enclave_framework.c 27 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937
  1. /* -*- mode:c; c-file-style:"k&r"; c-basic-offset: 4; tab-width:4; indent-tabs-mode:nil; mode:auto-fill; fill-column:78; -*- */
  2. /* vim: set ts=4 sw=4 et tw=78 fo=cqt wm=0: */
  3. #include <pal_linux.h>
  4. #include <pal_internal.h>
  5. #include <pal_debug.h>
  6. #include <pal_security.h>
  7. #include <pal_crypto.h>
  8. #include <api.h>
  9. #include <list.h>
  10. #include "enclave_pages.h"
  11. struct pal_enclave_state pal_enclave_state;
  12. void * enclave_base, * enclave_top;
  13. struct pal_enclave_config pal_enclave_config;
  14. bool sgx_is_within_enclave (const void * addr, uint64_t size)
  15. {
  16. return (addr >= enclave_base &&
  17. addr + size <= enclave_top) ? 1 : 0;
  18. }
  19. void * sgx_ocalloc (uint64_t size)
  20. {
  21. void * ustack = GET_ENCLAVE_TLS(ustack) - size;
  22. SET_ENCLAVE_TLS(ustack, ustack);
  23. return ustack;
  24. }
  25. void sgx_ocfree (void)
  26. {
  27. SET_ENCLAVE_TLS(ustack, GET_ENCLAVE_TLS(ustack_top));
  28. }
  29. int sgx_get_report (sgx_arch_hash_t * mrenclave,
  30. sgx_arch_attributes_t * attributes,
  31. void * enclave_data,
  32. sgx_arch_report_t * report)
  33. {
  34. sgx_arch_targetinfo_t targetinfo;
  35. memset(&targetinfo, 0, sizeof(sgx_arch_targetinfo_t));
  36. memcpy(targetinfo.mrenclave, mrenclave, sizeof(sgx_arch_hash_t));
  37. memcpy(&targetinfo.attributes, attributes, sizeof(sgx_arch_attributes_t));
  38. struct pal_enclave_state state;
  39. memcpy(&state, &pal_enclave_state, sizeof(struct pal_enclave_state));
  40. memcpy(&state.data, enclave_data, PAL_ATTESTATION_DATA_SIZE);
  41. int ret = sgx_report(&targetinfo, &state, report);
  42. if (ret)
  43. return -PAL_ERROR_DENIED;
  44. SGX_DBG(DBG_S, "Generated report:\n");
  45. SGX_DBG(DBG_S, " cpusvn: %08x %08x\n", report->cpusvn[0],
  46. report->cpusvn[1]);
  47. SGX_DBG(DBG_S, " mrenclave: %s\n", hex2str(report->mrenclave));
  48. SGX_DBG(DBG_S, " mrsigner: %s\n", hex2str(report->mrsigner));
  49. SGX_DBG(DBG_S, " attributes.flags: %016lx\n", report->attributes.flags);
  50. SGX_DBG(DBG_S, " sttributes.xfrm: %016lx\n", report->attributes.xfrm);
  51. SGX_DBG(DBG_S, " isvprodid: %02x\n", report->isvprodid);
  52. SGX_DBG(DBG_S, " isvsvn: %02x\n", report->isvsvn);
  53. SGX_DBG(DBG_S, " keyid: %s\n", hex2str(report->keyid));
  54. SGX_DBG(DBG_S, " mac: %s\n", hex2str(report->mac));
  55. return 0;
  56. }
  57. static sgx_arch_key128_t enclave_key;
  58. int sgx_verify_report (sgx_arch_report_t * report)
  59. {
  60. sgx_arch_keyrequest_t keyrequest;
  61. memset(&keyrequest, 0, sizeof(sgx_arch_keyrequest_t));
  62. keyrequest.keyname = REPORT_KEY;
  63. memcpy(keyrequest.keyid, report->keyid, sizeof(keyrequest.keyid));
  64. int ret = sgx_getkey(&keyrequest, &enclave_key);
  65. if (ret) {
  66. SGX_DBG(DBG_S, "Can't get report key\n");
  67. return -PAL_ERROR_DENIED;
  68. }
  69. SGX_DBG(DBG_S, "Get report key for verification: %s\n", hex2str(enclave_key));
  70. return 0;
  71. }
  72. int init_enclave_key (void)
  73. {
  74. sgx_arch_keyrequest_t keyrequest;
  75. memset(&keyrequest, 0, sizeof(sgx_arch_keyrequest_t));
  76. keyrequest.keyname = SEAL_KEY;
  77. int ret = sgx_getkey(&keyrequest, &enclave_key);
  78. if (ret) {
  79. SGX_DBG(DBG_S, "Can't get report key\n");
  80. return -PAL_ERROR_DENIED;
  81. }
  82. SGX_DBG(DBG_S, "Get sealing key: %s\n", hex2str(enclave_key));
  83. return 0;
  84. }
  85. DEFINE_LIST(trusted_file);
  86. struct trusted_file {
  87. LIST_TYPE(trusted_file) list;
  88. int64_t index;
  89. uint64_t size;
  90. int uri_len;
  91. char uri[URI_MAX];
  92. sgx_checksum_t checksum;
  93. sgx_stub_t * stubs;
  94. };
  95. DEFINE_LISTP(trusted_file);
  96. static LISTP_TYPE(trusted_file) trusted_file_list = LISTP_INIT;
  97. static struct spinlock trusted_file_lock = LOCK_INIT;
  98. static int trusted_file_indexes = 0;
  99. int load_trusted_file (PAL_HANDLE file, sgx_stub_t ** stubptr,
  100. uint64_t * sizeptr)
  101. {
  102. struct trusted_file * tf = NULL, * tmp;
  103. char uri[URI_MAX];
  104. char normpath[URI_MAX];
  105. int ret, fd = file->file.fd, uri_len, len;
  106. if (!(HANDLE_HDR(file)->flags & RFD(0)))
  107. return -PAL_ERROR_DENIED;
  108. uri_len = _DkStreamGetName(file, uri, URI_MAX);
  109. if (uri_len < 0)
  110. return uri_len;
  111. /* Normalize the uri */
  112. if (!strpartcmp_static(uri, "file:")) {
  113. SGX_DBG(DBG_E, "Invalid URI [%s]: Trusted files must start with 'file:'\n", uri);;
  114. return -PAL_ERROR_INVAL;
  115. }
  116. normpath [0] = 'f';
  117. normpath [1] = 'i';
  118. normpath [2] = 'l';
  119. normpath [3] = 'e';
  120. normpath [4] = ':';
  121. len = get_norm_path(uri + 5, normpath + 5, 0, URI_MAX);
  122. uri_len = len + 5;
  123. _DkSpinLock(&trusted_file_lock);
  124. listp_for_each_entry(tmp, &trusted_file_list, list) {
  125. if (tmp->stubs) {
  126. /* trusted files: must be exactly the same URI */
  127. if (tmp->uri_len == uri_len && !memcmp(tmp->uri, normpath, uri_len + 1)) {
  128. tf = tmp;
  129. break;
  130. }
  131. } else {
  132. /* allowed files: must be a subfolder or file */
  133. if (tmp->uri_len <= uri_len &&
  134. !memcmp(tmp->uri, normpath, tmp->uri_len) &&
  135. (!normpath[tmp->uri_len] || normpath[tmp->uri_len] == '/')) {
  136. tf = tmp;
  137. break;
  138. }
  139. }
  140. }
  141. _DkSpinUnlock(&trusted_file_lock);
  142. if (!tf)
  143. return -PAL_ERROR_DENIED;
  144. if (tf->index < 0)
  145. return tf->index;
  146. #if CACHE_FILE_STUBS == 1
  147. if (tf->index && tf->stubs) {
  148. *stubptr = tf->stubs;
  149. *sizeptr = tf->size;
  150. return 0;
  151. }
  152. #endif
  153. if (!tf->index) {
  154. *stubptr = NULL;
  155. PAL_STREAM_ATTR attr;
  156. ret = _DkStreamAttributesQuery(normpath, &attr);
  157. if (!ret)
  158. *sizeptr = attr.pending_size;
  159. else
  160. *sizeptr = 0;
  161. return 0;
  162. }
  163. int nstubs = tf->size / TRUSTED_STUB_SIZE +
  164. (tf->size % TRUSTED_STUB_SIZE ? 1 : 0);
  165. sgx_stub_t * stubs = malloc(sizeof(sgx_stub_t) * nstubs);
  166. if (!stubs)
  167. return -PAL_ERROR_NOMEM;
  168. sgx_stub_t * s = stubs;
  169. uint64_t offset = 0;
  170. LIB_SHA256_CONTEXT sha;
  171. void * umem;
  172. ret = lib_SHA256Init(&sha);
  173. if (ret < 0)
  174. goto failed;
  175. for (; offset < tf->size ; offset += TRUSTED_STUB_SIZE, s++) {
  176. uint64_t mapping_size = tf->size - offset;
  177. if (mapping_size > TRUSTED_STUB_SIZE)
  178. mapping_size = TRUSTED_STUB_SIZE;
  179. ret = ocall_map_untrusted(fd, offset, mapping_size, PROT_READ, &umem);
  180. if (ret < 0)
  181. goto unmap;
  182. lib_AESCMAC((void *) &enclave_key, AES_CMAC_KEY_LEN, umem,
  183. mapping_size, (uint8_t *) s, sizeof *s);
  184. /* update the file checksum */
  185. ret = lib_SHA256Update(&sha, umem, mapping_size);
  186. unmap:
  187. ocall_unmap_untrusted(umem, mapping_size);
  188. if (ret < 0)
  189. goto failed;
  190. }
  191. sgx_checksum_t hash;
  192. ret = lib_SHA256Final(&sha, (uint8_t *) hash.bytes);
  193. if (ret < 0)
  194. goto failed;
  195. if (memcmp(&hash, &tf->checksum, sizeof(sgx_checksum_t))) {
  196. ret = -PAL_ERROR_DENIED;
  197. goto failed;
  198. }
  199. _DkSpinLock(&trusted_file_lock);
  200. if (tf->stubs || tf->index == -PAL_ERROR_DENIED)
  201. free(tf->stubs);
  202. *stubptr = tf->stubs = stubs;
  203. *sizeptr = tf->size;
  204. ret = tf->index;
  205. _DkSpinUnlock(&trusted_file_lock);
  206. return ret;
  207. failed:
  208. free(stubs);
  209. _DkSpinLock(&trusted_file_lock);
  210. if (tf->stubs) {
  211. *stubptr = tf->stubs;
  212. *sizeptr = tf->size;
  213. ret = tf->index;
  214. } else {
  215. tf->index = -PAL_ERROR_DENIED;
  216. }
  217. _DkSpinUnlock(&trusted_file_lock);
  218. #if PRINT_ENCLAVE_STAT
  219. if (!ret) {
  220. sgx_stub_t * loaded_stub;
  221. uint64_t loaded_size;
  222. PAL_HANDLE handle = NULL;
  223. if (!_DkStreamOpen(&handle, normpath, PAL_ACCESS_RDONLY, 0, 0, 0))
  224. load_trusted_file (handle, &loaded_stub, &loaded_size);
  225. }
  226. #endif
  227. return ret;
  228. }
  229. int verify_trusted_file (const char * uri, void * mem,
  230. unsigned int offset, unsigned int size,
  231. sgx_stub_t * stubs,
  232. unsigned int total_size)
  233. {
  234. unsigned long checking = offset;
  235. sgx_stub_t * s = stubs + checking / TRUSTED_STUB_SIZE;
  236. int ret;
  237. for (; checking < offset + size ; checking += TRUSTED_STUB_SIZE, s++) {
  238. unsigned long checking_size = TRUSTED_STUB_SIZE;
  239. if (checking_size > total_size - checking)
  240. checking_size = total_size - checking;
  241. uint8_t hash[AES_CMAC_DIGEST_LEN];
  242. lib_AESCMAC((void *) &enclave_key,
  243. AES_CMAC_KEY_LEN,
  244. mem + checking - offset, checking_size,
  245. hash, sizeof(hash));
  246. if (memcmp(s, hash, sizeof(sgx_stub_t))) {
  247. SGX_DBG(DBG_E, "Accesing file:%s is denied. "
  248. "Does not match with its MAC.\n", uri);
  249. return -PAL_ERROR_DENIED;
  250. }
  251. }
  252. return 0;
  253. }
  254. static int register_trusted_file (const char * uri, const char * checksum_str)
  255. {
  256. struct trusted_file * tf = NULL, * new;
  257. int uri_len = strlen(uri);
  258. int ret;
  259. _DkSpinLock(&trusted_file_lock);
  260. listp_for_each_entry(tf, &trusted_file_list, list) {
  261. if (tf->uri_len == uri_len && !memcmp(tf->uri, uri, uri_len)) {
  262. _DkSpinUnlock(&trusted_file_lock);
  263. return 0;
  264. }
  265. }
  266. _DkSpinUnlock(&trusted_file_lock);
  267. new = malloc(sizeof(struct trusted_file));
  268. if (!new)
  269. return -PAL_ERROR_NOMEM;
  270. INIT_LIST_HEAD(new, list);
  271. new->uri_len = uri_len;
  272. memcpy(new->uri, uri, uri_len + 1);
  273. new->size = 0;
  274. new->stubs = NULL;
  275. if (checksum_str) {
  276. PAL_STREAM_ATTR attr;
  277. ret = _DkStreamAttributesQuery(uri, &attr);
  278. if (!ret)
  279. new->size = attr.pending_size;
  280. char checksum_text[sizeof(sgx_checksum_t) * 2 + 1] = "\0";
  281. int nbytes = 0;
  282. for (; nbytes < sizeof(sgx_checksum_t) ; nbytes++) {
  283. char byte1 = checksum_str[nbytes * 2];
  284. char byte2 = checksum_str[nbytes * 2 + 1];
  285. unsigned char val = 0;
  286. if (byte1 == 0 || byte2 == 0) {
  287. break;
  288. }
  289. if (!(byte1 >= '0' && byte1 <= '9') &&
  290. !(byte1 >= 'a' && byte1 <= 'f')) {
  291. break;
  292. }
  293. if (!(byte2 >= '0' && byte2 <= '9') &&
  294. !(byte2 >= 'a' && byte2 <= 'f')) {
  295. break;
  296. }
  297. if (byte1 >= '0' && byte1 <= '9')
  298. val = byte1 - '0';
  299. if (byte1 >= 'a' && byte1 <= 'f')
  300. val = byte1 - 'a' + 10;
  301. val *= 16;
  302. if (byte2 >= '0' && byte2 <= '9')
  303. val += byte2 - '0';
  304. if (byte2 >= 'a' && byte2 <= 'f')
  305. val += byte2 - 'a' + 10;
  306. new->checksum.bytes[nbytes] = val;
  307. snprintf(checksum_text + nbytes * 2, 3, "%02x", val);
  308. }
  309. if (nbytes < sizeof(sgx_checksum_t)) {
  310. free(new);
  311. return -PAL_ERROR_INVAL;
  312. }
  313. new->index = (++trusted_file_indexes);
  314. SGX_DBG(DBG_S, "trusted: [%d] %s %s\n", new->index,
  315. checksum_text, new->uri);
  316. } else {
  317. memset(&new->checksum, 0, sizeof(sgx_checksum_t));
  318. new->index = 0;
  319. SGX_DBG(DBG_S, "allowed: %s\n", new->uri);
  320. }
  321. _DkSpinLock(&trusted_file_lock);
  322. listp_for_each_entry(tf, &trusted_file_list, list) {
  323. if (tf->uri_len == uri_len && !memcmp(tf->uri, uri, uri_len)) {
  324. _DkSpinUnlock(&trusted_file_lock);
  325. free(new);
  326. return 0;
  327. }
  328. }
  329. listp_add_tail(new, &trusted_file_list, list);
  330. _DkSpinUnlock(&trusted_file_lock);
  331. return 0;
  332. }
  333. static int init_trusted_file (const char * key, const char * uri)
  334. {
  335. char cskey[URI_MAX], * tmp;
  336. char checksum[URI_MAX];
  337. char normpath[URI_MAX];
  338. tmp = strcpy_static(cskey, "sgx.trusted_checksum.", URI_MAX);
  339. memcpy(tmp, key, strlen(key) + 1);
  340. ssize_t len = get_config(pal_state.root_config, cskey, checksum, CONFIG_MAX);
  341. if (len < 0)
  342. return 0;
  343. /* Normalize the uri */
  344. if (!strpartcmp_static(uri, "file:")) {
  345. SGX_DBG(DBG_E, "Invalid URI [%s]: Trusted files must start with 'file:'\n", uri);
  346. return -PAL_ERROR_INVAL;
  347. }
  348. normpath [0] = 'f';
  349. normpath [1] = 'i';
  350. normpath [2] = 'l';
  351. normpath [3] = 'e';
  352. normpath [4] = ':';
  353. len = get_norm_path(uri + 5, normpath + 5, 0, URI_MAX);
  354. return register_trusted_file(normpath, checksum);
  355. }
  356. int init_trusted_files (void)
  357. {
  358. struct config_store * store = pal_state.root_config;
  359. char * cfgbuf;
  360. ssize_t cfgsize;
  361. int nuris, ret;
  362. if (pal_sec.exec_fd != PAL_IDX_POISON) {
  363. ret = init_trusted_file("exec", pal_sec.exec_name);
  364. if (ret < 0)
  365. goto out;
  366. }
  367. cfgbuf = __alloca(CONFIG_MAX);
  368. ssize_t len = get_config(store, "loader.preload", cfgbuf, CONFIG_MAX);
  369. if (len > 0) {
  370. int npreload = 0;
  371. char key[10];
  372. const char * start, * end;
  373. for (start = cfgbuf ; start < cfgbuf + len ; start = end + 1) {
  374. for (end = start ; end < cfgbuf + len && *end && *end != ',' ; end++);
  375. if (end > start) {
  376. char uri[end - start + 1];
  377. memcpy(uri, start, end - start);
  378. uri[end - start] = 0;
  379. snprintf(key, 10, "preload%d", npreload++);
  380. ret = init_trusted_file(key, uri);
  381. if (ret < 0)
  382. goto out;
  383. }
  384. }
  385. }
  386. cfgsize = get_config_entries_size(store, "sgx.trusted_files");
  387. if (cfgsize <= 0)
  388. goto no_trusted;
  389. cfgbuf = __alloca(cfgsize);
  390. nuris = get_config_entries(store, "sgx.trusted_files", cfgbuf, cfgsize);
  391. if (nuris <= 0)
  392. goto no_trusted;
  393. {
  394. char key[CONFIG_MAX], uri[CONFIG_MAX];
  395. char * k = cfgbuf, * tmp;
  396. tmp = strcpy_static(key, "sgx.trusted_files.", CONFIG_MAX);
  397. for (int i = 0 ; i < nuris ; i++) {
  398. len = strlen(k);
  399. memcpy(tmp, k, len + 1);
  400. k += len + 1;
  401. len = get_config(store, key, uri, CONFIG_MAX);
  402. if (len > 0) {
  403. ret = init_trusted_file(key + 18, uri);
  404. if (ret < 0)
  405. goto out;
  406. }
  407. }
  408. }
  409. no_trusted:
  410. cfgsize = get_config_entries_size(store, "sgx.allowed_files");
  411. if (cfgsize <= 0)
  412. goto no_allowed;
  413. cfgbuf = __alloca(cfgsize);
  414. nuris = get_config_entries(store, "sgx.allowed_files", cfgbuf, cfgsize);
  415. if (nuris <= 0)
  416. goto no_allowed;
  417. {
  418. char key[CONFIG_MAX], uri[CONFIG_MAX];
  419. char * k = cfgbuf, * tmp;
  420. tmp = strcpy_static(key, "sgx.allowed_files.", CONFIG_MAX);
  421. for (int i = 0 ; i < nuris ; i++) {
  422. len = strlen(k);
  423. memcpy(tmp, k, len + 1);
  424. k += len + 1;
  425. len = get_config(store, key, uri, CONFIG_MAX);
  426. if (len > 0)
  427. register_trusted_file(uri, NULL);
  428. }
  429. }
  430. no_allowed:
  431. ret = 0;
  432. out:
  433. return ret;
  434. }
  435. int init_trusted_children (void)
  436. {
  437. struct config_store * store = pal_state.root_config;
  438. char key[CONFIG_MAX], mrkey[CONFIG_MAX];
  439. char uri[CONFIG_MAX], mrenclave[CONFIG_MAX];
  440. char * tmp1 = strcpy_static(key, "sgx.trusted_children.", CONFIG_MAX);
  441. char * tmp2 = strcpy_static(mrkey, "sgx.trusted_mrenclave.", CONFIG_MAX);
  442. ssize_t cfgsize = get_config_entries_size(store, "sgx.trusted_mrenclave");
  443. if (cfgsize <= 0)
  444. return 0;
  445. char * cfgbuf = __alloca(cfgsize);
  446. int nuris = get_config_entries(store, "sgx.trusted_mrenclave",
  447. cfgbuf, cfgsize);
  448. if (nuris > 0) {
  449. char * k = cfgbuf;
  450. for (int i = 0 ; i < nuris ; i++) {
  451. int len = strlen(k);
  452. memcpy(tmp1, k, len + 1);
  453. memcpy(tmp2, k, len + 1);
  454. k += len + 1;
  455. ssize_t ret = get_config(store, key, uri, CONFIG_MAX);
  456. if (ret < 0)
  457. continue;
  458. ret = get_config(store, mrkey, mrenclave, CONFIG_MAX);
  459. if (ret > 0)
  460. register_trusted_child(uri, mrenclave);
  461. }
  462. }
  463. return 0;
  464. }
  465. #if 0
  466. void test_dh (void)
  467. {
  468. int ret;
  469. DhKey key1, key2;
  470. uint32_t privsz1, privsz2, pubsz1, pubsz2, agreesz1, agreesz2;
  471. unsigned char priv1[128], pub1[128], priv2[128], pub2[128], agree1[128],
  472. agree2[128];
  473. InitDhKey(&key1);
  474. InitDhKey(&key2);
  475. ret = DhSetKey(&key1, dh_param.p, sizeof(dh_param.p), dh_param.g,
  476. sizeof(dh_param.g));
  477. if (ret < 0) {
  478. SGX_DBG(DBG_S, "DhSetKey for key 1 failed: %d\n", ret);
  479. return;
  480. }
  481. ret = DhSetKey(&key2, dh_param.p, sizeof(dh_param.p), dh_param.g,
  482. sizeof(dh_param.g));
  483. if (ret < 0) {
  484. SGX_DBG(DBG_S, "DhSetKey for key 2 failed: %d\n", ret);
  485. return;
  486. }
  487. ret = DhGenerateKeyPair(&key1, priv1, &privsz1, pub1, &pubsz1);
  488. if (ret < 0) {
  489. SGX_DBG(DBG_S, "DhGenerateKeyPair for key 1 failed: %d\n", ret);
  490. return;
  491. }
  492. ret = DhGenerateKeyPair(&key2, priv2, &privsz2, pub2, &pubsz2);
  493. if (ret < 0) {
  494. SGX_DBG(DBG_S, "DhGenerateKeyPair for key 2 failed: %d\n", ret);
  495. return;
  496. }
  497. ret = DhAgree(&key1, agree1, &agreesz1, priv1, privsz1, pub2, pubsz2);
  498. if (ret < 0) {
  499. SGX_DBG(DBG_S, "DhAgree for key 1 failed: %d\n", ret);
  500. return;
  501. }
  502. ret = DhAgree(&key2, agree2, &agreesz2, priv2, privsz2, pub1, pubsz1);
  503. if (ret < 0) {
  504. SGX_DBG(DBG_S, "DhAgree for key 1 failed: %d\n", ret);
  505. return;
  506. }
  507. FreeDhKey(&key1);
  508. FreeDhKey(&key2);
  509. SGX_DBG(DBG_S, "key exchange(side A): %s (%d)\n", __hex2str(agree1, agreesz1),
  510. agreesz1);
  511. SGX_DBG(DBG_S, "key exchange(side B): %s (%d)\n", __hex2str(agree2, agreesz2),
  512. agreesz2);
  513. }
  514. #endif
  515. #define RSA_KEY_SIZE 2048
  516. #define RSA_E 3
  517. int init_enclave (void)
  518. {
  519. int ret;
  520. LIB_RSA_KEY *rsa = malloc(sizeof(LIB_RSA_KEY));
  521. lib_RSAInitKey(rsa);
  522. ret = lib_RSAGenerateKey(rsa, RSA_KEY_SIZE, RSA_E);
  523. if (ret != 0) {
  524. SGX_DBG(DBG_S, "lib_RSAGenerateKey failed: %d\n", ret);
  525. return ret;
  526. }
  527. PAL_NUM nsz = RSA_KEY_SIZE / 8, esz = 1;
  528. uint8_t n[nsz], e[esz];
  529. ret = lib_RSAExportPublicKey(rsa, e, &esz, n, &nsz);
  530. if (ret != 0) {
  531. SGX_DBG(DBG_S, "lib_RSAExtractPublicKey failed: %d\n", ret);
  532. goto out_free;
  533. }
  534. LIB_SHA256_CONTEXT sha256;
  535. ret = lib_SHA256Init(&sha256);
  536. if (ret < 0)
  537. goto out_free;
  538. ret = lib_SHA256Update(&sha256, n, nsz);
  539. if (ret < 0)
  540. goto out_free;
  541. ret = lib_SHA256Final(&sha256, (uint8_t *) pal_enclave_state.enclave_keyhash);
  542. if (ret < 0)
  543. goto out_free;
  544. pal_enclave_config.enclave_key = rsa;
  545. SGX_DBG(DBG_S, "enclave (software) key hash: %s\n",
  546. hex2str(pal_enclave_state.enclave_keyhash));
  547. return 0;
  548. out_free:
  549. lib_RSAFreeKey(rsa);
  550. free(rsa);
  551. return ret;
  552. }
  553. int _DkStreamKeyExchange (PAL_HANDLE stream, PAL_SESSION_KEY * keyptr)
  554. {
  555. unsigned char session_key[32] __attribute__((aligned(32)));
  556. uint8_t pub[DH_SIZE] __attribute__((aligned(DH_SIZE)));
  557. uint8_t agree[DH_SIZE] __attribute__((aligned(DH_SIZE)));
  558. PAL_NUM pubsz, agreesz;
  559. LIB_DH_CONTEXT context;
  560. int ret;
  561. ret = lib_DhInit(&context);
  562. if (ret < 0) {
  563. SGX_DBG(DBG_S, "Key Exchange: DH Init failed: %d\n", ret);
  564. goto out_no_final;
  565. }
  566. pubsz = sizeof pub;
  567. ret = lib_DhCreatePublic(&context, pub, &pubsz);
  568. if (ret < 0) {
  569. SGX_DBG(DBG_S, "Key Exchange: DH CreatePublic failed: %d\n", ret);
  570. goto out;
  571. }
  572. assert(pubsz > 0 && pubsz <= DH_SIZE);
  573. if (pubsz < DH_SIZE) {
  574. /* Insert leading zero bytes if necessary. These values are big-
  575. * endian, so we either need to know the length of the bignum or
  576. * zero-pad at the beginning instead of the end. This code chooses
  577. * to do the latter. */
  578. memmove(pub + (DH_SIZE - pubsz), pub, pubsz);
  579. memset(pub, 0, DH_SIZE - pubsz);
  580. }
  581. ret = _DkStreamWrite(stream, 0, DH_SIZE, pub, NULL, 0);
  582. if (ret != DH_SIZE) {
  583. SGX_DBG(DBG_S, "Key Exchange: DkStreamWrite failed: %d\n", ret);
  584. goto out;
  585. }
  586. ret = _DkStreamRead(stream, 0, DH_SIZE, pub, NULL, 0);
  587. if (ret != DH_SIZE) {
  588. SGX_DBG(DBG_S, "Key Exchange: DkStreamRead failed: %d\n", ret);
  589. goto out;
  590. }
  591. agreesz = sizeof agree;
  592. ret = lib_DhCalcSecret(&context, pub, DH_SIZE, agree, &agreesz);
  593. if (ret < 0) {
  594. SGX_DBG(DBG_S, "Key Exchange: DH CalcSecret failed: %d\n", ret);
  595. goto out;
  596. }
  597. assert(agreesz > 0 && agreesz <= sizeof agree);
  598. // TODO(security): use a real KDF
  599. memset(session_key, 0, sizeof(session_key));
  600. for (int i = 0 ; i < agreesz ; i++)
  601. session_key[i % sizeof(session_key)] ^= agree[i];
  602. SGX_DBG(DBG_S, "key exchange: (%p) %s\n", session_key, hex2str(session_key));
  603. if (keyptr)
  604. memcpy(keyptr, session_key, sizeof(PAL_SESSION_KEY));
  605. ret = 0;
  606. out:
  607. lib_DhFinal(&context);
  608. out_no_final:
  609. return ret;
  610. }
  611. struct attestation_request {
  612. sgx_arch_hash_t mrenclave;
  613. sgx_arch_attributes_t attributes;
  614. };
  615. struct attestation {
  616. sgx_arch_hash_t mrenclave;
  617. sgx_arch_attributes_t attributes;
  618. sgx_arch_report_t report;
  619. };
  620. int _DkStreamAttestationRequest (PAL_HANDLE stream, void * data,
  621. int (*check_mrenclave) (sgx_arch_hash_t *,
  622. void *, void *),
  623. void * check_param)
  624. {
  625. struct attestation_request req;
  626. struct attestation att;
  627. int bytes, ret;
  628. memcpy(req.mrenclave, pal_sec.mrenclave, sizeof(sgx_arch_hash_t));
  629. memcpy(&req.attributes, &pal_sec.enclave_attributes,
  630. sizeof(sgx_arch_attributes_t));
  631. SGX_DBG(DBG_S, "Sending attestation request ... (mrenclave = %s)\n",\
  632. hex2str(req.mrenclave));
  633. for (bytes = 0, ret = 0 ; bytes < sizeof(req) ; bytes += ret) {
  634. ret = _DkStreamWrite(stream, 0, sizeof(req) - bytes,
  635. ((void *) &req) + bytes, NULL, 0);
  636. if (ret < 0) {
  637. SGX_DBG(DBG_S, "Attestation Request: DkStreamWrite failed: %d\n", ret);
  638. goto out;
  639. }
  640. }
  641. for (bytes = 0, ret = 0 ; bytes < sizeof(att) ; bytes += ret) {
  642. ret = _DkStreamRead(stream, 0, sizeof(att) - bytes,
  643. ((void *) &att) + bytes, NULL, 0);
  644. if (ret < 0) {
  645. SGX_DBG(DBG_S, "Attestation Request: DkStreamRead failed: %d\n", ret);
  646. goto out;
  647. }
  648. }
  649. SGX_DBG(DBG_S, "Received attestation (mrenclave = %s)\n",
  650. hex2str(att.mrenclave));
  651. ret = sgx_verify_report(&att.report);
  652. if (ret < 0) {
  653. SGX_DBG(DBG_S, "Attestation Request: sgx_verify_report failed: %d\n", ret);
  654. goto out;
  655. }
  656. if (ret == 1) {
  657. SGX_DBG(DBG_S, "Remote attestation not signed by SGX!\n");
  658. ret = -PAL_ERROR_DENIED;
  659. goto out;
  660. }
  661. ret = check_mrenclave(&att.report.mrenclave, &att.report.report_data,
  662. check_param);
  663. if (ret < 0) {
  664. SGX_DBG(DBG_S, "Attestation Request: check_mrenclave failed: %d\n", ret);
  665. goto out;
  666. }
  667. if (ret == 1) {
  668. SGX_DBG(DBG_S, "Not an allowed encalve (mrenclave = %s)\n",
  669. hex2str(att.mrenclave));
  670. ret = -PAL_ERROR_DENIED;
  671. goto out;
  672. }
  673. SGX_DBG(DBG_S, "Remote attestation succeed!\n");
  674. ret = sgx_get_report(&att.mrenclave, &att.attributes, data, &att.report);
  675. if (ret < 0) {
  676. SGX_DBG(DBG_S, "Attestation Request: sgx_get_report failed: %d\n", ret);
  677. goto out;
  678. }
  679. memcpy(att.mrenclave, pal_sec.mrenclave, sizeof(sgx_arch_hash_t));
  680. memcpy(&att.attributes, &pal_sec.enclave_attributes,
  681. sizeof(sgx_arch_attributes_t));
  682. SGX_DBG(DBG_S, "Sending attestation ... (mrenclave = %s)\n",
  683. hex2str(att.mrenclave));
  684. for (bytes = 0, ret = 0 ; bytes < sizeof(att) ; bytes += ret) {
  685. ret = _DkStreamWrite(stream, 0, sizeof(att) - bytes,
  686. ((void *) &att) + bytes, NULL, 0);
  687. if (ret < 0) {
  688. SGX_DBG(DBG_S, "Attestation Request: DkStreamWrite failed: %d\n", ret);
  689. goto out;
  690. }
  691. }
  692. return 0;
  693. out:
  694. DkStreamDelete(stream, 0);
  695. return ret;
  696. }
  697. int _DkStreamAttestationRespond (PAL_HANDLE stream, void * data,
  698. int (*check_mrenclave) (sgx_arch_hash_t *,
  699. void *, void *),
  700. void * check_param)
  701. {
  702. struct attestation_request req;
  703. struct attestation att;
  704. int bytes, ret;
  705. for (bytes = 0, ret = 0 ; bytes < sizeof(req) ; bytes += ret) {
  706. ret = _DkStreamRead(stream, 0, sizeof(req) - bytes,
  707. ((void *) &req) + bytes, NULL, 0);
  708. if (ret < 0) {
  709. SGX_DBG(DBG_S, "Attestation Respond: DkStreamRead failed: %d\n", ret);
  710. goto out;
  711. }
  712. }
  713. SGX_DBG(DBG_S, "Received attestation request ... (mrenclave = %s)\n",
  714. hex2str(req.mrenclave));
  715. ret = sgx_get_report(&req.mrenclave, &req.attributes, data, &att.report);
  716. if (ret < 0) {
  717. SGX_DBG(DBG_S, "Attestation Respond: sgx_get_report failed: %d\n", ret);
  718. goto out;
  719. }
  720. memcpy(att.mrenclave, pal_sec.mrenclave, sizeof(sgx_arch_hash_t));
  721. memcpy(&att.attributes, &pal_sec.enclave_attributes,
  722. sizeof(sgx_arch_attributes_t));
  723. SGX_DBG(DBG_S, "Sending attestation ... (mrenclave = %s)\n",
  724. hex2str(att.mrenclave));
  725. for (bytes = 0, ret = 0 ; bytes < sizeof(att) ; bytes += ret) {
  726. ret = _DkStreamWrite(stream, 0, sizeof(att) - bytes,
  727. ((void *) &att) + bytes, NULL, 0);
  728. if (ret < 0) {
  729. SGX_DBG(DBG_S, "Attestation Respond: DkStreamWrite failed: %d\n", ret);
  730. goto out;
  731. }
  732. }
  733. for (bytes = 0, ret = 0 ; bytes < sizeof(att) ; bytes += ret) {
  734. ret = _DkStreamRead(stream, 0, sizeof(att) - bytes,
  735. ((void *) &att) + bytes, NULL, 0);
  736. if (ret < 0) {
  737. SGX_DBG(DBG_S, "Attestation Respond: DkStreamRead failed: %d\n", ret);
  738. goto out;
  739. }
  740. }
  741. SGX_DBG(DBG_S, "Received attestation (mrenclave = %s)\n",
  742. hex2str(att.mrenclave));
  743. ret = sgx_verify_report(&att.report);
  744. if (ret < 0) {
  745. SGX_DBG(DBG_S, "Attestation Respond: sgx_verify_report failed: %d\n", ret);
  746. goto out;
  747. }
  748. if (ret == 1) {
  749. SGX_DBG(DBG_S, "Remote attestation not signed by SGX!\n");
  750. goto out;
  751. }
  752. ret = check_mrenclave(&att.report.mrenclave, &att.report.report_data,
  753. check_param);
  754. if (ret < 0) {
  755. SGX_DBG(DBG_S, "Attestation Request: check_mrenclave failed: %d\n", ret);
  756. goto out;
  757. }
  758. if (ret == 1) {
  759. SGX_DBG(DBG_S, "Not an allowed encalve (mrenclave = %s)\n",
  760. hex2str(att.mrenclave));
  761. ret = -PAL_ERROR_DENIED;
  762. goto out;
  763. }
  764. SGX_DBG(DBG_S, "Remote attestation succeed!\n");
  765. return 0;
  766. out:
  767. DkStreamDelete(stream, 0);
  768. return ret;
  769. }