From 76d8d4a2f481811c3f91338942d3f145bd8faf5c Mon Sep 17 00:00:00 2001 From: Sascha Tommasone Date: Sun, 30 Jun 2024 17:47:22 +0200 Subject: [PATCH] [Assignment-7] add first enclave part --- .../src/enclave/enclave.c | 28 ++++++++++ .../src/enclave/enclave.config.xml | 12 ++++ .../src/enclave/enclave.edl | 55 +++++++++++++++++++ .../src/enclave/enclave.h | 43 +++++++++++++++ 4 files changed, 138 insertions(+) create mode 100644 Assignment 7 - SGX Hands-on/src/enclave/enclave.c create mode 100644 Assignment 7 - SGX Hands-on/src/enclave/enclave.config.xml create mode 100644 Assignment 7 - SGX Hands-on/src/enclave/enclave.edl create mode 100644 Assignment 7 - SGX Hands-on/src/enclave/enclave.h diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.c b/Assignment 7 - SGX Hands-on/src/enclave/enclave.c new file mode 100644 index 0000000..43da513 --- /dev/null +++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.c @@ -0,0 +1,28 @@ +#include "Enclave.h" +#include "Enclave_t.h" +#include +#include + +sgx_status_t public_key(uint8_t *gx, uint8_t *gy) { + // unseal key or from file system +} + +sgx_status_t sign_firmware(uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size) { + sgx_ecc_state_handle_t ecc_handle; + sgx_ec256_private_t private; + sgx_ec256_public_t public; + + sgx_status_t status; + if((status = sgx_ecc256_open_context(&ecc_handle)) != SGX_SUCCESS) + return status; + + if((status = sgx_ecc256_create_key_pair(&private, &public, ecc_handle)) != SGX_SUCCESS) + return status; + + sgx_ec256_signature_t ecc_signature; + if((status = sgx_ecdsa_sign(data, data_size, &private, &ecc_signature, ecc_handle)) != SGX_SUCCESS) + return status; + + sgx_ecc256_close_context(ecc_handle); + return SGX_SUCCESS; +} \ No newline at end of file diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.config.xml b/Assignment 7 - SGX Hands-on/src/enclave/enclave.config.xml new file mode 100644 index 0000000..9cda762 --- /dev/null +++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.config.xml @@ -0,0 +1,12 @@ + + 0 + 0 + 0x400000 + 0x1000000 + 10 + 1 + + 0 + 0 + 0xFFFFFFFF + \ No newline at end of file diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl b/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl new file mode 100644 index 0000000..0603b71 --- /dev/null +++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl @@ -0,0 +1,55 @@ +/* + * Copyright (C) 2011-2018 Intel Corporation. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +/* Enclave.edl - Top EDL file. */ + +enclave { + + /* Import ECALL/OCALL from sub-directory EDLs. + * [from]: specifies the location of EDL file. + * [import]: specifies the functions to import, + * [*]: implies to import all functions. + */ + + trusted { + public sgx_status_t public_key([out]uint8_t *gx, [out]uint8_t *gy); + public sgx_status_t sign_firmware([in, size=data_size]uint8_t *data, size_t data_size, [out, size=signature_size]uint8_t *signature, size_t signature_size); + }; + + /* + * ocall_print_string - invokes OCALL to display string buffer inside the enclave. + * [in]: copy the string buffer to App outside. + * [string]: specifies 'str' is a NULL terminated buffer. + */ + untrusted { + + }; +}; \ No newline at end of file diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.h b/Assignment 7 - SGX Hands-on/src/enclave/enclave.h new file mode 100644 index 0000000..fa41d3f --- /dev/null +++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.h @@ -0,0 +1,43 @@ +/* + * Copyright (C) 2011-2018 Intel Corporation. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + + +#ifndef _ENCLAVE_H_ +#define _ENCLAVE_H_ + +#include +#include +#include + +sgx_status_t public_key(uint8_t *gx, uint8_t *gy); +sgx_status_t sign_firmware(uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size); + +#endif /* !_ENCLAVE_H_ */ \ No newline at end of file