From 4ab3d2e7509a1c8cac7cd6dd960b21a672255782 Mon Sep 17 00:00:00 2001 From: Sascha Tommasone Date: Mon, 1 Jul 2024 15:23:26 +0200 Subject: [PATCH] [Assignment-7] improved error handling; add (un)sealing prototypes --- .../src/enclave/enclave.c | 130 +++++++++++++++--- .../src/enclave/enclave.edl | 4 +- .../src/enclave/enclave.h | 6 +- 3 files changed, 117 insertions(+), 23 deletions(-) diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.c b/Assignment 7 - SGX Hands-on/src/enclave/enclave.c index 4f851ad..5c74dff 100644 --- a/Assignment 7 - SGX Hands-on/src/enclave/enclave.c +++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.c @@ -1,8 +1,47 @@ +/* + * Copyright (C) 2011-2018 Intel Corporation. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + + +#include +#include /* vsnprintf */ +#include +#include + #include "Enclave.h" #include "Enclave_t.h" +#include #include #include + sgx_status_t seal_key_pair(sgx_ec256_private_t *private, sgx_ec256_public_t *public, uint8_t *sealed, uint32_t *sealed_size) { // handle missing keypair if((private == NULL) || (public == NULL)) @@ -39,11 +78,11 @@ sgx_status_t seal_key_pair(sgx_ec256_private_t *private, sgx_ec256_public_t *pub return SGX_SUCCESS; } -sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) { - // return if no sealed data provided - if(sealed == NULL) +sgx_status_t unseal_key_pair(uint8_t *sealed, uint32_t *sealed_size, sgx_ec256_private_t *private, sgx_ec256_public_t *public) { + // handle missing sealed data + if((sealed == NULL) || (sealed_size == 0)) return SGX_ERROR_UNEXPECTED; - + // calculate public_key size and return error for unexpected results uint32_t pk_size = sgx_get_add_mac_txt_len((const sgx_sealed_data_t *)sealed); uint32_t sk_size = sgx_get_encrypt_txt_len((const sgx_sealed_data_t *)sealed); @@ -66,44 +105,97 @@ sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t free(sk); return status; } - - // copy public key into return buffers - if((gx != NULL) && (gy != NULL)) { - memcpy(gx, pk, SGX_ECP256_KEY_SIZE); - memcpy(gy, pk + SGX_ECP256_KEY_SIZE, SGX_ECP256_KEY_SIZE); + + // copy buffers into key structs + if(public != NULL) { + memcpy(public->gx, pk, SGX_ECP256_KEY_SIZE); + memcpy(public->gy, pk + SGX_ECP256_KEY_SIZE, SGX_ECP256_KEY_SIZE); + } + if (private != NULL) { + memcpy(private->r, sk, SGX_ECP256_KEY_SIZE); } - // free allocated memory and return success + // free temporary buffers free(pk); free(sk); + + // return success return SGX_SUCCESS; } -sgx_status_t sign_firmware(uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size) { +sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) { + // return if no sealed data provided + if(sealed == NULL) + return SGX_ERROR_UNEXPECTED; + + // unseal public key + sgx_ec256_public_t public; + if(unseal_key_pair(sealed, sealed_size, NULL, &public) != SGX_SUCCESS) { + return SGX_ERROR_UNEXPECTED; + } + + // copy public key into return buffers + if((gx != NULL) && (gy != NULL)) { + memcpy(gx, public.gx, SGX_ECP256_KEY_SIZE); + memcpy(gy, public.gy, SGX_ECP256_KEY_SIZE); + } + + return SGX_SUCCESS; +} + +sgx_status_t sign_firmware(const uint8_t *sealed, size_t sealed_size, uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size) { + // handle missing sealed buffer + if((sealed == NULL) || (sealed_size == 0)) { + return SGX_ERROR_UNEXPECTED; + } + + // handle missing firmware buffer + if((data == NULL) || (data_size == 0)) { + return SGX_ERROR_UNEXPECTED; + } + + // declare need structures sgx_ecc_state_handle_t ecc_handle; sgx_ec256_private_t private; sgx_ec256_public_t public; + // open ecc handle sgx_status_t status; if((status = sgx_ecc256_open_context(&ecc_handle)) != SGX_SUCCESS) { return status; } + + // try unseal keypair + sgx_status_t seal_status; + if(seal_status = unseal_key_pair(sealed, &sealed_size, &private, NULL) != SGX_SUCCESS) { + if((status = sgx_ecc256_create_key_pair(&private, &public, ecc_handle)) != SGX_SUCCESS) { + sgx_ecc256_close_context(ecc_handle); + return status; + } + } - if((status = sgx_ecc256_create_key_pair(&private, &public, ecc_handle)) != SGX_SUCCESS) { - sgx_ecc256_close_context(ecc_handle); - return status; - } - + // create signature sgx_ec256_signature_t ecc_signature; if((status = sgx_ecdsa_sign(data, data_size, &private, &ecc_signature, ecc_handle)) != SGX_SUCCESS) { sgx_ecc256_close_context(ecc_handle); return status; } + // copy signature to return buffer + // TODO: endian swap + if((signature == NULL) || (signature_size == 0)) { + sgx_ecc256_close_context(ecc_handle); + return SGX_ERROR_UNEXPECTED; + } memcpy(signature, ecc_signature.x, SGX_ECP256_KEY_SIZE); memcpy(signature + SGX_ECP256_KEY_SIZE, ecc_signature.y, SGX_ECP256_KEY_SIZE); - //signature_size = 2 * SGX_ECP256_KEY_SIZE; + + if(seal_status != SGX_SUCCESS) { + seal_status = seal_key_pair(&private, &public, sealed, &sealed_size); + // TODO: return sealed keypair + } + // close ecc handle and return success sgx_ecc256_close_context(ecc_handle); - return SGX_SUCCESS; -} \ No newline at end of file + return seal_status; +} diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl b/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl index b838f35..1764531 100644 --- a/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl +++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl @@ -41,7 +41,7 @@ enclave { trusted { public sgx_status_t public_key([in, size=sealed_size]const uint8_t *sealed, size_t sealed_size, [out]uint8_t *gx, [out]uint8_t *gy); - public sgx_status_t sign_firmware([in, size=data_size]uint8_t *data, size_t data_size, [out, size=signature_size]uint8_t *signature, size_t signature_size); + public sgx_status_t sign_firmware([in, size=data_size]const uint8_t *sealed, size_t sealed_size, [in, size=data_size]uint8_t *data, size_t data_size, [out, size=signature_size]uint8_t *signature, size_t signature_size); }; /* @@ -50,6 +50,6 @@ enclave { * [string]: specifies 'str' is a NULL terminated buffer. */ untrusted { - int read_file([in, string] path_to_file, [out, size=bsize] uint8_t *buffer, size_t bsize); + }; }; \ No newline at end of file diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.h b/Assignment 7 - SGX Hands-on/src/enclave/enclave.h index cc59694..9a6fb95 100644 --- a/Assignment 7 - SGX Hands-on/src/enclave/enclave.h +++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.h @@ -34,10 +34,12 @@ #define _ENCLAVE_H_ #include +#include #include +#include #include -sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy); -sgx_status_t sign_firmware(uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size); +sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy); +sgx_status_t sign_firmware(const uint8_t *sealed, size_t sealed_size, uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size); #endif /* !_ENCLAVE_H_ */ \ No newline at end of file