Home Explore Help
Sign In
miti
/
Decryptor
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 1b1dd06acf
Branches Tags
Decryptor
/
App
/
SealingUntrusted.cpp

SealingUntrusted.cpp 2.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. //
    2. 

  2. // Created by miti on 21/07/19.
    3. 

  3. //
    4. 

  4. 

  5. #include "UntrustedInclude/SealingUntrusted.h"
    6. 

  6. 

  7. namespace SealingUntrusted {
    8. 

  8. 

  9.     namespace {
    10. 

  10.         int create_and_seal_signing_key_pair_to_disk(sgx_enclave_id_t enclave_id, int fd)
    11. 

  11.         {
    12. 

  12.             uint32_t ret_status=0, counter=0;
    13. 

  13.             size_t length=0;
    14. 

  14.             uint8_t* sealed_data;
    15. 

  15. 

  16.             Decryptor_calculate_sealed_keypair_size_wrapper(enclave_id, &length);
    17. 

  17.             if(length == 0xFFFFFFFF)
    18. 

  18.                 return -31;
    19. 

  19.             sealed_data=(uint8_t*) malloc(length);
    20. 

  20.             printf("length: %d\n", length); fflush(stdout);
    21. 

  21. 

  22.             Decryptor_create_and_seal_long_term_signing_key_pair_wrapper(enclave_id, &ret_status, &length, sealed_data);
    23. 

  23.             if(ret_status != SGX_SUCCESS)
    24. 

  24.             {
    25. 

  25.                 printf("create_and_seal called returned an error: %x", ret_status);
    26. 

  26.                 free(sealed_data);
    27. 

  27.                 return -32;
    28. 

  28.             }
    29. 

  29.             printf("It returned sgx_success\n"); fflush(stdout);
    30. 

  30.             for(counter=0; counter<length; counter++)
    31. 

  31.                 printf("%02x ", sealed_data[counter]);
    32. 

  32. 

  33.             ret_status = FileIO::write_to_fd(fd, sealed_data, &length);
    34. 

  34.             free(sealed_data);
    35. 

  35. 

  36.             return ret_status;
    37. 

  37.         }
    38. 

  38. 

  39.         int unseal_signing_key_pair_from_disk(sgx_enclave_id_t enclave_id, int fd, size_t sealed_msg_length_in_file)
    40. 

  40.         {
    41. 

  41.             uint32_t ret_status=0, counter=0;
    42. 

  42.             size_t length=sealed_msg_length_in_file;
    43. 

  43.             uint8_t* sealed_data;
    44. 

  44. 

  45.             sealed_data = (uint8_t*) malloc(sealed_msg_length_in_file);
    46. 

  46.             ret_status = FileIO::read_from_fd(fd, sealed_data, &length);
    47. 

  47.             if(ret_status == -1)
    48. 

  48.             {
    49. 

  49.                 free(sealed_data);
    50. 

  50.                 return -1;
    51. 

  51.             }
    52. 

  52.             length=ret_status;
    53. 

  53. 

  54.             for(counter=0;counter<length;counter++)
    55. 

  55.                 printf("%x ", *(sealed_data+counter));
    56. 

  56.             printf("\n");  fflush(stdout);
    57. 

  57. 

  58.             Decryptor_unseal_and_restore_long_term_signing_key_pair_wrapper(enclave_id, &ret_status, sealed_data, &length);
    59. 

  59.             free(sealed_data);
    60. 

  60.             return -1*ret_status; // ret_status is positive for error in sgx code.
    61. 

  61.         }
    62. 

  62.     }
    63. 

  63. 

  64.     int look_for_signing_key_or_regenerate_it(sgx_enclave_id_t enclave_id, char* filename)
    65. 

  65.     {
    66. 

  66.         size_t sealed_key_size;
    67. 

  67.         uint32_t ret_status;
    68. 

  68.         int fd;
    69. 

  69. 

  70.         sealed_key_size = FileIO::check_if_file_exists_return_size(filename, &fd);
    71. 

  71.         if(sealed_key_size == 0) // File is empty. create signing key pair.
    72. 

  72.         {
    73. 

  73.             printf("Creating new keypair.\n"); fflush(stdout);
    74. 

  74.             ret_status = create_and_seal_signing_key_pair_to_disk(enclave_id, fd);
    75. 

  75.         }
    76. 

  76.         else
    77. 

  77.         {
    78. 

  78.             printf("Unsealing keypair.\n"); fflush(stdout);
    79. 

  79.             ret_status = unseal_signing_key_pair_from_disk(enclave_id, fd, sealed_key_size);
    80. 

  80.         }
    81. 

  81.         close(fd);
    82. 

  82.         return ret_status;
    83. 

  83.     }
    84. 

  84. }
    85.