v1.0.4 release

Signed-off-by: Yu Ding <dingelish@gmail.com>

Author: dingelish

Readme.md

@@ -3,7 +3,8 @@ Rust SGX SDK helps developers write Intel SGX applications in Rust programming l
 
 To achieve better security, we recommend developers to apply [Non-bypassable Security Paradigm (NbSP)](https://github.com/baidu/rust-sgx-sdk/blob/master/documents/nbsp.pdf) to the system design and implementation.
 
-* Current master support **`nightly-2018-08-25-x86_64-unknown-linux-gnu`**
+## v1.0.4 Release
+This version supports Rust nightly build (nightly-2018-10-01) in the master branch and the most recent stable build (stable-2018-09-25) in the rust-stable branch. It supports the latest Intel SGX SDK **v2.3.1** and Ubuntu Linux 18.04. It now contains further third party libraries including: bit-vec, chrono, erased-serde, fxhash, nan-preserving-float, num-bigint, quick-error, raft-rs, time, webpki-roots, and yasna. Some third party libraries, like untrusted, parity-wasm and lazy-static, are removed because they support `no_std` and can be used directly from crates.io. We strongly recommend developers upgrade to v1.0.4 and use the most recent Rust release to build it due to the [Security advisory for the standard library](https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html). Please refer to [release_notes](release_notes.md) for further details.
 
 ## v1.0.1 Release
 This version supports the Rust nightly build (nightly-2018-07-16) in master branch and the most recent Rust stable build (stable-2018-07-10). And it supports the latest Intel SGX SDK **v2.2**. New third party libraries include: bytes, http, iovec, rust-crypto, rust-fnv and rust-threshold-secret-sharing. New code sample 'secretsharing' and 'rust-threshold-secret-sharing' is provided by @davidp94. Please refer to [release_notes](release_notes.md) for further details.
@@ -22,9 +23,9 @@ This version provides a new namespace: `sgx_tstd::untrusted`, including `sgx_tst
 
 ## Requirement
 
-Ubuntu 16.04
+Ubuntu 16.04 or 18.04
 
-[Intel SGX SDK 2.2 for Linux](https://01.org/intel-software-guard-extensions/downloads) installed
+[Intel SGX SDK 2.3.1 for Linux](https://01.org/intel-software-guard-extensions/downloads) installed
 
 Docker (Recommended)
 
@@ -35,11 +36,13 @@ The docker image now supports Intel ME. If you need it, please refer to the sgxt
 
 ### Native without docker (Not recommended)
 
-Install Intel SGX driver and SDK first. And refer to [Dockerfile](https://github.com/baidu/rust-sgx-sdk/blob/master/dockerfile/Dockerfile) or stable branch [Dockerfile](https://github.com/baidu/rust-sgx-sdk/blob/master/dockerfile/rust-stable/Dockerfile) to setup your own native Rust-SGX environment.
+Install Intel SGX driver and SDK first. And refer to [Dockerfile](dockerfile/Dockerfile.1604.nightly) or stable branch [Dockerfile](Dockerfile.1604.stable) to setup your own native Rust-SGX environment.
 
 ### Using docker (Recommended) without ME support
 
-First, make sure Intel SGX Driver 2.2 is installed and functions well. `/dev/isgx` should be appeared.
+* As of v1.0.4, we provide 4 docker images: `baiduxlab/sgx-rust:1604` `baiduxlab/sgx-rust:1804` `baiduxlab/sgx-rust-stable:1604` `baiduxlab/sgx-rust-stable:1804`. The `latest` tag pins on `baiduxlab/sgx-rust:1604`.
+
+First, make sure Intel SGX Driver 2.3.1 is installed and functions well. `/dev/isgx` should appear.
 
 Second, pull the docker image. If you'd like to work on stable branch of Rust and `rust-stable` branch of this SDK, please pull `baiduxlab/sgx-rust-stable` instead.
 
@@ -51,14 +54,7 @@ Third, start a docker with sgx device support and the Rust SGX SDK.
 
 Next, start the aesm service inside the docker
 
-`root@docker:/# /opt/intel/sgxpsw/aesm/aesm_service &`
-
-Next, upgrade the toolchain (to the aforementioned version) to use the **master** branch
-
-```
-root@docker:/# rustup default nightly-2018-08-25-x86_64-unknown-linux-gnu
-root@docker:/# rustup component add rust-src
-```
+`root@docker:/# /opt/intel/libsgx-enclave-common/aesm/aesm_service &`
 
 Finally, check if the sample code works
 
@@ -70,7 +66,7 @@ Finally, check if the sample code works
 
 ## Build the docker image by yourself
 
-Make sure Intel SGX SDK is properly installed and service started on the host OS. Then `cd dockerfile` and run `docker build -t rust-sgx-docker` to build.
+Make sure Intel SGX SDK is properly installed and service started on the host OS. Then `cd dockerfile` and run `docker build -t rust-sgx-docker -f Dockerfile.1604.nightly .` to build.
 
 ## Use simulation mode for non SGX-enabled machine (includes macOS)
 
@@ -163,9 +159,9 @@ We provide eighteen sample codes to help developers understand how to write Encl
 
 * `switchless` shows the usage of latest "switchless" execution model provided by intel. Please pay attention to the Makefile and the position of link flag "-lsgx_tswitchless".
 
-# Samples of ported third-party libraries
+* `mutual-ra` provides remote attestation based TLS connection between SGX enclaves. See the [readme](samplecode/mutual-ra/Readme.md) for details.
 
-As of v0.9.5, we provide 25 ported third-party libraries. All of them could be compiled using xargo (`XARGO_SGX=1` make) or cargo (`make`).
+* `ue-ra` provides remote attestation based TLS connection between an untrusted party and one SGX enclave. See the [readme](samplecode/ue-ra/Readme.md) for details.
 
 # Tips for writing enclaves in Rust
 
@@ -189,7 +185,7 @@ Baidu Rust-SGX SDK is provided under the BSD license. Please refer to the [Licen
 
 # Authors
 
-Ran Duan, Long Li, Shi Jia, Yu Ding, Lenx Wei, Tanghui Chen
+Ran Duan, Long Li, Shi Jia, Yu Ding, Yulong Zhang, Yueqiang Cheng, Lenx Wei, Tanghui Chen
 
 ![Baidu X-Lab Logo](https://raw.githubusercontent.com/baidu/rust-sgx-sdk/master/logo_25.png)
 

common/inc/mbusafecrt.h

@@ -0,0 +1,83 @@
+//
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information. 
+//
+
+/***
+*   mbusafecrt.h - public declarations for SafeCRT lib
+*
+
+*
+*   Purpose:
+*       This file contains the public declarations SafeCRT
+*       functions ported to MacOS. These are the safe versions of
+*       functions standard functions banned by SWI
+*
+
+****/
+
+/* shields! */
+
+#ifndef MBUSAFECRT_H
+#define MBUSAFECRT_H
+#include <string.h>
+#include <stdarg.h>
+#include <wchar.h>
+typedef wchar_t WCHAR;
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+extern errno_t strcat_s( char* ioDest, size_t inDestBufferSize, const char* inSrc );
+extern errno_t wcscat_s( WCHAR* ioDest, size_t inDestBufferSize, const WCHAR* inSrc );
+
+extern errno_t strncat_s( char* ioDest, size_t inDestBufferSize, const char* inSrc, size_t inCount );
+extern errno_t wcsncat_s( WCHAR* ioDest, size_t inDestBufferSize, const WCHAR* inSrc, size_t inCount );
+
+extern errno_t strcpy_s( char* outDest, size_t inDestBufferSize, const char* inSrc );
+extern errno_t wcscpy_s( WCHAR* outDest, size_t inDestBufferSize, const WCHAR* inSrc );
+
+extern errno_t strncpy_s( char* outDest, size_t inDestBufferSize, const char* inSrc, size_t inCount );
+extern errno_t wcsncpy_s( WCHAR* outDest, size_t inDestBufferSize, const WCHAR* inSrc, size_t inCount );
+
+extern char* strtok_s( char* inString, const char* inControl, char** ioContext );
+extern WCHAR* wcstok_s( WCHAR* inString, const WCHAR* inControl, WCHAR** ioContext );
+
+extern size_t wcsnlen( const WCHAR* inString, size_t inMaxSize );
+
+extern errno_t _itoa_s( int inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
+extern errno_t _itow_s( int inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
+
+extern errno_t _ltoa_s( long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
+extern errno_t _ltow_s( long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
+
+extern errno_t _ultoa_s( unsigned long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
+extern errno_t _ultow_s( unsigned long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
+
+extern errno_t _i64toa_s( long long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
+extern errno_t _i64tow_s( long long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
+
+extern errno_t _ui64toa_s( unsigned long long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
+extern errno_t _ui64tow_s( unsigned long long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
+
+extern int sprintf_s( char *string, size_t sizeInBytes, const char *format, ... );
+extern int swprintf_s( WCHAR *string, size_t sizeInWords, const WCHAR *format, ... );
+
+extern int _snprintf_s( char *string, size_t sizeInBytes, size_t count, const char *format, ... );
+extern int _snwprintf_s( WCHAR *string, size_t sizeInWords, size_t count, const WCHAR *format, ... );
+
+extern int _vsprintf_s( char* string, size_t sizeInBytes, const char* format, va_list arglist );
+extern int _vsnprintf_s( char* string, size_t sizeInBytes, size_t count, const char* format, va_list arglist );
+
+extern int _vswprintf_s( WCHAR* string, size_t sizeInWords, const WCHAR* format, va_list arglist );
+extern int _vsnwprintf_s( WCHAR* string, size_t sizeInWords, size_t count, const WCHAR* format, va_list arglist );
+
+extern errno_t memcpy_s( void * dst, size_t sizeInBytes, const void * src, size_t count );
+extern errno_t memmove_s( void * dst, size_t sizeInBytes, const void * src, size_t count );
+
+#ifdef __cplusplus
+    }
+#endif
+
+#endif	/* MBUSAFECRT_H */