From 5aad77ef33474ab6b1a7e64dc27ffd8e3ad385bd Mon Sep 17 00:00:00 2001 From: Sascha Tommasone Date: Tue, 2 Jul 2024 23:12:59 +0200 Subject: [PATCH] [Assignment-7] unseal_key_pair: removed dynamic memory allocations; removed unused parameter; improved error handling --- .../src/enclave/enclave.c | 36 +++++++------------ 1 file changed, 13 insertions(+), 23 deletions(-) diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.c b/Assignment 7 - SGX Hands-on/src/enclave/enclave.c index 9c98c4c..bdd0cbd 100644 --- a/Assignment 7 - SGX Hands-on/src/enclave/enclave.c +++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.c @@ -92,49 +92,39 @@ sgx_status_t seal_key_pair(sgx_ec256_private_t *private, sgx_ec256_public_t *pub return sgx_seal_data(PK_SIZE, (const uint8_t *)pk, SK_SIZE, (const uint8_t *)sk, size, (sgx_sealed_data_t *) *sealed); } -sgx_status_t unseal_key_pair(uint8_t *sealed, uint32_t *sealed_size, sgx_ec256_private_t *private, sgx_ec256_public_t *public) { - // handle missing sealed data - if((sealed == NULL) || (sealed_size == 0)) - return SGX_ERROR_UNEXPECTED; +sgx_status_t unseal_key_pair(const uint8_t *sealed, sgx_ec256_private_t *private, sgx_ec256_public_t *public) { + // invalid parameter handling + if(sealed == NULL) { + return SGX_ERROR_INVALID_PARAMETER; + } + // allocate temporary buffers on stack + uint8_t pk[PK_SIZE] = {0}; + uint8_t sk[SK_SIZE] = {0}; + // calculate public_key size and return error for unexpected results uint32_t pk_size = sgx_get_add_mac_txt_len((const sgx_sealed_data_t *)sealed); uint32_t sk_size = sgx_get_encrypt_txt_len((const sgx_sealed_data_t *)sealed); - if ((pk_size != 2*SGX_ECP256_KEY_SIZE) || (sk_size != SGX_ECP256_KEY_SIZE)) + if ((pk_size != PK_SIZE) || (sk_size != SK_SIZE)) { return SGX_ERROR_UNEXPECTED; - - // allocate memory for public and secret key - uint8_t *pk =(uint8_t *)malloc(pk_size); - uint8_t *sk =(uint8_t *)malloc(pk_size); - if((pk == NULL) || (sk == NULL)) { - free(pk); - free(sk); - return SGX_ERROR_OUT_OF_MEMORY; } // unseal ecc key pair sgx_status_t status = sgx_unseal_data((const sgx_sealed_data_t *)sealed, pk, &pk_size, sk, &sk_size); if (status != SGX_SUCCESS) { - free(pk); - free(sk); return status; } // copy buffers into key structs if(public != NULL) { - memcpy(public->gx, pk, SGX_ECP256_KEY_SIZE); - memcpy(public->gy, pk + SGX_ECP256_KEY_SIZE, SGX_ECP256_KEY_SIZE); + memcpy(public->gx, pk, PK_SIZE); } if (private != NULL) { - memcpy(private->r, sk, SGX_ECP256_KEY_SIZE); + memcpy(private->r, sk, SK_SIZE); } - // free temporary buffers - free(pk); - free(sk); - // return success - return SGX_SUCCESS; + return status; } sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) {