Skip to content
/ enclavlow Public

A Java flow analysis tool for SGX data sensitivity. This is my final year project.

5 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SOF3/enclavlow

BranchesTags

Repository files navigation

enclavlow

A Java flow analysis tool for SGX data sensitivity

Modules

  • util: Internal non-enclavlow-specific utilities
  • core: Core module for flow analysis
  • plugin: Gradle integration plugin
  • api: API to include from user code
  • doc-fig: Module for generating image assets used in docs

API

enclavlow-core

The analyzeMethod function returns a Contract Flow Graph (CFG) for a single method. The CFG detects whether the method is an ECall/OCall, and presents the information flow throughout the method.

Tests

To run the test cases in the enclavlow-core module, use the gradle task:

./gradlew core:test

This command requires the graphviz dot command to be in PATH.

For the sake of convenience, all test case classes are compiled together with the test runtime, and the test runtime classpath is used as the classpath for soot.

The test case classes are located in core/src/test/java, and the test case results are checked in core/src/test/kotlin.

The JUnit test results can be found in core/build/reports/test/test/index.html. For each testMethod test case, the final Local Flow Graphs that contribute to output contract graph are rendered by dot in the core/build/lfgOutput directory (see index.html). (Due to use of parallel tests, the order in index.html is highly inconsistent)

About

A Java flow analysis tool for SGX data sensitivity. This is my final year project.

Topics

flow-analysis sgx-data-sensitivity

Resources

Readme
Activity

Stars

5 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages