Skip to content

Commit 6098af1

Browse files
committed
Add Readme for PCL code sample
Signed-off-by: Yu Ding <[email protected]>
1 parent 9d4fa0f commit 6098af1

File tree

1 file changed

+39
-0
lines changed

1 file changed

+39
-0
lines changed

samplecode/pcl/Readme.md

+39
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,41 @@
11
# Protected Code Launch Sample
22

3+
This code sample shows how to use PCL in Rust-SGX.
4+
5+
`pcl-user` contains logic of the user side, who wants to load encrypted enclave on a remote SGX-enabled machine.
6+
7+
`encrypted-hello` is the code user wants to protect. It is encrypted during building process. The encryption key is dynamically generated.
8+
9+
`pcl-seal` is a remote SGX app. It contains a sealing enclave which is in charge of storing the encryption key and provide it to the PCL API.
10+
11+
## Build and Run
12+
13+
To build, just type `make` and everything should be fine.
14+
15+
To run, please put your IAS registration files (client.key, client.crt and spid.txt) in under `pcl_seal/bin/`. Then
16+
17+
```
18+
$ cd pcl-seal/bin
19+
$ ./app
20+
```
21+
22+
In another terminal, start the pcl-user app:
23+
24+
```
25+
$ cd pcl-user
26+
$ cargo run
27+
```
28+
29+
Next you'll see `pcl-seal` starts getting a report from Intel and establishes a RA-based TLS channel with `pcl-user` and gets sealed key provisioned and stored in `SgxFile`. At last, `pcl-seal` will launch the `encrypted-hello` enclave and finally print the hello message.
30+
31+
```
32+
Entering get_sealed_pcl_key
33+
SgxFs read success: 68F6DEF27C33F248864A74D9607EA6B3
34+
get_sealed_pcl_key 040002000000...(suppressed)
35+
[+] Home dir is /root
36+
[-] Open token file /root/payload.token error! Will create one.
37+
[+] Init Enclave Successful 3!
38+
This is a normal world string passed into Enclave!
39+
This is a in-Enclave Rust string!
40+
[+] Done!
41+
```

0 commit comments

Comments
 (0)