miti
/
Apache_PHP_extension


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114
							#include "sgx_eid.h"
#define __STDC_FORMAT_MACROS
#include <inttypes.h>
#include "ProtobufLAMessages.pb.h"
#include <stdio.h>
#include <sys/mman.h>
#include "sgx_trts.h"
#include "sgx_utils.h"
#include "error_codes.h"
#include "sgx_ecp_types.h"
#include "sgx_thread.h"
#include <map>
#include "sgx_dh.h"
#include "dh_session_protocol.h"
#include "sgx_tcrypto.h"
#include "datatypes.h"
#include "SgxProtobufLAInitiator_Transforms.h"
#define MAX_SESSION_COUNT  16
#define SGX_CAST(type, item) ((type)(item))
#include <string.h>
#include "crypto.h"
#include "stdio.h"
#include <errno.h>
#include <atomic>
#include <sys/types.h>
#include <unistd.h>

dh_session_t global_session_info;
sgx_dh_session_t sgx_dh_session;
uint8_t key[16];

uint32_t process_protobuf_dh_msg1_generate_protobuf_dh_msg2(protobuf_sgx_dh_msg1_t& protobuf_msg1, protobuf_sgx_dh_msg2_t& protobuf_msg2, uint32_t* session_id)
{
  sgx_dh_msg1_t dh_msg1;            //Diffie-Hellman Message 1
  sgx_dh_msg2_t dh_msg2;
  memset(&dh_msg1, 0, sizeof(sgx_dh_msg1_t));
  uint32_t ret_status;

  if(decode_msg1_from_protobuf(protobuf_msg1, &dh_msg1)!=0)
    return -1;

  //Intialize the session as a session initiator
  ret_status = sgx_dh_init_session(SGX_DH_SESSION_INITIATOR, &sgx_dh_session);
  if(ret_status != SGX_SUCCESS)
    return ret_status;

  //Process the message 1 obtained from desination enclave and generate message 2
  ret_status = sgx_dh_initiator_proc_msg1(&dh_msg1, &dh_msg2, &sgx_dh_session);
  if(SGX_SUCCESS != ret_status)
    return ret_status;

  encode_msg2_to_protobuf(protobuf_msg2, &dh_msg2);
  return 0;
}

uint32_t process_protobuf_dh_msg3(protobuf_sgx_dh_msg3_t& protobuf_msg3, uint32_t* session_id) {

  uint32_t ret_status;
  sgx_dh_msg3_t dh_msg3;
  sgx_key_128bit_t dh_aek;        // Session Key
  sgx_dh_session_enclave_identity_t responder_identity;

  memset(&dh_aek,0, sizeof(sgx_key_128bit_t));

  if(decode_msg3_from_protobuf(protobuf_msg3, &dh_msg3)!=0)
    return -1;

  //Process Message 3 obtained from the destination enclave
  ret_status = sgx_dh_initiator_proc_msg3(&dh_msg3, &sgx_dh_session, &dh_aek, &responder_identity);
  if(SGX_SUCCESS != ret_status)
    return ret_status;

  //No verification checks here: no security guarantees obtained from any such checks
  memcpy(key, &dh_aek, sizeof(sgx_key_128bit_t));
  //memcpy(global_session_info.active.AEK, &dh_aek, sizeof(sgx_key_128bit_t));
  global_session_info.session_id = 1; // TODO: session_id;
  global_session_info.active.counter = 0;
  global_session_info.status = ACTIVE;
  memset(&dh_aek,0, sizeof(sgx_key_128bit_t));

  return 0;
}

 uint32_t aes_gcm_wrapper(int enc, uint8_t* plaintext, uint32_t plaintext_length, uint8_t* ciphertext, uint32_t* ciphertext_length)
  {
    uint32_t actual_plaintext_length=plaintext_length; 
    uint8_t tag[16];uint32_t counter, return_status;
	uint8_t iv[12]; 
    if(enc == 0)
	{
                for(counter=0;counter<16;counter++)
                        tag[counter]=plaintext[counter+plaintext_length-16]; 
		for(counter=0;counter<12;counter++)
			iv[counter]=plaintext[counter+plaintext_length-28]; 
		actual_plaintext_length-=28; 
	}
	else
	{
		return_status=sgx_read_rand(iv, 12); 
		if(return_status != 0)
			return return_status;
	}
    return_status = aes_gcm_128(enc, key, iv, plaintext, actual_plaintext_length, ciphertext, ciphertext_length, tag);
	if(enc == 1 && return_status == 0)
	{
                for(counter=0;counter<12;counter++)
                        ciphertext[counter + *ciphertext_length] = iv[counter];
		for(counter=0;counter<16;counter++)
			ciphertext[counter + 12 + *ciphertext_length] = tag[counter];
		*ciphertext_length=*ciphertext_length + 28;
	}
    return return_status;
  }