if(i==1){version=$i} else{version=version"."$i}}; END{print version}')
+
+  if [[ "$VERSION" =~ ^[0-9]{1,}(.[0-9]{1,}){2}$ ]]; then
+    rm -fr "$BUILDDIRWORK"
+    cp -fr "$BUILDDIR" "$BUILDDIRWORK"
+
+    #site.xml
+    sed -i "s#[0-9]\{1,\}\(\.[0-9]\{1,\}\)\{0,2\}\.qualifier#$VERSION\.qualifier#g" "$SITEFILE"
+
+    #feature
+    for DIR in $(ls "$FEATUREDIR"); do
+      sed -i "s#[0-9]\{1,\}\(\.[0-9]\{1,\}\)\{0,2\}\.qualifier#$VERSION\.qualifier#g" "$FEATUREDIR/$DIR/$FEATUREFILE"
+    done
+
+    #plugin
+    for DIR in $(ls "$PLUGINDIR"); do
+      sed -i "s#[0-9]\{1,\}\(\.[0-9]\{1,\}\)\{0,2\}\.qualifier#$VERSION\.qualifier#g" "$PLUGINDIR/$DIR/$PLUGINFILE"
+    done
+  fi
+}
+
+function postBuild() {
+  local BUILDDIR="$1"
+  local BUILDDIRWORK="$2"
+  local UPDATESITEDIR="updatesite"
+  
+  if [[ -d "$BUILDDIRWORK" ]] && [[ -d "$BUILDDIRWORK/$UPDATESITEDIR" ]]; then
+    rm -fr "$BUILDDIR/$UPDATESITEDIR"
+    cp -fr "$BUILDDIRWORK/$UPDATESITEDIR" "$BUILDDIR/$UPDATESITEDIR"
+    rm -fr "$BUILDDIRWORK"
+  fi
+}
+
 function buildPlugin() {
     pwd
 
@@ -136,6 +181,7 @@ function buildPlugin() {
   BASELOCATION="$ECLIPSE_HOME"
   BUILDVERSION="$RELEASE_ID"
   BUILDDIR="$PWD/build_directory"
+  BUILDDIRWORK="$PWD/.build_directory"
   BUILDCONFIG="$PWD/build_config"
   LAUNCHER=`findFirst "$ECLIPSE_HOME"/plugins/org.eclipse.equinox.launcher_*.jar`
   BUILDFILE=`findFirst "$ECLIPSE_HOME"/plugins/org.eclipse.pde.build_*/scripts/build.xml`
@@ -151,7 +197,9 @@ function buildPlugin() {
          "not detected. Found '$BUILDFILE'. Aborting."
     exit 1
   fi
-  
+
+  preBuild "$BUILDDIR" "$BUILDDIRWORK"
+
   #
   # -- Print configuration used and actually execute the build --  
   #
@@ -161,7 +209,7 @@ function buildPlugin() {
   echo "  Build File:   $BUILDFILE"
   echo "  Build Config: $BUILDCONFIG"
   echo "  Base Location: $BASELOCATION"
-  echo "  Build Directory: $BUILDDIR"
+  echo "  Build Directory: $BUILDDIRWORK"
   echo "  Build Version: $BUILDVERSION"
   echo "  Java:         " $(which java)
   java -version
@@ -174,12 +222,13 @@ function buildPlugin() {
     -jar $LAUNCHER \
     -application org.eclipse.ant.core.antRunner \
     -buildfile $BUILDFILE \
-    -DbuildDirectory=$BUILDDIR \
+    -DbuildDirectory=$BUILDDIRWORK \
     -DbaseLocation=$BASELOCATION \
     -Dbuilder=$BUILDCONFIG \
     -DforceContextQualifier=$BUILDVERSION \
       -v -v -v -v 
 
+  postBuild "$BUILDDIR" "$BUILDDIRWORK"
 }
 
 function findFirst() {

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Adding_SGX_Nature_to_a_Project.htm

@@ -1,22 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="2" MadCap:lastHeight="383" MadCap:lastWidth="576">
-    <head><title>Adding SGX Nature to a Project</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Adding SGX Nature to a Project</h2>
-        <p>The <i>nature</i> of an Eclipse project is a concept defined by an Eclipse Platform which allows a plug-in to tag a project as a specific kind of project.   Intel(R) Software Guard Extensions  uses an <i>SGX nature</i> to add SGX-specific behavior to projects.  Project natures are defined by plug-ins, and are typically added or removed per-project when the user performs some action defined by the plug-in.</p>
-        <p>To use Intel(R) Software Guard Extensions Eclipse Plug-in in your project, you need to add SGX nature to it.   You may either add SGX nature to a pre-existing C/C++ project or create a project with SGX nature from start.  See <a href="Adding_SGX_Nature_to_a_non_SGX_project.htm">Adding SGX Nature to a non-SGX project</a> and <a href="Creating_a_New_C_C_Project_with_SGX_Nature.htm">Creating a New C/C++ Project with SGX Nature</a> for how to complete these tasks.</p>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Adding_SGX_Nature_to_a_non_SGX_project.htm

@@ -1,55 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="1808" MadCap:lastWidth="563">
-    <head><title>Adding SGX Nature to a non-SGX project</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h3>Adding SGX Nature to a non-SGX project</h3>
-        <p>When you have a C/C++ project created without Intel SGX, you cannot use Intel SGX support.  In this case, you need to add SGX nature to this project to use Intel SGX support:</p>
-        <ol>
-            <li>Right-click on the project root <![CDATA[	]]></li>
-            <li>
-                <p>Select <b>Software Guard Extension Tools → Add SGX Nature</b></p>
-                <p>
-                    <img src="Resources/Images/Add_SGX_Nature.png" />
-                </p>
-                <p class="figcap">Add SGX Nature</p>
-            </li>
-        </ol>
-        <p>After you add the SGX nature to your project, you should see:</p>
-        <ul>
-            <li>
-                <p>A subdirectory <code>sgx</code> in the project which contains a  Makefile file.</p>
-                <p>
-                    <img src="Resources/Images/Makefile_for_Intel_SGX.png" />
-                </p>
-                <p class="figcap">Makefile for Intel(R) SGX</p>
-            </li>
-            <li>
-                <p>The Intel SGX tools as shown in the following graphic:</p>
-                <p>
-                    <img src="Resources/Images/Intel_SGX_Tools.png" />
-                </p>
-                <p class="figcap">Intel(R) SGX Tools</p>
-            </li>
-            <li>
-                <p>New configurations specific to SGX technology.  You may see the configurations for the project by clicking to the down arrow of button <img src="Resources/Images/Down_Arrow_Button.png" /> usually found at the top of the Eclipse window:</p>
-                <p>
-                    <img src="Resources/Images/Configurations_Specific_to_Intel_SGX_Technology.png" />
-                </p>
-                <p class="figcap">Configurations Specific to Intel(R) SGX Technology</p>
-            </li>
-        </ul>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Adding_an_SGX_Enclave.htm

@@ -1,54 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="6" MadCap:lastHeight="2003" MadCap:lastWidth="524">
-    <head><title>Adding an SGX Enclave</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Adding an SGX Enclave</h2>
-        <p>After you add the SGX nature to a project, you can start creating a minimal but complete skeleton for a new enclave:</p>
-        <ol>
-            <li>Right-click on the project root in <b>Project Explorer</b>.</li>
-            <li>
-                <p>Open the dialog <b>Add New SGX Enclave</b> by selecting <b>Software Guard Extensions Tools → Add SGX Enclave</b> from the contextual menu.</p>
-                <p>
-                    <img src="Resources/Images/Add_New_Intel_SGX_Enclave_Dialog.png" />
-                </p>
-                <p class="figcap">Add New Intel® SGX Enclave Dialog</p>
-            </li>
-            <li>
-                <p>Choose a name for the enclave in <b>Enclave name</b> field.  This name is used in the process of generation of the skeleton to give unicity to the source files and the name of the resulting executable, so you can add more than one enclave to the same project.</p>
-                <ul>
-                    <li>
-                        <p>If you do not select the <b>Generate sample untrusted application</b> checkbox, the plugin generates only a trusted file and a Makefile fragment to build and compile the trusted part. See the following graphic.   All the code for the enclave, including build Makefile, is put in a directory <code>&lt;root&gt;/sgx/enclave_&lt;name&gt;</code> .   C/C++ code for the enclave proper are in <code>&lt;root&gt;/sgx/enclave_&lt;name&gt;/trusted</code>.</p>
-                        <p>
-                            <img src="Resources/Images/Generated_Skeleton_for_an_Enclave.png" />
-                        </p>
-                        <p class="figcap">Generated Skeleton for an Enclave.  The option to Generate Sample was not Used</p>
-                    </li>
-                    <li>
-                        <p>If you select <b>Generate sample untrusted application</b> checkbox, a simple ready to work sample application is generated, including untrusted stubs and implementation for a sample OCALL and ECALL.</p>
-                        <p>
-                            <img src="Resources/Images/Generated_Sample_Untrusted_Application.png" />
-                        </p>
-                        <p class="figcap">Generated Sample Untrusted Application</p>
-                    </li>
-                </ul>
-            </li>
-        </ol>
-        <div class="NoteCont">
-            <p class="NoteTipHead">NOTE:</p>
-            <p>If you select the <b>Generate sample untrusted application</b> checkbox, ecalls from the untrusted part are not be resolved by Eclipse C/C++ indexer. These functions are marked with a red line. The declaration of these ecalls resides in the unstrusted stub header which is generated during the build proces and is not indexed by Eclipse. To resolve this problem, right-click on project root and select <b>Index → Freshen All Files</b>.</p>
-        </div>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Adding_an_SGX_Trusted_Library.htm

@@ -1,39 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="887" MadCap:lastWidth="550">
-    <head><title>Adding an SGX Trusted Library</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Adding an SGX Trusted Library</h2>
-        <p>Trusted Static Libraries helps enclave author  have libraries of shared code to be reused by enclaves, in exactly the same manner as usual static <code>libxxx.a</code> libraries are used to share code between regular non-SGX applications.  The plugin adds a command to generate the skeleton of a trusted shared library.</p>
-        <p>To add a new SGX Trusted Library:</p>
-        <ol>
-            <li>
-                <p>Open <b>Add New SGX Static Trusted Library</b> dialog by right-click on the root of the project and select the appropriate command from <b>Software Guard Extensions Tools</b> menu:</p>
-                <p>
-                    <img src="Resources/Images/Add_New_SGX_Static_Trusted_Library_Dialog.png" />
-                </p>
-                <p class="figcap">Add New SGX Static Trusted Library Dialog</p>
-            </li>
-            <li>
-                <p>Choose a name for the library and click <b>OK</b>. A skeleton for a trusted library is generated in directory <code>&lt;root&gt;/sgx/trustedlib_&lt;name&gt;</code>:</p>
-                <p>
-                    <img src="Resources/Images/A_Generated_Trusted_Library.png" />
-                </p>
-                <p class="figcap">A Generated Trusted Library</p>
-            </li>
-        </ol>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Adding_an_SGX_Untrusted_Module.htm

@@ -1,39 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="898" MadCap:lastWidth="550">
-    <head><title>Adding an SGX Untrusted Module</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Adding an SGX Untrusted Module</h2>
-        <p>Add an untrusted module to generate the untrusted stubs so you use an enclave, provided you have access to its <code>.edl</code> file.  The enclave might have been built in the current project or in a different project.</p>
-        <p>To use trusted functionality of an enclave for which its <code>*.edl</code> is known, use the command <b>Add SGX Untrusted Module</b>:</p>
-        <ol>
-            <li>
-                <p>Open dialog <b>Add Sgx Untrusted Module</b> by right-click-ing the project root in <b>Package Explorer</b> and chose the command from <b>Software Guard Extension Tools</b>.</p>
-                <p>
-                    <img src="Resources/Images/Add_SGX_Untrusted_Module.png" />
-                </p>
-                <p class="figcap">Add SGX Untrusted Module</p>
-            </li>
-            <li>
-                <p>Use the <b>Browse</b> button to navigate the file system using a file dialog, and click <b>OK</b>. The untrusted module is copied to <code>&lt;root&gt;/sgx/untrusted_&lt;edl file name&gt;</code>.  The selected <code>*.edl</code> is copied to the project.</p>
-                <p>
-                    <img src="Resources/Images/Copying_the_Untrusted_Module_to_a_Project.png" />
-                </p>
-                <p class="figcap">Copying the Untrusted Module to a Project</p>
-            </li>
-        </ol>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Building_and_Running_SGX_Code.htm

@@ -1,25 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="210" MadCap:lastWidth="550">
-    <head><title>Building and Running SGX Code</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h1>Building and Running SGX Code</h1>
-        <p>This section describes the following topics about building and running SGX code:</p>
-        <ul>
-            <li>SGX build configurations</li>
-            <li>Running samples generated for enclaves</li>
-        </ul>&#160;</body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Command_Reference.htm

@@ -1,30 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="1060" MadCap:lastWidth="565">
-    <head><title>Command Reference</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h1>Command Reference</h1>
-        <p>This topic provides the command reference for the following scenarios of using Intel(R) Software Guard Extensions Eclipse* Plug-in:</p>
-        <ul>
-            <li>Adding SGX nature to a project</li>
-            <li>Adding an SGX enclave</li>
-            <li>Adding an SGX trusted library</li>
-            <li>Adding an SGX untrusted module</li>
-            <li>Updating SGX enclave signing key</li>
-            <li>Updating enclave configuration files</li>
-            <li>Two steps sign enclave</li>
-        </ul>
-        <p>All commands brought by Intel(R) Software Guard Extensions Eclipse Plug-in are available by right-clicking on the Project root in Project explorer view in menu <b>Software Guard Extension Tools</b>:</p>&#160;<p><img src="Resources/Images/Project_Explorer.png" /></p><p class="figcap">Project Explorer</p>&#160;</body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Configuring_Intel_Software_Guard_Extensions_Eclipse_Plug-in.htm

@@ -1,31 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="6" MadCap:lastHeight="690" MadCap:lastWidth="524">
-    <head><title>Configuring Intel(R) Software Guard Extensions Eclipse* Plug-in</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Configuring Intel(R) Software Guard Extensions Eclipse* Plug-in</h2>
-        <p>If you do not install Intel(R) SGX SDK for Linux* OS in the default location, you need to specify the path for Intel SGX SDK  using the following steps:</p>
-        <ol>
-            <li>
-                <p>Go to <b>Window menu -&gt;Preferences</b>. Enter SGX in the filter text field to quickly locate the <b>SGX Preferences</b> page.</p>
-                <p>
-                    <img src="Resources/Images/SGX_Preference_Page.png" />
-                </p>
-                <p class="figcap">SGX Preference Page</p>
-            </li>
-            <li>Enter the path for Intel SGX SDK for Linux OS in the <b>SGX SDK Directory</b> field.</li>
-        </ol>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Creating_a_New_C_C_Project_with_SGX_Nature.htm

@@ -1,37 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="1000" MadCap:lastWidth="550">
-    <head><title>Creating a New C/C++ Project with SGX Nature</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h3>Creating a New C/C++ Project with SGX Nature</h3>
-        <p>You can create a new project with SGX nature. To create such a project, follow these steps:</p>
-        <ol>
-            <li>
-                <p>Open a standard Eclipse new project: <b>File menu → Project...</b>  . If you have installed Intel® Software Guard Extensions Eclipse Plug-in,  you can see the category C/C++ with SGX Enabled in the <b>New Project</b> dialog.</p>
-                <p>
-                    <img src="Resources/Images/New_Project.png" />
-                </p>
-                <p class="figcap">New Project</p>
-                <p>This category has 2 sub-categories, <b>SGX C project</b> and <b>SGX C++ project</b>.  These sub-categories are similar to the sub-categories C Project and C++ Project of standard C/C++ category.</p>
-            </li>
-            <li>Select one of the 2 sub-categories, SGX C project or SGX C++ project, and click <b>Next</b>.</li>
-            <li>Complete creating the project using the regular process of creating a standard C or C++ project.</li>
-        </ol>
-        <div class="NoteCont">
-            <p class="NoteTipHead">NOTE:</p>
-            <p>Projects created following the subcategories under <b>C/C++ with SGX Enabled</b> are identical with their standard counterparts, except that they have SGX Nature added.  There is no difference between creating a C or C++ project with SGX enabled, or creating a standard C/C++ project and launch <b>Add SGX nature</b> from it, as described in precedent paragraph.</p>
-        </div>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Generate_Signed_Enclaves.htm

@@ -1,39 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="912" MadCap:lastWidth="614">
-    <head><title>Generate Signed Enclaves</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h3>Generate Signed Enclaves</h3>
-        <p>Generating signed enclave is the second step in the 2-Steps signing process.  You should have the following files to complete this step:</p>
-        <ul>
-            <li>The <code>.hex</code> file generated with <b>Generate Hash</b> command</li>
-            <li>The files produced from the external signing facility</li>
-            <li>The signature of the <code>.hex</code> file</li>
-            <li>The public verification key</li>
-        </ul>
-        <p>To generate signed encalves, use the following steps:</p>
-        <ol>
-            <li>
-                <p>Right-click on the project root, and go to <b>Software Guard Extensions Tools menu → Two Step Sign Enclave → Generate Signed Enclave</b>.</p>
-                <p>
-                    <img src="Resources/Images/Generate_Signed_Enclave_Dialog.png" />
-                </p>
-                <p>Generate Signed Enclave Dialog</p>
-            </li>
-            <li>Enter the inputs to all the fields and click <b>OK</b>.</li>
-        </ol>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Getting_Started.htm

@@ -1,23 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="2" MadCap:lastHeight="345" MadCap:lastWidth="576">
-    <head><title>Getting Started with Intel(R) Software Guard Extensions Eclipse* Plugin</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h1>Getting Started with Intel(R) Software Guard Extensions Eclipse* Plugin</h1>
-        <p>This section contains steps to set up your Intel(R) Software Guard Extensions Eclipse* Plugin on a Linux* system, including necessary softwares, steps to install the product, and steps to configure your preferred product directory.</p>
-        <p>•	Pre-requisites</p>
-        <p>•	Installation Intel(R) Software Guard Extensions Eclipse* Plug-in</p>
-        <p>•	Configuring Intel(R) Software Guard Extensions Eclipse* Plug-in</p>&#160;</body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Installing_Intel_Software_Guard_Extensions_Eclipse_Plugin.htm

@@ -1,40 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="6" MadCap:lastHeight="1511" MadCap:lastWidth="681">
-    <head><title>Installing Intel(R) Software Guard Extensions Eclipse* Plug-in</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Installing Intel(R) Software Guard Extensions Eclipse* Plug-in</h2>
-        <p>Install Intel(R) Software Guard Extensions Eclipse* Plug-in as a regular Eclipse Plugin:</p>
-        <ol>
-            <li>Download the zip archive of Intel(R) Software Guard Extensions Eclipse Plug-in from Intel Site</li>
-            <li>
-                <p>Go to <b>Help menu -&gt; Install New Software</b>. Click the <b>Add</b> button for the <b>Work with</b> field to open the <b>Add Repository</b> dialog as shown in the following graphic:</p>
-                <p>
-                    <img src="Resources/Images/Add_Repository_Dialog.png" />
-                </p>
-                <p class="figcap">Add Repository Dialog</p>
-            </li>
-            <li>
-                <p>Enter  <code>SGX Archive</code> in the <b>Name</b> field .  Click the <b>Archive...</b> button and select the location of the downloaded archive as shown in the following graphic:</p>
-                <p>
-                    <img src="Resources/Images/The_Location_of_the_Plugin_zip_Archive.png" />
-                </p>
-                <p class="figcap">The Location of the Plugin zip Archive</p>
-            </li>
-            <li>Press <b>OK</b>  to add the archive as a repository.</li>
-            <li>In the <b>Install</b> dialog, select the <b>Software Guard Extensions Plugin</b> check-box and proceed with the usual steps.</li>
-        </ol>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Introducing_Intel_Software_Guard _Extensions_Eclipse_Plugin.htm

@@ -1,42 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="1175" MadCap:lastWidth="804">
-    <head><title>What is Intel(R) Software Guard Extensions?</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Introducing Intel(R) Software Guard Extensions</h2>
-        <p>Intel(R) Software Guard Extensions is a new Intel technology, whose objective is to enable a high level of protection of secrets. It operates by allocating hardware-protected memory where code and data reside. The protected memory area within an application process is called an enclave. Data within the enclave memory can only be accessed by code that resides within that enclave. Enclave code can be invoked by special instructions.</p>
-        <p>An enclave can be built and loaded as a shared object.</p>
-        <p>Throughout this document, Intel(R) SGX refers to Intel(R) Software Guard Extensions.</p>
-        <p>An Intel(R) SGX application design is different from the design of non- Intel(R) SGX application as it specifies dividing the application into two logical parts:</p>
-        <ul>
-            <li><i>Trusted</i> part. The code that accesses the secret resides here and it is called an enclave. More than one enclave can exist in an application.</li>
-            <li><i>Untrusted</i> part. This includes the rest of the modules in the application, that is outside in an enclave.</li>
-        </ul>
-        <p>The trusted components and untrusted components are developed as separate modules.</p>
-        <p>The trusted part or the enclave is implemented in C or C++. It is supplied as a collection of functions and data packaged in the form of a dynamically loaded library, a DLL in Windows* OS and a shared object in Linux* OS. It may be supplied either as a pre-built signed library or as a signed shared library built during compilation of the untrusted component.</p>
-        <p>Enclave functions within an enclave library are wrapped by auto-generated proxy and bridge functions that simplify the mechanism of using the Intel(R) SGX technology by developers.</p>
-        <p>The role of these functions is to handle the following tasks:</p>
-        <ul>
-            <li>Call an enclave function from untrusted code, also called an ECALL (enclave call).</li>
-            <li>Call an untrusted function from within an enclave, also called an OCALL (outside call).</li>
-            <li>Handle interrupts.</li>
-            <li>Handle exceptions.</li>
-        </ul>
-        <p>The proxy and bridge functions are generated by the <code>sgx_edger8r</code> tool provided by Intel(R) SGX SDK. It reads an <i>edl</i> file (Enclave Descriptor Language) which describes the functions that form the <i>trusted</i> and <i>untrusted</i> component boundaries within the application.</p>
-        <p>After the enclave is built, a signed version of it is created using the tool <code>sgx_sign</code> also provided by Intel(R) SGX SDK.  It is this signed version may be loaded and executed in the encrypted memory.</p>
-        <p>Enclaves may have some specific properties which are added as meta-information during the signing process.  The meta-information is stored in one configuration xml file per enclave, whose details may be seen in <i>Intel(R) Software Guard Extensions Evaluation SDK for Linux* OS</i>.</p>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Introducing_Intel_Software_Guard_Extensions.htm

@@ -1,23 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="2" MadCap:lastHeight="556" MadCap:lastWidth="576">
-    <head><title>What can be done with Linux SGX Eclipse Plugin?</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Introducing Intel(R) Software Guard Extensions Eclipse* Plugin</h2>
-        <p>The Intel(R) Software Guard Extensions Eclipse* Plug-in helps the enclave developer to maintain enclaves and untrusted related code inside Eclipse* C/C++ projects.   To use this support, add SGX nature to the C/C++ project.  See <a href="Adding_SGX_Nature_to_a_Project.htm">Adding SGX Nature to a Project</a> for details.</p>
-        <p>Once the SGX nature is added to a project, you will have access to the SGX commands.  SGX nature adds also a folder called <code>sgx</code> to the root of the project, and a Makefile inside it.   All resources of the project managed by Intel(R) Software Guard Extensions Eclipse Plug-inare located inside this directory.  You can build and run enclaves related code using GNU* Make tool through the Makefile.</p>
-        <p>The plugin is generating minimal but ready-to-work code skeletons, complete with their own Makefile having all the required make targets as to call <code>sgx_edger8r</code> tool to generate the proxies and bridges, compile these source, generate a shared object and finally, to sign the enclave with the <code>sgx_sign</code> tool.  This provide a starting point you may build upon.</p>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Introduction.htm

@@ -1,21 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="2" MadCap:lastHeight="387" MadCap:lastWidth="576">
-    <head><title>Introduction</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h1>Introduction</h1>
-        <p>This <i>Developer Guide</i> is intended for use by Independent Service Vendors who wish to harden their Linux* applications using Intel(R) SGX Technology, code named Intel(R) Software Guard Extensions. The guide describes the procedure for installation of Intel(R) SGX Plugin for Eclipse* IDE and development of Intel(R) SGX components using the plugin. The Intel(R) SGX Plugin for Eclipse leverages on the Intel(R) Software Guard Extensions Evaluation SDK, which is a collection of APIs, libraries and tools that enable you to develop, build and debug Intel(R) SGX applications in C/C++.</p>
-        <p>To learn more about the Intel(R) Software Guard Extensions Evaluation SDK, see the <i>Intel(R) Software Guard Extensions Evaluation SDK for Linux* OS</i>.</p>&#160;</body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Legal_Information.htm

@@ -1,70 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns="http://www.w3.org/1999/xhtml" MadCap:lastBlockDepth="5" MadCap:lastHeight="1269" MadCap:lastWidth="537" xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd">
-    <head><title xmlns="">Legal Information</title>
-        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h1>Legal Information</h1>
-        <p>No license (express or implied, by estoppel or otherwise) to any intellectual 
- property rights is granted by this document.</p>
-        <p>Intel disclaims all express and implied warranties, including without 
- limitation, the implied warranties of merchantability, fitness for a particular 
- purpose, and non-infringement, as well as any warranty arising from course 
- of performance, course of dealing, or usage in trade.</p>
-        <p>This document contains information on products, services and/or processes 
- in development. &#160;All information provided here is subject to change 
- without notice. Contact your Intel representative to obtain the latest 
- forecast, schedule, specifications and roadmaps.</p>
-        <p>The products and services described may contain defects or errors known 
- as errata which may cause deviations from published specifications. Current 
- characterized errata are available on request.</p>
-        <p>Intel technologies features and benefits depend on system configuration 
- and may require enabled hardware, software or service activation. Learn 
- more at Intel.com, or from the OEM or retailer.</p>
-        <p>Copies of documents which have an order number and are referenced in 
- this document may be obtained by calling 1-800-548-4725 or by visiting 
- <a href="http://www.intel.com/design/literature.htm">www.intel.com/design/literature.htm</a>.</p>
-        <p>Intel, the Intel logo, Xeon, and Xeon Phi are trademarks of Intel Corporation 
- in the U.S. and/or other countries. </p>
-        <table style="border-left-style: solid;border-left-width: 1px;border-right-style: solid;border-right-width: 1px;border-top-style: solid;border-top-width: 1px;border-bottom-style: solid;border-bottom-width: 1px;">
-            <col />
-            <tr>
-                <th>
-                    <p>Optimization Notice</p>
-                </th>
-            </tr>
-            <tr bgcolor="#CCECFF">
-                <td>
-                    <p>Intel's compilers may or may not optimize to the same degree 
-		 for non-Intel microprocessors for optimizations that are not unique 
-		 to Intel microprocessors. These optimizations include SSE2, SSE3, 
-		 and SSSE3 instruction sets and other optimizations. Intel does 
-		 not guarantee the availability, functionality, or effectiveness 
-		 of any optimization on microprocessors not manufactured by Intel. 
-		 Microprocessor-dependent optimizations in this product are intended 
-		 for use with Intel microprocessors. Certain optimizations not 
-		 specific to Intel microarchitecture are reserved for Intel microprocessors. 
-		 Please refer to the applicable product User and Reference Guides 
-		 for more information regarding the specific instruction sets covered 
-		 by this notice.</p>
-                    <p style="text-align: right;">Notice revision #20110804</p>
-                </td>
-            </tr>
-        </table>
-        <p>* Other names and brands may be claimed as the property of others.</p>
-        <p>© 2016 Intel Corporation.</p>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Prerequisites.htm

@@ -1,27 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="328" MadCap:lastWidth="550">
-    <head><title>Pre-requisites</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Pre-requisites</h2>
-        <p>To use Intel(R) Software Guard Extensions Eclipse Plug-in, install the following softwares:</p>
-        <ul>
-            <li>Eclipse* Mars 1 with CDT IDE for C/C++ Developpers (version 4.5.1).   To use this version, install Java* Development Kit (JDK) or Java* Runtime Environment (JRE)  version 1.8 or above.</li>
-            <li>gcc/g++ tools</li>
-            <li>Openssl*</li>
-            <li>Intel(R) SGX SDK for Linux* OS</li>
-        </ul>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Resources/Stylesheets/intel_css_styles.css

@@ -18,17 +18,16 @@ body
 	color: #333333;
 	background-color: #ffffff;
 	font-family: "Intel Clear", Verdana, Arial, sans-serif;
-	font-size: 12pt;
 	margin-left: 30px;
 	margin-right: 30px;
 	margin-bottom: 7%;
 	color: #333333;
 	background-color: #ffffff;
 	font-family: "Intel Clear", Verdana, Arial, sans-serif;
-	font-size: 12pt;
 	margin-left: 30px;
 	margin-right: 30px;
 	margin-bottom: 7%;
+	font-size: 12pt;
 }
 
 .RevUpdate
@@ -126,43 +125,43 @@ h3
 h4
 {
 	color: #0071c5;
-	margin-top: 12pt;
+	margin-top: 10pt;
 	margin-bottom: 5pt;
 	padding-left: 0px;
-	font-size: 12pt;
+	font-size: 10pt;
 	color: #0071c5;
-	margin-top: 12pt;
+	margin-top: 10pt;
 	margin-bottom: 5pt;
 	padding-left: 0px;
-	font-size: 12pt;
+	font-size: 10pt;
 }
 
 h5
 {
 	color: #0071c5;
-	margin-top: 12pt;
+	margin-top: 10pt;
 	margin-bottom: 5pt;
 	padding-left: 0px;
-	font-size: 12pt;
+	font-size: 10pt;
 	color: #0071c5;
-	margin-top: 12pt;
+	margin-top: 10pt;
 	margin-bottom: 5pt;
 	padding-left: 0px;
-	font-size: 12pt;
+	font-size: 10pt;
 }
 
 h6
 {
 	color: #0071c5;
-	margin-top: 12pt;
+	margin-top: 10pt;
 	margin-bottom: 5pt;
 	padding-left: 0px;
-	font-size: 12pt;
+	font-size: 10pt;
 	color: #0071c5;
-	margin-top: 12pt;
+	margin-top: 10pt;
 	margin-bottom: 5pt;
 	padding-left: 0px;
-	font-size: 12pt;
+	font-size: 10pt;
 }
 
 .relinfo
@@ -178,22 +177,21 @@ h6
 
 caption
 {
-	font-size: 12pt;
 	font-weight: bold;
 	text-align: left;
-	font-size: 12pt;
 	font-weight: bold;
 	text-align: left;
+	font-size: 12pt;
 }
 
 .figcap
 {
 	margin-left: 24px;
-	font-size: 12pt;
+	font-size: 10pt;
 	font-weight: bold;
 	text-align: center;
 	margin-left: 24px;
-	font-size: 12pt;
+	font-size: 10pt;
 	font-weight: bold;
 	text-align: center;
 }
@@ -278,16 +276,15 @@ a.underlined
 
 p
 {
-	font-size: inherit;
 	margin-left: 0px;
 	line-height: 120%;
 	margin-top: 0;
 	margin-bottom: 10px;
-	font-size: inherit;
 	margin-left: 0px;
 	line-height: 120%;
 	margin-top: 0;
 	margin-bottom: 10px;
+	font-size: 12pt;
 }
 
 .p
@@ -312,12 +309,12 @@ table
 	border-collapse: collapse;
 	margin-left: 0px;
 	margin-top: 0.3em;
-	font-size: 12pt;
+	font-size: 10pt;
 	margin-bottom: 5pt;
 	border-collapse: collapse;
 	margin-left: 0px;
 	margin-top: 0.3em;
-	font-size: 12pt;
+	font-size: 10pt;
 }
 
 tr
@@ -336,6 +333,7 @@ DIV.Note
 	border-top-width: 1px;
 	border-bottom-style: solid;
 	border-bottom-width: 1px;
+	font-size: 10pt;
 }
 
 p.NoteTipHead
@@ -347,9 +345,9 @@ p.NoteTipHead
 	line-height: 15pt;
 	margin-left: 0.202cm;
 	font-family: "Verdana", "sans-serif";
-	font-size: 9pt;
 	text-transform: uppercase;
 	text-align: justify;
+	font-size: 12pt;
 }
 
 MadCap|xref
@@ -357,6 +355,7 @@ MadCap|xref
 	color: #0860a8;
 	mc-format: '{paratext}';
 	text-decoration: none;
+	font-size: 12pt;
 }
 
 div.NoteCont
@@ -365,16 +364,44 @@ div.NoteCont
 	border-bottom-width: 1px;
 	border-top-style: solid;
 	border-top-width: 1px;
+	font-size: 10pt;
 }
 
 p.figcap
 {
 	text-align: left;
+	font-size: 12pt;
 }
 
 th
 {
 	text-align: left;
+	font-size: 12pt;
+}
+
+ul
+{
+	font-size: 12pt;
+}
+
+ol
+{
+	font-size: 12pt;
+}
+
+li
+{
+	font-size: 12pt;
+}
+
+b
+{
+	font-size: 12pt;
+}
+
+code
+{
+	font-size: 12pt;
 }
 
 a:link

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Running_Samples_Generated_for_Enclaves.htm

@@ -1,31 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="2" MadCap:lastHeight="1123" MadCap:lastWidth="672">
-    <head><title>Running Samples Generated for Enclaves</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Running Samples Generated for Enclaves</h2>
-        <p>Intel(R) Software Guard Extensions Eclipse* Plugin provides an option to generate a sample application together with the enclave code when the enclave is created.  After the project is build, the sample application is built also and ready to run.  You can see the sample application named sample in the enclave directory in Project Explorer.  You can run this sample as a local C/C++ application as shown in the following figure:</p>
-        <p>
-            <img src="Resources/Images/Sample_Application.png" />
-        </p>
-        <p class="figcap">Sample Application</p>
-        <p>See the result of the execution in Eclipse console window as shown below:</p>
-        <p>
-            <img src="Resources/Images/The_Result_of_Running_Samples_Generated_for_Enclaves.png" />
-        </p>
-        <p class="figcap">The Result of Running Samples Generated for Enclaves</p>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/SGX_Build_Configurations.htm

@@ -1,97 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="5" MadCap:lastHeight="2892" MadCap:lastWidth="554">
-    <head><title>SGX Build Configurations</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>SGX Build Configurations</h2>
-        <p>There are usually two types of builds that a regular non-SGX project defines:</p>
-        <ul>
-            <li>Debug</li>
-            <li>Release</li>
-        </ul>
-        <p>SGX-enabled projects add to this picture support to build and test SGX-enabled application on non-SGX platforms (or emulator) using simulation libraries. This approach doubles the set of build types, creating four possible combinations.  For these combinations, you need to use different sets of compilation and  linking flags and link different libraries.</p>
-        <p>The non-debug hardware build is meant to give production code, so it requires the maximum attention when signed. The Two Steps Sign schema is required for production enclaves, which involves an external signing facility, not part of Intel SGX SDK.  The other configurations are not meant for production but they have to be signed too.  The simplest and more convenient Single Step schema is used for them.</p>
-        <p>Again for testing purpose, you might want to experiment with a non-production enclave built with release compilation and linking flags, on a real hardware SGX-enabled platform. That would be an enclave built exactly as a production enclave, except for the sign process which would be Single Step. To support the construction of such enclave, there is a hardware non-debug build configuration dubbed <i>Prerelease</i>.</p>
-        <p>So there are five SGX related configurations when SGX Nature is added to a project:</p>
-        <p>
-            <img src="Resources/Images/Intel_SGX_Configurations.png" />
-        </p>
-        <p>Intel(R) SGX Configurations</p>
-        <p>The following table resumes the existing SGX configurations and relate them with compilation/linking flags (debug/non-debug) and signing scheme (single vs. two steps):</p>
-        <p class="tablecap">Intel(R) SGX Configurations</p>
-        <table style="width: 100%;border-left-style: solid;border-left-width: 1px;border-right-style: solid;border-right-width: 1px;border-top-style: solid;border-top-width: 1px;border-bottom-style: solid;border-bottom-width: 1px;">
-            <col />
-            <col />
-            <col />
-            <col />
-            <tbody>
-                <tr>
-                    <th>Configuration Name</th>
-                    <th>Simulation?</th>
-                    <th>Debug?</th>
-                    <th>Signing Schema</th>
-                </tr>
-                <tr>
-                    <td>SGX Hardware Debug</td>
-                    <td>Hardware</td>
-                    <td>Debug</td>
-                    <td>Single Step</td>
-                </tr>
-                <tr>
-                    <td>SGX Hardware Pre-release</td>
-                    <td>Hardware</td>
-                    <td>Non-debug</td>
-                    <td>Single Step</td>
-                </tr>
-                <tr>
-                    <td>SGX Hardware Release</td>
-                    <td>Hardware</td>
-                    <td>Non-debug</td>
-                    <td>Two Step</td>
-                </tr>
-                <tr>
-                    <td>SGX Simulation</td>
-                    <td>Simulation</td>
-                    <td>Non-debug</td>
-                    <td>Single Step</td>
-                </tr>
-                <tr>
-                    <td>SGX Simulation</td>
-                    <td>Debug	Simulation</td>
-                    <td>Debug</td>
-                    <td>Single step</td>
-                </tr>
-            </tbody>
-        </table>
-        <p>Intel® Software Guard Extensions Eclipse Plug-in uses standard GNU* make tool to build the trusted and the untrusted code, using the generated file <code>sgx/Makefile</code>.</p>
-        <p>This fact does not impose any restriction on the build tool chosen for the hosting project. Intel® Software Guard Extensions Eclipse* Plug-in uses its own build configurations which do not interfere with the configurations that you might have in your project.</p>
-        <p>When SGX configurations are selected, by default only code under <code>&lt;root&gt;/sgx</code> directory get built.</p>
-        <p>You can customize SGX configurations as any other Eclipse build configurations from the project properties dialog. For example:</p>
-        <ol>
-            <li>Right-click in Project Explorer Properties → C/C++ Build</li>
-            <li>Uncheck the Use default build command checkbox.</li>
-        </ol>
-        <p>Then you can customize and integrate SGX build process.  You can use Makefile instead of <code>sgx/Makefile</code> in the example shown in the following figure:</p>
-        <p>
-            <img src="Resources/Images/Customization_of_SGX_build_command.png" />
-        </p>
-        <p class="figcap">Customization of SGX Build Command			</p>
-        <p>The build process is done using standard Eclipse interface for build, by example from the main <b>Project</b> menu:			</p>
-        <p>
-            <img src="Resources/Images/Project_Menu.png" />
-        </p>
-        <p class="figcap">Project Menu			</p>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/SGX_title.htm

@@ -1,30 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="2" MadCap:lastHeight="391" MadCap:lastWidth="576">
-    <head><title>Intel(R) Software Guard Extensions</title>
-        <meta http-equiv="content-type" content="text/html; charset=utf-8" />
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h1 class="firsttitle">Intel(R) Software Guard Extensions</h1>
-        <h2>Developer Reference</h2>
-        <p>Intel(R) Software Guard Extensions (Intel(R) SGX) is an Intel technology for a
-pplication developers seeking to protect select code and data from disclosure or 
-modification. Intel(R) SGX makes such protections possible through the use of 
-enclaves. Enclaves are protected areas of execution. Application code can be put 
-into an enclave through special instructions and software made available to 
-developers by the Intel(R) SGX SDK.</p>
-        <p><a href="Legal_Information.htm">Legal Information</a>
-        </p>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Two_Steps_Sign_Enclave.htm

@@ -1,59 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="1991" MadCap:lastWidth="680">
-    <head><title>Two Steps Sign Enclave</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Two Steps Sign Enclave</h2>
-        <p>To help you develop enclaves, Intel(R) Software Guard Extensions Eclipse Plug-in generates all required structure including:</p>
-        <ul>
-            <li>c/c++ files and header files</li>
-            <li><code>.edl</code> file</li>
-            <li><code>*.config.xml</code> file</li>
-            <li>a sample Makefile</li>
-            <li>a sample signing key</li>
-        </ul>
-        <p>While these structure might be appropriate for development and debugging, you need a 2-step process to integrate your own signing schema for generating  production enclaves.</p>
-        <ol>
-            <li>Generate hash: the signer tool generates signing material from the unsigned compiled enclave and from the configuration file for the enclave.  The signed material comes as an opaque sequence of bytes which are put in a file with extension <code>.hex</code>. This file is used with the external signing facility.  You come back with a signature for the <code>.hex</code> file plus the public key of your signing facility, and proceed to Step 2.</li>
-            <li>Generate signed enclaves : the signer tool generates the final signed enclave.</li>
-        </ol>
-        <p>To complete this task, provide the following input parameters:</p>
-        <ul>
-            <li>The unsigned enclave</li>
-            <li>The configuration file</li>
-            <li>The output file produced when you generate hash (the <code>.hex</code> file)</li>
-            <li>The files produced by the external signing facility: the signature of the .hex file and public key for it</li>
-            <li>The plugin checks if the input parameters are consistent:</li>
-            <li>The <code>.hex</code> file matches the unsigned enclave and the configuration file,</li>
-            <li>The signed material is verified with the public key</li>
-        </ul>
-        <p>If the parameters are consistenet, the production signed enclave is produced.</p>
-        <div class="NoteCont">
-            <p class="NoteTipHead">NOTE:</p>
-            <p>If you generate signed enclave right after generating hash, you can only enter the parameters specific for generating signed enclave.</p>
-        </div>
-        <p>To use the two-step signing function, activate the configuration <b>SGX Hardware Release mode</b>. When this configuration is active, the compilation does not produce a signed enclave, as in the other SGX configurations; the process only produces unsigned enclaves.</p>
-        <p>
-            <img src="Resources/Images/Configure_SGX_Hardware_Release_Mode.png" />
-        </p>
-        <p class="figcap">Configure SGX Hardware Release Mode</p>
-        <p>When you configure the plugin in the <b>SGX Hardware Release Mode</b>, you can see the <b>Generate Hash</b> and <b>Generate Signed Enclave</b> options through <b>Software Guard Extension Tools-&gt;Two Step Sign Enclave</b>.</p>
-        <p>
-            <img src="Resources/Images/Two_Step_Sign_Enclave_Menu.png" />
-        </p>
-        <p class="figcap">Two Step Sign Enclave Menu</p>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Updating_Enclave_Configuration_Files.htm

@@ -1,39 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="987" MadCap:lastWidth="550">
-    <head><title>Updating Enclave Configuration Files</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Updating Enclave Configuration Files</h2>
-        <p>A configuration file is an important part in the definition of an enclave.  Intel(R) SGX SDK signer tool requires such *.xml configuration file as necessary input.</p>
-        <p>To update this configuration file, use the <b>Update Config</b> command:</p>
-        <ol>
-            <li>
-                <p>Right-click on the root project,  <b>Software Extension Guards Tools-&gt;Select Config File</b>.</p>
-                <p>
-                    <img src="Resources/Images/Select_Configuration_File.png" />
-                </p>
-                <p class="figcap">Select Configuration File</p>
-            </li>
-            <li>
-                <p>Click <b>OK</b> or double-click the selected configuration file to open the <b>Enclave Configuration Settings</b> dialog.</p>
-                <p>
-                    <img src="Resources/Images/Enclave_Configuration_Settings.png" />
-                </p>
-                <p class="figcap">Enclave Configuration Settings</p>
-                <p>For details on the meaning of the fields, see <i>Intel(R) Software Guard Extensions Developer Guide</i>.</p>
-            </li>
-        </ol>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/Updating_SGX_Enclave_Signing_Key.htm

@@ -1,37 +0,0 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="1043" MadCap:lastWidth="652">
-    <head><title>Updating SGX Enclave Signing Key</title>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
-        <h2>Updating SGX Enclave Signing Key</h2>
-        <p>All skeletons enclave samples produced by the plugin contain a sample signing key.  You might want to import another sign key that you already have, or generate a new one.   Use the command <b>Update SGX Enclave Signing Key</b> to complete this task.</p>
-        <ol>
-            <li>Choose  <b>Update SGX Enclave Signing Key</b> by right-click on the project in <b>Project Explorer -&gt; Software Guard Extension Tools</b> menu. The <b>Import or (Re)Generate Enclave Signing Key</b> dialog appears.</li>
-            <li>In the <b>Import or (Re)Generate Enclave Signing Key</b> dialog, click <b>Select</b> to open a file dialog to select the output key.</li>
-            <li>
-                <p>Click <b>Improt Key</b> to update a selected signing key by copying another existing key  or click <b>Generate Key</b> to update the selected signing key by generating a new key. In both cases, the new signature key is put into the file in text field <b>Enclave Signing Key</b>.</p>
-                <p>
-                    <img src="Resources/Images/Import_or_Re_Generate_Enclave_Signing_Key.png" />
-                </p>
-                <p class="figcap">Import or (Re)Generate Enclave Signing Key</p>
-            </li>
-            <li>Click <b>OK</b> to update the enclave signing key.</li>
-        </ol>
-        <p>Under the hood, a new key is generated using openssl*, which needs to be installed on the machine:</p>
-        <p><code>openssl genrsa -out ../../../encl1_private.pem.key.pem -3 3072</code>
-        </p>
-        <p><![CDATA[	]]></p>
-    </body>
-</html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/content.html

@@ -1,35 +1,34 @@
-<!--------------------------------------------------------------------------->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--------------------------------------------------------------------------->
+<?xml version='1.0' encoding='utf-8'?>
+<!-- 
+ Copyright (c) 2016 Intel Corporation.
 
-<?xml version="1.0" encoding="utf-8"?>
-<html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="1043" MadCap:lastWidth="652">
-    <head>
-        <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
-    </head>
-    <body>
+ All rights reserved. This program and the accompanying materials
+ are made available under the terms of the Eclipse Public License v1.0
+ which accompanies this distribution, and is available at
+ http://www.eclipse.org/legal/epl-v10.html
 
-<h1 class="firsttitle" id="SGX_title" >Intel(R) Software Guard Extensions Plug-in for Eclipse*</h1>
+ Contributors:
+     Intel Corporation - initial implementation and documentation
+ -->
+
+<html xmlns:MadCap='http://www.madcapsoftware.com/Schemas/MadCap.xsd' MadCap:lastBlockDepth='4' MadCap:lastHeight='1043' MadCap:lastWidth='652'>
+  <head>
+    <link href='Resources/Stylesheets/intel_css_styles.css' rel='stylesheet' type='text/css' />
+  </head>
+  <body>
+    <div id='SGX_title'>
+        <h1 class="firsttitle">Intel(R) Software Guard Extensions Plug-in for Eclipse*</h1>
         <h2>Developer Guide</h2>
-        <p>Intel(R) Software Guard Extensions (Intel(R) SGX) is an Intel technology for a
-pplication developers seeking to protect select code and data from disclosure or 
+        <p>Intel(R) Software Guard Extensions (Intel(R) SGX) is an Intel technology for application developers seeking to protect select code and data from disclosure or 
 modification. Intel(R) SGX makes such protections possible through the use of 
 enclaves. Enclaves are protected areas of execution. Application code can be put 
 into an enclave through special instructions and software made available to 
 developers by the Intel(R) SGX SDK.</p>
-        <p><a href="#Legal_Information">Legal Information</a>
+        <p><a href="Legal_Information.htm">Legal Information</a>
         </p>
-    
-
-<h1 id="Legal_Information" >Legal Information</h1>
+    </div>
+    <div id='Legal_Information'>
+        <h1>Legal Information</h1>
         <p>No license (express or implied, by estoppel or otherwise) to any intellectual 
  property rights is granted by this document.</p>
         <p>Intel disclaims all express and implied warranties, including without 
@@ -78,13 +77,13 @@ developers by the Intel(R) SGX SDK.</p>
         </table>
         <p>* Other names and brands may be claimed as the property of others.</p>
         <p>© 2016 Intel Corporation.</p>
-    
-
-<h1 id="Introduction" >Introduction</h1>
-        <p>This <i>Developer Guide</i> is intended for use by Independent Service Vendors who wish to harden their Linux* applications using Intel(R) SGX Technology, code named Intel(R) Software Guard Extensions. The guide describes the procedure for installation of Intel(R) SGX Plugin for Eclipse* IDE and development of Intel(R) SGX components using the plugin. The Intel(R) SGX Plugin for Eclipse leverages on the Intel(R) Software Guard Extensions Evaluation SDK, which is a collection of APIs, libraries and tools that enable you to develop, build and debug Intel(R) SGX applications in C/C++.</p>
-        <p>To learn more about the Intel(R) Software Guard Extensions Evaluation SDK, see the <i>Intel(R) Software Guard Extensions Evaluation SDK for Linux* OS</i>.</p>&#160;
-
-<h2 id="Introducing_Intel_Software_Guard _Extensions_Eclipse_Plugin" >Introducing Intel(R) Software Guard Extensions</h2>
+    </div>
+    <div id='Introduction'>
+        <h1>Introduction</h1>
+        <p>This <i>Developer Guide</i> is intended for use by Independent Service Vendors who wish to harden their Linux* applications using Intel(R) SGX Technology, code named Intel(R) Software Guard Extensions. The guide describes the procedure for installation of Intel(R) SGX Plugin for Eclipse* IDE and development of Intel(R) SGX components using the plugin. The Intel(R) SGX Plugin for Eclipse leverages on the Intel(R) Software Guard Extensions SDK, which is a collection of APIs, libraries and tools that enable you to develop, build and debug Intel(R) SGX applications in C/C++.</p>
+        <p>To learn more about the Intel(R) Software Guard Extensions SDK, see the <i>Intel(R) Software Guard Extensions SDK for Linux* OS Developer Reference</i>.</p>&#160;</div>
+    <div id='Introducing_Intel_Software_Guard _Extensions_Eclipse_Plugin'>
+        <h2>Introducing Intel(R) Software Guard Extensions</h2>
         <p>Intel(R) Software Guard Extensions is a new Intel technology, whose objective is to enable a high level of protection of secrets. It operates by allocating hardware-protected memory where code and data reside. The protected memory area within an application process is called an enclave. Data within the enclave memory can only be accessed by code that resides within that enclave. Enclave code can be invoked by special instructions.</p>
         <p>An enclave can be built and loaded as a shared object.</p>
         <p>Throughout this document, Intel(R) SGX refers to Intel(R) Software Guard Extensions.</p>
@@ -105,22 +104,22 @@ developers by the Intel(R) SGX SDK.</p>
         </ul>
         <p>The proxy and bridge functions are generated by the <code>sgx_edger8r</code> tool provided by Intel(R) SGX SDK. It reads an <i>edl</i> file (Enclave Descriptor Language) which describes the functions that form the <i>trusted</i> and <i>untrusted</i> component boundaries within the application.</p>
         <p>After the enclave is built, a signed version of it is created using the tool <code>sgx_sign</code> also provided by Intel(R) SGX SDK.  It is this signed version may be loaded and executed in the encrypted memory.</p>
-        <p>Enclaves may have some specific properties which are added as meta-information during the signing process.  The meta-information is stored in one configuration xml file per enclave, whose details may be seen in <i>Intel(R) Software Guard Extensions Evaluation SDK for Linux* OS</i>.</p>
-    
-
-<h2 id="Introducing_Intel_Software_Guard_Extensions" >Introducing Intel(R) Software Guard Extensions Eclipse* Plug-in</h2>
-        <p>The Intel(R) Software Guard Extensions Eclipse* Plug-in helps the enclave developer to maintain enclaves and untrusted related code inside Eclipse* C/C++ projects.   To use this support, add SGX nature to the C/C++ project.  See <a href="#Adding_SGX_Nature_to_a_Project">Adding SGX Nature to a Project</a> for details.</p>
+        <p>Enclaves may have some specific properties which are added as meta-information during the signing process.  The meta-information is stored in one configuration xml file per enclave, whose details may be seen in <i>Intel(R) Software Guard Extensions SDK for Linux* OS</i>.</p>
+    </div>
+    <div id='Introducing_Intel_Software_Guard_Extensions'>
+        <h2>Introducing Intel(R) Software Guard Extensions Eclipse* Plug-in</h2>
+        <p>The Intel(R) Software Guard Extensions Eclipse* Plug-in helps the enclave developer to maintain enclaves and untrusted related code inside Eclipse* C/C++ projects.   To use this support, add SGX nature to the C/C++ project.  See <a href="Adding_SGX_Nature_to_a_Project.htm">Adding SGX Nature to a Project</a> for details.</p>
         <p>Once the SGX nature is added to a project, you will have access to the SGX commands.  SGX nature adds also a folder called <code>sgx</code> to the root of the project, and a Makefile inside it.   All resources of the project managed by Intel(R) Software Guard Extensions Eclipse Plug-inare located inside this directory.  You can build and run enclaves related code using GNU* Make tool through the Makefile.</p>
         <p>The plugin is generating minimal but ready-to-work code skeletons, complete with their own Makefile having all the required make targets as to call <code>sgx_edger8r</code> tool to generate the proxies and bridges, compile these source, generate a shared object and finally, to sign the enclave with the <code>sgx_sign</code> tool.  This provide a starting point you may build upon.</p>
-    
-
-<h1 id="Getting_Started" >Getting Started with Intel(R) Software Guard Extensions Eclipse* Plug-in</h1>
+    </div>
+    <div id='Getting_Started'>
+        <h1>Getting Started with Intel(R) Software Guard Extensions Eclipse* Plug-in</h1>
         <p>This section contains steps to set up your Intel(R) Software Guard Extensions Eclipse* Plug-in on a Linux* system, including necessary softwares, steps to install the product, and steps to configure your preferred product directory.</p>
         <p>•	Pre-requisites</p>
         <p>•	Installing Intel(R) Software Guard Extensions Eclipse* Plug-in</p>
-        <p>•	Configuring Intel(R) Software Guard Extensions Eclipse* Plug-in</p>&#160;
-
-<h2 id="Prerequisites" >Pre-requisites</h2>
+        <p>•	Configuring Intel(R) Software Guard Extensions Eclipse* Plug-in</p>&#160;</div>
+    <div id='Prerequisites'>
+        <h2>Pre-requisites</h2>
         <p>To use Intel(R) Software Guard Extensions Eclipse Plug-in, install the following softwares:</p>
         <ul>
             <li>Eclipse* Mars 1 with CDT IDE for C/C++ Developpers (version 4.5.1).   To use this version, install Java* Development Kit (JDK) or Java* Runtime Environment (JRE)  version 1.8 or above.</li>
@@ -128,9 +127,9 @@ developers by the Intel(R) SGX SDK.</p>
             <li>Openssl*</li>
             <li>Intel(R) SGX SDK for Linux* OS</li>
         </ul>
-    
-
-<h2 id="Installing_Intel_Software_Guard_Extensions_Eclipse_Plugin" >Installing Intel(R) Software Guard Extensions Eclipse* Plug-in</h2>
+    </div>
+    <div id='Installing_Intel_Software_Guard_Extensions_Eclipse_Plugin'>
+        <h2>Installing Intel(R) Software Guard Extensions Eclipse* Plug-in</h2>
         <p>Install Intel(R) Software Guard Extensions Eclipse* Plug-in as a regular Eclipse Plugin:</p>
         <ol>
             <li>Download the zip archive of Intel(R) Software Guard Extensions Eclipse Plug-in from Intel Site</li>
@@ -151,9 +150,9 @@ developers by the Intel(R) SGX SDK.</p>
             <li>Press <b>OK</b>  to add the archive as a repository.</li>
             <li>In the <b>Install</b> dialog, select the <b>Software Guard Extensions Plugin</b> check-box and proceed with the usual steps.</li>
         </ol>
-    
-
-<h2 id="Configuring_Intel_Software_Guard_Extensions_Eclipse_Plug-in" >Configuring Intel(R) Software Guard Extensions Eclipse* Plug-in</h2>
+    </div>
+    <div id='Configuring_Intel_Software_Guard_Extensions_Eclipse_Plug-in'>
+        <h2>Configuring Intel(R) Software Guard Extensions Eclipse* Plug-in</h2>
         <p>If you do not install Intel(R) SGX SDK for Linux* OS in the default location, you need to specify the path for Intel SGX SDK  using the following steps:</p>
         <ol>
             <li>
@@ -165,9 +164,9 @@ developers by the Intel(R) SGX SDK.</p>
             </li>
             <li>Enter the path for Intel SGX SDK for Linux OS in the <b>SGX SDK Directory</b> field.</li>
         </ol>
-    
-
-<h1 id="Command_Reference" >Command Reference</h1>
+    </div>
+    <div id='Command_Reference'>
+        <h1>Command Reference</h1>
         <p>This topic provides the command reference for the following scenarios of using Intel(R) Software Guard Extensions Eclipse* Plug-in:</p>
         <ul>
             <li>Adding SGX nature to a project</li>
@@ -178,14 +177,14 @@ developers by the Intel(R) SGX SDK.</p>
             <li>Updating enclave configuration files</li>
             <li>Two steps sign enclave</li>
         </ul>
-        <p>All commands brought by Intel(R) Software Guard Extensions Eclipse Plug-in are available by right-clicking on the Project root in Project explorer view in menu <b>Software Guard Extension Tools</b>:</p>&#160;<p><img src="Resources/Images/Project_Explorer.png" /></p><p class="figcap">Project Explorer</p>&#160;
-
-<h2 id="Adding_SGX_Nature_to_a_Project" >Adding SGX Nature to a Project</h2>
+        <p>All commands brought by Intel(R) Software Guard Extensions Eclipse Plug-in are available by right-clicking on the Project root in Project explorer view in menu <b>Software Guard Extension Tools</b>:</p>&#160;<p><img src="Resources/Images/Project_Explorer.png" /></p><p class="figcap">Project Explorer</p>&#160;</div>
+    <div id='Adding_SGX_Nature_to_a_Project'>
+        <h2>Adding SGX Nature to a Project</h2>
         <p>The <i>nature</i> of an Eclipse project is a concept defined by an Eclipse Platform which allows a plug-in to tag a project as a specific kind of project.   Intel(R) Software Guard Extensions  uses an <i>SGX nature</i> to add SGX-specific behavior to projects.  Project natures are defined by plug-ins, and are typically added or removed per-project when the user performs some action defined by the plug-in.</p>
-        <p>To use Intel(R) Software Guard Extensions Eclipse Plug-in in your project, you need to add SGX nature to it.   You may either add SGX nature to a pre-existing C/C++ project or create a project with SGX nature from start.  See <a href="#Adding_SGX_Nature_to_a_non_SGX_project">Adding SGX Nature to a non-SGX project</a> and <a href="#Creating_a_New_C_C_Project_with_SGX_Nature">Creating a New C/C++ Project with SGX Nature</a> for how to complete these tasks.</p>
-    
-
-<h3 id="Adding_SGX_Nature_to_a_non_SGX_project" >Adding SGX Nature to a non-SGX project</h3>
+        <p>To use Intel(R) Software Guard Extensions Eclipse Plug-in in your project, you need to add SGX nature to it.   You may either add SGX nature to a pre-existing C/C++ project or create a project with SGX nature from start.  See <a href="Adding_SGX_Nature_to_a_non_SGX_project.htm">Adding SGX Nature to a non-SGX project</a> and <a href="Creating_a_New_C_C_Project_with_SGX_Nature.htm">Creating a New C/C++ Project with SGX Nature</a> for how to complete these tasks.</p>
+    </div>
+    <div id='Adding_SGX_Nature_to_a_non_SGX_project'>
+        <h3>Adding SGX Nature to a non-SGX project</h3>
         <p>When you have a C/C++ project created without Intel SGX, you cannot use Intel SGX support.  In this case, you need to add SGX nature to this project to use Intel SGX support:</p>
         <ol>
             <li>Right-click on the project root <![CDATA[	]]></li>
@@ -221,9 +220,9 @@ developers by the Intel(R) SGX SDK.</p>
                 <p class="figcap">Configurations Specific to Intel(R) SGX Technology</p>
             </li>
         </ul>
-    
-
-<h3 id="Creating_a_New_C_C_Project_with_SGX_Nature" >Creating a New C/C++ Project with SGX Nature</h3>
+    </div>
+    <div id='Creating_a_New_C_C_Project_with_SGX_Nature'>
+        <h3>Creating a New C/C++ Project with SGX Nature</h3>
         <p>You can create a new project with SGX nature. To create such a project, follow these steps:</p>
         <ol>
             <li>
@@ -241,9 +240,9 @@ developers by the Intel(R) SGX SDK.</p>
             <p class="NoteTipHead">NOTE:</p>
             <p>Projects created following the subcategories under <b>C/C++ with SGX Enabled</b> are identical with their standard counterparts, except that they have SGX Nature added.  There is no difference between creating a C or C++ project with SGX enabled, or creating a standard C/C++ project and launch <b>Add SGX nature</b> from it, as described in precedent paragraph.</p>
         </div>
-    
-
-<h2 id="Adding_an_SGX_Enclave" >Adding an SGX Enclave</h2>
+    </div>
+    <div id='Adding_an_SGX_Enclave'>
+        <h2>Adding an SGX Enclave</h2>
         <p>After you add the SGX nature to a project, you can start creating a minimal but complete skeleton for a new enclave:</p>
         <ol>
             <li>Right-click on the project root in <b>Project Explorer</b>.</li>
@@ -278,9 +277,9 @@ developers by the Intel(R) SGX SDK.</p>
             <p class="NoteTipHead">NOTE:</p>
             <p>If you select the <b>Generate sample untrusted application</b> checkbox, ecalls from the untrusted part are not be resolved by Eclipse C/C++ indexer. These functions are marked with a red line. The declaration of these ecalls resides in the unstrusted stub header which is generated during the build proces and is not indexed by Eclipse. To resolve this problem, right-click on project root and select <b>Index → Freshen All Files</b>.</p>
         </div>
-    
-
-<h2 id="Adding_an_SGX_Trusted_Library" >Adding an SGX Trusted Library</h2>
+    </div>
+    <div id='Adding_an_SGX_Trusted_Library'>
+        <h2>Adding an SGX Trusted Library</h2>
         <p>Trusted Static Libraries helps enclave author  have libraries of shared code to be reused by enclaves, in exactly the same manner as usual static <code>libxxx.a</code> libraries are used to share code between regular non-SGX applications.  The plugin adds a command to generate the skeleton of a trusted shared library.</p>
         <p>To add a new SGX Trusted Library:</p>
         <ol>
@@ -299,9 +298,9 @@ developers by the Intel(R) SGX SDK.</p>
                 <p class="figcap">A Generated Trusted Library</p>
             </li>
         </ol>
-    
-
-<h2 id="Adding_an_SGX_Untrusted_Module" >Adding an SGX Untrusted Module</h2>
+    </div>
+    <div id='Adding_an_SGX_Untrusted_Module'>
+        <h2>Adding an SGX Untrusted Module</h2>
         <p>Add an untrusted module to generate the untrusted stubs so you use an enclave, provided you have access to its <code>.edl</code> file.  The enclave might have been built in the current project or in a different project.</p>
         <p>To use trusted functionality of an enclave for which its <code>*.edl</code> is known, use the command <b>Add SGX Untrusted Module</b>:</p>
         <ol>
@@ -320,9 +319,9 @@ developers by the Intel(R) SGX SDK.</p>
                 <p class="figcap">Copying the Untrusted Module to a Project</p>
             </li>
         </ol>
-    
-
-<h2 id="Updating_SGX_Enclave_Signing_Key" >Updating SGX Enclave Signing Key</h2>
+    </div>
+    <div id='Updating_SGX_Enclave_Signing_Key'>
+        <h2>Updating SGX Enclave Signing Key</h2>
         <p>All skeletons enclave samples produced by the plugin contain a sample signing key.  You might want to import another sign key that you already have, or generate a new one.   Use the command <b>Update SGX Enclave Signing Key</b> to complete this task.</p>
         <ol>
             <li>Choose  <b>Update SGX Enclave Signing Key</b> by right-click on the project in <b>Project Explorer -&gt; Software Guard Extension Tools</b> menu. The <b>Import or (Re)Generate Enclave Signing Key</b> dialog appears.</li>
@@ -340,9 +339,9 @@ developers by the Intel(R) SGX SDK.</p>
         <p><code>openssl genrsa -out ../../../encl1_private.pem.key.pem -3 3072</code>
         </p>
         <p><![CDATA[	]]></p>
-    
-
-<h2 id="Updating_Enclave_Configuration_Files" >Updating Enclave Configuration Files</h2>
+    </div>
+    <div id='Updating_Enclave_Configuration_Files'>
+        <h2>Updating Enclave Configuration Files</h2>
         <p>A configuration file is an important part in the definition of an enclave.  Intel(R) SGX SDK signer tool requires such *.xml configuration file as necessary input.</p>
         <p>To update this configuration file, use the <b>Update Config</b> command:</p>
         <ol>
@@ -362,9 +361,9 @@ developers by the Intel(R) SGX SDK.</p>
                 <p>For details on the meaning of the fields, see <i>Intel(R) Software Guard Extensions Developer Guide</i>.</p>
             </li>
         </ol>
-    
-
-<h2 id="Two_Steps_Sign_Enclave" >Two Steps Sign Enclave</h2>
+    </div>
+    <div id='Two_Steps_Sign_Enclave'>
+        <h2>Two Steps Sign Enclave</h2>
         <p>To help you develop enclaves, Intel(R) Software Guard Extensions Eclipse Plug-in generates all required structure including:</p>
         <ul>
             <li>c/c++ files and header files</li>
@@ -403,9 +402,9 @@ developers by the Intel(R) SGX SDK.</p>
             <img src="Resources/Images/Two_Step_Sign_Enclave_Menu.png" />
         </p>
         <p class="figcap">Two Step Sign Enclave Menu</p>
-    
-
-<h3 id="Generate_Hash" >Generate Hash</h3>
+    </div>
+    <div id='Generate_Hash'>
+        <h3>Generate Hash</h3>
         <p>Generating hash is the first step in the 2-Steps signing process.To generate hash, use the following steps:</p>
         <ol>
             <li>
@@ -431,9 +430,9 @@ developers by the Intel(R) SGX SDK.</p>
         </p>
         <p class="figcap">Generate Signed Enclave Dialog with Pre-configurations</p>
         <p>If you click <b>Cancel</b> in the <b>Generate Signed Enclave</b> dialog, you can continue the signing process later using the <b>Generate Signed Enclave</b> command.</p>
-    
-
-<h3 id="Generate_Signed_Enclaves" >Generate Signed Enclaves</h3>
+    </div>
+    <div id='Generate_Signed_Enclaves'>
+        <h3>Generate Signed Enclaves</h3>
         <p>Generating signed enclave is the second step in the 2-Steps signing process.  You should have the following files to complete this step:</p>
         <ul>
             <li>The <code>.hex</code> file generated with <b>Generate Hash</b> command</li>
@@ -452,16 +451,16 @@ developers by the Intel(R) SGX SDK.</p>
             </li>
             <li>Enter the inputs to all the fields and click <b>OK</b>.</li>
         </ol>
-    
-
-<h1 id="Building_and_Running_SGX_Code" >Building and Running SGX Code</h1>
+    </div>
+    <div id='Building_and_Running_SGX_Code'>
+        <h1>Building and Running SGX Code</h1>
         <p>This section describes the following topics about building and running SGX code:</p>
         <ul>
             <li>SGX build configurations</li>
             <li>Running samples generated for enclaves</li>
-        </ul>&#160;
-
-<h2 id="SGX_Build_Configurations" >SGX Build Configurations</h2>
+        </ul>&#160;</div>
+    <div id='SGX_Build_Configurations'>
+        <h2>SGX Build Configurations</h2>
         <p>There are usually two types of builds that a regular non-SGX project defines:</p>
         <ul>
             <li>Debug</li>
@@ -539,9 +538,9 @@ developers by the Intel(R) SGX SDK.</p>
             <img src="Resources/Images/Project_Menu.png" />
         </p>
         <p class="figcap">Project Menu			</p>
-    
-
-<h2 id="Running_Samples_Generated_for_Enclaves" >Running Samples Generated for Enclaves</h2>
+    </div>
+    <div id='Running_Samples_Generated_for_Enclaves'>
+        <h2>Running Samples Generated for Enclaves</h2>
         <p>Intel(R) Software Guard Extensions Eclipse* Plugin provides an option to generate a sample application together with the enclave code when the enclave is created.  After the project is build, the sample application is built also and ready to run.  You can see the sample application named sample in the enclave directory in Project Explorer.  You can run this sample as a local C/C++ application as shown in the following figure:</p>
         <p>
             <img src="Resources/Images/Sample_Application.png" />
@@ -552,6 +551,6 @@ developers by the Intel(R) SGX SDK.</p>
             <img src="Resources/Images/The_Result_of_Running_Samples_Generated_for_Enclaves.png" />
         </p>
         <p class="figcap">The Result of Running Samples Generated for Enclaves</p>
-    
-</body>
+    </div>
+  </body>
 </html>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/toc.xml

@@ -1,90 +1,44 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!--                                                                       -->
-<!-- Copyright (c) 2016 Intel Corporation.				   -->
-<!-- 									   -->
-<!-- All rights reserved. This program and the accompanying materials	   -->
-<!-- are made available under the terms of the Eclipse Public License v1.0 -->
-<!-- which accompanies this distribution, and is available at		   -->
-<!-- http://www.eclipse.org/legal/epl-v10.html				   -->
-<!-- 									   -->
-<!-- Contributors:							   -->
-<!--     Intel Corporation - initial implementation and documentation	   -->
-<!--                                                                       -->
-<toc     label="Intel(R) SGX Plugin* Developer Guide"
-    topic="html/content.html#SGX_title" >
-  <topic
-    label="Legal Information"
-    href="html/content.html#Legal_Information" />
-  <topic
-    label="Introduction"
-    href="html/content.html#Introduction">
-    <topic
-      label="Introducing Intel(R) SGX"
-      href="html/content.html#Introducing_Intel_Software_Guard _Extensions_Eclipse_Plugin" />
-    <topic
-      label="Introducing Intel(R) SGX Plugin"
-      href="html/content.html#Introducing_Intel_Software_Guard_Extensions" />
-  </topic>
-  <topic
-    label="Getting Started with Intel(R) SGX Plugin"
-    href="html/content.html#Getting_Started">
-    <topic
-      label="Pre-requisites"
-      href="html/content.html#Prerequisites" />
-    <topic
-      label="Installing Intel(R) SGX Plugin"
-      href="html/content.html#Installing_Intel_Software_Guard_Extensions_Eclipse_Plugin" />
-    <topic
-      label="Configuring Intel(R) SGX Plugin"
-      href="html/content.html#Configuring_Intel_Software_Guard_Extensions_Eclipse_Plugin" />
-  </topic>
-  <topic
-    label="Command Reference"
-    href="html/content.html#Command_Reference">
-    <topic
-      label="Adding SGX Nature to a Project"
-      href="html/content.html#Adding_SGX_Nature_to_a_Project">
-      <topic
-        label="Adding SGX Nature to a non-SGX project"
-        href="html/content.html#Adding_SGX_Nature_to_a_non_SGX_project" />
-      <topic
-        label="Creating a New C/C++ Project with SGX Nature"
-        href="html/content.html#Creating_a_New_C_C_Project_with_SGX_Nature" />
-    </topic>
-    <topic
-      label="Adding an SGX Enclave"
-      href="html/content.html#Adding_an_SGX_Enclave" />
-    <topic
-      label="Adding an SGX Trusted Library"
-      href="html/content.html#Adding_an_SGX_Trusted_Library" />
-    <topic
-      label="Adding an SGX Untrusted Module"
-      href="html/content.html#Adding_an_SGX_Untrusted_Module" />
-    <topic
-      label="Updating SGX Enclave Signing Key"
-      href="html/content.html#Updating_SGX_Enclave_Signing_Key" />
-    <topic
-      label="Updating Enclave Configuration Files"
-      href="html/content.html#Updating_Enclave_Configuration_Files" />
-    <topic
-      label="Two Steps Sign Enclave"
-      href="html/content.html#Two_Steps_Sign_Enclave">
-      <topic
-        label="Generate Hash"
-        href="html/content.html#Generate_Hash" />
-      <topic
-        label="Generate Signed Enclaves"
-        href="html/content.html#Generate_Signed_Enclaves" />
-    </topic>
-  </topic>
-  <topic
-    label="Building and Running SGX Code"
-    href="html/content.html#Building_and_Running_SGX_Code">
-    <topic
-      label="SGX Build Configurations"
-      href="html/content.html#SGX_Build_Configurations" />
-    <topic
-      label="Running Samples Generated for Enclaves"
-      href="html/content.html#Running_Samples_Generated_for_Enclaves" />
-  </topic>
-</toc>
+<?xml version='1.0' encoding='utf-8'?>
+<!-- 
+ Copyright (c) 2016 Intel Corporation.				   
+ 									   
+ All rights reserved. This program and the accompanying materials	   
+ are made available under the terms of the Eclipse Public License v1.0 
+ which accompanies this distribution, and is available at		   
+ http://www.eclipse.org/legal/epl-v10.html				   
+ 									   
+ Contributors:							   
+     Intel Corporation - initial implementation and documentation	   
+ -->
+
+<toc href='html/content.html#SGX_title' label='Intel(R) SGX Plugin Developer Guide'>
+  <topic label='Legal Information' href='html/content.html#Legal_Information' />
+  <topic label='Introduction' href='html/content.html#Introduction'>
+    <topic label='Introducing Intel(R) SGX' href='html/content.html#Introducing_Intel_Software_Guard _Extensions_Eclipse_Plugin' />
+    <topic label='Introducing Intel(R) SGX Plug-in' href='html/content.html#Introducing_Intel_Software_Guard_Extensions' />
+  </topic>
+  <topic label='Getting Started with Intel(R) SGX Plug-in' href='html/content.html#Getting_Started'>
+    <topic label='Pre-requisites' href='html/content.html#Prerequisites' />
+    <topic label='Installing Intel(R) SGX Plug-in' href='html/content.html#Installing_Intel_Software_Guard_Extensions_Eclipse_Plugin' />
+    <topic label='Configuring Intel(R) SGX Plug-in' href='html/content.html#Configuring_Intel_Software_Guard_Extensions_Eclipse_Plug-in' />
+  </topic>
+  <topic label='Command Reference' href='html/content.html#Command_Reference'>
+    <topic label='Adding SGX Nature to a Project' href='html/content.html#Adding_SGX_Nature_to_a_Project'>
+      <topic label='Adding SGX Nature to a non-SGX project' href='html/content.html#Adding_SGX_Nature_to_a_non_SGX_project' />
+      <topic label='Creating a New C/C++ Project with SGX Nature' href='html/content.html#Creating_a_New_C_C_Project_with_SGX_Nature' />
+    </topic>
+    <topic label='Adding an SGX Enclave' href='html/content.html#Adding_an_SGX_Enclave' />
+    <topic label='Adding an SGX Trusted Library' href='html/content.html#Adding_an_SGX_Trusted_Library' />
+    <topic label='Adding an SGX Untrusted Module' href='html/content.html#Adding_an_SGX_Untrusted_Module' />
+    <topic label='Updating SGX Enclave Signing Key' href='html/content.html#Updating_SGX_Enclave_Signing_Key' />
+    <topic label='Updating Enclave Configuration Files' href='html/content.html#Updating_Enclave_Configuration_Files' />
+    <topic label='Two Steps Sign Enclave' href='html/content.html#Two_Steps_Sign_Enclave'>
+      <topic label='Generate Hash' href='html/content.html#Generate_Hash' />
+      <topic label='Generate Signed Enclaves' href='html/content.html#Generate_Signed_Enclaves' />
+    </topic>
+  </topic>
+  <topic label='Building and Running SGX Code' href='html/content.html#Building_and_Running_SGX_Code'>
+    <topic label='SGX Build Configurations' href='html/content.html#SGX_Build_Configurations' />
+    <topic label='Running Samples Generated for Enclaves' href='html/content.html#Running_Samples_Generated_for_Enclaves' />
+  </topic>
+</toc>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx/templates/sgx/SGXEnclave/trusted/Enclave1.config.xml

@@ -1,4 +1,3 @@
-<!-- Please refer to User's Guide for the explanation of each field -->
 <EnclaveConfiguration>
   <ProdID>0</ProdID>
   <ISVSVN>0</ISVSVN>

Linux_SGXEclipsePlugin/build_directory/sites/site.xml

@@ -17,5 +17,7 @@
    <feature url="features/com.intel.sgx.feature_1.0.1.qualifier.jar" id="com.intel.sgx.feature" version="1.0.1.qualifier">
       <category name="com.intel.security.sgx"/>
    </feature>
-   <category-def name="com.intel.security.sgx" label="SGX Eclipse Plugin"/>
+   <category-def name="com.intel.security.sgx" label="SGX Eclipse Plugin">
+      <description>SGX Eclipse Plugin 1.0.1.qualifier</description>
+   </category-def>
 </site>

Linux_SGXEclipsePlugin/clean.sh

@@ -13,7 +13,7 @@ rm -fv build_directory/features/com.intel.sgx.feature/build.xml
 rm -fv build_directory/features/com.intel.sgx.feature/*.zip
 rm -rfv build_directory/nestedJars
 rm -rfv build_directory/updatesite/sgx-eclipse-plugin
-find . -name "*.zip" | xargs rm -rfv
+find . -name "*.zip" ! -name  "eclipse_mars.v4.5.1_x64.zip" | xargs rm -rfv
 find . -name "javaCompiler*" | xargs rm -rfv
 find . -name "@*" | xargs rm -rfv
 find build_directory -maxdepth 1 -mindepth 1 | grep -v "features" | grep -v "plugins" | grep -v "sites" | grep -v "updatesite" | xargs rm -frv

Linux_SGXEclipsePlugin/readme.txt

@@ -1,21 +1,22 @@
-The eclipse plugin build from commandline requires the following variables to be set
+The eclipse plugin build from command line requires the following variables to be set.
 
 $ECLIPSE_HOME - Path to eclipse home. In order to build the plugin eclipse needs to be installed.
-$RELEASE_ID - The release id for the plugin.
-
-The plugin has been tested with the following Eclipse ADT version
-
-Build: v22.3.0-887826
+$RELEASE_ID - The release id for the plugin. The release id should be changed for each source codes updates.
+$DELETE_CURRENT_ECLIPSE - Delete current eclipse or not. Generally this variable is set to false.
 
 The following plugins are pre-requisites to be installed in Eclipse before trying to build the plugin.
 
 1. Eclipse IDE for C/C++ Developers  4.5.1.20150917-1200 (tested_version)
 2. Eclipse PDE Plug-in Developer Resources   3.11.1.v20150904-0345 (tested_version)
 
+run ./build.sh from command line under current directory.
+Once the build script is run, the folder build_directory/updatesite/sgx-eclipse-plugin contains the update site. This is the path that needs to be provided to the eclipse while doing installation.
 
 If the sgx eclipse plugin is already installed to eclipse and to build and install a newer version, uninstall the old version and start eclipse with the -clean option.
 Then try to build the new version of the plugin and install it in eclipse.
 
 http://wiki.eclipse.org/FAQ_How_do_I_remove_a_plug-in%3F
 
-Once the build script is run, the folder build_directory/updatesite/sgx-eclipse-plugin contains the update site. This is the path that needs to be provided to the eclipse while doing installation.
+The plugin has been tested with the following Eclipse ADT version
+
+Build: v22.3.0-887826

Linux_SGXEclipsePlugin/src/main/groovy/preprocessHtml.groovy

@@ -1,34 +0,0 @@
-import groovy.xml.MarkupBuilder
-import groovy.xml.StreamingMarkupBuilder
-
-
-println "Hello, Script!!!"
-
-
-
-def fragments = new XmlParser(false, true).parseText("<html><body></body></html>")
-
-def resultFile = new File('/home/mlutescu/0_WORK/SGXUserGuide/developer_guide_eclipse_plugin/Output/WebHelp/Content/test.html')
-
-if (resultFile.exists()) {
-    resultFile.delete()
-}
-
-def fltoc = new File('/home/mlutescu/0_WORK/SGXUserGuide/developer_guide_eclipse_plugin/Project/TOCs/Master.fltoc')
-def toc = (new XmlParser()).parse(fltoc)
-def contentDir = new File(fltoc, '../../../').canonicalPath
-
-def PrintWriter pw = new PrintWriter(new FileWriter(resultFile))
-
-
-toc.TocEntry['**'].each { tocEntry ->
-    def htmlFile = new File(contentDir, "${tocEntry.'@Link'}")
-
-
-    println htmlFile.text
-}
-
-
-
-println groovy.xml.XmlUtil.serialize( fragments)
-

README.md

@@ -21,7 +21,7 @@ See CONTRIBUTING.md for details.
 
 Documentation
 -------------
-- [Intel(R) SGX for Linux\* OS][1] project home page on [01.org](http://01.org)
+- [Intel(R) SGX for Linux\* OS][1] project home page on [01.org](https://01.org)
 - [Intel(R) SGX Programming Reference][2]
 [1]: https://01.org/intel-softwareguard-extensions
 [2]: https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf
@@ -44,7 +44,7 @@ Build the Intel(R) SGX SDK and Intel(R) SGX PSW Package
   $ sudo apt-get install libcurl4-openssl-dev protobuf-compiler protobuf-c-compiler libprotobuf-dev libprotobuf-c0-dev
 ```
 - Use the script `download_prebuilt.sh` inside source code package to download prebuilt binaries to prebuilt folder  
-  You may need set http proxy for wget tool used by the script (such as `export http_proxy=http://test-proxy:test-port`)  
+  You may need set https proxy for wget tool used by the script (such as `export https_proxy=http://test-proxy:test-port`)  
 ```
   $ ./download_prebuilt.sh
 ```
@@ -92,16 +92,12 @@ Install Intel(R) SGX SDK
 ```
 
 ###Install Intel(R) SGX SDK
-To install Intel(R) SGX SDK, execute the installer with root privilege:
+To install Intel(R) SGX SDK, enter the following commands:
 ```
 $ cd linux/installer/bin
-$ sudo ./sgx_linux_x64_sdk_${version}.bin 
+$ ./sgx_linux_x64_sdk_${version}.bin 
 ```
 ###Test Intel(R) SGX SDK Package with the Sample Codes
-- Copy the sample codes installed by Intel(R) SGX SDK package into your work folder, such as  
-```
-  $ cp -r /opt/intel/sgxsdk/SampleCode ~
-```
 - Compile and run each sample codes in the simulation mode to make sure the package works well.  
 ```
   $ cd SampleCode/LocalAttestation
@@ -114,10 +110,6 @@ $ sudo ./sgx_linux_x64_sdk_${version}.bin
 If you use an SGX hardware enabled machine, you need to run the sample codes in the hardware mode.
 Ensure that you install SGX driver and Intel(R) SGX PSW installer on the machine.  
 See the topic, Install Intel(R) SGX PSW, on how to install the PSW package.
-- Copy the sample codes installed by the Intel(R) SGX SDK package into your work folder, such as  
-```
-  $ cp -r /opt/intel/sgxsdk/SampleCode ~
-```
 - Compile and run each sample codes in the debug mode.  
 ```
   $ cd SampleCode/LocalAttestation

SampleCode/LocalAttestation/Makefile

@@ -131,6 +131,14 @@ Enclave_Cpp_Files_3 := $(wildcard Enclave3/*.cpp)
 Enclave_Include_Paths := -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport -I./LocalAttestationCode -I./Include
 
 Enclave_Compile_Flags := $(SGX_COMMON_CFLAGS) -nostdinc -fvisibility=hidden -fpie -fstack-protector $(Enclave_Include_Paths)
+
+# To generate a proper enclave, it is recommended to follow below guideline to link the trusted libraries:
+#    1. Link sgx_trts with the `--whole-archive' and `--no-whole-archive' options,
+#       so that the whole content of trts is included in the enclave.
+#    2. For other libraries, you just need to pull the required symbols.
+#       Use `--start-group' and `--end-group' to link these libraries.
+# Do NOT move the libraries linked with `--start-group' and `--end-group' within `--whole-archive' and `--no-whole-archive' options.
+# Otherwise, you may get some undesirable errors.
 Enclave_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \
 	-Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
 	-Wl,--start-group -lsgx_tstdc -lsgx_tstdcxx -l$(Crypto_Library_Name) -L. -lLocalAttestation_Trusted -l$(Service_Library_Name) -Wl,--end-group \
@@ -162,7 +170,7 @@ all: $(Trust_Lib_Name) $(UnTrustLib_Name) Enclave1.so Enclave2.so Enclave3.so $(
 	@echo "   $(SGX_ENCLAVE_SIGNER) sign -key <key1> -enclave Enclave1.so -out <$(Enclave_Name_1)> -config Enclave1/Enclave1.config.xml"
 	@echo "   $(SGX_ENCLAVE_SIGNER) sign -key <key2> -enclave Enclave2.so -out <$(Enclave_Name_2)> -config Enclave2/Enclave2.config.xml"
 	@echo "   $(SGX_ENCLAVE_SIGNER) sign -key <key3> -enclave Enclave3.so -out <$(Enclave_Name_3)> -config Enclave3/Enclave3.config.xml"
-	@echo "You can also sign the enclaves using an external signing tool. See User's Guide for more details."
+	@echo "You can also sign the enclaves using an external signing tool."
 	@echo "To build the project in simulation mode set SGX_MODE=SIM. To build the project in prerelease mode set SGX_PRERELEASE=1 and SGX_MODE=HW."
 else
 all: $(Trust_Lib_Name) $(UnTrustLib_Name) $(Enclave_Name_1) $(Enclave_Name_2) $(Enclave_Name_3) $(App_Name)

SampleCode/PowerTransition/Makefile

@@ -124,6 +124,14 @@ Enclave_Include_Paths := -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX
 Enclave_Compile_CFlags := -nostdinc -ffreestanding -fvisibility=hidden -fpie \
 			 $(Enclave_Include_Paths)
 Enclave_Compile_CXXFlags := -nostdinc++ -std=c++03 $(Enclave_Compile_CFlags)
+
+# To generate a proper enclave, it is recommended to follow below guideline to link the trusted libraries:
+#    1. Link sgx_trts with the `--whole-archive' and `--no-whole-archive' options,
+#       so that the whole content of trts is included in the enclave.
+#    2. For other libraries, you just need to pull the required symbols.
+#       Use `--start-group' and `--end-group' to link these libraries.
+# Do NOT move the libraries linked with `--start-group' and `--end-group' within `--whole-archive' and `--no-whole-archive' options. 
+# Otherwise, you may get some undesirable errors.
 Enclave_Link_Flags := -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \
 	-Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
 	-Wl,--start-group -lsgx_tstdc -lsgx_tstdcxx -l$(Crypto_Library_Name) -l$(Service_Library_Name) -Wl,--end-group \
@@ -154,7 +162,7 @@ all: $(App_Name) $(Enclave_Name)
 	@echo "Please sign the $(Enclave_Name) first with your signing key before you run the $(App_Name) to launch and access the enclave."
 	@echo "To sign the enclave use the command:"
 	@echo "   $(SGX_ENCLAVE_SIGNER) sign -key <your key> -enclave $(Enclave_Name) -out <$(Signed_Enclave_Name)> -config $(Enclave_Config_File)"
-	@echo "You can also sign the enclave using an external signing tool. See User's Guide for more details."
+	@echo "You can also sign the enclave using an external signing tool."
 	@echo "To build the project in simulation mode set SGX_MODE=SIM. To build the project in prerelease mode set SGX_PRERELEASE=1 and SGX_MODE=HW."
 else
 all: $(App_Name) $(Signed_Enclave_Name)

SampleCode/RemoteAttestation/Makefile

@@ -65,6 +65,9 @@ else
         SGX_COMMON_CFLAGS += -O2
 endif
 
+ifeq ($(SUPPLIED_KEY_DERIVATION), 1)
+        SGX_COMMON_CFLAGS += -DSUPPLIED_KEY_DERIVATION
+endif
 ######## App Settings ########
 
 ifneq ($(SGX_MODE), HW)
@@ -130,6 +133,14 @@ Enclave_Include_Paths := -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX
 
 Enclave_C_Flags := $(SGX_COMMON_CFLAGS) -nostdinc -fvisibility=hidden -fpie -fstack-protector $(Enclave_Include_Paths)
 Enclave_Cpp_Flags := $(Enclave_C_Flags) -std=c++03 -nostdinc++
+
+# To generate a proper enclave, it is recommended to follow below guideline to link the trusted libraries:
+#    1. Link sgx_trts with the `--whole-archive' and `--no-whole-archive' options,
+#       so that the whole content of trts is included in the enclave.
+#    2. For other libraries, you just need to pull the required symbols.
+#       Use `--start-group' and `--end-group' to link these libraries.
+# Do NOT move the libraries linked with `--start-group' and `--end-group' within `--whole-archive' and `--no-whole-archive' options.
+# Otherwise, you may get some undesirable errors.
 Enclave_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \
 	-Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
 	-Wl,--start-group -lsgx_tstdc -lsgx_tstdcxx -lsgx_tkey_exchange -l$(Crypto_Library_Name) -l$(Service_Library_Name) -Wl,--end-group \
@@ -161,7 +172,7 @@ all: libservice_provider.so $(App_Name) $(Enclave_Name)
 	@echo "Please sign the $(Enclave_Name) first with your signing key before you run the $(App_Name) to launch and access the enclave."
 	@echo "To sign the enclave use the command:"
 	@echo "   $(SGX_ENCLAVE_SIGNER) sign -key <your key> -enclave $(Enclave_Name) -out <$(Signed_Enclave_Name)> -config $(Enclave_Config_File)"
-	@echo "You can also sign the enclave using an external signing tool. See User's Guide for more details."
+	@echo "You can also sign the enclave using an external signing tool."
 	@echo "To build the project in simulation mode set SGX_MODE=SIM. To build the project in prerelease mode set SGX_PRERELEASE=1 and SGX_MODE=HW."
 else
 all: libservice_provider.so $(App_Name) $(Signed_Enclave_Name)

SampleCode/RemoteAttestation/isv_app/isv_app.cpp

@@ -29,10 +29,14 @@
  *
  */
 
+// This sample is confined to the communication between a SGX client platform
+// and an ISV Application Server. 
+
 
 
 #include <stdio.h>
 #include <limits.h>
+#include <unistd.h>
 // Needed for definition of remote attestation messages.
 #include "remote_attestation_result.h"
 
@@ -48,6 +52,9 @@
 // Needed to create enclave and do ecall.
 #include "sgx_urts.h"
 
+// Needed to query extended epid group id.
+#include "sgx_uae_service.h"
+
 #include "service_provider.h"
 
 #ifndef SAFE_FREE
@@ -116,6 +123,10 @@ void PRINT_ATTESTATION_SERVICE_RESPONSE(
         fprintf(file, "MSG2 spid - ");
         PRINT_BYTE_ARRAY(file, &(p_msg2_body->spid), sizeof(p_msg2_body->spid));
 
+        fprintf(file, "MSG2 quote_type : %hx\n", p_msg2_body->quote_type);
+
+        fprintf(file, "MSG2 kdf_id : %hx\n", p_msg2_body->kdf_id);
+
         fprintf(file, "MSG2 sign_gb_ga - ");
         PRINT_BYTE_ARRAY(file, &(p_msg2_body->sign_gb_ga),
                          sizeof(p_msg2_body->sign_gb_ga));
@@ -154,19 +165,21 @@ void PRINT_ATTESTATION_SERVICE_RESPONSE(
 
 // This sample code doesn't have any recovery/retry mechanisms for the remote
 // attestation. Since the enclave can be lost due S3 transitions, apps
-// susceptible to S3 transtions should have logic to restart attestation in
-// these scenenarios.
+// susceptible to S3 transitions should have logic to restart attestation in
+// these scenarios.
 #define _T(x) x
 int main(int argc, char* argv[])
 {
     int ret = 0;
+    ra_samp_request_header_t *p_msg0_full = NULL;
+    ra_samp_response_header_t *p_msg0_resp_full = NULL;
     ra_samp_request_header_t *p_msg1_full = NULL;
     ra_samp_response_header_t *p_msg2_full = NULL;
     sgx_ra_msg3_t *p_msg3 = NULL;
     ra_samp_response_header_t* p_att_result_msg_full = NULL;
     sgx_enclave_id_t enclave_id = 0;
     int enclave_lost_retry_time = 1;
-    int busy_retry_time = 2;
+    int busy_retry_time = 4;
     sgx_ra_context_t context = INT_MAX;
     sgx_status_t status = SGX_SUCCESS;
     ra_samp_request_header_t* p_msg3_full = NULL;
@@ -204,7 +217,54 @@ int main(int argc, char* argv[])
         }
     }
 
-    // Remote attestaton will be initiated the ISV server challenges the ISV
+    // Preparation for remote attestation by configuring extended epid group id.
+    {
+        uint32_t extended_epid_group_id = 0;
+        ret = sgx_get_extended_epid_group_id(&extended_epid_group_id);
+        if (SGX_SUCCESS != ret)
+        {
+            ret = -1;
+            fprintf(OUTPUT, "\nError, call sgx_get_extended_epid_group_id fail [%s].",
+                __FUNCTION__);
+            return ret;
+        }
+        fprintf(OUTPUT, "\nCall sgx_get_extended_epid_group_id success.");
+
+        p_msg0_full = (ra_samp_request_header_t*)
+            malloc(sizeof(ra_samp_request_header_t)
+            +sizeof(uint32_t));
+        if (NULL == p_msg0_full)
+        {
+            ret = -1;
+            goto CLEANUP;
+        }
+        p_msg0_full->type = TYPE_RA_MSG0;
+        p_msg0_full->size = sizeof(uint32_t);
+
+        *(uint32_t*)((uint8_t*)p_msg0_full + sizeof(ra_samp_request_header_t)) = extended_epid_group_id;
+        {
+
+            fprintf(OUTPUT, "\nMSG0 body generated -\n");
+
+            PRINT_BYTE_ARRAY(OUTPUT, p_msg0_full->body, p_msg0_full->size);
+
+        }
+        // The ISV application sends msg0 to the SP.
+        // The ISV decides whether to support this extended epid group id.
+        fprintf(OUTPUT, "\nSending msg0 to remote attestation service provider.\n");
+
+        ret = ra_network_send_receive("http://SampleServiceProvider.intel.com/",
+            p_msg0_full,
+            &p_msg0_resp_full);
+        if (ret != 0)
+        {
+            fprintf(OUTPUT, "\nError, ra_network_send_receive for msg0 failed "
+                "[%s].", __FUNCTION__);
+            goto CLEANUP;
+        }
+        fprintf(OUTPUT, "\nSent MSG0 to remote attestation service.\n");
+    }
+    // Remote attestation will be initiated the ISV server challenges the ISV
     // app or if the ISV app detects it doesn't have the credentials
     // (shared secret) from a previous attestation required for secure
     // communication with the server.
@@ -225,7 +285,7 @@ int main(int argc, char* argv[])
                 ret = -1;
                 fprintf(OUTPUT, "\nError, call sgx_create_enclave fail [%s].",
                         __FUNCTION__);
-                return ret;
+                goto CLEANUP;
             }
             fprintf(OUTPUT, "\nCall sgx_create_enclave success.");
 
@@ -261,6 +321,7 @@ int main(int argc, char* argv[])
             ret = sgx_ra_get_msg1(context, enclave_id, sgx_ra_get_ga,
                                   (sgx_ra_msg1_t*)((uint8_t*)p_msg1_full
                                   + sizeof(ra_samp_request_header_t)));
+            sleep(3); // Wait 3s between retries
         } while (SGX_ERROR_BUSY == ret && busy_retry_time--);
         if(SGX_SUCCESS != ret)
         {
@@ -566,7 +627,9 @@ int main(int argc, char* argv[])
 
         bool attestation_passed = true;
         // Check the attestation result for pass or fail.
-        // @TODO:  Check the status.  This is ISV defined.
+        // Whether attestation passes or fails is a decision made by the ISV Server.
+        // When the ISV server decides to trust the enclave, then it will return success.
+        // When the ISV server decided to not trust the enclave, then it will return failure.
         if(0 != p_att_result_msg_full->status[0]
            || 0 != p_att_result_msg_full->status[1])
         {
@@ -575,13 +638,20 @@ int main(int argc, char* argv[])
             attestation_passed = false;
         }
 
-        // the SGX blob analysis API. The ISV will take action based on the
-        // update_info. (upgrade PSW or uCode), the second param should be 1 if
-        // the attestation failed, otherwise should be 0.
+        // The attestation result message should contain a field for the Platform
+        // Info Blob (PIB).  The PIB is returned by attestation server in the attestation report.
+        // It is not returned in all cases, but when it is, the ISV app
+        // should pass it to the blob analysis API called sgx_report_attestation_status()
+        // along with the trust decision from the ISV server.
+        // The ISV application will take action based on the update_info.
+        // returned in update_info by the API.  
+        // This call is stubbed out for the sample.
+        // 
         // sgx_update_info_bit_t update_info;
         // ret = sgx_report_attestation_status(
         //     &p_att_result_msg_body->platform_info_blob,
         //     attestation_passed ? 0 : 1, &update_info);
+
         // Get the shared secret sent by the server using SK (if attestation
         // passed)
         if(attestation_passed)
@@ -630,13 +700,15 @@ CLEANUP:
     sgx_destroy_enclave(enclave_id);
 
 
+    ra_free_network_response_buffer(p_msg0_resp_full);
     ra_free_network_response_buffer(p_msg2_full);
     ra_free_network_response_buffer(p_att_result_msg_full);
 
-    // p_msg3 is malloc'd by the untrused KE library. App needs to free.
+    // p_msg3 is malloc'd by the untrusted KE library. App needs to free.
     SAFE_FREE(p_msg3);
     SAFE_FREE(p_msg3_full);
     SAFE_FREE(p_msg1_full);
+    SAFE_FREE(p_msg0_full);
     printf("\nEnter a character before exit ...\n");
     getchar();
     return ret;

SampleCode/RemoteAttestation/isv_enclave/isv_enclave.cpp

@@ -30,7 +30,7 @@
  */
 
 
-
+#include <assert.h>
 #include "isv_enclave_t.h"
 #include "sgx_tkey_exchange.h"
 #include "sgx_tcrypto.h"
@@ -69,6 +69,134 @@ static const sgx_ec256_public_t g_sp_pub_key = {
 uint8_t g_secret[8] = {0};
 
 
+#ifdef SUPPLIED_KEY_DERIVATION
+
+#pragma message ("Supplied key derivation function is used.")
+
+typedef struct _hash_buffer_t
+{
+    uint8_t counter[4];
+    sgx_ec256_dh_shared_t shared_secret;
+    uint8_t algorithm_id[4];
+} hash_buffer_t;
+
+const char ID_U[] = "SGXRAENCLAVE";
+const char ID_V[] = "SGXRASERVER";
+
+// Derive two keys from shared key and key id.
+bool derive_key(
+    const sgx_ec256_dh_shared_t *p_shared_key,
+    uint8_t key_id,
+    sgx_ec_key_128bit_t *first_derived_key,
+    sgx_ec_key_128bit_t *second_derived_key)
+{
+    sgx_status_t sgx_ret = SGX_SUCCESS;
+    hash_buffer_t hash_buffer;
+    sgx_sha_state_handle_t sha_context;
+    sgx_sha256_hash_t key_material;
+
+    memset(&hash_buffer, 0, sizeof(hash_buffer_t));
+    /* counter in big endian  */
+    hash_buffer.counter[3] = key_id;
+
+    /*convert from little endian to big endian */
+    for (size_t i = 0; i < sizeof(sgx_ec256_dh_shared_t); i++)
+    {
+        hash_buffer.shared_secret.s[i] = p_shared_key->s[sizeof(p_shared_key->s)-1 - i];
+    }
+
+    sgx_ret = sgx_sha256_init(&sha_context);
+    if (sgx_ret != SGX_SUCCESS)
+    {
+        return false;
+    }
+    sgx_ret = sgx_sha256_update((uint8_t*)&hash_buffer, sizeof(hash_buffer_t), sha_context);
+    if (sgx_ret != SGX_SUCCESS)
+    {
+        sgx_sha256_close(sha_context);
+        return false;
+    }
+    sgx_ret = sgx_sha256_update((uint8_t*)&ID_U, sizeof(ID_U), sha_context);
+    if (sgx_ret != SGX_SUCCESS)
+    {
+        sgx_sha256_close(sha_context);
+        return false;
+    }
+    sgx_ret = sgx_sha256_update((uint8_t*)&ID_V, sizeof(ID_V), sha_context);
+    if (sgx_ret != SGX_SUCCESS)
+    {
+        sgx_sha256_close(sha_context);
+        return false;
+    }
+    sgx_ret = sgx_sha256_get_hash(sha_context, &key_material);
+    if (sgx_ret != SGX_SUCCESS)
+    {
+        sgx_sha256_close(sha_context);
+        return false;
+    }
+    sgx_ret = sgx_sha256_close(sha_context);
+
+    assert(sizeof(sgx_ec_key_128bit_t)* 2 == sizeof(sgx_sha256_hash_t));
+    memcpy(first_derived_key, &key_material, sizeof(sgx_ec_key_128bit_t));
+    memcpy(second_derived_key, (uint8_t*)&key_material + sizeof(sgx_ec_key_128bit_t), sizeof(sgx_ec_key_128bit_t));
+
+    // memset here can be optimized away by compiler, so please use memset_s on
+    // windows for production code and similar functions on other OSes.
+    memset(&key_material, 0, sizeof(sgx_sha256_hash_t));
+
+    return true;
+}
+
+//isv defined key derivation function id
+#define ISV_KDF_ID 2
+
+typedef enum _derive_key_type_t
+{
+    DERIVE_KEY_SMK_SK = 0,
+    DERIVE_KEY_MK_VK,
+} derive_key_type_t;
+
+sgx_status_t key_derivation(const sgx_ec256_dh_shared_t* shared_key,
+    uint16_t kdf_id,
+    sgx_ec_key_128bit_t* smk_key,
+    sgx_ec_key_128bit_t* sk_key,
+    sgx_ec_key_128bit_t* mk_key,
+    sgx_ec_key_128bit_t* vk_key)
+{
+    bool derive_ret = false;
+
+    if (NULL == shared_key)
+    {
+        return SGX_ERROR_INVALID_PARAMETER;
+    }
+
+    if (ISV_KDF_ID != kdf_id)
+    {
+        //fprintf(stderr, "\nError, key derivation id mismatch in [%s].", __FUNCTION__);
+        return SGX_ERROR_KDF_MISMATCH;
+    }
+
+    derive_ret = derive_key(shared_key, DERIVE_KEY_SMK_SK,
+        smk_key, sk_key);
+    if (derive_ret != true)
+    {
+        //fprintf(stderr, "\nError, derive key fail in [%s].", __FUNCTION__);
+        return SGX_ERROR_UNEXPECTED;
+    }
+
+    derive_ret = derive_key(shared_key, DERIVE_KEY_MK_VK,
+        mk_key, vk_key);
+    if (derive_ret != true)
+    {
+        //fprintf(stderr, "\nError, derive key fail in [%s].", __FUNCTION__);
+        return SGX_ERROR_UNEXPECTED;
+    }
+    return SGX_SUCCESS;
+}
+#else
+#pragma message ("Default key derivation function is used.")
+#endif
+
 // This ecall is a wrapper of sgx_ra_init to create the trusted
 // KE exchange key context needed for the remote attestation
 // SIGMA API's. Input pointers aren't checked since the trusted stubs
@@ -99,7 +227,11 @@ sgx_status_t enclave_init_ra(
         if (ret != SGX_SUCCESS)
             return ret;
     }
+#ifdef SUPPLIED_KEY_DERIVATION
+    ret = sgx_ra_init_ex(&g_sp_pub_key, b_pse, key_derivation, p_context);
+#else
     ret = sgx_ra_init(&g_sp_pub_key, b_pse, p_context);
+#endif
     if(b_pse)
     {
         sgx_close_pse_session();

SampleCode/RemoteAttestation/service_provider/ecp.cpp

@@ -74,6 +74,90 @@ bool verify_cmac128(
     return false;
 }
 
+
+#ifdef SUPPLIED_KEY_DERIVATION
+
+#pragma message ("Supplied key derivation function is used.")
+
+typedef struct _hash_buffer_t
+{
+    uint8_t counter[4];
+    sample_ec_dh_shared_t shared_secret;
+    uint8_t algorithm_id[4];
+} hash_buffer_t;
+
+const char ID_U[] = "SGXRAENCLAVE";
+const char ID_V[] = "SGXRASERVER";
+
+// Derive two keys from shared key and key id.
+bool derive_key(
+    const sample_ec_dh_shared_t *p_shared_key,
+    uint8_t key_id,
+    sample_ec_key_128bit_t *first_derived_key,
+    sample_ec_key_128bit_t *second_derived_key)
+{
+    sample_status_t sample_ret = SAMPLE_SUCCESS;
+    hash_buffer_t hash_buffer;
+    sample_sha_state_handle_t sha_context;
+    sample_sha256_hash_t key_material;
+    
+    memset(&hash_buffer, 0, sizeof(hash_buffer_t));
+
+    /* counter in big endian  */
+    hash_buffer.counter[3] = key_id;
+
+    /*convert from little endian to big endian */
+    for (size_t i = 0; i < sizeof(sample_ec_dh_shared_t) ; i++)
+    {
+        hash_buffer.shared_secret.s[i] = p_shared_key->s[sizeof(p_shared_key->s) - 1 - i];
+    }
+
+    sample_ret = sample_sha256_init(&sha_context);
+    if (sample_ret != SAMPLE_SUCCESS)
+    {
+        return false;
+    }
+    sample_ret = sample_sha256_update((uint8_t*)&hash_buffer, sizeof(hash_buffer_t), sha_context);
+    if (sample_ret != SAMPLE_SUCCESS)
+    {
+        sample_sha256_close(sha_context);
+        return false;
+    }
+    sample_ret = sample_sha256_update((uint8_t*)ID_U, sizeof(ID_U), sha_context);
+    if (sample_ret != SAMPLE_SUCCESS)
+    {
+        sample_sha256_close(sha_context);
+        return false;
+    }
+    sample_ret = sample_sha256_update((uint8_t*)ID_V, sizeof(ID_V), sha_context);
+    if (sample_ret != SAMPLE_SUCCESS)
+    {
+        sample_sha256_close(sha_context);
+        return false;
+    }
+    sample_ret = sample_sha256_get_hash(sha_context, &key_material);
+    if (sample_ret != SAMPLE_SUCCESS)
+    {
+        sample_sha256_close(sha_context);
+        return false;
+    }
+    sample_ret = sample_sha256_close(sha_context);
+
+    static_assert(sizeof(sample_ec_key_128bit_t)* 2 == sizeof(sample_sha256_hash_t), "structure size mismatch.");
+    memcpy(first_derived_key, &key_material, sizeof(sample_ec_key_128bit_t));
+    memcpy(second_derived_key, (uint8_t*)&key_material + sizeof(sample_ec_key_128bit_t), sizeof(sample_ec_key_128bit_t));
+
+    // memset here can be optimized away by compiler, so please use memset_s on
+    // windows for production code and similar functions on other OSes.
+    memset(&key_material, 0, sizeof(sample_sha256_hash_t));
+
+    return true;
+}
+
+#else
+
+#pragma message ("Default key derivation function is used.")
+
 #define EC_DERIVATION_BUFFER_SIZE(label_length) ((label_length) +4)
 
 const char str_SMK[] = "SMK";
@@ -170,3 +254,4 @@ bool derive_key(
     }
     return true;
 }
+#endif

SampleCode/RemoteAttestation/service_provider/ecp.h

@@ -38,10 +38,10 @@
 #include "remote_attestation_result.h"
 
 #ifndef SAMPLE_FEBITSIZE
-#define SAMPLE_FEBITSIZE     256
+    #define SAMPLE_FEBITSIZE                    256
 #endif
 
-#define SAMPLE_ECP_KEY_SIZE  (SAMPLE_FEBITSIZE/8)
+#define SAMPLE_ECP_KEY_SIZE                     (SAMPLE_FEBITSIZE/8)
 
 typedef struct sample_ec_priv_t
 {
@@ -70,6 +70,22 @@ errno_t memcpy_s(void *dest, size_t numberOfElements, const void *src,
                  size_t count);
 
 
+#ifdef SUPPLIED_KEY_DERIVATION
+
+typedef enum _sample_derive_key_type_t
+{
+    SAMPLE_DERIVE_KEY_SMK_SK = 0,
+    SAMPLE_DERIVE_KEY_MK_VK,
+} sample_derive_key_type_t;
+
+bool derive_key(
+    const sample_ec_dh_shared_t *p_shared_key,
+    uint8_t key_id,
+    sample_ec_key_128bit_t *first_derived_key,
+    sample_ec_key_128bit_t *second_derived_key);
+