Browse Source

Verifier sends an encrypted message to decryptor and closes the connection

dettanym 4 years ago
parent
commit
c0cf3df7f6
4 changed files with 70 additions and 28 deletions
  1. 26 4
      ProtobufLAInitiator.cpp
  2. 43 23
      SgxProtobufLAInitiator.cpp
  3. 1 1
      include/SgxProtobufLAInitiator.h
  4. BIN
      verifier

+ 26 - 4
ProtobufLAInitiator.cpp

@@ -104,7 +104,7 @@ int local_attestation_initiator(int port)
   protobuf_sgx_dh_msg2_t protobuf_msg2;
   protobuf_sgx_dh_msg3_t protobuf_msg3;
   uint32_t protobuf_sgx_ret;
-
+  uint8_t encrypted_hash[32]; uint8_t encrypted_tag[16]; size_t post_la_bytes_written;
   // For socket to listen to the Apache enclave.
 //  int server_fd=0; int accept_fd = 0;
 //  struct sockaddr_in own_addr;
@@ -141,16 +141,38 @@ int local_attestation_initiator(int port)
   {
       printf("Error in process_protobuf_dh_msg3: 0x%x", protobuf_sgx_ret); fflush(stdout); return protobuf_sgx_ret;
   }
-
-  protobuf_sgx_ret=generate_encrypted_rsa_keypair_hash(); 
+  memset(encrypted_hash,0, 32); memset(encrypted_tag, 0, 16);
+  protobuf_sgx_ret=generate_encrypted_rsa_keypair_hash(encrypted_hash, encrypted_tag); 
   if(protobuf_sgx_ret==0)
   {
 	printf("Done encryption of hash.\n"); fflush(stdout); 
   }
   else 
 	{
-		printf("Error in enc/dec of hash: 0x%x", protobuf_sgx_ret); fflush(stdout); 
+		printf("Error in enc/dec of hash: 0x%x", protobuf_sgx_ret); fflush(stdout); return protobuf_sgx_ret; 
 	}
+/*   uint32_t count;
+   for(count=0;count<32;count++)
+	printf("0x%x ", hash_and_tag[count]);
+   printf("\n");fflush(stdout); 
+*/
+  
+
+   post_la_bytes_written = write(decryptor_fd, encrypted_hash, 32);
+   post_la_bytes_written = write(decryptor_fd, encrypted_tag, 16);
+
+   if(post_la_bytes_written != 16)
+   {
+	printf("Not all of the post-LA message was written\n"); fflush(stdout); return 0xfe; 
+
+   }
+   printf("Wrote the hash and the tag to the decryptor socket.\n"); fflush(stdout); 
+   if(close(decryptor_fd)!= 0)
+   {
+	printf("Error in closing the socket connection.\n"); fflush(stdout); return 0xfd; 
+   } 
+  
+
 	printf("Successfully done Local attestation\n");
 	fflush(stdout);
 	return 0;

+ 43 - 23
SgxProtobufLAInitiator.cpp

@@ -84,7 +84,7 @@ uint32_t process_protobuf_dh_msg3(protobuf_sgx_dh_msg3_t& protobuf_msg3, uint32_
   return 0;
 }
 
-uint32_t generate_encrypted_rsa_keypair_hash()
+uint32_t generate_encrypted_rsa_keypair_hash(uint8_t* op_ciphertext, uint8_t* op_encrypted_tag)
 {
 	uint8_t hash[32]; uint32_t return_status;
 	unsigned char key[16]; uint32_t count;
@@ -94,32 +94,52 @@ uint32_t generate_encrypted_rsa_keypair_hash()
 	if(return_status!=0)
 		return return_status; 
 	
-	uint8_t ciphertext[48]; uint8_t expected_plaintext[48]; 
-	uint8_t encryption_tag[16]; uint8_t decryption_tag[16]; 
-	int ciphertext_len=48; int plaintext_len=32;
-	uint8_t iv[12]; 
-	memset(ciphertext, 0, 48); memset(expected_plaintext, 0, 48); 
-	memset(iv, 0, 12);  memset(expected_plaintext, 0, 32); memset(encryption_tag, 0, 16); memset(decryption_tag, 0, 16); 
-	return_status=aes_cipher(1, key, iv, hash, 32, ciphertext,  &ciphertext_len, encryption_tag);
-	printf("ciphertext len: %d\n", ciphertext_len); fflush(stdout);
-	printf("Encryption return status: 0x%x", return_status);  fflush(stdout); 
-	return_status=aes_cipher(0, key, iv, ciphertext, ciphertext_len, expected_plaintext, &plaintext_len, encryption_tag); 
-//	for(count=0;count<16;count++)
-//	{
-//		if(encryption_tag[count]!=decryption_tag[count])
-//			return 0xFF;
-//		printf("0x%x 0x%x ", encryption_tag[count], decryption_tag[count]);
-//	}
-//	printf("\n");
-//	fflush(stdout); 
+	uint8_t ciphertext[32];// uint8_t expected_plaintext[48]; 
+	uint8_t encryption_tag[16]; 
+	int ciphertext_len=32;// int plaintext_len=32;
+	uint8_t iv[12];  
+//	memset(ciphertext, 0, 32); //memset(expected_plaintext, 0, 48); 
+	memset(iv, 0, 12);  // memset(expected_plaintext, 0, 32); 
+//	memset(encryption_tag, 0, 16);  
+//	memset(encrypted_hash_and_tag, 0, 48); 
+	return_status=aes_cipher(1, key, iv, hash, 32, op_ciphertext,  &ciphertext_len, op_encrypted_tag);
+/*	if(return_status != 0)
+	{
+//		memcpy(encrypted_hash_and_tag, ciphertext, 32);	 // For some reason, memcpy does not work
+//		memcpy(encrypted_hash_and_tag+32, encryption_tag,  16); 
+		for(count=0;count<32; count++)
+			*(op_ciphertext+count) = ciphertext[count];
+
+		for(count=0;count<16;count++)
+			*(op_encrypted_tag+count) = encryption_tag[count]; 
+	}
+//	printf("ciphertext len: %d\n", ciphertext_len); fflush(stdout);
+//	printf("Encryption return status: 0x%x", return_status);  fflush(stdout); 
+//	return_status=aes_cipher(0, key, iv, ciphertext, ciphertext_len, expected_plaintext, &plaintext_len, encryption_tag); 
+
 	for(count=0;count<32;count++)
 	{
-		printf("0x%x 0x%x ", hash[count], expected_plaintext[count]);
-//		if(hash[count]!=expected_plaintext[count])
-//			return 0xFE;
+		printf("0x%02x ", hash[count]);
 	}
+	printf("\n");
 	fflush(stdout); 
-
+*/	for(count=0;count<32;count++)
+	{
+		printf("0x%02x ", op_ciphertext[count]); 
+	}
+	printf("\n");
+	fflush(stdout);
+	for(count=0;count<16;count++)
+	{	
+		printf("0x%02x ", op_encrypted_tag[count]); 
+	}
+	printf("\n"); fflush(stdout);
+/*        for(count=0;count<32;count++)
+        {       
+                printf("0x%02x ", op_ciphertext[count]); 
+        }
+        printf("\n"); fflush(stdout);
+*/
 	return return_status;
 }
 

+ 1 - 1
include/SgxProtobufLAInitiator.h

@@ -1,3 +1,3 @@
 uint32_t process_protobuf_dh_msg1_generate_protobuf_dh_msg2(protobuf_sgx_dh_msg1_t& protobuf_msg1, protobuf_sgx_dh_msg2_t& protobuf_msg2, uint32_t* session_id);
 uint32_t process_protobuf_dh_msg3(protobuf_sgx_dh_msg3_t& protobuf_msg3, uint32_t* session_id);
-uint32_t generate_encrypted_rsa_keypair_hash();
+uint32_t generate_encrypted_rsa_keypair_hash(uint8_t* hash, uint8_t* tag);

BIN
verifier