|
@@ -112,15 +112,15 @@ int sgx_get_report (sgx_arch_hash_t * mrenclave,
|
|
SGX_DBG(DBG_S, "Generated report:\n");
|
|
SGX_DBG(DBG_S, "Generated report:\n");
|
|
SGX_DBG(DBG_S, " cpusvn: %08lx %08lx\n", report->cpusvn[0],
|
|
SGX_DBG(DBG_S, " cpusvn: %08lx %08lx\n", report->cpusvn[0],
|
|
report->cpusvn[1]);
|
|
report->cpusvn[1]);
|
|
- SGX_DBG(DBG_S, " mrenclave: %s\n", alloca_bytes2hexstr(report->mrenclave));
|
|
|
|
- SGX_DBG(DBG_S, " mrsigner: %s\n", alloca_bytes2hexstr(report->mrsigner));
|
|
|
|
|
|
+ SGX_DBG(DBG_S, " mrenclave: %s\n", ALLOCA_BYTES2HEXSTR(report->mrenclave));
|
|
|
|
+ SGX_DBG(DBG_S, " mrsigner: %s\n", ALLOCA_BYTES2HEXSTR(report->mrsigner));
|
|
SGX_DBG(DBG_S, " attributes.flags: %016lx\n", report->attributes.flags);
|
|
SGX_DBG(DBG_S, " attributes.flags: %016lx\n", report->attributes.flags);
|
|
SGX_DBG(DBG_S, " sttributes.xfrm: %016lx\n", report->attributes.xfrm);
|
|
SGX_DBG(DBG_S, " sttributes.xfrm: %016lx\n", report->attributes.xfrm);
|
|
|
|
|
|
SGX_DBG(DBG_S, " isvprodid: %02x\n", report->isvprodid);
|
|
SGX_DBG(DBG_S, " isvprodid: %02x\n", report->isvprodid);
|
|
SGX_DBG(DBG_S, " isvsvn: %02x\n", report->isvsvn);
|
|
SGX_DBG(DBG_S, " isvsvn: %02x\n", report->isvsvn);
|
|
- SGX_DBG(DBG_S, " keyid: %s\n", alloca_bytes2hexstr(report->keyid));
|
|
|
|
- SGX_DBG(DBG_S, " mac: %s\n", alloca_bytes2hexstr(report->mac));
|
|
|
|
|
|
+ SGX_DBG(DBG_S, " keyid: %s\n", ALLOCA_BYTES2HEXSTR(report->keyid));
|
|
|
|
+ SGX_DBG(DBG_S, " mac: %s\n", ALLOCA_BYTES2HEXSTR(report->mac));
|
|
|
|
|
|
return 0;
|
|
return 0;
|
|
}
|
|
}
|
|
@@ -142,7 +142,7 @@ int sgx_verify_report (sgx_arch_report_t * report)
|
|
}
|
|
}
|
|
|
|
|
|
SGX_DBG(DBG_S, "Get report key for verification: %s\n",
|
|
SGX_DBG(DBG_S, "Get report key for verification: %s\n",
|
|
- alloca_bytes2hexstr(enclave_key));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(enclave_key));
|
|
|
|
|
|
return 0;
|
|
return 0;
|
|
}
|
|
}
|
|
@@ -159,7 +159,7 @@ int init_enclave_key (void)
|
|
return -PAL_ERROR_DENIED;
|
|
return -PAL_ERROR_DENIED;
|
|
}
|
|
}
|
|
|
|
|
|
- SGX_DBG(DBG_S, "Get sealing key: %s\n", alloca_bytes2hexstr(enclave_key));
|
|
|
|
|
|
+ SGX_DBG(DBG_S, "Get sealing key: %s\n", ALLOCA_BYTES2HEXSTR(enclave_key));
|
|
return 0;
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
|
|
@@ -950,7 +950,7 @@ int init_enclave (void)
|
|
sizeof(pal_enclave_state.enclave_identifier));
|
|
sizeof(pal_enclave_state.enclave_identifier));
|
|
|
|
|
|
SGX_DBG(DBG_S, "enclave (software) key hash: %s\n",
|
|
SGX_DBG(DBG_S, "enclave (software) key hash: %s\n",
|
|
- alloca_bytes2hexstr(pal_enclave_state.enclave_identifier));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(pal_enclave_state.enclave_identifier));
|
|
|
|
|
|
return 0;
|
|
return 0;
|
|
}
|
|
}
|
|
@@ -1014,7 +1014,7 @@ int _DkStreamKeyExchange (PAL_HANDLE stream, PAL_SESSION_KEY * keyptr)
|
|
session_key[i % sizeof(session_key)] ^= agree[i];
|
|
session_key[i % sizeof(session_key)] ^= agree[i];
|
|
|
|
|
|
SGX_DBG(DBG_S, "key exchange: (%p) %s\n", session_key,
|
|
SGX_DBG(DBG_S, "key exchange: (%p) %s\n", session_key,
|
|
- alloca_bytes2hexstr(session_key));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(session_key));
|
|
|
|
|
|
if (keyptr)
|
|
if (keyptr)
|
|
memcpy(keyptr, session_key, sizeof(PAL_SESSION_KEY));
|
|
memcpy(keyptr, session_key, sizeof(PAL_SESSION_KEY));
|
|
@@ -1051,7 +1051,7 @@ int _DkStreamAttestationRequest (PAL_HANDLE stream, void * data,
|
|
sizeof(sgx_arch_attributes_t));
|
|
sizeof(sgx_arch_attributes_t));
|
|
|
|
|
|
SGX_DBG(DBG_S, "Sending attestation request ... (mrenclave = %s)\n",\
|
|
SGX_DBG(DBG_S, "Sending attestation request ... (mrenclave = %s)\n",\
|
|
- alloca_bytes2hexstr(req.mrenclave));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(req.mrenclave));
|
|
|
|
|
|
for (bytes = 0, ret = 0 ; bytes < sizeof(req) ; bytes += ret) {
|
|
for (bytes = 0, ret = 0 ; bytes < sizeof(req) ; bytes += ret) {
|
|
ret = _DkStreamWrite(stream, 0, sizeof(req) - bytes,
|
|
ret = _DkStreamWrite(stream, 0, sizeof(req) - bytes,
|
|
@@ -1072,7 +1072,7 @@ int _DkStreamAttestationRequest (PAL_HANDLE stream, void * data,
|
|
}
|
|
}
|
|
|
|
|
|
SGX_DBG(DBG_S, "Received attestation (mrenclave = %s)\n",
|
|
SGX_DBG(DBG_S, "Received attestation (mrenclave = %s)\n",
|
|
- alloca_bytes2hexstr(att.mrenclave));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(att.mrenclave));
|
|
|
|
|
|
ret = sgx_verify_report(&att.report);
|
|
ret = sgx_verify_report(&att.report);
|
|
if (ret < 0) {
|
|
if (ret < 0) {
|
|
@@ -1095,7 +1095,7 @@ int _DkStreamAttestationRequest (PAL_HANDLE stream, void * data,
|
|
|
|
|
|
if (ret == 1) {
|
|
if (ret == 1) {
|
|
SGX_DBG(DBG_S, "Not an allowed enclave (mrenclave = %s)\n",
|
|
SGX_DBG(DBG_S, "Not an allowed enclave (mrenclave = %s)\n",
|
|
- alloca_bytes2hexstr(att.mrenclave));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(att.mrenclave));
|
|
ret = -PAL_ERROR_DENIED;
|
|
ret = -PAL_ERROR_DENIED;
|
|
goto out;
|
|
goto out;
|
|
}
|
|
}
|
|
@@ -1113,7 +1113,7 @@ int _DkStreamAttestationRequest (PAL_HANDLE stream, void * data,
|
|
sizeof(sgx_arch_attributes_t));
|
|
sizeof(sgx_arch_attributes_t));
|
|
|
|
|
|
SGX_DBG(DBG_S, "Sending attestation ... (mrenclave = %s)\n",
|
|
SGX_DBG(DBG_S, "Sending attestation ... (mrenclave = %s)\n",
|
|
- alloca_bytes2hexstr(att.mrenclave));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(att.mrenclave));
|
|
|
|
|
|
for (bytes = 0, ret = 0 ; bytes < sizeof(att) ; bytes += ret) {
|
|
for (bytes = 0, ret = 0 ; bytes < sizeof(att) ; bytes += ret) {
|
|
ret = _DkStreamWrite(stream, 0, sizeof(att) - bytes,
|
|
ret = _DkStreamWrite(stream, 0, sizeof(att) - bytes,
|
|
@@ -1150,7 +1150,7 @@ int _DkStreamAttestationRespond (PAL_HANDLE stream, void * data,
|
|
}
|
|
}
|
|
|
|
|
|
SGX_DBG(DBG_S, "Received attestation request ... (mrenclave = %s)\n",
|
|
SGX_DBG(DBG_S, "Received attestation request ... (mrenclave = %s)\n",
|
|
- alloca_bytes2hexstr(req.mrenclave));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(req.mrenclave));
|
|
|
|
|
|
ret = sgx_get_report(&req.mrenclave, &req.attributes, data, &att.report);
|
|
ret = sgx_get_report(&req.mrenclave, &req.attributes, data, &att.report);
|
|
if (ret < 0) {
|
|
if (ret < 0) {
|
|
@@ -1163,7 +1163,7 @@ int _DkStreamAttestationRespond (PAL_HANDLE stream, void * data,
|
|
sizeof(sgx_arch_attributes_t));
|
|
sizeof(sgx_arch_attributes_t));
|
|
|
|
|
|
SGX_DBG(DBG_S, "Sending attestation ... (mrenclave = %s)\n",
|
|
SGX_DBG(DBG_S, "Sending attestation ... (mrenclave = %s)\n",
|
|
- alloca_bytes2hexstr(att.mrenclave));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(att.mrenclave));
|
|
|
|
|
|
for (bytes = 0, ret = 0 ; bytes < sizeof(att) ; bytes += ret) {
|
|
for (bytes = 0, ret = 0 ; bytes < sizeof(att) ; bytes += ret) {
|
|
ret = _DkStreamWrite(stream, 0, sizeof(att) - bytes,
|
|
ret = _DkStreamWrite(stream, 0, sizeof(att) - bytes,
|
|
@@ -1184,7 +1184,7 @@ int _DkStreamAttestationRespond (PAL_HANDLE stream, void * data,
|
|
}
|
|
}
|
|
|
|
|
|
SGX_DBG(DBG_S, "Received attestation (mrenclave = %s)\n",
|
|
SGX_DBG(DBG_S, "Received attestation (mrenclave = %s)\n",
|
|
- alloca_bytes2hexstr(att.mrenclave));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(att.mrenclave));
|
|
|
|
|
|
ret = sgx_verify_report(&att.report);
|
|
ret = sgx_verify_report(&att.report);
|
|
if (ret < 0) {
|
|
if (ret < 0) {
|
|
@@ -1206,7 +1206,7 @@ int _DkStreamAttestationRespond (PAL_HANDLE stream, void * data,
|
|
|
|
|
|
if (ret == 1) {
|
|
if (ret == 1) {
|
|
SGX_DBG(DBG_S, "Not an allowed enclave (mrenclave = %s)\n",
|
|
SGX_DBG(DBG_S, "Not an allowed enclave (mrenclave = %s)\n",
|
|
- alloca_bytes2hexstr(att.mrenclave));
|
|
|
|
|
|
+ ALLOCA_BYTES2HEXSTR(att.mrenclave));
|
|
ret = -PAL_ERROR_DENIED;
|
|
ret = -PAL_ERROR_DENIED;
|
|
goto out;
|
|
goto out;
|
|
}
|
|
}
|