Skip to content

Examples

From the Management Panel, you can download the Solidshield Examples archive. Once downloaded, unpack the zip archive into a folder, follow the setup instructions and you are ready to protect and run the examples.

Setup

The archive contains the following directory structure:

├── config      # file to setup connection detail
├── bin/        # contains sldcmd binary
├── input/      # contains input programs
├── libs/       # run-time dependencies for Systemic SGX
├── output/     # will contain protected samples
├── projects/   # contains .ssp protection project files
├── protect/    # contains scripts to trigger protection
├── run/        # contains scripts to run protected samples
├── sources/    # contains source code of some example

Before running the protection examples, you need to edit the config file, to match the connection detail with your environment. An example config file should start with:

# connection detail
serverHost=localhost
serverPort=9090

Make sure you set the right serverHost, username and password as your local protection server. They are the same URL and credential you use to access the management panel and to start Solidstudio.

Protecting and running examples

To protect a sample you have to run the corresponding file inside the protect directory, with .sh extension, e.g. on Linux:

~/Solid_Examples$ protect/elf64_systemic.sh

After the protection, you can run the protected version by executing the corresponding .sh in the run directory, e.g.:

~/Solid_Examples$ run/elf64_systemic.sh

Examples detail

Examples name Description
elf64_systemic Example of Linux Solidshield Systemic and metadata extraction.
elf64_systemic_sgx Example of Linux Solidshield Systemic SGX and metadata extraction.

ELF Systemic

This sample shows two features:

  • Basic workflow of Solidshield Systemic: providing SLD_SYSTEMIC_VERIFY_KEY environment variable, the executable will verify its signature, decrypt itself and start, while it won't start otherwise.
  • How to read embedded metadata: by passing the SLD_MD_KEY environment variable, the program will decrypt and print the data and then terminate the process.
To check embedded metadata, run providing environment variable SLD_MD_KEY
Solidshield v8.8.0.0, protection on 2019-04-24 15:38:23
Input file MD5: b112cac99906a711d6bc49e3ca5ae5b2

Original shared object dependencies
    linux-vdso.so.1 =>  (0x00007fff429ad000)
    libc.so.6 => /lib/libc.so.6 (0x00007f38e3260000)
    /lib64/ld-linux-x86-64.so.2 (0x00007f38e35f6000)

Custom metadata:
Dear Solidshield,
this protected version was made for your eyes only.

ELF Systemic SGX

This sample shows two features:

  • Basic workflow of Solidshield Systemic SGX: no need to provide SLD_SYSTEMIC_VERIFY_KEY environment variable, since keys are provisioned securely into the enclave. The SGX enclave will verify the signature, decrypt the binary and start.
  • How to read embedded metadata: by passing the SLD_MD_KEY environment variable, the program will decrypt and print the data and then terminate the process.
To check embedded metadata, run providing environment variable SLD_MD_KEY
Solidshield v8.8.0.0, protection on 2019-04-24 15:38:23
Input file MD5: b112cac99906a711d6bc49e3ca5ae5b2

Original shared object dependencies
    linux-vdso.so.1 =>  (0x00007fff429ad000)
    libc.so.6 => /lib/libc.so.6 (0x00007f38e3260000)
    /lib64/ld-linux-x86-64.so.2 (0x00007f38e35f6000)

Custom metadata:
Dear Solidshield,
this protected version was made for your eyes only.
Last update: 2021-08-10