tSeal_internal.cpp 6.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159
  1. /*
  2. * Copyright (C) 2011-2017 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. #include "sgx_tseal.h"
  32. #include "tSeal_internal.h"
  33. #include "sgx_utils.h"
  34. #include <string.h>
  35. // sgx_seal_data_iv
  36. //
  37. // Parameters:
  38. // additional_MACtext_length - [IN] length of the plaintext data stream in bytes
  39. // p_additional_MACtext - [IN] pointer to the plaintext data stream to be GCM protected
  40. // text2encrypt_length - [IN] length of the data stream to encrypt in bytes
  41. // p_text2encrypt - [IN] pointer to data stream to encrypt
  42. // p_payload_iv - [IN] Pointer to Initialization Vector to be used during AES GCM encryption
  43. // p_key_request - [IN] Pointer to the key request structure to be utilized to obtain the SEAL key
  44. // p_sealed_data - [OUT] pointer to the sealed data structure containing protected data
  45. //
  46. // Return Value:
  47. // sgx_status_t - SGX Error code
  48. sgx_status_t sgx_seal_data_iv(const uint32_t additional_MACtext_length,
  49. const uint8_t *p_additional_MACtext, const uint32_t text2encrypt_length,
  50. const uint8_t *p_text2encrypt, const uint8_t *p_payload_iv,
  51. const sgx_key_request_t* p_key_request, sgx_sealed_data_t *p_sealed_data)
  52. {
  53. sgx_status_t err = SGX_ERROR_UNEXPECTED;
  54. // Parameter checking performed in sgx_seal_data
  55. // Generate the seal key
  56. // The random p_key_request->key_id guarantees the generated seal key is random
  57. sgx_key_128bit_t seal_key;
  58. memset(&seal_key, 0, sizeof(sgx_key_128bit_t));
  59. err = sgx_get_key(p_key_request, &seal_key);
  60. if (err != SGX_SUCCESS)
  61. {
  62. // Clear temp state
  63. memset_s(&seal_key, sizeof(sgx_key_128bit_t), 0, sizeof(sgx_key_128bit_t));
  64. if (err != SGX_ERROR_OUT_OF_MEMORY)
  65. err = SGX_ERROR_UNEXPECTED;
  66. return err;
  67. }
  68. // Encrypt the content with the random seal key and the static payload_iv
  69. err = sgx_rijndael128GCM_encrypt(&seal_key, p_text2encrypt, text2encrypt_length,
  70. reinterpret_cast<uint8_t *>(&(p_sealed_data->aes_data.payload)), p_payload_iv,
  71. SGX_SEAL_IV_SIZE, p_additional_MACtext, additional_MACtext_length,
  72. &(p_sealed_data->aes_data.payload_tag));
  73. if (err == SGX_SUCCESS)
  74. {
  75. // Copy additional MAC text
  76. uint8_t* p_aad = NULL;
  77. if (additional_MACtext_length > 0)
  78. {
  79. p_aad = &(p_sealed_data->aes_data.payload[text2encrypt_length]);
  80. memcpy(p_aad, p_additional_MACtext, additional_MACtext_length);
  81. }
  82. // populate the plain_text_offset, payload_size in the data_blob
  83. p_sealed_data->plain_text_offset = text2encrypt_length;
  84. p_sealed_data->aes_data.payload_size = additional_MACtext_length + text2encrypt_length;
  85. }
  86. // Clear temp state
  87. memset_s(&seal_key, sizeof(sgx_key_128bit_t), 0, sizeof(sgx_key_128bit_t));
  88. return err;
  89. }
  90. // sgx_unseal_data_helper
  91. //
  92. // Parameters:
  93. // p_sealed_data - [IN] pointer to the sealed data structure containing protected data
  94. // p_additional_MACtext - [OUT] pointer to the plaintext data stream which was GCM protected
  95. // additional_MACtext_length - [IN] length of the plaintext data stream in bytes
  96. // p_decrypted_text - [OUT] pointer to decrypted data stream
  97. // decrypted_text_length - [IN] length of the decrypted data stream to encrypt in bytes
  98. //
  99. // Return Value:
  100. // sgx_status_t - SGX Error code
  101. sgx_status_t sgx_unseal_data_helper(const sgx_sealed_data_t *p_sealed_data, uint8_t *p_additional_MACtext,
  102. uint32_t additional_MACtext_length, uint8_t *p_decrypted_text, uint32_t decrypted_text_length)
  103. {
  104. sgx_status_t err = SGX_ERROR_UNEXPECTED;
  105. sgx_key_128bit_t seal_key;
  106. memset(&seal_key, 0, sizeof(sgx_key_128bit_t));
  107. uint8_t payload_iv[SGX_SEAL_IV_SIZE];
  108. memset(&payload_iv, 0, SGX_SEAL_IV_SIZE);
  109. if (decrypted_text_length > 0)
  110. memset(p_decrypted_text, 0, decrypted_text_length);
  111. if (additional_MACtext_length > 0)
  112. memset(p_additional_MACtext, 0, additional_MACtext_length);
  113. // Get the seal key
  114. err = sgx_get_key(&p_sealed_data->key_request, &seal_key);
  115. if (err != SGX_SUCCESS)
  116. {
  117. // Clear temp state
  118. memset_s(&seal_key, sizeof(sgx_key_128bit_t), 0, sizeof(sgx_key_128bit_t));
  119. // Provide only error codes that the calling code could act on
  120. if ((err == SGX_ERROR_INVALID_CPUSVN) || (err == SGX_ERROR_INVALID_ISVSVN) || (err == SGX_ERROR_OUT_OF_MEMORY))
  121. return err;
  122. // Return error indicating the blob is corrupted
  123. return SGX_ERROR_MAC_MISMATCH;
  124. }
  125. err = sgx_rijndael128GCM_decrypt(&seal_key, const_cast<uint8_t *>(p_sealed_data->aes_data.payload),
  126. decrypted_text_length, p_decrypted_text, &payload_iv[0], SGX_SEAL_IV_SIZE,
  127. const_cast<uint8_t *>(&(p_sealed_data->aes_data.payload[decrypted_text_length])), additional_MACtext_length,
  128. const_cast<sgx_aes_gcm_128bit_tag_t *>(&p_sealed_data->aes_data.payload_tag));
  129. if (err != SGX_SUCCESS)
  130. {
  131. // Clear temp state
  132. memset_s(&seal_key, sizeof(sgx_key_128bit_t), 0, sizeof(sgx_key_128bit_t));
  133. return err;
  134. }
  135. if (additional_MACtext_length > 0)
  136. {
  137. memcpy(p_additional_MACtext, &(p_sealed_data->aes_data.payload[decrypted_text_length]), additional_MACtext_length);
  138. }
  139. // Clear temp state
  140. memset_s(&seal_key, sizeof(sgx_key_128bit_t), 0, sizeof(sgx_key_128bit_t));
  141. return SGX_SUCCESS;
  142. }