linux-sgx | Intel SGX for Linux* | Infrastructure Automation library

 by   intel C++ Version: sgx_2.19 License: Non-SPDX

kandi X-RAY | linux-sgx Summary

kandi X-RAY | linux-sgx Summary

linux-sgx is a C++ library typically used in Devops, Infrastructure Automation applications. linux-sgx has no bugs, it has no vulnerabilities and it has medium support. However linux-sgx has a Non-SPDX License. You can download it from GitHub.

Intel Software Guard Extensions (Intel SGX) is an Intel technology for application developers seeking to protect select code and data from disclosure or modification. The Linux\* Intel SGX software stack is comprised of the Intel SGX driver, the Intel SGX SDK, and the Intel SGX Platform Software (PSW). The Intel SGX SDK and Intel SGX PSW are hosted in the [linux-sgx] project. The [SGXDataCenterAttestationPrimitives] project maintains an out-of-tree driver for the Linux\* Intel SGX software stack, which will be used until the driver upstreaming process is complete. It is used on the platforms with Flexible Launch Control and Intel AES New Instructions support and could support both Elliptic Curve Digital Signature algorithm (ECDSA) based attestation and Enhanced Privacy Identification (EPID) based attestation. Note: Ice Lake Xeon-SP (and the future Xeon-SP platforms) doesn’t support EPID attestation. The [linux-sgx-driver] project hosts the other out-of-tree driver for the Linux\* Intel SGX software stack, which will be used until the driver upstreaming process is complete. It is used to support Enhanced Privacy Identification (EPID) based attestation on the platforms without Flexible Launch Control. The [intel-device-plugins-for-kubernetes] project enables users to run container applications running Intel SGX enclaves in Kubernetes clusters. It also gives instructions how to set up ECDSA based attestation in a cluster. The [intel-sgx-ssl] project provides a full-strength general purpose cryptography library for Intel SGX enclave applications. It is based on the underlying OpenSSL* Open Source project. Intel SGX provides a build combination to build out a SGXSSL based SDK as [below] #build-the-intelr-sgx-sdk-and-intelr-sgx-sdk-installer). Users could also utilize this cryptography library in SGX enclave applications seperately. This repository provides a reference implementation of a Launch Enclave for Flexible Launch Control under [psw/ae/ref_le] psw/ae/ref_le). The reference LE implementation can be used as a basis for enforcing different launch control policy by the platform developer or owner. To build and try it by yourself, please refer to the [ref_le.md] psw/ae/ref_le/ref_le.md) for details.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              linux-sgx has a medium active ecosystem.
              It has 1148 star(s) with 508 fork(s). There are 95 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 240 open issues and 400 have been closed. On average issues are closed in 134 days. There are 21 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of linux-sgx is sgx_2.19

            kandi-Quality Quality

              linux-sgx has 0 bugs and 0 code smells.

            kandi-Security Security

              linux-sgx has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              linux-sgx code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              linux-sgx has a Non-SPDX License.
              Non-SPDX licenses can be open source with a non SPDX compliant license, or non open source licenses, and you need to review them closely before use.

            kandi-Reuse Reuse

              linux-sgx releases are available to install and integrate.
              Installation instructions are not available. Examples and code snippets are available.
              It has 11516 lines of code, 510 functions and 261 files.
              It has medium code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
            Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of linux-sgx
            Get all kandi verified functions for this library.

            linux-sgx Key Features

            No Key Features are available at this moment for linux-sgx.

            linux-sgx Examples and Code Snippets

            No Code Snippets are available at this moment for linux-sgx.

            Community Discussions

            QUESTION

            SGX Local Attestation sample returning 0x3002 in simulator
            Asked 2019-Jul-01 at 18:48

            I cannot for the life of me get the LocalAttestation sample to run correctly on a fresh Linux install, following the instructions successfully. Given this is being built in simulation mode, I would have thought there were no additional dependencies?

            I modified the demo to provide extra output, and this line returns 3002 SGX_ERROR_INVALID_ATTRIBUTE:

            ...

            ANSWER

            Answered 2018-Sep-24 at 15:22

            Turns out this was an issue with the sample code. By initializing the launch_token zeroed out, everything works as expected:

            Source https://stackoverflow.com/questions/52482129

            QUESTION

            How to convert char array to string
            Asked 2018-May-17 at 07:11
            char n[12];
            sgx_read_rand(reinterpret_cast(&n),
                            sizeof(n));
            mbedtls_printf("ENCLAVE: Salt for the password: %llu\n", *(char *)n);
            string salt(n);
            mbedtls_printf("ENCLAVE: Salt for the password: %s\n", salt.c_str());
            
            ...

            ANSWER

            Answered 2018-May-17 at 07:11

            First of all, yes it's possible to convert it to a string. But you have to understand the types you're using.

            Source https://stackoverflow.com/questions/50381540

            QUESTION

            SGX Enclave: Where the actual function that does the procession goes and how it gets compiled
            Asked 2017-Nov-04 at 16:20

            After reading lots of documentation i did the first simple enclave function:

            ...

            ANSWER

            Answered 2017-Nov-04 at 07:10

            Dimitris first check if you have compatible hardware from this list https://github.com/ayeks/SGX-hardware

            Then try to clone an run this repo https://github.com/digawp/hello-enclave

            That will help you understand how it works

            Source https://stackoverflow.com/questions/47105794

            QUESTION

            Local attestation with Intel SGX
            Asked 2017-Jan-24 at 08:52

            I'm trying to perform a local attestation between two enclaves created from two different applications.

            The provided sample code for Linux here creates 3 different enclaves and then establishes secure connections between them. But those enclaves have all been created by the same application which therefore is aware of all enclave IDs.

            If two different applications are creating there own enclave which should communicate with one another, how would the source enclave get to know the ID of the destination enclave? Would that ID have to be transmitted from one application to the enclave on a "general" way (IPC)?

            I've tried some simple test by starting a destination enclave and printing its ID: "26ce00000002"

            Then I used this ID in the local attestation example to try to connect to this running destination enclave:

            ...

            ANSWER

            Answered 2017-Jan-24 at 08:52

            We do not need a secure connection to exchange the enclave id's. The Application can store the enclave id in a registry or on the disc along with the enclave names which can be retrieved by corresponding application to obtain the id of the required enclave. Then the application initiates a session between the source enclave and the destination enclave by doing an ECALL into the source enclave, passing in the enclave id of the destination enclave. Upon receiving the enclave id of the destination enclave, the source enclave does an OCALL into the core untrusted code which then does an ECALL into the destination enclave to exchange the messages required to establish a session using ECDH Key Exchange protocol.

            Source https://stackoverflow.com/questions/41520253

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install linux-sgx

            You can download it from GitHub.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries

            Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Infrastructure Automation Libraries

            terraform

            by hashicorp

            salt

            by saltstack

            pulumi

            by pulumi

            terraformer

            by GoogleCloudPlatform

            Try Top Libraries by intel

            hyperscan

            by intelC++

            acat

            by intelC#

            haxm

            by intelC

            appframework

            by intelCSS

            pcm

            by intelC++