try 3.2.0

.github/workflows/c-cpp.yml

@@ -18,7 +18,7 @@ jobs:
     - name: install SDK
       run: chmod +x *.bin; echo yes | ./sgx_linux_x64_sdk_2.*.bin
     - name: download OpenSSL code
-      run: wget https://www.openssl.org/source/openssl-3.0.12.tar.gz; mv openssl-3.*.gz openssl_source/
+      run: wget https://www.openssl.org/source/openssl-3.2.0.tar.gz; mv openssl-3.*.gz openssl_source/
     - name: build SGXSSL
       run: source sgxsdk/environment; cd Linux; make all; DEBUG=1 make all
     - name: run unit test in SIM

Linux/build_openssl.sh

@@ -37,7 +37,7 @@
 SGXSSL_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 echo $SGXSSL_ROOT
 
-OPENSSL_VERSION=`ls $SGXSSL_ROOT/../openssl_source/*3.0.*.tar.gz | head -1 | grep -o '[^/]*$' | sed -s -- 's/\.tar\.gz//'`
+OPENSSL_VERSION=`ls $SGXSSL_ROOT/../openssl_source/*3.2.*.tar.gz | head -1 | grep -o '[^/]*$' | sed -s -- 's/\.tar\.gz//'`
 if [ "$OPENSSL_VERSION" == "" ] 
 then
 	echo "In order to run this script, OpenSSL tar.gz package must be located in openssl_source/ directory."
@@ -139,7 +139,7 @@ cp sgx_config.conf $OPENSSL_VERSION/ || exit 1
 cp x86_64-xlate.pl $OPENSSL_VERSION/crypto/perlasm/ || exit 1
 
 cd $SGXSSL_ROOT/../openssl_source/$OPENSSL_VERSION || exit 1
-perl Configure --config=sgx_config.conf sgx-linux-x86_64 --with-rand-seed=none $ADDITIONAL_CONF $SPACE_OPT $MITIGATION_FLAGS no-idea no-mdc2 no-rc5 no-rc4 no-bf no-ec2m no-camellia no-cast no-srp no-async no-padlockeng no-dso no-shared no-ssl3 no-md2 no-md4 no-ui-console no-stdio no-afalgeng -D_FORTIFY_SOURCE=2 -DGETPID_IS_MEANINGLESS -include$SGXSSL_ROOT/../openssl_source/bypass_to_sgxssl.h || exit 1
+perl Configure --config=sgx_config.conf sgx-linux-x86_64 --with-rand-seed=none $ADDITIONAL_CONF $SPACE_OPT $MITIGATION_FLAGS no-idea no-mdc2 no-rc5 no-rc4 no-bf no-ec2m no-camellia no-cast no-srp no-async no-padlockeng no-dso no-shared no-ssl3 no-md2 no-md4 no-ui-console no-stdio no-afalgeng no-dgram no-thread-pool no-ts -D_FORTIFY_SOURCE=2 -DGETPID_IS_MEANINGLESS -include$SGXSSL_ROOT/../openssl_source/bypass_to_sgxssl.h || exit 1
 
 sed -i 's/ENGINE_set_default_RAND/dummy_ENGINE_set_default_RAND/' crypto/engine/tb_rand.c || exit 1
 sed -i 's/return RUN_ONCE(&locale_base, ossl_init_locale_base);/return 1;/' crypto/ctype.c || exit 1

Linux/sgx/libsgx_tsgxssl/ttime.cpp

@@ -123,4 +123,19 @@ void sgxssl_usleep(int micro_seconds)
 {
 	(void)micro_seconds;
 }
+
+unsigned int sgxssl_sleep(unsigned int seconds)
+{
+	(void)seconds;
+	return 0;
+}
+
+time_t sgxssl_mktime(struct tm *timestamp_tm)
+{
+	(void)timestamp_tm;
+	return 0;
+}
+
+time_t sgxssl_timezone = 0;
+
 }

Windows/build_package.cmd

@@ -94,9 +94,12 @@ call powershell -Command "tar xf %OPENSSL_VERSION%.tar.gz"
 REM Remove AESBS to support only AESNI and VPAES
 call powershell -Command "(get-content %OPENSSL_VERSION%\Configure) -replace ('BSAES_ASM','') | out-file %OPENSSL_VERSION%\Configure"
 
+call powershell -Command "(Get-Content -Path %OPENSSL_VERSION%\providers\implementations\rands\seeding\rand_win.c -Raw) -replace '(?s)(# ifdef USE_BCRYPTGENRANDOM).*?(# endif)', '' | Set-Content -Path temp.c"
+call powershell -Command "(Get-Content -Path temp.c -Raw) -replace '(?s)(# ifndef USE_BCRYPTGENRANDOM).*?(# endif)', '' | Set-Content -Path %OPENSSL_VERSION%\providers\implementations\rands\seeding\rand_win.c"
+
 copy /y  rand_lib.c %OPENSSL_VERSION%\crypto\rand\
 copy /y  sgx_config.conf %OPENSSL_VERSION%\
-copy /y x86_64-xlate.pl %OPENSSL_VERSION%\crypto\perlasm
+copy /y  x86_64-xlate.pl %OPENSSL_VERSION%\crypto\perlasm
 copy /y  threads_win.c %OPENSSL_VERSION%\crypto\
 
 
@@ -142,7 +145,7 @@ set ADDITIONAL_CONF=
 if "%OSSL3ONLY%"=="1" (
 	set ADDITIONAL_CONF=--api=3.0 no-deprecated
 )
-perl Configure --config=sgx_config.conf %OPENSSL_CFG_PLFM%  %CVE_2020_0551_MITIGATIONS% %ADDITIONAL_CONF% no-dtls no-idea no-mdc2 no-rc5 no-rc4 no-bf no-ec2m no-camellia no-cast no-srp no-padlockeng no-dso no-shared no-ui-console no-ssl3 no-md2 no-md4 no-stdio -FI"%SGXSSL_ROOT%\..\openssl_source\bypass_to_sgxssl.h" -D_NO_CRT_STDIO_INLINE -DOPENSSL_NO_SOCK -DOPENSSL_NO_DGRAM -DOPENSSL_NO_ASYNC -arch:IA32
+perl Configure --config=sgx_config.conf %OPENSSL_CFG_PLFM%  %CVE_2020_0551_MITIGATIONS% %ADDITIONAL_CONF% no-dtls no-idea no-mdc2 no-rc5 no-rc4 no-bf no-ec2m no-camellia no-cast no-srp no-padlockeng no-dso no-shared no-ui-console no-ssl3 no-md2 no-md4 no-stdio no-dgram no-thread-pool no-ts -FI"%SGXSSL_ROOT%\..\openssl_source\bypass_to_sgxssl.h" -D_NO_CRT_STDIO_INLINE -DOPENSSL_NO_SOCK -DOPENSSL_NO_DGRAM -DOPENSSL_NO_ASYNC 
 call powershell -Command "(Get-Content crypto\engine\tb_rand.c) |  Foreach-Object {$_ -replace 'ENGINE_set_default_RAND', 'dummy_ENGINE_set_default_RAND'} | Out-File crypto\engine\tb_rand.c"
 
 copy /y "%SGXSDKInstallPath%scripts\sgx-asm-pp.py" .

Windows/sgx/libsgx_tsgxssl/ttime.cpp

@@ -184,4 +184,12 @@ void sgxssl_sleep(int seconds)
 	return;
 }
 
+time_t sgxssl__mktime64(struct tm* timestamp_tm)
+{
+	(void)timestamp_tm;
+	return 0;
+}
+
+time_t sgxssl__timezone = 0;
+
 }

openssl_source/bypass_to_sgxssl.h

@@ -169,6 +169,8 @@
 #define _gmtime64_s    sgxssl__gmtime64_s
 #define _localtime64   sgxssl__localtime64
 #define _getsystime    sgxssl_getsystime
+#define _mktime64      sgxssl__mktime64
+#define __timezone     sgxssl__timezone
 
 /*windows.h*/
 #define Sleep sgxssl_sleep
@@ -250,6 +252,9 @@ char * sgxssl___builtin___strcpy_chk(char *dest, const char *src, unsigned int d
 #define gmtime sgxssl_gmtime
 #define gettimeofday sgxssl_gettimeofday
 #define usleep sgxssl_usleep
+#define sleep sgxssl_sleep
+#define mktime sgxssl_mktime
+#define timezone sgxssl_timezone
 
 //openssl 1.1.1 new APIs
 //