1 Reply by chaudhryfaisal

(5 replies, posted in wolfSSL)

Issue with Building wolfCrypt in SGX Enclave using WOLFSSL_AESNI 

Hi everyone, 

I'm trying to test wolfCrypt inside an SGX enclave but am running into build issues when enabling the WOLFSSL_AESNI option. 

Local Modifications 

Changes in wolfssl_v5.7.6-stable  

diff --git a/IDE/LINUX-SGX/sgx_t_static.mk b/IDE/LINUX-SGX/sgx_t_static.mk
index 1941bae..3059f7d 100644
--- a/IDE/LINUX-SGX/sgx_t_static.mk
+++ b/IDE/LINUX-SGX/sgx_t_static.mk
@@ -44,7 +44,7 @@ endif
 
 Crypto_Library_Name := sgx_tcrypto
 
-Wolfssl_C_Extra_Flags := -DWOLFSSL_SGX
+Wolfssl_C_Extra_Flags := -DWOLFSSL_SGX -DUSE_INTEL_SPEEDUP -DWOLFSSL_AESNI -maes -I/usr/lib/gcc/x86_64-redhat-linux/8/include

 

Changes in wolfssl_examples  

diff --git a/SGX_Linux/sgx_t.mk b/SGX_Linux/sgx_t.mk
index 7153aa3..016aba1 100644
--- a/SGX_Linux/sgx_t.mk
+++ b/SGX_Linux/sgx_t.mk
@@ -40,7 +40,7 @@ endif
 Crypto_Library_Name := sgx_tcrypto

-Wolfssl_C_Extra_Flags := -DWOLFSSL_SGX
+Wolfssl_C_Extra_Flags := -DWOLFSSL_SGX -DUSE_INTEL_SPEEDUP -DWOLFSSL_AESNI -maes -I/usr/lib/gcc/x86_64-redhat-linux/8/include

...

diff --git a/SGX_Linux/sgx_u.mk b/SGX_Linux/sgx_u.mk
index b5792f1..cb0cdc8 100644
--- a/SGX_Linux/sgx_u.mk
+++ b/SGX_Linux/sgx_u.mk
@@ -38,7 +38,7 @@ else
        Urts_Library_Name := sgx_urts
 endif

-Wolfssl_C_Extra_Flags := -DWOLFSSL_SGX
+Wolfssl_C_Extra_Flags := -DWOLFSSL_SGX -DUSE_INTEL_SPEEDUP -DWOLFSSL_AESNI -maes -I/usr/lib/gcc/x86_64-redhat-linux/8/include

 

Error During Build 

When running make all, I get the following error:  

wolfssl_v5.7.6-stable/wolfssl/wolfcrypt/settings.h:349:6: warning: #warning "No configuration for wolfSSL detected, check header order" [-Wcpp]
     #warning "No configuration for wolfSSL detected, check header order"
      ^~~~~~~

 

And later:  

make -ef sgx_t.mk all
make[3]: Entering directory 'wolfssl_examples/SGX_Linux'
GEN  =>  trusted/Wolfssl_Enclave_t.c
In file included from wolfssl_v5.7.6-stable/wolfssl/ssl.h:33,
                 from trusted/Wolfssl_Enclave_t.h:9,
                 from trusted/Wolfssl_Enclave_t.c:1:
wolfssl_v5.7.6-stable/wolfssl/wolfcrypt/settings.h:349:6: warning: #warning "No configuration for wolfSSL detected, check header order" [-Wcpp]
     #warning "No configuration for wolfSSL detected, check header order"
      ^~~~~~~
CC   <=  trusted/Wolfssl_Enclave_t.c
cc -Wno-implicit-function-declaration -std=c99 -m64 -O2 -nostdinc -fvisibility=hidden -fpie -fstack-protector -IInclude -Itrusted -Iwolfssl_v5.7.6-stable/ -Iwolfssl_v5.7.6-stable/wolfcrypt/ -I/opt/intel/sgxsdk/include -I/opt/intel/sgxsdk/include/tlibc -I/opt/intel/sgxsdk/include/stlport-fno-builtin -fno-builtin-printf -I. -DWOLFSSL_SGX -DUSE_INTEL_SPEEDUP -DWOLFSSL_AESNI -maes -I/usr/lib/gcc/x86_64-redhat-linux/8/include -c trusted/Wolfssl_Enclave.c -o trusted/Wolfssl_Enclave.o
In file included from wolfssl_v5.7.6-stable/wolfssl/ssl.h:33,
                 from trusted/Wolfssl_Enclave_t.h:9,
                 from trusted/Wolfssl_Enclave.c:25:
wolfssl_v5.7.6-stable/wolfssl/wolfcrypt/settings.h:349:6: warning: #warning "No configuration for wolfSSL detected, check header order" [-Wcpp]
     #warning "No configuration for wolfSSL detected, check header order"
      ^~~~~~~
CC  <=  trusted/Wolfssl_Enclave.c
-m64 -O2 -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L/opt/intel/sgxsdk/lib64 -Lwolfssl_v5.7.6-stable/IDE/LINUX-SGX -lwolfssl.sgx.static.lib -Wl,--whole-archive -lsgx_trts_sim -Wl,--no-whole-archive -Wl,--start-group -lsgx_tstdc -lsgx_tstdc -lsgx_tcrypto -lsgx_tservice_sim -Wl,--end-group -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined -Wl,-pie,-eenclave_entry -Wl,--export-dynamic -Wl,--defsym,__ImageBase=0 -Wl,--version-script=trusted/Wolfssl_Enclave.lds@
wolfssl_v5.7.6-stable/IDE/LINUX-SGX/libwolfssl.sgx.static.lib.a(aes.o): In function `AES_set_encrypt_key_AESNI':
aes.c:(.text+0xcc): undefined reference to `AES_128_Key_Expansion_AESNI'
aes.c:(.text+0xe4): undefined reference to `AES_256_Key_Expansion_AESNI'
aes.c:(.text+0x104): undefined reference to `AES_192_Key_Expansion_AESNI'
wolfssl_v5.7.6-stable/IDE/LINUX-SGX/libwolfssl.sgx.static.lib.a(aes.o): In function `wc_AesEncrypt':
aes.c:(.text+0x33d): undefined reference to `AES_ECB_encrypt_AESNI'
aes.c:(.text+0x377): undefined reference to `AES_ECB_encrypt_AESNI'
wolfssl_v5.7.6-stable/IDE/LINUX-SGX/libwolfssl.sgx.static.lib.a(aes.o): In function `wc_AesSetKeyLocal.constprop.4':
aes.c:(.text+0x1789): undefined reference to `cpuid_get_flags'
wolfssl_v5.7.6-stable/IDE/LINUX-SGX/libwolfssl.sgx.static.lib.a(aes.o): In function `wc_AesCbcEncrypt':
aes.c:(.text+0x1d60): undefined reference to `AES_CBC_encrypt_AESNI'
aes.c:(.text+0x1de3): undefined reference to `AES_CBC_encrypt_AESNI'
wolfssl_v5.7.6-stable/IDE/LINUX-SGX/libwolfssl.sgx.static.lib.a(aes.o): In function `wc_AesCbcDecrypt':
aes.c:(.text+0x1f28): undefined reference to `AES_ECB_decrypt_AESNI'
aes.c:(.text+0x2df5): undefined reference to `AES_CBC_decrypt_AESNI_by8'
wolfssl_v5.7.6-stable/IDE/LINUX-SGX/libwolfssl.sgx.static.lib.a(aes.o): In function `wc_AesGcmEncrypt':
aes.c:(.text+0x376d): undefined reference to `AES_GCM_encrypt_avx1'
aes.c:(.text+0x379f): undefined reference to `AES_GCM_encrypt_avx2'
aes.c:(.text+0x37f7): undefined reference to `AES_GCM_encrypt_aesni'
wolfssl_v5.7.6-stable/IDE/LINUX-SGX/libwolfssl.sgx.static.lib.a(aes.o): In function `wc_AesGcmDecrypt':
aes.c:(.text+0x3c8f): undefined reference to `AES_GCM_decrypt_avx1'
aes.c:(.text+0x3cf0): undefined reference to `AES_GCM_decrypt_avx2'
aes.c:(.text+0x3d53): undefined reference to `AES_GCM_decrypt_aesni'
collect2: error: ld returned 1 exit status

 

Reproducing the Issue 

You can reproduce this issue using my Docker setup: 
GitHub Repository 

Would appreciate any help on resolving this! Thanks.

Go to forum: wolfSSL