Przeglądaj źródła

ZT_LSORAMserver and ZT_LSORAMclient

sshsshy 5 lat temu
rodzic
commit
6ce068dafa
6 zmienionych plików z 1134 dodań i 3 usunięć
  1. 13 3
      Makefile
  2. 45 0
      ZT.hpp
  3. 311 0
      ZT_LSORAMclient.cc
  4. 408 0
      ZT_LSORAMserver.cc
  5. 310 0
      utils.cc
  6. 47 0
      utils.h

+ 13 - 3
Makefile

@@ -1,6 +1,6 @@
-CXXFLAGS=-g -Wall
+CXXFLAGS=-g -Wall -std=c++11 
 
-all: toyserver toyclient
+all: toyserver toyclient ztlsoramserver ztlsoramclient
 
 toyserver: toyserver.o pirserver.o
 	$(CXX) -Wall -o $@ $^
@@ -8,8 +8,18 @@ toyserver: toyserver.o pirserver.o
 toyclient: toyclient.o pirclient.o
 	$(CXX) -Wall -o $@ $^
 
+ztlsoramserver: ZT_LSORAMserver.o pirserver.o
+	$(MAKE) -C ZeroTrace/
+	cp ZeroTrace/Sample_App/ZT.hpp .
+	$(CXX) -std=c++11 ZT_LSORAMserver.cc pirserver.cc utils.cc -Wall -L=$(CURDIR) -lZT -lcrypto -Wl,--rpath=$(CURDIR) -o $@
+
+ztlsoramclient: ZT_LSORAMclient.o pirclient.o utils.o
+	$(CXX) -Wall -o  $@ $^ -lcrypto
+
 clean:
-	-rm toyserver.o pirserver.o toyclient.o pirclient.o
+	-rm toyserver.o pirserver.o toyclient.o pirclient.o ZT_LSORAMserver.o ZT_LSORAMclient.o
+	-rm enclave.signed.so libZT.so 
 
 veryclean: clean
 	-rm toyserver toyclient
+	-rm ztlsoramserver ztlsoramclient

+ 45 - 0
ZT.hpp

@@ -0,0 +1,45 @@
+/*
+*    ZeroTrace: Oblivious Memory Primitives from Intel SGX 
+*    Copyright (C) 2018  Sajin (sshsshy)
+*
+*    This program is free software: you can redistribute it and/or modify
+*    it under the terms of the GNU General Public License as published by
+*    the Free Software Foundation, version 3 of the License.
+*
+*    This program is distributed in the hope that it will be useful,
+*    but WITHOUT ANY WARRANTY; without even the implied warranty of
+*    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+*    GNU General Public License for more details.
+*
+*    You should have received a copy of the GNU General Public License
+*    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+
+int8_t ZT_Initialize(unsigned char *bin_x, unsigned char *bin_y, unsigned char *bin_r, unsigned char *bin_s, uint32_t buff_size);
+void ZT_Close();
+uint32_t ZT_New( uint32_t max_blocks, uint32_t data_size, uint32_t stash_size, uint32_t oblivious_flag, uint32_t recursion_data_size, uint32_t oram_type, uint8_t pZ);
+uint32_t ZT_New_LSORAM( uint32_t num_blocks, uint32_t key_size, uint32_t value_size, uint8_t mode, uint8_t oblivious_type, uint8_t populate_flag);
+ 
+
+void ZT_Access(uint32_t instance_id, uint8_t oram_type, unsigned char *encrypted_request, unsigned char *encrypted_response, unsigned char *tag_in, unsigned char* tag_out, uint32_t request_size, uint32_t response_size, uint32_t tag_size);
+void ZT_Bulk_Read(uint32_t instance_id, uint8_t oram_type, uint32_t bulk_batch_size, unsigned char *encrypted_request, unsigned char *encrypted_response, unsigned char *tag_in, unsigned char* tag_out, uint32_t request_size, uint32_t response_size, uint32_t tag_size);
+
+//LSORAM Access-oblivious API 
+
+int8_t ZT_LSORAM_insert(uint32_t instance_id, unsigned char *encrypted_request, uint32_t request_size, 
+       unsigned char* tag_in, uint32_t tag_size, unsigned char *client_pubkey, uint32_t pubkey_size_x,
+       uint32_t pubkey_size_y);
+
+int8_t ZT_LSORAM_fetch(uint32_t instance_id, unsigned char *encrypted_request,
+       uint32_t request_size, unsigned char *encrypted_response, 
+       uint32_t response_size, unsigned char* tag_in, unsigned char* tag_out, 
+       uint32_t tag_size, unsigned char *client_pubkey, uint32_t pubkey_size_x,
+       uint32_t pubkey_size_y); 
+
+int8_t ZT_LSORAM_evict(uint32_t id, unsigned char *key, uint32_t key_size);
+void ZT_LSORAM_delete(uint32_t id);
+
+//LSORAM Full-olivious API
+//void ZT_LSORAM_Access();
+

+ 311 - 0
ZT_LSORAMclient.cc

@@ -0,0 +1,311 @@
+#include "pirclient.h"
+#include "utils.h"
+
+EC_KEY *ENCLAVE_PUBLIC_KEY = NULL;
+
+class ZT_LSORAMClient : public PIRClient {
+
+public:
+    ZT_LSORAMClient();
+
+    // Create a PIR query.  The plainquery must be exactly 32 bytes
+    // long.
+    virtual void create(const string &plainquery, const string &params,
+        void *&queryid, string &pirquery);
+
+    //Helper functions for create()
+    void setupEnclavePublicKey(const string &params);
+    int encryptLSORAMRequest(EC_KEY* target_public_key,
+        unsigned char *serialized_request, uint32_t request_size, unsigned char
+        **encrypted_request, unsigned char **client_pubkey, uint32_t *pubkey_size_x, 
+        uint32_t *pubkey_size_y, unsigned char **ecdh_aes_key, unsigned char **iv, 
+        unsigned char **tag);
+
+    // Extract the plaintext response from a PIR response.  Returns
+    // true if successful, false if unsuccessful.
+    virtual bool extract(void *&queryid, const string &pirresponse,
+        string &plainresponse);
+
+    // Helper functions for extract()
+    int decryptLSORAMResponse(unsigned char *encrypted_response, 
+        uint32_t response_size, unsigned char *tag, unsigned char *aes_key,
+        unsigned char *iv, unsigned char **response); 
+};
+
+ZT_LSORAMClient::ZT_LSORAMClient() {
+}
+
+// Put anything you'll need to decrypt the response in here
+struct Decryptstate {
+    //The AES-key used to encrypt query
+    string decrypt_key;
+    string iv;
+};
+
+
+/*
+
+Inputs: a target pub key, a seriailzed request and request size.
+Outputs: instantiates and populates:
+          client_pubkey, aes_key (from target_pubkey and generated client_pubkey ECDH)
+          iv, encrypted request and tag for the request
+*/
+int ZT_LSORAMClient::encryptLSORAMRequest(EC_KEY* target_public_key, unsigned char *serialized_request,
+     uint32_t request_size, unsigned char **encrypted_request, unsigned char **client_pubkey,
+     uint32_t *pubkey_size_x, uint32_t *pubkey_size_y, unsigned char **ecdh_aes_key, 
+     unsigned char **iv, unsigned char **tag){
+
+  //Generate a new key
+  EC_KEY *ephemeral_key = NULL;
+  BIGNUM *x, *y;
+  x = BN_new();
+  y = BN_new();
+  BN_CTX *bn_ctx = BN_CTX_new();
+  const EC_GROUP *curve = NULL;
+
+  if(NULL == (curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)))
+    printf("Setting EC_GROUP failed \n");
+
+  ephemeral_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+  if(ephemeral_key==NULL)
+    printf("Client: EC_KEY_new_by_curve_name Fail\n");
+
+  int ret = EC_KEY_generate_key(ephemeral_key);
+  if(ret!=1)
+    printf("Client: EC_KEY_generate_key Fail\n");
+
+  const EC_POINT *pub_point;
+  pub_point = EC_KEY_get0_public_key((const EC_KEY *) ephemeral_key);
+  if(pub_point == NULL)
+    printf("Client: EC_KEY_get0_public_key Fail\n");
+      
+  ret = EC_POINT_get_affine_coordinates_GFp(curve, pub_point, x, y, bn_ctx);
+  if(ret==0)
+    printf("Client: EC_POINT_get_affine_coordinates_GFp Failed \n");
+      
+  unsigned char *bin_x, *bin_y;
+  uint32_t size_bin_x = BN_num_bytes(x);
+  uint32_t size_bin_y = BN_num_bytes(y);
+  printf("(%d, %d)\n", size_bin_x, size_bin_y);
+  bin_x = (unsigned char*) malloc(EC_KEY_SIZE);
+  bin_y = (unsigned char*) malloc(EC_KEY_SIZE);
+  BN_bn2bin(x, bin_x);
+  BN_bn2bin(y, bin_y);
+  *pubkey_size_x = size_bin_x;
+  *pubkey_size_y = size_bin_y;
+  *client_pubkey = (unsigned char*) malloc(size_bin_x + size_bin_y);
+  memcpy(*client_pubkey, bin_x, size_bin_x);
+  memcpy(*client_pubkey + size_bin_x, bin_y, size_bin_y);
+
+  /*
+  unsigned char *ptr = *client_pubkey;
+  printf("Serialized Client's Public Key in encryptLSORAM :\n");
+  for(int t = 0; t < size_bin_x; t++)
+  printf("%02X", ptr[t]);
+  printf("\n");
+  printf("Serialized Client's Public Key in encryptLSORAM :\n");
+  for(int t = 0; t < size_bin_y; t++)
+    printf("%02X", ptr[size_bin_x + t]);
+  printf("\n");
+  */
+
+  uint32_t field_size = EC_GROUP_get_degree(EC_KEY_get0_group(target_public_key));
+  uint32_t secret_len = (field_size+7)/8;
+  unsigned char *secret = (unsigned char*) malloc(secret_len);
+  //Returns a 32 byte secret	
+  secret_len = ECDH_compute_key(secret, secret_len, EC_KEY_get0_public_key(target_public_key),
+					  ephemeral_key, NULL);
+
+  //Sample IV;
+  *ecdh_aes_key = (unsigned char*) malloc (KEY_LENGTH);
+  *iv = (unsigned char*) malloc (IV_LENGTH);
+ 
+  memcpy(*ecdh_aes_key, secret, KEY_LENGTH);
+  memcpy(*iv, secret + KEY_LENGTH, IV_LENGTH);
+
+  /*
+  unsigned char *ecdh_ptr = (unsigned char *) *ecdh_aes_key;
+  unsigned char *iv_ptr = (unsigned char *) *iv;
+  
+  printf("KEY_LENGTH = %d\n", KEY_LENGTH);
+  printf("ecdh_key computed by Client :\n");
+  for(int t = 0; t < KEY_LENGTH; t++)
+    printf("%02X",  ecdh_ptr[t]);
+  printf("\n");
+  printf("iv computed by Client :\n");
+  for(int t = 0; t < IV_LENGTH; t++)
+    printf("%02X", iv_ptr[t]);
+  printf("\n");
+  */
+
+  BN_CTX_free(bn_ctx);
+
+  *encrypted_request = (unsigned char*) malloc (request_size);
+  *tag = (unsigned char*) malloc (TAG_SIZE);
+
+  uint32_t encrypted_request_size;
+  /*
+  printf("Request bytes before encrypting: \n"); 
+  for(int t = 0; t < request_size; t++)
+    printf("%02X", serialized_request[t]);
+  printf("\n"); 
+  */
+  encrypted_request_size = AES_GCM_128_encrypt(serialized_request, request_size,
+           NULL, 0, (unsigned char*) *ecdh_aes_key, (unsigned char*) *iv, 
+           IV_LENGTH, *encrypted_request, *tag);
+
+  /*
+  unsigned char*tag_ptr = *tag;
+  printf("Tag bytes after encryption: \n"); 
+  for(uint32_t t = 0; t < TAG_SIZE; t++)
+    printf("%02X", tag_ptr[t]);
+  printf("\n"); 
+ 
+  printf("Request_size = %d, Encrypted_request_size = %d,\n", request_size, encrypted_request_size); 
+  printf("Request bytes after encrypting: \n");
+  unsigned char *encrypted_ptr = (unsigned char*) *encrypted_request;
+  for(uint32_t t = 0; t < encrypted_request_size; t++)
+    printf("%02X",  encrypted_ptr[t]);
+  printf("\n"); 
+  */
+  return encrypted_request_size;
+}
+
+void ZT_LSORAMClient::setupEnclavePublicKey(const string &params){
+  const char *serialized_key;
+  unsigned char bin_x[PRIME256V1_KEY_SIZE];
+  unsigned char bin_y[PRIME256V1_KEY_SIZE];
+  BIGNUM *x, *y;
+  EC_GROUP *curve;
+
+  if(NULL == (curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)))
+	printf("Setting EC_GROUP failed \n");
+  EC_POINT *pub_point = EC_POINT_new(curve);
+
+  serialized_key = params.c_str();
+  memcpy(bin_x, serialized_key, PRIME256V1_KEY_SIZE);
+  memcpy(bin_y, serialized_key + PRIME256V1_KEY_SIZE, PRIME256V1_KEY_SIZE);
+
+  //Load the Enclave Public Key
+  ENCLAVE_PUBLIC_KEY = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+  
+  BN_CTX *bn_ctx = BN_CTX_new();
+  x = BN_bin2bn(bin_x, PRIME256V1_KEY_SIZE, NULL);
+  y = BN_bin2bn(bin_y, PRIME256V1_KEY_SIZE, NULL);
+  if(EC_POINT_set_affine_coordinates_GFp(curve, pub_point, x, y, bn_ctx)==0)
+	  printf("EC_POINT_set_affine_coordinates FAILED \n");
+
+  if(EC_KEY_set_public_key(ENCLAVE_PUBLIC_KEY, pub_point)==0)
+	  printf("EC_KEY_set_public_key FAILED \n");
+
+  BN_CTX_free(bn_ctx);
+}
+
+void
+ZT_LSORAMClient::create(const string &plainquery, const string &params,
+        void *&queryid, string &pirquery)
+{
+
+  // TODO: In ZT_LSORAMClient Lookupquery should be:
+  // encrypted_query||tag_in||pk_x_size||pk_y_size||client_pubkey
+  // client_pubkey (of size pk_x_size+pk_y_size)
+
+  if (plainquery.length() == 32 && params.length() == 32) {
+    //Setup Enclave_Pub_key
+    setupEnclavePublicKey(params);
+ 
+    //Encrypt the query
+    const char *request = plainquery.c_str(); 
+    unsigned char *tag, *encrypted_request, *ecdh_aes_key, *iv, *client_pubkey;
+    uint32_t pubkey_size_x, pubkey_size_y;
+
+    encryptLSORAMRequest(ENCLAVE_PUBLIC_KEY,(unsigned char*) request, BLINDED_KEY_SIZE, 
+           &encrypted_request, &client_pubkey, &pubkey_size_x, &pubkey_size_y,
+           &ecdh_aes_key, &iv, &tag);
+
+    // Format encrypted query into pirquery as :
+    // encrypted_query||tag_in||pk_x_size||pk_y_size||client_pubkey
+    // client_pubkey (of size pk_x_size+pk_y_size)
+    uint32_t pirquery_cstr_size = BLINDED_KEY_SIZE + TAG_SIZE 
+             + (2 * sizeof(uint32_t)) + pubkey_size_x + pubkey_size_y;
+    unsigned char *pirquery_cstr = (unsigned char*) malloc(pirquery_cstr_size);
+
+    unsigned char *ptr = pirquery_cstr;
+    memcpy(ptr, encrypted_request, BLINDED_KEY_SIZE);
+    ptr+=BLINDED_KEY_SIZE;
+    memcpy(ptr, tag, TAG_SIZE);
+    ptr+=TAG_SIZE;
+    memcpy(ptr, &pubkey_size_x, sizeof(uint32_t));
+    ptr+=sizeof(uint32_t);
+    memcpy(ptr, &pubkey_size_y, sizeof(uint32_t)); 
+    ptr+=sizeof(uint32_t);
+    memcpy(ptr, client_pubkey, pubkey_size_x+pubkey_size_y);
+    pirquery.assign((const char*) pirquery_cstr, pirquery_cstr_size);   
+
+    //Store shared session key into DecryptState
+    Decryptstate *ds = new Decryptstate();
+    ds->decrypt_key.assign((const char*) ecdh_aes_key, KEY_LENGTH);
+    ds->iv.assign((const char*) iv, IV_LENGTH);
+    queryid = ds;  
+
+    //Free all buffers
+    free(pirquery_cstr);
+    free(tag);
+    free(client_pubkey);
+    free(ecdh_aes_key);
+    free(iv);
+    free(encrypted_request); 
+  }
+}
+
+
+int ZT_LSORAMClient::decryptLSORAMResponse(unsigned char *encrypted_response, uint32_t response_size, 
+    unsigned char *tag, unsigned char *aes_key, unsigned char *iv, unsigned char **response) {
+
+  *response = (unsigned char*) malloc (response_size);
+  AES_GCM_128_decrypt(encrypted_response, response_size, NULL, 0, tag, aes_key, iv, IV_LENGTH, *response);
+  return response_size;
+}
+
+bool
+ZT_LSORAMClient::extract(void *&queryid, const string &pirresponse,
+        string &plainresponse)
+{
+
+  //pirresponse = encrypted_response||tag_out
+  if(pirresponse.length()!=(DESCRIPTOR_MAX_SIZE+TAG_SIZE)){
+    printf("pirresponse size does not match expected value" 
+           "(DESCRIPTOR_MAX_SIZE + TAG_SIZE)\n");
+    return 0;
+  }  
+  
+  Decryptstate *ds = (Decryptstate *)queryid;
+  
+  unsigned char *aes_key = (unsigned char*) ds->decrypt_key.c_str();
+  unsigned char *iv = (unsigned char*) ds->iv.c_str();
+  string encrypted_response = pirresponse.substr(0, DESCRIPTOR_MAX_SIZE);
+  string tag_out = pirresponse.substr(DESCRIPTOR_MAX_SIZE, TAG_SIZE);  
+  unsigned char *response;
+ 
+  decryptLSORAMResponse((unsigned char *)encrypted_response.c_str(), 
+         DESCRIPTOR_MAX_SIZE, (unsigned char*) tag_out.c_str(), aes_key, iv, 
+         &response); 
+  
+  delete ds;
+  queryid = NULL;
+
+  //Populate plainresponse with response
+  plainresponse.assign((const char*) response, DESCRIPTOR_MAX_SIZE);
+
+  free(response);
+  return true;
+   
+}
+
+int main(int argc, char **argv) {
+    ZT_LSORAMClient client;
+
+    client.mainloop();
+
+    return 0;
+}

+ 408 - 0
ZT_LSORAMserver.cc

@@ -0,0 +1,408 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <cstring>
+#include <iostream>
+#include <map>
+#include <iterator>
+
+#include <openssl/ec.h>
+#include <openssl/ecdh.h>
+#include <openssl/ecdsa.h>
+#include <openssl/conf.h>
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/obj_mac.h>
+
+using std::map;
+
+#include "pirserver.h"
+#include "ZeroTrace/Globals.hpp"
+#include "utils.h"
+#include "ZT.hpp"
+
+EC_KEY *ENCLAVE_PUBLIC_KEY = NULL;
+
+// Not in use since we use a vector that can expand for LS ORAM 
+#define START_NUM_BLOCKS 100
+
+//MEM_MODE 0 = INSIDE_PRM
+//         1 = OUTSIDE_PRM
+#define MEM_MODE 0
+
+//OBLIVIOUS_TYPE 0 = ACCESS_ONLY
+//               1 = FULL_OBLIVIOUS
+#define OBLIVIOUS_TYPE 0
+
+//POPULATE_FLAG is for populating the LSORAM with dummy records
+#define POPULATE_FLAG 0 
+
+
+// TODO: Put everything above this point into a ZT_LSORAMServer.hpp
+
+class ZT_LSORAMServer : public PIRServer {
+private:
+  string pubkey;
+  uint32_t ZT_instance_id;
+  map<string, string> table;
+  
+public:
+  ZT_LSORAMServer();
+  void initializeZeroTrace(string &params);
+
+  virtual void get_params(string &params);
+  
+  
+  virtual void store(const string &key, const string &value);
+
+  //Helper functions for store:
+  int encryptLSORAMRequest(EC_KEY* target_public_key, unsigned char *serialized_request,
+      uint32_t request_size, unsigned char **encrypted_request, unsigned char **client_pubkey,
+      uint32_t *pubkey_size_x, uint32_t *pubkey_size_y, unsigned char **ecdh_aes_key, 
+      unsigned char **iv, unsigned char **tag);
+
+  int LSORAM_Insert(uint32_t instance_id, unsigned char *key, uint32_t key_size,
+      unsigned char* value, uint32_t value_size);
+
+  virtual bool lookup(const string &lookup_query, string &lookup_response);
+  
+  //Helper functions for lookup:
+
+};
+
+
+ZT_LSORAMServer::ZT_LSORAMServer() {
+
+}
+
+void ZT_LSORAMServer::initializeZeroTrace(string &params) {
+  // Variables for Enclave Public Key retrieval 
+  uint32_t max_buff_size = PRIME256V1_KEY_SIZE;
+  unsigned char bin_x[PRIME256V1_KEY_SIZE], bin_y[PRIME256V1_KEY_SIZE], signature_r[PRIME256V1_KEY_SIZE], signature_s[PRIME256V1_KEY_SIZE];
+  
+  ZT_Initialize(bin_x, bin_y, signature_r, signature_s, max_buff_size);
+  
+  EC_GROUP *curve;
+  EC_KEY *enclave_verification_key = NULL;
+  ECDSA_SIG *sig_enclave = ECDSA_SIG_new();	
+  BIGNUM *x, *y, *xh, *yh;
+  BN_CTX *bn_ctx = BN_CTX_new();
+  int ret;
+
+  if(NULL == (curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)))
+	  printf("Setting EC_GROUP failed \n");
+
+  EC_POINT *pub_point = EC_POINT_new(curve);
+  //Verify the Enclave Public Key
+  enclave_verification_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+  xh = BN_bin2bn(hardcoded_verification_key_x, PRIME256V1_KEY_SIZE, NULL);
+  yh = BN_bin2bn(hardcoded_verification_key_y, PRIME256V1_KEY_SIZE, NULL);
+  EC_KEY_set_public_key_affine_coordinates(enclave_verification_key, xh, yh);
+  unsigned char *serialized_public_key = (unsigned char*) malloc (PRIME256V1_KEY_SIZE*2);
+  memcpy(serialized_public_key, bin_x, PRIME256V1_KEY_SIZE);
+  memcpy(serialized_public_key + PRIME256V1_KEY_SIZE, bin_y, PRIME256V1_KEY_SIZE);
+	  
+  sig_enclave->r = BN_bin2bn(signature_r, PRIME256V1_KEY_SIZE, NULL);
+  sig_enclave->s = BN_bin2bn(signature_s, PRIME256V1_KEY_SIZE, NULL);	
+  
+  ret = ECDSA_do_verify((const unsigned char*) serialized_public_key, PRIME256V1_KEY_SIZE*2, sig_enclave, enclave_verification_key);
+  if(ret==1){
+	  printf("GetEnclavePublishedKey : Verification Successful! \n");
+  }
+  else{
+	  printf("GetEnclavePublishedKey : Verification FAILED! \n");
+  }
+  
+  //Load the Enclave Public Key
+  ENCLAVE_PUBLIC_KEY = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+  
+  x = BN_bin2bn(bin_x, PRIME256V1_KEY_SIZE, NULL);
+  y = BN_bin2bn(bin_y, PRIME256V1_KEY_SIZE, NULL);
+  if(EC_POINT_set_affine_coordinates_GFp(curve, pub_point, x, y, bn_ctx)==0)
+	  printf("EC_POINT_set_affine_coordinates FAILED \n");
+
+  if(EC_KEY_set_public_key(ENCLAVE_PUBLIC_KEY, pub_point)==0)
+	  printf("EC_KEY_set_public_key FAILED \n");
+
+  BN_CTX_free(bn_ctx);
+  free(serialized_public_key); 
+  pubkey.assign((const char*) serialized_public_key, 2*PRIME256V1_KEY_SIZE);
+  params.assign(pubkey);
+}
+
+
+void ZT_LSORAMServer::get_params(string &params) {
+  //We get a string to populate with params, (which is just the public key) 
+  initializeZeroTrace(params);
+  
+  //NOTE: num_blocks doesn't make a difference for Access-only Oblivious LSORAM
+  //ZT_instance_id = ZT_New_LSORAM(num_blocks, key_size, value_size, mode, oblivious_type, populate_flag);
+
+  ZT_instance_id = ZT_New_LSORAM(START_NUM_BLOCKS, BLINDED_KEY_SIZE, DESCRIPTOR_MAX_SIZE, MEM_MODE, OBLIVIOUS_TYPE, POPULATE_FLAG);
+}
+
+
+/*
+
+Inputs: a target pub key, a seriailzed request and request size.
+Outputs: instantiates and populates:
+          client_pubkey, aes_key (from target_pubkey and generated client_pubkey ECDH)
+          iv, encrypted request and tag for the request
+*/
+int ZT_LSORAMServer::encryptLSORAMRequest(EC_KEY* target_public_key, unsigned char *serialized_request,
+     uint32_t request_size, unsigned char **encrypted_request, unsigned char **client_pubkey,
+     uint32_t *pubkey_size_x, uint32_t *pubkey_size_y, unsigned char **ecdh_aes_key, 
+     unsigned char **iv, unsigned char **tag){
+
+  //Generate a new key
+  EC_KEY *ephemeral_key = NULL;
+  BIGNUM *x, *y;
+  x = BN_new();
+  y = BN_new();
+  BN_CTX *bn_ctx = BN_CTX_new();
+  const EC_GROUP *curve = NULL;
+
+  if(NULL == (curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)))
+    printf("Setting EC_GROUP failed \n");
+
+  ephemeral_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+  if(ephemeral_key==NULL)
+    printf("Client: EC_KEY_new_by_curve_name Fail\n");
+
+  int ret = EC_KEY_generate_key(ephemeral_key);
+  if(ret!=1)
+    printf("Client: EC_KEY_generate_key Fail\n");
+
+  const EC_POINT *pub_point;
+  pub_point = EC_KEY_get0_public_key((const EC_KEY *) ephemeral_key);
+  if(pub_point == NULL)
+    printf("Client: EC_KEY_get0_public_key Fail\n");
+      
+  ret = EC_POINT_get_affine_coordinates_GFp(curve, pub_point, x, y, bn_ctx);
+  if(ret==0)
+    printf("Client: EC_POINT_get_affine_coordinates_GFp Failed \n");
+      
+  unsigned char *bin_x, *bin_y;
+  uint32_t size_bin_x = BN_num_bytes(x);
+  uint32_t size_bin_y = BN_num_bytes(y);
+  printf("(%d, %d)\n", size_bin_x, size_bin_y);
+  bin_x = (unsigned char*) malloc(EC_KEY_SIZE);
+  bin_y = (unsigned char*) malloc(EC_KEY_SIZE);
+  BN_bn2bin(x, bin_x);
+  BN_bn2bin(y, bin_y);
+  *pubkey_size_x = size_bin_x;
+  *pubkey_size_y = size_bin_y;
+  *client_pubkey = (unsigned char*) malloc(size_bin_x + size_bin_y);
+  memcpy(*client_pubkey, bin_x, size_bin_x);
+  memcpy(*client_pubkey + size_bin_x, bin_y, size_bin_y);
+
+  /*
+  unsigned char *ptr = *client_pubkey;
+  printf("Serialized Client's Public Key in encryptLSORAM :\n");
+  for(int t = 0; t < size_bin_x; t++)
+  printf("%02X", ptr[t]);
+  printf("\n");
+  printf("Serialized Client's Public Key in encryptLSORAM :\n");
+  for(int t = 0; t < size_bin_y; t++)
+    printf("%02X", ptr[size_bin_x + t]);
+  printf("\n");
+  */
+
+  uint32_t field_size = EC_GROUP_get_degree(EC_KEY_get0_group(target_public_key));
+  uint32_t secret_len = (field_size+7)/8;
+  unsigned char *secret = (unsigned char*) malloc(secret_len);
+  //Returns a 32 byte secret	
+  secret_len = ECDH_compute_key(secret, secret_len, EC_KEY_get0_public_key(target_public_key),
+					  ephemeral_key, NULL);
+
+  //Sample IV;
+  *ecdh_aes_key = (unsigned char*) malloc (KEY_LENGTH);
+  *iv = (unsigned char*) malloc (IV_LENGTH);
+ 
+  memcpy(*ecdh_aes_key, secret, KEY_LENGTH);
+  memcpy(*iv, secret + KEY_LENGTH, IV_LENGTH);
+
+  /*
+  unsigned char *ecdh_ptr = (unsigned char *) *ecdh_aes_key;
+  unsigned char *iv_ptr = (unsigned char *) *iv;
+  
+  printf("KEY_LENGTH = %d\n", KEY_LENGTH);
+  printf("ecdh_key computed by Client :\n");
+  for(int t = 0; t < KEY_LENGTH; t++)
+    printf("%02X",  ecdh_ptr[t]);
+  printf("\n");
+  printf("iv computed by Client :\n");
+  for(int t = 0; t < IV_LENGTH; t++)
+    printf("%02X", iv_ptr[t]);
+  printf("\n");
+  */
+
+  BN_CTX_free(bn_ctx);
+
+  *encrypted_request = (unsigned char*) malloc (request_size);
+  *tag = (unsigned char*) malloc (TAG_SIZE);
+
+  uint32_t encrypted_request_size;
+  /*
+  printf("Request bytes before encrypting: \n"); 
+  for(int t = 0; t < request_size; t++)
+    printf("%02X", serialized_request[t]);
+  printf("\n"); 
+  */
+  encrypted_request_size = AES_GCM_128_encrypt(serialized_request, request_size,
+           NULL, 0, (unsigned char*) *ecdh_aes_key, (unsigned char*) *iv, 
+           IV_LENGTH, *encrypted_request, *tag);
+
+  /*
+  unsigned char*tag_ptr = *tag;
+  printf("Tag bytes after encryption: \n"); 
+  for(uint32_t t = 0; t < TAG_SIZE; t++)
+    printf("%02X", tag_ptr[t]);
+  printf("\n"); 
+ 
+  printf("Request_size = %d, Encrypted_request_size = %d,\n", request_size, encrypted_request_size); 
+  printf("Request bytes after encrypting: \n");
+  unsigned char *encrypted_ptr = (unsigned char*) *encrypted_request;
+  for(uint32_t t = 0; t < encrypted_request_size; t++)
+    printf("%02X",  encrypted_ptr[t]);
+  printf("\n"); 
+  */
+  return encrypted_request_size;
+}
+
+int ZT_LSORAMServer::LSORAM_Insert(uint32_t instance_id, unsigned char *key, uint32_t key_size, unsigned char* value, uint32_t value_size){
+  unsigned char *serialized_request, *encrypted_request, *tag_in;
+  unsigned char *client_pubkey, *ecdh_aes_key, *iv;
+  uint32_t pubkey_size_x, pubkey_size_y;
+ 
+  uint32_t request_size = serializeLSORAMRequest(key, key_size, value, value_size, &serialized_request);
+  
+  encryptLSORAMRequest(ENCLAVE_PUBLIC_KEY, serialized_request, request_size, 
+         &encrypted_request, &client_pubkey, &pubkey_size_x, &pubkey_size_y, 
+         &ecdh_aes_key, &iv, &tag_in);
+
+  /* 
+  printf("Clientpubkey going into ZT_LSORAM_insert:\n");
+  printf("X: :\n");
+  for(int t = 0; t < 32; t++)
+  printf("%02X", client_pubkey[t]);
+  printf("\n");
+  printf("Y :\n");
+  for(int t = 0; t < 32; t++)
+    printf("%02X", client_pubkey[32+t]);
+  printf("\n");
+  */
+
+  ZT_LSORAM_insert(instance_id, encrypted_request, request_size,
+                   tag_in, TAG_SIZE, client_pubkey, pubkey_size_x, pubkey_size_y);
+
+  free(serialized_request);
+  return 1;   
+}
+
+void ZT_LSORAMServer::store(const string &key, const string &value){
+  if (value.length() > 0) {
+    //Create encrypted request with strings key, value
+    
+    LSORAM_Insert(ZT_instance_id, (unsigned char*) key.c_str(), BLINDED_KEY_SIZE,
+          (unsigned char*) value.c_str(), DESCRIPTOR_MAX_SIZE);
+
+  } else {
+    //int8_t ZT_LSORAM_evict(uint32_t id, unsigned char *key, uint32_t key_size);
+  }
+}
+
+/*
+int ZT_LSORAMServer::LSORAM_Fetch(uint32_t instance_id, unsigned char *key, uint32_t key_size, unsigned char* encrypted_value, uint32_t value_size){
+  //value needs to be populated by ZT_LSORAM_fetch
+  unsigned char *serialized_request, *encrypted_request, *tag_in;
+  unsigned char *client_pubkey, *ecdh_aes_key, *iv, *response;
+  uint32_t pubkey_size_x, pubkey_size_y;
+
+  // Response buffer and tag, populated by the enclave
+  unsigned char tag_out[TAG_SIZE];
+ 
+  uint32_t request_size = serializeLSORAMRequest(key, key_size, encrypted_value, 0, &serialized_request);
+  
+  encryptLSORAMRequest(ENCLAVE_PUBLIC_KEY, serialized_request, request_size, 
+         &encrypted_request, &client_pubkey, &pubkey_size_x, &pubkey_size_y, &ecdh_aes_key, &iv, &tag_in);
+  
+
+  ZT_LSORAM_fetch(instance_id, encrypted_request, request_size,
+                  encrypted_value, value_size, tag_in, tag_out, TAG_SIZE,
+                  client_pubkey, pubkey_size_x, pubkey_size_y);
+ 
+  free(serialized_request);   
+}
+*/
+
+
+/*
+  In ZT_LSORAMClient lookup_query should be:
+  encrypted_query||tag_in||pk_x_size||pk_y_size||client_pubkey
+  where client_pubkey is of size pk_x_size+pk_y_size
+
+  returns lookup_response:
+  encrypted_response||tag_out
+*/
+
+bool ZT_LSORAMServer::lookup(const string &lookup_query, string &lookup_response) {
+
+
+  //TODO: Parse lookup_query and populate these:
+  const char *lookup_query_cstr= lookup_query.c_str();
+  unsigned char *encrypted_query = (unsigned char*) malloc (BLINDED_KEY_SIZE);
+  unsigned char *tag_in = (unsigned char*) malloc (TAG_SIZE);
+  uint32_t pk_x_size;
+  uint32_t pk_y_size;
+  unsigned char *client_pubkey;
+  
+  unsigned char *ptr = (unsigned char*) lookup_query_cstr;
+  memcpy(encrypted_query, ptr, BLINDED_KEY_SIZE);
+  ptr+=BLINDED_KEY_SIZE;
+  memcpy(tag_in, ptr, TAG_SIZE);
+  ptr+=TAG_SIZE;
+  memcpy(&pk_x_size, ptr, sizeof(uint32_t));
+  ptr+=sizeof(uint32_t);   
+  memcpy(&pk_y_size, ptr, sizeof(uint32_t));
+  ptr+=sizeof(uint32_t);   
+  client_pubkey = (unsigned char*) malloc(pk_x_size+pk_y_size);
+  memcpy(client_pubkey, ptr, pk_x_size+pk_y_size);
+
+  uint32_t expected_size = BLINDED_KEY_SIZE+TAG_SIZE+ 2*sizeof(uint32_t) + 
+           pk_x_size + pk_y_size;
+
+  if(lookup_query.length()!=expected_size)
+    printf("Query size doesn't match KEY_SIZE + TAG_SIZE\n");
+    return 0; 
+
+
+  unsigned char *encrypted_response = (unsigned char*) malloc(DESCRIPTOR_MAX_SIZE);
+  unsigned char *tag_out = (unsigned char*) malloc(TAG_SIZE);
+
+  ZT_LSORAM_fetch(ZT_instance_id, encrypted_query, BLINDED_KEY_SIZE,
+     encrypted_response, DESCRIPTOR_MAX_SIZE, tag_in, tag_out, TAG_SIZE,
+     client_pubkey, pk_x_size, pk_y_size);
+
+  lookup_response.assign((const char*) encrypted_response, DESCRIPTOR_MAX_SIZE);
+  lookup_response.append((const char*) tag_out, TAG_SIZE);
+
+  free(encrypted_response);
+  free(tag_out);
+  free(client_pubkey);
+  free(encrypted_query);
+  free(tag_in);
+  return 1;
+}
+
+int main(int argc, char **argv) {
+    ZT_LSORAMServer server;
+
+    server.mainloop();
+
+    return 0;
+}

+ 310 - 0
utils.cc

@@ -0,0 +1,310 @@
+#include "utils.h"
+
+#define HASH_LENGTH 32
+#define NONCE_LENGTH 16
+#define KEY_LENGTH 16
+#define MILLION 1E6
+#define IV_LENGTH 12
+#define EC_KEY_SIZE 32
+#define KEY_LENGTH 16
+#define TAG_SIZE 16
+#define CLOCKS_PER_MS (CLOCKS_PER_SEC/1000)
+#define AES_GCM_BLOCK_SIZE_IN_BYTES 16
+#define PRIME256V1_KEY_SIZE 32
+
+int AES_GCM_128_encrypt (unsigned char *plaintext, int plaintext_len, unsigned char *aad,
+  int aad_len, unsigned char *key, unsigned char *iv, int iv_len,
+  unsigned char *ciphertext, unsigned char *tag)
+{
+  EVP_CIPHER_CTX *ctx;
+
+  int len;
+  int ciphertext_len;
+
+  /* Create and initialise the context */
+  if(!(ctx = EVP_CIPHER_CTX_new())) {
+    printf("Failed context intialization for OpenSSL EVP\n");
+  }
+
+  /* Initialise the encryption operation. */
+  if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL)){
+    printf("Failed AES_GCM_128 intialization for OpenSSL EVP\n");	
+  }
+
+  /* Set IV length if default 12 bytes (96 bits) is not appropriate */
+  if(1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv_len, NULL)){
+    printf("Failed IV config\n");
+  }
+
+  /* Initialise key and IV */
+  if(1 != EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) {
+    printf("Failed intialization for key and IV for AES_GCM\n");	
+  }
+
+  /* Provide any AAD data. This can be called zero or more times as
+   * required
+   */
+  //if(1 != EVP_EncryptUpdate(ctx, NULL, &len, aad, aad_len))
+  //	printf("Failed AAD\n");
+
+  /* Provide the message to be encrypted, and obtain the encrypted output.
+   * EVP_EncryptUpdate can be called multiple times if necessary
+   */
+  //printf("Error code = %d\n\n", EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len));
+  if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len)) {
+    printf("Failed AES_GCM encrypt\n");
+  }
+  ciphertext_len = len;
+
+  /* Finalise the encryption. Normally ciphertext bytes may be written at
+   * this stage, but this does not occur in GCM mode
+   */
+  if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)){
+    printf("Failed Finalizing ciphertext\n");	
+  }
+  ciphertext_len += len;
+
+  /* Get the tag */
+  if(1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, TAG_SIZE, tag))
+    printf("Failed tag for AES_GCM_encrypt\n");
+
+  /* Clean up */
+  EVP_CIPHER_CTX_free(ctx);
+
+  return ciphertext_len;
+}
+
+int AES_GCM_128_decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *aad,
+  int aad_len, unsigned char *tag, unsigned char *key, unsigned char *iv,
+  int iv_len, unsigned char *plaintext)
+{
+  EVP_CIPHER_CTX *ctx;
+  int len;
+  int plaintext_len;
+  int ret;
+
+  /* Create and initialise the context */
+  if(!(ctx = EVP_CIPHER_CTX_new())) 
+    printf("Failed context intialization for OpenSSL EVP\n");
+
+  /* Initialise the decryption operation. */
+  if(!EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL))
+    printf("Failed AES_GCM_128 intialization for OpenSSL EVP\n");	
+
+  /* Set IV length. Not necessary if this is 12 bytes (96 bits) */
+  if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv_len, NULL))
+    printf("Failed IV config\n");
+
+  /* Initialise key and IV */
+  if(!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
+    printf("Failed intialization for key and IV for AES_GCM_128\n");	
+  /* Provide any AAD data. This can be called zero or more times as
+   * required
+   */
+  //if(!EVP_DecryptUpdate(ctx, NULL, &len, aad, aad_len))
+  //	printf("Failed AAD\n");
+
+  /* Provide the message to be decrypted, and obtain the plaintext output.
+   * EVP_DecryptUpdate can be called multiple times if necessary
+   */
+  if(!EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
+    printf("Failed AES_GCM decrypt\n");
+  plaintext_len = len;
+
+  /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
+  if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, TAG_SIZE, tag))
+    printf("Failed tag for AES_GCM_decrypt\n");
+
+  /* Finalise the decryption. A positive return value indicates success,
+   * anything else is a failure - the plaintext is not trustworthy.
+   */
+  ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);
+
+  /* Clean up */
+  EVP_CIPHER_CTX_free(ctx);
+
+  if(ret > 0)
+  {
+    /* Success */
+    plaintext_len += len;
+    return plaintext_len;
+  }
+  else
+  {
+    /* Verify failed */
+    return -1;
+  }
+}
+
+
+int serializedSizeLSORAMRequest(uint32_t key_size, uint32_t value_size) {
+  uint32_t serialized_request_size = key_size + value_size + 2*sizeof(uint32_t);
+  return serialized_request_size;
+}
+
+/*
+
+Inputs: a target pub key, a seriailzed request and request size.
+Outputs: instantiates and populates serialized_request
+
+*/
+int32_t serializeLSORAMRequest(unsigned char *key, uint32_t key_size,
+         unsigned char *value, uint32_t value_size, unsigned char** serialized_request) {
+  // SerializedRequest:
+  // key_size, key bytes, value_size, value bytes
+  uint32_t serialized_request_size = serializedSizeLSORAMRequest(key_size, value_size);
+  *serialized_request = (unsigned char*) malloc(serialized_request_size);
+  
+  unsigned char* req_ptr = *serialized_request;
+  memcpy(req_ptr, &key_size, sizeof(uint32_t));
+  req_ptr+=sizeof(uint32_t);
+  memcpy(req_ptr, key, key_size);
+  req_ptr+=key_size;
+  
+  memcpy(req_ptr, &value_size, sizeof(uint32_t));
+  req_ptr+=sizeof(uint32_t);
+  memcpy(req_ptr, value, value_size);
+  req_ptr+=value_size;
+  
+  return serialized_request_size; 
+}
+
+int ECDH_encrypt(const string &request, uint32_t request_size, const string &params, string &shared_secret, string &pirquery){ 
+  /* 
+  1) Extracts Enclave public key from params
+  2) Samples a public key for itself
+  3) Performs ECDH with enclave public key and stores to encrypted_request: 
+     <client_sampled_public_key, request> encrypted with shared_secret
+  */
+
+  int ret;
+  EC_KEY *ephemeral_key = NULL;
+  BIGNUM *x, *y;
+  x = BN_new();
+  y = BN_new();
+  BN_CTX *bn_ctx = BN_CTX_new();
+  const EC_GROUP *curve = NULL;
+
+  if(NULL == (curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)))
+    printf("Setting EC_GROUP failed \n");
+
+  ephemeral_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+  if(ephemeral_key==NULL)
+    printf("Client: EC_KEY_new_by_curve_name Fail\n");
+
+  ret = EC_KEY_generate_key(ephemeral_key);
+  if(ret!=1)
+    printf("Client: EC_KEY_generate_key Fail\n");
+
+  const EC_POINT *pub_point;
+  pub_point = EC_KEY_get0_public_key((const EC_KEY *) ephemeral_key);
+  if(pub_point == NULL)
+    printf("Client: EC_KEY_get0_public_key Fail\n");
+      
+  ret = EC_POINT_get_affine_coordinates_GFp(curve, pub_point, x, y, bn_ctx);
+  if(ret==0)
+    printf("Client: EC_POINT_get_affine_coordinates_GFp Failed \n");
+      
+  unsigned char *bin_x, *bin_y;
+  uint32_t size_bin_x = BN_num_bytes(x);
+  uint32_t size_bin_y = BN_num_bytes(y);
+  bin_x = (unsigned char*) malloc(size_bin_x);
+  bin_y = (unsigned char*) malloc(size_bin_y);
+  BN_bn2bin(x, bin_x);
+  BN_bn2bin(y, bin_y);
+  unsigned char *serialized_client_public_key = (unsigned char*) malloc(size_bin_x + size_bin_y);
+  memcpy(serialized_client_public_key, bin_x, size_bin_x);
+  memcpy(serialized_client_public_key + size_bin_x, bin_y, size_bin_y);
+  //Done with serializeing sampled client public key
+  /*TEST snippet for key comparison at client and enclave
+  const EC_POINT *point = EC_KEY_get0_public_key(ENCLAVE_PUBLIC_KEY);
+  BIGNUM *x1, *y1;
+  x1 = BN_new();
+  y1 = BN_new();
+  ret = EC_POINT_get_affine_coordinates_GFp(curve, point, x1, y1, bn_ctx);
+  unsigned char *bin_point = (unsigned char*) malloc(32*2);
+  BN_bn2bin(x1,bin_point);
+  BN_bn2bin(y1,bin_point+32);	
+
+  printf("Serialized Client's Public Key at Client :\n");
+  for(int t = 0; t < size_bin_x+size_bin_y; t++)
+	  printf("%02X", (*serialized_client_public_key)[t]);
+  printf("\n");
+
+  printf("Serialized Enclave's Public Key at Client :\n");
+  for(int t = 0; t < size_bin_x+size_bin_y; t++)
+	  printf("%02X", bin_point[t]);
+  printf("\n");
+  */
+
+
+  //Load Enclave public key from string params
+  EC_KEY *ENCLAVE_PUBLIC_KEY;
+  ENCLAVE_PUBLIC_KEY = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+  BIGNUM *x_enclave, *y_enclave;
+  EC_POINT *pub_point_enclave = EC_POINT_new(curve);
+  x_enclave = BN_new();
+  y_enclave = BN_new();
+
+  unsigned char *bin_x_enclave = (unsigned char*) malloc(PRIME256V1_KEY_SIZE);
+  unsigned char *bin_y_enclave = (unsigned char*) malloc(PRIME256V1_KEY_SIZE);
+  for(uint32_t i=0; i<PRIME256V1_KEY_SIZE; i++){
+    bin_x_enclave[i] = params[i];
+    bin_y_enclave[i] = params[PRIME256V1_KEY_SIZE+i];
+  }
+  x_enclave = BN_bin2bn(bin_x_enclave, PRIME256V1_KEY_SIZE, NULL);
+  y_enclave = BN_bin2bn(bin_y_enclave, PRIME256V1_KEY_SIZE, NULL);
+
+  if(EC_POINT_set_affine_coordinates_GFp(curve, pub_point_enclave, x_enclave, y_enclave, bn_ctx)==0)
+    printf("EC_POINT_set_affine_coordinates FAILED \n");
+
+  if(EC_KEY_set_public_key(ENCLAVE_PUBLIC_KEY, pub_point_enclave)==0)
+    printf("EC_KEY_set_public_key FAILED \n");
+
+
+  //Do the ECDH And encrypt request
+  uint32_t field_size = EC_GROUP_get_degree(EC_KEY_get0_group(ENCLAVE_PUBLIC_KEY));
+  uint32_t secret_len = (field_size+7)/8;
+  unsigned char *secret = (unsigned char*) malloc(secret_len);
+  //Returns a 32 byte secret	
+  secret_len = ECDH_compute_key(secret, secret_len, EC_KEY_get0_public_key(ENCLAVE_PUBLIC_KEY),
+					  ephemeral_key, NULL);
+
+  unsigned char *ecdh_shared_aes_key = (unsigned char *) malloc(KEY_LENGTH);
+  unsigned char *ecdh_iv = (unsigned char*) malloc(IV_LENGTH);
+  memcpy(ecdh_shared_aes_key, secret, KEY_LENGTH);
+  memcpy(ecdh_iv, secret + KEY_LENGTH, IV_LENGTH);
+ 
+  //
+  /*	
+  printf("Secret computed by Client :\n");
+  for(int t = 0; t < secret_len; t++)
+	  printf("%02X", secret[t]);
+  printf("\n");
+  */
+
+  int encrypted_request_size = request_size;
+  unsigned char *request_cstr = (unsigned char*) malloc (request_size);
+  for(uint32_t i = 0; i<request_size; i++)
+    request_cstr[i] = request[i];
+  unsigned char *encrypted_request_cstr = (unsigned char*) malloc (request_size);	
+  unsigned char *tag_cstr = (unsigned char*) malloc (TAG_SIZE);
+  encrypted_request_size = AES_GCM_128_encrypt(request_cstr, request_size, NULL, 0, (unsigned char*) ecdh_shared_aes_key, ecdh_iv, IV_LENGTH, encrypted_request_cstr, tag_cstr);
+  
+  //pirquery = aes_key||iv||plainquery_{aes_key}||tag
+  pirquery.assign((const char*) ecdh_shared_aes_key, PRIME256V1_KEY_SIZE);
+  pirquery.append((const char*) ecdh_iv, IV_LENGTH);
+  pirquery.append((const char*) encrypted_request_cstr, encrypted_request_size);
+  pirquery.append((const char*) tag_cstr, TAG_SIZE);
+
+  BN_CTX_free(bn_ctx);
+  free(request_cstr);
+  free(ecdh_shared_aes_key);
+  free(ecdh_iv);
+  free(encrypted_request_cstr);
+  free(tag_cstr);
+  return encrypted_request_size;
+}
+
+//hybridEncrypt();
+

+ 47 - 0
utils.h

@@ -0,0 +1,47 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <string.h>
+#include <string>
+#include <cstdint>
+#include <random>
+#include <openssl/ec.h>
+#include <openssl/ecdh.h>
+#include <openssl/ecdsa.h>
+#include <openssl/conf.h>
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/obj_mac.h>
+
+
+#define HASH_LENGTH 32
+#define NONCE_LENGTH 16
+#define KEY_LENGTH 16
+#define MILLION 1E6
+#define IV_LENGTH 12
+#define EC_KEY_SIZE 32
+#define KEY_LENGTH 16
+#define TAG_SIZE 16
+#define CLOCKS_PER_MS (CLOCKS_PER_SEC/1000)
+#define AES_GCM_BLOCK_SIZE_IN_BYTES 16
+#define PRIME256V1_KEY_SIZE 32
+
+#define BLINDED_KEY_SIZE 32
+// (Largest value size we have seen so far was 14200)
+#define DESCRIPTOR_MAX_SIZE 15000
+
+using namespace std;
+
+
+int AES_GCM_128_encrypt (unsigned char *plaintext, int plaintext_len, unsigned char *aad,
+  int aad_len, unsigned char *key, unsigned char *iv, int iv_len,
+  unsigned char *ciphertext, unsigned char *tag);
+
+int AES_GCM_128_decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *aad,
+  int aad_len, unsigned char *tag, unsigned char *key, unsigned char *iv,
+  int iv_len, unsigned char *plaintext);
+
+int32_t serializeLSORAMRequest(unsigned char *key, uint32_t key_size,
+         unsigned char *value, uint32_t value_size, unsigned char** serialized_request);
+
+int ECDH_encrypt(const string &plain_request, uint32_t request_size,const string &params, string &shared_secret, string &encrypted_request);