diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 00000000..99cf445c --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "openssl"] + path = openssl + url = https://github.com/openssl/openssl.git diff --git a/Linux/build_openssl.sh b/Linux/build_openssl.sh index 59648656..210ab61b 100755 --- a/Linux/build_openssl.sh +++ b/Linux/build_openssl.sh @@ -37,13 +37,7 @@ SGXSSL_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" echo $SGXSSL_ROOT -OPENSSL_VERSION=`ls $SGXSSL_ROOT/../openssl_source/*1.1.1q.tar.gz | head -1 | grep -o '[^/]*$' | sed -s -- 's/\.tar\.gz//'` -if [ "$OPENSSL_VERSION" == "" ] -then - echo "In order to run this script, OpenSSL 1.1.1q tar.gz package must be located in openssl_source/ directory." - exit 1 -fi -echo $OPENSSL_VERSION +OPENSSL_VERSION=openssl #Create required directories mkdir -p $SGXSSL_ROOT/package/include/openssl/ @@ -54,7 +48,7 @@ mkdir -p $SGXSSL_ROOT/package/lib64/ # build openssl modules, clean previous openssl dir if it exist cd $SGXSSL_ROOT/../openssl_source || exit 1 rm -rf $OPENSSL_VERSION -tar xvf $OPENSSL_VERSION.tar.gz || exit 1 +cp -r $SGXSSL_ROOT/../openssl . || exit 1 # Remove AESBS to support only AESNI and VPAES sed -i '/BSAES_ASM/d' $OPENSSL_VERSION/Configure diff --git a/Linux/sgx/libsgx_tsgxssl/Makefile b/Linux/sgx/libsgx_tsgxssl/Makefile index f9d29ca4..02ccaa6f 100644 --- a/Linux/sgx/libsgx_tsgxssl/Makefile +++ b/Linux/sgx/libsgx_tsgxssl/Makefile @@ -46,7 +46,7 @@ ifeq ($(SGX_ARCH), x86) else SGX_COMMON_CFLAGS := -m64 -Wall ifeq ($(LINUX_SGX_BUILD), 1) - include ../../../../../buildenv.mk + include ../../../../../../../buildenv.mk SGX_EDGER8R := $(BUILD_DIR)/sgx_edger8r SGX_SDK_INC := $(COMMON_DIR)/inc LIBCXX_INC := $(LINUX_SDK_DIR)/tlibcxx/include diff --git a/Linux/sgx/libsgx_usgxssl/Makefile b/Linux/sgx/libsgx_usgxssl/Makefile index b469f23d..a6cf799f 100644 --- a/Linux/sgx/libsgx_usgxssl/Makefile +++ b/Linux/sgx/libsgx_usgxssl/Makefile @@ -45,7 +45,7 @@ ifeq ($(SGX_ARCH), x86) else SGX_COMMON_CFLAGS := -m64 -Wall ifeq ($(LINUX_SGX_BUILD), 1) - include ../../../../../buildenv.mk + include ../../../../../../../buildenv.mk SGX_EDGER8R := $(BUILD_DIR)/sgx_edger8r SGX_SDK_INC := $(COMMON_DIR)/inc else ifeq ($(LINUX_SGX_BUILD), 2) diff --git a/Linux/sgx/test_app/sgx_t.mk b/Linux/sgx/test_app/sgx_t.mk index ae775ed0..2b85236c 100644 --- a/Linux/sgx/test_app/sgx_t.mk +++ b/Linux/sgx/test_app/sgx_t.mk @@ -47,7 +47,7 @@ ifeq ($(SGX_ARCH), x86) else SGX_COMMON_CFLAGS := -m64 -Wall ifeq ($(LINUX_SGX_BUILD), 1) - include ../../../../../buildenv.mk + include ../../../../../../../buildenv.mk SGX_LIBRARY_PATH := $(BUILD_DIR) SGX_ENCLAVE_SIGNER := $(BUILD_DIR)/sgx_sign SGX_EDGER8R := $(BUILD_DIR)/sgx_edger8r diff --git a/Linux/sgx/test_app/sgx_u.mk b/Linux/sgx/test_app/sgx_u.mk index 135eb07b..2767400c 100644 --- a/Linux/sgx/test_app/sgx_u.mk +++ b/Linux/sgx/test_app/sgx_u.mk @@ -47,7 +47,7 @@ ifeq ($(SGX_ARCH), x86) else SGX_COMMON_CFLAGS := -m64 -Wall ifeq ($(LINUX_SGX_BUILD), 1) - include ../../../../../buildenv.mk + include ../../../../../../../buildenv.mk SGX_LIBRARY_PATH := $(BUILD_DIR) SGX_EDGER8R := $(BUILD_DIR)/sgx_edger8r SGX_SDK_INC := $(COMMON_DIR)/inc diff --git a/README.md b/README.md index 9c0836d3..aab2d822 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ Windows (Note: Perl, NASM need to be included in machine's PATH variable) To build IntelĀ® SGX SSL package in Windows OS: -1. Download OpenSSL package into openssl_source/ directory. (tar.gz package, e.g. openssl-1.1.1q.tar.gz) +1. Download the source code and prepare the submodule 2. Download and install latest SGX SDK from [Intel Developer Zone](https://software.intel.com/en-us/sgx-sdk/download). You can find installation guide from the same website. 3. Change the directory to the SGXSSL path and enter the following command: ``` @@ -51,7 +51,7 @@ Linux - Intel(R) SGX Linux latest release, including SDK, PSW, and driver To build IntelĀ® SGX SSL package in Linux OS: -1. Download OpenSSL 1.1.1q package into openssl_source/ directory. (tar.gz package, e.g. openssl-1.1.1q.tar.gz) +1. Download the source code and prepare the submodule 2. Download and install latest SGX SDK from [01.org](https://01.org/intel-software-guard-extensions/downloads). You can find installation guide in the same website. 3. Source SGX SDK's environment variables. 4. Cd to Linux/ directory and run: diff --git a/Windows/build_all.cmd b/Windows/build_all.cmd index b1b67c5a..92ce46f3 100644 --- a/Windows/build_all.cmd +++ b/Windows/build_all.cmd @@ -32,11 +32,8 @@ Rem @echo off - -set SGXSSL_VERSION=1.9.100.%errorlevel% - REM Check if Prerequisites apps available -echo "Validating Prerequisites (Perl, NASM, OpenSSL source)" +echo "Validating Prerequisites (Perl, NASM)" perl -v > nul 2>&1 if %errorlevel% neq 0 ( echo "Build failed, can't find perl." @@ -48,12 +45,7 @@ if %errorlevel% neq 0 ( exit /b 1 ) -set OPENSSL_VERSION=openssl-1.1.1q - -if not exist ..\openssl_source\%OPENSSL_VERSION%.tar.gz ( - echo "Please download %OPENSSL_VERSION%.tar.gz and put at ..\openssl_source\" - exit /b 1 -) +set OPENSSL_VERSION=openssl for /f "tokens=2*" %%A in ('REG QUERY "HKLM\SOFTWARE\Intel\SGX_PSW" /v Version') DO ( for %%F in (%%B) do ( @@ -62,7 +54,7 @@ for /f "tokens=2*" %%A in ('REG QUERY "HKLM\SOFTWARE\Intel\SGX_PSW" /v Version') ) ) :break -set SGXSSL_VERSION=%PSW_VER%_%OPENSSL_VERSION:openssl-=% +set SGXSSL_VERSION=%PSW_VER%_%OPENSSL_VERSION%-1.1.1q echo "Building SGXSSL with: %OPENSSL_VERSION% %date% %time% to %SGXSSL_VERSION%" REM ********************************************************* diff --git a/Windows/build_package.cmd b/Windows/build_package.cmd index 92bd7292..0396ae25 100644 --- a/Windows/build_package.cmd +++ b/Windows/build_package.cmd @@ -39,7 +39,6 @@ set SGXSSL_SOLUTION=%SGXSSL_ROOT%\sgx\ set OPENSSL_VERSION=%2 set TEST_MODE=%4 set PROCESSOR_ARCHITECTURE=AMD64 -set WIN_SDK_VER=8.1 perl svn_revision.pl > sgx\libsgx_tsgxssl\tsgxssl_version.h set build_mode=%1 @@ -88,8 +87,8 @@ goto build_start cd %SGXSSL_ROOT%\..\openssl_source rmdir /s /q %OPENSSL_VERSION% - -call powershell -Command "tar xf %OPENSSL_VERSION%.tar.gz" +mkdir %OPENSSL_VERSION% +xcopy /Q /Y /S %SGXSSL_ROOT%\..\%OPENSSL_VERSION% %OPENSSL_VERSION% REM Remove AESBS to support only AESNI and VPAES call powershell -Command "(get-content %OPENSSL_VERSION%\Configure) -replace ('BSAES_ASM','') | out-file %OPENSSL_VERSION%\Configure" diff --git a/openssl b/openssl new file mode 160000 index 00000000..29708a56 --- /dev/null +++ b/openssl @@ -0,0 +1 @@ +Subproject commit 29708a562a1887a91de0fa6ca668c71871accde9