Got code to not crash when running enclave call - edl i/o stuff. ecall doesnt seem to work properly

App/LocalAttestationUntrusted.cpp

@@ -151,8 +151,8 @@ using namespace google::protobuf::io;
 
     input_ciphertext_plus_tag_length = protobuf_msg.msg().length();
     // TODO: MAKE SURE THIS IS NOT 0XFFFFFFFF.
-    input_ciphertext_plus_tag = (uint8_t*) malloc(input_ciphertext_plus_tag_length);
-    output_ciphertext_plus_tag = (uint8_t*) malloc(input_ciphertext_plus_tag_length); //128 = client public key token length?
+    input_ciphertext_plus_tag = (uint8_t*) malloc(1000); //malloc(input_ciphertext_plus_tag_length);
+    output_ciphertext_plus_tag = (uint8_t*) malloc(1000); //malloc(input_ciphertext_plus_tag_length); //128 = client public key token length?
     protobuf_msg_ptr = (uint8_t*) protobuf_msg.msg().c_str();
 
     for(counter=0; counter<input_ciphertext_plus_tag_length; counter++)
@@ -162,19 +162,22 @@ using namespace google::protobuf::io;
     }
     // Just so that the ciphertext - client data - is returned back to Apache in case this function fails.
     // client data is after public key (64 bytes) + signature (64 bytes) = 128 bytes.
-    for(counter=64; counter<input_ciphertext_plus_tag_length; counter++)
-  		output_ciphertext_plus_tag[counter] = input_ciphertext_plus_tag[counter];
-	output_ciphertext_plus_tag_length=input_ciphertext_plus_tag_length;
+    for(counter=0; counter<input_ciphertext_plus_tag_length-64; counter++)
+  		output_ciphertext_plus_tag[counter] = input_ciphertext_plus_tag[counter+64];
+	output_ciphertext_plus_tag_length=input_ciphertext_plus_tag_length - 64;
         protobuf_msg.set_msg((void*)  output_ciphertext_plus_tag, output_ciphertext_plus_tag_length); 
     
     // We assume that the output is not changed unless it is successful throughout.
-    // Return value is not sent back..
-//    Decryptor_process_apache_message_generate_response_wrapper(own_enclave_id, &sgx_ret_status, input_ciphertext_plus_tag, input_ciphertext_plus_tag_length, output_ciphertext_plus_tag, &output_ciphertext_plus_tag_length);
+    Decryptor_process_apache_message_generate_response_wrapper(own_enclave_id, &sgx_ret_status, input_ciphertext_plus_tag, input_ciphertext_plus_tag_length, output_ciphertext_plus_tag, &output_ciphertext_plus_tag_length);
     free(input_ciphertext_plus_tag);
       if(sgx_ret_status!=0)
       {
       	protobuf_msg.set_msg((void*)  output_ciphertext_plus_tag, output_ciphertext_plus_tag_length);
       }
+	printf("Returning this: \n"); 
+	for(counter=0;counter<output_ciphertext_plus_tag_length;counter++)
+		printf("%02x ",output_ciphertext_plus_tag[counter]); 
+	printf("\n"); 
        free(output_ciphertext_plus_tag);
      if(write_protobuf_msg_to_fd(fd, protobuf_msg)!=0)
           return 0xfc;

Decryptor/Decryptor.cpp

@@ -240,9 +240,9 @@
   // EXTERNAL. DONE.
   uint32_t Decryptor::process_apache_message_generate_response(uint8_t* input_ciphertext, uint32_t input_ciphertext_plus_tag_length, uint8_t* output_ciphertext_plus_tag, uint32_t* output_ciphertext_plus_tag_length)
   {
-      uint8_t *first_decryption_output, *plaintext_client_data;
-      uint32_t first_decryption_output_length, plaintext_client_data_length;
-      uint32_t internal_return_status;
+      uint8_t *first_decryption_output, *plaintext_client_data, *final_encryption_output;
+      uint32_t first_decryption_output_length, plaintext_client_data_length, final_encryption_output_length;
+      uint32_t internal_return_status, counter;
       // TODO: May be have temporary variables for input ciphertext as they can't be passed directly to functions?
       first_decryption_output = (uint8_t*) malloc(input_ciphertext_plus_tag_length);
       internal_return_status = symmetricEncryptionBoxApache.encrypt_decrypt(0, input_ciphertext, input_ciphertext_plus_tag_length, first_decryption_output, &first_decryption_output_length);
@@ -261,8 +261,17 @@
         return internal_return_status;
       }
       // then I will encrypt the resulting first_decryption_output to the apache enclave.
-      internal_return_status = symmetricEncryptionBoxApache.encrypt_decrypt(1, plaintext_client_data, plaintext_client_data_length, output_ciphertext_plus_tag, output_ciphertext_plus_tag_length);
+	final_encryption_output = (uint8_t*) malloc(1000); 
+      internal_return_status = symmetricEncryptionBoxApache.encrypt_decrypt(1, plaintext_client_data, plaintext_client_data_length, final_encryption_output, &final_encryption_output_length);
+	if(internal_return_status == 0)
+	{
+		for(counter=0;counter<final_encryption_output_length;counter++)
+			output_ciphertext_plus_tag[counter]=final_encryption_output[counter]; 
+		*output_ciphertext_plus_tag_length=final_encryption_output_length; 
+	}
       free(plaintext_client_data);
+	free(final_encryption_output);
+
         return internal_return_status;
     }
 

Decryptor/Decryptor.edl

@@ -44,7 +44,7 @@ enclave {
       // Apache mrsigner = 32 bytes + tag on encryption = 16 bytes.
       // public uint32_t decrypt_verifiers_message_set_apache_mrsigner_wrapper([in, size=48] uint8_t* ciphertext_plus_tag);
       // NEED AT LEAST: 64 bytes for public key of client, plus 64 bytes of signature over it, plus 16 bytes of tag over any encryption = 144 bytes. Msg length = 144 bytes + Length of form field
-      public uint32_t process_apache_message_generate_response_wrapper([in, size=256] uint8_t* input_ciphertext, uint32_t input_ciphertext_plus_tag_length, [out, size=256] uint8_t* output_ciphertext, [out,size=4] uint32_t* output_ciphertext_plus_tag_length);
+      public uint32_t process_apache_message_generate_response_wrapper([in, size=1000] uint8_t* input_ciphertext, uint32_t input_ciphertext_plus_tag_length, [out, size=1000] uint8_t* output_ciphertext, [out,size=4] uint32_t* output_ciphertext_plus_tag_length);
       public uint32_t process_verifiers_message_wrapper([in, size=48] uint8_t* input_ciphertext);
       public        void get_verifier_mrenclave_apache_mrsigner_wrapper([out, size=64] uint8_t* output);
 	public void get_short_term_public_key_wrapper([out, size=64] uint8_t* output);