ego

module
Version: v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 16, 2022 License: MPL-2.0

README

EGo

EGo logo

GitHub Actions Status GitHub license Go Report Card PkgGoDev Discord Chat

EGo is a framework for building confidential apps in Go. Confidential apps run in always-encrypted and verifiable enclaves on Intel SGX-enabled hardware. EGo simplifies enclave development by providing two user-friendly tools:

  • ego-go, an adapted Go compiler that builds enclave-compatible executables from a given Go project - while providing the same CLI as the original Go compiler.
  • ego, a CLI tool that handles all enclave-related tasks such as signing and enclave creation.

Building and running a confidential Go app is as easy as:

ego-go build hello.go
ego sign hello
ego run hello

Install

Install the snap

The easiest way to install EGo is via the snap:

sudo snap install ego-dev --classic

You also need gcc and libcrypto. On Ubuntu install them with:

sudo apt install build-essential libssl-dev
Install the DEB package

If you're on Ubuntu 18.04 or above, you can install the DEB package:

wget -qO- https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add
sudo add-apt-repository "deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu `lsb_release -cs` main"
wget https://github.com/edgelesssys/ego/releases/download/v0.5.0/ego_0.5.0_amd64.deb
sudo apt install ./ego_0.5.0_amd64.deb build-essential libssl-dev
Build from source

Prerequisite: Edgeless RT is installed and sourced.

mkdir build
cd build
cmake ..
make
make install
Build via Docker

You can reproducibly build the latest release:

cd dockerfiles
DOCKER_BUILDKIT=1 docker build -o. - < Dockerfile.build

Or the latest master:

cd dockerfiles
DOCKER_BUILDKIT=1 docker build --build-arg egotag=master --build-arg erttag=master -o. - < Dockerfile.build

This outputs the DEB package.

Optionally build the ego-dev and ego-deploy images:

docker build --target dev -t ghcr.io/edgelesssys/ego-dev -f Dockerfile.release .
docker build --target deploy -t ghcr.io/edgelesssys/ego-deploy -f Dockerfile.release .

Getting started

Now you're ready to build applications with EGo! To start, check out the following samples:

  • helloworld is a minimal example of an enclave application.
  • remote_attestation shows how to use the basic remote attestation API of EGo.
  • attested_tls is similar to the above, but uses a higher level API to establish an attested TLS connection.
  • vault demonstrates how to port a Go application exemplified by Hashicorp Vault.
  • wasmer shows how to run WebAssembly inside EGo using Wasmer.
  • embedded_file shows how to embed files into an EGo enclave.
  • reproducible_build builds the helloworld sample reproducibly, resulting in the same UniqueID.
  • cgo demonstrates the experimental cgo support.
  • azure_attestation shows how to use Microsoft Azure Attestation for remote attestation.

Documentation

  • The EGo documentation covers building, signing, running, and debugging confidential apps.
  • The EGo API provides access to remote attestation and sealing to your confidential app at runtime.

Community & help

  • For user help, questions or queries about EGo please file an issue.
  • If you see an error message or run into an issue, please make sure to create a bug report.
  • Get the latest news and announcements on Twitter, LinkedIn or sign up for our monthly newsletter.
  • Visit our blog for technical deep-dives and tutorials.

Contribute

Directories

Path Synopsis
Package attestation provides attestation data structures.
Package attestation provides attestation data structures.
Package eclient provides functionality for Go programs that interact with enclave programs.
Package eclient provides functionality for Go programs that interact with enclave programs.
Package ecrypto provides convenience functions for cryptography inside an enclave.
Package ecrypto provides convenience functions for cryptography inside an enclave.
Package enclave provides functionality for Go enclaves like remote attestation and sealing.
Package enclave provides functionality for Go enclaves like remote attestation and sealing.
Package marble provides commonly used functionalities for Marblerun Marbles.
Package marble provides commonly used functionalities for Marblerun Marbles.
internal

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL