miti
/
Apache_PHP_extension


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168
							#include <phpcpp.h>
#include <string.h>
#include <string>
#include <unistd.h>
#include <errno.h>
#include<sys/time.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <stdio.h>
#include "crypto.h"
#include "ProtobufLAInitiator.h"
using namespace std;


// #include <unistd.h>
// based off the example functionreturnvalue.cpp in PHP-CPP

/**
 *  Namespace to use
 */
//using namespace std;

#define DECRYPTOR_PORT 3825
int local_attestation_successful=0;
int __ImageBase=0;

class Mitigator : public Php::Base
{
	private:
		static std::string mitigator_pubkey_header_value;
		static std::string mitigator_pubkey_header;
		static int time_file_fd;
	public:
		Mitigator() = default;
		virtual ~Mitigator() = default;

		static void local_attestation_initiator_wrapper()
		{
			setbuf(stdout,NULL);
			uint32_t return_sgx, base64_encoded_token_H_length;
			unsigned char* base64_encoded_mitigator_header_and_value;

			base64_encoded_mitigator_header_and_value = (unsigned char*) malloc( 400 ); 
			//		unsigned char base64_encoded_mitigator_header[229] ; //216=(ceil(160/3) * 4) + 1 (for null character) + 21 for "Mitigator-Public-Key"
			memcpy(base64_encoded_mitigator_header_and_value, mitigator_pubkey_header.c_str(), mitigator_pubkey_header.length());
			return_sgx = local_attestation_initiator(DECRYPTOR_PORT);
			if(return_sgx != 0)
			{
				if(return_sgx== 0xFFFFFFFF)
				{
					perror("\nCould not set up the socket: had the following error: "); fflush(stderr);
				}
				else
				{
					printf("\nHad the following error in SGX local attestation: 0x%x", return_sgx);
					fflush(stdout);
				}
			}
			else {
				printf("\nSuccessful LA with port %d.\n", DECRYPTOR_PORT);
				fflush(stdout);
				return_sgx= post_local_attestation_get_mitigator_header(base64_encoded_mitigator_header_and_value + mitigator_pubkey_header.length(),
					&base64_encoded_token_H_length);
				if(return_sgx != 0)
				{
					printf("\nHad the following error in SGX POST local attestation: 0x%x", return_sgx);
					fflush(stdout);
				}
				mitigator_pubkey_header_value=std::string((char*)base64_encoded_mitigator_header_and_value,mitigator_pubkey_header.length()+base64_encoded_token_H_length);
			}
			free(base64_encoded_mitigator_header_and_value); 
			time_file_fd=open("target_time.txt", O_APPEND | O_WRONLY);
		}

		static Php::Value get_mitigator_header()
		{
			return mitigator_pubkey_header_value;
		}

		static Php::Value php_decrypt_wrapper(Php::Parameters &params   )
		{
			struct timeval  tv1, tv2;
			char time_buf[60] = {0};
			size_t bytes_written;
                        unsigned long int new_time, old_time; 

                        gettimeofday(&tv1, NULL);

			unsigned char* plaintext_user_data, * base64_client_ciphertext, *base64_client_public_key, *client_data;
			uint32_t plaintext_length, base64_client_ciphertext_length, base64_client_public_key_length,  client_data_length, ret_status;
			std::string plaintext_user_data_str; 

			base64_client_ciphertext = (unsigned char*) static_cast<const char*>(params[1]);
			base64_client_public_key = (unsigned char*) static_cast<const char*>(params[0]);
			base64_client_ciphertext_length = params[1].size();
			base64_client_public_key_length = params[0].size();
			
			plaintext_user_data = (unsigned char*) malloc( base64_client_ciphertext_length );
			plaintext_length = base64_client_ciphertext_length;
			memcpy(plaintext_user_data, base64_client_ciphertext, base64_client_ciphertext_length);
			plaintext_user_data_str = std::string((char*) plaintext_user_data, base64_client_ciphertext_length); 
			
			client_data = (unsigned char*) malloc(base64_client_ciphertext_length + base64_client_public_key_length); 
			ret_status = base64_decoding_wrapper(client_data, base64_client_public_key, base64_client_public_key_length);
			if(ret_status<=0)
			{
                                printf("Could not do base64 decoding correctly.\n"); fflush(stdout); 
                                free(plaintext_user_data);
                                free(client_data);
                                return plaintext_user_data_str; 
			}
			client_data_length = ret_status; 

                        ret_status = base64_decoding_wrapper(client_data + client_data_length, base64_client_ciphertext, base64_client_ciphertext_length);
                        if(ret_status<=0)
                        {
                                printf("Could not do base64 decoding correctly.\n"); fflush(stdout); 
                                free(plaintext_user_data);
                                free(client_data);
                                return plaintext_user_data_str; 
                        }                         
                        client_data_length += ret_status; 

			ret_status=decrypt_client_data_through_decryptor(client_data, client_data_length, (unsigned char*) plaintext_user_data, &plaintext_length);
			if(ret_status != 0)
			{
				printf("Received error code when trying to decrypt data thru decryptor: 0x%02x\n", ret_status); fflush(stdout);
				free(client_data);
				free(plaintext_user_data);
				return plaintext_user_data_str;
			}

			plaintext_user_data_str = std::string((char*) plaintext_user_data, plaintext_length);
			free(plaintext_user_data); 
			free(client_data); 

			gettimeofday(&tv2, NULL);
                        new_time=tv2.tv_usec + tv2.tv_sec * 1000000; 
                        old_time=tv1.tv_usec + tv1.tv_sec * 1000000; 
                        bytes_written=sprintf(time_buf,  "%lu %lu\n", old_time, new_time); 
                        write(time_file_fd, time_buf, bytes_written);
			return plaintext_user_data_str;
		}
};

std::string Mitigator::mitigator_pubkey_header_value=std::string("!");
std::string Mitigator::mitigator_pubkey_header=std::string("Mitigator-Public-Key:");
int Mitigator::time_file_fd=0; 
extern "C" {

    // export the "get_module" function that will be called by the Zend engine
    PHPCPP_EXPORT void *get_module()
    {
        // create extension
        static Php::Extension extension("decryptor_la_setup_and_decryption","1.0");

        Php::Class<Mitigator> mitigator("Mitigator");
	mitigator.method<&Mitigator::get_mitigator_header>("get_mitigator_header");
	mitigator.method<&Mitigator::local_attestation_initiator_wrapper>("local_attestation_initiator_wrapper");
	mitigator.method<&Mitigator::php_decrypt_wrapper>("php_decrypt_wrapper", { Php::ByVal("string", Php::Type::String), Php::ByVal("string", Php::Type::String) }   );
        extension.onStartup(&Mitigator::local_attestation_initiator_wrapper);
        // return the extension module
	extension.add(mitigator);
        return extension.module();
    }
}