{"id":13640996,"url":"https://github.com/intel/intel-sgx-ssl","last_synced_at":"2025-04-20T07:31:31.916Z","repository":{"id":37412816,"uuid":"89530975","full_name":"intel/intel-sgx-ssl","owner":"intel","description":"Intel® Software Guard Extensions SSL","archived":false,"fork":false,"pushed_at":"2024-04-11T06:56:25.000Z","size":8105,"stargazers_count":219,"open_issues_count":13,"forks_count":73,"subscribers_count":25,"default_branch":"main","last_synced_at":"2024-04-13T22:57:39.325Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Assembly","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/intel.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"License.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2017-04-26T22:09:28.000Z","updated_at":"2024-06-12T03:40:15.879Z","dependencies_parsed_at":"2023-11-24T06:47:00.418Z","dependency_job_id":"eaa5cbd3-dfe9-4f76-a9bf-1631b0085b17","html_url":"https://github.com/intel/intel-sgx-ssl","commit_stats":null,"previous_names":[],"tags_count":60,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/intel%2Fintel-sgx-ssl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/intel%2Fintel-sgx-ssl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/intel%2Fintel-sgx-ssl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/intel%2Fintel-sgx-ssl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/intel","download_url":"https://codeload.github.com/intel/intel-sgx-ssl/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223821981,"owners_count":17208775,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T01:01:16.658Z","updated_at":"2025-04-20T07:31:31.902Z","avatar_url":"https://github.com/intel.png","language":"Assembly","readme":"[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/intel/intel-sgx-ssl/badge)](https://securityscorecards.dev/viewer/?uri=github.com/intel/intel-sgx-ssl)\n\nIntel® Software Guard Extensions SSL\n================================================\n\nIntroduction\n------------\nThe Intel® Software Guard Extensions SSL (Intel® SGX SSL) cryptographic library is intended to provide cryptographic services for Intel® Software Guard Extensions (SGX) enclave applications.\nThe Intel® SGX SSL cryptographic library is based on the underlying OpenSSL* Open Source project, providing a full-strength general purpose cryptography library.\n\nThis branch supports OpenSSL version 3.1.*, but works in 1.1.1 compatible mode. \n\nLicense\n-------\nSee [License.txt](License.txt) for details.\n\nDocumentation\n-------\n- For details on library architecture: [Architecture overview](Intel(R)%20Software%20Guard%20Extensions%20SSL%20Library%20Architecture.pdf)\n- For details on using the libraries, please refer to the:\n  * [Linux developer guide](Linux/package/docs/Intel(R)%20Software%20Guard%20Extensions%20SSL%20Library%20Linux%20Developer%20Guide.pdf)\n  * [Windows developer guide](Windows/package/docs/Intel(R)%20Software%20Guard%20Extensions%20SSL%20Library%20Windows%20Developer%20Guide.pdf)\n\n\nBuild Intel® SGX SSL package\n----------------------------\nWindows\n----------------------------\n### Prerequisites\n- Microsoft Visual Studio 2019\n- Perl\n- NASM (Netwide Assembler)\n- Intel(R) SGX Windows latest release, including SDK, PSW, and driver\n\n (Note: Perl, NASM need to be included in machine's PATH variable)\n\nTo build Intel® SGX SSL package in Windows OS:\n1. Download OpenSSL package into openssl_source/ directory. (tar.gz package, e.g. openssl-3.1.*.tar.gz)\n2. Download and install latest SGX SDK from [Intel Developer Zone](https://software.intel.com/en-us/sgx-sdk/download). You can find installation guide from the same website.\n3. Change the directory to the SGXSSL path and enter the following command:\n```\nbuild_all.cmd \u003cOPENSSL_VERSION\u003e [default == openssl-3.1.0]\n```\nThis will build the Intel® SGX SSL libraries (libsgx_tsgxssl.lib, libsgx_usgxssl.lib, libsgx_tsgxssl_crypto.lib), which can be found in package/lib/{Win32|X64}/{debug|release}/. And the version with CVE-2020-0551 Mitigation enabled can be found in package/lib/X64/{CVE-2020-0551-CF-Release|CVE-2020-0551-Load-Release}/.\n\nLinux\n----------------------------\n### Prerequisites\n- Perl\n- Toolchain with mitigation (refer to [SGX Linux README](https://github.com/intel/linux-sgx/blob/master/README.md))\n- Intel(R) SGX Linux latest release, including SDK, PSW, and driver\n\nTo build Intel® SGX SSL package in Linux OS:\n=======\n1. Download OpenSSL 3.1.* package into openssl_source/ directory. (tar.gz package, e.g. openssl-3.1.*.tar.gz)\n2. Download and install latest SGX SDK from [01.org](https://download.01.org/intel-sgx/latest/). You can find the installation guide in the same website.\n3. Source SGX SDK's environment variables.\n4. Cd to Linux/ directory and run:\n```\nmake all test\n```\nThis will build and test the Intel® SGX SSL libraries (libsgx_tsgxssl.a, libsgx_usgxssl.a, libsgx_tsgxssl_crypto.a), which can be found in package/lib64/. And the Intel® SGX SSL trusted libraries (libsgx_tsgxssl.lib,  libsgx_tsgxssl_crypto.lib) with CVE-2020-0551 Mitigation enabled can be found in package/lib64/{cve_2020_0551_cf|cve_2020_0551_load}/.\n\n### Available `make` flags:\n- DEBUG={1,0}: Libraries build mode, with debug symbols or without. Default ``0``.\n- NO_THREADS={1,0}: Enable ``no-threads`` in the OpenSSL's build configuration options. Default ``0``.\n- SGX_MODE={HW,SIM}: User can take ``SIM`` to run the unit test on non-SGX platform if necessary. Default ``HW``. \n- DESTDIR=\\\u003cPATH\\\u003e: Directory realpath to install Intel® SGX SSL libraries in. Default ``/opt/intel/sgxssl/``. \n- VERBOSE={1,0}: Makefile verbose mode. Print compilation commands before executing it. Default ``0``.\n- OSSL3ONLY={1,0}: USE only OpenSSL 3.x APIs, and legacy functions will not be valid. Default ``0``.\n\nTo install Intel® SGX SSL libraries in Linux OS, run:\n```\nmake all test\nsudo make install\n```\n\nNote for Version 3.*\n--------------------\nTo use the trusted cryptography library with SGX SSL/OpenSSL 3.*, it possibly needs to increase the value in the enclave signing configuration XML file:\n```\n...\n\u003cHeapMaxSize\u003e...\u003c/HeapMaxSize\u003e\n...\n```\n, especially for the enclave with multithreads. \n","funding_links":[],"categories":["Crypto","CRYPTO"],"sub_categories":["Library OSes and SDKs"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fintel%2Fintel-sgx-ssl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fintel%2Fintel-sgx-ssl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fintel%2Fintel-sgx-ssl/lists"}