|
@@ -44,11 +44,24 @@
|
|
|
#include "LocalAttestationCode_t.h"
|
|
|
#include "sgx_tseal.h"
|
|
|
|
|
|
+//extern dh_session_t global_session_info;
|
|
|
+uint8_t apache_iv[12] = {0,0,0,0, 0,0,0,0, 0,0,0,0};
|
|
|
+uint8_t client_iv[12] = {0,0,0,0, 0,0,0,0, 0,0,0,0};
|
|
|
+uint8_t verifier_iv[12] = {0,0,0,0, 0,0,0,0, 0,0,0,0};
|
|
|
+extern uint8_t apache_key[16];
|
|
|
+extern uint8_t verifier_key[16];
|
|
|
+
|
|
|
+
|
|
|
+//uint32_t client_iv=0;
|
|
|
+
|
|
|
// internal-internal
|
|
|
uint32_t create_ec_key_pair(sgx_ec256_public_t* pub_key, sgx_ec256_private_t* priv_key);
|
|
|
void serialize_key_pair_to_string( sgx_ec256_public_t* pub_key, sgx_ec256_private_t* signing_priv_key, uint8_t* private_public_key_string);
|
|
|
void deserialize_string_to_key_pair(uint8_t* private_public_key_string, sgx_ec256_public_t* pub_key, sgx_ec256_private_t* priv_key);
|
|
|
-uint32_t create_mitigator_header_value(uint8_t* signature_data, uint8_t* signature);
|
|
|
+uint32_t create_mitigator_header_value(__attribute__((unused)) uint8_t* signature_data, __attribute__((unused)) uint8_t* signature, __attribute__((unused)) uint8_t* private_key, __attribute__((unused)) sgx_ec256_signature_t* sig2);
|
|
|
+uint32_t aes_gcm_internal_call(uint8_t* ip_ciphertext, uint32_t ip_ciphertext_len, uint8_t* ip_key, uint8_t* ip_iv, uint8_t* tag, uint8_t* op_plaintext, uint32_t enc);
|
|
|
+void memcpy_equivalent_copy(uint8_t* dest, uint8_t* src, uint32_t length);
|
|
|
+
|
|
|
uint32_t verify_mitigator_header_value(uint8_t* signature_data, uint8_t* signature, sgx_ec256_public_t* pub_key);
|
|
|
|
|
|
uint32_t calculate_sealed_data_size( uint32_t input_size) ;
|
|
@@ -56,14 +69,13 @@ uint32_t create_and_seal_ecdsa_signing_key_pair(__attribute__((unused)) sgx_ec
|
|
|
uint32_t unseal_and_restore_sealed_signing_key_pair(__attribute__((unused)) sgx_ec256_public_t* pub_key, uint8_t* sealed_data, size_t* sgx_sealed_data_length);
|
|
|
|
|
|
uint32_t decrypt_verifiers_message_set_apache_mrsigner(uint8_t* ciphertext, uint8_t* tag);
|
|
|
-//uint32_t create_and_encrypt_mitigator_header_value(uint8_t* signature_data, uint8_t* signature, uint8_t* tag);
|
|
|
-uint32_t create_and_encrypt_mitigator_header_value(uint8_t* plaintext_sign_data_and_sign, uint8_t* encrypted_sign_data_and_sign, uint8_t* tag, sgx_ec256_public_t* pub_key);
|
|
|
+uint32_t create_and_encrypt_mitigator_header_value(uint8_t* plaintext_sign_data_and_sign, uint8_t* encrypted_sign_data_and_sign, uint8_t* tag, uint8_t* signing_private_key, __attribute__((unused)) sgx_ec256_signature_t* sig2);
|
|
|
|
|
|
|
|
|
uint32_t one_la_done=0;
|
|
|
static sgx_ec256_public_t short_term_pub_key;
|
|
|
static sgx_ec256_private_t short_term_priv_key;
|
|
|
-sgx_ec256_signature_t generated_signature; // TODO: remove
|
|
|
+//sgx_ec256_signature_t generated_signature; // TODO: remove
|
|
|
sgx_measurement_t apache_mr_signer; // TODO: remove
|
|
|
sgx_measurement_t verifier_mr_enclave; // TODO: remove
|
|
|
static sgx_ec256_private_t signing_priv_key;
|
|
@@ -77,8 +89,12 @@ extern "C" uint32_t verify_peer_enclave_trust(__attribute__((unused)) sgx_dh_se
|
|
|
}
|
|
|
if(one_la_done==0)
|
|
|
{
|
|
|
- for(count=0; count<SGX_HASH_SIZE; count++)
|
|
|
- verifier_mr_enclave.m[count]=peer_enclave_identity->mr_enclave.m[count];
|
|
|
+// return 0x55;
|
|
|
+ //sgx_measurement_t local_mr_enclave;
|
|
|
+ verifier_mr_enclave = peer_enclave_identity->mr_enclave;
|
|
|
+// memset(&(verifier_mr_enclave.m),0x0, SGX_HASH_SIZE) ;
|
|
|
+// for(count=0; count<SGX_HASH_SIZE; count++)
|
|
|
+// (&verifier_mr_enclave)->m[count]=0x55;//peer_enclave_identity->mr_enclave.m[count];
|
|
|
memset(&(apache_mr_signer.m),0x0,SGX_HASH_SIZE); // "initialization"
|
|
|
one_la_done=1;
|
|
|
|
|
@@ -98,33 +114,50 @@ extern "C" uint32_t verify_peer_enclave_trust(__attribute__((unused)) sgx_dh_se
|
|
|
return SGX_SUCCESS;
|
|
|
}
|
|
|
|
|
|
+// increments last 4 bytes (in big-endian order)
|
|
|
+uint32_t aes_gcm_increment_iv_internal_call(uint8_t* iv)
|
|
|
+{
|
|
|
+ uint32_t counter;
|
|
|
+ for(counter=11;counter>7;counter--)
|
|
|
+ {
|
|
|
+ if(iv[counter] == 0xff)
|
|
|
+ {
|
|
|
+ if(counter - 1 == 7)
|
|
|
+ return 0xff;
|
|
|
+ iv[counter-1] = 0x01;
|
|
|
+ iv[counter] = 0x0;
|
|
|
+ }
|
|
|
+ else
|
|
|
+ iv[counter] += 1;
|
|
|
+ }
|
|
|
+ return 0;
|
|
|
+}
|
|
|
+
|
|
|
+// TODO: change global_session_info to two different dh_sessions
|
|
|
// This needs to be called after the first local attestation is successful - otherwise, the internal apache_mr_signer.m will not be set properly for the comparison of the mrsigner for the 2nd LA in verify_peer_enclave_trust.
|
|
|
// (I.e. if it is not called then DoS
|
|
|
uint32_t decrypt_verifiers_message_set_apache_mrsigner(uint8_t* ciphertext, uint8_t* tag)
|
|
|
{
|
|
|
-return decrypt(ciphertext, 32, tag, (uint8_t*) &(apache_mr_signer.m));
|
|
|
-// if(mrsigner_decryption_successful !=0)
|
|
|
-// return mrsigner_decryption_successful;
|
|
|
+ uint32_t internal_ret_status= aes_gcm_internal_call(ciphertext, 32, verifier_key, verifier_iv , tag, (uint8_t*) &(apache_mr_signer.m), 0);
|
|
|
+ return internal_ret_status;
|
|
|
}
|
|
|
|
|
|
// signature_data - 96 bytes, encrypted_signature assumed to be at least 64 bytes, tag - at least 16 bytes
|
|
|
-uint32_t create_and_encrypt_mitigator_header_value(uint8_t* plaintext_sign_data_and_sign, uint8_t* encrypted_sign_data_and_sign, uint8_t* tag)
|
|
|
+uint32_t create_and_encrypt_mitigator_header_value(uint8_t* plaintext_sign_data_and_sign, uint8_t* encrypted_sign_data_and_sign, uint8_t* tag, uint8_t* signing_private_key, __attribute__((unused)) sgx_ec256_signature_t* sig2)
|
|
|
+
|
|
|
{
|
|
|
uint32_t count;
|
|
|
uint8_t sign_data_and_sign[160];
|
|
|
- uint32_t ret_status=create_mitigator_header_value(sign_data_and_sign, sign_data_and_sign+96);
|
|
|
+ uint32_t ret_status=create_mitigator_header_value(sign_data_and_sign, sign_data_and_sign+96, signing_private_key, sig2);
|
|
|
if(ret_status != SGX_SUCCESS)
|
|
|
- {
|
|
|
- // printf("Could not generate or sign another keypair for client-side, error:%x.\n", ret_status); fflush(stdout);
|
|
|
- return 0xFFFFFFDD;
|
|
|
- }
|
|
|
-// ret_status=verify_mitigator_header_value(sign_data_and_sign, sign_data_and_sign+96, pub_key);
|
|
|
-// if(ret_status !=0)
|
|
|
-// return ret_status;
|
|
|
+ return 0xFFFFFFDD;
|
|
|
+ // TODO: Remove - just for troubleshooting
|
|
|
for(count=0; count<160; count++)
|
|
|
*(plaintext_sign_data_and_sign+count)=sign_data_and_sign[count];
|
|
|
|
|
|
- ret_status = encrypt_internal(sign_data_and_sign, 160, tag, encrypted_sign_data_and_sign);
|
|
|
+ ret_status = aes_gcm_internal_call(sign_data_and_sign, 160, apache_key, apache_iv, tag, encrypted_sign_data_and_sign, 1);
|
|
|
+// ret_status = encrypt_internal(sign_data_and_sign, 160, tag, encrypted_sign_data_and_sign);
|
|
|
+ aes_gcm_increment_iv_internal_call(apache_iv);
|
|
|
return ret_status;
|
|
|
}
|
|
|
|
|
@@ -227,13 +260,6 @@ uint32_t create_and_seal_ecdsa_signing_key_pair(__attribute__((unused)) sgx_ec
|
|
|
return ret_status; // SGX_SUCCESS;
|
|
|
}
|
|
|
|
|
|
-/*
|
|
|
-uint32_t unseal_and_restore_sealed_signing_key_pair(__attribute__((unused)) sgx_ec256_public_t* pub_key, __attribute__((unused)) uint8_t* sealed_data, __attribute__((unused)) uint32_t* sgx_sealed_data_length)
|
|
|
-{
|
|
|
- return SGX_SUCCESS;
|
|
|
-
|
|
|
-}*/
|
|
|
-
|
|
|
uint32_t unseal_and_restore_sealed_signing_key_pair(__attribute__((unused)) sgx_ec256_public_t* pub_key, uint8_t* sealed_data, size_t* sgx_sealed_data_length)
|
|
|
{
|
|
|
uint32_t expected_plaintext_msg_length; uint8_t* temp_plaintext; uint32_t counter; uint32_t ret_status;
|
|
@@ -241,7 +267,6 @@ uint32_t unseal_and_restore_sealed_signing_key_pair(__attribute__((unused)) sgx_
|
|
|
if(expected_plaintext_msg_length == 0xffffffff)
|
|
|
return 0xFFFFFFFF;
|
|
|
|
|
|
-// uint32_t return_status;
|
|
|
uint8_t* sealed_data2 = (uint8_t*) malloc(*sgx_sealed_data_length);
|
|
|
for(counter=0;counter<*sgx_sealed_data_length;counter++)
|
|
|
{
|
|
@@ -253,36 +278,14 @@ uint32_t unseal_and_restore_sealed_signing_key_pair(__attribute__((unused)) sgx_
|
|
|
if(ret_status != SGX_SUCCESS)
|
|
|
{
|
|
|
free(temp_plaintext);free(sealed_data2);
|
|
|
- switch(ret_status)
|
|
|
- {
|
|
|
- case SGX_ERROR_MAC_MISMATCH:
|
|
|
- // MAC of the sealed data is incorrect. The sealed data has been tampered.
|
|
|
- break;
|
|
|
- case SGX_ERROR_INVALID_ATTRIBUTE:
|
|
|
- // Indicates attribute field of the sealed data is incorrect.
|
|
|
- break;
|
|
|
- case SGX_ERROR_INVALID_ISVSVN:
|
|
|
- // Indicates isv_svn field of the sealed data is greater than the enclave�s ISVSVN. This is a downgraded enclave.
|
|
|
- break;
|
|
|
- case SGX_ERROR_INVALID_CPUSVN:
|
|
|
- // Indicates cpu_svn field of the sealed data is greater than the platform�s cpu_svn. enclave is on a downgraded platform.
|
|
|
- break;
|
|
|
- case SGX_ERROR_INVALID_KEYNAME:
|
|
|
- // Indicates key_name field of the sealed data is incorrect.
|
|
|
- break;
|
|
|
- default:
|
|
|
- // other errors
|
|
|
- break;
|
|
|
- }
|
|
|
return ret_status;
|
|
|
}
|
|
|
-
|
|
|
deserialize_string_to_key_pair(temp_plaintext, pub_key, &signing_priv_key);
|
|
|
free(temp_plaintext); free(sealed_data2);
|
|
|
return SGX_SUCCESS;
|
|
|
}
|
|
|
|
|
|
-uint32_t create_mitigator_header_value(__attribute__((unused)) uint8_t* signature_data, __attribute__((unused)) uint8_t* signature)
|
|
|
+uint32_t create_mitigator_header_value(__attribute__((unused)) uint8_t* signature_data, __attribute__((unused)) uint8_t* signature, __attribute__((unused)) uint8_t* private_key, __attribute__((unused)) sgx_ec256_signature_t* sig2)
|
|
|
{
|
|
|
// Otherwise: DoS or possible bypass (fake verifier does LA but real verifier mrenclave is given out by decryptor) - signature with junk verifier mrenclave or whatever is in the memory.
|
|
|
if(one_la_done < 1)
|
|
@@ -299,18 +302,26 @@ uint32_t create_mitigator_header_value(__attribute__((unused)) uint8_t* signatur
|
|
|
// uint8_t* public_key_string = (uint8_t*) malloc(3*SGX_ECP256_KEY_SIZE); // for .edl file - size parameter for serialize is 96 and this fits coz we need to append the mr_enclave to the pub key
|
|
|
serialize_key_pair_to_string(&short_term_pub_key, NULL, signature_data);
|
|
|
for(counter=32*2; counter<32*3; counter++) // appending mr_enclave
|
|
|
- *(signature_data+counter)=0x55;//verifier_mr_enclave.m[counter]; TODO: uncomment verifier_mrenclave
|
|
|
+ *(signature_data+counter)=0x55;//verifier_mr_enclave.m[counter]; // TODO: uncomment verifier_mrenclave
|
|
|
+// for(counter=0;counter<32*3;counter++) // TODO: REmove - for checking against js library only
|
|
|
+// *(signature_data+counter)=0x55;
|
|
|
// retrieve long-term private key from global variable - apparently, need to create a local copy or it crashes
|
|
|
sgx_ec256_private_t long_term_priv_key;
|
|
|
for(counter=0; counter<SGX_ECP256_KEY_SIZE; counter++)
|
|
|
long_term_priv_key.r[counter] = signing_priv_key.r[counter];
|
|
|
// sign public key with long-term private key
|
|
|
sgx_ec256_signature_t local_signature; sgx_ecc_state_handle_t ecc_handle;
|
|
|
+
|
|
|
+ for(counter=0;counter<32;counter++)
|
|
|
+ *(private_key+counter)=short_term_priv_key.r[counter];
|
|
|
+// uint8_t signature_data2[96];
|
|
|
+// for(counter=0;counter<96;counter++)
|
|
|
+// signature_data2[counter]=0x55;
|
|
|
//// opening context for signature
|
|
|
ret_status = sgx_ecc256_open_context(&ecc_handle);
|
|
|
if(ret_status != SGX_SUCCESS)
|
|
|
return ret_status;
|
|
|
- ret_status = sgx_ecdsa_sign(signature_data,3*SGX_ECP256_KEY_SIZE, &long_term_priv_key, &local_signature, ecc_handle);
|
|
|
+ ret_status = sgx_ecdsa_sign(signature_data, 96, &long_term_priv_key, &local_signature, ecc_handle);
|
|
|
ret_status2 = sgx_ecc256_close_context(ecc_handle);
|
|
|
// free(public_key_string);
|
|
|
if(ret_status == SGX_SUCCESS)
|
|
@@ -318,10 +329,15 @@ uint32_t create_mitigator_header_value(__attribute__((unused)) uint8_t* signatur
|
|
|
uint8_t *current_sig_byte = (uint8_t*)(&(local_signature.x));
|
|
|
uint32_t ecdsa_sig_count;
|
|
|
for(ecdsa_sig_count=0;ecdsa_sig_count<32;ecdsa_sig_count++)
|
|
|
- signature[ecdsa_sig_count]=*(current_sig_byte+ecdsa_sig_count);
|
|
|
+ signature[31-ecdsa_sig_count]=*(current_sig_byte+ecdsa_sig_count);
|
|
|
current_sig_byte = (uint8_t*)(&(local_signature.y));
|
|
|
for(ecdsa_sig_count=0;ecdsa_sig_count<32;ecdsa_sig_count++)
|
|
|
- signature[ecdsa_sig_count+32]=*(current_sig_byte+ecdsa_sig_count);
|
|
|
+ signature[63-ecdsa_sig_count]=*(current_sig_byte+ecdsa_sig_count);
|
|
|
+ for(ecdsa_sig_count=0;ecdsa_sig_count<8;ecdsa_sig_count++)
|
|
|
+ sig2->x[ecdsa_sig_count]=local_signature.x[ecdsa_sig_count];
|
|
|
+ for(ecdsa_sig_count=0;ecdsa_sig_count<8;ecdsa_sig_count++)
|
|
|
+ sig2->y[ecdsa_sig_count]=local_signature.y[ecdsa_sig_count];
|
|
|
+
|
|
|
}
|
|
|
if(ret_status != SGX_SUCCESS || ret_status2 != SGX_SUCCESS)
|
|
|
return 0xFFFFFFFF;
|
|
@@ -373,3 +389,55 @@ uint32_t calculate_sealed_data_size( uint32_t input_size)
|
|
|
|
|
|
}
|
|
|
|
|
|
+
|
|
|
+// ip_key will always be within the enclave.
|
|
|
+// enc = 1 for encryption and 0 for decryption, like openssl api
|
|
|
+uint32_t aes_gcm_internal_call(uint8_t* ip_ciphertext, uint32_t ip_ciphertext_len, uint8_t* ip_key, uint8_t* ip_iv, uint8_t* tag, uint8_t* op_plaintext, uint32_t enc)
|
|
|
+{
|
|
|
+ uint32_t counter;
|
|
|
+ if(ip_ciphertext == NULL)
|
|
|
+ return 0x33;
|
|
|
+ if(tag == NULL)
|
|
|
+ return 0x34;
|
|
|
+ if(op_plaintext == NULL)
|
|
|
+ return 0x36;
|
|
|
+ if(ip_key == NULL)
|
|
|
+ return 0x35;
|
|
|
+ if(ip_iv == NULL)
|
|
|
+ return 0x37;
|
|
|
+
|
|
|
+ uint8_t* ip_ciphertext_in_enclave = (uint8_t*) malloc(ip_ciphertext_len);
|
|
|
+ memcpy_equivalent_copy(ip_ciphertext_in_enclave, ip_ciphertext, ip_ciphertext_len);
|
|
|
+
|
|
|
+ uint8_t tag_in_enclave [16];
|
|
|
+ if(!enc)
|
|
|
+ memcpy_equivalent_copy(tag_in_enclave, tag, 16);
|
|
|
+
|
|
|
+ uint8_t* op_plaintext_in_enclave = (uint8_t*) malloc(ip_ciphertext_len);
|
|
|
+ uint32_t internal_ret_status;
|
|
|
+ if(enc)
|
|
|
+ internal_ret_status = sgx_rijndael128GCM_encrypt((sgx_key_128bit_t*) ip_key, ip_ciphertext_in_enclave, ip_ciphertext_len, op_plaintext_in_enclave, ip_iv, 0xc, NULL, 0, (sgx_aes_gcm_128bit_tag_t*)tag_in_enclave);
|
|
|
+ else
|
|
|
+ internal_ret_status = sgx_rijndael128GCM_decrypt((sgx_key_128bit_t*) ip_key, ip_ciphertext_in_enclave, ip_ciphertext_len, op_plaintext_in_enclave, ip_iv, 0xc, NULL, 0, (sgx_aes_gcm_128bit_tag_t*)tag_in_enclave);
|
|
|
+
|
|
|
+ if(internal_ret_status == 0)
|
|
|
+ {
|
|
|
+ memcpy_equivalent_copy(op_plaintext, op_plaintext_in_enclave, ip_ciphertext_len);
|
|
|
+ if(enc)
|
|
|
+ memcpy_equivalent_copy(tag, tag_in_enclave, 16);
|
|
|
+ }
|
|
|
+
|
|
|
+ free(ip_ciphertext_in_enclave); free(op_plaintext_in_enclave);
|
|
|
+
|
|
|
+ return internal_ret_status;
|
|
|
+}
|
|
|
+
|
|
|
+void memcpy_equivalent_copy(uint8_t* dest, uint8_t* src, uint32_t length)
|
|
|
+{
|
|
|
+ uint32_t counter;
|
|
|
+ for(counter=0; counter<length; counter++)
|
|
|
+ *(dest + counter) = *(src + counter);
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
+
|