Home Explore Help
Sign In
miti
/
Decryptor
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Generated and sealed private key to disk.

dettanym 5 years ago
parent
53aa094042
commit
06df39a8fd
3 changed files with 25 additions and 15 deletions
Split View Show Diff Stats
  1. 10 8
      App/App.cpp
  2. 12 6
      LocalAttestationCode/EnclaveMessageExchange.cpp
  3. 3 1
      LocalAttestationCode/LocalAttestationCode.edl

+ 10 - 8
App/App.cpp
View File 

@@ -717,20 +717,22 @@ uint32_t create_and_seal_signing_key_pair_to_disk( __attribute__((unused))  int
 
   if(length == 0xFFFFFFFF)
 
     return 0xFFFFFFFF;
 
   printf("0x%x input msg, 0x%x bytes for sealed msg in parameter value\n", SGX_ECP256_KEY_SIZE, length); fflush(stdout); 
-  uint8_t* sealed_data2=(uint8_t*) malloc(length);
 
+  uint8_t* sealed_data=(uint8_t*) malloc(length);
 
   printf("Made call to sgx_calc_sealed_data_size\n");  fflush(stdout); 
-  Decryptor_create_and_seal_ecdsa_signing_key_pair(e2_enclave_id, &ret_status, pub_key, &length, sealed_data2);
 
+  Decryptor_create_and_seal_ecdsa_signing_key_pair(e2_enclave_id, &ret_status, pub_key, &length, sealed_data);
 
   if(ret_status != SGX_SUCCESS)
 
   {
 
     printf("create_and_seal called returned an error: %x", ret_status); 
-    free(sealed_data2);
 
+    free(sealed_data);
 
     return 0xFFFFFFFF;
 
   }
 
-  printf("It returned sgx_success\n"); fflush(stdout); *actual_sealed_msg_length=length;
 
-/*  
-  ret_status = write_to_fd(fd, sealed_data, actual_sealed_msg_length);
 
-  free(sealed_data);
 
-  return ret_status;*/ return 0; 
+  printf("It returned sgx_success\n"); fflush(stdout); // *actual_sealed_msg_length=length;
 
+  
+  ret_status = write_to_fd(fd, sealed_data, &length);
 
+  free(sealed_data); 
+  if(ret_status > 0)
 
+	  *actual_sealed_msg_length = ret_status; 
+  return 0;
 
 }
 
 
 int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])

+ 12 - 6
LocalAttestationCode/EnclaveMessageExchange.cpp
View File 

@@ -234,21 +234,27 @@ void deserialize_string_to_public_private_key_pair(uint8_t* private_public_key_s
 
 
 uint32_t create_and_seal_ecdsa_signing_key_pair(__attribute__((unused))   sgx_ec256_public_t* pub_key, __attribute__((unused))  uint32_t* sealed_data_length, __attribute__((unused)) uint8_t* sealed_data)
 
 {
 
-    uint32_t ret_status;
 
-    ret_status=create_ecdsa_key_pair(pub_key, &signing_priv_key);
 
+    uint32_t ret_status; sgx_ec256_private_t private_key; 
+    ret_status=create_ecdsa_key_pair(pub_key, &private_key);
 
     if(ret_status!=SGX_SUCCESS)
 
        return ret_status;
 
     // generating the entire string as there is no SGX function to generate the public key from the private one.
 
   //  uint8_t* private_public_key_string = (uint8_t*) malloc(3*SGX_ECP256_KEY_SIZE);
 
-    uint8_t* sealed_data2 = (uint8_t*) malloc(*sealed_data_length);
 
+uint8_t* sealed_data2 = (uint8_t*) malloc(*sealed_data_length);
 
     // serializing keypair to string
 
 //    serialize_signing_key_pair_to_string(pub_key, &signing_priv_key, private_public_key_string);
 
     // sealing serialized keypair to disk
 
-//    ret_status = sgx_unseal_data(NULL /*(sgx_sealed_data_t*)sealed_data2*/, NULL, 0, NULL  /*temp_plaintext*/ ,0 /*&expected_plaintext_msg_length*/);
 
+    uint8_t* private_key_string = (uint8_t*) malloc(SGX_ECP256_KEY_SIZE); 
+    uint32_t counter;
 
+for(counter=0;counter<SGX_ECP256_KEY_SIZE;counter++)
 
+	*(private_key_string+counter)=private_key.r[counter];
 
   // sgx_seal_data(0, NULL,  3*SGX_ECP256_KEY_SIZE, private_public_key_string, *sealed_data_length, (sgx_sealed_data_t*) sealed_data2);
 
-uint8_t mydata[32]={1}; 
-     ret_status = sgx_seal_data(0, NULL, SGX_ECP256_KEY_SIZE, mydata, *sealed_data_length, (sgx_sealed_data_t*) sealed_data2); 
+//uint8_t mydata[32]={1}; 
+     ret_status = sgx_seal_data(0, NULL, SGX_ECP256_KEY_SIZE, private_key_string, *sealed_data_length, (sgx_sealed_data_t*) sealed_data2); 
+for(counter=0;counter<*sealed_data_length;counter++)
 
+	*(sealed_data+counter)=*(sealed_data2+counter); 
     free(sealed_data2);
 
+   free(private_key_string);  //free(private_key);  
   //  free(private_public_key_string);
 
 
 	return ret_status; // SGX_SUCCESS;

+ 3 - 1
LocalAttestationCode/LocalAttestationCode.edl
View File 

@@ -33,13 +33,15 @@ enclave  {
 
     from "sgx_tae_service.edl" import *;
 
     include "sgx_eid.h"
 
     include "datatypes.h"
 
+//    include "sgx_tcrypto.h" // For some reason, this is not being detected - macros are not being resolved!
 
+#define SEALED_SIZE 592
 
     include "../Include/dh_session_protocol.h"
 
     trusted{
 
         public uint32_t session_request([out] sgx_dh_msg1_t *dh_msg1, [out] uint32_t *session_id);
 
         public uint32_t exchange_report([in] sgx_dh_msg2_t *dh_msg2, [out] sgx_dh_msg3_t *dh_msg3, [in] uint32_t *session_id);
 
 //	public uint32_t create_ecdsa_signing_key_pair(); 
 //	public uint32_t create_ecdsa_signing_key_pair([in, out]sgx_ec256_public_t* pub_key);
 
-        public uint32_t create_and_seal_ecdsa_signing_key_pair([out]sgx_ec256_public_t* pub_key, [in] uint32_t* sealed_data_length, [out] uint8_t* sealed_data);
 
+        public uint32_t create_and_seal_ecdsa_signing_key_pair([out]sgx_ec256_public_t* pub_key, [in] uint32_t* sealed_data_length, [out, size=SEALED_SIZE] uint8_t* sealed_data);
 
         public uint32_t unseal_and_restore_sealed_signing_key_pair([out] sgx_ec256_public_t* pub_key, [in] uint8_t* sealed_data, [in] uint32_t* sealed_data_length);
 
         uint32_t create_ecdsa_key_pair([out] sgx_ec256_public_t* pub_key, [out] sgx_ec256_private_t* priv_key);
 
 void serialize_signing_key_pair_to_string([in] sgx_ec256_public_t* pub_key, [in] sgx_ec256_private_t* signing_priv_key, [out] uint8_t* private_public_key_string);