Browse Source

Adding code to commit before working on local copy.

dettanym 5 years ago
parent
commit
3d120ee423

+ 48 - 78
App/App.cpp

@@ -39,15 +39,14 @@
 #include<unistd.h>
 // for sealing - sgx_calc_sealed_data_size
 #include "sgx_tseal.h"
-
+#include "LocalAttestationUntrusted.h" 
 
 
 // For reading from/writing to file -sealing.
 #include <fcntl.h>
 #include <sys/types.h>
 #include <sys/stat.h>
-
-#include "LocalAttestationUntrusted.h"
+#include <errno.h>
 
 //#define UNUSED(val) (void)(val)
 #define TCHAR   char
@@ -79,7 +78,7 @@ uint32_t write_to_fd(int fd, uint8_t* msg, uint32_t* expected_msg_length)
   return 0;
 }
 
-uint32_t read_from_fd(int fd, uint8_t* msg, size_t* expected_msg_length)
+uint32_t read_from_fd(int fd, uint8_t* msg, uint32_t* expected_msg_length)
 {
   ssize_t bytes_read;
   lseek(fd, 0, SEEK_SET);
@@ -91,55 +90,54 @@ uint32_t read_from_fd(int fd, uint8_t* msg, size_t* expected_msg_length)
 }
 
 
-uint32_t unseal_signing_key_pair_from_disk(int fd, __attribute__((unused))  sgx_ec256_public_t* pub_key, size_t* actual_sealed_msg_length)
+uint32_t unseal_signing_key_pair_from_disk(int fd, size_t sealed_msg_length_in_file)
 {
-  uint32_t ret_status;
-  uint8_t* sgx_sealed_msg;
-  printf("expected read 0x%ld\n", *actual_sealed_msg_length);
-  sgx_sealed_msg = (uint8_t*) malloc(0x300); // malloc(*actual_sealed_msg_length); (0x300 for EDL)
-  ret_status = read_from_fd(fd, sgx_sealed_msg, actual_sealed_msg_length);
+  uint32_t ret_status=0, length=sealed_msg_length_in_file, counter=0; 
+  uint8_t* sealed_data;  
+
+  sealed_data = (uint8_t*) malloc(0x300); //TODO: Get length of the sealed msg and try to read that much from the file. 
+	// May be pass the length of the file as input to this function and check that it is at least as much as the output of the sgx call. 
+  ret_status = read_from_fd(fd, sealed_data, &length);
   if(ret_status != 0)
   {
-    free(sgx_sealed_msg);
+    free(sealed_data);
     return 0xFFFFFFFF;
   }
-  printf("actual read 0x%ld and ret_status 0x%x\n", *actual_sealed_msg_length, ret_status);  fflush(stdout);
-  size_t counter;
-  for(counter=0;counter<*actual_sealed_msg_length;counter++)
-	printf("%x ", *(sgx_sealed_msg+counter));
+
+  for(counter=0;counter<length;counter++)
+	printf("%x ", *(sealed_data+counter));
   printf("\n");  fflush(stdout);
-  Decryptor_unseal_and_restore_sealed_signing_key_pair(e2_enclave_id, &ret_status, pub_key, sgx_sealed_msg, actual_sealed_msg_length);
-  free(sgx_sealed_msg);
+ 
+  Decryptor_unseal_and_restore_long_term_signing_key_pair_wrapper(e2_enclave_id, &ret_status, sealed_data, &length);
+  free(sealed_data);
   return ret_status;
 }
 
-uint32_t create_and_seal_signing_key_pair_to_disk( __attribute__((unused))  int fd, __attribute__((unused))   sgx_ec256_public_t* pub_key)
+uint32_t create_and_seal_signing_key_pair_to_disk(int fd)
 {
-  uint32_t ret_status;
-  // Generating a signing ECDSA key to sign the encryption key.
-  uint32_t length;
-  Decryptor_calculate_sealed_data_size(e2_enclave_id, &length, 3*SGX_ECP256_KEY_SIZE); // sgx_calc_sealed_data_size(0,3*SGX_ECP256_KEY_SIZE);
+  uint32_t ret_status=0, length=0, counter=0; 
+  uint8_t* sealed_data;  
+
+  Decryptor_calculate_sealed_keypair_size_wrapper(e2_enclave_id, &length); 
   if(length == 0xFFFFFFFF)
     return 0xFFFFFFFF;
-  printf("0x%x input msg, 0x%x bytes for sealed msg in parameter value\n", 3*SGX_ECP256_KEY_SIZE, length); fflush(stdout);
-  uint8_t* sealed_data=(uint8_t*) malloc(0x300);
-  printf("Made call to sgx_calc_sealed_data_size\n");  fflush(stdout);
-  Decryptor_create_and_seal_ecdsa_signing_key_pair(e2_enclave_id, &ret_status, pub_key, &length, sealed_data);
+  sealed_data=(uint8_t*) malloc(length); // 0x300); // TODO: Shouldn't it be malloc of length? 
+        printf("length: %d\n", length); fflush(stdout); 
+
+  Decryptor_create_and_seal_long_term_signing_key_pair_wrapper(e2_enclave_id, &ret_status, &length, sealed_data);
   if(ret_status != SGX_SUCCESS)
   {
     printf("create_and_seal called returned an error: %x", ret_status);
     free(sealed_data);
     return 0xFFFFFFFF;
   }
-  printf("It returned sgx_success\n"); fflush(stdout); // *actual_sealed_msg_length=length;
-
+  printf("It returned sgx_success\n"); fflush(stdout); 
+  for(counter=0; counter<length; counter++) 
+	printf("%02x ", sealed_data[counter]); 
   ret_status = write_to_fd(fd, sealed_data, &length);
   free(sealed_data);
-//  if(ret_status > 0)
-//	  *actual_sealed_msg_length = ret_status;
-//  return 0;
 
-return ret_status;
+  return ret_status;
 }
 
 int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
@@ -170,10 +168,7 @@ int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
     }
     printf("\nSuccessfully opened a file to seal the signing key pair for the client.\n");
     fflush(stdout);
-//    int start = lseek(sealed_signing_key_fd, 0, SEEK_SET);
-//    int end = lseek(sealed_signing_key_fd, 0, SEEK_END);
       struct stat st; ret_status = fstat(sealed_signing_key_fd, &st);
-     //sealed_msg_length_in_file = st.st_size;
       if(ret_status != 0)
       {
 	perror("error in finding the file size. -  ");
@@ -183,52 +178,27 @@ int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
       }
       sealed_msg_length_in_file = st.st_size;
     if(sealed_msg_length_in_file == 0) //if(start == end && start != -1)
-    {
       // TODO: file is empty. create signing key pair.
       // int start = lseek(sealed_signing_key_fd, 0, SEEK_SET);
-      ret_status = create_and_seal_signing_key_pair_to_disk(sealed_signing_key_fd, &pub_key);
-      if(ret_status != 0)
+{ printf("Creating new keypair.\n"); fflush(stdout);     ret_status = create_and_seal_signing_key_pair_to_disk(sealed_signing_key_fd); }
+    else 
+{ printf("Unsealing keypair.\n"); fflush(stdout);      ret_status = unseal_signing_key_pair_from_disk(sealed_signing_key_fd, sealed_msg_length_in_file); }
+    
+     if(ret_status != 0)
       {
-        printf("\n error in generating the ecdsa signing key pair \n");
-        fflush(stdout);    sgx_destroy_enclave(e2_enclave_id);
+	printf("Some error \n");
+//        printf("\n %d error in generating the ecdsa signing key pair \n", errno);
+        fflush(stdout);    
+sgx_destroy_enclave(e2_enclave_id);
 
         return 0xFFFFFFFF;
-      }
-	fflush(stdout);
-      printf("\n Generated the ecdsa key pair successfully - gx, gy\n");
-      for(counter=0;counter<32;counter++)
-        printf("0x%x ",pub_key.gx[counter]);
-      printf("\n");
-      for(counter=0;counter<32;counter++)
-                printf("0x%x ",pub_key.gy[counter]);
-      printf("\n");
-      fflush(stdout);
-//      fflush(stdout);
-    }
-    else {
+      } 
 
-      ret_status = unseal_signing_key_pair_from_disk(sealed_signing_key_fd, &pub_key, &sealed_msg_length_in_file);
-      if(ret_status != SGX_SUCCESS)
-      {
-        printf("\n error in unsealing the ecdsa signing key pair:%d \n", ret_status);
-        fflush(stdout);     sgx_destroy_enclave(e2_enclave_id);
-
-        return 0xFFFFFFFF;
-      }
-      printf("\n Recovered the ecdsa key pair successfully - gx, gy\n");
-      for(counter=0;counter<32;counter++)
-	printf("%02x",pub_key.gx[31-counter]);
-//      printf("\n");
-      for(counter=0;counter<32;counter++)
-	        printf("%02x",pub_key.gy[31-counter]);
-      printf("\n");
-      fflush(stdout);
-    }
 
     close(sealed_signing_key_fd);
 
     int server_fd;
-    server_fd = prepare_local_attestation_as_responder_fd_and_msg1(own_enclave_id, 3824);
+    server_fd = LocalAttestationUntrusted::prepare_local_attestation_as_responder_fd_and_msg1(e2_enclave_id, 3824);
     if(server_fd <=0)
     {
       printf("Error in setting up server socket."); fflush(stdout);
@@ -239,7 +209,7 @@ int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
     fflush(stdout);
 
     // LA with the verifier
-    ret_status = local_attestation_as_responder_msg2_msg3(e2_enclave_id);
+    ret_status = LocalAttestationUntrusted::local_attestation_as_responder_msg2_msg3(e2_enclave_id, server_fd);
     if(ret_status!=0)
     {
       printf("local attestation - with the verifier - did not successfully return: %x\n", ret_status); fflush(stdout);
@@ -247,7 +217,7 @@ int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
       return 0xFFFFFFFF;
     }
 
-    ret_status = post_local_attestation_with_verifier(e2_enclave_id);
+    ret_status = LocalAttestationUntrusted::post_local_attestation_with_verifier(e2_enclave_id);
     if(ret_status!=0)
     {
       printf("post local attestation - with the verifier - did not successfully return: %x\n", ret_status); fflush(stdout);
@@ -255,18 +225,18 @@ int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
       return 0xFFFFFF01;
     }
 
-    ret_status = local_attestation_as_responder_msg2_msg3(e2_enclave_id);
-    if(ret_status!=0)
+    server_fd = LocalAttestationUntrusted::local_attestation_as_responder_msg2_msg3(e2_enclave_id,3825);
+    if(ret_status<=0)
     {
-      printf("local attestation - with the verifier - did not successfully return: %x\n", ret_status); fflush(stdout);
+      printf("local attestation - with the apache - did not successfully return: %x\n", ret_status); fflush(stdout);
       sgx_destroy_enclave(e2_enclave_id);
       return 0xFFFFFFFF;
     }
 
-    ret_status = post_local_attestation_with_apache(e2_enclave_id);
+    ret_status = LocalAttestationUntrusted::post_local_attestation_with_apache(e2_enclave_id);
     if(ret_status!=0)
     {
-      printf("post local attestation - with the verifier - did not successfully return: %x\n", ret_status); fflush(stdout);
+      printf("post local attestation - with the apache - did not successfully return: %x\n", ret_status); fflush(stdout);
       sgx_destroy_enclave(e2_enclave_id);
       return 0xFFFFFF01;
     }

+ 28 - 21
App/LocalAttestationUntrusted.cpp

@@ -70,7 +70,7 @@ class LocalAttestationUntrusted {
   }
 
   // Sets up a socket to bind and listen to the given port. Returns FD of the socket on success, -1 on failure (and prints a msg to stdout with the errno)
-  int set_up_socket(int port,   sockaddr_in* address)
+  int set_up_socket_listen(int port,   sockaddr_in* address)
   {
     int server_fd = 0;
 
@@ -128,12 +128,12 @@ class LocalAttestationUntrusted {
 
     if(write_protobuf_msg_to_fd(accept_fd, protobuf_msg3)!=0)
       return 0x3;
-
-    return 0;
+    return 0; 
   }
 
   int decrypt_client_data_wrapper(uint32_t own_enclave_id, int apache_fd)
   {
+
     protobuf_post_LA_encrypted_msg_t protobuf_msg;
     unsigned char* protobuf_msg_ptr;
     uint32_t sgx_ret_status;
@@ -164,38 +164,40 @@ class LocalAttestationUntrusted {
 
     // We assume that the output is not changed unless it is successful throughout.
     // Return value is not sent back..
-    Decryptor_process_apache_message_generate_response(own_enclave_id, &sgx_ret_status, input_ciphertext_plus_tag, input_ciphertext_plus_tag_length, output_ciphertext, &output_ciphertext_plus_tag_length);
+    Decryptor_process_apache_message_generate_response_wrapper(own_enclave_id, &sgx_ret_status, input_ciphertext_plus_tag, input_ciphertext_plus_tag_length, output_ciphertext, &output_ciphertext_plus_tag_length);
     free(input_ciphertext_plus_tag);
     protobuf_msg.set_msg((void*)  output_ciphertext_plus_tag, output_ciphertext_plus_tag_length);
     free(output_ciphertext_plus_tag);
   	if(write_protobuf_msg_to_fd(apache_fd, protobuf_msg)!=0)
   	  return 0xfc;
-
   	return 0;
   }
 
   public:
-    int prepare_local_attestation_as_responder_fd_and_msg1(uint32_t own_enclave_id, int port)
+    int prepare_local_attestation_as_responder_msg1(uint32_t own_enclave_id) //, int port)
     {
-      struct sockaddr_in own_addr;
       uint32_t protobuf_sgx_ret;
       int temp_server_fd=0;
       protobuf_sgx_ret = generate_protobuf_dh_msg1(own_enclave_id, protobuf_msg1, session_id);
       if(protobuf_sgx_ret != 0)
       {
-        printf("Error in generate_protobuf_dh_msg1: 0x%x", protobuf_sgx_ret); fflush(stdout); return -protobuf_sgx_ret;
+        printf("Error in generate_protobuf_dh_msg1: 0x%x", protobuf_sgx_ret); fflush(stdout); return protobuf_sgx_ret;
       }
-
-      temp_server_fd=set_up_socket(port, &own_addr);
-      if(temp_server_fd>0)
-        server_fd = temp_server_fd;
-      return temp_server_fd;
+      return 0;
     }
 
+   int setup_socket_for_local_attestation_requests( int port )
+   {
+      struct sockaddr_in own_addr; 
+      return set_up_socket(port, &own_addr);
+   }
+
+
+
+
     // TODO: CHANGED SIGNATURE.
     int local_attestation_as_responder_msg2_msg3(uint32_t own_enclave_id, int server_fd)
     {
-      //   protobuf_post_LA_encrypted_msg_t protobuf_encrypted_msg;
       uint32_t protobuf_sgx_ret;
       struct sockaddr_storage apache_addr;
       socklen_t apache_addr_size = sizeof(apache_addr);
@@ -211,11 +213,11 @@ class LocalAttestationUntrusted {
 
       protobuf_sgx_ret = local_attestation_msg2_msg3(own_enclave_id, accept_fd);
       return protobuf_sgx_ret;
-    }
+*/ return 0;    }
 
     int post_local_attestation_with_verifier(uint32_t own_enclave_id)
     {
-      uint32_t protobuf_sgx_ret;
+/*      uint32_t protobuf_sgx_ret;
       uint8_t encrypted_apache_mrsigner_and_tag[48];
       size_t bytes_read;
 
@@ -232,7 +234,7 @@ class LocalAttestationUntrusted {
     	  printf("0x%02x ", encrypted_apache_mrsigner_and_tag[count]);
       printf("\n");fflush(stdout);
 
-      Decryptor_decrypt_verifiers_message_set_apache_mrsigner(own_enclave_id, &sgx_ret, encrypted_apache_mrsigner_and_tag);
+      Decryptor_decrypt_verifiers_message_set_apache_mrsigner_wrapper(own_enclave_id, &sgx_ret, encrypted_apache_mrsigner_and_tag);
       if(sgx_ret!=0)
     	{
         printf("Error in decryption: 0x%x\n", sgx_ret); fflush(stdout);
@@ -242,17 +244,21 @@ class LocalAttestationUntrusted {
 
       printf("Successful decryption\n"); fflush(stdout);
       close(accept_fd);
-      return 0;
+*/      return 0;
     }
 
     int post_local_attestation_with_apache(uint32_t own_enclave_id)
     {
+/*
       protobuf_post_LA_encrypted_msg_t protobuf_encrypted_msg;
       uint8_t encrypted_sign_data_and_sign_and_tag[176];
       int apache_fd=accept_fd;
   	  memset(encrypted_sign_data_and_sign_and_tag,0x0,176);
+	uint32_t internal_return_status; 
+	uint32_t count; 
+	sgx_status_t sgx_ret; 
 
-      Decryptor_create_and_encrypt_mitigator_header_H(own_enclave_id, &sgx_ret, encrypted_sign_data_and_sign_and_tag);
+      Decryptor_create_and_encrypt_mitigator_header_H_wrapper(own_enclave_id, &sgx_ret, encrypted_sign_data_and_sign_and_tag);
     	if(sgx_ret!=0)
     	{
     		printf("Error in generating encrypted mitigator header:0x%x\n", sgx_ret); fflush(stdout);
@@ -279,5 +285,6 @@ class LocalAttestationUntrusted {
       } while(internal_return_status==0);
       close(accept_fd);
       return internal_return_status;
-    }
-}
+*/ 
+return 0; }
+};

+ 2 - 2
App/protobufLAInitiator.cpp

@@ -12,7 +12,7 @@ int generate_protobuf_dh_msg1(uint32_t own_enclave_id, protobuf_sgx_dh_msg1_t& p
   sgx_dh_msg1_t dh_msg1;            //Diffie-Hellman Message 1
   memset(&dh_msg1, 0, sizeof(sgx_dh_msg1_t));
   uint32_t ret_status;
-  Decryptor_session_request(own_enclave_id, &ret_status, &dh_msg1, session_id); // TODO: Check Return status
+  Decryptor_session_request_wrapper(own_enclave_id, &ret_status, &dh_msg1, session_id); // TODO: Check Return status
   if(ret_status != SGX_SUCCESS)
     return 0xffffffff;
 
@@ -36,7 +36,7 @@ int process_protobuf_dh_msg2_generate_protobuf_dh_msg3(uint32_t own_enclave_id,
     return -1;
 
   // process msg2 and generate msg3
-  Decryptor_exchange_report(own_enclave_id, &ret_status, &dh_msg2, &dh_msg3, session_id);
+  Decryptor_exchange_report_wrapper(own_enclave_id, &ret_status, &dh_msg2, &dh_msg3, session_id);
   if(ret_status!=SGX_SUCCESS)
     return -1;
 

+ 20 - 5
Decryptor/Decryptor.cpp

@@ -127,25 +127,36 @@
         uint8_t* temp_sealed_data;
         uint8_t private_public_key_string[ECDH_PUBLIC_KEY_SIZE + ECDH_PRIVATE_KEY_SIZE];
         uint32_t counter;
-
+	
         temp_sealed_data_length = sgx_calc_sealed_data_size(0, ECDH_PUBLIC_KEY_SIZE + ECDH_PRIVATE_KEY_SIZE);
         if(temp_sealed_data_length == 0xFFFFFFFF)
           return 0x01;
 
+	
+        temp_sealed_data = (uint8_t*) malloc(temp_sealed_data_length);
+	
         internal_return_status = create_long_term_signing_keypair(private_public_key_string);
-
-    	temp_sealed_data = (uint8_t*) malloc(temp_sealed_data_length);
+	if(internal_return_status != 0)
+	{
+		free(temp_sealed_data); 
+		return internal_return_status;
+	}
+	
+/*	for(counter=0; counter<temp_sealed_data_length; counter++) 
+		temp_sealed_data[counter]=counter;
+ */	
         sgx_libcall_status = sgx_seal_data(0, NULL, 3*SGX_ECP256_KEY_SIZE, private_public_key_string, temp_sealed_data_length, (sgx_sealed_data_t*) temp_sealed_data);
         if(sgx_libcall_status != SGX_SUCCESS)
         {
           free(temp_sealed_data);
           return sgx_libcall_status;
         }
-
+	
         for(counter=0;counter<temp_sealed_data_length;counter++)
-    			*(sealed_data + counter)=*(temp_sealed_data + counter);
+    			*(sealed_data + counter)= *(temp_sealed_data + counter);
 	*sealed_data_length = temp_sealed_data_length;
         free(temp_sealed_data);
+	
         return 0;
     }
 
@@ -298,3 +309,7 @@ uint32_t Decryptor::verify_peer_enclave_trust(uint8_t* given_mr_enclave, uint8_t
         return SGX_SUCCESS;
   }
 
+void Decryptor::calculate_sealed_keypair_size(uint32_t* output_length)
+{
+	*output_length = sgx_calc_sealed_data_size(0, ECDH_PUBLIC_KEY_SIZE + ECDH_PRIVATE_KEY_SIZE); 
+} 

+ 4 - 3
Decryptor/Decryptor.edl

@@ -36,9 +36,10 @@ enclave {
     from "../LocalAttestationCode/LocalAttestationCode.edl" import *;
     from "/home/m2mazmud/old_stuff/intel-sgx-ssl/Linux/package/include/sgx_tsgxssl.edl" import * ;
     trusted {
-      #define SEALED_SIZE 768  // =0x300 (0x290 is the size of the sealed message when both the public(0x40) and private key(0x20) are included)
-      public uint32_t create_and_seal_long_term_signing_key_pair_wrapper([out] uint32_t* sealed_data_length, [out,size=SEALED_SIZE] uint8_t* sealed_data);
-      public uint32_t unseal_and_restore_long_term_signing_key_pair_wrapper([in, size=SEALED_SIZE] uint8_t* sealed_data, [in] uint32_t* sgx_sealed_data_length);
+	public void calculate_sealed_keypair_size_wrapper([out, size=4] uint32_t* output_length); 
+      #define SEALED_SIZE 656  // =0x300 (0x290 is the size of the sealed message when both the public(0x40) and private key(0x20) are included)
+      public uint32_t create_and_seal_long_term_signing_key_pair_wrapper([out, size=4] uint32_t* sealed_data_length, [out,size=SEALED_SIZE] uint8_t* sealed_data);
+      public uint32_t unseal_and_restore_long_term_signing_key_pair_wrapper([in, size=SEALED_SIZE] uint8_t* sealed_data, [in, size=4] uint32_t* sgx_sealed_data_length);
       public uint32_t create_and_encrypt_mitigator_header_H_wrapper([out, size=176] uint8_t* ciphertext_token_H_plus_tag);
       // Apache mrsigner = 32 bytes + tag on encryption = 16 bytes.
       public uint32_t decrypt_verifiers_message_set_apache_mrsigner_wrapper([in, size=48] uint8_t* ciphertext_plus_tag);

+ 1 - 0
Decryptor/Decryptor.h

@@ -16,6 +16,7 @@ class Decryptor {
   static uint32_t create_long_term_signing_keypair(uint8_t* private_public_key_string);
   static uint32_t initialize_symmetric_key_decrypt_client_data(uint8_t* plaintext_client_public_key_plus_encrypted_data_plus_tag, uint32_t total_length, uint8_t* plaintext_client_data, uint32_t* plaintext_client_data_length);
   public:
+    static void calculate_sealed_keypair_size(uint32_t* output_length); 
     static uint32_t verify_peer_enclave_trust(uint8_t* given_mr_enclave, uint8_t* given_mr_signer, uint8_t* dhaek);
     static uint32_t create_and_seal_long_term_signing_key_pair(uint32_t* sealed_data_length, uint8_t* sealed_data);
     static uint32_t create_and_encrypt_mitigator_header_H(uint8_t* ciphertext_token_H_plus_tag);

+ 20 - 5
Decryptor/DecryptorWrapper.cpp

@@ -25,12 +25,12 @@ uint32_t unseal_and_restore_long_term_signing_key_pair_wrapper(uint8_t* sealed_d
 {
   return Decryptor::unseal_and_restore_long_term_signing_key_pair(sealed_data, sgx_sealed_data_length);
 }
-/*
-uint32_t unseal_and_restore_long_term_signing_key_pair_wrapper(uint8_t* sealed_data, uint32_t* sgx_sealed_data_length)
+
+void calculate_sealed_keypair_size_wrapper(uint32_t* length)
 {
-  return Decryptor::unseal_and_restore_long_term_signing_key_pair( sealed_data, sgx_sealed_data_length);
+  Decryptor::calculate_sealed_keypair_size(length); 
 }
-*/
+
 uint32_t create_and_encrypt_mitigator_header_H_wrapper(uint8_t* ciphertext_token_H_plus_tag)
 {
   return Decryptor::create_and_encrypt_mitigator_header_H(ciphertext_token_H_plus_tag);
@@ -38,5 +38,20 @@ uint32_t create_and_encrypt_mitigator_header_H_wrapper(uint8_t* ciphertext_token
 
 uint32_t create_and_seal_long_term_signing_key_pair_wrapper(uint32_t* sealed_data_length, uint8_t* sealed_data)
 {
-  return Decryptor::create_and_seal_long_term_signing_key_pair(sealed_data_length, sealed_data);
+/*	uint32_t counter;
+        for(counter=0; counter< 0x290; counter++) 
+                sealed_data[counter]=counter;
+	return 0; 
+*/
+/*
+	uint8_t* temp_sealed_data = (uint8_t*) malloc(0x300); 
+	uint32_t temp_sealed_data_length; 
+*/       return Decryptor::create_and_seal_long_term_signing_key_pair(sealed_data_length, sealed_data);
+
+/*	uint32_t counter;
+	for(counter=0; counter<temp_sealed_data_length; counter++)
+		sealed_data[counter] = temp_sealed_data[counter]; 
+	*sealed_data_length = temp_sealed_data_length; 
+        return ret_status; 
+*/
 }

+ 13 - 13
Include/LocalAttestationUntrusted.h

@@ -15,19 +15,19 @@ using namespace google::protobuf::io;
 
 
 class LocalAttestationUntrusted {
-  int server_fd;
-  int accept_fd;
-  uint32_t session_id;
-  protobuf_sgx_dh_msg1_t protobuf_msg1;
+  static int server_fd;
+  static int accept_fd;
+  static   uint32_t session_id;
+  static protobuf_sgx_dh_msg1_t protobuf_msg1;
 
-  int decrypt_client_data_wrapper(uint32_t own_enclave_id, int apache_fd);
-  uint32_t local_attestation_msg2_msg3(uint32_t own_enclave_id, int accept_fd);
-  int write_protobuf_msg_to_fd(int accept_fd, google::protobuf::MessageLite& message);
-  int read_protobuf_msg_from_fd(int accept_fd, google::protobuf::MessageLite& message);
-  int set_up_socket(int port,   sockaddr_in* address);
+  static int decrypt_client_data_wrapper(uint32_t own_enclave_id, int apache_fd);
+  static uint32_t local_attestation_msg2_msg3(uint32_t own_enclave_id, int accept_fd);
+  static int write_protobuf_msg_to_fd(int accept_fd, google::protobuf::MessageLite& message);
+  static int read_protobuf_msg_from_fd(int accept_fd, google::protobuf::MessageLite& message);
+  static int set_up_socket(int port,   sockaddr_in* address);
 public:
-  int prepare_local_attestation_as_responder_fd_and_msg1(uint32_t own_enclave_id, int port);
-  int local_attestation_as_responder_msg2_msg3(uint32_t own_enclave_id, int server_fd);
-  int post_local_attestation_with_verifier(uint32_t own_enclave_id);
-  int post_local_attestation_with_apache(uint32_t own_enclave_id);
+  static int prepare_local_attestation_as_responder_fd_and_msg1(uint32_t own_enclave_id, int port);
+  static int local_attestation_as_responder_msg2_msg3(uint32_t own_enclave_id, int server_fd);
+  static int post_local_attestation_with_verifier(uint32_t own_enclave_id);
+  static int post_local_attestation_with_apache(uint32_t own_enclave_id);
 };