About enc_wolfSSL_CTX_load_verify_buffer?

[zhq0918]

I tested the project sgx-ra-tls/deps/wolfssl-examples/SGX_Linux, I want use the function which name enc_wolfSSL_CTX_load_verify_buffer, its return value is -150,i checkd the info is: ASN date error, current date before.The same method I test wolfSSL_CTX_load_verify_buffer outer enclave , it reurn ssl_success,why?

[kaleb-himes]

@zhq0918,

This is because the time being returned by the system is somehow incorrect. The way wolfSSL gets the time is with current_time:

trusted.c

/* NOTE: This is not the system function "current_time", this is a function that will be available
 * inside the enclave and has no access to the external system API "current_time" */
double current_time(void)
{
    double curr;
    ocall_current_time(&curr);
    return curr;
}

.edl mapping:

/* prototype the untrusted out call */ 
void ocall_current_time([out] double* time);

untrusted-application.c

/* The untrusted application is compiled/run outside the enclave and has access to the
 * system level API "current_time", set the value in the pointer curr passed from inside the enclave
 * to the value of system current_time
 */
void ocall_current_time(double* time)
{
    if(!time) return;
    *time = current_time();
    return;
}

If this is failing then the system current_time function must be returning a bad time. Can you print it out in App.c and see what was returned?

Warm Regards,

K