This directory contains several example programs that demonstrate how to use the sst-c-api with the main SST (Secure Swarm Toolkit) repo.
For the rest of this document, we use $SST_ROOT for the root directory of SST’s main repository (iotauth), and this repository (sst-c-api) is assumed to be checked out as a submodule under $SST_ROOT/entity/c.
Each subdirectory here has its own README.md with detailed build and run instructions. This file gives a high-level overview and links into those examples.
A minimal example showing how to build a secure client–server application using SST:
- Uses Auth to distribute session keys between a client and a server.
- Demonstrates basic secure messaging over TCP channels.
- Shows how to configure entities via
.configfiles and connect them through Auth.
For compilation and step-by-step run instructions, see:
Examples that integrate SST with IPFS to realize a secure file-sharing workflow:
entity_uploaderencrypts a file with an SST session key and uploads it to IPFS.entity_downloaderobtains the file hash and session key information from a file system manager, retrieves the encrypted file from IPFS, and decrypts it using SST.- Includes both C and C++ entity implementations.
For compilation and step-by-step run instructions, see:
- Higher-level description in the main SST repo:
$SST_ROOT/examples/file_sharing/README.md - C example:
ipfs_examples/c/README.md - C++ example:
ipfs_examples/cpp/README.md
An example focused on block-based file encryption, inspired by RocksDB-style block layouts:
- Random key–value pairs are packed into fixed-size (32 KB) blocks.
- Remaining space in a block is zero-padded.
- Each block is encrypted with a session key obtained via SST.
- Multiple encrypted blocks are written into files, along with metadata describing the session keys used.
- A separate reader:
- Loads metadata.
- Requests corresponding session keys.
- Decrypts the blocks and verifies them against plaintext copies.
For compilation and step-by-step run instructions, see:
A testbed to experiment attacks on SST.
- Uses Auth, example entities, and CSV-driven traffic patterns.
- Includes:
- Basic messaging between client and server.
- Replay attack scenarios (sequence number manipulation).
- Denial of Service (DoS) attacks:
- To Auth via excessive session key requests (DoSK).
- To server via repeated message sending (DoSM).
- To server (and indirectly Auth) via repeated connection requests (DoSC).
- Distributed DoS (DDoS)-style scenarios with multiple clients.
For compilation steps, and detailed instructions for each scenario, see:
Each of these examples is designed to be run together with the Java Auth server in $SST_ROOT/auth/auth-server/.
For deeper background on the architecture and example setups, refer to the corresponding README.md files in the main SST (iotauth) repository as well.