Kezdőlap Felfedezés Súgó
Bejelentkezés
miti
/
verifier
1
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Forráskód Böngészése

temp commit from pre-paper-revision stage

dettanym 5 éve
szülő
76723770fa
commit
86d3fb0609
6 módosított fájl, 43 hozzáadás és 92 törlés
Osztott Nézet Diff Statisztika Mutatása
  1. 2 1
      Makefile
  2. 6 11
      ProtobufLAInitiator.cpp
  3. 34 48
      SgxProtobufLAInitiator.cpp
  4. 0 31
      SgxSealer.cpp
  5. 1 1
      include/SgxProtobufLAInitiator.h
  6. BIN
      verifier

+ 2 - 1
Makefile
Fájl Megtekintése 

@@ -46,7 +46,8 @@ crypto.o: crypto.cpp
 
 
 verifier:  systemMain.o systemSealerWrapper.o SgxSealer.o ProtobufLAInitiator.o SgxProtobufLAInitiator.o SgxProtobufLAInitiator_Transforms.o ProtobufLAMessages.pb.o crypto.o
 
 #	echo $(system_obj)
 
-	${CXX} -Wl,--no-undefined systemMain.o systemSealerWrapper.o SgxSealer.o ProtobufLAInitiator.o SgxProtobufLAInitiator.o SgxProtobufLAInitiator_Transforms.o ProtobufLAMessages.pb.o crypto.o   -L${Openssl_Path}/lib -lcrypto -lssl -L./ -l$(Service_Library_Name) -l$(Crypto_Library_Name) -L/home/m2mazmud/linux-sgx-trts-modified/build/linux -lsgx_tstdc -lsgx_trts -L/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server -ljvm  ${LD_FLAGS} -lprotobuf  -o $@ 
+	${CXX} -Wl,--no-undefined systemMain.o systemSealerWrapper.o SgxSealer.o ProtobufLAInitiator.o SgxProtobufLAInitiator.o SgxProtobufLAInitiator_Transforms.o ProtobufLAMessages.pb.o crypto.o   -L${Openssl_Path}/lib -lcrypto -lssl -L./ -l$(Service_Library_Name) -l$(Crypto_Library_Name) -L/home/m2mazmud/linux-sgx-trts-modified/build/linux -lsgx_tstdc -lsgx_trts ${LD_FLAGS} -lprotobuf  -o $@ 
+#-L/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server -ljvm  
 #-L/home/m2mazmud/linux-sgx-trts-modified/build/linux -lsgx_tstdc -lsgx_trts ${LD_FLAGS} -o $@ 
 
 #-Wl,-rpath,$(SGX_SDK)/lib64  systemMain.o  ${LD_FLAGS} -o $@

+ 6 - 11
ProtobufLAInitiator.cpp
Fájl Megtekintése 

@@ -104,7 +104,8 @@ int local_attestation_initiator(int port)
 
   protobuf_sgx_dh_msg2_t protobuf_msg2;
 
   protobuf_sgx_dh_msg3_t protobuf_msg3;
 
   uint32_t protobuf_sgx_ret;
 
-  uint8_t encrypted_hash_and_tag[48];// uint8_t encrypted_tag[16]; 
+  uint8_t encrypted_hash_and_tag[150];// uint8_t encrypted_tag[16]; 
+  uint32_t total_length;
 
 size_t post_la_bytes_written;
 
   // For socket to listen to the Apache enclave.
 
 
@@ -140,8 +141,8 @@ size_t post_la_bytes_written;
 
   {
 
       printf("Error in process_protobuf_dh_msg3: 0x%x", protobuf_sgx_ret); fflush(stdout); return protobuf_sgx_ret;
 
   }
 
-  memset(encrypted_hash_and_tag, 0, 48); 
-  protobuf_sgx_ret=generate_encrypted_rsa_keypair_hash(encrypted_hash_and_tag, encrypted_hash_and_tag + 32); 
+  memset(encrypted_hash_and_tag, 0, 150); 
+  protobuf_sgx_ret=generate_encrypted_rsa_keypair_hash(encrypted_hash_and_tag, &total_length); 
   if(protobuf_sgx_ret==0)
 
   {
 
 	printf("Done encryption of hash.\n"); fflush(stdout); 
@@ -152,14 +153,8 @@ size_t post_la_bytes_written;
 
 	}
 
   
 
-   post_la_bytes_written = write(decryptor_fd, encrypted_hash_and_tag, 48);
 
-
 
-   if(post_la_bytes_written != 48)
 
-   {
 
-	printf("Not all of the post-LA message was written\n"); fflush(stdout); return 0xfe; 
-
 
-   }
 
-   printf("Wrote the hash and the tag to the decryptor socket.\n"); fflush(stdout); 
+   post_la_bytes_written = write(decryptor_fd, encrypted_hash_and_tag, total_length);
 
+   printf("Wrote the hash and the tag to the decryptor socket.\n Wrote this many bytes: %d\n", post_la_bytes_written); fflush(stdout); 
 
    if(close(decryptor_fd)!= 0)
 
    {

+ 34 - 48
SgxProtobufLAInitiator.cpp
Fájl Megtekintése 

@@ -84,62 +84,48 @@ uint32_t process_protobuf_dh_msg3(protobuf_sgx_dh_msg3_t& protobuf_msg3, uint32_
 
   return 0;
 
 }
 
 
-uint32_t generate_encrypted_rsa_keypair_hash(uint8_t* op_ciphertext, uint8_t* op_encrypted_tag)
 
+uint32_t generate_encrypted_rsa_keypair_hash(uint8_t* op_ciphertext, uint32_t* length)
 
 {
 
-	uint8_t hash[32]; uint32_t return_status;
 
-	unsigned char key[16]; uint32_t count;
 
-	for(count=0;count<16;count++)
 
-		key[count]=global_session_info.active.AEK[count]; 
-	return_status=generate_rsa_keypair_hash(hash); 
-	if(return_status!=0)
 
-		return return_status; 
-	
-	uint8_t ciphertext[32];// uint8_t expected_plaintext[48]; 
-	uint8_t encryption_tag[16]; 
-	int ciphertext_len=32;// int plaintext_len=32;
 
+	uint8_t hash[32]={0x54,0x24,0x5d,0x63,0x5c,0x8f,0xec,0xcf,0x37,0xb9,0xcf,0x9e,0xb8,0xd3,0x22,0x04,0x57,0x5b,0xb2,0xfc,0xa6,0xd3,0x11,0xfb,0x87,0xb7,0x01,0x06,0x2f,0x18,0x25,0xc1};
 
+	uint32_t return_status;
 
+	unsigned char key[16]; uint32_t counter;
 
+	for(counter=0;counter<16;counter++)
 
+		key[counter]=global_session_info.active.AEK[counter]; 
+//	return_status=generate_rsa_keypair_hash(hash); 
+//	if(return_status!=0)
 
+//		return return_status; 
+
 
+	uint8_t tag[16]; 
+	int ciphertext_len;// int plaintext_len=32;
 
 	uint8_t iv[12];  
-//	memset(ciphertext, 0, 32); //memset(expected_plaintext, 0, 48); 
-	memset(iv, 0, 12);  // memset(expected_plaintext, 0, 32); 
-//	memset(encryption_tag, 0, 16);  
-//	memset(encrypted_hash_and_tag, 0, 48); 
-	return_status=aes_cipher(1, key, iv, hash, 32, op_ciphertext,  &ciphertext_len, op_encrypted_tag);
 
-/*	if(return_status != 0)
 
+	memset(iv, 0, 12);  
+	return_status=aes_cipher(1, key, iv, hash, 32, op_ciphertext,  &ciphertext_len, tag);
 
+	if(return_status == 0)
 
 	{
 
-//		memcpy(encrypted_hash_and_tag, ciphertext, 32);	 // For some reason, memcpy does not work
 
-//		memcpy(encrypted_hash_and_tag+32, encryption_tag,  16); 
-		for(count=0;count<32; count++)
 
-			*(op_ciphertext+count) = ciphertext[count];
 
-
 
-		for(count=0;count<16;count++)
 
-			*(op_encrypted_tag+count) = encryption_tag[count]; 
+		for(counter=0;counter<12;counter++)
 
+			op_ciphertext[counter+ ciphertext_len] = iv[counter];
 
+                for(counter=0;counter<16;counter++)
 
+                        op_ciphertext[counter+ ciphertext_len + 12] = tag[counter];
 
+		ciphertext_len+=28;
 
+		*length=ciphertext_len;
 
 	}
 
-//	printf("ciphertext len: %d\n", ciphertext_len); fflush(stdout);
 
-//	printf("Encryption return status: 0x%x", return_status);  fflush(stdout); 
-//	return_status=aes_cipher(0, key, iv, ciphertext, ciphertext_len, expected_plaintext, &plaintext_len, encryption_tag); 
-
 
-	for(count=0;count<32;count++)
 
-	{
 
-		printf("0x%02x ", hash[count]);
 
-	}
 
-	printf("\n");
 
-	fflush(stdout); 
-*/	for(count=0;count<32;count++)
 
+	for(counter=0;counter<32;counter++)
 
 	{
 
-		printf("0x%02x ", op_ciphertext[count]); 
+		printf("0x%02x ", op_ciphertext[counter]); 
 	}
 
+	printf("IV:\n"); 
+	        for(counter=32;counter<44;counter++)
 
+        {
 
+                printf("0x%02x ", op_ciphertext[counter]); 
+        }
 
+	printf("Tag:\n"); 
+
 
+        for(counter=44;counter<60;counter++)
 
+        {
 
+                printf("0x%02x ", op_ciphertext[counter]); 
+        }
 
 	printf("\n");
 
 	fflush(stdout);
 
-	for(count=0;count<16;count++)
 
-	{	
-		printf("0x%02x ", op_encrypted_tag[count]); 
-	}
 
-	printf("\n"); fflush(stdout);
 
-/*        for(count=0;count<32;count++)
 
-        {       
-                printf("0x%02x ", op_ciphertext[count]); 
-        }
 
-        printf("\n"); fflush(stdout);
 
-*/
 
 	return return_status;
 
 }

+ 0 - 31
SgxSealer.cpp
Fájl Megtekintése 

@@ -1,34 +1,3 @@
 
-/*
 
- * Copyright (C) 2011-2017 Intel Corporation. All rights reserved.
 
- *
 
- * Redistribution and use in source and binary forms, with or without
 
- * modification, are permitted provided that the following conditions
 
- * are met:
 
- *
 
- *   * Redistributions of source code must retain the above copyright
 
- *     notice, this list of conditions and the following disclaimer.
 
- *   * Redistributions in binary form must reproduce the above copyright
 
- *     notice, this list of conditions and the following disclaimer in
 
- *     the documentation and/or other materials provided with the
 
- *     distribution.
 
- *   * Neither the name of Intel Corporation nor the names of its
 
- *     contributors may be used to endorse or promote products derived
 
- *     from this software without specific prior written permission.
 
- *
 
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
- *
 
- */
 
-
 
 #include "sgx.h"
 
 #include "sgx_tseal.h"  // For sgx_seal_data, sgx_calc_sealed_data_size, sgx_get_encrypt_txt_len, sgx_unseal_data
 
 #include <string>

+ 1 - 1
include/SgxProtobufLAInitiator.h
Fájl Megtekintése 

@@ -1,3 +1,3 @@
 
 uint32_t process_protobuf_dh_msg1_generate_protobuf_dh_msg2(protobuf_sgx_dh_msg1_t& protobuf_msg1, protobuf_sgx_dh_msg2_t& protobuf_msg2, uint32_t* session_id);
 
 uint32_t process_protobuf_dh_msg3(protobuf_sgx_dh_msg3_t& protobuf_msg3, uint32_t* session_id);
 
-uint32_t generate_encrypted_rsa_keypair_hash(uint8_t* hash, uint8_t* tag);
 
+uint32_t generate_encrypted_rsa_keypair_hash(uint8_t* hash, uint32_t* length);

BIN
verifier
Fájl Megtekintése