ukey_exchange.cpp 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
  1. /*
  2. * Copyright (C) 2011-2016 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. #ifndef __STDINT_LIMITS
  32. #define __STDINT_LIMITS
  33. #endif
  34. //for Linux
  35. #ifndef __STDC_LIMIT_MACROS
  36. #define __STDC_LIMIT_MACROS
  37. #endif
  38. #include <stdint.h>
  39. #include <stdlib.h>
  40. #include "se_memcpy.h"
  41. #include "sgx_ukey_exchange.h"
  42. #include "sgx_uae_service.h"
  43. #include "sgx_ecp_types.h"
  44. #include "se_lock.hpp"
  45. #include "se_cdefs.h"
  46. SGX_ACCESS_VERSION(ukey_exchange, 1)
  47. static sgx_target_info_t g_qe_target_info;
  48. static Mutex g_ukey_spin_lock;
  49. #ifndef ERROR_BREAK
  50. #define ERROR_BREAK(x) if(x){break;}
  51. #endif
  52. #ifndef SAFE_FREE
  53. #define SAFE_FREE(ptr) {if (NULL != (ptr)) {free(ptr); (ptr)=NULL;}}
  54. #endif
  55. sgx_status_t sgx_ra_get_msg1(
  56. sgx_ra_context_t context,
  57. sgx_enclave_id_t eid,
  58. sgx_ecall_get_ga_trusted_t p_get_ga,
  59. sgx_ra_msg1_t *p_msg1)
  60. {
  61. if(!p_msg1 || !p_get_ga)
  62. return SGX_ERROR_INVALID_PARAMETER;
  63. sgx_epid_group_id_t gid = {0};
  64. sgx_target_info_t qe_target_info;
  65. memset(&qe_target_info, 0, sizeof(qe_target_info));
  66. sgx_status_t ret = sgx_init_quote(&qe_target_info, &gid);
  67. if(SGX_SUCCESS != ret)
  68. return ret;
  69. g_ukey_spin_lock.lock();
  70. if(memcpy_s(&g_qe_target_info, sizeof(g_qe_target_info),
  71. &qe_target_info, sizeof(qe_target_info)) != 0)
  72. {
  73. g_ukey_spin_lock.unlock();
  74. return SGX_ERROR_UNEXPECTED;
  75. }
  76. g_ukey_spin_lock.unlock();
  77. if(memcpy_s(&p_msg1->gid, sizeof(p_msg1->gid), &gid, sizeof(gid)) != 0)
  78. return SGX_ERROR_UNEXPECTED;
  79. sgx_ec256_public_t g_a;
  80. sgx_status_t status = SGX_ERROR_UNEXPECTED;
  81. memset(&g_a, 0, sizeof(g_a));
  82. ret = p_get_ga(eid, &status, context, &g_a);
  83. if(SGX_SUCCESS !=ret)
  84. return ret;
  85. if (SGX_SUCCESS != status)
  86. return status;
  87. memcpy_s(&p_msg1->g_a, sizeof(p_msg1->g_a), &g_a, sizeof(g_a));
  88. return SGX_SUCCESS;
  89. }
  90. sgx_status_t sgx_ra_proc_msg2(
  91. sgx_ra_context_t context,
  92. sgx_enclave_id_t eid,
  93. sgx_ecall_proc_msg2_trusted_t p_proc_msg2,
  94. sgx_ecall_get_msg3_trusted_t p_get_msg3,
  95. const sgx_ra_msg2_t *p_msg2,
  96. uint32_t msg2_size,
  97. sgx_ra_msg3_t **pp_msg3,
  98. uint32_t *p_msg3_size)
  99. {
  100. if(!p_msg2 || !p_proc_msg2 || !p_get_msg3 || !p_msg3_size || !pp_msg3)
  101. return SGX_ERROR_INVALID_PARAMETER;
  102. if(msg2_size != sizeof(sgx_ra_msg2_t) + p_msg2->sig_rl_size)
  103. return SGX_ERROR_INVALID_PARAMETER;
  104. sgx_status_t ret = SGX_ERROR_UNEXPECTED;
  105. sgx_report_t report;
  106. sgx_ra_msg3_t *p_msg3 = NULL;
  107. memset(&report, 0, sizeof(report));
  108. {
  109. sgx_quote_nonce_t nonce;
  110. sgx_report_t qe_report;
  111. sgx_target_info_t qe_target_info;
  112. memset(&nonce, 0, sizeof(nonce));
  113. memset(&qe_report, 0, sizeof(qe_report));
  114. sgx_status_t status;
  115. g_ukey_spin_lock.lock();
  116. if(memcpy_s(&qe_target_info, sizeof(qe_target_info),
  117. &g_qe_target_info, sizeof(g_qe_target_info)) != 0)
  118. {
  119. ret = SGX_ERROR_UNEXPECTED;
  120. g_ukey_spin_lock.unlock();
  121. goto CLEANUP;
  122. }
  123. g_ukey_spin_lock.unlock();
  124. ret = p_proc_msg2(eid, &status, context, p_msg2, &qe_target_info,
  125. &report, &nonce);
  126. if(SGX_SUCCESS!=ret)
  127. {
  128. goto CLEANUP;
  129. }
  130. if(SGX_SUCCESS!=status)
  131. {
  132. ret = status;
  133. goto CLEANUP;
  134. }
  135. uint32_t quote_size = 0;
  136. ret = sgx_get_quote_size(p_msg2->sig_rl_size ?
  137. const_cast<uint8_t *>(p_msg2->sig_rl):NULL,
  138. &quote_size);
  139. if(SGX_SUCCESS!=ret)
  140. {
  141. goto CLEANUP;
  142. }
  143. //check integer overflow of quote_size
  144. if (UINT32_MAX - quote_size < sizeof(sgx_ra_msg3_t))
  145. {
  146. ret = SGX_ERROR_UNEXPECTED;
  147. goto CLEANUP;
  148. }
  149. uint32_t msg3_size = static_cast<uint32_t>(sizeof(sgx_ra_msg3_t)) + quote_size;
  150. p_msg3 = (sgx_ra_msg3_t *)malloc(msg3_size);
  151. if(!p_msg3)
  152. {
  153. ret = SGX_ERROR_OUT_OF_MEMORY;
  154. goto CLEANUP;
  155. }
  156. memset(p_msg3, 0, msg3_size);
  157. ret = sgx_get_quote(&report,
  158. p_msg2->quote_type == SGX_UNLINKABLE_SIGNATURE ?
  159. SGX_UNLINKABLE_SIGNATURE : SGX_LINKABLE_SIGNATURE,
  160. const_cast<sgx_spid_t *>(&p_msg2->spid),
  161. &nonce,
  162. p_msg2->sig_rl_size ?
  163. const_cast<uint8_t *>(p_msg2->sig_rl):NULL,
  164. p_msg2->sig_rl_size,
  165. &qe_report,
  166. (sgx_quote_t *)p_msg3->quote,
  167. quote_size);
  168. if(SGX_SUCCESS!=ret)
  169. {
  170. goto CLEANUP;
  171. }
  172. ret = p_get_msg3(eid, &status, context, quote_size, &qe_report,
  173. p_msg3, msg3_size);
  174. if(SGX_SUCCESS!=ret)
  175. {
  176. goto CLEANUP;
  177. }
  178. if(SGX_SUCCESS!=status)
  179. {
  180. ret = status;
  181. goto CLEANUP;
  182. }
  183. *pp_msg3 = p_msg3;
  184. *p_msg3_size = msg3_size;
  185. }
  186. CLEANUP:
  187. if(ret)
  188. SAFE_FREE(p_msg3);
  189. return ret;
  190. }