Etusivu Tutki Apua
Kirjaudu sisään
miti
/
linux-sgx-trts-modified
1
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Puu: 3dc8793ead
Branchit Tagit
linux-sgx-tr...
/
psw
/
ae
/
aesm_service
/
source
/
epid_provision
/
epid_provision_msg2.cpp

epid_provision_msg2.cpp 25 KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537 
  1. /*
    2. 

  2.  * Copyright (C) 2011-2016 Intel Corporation. All rights reserved.
    3. 

  3.  *
    4. 

  4.  * Redistribution and use in source and binary forms, with or without
    5. 

  5.  * modification, are permitted provided that the following conditions
    6. 

  6.  * are met:
    7. 

  7.  *
    8. 

  8.  *   * Redistributions of source code must retain the above copyright
    9. 

  9.  *     notice, this list of conditions and the following disclaimer.
    10. 

  10.  *   * Redistributions in binary form must reproduce the above copyright
    11. 

  11.  *     notice, this list of conditions and the following disclaimer in
    12. 

  12.  *     the documentation and/or other materials provided with the
    13. 

  13.  *     distribution.
    14. 

  14.  *   * Neither the name of Intel Corporation nor the names of its
    15. 

  15.  *     contributors may be used to endorse or promote products derived
    16. 

  16.  *     from this software without specific prior written permission.
    17. 

  17.  *
    18. 

  18.  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    19. 

  19.  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    20. 

  20.  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
    21. 

  21.  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
    22. 

  22.  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
    23. 

  23.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
    24. 

  24.  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
    25. 

  25.  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
    26. 

  26.  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
    27. 

  27.  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
    28. 

  28.  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    29. 

  29.  *
    30. 

  30.  */
    31. 

  31. 

  32. #include "type_length_value.h"
    33. 

  33. #include "sgx_tcrypto_internal.h"
    34. 

  34. #include "epid_utility.h"
    35. 

  35. #include "aeerror.h"
    36. 

  36. #include "PVEClass.h"
    37. 

  37. #include "aesm_rand.h"
    38. 

  38. #include "se_wrapper.h"
    39. 

  39. #include <assert.h>
    40. 

  40. 

  41. /**
    42. 

  42. * File: epid_provision_msg2.cpp 
    43. 

  43. * Description: Provide the untrusted implementation of code to process ProvMsg2
    44. 

  44. *
    45. 

  45. * Untrusted Code for EPID Provision
    46. 

  46. */
    47. 

  47. #define MSG2_TOP_FIELDS_COUNT_WITH_SIGRL    4
    48. 

  48. #define MSG2_TOP_FIELDS_COUNT_WITHOUT_SIGRL 3
    49. 

  49. #define MSG2_TOP_FIELD_NONCE tlvs_msg2[0]
    50. 

  50. #define MSG2_TOP_FIELD_DATA  tlvs_msg2[1]
    51. 

  51. #define MSG2_TOP_FIELD_MAC   tlvs_msg2[2]
    52. 

  52. #define MSG2_TOP_FIELD_SIGRL tlvs_msg2[3]
    53. 

  53. #define MSG2_FIELD1_MAX_COUNT   8
    54. 

  54. #define MSG2_FIELD1_MIN_COUNT   6
    55. 

  55. #define MSG2_FIELD1_GROUP_CERT  tlvs_field1[0]
    56. 

  56. #define MSG2_FIELD1_NONCE       tlvs_field1[1]
    57. 

  57. #define MSG2_FIELD1_PREV_PSVN   tlvs_field1[2]//optional field
    58. 

  58. #define MSG2_FIELD1_PSID        tlvs_field1[psid_index]//psid_index is 2 if optional PREV_PSVN is not present or 3 if it is present
    59. 

  59. #define MSG2_FIELD1_ENC_TCB     tlvs_field1[psid_index+1]
    60. 

  60. #define MSG2_FIELD1_MAC_TCB     tlvs_field1[psid_index+2]
    61. 

  61. #define MSG2_FIELD1_DEVICE_ID   tlvs_field1[psid_index+3]
    62. 

  62. #define PREV_GID_INDEX          (psid_index+4)
    63. 

  63. #define MSG2_FIELD1_PREV_GID    tlvs_field1[PREV_GID_INDEX]
    64. 

  64. 

  65. 

  66. //Function to verify that EPID SigRL type and version is correct for sigrl
    67. 

  67. static ae_error_t verify_sigrl_cert_type_version(const se_sig_rl_t *sigrl_cert)
    68. 

  68. {
    69. 

  69.     if(sigrl_cert->epid_identifier!=SE_EPID_SIG_RL_ID||
    70. 

  70.         sigrl_cert->protocol_version!=SE_EPID_SIG_RL_VERSION)
    71. 

  71.         return PVE_INTEGRITY_CHECK_ERROR;
    72. 

  72.     return AE_SUCCESS;
    73. 

  73. }
    74. 

  74. 

  75. static ae_error_t msg2_integrity_checking(const TLVsMsg& tlvs_msg2)
    76. 

  76. {
    77. 

  77.     uint32_t tlv_count = tlvs_msg2.get_tlv_count();
    78. 

  78.     if(tlv_count != MSG2_TOP_FIELDS_COUNT_WITH_SIGRL && tlv_count != MSG2_TOP_FIELDS_COUNT_WITHOUT_SIGRL)
    79. 

  79.         return PVE_INTEGRITY_CHECK_ERROR;
    80. 

  80.     if(MSG2_TOP_FIELD_NONCE.type != TLV_NONCE || MSG2_TOP_FIELD_NONCE.size != NONCE_SIZE || MSG2_TOP_FIELD_NONCE.version != TLV_VERSION_1)
    81. 

  81.         return PVE_INTEGRITY_CHECK_ERROR;
    82. 

  82.     if(MSG2_TOP_FIELD_NONCE.header_size != SMALL_TLV_HEADER_SIZE)//NONCE TLV has small header size
    83. 

  83.         return PVE_INTEGRITY_CHECK_ERROR;
    84. 

  84.     if(MSG2_TOP_FIELD_DATA.type != TLV_BLOCK_CIPHER_TEXT || MSG2_TOP_FIELD_DATA.version != TLV_VERSION_1)
    85. 

  85.         return PVE_INTEGRITY_CHECK_ERROR;
    86. 

  86.     if(MSG2_TOP_FIELD_MAC.type != TLV_MESSAGE_AUTHENTICATION_CODE || MSG2_TOP_FIELD_MAC.version != TLV_VERSION_1 || MSG2_TOP_FIELD_MAC.size != MAC_SIZE)
    87. 

  87.         return PVE_INTEGRITY_CHECK_ERROR;
    88. 

  88.     if(MSG2_TOP_FIELD_MAC.header_size != SMALL_TLV_HEADER_SIZE)
    89. 

  89.         return PVE_INTEGRITY_CHECK_ERROR;
    90. 

  90.     if(tlv_count == MSG2_TOP_FIELDS_COUNT_WITH_SIGRL){
    91. 

  91.         if(MSG2_TOP_FIELD_SIGRL.type != TLV_EPID_SIG_RL || MSG2_TOP_FIELD_SIGRL.version != TLV_VERSION_1)
    92. 

  92.             return PVE_INTEGRITY_CHECK_ERROR;
    93. 

  93.         if(MSG2_TOP_FIELD_SIGRL.size < 2*SE_ECDSA_SIGN_SIZE + sizeof(se_sig_rl_t))
    94. 

  94.             return PVE_INTEGRITY_CHECK_ERROR;
    95. 

  95.         if(MSG2_TOP_FIELD_SIGRL.header_size != LARGE_TLV_HEADER_SIZE)
    96. 

  96.             return PVE_INTEGRITY_CHECK_ERROR;
    97. 

  97.         return verify_sigrl_cert_type_version(reinterpret_cast<const se_sig_rl_t *>(MSG2_TOP_FIELD_SIGRL.payload));
    98. 

  98.     }
    99. 

  99.     return AE_SUCCESS;
    100. 

  100. }
    101. 

  101. 

  102. //check the format of msg2_field1 and copy correspondent data input msg2_blob_input
    103. 

  103. static ae_error_t msg2_field1_msg_check_copy(const TLVsMsg& tlvs_field1, proc_prov_msg2_blob_input_t& msg2_blob_input, const signed_pek_t& pek)
    104. 

  104. {
    105. 

  105.     uint32_t tlv_count = tlvs_field1.get_tlv_count();
    106. 

  106.     uint32_t psid_index = 2;
    107. 

  107.     msg2_blob_input.is_previous_psvn_provided = false;
    108. 

  108.     if(tlv_count<MSG2_FIELD1_MIN_COUNT||tlv_count>MSG2_FIELD1_MAX_COUNT){
    109. 

  109.         return PVE_MSG_ERROR;
    110. 

  110.     }
    111. 

  111.     uint32_t i;
    112. 

  112.     for(i=0;i<tlv_count;++i)
    113. 

  113.         if(tlvs_field1[i].version != TLV_VERSION_1)
    114. 

  114.             return PVE_MSG_ERROR;
    115. 

  115. 

  116.     if(MSG2_FIELD1_PREV_PSVN.type == TLV_EPID_PSVN){//EPID_PSVN TLV is available
    117. 

  117.         psid_index++;
    118. 

  118.         msg2_blob_input.is_previous_psvn_provided = true;
    119. 

  119.         if(tlv_count!=MSG2_FIELD1_MAX_COUNT){
    120. 

  120.             return PVE_MSG_ERROR;//make sure the number of TLVs are correct
    121. 

  121.         }
    122. 

  122.         if(MSG2_FIELD1_PREV_PSVN.size != sizeof(psvn_t)){
    123. 

  123.             return PVE_MSG_ERROR;
    124. 

  124.         }
    125. 

  125.         if(MSG2_FIELD1_PREV_PSVN.header_size != SMALL_TLV_HEADER_SIZE){
    126. 

  126.             return PVE_MSG_ERROR;
    127. 

  127.         }
    128. 

  128.         if(MSG2_FIELD1_PREV_GID.type != TLV_EPID_GID ||
    129. 

  129.             MSG2_FIELD1_PREV_GID.size != sizeof(GroupID)){
    130. 

  130.             return PVE_MSG_ERROR;
    131. 

  131.         }
    132. 

  132.         if(MSG2_FIELD1_PREV_GID.header_size != SMALL_TLV_HEADER_SIZE){
    133. 

  133.             return PVE_MSG_ERROR;
    134. 

  134.         }
    135. 

  135.         if(0!=memcpy_s(&msg2_blob_input.previous_gid, sizeof(GroupID), MSG2_FIELD1_PREV_GID.payload, MSG2_FIELD1_PREV_GID.size)){
    136. 

  136.             return PVE_UNEXPECTED_ERROR;
    137. 

  137.         }
    138. 

  138.         if(0!=memcpy_s(&msg2_blob_input.previous_psvn, sizeof(psvn_t), MSG2_FIELD1_PREV_PSVN.payload, MSG2_FIELD1_PREV_PSVN.size)){
    139. 

  139.             return PVE_UNEXPECTED_ERROR;
    140. 

  140.         }
    141. 

  141.     }else if(tlv_count!=MSG2_FIELD1_MIN_COUNT){
    142. 

  142.         return PVE_MSG_ERROR;//make sure number of TLVs are correct
    143. 

  143.     }
    144. 

  144. 

  145.     if(MSG2_FIELD1_GROUP_CERT.type != TLV_EPID_GROUP_CERT||
    146. 

  146.         MSG2_FIELD1_GROUP_CERT.size != sizeof(signed_epid_group_cert_t)||
    147. 

  147.         MSG2_FIELD1_GROUP_CERT.header_size != SMALL_TLV_HEADER_SIZE)
    148. 

  148.         return PVE_MSG_ERROR;
    149. 

  149.     if(MSG2_FIELD1_NONCE.type != TLV_NONCE||
    150. 

  150.         MSG2_FIELD1_NONCE.size != CHALLENGE_NONCE_SIZE||
    151. 

  151.         MSG2_FIELD1_NONCE.header_size != SMALL_TLV_HEADER_SIZE)
    152. 

  152.         return PVE_MSG_ERROR;
    153. 

  153.     if(MSG2_FIELD1_DEVICE_ID.type != TLV_DEVICE_ID ||
    154. 

  154.         MSG2_FIELD1_DEVICE_ID.size != sizeof(device_id_t)||
    155. 

  155.         MSG2_FIELD1_DEVICE_ID.header_size != SMALL_TLV_HEADER_SIZE)
    156. 

  156.         return PVE_MSG_ERROR;
    157. 

  157.     if(MSG2_FIELD1_ENC_TCB.type != TLV_BLOCK_CIPHER_TEXT||
    158. 

  158.         MSG2_FIELD1_ENC_TCB.size != BLOCK_CIPHER_TEXT_TLV_PAYLOAD_SIZE(SK_SIZE))
    159. 

  159.         return PVE_MSG_ERROR;
    160. 

  160.     if(MSG2_FIELD1_MAC_TCB.type != TLV_MESSAGE_AUTHENTICATION_CODE||
    161. 

  161.         MSG2_FIELD1_MAC_TCB.size != MAC_SIZE||
    162. 

  162.         MSG2_FIELD1_MAC_TCB.header_size != SMALL_TLV_HEADER_SIZE)
    163. 

  163.         return PVE_MSG_ERROR;
    164. 

  164.     if(MSG2_FIELD1_PSID.type != TLV_PS_ID ||
    165. 

  165.         MSG2_FIELD1_PSID.size != sizeof(psid_t)||
    166. 

  166.         MSG2_FIELD1_PSID.header_size != SMALL_TLV_HEADER_SIZE)
    167. 

  167.         return PVE_MSG_ERROR;
    168. 

  168.     sgx_sha256_hash_t psid_hash;
    169. 

  169.     ae_error_t ret = sgx_error_to_ae_error(sgx_sha256_msg(reinterpret_cast<const uint8_t *>(&pek.n), static_cast<uint32_t>(sizeof(pek.n)+sizeof(pek.e)), &psid_hash));
    170. 

  170.     if(AE_SUCCESS != ret)
    171. 

  171.         return ret;
    172. 

  172.     if(0!=memcmp(&psid_hash, MSG2_FIELD1_PSID.payload, sizeof(psid_hash)))//PSID does not match
    173. 

  173.         return PVE_MSG_ERROR;
    174. 

  174. 

  175.     tlv_msg_t tcb_data = block_cipher_tlv_get_encrypted_text(MSG2_FIELD1_ENC_TCB);
    176. 

  176.     if(0!=memcpy_s(&msg2_blob_input.group_cert, sizeof(msg2_blob_input.group_cert), MSG2_FIELD1_GROUP_CERT.payload, MSG2_FIELD1_GROUP_CERT.size)||
    177. 

  177.         0!=memcpy_s(&msg2_blob_input.challenge_nonce, CHALLENGE_NONCE_SIZE, MSG2_FIELD1_NONCE.payload, MSG2_FIELD1_NONCE.size)||
    178. 

  178.         0!=memcpy_s(&msg2_blob_input.equivalent_psvn, sizeof(psvn_t), device_id_tlv_get_psvn(MSG2_FIELD1_DEVICE_ID),sizeof(psvn_t))||
    179. 

  179.         0!=memcpy_s(&msg2_blob_input.fmsp, sizeof(fmsp_t), device_id_tlv_get_fmsp(MSG2_FIELD1_DEVICE_ID), sizeof(fmsp_t))||
    180. 

  180.         0!=memcpy_s(&msg2_blob_input.tcb_iv, IV_SIZE, block_cipher_tlv_get_iv(MSG2_FIELD1_ENC_TCB), IV_SIZE)||
    181. 

  181.         0!=memcpy_s(&msg2_blob_input.encrypted_tcb, SK_SIZE, tcb_data.msg_buf, tcb_data.msg_size)||
    182. 

  182.         0!=memcpy_s(&msg2_blob_input.tcb_mac, MAC_SIZE, MSG2_FIELD1_MAC_TCB.payload, MSG2_FIELD1_MAC_TCB.size)){
    183. 

  183.             return PVE_UNEXPECTED_ERROR;
    184. 

  184.     }
    185. 

  185.     return AE_SUCCESS;
    186. 

  186. }
    187. 

  187. 

  188. //Function to check message header of ProvMsg2 to determine whether it is valid
    189. 

  189. //@msg2_header, input the message header of ProvMsg2
    190. 

  190. //@return AE_SUCCESS if the message header is valid ProvMsg2 or error code if there're any problems
    191. 

  191. static ae_error_t check_prov_msg2_header(const provision_response_header_t *msg2_header, uint32_t msg2_size)
    192. 

  192. {
    193. 

  193.     if(msg2_header->protocol != SE_EPID_PROVISIONING || msg2_header->type != TYPE_PROV_MSG2 ||
    194. 

  194.         msg2_header->version != TLV_VERSION_1){
    195. 

  195.             return PVE_INTEGRITY_CHECK_ERROR;
    196. 

  196.     }
    197. 

  197.     uint32_t size_in_header = lv_ntohl(msg2_header->size);
    198. 

  198.     if(size_in_header + PROVISION_RESPONSE_HEADER_SIZE != msg2_size)
    199. 

  199.         return PVE_INTEGRITY_CHECK_ERROR;
    200. 

  200.     return AE_SUCCESS;
    201. 

  201. }
    202. 

  202. 

  203. static uint32_t estimate_epid_sig_size(uint32_t sigrl_size)
    204. 

  204. {
    205. 

  205.     uint32_t sigrl_body_size = 0;
    206. 

  206.     uint32_t sigrl_extra_size = static_cast<uint32_t>(sizeof(se_sig_rl_t)-sizeof(SigRLEntry)+2*ECDSA_SIGN_SIZE);
    207. 

  207.     if(sigrl_size<=sigrl_extra_size){
    208. 

  208.         return static_cast<uint32_t>(sizeof(EPIDSignature)-sizeof(NRProof));
    209. 

  209.     }else{
    210. 

  210.         sigrl_body_size = sigrl_size - sigrl_extra_size;
    211. 

  211.         size_t entry_count = sigrl_body_size/sizeof(SigRLEntry);
    212. 

  212.         return static_cast<uint32_t>(sizeof(EPIDSignature)-sizeof(NRProof)+sizeof(NRProof)*entry_count);
    213. 

  213.     }
    214. 

  214. }
    215. 

  215. 

  216. static ae_error_t gen_msg3_header(const gen_prov_msg3_output_t& msg3_output, const uint8_t xid[XID_SIZE], provision_request_header_t *msg3_header, uint32_t& msg3_size)
    217. 

  217. {
    218. 

  218.     msg3_header->protocol = SE_EPID_PROVISIONING;
    219. 

  219.     msg3_header->version = TLV_VERSION_1;
    220. 

  220.     msg3_header->type = TYPE_PROV_MSG3;
    221. 

  221.     size_t field1_size = 0;
    222. 

  222.     if(msg3_output.is_join_proof_generated){
    223. 

  223.         field1_size = BLOCK_CIPHER_TEXT_TLV_SIZE(HARD_CODED_JOIN_PROOF_WITH_ESCROW_TLV_SIZE)+MAC_TLV_SIZE(MAC_SIZE);
    224. 

  224.     }else{
    225. 

  225.         field1_size = BLOCK_CIPHER_TEXT_TLV_SIZE(0)+MAC_TLV_SIZE(MAC_SIZE);
    226. 

  226.     }
    227. 

  227.     size_t total_body_size = NONCE_TLV_SIZE(NONCE_SIZE) + BLOCK_CIPHER_TEXT_TLV_SIZE(field1_size)+MAC_TLV_SIZE(MAC_SIZE);
    228. 

  228.     if(msg3_output.is_epid_sig_generated){
    229. 

  229.         total_body_size += BLOCK_CIPHER_TEXT_TLV_SIZE(msg3_output.epid_sig_output_size)+MAC_TLV_SIZE(MAC_SIZE);
    230. 

  230.     }
    231. 

  231.     uint32_t size_in_net = _htonl(total_body_size);
    232. 

  232.     if(0!=memcpy_s(&msg3_header->size, sizeof(msg3_header->size), &size_in_net, sizeof(size_in_net)))
    233. 

  233.         return PVE_UNEXPECTED_ERROR;//size in Big Endian in message header of ProvMsg3
    234. 

  234.     if(total_body_size>msg3_size - PROVISION_REQUEST_HEADER_SIZE ){//make sure buffer size provided by user is large enough
    235. 

  235.         return PVE_INSUFFICIENT_MEMORY_ERROR;
    236. 

  236.     }
    237. 

  237.     if(0!=memcpy_s(msg3_header->xid, XID_SIZE, xid, XID_SIZE))
    238. 

  238.         return PVE_UNEXPECTED_ERROR; //copy transaction id of ProvMsg2
    239. 

  239.     msg3_size = static_cast<uint32_t>(total_body_size + PROVISION_REQUEST_HEADER_SIZE);
    240. 

  240.     return AE_SUCCESS;
    241. 

  241. }
    242. 

  242. 

  243. //Function to decode ProvMsg2 and generate ProvMsg3 on success
    244. 

  244. //ProvMsg2 Format:
    245. 

  245. //R, E+MAC(**), [SigRL with ECDSA Sig]
    246. 

  246. //@msg2, the input buffer for ProvMsg2 in TLV encoded format
    247. 

  247. //@msg2_size, size of buffer msg2
    248. 

  248. //@pek, the input pek got from endpoint selection protocol
    249. 

  249. //@epid_blob, input an optional old epid data blob used to generate non-revoke proof if required
    250. 

  250. //@blob_size, the buffer size of epid_blob
    251. 

  251. //@ek2,  an output parameter for EK2 used in provision protocol which could be reused in proc_prov_msg4
    252. 

  252. //@previous_psvn, an optional output buffer for Previous SigRL PSVN if old epid blob is missing or invalid
    253. 

  253. //       so that caller could repeat ProvMsg1 and ProvMsg4 to retrieve backuped old epid data blob
    254. 

  254. //@msg3, output the ProvMsg3 in TLV encoded format
    255. 

  255. //@msg3_size: input the size of buffer msg3
    256. 

  256. //@return AE_SUCCESS on success and error code on failure
    257. 

  257. //   PVE_EPID_BLOB_ERROR is returned if old_epid_blob is required but it is invalid or not provided and
    258. 

  258. //   previous_psvn will be filled in by a Previous SigRL PSVN
    259. 

  259. uint32_t CPVEClass::proc_prov_msg2(
    260. 

  260.         const uint8_t*  msg2,
    261. 

  261.         uint32_t msg2_size,
    262. 

  262.         const signed_pek_t& pek,
    263. 

  263.         const uint8_t*  epid_blob,
    264. 

  264.         uint32_t  blob_size,
    265. 

  265.         uint8_t ek2[SK_SIZE],
    266. 

  266.         psvn_t*  previous_psvn,
    267. 

  267.         uint8_t*  msg3,
    268. 

  268.         uint32_t msg3_size)
    269. 

  269. {
    270. 

  270.     ae_error_t ret = AE_SUCCESS;
    271. 

  271.     const se_sig_rl_t *sigrl = NULL;
    272. 

  272.     uint32_t sigrl_size = 0;
    273. 

  273.     uint8_t *epid_sig = NULL;
    274. 

  274.     uint8_t *decoded_msg2 = NULL;
    275. 

  275.     uint8_t *encrypted_field1 = NULL;
    276. 

  276.     uint8_t aad[PROVISION_RESPONSE_HEADER_SIZE+sizeof(RLver_t)+sizeof(GroupID)];
    277. 

  277.     size_t aad_size = PROVISION_RESPONSE_HEADER_SIZE;
    278. 

  278.     const provision_response_header_t *msg2_header = reinterpret_cast<const provision_response_header_t *>(msg2);
    279. 

  279.     provision_request_header_t *msg3_header = reinterpret_cast<provision_request_header_t *>(msg3);
    280. 

  280.     if(msg2_size < PROVISION_RESPONSE_HEADER_SIZE){
    281. 

  281.         AESM_DBG_ERROR("ProvMsg2 size too small");
    282. 

  282.         return PVE_MSG_ERROR;
    283. 

  283.     }
    284. 

  284.     if(msg3_size <PROVISION_REQUEST_HEADER_SIZE){
    285. 

  285.         AESM_DBG_ERROR("Input ProvMsg3 buffer too small");
    286. 

  286.         return PVE_INSUFFICIENT_MEMORY_ERROR;
    287. 

  287.     }
    288. 

  288. 

  289.     ret = check_prov_msg2_header(msg2_header, msg2_size);//process message header
    290. 

  290.     if( AE_SUCCESS != ret){
    291. 

  291.         AESM_DBG_ERROR("Fail to decode ProvMsg2:%d",ret);
    292. 

  292.         return ret;
    293. 

  293.     }
    294. 

  294.     ret = check_epid_pve_pg_status_before_mac_verification(msg2_header);
    295. 

  295.     if( AE_SUCCESS != ret){
    296. 

  296.         AESM_DBG_ERROR("Backend server reported error in ProvMsg2:%d",ret);
    297. 

  297.         return ret;
    298. 

  298.     }
    299. 

  299. 

  300.     if( 0!=memcpy_s(aad, sizeof(aad), msg2_header, PROVISION_RESPONSE_HEADER_SIZE)){
    301. 

  301.         AESM_DBG_FATAL("memcpy error");
    302. 

  302.         return PVE_UNEXPECTED_ERROR;
    303. 

  303.     }
    304. 

  304. 

  305.     do{
    306. 

  306.         TLVsMsg tlvs_msg2;
    307. 

  307.         tlv_status_t tlv_status;
    308. 

  308.         //decode TLV structure of message body
    309. 

  309.         tlv_status= tlvs_msg2.init_from_buffer(msg2+static_cast<uint32_t>(PROVISION_RESPONSE_HEADER_SIZE), msg2_size - static_cast<uint32_t>(PROVISION_RESPONSE_HEADER_SIZE));
    310. 

  310.         ret = tlv_error_2_pve_error(tlv_status);
    311. 

  311.         if(AE_SUCCESS!=ret){
    312. 

  312.             AESM_DBG_ERROR("Fail to decode ProvMsg2:%d",ret);
    313. 

  313.             break;
    314. 

  314.         }
    315. 

  315.         ret = msg2_integrity_checking(tlvs_msg2);//checking and verifying that TLV structure is correct and version is supported
    316. 

  316.         if(AE_SUCCESS!=ret){
    317. 

  317.             AESM_DBG_ERROR("ProvMsg2 integrity checking error:%d",ret);
    318. 

  318.             break;
    319. 

  319.         }
    320. 

  320.         prov_get_ek2_input_t ek2_input;
    321. 

  321.         if(memcpy_s(ek2_input.nonce, NONCE_SIZE, MSG2_TOP_FIELD_NONCE.payload, NONCE_SIZE)!=0){
    322. 

  322.             AESM_DBG_FATAL("memcpy error");
    323. 

  323.             ret = PVE_UNEXPECTED_ERROR;
    324. 

  324.             break;
    325. 

  325.         }
    326. 

  326.         if(memcpy_s(ek2_input.xid, XID_SIZE, msg2_header->xid, XID_SIZE)!=0){
    327. 

  327.             AESM_DBG_FATAL("memcpy error");
    328. 

  328.             ret = PVE_UNEXPECTED_ERROR;
    329. 

  329.             break;
    330. 

  330.         }
    331. 

  331.         //call PvE to get EK2
    332. 

  332.         se_static_assert(SK_SIZE == sizeof(prov_get_ek2_output_t));
    333. 

  333.         ret = static_cast<ae_error_t>(get_ek2(&ek2_input, reinterpret_cast<prov_get_ek2_output_t *>(ek2)));
    334. 

  334.         if(AE_SUCCESS != ret){
    335. 

  335.             AESM_DBG_ERROR("Fail to get EK2:%d",ret);
    336. 

  336.             break;
    337. 

  337.         }
    338. 

  338.         if(tlvs_msg2.get_tlv_count() == MSG2_TOP_FIELDS_COUNT_WITH_SIGRL){//RLver and gid is added as part of AAD if available
    339. 

  339.             sigrl = reinterpret_cast<const se_sig_rl_t *>(MSG2_TOP_FIELD_SIGRL.payload);
    340. 

  340.             if(0!=memcpy_s(aad+PROVISION_RESPONSE_HEADER_SIZE, sizeof(RLver_t), &sigrl->sig_rl.RLver, sizeof(RLver_t))){
    341. 

  341.                 AESM_DBG_FATAL("memcpy error");
    342. 

  342.                 ret = PVE_UNEXPECTED_ERROR;
    343. 

  343.                 break;
    344. 

  344.             }
    345. 

  345.             if(0!=memcpy_s(aad+PROVISION_RESPONSE_HEADER_SIZE+sizeof(RLver_t), sizeof(GroupID), &sigrl->sig_rl.gid, sizeof(GroupID))){
    346. 

  346.                 AESM_DBG_FATAL("memcpy error");
    347. 

  347.                 ret = PVE_UNEXPECTED_ERROR;
    348. 

  348.                 break;
    349. 

  349.             }
    350. 

  350.             aad_size += sizeof(RLver_t)+sizeof(GroupID);
    351. 

  351.             sigrl_size = MSG2_TOP_FIELD_SIGRL.size;
    352. 

  352.         }
    353. 

  353.         se_static_assert(SK_SIZE==sizeof(sgx_aes_gcm_128bit_key_t));
    354. 

  354.         tlv_msg_t field1 = block_cipher_tlv_get_encrypted_text(MSG2_TOP_FIELD_DATA);
    355. 

  355.         decoded_msg2 = reinterpret_cast<uint8_t *>(malloc(field1.msg_size));
    356. 

  356.         if(NULL == decoded_msg2){
    357. 

  357.             AESM_DBG_ERROR("malloc error");
    358. 

  358.             ret= AE_OUT_OF_MEMORY_ERROR;
    359. 

  359.             break;
    360. 

  360.         }
    361. 

  361.         //decrypt ProvMsg2 by EK2
    362. 

  362.         sgx_status_t sgx_status = sgx_rijndael128GCM_decrypt(reinterpret_cast<const sgx_aes_gcm_128bit_key_t *>(ek2),
    363. 

  363.             field1.msg_buf, field1.msg_size, decoded_msg2, 
    364. 

  364.             reinterpret_cast<uint8_t *>(block_cipher_tlv_get_iv(MSG2_TOP_FIELD_DATA)), IV_SIZE, 
    365. 

  365.             aad, static_cast<uint32_t>(aad_size), reinterpret_cast<const sgx_aes_gcm_128bit_tag_t *>(MSG2_TOP_FIELD_MAC.payload));
    366. 

  366.         if(SGX_ERROR_MAC_MISMATCH == sgx_status){
    367. 

  367.             AESM_DBG_ERROR("Fail to decrypt ProvMsg2 body by EK2");
    368. 

  368.             ret = PVE_INTEGRITY_CHECK_ERROR;
    369. 

  369.             break;
    370. 

  370.         }
    371. 

  371.         if( AE_SUCCESS != (ret = sgx_error_to_ae_error(sgx_status))){
    372. 

  372.             AESM_DBG_ERROR("error in decrypting ProvMsg2 body:%d",sgx_status);
    373. 

  373.             break;
    374. 

  374.         }
    375. 

  375. 

  376.         ret = check_epid_pve_pg_status_after_mac_verification(msg2_header);
    377. 

  377.         if(AE_SUCCESS != ret){
    378. 

  378.             AESM_DBG_ERROR("Backend server reported error in ProvMsg2 passed MAC verification:%d",ret);
    379. 

  379.             break;
    380. 

  380.         }
    381. 

  381.         TLVsMsg tlvs_field1;
    382. 

  382.         tlv_status = tlvs_field1.init_from_buffer(decoded_msg2, field1.msg_size);//decode TLV structure of field1 of ProvMsg2
    383. 

  383.         ret = tlv_error_2_pve_error(tlv_status);
    384. 

  384.         if(AE_SUCCESS!=ret){
    385. 

  385.             AESM_DBG_ERROR("Fail to decode field1 of ProvMsg2:%d",tlv_status);
    386. 

  386.             break;
    387. 

  387.         }
    388. 

  388.         proc_prov_msg2_blob_input_t msg2_blob_input;
    389. 

  389.         ret = msg2_field1_msg_check_copy(tlvs_field1, msg2_blob_input, pek);//version/type checking to verify message format
    390. 

  390.         if( AE_SUCCESS != ret){
    391. 

  391.             AESM_DBG_ERROR("field1 of ProvMsg2 checking error:%d",ret);
    392. 

  392.             break;
    393. 

  393.         }
    394. 

  394.         gen_prov_msg3_output_t msg3_fixed_output;
    395. 

  395.         memset(&msg3_fixed_output, 0, sizeof(msg3_fixed_output));
    396. 

  396.         //collect old epid blob
    397. 

  397.         if(epid_blob==NULL){
    398. 

  398.             memset(msg2_blob_input.old_epid_data_blob, 0, HARD_CODED_EPID_BLOB_SIZE);
    399. 

  399.         }else if(blob_size!=HARD_CODED_EPID_BLOB_SIZE){
    400. 

  400.             AESM_DBG_FATAL("epid blob internal size error");
    401. 

  401.             ret = PVE_UNEXPECTED_ERROR;
    402. 

  402.             break;
    403. 

  403.         }else{
    404. 

  404. #ifdef DBG_LOG
    405. 

  405.             {
    406. 

  406.                 char dbg_str[256];
    407. 

  407.                 aesm_dbg_format_hex(reinterpret_cast<const uint8_t *>(&epid_blob), blob_size, dbg_str, 256);
    408. 

  408.                 AESM_DBG_TRACE("old epid blob=%s",dbg_str);
    409. 

  409.             }
    410. 

  410. #endif
    411. 

  411.             if(0!=memcpy_s(msg2_blob_input.old_epid_data_blob, HARD_CODED_EPID_BLOB_SIZE, epid_blob, blob_size)){
    412. 

  412.                 AESM_DBG_FATAL("memcpy error");
    413. 

  413.                 ret = PVE_UNEXPECTED_ERROR;
    414. 

  414.                 break;
    415. 

  415.             }
    416. 

  416.         }
    417. 

  417.         uint32_t epid_sig_output_size = estimate_epid_sig_size(sigrl_size) + MAX_TLV_HEADER_SIZE;
    418. 

  418.         epid_sig = reinterpret_cast<uint8_t *>(malloc(epid_sig_output_size));
    419. 

  419.         if(NULL == epid_sig){
    420. 

  420.             AESM_DBG_ERROR("malloc error");
    421. 

  421.             ret = AE_OUT_OF_MEMORY_ERROR;
    422. 

  422.             break;
    423. 

  423.         }
    424. 

  424.         ret = (ae_error_t)proc_prov_msg2_data(&msg2_blob_input, reinterpret_cast<const uint8_t *>(sigrl), sigrl_size, 
    425. 

  425.             &msg3_fixed_output, epid_sig, epid_sig_output_size);//ecall to process msg2 data and generate msg3 data in PvE
    426. 

  426.         if( PVE_EPIDBLOB_ERROR == ret){
    427. 

  427.             if(previous_psvn == NULL){
    428. 

  428.                 AESM_DBG_ERROR("PvE requires previous PSVN but it is not provided");
    429. 

  429.                 ret = PVE_PARAMETER_ERROR;
    430. 

  430.                 break;
    431. 

  431.             }else{//output previous svn in correspondent to sigrl in epid blob error
    432. 

  432.                 if(0!=memcpy_s(previous_psvn, sizeof(psvn_t), &msg2_blob_input.previous_psvn, sizeof(psvn_t))){
    433. 

  433.                     AESM_DBG_FATAL("memcpy error");
    434. 

  434.                     ret = PVE_UNEXPECTED_ERROR;
    435. 

  435.                     break;
    436. 

  436.                 }
    437. 

  437.             }
    438. 

  438.         }
    439. 

  439.         if(AE_SUCCESS != ret){
    440. 

  440.             AESM_DBG_ERROR("PvE report error %d in processing ProvMsg2",ret);
    441. 

  441.             break;
    442. 

  442.         }
    443. 

  443.         uint8_t iv[IV_SIZE];
    444. 

  444.         uint8_t mac[MAC_SIZE];
    445. 

  445.         uint8_t *payload_data=NULL;
    446. 

  446.         uint32_t payload_size = 0;
    447. 

  447.         ret = aesm_read_rand(iv, IV_SIZE);
    448. 

  448.         if(AE_SUCCESS != ret){
    449. 

  449.             AESM_DBG_ERROR("fail to generate random number:%d",ret);
    450. 

  450.             break;
    451. 

  451.         }
    452. 

  452.         //Now start to generate ProvMsg3
    453. 

  453.         ret = gen_msg3_header(msg3_fixed_output, ek2_input.xid, msg3_header,msg3_size);//first generate header
    454. 

  454.         if( AE_SUCCESS != ret){
    455. 

  455.             AESM_DBG_ERROR("Fail to generate ProvMsg3 Header:%d",ret);
    456. 

  456.             break;
    457. 

  457.         }
    458. 

  458.         TLVsMsg tlvs_msg3;
    459. 

  459.         tlv_status = tlvs_msg3.add_nonce(ek2_input.nonce, NONCE_SIZE);
    460. 

  460.         ret = tlv_error_2_pve_error(tlv_status);
    461. 

  461.         if(AE_SUCCESS!=ret){
    462. 

  462.             AESM_DBG_ERROR("Fail to generate Nonce TLV in ProvMsg3:%d",tlv_status);
    463. 

  463.             break;
    464. 

  464.         }
    465. 

  465.         if(msg3_fixed_output.is_join_proof_generated){
    466. 

  466.             payload_data = msg3_fixed_output.field1_data;
    467. 

  467.             payload_size = static_cast<uint32_t>(HARD_CODED_JOIN_PROOF_WITH_ESCROW_TLV_SIZE);
    468. 

  468.         }
    469. 

  469.         TLVsMsg tlvs_m3field1;
    470. 

  470.         tlv_status = tlvs_m3field1.add_block_cipher_text(msg3_fixed_output.field1_iv, payload_data, payload_size);
    471. 

  471.         ret = tlv_error_2_pve_error(tlv_status);
    472. 

  472.         if(AE_SUCCESS != ret){
    473. 

  473.             AESM_DBG_ERROR("Fail to generate Field3.1 TLV in ProvMsg3:%d",tlv_status);
    474. 

  474.             break;
    475. 

  475.         }
    476. 

  476.         tlv_status = tlvs_m3field1.add_mac(msg3_fixed_output.field1_mac);
    477. 

  477.         ret = tlv_error_2_pve_error(tlv_status);
    478. 

  478.         if(AE_SUCCESS != ret){
    479. 

  479.             AESM_DBG_ERROR("Fail to generate Field3.2 TLV in ProvMsg3:%d",tlv_status);
    480. 

  480.             break;
    481. 

  481.         }
    482. 

  482.         encrypted_field1 = reinterpret_cast<uint8_t *>(malloc(tlvs_m3field1.get_tlv_msg_size()));
    483. 

  483.         if( NULL == encrypted_field1){
    484. 

  484.             AESM_DBG_ERROR("malloc error");
    485. 

  485.             ret = AE_OUT_OF_MEMORY_ERROR;
    486. 

  486.             break;
    487. 

  487.         }
    488. 

  488.         //encrypt field1 using ek2 as key
    489. 

  489.         sgx_status = sgx_rijndael128GCM_encrypt(reinterpret_cast<const sgx_aes_gcm_128bit_key_t *>(ek2),
    490. 

  490.             tlvs_m3field1.get_tlv_msg(), tlvs_m3field1.get_tlv_msg_size(), encrypted_field1, 
    491. 

  491.             iv, IV_SIZE, reinterpret_cast<uint8_t *>(msg3_header), PROVISION_REQUEST_HEADER_SIZE,
    492. 

  492.             reinterpret_cast<sgx_aes_gcm_128bit_tag_t *>(mac));
    493. 

  493.         if(AE_SUCCESS != (ret = sgx_error_to_ae_error(sgx_status))){
    494. 

  494.             AESM_DBG_ERROR("fail to encrypting ProvMsg3 body by ek2:%d",sgx_status);
    495. 

  495.             break;
    496. 

  496.         }
    497. 

  497.         tlv_status = tlvs_msg3.add_block_cipher_text(iv, encrypted_field1, tlvs_m3field1.get_tlv_msg_size());
    498. 

  498.         ret = tlv_error_2_pve_error(tlv_status);
    499. 

  499.         if(AE_SUCCESS != ret){
    500. 

  500.             AESM_DBG_ERROR("Fail to create Field1 TLV of ProvMsg3:%d",tlv_status);
    501. 

  501.             break;
    502. 

  502.         }
    503. 

  503.         ret = tlv_error_2_pve_error(tlvs_msg3.add_mac(mac));
    504. 

  504.         if(AE_SUCCESS != ret){
    505. 

  505.             AESM_DBG_ERROR("Fail to create Field2 TLV of ProvMsg3:%d",ret);
    506. 

  506.             break;
    507. 

  507.         }
    508. 

  508.         if(msg3_fixed_output.is_epid_sig_generated){
    509. 

  509.             tlv_status = tlvs_msg3.add_block_cipher_text(msg3_fixed_output.epid_sig_iv, epid_sig, msg3_fixed_output.epid_sig_output_size);
    510. 

  510.             ret = tlv_error_2_pve_error(tlv_status);
    511. 

  511.             if(AE_SUCCESS != ret){
    512. 

  512.                 AESM_DBG_ERROR("Fail to create Field3 TLV of ProvMsg3:%d",tlv_status);
    513. 

  513.                 break;
    514. 

  514.             }
    515. 

  515.             tlv_status = tlvs_msg3.add_mac(msg3_fixed_output.epid_sig_mac);
    516. 

  516.             ret = tlv_error_2_pve_error(tlv_status);
    517. 

  517.             if(AE_SUCCESS != ret){
    518. 

  518.                 AESM_DBG_ERROR("Fail to create Field4 TLV of ProvMsg3:%d",tlv_status);
    519. 

  519.                 break;
    520. 

  520.             }
    521. 

  521.         }
    522. 

  522.         assert( tlvs_msg3.get_tlv_msg_size() <= msg3_size - PROVISION_REQUEST_HEADER_SIZE);//The checking should have been done in header generation
    523. 

  523. 

  524.         if(0!=memcpy_s(msg3+PROVISION_REQUEST_HEADER_SIZE, msg3_size-PROVISION_REQUEST_HEADER_SIZE,
    525. 

  525.             tlvs_msg3.get_tlv_msg(), tlvs_msg3.get_tlv_msg_size())){
    526. 

  526.                 AESM_DBG_FATAL("memcpy error");
    527. 

  527.                 ret = PVE_UNEXPECTED_ERROR;
    528. 

  528.                 break;
    529. 

  529.         }
    530. 

  530.         AESM_DBG_TRACE("ProvMsg3 generated successfully");
    531. 

  531.         ret = AE_SUCCESS;
    532. 

  532.     }while(0);
    533. 

  533.     if(decoded_msg2)free(decoded_msg2);
    534. 

  534.     if(encrypted_field1) free(encrypted_field1);
    535. 

  535.     if(epid_sig)free(epid_sig);
    536. 

  536.     return ret;
    537. 

  537. }
    538.