Start on the enclave side of the untrusted app to enclave I/O

Enclave/comms.cpp

@@ -11,14 +11,62 @@
 static sgx_ec256_private_t g_privkey;
 static sgx_ec256_public_t g_pubkey;
 
+// What step of the handshake are we on?
+enum HandshakeStep {
+    HANDSHAKE_NONE,
+    HANDSHAKE_C_SENT_1,
+    HANDSHAKE_S_SENT_2,
+    HANDSHAKE_COMPLETE
+};
+
 // Communication state for a node
 struct NodeCommState {
     sgx_ec256_public_t pubkey;
+    nodenum_t node_num;
+    HandshakeStep handshake_step;
+
+    // Our DH keypair during the handshake
+    sgx_ec256_private_t handshake_privkey;
+    sgx_ec256_public_t handshake_pubkey;
+
+    // The peer's DH public key during the handshake
+    sgx_ec256_public_t handshake_peer_pubkey;
+
+    // The outgoing and incoming AES keys after the handshake
+    sgx_aes_gcm_128bit_key_t out_aes_key, in_aes_key;
+
+    // The outgoing and incoming IV counters
+    uint8_t out_aes_iv[SGX_AESGCM_IV_SIZE];
+    uint8_t in_aes_iv[SGX_AESGCM_IV_SIZE];
+
+    // The current outgoing frame and the current offset into it
+    uint8_t *frame;
+    uint32_t frame_offset;
+
+    // The current outgoing message size and the offset into it of the
+    // start of the current frame
+    uint32_t msg_size;
+    uint32_t msg_frame_offset;
+
+    // The current incoming message size and the offset into it of all
+    // previous chunks of this message
+    uint32_t in_msg_size;
+    uint32_t in_msg_offset;
+    // The internal buffer where we're storing the (decrypted) message
+    uint8_t *in_msg_buf;
+
+    NodeCommState(const sgx_ec256_public_t* conf_pubkey, nodenum_t i) :
+            node_num(i), handshake_step(HANDSHAKE_NONE), frame(NULL),
+            frame_offset(0), msg_size(0), msg_frame_offset(0),
+            in_msg_size(0), in_msg_offset(0), in_msg_buf(NULL) {
+        memmove(&pubkey, conf_pubkey, sizeof(pubkey));
+    }
 };
 
 // The communication states for all the nodes.  There's an entry for
 // ourselves in here, but it is unused.
 static std::vector<NodeCommState> commstates;
+static nodenum_t tot_nodes;
 
 // Generate a new identity signature key.  Output the public key and the
 // sealed private key.  outsealedpriv must point to SEALEDPRIVKEY_SIZE =
@@ -90,7 +138,8 @@ bool comms_init_nodestate(const EnclaveAPINodeConfig *apinodeconfigs,
     sgx_ecc256_open_context(&ecc_handle);
 
     commstates.clear();
-    commstates.resize(num_nodes);
+    tot_nodes = 0;
+    commstates.reserve(num_nodes);
     for (nodenum_t i=0; i<num_nodes; ++i) {
         // Check that the pubkey is valid
         int valid;
@@ -102,8 +151,7 @@ bool comms_init_nodestate(const EnclaveAPINodeConfig *apinodeconfigs,
             sgx_ecc256_close_context(ecc_handle);
             return false;
         }
-        memmove(&commstates[i].pubkey, &apinodeconfigs[i].pubkey,
-            sizeof(commstates[i].pubkey));
+        commstates.emplace_back(&apinodeconfigs[i].pubkey, i);
     }
     sgx_ecc256_close_context(ecc_handle);
 
@@ -121,16 +169,30 @@ bool comms_init_nodestate(const EnclaveAPINodeConfig *apinodeconfigs,
         }
     }
 
+    tot_nodes = num_nodes;
     return true;
 }
 
 bool ecall_message(nodenum_t node_num, uint32_t message_len)
 {
-    return false;
+    if (node_num >= tot_nodes) {
+        printf("Out-of-range node_num %hu received in ecall_message\n",
+            node_num);
+        return false;
+    }
+    NodeCommState &nodest = commstates[node_num];
+
+    if (nodest.in_msg_size != nodest.in_msg_offset) {
+        printf("Received ecall_message without completing previous message\n");
+        return false;
+    }
+    printf("ecall_message called\n");
+    return true;
 }
 
 bool ecall_chunk(nodenum_t node_num, const uint8_t *chunkdata,
     uint32_t chunklen)
 {
-    return false;
+    printf("ecall_chunk called\n");
+    return true;
 }

Makefile

@@ -284,8 +284,8 @@ depend:
 
 App/appconfig.o: Untrusted/Untrusted.hpp Enclave/enclave_api.h
 App/appconfig.o: App/appconfig.hpp
-App/net.o: Untrusted/Enclave_u.h Enclave/enclave_api.h App/net.hpp
-App/net.o: App/appconfig.hpp
+App/net.o: Untrusted/Enclave_u.h Enclave/enclave_api.h
+App/net.o: Untrusted/Untrusted.hpp App/net.hpp App/appconfig.hpp
 App/start.o: App/start.hpp App/net.hpp App/appconfig.hpp
 App/start.o: Enclave/enclave_api.h
 App/teems.o: Untrusted/Untrusted.hpp Enclave/enclave_api.h App/appconfig.hpp