pek_pub_key.cpp 5.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122
  1. /*
  2. * Copyright (C) 2011-2017 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. #include "arch.h"
  32. #include "sgx_tcrypto.h"
  33. #include "pek_pub_key.h"
  34. #include "pve_qe_common.h"
  35. #include <string.h>
  36. #include "xegdsk_pub.hh"
  37. #include "peksk_pub.hh"
  38. #include "qsdk_pub.hh"
  39. #include "isk_pub.hh"
  40. #include "byte_order.h"
  41. //Function to verify the ECDSA signature of a PEK
  42. //SHA1 value for integrity checking is not verified since the ECDSA verification could make sure the integrity at the same time.
  43. sgx_status_t check_pek_signature(const signed_pek_t& signed_pek, const sgx_ec256_public_t* pek_sk, uint8_t *result)
  44. {
  45. sgx_status_t status = SGX_SUCCESS;
  46. sgx_ecc_state_handle_t handle= 0;
  47. sgx_ec256_signature_t ec_signature;
  48. status = sgx_ecc256_open_context(&handle);
  49. if(SGX_SUCCESS!=status){
  50. return status;
  51. }
  52. se_static_assert(sizeof(ec_signature)==sizeof(signed_pek.pek_signature));
  53. memcpy(&ec_signature, signed_pek.pek_signature, sizeof(signed_pek.pek_signature));
  54. SWAP_ENDIAN_32B(ec_signature.x);
  55. SWAP_ENDIAN_32B(ec_signature.y);
  56. status = sgx_ecdsa_verify(reinterpret_cast<const uint8_t *>(&signed_pek),
  57. static_cast<uint32_t>(sizeof(signed_pek.n)+sizeof(signed_pek.e)),
  58. pek_sk,
  59. &ec_signature,
  60. result,
  61. handle);
  62. (void)sgx_ecc256_close_context(handle);
  63. return status;
  64. }
  65. //Function to verify that ECDSA signature of XEGB is correct
  66. sgx_status_t verify_xegb(const extended_epid_group_blob_t& xegb, uint8_t *result){
  67. if (lv_htons(xegb.data_length) != EXTENDED_EPID_GROUP_BLOB_DATA_LEN
  68. || xegb.format_id != XEGB_FORMAT_ID){
  69. return SGX_ERROR_INVALID_PARAMETER;
  70. }
  71. sgx_status_t status = SGX_SUCCESS;
  72. sgx_ecc_state_handle_t handle= 0;
  73. sgx_ec256_signature_t ec_signature;
  74. status = sgx_ecc256_open_context(&handle);
  75. if(SGX_SUCCESS!=status){
  76. return status;
  77. }
  78. se_static_assert(sizeof(ec_signature)==sizeof(xegb.signature));
  79. memcpy(&ec_signature, xegb.signature, sizeof(xegb.signature));
  80. SWAP_ENDIAN_32B(ec_signature.x);
  81. SWAP_ENDIAN_32B(ec_signature.y);
  82. status = sgx_ecdsa_verify(reinterpret_cast<const uint8_t *>(&xegb),
  83. static_cast<uint32_t>(sizeof(xegb)-sizeof(xegb.signature)),
  84. const_cast<sgx_ec256_public_t *>(&g_sdsk_pub_key_little_endian),
  85. &ec_signature,
  86. result,
  87. handle);
  88. (void)sgx_ecc256_close_context(handle);
  89. if(SGX_SUCCESS!=status){
  90. return status;
  91. }
  92. return SGX_SUCCESS;
  93. }
  94. sgx_status_t verify_xegb_with_default(const extended_epid_group_blob_t& xegb, uint8_t *result, extended_epid_group_blob_t& out_xegb)
  95. {
  96. const uint8_t *pxegb = reinterpret_cast<const uint8_t *>(&xegb);
  97. uint32_t i;
  98. //check whether all bytes of xegb is 0, if so we should use default xegb
  99. for (i = 0; i < sizeof(xegb); i++){
  100. if (pxegb[i] != 0){
  101. break;
  102. }
  103. }
  104. if (i == sizeof(xegb)){//using default xegb value if all bytes are 0, for hardcoded xegb, no ecdsa signature is available so that no ecdsa verification requried too.
  105. out_xegb.xeid = 0;
  106. out_xegb.format_id = XEGB_FORMAT_ID;
  107. memcpy(out_xegb.epid_sk, &g_sgx_isk_pubkey, 2*ECDSA_SIGN_SIZE);
  108. memcpy(out_xegb.pek_sk, &g_pek_pub_key_little_endian, 2 * ECDSA_SIGN_SIZE);
  109. memcpy(out_xegb.qsdk_exp, g_qsdk_pub_key_e, sizeof(g_qsdk_pub_key_e));
  110. memcpy(out_xegb.qsdk_mod, g_qsdk_pub_key_n, PVE_RSA_KEY_BYTES);
  111. *result = SGX_EC_VALID;
  112. return SGX_SUCCESS;
  113. }
  114. memcpy(&out_xegb, &xegb, sizeof(xegb));//use the input xegb if any bytes in it is non-zero
  115. return verify_xegb(out_xegb, result);
  116. }