ReplayProtectedDRM.cpp 5.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188
  1. /*
  2. * Copyright (C) 2011-2017 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. #include <iostream>
  32. #include "sgx.h"
  33. #include "sgx_urts.h"
  34. #include "sgx_uae_service.h"
  35. #include "DRM_enclave_u.h"
  36. #include "ReplayProtectedDRM.h"
  37. #include "sgx_tseal.h"
  38. using namespace std;
  39. #define ENCLAVE_NAME "DRM_enclave.signed.so"
  40. ReplayProtectedDRM::ReplayProtectedDRM(): enclave_id(0)
  41. {
  42. int updated = 0;
  43. sgx_status_t sgx_ret = SGX_ERROR_UNEXPECTED;
  44. sgx_ret = sgx_create_enclave(ENCLAVE_NAME, SGX_DEBUG_FLAG,
  45. &launch_token, &updated, &enclave_id, NULL);
  46. if (sgx_ret)
  47. {
  48. cerr<<"cannot create enclave, error code = 0x"<< hex<< sgx_ret <<endl;
  49. }
  50. }
  51. ReplayProtectedDRM::~ReplayProtectedDRM(void)
  52. {
  53. if(enclave_id)
  54. sgx_destroy_enclave(enclave_id);
  55. }
  56. uint32_t ReplayProtectedDRM:: init(uint8_t* stored_sealed_activity_log)
  57. {
  58. sgx_status_t sgx_ret = SGX_ERROR_UNEXPECTED;
  59. sgx_ps_cap_t ps_cap;
  60. memset(&ps_cap, 0, sizeof(sgx_ps_cap_t));
  61. sgx_ret = sgx_get_ps_cap(&ps_cap);
  62. if (sgx_ret)
  63. {
  64. cerr<<"cannot get platform service capability, error code = 0x"<< hex
  65. << sgx_ret <<endl;
  66. return sgx_ret;
  67. }
  68. if (!SGX_IS_MONOTONIC_COUNTER_AVAILABLE(ps_cap))
  69. {
  70. cerr<<"monotonic counter is not supported"<<endl;
  71. return SGX_ERROR_SERVICE_UNAVAILABLE;
  72. }
  73. uint32_t enclave_ret = 0;
  74. sgx_ret = create_sealed_policy(enclave_id, &enclave_ret,
  75. (uint8_t *)stored_sealed_activity_log, sealed_activity_log_length);
  76. if (sgx_ret)
  77. {
  78. cerr<<"call create_sealed_policy fail, error code = 0x"<< hex<< sgx_ret
  79. <<endl;
  80. return sgx_ret;
  81. }
  82. if (enclave_ret)
  83. {
  84. cerr<<"cannot create_sealed_policy, function return fail, error code ="
  85. "0x"<< hex<< enclave_ret <<endl;
  86. return enclave_ret;
  87. }
  88. return 0;
  89. }
  90. uint32_t ReplayProtectedDRM:: init()
  91. {
  92. return init(sealed_activity_log);
  93. }
  94. uint32_t ReplayProtectedDRM:: perform_function(
  95. uint8_t* stored_sealed_activity_log)
  96. {
  97. sgx_status_t sgx_ret = SGX_ERROR_UNEXPECTED;
  98. uint32_t enclave_ret = 0;
  99. sgx_ret = perform_sealed_policy(enclave_id, &enclave_ret,
  100. (uint8_t *)stored_sealed_activity_log, sealed_activity_log_length);
  101. if (sgx_ret)
  102. {
  103. cerr<<"call perform_sealed_policy fail, error code = 0x"<< hex<< sgx_ret
  104. <<endl;
  105. return sgx_ret;
  106. }
  107. if (enclave_ret)
  108. {
  109. cerr<<"cannot perform_sealed_policy, function return fail, error code ="
  110. "0x"<< hex<< enclave_ret <<endl;
  111. return enclave_ret;
  112. }
  113. return 0;
  114. }
  115. uint32_t ReplayProtectedDRM:: perform_function()
  116. {
  117. return perform_function(sealed_activity_log);
  118. }
  119. uint32_t ReplayProtectedDRM:: update_secret(uint8_t* stored_sealed_activity_log)
  120. {
  121. sgx_status_t sgx_ret = SGX_ERROR_UNEXPECTED;
  122. uint32_t enclave_ret = 0;
  123. sgx_ret = update_sealed_policy(enclave_id, &enclave_ret,
  124. (uint8_t *)stored_sealed_activity_log, sealed_activity_log_length);
  125. if (sgx_ret)
  126. {
  127. cerr<<"call update_sealed_policy fail, error code = 0x"<< hex<< sgx_ret
  128. <<endl;
  129. return sgx_ret;
  130. }
  131. if (enclave_ret)
  132. {
  133. cerr<<"cannot update_sealed_policy, function return fail, error code ="
  134. "0x"<< hex<< enclave_ret <<endl;
  135. return enclave_ret;
  136. }
  137. return 0;
  138. }
  139. uint32_t ReplayProtectedDRM::update_secret()
  140. {
  141. return update_secret(sealed_activity_log);
  142. }
  143. uint32_t ReplayProtectedDRM:: delete_secret(uint8_t* stored_sealed_activity_log)
  144. {
  145. sgx_status_t sgx_ret = SGX_ERROR_UNEXPECTED;
  146. uint32_t enclave_ret = 0;
  147. sgx_ret = delete_sealed_policy(enclave_id, &enclave_ret,
  148. (uint8_t *)stored_sealed_activity_log, sealed_activity_log_length);
  149. if (sgx_ret)
  150. {
  151. cerr<<"call delete_sealed_policy fail, error code = 0x"<< hex<< sgx_ret
  152. <<endl;
  153. return sgx_ret;
  154. }
  155. if (enclave_ret)
  156. {
  157. cerr<<"cannot delete_sealed_policy, function return fail, error code ="
  158. "0x"<< hex<< enclave_ret <<endl;
  159. return enclave_ret;
  160. }
  161. return 0;
  162. }
  163. uint32_t ReplayProtectedDRM::delete_secret()
  164. {
  165. return delete_secret(sealed_activity_log);
  166. }