general/detee-sgx
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mrenclave sealing through occlum /dev/sgx

Browse Source
This commit is contained in:
Valentyn Faychuk 2024-10-20 01:24:43 +03:00
parent e963c25bf6
commit 540578dcf7
Signed by: valy
GPG Key ID: F1AB995E20FEADC5
4 changed files with 113 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples/sealing.rs
View File

@ -5,7 +5,7 @@ fn main() {
let text = "sealed text"; let text = "sealed text";
let additional_text = "additional"; let additional_text = "additional";
let sealed_data = let sealed_data =
SgxSealedData::seal_data(additional_text.as_bytes(), text.as_bytes()).unwrap(); SgxSealedData::<[u8]>::seal_data(additional_text.as_bytes(), text.as_bytes()).unwrap();
let unsealed_data = SgxSealedData::unseal_data(&sealed_data).unwrap(); let unsealed_data = SgxSealedData::unseal_data(&sealed_data).unwrap();
let text: &str = unsealed_data.get_decrypt_text(); let text: &str = unsealed_data.get_decrypt_text();
println!("Unsealed text: {}", text); println!("Unsealed text: {}", text);

24
src/bindings.rs
View File

@ -1951,23 +1951,24 @@ const _: () = {
[::std::mem::offset_of!(_tee_supp_data_descriptor_t, p_data) - 8usize]; [::std::mem::offset_of!(_tee_supp_data_descriptor_t, p_data) - 8usize];
}; };
pub type tee_supp_data_descriptor_t = _tee_supp_data_descriptor_t; pub type tee_supp_data_descriptor_t = _tee_supp_data_descriptor_t;
pub type int8_t = i8;
pub type int16_t = i16;
pub type int32_t = i32;
pub type int64_t = i64;
pub type uint8_t = u8;
pub type uint16_t = u16;
pub type uint32_t = u32;
pub type uint64_t = u64;
pub type size_t = usize;
extern "C" { extern "C" {
pub fn dcap_quote_open() -> *mut ::std::os::raw::c_void; pub fn dcap_quote_open() -> *mut ::std::os::raw::c_void;
}
extern "C" {
pub fn dcap_get_quote_size(handle: *mut ::std::os::raw::c_void) -> u32; pub fn dcap_get_quote_size(handle: *mut ::std::os::raw::c_void) -> u32;
}
extern "C" {
pub fn dcap_generate_quote( pub fn dcap_generate_quote(
handle: *mut ::std::os::raw::c_void, handle: *mut ::std::os::raw::c_void,
quote_buf: *mut u8, quote_buf: *mut u8,
report_data: *const sgx_report_data_t, report_data: *const sgx_report_data_t,
) -> i32; ) -> i32;
}
extern "C" {
pub fn dcap_get_supplemental_data_size(handle: *mut ::std::os::raw::c_void) -> u32; pub fn dcap_get_supplemental_data_size(handle: *mut ::std::os::raw::c_void) -> u32;
}
extern "C" {
pub fn dcap_verify_quote( pub fn dcap_verify_quote(
handle: *mut ::std::os::raw::c_void, handle: *mut ::std::os::raw::c_void,
quote_buf: *const u8, quote_buf: *const u8,
@ -1977,8 +1978,11 @@ extern "C" {
supplemental_data_size: u32, supplemental_data_size: u32,
supplemental_data: *mut u8, supplemental_data: *mut u8,
) -> i32; ) -> i32;
} pub fn dcap_generate_key(
extern "C" { handle: *mut ::std::os::raw::c_void,
key: *mut sgx_key_128bit_t,
key_request: *const sgx_key_request_t,
) -> i32;
pub fn dcap_quote_close(handle: *mut ::std::os::raw::c_void); pub fn dcap_quote_close(handle: *mut ::std::os::raw::c_void);
} }
#[repr(C)] #[repr(C)]

96
src/quote.rs
View File

@ -7,6 +7,50 @@ use std::ops::Deref;
use std::sync::Mutex; use std::sync::Mutex;
use std::time::Instant; use std::time::Instant;
pub const SGX_FLAGS_INITTED: uint64_t = 0x0000_0000_0000_0001; //If set, then the enclave is initialized
pub const SGX_FLAGS_DEBUG: uint64_t = 0x0000_0000_0000_0002; //If set, then the enclave is debug
pub const SGX_FLAGS_MODE64BIT: uint64_t = 0x0000_0000_0000_0004; //If set, then the enclave is 64 bit
pub const SGX_FLAGS_PROVISION_KEY: uint64_t = 0x0000_0000_0000_0010; //If set, then the enclave has access to provision key
pub const SGX_FLAGS_EINITTOKEN_KEY: uint64_t = 0x0000_0000_0000_0020; //If set, then the enclave has access to EINITTOKEN key
pub const SGX_FLAGS_KSS: uint64_t = 0x0000_0000_0000_0080; //If set enclave uses KSS
pub const SGX_FLAGS_AEX_NOTIFY: uint64_t = 0x0000_0000_0000_0400; //If set, then the enclave enables AEX Notify
pub const FLAGS_NON_SECURITY_BITS: uint64_t = 0x00FF_FFFF_FFFF_FFC0
| SGX_FLAGS_MODE64BIT
| SGX_FLAGS_PROVISION_KEY
| SGX_FLAGS_EINITTOKEN_KEY;
pub const TSEAL_DEFAULT_FLAGSMASK: uint64_t = !FLAGS_NON_SECURITY_BITS;
pub const FLAGS_SECURITY_BITS_RESERVED: uint64_t =
!(FLAGS_NON_SECURITY_BITS | SGX_FLAGS_INITTED | SGX_FLAGS_DEBUG | SGX_FLAGS_KSS);
pub const MISC_NON_SECURITY_BITS: uint32_t = 0x0FFF_FFFF;
pub const TSEAL_DEFAULT_MISCMASK: uint32_t = !MISC_NON_SECURITY_BITS;
// TODO Intel sgx sdk 2.4
pub const SGX_KEYSELECT_LICENSE: uint16_t = 0x0000;
pub const SGX_KEYSELECT_PROVISION: uint16_t = 0x0001;
pub const SGX_KEYSELECT_PROVISION_SEAL: uint16_t = 0x0002;
pub const SGX_KEYSELECT_REPORT: uint16_t = 0x0003;
pub const SGX_KEYSELECT_SEAL: uint16_t = 0x0004;
// Key Policy
pub const SGX_KEYPOLICY_MRENCLAVE: uint16_t = 0x0001; /* Derive key using the enclave's ENCLAVE measurement register */
pub const SGX_KEYPOLICY_MRSIGNER: uint16_t = 0x0002; /* Derive key using the enclave's SINGER measurement register */
pub const SGX_KEYPOLICY_NOISVPRODID: uint16_t = 0x0004; /* Derive key without the enclave's ISVPRODID */
pub const SGX_KEYPOLICY_CONFIGID: uint16_t = 0x0008; /* Derive key with the enclave's CONFIGID */
pub const SGX_KEYPOLICY_ISVFAMILYID: uint16_t = 0x0010; /* Derive key with the enclave's ISVFAMILYID */
pub const SGX_KEYPOLICY_ISVEXTPRODID: uint16_t = 0x0020; /* Derive key with the enclave's ISVEXTPRODID */
pub const SGX_KEYID_SIZE: size_t = 32;
pub const SGX_CPUSVN_SIZE: size_t = 16;
pub const SGX_CONFIGID_SIZE: size_t = 64;
pub const SGX_KEY_REQUEST_RESERVED2_BYTES: size_t = 434;
pub enum SealingKeyPolicy {
MrSigner,
MrEnclave,
}
pub type Sgx128BitKey = sgx_key_128bit_t;
pub struct Quote { pub struct Quote {
buf: Vec<u8>, buf: Vec<u8>,
report_body: *const sgx_report_body_t, report_body: *const sgx_report_body_t,
@ -277,6 +321,58 @@ impl IoctlClient {
Ok(result.into()) Ok(result.into())
} }
/// Generate a sealing key for the given policy and SGX report
/// The sealing key is used to encrypt/decrypt data in the enclave
/// The quote must be previously generated using the `generate_quote`
fn generate_sealing_key(
&mut self,
quote: &Quote,
policy: SealingKeyPolicy,
) -> Result<Sgx128BitKey, RaTlsError> {
let report_body = unsafe { *quote.report_body };
let mut key_policy = match policy {
SealingKeyPolicy::MrSigner => SGX_KEYPOLICY_MRSIGNER,
SealingKeyPolicy::MrEnclave => SGX_KEYPOLICY_MRENCLAVE,
};
if (report_body.attributes.flags & SGX_FLAGS_KSS) != 0 {
const KEY_POLICY_KSS: uint16_t =
SGX_KEYPOLICY_CONFIGID | SGX_KEYPOLICY_ISVFAMILYID | SGX_KEYPOLICY_ISVEXTPRODID;
key_policy = key_policy | KEY_POLICY_KSS;
}
// Intel sgx sdk 1.8
let attribute_mask = sgx_attributes_t {
flags: TSEAL_DEFAULT_FLAGSMASK,
xfrm: 0,
};
let misc_mask: sgx_misc_select_t = TSEAL_DEFAULT_MISCMASK;
let mut key = sgx_key_128bit_t::default();
let key_request = sgx_key_request_t {
key_name: SGX_KEYSELECT_SEAL,
key_policy,
isv_svn: report_body.isv_svn,
reserved1: 0_u16,
cpu_svn: report_body.cpu_svn,
attribute_mask,
key_id,
misc_mask,
config_svn: report_body.config_svn,
reserved2: [0_u8; SGX_KEY_REQUEST_RESERVED2_BYTES],
};
let ret_code = unsafe { dcap_generate_key(self.handle()?, &mut key, &key_request) };
if ret_code < 0 {
return Err(RaTlsError::DcapError(
"Failed to generate DCAP sealing key".to_string(),
));
}
Ok(key)
}
} }
impl Drop for IoctlClient { impl Drop for IoctlClient {

2
src/sealing.rs Normal file
View File

@ -0,0 +1,2 @@
#[cfg(feature = "occlum")]
use crate::quote::{Quote, STATIC_QUOTE};