patchset: port to Rust SGX SDK (1.1.3)

Cargo.toml

@@ -11,11 +11,28 @@ categories = ["cryptography::cryptocurrencies", "encoding"]
 edition = "2018"
 
 
+# SGX: No test harness.
+autotests = false
+
+[lib]
+test = false
+doctest = false
+bench = false
+
+
 [dependencies]
-base-x = "0.2.8"
-ring = "0.16.18"
+base-x = { version = "0.2.8", default-features = false }
+ring = { version = "0.16.19", git = "https://github.com/mesalock-linux/ring-sgx" }
+
+sgx_tstd = { git = "https://github.com/apache/teaclave-sgx-sdk.git" }
 
 
 [dev-dependencies]
-hex = "0.4.2"
+hex = { version = "0.4.2", default-features = false, features = ["alloc"] }
 rand = "0.8.0"
+
+
+[patch.'https://github.com/apache/teaclave-sgx-sdk.git']
+sgx_libc = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk" }
+sgx_trts = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk" }
+sgx_tstd = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk" }

rust-toolchain.toml

@@ -0,0 +1,5 @@
+# https://rust-lang.github.io/rustup/overrides.html#the-toolchain-file
+[toolchain]
+# SGX: algonaut 0.3.0+ requires Rust 1.51, for min_const_generics:
+# https://github.com/rust-lang/rust/blob/master/RELEASES.md#version-1510-2021-03-25
+channel = "nightly-2021-03-25"

sgx-tests/.gitignore

@@ -0,0 +1,2 @@
+/build
+/keys

sgx-tests/Makefile

@@ -0,0 +1,50 @@
+# Dummy makefile, will call the host and enclave makefile when requested.
+
+SRC_U = app/
+SRC_T = enclave/
+
+# Compilation process, will call the appropriate makefiles.
+
+all: host enclave
+
+host:
+	@echo "\033[32mRequest to compile the host part...\033[0m"
+	@make -C $(SRC_U)
+
+enclave:
+	@echo "\033[32mRequest to compile the enclave part...\033[0m"
+	@make -C $(SRC_T)
+
+clean:
+	@make -C $(SRC_U) clean
+	@make -C $(SRC_T) clean
+
+fclean:
+	@make -C $(SRC_U) fclean
+	@make -C $(SRC_T) fclean
+
+clean_host:
+	@make -C $(SRC_U) clean
+
+clean_enclave:
+	@make -C $(SRC_T) clean
+
+fclean_host:
+	@make -C $(SRC_U) fclean
+
+fclean_enclave:
+	@make -C $(SRC_T) fclean
+
+re_host: fclean_host host
+
+re_enclave: fclean_enclave enclave
+
+re: fclean all
+
+# Dummy rules to let make know that those rules are not files.
+
+.PHONY: host enclave clean clean_host clean_enclave fclean_host fclean_enclave fclean re re_host re_enclave
+
+.PHONY: run
+run: all
+	@(cd build/bin && ./sgx-test-app)

sgx-tests/Makefile.toml

@@ -0,0 +1,8 @@
+[env]
+
+# https://github.com/sagiegurari/cargo-make#workspace-emulation
+CARGO_MAKE_WORKSPACE_EMULATION = true
+CARGO_MAKE_CRATE_WORKSPACE_MEMBERS = ["app", "enclave"]
+
+# https://github.com/sagiegurari/cargo-make#automatically-extend-workspace-makefile
+CARGO_MAKE_EXTEND_WORKSPACE_MAKEFILE = true

sgx-tests/README.md

@@ -0,0 +1,14 @@
+# SGX tests for ripple-address-codec
+
+## Prerequisites
+
+* [Rust SGX SDK](https://github.com/apache/incubator-teaclave-sgx-sdk)
+
+## Running the tests
+
+With the SDK configured, this should work:
+
+```
+make
+make run
+```

sgx-tests/app/.gitignore

@@ -0,0 +1 @@
+/target

sgx-tests/app/Cargo.toml

@@ -0,0 +1,13 @@
+[package]
+# name matches APP_U in Makefile
+name = "sgx-test-app"
+version = "0.1.0"
+edition = "2018"
+authors = ["Pi Delport <[email protected]>"]
+build = "build.rs"
+
+[dependencies]
+sgx_types = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk" }
+sgx_urts = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk" }
+
+[patch.'https://github.com/apache/teaclave-sgx-sdk.git']

sgx-tests/app/Makefile

@@ -0,0 +1,99 @@
+# Makefile settings - Host part
+
+LIB = ../build/lib/
+BIN = ../build/bin/
+# APP_U matches name in Cargo.toml
+APP_U = sgx-test-app
+APP_T = enclave.so
+NAME_U = libEnclave_u.a
+SRC_U = ./
+CODEGEN_U = $(SRC_U)/codegen/
+SRC_T = ../enclave/
+OBJ_U = ../build/obj/
+FLAGS = -Wall -Wextra
+GCC_STEP1_U = -I $(CODEGEN_U) -I./include -I$(SGX_SDK)/include -I$(CUSTOM_EDL_PATH) -fPIC -Wno-attributes $(SGX_COMMON_CFLAGS)
+FILES_U = Enclave_u.c
+FILES_U_H = Enclave_u.h
+SGX_ARCH = x64
+TRTS_LIB = sgx_trts
+SERVICE_LIB = sgx_tservice
+# Addprefix dependant variables, no need to change those
+OUTPUT_U = $(FILES_U:.c=.o)
+BIN_U = $(addprefix $(BIN), $(APP_U))
+NAME_U_D = $(addprefix $(LIB), $(NAME_U))
+FILES_U_F=$(addprefix $(CODEGEN_U), $(FILES_U))
+FILES_U_H_F=$(addprefix $(CODEGEN_U), $(FILES_U_H))
+OUTPUT_W_FU=$(addprefix $(OBJ_U), $(OUTPUT_U))
+
+# All Rust and other source files that the Cargo build depends on.
+FILES_RUST_F = Cargo.toml Cargo.lock build.rs $(shell find src -name '*.rs') $(CODEGEN_U)Enclave_u.rs
+
+# Contains compilation rules for the enclave part
+
+include ../buildenv.mk
+include ../buildenv_sgx.mk
+
+# Custom libraries, EDL paths. Needs to be specified with make (CUSTOM_EDL_PATH) (CUSTOM_COMMON_PATH)
+
+# Compilation process, we set up all the dependencies needed to have the correct order of build, and avoid relink
+
+all: $(BIN_U)
+
+$(FILES_U_F): $(SGX_EDGER8R) $(SRC_T)/Enclave.edl
+	@echo "\033[32mGenerating untrusted SGX C edl files...\033[0m"
+	@$(SGX_EDGER8R) --untrusted $(SRC_T)/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir $(CODEGEN_U)
+
+$(NAME_U_D): $(FILES_U_F) $(OUTPUT_W_FU)
+	@echo "\033[32mBuilding untrusted C edl static library...\033[0m"
+	@mkdir -p $(LIB)
+	@$(AR) rcsD $@ $(OUTPUT_W_FU)
+
+$(OBJ_U)%.o:$(CODEGEN_U)%.c
+	@mkdir -p $(OBJ_U)
+	@echo "\033[32m$?: Build in progress...\033[0m"
+	@$(CC) $(FLAGS) $(GCC_STEP1_U) -o $@ -c $?
+
+# We print the compilation mode we're in (hardware/software mode), just as a reminder.
+
+$(BIN_U): $(NAME_U_D) $(FILES_RUST_F) $(FILES_U_H_F)
+ifeq ($(SGX_MODE), SW)
+	@echo "\033[32mSoftware / Simulation mode\033[0m"
+else
+	@echo "\033[32mHardware mode\033[0m"
+endif
+	@echo "\033[32mStarting cargo to build the host...\033[0m"
+	@cd $(SRC_U) && SGX_SDK=$(SGX_SDK) cargo build --release
+	@echo "\033[32mCopying the host to the correct location... ($(BIN_U))\033[0m"
+	@mkdir -p $(BIN)
+	@cp $(SRC_U)/target/release/$(APP_U) $(BIN)
+
+$(CODEGEN_U)Enclave_u.rs: $(CODEGEN_U)Enclave_u.h
+	@echo "\033[32mGenerating Rust bindings: $@\033[0m"
+	@bindgen \
+		--no-recursive-allowlist \
+		--raw-line 'use sgx_types::*;' \
+		--allowlist-function run_tests_ecall \
+		--output $@ \
+		$? \
+		-- -I$(SGX_SDK)/include -I$(CUSTOM_EDL_PATH)
+
+clean: c_clean
+	@rm -rf $(OBJ_U)
+	@echo "\033[32mObject files deleted\033[0m"
+
+fclean: clean fclean_host
+
+fclean_host:
+	@echo "\033[32mBinary file $(BIN_U) deleted\033[0m"
+	@rm -f $(BIN_U)
+	@rm -f $(NAME_U_D)
+	@cargo clean
+
+c_clean:
+	@echo "\033[32mC edl generated files deleted\033[0m"
+	@rm -rf $(FILES_U_F)
+	@rm -rf $(FILES_U_H_F)
+
+re: fclean all
+
+.PHONY: all clean c_clean fclean re fclean_host

sgx-tests/app/build.rs

@@ -0,0 +1,19 @@
+use std::env;
+
+fn main() {
+    println!("cargo:rerun-if-env-changed=SGX_SDK");
+    println!("cargo:rerun-if-env-changed=SGX_MODE");
+
+    let sdk_dir = env::var("SGX_SDK").unwrap_or_else(|_| "/opt/sgxsdk".to_string());
+    let is_sim = env::var("SGX_MODE").unwrap_or_else(|_| "HW".to_string());
+
+    println!("cargo:rustc-link-search=native=../build/lib");
+    println!("cargo:rustc-link-lib=static=Enclave_u");
+
+    println!("cargo:rustc-link-search=native={}/lib64", sdk_dir);
+    match is_sim.as_ref() {
+        "SW" => println!("cargo:rustc-link-lib=dylib=sgx_urts_sim"),
+        "HW" => println!("cargo:rustc-link-lib=dylib=sgx_urts"),
+        _ => println!("cargo:rustc-link-lib=dylib=sgx_urts"), // Treat undefined as HW
+    }
+}