Source Code Audit

1. Introduction

The source code of the task enclave needs to be audited to ensure to stakeholders that the data is processed in a privacy preserving way, according to the solution specification. The Enforcer takes the results of the source code audit as an input to verify the correctness of the dataflow configuration.
Note: The person who performs the source code audit is not necessarily the same person who has the technical Auditor role.

To perform a source code audit of the task enclaves of a Sharemind HI solution, you need to perform the following high-level steps:

  • Audit the source code of the task enclaves of the solution

  • Audit the additional source code files which are used to automate the build

  • Execute the build

  • Note and forward the enclave identities to the other stakeholders

Please note that this guide is accompanied by additional, generic Sharemind HI Installation documents which are referenced throughout this document.

If you are uncertain about how to obtain all prerequisites please contact the coordinator of the project.

For any communication regarding the Solution and its different parameters, such as certificates or enclave fingerprints, we advise using authenticated communication channels (e.g. PGP, other PKI systems, or delivering documents/data in person), which thwarts any attempts of third-party message tampering.

2. Requirements

The source code auditing can be performed with the auditor’s tool of choice. The automated build requires Docker and an internet connection.

The delivered Sharemind HI modules for inspecting the audit log of the Sharemind HI server are designed to work with Ubuntu 22.04.

3. Source Code Audit

3.1. Prerequisites

  • Source code bundle accessible from the coordinator

  • Auditor bundle accessible from the coordinator

3.2. Performing the audit

The source code which is used by the task enclaves is in the following locations:

$source_code_bundle/

The primary source code of the task enclaves.

$auditor_bundle/sharemind-hi

Additional source code from the HI installation which is included by the task enclaves, bundled as .deb packages.

The source code which is used for the automated build is in the following locations:

$auditor_bundle

The Dockerfile, docker wrapper script and cached Ubuntu APT packages which are required for the reproducible build.

4. Build the Task Enclaves

4.1. Prerequisites

  • Source code bundle accessible from the coordinator

4.2. Build process

Execute the $auditor_bundle/build.sh script as follows:

cd $auditor_bundle/

# First argument: Path to the task enclave source directory.
# Second argument: Path to the Sharemind HI production packages directory.
# Third argument: Path to the APT cache directory.
./build.sh "$source_code_bundle/task-enclaves" sharemind-hi/ubuntu-jammy apt-cache

When the enclaves have been built, the enclave identities (MRENCLAVE) are printed. This value can be sent to the other stakeholders over an authenticated channel. The enclave identities and the build log are additionally stored in files on the host system for later inspection. The paths of these artifacts are displayed in the end of the execution.

Note: The signer identity (MRSIGNER) solely depends on the enclave signing key and is independent from the enclave code. The Sharemind HI enclave signing key has an MRSIGNER value of:

b6526334ec61a3a71aea09b5b8df171c3b369f877beb2a23a047d595e9f0524b