fuzz/*,cmake/*: fuzz APIs in sgx mode

fuzz `rats_tls_init()`, `rats_tls_negotiate()`, `rats_tls_transmit()`, `rats_tls_receive()` and `rats_tls_cleanup()` in sgx mode Signed-off-by: Pengyu Chen <[email protected]>
inclavare-containers · Oct 1, 2023 · 58930bb · 58930bb
1 parent b655a4a
commit 58930bb
Show file tree

Hide file tree

Showing 14 changed files with 507 additions and 19 deletions.
diff --git a/cmake/CompilerOptions.cmake b/cmake/CompilerOptions.cmake
@@ -1,5 +1,5 @@
 # Normal and occlum mode
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu11 -fPIC -Werror=implicit-function-declaration")
+# set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu11 -fPIC -Werror=implicit-function-declaration")
 set(RATS_TLS_LDFLAGS "-fPIC -Bsymbolic -ldl")
 
 if(OCCLUM)
@@ -12,6 +12,16 @@ else()
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O2")
 endif()
 
+if((BUILD_FUZZ) AND (SGX))
+    set(SGX_COMMON_CFLAGS "${SGX_COMMON_FLAGS} -Wstrict-prototypes  -Wno-implicit-function-declaration")
+    set(SGX_COMMON_CXXFLAGS "${SGX_COMMON_FLAGS} -Wnon-virtual-dtor")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC -Werror=implicit-function-declaration")
+elseif()
+    set(SGX_COMMON_CFLAGS "${SGX_COMMON_FLAGS} -Wstrict-prototypes -Wunsuffixed-float-constants -Wno-implicit-function-declaration -std=c11")
+    set(SGX_COMMON_CXXFLAGS "${SGX_COMMON_FLAGS} -Wnon-virtual-dtor -std=c++11")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu11 -fPIC -Werror=implicit-function-declaration")
+endif()
+
 # SGX mode
 if(SGX)
     if(SGX_HW)
@@ -56,8 +66,8 @@ if(SGX)
         set(ENCLAVE_COMMON_FLAGS "${ENCLAVE_COMMON_FLAGS} -fstack-protector-strong")
     endif()
 
-    set(SGX_COMMON_CFLAGS "${SGX_COMMON_FLAGS} -Wstrict-prototypes -Wunsuffixed-float-constants -Wno-implicit-function-declaration -std=c11")
-    set(SGX_COMMON_CXXFLAGS "${SGX_COMMON_FLAGS} -Wnon-virtual-dtor -std=c++11")
+    # set(SGX_COMMON_CFLAGS "${SGX_COMMON_FLAGS} -Wstrict-prototypes -Wunsuffixed-float-constants -Wno-implicit-function-declaration -std=c11")
+    # set(SGX_COMMON_CXXFLAGS "${SGX_COMMON_FLAGS} -Wnon-virtual-dtor -std=c++11")
 
     set(ENCLAVE_INCLUDES "${SGX_INCLUDE}" "${SGX_TLIBC_INCLUDE}" "${SGX_LIBCXX_INCLUDE}" "/usr/include")
     set(ENCLAVE_C_FLAGS "${CMAKE_C_FLAGS} ${SGX_COMMON_CFLAGS} ${ENCLAVE_COMMON_FLAGS}")
@@ -67,3 +77,4 @@ if(SGX)
     set(APP_C_FLAGS "${CMAKE_C_FLAGS} ${SGX_COMMON_CFLAGS} ${APP_COMMON_FLAGS}")
     set(APP_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${SGX_COMMON_CXXFLAGS} ${APP_COMMON_FLAGS}")
 endif()
+
diff --git a/fuzz/CMakeLists.txt b/fuzz/CMakeLists.txt
@@ -1,4 +1,10 @@
-add_subdirectory(tls_init)
-add_subdirectory(tls_negotiate)
-add_subdirectory(tls_server)
-add_subdirectory(tls_transmit)
+if(SGX)
+    add_subdirectory(tls_init)
+else()
+    add_subdirectory(tls_negotiate)
+    add_subdirectory(tls_server)
+    add_subdirectory(tls_transmit)
+endif()
+if(SGX)
+    add_subdirectory(sgx-stub-enclave)
+endif()
diff --git a/fuzz/sgx-stub-enclave/CMakeLists.txt b/fuzz/sgx-stub-enclave/CMakeLists.txt
@@ -0,0 +1,83 @@
+# Project name
+project(sgx-stub-enclave CXX)
+
+set(CMAKE_CXX_COMPILER "/usr/bin/clang++")
+set(CMAKE_CXX_FLAGS "-g ${CMAKE_CXX_FLAGS}")
+set(RATS_TLS_INSTALL_FUZZ_PATH /usr/share/rats-tls/fuzz)
+
+if((BUILD_SAMPLES) OR (BUILD_FUZZ))
+    set(INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/rats-tls
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/external/sgx-ssl/intel-sgx-ssl/src/intel-sgx-ssl/Linux/package/include
+                     )
+
+    set(LIBRARY_DIRS ${INTEL_SGXSSL_LIB_PATH}
+                     ${LIBCBOR_LIB_PATH}
+                     ${CMAKE_BINARY_DIR}/src
+                     ${CMAKE_BINARY_DIR}/src/crypto_wrappers/nullcrypto
+                     ${CMAKE_BINARY_DIR}/src/crypto_wrappers/openssl
+                     ${CMAKE_BINARY_DIR}/src/tls_wrappers/nulltls
+                     ${CMAKE_BINARY_DIR}/src/tls_wrappers/openssl
+                     ${CMAKE_BINARY_DIR}/src/verifiers/nullverifier
+                     ${CMAKE_BINARY_DIR}/src/verifiers/sgx-ecdsa-qve
+                     ${CMAKE_BINARY_DIR}/src/verifiers/tdx-ecdsa
+                     ${CMAKE_BINARY_DIR}/src/verifiers/sgx-la
+                     ${CMAKE_BINARY_DIR}/src/attesters/nullattester
+                     ${CMAKE_BINARY_DIR}/src/attesters/sgx-ecdsa
+                     ${CMAKE_BINARY_DIR}/src/attesters/sgx-la
+                     )
+
+    set(EDL_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}
+                         ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl
+                         )
+else()
+    list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake")
+    include(CustomInstallDirs)
+    include(FindRatsTls)
+    if(NOT RATS_TLS_FOUND)
+        message(FATAL_ERROR "Failed to find rats_tls!")
+    endif()
+    include(FindSGX)
+    if(NOT SGX_FOUND)
+        message(FATAL_ERROR "Failed to find sgx!")
+    endif()
+    include(CompilerOptions)
+    include(SGXCommon)
+
+    set(INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/rats-tls
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl)
+
+    set(LIBRARY_DIRS ${RATS_TLS_INSTALL_LIB_PATH})
+
+    set(EDL_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl)
+endif()
+
+include_directories(${INCLUDE_DIRS})
+link_directories(${LIBRARY_DIRS})
+
+set(E_SRCS ${CMAKE_CURRENT_SOURCE_DIR}/sgx_stub_ecall.cpp)
+set(EDLS ${CMAKE_CURRENT_SOURCE_DIR}/sgx_stub.edl)
+set(LDS ${CMAKE_CURRENT_SOURCE_DIR}/sgx_stub_enclave.lds)
+set(DEPEND_TRUSTED_LIBS crypto_wrapper_nullcrypto
+                        crypto_wrapper_openssl
+                        tls_wrapper_nulltls
+                        tls_wrapper_openssl
+                        attester_nullattester
+                        attester_sgx_ecdsa
+                        attester_sgx_la
+                        verifier_nullverifier
+                        verifier_sgx_la
+                        verifier_sgx_ecdsa_qve
+                        verifier_tdx_ecdsa
+                        rats_tls
+                        cbor
+                        )
+
+add_enclave_library(sgx_stub_enclave SRCS ${E_SRCS} EDL ${EDLS} TRUSTED_LIBS ${DEPEND_TRUSTED_LIBS} EDL_SEARCH_PATHS ${EDL_SEARCH_PATHS} LDSCRIPT ${LDS})
+enclave_sign(sgx_stub_enclave KEY sgx_stub_enclave.pem CONFIG sgx_stub_enclave.xml) 
+add_dependencies(sgx_stub_enclave rats_tls)
+
+install(FILES ${CMAKE_CURRENT_BINARY_DIR}/sgx_stub_enclave.signed.so
+        DESTINATION ${RATS_TLS_INSTALL_FUZZ_PATH})
diff --git a/fuzz/sgx-stub-enclave/sgx_stub.edl b/fuzz/sgx-stub-enclave/sgx_stub.edl
@@ -0,0 +1,12 @@
+enclave {
+        include "rats-tls/api.h"
+        include "internal/core.h"
+        include "sgx_eid.h"
+
+        from "../../src/include/edl/rtls.edl" import *;
+        from "sgx_tsgxssl.edl" import *;
+
+        trusted {
+            public int ecall_client_startup();
+        };
+};
diff --git a/fuzz/sgx-stub-enclave/sgx_stub_ecall.cpp b/fuzz/sgx-stub-enclave/sgx_stub_ecall.cpp
@@ -0,0 +1,20 @@
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+extern "C"{
+#include <rats-tls/api.h>
+#include <rats-tls/log.h>
+#include "rats-tls/api.h"
+#include "sgx_urts.h"
+}
+
+extern "C"{
+
+int ecall_client_startup(){
+    int b = 0;
+    int c = 3 + b;
+    return 0;
+}
+
+}
diff --git a/fuzz/sgx-stub-enclave/sgx_stub_ecall.h b/fuzz/sgx-stub-enclave/sgx_stub_ecall.h
@@ -0,0 +1,3 @@
+#ifndef _SGX_STUB_ECALL_H_
+#define _SGX_STUB_ECALL_H_
+#endif
diff --git a/fuzz/sgx-stub-enclave/sgx_stub_enclave.lds b/fuzz/sgx-stub-enclave/sgx_stub_enclave.lds
@@ -0,0 +1,11 @@
+libsgx_stub_enclave.so.so
+{
+    global:
+        g_global_data_sim;
+        g_global_data;
+        enclave_entry;
+        g_peak_heap_used;
+        g_peak_rsrv_mem_committed;
+    local:
+        *;
+};
diff --git a/fuzz/sgx-stub-enclave/sgx_stub_enclave.pem b/fuzz/sgx-stub-enclave/sgx_stub_enclave.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4gIBAAKCAYEAroOogvsj/fZDZY8XFdkl6dJmky0lRvnWMmpeH41Bla6U1qLZ
+AmZuyIF+mQC/cgojIsrBMzBxb1kKqzATF4+XwPwgKz7fmiddmHyYz2WDJfAjIveJ
+ZjdMjM4+EytGlkkJ52T8V8ds0/L2qKexJ+NBLxkeQLfV8n1mIk7zX7jguwbCG1Pr
+nEMdJ3Sew20vnje+RsngAzdPChoJpVsWi/K7cettX/tbnre1DL02GXc5qJoQYk7b
+3zkmhz31TgFrd9VVtmUGyFXAysuSAb3EN+5VnHGr0xKkeg8utErea2FNtNIgua8H
+ONfm9Eiyaav1SVKzPHlyqLtcdxH3I8Wg7yqMsaprZ1n5A1v/levxnL8+It02KseD
+5HqV4rf/cImSlCt3lpRg8U5E1pyFQ2IVEC/XTDMiI3c+AR+w2jSRB3Bwn9zJtFlW
+KHG3m1xGI4ck+Lci1JvWWLXQagQSPtZTsubxTQNx1gsgZhgv1JHVZMdbVlAbbRMC
+1nSuJNl7KPAS/VfzAgEDAoIBgHRXxaynbVP5gkO0ug6Qw/E27wzIw4SmjsxG6Wpe
+K7kfDeRskKxESdsA/xCrKkwGwhcx1iIgS5+Qscd1Yg+1D9X9asd/P7waPmWoZd+Z
+AhlKwhdPsO7PiF3e1AzHhGQwsUTt/Y/aSI1MpHBvy2/s1h9mFCslOUxTmWw0oj/Q
+ldIEgWeNR72CE2+jFIJIyml6ftnb6qzPiga8Bm48ubKh0kvySOqnkmnPzgh+JBD6
+JnBmtZbfPT97bwTT+N6rnPqOOApvfHPf15kWI8yDbprG1l4OCUaIUH1AszxLd826
+5IPM+8gINLRDP1MA6azECPjTyHXhtnSIBZCyWSVkc05vYmNXYUNiXWMajcxW9M02
+wKzFELO8NCEAkaTPxwo4SCyIjUxiK1LbQ9h8PSy4c1+gGP4LAMR8xqP4QKg6zdu9
+osUGG/xRe/uufgTBFkcjqBHtK5L5VI0jeNIUAgW/6iNbYXjBMJ0GfauLs+g1VsOm
+WfdgXzsb9DYdMa0OXXHypmV4GwKBwQDUwQj8RKJ6c8cT4vcWCoJvJF00+RFL+P3i
+Gx2DLERxRrDa8AVGfqaCjsR+3vLgG8V/py+z+dxZYSqeB80Qeo6PDITcRKoeAYh9
+xlT3LJOS+k1cJcEmlbbO2IjLkTmzSwa80fWexKu8/Xv6vv15gpqYl1ngYoqJM3pd
+vzmTIOi7MKSZ0WmEQavrZj8zK4endE3v0eAEeQ55j1GImbypSf7Idh7wOXtjZ7WD
+Dg6yWDrri+AP/L3gClMj8wsAxMV4ZR8CgcEA0fzDHkFa6raVOxWnObmRoDhAtE0a
+cjUj976NM5yyfdf2MrKy4/RhdTiPZ6b08/lBC/+xRfV3xKVGzacm6QjqjZrUpgHC
+0LKiZaMtccCJjLtPwQd0jGQEnKfMFaPsnhOc5y8qVkCzVOSthY5qhz0XNotHHFmJ
+gffVgB0iqrMTvSL7IA2yqqpOqNRlhaYhNl8TiFP3gIeMtVa9rZy31JPgT2uJ+kfo
+gV7sdTPEjPWZd7OshGxWpT6QfVDj/T9T7L6tAoHBAI3WBf2DFvxNL2KXT2QHAZ9t
+k3imC4f7U+wSE6zILaDZyzygA4RUbwG0gv8/TJVn2P/Eynf76DuWHGlaiLWnCbSz
+Az2DHBQBBaku409zDQym3j1ugMRjzzSQWzJg0SIyBH3hTmnYcn3+Uqcp/lEBvGW6
+O+rsXFt3pukqJmIV8HzLGGaLm62BHUeZf3dyWm+i3p/hQAL7Xvu04QW70xuGqdr5
+afV7p5eaeQIJXyGQJ0eylV/90+qxjMKiB1XYg6WYvwKBwQCL/ddpgOdHJGN8uRom
+e7Zq0Csi3hGheMKlKbN3vcxT5U7MdyHtTZZOJbTvxKNNUNYH/8uD+PqDGNneb29G
+BfGzvI3EASyLIcGZF3OhKwZd0jUrWk2y7Vhob91jwp2+t73vdMbkKyI4mHOuXvGv
+fg95si9oO7EBT+Oqvhccd2J+F1IVXncccYnF4u5ZGWt5lLewN/pVr7MjjykeaHqN
+t+rfnQam2psA6fL4zS2zTmZPzR2tnY8Y1GBTi0Ko1OKd1HMCgcAb5cB/7/AQlhP9
+yQa04PLH9ygQkKKptZp7dy5WcWRx0K/hAHRoi2aw1wZqfm7VBNu2SLcs90kCCCxp
+6C5sfJi6b8NpNbIPC+sc9wsFr7pGo9SFzQ78UlcWYK2Gu2FxlMjonhka5hvo4zvg
+WxlpXKEkaFt3gLd92m/dMqBrHfafH7VwOJY2zT3WIpjwuk0ZzmRg5p0pG/svVQEH
+NZmwRwlopysbR69B/n1nefJ84UO50fLh5s5Zr3gBRwbWNZyzhXk=
+-----END RSA PRIVATE KEY-----
diff --git a/fuzz/sgx-stub-enclave/sgx_stub_enclave.xml b/fuzz/sgx-stub-enclave/sgx_stub_enclave.xml
@@ -0,0 +1,9 @@
+<EnclaveConfiguration>
+  <ProdID>0</ProdID>
+  <ISVSVN>0</ISVSVN>
+  <StackMaxSize>0x400000</StackMaxSize>
+  <HeapMaxSize>0x1000000</HeapMaxSize>
+  <TCSNum>10</TCSNum>
+  <TCSPolicy>1</TCSPolicy>
+  <DisableDebug>0</DisableDebug>
+</EnclaveConfiguration>
diff --git a/fuzz/tls_init/CMakeLists.txt b/fuzz/tls_init/CMakeLists.txt
@@ -2,14 +2,53 @@ project(fuzz_init CXX)
 
 set(CMAKE_C_FLAGS ${CMAKE_C_FLAGS})
 set(CMAKE_CXX_COMPILER "/usr/bin/clang++")
-set(CMAKE_CXX_FLAGS "-fsanitize=address,fuzzer -g -fPIE ${CMAKE_CXX_FLAGS}")
+set(CMAKE_CXX_FLAGS "-fsanitize=address,fuzzer -g ${CMAKE_CXX_FLAGS}")
+set(RATS_TLS_INSTALL_FUZZ_PATH /usr/share/rats-tls/fuzz)
+if(NOT SGX)
+    set(CMAKE_CXX_FLAGS "-fPIE ${CMAKE_CXX_FLAGS}")
+endif()
+
+
+if(SGX)
+    list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake")
+    include(CustomInstallDirs)
+    include(FindRatsTls)
+    if(NOT RATS_TLS_FOUND)
+        message(FATAL_ERROR "Failed to find rats_tls!")
+    endif()
+
+    include(FindSGX)
+    if(NOT SGX_FOUND)
+        message(FATAL_ERROR "Failed to find sgx!")
+    endif()
 
-set(INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include
+    include(CompilerOptions)
+    include(SGXCommon)
+
+    set(EDL_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/../sgx-stub-enclave
+                            ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl
+                )
+    set(INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include
+                    ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl
                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/rats-tls
-                    ${RATS_TLS_INSTALL_INCLUDE_PATH}
                     )
-set(LIBRARY_DIRS ${RATS_TLS_INSTALL_LIB_PATH})
-set(RATS_TLS_INSTALL_FUZZ_PATH /usr/share/rats-tls/fuzz)
+    list(APPEND LIBRARY_DIRS ${CMAKE_BINARY_DIR}/src/sgx/untrust
+                            ${CMAKE_BINARY_DIR}/fuzz/sgx-stub-enclave
+                            )
+    set(EDL_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/../sgx-stub-enclave
+                        ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl
+                        )
+    set(DEPEND_UNTRUSTED_LIBS ${CMAKE_BINARY_DIR}/src/sgx/untrust/librats_tls_u.a)
+
+else()
+    set(INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include
+                        ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl
+                        ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/rats-tls
+                        ${RATS_TLS_INSTALL_INCLUDE_PATH}
+                        ${RATS_TLS_INSTALL_INCLUDE_PATH}/edl
+                        )
+    set(LIBRARY_DIRS ${RATS_TLS_INSTALL_LIB_PATH})
+endif()
 
 include_directories(${INCLUDE_DIRS})
 link_directories(${LIBRARY_DIRS})
@@ -18,8 +57,18 @@ link_directories(${LIBRARY_DIRS})
 set(SOURCES fuzz_init.cc)
 
 # Generate bin file
-add_executable(${PROJECT_NAME} ${SOURCES})
-target_link_libraries(${PROJECT_NAME} rats_tls)
+if(SGX)
+    set(EDLS ${CMAKE_CURRENT_SOURCE_DIR}/../sgx-stub-enclave/sgx_stub.edl)
+    add_untrusted_executable(${PROJECT_NAME}
+                            SRCS ${SOURCES}
+                            UNTRUSTED_LIBS ${DEPEND_UNTRUSTED_LIBS}
+                            EDL ${EDLS}
+                            EDL_SEARCH_PATHS ${EDL_SEARCH_PATHS})
+    add_dependencies(${PROJECT_NAME} sgx_stub_enclave-sign)
+else()
+    add_executable(${PROJECT_NAME} ${SOURCES})
+    target_link_libraries(${PROJECT_NAME} rats_tls)
+endif()
 
 install(TARGETS ${PROJECT_NAME}
 	DESTINATION ${RATS_TLS_INSTALL_FUZZ_PATH})
diff --git a/fuzz/tls_init/fuzz_init.cc b/fuzz/tls_init/fuzz_init.cc
@@ -12,11 +12,61 @@ extern "C" {
 #include "rats-tls/claim.h"
 #include "internal/core.h"
 }
+
 #include <fuzzer/FuzzedDataProvider.h>
 #include <vector>
 
 #define CUSTOM_CLAIMS_SIZE 10
 
+rats_tls_log_level_t global_log_level = RATS_TLS_LOG_LEVEL_DEFAULT;
+
+#ifdef SGX
+
+
+#include <sgx_urts.h>
+#include <sgx_quote.h>
+#include "sgx_stub_u.h"
+
+#define ENCLAVE_FILENAME "sgx_stub_enclave.signed.so"
+
+static sgx_enclave_id_t load_enclave(bool debug_enclave)
+{
+	sgx_launch_token_t t;
+
+	memset(t, 0, sizeof(t));
+
+	sgx_enclave_id_t eid;
+	int updated = 0;
+	int ret = sgx_create_enclave(ENCLAVE_FILENAME, debug_enclave, &t, &updated, &eid, NULL);
+	if (ret != SGX_SUCCESS) {
+		RTLS_ERR("Failed to load enclave %d\n", ret);
+		return 0;
+	}
+
+	RTLS_INFO("Success to load enclave with enclave id %ld\n", eid);
+
+	return eid;
+}
+
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size){
+	FuzzedDataProvider fuzzed_data(data , size);
+	sgx_enclave_id_t enclave_id = load_enclave(fuzzed_data.ConsumeBool());
+	if (enclave_id == 0) {
+		RTLS_ERR("Failed to load sgx stub enclave\n");
+		return -1;
+	}
+
+	unsigned long flags = 0;
+	int ret = 0;
+	// ret = ecall_client_startup();
+
+	return 0;
+}
+
+#endif
+
+#ifndef SGX
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 {
 	rats_tls_conf_t conf; // consume 192 bytes
@@ -110,4 +160,5 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 	}
 
 	return 0;
-}
+}
+#endif