Browse Source

temp commit from pre-paper-revision stage

dettanym 2 years ago
parent
commit
86d3fb0609
6 changed files with 43 additions and 92 deletions
  1. 2 1
      Makefile
  2. 6 11
      ProtobufLAInitiator.cpp
  3. 34 48
      SgxProtobufLAInitiator.cpp
  4. 0 31
      SgxSealer.cpp
  5. 1 1
      include/SgxProtobufLAInitiator.h
  6. BIN
      verifier

+ 2 - 1
Makefile

@@ -46,7 +46,8 @@ crypto.o: crypto.cpp
 
 verifier:  systemMain.o systemSealerWrapper.o SgxSealer.o ProtobufLAInitiator.o SgxProtobufLAInitiator.o SgxProtobufLAInitiator_Transforms.o ProtobufLAMessages.pb.o crypto.o
 #	echo $(system_obj)
-	${CXX} -Wl,--no-undefined systemMain.o systemSealerWrapper.o SgxSealer.o ProtobufLAInitiator.o SgxProtobufLAInitiator.o SgxProtobufLAInitiator_Transforms.o ProtobufLAMessages.pb.o crypto.o   -L${Openssl_Path}/lib -lcrypto -lssl -L./ -l$(Service_Library_Name) -l$(Crypto_Library_Name) -L/home/m2mazmud/linux-sgx-trts-modified/build/linux -lsgx_tstdc -lsgx_trts -L/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server -ljvm  ${LD_FLAGS} -lprotobuf  -o $@ 
+	${CXX} -Wl,--no-undefined systemMain.o systemSealerWrapper.o SgxSealer.o ProtobufLAInitiator.o SgxProtobufLAInitiator.o SgxProtobufLAInitiator_Transforms.o ProtobufLAMessages.pb.o crypto.o   -L${Openssl_Path}/lib -lcrypto -lssl -L./ -l$(Service_Library_Name) -l$(Crypto_Library_Name) -L/home/m2mazmud/linux-sgx-trts-modified/build/linux -lsgx_tstdc -lsgx_trts ${LD_FLAGS} -lprotobuf  -o $@ 
+#-L/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server -ljvm  
 #-L/home/m2mazmud/linux-sgx-trts-modified/build/linux -lsgx_tstdc -lsgx_trts ${LD_FLAGS} -o $@ 
 
 #-Wl,-rpath,$(SGX_SDK)/lib64  systemMain.o  ${LD_FLAGS} -o $@

+ 6 - 11
ProtobufLAInitiator.cpp

@@ -104,7 +104,8 @@ int local_attestation_initiator(int port)
   protobuf_sgx_dh_msg2_t protobuf_msg2;
   protobuf_sgx_dh_msg3_t protobuf_msg3;
   uint32_t protobuf_sgx_ret;
-  uint8_t encrypted_hash_and_tag[48];// uint8_t encrypted_tag[16]; 
+  uint8_t encrypted_hash_and_tag[150];// uint8_t encrypted_tag[16]; 
+  uint32_t total_length;
 size_t post_la_bytes_written;
   // For socket to listen to the Apache enclave.
 
@@ -140,8 +141,8 @@ size_t post_la_bytes_written;
   {
       printf("Error in process_protobuf_dh_msg3: 0x%x", protobuf_sgx_ret); fflush(stdout); return protobuf_sgx_ret;
   }
-  memset(encrypted_hash_and_tag, 0, 48); 
-  protobuf_sgx_ret=generate_encrypted_rsa_keypair_hash(encrypted_hash_and_tag, encrypted_hash_and_tag + 32); 
+  memset(encrypted_hash_and_tag, 0, 150); 
+  protobuf_sgx_ret=generate_encrypted_rsa_keypair_hash(encrypted_hash_and_tag, &total_length); 
   if(protobuf_sgx_ret==0)
   {
 	printf("Done encryption of hash.\n"); fflush(stdout); 
@@ -152,14 +153,8 @@ size_t post_la_bytes_written;
 	}
   
 
-   post_la_bytes_written = write(decryptor_fd, encrypted_hash_and_tag, 48);
-
-   if(post_la_bytes_written != 48)
-   {
-	printf("Not all of the post-LA message was written\n"); fflush(stdout); return 0xfe; 
-
-   }
-   printf("Wrote the hash and the tag to the decryptor socket.\n"); fflush(stdout); 
+   post_la_bytes_written = write(decryptor_fd, encrypted_hash_and_tag, total_length);
+   printf("Wrote the hash and the tag to the decryptor socket.\n Wrote this many bytes: %d\n", post_la_bytes_written); fflush(stdout); 
 
    if(close(decryptor_fd)!= 0)
    {

+ 34 - 48
SgxProtobufLAInitiator.cpp

@@ -84,62 +84,48 @@ uint32_t process_protobuf_dh_msg3(protobuf_sgx_dh_msg3_t& protobuf_msg3, uint32_
   return 0;
 }
 
-uint32_t generate_encrypted_rsa_keypair_hash(uint8_t* op_ciphertext, uint8_t* op_encrypted_tag)
+uint32_t generate_encrypted_rsa_keypair_hash(uint8_t* op_ciphertext, uint32_t* length)
 {
-	uint8_t hash[32]; uint32_t return_status;
-	unsigned char key[16]; uint32_t count;
-	for(count=0;count<16;count++)
-		key[count]=global_session_info.active.AEK[count]; 
-	return_status=generate_rsa_keypair_hash(hash); 
-	if(return_status!=0)
-		return return_status; 
-	
-	uint8_t ciphertext[32];// uint8_t expected_plaintext[48]; 
-	uint8_t encryption_tag[16]; 
-	int ciphertext_len=32;// int plaintext_len=32;
+	uint8_t hash[32]={0x54,0x24,0x5d,0x63,0x5c,0x8f,0xec,0xcf,0x37,0xb9,0xcf,0x9e,0xb8,0xd3,0x22,0x04,0x57,0x5b,0xb2,0xfc,0xa6,0xd3,0x11,0xfb,0x87,0xb7,0x01,0x06,0x2f,0x18,0x25,0xc1};
+	uint32_t return_status;
+	unsigned char key[16]; uint32_t counter;
+	for(counter=0;counter<16;counter++)
+		key[counter]=global_session_info.active.AEK[counter]; 
+//	return_status=generate_rsa_keypair_hash(hash); 
+//	if(return_status!=0)
+//		return return_status; 
+
+	uint8_t tag[16]; 
+	int ciphertext_len;// int plaintext_len=32;
 	uint8_t iv[12];  
-//	memset(ciphertext, 0, 32); //memset(expected_plaintext, 0, 48); 
-	memset(iv, 0, 12);  // memset(expected_plaintext, 0, 32); 
-//	memset(encryption_tag, 0, 16);  
-//	memset(encrypted_hash_and_tag, 0, 48); 
-	return_status=aes_cipher(1, key, iv, hash, 32, op_ciphertext,  &ciphertext_len, op_encrypted_tag);
-/*	if(return_status != 0)
+	memset(iv, 0, 12);  
+	return_status=aes_cipher(1, key, iv, hash, 32, op_ciphertext,  &ciphertext_len, tag);
+	if(return_status == 0)
 	{
-//		memcpy(encrypted_hash_and_tag, ciphertext, 32);	 // For some reason, memcpy does not work
-//		memcpy(encrypted_hash_and_tag+32, encryption_tag,  16); 
-		for(count=0;count<32; count++)
-			*(op_ciphertext+count) = ciphertext[count];
-
-		for(count=0;count<16;count++)
-			*(op_encrypted_tag+count) = encryption_tag[count]; 
+		for(counter=0;counter<12;counter++)
+			op_ciphertext[counter+ ciphertext_len] = iv[counter];
+                for(counter=0;counter<16;counter++)
+                        op_ciphertext[counter+ ciphertext_len + 12] = tag[counter];
+		ciphertext_len+=28;
+		*length=ciphertext_len;
 	}
-//	printf("ciphertext len: %d\n", ciphertext_len); fflush(stdout);
-//	printf("Encryption return status: 0x%x", return_status);  fflush(stdout); 
-//	return_status=aes_cipher(0, key, iv, ciphertext, ciphertext_len, expected_plaintext, &plaintext_len, encryption_tag); 
-
-	for(count=0;count<32;count++)
-	{
-		printf("0x%02x ", hash[count]);
-	}
-	printf("\n");
-	fflush(stdout); 
-*/	for(count=0;count<32;count++)
+	for(counter=0;counter<32;counter++)
 	{
-		printf("0x%02x ", op_ciphertext[count]); 
+		printf("0x%02x ", op_ciphertext[counter]); 
 	}
+	printf("IV:\n"); 
+	        for(counter=32;counter<44;counter++)
+        {
+                printf("0x%02x ", op_ciphertext[counter]); 
+        }
+	printf("Tag:\n"); 
+
+        for(counter=44;counter<60;counter++)
+        {
+                printf("0x%02x ", op_ciphertext[counter]); 
+        }
 	printf("\n");
 	fflush(stdout);
-	for(count=0;count<16;count++)
-	{	
-		printf("0x%02x ", op_encrypted_tag[count]); 
-	}
-	printf("\n"); fflush(stdout);
-/*        for(count=0;count<32;count++)
-        {       
-                printf("0x%02x ", op_ciphertext[count]); 
-        }
-        printf("\n"); fflush(stdout);
-*/
 	return return_status;
 }
 

+ 0 - 31
SgxSealer.cpp

@@ -1,34 +1,3 @@
-/*
- * Copyright (C) 2011-2017 Intel Corporation. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- *   * Redistributions of source code must retain the above copyright
- *     notice, this list of conditions and the following disclaimer.
- *   * Redistributions in binary form must reproduce the above copyright
- *     notice, this list of conditions and the following disclaimer in
- *     the documentation and/or other materials provided with the
- *     distribution.
- *   * Neither the name of Intel Corporation nor the names of its
- *     contributors may be used to endorse or promote products derived
- *     from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
 #include "sgx.h"
 #include "sgx_tseal.h"  // For sgx_seal_data, sgx_calc_sealed_data_size, sgx_get_encrypt_txt_len, sgx_unseal_data
 #include <string>

+ 1 - 1
include/SgxProtobufLAInitiator.h

@@ -1,3 +1,3 @@
 uint32_t process_protobuf_dh_msg1_generate_protobuf_dh_msg2(protobuf_sgx_dh_msg1_t& protobuf_msg1, protobuf_sgx_dh_msg2_t& protobuf_msg2, uint32_t* session_id);
 uint32_t process_protobuf_dh_msg3(protobuf_sgx_dh_msg3_t& protobuf_msg3, uint32_t* session_id);
-uint32_t generate_encrypted_rsa_keypair_hash(uint8_t* hash, uint8_t* tag);
+uint32_t generate_encrypted_rsa_keypair_hash(uint8_t* hash, uint32_t* length);

BIN
verifier