RubNoobs/Systemsicherheit
RubNoobs/Systemsicherheit
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Assignment 7 #4

Merged
saschato merged 75 commits from Assignment-7 into master 2024-07-08 11:19:51 +02:00
Conversation 0 Commits 75 Files changed 36 -715
8 changed files with 0 additions and 715 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit fded121689 - Show all commits

195
7-SGX_Hands-on/src/app/intermediary.c
View file

@ -1,195 +0,0 @@
#include <errno.h>
#include <sgx_urts.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "intermediary.h"
#include "util.h"
#include <openssl/core_names.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#define HASH_BYTES 32
#define HASH_CHUNK_BYTES 32
#define KEY_BYTES 32
struct IntermediaryArgs {
char* key_path;
char* firmware_path;
};
/*
static int generate_key(EVP_PKEY** key) {
OSSL_PARAM key_params[2];
EVP_PKEY_CTX* gctx;
gctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
if (gctx == NULL)
return (1);
if (EVP_PKEY_keygen_init(gctx) != 1)
return (2);
key_params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, "prime256v1", 0);
key_params[1] = OSSL_PARAM_construct_end();
if (EVP_PKEY_CTX_set_params(gctx, key_params) != 1)
return (3);
if(EVP_PKEY_generate(gctx, key) != 1)
return (4);
EVP_PKEY_CTX_free(gctx);
return (0);
}
*/
char* intermediary_syntax(void) {
return
"intermediary mock up implementation of the employee binary\n"
" outputs signature on stdout\n"
" WARNING: output is in binary format, may mess up terminal\n"
" -ekey <path> file path of the PEM encoded private key of the employee\n"
" -firm <path> path of the firmware\n";
}
int handle_intermediary(int argc, char** argv) {
struct IntermediaryArgs args = {
NULL,
NULL
};
FILE* key_file = NULL;
FILE* firmware_file = NULL;
uint8_t firmware_chunk[HASH_CHUNK_BYTES];
EVP_PKEY* key = NULL;
EVP_MD_CTX *mdctx = NULL;
size_t sig_len;
unsigned char* sig = NULL;
int status = EXIT_FAILURE;
/*
* Parse Input
*/
int i = 0;
while(i < argc) {
if(strcmp(argv[i], "-ekey")==0 && argc-i >=2){
args.key_path = argv[i+1];
i += 2;
}else if(strcmp(argv[i], "-firm")==0 && argc-i >=2){
args.firmware_path = argv[i+1];
i += 2;
}else
syntax_exit();
}
if(args.key_path == NULL)
syntax_exit();
/*
* Load Signing Key
*/
key_file = fopen(args.key_path, "rb");
if(key_file == NULL){
perror("Error opening key file");
status = EXIT_FAILURE;
goto cleanup;
}
key = PEM_read_PrivateKey(key_file, &key, NULL, NULL);
if(key == NULL) {
fprintf(stderr, "failed to read key");
fclose(key_file);
status = EXIT_FAILURE;
goto cleanup;
}
fclose(key_file);
/*
* Sign Firmware
*/
firmware_file = fopen(args.firmware_path, "rb");
if(firmware_file == NULL){
perror("Error opening firmware file");
status = EXIT_FAILURE;
goto cleanup;
}
mdctx = EVP_MD_CTX_new();
if (EVP_DigestSignInit(mdctx, NULL, EVP_sha256(), NULL, key) != 1) {
fprintf(stderr, "Message digest initialization failed.\n");
fclose(firmware_file);
status = EXIT_FAILURE;
goto cleanup;
}
size_t chunk_len = HASH_CHUNK_BYTES;
while(chunk_len==HASH_CHUNK_BYTES) {
chunk_len = fread(&firmware_chunk, 1, HASH_CHUNK_BYTES, firmware_file);
if(chunk_len!=HASH_CHUNK_BYTES&&ferror(firmware_file)!=0){
perror("Failed to read firmware file");
exit(EXIT_FAILURE);
}
if (EVP_DigestSignUpdate(mdctx, firmware_chunk, chunk_len) != 1) {
printf("Message digest update failed.\n");
exit(EXIT_FAILURE);
}
}
fclose(firmware_file);
// call with empty sig to get length
if (EVP_DigestSignFinal(mdctx, NULL, &sig_len) != 1) {
printf("Message digest finalization failed.\n");
status = EXIT_FAILURE;
goto cleanup;
}
// allocate signature buffer
sig = malloc(sizeof(unsigned char) * sig_len);
if(sig == NULL){
perror("could not initialize digest buffer");
status = EXIT_FAILURE;
goto cleanup;
}
// load signature into buffer
if (EVP_DigestSignFinal(mdctx, sig, &sig_len) != 1) {
printf("Message digest finalization failed.\n");
EVP_MD_CTX_free(mdctx);
status = EXIT_FAILURE;
goto cleanup;
}
fwrite(sig, sig_len, 1, stdout);
if (ferror(stdout) != 0) {
fprintf(stdout, "failed to write signature to stdout\n");
status = EXIT_FAILURE;
goto cleanup;
}
fflush(stdout);
status = EXIT_SUCCESS;
// free all allocated resources
cleanup:
if(sig != NULL)
free(sig);
if (mdctx != NULL)
EVP_MD_CTX_free(mdctx);
if (key != NULL)
EVP_PKEY_free(key);
exit(status);
}

23
7-SGX_Hands-on/src/app/intermediary.h
View file

@ -1,23 +0,0 @@
#ifndef _APP_INTERMEDIARY_H_
#define _APP_INTERMEDIARY_H_
/*
* @brief getter for intermediary subcommand syntax string
*
* @returns null-terminated syntax string
*/
char* intermediary_syntax(void);
/*
* @brief CLI implementation for the "intermediary" subcommand
*
* @param argc number of arguments with command and subcommand stripped
* @param argv arguments with command and subcommand stripped
*
* @returns 0 on success, else error with output on stderr
*/
int handle_intermediary(int argc, char** argv);
#endif

5
7-SGX_Hands-on/src/app/intermediary_key.pem
View file

@ -1,5 +0,0 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIH0KXxaw/nRzJU5evlEJQrciYUtfJ16PILWtlA5KKh/koAoGCCqGSM49
AwEHoUQDQgAEduVQXmH1K+ocSSnv0l9PKdC2+xxPQrVyABAYGk+jlo2hugpH8aWk
nfR9cTTOLy6T7ASx3a22S6DftcTz+aZYsg==
-----END EC PRIVATE KEY-----

3
7-SGX_Hands-on/src/app/test.c
View file

@ -1,3 +0,0 @@
int main() {
return (0);
}

200
Assignment 7 - SGX Hands-on/lib/rsa.c
View file

@ -1,200 +0,0 @@
#include "rsa.h"
#include <gmp.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
static int random_prime(mpz_t prime, const size_t size) {
u8 tmp[size];
FILE *urandom = fopen("/dev/urandom", "rb");
if((urandom == NULL) || (prime == NULL))
return 0;
fread(tmp, 1, size, urandom);
mpz_import(prime, size, 1, 1, 1, 0, tmp);
mpz_nextprime(prime, prime);
fclose(urandom);
return 1;
}
static int rsa_keygen(rsa_key *key) {
// null pointer handling
if(key == NULL)
return 0;
// init bignums
mpz_init_set_ui(key->e, 65537);
mpz_inits(key->p, key->q, key->n, key->d, NULL);
// prime gen
if ((!random_prime(key->p, MODULUS_SIZE/2)) || (!random_prime(key->q, MODULUS_SIZE/2)))
return 0;
// compute n
mpz_mul(key->n, key->p, key->q);
// compute phi(n)
mpz_t phi_n; mpz_init(phi_n);
mpz_sub_ui(key->p, key->p, 1);
mpz_sub_ui(key->q, key->q, 1);
mpz_mul(phi_n, key->p, key->q);
mpz_add_ui(key->p, key->p, 1);
mpz_add_ui(key->q, key->q, 1);
// compute d
if(mpz_invert(key->d, key->e, phi_n) == 0) {
return 0;
}
// free temporary phi_n and return true
mpz_clear(phi_n);
return 1;
}
static int rsa_export(rsa_key *key) {
}
static int rsa_import(rsa_key *key) {
return 0;
}
int rsa_init(rsa_key *key) {
if(rsa_import(key)) {
return 1;
} else {
return rsa_keygen(key);
}
return 0;
}
int rsa_public_init(rsa_public_key *key) {
// null pointer handling
if(key == NULL)
return 0;
mpz_init_set_ui(key->e, 65537);
mpz_init_set_str(key->n, "", 0);
}
void rsa_free(rsa_key *key) {
// free bignums
mpz_clears(key->p, key->q, key->n, key->e, key->d, NULL);
}
void rsa_public_free(rsa_public_key *key) {
// free bignums
mpz_clears(key->e, key->n, NULL);
}
static int pkcs1(mpz_t message, const u8 *data, const size_t length) {
// temporary buffer
u8 padded_bytes[MODULUS_SIZE];
// calculate padding size (how many 0xff bytes)
size_t padding_length = MODULUS_SIZE - length - 3;
if ((padding_length < 8) || (message == NULL) || (data == NULL)) {
// message to big
// or null pointer
return 0;
}
// set padding bytes
padded_bytes[0] = 0x00;
padded_bytes[1] = 0x01;
padded_bytes[2 + padding_length] = 0x00;
for (size_t i = 2; i < padding_length + 2; i++) {
padded_bytes[i] = 0xff;
}
// copy message bytes
memcpy(padded_bytes + padding_length + 3, data, length);
// convert padded message to mpz_t
mpz_import(message, MODULUS_SIZE, 1, 1, 0, 0, padded_bytes);
return 1;
}
size_t rsa_sign(u8 *sig, const u8 *sha256, const rsa_key *key) {
// null pointer handling
if((sig == NULL) || (sha256 == NULL) || (key == NULL))
return 0;
// init bignum message
mpz_t message; mpz_init(message);
mpz_t blinder; mpz_init(blinder);
// get random blinder
random_prime(blinder, MODULUS_SIZE - 10);
// add padding
if(!pkcs1(message, sha256, 32)) {
return 0;
}
// blind
mpz_mul(message, message, blinder);
mpz_mod(message, message, key->n);
mpz_invert(blinder, blinder, key->n);
mpz_powm(blinder, blinder, key->d, key->n);
// compute signature
mpz_powm(message, message, key->d, key->n);
// unblind
mpz_mul(message, message, blinder);
mpz_mod(message, message, key->n);
// export signature
size_t size = (mpz_sizeinbase(message, 2) + 7) / 8;
mpz_export(sig, &size, 1, 1, 0, 0, message);
// free bignum and return true
mpz_clears(message, blinder, NULL);
return size;
}
int rsa_verify(const u8 *sig, const size_t sig_length, const u8 *sha256, const rsa_public_key *pk) {
// null pointer handling
if((sig == NULL) || (sha256 == NULL) || (pk == NULL))
return 0;
// initialize bignums
mpz_t signature, message;
mpz_inits(signature, message, NULL);
// import signature
mpz_import(signature, (sig_length < MODULUS_SIZE) ? sig_length : MODULUS_SIZE, 1, 1, 0, 0, sig);
// revert rsa signing process
mpz_powm(signature, signature, pk->e, pk->n);
// rebuild signed message
if(!pkcs1(message, sha256, 32))
return 0;
// compare signature with expected value
if(mpz_cmp(signature, message) != 0)
return 0;
// free bignums and return valid signature
mpz_clears(signature, message, NULL);
return 1;
}
void rsa_print(const rsa_key *key) {
gmp_printf("%Zx\n", key->p);
gmp_printf("%Zx\n", key->q);
gmp_printf("%Zx\n", key->n);
gmp_printf("%Zx\n", key->e);
gmp_printf("%Zx\n", key->d);
}
void rsa_public_print(const rsa_public_key *pk) {
gmp_printf("%Zx\n", pk->e);
gmp_printf("%Zx\n", pk->n);
}

41
Assignment 7 - SGX Hands-on/lib/rsa.h
View file

@ -1,41 +0,0 @@
#ifndef RSA_H
#define RSA_H
#include <gmp.h>
#include <stdint.h>
#ifndef MODULUS_SIZE
#define MODULUS_SIZE 256ULL
#endif
typedef uint8_t u8;
typedef uint16_t u16;
typedef uint32_t u32;
typedef uint64_t u64;
typedef struct {
mpz_t p;
mpz_t q;
mpz_t n;
mpz_t e;
mpz_t d;
} rsa_key;
typedef struct {
mpz_t e;
mpz_t n;
} rsa_public_key;
void rsa_print(const rsa_key *key);
void rsa_public_print(const rsa_public_key *pk);
int rsa_init(rsa_key *key);
void rsa_free(rsa_key *key);
int rsa_public_init(rsa_public_key *key);
void rsa_public_free(rsa_public_key *key);
size_t rsa_sign(u8 *sig, const u8 *sha256, const rsa_key *key);
int rsa_verify(const u8 *sig, const size_t sig_length, const u8 *sha256, const rsa_public_key *pk);
#endif

223
Assignment 7 - SGX Hands-on/lib/sha256.c
View file

@ -1,223 +0,0 @@
#include "sha256.h"
#include <stdio.h>
#include <string.h>
#define ROTL(x,n) ((x << n) | (x >> (32 - n)))
#define ROTR(x,n) ((x >> n) | (x << (32 - n)))
#define SHL(x,n) (x << n)
#define SHR(x,n) (x >> n)
#define Ch(x,y,z) ((x & y) ^ (~x&z))
#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
#define MSIZE 64
static inline u32 Sigma0(u32 x) {
return ROTR(x,2) ^ ROTR(x,13) ^ ROTR(x,22);
}
static inline u32 Sigma1(u32 x) {
return ROTR(x,6) ^ ROTR(x,11) ^ ROTR(x,25);
}
static inline u32 sigma0(u32 x) {
return ROTR(x,7) ^ ROTR(x,18) ^ SHR(x,3);
}
static inline u32 sigma1(u32 x) {
return ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10);
}
const u32 K[64] = {
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
};
static void initState(sha256State_t *state) {
state->H[0]=0x6a09e667;
state->H[1]=0xbb67ae85;
state->H[2]=0x3c6ef372;
state->H[3]=0xa54ff53a;
state->H[4]=0x510e527f;
state->H[5]=0x9b05688c;
state->H[6]=0x1f83d9ab;
state->H[7]=0x5be0cd19;
state->length = 0;
state->finalised = 0;
}
static void sha256Round(sha256State_t *state);
static void sha256Padding(sha256State_t *state) {
state->message[state->message_length / 4] |= 0x80 << (3 - (state->message_length % 4)) * 8;
if (state->message_length * 8 + 1 > 448) {
state->message_length = 64;
sha256Round(state);
memset(state->message, 0x00, 16*sizeof(u32));
}
state->finalised = 1;
state->length <<= 3;
state->message[14] = state->length >> 32;
state->message[15] = state->length & 0xffffffff;
}
static void sha256Round(sha256State_t *state) {
u32 T1, T2;
u32 a, b, c, d, e, f, g, h;
if (state->message_length != 64) {
sha256Padding(state);
}
int t = 0;
for (; t < 16; t++)
state->W[t] = state->message[t];
for (; t < 64; t++)
state->W[t] = sigma1(state->W[t-2]) + state->W[t-7] + sigma0(state->W[t-15]) + state->W[t-16];
a=state->H[0];
b=state->H[1];
c=state->H[2];
d=state->H[3];
e=state->H[4];
f=state->H[5];
g=state->H[6];
h=state->H[7];
for (t = 0; t < 64; t++) {
T1 = h + Sigma1(e) + Ch(e,f,g) + K[t] + state->W[t];
T2 = Sigma0(a) + Maj(a,b,c);
h = g;
g = f;
f = e;
e = d + T1;
d = c;
c = b;
b = a;
a = T1 + T2;
}
state->H[0] += a;
state->H[1] += b;
state->H[2] += c;
state->H[3] += d;
state->H[4] += e;
state->H[5] += f;
state->H[6] += g;
state->H[7] += h;
}
static void sha256Hash(sha256State_t *state, u8 *buffer, size_t b_len) {
if((buffer == NULL) || (state == NULL))
return;
state->length += b_len;
size_t message_length = 0;
while(b_len > 0) {
message_length = (b_len < MSIZE) ? b_len : MSIZE;
memset(state->message, 0x00, MSIZE);
memcpy(state->message, buffer, message_length);
for(int i = 0; i < 16; i++)
state->message[i] = __builtin_bswap32(state->message[i]);
state->message_length = message_length;
sha256Round(state);
buffer += message_length;;
b_len -= message_length;;
}
}
static void sha256Finalise(u8 *hash, sha256State_t *state) {
if(!state->finalised) {
memset(state->message, 0x00, 16*sizeof(u32));
state->length <<= 3;
state->message[0] = 0x80000000;
state->message[14] = state->length >> 32;
state->message[15] = state->length & 0xffffffff;
state->message_length = 64;
state->finalised = 1;
sha256Round(state);
}
if(hash == NULL)
return;
for(int i = 0; i < 8; i++)
state->H[i] = __builtin_bswap32(state->H[i]);
memcpy(hash, state->H, SIZE);
}
void sha256(u8 *hash, u8 *buffer, size_t buffer_length) {
sha256State_t state;
initState(&state);
sha256Hash(&state, buffer, buffer_length);
sha256Finalise(hash, &state);
}
#ifdef TEST
int main(int argc, char **argv) {
unsigned char *tests[12] = {
"",
"\xe3\xb0\xc4\x42\x98\xfc\x1c\x14\x9a\xfb\xf4\xc8\x99\x6f\xb9\x24\x27\xae\x41\xe4\x64\x9b\x93\x4c\xa4\x95\x99\x1b\x78\x52\xb8\x55",
"abc",
"\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23\xb0\x03\x61\xa3\x96\x17\x7a\x9c\xb4\x10\xff\x61\xf2\x00\x15\xad",
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
"\x24\x8d\x6a\x61\xd2\x06\x38\xb8\xe5\xc0\x26\x93\x0c\x3e\x60\x39\xa3\x3c\xe4\x59\x64\xff\x21\x67\xf6\xec\xed\xd4\x19\xdb\x06\xc1",
"abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
"\xcf\x5b\x16\xa7\x78\xaf\x83\x80\x03\x6c\xe5\x9e\x7b\x04\x92\x37\x0b\x24\x9b\x11\xe8\xf0\x7a\x51\xaf\xac\x45\x03\x7a\xfe\xe9\xd1",
"\xbd",
"\x68\x32\x57\x20\xaa\xbd\x7c\x82\xf3\x0f\x55\x4b\x31\x3d\x05\x70\xc9\x5a\xcc\xbb\x7d\xc4\xb5\xaa\xe1\x12\x04\xc0\x8f\xfe\x73\x2b",
"\xc9\x8c\x8e\x55",
"\x7a\xbc\x22\xc0\xae\x5a\xf2\x6c\xe9\x3d\xbb\x94\x43\x3a\x0e\x0b\x2e\x11\x9d\x01\x4f\x8e\x7f\x65\xbd\x56\xc6\x1c\xcc\xcd\x95\x04"
};
for(int i = 0; i < 12; i += 2) {
u8 tmp[32];
sha256(tmp, tests[i], strlen(tests[i]));
for(int j = 0; j < 32; j++)
printf("%02x", tmp[j]);
printf(" ");
for(int j = 0; j < 32; j++)
printf("%02x", tests[i+1][j]);
printf("\n");
}
u8 tmp[32];
sha256State_t state;
initState(&state);
unsigned char *tvec = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmno";
unsigned char *tres = "\x50\xe7\x2a\x0e\x26\x44\x2f\xe2\x55\x2d\xc3\x93\x8a\xc5\x86\x58\x22\x8c\x0c\xbf\xb1\xd2\xca\x87\x2a\xe4\x35\x26\x6f\xcd\x05\x5e";
for (size_t i = 0; i < 16777216; i++) {
sha256Hash(&state, tvec, 64);
}
sha256Finalise(tmp, &state);
for(int j = 0; j < 32; j++)
printf("%02x", tmp[j]);
printf(" ");
for(int j = 0; j < 32; j++)
printf("%02x", tres[j]);
printf("\n");
return 0;
}
#endif

25
Assignment 7 - SGX Hands-on/lib/sha256.h
View file

@ -1,25 +0,0 @@
#ifndef SHA256_H
#define SHA256_H
#include <stdint.h>
#include <stddef.h>
#define SIZE 32
#define BUFFSIZE 4096
typedef uint8_t u8;
typedef uint32_t u32;
typedef uint64_t u64;
typedef struct sha256State {
u32 W[64];
u32 message[16];
u32 H[8];
u32 message_length;
u64 length;
u8 finalised;
} sha256State_t;
void sha256(u8 *hash, u8 *buffer, size_t buffer_length);
#endif