123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122 |
- //
- // Created by miti on 2019-12-21.
- //
- #include "../Include/Sealing.h"
- uint32_t Sealing::write_to_fd(int fd, uint8_t* msg, uint32_t* expected_msg_length)
- {
- lseek(fd, 0, SEEK_SET);
- ssize_t bytes_written;
- bytes_written = write(fd, msg, *expected_msg_length);
- if(bytes_written <= 0)
- return 0xFFFFFFFF;
- fsync(fd);
- *expected_msg_length = bytes_written;
- close(fd);
- return 0;
- }
- uint32_t Sealing::read_from_fd(int fd, uint8_t* msg, uint32_t* expected_msg_length)
- {
- ssize_t bytes_read;
- lseek(fd, 0, SEEK_SET);
- bytes_read = read(fd, msg, *expected_msg_length);
- if(bytes_read <= 0)
- return 0xFFFFFFFF;
- *expected_msg_length = bytes_read;
- return 0;
- }
- uint32_t Sealing::unseal_signing_key_pair_from_disk(sgx_enclave_id_t enclave_id, int fd, size_t sealed_msg_length_in_file)
- {
- uint32_t ret_status=0, length=sealed_msg_length_in_file, counter=0;
- uint8_t* sealed_data;
- sealed_data = (uint8_t*) malloc(0x300); //TODO: Get length of the sealed msg and try to read that much from the file.
- // May be pass the length of the file as input to this function and check that it is at least as much as the output of the sgx call.
- ret_status = read_from_fd(fd, sealed_data, &length);
- if(ret_status != 0)
- {
- free(sealed_data);
- return 0xFFFFFFFF;
- }
- for(counter=0;counter<length;counter++)
- printf("%x ", *(sealed_data+counter));
- printf("\n"); fflush(stdout);
- Decryptor_unseal_and_restore_long_term_signing_key_pair_wrapper(enclave_id, &ret_status, sealed_data, &length);
- free(sealed_data);
- return ret_status;
- }
- uint32_t Sealing::create_and_seal_signing_key_pair_to_disk(sgx_enclave_id_t enclave_id, int fd)
- {
- uint32_t ret_status=0, length=0, counter=0;
- uint8_t* sealed_data;
- Decryptor_calculate_sealed_keypair_size_wrapper(enclave_id, &length);
- if(length == 0xFFFFFFFF)
- return 0xFFFFFFFF;
- sealed_data=(uint8_t*) malloc(length);
- printf("length: %d\n", length); fflush(stdout);
- Decryptor_create_and_seal_long_term_signing_key_pair_wrapper(enclave_id, &ret_status, &length, sealed_data);
- if(ret_status != SGX_SUCCESS)
- {
- printf("create_and_seal called returned an error: %x", ret_status);
- free(sealed_data);
- return 0xFFFFFFFF;
- }
- printf("It returned sgx_success\n"); fflush(stdout);
- for(counter=0; counter<length; counter++)
- printf("%02x ", sealed_data[counter]);
- ret_status = write_to_fd(fd, sealed_data, &length);
- free(sealed_data);
- return ret_status;
- }
- // "sealed_signing_key.txt"
- uint32_t Sealing::initialize_long_term_keypair(sgx_enclave_id_t enclaveId, const char* filename)
- {
- struct stat st;
- size_t sealed_msg_length_in_file;
- int sealed_signing_key_fd;
- uint32_t ret_status;
- sealed_signing_key_fd = open(filename, O_CREAT | O_RDWR, S_IRUSR | S_IWUSR);
- if(sealed_signing_key_fd == -1)
- {
- perror("\nError in opening the file \n");
- fflush(stderr);
- return 0xFFFFFFFF;
- }
- printf("\nSuccessfully opened a file to seal the signing key pair for the client.\n");
- fflush(stdout);
- ret_status = fstat(sealed_signing_key_fd, &st);
- if(ret_status != 0)
- {
- perror("error in finding the file size. - ");
- fflush(stderr);
- return 0xffffffff;
- }
- sealed_msg_length_in_file = st.st_size;
- if(sealed_msg_length_in_file == 0)
- {
- printf("Creating new keypair.\n"); fflush(stdout);
- ret_status = create_and_seal_signing_key_pair_to_disk(enclaveId, sealed_signing_key_fd);
- }
- else
- {
- printf("Unsealing keypair.\n"); fflush(stdout);
- ret_status = unseal_signing_key_pair_from_disk(enclaveId, sealed_signing_key_fd, sealed_msg_length_in_file);
- }
- return 0;
- }
|