use crate::prelude::*; use std::ffi::CString; const SGXIOC_GET_DCAP_QUOTE_SIZE: u64 = 0x80047307; const SGXIOC_GEN_DCAP_QUOTE: u64 = 0xc0187308; const SGXIOC_GET_DCAP_SUPPLEMENTAL_SIZE: u64 = 0x80047309; const SGXIOC_VER_DCAP_QUOTE: u64 = 0xc030730a; // const SGXIOC_CMD_NUM_KEY: u64 = 0xc010730b; cfg_if::cfg_if! { if #[cfg(target_env = "musl")] { const IOCTL_GET_DCAP_QUOTE_SIZE: i32 = SGXIOC_GET_DCAP_QUOTE_SIZE as i32; const IOCTL_GEN_DCAP_QUOTE: i32 = SGXIOC_GEN_DCAP_QUOTE as i32; const IOCTL_GET_DCAP_SUPPLEMENTAL_SIZE: i32 = SGXIOC_GET_DCAP_SUPPLEMENTAL_SIZE as i32; const IOCTL_VER_DCAP_QUOTE: i32 = SGXIOC_VER_DCAP_QUOTE as i32; // const IOCTL_CMD_NUM_KEY: i32 = SGXIOC_CMD_NUM_KEY as i32; } else { const IOCTL_GET_DCAP_QUOTE_SIZE: u64 = SGXIOC_GET_DCAP_QUOTE_SIZE; const IOCTL_GEN_DCAP_QUOTE: u64 = SGXIOC_GEN_DCAP_QUOTE; const IOCTL_GET_DCAP_SUPPLEMENTAL_SIZE: u64 = SGXIOC_GET_DCAP_SUPPLEMENTAL_SIZE; const IOCTL_VER_DCAP_QUOTE: u64 = SGXIOC_VER_DCAP_QUOTE; // const IOCTL_CMD_NUM_KEY: u64 = SGXIOC_CMD_NUM_KEY; } } // Copy from occlum/src/libos/src/fs/dev_fs/dev_sgx/mod.rs //#[allow(dead_code)] #[repr(C)] pub struct IoctlGenDCAPQuoteArg { pub report_data: *const sgx_report_data_t, // Input pub quote_size: *mut u32, // Input/output pub quote_buf: *mut u8, // Output } // Copy from occlum/src/libos/src/fs/dev_fs/dev_sgx/mod.rs //#[allow(dead_code)] #[repr(C)] pub struct IoctlVerDCAPQuoteArg { pub quote_buf: *const u8, // Input pub quote_size: u32, // Input pub collateral_expiration_status: *mut u32, // Output pub quote_verification_result: *mut sgx_ql_qv_result_t, // Output pub supplemental_data_size: u32, // Input (optional) pub supplemental_data: *mut u8, // Output (optional) } /* // Copy from occlum/src/libos/src/fs/dev_fs/dev_sgx/mod.rs //#[allow(dead_code)] #[repr(C)] pub struct IoctlGetKeyArg { pub key_request: *const sgx_key_request_t, // Input pub key: *mut sgx_key_128bit_t, // Output } */ pub struct DcapQuote { fd: c_int, quote_size: u32, supplemental_size: u32, } impl DcapQuote { pub fn new() -> Result { let path = CString::new("/dev/sgx").unwrap(); let fd = unsafe { libc::open(path.as_ptr(), O_RDONLY) }; if fd > 0 { Ok(Self { fd: fd, quote_size: 0, supplemental_size: 0, }) } else { let os_err = Error::last_os_error(); println!("OS error: {os_err:?}"); Err(os_err) } } pub fn get_quote_size(&mut self) -> Result { let size: u32 = 0; let ret = unsafe { libc::ioctl(self.fd, IOCTL_GET_DCAP_QUOTE_SIZE, &size) }; if ret < 0 { let os_err = Error::last_os_error(); println!("OS error: {os_err:?}"); Err(os_err) } else { self.quote_size = size; Ok(size) } } pub fn generate_quote( &mut self, quote_buf: *mut u8, report_data: *const sgx_report_data_t, ) -> Result { let quote_arg: IoctlGenDCAPQuoteArg = IoctlGenDCAPQuoteArg { report_data: report_data, quote_size: &mut self.quote_size, quote_buf: quote_buf, }; let ret = unsafe { libc::ioctl(self.fd, IOCTL_GEN_DCAP_QUOTE, "e_arg) }; if ret < 0 { let os_err = Error::last_os_error(); println!("OS error: {os_err:?}"); Err(os_err) } else { Ok(0) } } pub fn get_supplemental_data_size(&mut self) -> Result { let size: u32 = 0; let ret = unsafe { libc::ioctl(self.fd, IOCTL_GET_DCAP_SUPPLEMENTAL_SIZE, &size) }; if ret < 0 { let os_err = Error::last_os_error(); println!("OS error: {os_err:?}"); Err(os_err) } else { self.supplemental_size = size; Ok(size) } } pub fn verify_quote(&mut self, verify_arg: *mut IoctlVerDCAPQuoteArg) -> Result { let ret = unsafe { libc::ioctl(self.fd, IOCTL_VER_DCAP_QUOTE, verify_arg) }; if ret < 0 { let os_err = Error::last_os_error(); println!("OS error: {os_err:?}"); Err(os_err) } else { Ok(0) } } /* pub fn generate_key(&mut self, key_arg: *mut IoctlGetKeyArg) -> Result { let ret = unsafe { libc::ioctl(self.fd, IOCTL_CMD_NUM_KEY, key_arg) }; if ret < 0 { let os_err = Error::last_os_error(); println!("OS error: {os_err:?}"); Err(os_err) } else { Ok(0) } } */ pub fn close(&mut self) { unsafe { libc::close(self.fd) }; } }