b885fb5f1b
This code adds the ratelimit fingerprinting to the enclave itself. The overall idea is that the frontend will send the handshake with the enclave per usual then in the discovery request, call into this enclave function to get the fingerprint, do the redis work, then call into the usual enclave discovery look up. See the changes to the .edl file for the entrypoint from the frontend to the enclave. In order to decrypt messages from the client, this code gets access to the specific keys set up when the client negotiates with the enclave. That means we had to add a way to get the pending request information from the C-land's circular buffer without removing it (the server_call function does the removal later, and if its never called, the spot in buffer is overwritten). |
||
|---|---|---|
| .. | ||
| bearssl | ||
| cmockery.c | ||
| curve25519-donna-c64.c | ||
| sgx-tcrypto-stub.c | ||
| sgxsd-enclave-test.c | ||
| sgxsd-enclave.c | ||