#include #include #include "../App/appconfig.hpp" // The next line suppresses a deprecation warning within boost #define BOOST_BIND_GLOBAL_PLACEHOLDERS #include "boost/property_tree/ptree.hpp" #include "boost/property_tree/json_parser.hpp" #include #include #include "gcm.h" #include "sgx_tcrypto.h" #include "clients.hpp" #define CEILDIV(x,y) (((x)+(y)-1)/(y)) // Split a hostport string like "127.0.0.1:12000" at the rightmost colon // into a host part "127.0.0.1" and a port part "12000". static bool split_host_port(std::string &host, std::string &port, const std::string &hostport) { size_t colon = hostport.find_last_of(':'); if (colon == std::string::npos) { std::cerr << "Cannot parse \"" << hostport << "\" as host:port\n"; return false; } host = hostport.substr(0, colon); port = hostport.substr(colon+1); return true; } // Convert a single hex character into its value from 0 to 15. Return // true on success, false if it wasn't a hex character. static inline bool hextoval(unsigned char &val, char hex) { if (hex >= '0' && hex <= '9') { val = ((unsigned char)hex)-'0'; } else if (hex >= 'a' && hex <= 'f') { val = ((unsigned char)hex)-'a'+10; } else if (hex >= 'A' && hex <= 'F') { val = ((unsigned char)hex)-'A'+10; } else { return false; } return true; } // Convert a 2*len hex character string into a len-byte buffer. Return // true on success, false on failure. static bool hextobuf(unsigned char *buf, const char *str, size_t len) { if (strlen(str) != 2*len) { std::cerr << "Hex string was not the expected size\n"; return false; } for (size_t i=0;i &ingestion_nodes, std::vector &storage_nodes) { bool found_params = false; bool ret = true; std::istringstream configstream(configstr); boost::property_tree::ptree conftree; read_json(configstream, conftree); for (auto & entry : conftree) { if (!entry.first.compare("params")) { for (auto & pentry : entry.second) { if (!pentry.first.compare("msg_size")) { config.msg_size = pentry.second.get_value(); } else if (!pentry.first.compare("user_count")) { config.user_count = pentry.second.get_value(); } else if (!pentry.first.compare("priv_out")) { config.m_priv_out = pentry.second.get_value(); } else if (!pentry.first.compare("priv_in")) { config.m_priv_in = pentry.second.get_value(); } else if (!pentry.first.compare("pub_out")) { config.m_pub_out = pentry.second.get_value(); } else if (!pentry.first.compare("pub_in")) { config.m_pub_in = pentry.second.get_value(); // Currently hardcoding an AES key for client -> server communication } else if (!pentry.first.compare("master_secret")) { std::string hex_key = pentry.second.data(); memcpy(config.master_secret, hex_key.c_str(), SGX_AESGCM_KEY_SIZE); } else { std::cerr << "Unknown field in params: " << pentry.first << "\n"; ret = false; } } found_params = true; } else if (!entry.first.compare("nodes")) { for (auto & node : entry.second) { NodeConfig nc; // All nodes need to be assigned their role in manifest.yaml nc.roles = 0; for (auto & nentry : node.second) { if (!nentry.first.compare("name")) { nc.name = nentry.second.get_value(); } else if (!nentry.first.compare("pubkey")) { ret &= hextobuf((unsigned char *)&nc.pubkey, nentry.second.get_value().c_str(), sizeof(nc.pubkey)); } else if (!nentry.first.compare("weight")) { nc.weight = nentry.second.get_value(); } else if (!nentry.first.compare("listen")) { ret &= split_host_port(nc.listenhost, nc.listenport, nentry.second.get_value()); } else if (!nentry.first.compare("clisten")) { ret &= split_host_port(nc.clistenhost, nc.clistenport, nentry.second.get_value()); } else if (!nentry.first.compare("roles")) { nc.roles = nentry.second.get_value(); } else { std::cerr << "Unknown field in host config: " << nentry.first << "\n"; ret = false; } } if(nc.roles & ROLE_INGESTION) { ingestion_nodes.push_back(std::move(nc)); } if(nc.roles & ROLE_STORAGE) { storage_nodes.push_back(std::move(nc)); } } } else { std::cerr << "Unknown key in config: " << entry.first << "\n"; ret = false; } } if (!found_params) { std::cerr << "Could not find params in config\n"; ret = false; } return ret; } static void usage(const char *argv0) { fprintf(stderr, "%s [-t nthreads] < config.json\n", argv0); exit(1); } /* Generate EMK (Encryption master Secret Key) and TMK (Token master Secret Key) */ int generateMasterKeys(sgx_aes_gcm_128bit_key_t master_secret, aes_key &EMK, aes_key &TMK ) { unsigned char zeroes[SGX_AESGCM_KEY_SIZE]; unsigned char iv[SGX_AESGCM_IV_SIZE]; unsigned char mac[SGX_AESGCM_MAC_SIZE]; memset(iv, 0, SGX_AESGCM_IV_SIZE); memset(zeroes, 0, SGX_AESGCM_KEY_SIZE); memcpy(iv, "Encryption", sizeof("Encryption")); if (sizeof(zeroes) != gcm_encrypt(zeroes, SGX_AESGCM_KEY_SIZE, NULL, 0, master_secret, iv, SGX_AESGCM_IV_SIZE, EMK, mac)) { printf("Client: generateMasterKeys FAIL\n"); return -1; } printf("\n\nEncryption Master Key: "); for(int i=0;i &ingestion_nodes, uint32_t num_clients_total, uint32_t clients_per_ing, uint32_t ing_with_additional) { aes_key client_key; for(uint32_t i=cstart; i ing_with_additional && ing_with_additional!=0) { uint16_t leftover = num_clients_total - (ing_with_additional * clients_per_ing); ing_node_this_client = ing_with_additional + (leftover / (clients_per_ing-1)); } int ret = generateClientEncryptionKey(i, EMK, client_key); clients[i].initClient(i, client_key); clients[i].initializeSocket(io_context, ingestion_nodes[ing_node_this_client]); clients[i].sendAuthMessage(); /* // Test that the keys generated match those generated within // enclave config unsigned char *ckey; ckey = clients[i].getKey(); printf("Client %d, id = %d, key: ", i, clients[i].getid()); for(int j=0;j ingestion_nodes, storage_nodes; ++argv; // Parse options while (*argv && (*argv)[0] == '-') { if (!strcmp(*argv, "-t")) { if (argv[1] == NULL) { usage(progname); } nthreads = uint16_t(atoi(argv[1])); argv += 2; } else { usage(progname); } } printf("nthreads = %d\n", nthreads); // Read the config.json from the first line of stdin. We have to do // this before outputting anything to avoid potential deadlock with // the launch program. std::string configstr; std::getline(std::cin, configstr); Config config; aes_key EMK, TMK; boost::asio::io_context io_context; boost::asio::ip::tcp::resolver resolver(io_context); if (!config_parse(config, configstr, ingestion_nodes, storage_nodes)) { exit(1); } Client *clients = new Client[config.user_count]; printf("Number of ingestion_nodes = %ld, Number of storage_node = %ld\n", ingestion_nodes.size(), storage_nodes.size()); generateMasterKeys(config.master_secret, EMK, TMK); uint32_t num_clients_total = config.user_count; uint16_t num_ing_nodes = ingestion_nodes.size(); uint32_t clients_per_ing = CEILDIV(num_clients_total, num_ing_nodes); uint32_t clients_per_thread = CEILDIV(num_clients_total, nthreads); uint16_t ing_with_additional = num_clients_total % num_ing_nodes; std::thread threads[nthreads]; // Generate all the clients for the experiment for(int i=0; i