Home Explore Help
Sign In
iang
/
teems
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: d4e3e7f793
Branches Tags
teems
/
Enclave
/
storage.cpp

storage.cpp 21 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605 
  1. #include "utils.hpp"
    2. 

  2. #include "config.hpp"
    3. 

  3. #include "ORExpand.hpp"
    4. 

  4. #include "sort.hpp"
    5. 

  5. #include "storage.hpp"
    6. 

  6. #include "client.hpp"
    7. 

  7. 

  8. #define PROFILE_STORAGE
    9. 

  9. 

  10. static std::vector<StgClient> clients;
    11. 

  11. static uint8_t *epoch_tokens;
    12. 

  12. static uint8_t *epoch_mailboxes;
    13. 

  13. 

  14. static struct {
    15. 

  15.     uint32_t max_users;
    16. 

  16.     uint32_t my_storage_node_id;
    17. 

  17.     // A local storage buffer, used when we need to do non-in-place
    18. 

  18.     // sorts of the messages that have arrived
    19. 

  19.     MsgBuffer stg_buf;
    20. 

  20.     // The destination vector for ORExpand
    21. 

  21.     std::vector<uint32_t> dest;
    22. 

  22.     // The selected array for compaction during public routing
    23. 

  23.     // Need a bool array for compaction, and std:vector<bool> lacks .data()
    24. 

  24.     bool *pub_selected;
    25. 

  25. } storage_state;
    26. 

  26. 

  27. static bool storage_generateClientKeys(uint32_t num_clients,
    28. 

  28.         uint32_t my_stg_no) {
    29. 

  29. 

  30.     clients.resize(num_clients);
    31. 

  31. 

  32.     for(uint32_t i =0; i < num_clients; i++) {
    33. 

  33.         uint32_t mid = storage_state.my_storage_node_id + i;
    34. 

  34.         clients[i].my_id = mid;
    35. 

  35.         clients[i].priv_friends.resize(g_teems_config.m_priv_out);
    36. 

  36.         // Initialize this client's private channel friends as themself
    37. 

  37.         for(int j = 0; j < g_teems_config.m_priv_out; j++) {
    38. 

  38.             (clients[i].priv_friends)[j] = mid;
    39. 

  39.         }
    40. 

  40.     }
    41. 

  41. 

  42.     uint32_t num_stg_nodes = g_teems_config.num_storage_nodes;
    43. 

  43.     uint32_t c_simid = my_stg_no;
    44. 

  44. 

  45.     for (uint32_t i=0; i<num_clients; i++) {
    46. 

  46.         const sgx_aes_gcm_128bit_key_t *pESK = &(g_teems_config.ESK);
    47. 

  47.         unsigned char zeroes[SGX_AESGCM_KEY_SIZE];
    48. 

  48.         unsigned char iv[SGX_AESGCM_IV_SIZE];
    49. 

  49.         sgx_aes_gcm_128bit_tag_t tag;
    50. 

  50.         memset(zeroes, 0, SGX_AESGCM_KEY_SIZE);
    51. 

  51.         memset(iv, 0, SGX_AESGCM_IV_SIZE);
    52. 

  52. 

  53.         memcpy(iv, (uint8_t*) (&c_simid), sizeof(c_simid));
    54. 

  54.         memcpy(iv + sizeof(c_simid), "STG", sizeof("STG"));
    55. 

  55. 

  56.         sgx_status_t ret = SGX_SUCCESS;
    57. 

  57.         ret = sgx_rijndael128GCM_encrypt(pESK, zeroes, SGX_AESGCM_KEY_SIZE,
    58. 

  58.             (uint8_t*) (clients[i].key), iv, SGX_AESGCM_IV_SIZE,
    59. 

  59.             NULL, 0, &tag);
    60. 

  60.         if(ret!=SGX_SUCCESS) {
    61. 

  61.             printf("stg_generateClientKeys FAIL\n");
    62. 

  62.             return false;
    63. 

  63.         }
    64. 

  64. 

  65.         /*
    66. 

  66.         if(c_simid % 10 == 0) {
    67. 

  67.             printf("Storage: c_simid = %d, Key:", c_simid);
    68. 

  68.             for (int k = 0; k<SGX_AESGCM_KEY_SIZE; k++) {
    69. 

  69.                 printf("%x", (clients[i].key)[k]);
    70. 

  70.             }
    71. 

  71.             printf("\n");
    72. 

  72.         }
    73. 

  73.         */
    74. 

  74.         c_simid+=num_stg_nodes;
    75. 

  75.     }
    76. 

  76. 

  77.     return true;
    78. 

  78. }
    79. 

  79. 

  80. struct UserRange {
    81. 

  81.     uint32_t start, num;
    82. 

  82.     bool ret;
    83. 

  83. };
    84. 

  84. 

  85. static void* generate_all_tokens_launch(void *voidargs)
    86. 

  86. {
    87. 

  87.     UserRange *args = (UserRange *)voidargs;
    88. 

  88. 

  89.     uint32_t pt_tokens_size = (g_teems_config.m_priv_out * SGX_CMAC_MAC_SIZE);
    90. 

  90.     uint32_t enc_tokens_size = pt_tokens_size +
    91. 

  91.         SGX_AESGCM_IV_SIZE + SGX_AESGCM_MAC_SIZE;
    92. 

  92.     unsigned char token_body[pt_tokens_size];
    93. 

  93.     uint32_t user_start = args->start;
    94. 

  94.     uint32_t user_end = args->start + args->num;
    95. 

  95. 

  96.     const sgx_aes_gcm_128bit_key_t *pTSK = &(g_teems_config.TSK);
    97. 

  97.     for(uint32_t lcid=user_start; lcid < user_end; lcid++) {
    98. 

  98. 

  99.         unsigned char *tkn_iv_ptr = epoch_tokens + enc_tokens_size * lcid;
    100. 

  100.         unsigned char *tkn_ptr = tkn_iv_ptr + SGX_AESGCM_IV_SIZE;
    101. 

  101.         unsigned char *tkn_tag = tkn_ptr + pt_tokens_size;
    102. 

  102. 

  103.         // We construct the plaintext [S|R|Epoch] underlying the token in
    104. 

  104.         // the correct location for this client in the epoch_tokens buffer
    105. 

  105.         // The tokens ( i.e., CMAC over S|R|Epoch) is stored in token_body
    106. 

  106.         // Then encrypt token_body with the client's storage key and overwrite
    107. 

  107.         // the correct location in epoch_tokens
    108. 

  108. 

  109.         memset(token_body, 0, pt_tokens_size);
    110. 

  110.         memset(tkn_iv_ptr, 0, SGX_AESGCM_IV_SIZE);
    111. 

  111.         // IV = epoch_no, for encrypting the token bundle
    112. 

  112.         // epoch_no used is for the next epoch
    113. 

  113.         unsigned long epoch_val = storage_epoch + 1;
    114. 

  114.         memcpy(tkn_iv_ptr, &epoch_val, sizeof(epoch_val));
    115. 

  115. 

  116.         sgx_status_t ret = SGX_SUCCESS;
    117. 

  117.         unsigned char *ptr = tkn_ptr;
    118. 

  118.         unsigned char *tkn_body_ptr = token_body;
    119. 

  119.         for(int i = 0; i<g_teems_config.m_priv_out; i++)
    120. 

  120.         {
    121. 

  121.             memcpy(ptr, (&(clients[lcid].my_id)), sizeof(clientid_t));
    122. 

  122.             memcpy(ptr + sizeof(clientid_t),
    123. 

  123.                 (&(clients[lcid].priv_friends[i])), sizeof(clientid_t));
    124. 

  124.             memcpy(ptr + 2 * sizeof(clientid_t),
    125. 

  125.                 &epoch_val, sizeof(epoch_val));
    126. 

  126. 

  127.             ret = sgx_rijndael128_cmac_msg(pTSK, ptr, pt_tokens_size,
    128. 

  128.                 (sgx_cmac_128bit_tag_t*) tkn_body_ptr);
    129. 

  129.             if(ret!=SGX_SUCCESS) {
    130. 

  130.                 printf("generate_tokens: Creating token FAIL\n");
    131. 

  131.                 args->ret = false;
    132. 

  132.                 return NULL;
    133. 

  133.             }
    134. 

  134. 

  135.             ptr+=SGX_CMAC_MAC_SIZE;
    136. 

  136.             tkn_body_ptr+=SGX_CMAC_MAC_SIZE;
    137. 

  137.         }
    138. 

  138. 

  139. 

  140.         /*
    141. 

  141.         if(lcid == 0) {
    142. 

  142.             printf("Checking generated token_body:");
    143. 

  143.             for(uint32_t i = 0; i < pt_tokens_size; i++) {
    144. 

  144.                 printf("%x", token_body[i]);
    145. 

  145.             }
    146. 

  146.             printf("\n");
    147. 

  147.         }
    148. 

  148.         */
    149. 

  149. 

  150.         unsigned char *cl_iv = clients[lcid].iv;
    151. 

  151.         ret = (sgx_rijndael128GCM_encrypt(&(clients[lcid].key),
    152. 

  152.             token_body, pt_tokens_size,
    153. 

  153.             (uint8_t*) tkn_ptr, cl_iv, SGX_AESGCM_IV_SIZE, NULL, 0,
    154. 

  154.             (sgx_aes_gcm_128bit_tag_t*) tkn_tag));
    155. 

  155.         if(ret!=SGX_SUCCESS) {
    156. 

  156.             printf("generate_tokens: Encrypting token FAIL\n");
    157. 

  157.             args->ret = false;
    158. 

  158.             return NULL;
    159. 

  159.         }
    160. 

  160.         memcpy(tkn_iv_ptr, cl_iv, SGX_AESGCM_IV_SIZE);
    161. 

  161.         // Update IV
    162. 

  162.         uint64_t *iv_ctr = (uint64_t*) cl_iv;
    163. 

  163.         (*iv_ctr)+=1;
    164. 

  164. 

  165.         /*
    166. 

  166.         if(lcid == 0) {
    167. 

  167.             printf("Encrypted client token bundle:");
    168. 

  168.             for(uint32_t i = 0; i < enc_tokens_size; i++) {
    169. 

  169.                 printf("%x", tkn_iv_ptr[i]);
    170. 

  170.             }
    171. 

  171.             printf("\n");
    172. 

  172.         }
    173. 

  173.         */
    174. 

  174.     }
    175. 

  175. 

  176.     args->ret = true;
    177. 

  177.     return NULL;
    178. 

  178. }
    179. 

  179. 

  180. static bool launch_all_users(void *(*launch)(void *)) {
    181. 

  181.     threadid_t nthreads = g_teems_config.nthreads;
    182. 

  182. 

  183.     // Special-case nthread=1 for efficiency
    184. 

  184.     if (nthreads <= 1) {
    185. 

  185.         UserRange args = { 0, storage_state.max_users, false };
    186. 

  186.         return launch(&args);
    187. 

  187.     }
    188. 

  188.     UserRange args[nthreads];
    189. 

  189.     uint32_t inc = storage_state.max_users / nthreads;
    190. 

  190.     uint32_t extra = storage_state.max_users % nthreads;
    191. 

  191.     uint32_t last = 0;
    192. 

  192.     for (threadid_t i=0; i<nthreads; ++i) {
    193. 

  193.         uint32_t num = inc + (i < extra);
    194. 

  194.         args[i] = { last, num, false };
    195. 

  195.         last += num;
    196. 

  196.     }
    197. 

  197. 

  198.     // Launch all but the first section into other threads
    199. 

  199.     for (threadid_t i=1; i<nthreads; ++i) {
    200. 

  200.         threadpool_dispatch(g_thread_id+i, launch, args+i);
    201. 

  201.     }
    202. 

  202. 

  203.     // Do the first section ourselves
    204. 

  204.     launch(args);
    205. 

  205. 

  206.     // Join the threads
    207. 

  207.     for (threadid_t i=1; i<nthreads; ++i) {
    208. 

  208.         threadpool_join(g_thread_id+i, NULL);
    209. 

  209.     }
    210. 

  210. 

  211.     bool ret = true;
    212. 

  212.     for (threadid_t i=0; i<nthreads; ++i) {
    213. 

  213.         ret &= args[i].ret;
    214. 

  214.     }
    215. 

  215.     return ret;
    216. 

  216. }
    217. 

  217. 

  218. bool generate_all_tokens() {
    219. 

  219.     return launch_all_users(generate_all_tokens_launch);
    220. 

  220. }
    221. 

  221. 

  222. // Obliviously sanitize the given message by setting everything to 0
    223. 

  223. // except the sender and receiver id, which are set to 0xffffffff,
    224. 

  224. // if it is a padding message (the low DEST_UID_BITS of the receiver id
    225. 

  225. // are all 1).  The function is oblivious as to whether the message is a
    226. 

  226. // padding message.  msg_size must be a multiple of 16.
    227. 

  227. // sender_id_offset should be set to 4 for private routine, or 8 for
    228. 

  228. // public routing.
    229. 

  229. static inline void padding_sanitize_msg(unsigned char *msg,
    230. 

  230.     size_t msg_size, size_t sender_id_offset)
    231. 

  231. {
    232. 

  232.     static const uint32_t uid_mask = (1<<DEST_UID_BITS)-1;
    233. 

  233. 

  234.     // The first 4 bytes of the message are the receiver id
    235. 

  235.     uint32_t receiver_id = *(uint32_t*)msg;
    236. 

  236. 

  237.     // The message is padding if receiver_id & uid_mask == uid_mask, or
    238. 

  238.     // equivalently, (~receiver_id) & uid_mask == 0.
    239. 

  239. 

  240.     // So !((~receiver_id) & uid_mask) is 1 if this is a padding
    241. 

  241.     // message, and 0 if not.  Then (!((~receiver_id) & uid_mask))-1 is
    242. 

  242.     // 0 if this is a padding message, and -1 (0xffffffffffffffff) if
    243. 

  243.     // not.  ANDing this mask with the body will do what we want: keep
    244. 

  244.     // it unchanged if this is not padding, and set it to 0 if it is
    245. 

  245.     // padding
    246. 

  246.     uint64_t content_mask = (!((~receiver_id) & uid_mask))-1;
    247. 

  247. 

  248.     // Mask the first 16 bytes, which includes the 8 or 12 byte header
    249. 

  249.     // (depending on private or public routing).  The first 4 bytes are
    250. 

  250.     // the destination id; set those to 0xffffffff if this is a padding
    251. 

  251.     // message.  Set the rest of the first 16 bytes to 0 if this is a
    252. 

  252.     // padding message (all obliviously).
    253. 

  253.     *(uint32_t*)(msg) |= uint32_t(~content_mask);
    254. 

  254.     *(uint32_t*)(msg+4) &= uint32_t(content_mask);
    255. 

  255.     *(uint64_t*)(msg+8) &= content_mask;
    256. 

  256. 

  257.     // Set the sender id to 0xffffffff if this is a padding message
    258. 

  258.     *(uint32_t*)(msg+sender_id_offset) |= uint32_t(~content_mask);
    259. 

  259. 

  260.     // Set the rest of the message to 0 if this is a padding message
    261. 

  261.     unsigned char *msgend = msg + msg_size;
    262. 

  262.     for (msg = msg+16; msg<msgend; msg += 16) {
    263. 

  263.         *(uint64_t*)(msg) &= content_mask;
    264. 

  264.         *(uint64_t*)(msg+8) &= content_mask;
    265. 

  265.     }
    266. 

  266. }
    267. 

  267. 

  268. /* processMsgs
    269. 

  269.    - Take all the messages in storage_state.stg_buf
    270. 

  270.    - Encrypt them all with their corresponding client key and IV and store into
    271. 

  271.       epoch_mailboxes
    272. 

  272. */
    273. 

  273. static void *processMsgs_launch(void *voidargs) {
    274. 

  274.     UserRange *args = (UserRange *)voidargs;
    275. 

  275.     uint32_t user_start = args->start;
    276. 

  276.     uint32_t user_end = args->start + args->num;
    277. 

  277.     uint32_t msg_size = g_teems_config.msg_size;
    278. 

  278. 

  279.     uint32_t mailbox_size;
    280. 

  280.     size_t sender_id_offset;
    281. 

  281.     if (g_teems_config.private_routing) {
    282. 

  282.         mailbox_size = g_teems_config.m_priv_in * msg_size;
    283. 

  283.         sender_id_offset = 4;
    284. 

  284.     } else {
    285. 

  285.         mailbox_size = g_teems_config.m_pub_in * msg_size;
    286. 

  286.         sender_id_offset = 8;
    287. 

  287.     }
    288. 

  288. 

  289.     uint32_t enc_mailbox_size = mailbox_size + SGX_AESGCM_IV_SIZE +
    290. 

  290.         SGX_AESGCM_MAC_SIZE;
    291. 

  291.     unsigned char *epoch_buf_ptr = epoch_mailboxes +
    292. 

  292.         enc_mailbox_size * user_start;
    293. 

  293.     unsigned char *stg_buf_ptr = storage_state.stg_buf.buf +
    294. 

  294.         mailbox_size * user_start;
    295. 

  295.     sgx_status_t ret = SGX_SUCCESS;
    296. 

  296.     unsigned char *epoch_buf_ct_ptr = epoch_buf_ptr + SGX_AESGCM_IV_SIZE;
    297. 

  297.     unsigned char *epoch_buf_tag_ptr = epoch_buf_ct_ptr + mailbox_size;
    298. 

  298. 

  299.     for(uint32_t lcid = user_start; lcid < user_end; lcid++) {
    300. 

  300.         memcpy(epoch_buf_ptr, clients[lcid].iv, SGX_AESGCM_IV_SIZE);
    301. 

  301.         unsigned char *stg_buf_end = stg_buf_ptr + mailbox_size;
    302. 

  302.         for (unsigned char *msg = stg_buf_ptr; msg < stg_buf_end;
    303. 

  303.                 msg += msg_size) {
    304. 

  304.             padding_sanitize_msg(msg, msg_size, sender_id_offset);
    305. 

  305.         }
    306. 

  306.         ret = sgx_rijndael128GCM_encrypt(&(clients[lcid].key), stg_buf_ptr,
    307. 

  307.             mailbox_size, (uint8_t*) epoch_buf_ct_ptr, epoch_buf_ptr,
    308. 

  308.             SGX_AESGCM_IV_SIZE, NULL, 0,
    309. 

  309.             (sgx_aes_gcm_128bit_tag_t*) epoch_buf_tag_ptr);
    310. 

  310.         if(ret!=SGX_SUCCESS) {
    311. 

  311.             printf("processMsgs: Encrypting msgs FAIL\n");
    312. 

  312.             args->ret = false;
    313. 

  313.             return NULL;
    314. 

  314.         }
    315. 

  315. 

  316.         // Update IV
    317. 

  317.         uint64_t *iv_ctr = (uint64_t*) clients[lcid].iv;
    318. 

  318.         (*iv_ctr)+=1;
    319. 

  319. 

  320.         /*
    321. 

  321.         if(lcid==0) {
    322. 

  322.             printf("\n\nMessage for lcid 0, S, R = %d, %d\n\n\n",
    323. 

  323.                 *((uint32_t*) stg_buf_ptr),
    324. 

  324.                 *((uint32_t*) (stg_buf_ptr + 4)));
    325. 

  325.         }
    326. 

  326.         */
    327. 

  327. 

  328.         stg_buf_ptr+=mailbox_size;
    329. 

  329.         epoch_buf_ptr+=enc_mailbox_size;
    330. 

  330.         epoch_buf_ct_ptr+=enc_mailbox_size;
    331. 

  331.         epoch_buf_tag_ptr+=enc_mailbox_size;
    332. 

  332.     }
    333. 

  333. 

  334.     args->ret = true;
    335. 

  335.     return NULL;
    336. 

  336. }
    337. 

  337. 

  338. bool processMsgs() {
    339. 

  339.     return launch_all_users(processMsgs_launch);
    340. 

  340. }
    341. 

  341. 

  342. // route_init will call this function; no one else should call it
    343. 

  343. // explicitly.  The parameter is the number of messages that can fit in
    344. 

  344. // the storage-side MsgBuffer.  Returns true on success, false on
    345. 

  345. // failure.
    346. 

  346. bool storage_init(uint32_t max_users, uint32_t msg_buf_size)
    347. 

  347. {
    348. 

  348.     storage_state.max_users = max_users;
    349. 

  349.     storage_state.stg_buf.alloc(msg_buf_size);
    350. 

  350.     storage_state.dest.resize(msg_buf_size);
    351. 

  351.     storage_state.pub_selected = new bool[msg_buf_size];
    352. 

  352.     uint32_t my_storage_node_id = 0;
    353. 

  353.     uint32_t my_stg_pos = 0;
    354. 

  354.     for (nodenum_t i=0; i<g_teems_config.num_nodes; ++i) {
    355. 

  355.         if (g_teems_config.roles[i] & ROLE_STORAGE) {
    356. 

  356.             if (i == g_teems_config.my_node_num) {
    357. 

  357.                 storage_state.my_storage_node_id =
    358. 

  358.                     my_storage_node_id << DEST_UID_BITS;
    359. 

  359.                 my_stg_pos = my_storage_node_id;
    360. 

  360.             } else {
    361. 

  361.                 ++my_storage_node_id;
    362. 

  362.             }
    363. 

  363.         }
    364. 

  364.     }
    365. 

  365. 

  366.     storage_generateClientKeys(max_users, my_stg_pos);
    367. 

  367. 

  368.     return true;
    369. 

  369. }
    370. 

  370. 

  371. void storage_close() {
    372. 

  372.     delete[] storage_state.pub_selected;
    373. 

  373. }
    374. 

  374. 

  375. // Handle the messages received by a storage node.  Pass a _locked_
    376. 

  376. // MsgBuffer.  This function will itself reset and unlock it when it's
    377. 

  377. // done with it.
    378. 

  378. void storage_received(MsgBuffer &storage_buf)
    379. 

  379. {
    380. 

  380.     uint16_t msg_size = g_teems_config.msg_size;
    381. 

  381.     nodenum_t my_node_num = g_teems_config.my_node_num;
    382. 

  382.     const uint8_t *msgs = storage_buf.buf;
    383. 

  383.     uint32_t num_msgs = storage_buf.inserted;
    384. 

  384.     uint32_t real = 0, padding = 0;
    385. 

  385.     uint32_t uid_mask = (1 << DEST_UID_BITS) - 1;
    386. 

  386.     uint32_t nid_mask = ~uid_mask;
    387. 

  387. 

  388. #ifdef PROFILE_STORAGE
    389. 

  389.     unsigned long start_received =
    390. 

  390.         printf_with_rtclock("begin storage_received (%u)\n",
    391. 

  391.             storage_buf.inserted);
    392. 

  392. #endif
    393. 

  393. 

  394.     // It's OK to test for errors in a way that's non-oblivous if
    395. 

  395.     // there's an error (but it should be oblivious if there are no
    396. 

  396.     // errors)
    397. 

  397.     for (uint32_t i=0; i<num_msgs; ++i) {
    398. 

  398.         uint32_t uid = *(const uint32_t*)(storage_buf.buf+(i*msg_size));
    399. 

  399.         bool ok = ((((uid & nid_mask) == storage_state.my_storage_node_id)
    400. 

  400.             & ((uid & uid_mask) < storage_state.max_users))
    401. 

  401.             | ((uid & uid_mask) == uid_mask));
    402. 

  402.         if (!ok) {
    403. 

  403.             printf("Received bad uid: %08x\n", uid);
    404. 

  404.             assert(ok);
    405. 

  405.         }
    406. 

  406.     }
    407. 

  407. 

  408.     // Testing: report how many real and dummy messages arrived
    409. 

  409.     printf("Storage server received %u messages:\n", num_msgs);
    410. 

  410.     for (uint32_t i=0; i<num_msgs; ++i) {
    411. 

  411.         uint32_t dest_addr = *(const uint32_t*)msgs;
    412. 

  412.         nodenum_t dest_node =
    413. 

  413.             g_teems_config.storage_map[dest_addr >> DEST_UID_BITS];
    414. 

  414.         if (dest_node != my_node_num) {
    415. 

  415.             char hexbuf[2*msg_size + 1];
    416. 

  416.             for (uint32_t j=0;j<msg_size;++j) {
    417. 

  417.                 snprintf(hexbuf+2*j, 3, "%02x", msgs[j]);
    418. 

  418.             }
    419. 

  419.             printf("Misrouted message: %s\n", hexbuf);
    420. 

  420.         } else if ((dest_addr & uid_mask) == uid_mask) {
    421. 

  421.             ++padding;
    422. 

  422.         } else {
    423. 

  423.             ++real;
    424. 

  424.         }
    425. 

  425.         msgs += msg_size;
    426. 

  426.     }
    427. 

  427.     printf("%u real, %u padding\n", real, padding);
    428. 

  428. 

  429.     /*
    430. 

  430.     for (uint32_t i=0;i<num_msgs; ++i) {
    431. 

  431.         printf("%3d: %08x %08x\n", i,
    432. 

  432.         *(uint32_t*)(storage_buf.buf+(i*msg_size)),
    433. 

  433.         *(uint32_t*)(storage_buf.buf+(i*msg_size+4)));
    434. 

  434.     }
    435. 

  435.     */
    436. 

  436.     // Sort the received messages by userid into the
    437. 

  437.     // storage_state.stg_buf MsgBuffer.
    438. 

  438. #ifdef PROFILE_STORAGE
    439. 

  439.     unsigned long start_sort =
    440. 

  440.         printf_with_rtclock("begin oblivious sort (%u)\n",
    441. 

  441.             storage_buf.inserted);
    442. 

  442. #endif
    443. 

  443.     sort_mtobliv<UidKey>(g_teems_config.nthreads, storage_buf.buf,
    444. 

  444.         msg_size, storage_buf.inserted, storage_buf.bufsize,
    445. 

  445.         storage_state.stg_buf.buf);
    446. 

  446. #ifdef PROFILE_STORAGE
    447. 

  447.     printf_with_rtclock_diff(start_sort, "end oblivious sort (%u)\n",
    448. 

  448.         storage_buf.inserted);
    449. 

  449. #endif
    450. 

  450. 

  451.     // For public routing, remove excess per-user messages by making them
    452. 

  452.     // padding, and then compact non-padding messages.
    453. 

  453.     if (!g_teems_config.private_routing) {
    454. 

  454.         uint8_t *msg = storage_state.stg_buf.buf;
    455. 

  455.         uint32_t uid;
    456. 

  456.         uint32_t prev_uid = uid_mask; // initialization technically unnecessary
    457. 

  457.         uint32_t num_user_msgs = 0; // number of messages to the user
    458. 

  458.         uint8_t sel;
    459. 

  459.         for (uint32_t i=0; i<num_msgs; ++i) {
    460. 

  460.             uid = (*(uint32_t*) msg) & uid_mask;
    461. 

  461.             num_user_msgs = oselect_uint32_t(1, num_user_msgs+1,
    462. 

  462.                 uid == prev_uid);
    463. 

  463.             // Select if messages per user not exceeded and msg is not padding
    464. 

  464.             sel = ((uint8_t) ((num_user_msgs <= g_teems_config.m_pub_in))) &
    465. 

  465.                 ((uint8_t) uid != uid_mask);
    466. 

  466.             storage_state.pub_selected[i] = (bool) sel;
    467. 

  467.             // Make padding if not selected
    468. 

  468.             *(uint32_t *) msg = (*(uint32_t *) msg) & nid_mask;
    469. 

  469.             *(uint32_t *) msg += oselect_uint32_t(uid_mask, uid, sel);
    470. 

  470.             msg += msg_size;
    471. 

  471.             prev_uid = uid;
    472. 

  472.         }
    473. 

  473.         #ifdef PROFILE_STORAGE
    474. 

  474.             unsigned long start_compaction =
    475. 

  475.                 printf_with_rtclock("begin public-channel compaction (%u)\n",
    476. 

  476.                 num_msgs);
    477. 

  477.         #endif
    478. 

  478.         TightCompact_parallel<OSWAP_16X>(
    479. 

  479.             (unsigned char *) storage_state.stg_buf.buf,
    480. 

  480.             num_msgs, msg_size, storage_state.pub_selected,
    481. 

  481.             g_teems_config.nthreads);
    482. 

  482.         #ifdef PROFILE_STORAGE
    483. 

  483.             printf_with_rtclock_diff(start_compaction,
    484. 

  484.                 "end public-channel compaction (%u)\n", num_msgs);
    485. 

  485.         #endif
    486. 

  486.     }
    487. 

  487. 

  488.     /*
    489. 

  489.     for (uint32_t i=0;i<num_msgs; ++i) {
    490. 

  490.         printf("%3d: %08x %08x\n", i,
    491. 

  491.         *(uint32_t*)(storage_state.stg_buf.buf+(i*msg_size)),
    492. 

  492.         *(uint32_t*)(storage_state.stg_buf.buf+(i*msg_size+4)));
    493. 

  493.     }
    494. 

  494.     */
    495. 

  495. 

  496. #ifdef PROFILE_STORAGE
    497. 

  497.     unsigned long start_dest =
    498. 

  498.         printf_with_rtclock("begin setting dests (%u)\n",
    499. 

  499.             storage_state.stg_buf.bufsize);
    500. 

  500. #endif
    501. 

  501.     // Obliviously set the dest array
    502. 

  502.     uint32_t *dests = storage_state.dest.data();
    503. 

  503.     uint32_t stg_size = storage_state.stg_buf.bufsize;
    504. 

  504.     uint8_t *buf = storage_state.stg_buf.buf;
    505. 

  505.     uint32_t m_in = g_teems_config.private_routing ?
    506. 

  506.         g_teems_config.m_priv_in : g_teems_config.m_pub_in;
    507. 

  507. 

  508.     uint32_t uid = *(uint32_t*)(buf);
    509. 

  509.     uid &= uid_mask;
    510. 

  510.     // num_msgs is not a private value
    511. 

  511.     if (num_msgs > 0) {
    512. 

  512.         dests[0] = oselect_uint32_t(uid * m_in, 0xffffffff,
    513. 

  513.             uid == uid_mask);
    514. 

  514.     }
    515. 

  515.     uint32_t prev_uid = uid;
    516. 

  516.     for (uint32_t i=1; i<num_msgs; ++i) {
    517. 

  517.         uid = *(uint32_t*)(buf + i*msg_size);
    518. 

  518.         uid &= uid_mask;
    519. 

  519.         uint32_t next = oselect_uint32_t(uid * m_in, dests[i-1]+1,
    520. 

  520.             uid == prev_uid);
    521. 

  521.         dests[i] = oselect_uint32_t(next, 0xffffffff, uid == uid_mask);
    522. 

  522.         prev_uid = uid;
    523. 

  523.     }
    524. 

  524.     for (uint32_t i=num_msgs; i<stg_size; ++i) {
    525. 

  525.         dests[i] = 0xffffffff;
    526. 

  526.         *(uint32_t*)(buf + i*msg_size) = 0xffffffff;
    527. 

  527.     }
    528. 

  528. #ifdef PROFILE_STORAGE
    529. 

  529.     printf_with_rtclock_diff(start_dest, "end setting dests (%u)\n", stg_size);
    530. 

  530. #endif
    531. 

  531.     /*
    532. 

  532.     for (uint32_t i=0;i<stg_size; ++i) {
    533. 

  533.         printf("%3d: %08x %08x %08x %08x %u\n", i,
    534. 

  534.         *(uint32_t*)(storage_state.stg_buf.buf+(i*msg_size)),
    535. 

  535.         *(uint32_t*)(storage_state.stg_buf.buf+(i*msg_size+4)),
    536. 

  536.         *(uint32_t*)(storage_state.stg_buf.buf+(i*msg_size+8)),
    537. 

  537.         *(uint32_t*)(storage_state.stg_buf.buf+(i*msg_size+12)),
    538. 

  538.         dests[i]);
    539. 

  539.     }
    540. 

  540.     */
    541. 

  541. 

  542. #ifdef PROFILE_STORAGE
    543. 

  543.     unsigned long start_expand =
    544. 

  544.         printf_with_rtclock("begin ORExpand (%u)\n", stg_size);
    545. 

  545. #endif
    546. 

  546.     ORExpand_parallel<OSWAP_16X>(storage_state.stg_buf.buf, dests,
    547. 

  547.         msg_size, stg_size, g_teems_config.nthreads);
    548. 

  548. #ifdef PROFILE_STORAGE
    549. 

  549.     printf_with_rtclock_diff(start_expand, "end ORExpand (%u)\n", stg_size);
    550. 

  550. #endif
    551. 

  551.     /*
    552. 

  552.     for (uint32_t i=0;i<stg_size; ++i) {
    553. 

  553.         printf("%3d: %08x %08x %08x %08x %u\n", i,
    554. 

  554.         *(uint32_t*)(storage_state.stg_buf.buf+(i*msg_size)),
    555. 

  555.         *(uint32_t*)(storage_state.stg_buf.buf+(i*msg_size+4)),
    556. 

  556.         *(uint32_t*)(storage_state.stg_buf.buf+(i*msg_size+8)),
    557. 

  557.         *(uint32_t*)(storage_state.stg_buf.buf+(i*msg_size+12)),
    558. 

  558.         dests[i]);
    559. 

  559.     }
    560. 

  560.     */
    561. 

  561. 

  562.     // You can do more processing after these lines, as long as they
    563. 

  563.     // don't touch storage_buf.  They _can_ touch the backing buffer
    564. 

  564.     // storage_state.stg_buf.
    565. 

  565.     storage_buf.reset();
    566. 

  566.     pthread_mutex_unlock(&storage_buf.mutex);
    567. 

  567. 

  568.     if (g_teems_config.private_routing) {
    569. 

  569.         generate_all_tokens();
    570. 

  570.     }
    571. 

  571. 

  572.     processMsgs();
    573. 

  573. 

  574.     storage_epoch++;
    575. 

  575. 

  576.     storage_state.stg_buf.reset();
    577. 

  577. 

  578. #ifdef PROFILE_STORAGE
    579. 

  579.     printf_with_rtclock_diff(start_received,
    580. 

  580.         "end storage_received (%u)\n", storage_buf.inserted);
    581. 

  581. #endif
    582. 

  582. }
    583. 

  583. 

  584. bool ecall_storage_authenticate(clientid_t cid, unsigned char *auth_message)
    585. 

  585. {
    586. 

  586.     bool ret = false;
    587. 

  587.     uint32_t lcid = cid / g_teems_config.num_storage_nodes;
    588. 

  588.     const sgx_aes_gcm_128bit_key_t *ckey = &(clients[lcid].key);
    589. 

  589. 

  590.     ret = authenticateClient(auth_message, ckey);
    591. 

  591. 

  592.     if(!ret) {
    593. 

  593.         printf("Storage authentication FAIL\n");
    594. 

  594.     }
    595. 

  595. 

  596.     return ret;
    597. 

  597. }
    598. 

  598. 

  599. 

  600. void ecall_supply_storage_buffers(unsigned char *mailboxes,
    601. 

  601.     uint32_t mailboxes_size, unsigned char *tokens, uint32_t tokens_size)
    602. 

  602. {
    603. 

  603.     epoch_mailboxes = mailboxes;
    604. 

  604.     epoch_tokens = tokens;
    605. 

  605. }
    606.