[Assignment-7] add prototype 'sgx_status_t public_key'
This commit is contained in:
Sascha Tommasone
parent
07254a8036
commit
7ef4e42ef9
3 changed files with 40 additions and 7 deletions
|
|
@ -3,11 +3,44 @@
|
|||
#include <sgx_error.h>
|
||||
#include <sgx_tcrypto.h>
|
||||
|
||||
const unsigned char *secretkey_file = "/var/signrelay/sk";
|
||||
const unsigned char *publickey_file = "/var/signrelay/pk";
|
||||
sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) {
|
||||
// return if no sealed data provided
|
||||
if(sealed == NULL)
|
||||
return SGX_ERROR_UNEXPECTED;
|
||||
|
||||
sgx_status_t public_key(uint8_t *gx, uint8_t *gy) {
|
||||
// TODO
|
||||
// calculate public_key size and return error for unexpected results
|
||||
uint32_t pk_size = sgx_get_add_mac_txt_len((const sgx_sealed_data_t *)sealed);
|
||||
uint32_t sk_size = sgx_get_encrypt_txt_len((const sgx_sealed_data_t *)sealed);
|
||||
if ((pk_size != 2*SGX_ECP256_KEY_SIZE) || (sk_size != SGX_ECP256_KEY_SIZE))
|
||||
return SGX_ERROR_UNEXPECTED;
|
||||
|
||||
// allocate memory for public and secret key
|
||||
uint8_t *pk =(uint8_t *)malloc(pk_size);
|
||||
uint8_t *sk =(uint8_t *)malloc(pk_size);
|
||||
if((pk == NULL) || (sk == NULL)) {
|
||||
free(pk);
|
||||
free(sk);
|
||||
return SGX_ERROR_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
// unseal ecc key pair
|
||||
sgx_status_t status = sgx_unseal_data((const sgx_sealed_data_t *)sealed, pk, &pk_size, sk, &sk_size);
|
||||
if (status != SGX_SUCCESS) {
|
||||
free(pk);
|
||||
free(sk);
|
||||
return status;
|
||||
}
|
||||
|
||||
// copy public key into return buffers
|
||||
if((gx != NULL) && (gy != NULL)) {
|
||||
memcpy(gx, pk, SGX_ECP256_KEY_SIZE);
|
||||
memcpy(gy, pk + SGX_ECP256_KEY_SIZE, SGX_ECP256_KEY_SIZE);
|
||||
}
|
||||
|
||||
// free allocated memory and return success
|
||||
free(pk);
|
||||
free(sk);
|
||||
return SGX_SUCCESS;
|
||||
}
|
||||
|
||||
sgx_status_t sign_firmware(uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size) {
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ enclave {
|
|||
*/
|
||||
|
||||
trusted {
|
||||
public sgx_status_t public_key([out]uint8_t *gx, [out]uint8_t *gy);
|
||||
public sgx_status_t public_key([in, size=sealed_size]const uint8_t *sealed, size_t sealed_size, [out]uint8_t *gx, [out]uint8_t *gy);
|
||||
public sgx_status_t sign_firmware([in, size=data_size]uint8_t *data, size_t data_size, [out, size=signature_size]uint8_t *signature, size_t signature_size);
|
||||
};
|
||||
|
||||
|
|
@ -50,6 +50,6 @@ enclave {
|
|||
* [string]: specifies 'str' is a NULL terminated buffer.
|
||||
*/
|
||||
untrusted {
|
||||
|
||||
int read_file([in, string] path_to_file, [out, size=bsize] uint8_t *buffer, size_t bsize);
|
||||
};
|
||||
};
|
||||
|
|
@ -37,7 +37,7 @@
|
|||
#include <assert.h>
|
||||
#include <sgx_error.h>
|
||||
|
||||
sgx_status_t public_key(uint8_t *gx, uint8_t *gy);
|
||||
sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy);
|
||||
sgx_status_t sign_firmware(uint8_t *data, size_t data_size, uint8_t *signature, size_t signature_size);
|
||||
|
||||
#endif /* !_ENCLAVE_H_ */
|
||||
Loading…
Reference in a new issue