Removed repeated code

LocalAttestationCode/EnclaveMessageExchange.cpp

@@ -194,312 +194,6 @@ ATTESTATION_STATUS exchange_report(
 
     return status;
 }
-/*
-ATTESTATION_STATUS encrypt(__attribute__((unused)) uint8_t *plaintext, __attribute__((unused)) size_t plaintext_length, __attribute__((unused)) uint8_t* payload_tag, __attribute__((unused)) uint8_t* ciphertext, __attribute__((unused)) uint32_t* active_counter)
-{
-//	return 0;
-
-    sgx_status_t status; 
-    if(plaintext == NULL)
-    {
-        return INVALID_PARAMETER_ERROR;
-    }
-    //Check if the nonce for the session has not exceeded 2^32-2 if so end session and start a new session
-    if(global_session_info.active.counter == ((uint32_t) - 2))
-    {	return 0xFF; // TODO: DO something here. 
-//        close_session(src_enclave_id);
-//        create_session(src_enclave_id, session_info);
-    }
-//return plaintext_length ; 
-    uint32_t count;
-    uint8_t* temp_plaintext = (uint8_t*) malloc(plaintext_length); 
-    for(count=0; count<plaintext_length; count++)
-	*(temp_plaintext+count)=*(plaintext+count); 
-
-    secure_message_t* temp_req_message = (secure_message_t*)malloc(sizeof(secure_message_t)+ plaintext_length); // WTF is this even - what happens to padding? 
-    memset(temp_req_message,0,sizeof(secure_message_t)+ plaintext_length);
-
-    //Use the session nonce as the payload IV
-//    memcpy(req_message->message_aes_gcm_data.reserved,&global_session_info.active.counter,sizeof(global_session_info.active.counter));
-//	*active_counter=global_session_info.active.counter;
-    memcpy(temp_req_message->message_aes_gcm_data.reserved,&global_session_info.active.counter,sizeof(global_session_info.active.counter));
-
-    //Set the session ID of the message to the current session id
-//    req_message->session_id = global_session_info.session_id;
-
-    uint32_t temp_plaintext_length = plaintext_length;
-	uint8_t* shared_key = (uint8_t*)malloc(16); // 128 bit aes key
-	for(count=0;count<16;count++)
-		*(shared_key+count)=global_session_info.active.AEK[count]; 
-//     return 0; 
-    //Prepare the request message with the encrypted payload
-    status = 
-sgx_rijndael128GCM_encrypt((sgx_key_128bit_t*)shared_key, temp_plaintext, temp_plaintext_length,
-                reinterpret_cast<uint8_t *>(&(temp_req_message->message_aes_gcm_data.payload)),
-                reinterpret_cast<uint8_t *>(&(temp_req_message->message_aes_gcm_data.reserved)),
-                0xc, NULL, 0, 
-                &(temp_req_message->message_aes_gcm_data.payload_tag));
-
-    for(count=0;count<48;count++)
-	*(ciphertext+count) = temp_req_message->message_aes_gcm_data.payload[count];
-
-    // tag length is 16 as per sgx_tseal.h 
-    for(count=0;count<16;count++)
-        *(payload_tag+count) = temp_req_message->message_aes_gcm_data.payload_tag[count];
-
-	// TODO: Should this depend on whether the call has been successful or not? 
-        //Update the value of the session nonce in the source enclave
-//	global_session_info.active.counter +=1; // TODO: Activate this again. 
-
-free(shared_key); free(temp_plaintext); free(temp_req_message); 
-    return status;
-//return global_session_info.active.counter-1; 
-
-}
-
-uint32_t decrypt(__attribute__((unused)) uint8_t* ciphertext, __attribute__((unused)) size_t ciphertext_length, __attribute__((unused)) uint8_t* payload_tag,  __attribute__((unused)) uint8_t* plaintext, __attribute__((unused)) size_t plaintext_length)
-{
-        uint32_t count; sgx_status_t status;
-        uint8_t* shared_key = (uint8_t*)malloc(16); // 128 bit aes key
-    secure_message_t* temp_req_message = (secure_message_t*)malloc(sizeof(secure_message_t)+ plaintext_length); // WTF is this even - what happens to padding? 
-    memset(temp_req_message,0,sizeof(secure_message_t)+ plaintext_length);
-
-
-
-        for(count=0;count<16;count++)
-                *(shared_key+count)=global_session_info.active.AEK[count]; 
-
-	uint8_t* temp_ciphertext = (uint8_t*) malloc(ciphertext_length); 
-    for(count=0; count<ciphertext_length; count++)
-        *(temp_ciphertext+count)=*(ciphertext+count); 
-
-	uint8_t* temp_plaintext = (uint8_t*) malloc(plaintext_length); 
-	memset(temp_plaintext, 0, plaintext_length); 
-
-
-//	uint8_t temp_payload_tag[16];// = (uint8_t*) malloc(16); 
-//	for(count=0; count<16; count++)
-//		*(temp_payload_tag+count)=*(payload_tag+count); 
-
-//	const uint8_t expected_payload_tag[16]; // = (uint8_t*) malloc(16); 
-	uint8_t* iv = (uint8_t*) malloc(12); 
-	memset(iv, 0, 12); 
-	memcpy(iv, &global_session_info.active.counter, sizeof(uint32_t));
-
-    //Decrypt the response message payload
-//    status = sgx_rijndael128GCM_decrypt(&global_session_info.active.AEK, resp_message->message_aes_gcm_data.payload, resp_message->message_aes_gcm_data.payload_size, pl$reinterpret_cast<uint8_t *>(&(resp_message->message_aes_gcm_data.reserved)), sizeof(resp_message->message_aes_gcm_data.reserved), NULL, 0, &resp_message$
-status = sgx_rijndael128GCM_decrypt((sgx_key_128bit_t*)  shared_key, temp_ciphertext, ciphertext_length, 
-temp_plaintext, iv, 0xc, NULL, 0, &(temp_req_message->message_aes_gcm_data.payload_tag));
-	for(count=0;count<16; count++) 
-	{
-//		if(temp_req_message->message_aes_gcm_data.payload_tag[count] != *(payload_tag+count))
-//			return 0x2;
-		*(payload_tag+count)=temp_req_message->message_aes_gcm_data.payload_tag[count]; 
-	}
- 
-//	for(count=0; count<plaintext_length; count++)
-//		*(plaintext+count)=*(temp_plaintext+count); 
-//
-	free(shared_key); free(temp_ciphertext); free(temp_plaintext); // free(temp_payload_tag); 
-       return status;
-
-
- return 0;
-}
-*/
-
-/*
-uint32_t create_ecdsa_key_pair(sgx_ec256_public_t* pub_key, sgx_ec256_private_t* priv_key)
-{
-  sgx_status_t se_ret; sgx_status_t se_ret2;
-  //create ECC context
-  ecc_state = NULL;
-  se_ret = sgx_ecc256_open_context(&ecc_state);
-  if(SGX_SUCCESS != se_ret)
-    return se_ret;
-
-  // generate private key and public key
-  se_ret = sgx_ecc256_create_key_pair(priv_key, pub_key, ecc_state);
-  se_ret2 = sgx_ecc256_close_context(ecc_state);
-
-  if(SGX_SUCCESS != se_ret || se_ret2!= SGX_SUCCESS) // something weird has happened - couldn't shut it down.
-    return 0xFFFFFFFF;
-  return SGX_SUCCESS;
-}
-
-// todo: set to private
-// todo: assumes that the length of the keystring is at least 3*SGX_ECP256_KEY_SIZE
-void serialize_key_pair_to_string(sgx_ec256_public_t* pub_key, sgx_ec256_private_t* signing_priv_key, uint8_t* private_public_key_string)
-{
-  if(private_public_key_string != NULL)  // nowhere to serialize to
-  {
-     uint32_t counter;
-     if(pub_key != NULL)  // public key to serialize
-     {
-        for(counter=0;counter<SGX_ECP256_KEY_SIZE; counter++)
-          *(private_public_key_string+counter)=pub_key->gx[counter];
-
-        for(counter=SGX_ECP256_KEY_SIZE;counter<2*SGX_ECP256_KEY_SIZE; counter++)
-           *(private_public_key_string+counter)=pub_key->gy[counter-SGX_ECP256_KEY_SIZE];
-     }
-
-     if(signing_priv_key != NULL) // private key to serialize
-     {
-       for(counter=2*SGX_ECP256_KEY_SIZE;counter<3*SGX_ECP256_KEY_SIZE; counter++)
-          *(private_public_key_string+counter)=signing_priv_key->r[counter - 2*SGX_ECP256_KEY_SIZE];
-     } 
-  }
-}
-
-
-// todo: set to private
-void deserialize_string_to_key_pair(uint8_t* private_public_key_string, sgx_ec256_public_t* pub_key, sgx_ec256_private_t* signing_priv_key)
-{
-  if(private_public_key_string != NULL) // nowhere to deserialize from 
-  {
-    uint32_t counter;
-    if(signing_priv_key != NULL) 
-    {
-
-     for(counter=2*SGX_ECP256_KEY_SIZE;counter<3*SGX_ECP256_KEY_SIZE; counter++)
-       signing_priv_key->r[counter-2*SGX_ECP256_KEY_SIZE]=*(private_public_key_string+counter);
-    }
-
-    if(pub_key != NULL)
-    {
-      for(counter=0;counter<SGX_ECP256_KEY_SIZE; counter++)
-        	pub_key->gx[counter]=*(private_public_key_string+counter);
-
-      for(counter=SGX_ECP256_KEY_SIZE;counter<2*SGX_ECP256_KEY_SIZE; counter++)
-  	pub_key->gy[counter-SGX_ECP256_KEY_SIZE]=*(private_public_key_string+counter);
-    }
-  }
-}
-
-
-uint32_t create_and_seal_ecdsa_signing_key_pair(__attribute__((unused))   sgx_ec256_public_t* pub_key, __attribute__((unused))  uint32_t* sealed_data_length, __attribute__((unused)) uint8_t* sealed_data)
-{
-    uint32_t ret_status; sgx_ec256_private_t private_key;  uint32_t counter;
-    ret_status=create_ecdsa_key_pair(pub_key, &private_key);
-    if(ret_status!=SGX_SUCCESS)
-       return ret_status;
-    for(counter=0;counter<SGX_ECP256_KEY_SIZE; counter++)
-	signing_priv_key.r[counter]=private_key.r[counter]; 
-    // generating the entire string as there is no SGX function to generate the public key from the private one.
-    uint8_t* private_public_key_string = (uint8_t*) malloc(3*SGX_ECP256_KEY_SIZE);
-    uint8_t* sealed_data2 = (uint8_t*) malloc(*sealed_data_length);
-    // serializing keypair to string
-    serialize_key_pair_to_string(pub_key, &private_key, private_public_key_string);
-    uint8_t* private_key_string = (uint8_t*) malloc(SGX_ECP256_KEY_SIZE); 
-    for(counter=0;counter<SGX_ECP256_KEY_SIZE;counter++)
-	*(private_key_string+counter)=private_key.r[counter];
-//    return *sealed_data_length;
-    ret_status = sgx_seal_data(0, NULL, 3*SGX_ECP256_KEY_SIZE, private_public_key_string, *sealed_data_length, (sgx_sealed_data_t*) sealed_data2); 
-    for(counter=0;counter<*sealed_data_length;counter++)
-	*(sealed_data+counter)=*(sealed_data2+counter); 
-    free(sealed_data2);
-    free(private_key_string);  //free(private_key);  
-    free(private_public_key_string);
-
-    return ret_status; // SGX_SUCCESS; 
-}
-
-
-uint32_t unseal_and_restore_sealed_signing_key_pair(__attribute__((unused)) sgx_ec256_public_t* pub_key, __attribute__((unused))  uint8_t* sealed_data, __attribute__((unused))   uint32_t* sgx_sealed_data_length)
-{
-	return SGX_SUCCESS; 
-
-}
-
-uint32_t unseal_and_restore_sealed_signing_key_pair(__attribute__((unused)) sgx_ec256_public_t* pub_key, uint8_t* sealed_data, size_t* sgx_sealed_data_length)
-{
-  uint32_t expected_plaintext_msg_length; uint8_t* temp_plaintext; uint32_t counter; uint32_t ret_status;
-  expected_plaintext_msg_length = sgx_get_encrypt_txt_len((sgx_sealed_data_t*)sealed_data);
-  if(expected_plaintext_msg_length == 0xffffffff)
-    return 0xFFFFFFFF;
-
-//  uint32_t return_status; 
-  uint8_t* sealed_data2 = (uint8_t*) malloc(*sgx_sealed_data_length); 
-  for(counter=0;counter<*sgx_sealed_data_length;counter++)
-  {
-	*(sealed_data2+counter)=*(sealed_data+counter); 
-  }
-
-  temp_plaintext = (uint8_t*)malloc( expected_plaintext_msg_length );
-  ret_status = sgx_unseal_data((sgx_sealed_data_t*)sealed_data2, NULL, 0, temp_plaintext, &expected_plaintext_msg_length);
-  if(ret_status != SGX_SUCCESS)
-  {
-    free(temp_plaintext);free(sealed_data2);
-    switch(ret_status)
-    {
-      case SGX_ERROR_MAC_MISMATCH:
-          // MAC of the sealed data is incorrect.          The sealed data has been tampered.
-          break;
-      case SGX_ERROR_INVALID_ATTRIBUTE:
-          // Indicates attribute field of the sealed data is incorrect.
-          break;
-      case SGX_ERROR_INVALID_ISVSVN:
-          // Indicates isv_svn field of the sealed data is greater than            the enclave�s ISVSVN. This is a downgraded enclave.
-          break;
-      case SGX_ERROR_INVALID_CPUSVN:
-          // Indicates cpu_svn field of the sealed data is greater than            the platform�s cpu_svn. enclave is  on a downgraded platform.
-          break;
-      case SGX_ERROR_INVALID_KEYNAME:
-          // Indicates key_name field of the sealed data is incorrect.
-          break;
-      default:
-          // other errors
-          break;
-    }
-    return ret_status;
-  }
-   
-  deserialize_string_to_key_pair(temp_plaintext, pub_key, &signing_priv_key);
-  free(temp_plaintext); free(sealed_data2);  
-  return SGX_SUCCESS;
-}
-
-uint32_t create_and_sign_client_side_pub_key(sgx_measurement_t* mr_enclave,  sgx_ec256_public_t* generated_pub_key, sgx_ec256_signature_t* generated_signature)
-{
-	// create key pair
-	uint32_t ret_status = create_ecdsa_key_pair(&short_term_pub_key, &short_term_priv_key);  uint32_t counter;
-	uint32_t ret_status2;
-        if(ret_status!=SGX_SUCCESS)
-           return ret_status;
-	// serialize public key, append mr_enclave 
-	uint8_t* public_key_string = (uint8_t*) malloc(3*SGX_ECP256_KEY_SIZE); // for .edl file - size parameter for serialize is 96 and this fits coz we need to append the mr_enclave to the pub key 
-	serialize_key_pair_to_string(&short_term_pub_key, NULL, public_key_string);
-	for(counter=32*2; counter<32*3; counter++) // appending mr_enclave
-		*(public_key_string+counter)=mr_enclave->m[counter]; 
-	// retrieve long-term private key from global variable - apparently, need to create a local copy or it crashes
-	sgx_ec256_private_t long_term_priv_key;
-	for(counter=0; counter<SGX_ECP256_KEY_SIZE; counter++) 
-		long_term_priv_key.r[counter] = signing_priv_key.r[counter];  
-	// sign public key with long-term private key 
-	sgx_ec256_signature_t local_signature; sgx_ecc_state_handle_t ecc_handle; 
-	//// opening context for signature
-	ret_status = sgx_ecc256_open_context(&ecc_handle); 
-	if(ret_status != SGX_SUCCESS) 
-		return ret_status; 
-	ret_status = sgx_ecdsa_sign(public_key_string,2*SGX_ECP256_KEY_SIZE, &long_term_priv_key, &local_signature, ecc_handle);
-	ret_status2 = sgx_ecc256_close_context(ecc_handle); 
-	free(public_key_string); 
-	if(ret_status == SGX_SUCCESS) 
-	{
-		for(counter=0; counter<SGX_ECP256_KEY_SIZE; counter++) 
-			generated_pub_key->gx[counter] = short_term_pub_key.gx[counter]; 
-		for(counter=0;counter<SGX_NISTP_ECP256_KEY_SIZE	; counter++)
-		{
-			generated_signature->x[counter] = local_signature.x[counter]; 
-                        generated_signature->y[counter] = local_signature.y[counter]; 
-		}
-	}
-	if(ret_status != SGX_SUCCESS || ret_status2 != SGX_SUCCESS)
-		return 0xFFFFFFFF;
-	return 0; 
-}
-*/
-
 
 uint32_t calculate_sealed_data_size( uint32_t input_size) 
 {