From 0fcac9f6e3ffd6c16c26da856b5115d557dcd68b Mon Sep 17 00:00:00 2001 From: Jing He Date: Thu, 25 Aug 2022 22:16:51 -0400 Subject: [PATCH 1/5] add openssl 1.1.1q as submodule Signed-off-by: Jing He --- .gitmodules | 3 +++ openssl | 1 + 2 files changed, 4 insertions(+) create mode 100644 .gitmodules create mode 160000 openssl diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 00000000..99cf445c --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "openssl"] + path = openssl + url = https://github.com/openssl/openssl.git diff --git a/openssl b/openssl new file mode 160000 index 00000000..29708a56 --- /dev/null +++ b/openssl @@ -0,0 +1 @@ +Subproject commit 29708a562a1887a91de0fa6ca668c71871accde9 From 4b0e38d4fba472c297a9e546b865305345f882ba Mon Sep 17 00:00:00 2001 From: Jing He Date: Thu, 25 Aug 2022 23:19:44 -0400 Subject: [PATCH 2/5] update build scripts and README Signed-off-by: Jing He --- Linux/build_openssl.sh | 10 ++-------- README.md | 12 +++++------- Windows/build_all.cmd | 14 +++----------- Windows/build_package.cmd | 5 ++--- 4 files changed, 12 insertions(+), 29 deletions(-) diff --git a/Linux/build_openssl.sh b/Linux/build_openssl.sh index 59648656..210ab61b 100755 --- a/Linux/build_openssl.sh +++ b/Linux/build_openssl.sh @@ -37,13 +37,7 @@ SGXSSL_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" echo $SGXSSL_ROOT -OPENSSL_VERSION=`ls $SGXSSL_ROOT/../openssl_source/*1.1.1q.tar.gz | head -1 | grep -o '[^/]*$' | sed -s -- 's/\.tar\.gz//'` -if [ "$OPENSSL_VERSION" == "" ] -then - echo "In order to run this script, OpenSSL 1.1.1q tar.gz package must be located in openssl_source/ directory." - exit 1 -fi -echo $OPENSSL_VERSION +OPENSSL_VERSION=openssl #Create required directories mkdir -p $SGXSSL_ROOT/package/include/openssl/ @@ -54,7 +48,7 @@ mkdir -p $SGXSSL_ROOT/package/lib64/ # build openssl modules, clean previous openssl dir if it exist cd $SGXSSL_ROOT/../openssl_source || exit 1 rm -rf $OPENSSL_VERSION -tar xvf $OPENSSL_VERSION.tar.gz || exit 1 +cp -r $SGXSSL_ROOT/../openssl . || exit 1 # Remove AESBS to support only AESNI and VPAES sed -i '/BSAES_ASM/d' $OPENSSL_VERSION/Configure diff --git a/README.md b/README.md index 9c0836d3..35574d5f 100644 --- a/README.md +++ b/README.md @@ -35,9 +35,8 @@ Windows (Note: Perl, NASM need to be included in machine's PATH variable) To build Intel® SGX SSL package in Windows OS: -1. Download OpenSSL package into openssl_source/ directory. (tar.gz package, e.g. openssl-1.1.1q.tar.gz) -2. Download and install latest SGX SDK from [Intel Developer Zone](https://software.intel.com/en-us/sgx-sdk/download). You can find installation guide from the same website. -3. Change the directory to the SGXSSL path and enter the following command: +1. Download and install latest SGX SDK from [Intel Developer Zone](https://software.intel.com/en-us/sgx-sdk/download). You can find installation guide from the same website. +2. Change the directory to the SGXSSL path and enter the following command: ``` build_all.cmd ``` @@ -51,10 +50,9 @@ Linux - Intel(R) SGX Linux latest release, including SDK, PSW, and driver To build Intel® SGX SSL package in Linux OS: -1. Download OpenSSL 1.1.1q package into openssl_source/ directory. (tar.gz package, e.g. openssl-1.1.1q.tar.gz) -2. Download and install latest SGX SDK from [01.org](https://01.org/intel-software-guard-extensions/downloads). You can find installation guide in the same website. -3. Source SGX SDK's environment variables. -4. Cd to Linux/ directory and run: +1. Download and install latest SGX SDK from [01.org](https://01.org/intel-software-guard-extensions/downloads). You can find installation guide in the same website. +2. Source SGX SDK's environment variables. +3. Cd to Linux/ directory and run: ``` make all test ``` diff --git a/Windows/build_all.cmd b/Windows/build_all.cmd index b1b67c5a..92ce46f3 100644 --- a/Windows/build_all.cmd +++ b/Windows/build_all.cmd @@ -32,11 +32,8 @@ Rem @echo off - -set SGXSSL_VERSION=1.9.100.%errorlevel% - REM Check if Prerequisites apps available -echo "Validating Prerequisites (Perl, NASM, OpenSSL source)" +echo "Validating Prerequisites (Perl, NASM)" perl -v > nul 2>&1 if %errorlevel% neq 0 ( echo "Build failed, can't find perl." @@ -48,12 +45,7 @@ if %errorlevel% neq 0 ( exit /b 1 ) -set OPENSSL_VERSION=openssl-1.1.1q - -if not exist ..\openssl_source\%OPENSSL_VERSION%.tar.gz ( - echo "Please download %OPENSSL_VERSION%.tar.gz and put at ..\openssl_source\" - exit /b 1 -) +set OPENSSL_VERSION=openssl for /f "tokens=2*" %%A in ('REG QUERY "HKLM\SOFTWARE\Intel\SGX_PSW" /v Version') DO ( for %%F in (%%B) do ( @@ -62,7 +54,7 @@ for /f "tokens=2*" %%A in ('REG QUERY "HKLM\SOFTWARE\Intel\SGX_PSW" /v Version') ) ) :break -set SGXSSL_VERSION=%PSW_VER%_%OPENSSL_VERSION:openssl-=% +set SGXSSL_VERSION=%PSW_VER%_%OPENSSL_VERSION%-1.1.1q echo "Building SGXSSL with: %OPENSSL_VERSION% %date% %time% to %SGXSSL_VERSION%" REM ********************************************************* diff --git a/Windows/build_package.cmd b/Windows/build_package.cmd index 92bd7292..c1088f36 100644 --- a/Windows/build_package.cmd +++ b/Windows/build_package.cmd @@ -39,7 +39,6 @@ set SGXSSL_SOLUTION=%SGXSSL_ROOT%\sgx\ set OPENSSL_VERSION=%2 set TEST_MODE=%4 set PROCESSOR_ARCHITECTURE=AMD64 -set WIN_SDK_VER=8.1 perl svn_revision.pl > sgx\libsgx_tsgxssl\tsgxssl_version.h set build_mode=%1 @@ -88,8 +87,8 @@ goto build_start cd %SGXSSL_ROOT%\..\openssl_source rmdir /s /q %OPENSSL_VERSION% - -call powershell -Command "tar xf %OPENSSL_VERSION%.tar.gz" +mkdir %OPENSSL_VERSION% +xcopy /Q /Y /S %SGXSSL_ROOT%\..\%OPENSSL_VERSION% %SGXSSL_ROOT%\..\openssl_source\%OPENSSL_VERSION% REM Remove AESBS to support only AESNI and VPAES call powershell -Command "(get-content %OPENSSL_VERSION%\Configure) -replace ('BSAES_ASM','') | out-file %OPENSSL_VERSION%\Configure" From f196c3c3a3bb894a85334c87a0536a75170bebbc Mon Sep 17 00:00:00 2001 From: Jing He Date: Thu, 25 Aug 2022 23:36:56 -0400 Subject: [PATCH 3/5] fix Signed-off-by: Jing He --- Windows/build_package.cmd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Windows/build_package.cmd b/Windows/build_package.cmd index c1088f36..0396ae25 100644 --- a/Windows/build_package.cmd +++ b/Windows/build_package.cmd @@ -88,7 +88,7 @@ goto build_start cd %SGXSSL_ROOT%\..\openssl_source rmdir /s /q %OPENSSL_VERSION% mkdir %OPENSSL_VERSION% -xcopy /Q /Y /S %SGXSSL_ROOT%\..\%OPENSSL_VERSION% %SGXSSL_ROOT%\..\openssl_source\%OPENSSL_VERSION% +xcopy /Q /Y /S %SGXSSL_ROOT%\..\%OPENSSL_VERSION% %OPENSSL_VERSION% REM Remove AESBS to support only AESNI and VPAES call powershell -Command "(get-content %OPENSSL_VERSION%\Configure) -replace ('BSAES_ASM','') | out-file %OPENSSL_VERSION%\Configure" From f3f434206a89e77d4adfe272d3ee2584f0372915 Mon Sep 17 00:00:00 2001 From: Jing He Date: Fri, 26 Aug 2022 01:35:05 -0400 Subject: [PATCH 4/5] align to SDK build Signed-off-by: Jing He --- Linux/sgx/libsgx_tsgxssl/Makefile | 2 +- Linux/sgx/libsgx_usgxssl/Makefile | 2 +- Linux/sgx/test_app/sgx_t.mk | 2 +- Linux/sgx/test_app/sgx_u.mk | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Linux/sgx/libsgx_tsgxssl/Makefile b/Linux/sgx/libsgx_tsgxssl/Makefile index f9d29ca4..02ccaa6f 100644 --- a/Linux/sgx/libsgx_tsgxssl/Makefile +++ b/Linux/sgx/libsgx_tsgxssl/Makefile @@ -46,7 +46,7 @@ ifeq ($(SGX_ARCH), x86) else SGX_COMMON_CFLAGS := -m64 -Wall ifeq ($(LINUX_SGX_BUILD), 1) - include ../../../../../buildenv.mk + include ../../../../../../../buildenv.mk SGX_EDGER8R := $(BUILD_DIR)/sgx_edger8r SGX_SDK_INC := $(COMMON_DIR)/inc LIBCXX_INC := $(LINUX_SDK_DIR)/tlibcxx/include diff --git a/Linux/sgx/libsgx_usgxssl/Makefile b/Linux/sgx/libsgx_usgxssl/Makefile index b469f23d..a6cf799f 100644 --- a/Linux/sgx/libsgx_usgxssl/Makefile +++ b/Linux/sgx/libsgx_usgxssl/Makefile @@ -45,7 +45,7 @@ ifeq ($(SGX_ARCH), x86) else SGX_COMMON_CFLAGS := -m64 -Wall ifeq ($(LINUX_SGX_BUILD), 1) - include ../../../../../buildenv.mk + include ../../../../../../../buildenv.mk SGX_EDGER8R := $(BUILD_DIR)/sgx_edger8r SGX_SDK_INC := $(COMMON_DIR)/inc else ifeq ($(LINUX_SGX_BUILD), 2) diff --git a/Linux/sgx/test_app/sgx_t.mk b/Linux/sgx/test_app/sgx_t.mk index ae775ed0..2b85236c 100644 --- a/Linux/sgx/test_app/sgx_t.mk +++ b/Linux/sgx/test_app/sgx_t.mk @@ -47,7 +47,7 @@ ifeq ($(SGX_ARCH), x86) else SGX_COMMON_CFLAGS := -m64 -Wall ifeq ($(LINUX_SGX_BUILD), 1) - include ../../../../../buildenv.mk + include ../../../../../../../buildenv.mk SGX_LIBRARY_PATH := $(BUILD_DIR) SGX_ENCLAVE_SIGNER := $(BUILD_DIR)/sgx_sign SGX_EDGER8R := $(BUILD_DIR)/sgx_edger8r diff --git a/Linux/sgx/test_app/sgx_u.mk b/Linux/sgx/test_app/sgx_u.mk index 135eb07b..2767400c 100644 --- a/Linux/sgx/test_app/sgx_u.mk +++ b/Linux/sgx/test_app/sgx_u.mk @@ -47,7 +47,7 @@ ifeq ($(SGX_ARCH), x86) else SGX_COMMON_CFLAGS := -m64 -Wall ifeq ($(LINUX_SGX_BUILD), 1) - include ../../../../../buildenv.mk + include ../../../../../../../buildenv.mk SGX_LIBRARY_PATH := $(BUILD_DIR) SGX_EDGER8R := $(BUILD_DIR)/sgx_edger8r SGX_SDK_INC := $(COMMON_DIR)/inc From 2c699a01db0feed7fc99e8153760fe3c6e90e612 Mon Sep 17 00:00:00 2001 From: jinghe-INTC Date: Fri, 26 Aug 2022 16:18:46 +0800 Subject: [PATCH 5/5] Update README.md --- README.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 35574d5f..aab2d822 100644 --- a/README.md +++ b/README.md @@ -35,8 +35,9 @@ Windows (Note: Perl, NASM need to be included in machine's PATH variable) To build Intel® SGX SSL package in Windows OS: -1. Download and install latest SGX SDK from [Intel Developer Zone](https://software.intel.com/en-us/sgx-sdk/download). You can find installation guide from the same website. -2. Change the directory to the SGXSSL path and enter the following command: +1. Download the source code and prepare the submodule +2. Download and install latest SGX SDK from [Intel Developer Zone](https://software.intel.com/en-us/sgx-sdk/download). You can find installation guide from the same website. +3. Change the directory to the SGXSSL path and enter the following command: ``` build_all.cmd ``` @@ -50,9 +51,10 @@ Linux - Intel(R) SGX Linux latest release, including SDK, PSW, and driver To build Intel® SGX SSL package in Linux OS: -1. Download and install latest SGX SDK from [01.org](https://01.org/intel-software-guard-extensions/downloads). You can find installation guide in the same website. -2. Source SGX SDK's environment variables. -3. Cd to Linux/ directory and run: +1. Download the source code and prepare the submodule +2. Download and install latest SGX SDK from [01.org](https://01.org/intel-software-guard-extensions/downloads). You can find installation guide in the same website. +3. Source SGX SDK's environment variables. +4. Cd to Linux/ directory and run: ``` make all test ```