quoting_sim.cpp 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486
  1. /*
  2. * Copyright (C) 2011-2017 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. #include <stdlib.h>
  32. #include "uae_service_sim.h"
  33. #include "epid/common/types.h"
  34. #include "se_sig_rl.h"
  35. #include "se_quote_internal.h"
  36. #include "ippcp.h"
  37. #include "deriv.h"
  38. #include "cpusvn_util.h"
  39. /* The EPID group certificate */
  40. static const uint8_t EPID_GROUP_CERT[] = {
  41. 0x00, 0x00, 0x00, 0x0B, 0xB3, 0x6F, 0xFF, 0x81, 0xE2, 0x1B, 0x17, 0xEB,
  42. 0x3D, 0x75, 0x3D, 0x61, 0x7E, 0x27, 0xB0, 0xCB, 0xD0, 0x6D, 0x8F, 0x9D,
  43. 0x64, 0xCE, 0xE3, 0xCE, 0x43, 0x4C, 0x62, 0xFD, 0xB5, 0x80, 0xE0, 0x99,
  44. 0x3A, 0x07, 0x56, 0x80, 0xE0, 0x88, 0x59, 0xA4, 0xFD, 0xB5, 0xB7, 0x9D,
  45. 0xE9, 0x4D, 0xAE, 0x9C, 0xEE, 0x3D, 0x66, 0x42, 0x82, 0x45, 0x7E, 0x7F,
  46. 0xD8, 0x69, 0x3E, 0xA1, 0x74, 0xF4, 0x59, 0xEE, 0xD2, 0x74, 0x2E, 0x9F,
  47. 0x63, 0xC2, 0x51, 0x8E, 0xD5, 0xDB, 0xCA, 0x1C, 0x54, 0x74, 0x10, 0x7B,
  48. 0xDC, 0x99, 0xED, 0x42, 0xD5, 0x5B, 0xA7, 0x04, 0x29, 0x66, 0x61, 0x63,
  49. 0xBC, 0xDD, 0x7F, 0xE1, 0x76, 0x5D, 0xC0, 0x6E, 0xE3, 0x14, 0xAC, 0x72,
  50. 0x48, 0x12, 0x0A, 0xA6, 0xE8, 0x5B, 0x08, 0x7B, 0xDA, 0x3F, 0x51, 0x7D,
  51. 0xDE, 0x4C, 0xEA, 0xCB, 0x93, 0xA5, 0x6E, 0xCC, 0xE7, 0x8E, 0x10, 0x84,
  52. 0xBD, 0x19, 0x5A, 0x95, 0xE2, 0x0F, 0xCA, 0x1C, 0x50, 0x71, 0x94, 0x51,
  53. 0x40, 0x1B, 0xA5, 0xB6, 0x78, 0x87, 0x53, 0xF6, 0x6A, 0x95, 0xCA, 0xC6,
  54. 0x8D, 0xCD, 0x36, 0x88, 0x07, 0x28, 0xE8, 0x96, 0xCA, 0x78, 0x11, 0x5B,
  55. 0xB8, 0x6A, 0xE7, 0xE5, 0xA6, 0x65, 0x7A, 0x68, 0x15, 0xD7, 0x75, 0xF8,
  56. 0x24, 0x14, 0xCF, 0xD1, 0x0F, 0x6C, 0x56, 0xF5, 0x22, 0xD9, 0xFD, 0xE0,
  57. 0xE2, 0xF4, 0xB3, 0xA1, 0x90, 0x21, 0xA7, 0xE0, 0xE8, 0xB3, 0xC7, 0x25,
  58. 0xBC, 0x07, 0x72, 0x30, 0x5D, 0xEE, 0xF5, 0x6A, 0x89, 0x88, 0x46, 0xDD,
  59. 0x89, 0xC2, 0x39, 0x9C, 0x0A, 0x3B, 0x58, 0x96, 0x57, 0xE4, 0xF3, 0x3C,
  60. 0x79, 0x51, 0x69, 0x36, 0x1B, 0xB6, 0xF7, 0x05, 0x5D, 0x0A, 0x88, 0xDB,
  61. 0x1F, 0x3D, 0xEA, 0xA2, 0xBA, 0x6B, 0xF0, 0xDA, 0x8E, 0x25, 0xC6, 0xAD,
  62. 0x83, 0x7D, 0x3E, 0x31, 0xEE, 0x11, 0x40, 0xA9
  63. };
  64. /* The report key is the same as BASE_REPORT_KEY in
  65. /trunk/sdk/simulation/tinst/deriv.cpp, which is used in simulation
  66. create_report and verify_report. deriv.cpp is used inside enclave.
  67. So only import this structure. */
  68. static const uint8_t BASE_REPORT_KEY[] = {
  69. 0xff, 0x00, 0xff, 0x00, 0xff, 0x00, 0xff, 0x00,
  70. 0xff, 0x00, 0xff, 0x00, 0xff, 0x00, 0xff, 0x00,
  71. };
  72. // The hard-coded OwnerEpoch.
  73. static const se_owner_epoch_t SIMU_OWNER_EPOCH_MSR = {
  74. 0x54, 0x48, 0x49, 0x53, 0x49, 0x53, 0x4f, 0x57,
  75. 0x4e, 0x45, 0x52, 0x45, 0x50, 0x4f, 0x43, 0x48,
  76. };
  77. //simulated QE ISVSVN
  78. static const sgx_isv_svn_t QE_ISVSVN = 0XEF;
  79. static const sgx_isv_svn_t PCE_ISVSVN = 0xEF;
  80. static const uint32_t EXT_EPID_GID = 0xEFEFEFEF;
  81. #if !defined(ntohl)
  82. #define ntohl(u32) \
  83. ((uint32_t)(((((unsigned char*)&(u32))[0]) << 24) \
  84. + ((((unsigned char*)&(u32))[1]) << 16) \
  85. + ((((unsigned char*)&(u32))[2]) << 8) \
  86. + (((unsigned char*)&(u32))[3])))
  87. #endif
  88. sgx_status_t sgx_init_quote(
  89. sgx_target_info_t *p_target_info,
  90. sgx_epid_group_id_t *p_gid)
  91. {
  92. if(!p_target_info || !p_gid){
  93. return SGX_ERROR_INVALID_PARAMETER;
  94. }
  95. p_target_info->attributes.flags = SGX_FLAGS_INITTED;
  96. p_target_info->attributes.xfrm = SGX_XFRM_LEGACY;
  97. memset(&(p_target_info->mr_enclave), 0xEE, sizeof(sgx_measurement_t));
  98. //Make sure the size of prebuilt data are the same with target buffer.
  99. se_static_assert(sizeof(EPID_GROUP_CERT) == sizeof(GroupPubKey)); /* "Group cert size changed*/
  100. //Copy hard coded gid into output buffer.
  101. GroupPubKey *p_epid_group_cert = (GroupPubKey *)const_cast<uint8_t*>(EPID_GROUP_CERT);
  102. ((uint8_t *)p_gid)[0] = p_epid_group_cert->gid.data[3];
  103. ((uint8_t *)p_gid)[1] = p_epid_group_cert->gid.data[2];
  104. ((uint8_t *)p_gid)[2] = p_epid_group_cert->gid.data[1];
  105. ((uint8_t *)p_gid)[3] = p_epid_group_cert->gid.data[0];
  106. return SGX_SUCCESS;
  107. }
  108. static sgx_status_t create_qe_report(const sgx_report_t *p_report,
  109. const sgx_quote_nonce_t* p_quote_nonce,
  110. const uint8_t* p_quote,
  111. uint32_t quote_size,
  112. const sgx_cpu_svn_t* cpusvn,
  113. sgx_report_t *p_qe_report)
  114. {
  115. sgx_report_t temp_qe_report;
  116. // assemble REPORT
  117. memset(&temp_qe_report, 0, sizeof(sgx_report_t));
  118. //QE_REPORT.BODY.CPUSVN = CPUSVN
  119. if(memcpy_s(&temp_qe_report.body.cpu_svn,
  120. sizeof(temp_qe_report.body.cpu_svn),
  121. cpusvn, sizeof(sgx_cpu_svn_t)))
  122. return SGX_ERROR_UNEXPECTED;
  123. //ProdID same as QE
  124. temp_qe_report.body.isv_prod_id = 1;
  125. //set ISVSVN
  126. temp_qe_report.body.isv_svn = QE_ISVSVN;
  127. //QE_REPORT.BODY.ATTRIBUTES = 0x30000000000000001
  128. temp_qe_report.body.attributes.flags = SGX_FLAGS_INITTED;
  129. temp_qe_report.body.attributes.xfrm = SGX_XFRM_LEGACY;
  130. //QE_REPORT.BODY.MRENCLAVE = 64 0xEE bytes
  131. memset(&temp_qe_report.body.mr_enclave, 0xEE, sizeof(sgx_measurement_t));
  132. //QE_REPORT.BODY.MRSIGNER = random value
  133. if(SGX_SUCCESS != sgx_read_rand((uint8_t *)(&temp_qe_report.body.mr_signer),
  134. sizeof(sgx_measurement_t)))
  135. return SGX_ERROR_UNEXPECTED;
  136. //QE_REPORT.KEYID = <random>
  137. if(SGX_SUCCESS != sgx_read_rand((unsigned char *)&temp_qe_report.key_id,
  138. sizeof(sgx_key_id_t)))
  139. return SGX_ERROR_UNEXPECTED;
  140. //QE_REPORT.BODY.REPORTDATA = SHA256(NONCE || QUOTE)
  141. int sha256_size = 0;
  142. IppsHashState *p_sha_state = NULL;
  143. sgx_status_t sgx_ret = SGX_ERROR_UNEXPECTED;
  144. IppsAES_CMACState* p_cmac_state = NULL;
  145. int ippStateSize = 0;
  146. //prepare reprot_data
  147. do
  148. {
  149. IppStatus ret;
  150. ret = ippsHashGetSize(&sha256_size);
  151. if(ret)break;
  152. // p_sha_state need to be freed when exit.
  153. p_sha_state = (IppsHashState *)malloc(sha256_size);
  154. if(!p_sha_state)
  155. {
  156. sgx_ret = SGX_ERROR_OUT_OF_MEMORY;
  157. break;
  158. }
  159. ret = ippsHashInit(p_sha_state, IPP_ALG_HASH_SHA256);
  160. if(ret)break;
  161. ret = ippsHashUpdate((uint8_t *)const_cast<sgx_quote_nonce_t*>(p_quote_nonce),
  162. sizeof(sgx_quote_nonce_t),
  163. p_sha_state);
  164. if(ret)break;
  165. ret = ippsHashUpdate(p_quote,
  166. quote_size,
  167. p_sha_state);
  168. if(ret)break;
  169. //sha256 final, QE_REPORT.BODY.REPORTDATA = SHA256(NONCE || QUOTE)
  170. ret = ippsHashFinal((uint8_t*)&temp_qe_report.body.report_data,
  171. p_sha_state);
  172. if(ret)break;
  173. /* calculate CMAC using the report key, same as BASE_REPORT_KEY in
  174. sdk/simulation/tinst/deriv.cpp */
  175. derivation_data_t dd;
  176. memset(&dd, 0, sizeof(dd));
  177. dd.size = sizeof(dd_report_key_t);
  178. dd.key_name = SGX_KEYSELECT_REPORT;
  179. if(memcpy_s(&dd.ddrk.mrenclave,sizeof(dd.ddrk.mrenclave),
  180. &p_report->body.mr_enclave, sizeof(sgx_measurement_t)))
  181. break;
  182. if(memcpy_s(&dd.ddrk.attributes, sizeof(dd.ddrk.attributes),
  183. &p_report->body.attributes, sizeof(sgx_attributes_t)))
  184. break;
  185. if(memcpy_s(&dd.ddrk.csr_owner_epoch, sizeof(dd.ddrk.csr_owner_epoch),
  186. SIMU_OWNER_EPOCH_MSR, sizeof(se_owner_epoch_t)))
  187. break;
  188. if(memcpy_s(&dd.ddrk.cpu_svn, sizeof(dd.ddrk.cpu_svn),
  189. cpusvn, sizeof(sgx_cpu_svn_t)))
  190. break;
  191. if(memcpy_s(&dd.ddrk.key_id, sizeof(dd.ddrk.key_id),
  192. &temp_qe_report.key_id, sizeof(sgx_key_id_t)))
  193. break;
  194. ret = ippsAES_CMACGetSize(&ippStateSize);
  195. if(ret != ippStsNoErr)break;
  196. p_cmac_state = (IppsAES_CMACState*)malloc(ippStateSize);
  197. if(p_cmac_state == NULL)
  198. {
  199. sgx_ret = SGX_ERROR_OUT_OF_MEMORY;
  200. break;
  201. }
  202. // calculate the derived key
  203. ret = ippsAES_CMACInit((const Ipp8u *)BASE_REPORT_KEY, 16,
  204. p_cmac_state, ippStateSize);
  205. if(ret != ippStsNoErr)
  206. {
  207. if(ret == ippStsMemAllocErr)
  208. {
  209. sgx_ret = SGX_ERROR_OUT_OF_MEMORY;
  210. break;
  211. }
  212. else
  213. {
  214. sgx_ret = SGX_ERROR_UNEXPECTED;
  215. break;
  216. }
  217. }
  218. ret = ippsAES_CMACUpdate((const Ipp8u *)dd.ddbuf,
  219. dd.size, p_cmac_state);
  220. if(ret != ippStsNoErr)break;
  221. sgx_key_128bit_t tmp_report_key;
  222. memset(tmp_report_key, 0, sizeof(tmp_report_key));
  223. ret = ippsAES_CMACFinal((Ipp8u *)&tmp_report_key,
  224. sizeof(tmp_report_key), p_cmac_state);
  225. if(ret != ippStsNoErr)break;
  226. // call cryptographic CMAC function
  227. // CMAC data are *NOT* including MAC and KEYID
  228. ret = ippsAES_CMACInit((const Ipp8u *)tmp_report_key, 16,
  229. p_cmac_state, ippStateSize);
  230. if(ret != ippStsNoErr)
  231. {
  232. if(ret == ippStsMemAllocErr)
  233. {
  234. sgx_ret = SGX_ERROR_OUT_OF_MEMORY;
  235. break;
  236. }
  237. else
  238. {
  239. sgx_ret = SGX_ERROR_UNEXPECTED;
  240. break;
  241. }
  242. }
  243. ret = ippsAES_CMACUpdate((const Ipp8u *)&temp_qe_report.body,
  244. sizeof(temp_qe_report.body),
  245. p_cmac_state);
  246. if(ret != ippStsNoErr)break;
  247. ret = ippsAES_CMACFinal((Ipp8u *)&temp_qe_report.mac,
  248. sizeof(temp_qe_report.mac), p_cmac_state);
  249. if(ret != ippStsNoErr)break;
  250. if(memcpy_s(p_qe_report, sizeof(*p_qe_report),
  251. &temp_qe_report, sizeof(temp_qe_report)))
  252. break;
  253. sgx_ret = SGX_SUCCESS;
  254. }while(0);
  255. if (p_cmac_state)
  256. free(p_cmac_state);
  257. if(p_sha_state)
  258. free(p_sha_state);
  259. return sgx_ret;
  260. }
  261. /*
  262. * For quote with SIG-RL
  263. * |--------------------------------------------------------------------|
  264. * |sgx_quote_t|wrap_key_t|iv|payload_size|basic_sig|rl_ver|n2|nrp..|mac|
  265. * |--------------------------------------------------------------------|
  266. * For quote without SIG-RL
  267. * |--------------------------------------------------------------|
  268. * |sgx_quote_t|wrap_key_t|iv|payload_size|basic_sig|rl_ver|n2|mac|
  269. * |--------------------------------------------------------------|
  270. */
  271. sgx_status_t sgx_get_quote(
  272. const sgx_report_t *p_report,
  273. sgx_quote_sign_type_t quote_type,
  274. const sgx_spid_t *p_spid,
  275. const sgx_quote_nonce_t *p_nonce,
  276. const uint8_t *p_sig_rl,
  277. uint32_t sig_rl_size,
  278. sgx_report_t *p_qe_report,
  279. sgx_quote_t *p_quote,
  280. uint32_t quote_size)
  281. {
  282. sgx_status_t ret = SGX_SUCCESS;
  283. GroupPubKey *p_epid_group_cert = (GroupPubKey *)const_cast<uint8_t*>(EPID_GROUP_CERT);
  284. unsigned int rl_entry_count = 0;
  285. sgx_basename_t basename = {{0}};
  286. uint64_t required_buffer_size = 0;
  287. se_encrypted_sign_t *p_signature = NULL;
  288. sgx_cpu_svn_t cpusvn = {{0}};
  289. uint8_t *p_mac = NULL;
  290. if(!p_report || !p_spid || !p_quote || !quote_size)
  291. return SGX_ERROR_INVALID_PARAMETER;
  292. if(!p_nonce && p_qe_report)
  293. return SGX_ERROR_INVALID_PARAMETER;
  294. if(p_nonce && !p_qe_report)
  295. return SGX_ERROR_INVALID_PARAMETER;
  296. if(p_sig_rl && sig_rl_size < sizeof(se_sig_rl_t))
  297. return SGX_ERROR_INVALID_PARAMETER;
  298. if(!p_sig_rl && sig_rl_size)
  299. return SGX_ERROR_INVALID_PARAMETER;
  300. if(quote_type != SGX_UNLINKABLE_SIGNATURE
  301. && quote_type != SGX_LINKABLE_SIGNATURE)
  302. return SGX_ERROR_INVALID_PARAMETER;
  303. if(p_sig_rl){
  304. //Check the size of SIG-RL.
  305. se_sig_rl_t *p_sig_rl_temp = (se_sig_rl_t *)const_cast<uint8_t*>(p_sig_rl);
  306. uint64_t required_sig_rl_size = se_get_sig_rl_size(p_sig_rl_temp);
  307. rl_entry_count = ntohl(p_sig_rl_temp->sig_rl.n2);
  308. if(required_sig_rl_size > sig_rl_size)
  309. {
  310. ret = SGX_ERROR_INVALID_PARAMETER;
  311. goto CLEANUP;
  312. }
  313. }
  314. se_static_assert(sizeof(basename) > sizeof(sgx_spid_t));
  315. /* Because basename has already been zerod,
  316. so we don't need to concatenating with 0s.*/
  317. if(memcpy_s(&basename, sizeof(basename), p_spid, sizeof(sgx_spid_t)))
  318. {
  319. ret = SGX_ERROR_UNEXPECTED;
  320. goto CLEANUP;
  321. }
  322. if(SGX_UNLINKABLE_SIGNATURE == quote_type)
  323. {
  324. uint8_t *p = (uint8_t *)&basename + sizeof(sgx_spid_t);
  325. if(SGX_SUCCESS != sgx_read_rand(p,
  326. sizeof(basename) - sizeof(sgx_spid_t)))
  327. {
  328. ret = SGX_ERROR_UNEXPECTED;
  329. goto CLEANUP;
  330. }
  331. }
  332. /* sign_size returned from epidMember_signMessage including the RLver
  333. and n2. */
  334. required_buffer_size = sizeof(sgx_quote_t)
  335. + sizeof(se_wrap_key_t)
  336. + 12 // size of payload_iv
  337. + 4 // size of payload_size
  338. + sizeof(BasicSignature)
  339. + sizeof(RLver_t)
  340. + sizeof(RLCount)
  341. + 16; // size of payload_mac
  342. if(p_sig_rl){
  343. required_buffer_size += (sizeof(NrProof) * rl_entry_count);
  344. }
  345. /* If the p_quote is not NULL, then we should make sure the buffer size is
  346. * correct. */
  347. if(quote_size < required_buffer_size){
  348. ret = SGX_ERROR_INVALID_PARAMETER;
  349. goto CLEANUP;
  350. }
  351. if(SGX_SUCCESS != get_cpusvn(&cpusvn))
  352. {
  353. ret = SGX_ERROR_UNEXPECTED;
  354. goto CLEANUP;
  355. }
  356. if(memcmp(&cpusvn, &((const sgx_report_t *)p_report)->body.cpu_svn,
  357. sizeof(sgx_cpu_svn_t)))
  358. {
  359. ret = SGX_ERROR_INVALID_PARAMETER;
  360. goto CLEANUP;
  361. }
  362. /* Copy the data in the report into quote body. */
  363. memset(p_quote, 0xEE, quote_size);
  364. p_quote->version = 2;
  365. p_quote->sign_type = (uint16_t)quote_type;
  366. p_quote->epid_group_id[0] = p_epid_group_cert->gid.data[3];
  367. p_quote->epid_group_id[1] = p_epid_group_cert->gid.data[2];
  368. p_quote->epid_group_id[2] = p_epid_group_cert->gid.data[1];
  369. p_quote->epid_group_id[3] = p_epid_group_cert->gid.data[0];
  370. p_quote->qe_svn = QE_ISVSVN;
  371. p_quote->pce_svn = PCE_ISVSVN;
  372. p_quote->xeid = EXT_EPID_GID;
  373. if(memcpy_s(&p_quote->basename, sizeof(sgx_basename_t),
  374. &basename, sizeof(basename))){
  375. ret = SGX_ERROR_UNEXPECTED;
  376. goto CLEANUP;
  377. }
  378. if(memcpy_s(&p_quote->report_body, sizeof(p_quote->report_body),
  379. &((const sgx_report_t *)p_report)->body, sizeof(sgx_report_body_t)))
  380. {
  381. ret = SGX_ERROR_UNEXPECTED;
  382. goto CLEANUP;
  383. }
  384. p_quote->signature_len = (uint32_t)(required_buffer_size - sizeof(sgx_quote_t));
  385. // Set the payload_size
  386. p_signature = (se_encrypted_sign_t *)(p_quote->signature);
  387. p_signature->payload_size = (uint32_t)(sizeof(BasicSignature)
  388. + sizeof(RLver_t)
  389. + sizeof(RLCount)
  390. + (sizeof(NrProof) * rl_entry_count));
  391. if(SGX_SUCCESS != sgx_read_rand(p_signature->iv, sizeof(p_signature->iv)))
  392. {
  393. ret = SGX_ERROR_UNEXPECTED;
  394. goto CLEANUP;
  395. }
  396. p_mac = (uint8_t *)(&p_signature->basic_sign) + p_signature->payload_size;
  397. if(SGX_SUCCESS != sgx_read_rand(p_mac, 16))
  398. {
  399. ret = SGX_ERROR_UNEXPECTED;
  400. goto CLEANUP;
  401. }
  402. if(p_qe_report)
  403. ret = create_qe_report(p_report, p_nonce, (uint8_t*)p_quote,
  404. quote_size, &cpusvn, p_qe_report);
  405. CLEANUP:
  406. return ret;
  407. } //sgx_get_quote
  408. sgx_status_t SGXAPI sgx_report_attestation_status(
  409. const sgx_platform_info_t *p_platform_info,
  410. int attestation_status,
  411. sgx_update_info_bit_t *p_update_info)
  412. {
  413. UNUSED(p_platform_info);
  414. UNUSED(attestation_status);
  415. memset(p_update_info, 0, sizeof(sgx_update_info_bit_t));
  416. return SGX_SUCCESS;
  417. }
  418. sgx_status_t SGXAPI sgx_get_extended_epid_group_id(uint32_t* p_extended_epid_group_id)
  419. {
  420. *p_extended_epid_group_id = 0;
  421. return SGX_SUCCESS;
  422. }
  423. sgx_status_t SGXAPI sgx_get_whitelist_size(uint32_t* p_whitelist_size)
  424. {
  425. *p_whitelist_size = 0;
  426. return SGX_SUCCESS;
  427. }
  428. sgx_status_t SGXAPI sgx_get_whitelist(uint8_t* p_whitelist, uint32_t whitelist_size)
  429. {
  430. UNUSED(p_whitelist);
  431. if(whitelist_size!=0){
  432. return SGX_ERROR_INVALID_PARAMETER;
  433. }else{
  434. return SGX_SUCCESS;
  435. }
  436. }