|
@@ -135,7 +135,7 @@ using namespace google::protobuf::io;
|
|
|
{
|
|
|
protobuf_post_LA_encrypted_msg_t protobuf_msg;
|
|
|
unsigned char* protobuf_msg_ptr;
|
|
|
- uint32_t sgx_ret_status;
|
|
|
+ uint32_t sgx_ret_status=0;
|
|
|
uint8_t* input_ciphertext_plus_tag;
|
|
|
uint32_t input_ciphertext_plus_tag_length;
|
|
|
uint8_t* output_ciphertext_plus_tag;
|
|
@@ -143,31 +143,43 @@ using namespace google::protobuf::io;
|
|
|
int counter;
|
|
|
|
|
|
if(read_protobuf_msg_from_fd(fd, protobuf_msg)!=0)
|
|
|
+ {
|
|
|
+ printf("Could not read apache's message post-local attestation\n"); fflush(stdout);
|
|
|
return 0xfe;
|
|
|
+ }
|
|
|
+ printf("Clients data\n"); fflush(stdout);
|
|
|
|
|
|
input_ciphertext_plus_tag_length = protobuf_msg.msg().length();
|
|
|
// TODO: MAKE SURE THIS IS NOT 0XFFFFFFFF.
|
|
|
input_ciphertext_plus_tag = (uint8_t*) malloc(input_ciphertext_plus_tag_length);
|
|
|
- output_ciphertext_plus_tag = (uint8_t*) malloc(input_ciphertext_plus_tag_length - 128 + 10); //128 = client public key token length?
|
|
|
+ output_ciphertext_plus_tag = (uint8_t*) malloc(input_ciphertext_plus_tag_length); //128 = client public key token length?
|
|
|
protobuf_msg_ptr = (uint8_t*) protobuf_msg.msg().c_str();
|
|
|
|
|
|
for(counter=0; counter<input_ciphertext_plus_tag_length; counter++)
|
|
|
+ {
|
|
|
input_ciphertext_plus_tag[counter] = *(protobuf_msg_ptr + counter);
|
|
|
-
|
|
|
+ printf("0x%02x ", input_ciphertext_plus_tag[counter]);
|
|
|
+ }
|
|
|
// Just so that the ciphertext - client data - is returned back to Apache in case this function fails.
|
|
|
// client data is after public key (64 bytes) + signature (64 bytes) = 128 bytes.
|
|
|
- for(counter=0; counter<input_ciphertext_plus_tag_length; counter++)
|
|
|
- output_ciphertext_plus_tag[counter] = input_ciphertext_plus_tag[counter+128];
|
|
|
-
|
|
|
+ for(counter=64; counter<input_ciphertext_plus_tag_length; counter++)
|
|
|
+ output_ciphertext_plus_tag[counter] = input_ciphertext_plus_tag[counter];
|
|
|
+ output_ciphertext_plus_tag_length=input_ciphertext_plus_tag_length;
|
|
|
+ protobuf_msg.set_msg((void*) output_ciphertext_plus_tag, output_ciphertext_plus_tag_length);
|
|
|
+
|
|
|
// We assume that the output is not changed unless it is successful throughout.
|
|
|
// Return value is not sent back..
|
|
|
- Decryptor_process_apache_message_generate_response_wrapper(own_enclave_id, &sgx_ret_status, input_ciphertext_plus_tag, input_ciphertext_plus_tag_length, output_ciphertext_plus_tag, &output_ciphertext_plus_tag_length);
|
|
|
+// Decryptor_process_apache_message_generate_response_wrapper(own_enclave_id, &sgx_ret_status, input_ciphertext_plus_tag, input_ciphertext_plus_tag_length, output_ciphertext_plus_tag, &output_ciphertext_plus_tag_length);
|
|
|
free(input_ciphertext_plus_tag);
|
|
|
- protobuf_msg.set_msg((void*) output_ciphertext_plus_tag, output_ciphertext_plus_tag_length);
|
|
|
- free(output_ciphertext_plus_tag);
|
|
|
- if(write_protobuf_msg_to_fd(fd, protobuf_msg)!=0)
|
|
|
- return 0xfc;
|
|
|
+ if(sgx_ret_status!=0)
|
|
|
+ {
|
|
|
+ protobuf_msg.set_msg((void*) output_ciphertext_plus_tag, output_ciphertext_plus_tag_length);
|
|
|
+ }
|
|
|
+ free(output_ciphertext_plus_tag);
|
|
|
+ if(write_protobuf_msg_to_fd(fd, protobuf_msg)!=0)
|
|
|
+ return 0xfc;
|
|
|
return 0;
|
|
|
+
|
|
|
}
|
|
|
|
|
|
|
|
@@ -258,7 +270,6 @@ using namespace google::protobuf::io;
|
|
|
{
|
|
|
protobuf_post_LA_encrypted_msg_t protobuf_encrypted_msg;
|
|
|
uint8_t encrypted_sign_data_and_sign_and_tag[176];
|
|
|
- int apache_fd=accept_fd;
|
|
|
memset(encrypted_sign_data_and_sign_and_tag,0x0,176);
|
|
|
uint32_t internal_return_status;
|
|
|
uint32_t count;
|
|
@@ -279,7 +290,7 @@ using namespace google::protobuf::io;
|
|
|
printf("\n"); fflush(stdout);
|
|
|
|
|
|
protobuf_encrypted_msg.set_msg((void*)encrypted_sign_data_and_sign_and_tag, 176);
|
|
|
- if(write_protobuf_msg_to_fd(apache_fd, protobuf_encrypted_msg) != 0)
|
|
|
+ if(write_protobuf_msg_to_fd(accept_fd, protobuf_encrypted_msg) != 0)
|
|
|
{
|
|
|
printf("Not all of the mitigator token H was written to the Apache.\n"); fflush(stdout);
|
|
|
close(accept_fd);
|