From 4ab3d2e7509a1c8cac7cd6dd960b21a672255782 Mon Sep 17 00:00:00 2001
From: Sascha Tommasone <sascha@tommasone.me>
Date: Mon, 1 Jul 2024 15:23:26 +0200
Subject: [PATCH] [Assignment-7] improved error handling; add (un)sealing
 prototypes

---
 .../src/enclave/enclave.c                     | 130 +++++++++++++++---
 .../src/enclave/enclave.edl                   |   4 +-
 .../src/enclave/enclave.h                     |   6 +-
 3 files changed, 117 insertions(+), 23 deletions(-)

diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.c b/Assignment 7 - SGX Hands-on/src/enclave/enclave.c
index 4f851ad..5c74dff 100644
--- a/Assignment 7 - SGX Hands-on/src/enclave/enclave.c	
+++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.c	
@@ -1,8 +1,47 @@
+/*
+ * Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in
+ *     the documentation and/or other materials provided with the
+ *     distribution.
+ *   * Neither the name of Intel Corporation nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdarg.h>
+#include <stdio.h>      /* vsnprintf */
+#include <string.h>
+#include <stdlib.h>
+
 #include "Enclave.h"
 #include "Enclave_t.h"
+#include <sgx_tseal.h>
 #include <sgx_error.h>
 #include <sgx_tcrypto.h>
 
+
 sgx_status_t seal_key_pair(sgx_ec256_private_t *private, sgx_ec256_public_t *public, uint8_t *sealed, uint32_t *sealed_size) {
     // handle missing keypair
     if((private == NULL) || (public == NULL))
@@ -39,11 +78,11 @@ sgx_status_t seal_key_pair(sgx_ec256_private_t *private, sgx_ec256_public_t *pub
     return SGX_SUCCESS;
 }
 
-sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) {
-    // return if no sealed data provided
-    if(sealed == NULL)
+sgx_status_t unseal_key_pair(uint8_t *sealed, uint32_t *sealed_size, sgx_ec256_private_t *private, sgx_ec256_public_t *public) {
+    // handle missing sealed data
+    if((sealed == NULL) || (sealed_size == 0))
         return SGX_ERROR_UNEXPECTED;
-    
+
     // calculate public_key size and return error for unexpected results
     uint32_t pk_size = sgx_get_add_mac_txt_len((const sgx_sealed_data_t *)sealed);
     uint32_t sk_size = sgx_get_encrypt_txt_len((const sgx_sealed_data_t *)sealed);
@@ -66,44 +105,97 @@ sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t
         free(sk);
         return status;
     }
-    
-    // copy public key into return buffers
-    if((gx != NULL) && (gy != NULL)) {
-        memcpy(gx, pk, SGX_ECP256_KEY_SIZE);
-        memcpy(gy, pk + SGX_ECP256_KEY_SIZE, SGX_ECP256_KEY_SIZE);
+
+    // copy buffers into key structs
+    if(public != NULL) {
+        memcpy(public->gx, pk, SGX_ECP256_KEY_SIZE);
+        memcpy(public->gy, pk + SGX_ECP256_KEY_SIZE, SGX_ECP256_KEY_SIZE);
+    }
+    if (private != NULL) {
+        memcpy(private->r, sk, SGX_ECP256_KEY_SIZE);
     }
 
-    // free allocated memory and return success
+    // free temporary buffers
     free(pk);
     free(sk);
+
+    // return success
     return SGX_SUCCESS;
 }
 
-sgx_status_t sign_firmware(uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size) {
+sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) {
+    // return if no sealed data provided
+    if(sealed == NULL)
+        return SGX_ERROR_UNEXPECTED;
+
+    // unseal public key
+    sgx_ec256_public_t public;
+    if(unseal_key_pair(sealed, sealed_size, NULL, &public) != SGX_SUCCESS) {
+        return SGX_ERROR_UNEXPECTED;
+    }
+
+    // copy public key into return buffers
+    if((gx != NULL) && (gy != NULL)) {
+        memcpy(gx, public.gx, SGX_ECP256_KEY_SIZE);
+        memcpy(gy, public.gy, SGX_ECP256_KEY_SIZE);
+    }
+
+    return SGX_SUCCESS;
+}
+
+sgx_status_t sign_firmware(const uint8_t *sealed, size_t sealed_size, uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size) {
+    // handle missing sealed buffer
+    if((sealed == NULL) || (sealed_size == 0)) {
+        return SGX_ERROR_UNEXPECTED;
+    }
+    
+    // handle missing firmware buffer
+    if((data == NULL) || (data_size == 0)) {
+        return SGX_ERROR_UNEXPECTED;
+    }
+
+    // declare need structures
     sgx_ecc_state_handle_t ecc_handle;
     sgx_ec256_private_t private;
     sgx_ec256_public_t public;
 
+    // open ecc handle
     sgx_status_t status;
     if((status = sgx_ecc256_open_context(&ecc_handle)) != SGX_SUCCESS) {
         return status;
     }
+
+    // try unseal keypair
+    sgx_status_t seal_status;
+    if(seal_status = unseal_key_pair(sealed, &sealed_size, &private, NULL) != SGX_SUCCESS) {
+        if((status = sgx_ecc256_create_key_pair(&private, &public, ecc_handle)) != SGX_SUCCESS) {
+            sgx_ecc256_close_context(ecc_handle);
+            return status;
+        }
+    }
     
-    if((status = sgx_ecc256_create_key_pair(&private, &public, ecc_handle)) != SGX_SUCCESS) {
-        sgx_ecc256_close_context(ecc_handle);
-        return status;
-    }  
-    
+    // create signature
     sgx_ec256_signature_t ecc_signature;
     if((status = sgx_ecdsa_sign(data, data_size, &private, &ecc_signature, ecc_handle)) != SGX_SUCCESS) {
         sgx_ecc256_close_context(ecc_handle);
         return status;
     }
     
+    // copy signature to return buffer
+    // TODO: endian swap
+    if((signature == NULL) || (signature_size == 0)) {
+        sgx_ecc256_close_context(ecc_handle);
+        return SGX_ERROR_UNEXPECTED;
+    }
     memcpy(signature, ecc_signature.x, SGX_ECP256_KEY_SIZE);
     memcpy(signature + SGX_ECP256_KEY_SIZE, ecc_signature.y, SGX_ECP256_KEY_SIZE);
-    //signature_size = 2 * SGX_ECP256_KEY_SIZE;
+    
+    if(seal_status != SGX_SUCCESS) {
+        seal_status = seal_key_pair(&private, &public, sealed, &sealed_size);
+        // TODO: return sealed keypair
+    }
 
+    // close ecc handle and return success
     sgx_ecc256_close_context(ecc_handle);
-    return SGX_SUCCESS;
-}
\ No newline at end of file
+    return seal_status;
+}
diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl b/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl
index b838f35..1764531 100644
--- a/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl	
+++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.edl	
@@ -41,7 +41,7 @@ enclave {
     
     trusted {
         public sgx_status_t public_key([in, size=sealed_size]const uint8_t *sealed, size_t sealed_size, [out]uint8_t *gx, [out]uint8_t *gy);
-        public sgx_status_t sign_firmware([in, size=data_size]uint8_t *data, size_t data_size, [out, size=signature_size]uint8_t *signature, size_t signature_size);
+        public sgx_status_t sign_firmware([in, size=data_size]const uint8_t *sealed, size_t sealed_size, [in, size=data_size]uint8_t *data, size_t data_size, [out, size=signature_size]uint8_t *signature, size_t signature_size);
     };
 
     /* 
@@ -50,6 +50,6 @@ enclave {
      *  [string]: specifies 'str' is a NULL terminated buffer.
      */
     untrusted {
-        int read_file([in, string] path_to_file, [out, size=bsize] uint8_t *buffer, size_t bsize);
+        
     };
 };
\ No newline at end of file
diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.h b/Assignment 7 - SGX Hands-on/src/enclave/enclave.h
index cc59694..9a6fb95 100644
--- a/Assignment 7 - SGX Hands-on/src/enclave/enclave.h	
+++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.h	
@@ -34,10 +34,12 @@
 #define _ENCLAVE_H_
 
 #include <stdlib.h>
+#include <stdint.h>
 #include <assert.h>
+#include <stdio.h>
 #include <sgx_error.h>
 
-sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy);
-sgx_status_t sign_firmware(uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size);
+sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy); 
+sgx_status_t sign_firmware(const uint8_t *sealed, size_t sealed_size, uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size);
 
 #endif /* !_ENCLAVE_H_ */
\ No newline at end of file