tSeal.cpp 9.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238
  1. /*
  2. * Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. // tSeal.cpp - Trusted Sealing Routines
  32. #include "sgx_tseal.h"
  33. #include <stdlib.h>
  34. #include <string.h>
  35. #include "sgx_trts.h"
  36. #include "sgx_report.h"
  37. #include "se_cdefs.h"
  38. #include "sgx_utils.h"
  39. #include "tSeal_internal.h"
  40. #include "tseal_migration_attr.h"
  41. extern "C" sgx_status_t sgx_seal_data(const uint32_t additional_MACtext_length,
  42. const uint8_t *p_additional_MACtext, const uint32_t text2encrypt_length,
  43. const uint8_t *p_text2encrypt, const uint32_t sealed_data_size,
  44. sgx_sealed_data_t *p_sealed_data)
  45. {
  46. sgx_status_t err = SGX_ERROR_UNEXPECTED;
  47. sgx_attributes_t attribute_mask;
  48. attribute_mask.flags = TSEAL_DEFAULT_FLAGSMASK;
  49. attribute_mask.xfrm = 0x0;
  50. err = sgx_seal_data_ex(SGX_KEYPOLICY_MRSIGNER, attribute_mask, TSEAL_DEFAULT_MISCMASK, additional_MACtext_length,
  51. p_additional_MACtext, text2encrypt_length, p_text2encrypt, sealed_data_size, p_sealed_data);
  52. return err;
  53. }
  54. extern "C" sgx_status_t sgx_seal_data_ex(const uint16_t key_policy,
  55. const sgx_attributes_t attribute_mask,
  56. const sgx_misc_select_t misc_mask,
  57. const uint32_t additional_MACtext_length,
  58. const uint8_t *p_additional_MACtext, const uint32_t text2encrypt_length,
  59. const uint8_t *p_text2encrypt, const uint32_t sealed_data_size,
  60. sgx_sealed_data_t *p_sealed_data)
  61. {
  62. sgx_status_t err = SGX_ERROR_UNEXPECTED;
  63. sgx_report_t report;
  64. sgx_key_id_t keyID;
  65. sgx_key_request_t tmp_key_request;
  66. uint8_t payload_iv[SGX_SEAL_IV_SIZE];
  67. memset(&payload_iv, 0, sizeof(payload_iv));
  68. uint32_t sealedDataSize = sgx_calc_sealed_data_size(additional_MACtext_length,text2encrypt_length);
  69. // Check for overflow
  70. if (sealedDataSize == UINT32_MAX)
  71. {
  72. return SGX_ERROR_INVALID_PARAMETER;
  73. }
  74. //
  75. // Check parameters
  76. //
  77. // check key_request->key_policy reserved bits are not set and one of policy bits are set
  78. if ((key_policy & ~(SGX_KEYPOLICY_MRENCLAVE | SGX_KEYPOLICY_MRSIGNER)) ||
  79. ((key_policy & (SGX_KEYPOLICY_MRENCLAVE | SGX_KEYPOLICY_MRSIGNER)) == 0))
  80. {
  81. return SGX_ERROR_INVALID_PARAMETER;
  82. }
  83. if ( !(attribute_mask.flags & SGX_FLAGS_INITTED)
  84. || !(attribute_mask.flags & SGX_FLAGS_DEBUG) )
  85. {
  86. return SGX_ERROR_INVALID_PARAMETER;
  87. }
  88. if ((additional_MACtext_length > 0) && (p_additional_MACtext == NULL))
  89. {
  90. return SGX_ERROR_INVALID_PARAMETER;
  91. }
  92. if ((text2encrypt_length == 0) || (p_text2encrypt == NULL) || (!sgx_is_within_enclave(p_text2encrypt,text2encrypt_length)))
  93. {
  94. return SGX_ERROR_INVALID_PARAMETER;
  95. }
  96. // Ensure sealed data blob is within an enclave during the sealing process
  97. if ((p_sealed_data == NULL) || (!sgx_is_within_enclave(p_sealed_data,sealed_data_size)))
  98. {
  99. return SGX_ERROR_INVALID_PARAMETER;
  100. }
  101. // Ensure aad data does not cross enclave boundary
  102. if ((additional_MACtext_length > 0) &&
  103. (!(sgx_is_within_enclave(p_additional_MACtext,additional_MACtext_length) || sgx_is_outside_enclave(p_additional_MACtext, additional_MACtext_length))))
  104. {
  105. return SGX_ERROR_INVALID_PARAMETER;
  106. }
  107. if (sealedDataSize != sealed_data_size)
  108. {
  109. return SGX_ERROR_INVALID_PARAMETER;
  110. }
  111. memset(&report, 0, sizeof(sgx_report_t));
  112. memset(p_sealed_data, 0, sealedDataSize);
  113. memset(&keyID, 0, sizeof(sgx_key_id_t));
  114. memset(&tmp_key_request, 0, sizeof(sgx_key_request_t));
  115. // Get the report to obtain isv_svn and cpu_svn
  116. err = sgx_create_report(NULL, NULL, &report);
  117. if (err != SGX_SUCCESS)
  118. {
  119. goto clear_return;
  120. }
  121. // Get a random number to populate the key_id of the key_request
  122. err = sgx_read_rand(reinterpret_cast<uint8_t *>(&keyID), sizeof(sgx_key_id_t));
  123. if (err != SGX_SUCCESS)
  124. {
  125. goto clear_return;
  126. }
  127. memcpy(&(tmp_key_request.cpu_svn), &(report.body.cpu_svn), sizeof(sgx_cpu_svn_t));
  128. memcpy(&(tmp_key_request.isv_svn), &(report.body.isv_svn), sizeof(sgx_isv_svn_t));
  129. tmp_key_request.key_name = SGX_KEYSELECT_SEAL;
  130. tmp_key_request.key_policy = key_policy;
  131. tmp_key_request.attribute_mask.flags = attribute_mask.flags;
  132. tmp_key_request.attribute_mask.xfrm = attribute_mask.xfrm;
  133. memcpy(&(tmp_key_request.key_id), &keyID, sizeof(sgx_key_id_t));
  134. tmp_key_request.misc_mask = misc_mask;
  135. err = sgx_seal_data_iv(additional_MACtext_length, p_additional_MACtext,
  136. text2encrypt_length, p_text2encrypt, payload_iv, &tmp_key_request, p_sealed_data);
  137. if (err == SGX_SUCCESS)
  138. {
  139. // Copy data from the temporary key request buffer to the sealed data blob
  140. memcpy(&(p_sealed_data->key_request), &tmp_key_request, sizeof(sgx_key_request_t));
  141. }
  142. clear_return:
  143. // Clear temp state
  144. memset_s(&report, sizeof(sgx_report_t), 0, sizeof(sgx_report_t));
  145. memset_s(&keyID, sizeof(sgx_key_id_t), 0, sizeof(sgx_key_id_t));
  146. return err;
  147. }
  148. extern "C" sgx_status_t sgx_unseal_data(const sgx_sealed_data_t *p_sealed_data, uint8_t *p_additional_MACtext,
  149. uint32_t *p_additional_MACtext_length, uint8_t *p_decrypted_text, uint32_t *p_decrypted_text_length)
  150. {
  151. sgx_status_t err = SGX_ERROR_UNEXPECTED;
  152. // Ensure the the sgx_sealed_data_t members are all inside enclave before using them.
  153. if ((p_sealed_data == NULL) || (!sgx_is_within_enclave(p_sealed_data,sizeof(sgx_sealed_data_t))))
  154. {
  155. return SGX_ERROR_INVALID_PARAMETER;
  156. }
  157. uint32_t encrypt_text_length = sgx_get_encrypt_txt_len(p_sealed_data);
  158. if(encrypt_text_length == UINT32_MAX)
  159. {
  160. return SGX_ERROR_MAC_MISMATCH; // Return error indicating the blob is corrupted
  161. }
  162. uint32_t add_text_length = sgx_get_add_mac_txt_len(p_sealed_data);
  163. if(add_text_length == UINT32_MAX)
  164. {
  165. return SGX_ERROR_MAC_MISMATCH; // Return error indicating the blob is corrupted
  166. }
  167. uint32_t sealedDataSize = sgx_calc_sealed_data_size(add_text_length,encrypt_text_length);
  168. if (sealedDataSize == UINT32_MAX)
  169. {
  170. return SGX_ERROR_MAC_MISMATCH; // Return error indicating the blob is corrupted
  171. }
  172. //
  173. // Check parameters
  174. //
  175. // Ensure sealed data blob is within an enclave during the sealing process
  176. if (!sgx_is_within_enclave(p_sealed_data,sealedDataSize))
  177. {
  178. return SGX_ERROR_INVALID_PARAMETER;
  179. }
  180. if ((add_text_length > 0) && ((p_additional_MACtext == NULL) || (p_additional_MACtext_length == NULL)))
  181. {
  182. return SGX_ERROR_INVALID_PARAMETER;
  183. }
  184. if ((encrypt_text_length < 1) || (p_decrypted_text == NULL) || (p_decrypted_text_length == NULL))
  185. {
  186. return SGX_ERROR_INVALID_PARAMETER;
  187. }
  188. if (!sgx_is_within_enclave(p_decrypted_text,encrypt_text_length))
  189. {
  190. return SGX_ERROR_INVALID_PARAMETER;
  191. }
  192. if (!sgx_is_within_enclave(p_decrypted_text_length,sizeof(p_decrypted_text_length)))
  193. {
  194. return SGX_ERROR_INVALID_PARAMETER;
  195. }
  196. // Ensure aad data does not cross enclave boundary
  197. if ((add_text_length > 0) &&
  198. (!(sgx_is_within_enclave(p_additional_MACtext,add_text_length) || sgx_is_outside_enclave(p_additional_MACtext, add_text_length))))
  199. {
  200. return SGX_ERROR_INVALID_PARAMETER;
  201. }
  202. if ((*p_decrypted_text_length) < encrypt_text_length)
  203. {
  204. return SGX_ERROR_INVALID_PARAMETER;
  205. }
  206. uint32_t additional_MACtext_length = (NULL != p_additional_MACtext_length) ? *p_additional_MACtext_length : 0;
  207. if (additional_MACtext_length < add_text_length) {
  208. return SGX_ERROR_INVALID_PARAMETER;
  209. }
  210. err = sgx_unseal_data_helper(p_sealed_data, p_additional_MACtext, add_text_length,
  211. p_decrypted_text, encrypt_text_length);
  212. if (err == SGX_SUCCESS)
  213. {
  214. *p_decrypted_text_length = encrypt_text_length;
  215. if(p_additional_MACtext_length != NULL)
  216. *p_additional_MACtext_length = add_text_length;
  217. }
  218. return err;
  219. }