[Assignment-7] improved error handling; add (un)sealing prototypes

Assignment 7 - SGX Hands-on/src/enclave/enclave.c

@@ -1,8 +1,47 @@
+/*
+ * Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in
+ *     the documentation and/or other materials provided with the
+ *     distribution.
+ *   * Neither the name of Intel Corporation nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdarg.h>
+#include <stdio.h>      /* vsnprintf */
+#include <string.h>
+#include <stdlib.h>
+
 #include "Enclave.h"
 #include "Enclave_t.h"
+#include <sgx_tseal.h>
 #include <sgx_error.h>
 #include <sgx_tcrypto.h>
 
+
 sgx_status_t seal_key_pair(sgx_ec256_private_t *private, sgx_ec256_public_t *public, uint8_t *sealed, uint32_t *sealed_size) {
     // handle missing keypair
     if((private == NULL) || (public == NULL))
@@ -39,9 +78,9 @@ sgx_status_t seal_key_pair(sgx_ec256_private_t *private, sgx_ec256_public_t *pub
     return SGX_SUCCESS;
 }
 
-sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) {
+sgx_status_t unseal_key_pair(uint8_t *sealed, uint32_t *sealed_size, sgx_ec256_private_t *private, sgx_ec256_public_t *public) {
-    // return if no sealed data provided
+    // handle missing sealed data
-    if(sealed == NULL)
+    if((sealed == NULL) || (sealed_size == 0))
         return SGX_ERROR_UNEXPECTED;
 
     // calculate public_key size and return error for unexpected results
@@ -67,43 +106,96 @@ sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t
         return status;
     }
 
-    // copy public key into return buffers
+    // copy buffers into key structs
-    if((gx != NULL) && (gy != NULL)) {
+    if(public != NULL) {
-        memcpy(gx, pk, SGX_ECP256_KEY_SIZE);
+        memcpy(public->gx, pk, SGX_ECP256_KEY_SIZE);
-        memcpy(gy, pk + SGX_ECP256_KEY_SIZE, SGX_ECP256_KEY_SIZE);
+        memcpy(public->gy, pk + SGX_ECP256_KEY_SIZE, SGX_ECP256_KEY_SIZE);
+    }
+    if (private != NULL) {
+        memcpy(private->r, sk, SGX_ECP256_KEY_SIZE);
     }
 
-    // free allocated memory and return success
+    // free temporary buffers
     free(pk);
     free(sk);
+
+    // return success
     return SGX_SUCCESS;
 }
 
-sgx_status_t sign_firmware(uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size) {
+sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) {
+    // return if no sealed data provided
+    if(sealed == NULL)
+        return SGX_ERROR_UNEXPECTED;
+
+    // unseal public key
+    sgx_ec256_public_t public;
+    if(unseal_key_pair(sealed, sealed_size, NULL, &public) != SGX_SUCCESS) {
+        return SGX_ERROR_UNEXPECTED;
+    }
+
+    // copy public key into return buffers
+    if((gx != NULL) && (gy != NULL)) {
+        memcpy(gx, public.gx, SGX_ECP256_KEY_SIZE);
+        memcpy(gy, public.gy, SGX_ECP256_KEY_SIZE);
+    }
+
+    return SGX_SUCCESS;
+}
+
+sgx_status_t sign_firmware(const uint8_t *sealed, size_t sealed_size, uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size) {
+    // handle missing sealed buffer
+    if((sealed == NULL) || (sealed_size == 0)) {
+        return SGX_ERROR_UNEXPECTED;
+    }
+    
+    // handle missing firmware buffer
+    if((data == NULL) || (data_size == 0)) {
+        return SGX_ERROR_UNEXPECTED;
+    }
+
+    // declare need structures
     sgx_ecc_state_handle_t ecc_handle;
     sgx_ec256_private_t private;
     sgx_ec256_public_t public;
 
+    // open ecc handle
     sgx_status_t status;
     if((status = sgx_ecc256_open_context(&ecc_handle)) != SGX_SUCCESS) {
         return status;
     }
 
+    // try unseal keypair
+    sgx_status_t seal_status;
+    if(seal_status = unseal_key_pair(sealed, &sealed_size, &private, NULL) != SGX_SUCCESS) {
         if((status = sgx_ecc256_create_key_pair(&private, &public, ecc_handle)) != SGX_SUCCESS) {
             sgx_ecc256_close_context(ecc_handle);
             return status;
         }
+    }
     
+    // create signature
     sgx_ec256_signature_t ecc_signature;
     if((status = sgx_ecdsa_sign(data, data_size, &private, &ecc_signature, ecc_handle)) != SGX_SUCCESS) {
         sgx_ecc256_close_context(ecc_handle);
         return status;
     }
     
+    // copy signature to return buffer
+    // TODO: endian swap
+    if((signature == NULL) || (signature_size == 0)) {
+        sgx_ecc256_close_context(ecc_handle);
+        return SGX_ERROR_UNEXPECTED;
+    }
     memcpy(signature, ecc_signature.x, SGX_ECP256_KEY_SIZE);
     memcpy(signature + SGX_ECP256_KEY_SIZE, ecc_signature.y, SGX_ECP256_KEY_SIZE);
-    //signature_size = 2 * SGX_ECP256_KEY_SIZE;
     
-    sgx_ecc256_close_context(ecc_handle);
+    if(seal_status != SGX_SUCCESS) {
-    return SGX_SUCCESS;
+        seal_status = seal_key_pair(&private, &public, sealed, &sealed_size);
+        // TODO: return sealed keypair
+    }
+
+    // close ecc handle and return success
+    sgx_ecc256_close_context(ecc_handle);
+    return seal_status;
 }

Assignment 7 - SGX Hands-on/src/enclave/enclave.edl

@@ -41,7 +41,7 @@ enclave {
     
     trusted {
         public sgx_status_t public_key([in, size=sealed_size]const uint8_t *sealed, size_t sealed_size, [out]uint8_t *gx, [out]uint8_t *gy);
-        public sgx_status_t sign_firmware([in, size=data_size]uint8_t *data, size_t data_size, [out, size=signature_size]uint8_t *signature, size_t signature_size);
+        public sgx_status_t sign_firmware([in, size=data_size]const uint8_t *sealed, size_t sealed_size, [in, size=data_size]uint8_t *data, size_t data_size, [out, size=signature_size]uint8_t *signature, size_t signature_size);
     };
 
     /* 
@@ -50,6 +50,6 @@ enclave {
      *  [string]: specifies 'str' is a NULL terminated buffer.
      */
     untrusted {
-        int read_file([in, string] path_to_file, [out, size=bsize] uint8_t *buffer, size_t bsize);
+        
     };
 };

Assignment 7 - SGX Hands-on/src/enclave/enclave.h

@@ -34,10 +34,12 @@
 #define _ENCLAVE_H_
 
 #include <stdlib.h>
+#include <stdint.h>
 #include <assert.h>
+#include <stdio.h>
 #include <sgx_error.h>
 
 sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy); 
-sgx_status_t sign_firmware(uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size);
+sgx_status_t sign_firmware(const uint8_t *sealed, size_t sealed_size, uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size);
 
 #endif /* !_ENCLAVE_H_ */