RubNoobs/Systemsicherheit
RubNoobs/Systemsicherheit
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[Assignment-7] unseal_key_pair: removed dynamic memory allocations; removed unused parameter; improved error handling

Browse source
This commit is contained in:
Sascha Tommasone 2024-07-02 23:12:59 +02:00
parent 04c74e2dc2
commit 5aad77ef33
Signed by: saschato
GPG key ID: 751068A86FCAA217
1 changed files with 13 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
Assignment 7 - SGX Hands-on/src/enclave/enclave.c
View file

@ -92,49 +92,39 @@ sgx_status_t seal_key_pair(sgx_ec256_private_t *private, sgx_ec256_public_t *pub
return sgx_seal_data(PK_SIZE, (const uint8_t *)pk, SK_SIZE, (const uint8_t *)sk, size, (sgx_sealed_data_t *) *sealed); return sgx_seal_data(PK_SIZE, (const uint8_t *)pk, SK_SIZE, (const uint8_t *)sk, size, (sgx_sealed_data_t *) *sealed);
} }
sgx_status_t unseal_key_pair(uint8_t *sealed, uint32_t *sealed_size, sgx_ec256_private_t *private, sgx_ec256_public_t *public) { sgx_status_t unseal_key_pair(const uint8_t *sealed, sgx_ec256_private_t *private, sgx_ec256_public_t *public) {
// handle missing sealed data // invalid parameter handling
if((sealed == NULL) || (sealed_size == 0)) if(sealed == NULL) {
return SGX_ERROR_UNEXPECTED; return SGX_ERROR_INVALID_PARAMETER;
}
// allocate temporary buffers on stack
uint8_t pk[PK_SIZE] = {0};
uint8_t sk[SK_SIZE] = {0};
// calculate public_key size and return error for unexpected results // calculate public_key size and return error for unexpected results
uint32_t pk_size = sgx_get_add_mac_txt_len((const sgx_sealed_data_t *)sealed); uint32_t pk_size = sgx_get_add_mac_txt_len((const sgx_sealed_data_t *)sealed);
uint32_t sk_size = sgx_get_encrypt_txt_len((const sgx_sealed_data_t *)sealed); uint32_t sk_size = sgx_get_encrypt_txt_len((const sgx_sealed_data_t *)sealed);
if ((pk_size != 2*SGX_ECP256_KEY_SIZE) || (sk_size != SGX_ECP256_KEY_SIZE)) if ((pk_size != PK_SIZE) || (sk_size != SK_SIZE)) {
return SGX_ERROR_UNEXPECTED; return SGX_ERROR_UNEXPECTED;
// allocate memory for public and secret key
uint8_t *pk =(uint8_t *)malloc(pk_size);
uint8_t *sk =(uint8_t *)malloc(pk_size);
if((pk == NULL) || (sk == NULL)) {
free(pk);
free(sk);
return SGX_ERROR_OUT_OF_MEMORY;
} }
// unseal ecc key pair // unseal ecc key pair
sgx_status_t status = sgx_unseal_data((const sgx_sealed_data_t *)sealed, pk, &pk_size, sk, &sk_size); sgx_status_t status = sgx_unseal_data((const sgx_sealed_data_t *)sealed, pk, &pk_size, sk, &sk_size);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
free(pk);
free(sk);
return status; return status;
} }
// copy buffers into key structs // copy buffers into key structs
if(public != NULL) { if(public != NULL) {
memcpy(public->gx, pk, SGX_ECP256_KEY_SIZE); memcpy(public->gx, pk, PK_SIZE);
memcpy(public->gy, pk + SGX_ECP256_KEY_SIZE, SGX_ECP256_KEY_SIZE);
} }
if (private != NULL) { if (private != NULL) {
memcpy(private->r, sk, SGX_ECP256_KEY_SIZE); memcpy(private->r, sk, SK_SIZE);
} }
// free temporary buffers
free(pk);
free(sk);
// return success // return success
return SGX_SUCCESS; return status;
} }
sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) { sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) {