All examples can be built and run in simulation mode within docker containers provided by the official repository.
To speed up daily development, the play.sh can be used to bootstrap a ready container for you, with a simple command
# this will mount ${PWD} into the /workspace directory within the container
./scripts/play.sh
- Pull in the official incubator-teaclave-sgx-sdk submodule
git submodule update --init
# as many as you want
mkdir build
cd build
# default is SIM mode. For hardware mode, use 'cmake -DCMAKE_BUILD_TYPE=Release ..'
cmake ..
make -j
# the hello-world example
make run-hello-world
The mitigration towards [email protected] is WIP
Project | Description |
---|---|
crypto | cryptographic primitives |
hello-world | hello-world example with app built with cargo build script |
hello-world-debug | hello-world example demonstrating sgx-gdb -based debugging and sgx_emmt -based memory measurement |
hello-world-i-dont-like | hello-world example |
https-client | a https client running within enclaves |
massive-stdio | test the maximum buffer size of arguments in ecalls/ocalls |
mini-ecdh | demonstrate how to do ECDH |
prost-based-protobuf | a demo of using protobuf implemented by the prost library |
tls-server | a TLS server running within enclaves |
- In the hardware mode, please employ the specific rust toolchain tagged by
nightly-2019-08-01
rustup install nightly-2019-08-01 rustup default nightly-2019-08-01
- For errors of pattern as follow, it's because dependencies bring
std
into theno_std
environment. As for how to address this, check apache/incubator-teaclave-sgx-sdk#31error: duplicate lang item in crate `sgx_tstd`: `f32_runtime`. | = note: first defined in crate `std`.
- When generating the trusted and untrusted bridges, projects would need to search rust-sgx-sdk/edl for extra edl files. We should keep the these edl synchronized to the version of rust-sgx-sdk in use.
libcompiler-rt-patch.a
is to address a potential bug, so it's optional.
git submodule deinit ${path-to-submodule}
git rm --cached ${path-to-submodule}
rm -rf ${path-to-submodule}