passhield

module

v0.0.0-...-e09190d Latest Latest Go to latest Published: Apr 22, 2023 License: MIT

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/shshengeng/passhield

Links

Open Source Insights

README ¶

pasShield - Protecting Web Passwords using Intel SGX

Introduction

pasShield is a server-side technology for protecting password databases. pasShield's server-side password protection service is a drop-in replacement for standard password hashing functions. It computes a Hash-based message authentication code(HMAC) on passwords before they are stored in the database. An adversary must obtain the HMAC key in order to perform offline guessing attacks against a stolen password database. SafeKeeper generates and protects this key within a Trusted Execution Environment, realized using Ego SDK.

Building instructions

Prerequisites

Install Ego SDK, The easiest way to install EGo is via the snap:

sudo snap install ego-dev --classic

You also need gcc and libcrypto. On Ubuntu install them with:

sudo apt install build-essential libssl-dev

Building and run

Building and running a confidential Go app is as easy as:

ego-go build hello.go
ego sign hello
ego run hello

For developper:

Server side should install python server and passhield ego server, git clone this repo:

Python Server Installation

First clone this repo, then run app.py under backend folder in background, you run it by gunicorn(that's we used). You cao do it like this:

pip3 install gunicorn\
gunicorn -w 4 -b 127.0.0.1:5001 app.py

Make sure install depencies first:

pip3 install -r requirements.txt

PasShield Ego server Installation

Building instructions

make sure change the directory in the mouts of enclave.json to the directory of your own:

 "securityVersion": 2,
    "mounts": [
        {
            "source": "/the directory of your own",
            "target": "/the directory of your own",
            "type": "hostfs",
            "readOnly": false
        }
    ],

Building and running a confidential Go app is as easy as:

ego-go build server.go
ego sign server
ego run server

For user/client:

Passhield Webaddon Installation:

To install the extension, make sure you have installed firefox browser(this addon is built for firefox) and downlowned the passhield-firefox code in your own computer, open the firefox and input address about:debugging, then click 'this firefox' on left side, then click 'Load Temporary Add-on', select the manifest.json under pasShield-firefox folder. Then, you are all set to use pasShield.

Directories ¶

Path	Synopsis
pasShield-firefox
src

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL