12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 |
- //
- // Created by miti on 21/07/19.
- //
- #include "UntrustedInclude/SealingUntrusted.h"
- namespace SealingUntrusted {
- namespace {
- int create_and_seal_signing_key_pair_to_disk(sgx_enclave_id_t enclave_id, char* filename)
- {
- uint32_t ret_status=0, counter=0;
- size_t length=0;
- uint8_t* sealed_data;
- Decryptor_calculate_sealed_keypair_size_wrapper(enclave_id, &length);
- if(length == 0xFFFFFFFF)
- return -31;
- sealed_data=(uint8_t*) malloc(length);
- printf("length: %d\n", length); fflush(stdout);
- Decryptor_create_and_seal_long_term_signing_key_pair_wrapper(enclave_id, &ret_status, &length, sealed_data);
- if(ret_status != SGX_SUCCESS)
- {
- printf("create_and_seal called returned an error: %x", ret_status);
- free(sealed_data);
- return -32;
- }
- printf("It returned sgx_success\n"); fflush(stdout);
- for(counter=0; counter<length; counter++)
- printf("%02x ", sealed_data[counter]);
- ret_status = FileIO::write_to_filename(filename, sealed_data, &length);
- free(sealed_data);
- return ret_status;
- }
- int unseal_signing_key_pair_from_disk(sgx_enclave_id_t enclave_id, char* filename, size_t sealed_msg_length_in_file)
- {
- uint32_t ret_status=0, counter=0;
- size_t length=sealed_msg_length_in_file;
- uint8_t* sealed_data;
- sealed_data = (uint8_t*) malloc(sealed_msg_length_in_file);
- ret_status = FileIO::read_from_filename(filename, sealed_data, &length);
- if(ret_status == -1)
- {
- free(sealed_data);
- return -1;
- }
- printf("Here's the chars my dudes: they are of length %d.\n", length);
- fflush(stdout);
- for(counter=0;counter<length;counter++)
- printf("%x ", *(sealed_data+counter));
- printf("\n"); fflush(stdout);
- Decryptor_unseal_and_restore_long_term_signing_key_pair_wrapper(enclave_id, &ret_status, sealed_data, &length);
- free(sealed_data);
- return -1*ret_status; // ret_status is positive for error in sgx code.
- }
- }
- int look_for_signing_key_or_regenerate_it(sgx_enclave_id_t enclave_id, char* filename)
- {
- size_t sealed_key_size;
- uint32_t ret_status;
- int fd;
- sealed_key_size = FileIO::check_if_file_exists_return_size(filename);
- if(sealed_key_size == 0) // File is empty. create signing key pair.
- {
- printf("Creating new keypair.\n"); fflush(stdout);
- ret_status = create_and_seal_signing_key_pair_to_disk(enclave_id, filename);
- }
- else
- {
- printf("Unsealing keypair of size %d.\n", sealed_key_size); fflush(stdout);
- ret_status = unseal_signing_key_pair_from_disk(enclave_id, filename, sealed_key_size);
- }
- return ret_status;
- }
- }
|