#include #include #include #include #include #include #include #include #include #include #include "crypto.h" #include "ProtobufLAInitiator.h" using namespace std; // #include // based off the example functionreturnvalue.cpp in PHP-CPP /** * Namespace to use */ //using namespace std; #define DECRYPTOR_PORT 3825 int local_attestation_successful=0; int __ImageBase=0; class Mitigator : public Php::Base { private: static std::string mitigator_pubkey_header_value; static std::string mitigator_pubkey_header; static int time_file_fd; public: Mitigator() = default; virtual ~Mitigator() = default; static void local_attestation_initiator_wrapper() { setbuf(stdout,NULL); uint32_t return_sgx, base64_encoded_token_H_length; unsigned char* base64_encoded_mitigator_header_and_value; base64_encoded_mitigator_header_and_value = (unsigned char*) malloc( 400 ); // unsigned char base64_encoded_mitigator_header[229] ; //216=(ceil(160/3) * 4) + 1 (for null character) + 21 for "Mitigator-Public-Key" memcpy(base64_encoded_mitigator_header_and_value, mitigator_pubkey_header.c_str(), mitigator_pubkey_header.length()); return_sgx = local_attestation_initiator(DECRYPTOR_PORT); if(return_sgx != 0) { if(return_sgx== 0xFFFFFFFF) { perror("\nCould not set up the socket: had the following error: "); fflush(stderr); } else { printf("\nHad the following error in SGX local attestation: 0x%x", return_sgx); fflush(stdout); } } else { printf("\nSuccessful LA with port %d.\n", DECRYPTOR_PORT); fflush(stdout); return_sgx= post_local_attestation_get_mitigator_header(base64_encoded_mitigator_header_and_value + mitigator_pubkey_header.length(), &base64_encoded_token_H_length); if(return_sgx != 0) { printf("\nHad the following error in SGX POST local attestation: 0x%x", return_sgx); fflush(stdout); } mitigator_pubkey_header_value=std::string((char*)base64_encoded_mitigator_header_and_value,mitigator_pubkey_header.length()+base64_encoded_token_H_length); } free(base64_encoded_mitigator_header_and_value); time_file_fd=open("target_time.txt", O_APPEND | O_WRONLY); } static Php::Value get_mitigator_header() { return mitigator_pubkey_header_value; } static Php::Value php_decrypt_wrapper(Php::Parameters ¶ms ) { struct timeval tv1, tv2; char time_buf[60] = {0}; size_t bytes_written; unsigned long int new_time, old_time; gettimeofday(&tv1, NULL); unsigned char* plaintext_user_data, * base64_client_ciphertext, *base64_client_public_key, *client_data; uint32_t plaintext_length, base64_client_ciphertext_length, base64_client_public_key_length, client_data_length, ret_status; std::string plaintext_user_data_str; base64_client_ciphertext = (unsigned char*) static_cast(params[1]); base64_client_public_key = (unsigned char*) static_cast(params[0]); base64_client_ciphertext_length = params[1].size(); base64_client_public_key_length = params[0].size(); plaintext_user_data = (unsigned char*) malloc( base64_client_ciphertext_length ); plaintext_length = base64_client_ciphertext_length; memcpy(plaintext_user_data, base64_client_ciphertext, base64_client_ciphertext_length); plaintext_user_data_str = std::string((char*) plaintext_user_data, base64_client_ciphertext_length); client_data = (unsigned char*) malloc(base64_client_ciphertext_length + base64_client_public_key_length); ret_status = base64_decoding_wrapper(client_data, base64_client_public_key, base64_client_public_key_length); if(ret_status<=0) { printf("Could not do base64 decoding correctly.\n"); fflush(stdout); free(plaintext_user_data); free(client_data); return plaintext_user_data_str; } client_data_length = ret_status; ret_status = base64_decoding_wrapper(client_data + client_data_length, base64_client_ciphertext, base64_client_ciphertext_length); if(ret_status<=0) { printf("Could not do base64 decoding correctly.\n"); fflush(stdout); free(plaintext_user_data); free(client_data); return plaintext_user_data_str; } client_data_length += ret_status; ret_status=decrypt_client_data_through_decryptor(client_data, client_data_length, (unsigned char*) plaintext_user_data, &plaintext_length); if(ret_status != 0) { printf("Received error code when trying to decrypt data thru decryptor: 0x%02x\n", ret_status); fflush(stdout); free(client_data); free(plaintext_user_data); return plaintext_user_data_str; } plaintext_user_data_str = std::string((char*) plaintext_user_data, plaintext_length); free(plaintext_user_data); free(client_data); gettimeofday(&tv2, NULL); new_time=tv2.tv_usec + tv2.tv_sec * 1000000; old_time=tv1.tv_usec + tv1.tv_sec * 1000000; bytes_written=sprintf(time_buf, "%lu %lu\n", old_time, new_time); write(time_file_fd, time_buf, bytes_written); return plaintext_user_data_str; } }; std::string Mitigator::mitigator_pubkey_header_value=std::string("!"); std::string Mitigator::mitigator_pubkey_header=std::string("Mitigator-Public-Key:"); int Mitigator::time_file_fd=0; extern "C" { // export the "get_module" function that will be called by the Zend engine PHPCPP_EXPORT void *get_module() { // create extension static Php::Extension extension("decryptor_la_setup_and_decryption","1.0"); Php::Class mitigator("Mitigator"); mitigator.method<&Mitigator::get_mitigator_header>("get_mitigator_header"); mitigator.method<&Mitigator::local_attestation_initiator_wrapper>("local_attestation_initiator_wrapper"); mitigator.method<&Mitigator::php_decrypt_wrapper>("php_decrypt_wrapper", { Php::ByVal("string", Php::Type::String), Php::ByVal("string", Php::Type::String) } ); extension.onStartup(&Mitigator::local_attestation_initiator_wrapper); // return the extension module extension.add(mitigator); return extension.module(); } }