|
@@ -28,22 +28,6 @@
|
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.challa
|
|
|
*
|
|
|
*/
|
|
|
-/*
|
|
|
-#define SGX_DH_MAC_SIZE 16
|
|
|
-#define SGX_TARGET_INFO_RESERVED1_BYTES 4
|
|
|
-#define SGX_TARGET_INFO_RESERVED2_BYTES 456
|
|
|
-#define SGX_ECP256_KEY_SIZE 32
|
|
|
-#define SGX_CPUSVN_SIZE 16
|
|
|
-#define SGX_REPORT_DATA_SIZE 64
|
|
|
-#define SGX_MAC_SIZE 16 // Message Authentication Code - 16 bytes
|
|
|
-#define SGX_KEYID_SIZE 32
|
|
|
-#define SGX_HASH_SIZE 32 // SHA256
|
|
|
-
|
|
|
-#define SGX_REPORT_BODY_RESERVED1 28
|
|
|
-#define SGX_REPORT_BODY_RESERVED2 32
|
|
|
-#define SGX_REPORT_BODY_RESERVED3 96
|
|
|
-#define SGX_REPORT_BODY_RESERVED4 60
|
|
|
-*/
|
|
|
// App.cpp : Defines the entry point for the console application.
|
|
|
#include <stdio.h>
|
|
|
#include <map>
|
|
@@ -62,15 +46,7 @@
|
|
|
#include <fcntl.h>
|
|
|
#include <sys/types.h>
|
|
|
#include <sys/stat.h>
|
|
|
-/*
|
|
|
-// For google proto buffers
|
|
|
-#include "dhmsgs.pb.h"
|
|
|
-#include <inttypes.h>
|
|
|
-#include <google/protobuf/io/coded_stream.h>
|
|
|
-#include <google/protobuf/io/zero_copy_stream_impl.h>
|
|
|
-#include "SgxProtobufLATransforms_initiator.h"
|
|
|
-using namespace google::protobuf::io;
|
|
|
-*/
|
|
|
+
|
|
|
#include "systemLA.h"
|
|
|
|
|
|
//#define UNUSED(val) (void)(val)
|
|
@@ -254,76 +230,12 @@ int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
|
|
|
close(sealed_signing_key_fd);
|
|
|
|
|
|
// LA with the verifier
|
|
|
- ret_status=local_attestation_initiator(3825, e2_enclave_id);
|
|
|
+ ret_status=local_attestation_initiator(3825, e2_enclave_id, &pub_key);
|
|
|
if(ret_status!=0)
|
|
|
{
|
|
|
printf("local attestation - with the verifier - did not successfully return: %x\n", ret_status); fflush(stdout); sgx_destroy_enclave(e2_enclave_id);
|
|
|
return 0xFFFFFFFF;
|
|
|
}
|
|
|
-/* uint8_t ciphertext[32]; uint8_t plaintext[32];
|
|
|
-Decryptor_test_encrypt_decrypt(e2_enclave_id, &ret_status, ciphertext, plaintext);
|
|
|
-if(ret_status!=0)
|
|
|
- {
|
|
|
- printf("encryption/decryption failed\n"); fflush(stdout); sgx_destroy_enclave(e2_enclave_id);
|
|
|
- return 0xFFFFFFFF;
|
|
|
- }
|
|
|
-else {
|
|
|
- printf("received ciphertext: \n"); fflush(stdout);
|
|
|
- uint32_t count;
|
|
|
- for(count=0;count<32;count++)
|
|
|
- printf("0x%x ",ciphertext[count]);
|
|
|
- printf("\n"); fflush(stdout);
|
|
|
- printf("received plaintext: \n"); fflush(stdout);
|
|
|
- for(count=0;count<32;count++)
|
|
|
- printf("0x%x ",plaintext[count]);
|
|
|
- printf("\n"); fflush(stdout);
|
|
|
-}
|
|
|
-*/
|
|
|
-/*
|
|
|
- uint32_t plaintext_length=32;
|
|
|
- uint8_t plaintext[32]={0x42}; uint8_t ciphertext[48]={0}; uint8_t payload_tag[16]={0}; uint32_t active_counter;
|
|
|
- uint32_t count;
|
|
|
- //Allocate memory for the AES-GCM request message
|
|
|
- secure_message_t* req_message = (secure_message_t*)malloc(sizeof(secure_message_t)+ plaintext_length); // WTF is this even - what happens to padding?
|
|
|
- memset(req_message,0,sizeof(secure_message_t)+ plaintext_length);
|
|
|
- req_message->message_aes_gcm_data.payload_size = plaintext_length;
|
|
|
-
|
|
|
- Decryptor_encrypt(e2_enclave_id, &ret_status, &plaintext[0], plaintext_length, payload_tag, &ciphertext[0], &active_counter);
|
|
|
- if(ret_status!=0)
|
|
|
- {
|
|
|
- printf("error in encryption: 0x%x\n", ret_status); fflush(stdout); sgx_destroy_enclave(e2_enclave_id);
|
|
|
- return 0xFFFFFFFF;
|
|
|
- }
|
|
|
- printf("Successful encryption\n"); fflush(stdout);
|
|
|
- printf("Plaintext: \n"); fflush(stdout);
|
|
|
- for(count=0;count<32; count++)
|
|
|
- printf("0x%02x ", plaintext[count]);
|
|
|
- printf("\n");fflush(stdout);
|
|
|
-
|
|
|
- printf("Counter: 0x%x\n", ret_status);
|
|
|
- printf("Payload Tag: \n");
|
|
|
- for(count=0;count<16; count++)
|
|
|
- printf("0x%02x ", payload_tag[count]);
|
|
|
- printf("\n");fflush(stdout);
|
|
|
-
|
|
|
-
|
|
|
- for(count=0;count<48; count++)
|
|
|
- printf("0x%02x ", ciphertext[count]);
|
|
|
- printf("\n");fflush(stdout);
|
|
|
- uint8_t expected_plaintext[32];
|
|
|
- Decryptor_decrypt(e2_enclave_id, &ret_status, ciphertext, 48, payload_tag, expected_plaintext, plaintext_length);
|
|
|
- if(ret_status == 0)
|
|
|
- {
|
|
|
- printf("Successful decryption\n"); fflush(stdout);
|
|
|
- for(count=0;count<32; count++)
|
|
|
- printf("0x%02x ", expected_plaintext[count]);
|
|
|
- printf("\n");fflush(stdout);
|
|
|
- printf("Expected payload :\n");
|
|
|
- for(count=0;count<16;count++)
|
|
|
- printf("0x%02x ", payload_tag[count]);
|
|
|
- printf("\n"); fflush(stdout);
|
|
|
- }
|
|
|
- printf("Decryption return code:0x%x\n", ret_status);*/
|
|
|
/*
|
|
|
// LA with the apache - currently set to return failure - should change it to success when the code to send the mrsigner from the verifier to the decryptor is added- TODO: <--- that
|
|
|
ret_status=local_attestation_initiator(3826, e2_enclave_id); // TODO: Change port or sth
|
|
@@ -333,29 +245,6 @@ else {
|
|
|
return 0xFFFFFFFF;
|
|
|
|
|
|
}*/
|
|
|
- /*
|
|
|
- sgx_ec256_public_t short_term_pub_key;
|
|
|
- sgx_ec256_signature_t generated_signature;
|
|
|
- Decryptor_create_and_sign_client_side_pub_key(e2_enclave_id, &ret_status,&short_term_pub_key, &generated_signature);
|
|
|
-if(ret_status != SGX_SUCCESS)
|
|
|
-{
|
|
|
- printf("Could not generate or sign another keypair for client-side, error:%x.\n", ret_status); fflush(stdout);
|
|
|
- return 0xFFFFFFFF;
|
|
|
-}
|
|
|
-printf("Generated signature and pub key.\n");fflush(stdout);
|
|
|
-for(counter=0; counter<SGX_ECP256_KEY_SIZE; counter++)
|
|
|
- printf("0x%x ", short_term_pub_key.gx[counter]); printf("\n"); fflush(stdout);
|
|
|
- for(counter=0;counter<SGX_NISTP_ECP256_KEY_SIZE ; counter++)
|
|
|
- {
|
|
|
- printf("0x%x", generated_signature.x[counter]);
|
|
|
- printf("0x%x", generated_signature.y[counter]);
|
|
|
- }
|
|
|
-printf("\n"); fflush(stdout);
|
|
|
-
|
|
|
-*/
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
// TODO: Continue with other msgs - send sign(enc | verifier mr_enclave)
|
|
|
sgx_destroy_enclave(e2_enclave_id);
|
|
|
|