/openenclave

SDK for developing enclaves

Primary LanguageCMIT LicenseMIT

Open Enclave SDK

Bors enabled Join the chat at https://gitter.im/openenclave/community

Integration Partners

Agnostic Cloud Provider

Build Status Build Status

Azure

Nightly Testing Status Build Status Nightly Libcxx Testing Status Build Status Packages Build Status

Introduction

The Open Enclave SDK is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves.

Open Enclave (OE) is an SDK for building enclave applications in C and C++. An enclave application partitions itself into two components:

  1. An untrusted component (called the host) and
  2. A trusted component (called the enclave).

An enclave is a protected memory region that provides confidentiality for data and code execution. It is an instance of a Trusted Execution Environment (TEE) which is usually secured by hardware, for example, Intel Software Guard Extensions (SGX).

This SDK aims to generalize the development of enclave applications across TEEs from different hardware vendors. The current implementation provides support for Intel SGX as well as preview support for OP-TEE OS on ARM TrustZone. As an open source project, this SDK also strives to provide a transparent solution that is agnostic to specific vendors, service providers and choice of operating systems.

Getting Started Using OE SDK

See the API documentation on openenclave.io

Binary packages can be downloaded from GitHub

Contributing to OE SDK

You'll find comprehensive documentation in the Contributor's Getting Started Guide.

The community documentation hosts lots of information on where to go to get engaged with the community, whether you want to contribute code, add test cases, help improve our documentation, or something else. If you're looking for information on how to join meetings or who to contact about what, you will find it there.

You don't necessarily need a hardware enclave to develop OE SDK; some tests and code paths can be executed in simulation mode for the purposes of testing on non-TEE-enabled hardware.


Licensing

This project is released under the MIT License.

Send Feedback

Send general questions, announcements, and discussion to the oesdk@lists.confidentialcomputing.io Mailing List.

To report a problem or suggest a new feature, file a GitHub issue.