[Assignment-7] add SGX sample code from VM

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/AbstractNetworkOps.cpp

@@ -0,0 +1,121 @@
+#include "AbstractNetworkOps.h"
+#include <boost/lexical_cast.hpp>
+#include <boost/algorithm/string.hpp>
+
+using namespace util;
+
+AbstractNetworkOps::AbstractNetworkOps(boost::asio::io_service& io_service, boost::asio::ssl::context& context) : socket_(io_service, context) {}
+
+AbstractNetworkOps::~AbstractNetworkOps() {}
+
+
+AbstractNetworkOps::ssl_socket::lowest_layer_type& AbstractNetworkOps::socket() {
+    return socket_.lowest_layer();
+}
+
+
+void AbstractNetworkOps::saveCloseSocket() {
+    boost::system::error_code ec;
+
+    socket_.lowest_layer().cancel();
+
+    if (ec) {
+        stringstream ss;
+        Log("Socket shutdown error: %s", ec.message());
+    } else {
+        socket_.lowest_layer().close();
+    }
+}
+
+
+void AbstractNetworkOps::read() {
+    char buffer_header[20];
+    memset(buffer_header, '\0', 20);
+
+    boost::system::error_code ec;
+    int read = boost::asio::read(socket_, boost::asio::buffer(buffer_header, 20), ec);
+
+    if (ec) {
+        if ((boost::asio::error::eof == ec) || (boost::asio::error::connection_reset == ec)) {
+            Log("Connection has been closed by remote host");
+        } else {
+            Log("Unknown socket error while reading occured!", log::error);
+        }
+    } else {
+        vector<string> incomming;
+        boost::split(incomming, buffer_header, boost::is_any_of("@"));
+
+        int msg_size = boost::lexical_cast<int>(incomming[0]);
+        int type = boost::lexical_cast<int>(incomming[1]);
+
+        char *buffer = (char*) malloc(sizeof(char) * msg_size);
+        memset(buffer, '\0', sizeof(char)*msg_size);
+
+        read = boost::asio::read(socket_, boost::asio::buffer(buffer, msg_size));
+
+        process_read(buffer, msg_size, type);
+    }
+}
+
+
+void AbstractNetworkOps::send(vector<string> v) {
+    string type = v[0];
+    string msg = v[1];
+
+    if (msg.size() > 0) {
+        const char *msg_c = msg.c_str();
+        int msg_length = msg.size();
+
+        string header = to_string(msg_length) + "@" + type;
+
+        char buffer_header[20];
+        memset(buffer_header, '\0', 20);
+        memcpy(buffer_header, header.c_str(), header.length());
+
+        boost::asio::write(socket_, boost::asio::buffer(buffer_header, 20));
+
+        char *buffer_msg = (char*) malloc(sizeof(char) * msg_length);
+
+        memset(buffer_msg, '\0', sizeof(char) * msg_length);
+        memcpy(buffer_msg, msg_c, msg_length);
+
+        boost::asio::write(socket_, boost::asio::buffer(buffer_msg, msg_length));
+
+        free(buffer_msg);
+
+        this->read();
+    } else {
+        this->saveCloseSocket();
+    }
+}
+
+
+void AbstractNetworkOps::setCallbackHandler(CallbackHandler cb) {
+    this->callback_handler = cb;
+}
+
+
+void AbstractNetworkOps::process_read(char* buffer, int msg_size, int type) {
+    std::string str(reinterpret_cast<const char*>(buffer), msg_size);
+
+    free(buffer);
+
+    auto msg = this->callback_handler(str, type);
+
+    if (msg.size() == 2 && msg[0].size() > 0 && msg[1].size() > 0) {
+        Log("Send to client");
+        send(msg);
+    } else {
+        Log("Close connection");
+        this->saveCloseSocket();
+    }
+}
+
+
+
+
+
+
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/AbstractNetworkOps.h

@@ -0,0 +1,55 @@
+#ifndef ABSTRACTNETWORKOPS_H
+#define ABSTRACTNETWORKOPS_H
+
+#include "LogBase.h"
+
+#include <vector>
+#include <cstdlib>
+#include <iostream>
+#include <boost/bind.hpp>
+#include <boost/asio.hpp>
+#include <boost/asio/ssl.hpp>
+#include <boost/asio/ip/tcp.hpp>
+#include <functional>
+#include <boost/asio/buffer.hpp>
+#include <boost/asio.hpp>
+#include <boost/algorithm/string.hpp>
+
+using namespace std;
+
+typedef function<vector<string>(string, int)> CallbackHandler;
+
+class AbstractNetworkOps {
+
+    typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
+
+public:
+    AbstractNetworkOps();
+    AbstractNetworkOps(boost::asio::io_service& io_service, boost::asio::ssl::context& context);
+    virtual ~AbstractNetworkOps();
+    ssl_socket::lowest_layer_type& socket();
+    void setCallbackHandler(CallbackHandler cb);
+
+protected:
+    ssl_socket socket_;
+    enum { max_length = 1024 };
+    CallbackHandler callback_handler = NULL;
+
+protected:
+    void read();
+    void send(vector<string>);
+    void process_read(char* buffer, int size, int type);
+
+private:
+    void saveCloseSocket();
+
+};
+
+
+#endif
+
+
+
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/Client.cpp

@@ -0,0 +1,72 @@
+#include "Client.h"
+#include "LogBase.h"
+#include "Network_def.h"
+#include "Messages.pb.h"
+
+#include <boost/lexical_cast.hpp>
+
+using namespace util;
+
+Client::Client(boost::asio::io_service& io_service,
+               boost::asio::ssl::context& context,
+               boost::asio::ip::tcp::resolver::iterator endpoint_iterator) : AbstractNetworkOps(io_service, context) {
+    socket_.set_verify_mode(boost::asio::ssl::verify_peer);
+    socket_.set_verify_callback(boost::bind(&Client::verify_certificate, this, _1, _2));
+
+    this->endpoint_iterator = endpoint_iterator;
+}
+
+Client::~Client() {}
+
+
+void Client::startConnection() {
+    Log("Start connecting...");
+
+    boost::system::error_code ec;
+    boost::asio::connect(socket_.lowest_layer(), this->endpoint_iterator, ec);
+
+    handle_connect(ec);
+}
+
+
+bool Client::verify_certificate(bool preverified, boost::asio::ssl::verify_context& ctx) {
+    char subject_name[256];
+    X509* cert = X509_STORE_CTX_get_current_cert(ctx.native_handle());
+    X509_NAME_oneline(X509_get_subject_name(cert), subject_name, 256);
+
+    Log("Verifying certificate: %s", subject_name);
+
+    return preverified;
+}
+
+
+void Client::handle_connect(const boost::system::error_code &error) {
+    if (!error) {
+        Log("Connection established");
+
+        boost::system::error_code ec;
+        socket_.handshake(boost::asio::ssl::stream_base::client, ec);
+
+        handle_handshake(ec);
+    } else {
+        Log("Connect failed: %s", error.message(), log::error);
+    }
+}
+
+
+void Client::handle_handshake(const boost::system::error_code& error) {
+    if (!error) {
+        Log("Handshake successful");
+
+        auto ret = this->callback_handler("", -1);
+        send(ret);
+    } else {
+        Log("Handshake failed: %s", error.message(), log::error);
+    }
+}
+
+
+
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/Client.h

@@ -0,0 +1,25 @@
+#ifndef CLIENT_H
+#define CLIENT_H
+
+#include "AbstractNetworkOps.h"
+
+using namespace std;
+
+class Client : public AbstractNetworkOps {
+
+public:
+    Client(boost::asio::io_service& io_service, boost::asio::ssl::context& context, boost::asio::ip::tcp::resolver::iterator endpoint_iterator);
+
+    virtual ~Client();
+    bool verify_certificate(bool preverified, boost::asio::ssl::verify_context& ctx);
+    void handle_connect(const boost::system::error_code& error);
+    void handle_handshake(const boost::system::error_code& error);
+
+    void startConnection();
+
+private:
+    boost::asio::ip::tcp::resolver::iterator endpoint_iterator;
+
+};
+
+#endif

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/NetworkManager.cpp

@@ -0,0 +1,24 @@
+#include "NetworkManager.h"
+
+NetworkManager::NetworkManager() {}
+
+NetworkManager::~NetworkManager() {}
+
+
+void NetworkManager::setPort(int port) {
+    this->port = port;
+}
+
+
+void NetworkManager::printMsg(bool send, const char* msg) {
+    string s(msg);
+    replace(s.begin(), s.end(), '\n', '-');
+    if (send)
+        Log("Send msg: '%s'", s);
+    else
+        Log("Received msg: '%s'", s);
+}
+
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/NetworkManager.h

@@ -0,0 +1,61 @@
+#ifndef NETWORKMANAGER_H
+#define NETWORKMANAGER_H
+
+#include "Server.h"
+#include "Client.h"
+#include "LogBase.h"
+#include "Network_def.h"
+
+#include <string>
+#include <stdio.h>
+#include <limits.h>
+#include <unistd.h>
+#include <functional>
+#include <iostream>
+#include <algorithm>
+
+using namespace std;
+using namespace util;
+
+class NetworkManager {
+
+    typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
+
+public:
+    NetworkManager();
+    virtual ~NetworkManager();
+    void sendMsg();
+    void Init();
+    void setPort(int port);
+    void printMsg(bool send, const char* msg);
+
+    template <typename T>
+    string serialize(T msg) {
+        string s;
+        if (msg.SerializeToString(&s)) {
+            Log("Serialization successful");
+            return s;
+        } else {
+            Log("Serialization failed", log::error);
+            return "";
+        }
+    }
+
+public:
+    boost::asio::io_service io_service;
+    int port;
+};
+
+
+#endif
+
+
+
+
+
+
+
+
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/NetworkManagerClient.cpp

@@ -0,0 +1,75 @@
+#include "NetworkManagerClient.h"
+#include "../GeneralSettings.h"
+
+NetworkManagerClient* NetworkManagerClient::instance = NULL;
+
+NetworkManagerClient::NetworkManagerClient() {}
+
+
+void NetworkManagerClient::Init() {
+    if (client) {
+        delete client;
+        client = NULL;
+    }
+
+    boost::asio::ip::tcp::resolver resolver(this->io_service);
+    boost::asio::ip::tcp::resolver::query query(this->host, std::to_string(this->port).c_str());
+    boost::asio::ip::tcp::resolver::iterator iterator = resolver.resolve(query);
+
+    boost::asio::ssl::context ctx(boost::asio::ssl::context::sslv23);
+    ctx.load_verify_file(Settings::server_crt);
+
+    this->client = new Client(io_service, ctx, iterator);
+}
+
+
+NetworkManagerClient* NetworkManagerClient::getInstance(int port,  std::string host) {
+    if (instance == NULL) {
+        instance = new NetworkManagerClient();
+        instance->setPort(port);
+        instance->setHost(host);
+    }
+
+    return instance;
+}
+
+
+void NetworkManagerClient::startService() {
+    this->client->startConnection();
+}
+
+
+void NetworkManagerClient::setHost(std::string host) {
+    this->host = host;
+}
+
+
+void NetworkManagerClient::connectCallbackHandler(CallbackHandler cb) {
+    this->client->setCallbackHandler(cb);
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/NetworkManagerClient.h

@@ -0,0 +1,22 @@
+#include "NetworkManager.h"
+
+class NetworkManagerClient : public NetworkManager {
+
+public:
+    static NetworkManagerClient* getInstance(int port, std::string host = "localhost");
+    void Init();
+    void connectCallbackHandler(CallbackHandler cb);
+    void startService();
+    void setHost(std::string host);
+
+private:
+    NetworkManagerClient();
+
+private:
+    static NetworkManagerClient* instance;
+    std::string host;
+    Client *client = NULL;
+};
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/NetworkManagerServer.cpp

@@ -0,0 +1,33 @@
+#include "NetworkManagerServer.h"
+
+NetworkManagerServer* NetworkManagerServer::instance = NULL;
+
+NetworkManagerServer::NetworkManagerServer() {}
+
+
+void NetworkManagerServer::Init() {
+    this->server = new Server(this->io_service, this->port);
+}
+
+
+NetworkManagerServer* NetworkManagerServer::getInstance(int port) {
+    if (instance == NULL) {
+        instance = new NetworkManagerServer();
+        instance->setPort(port);
+    }
+
+    return instance;
+}
+
+
+void NetworkManagerServer::startService() {
+    this->server->start_accept();
+    this->io_service.run();
+}
+
+
+void NetworkManagerServer::connectCallbackHandler(CallbackHandler cb) {
+    this->server->connectCallbackHandler(cb);
+}
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/NetworkManagerServer.h

@@ -0,0 +1,21 @@
+#include "NetworkManager.h"
+
+class NetworkManagerServer : public NetworkManager {
+
+public:
+    static NetworkManagerServer* getInstance(int port);
+    void Init();
+    void connectCallbackHandler(CallbackHandler cb);
+    void startService();
+
+private:
+    NetworkManagerServer();
+
+private:
+    static NetworkManagerServer* instance;
+    Server *server = NULL;
+
+};
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/Network_def.h

@@ -0,0 +1,42 @@
+#ifndef NETWORK_DEF_H
+#define NETWORK_DEF_H
+
+#define MAX_VERIFICATION_RESULT 2
+
+typedef enum _ra_msg_types {
+    RA_MSG0,
+    RA_MSG1,
+    RA_MSG2,
+    RA_MSG3,
+    RA_ATT_RESULT,
+    RA_VERIFICATION,
+    RA_APP_ATT_OK
+} ra_msg_types;
+
+
+typedef enum _ra_msg {
+    TYPE_OK,
+    TYPE_TERMINATE
+} ra_msg;
+
+
+#pragma pack(1)
+typedef struct _ra_samp_request_header_t {
+    uint8_t  type;     /* set to one of ra_msg_type_t*/
+    uint32_t size;     /*size of request body*/
+    uint8_t  align[3];
+    uint8_t body[];
+} ra_samp_request_header_t;
+
+typedef struct _ra_samp_response_header_t {
+    uint8_t  type;      /* set to one of ra_msg_type_t*/
+    uint8_t  status[2];
+    uint32_t size;      /*size of the response body*/
+    uint8_t  align[1];
+    uint8_t  body[];
+} ra_samp_response_header_t;
+
+#pragma pack()
+
+
+#endif

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/Server.cpp

@@ -0,0 +1,53 @@
+#include "Server.h"
+#include "../GeneralSettings.h"
+
+using namespace util;
+
+Server::Server(boost::asio::io_service& io_service, int port) : io_service_(io_service), acceptor_(io_service,
+            boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v4(), port)),
+    context_(boost::asio::ssl::context::sslv23) {
+
+    this->context_.set_options(boost::asio::ssl::context::default_workarounds
+                               | boost::asio::ssl::context::no_sslv2
+                               | boost::asio::ssl::context::single_dh_use);
+
+    this->context_.use_certificate_chain_file(Settings::server_crt);
+    this->context_.use_private_key_file(Settings::server_key, boost::asio::ssl::context::pem);
+
+    Log("Certificate \"" + Settings::server_crt + "\" set");
+    Log("Server running on port: %d", port);
+}
+
+
+Server::~Server() {}
+
+
+void Server::start_accept() {
+    Session *new_session = new Session(io_service_, context_);
+    new_session->setCallbackHandler(this->callback_handler);
+    acceptor_.async_accept(new_session->socket(), boost::bind(&Server::handle_accept, this, new_session, boost::asio::placeholders::error));
+}
+
+
+void Server::handle_accept(Session* new_session, const boost::system::error_code& error) {
+    if (!error) {
+        Log("New accept request, starting new session");
+        new_session->start();
+    } else {
+        delete new_session;
+    }
+
+    start_accept();
+}
+
+void Server::connectCallbackHandler(CallbackHandler cb) {
+    this->callback_handler = cb;
+}
+
+
+
+
+
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/Server.h

@@ -0,0 +1,36 @@
+#ifndef SERVER_H
+#define SERVER_H
+
+#include "Session.h"
+#include "LogBase.h"
+
+#include <cstdlib>
+#include <iostream>
+#include <boost/bind.hpp>
+#include <boost/asio.hpp>
+#include <boost/asio/ssl.hpp>
+
+
+class Server {
+
+    typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
+
+public:
+    Server(boost::asio::io_service& io_service, int port);
+    virtual ~Server();
+    std::string get_password() const;
+    void handle_accept(Session* new_session, const boost::system::error_code& error);
+    void start_accept();
+    void connectCallbackHandler(CallbackHandler cb);
+
+private:
+    boost::asio::io_service& io_service_;
+    boost::asio::ip::tcp::acceptor acceptor_;
+    boost::asio::ssl::context context_;
+    CallbackHandler callback_handler;
+};
+
+
+#endif
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/Session.cpp

@@ -0,0 +1,33 @@
+#include "Session.h"
+
+#include <boost/lexical_cast.hpp>
+
+using namespace util;
+
+Session::Session(boost::asio::io_service& io_service, boost::asio::ssl::context& context) : AbstractNetworkOps(io_service, context) {}
+
+Session::~Session() {}
+
+
+void Session::start() {
+    Log("Connection from %s", socket().remote_endpoint().address().to_string());
+
+    socket_.async_handshake(boost::asio::ssl::stream_base::server,
+                            boost::bind(&Session::handle_handshake, this,
+                                        boost::asio::placeholders::error));
+}
+
+
+void Session::handle_handshake(const boost::system::error_code& error) {
+    if (!error) {
+        Log("Handshake successful");
+        this->read();
+    } else {
+        Log("Handshake was not successful: %s", error.message(), log::error);
+        delete this;
+    }
+}
+
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/Session.h

@@ -0,0 +1,27 @@
+#ifndef SESSION_H
+#define SESSION_H
+
+#include "AbstractNetworkOps.h"
+
+using namespace std;
+
+class Session : public AbstractNetworkOps {
+
+    typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
+
+public:
+    Session(boost::asio::io_service& io_service, boost::asio::ssl::context& context);
+    virtual ~Session();
+    void start();
+    void handle_handshake(const boost::system::error_code& error);
+
+};
+
+
+#endif
+
+
+
+
+
+

Assignment 7 - SGX Hands-on/SGX101_sample_code-master/RemoteAttestation/Networking/remote_attestation_result.h

@@ -0,0 +1,72 @@
+#ifndef _REMOTE_ATTESTATION_RESULT_H_
+#define _REMOTE_ATTESTATION_RESULT_H_
+
+#include <stdint.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define SAMPLE_MAC_SIZE             16  /* Message Authentication Code*/
+/* - 16 bytes*/
+typedef uint8_t                     sample_mac_t[SAMPLE_MAC_SIZE];
+
+#ifndef SAMPLE_FEBITSIZE
+#define SAMPLE_FEBITSIZE        256
+#endif
+
+#define SAMPLE_NISTP256_KEY_SIZE    (SAMPLE_FEBITSIZE/ 8 /sizeof(uint32_t))
+
+typedef struct sample_ec_sign256_t {
+    uint32_t x[SAMPLE_NISTP256_KEY_SIZE];
+    uint32_t y[SAMPLE_NISTP256_KEY_SIZE];
+} sample_ec_sign256_t;
+
+#pragma pack(push,1)
+
+#define SAMPLE_SP_TAG_SIZE          16
+
+typedef struct sp_aes_gcm_data_t {
+    uint32_t        payload_size;       /*  0: Size of the payload which is*/
+    /*     encrypted*/
+    uint8_t         reserved[12];       /*  4: Reserved bits*/
+    uint8_t         payload_tag[SAMPLE_SP_TAG_SIZE];
+    /* 16: AES-GMAC of the plain text,*/
+    /*     payload, and the sizes*/
+    uint8_t         payload[];          /* 32: Ciphertext of the payload*/
+    /*     followed by the plain text*/
+} sp_aes_gcm_data_t;
+
+
+#define ISVSVN_SIZE 2
+#define PSDA_SVN_SIZE 4
+#define GID_SIZE 4
+#define PSVN_SIZE 18
+
+/* @TODO: Modify at production to use the values specified by an Production*/
+/* attestation server API*/
+typedef struct ias_platform_info_blob_t {
+    uint8_t sample_epid_group_status;
+    uint16_t sample_tcb_evaluation_status;
+    uint16_t pse_evaluation_status;
+    uint8_t latest_equivalent_tcb_psvn[PSVN_SIZE];
+    uint8_t latest_pse_isvsvn[ISVSVN_SIZE];
+    uint8_t latest_psda_svn[PSDA_SVN_SIZE];
+    uint8_t performance_rekey_gid[GID_SIZE];
+    sample_ec_sign256_t signature;
+} ias_platform_info_blob_t;
+
+
+typedef struct sample_ra_att_result_msg_t {
+    ias_platform_info_blob_t    platform_info_blob;
+    sample_mac_t                mac;    /* mac_smk(attestation_status)*/
+    sp_aes_gcm_data_t           secret;
+} sample_ra_att_result_msg_t;
+
+#pragma pack(pop)
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif