datachainlab · bluele · Nov 19, 2024 · Nov 18, 2024
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/enclave-modules/ecall-handler/src/enclave_manage/enclave.rs b/enclave-modules/ecall-handler/src/enclave_manage/enclave.rs
@@ -9,8 +9,8 @@ pub(crate) fn generate_enclave_key(
     input: GenerateEnclaveKeyInput,
 ) -> Result<GenerateEnclaveKeyResponse, Error> {
     let ek = EnclaveKey::new()?;
-    let sealed_ek = ek.seal()?;
     let ek_pub = ek.get_pubkey();
+    let sealed_ek = ek.seal()?;
     let report_data = ReportData::new(ek_pub.as_address(), input.operator);
     let report = match rsgx_create_report(&input.target_info, &report_data.into()) {
         Ok(r) => r,

diff --git a/enclave/Cargo.lock b/enclave/Cargo.lock
diff --git a/modules/crypto/Cargo.toml b/modules/crypto/Cargo.toml
@@ -14,7 +14,8 @@ serde = { version = "1.0.184", default-features = false, features = ["alloc", "d
 serde-big-array = "0.5.1"
 hex = { version = "0.4", default-features = false, features = ["alloc"] }
 flex-error = { version = "0.4.4", default-features = false }
-libsecp256k1 = { version = "0.7.1", default-features = false, features = ["static-context", "hmac"] }
+libsecp256k1 = { rev = "48dabd8821852c5fe00b846f6c37e1f6b05c3d8c", git = "https://github.com/paritytech/libsecp256k1", default-features = false, features = ["static-context", "hmac"] }
+zeroize = { version = "1.8.1", default-features = false, features = ["alloc", "zeroize_derive"] }
 
 [features]
 default = ["std"]

diff --git a/modules/crypto/src/key.rs b/modules/crypto/src/key.rs
@@ -2,18 +2,18 @@ use crate::prelude::*;
 use crate::{Error, Keccak256, Signer, Verifier};
 use alloc::fmt;
 use core::fmt::Display;
-use libsecp256k1::PublicKeyFormat;
+use core::sync::atomic;
 use libsecp256k1::{
     curve::Scalar,
     util::{COMPRESSED_PUBLIC_KEY_SIZE, SECRET_KEY_SIZE},
-    Message, PublicKey, RecoveryId, SecretKey, Signature,
+    Message, PublicKey, PublicKeyFormat, RecoveryId, SecretKey, Signature,
 };
 use serde::{Deserialize, Serialize};
 use serde_big_array::BigArray;
 use sgx_types::sgx_sealed_data_t;
 use tiny_keccak::Keccak;
+use zeroize::Zeroizing;
 
-#[derive(Default)]
 pub struct EnclaveKey {
     pub(crate) secret_key: SecretKey,
 }
@@ -42,15 +42,25 @@ impl EnclaveKey {
         Ok(Self { secret_key })
     }
 
-    pub fn get_privkey(&self) -> [u8; SECRET_KEY_SIZE] {
-        self.secret_key.serialize()
+    pub fn get_privkey(self) -> Zeroizing<[u8; SECRET_KEY_SIZE]> {
+        Zeroizing::new(self.secret_key.serialize())
     }
 
     pub fn get_pubkey(&self) -> EnclavePublicKey {
         EnclavePublicKey(PublicKey::from_secret_key(&self.secret_key))
     }
 }
 
+impl Drop for EnclaveKey {
+    fn drop(&mut self) {
+        self.secret_key.clear();
+        // Use fences to prevent accesses from being reordered before this
+        // point, which should hopefully help ensure that all accessors
+        // see zeroes after this point.
+        atomic::compiler_fence(atomic::Ordering::SeqCst);
+    }
+}
+
 #[derive(Debug, Clone, PartialEq, Eq)]
 pub struct EnclavePublicKey(PublicKey);
 
@@ -274,3 +284,21 @@ impl Signer for NopSigner {
         Err(Error::nop_signer())
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_zeroize_enclave_key() {
+        let ptr = {
+            let ek = EnclaveKey::new().unwrap();
+            let ptr = &ek.secret_key as *const SecretKey as *const u8;
+            let slice = unsafe { core::slice::from_raw_parts(ptr, SECRET_KEY_SIZE) };
+            assert_ne!(slice, &[0u8; SECRET_KEY_SIZE]);
+            ptr
+        };
+        let slice = unsafe { core::slice::from_raw_parts(ptr, SECRET_KEY_SIZE) };
+        assert_eq!(slice, &[0u8; SECRET_KEY_SIZE]);
+    }
+}
diff --git a/modules/crypto/src/sgx/sealing.rs b/modules/crypto/src/sgx/sealing.rs
@@ -4,39 +4,40 @@ use crate::EnclaveKey;
 use crate::Error;
 use crate::Signer;
 use crate::{prelude::*, EnclavePublicKey};
+use core::ops::Deref;
 use libsecp256k1::{util::SECRET_KEY_SIZE, SecretKey};
 use sgx_tseal::SgxSealedData;
-use sgx_types::{marker::ContiguousMemory, sgx_sealed_data_t};
-use sgx_types::{sgx_attributes_t, SGX_KEYPOLICY_MRENCLAVE, TSEAL_DEFAULT_MISCMASK};
+use sgx_types::{
+    sgx_attributes_t, sgx_sealed_data_t, SGX_KEYPOLICY_MRENCLAVE, TSEAL_DEFAULT_MISCMASK,
+};
+use zeroize::Zeroizing;
 
-#[derive(Clone, Copy)]
-struct UnsealedEnclaveKey([u8; SECRET_KEY_SIZE]);
-
-unsafe impl ContiguousMemory for UnsealedEnclaveKey {}
+#[derive(Clone)]
+struct UnsealedEnclaveKey(Zeroizing<[u8; SECRET_KEY_SIZE]>);
 
 impl SealingKey for EnclaveKey {
-    fn seal(&self) -> Result<SealedEnclaveKey, Error> {
-        seal_enclave_key(UnsealedEnclaveKey(self.get_privkey()))
+    fn seal(self) -> Result<SealedEnclaveKey, Error> {
+        seal_enclave_key(&UnsealedEnclaveKey(self.get_privkey()))
     }
 
     fn unseal(sek: &SealedEnclaveKey) -> Result<Self, Error> {
         let unsealed = unseal_enclave_key(&sek)?;
-        let secret_key = SecretKey::parse(&unsealed.0)?;
+        let secret_key = SecretKey::parse(unsealed.0.deref())?;
         Ok(Self { secret_key })
     }
 }
 
-fn seal_enclave_key(data: UnsealedEnclaveKey) -> Result<SealedEnclaveKey, Error> {
+fn seal_enclave_key(data: &UnsealedEnclaveKey) -> Result<SealedEnclaveKey, Error> {
     let attribute_mask = sgx_attributes_t {
         flags: 0xffff_ffff_ffff_fff3,
         xfrm: 0,
     };
-    let sealed_data = SgxSealedData::<UnsealedEnclaveKey>::seal_data_ex(
+    let sealed_data = SgxSealedData::<[u8; SECRET_KEY_SIZE]>::seal_data_ex(
         SGX_KEYPOLICY_MRENCLAVE,
         attribute_mask,
         TSEAL_DEFAULT_MISCMASK,
         Default::default(),
-        &data,
+        data.0.deref(),
     )
     .map_err(|e| Error::sgx_error(e, "failed to seal enclave key".to_string()))?;
     let mut sek = SealedEnclaveKey([0; SEALED_DATA_32_USIZE]);
@@ -56,16 +57,18 @@ fn seal_enclave_key(data: UnsealedEnclaveKey) -> Result<SealedEnclaveKey, Error>
 fn unseal_enclave_key(sek: &SealedEnclaveKey) -> Result<UnsealedEnclaveKey, Error> {
     let mut sek = sek.clone();
     let sealed = unsafe {
-        SgxSealedData::<UnsealedEnclaveKey>::from_raw_sealed_data_t(
+        SgxSealedData::<[u8; SECRET_KEY_SIZE]>::from_raw_sealed_data_t(
             sek.0.as_mut_ptr() as *mut sgx_sealed_data_t,
             SEALED_DATA_32_SIZE,
         )
     }
     .ok_or_else(|| Error::failed_unseal("failed to convert from raw sealed data".to_owned()))?;
-    Ok(*sealed
-        .unseal_data()
-        .map_err(|e| Error::sgx_error(e, "failed to unseal enclave key".to_string()))?
-        .get_decrypt_txt())
+    Ok(UnsealedEnclaveKey(Zeroizing::new(
+        *sealed
+            .unseal_data()
+            .map_err(|e| Error::sgx_error(e, "failed to unseal enclave key".to_string()))?
+            .get_decrypt_txt(),
+    )))
 }
 
 impl Signer for SealedEnclaveKey {

diff --git a/modules/crypto/src/traits.rs b/modules/crypto/src/traits.rs
@@ -17,7 +17,7 @@ pub trait SealingKey
 where
     Self: core::marker::Sized,
 {
-    fn seal(&self) -> Result<SealedEnclaveKey, Error>;
+    fn seal(self) -> Result<SealedEnclaveKey, Error>;
     fn unseal(sek: &SealedEnclaveKey) -> Result<Self, Error>;
 }