From cd6c2a8b81a2d70a2b2a1e7ce814bdbea9dd4732 Mon Sep 17 00:00:00 2001 From: "Li, Xun" Date: Wed, 17 Jan 2024 16:25:11 +0800 Subject: [PATCH] Linux 2.23 Open Source Gold Release MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Supported new OS: Ubuntu* 23.10 64-bit Server version. Upgraded to OpenSSL 3.0.12. Upgraded MbedTLS to 3.5.0. Added SM2 encrypt/decrypt algorithm to the GM/SM (PRC National Commercial Cryptographic Algorithms) sample code. Introduced the IntelĀ® DCAP Appraisal Engine within quote verification library, empowering users to evaluate verification results against diverse policies. Upgraded Intel SGX Quote Verification Enclave to integrate OpenSSL/SgxSSL 3.0.12. Added Rust wrapper for quote provider library APIs. Fixed bugs. Signed-off-by: Li, Xun --- License.txt | 398 ++++++++++++ Makefile | 103 ++- README.md | 25 +- .../service_provider/ecp.cpp | 10 +- .../service_provider/ias_ra.cpp | 5 +- .../service_provider/service_provider.cpp | 21 +- SampleCode/SampleEnclaveGMIPP/App/App.cpp | 40 +- SampleCode/SampleEnclaveGMIPP/App/App.h | 4 +- .../SampleEnclaveGMIPP/Enclave/Enclave.cpp | 599 ++++++++++++++++-- .../SampleEnclaveGMIPP/Enclave/Enclave.edl | 4 +- .../SampleEnclaveGMIPP/Enclave/Enclave.h | 4 +- buildenv.mk | 4 +- common/inc/internal/se_version.h | 16 +- common/inc/tlibc/wchar.h | 3 + common/src/sgx_read_rand.cpp | 6 +- docker/build/tdx-qgs.dockerfile | 1 + download_prebuilt.sh | 8 +- .../CppMicroServices/util/src/FileSystem.cpp | 1 + external/dcap_source | 2 +- external/mbedtls/mbedtls_code | 2 +- external/mbedtls/sgx_mbedtls.patch | 54 +- external/protobuf/sgx_protobuf.patch | 20 +- external/sgxssl/prepare_sgxssl.sh | 16 +- linux/installer/common/sdk/BOMs/sdk_base.txt | 3 + .../deb/local_repo_tool/conf/distributions | 8 + .../sgx-aesm-service-1.0/debian/control | 4 +- .../libsgx-aesm-ecdsa-plugin.spec | 2 +- .../libsgx-aesm-pce-plugin.spec | 2 +- .../ae_reproducibility_verifier/README.md | 137 ++-- .../reproducibility_verifier.sh | 80 +-- .../build_and_launch_docker.sh | 6 +- psw/urts/enclave_creator_hw.h | 1 + psw/urts/linux/edmm_utility.cpp | 10 +- psw/urts/linux/edmm_utility.h | 3 +- psw/urts/linux/enclave_creator_hw.cpp | 18 +- sdk/Makefile.source | 10 +- sdk/cpprt/linux/libunwind/src/elfxx.h | 2 + sdk/cpprt/linux/libunwind/src/x86_64/Ginit.c | 4 + sdk/protected_code_loader/Makefile | 8 + sdk/protected_code_loader/crypto/pcl_gcm128.c | 7 + sdk/protected_code_loader/crypto/pcl_sha256.c | 9 +- sdk/sign_tool/SignTool/sign_tool.cpp | 2 +- sdk/tlibc/gen/sbrk.c | 5 +- sdk/tlibc/math/e_powl.c | 1 - sdk/tlibc/stdlib/malloc.c | 25 +- sdk/tlibc/string/strchr.c | 2 - sdk/tlibc/string/wcsncasecmp.c | 9 + sdk/trts/ctd.c | 2 +- sdk/trts/ctd.h | 2 +- sdk/ttls/Makefile | 23 +- sdk/utls/Makefile | 20 +- 51 files changed, 1428 insertions(+), 323 deletions(-) create mode 100644 sdk/tlibc/string/wcsncasecmp.c diff --git a/License.txt b/License.txt index fc7972c56..659607a47 100644 --- a/License.txt +++ b/License.txt @@ -1563,6 +1563,10 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE + + + + 22. musl C musl as a whole is licensed under the following standard MIT license: @@ -1588,3 +1592,397 @@ IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + + + + + +23. OpenMP + +============================================================================== + +The software contained in this directory tree is dual licensed under both the +University of Illinois "BSD-Like" license and the MIT license. As a user of +this code you may choose to use it under either license. As a contributor, +you agree to allow your code to be used under both. The full text of the +relevant licenses is included below. + +In addition, a license agreement from the copyright/patent holders of the +software contained in this directory tree is included below. + +============================================================================== + +University of Illinois/NCSA +Open Source License + +Copyright (c) 1997-2019 Intel Corporation + +All rights reserved. + +Developed by: + OpenMP Runtime Team + Intel Corporation + http://www.openmprtl.org + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal with +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimers. + + * Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimers in the + documentation and/or other materials provided with the distribution. + + * Neither the names of Intel Corporation OpenMP Runtime Team nor the + names of its contributors may be used to endorse or promote products + derived from this Software without specific prior written permission. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +CONTRIBUTORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS WITH THE +SOFTWARE. + +============================================================================== + +Copyright (c) 1997-2019 Intel Corporation + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + +============================================================================== + +Intel Corporation + +Software Grant License Agreement ("Agreement") + +Except for the license granted herein to you, Intel Corporation ("Intel") reserves +all right, title, and interest in and to the Software (defined below). + +Definition + +"Software" means the code and documentation as well as any original work of +authorship, including any modifications or additions to an existing work, that +is intentionally submitted by Intel to llvm.org (http://llvm.org) ("LLVM") for +inclusion in, or documentation of, any of the products owned or managed by LLVM +(the "Work"). For the purposes of this definition, "submitted" means any form of +electronic, verbal, or written communication sent to LLVM or its +representatives, including but not limited to communication on electronic +mailing lists, source code control systems, and issue tracking systems that are +managed by, or on behalf of, LLVM for the purpose of discussing and improving +the Work, but excluding communication that is conspicuously marked otherwise. + +1. Grant of Copyright License. Subject to the terms and conditions of this + Agreement, Intel hereby grants to you and to recipients of the Software + distributed by LLVM a perpetual, worldwide, non-exclusive, no-charge, + royalty-free, irrevocable copyright license to reproduce, prepare derivative + works of, publicly display, publicly perform, sublicense, and distribute the + Software and such derivative works. + +2. Grant of Patent License. Subject to the terms and conditions of this + Agreement, Intel hereby grants you and to recipients of the Software + distributed by LLVM a perpetual, worldwide, non-exclusive, no-charge, + royalty-free, irrevocable (except as stated in this section) patent license + to make, have made, use, offer to sell, sell, import, and otherwise transfer + the Work, where such license applies only to those patent claims licensable + by Intel that are necessarily infringed by Intel's Software alone or by + combination of the Software with the Work to which such Software was + submitted. If any entity institutes patent litigation against Intel or any + other entity (including a cross-claim or counterclaim in a lawsuit) alleging + that Intel's Software, or the Work to which Intel has contributed constitutes + direct or contributory patent infringement, then any patent licenses granted + to that entity under this Agreement for the Software or Work shall terminate + as of the date such litigation is filed. + +Unless required by applicable law or agreed to in writing, the software is +provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +either express or implied, including, without limitation, any warranties or +conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A +PARTICULAR PURPOSE. + +============================================================================== + +ARM Limited + +Software Grant License Agreement ("Agreement") + +Except for the license granted herein to you, ARM Limited ("ARM") reserves all +right, title, and interest in and to the Software (defined below). + +Definition + +"Software" means the code and documentation as well as any original work of +authorship, including any modifications or additions to an existing work, that +is intentionally submitted by ARM to llvm.org (http://llvm.org) ("LLVM") for +inclusion in, or documentation of, any of the products owned or managed by LLVM +(the "Work"). For the purposes of this definition, "submitted" means any form of +electronic, verbal, or written communication sent to LLVM or its +representatives, including but not limited to communication on electronic +mailing lists, source code control systems, and issue tracking systems that are +managed by, or on behalf of, LLVM for the purpose of discussing and improving +the Work, but excluding communication that is conspicuously marked otherwise. + +1. Grant of Copyright License. Subject to the terms and conditions of this + Agreement, ARM hereby grants to you and to recipients of the Software + distributed by LLVM a perpetual, worldwide, non-exclusive, no-charge, + royalty-free, irrevocable copyright license to reproduce, prepare derivative + works of, publicly display, publicly perform, sublicense, and distribute the + Software and such derivative works. + +2. Grant of Patent License. Subject to the terms and conditions of this + Agreement, ARM hereby grants you and to recipients of the Software + distributed by LLVM a perpetual, worldwide, non-exclusive, no-charge, + royalty-free, irrevocable (except as stated in this section) patent license + to make, have made, use, offer to sell, sell, import, and otherwise transfer + the Work, where such license applies only to those patent claims licensable + by ARM that are necessarily infringed by ARM's Software alone or by + combination of the Software with the Work to which such Software was + submitted. If any entity institutes patent litigation against ARM or any + other entity (including a cross-claim or counterclaim in a lawsuit) alleging + that ARM's Software, or the Work to which ARM has contributed constitutes + direct or contributory patent infringement, then any patent licenses granted + to that entity under this Agreement for the Software or Work shall terminate + as of the date such litigation is filed. + +Unless required by applicable law or agreed to in writing, the software is +provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +either express or implied, including, without limitation, any warranties or +conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A +PARTICULAR PURPOSE. + +============================================================================== + + + + + +24. DNNL and MbedTLS +The DNNL and MbedTLS are both licensed under the following MIT license: + + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + + + + +25. libcbor + +MIT License + +Copyright (c) 2014-2017 Pavel Kalvoda + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/Makefile b/Makefile index 0a08dd728..32433051d 100644 --- a/Makefile +++ b/Makefile @@ -90,11 +90,11 @@ tdx: $(MAKE) -C external/dcap_source/QuoteGeneration tdx_qgs $(MAKE) -C external/dcap_source/QuoteGeneration tdx_attest -td_migration: - $(MAKE) -C sdk/ td_migration _TD_MIGRATION=1 - $(MAKE) -C external/dcap_source/QuoteGeneration td_migration +servtd_attest: + $(MAKE) -C sdk/ servtd_attest SERVTD_ATTEST=1 + $(MAKE) -C external/dcap_source/QuoteGeneration servtd_attest -td_migration_preparation: +servtd_attest_preparation: # Only enable the download from git git submodule update --init --recursive external/dcap_source external/sgx-emm/emm_src ./external/sgx-emm/create_symlink.sh @@ -209,7 +209,21 @@ deb_libsgx_headers_pkg: ifeq ($(CC_BELOW_5_2), 1) .PHONY: deb_psw_pkg -deb_psw_pkg: deb_libsgx_headers_pkg deb_libsgx_qe3_logic deb_libsgx_pce_logic deb_sgx_aesm_service deb_libsgx_epid deb_libsgx_launch deb_libsgx_quote_ex deb_libsgx_uae_service deb_libsgx_enclave_common deb_libsgx_urts deb_libsgx_ae_qe3 deb_libsgx_ae_tdqe deb_libsgx_ae_id_enclave deb_libsgx_tdx_logic deb_tdx_qgs deb_tdx_attest +deb_psw_pkg: deb_libsgx_headers_pkg \ + deb_libsgx_qe3_logic \ + deb_libsgx_pce_logic \ + deb_sgx_aesm_service \ + deb_libsgx_epid \ + deb_libsgx_launch \ + deb_libsgx_quote_ex \ + deb_libsgx_uae_service \ + deb_libsgx_enclave_common \ + deb_libsgx_urts \ + deb_libsgx_ae_qe3 \ + deb_libsgx_ae_tdqe \ + deb_libsgx_ae_id_enclave \ + deb_libsgx_tdx_logic \ + deb_tdx_qgs deb_tdx_attest else .PHONY: deb_libsgx_dcap_default_qpl deb_libsgx_dcap_default_qpl: @@ -250,8 +264,36 @@ deb_sgx_ra_service_pkg: $(CP) external/dcap_source/tools/SGXPlatformRegistration/build/installer/sgx-ra-service*deb ./linux/installer/deb/sgx-aesm-service/ $(CP) external/dcap_source/tools/SGXPlatformRegistration/build/installer/libsgx-ra-*deb ./linux/installer/deb/sgx-aesm-service/ +.PHONY: deb_tee_appraisal_tool +deb_tee_appraisal_tool: + $(MAKE) -C external/dcap_source/QuoteGeneration deb_tee_appraisal_tool_pkg + $(CP) external/dcap_source/QuoteGeneration/installer/linux/deb/tee-appraisal-tool/tee-appraisal-tool*deb ./linux/installer/deb/sgx-aesm-service/ + .PHONY: deb_psw_pkg -deb_psw_pkg: deb_libsgx_headers_pkg deb_libsgx_qe3_logic deb_libsgx_pce_logic deb_sgx_aesm_service deb_libsgx_epid deb_libsgx_launch deb_libsgx_quote_ex deb_libsgx_uae_service deb_libsgx_enclave_common deb_libsgx_urts deb_libsgx_ae_qe3 deb_libsgx_ae_id_enclave deb_libsgx_dcap_default_qpl deb_libsgx_dcap_pccs deb_libsgx_dcap_ql deb_libsgx_ae_qve deb_sgx_dcap_quote_verify deb_sgx_pck_id_retrieval_tool_pkg deb_sgx_ra_service_pkg deb_libsgx_ae_tdqe deb_libsgx_tdx_logic deb_tdx_qgs deb_tdx_attest +deb_psw_pkg: deb_libsgx_headers_pkg \ + deb_libsgx_qe3_logic \ + deb_libsgx_pce_logic \ + deb_sgx_aesm_service \ + deb_libsgx_epid \ + deb_libsgx_launch \ + deb_libsgx_quote_ex \ + deb_libsgx_uae_service \ + deb_libsgx_enclave_common \ + deb_libsgx_urts \ + deb_libsgx_ae_qe3 \ + deb_libsgx_ae_id_enclave \ + deb_libsgx_dcap_default_qpl \ + deb_libsgx_dcap_pccs \ + deb_libsgx_dcap_ql \ + deb_libsgx_ae_qve \ + deb_sgx_dcap_quote_verify \ + deb_sgx_pck_id_retrieval_tool_pkg \ + deb_sgx_ra_service_pkg \ + deb_libsgx_ae_tdqe \ + deb_libsgx_tdx_logic \ + deb_tdx_qgs \ + deb_tdx_attest \ + deb_tee_appraisal_tool endif .PHONY: deb_local_repo @@ -345,7 +387,22 @@ rpm_libsgx_headers_pkg: ifeq ($(CC_BELOW_5_2), 1) .PHONY: rpm_psw_pkg -rpm_psw_pkg: rpm_libsgx_headers_pkg rpm_libsgx_pce_logic rpm_libsgx_qe3_logic rpm_sgx_aesm_service rpm_libsgx_epid rpm_libsgx_launch rpm_libsgx_quote_ex rpm_libsgx_uae_service rpm_libsgx_enclave_common rpm_libsgx_urts rpm_libsgx_ae_qe3 rpm_libsgx_ae_tdqe rpm_libsgx_ae_id_enclave rpm_libsgx_tdx_logic rpm_tdx_qgs rpm_tdx_attest +rpm_psw_pkg: rpm_libsgx_headers_pkg \ + rpm_libsgx_pce_logic \ + rpm_libsgx_qe3_logic \ + rpm_sgx_aesm_service \ + rpm_libsgx_epid \ + rpm_libsgx_launch \ + rpm_libsgx_quote_ex \ + rpm_libsgx_uae_service \ + rpm_libsgx_enclave_common \ + rpm_libsgx_urts \ + rpm_libsgx_ae_qe3 \ + rpm_libsgx_ae_tdqe \ + rpm_libsgx_ae_id_enclave \ + rpm_libsgx_tdx_logic \ + rpm_tdx_qgs \ + rpm_tdx_attest else .PHONY: rpm_libsgx_dcap_default_qpl rpm_libsgx_dcap_default_qpl: @@ -386,8 +443,36 @@ rpm_sgx_ra_service_pkg: $(CP) external/dcap_source/tools/SGXPlatformRegistration/build/installer/sgx-ra-service*rpm ./linux/installer/rpm/sgx-aesm-service/ $(CP) external/dcap_source/tools/SGXPlatformRegistration/build/installer/libsgx-ra-*rpm ./linux/installer/rpm/sgx-aesm-service/ +.PHONY: rpm_tee_appraisal_tool +rpm_tee_appraisal_tool: + $(MAKE) -C external/dcap_source/QuoteGeneration rpm_tee_appraisal_tool_pkg + $(CP) external/dcap_source/QuoteGeneration/installer/linux/rpm/tee-appraisal-tool/tee-appraisal-tool*rpm ./linux/installer/rpm/sgx-aesm-service/ + .PHONY: rpm_psw_pkg -rpm_psw_pkg: rpm_libsgx_headers_pkg rpm_libsgx_pce_logic rpm_libsgx_qe3_logic rpm_sgx_aesm_service rpm_libsgx_epid rpm_libsgx_launch rpm_libsgx_quote_ex rpm_libsgx_uae_service rpm_libsgx_enclave_common rpm_libsgx_urts rpm_libsgx_ae_qe3 rpm_libsgx_ae_id_enclave rpm_libsgx_dcap_default_qpl rpm_libsgx_dcap_pccs rpm_libsgx_dcap_ql rpm_libsgx_ae_qve rpm_sgx_dcap_quote_verify rpm_sgx_pck_id_retrieval_tool_pkg rpm_sgx_ra_service_pkg rpm_libsgx_ae_tdqe rpm_libsgx_tdx_logic rpm_tdx_qgs rpm_tdx_attest +rpm_psw_pkg: rpm_libsgx_headers_pkg \ + rpm_libsgx_pce_logic \ + rpm_libsgx_qe3_logic \ + rpm_sgx_aesm_service \ + rpm_libsgx_epid \ + rpm_libsgx_launch \ + rpm_libsgx_quote_ex \ + rpm_libsgx_uae_service \ + rpm_libsgx_enclave_common \ + rpm_libsgx_urts \ + rpm_libsgx_ae_qe3 \ + rpm_libsgx_ae_id_enclave \ + rpm_libsgx_dcap_default_qpl \ + rpm_libsgx_dcap_pccs \ + rpm_libsgx_dcap_ql \ + rpm_libsgx_ae_qve \ + rpm_sgx_dcap_quote_verify \ + rpm_sgx_pck_id_retrieval_tool_pkg \ + rpm_sgx_ra_service_pkg \ + rpm_libsgx_ae_tdqe \ + rpm_libsgx_tdx_logic \ + rpm_tdx_qgs \ + rpm_tdx_attest \ + rpm_tee_appraisal_tool endif .PHONY: rpm_local_repo @@ -442,6 +527,7 @@ ifeq ("$(shell test -f external/dcap_source/QuoteVerification/Makefile && echo M ./external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-qe3-logic/clean.sh ./external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-dcap-quote-verify/clean.sh ./external/dcap_source/QuoteGeneration/installer/linux/deb/sgx-dcap-pccs/clean.sh + ./external/dcap_source/QuoteGeneration/installer/linux/deb/tee-appraisal-tool/clean.sh ./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-ae-qve/clean.sh ./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-ae-qe3/clean.sh ./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-ae-id-enclave/clean.sh @@ -455,6 +541,7 @@ ifeq ("$(shell test -f external/dcap_source/QuoteVerification/Makefile && echo M ./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-qe3-logic/clean.sh ./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-dcap-quote-verify/clean.sh ./external/dcap_source/QuoteGeneration/installer/linux/rpm/sgx-dcap-pccs/clean.sh + ./external/dcap_source/QuoteGeneration/installer/linux/rpm/tee-appraisal-tool/clean.sh endif rebuild: diff --git a/README.md b/README.md index 3a008255c..352f9b39b 100644 --- a/README.md +++ b/README.md @@ -91,6 +91,7 @@ Build the Intel(R) SGX SDK and Intel(R) SGX PSW Package * Ubuntu\* 20.04 LTS Desktop 64bits * Ubuntu\* 20.04 LTS Server 64bits * Ubuntu\* 22.04 LTS Server 64bits + * Ubuntu\* 23.10 Server 64bits * Red Hat Enterprise Linux Server release 9.2 64bits * CentOS Stream 9 64bits * CentOS 8.3 64bits @@ -104,7 +105,7 @@ Build the Intel(R) SGX SDK and Intel(R) SGX PSW Package $ sudo apt-get install build-essential ocaml ocamlbuild automake autoconf libtool wget python3 libssl-dev git cmake perl $ sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 1 ``` - * On Ubuntu 20.04 and Ubuntu 22.04: + * On Ubuntu 20.04, Ubuntu 22.04 and Ubuntu 23.10: ``` $ sudo apt-get install build-essential ocaml ocamlbuild automake autoconf libtool wget python-is-python3 libssl-dev git cmake perl ``` @@ -143,7 +144,7 @@ Build the Intel(R) SGX SDK and Intel(R) SGX PSW Package ``` $ sudo apt-get install libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev debhelper cmake reprepro unzip lsb-release libsystemd0 ``` - * On Ubuntu 20.04 and Ubuntu 22.04: + * On Ubuntu 20.04, Ubuntu 22.04 and Ubuntu 23.10: ``` $ sudo apt-get install libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev debhelper cmake reprepro unzip pkgconf libboost-dev libboost-system-dev libboost-thread-dev lsb-release libsystemd0 ``` @@ -177,12 +178,12 @@ Build the Intel(R) SGX SDK and Intel(R) SGX PSW Package ``` The above ``make preparation`` would trigger the script ``download_prebuilt.sh`` to download the prebuilt binaries. You may need to set an https proxy for the `wget` tool used by the script (such as ``export https_proxy=http://test-proxy:test-port``) -- Copy the mitigation tools corresponding to current OS distribution from external/toolset/{current_distr} to /usr/local/bin and make sure they have execute permission: +- (*Optional*) If the binutils on your current operating system distribution doesn't support mitigation options, copy the mitigation tools corresponding to current OS distribution from external/toolset/{current_distr} to /usr/local/bin and make sure they have execute permission: ``` $ sudo cp external/toolset/{current_distr}/* /usr/local/bin $ which ar as ld objcopy objdump ranlib ``` - **Note**: The above action is a must even if you copied the previous mitigation tools to /usr/local/bin before. It ensures the updated mitigation tools are used in the later build. + **Note**: Mitigation tools are only provided for the operating systems whose binutils lack mitigation options support. If your operating system is not listed in the external/toolset/{current_distr} directory, you can skip this step. Otherwise, even if you previously copied the mitigation tools to /usr/local/bin, performing the above action is still necessary. This ensures that the latest mitigation tools are used during the subsequent build process. ### Build the Intel(R) SGX SDK and Intel(R) SGX SDK Installer @@ -255,7 +256,7 @@ You can find the tools and libraries generated in the `build/linux` directory. $ make ``` - To build the Intel(R) SGX PSW installer, enter the following command: - * On Ubuntu 20.04, Ubuntu 22.04 and Debian 10: + * On Ubuntu 20.04, Ubuntu 22.04, Ubuntu 23.10 and Debian 10: ``` $ make deb_psw_pkg ``` @@ -296,6 +297,10 @@ You can find the tools and libraries generated in the `build/linux` directory. ``` deb [trusted=yes arch=amd64] file:/PATH_TO_LOCAL_REPO jammy main ``` + * On Ubuntu 23.10: + ``` + deb [trusted=yes arch=amd64] file:/PATH_TO_LOCAL_REPO mantic main + ``` * On Debian 10: ``` deb [trusted=yes arch=amd64] file:/PATH_TO_LOCAL_REPO buster main @@ -339,6 +344,7 @@ Install the Intel(R) SGX SDK * Ubuntu\* 20.04 LTS Desktop 64bits * Ubuntu\* 20.04 LTS Server 64bits * Ubuntu\* 22.04 LTS Server 64bits + * Ubuntu\* 23.10 Server 64bits * Red Hat Enterprise Linux Server release 9.2 64bits * CentOS Stream 9 64bits * CentOS 8.3 64bits @@ -351,7 +357,7 @@ Install the Intel(R) SGX SDK $ sudo apt-get install build-essential python3 $ sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 ``` - * On Ubuntu 20.04 and Ubuntu 22.04: + * On Ubuntu 20.04, Ubuntu 22.04 and Ubuntu 23.10: ``` $ sudo apt-get install build-essential python-is-python3 ``` @@ -429,6 +435,7 @@ Install the Intel(R) SGX PSW * Ubuntu\* 20.04 LTS Desktop 64bits * Ubuntu\* 20.04 LTS Server 64bits * Ubuntu\* 22.04 LTS Server 64bits + * Ubuntu\* 23.10 Server 64bits * Red Hat Enterprise Linux Server release 9.2 64bits * CentOS Stream 9 64bits * CentOS 8.3 64bits @@ -440,7 +447,7 @@ Install the Intel(R) SGX PSW - Configure the system with the **Intel SGX hardware enabled** option and install Intel(R) SGX driver in advance. See the earlier topic, *Build and Install the Intel(R) SGX Driver*, for information on how to install the Intel(R) SGX driver. - Install the library using the following command: - * On Ubuntu 20.04, Ubuntu 22.04 and Debian 10: + * On Ubuntu 20.04, Ubuntu 22.04, Ubuntu 23.10 and Debian 10: ``` $ sudo apt-get install libssl-dev libcurl4-openssl-dev libprotobuf-dev ``` @@ -470,7 +477,7 @@ The SGX PSW provides 3 services: launch, EPID-based attestation, and algorithm a #### Using the local repo(recommended) -| |Ubuntu 20.04, Ubuntu 22.04 and Debian 10|Red Hat Enterprise Linux 9.2, CentOS Stream 9, CentOS 8.3 and Anolis OS 8.6| SUSE Linux Enterprise Server 15| +| |Ubuntu 20.04, Ubuntu 22.04, Ubuntu 23.10 and Debian 10|Red Hat Enterprise Linux 9.2, CentOS Stream 9, CentOS 8.3 and Anolis OS 8.6| SUSE Linux Enterprise Server 15| | ------------ | ------------ | ------------ | ------------ | |launch service |apt-get install libsgx-launch libsgx-urts|yum install libsgx-launch libsgx-urts|zypper install libsgx-launch libsgx-urts| |EPID-based attestation service|apt-get install libsgx-epid libsgx-urts|yum install libsgx-epid libsgx-urts|zypper install libsgx-epid libsgx-urts| @@ -491,7 +498,7 @@ apt-get dist-upgrade -o Dpkg::Options::="--force-overwrite" ``` #### Configure the installation Some packages are configured with recommended dependency on other packages that are not required for certain usage. For instance, the background daemon is not required for container usage. It will be installed by default, but you can drop it by using the additional option during the installation. -* On Ubuntu 20.04, Ubuntu 22.04 and Debian 10: +* On Ubuntu 20.04, Ubuntu 22.04, Ubuntu 23.10 and Debian 10: ``` --no-install-recommends ``` diff --git a/SampleCode/RemoteAttestation/service_provider/ecp.cpp b/SampleCode/RemoteAttestation/service_provider/ecp.cpp index fafb7df32..6a1f661d7 100644 --- a/SampleCode/RemoteAttestation/service_provider/ecp.cpp +++ b/SampleCode/RemoteAttestation/service_provider/ecp.cpp @@ -100,7 +100,7 @@ bool derive_key( hash_buffer_t hash_buffer; sample_sha_state_handle_t sha_context; sample_sha256_hash_t key_material; - + memset(&hash_buffer, 0, sizeof(hash_buffer_t)); /* counter in big endian */ @@ -175,7 +175,7 @@ bool derive_key( sample_status_t sample_ret = SAMPLE_SUCCESS; uint8_t cmac_key[MAC_KEY_SIZE]; sample_ec_key_128bit_t key_derive_key; - + memset(&cmac_key, 0, MAC_KEY_SIZE); sample_ret = sample_rijndael128_cmac_msg( @@ -233,7 +233,11 @@ bool derive_key( /*counter = 0x01 */ p_derivation_buffer[0] = 0x01; /*label*/ - memcpy_s(&p_derivation_buffer[1], derivation_buffer_length - 1, label, label_length); + if(memcpy_s(&p_derivation_buffer[1], derivation_buffer_length - 1, label, label_length)) { + memset(&key_derive_key, 0, sizeof(key_derive_key)); + free(p_derivation_buffer); + return false; + } /*output_key_len=0x0080*/ uint16_t *key_len = (uint16_t *)(&(p_derivation_buffer[derivation_buffer_length - 2])); *key_len = 0x0080; diff --git a/SampleCode/RemoteAttestation/service_provider/ias_ra.cpp b/SampleCode/RemoteAttestation/service_provider/ias_ra.cpp index 525168d92..c96a97a66 100644 --- a/SampleCode/RemoteAttestation/service_provider/ias_ra.cpp +++ b/SampleCode/RemoteAttestation/service_provider/ias_ra.cpp @@ -243,8 +243,9 @@ int ias_enroll( UNUSED(p_authentication_token); if (NULL != p_spid) { - memcpy_s(p_spid, sizeof(sample_spid_t), &g_sim_spid, - sizeof(sample_spid_t)); + if(memcpy_s(p_spid, sizeof(sample_spid_t), &g_sim_spid, sizeof(sample_spid_t))) { + return(1); + } } else { return(1); } diff --git a/SampleCode/RemoteAttestation/service_provider/service_provider.cpp b/SampleCode/RemoteAttestation/service_provider/service_provider.cpp index e8358de12..8dc5a1eaf 100644 --- a/SampleCode/RemoteAttestation/service_provider/service_provider.cpp +++ b/SampleCode/RemoteAttestation/service_provider/service_provider.cpp @@ -268,14 +268,23 @@ int sp_ra_proc_msg0_req(const sample_ra_msg0_t *p_msg0, if (g_return_ecdsa_att_key_id) { - memcpy_s(p_msg0_resp_full->body, msg0_resp_size, - g_ecdsa_p256_att_key_id_list, msg0_resp_size); + if (memcpy_s(p_msg0_resp_full->body, msg0_resp_size, + g_ecdsa_p256_att_key_id_list, msg0_resp_size)) { + fprintf(stderr, "\nError, cannot do memcpy in [%s].", __FUNCTION__); + g_return_ecdsa_att_key_id = false; + ret = SP_INTERNAL_ERROR; + goto CLEANUP; + } g_return_ecdsa_att_key_id = false; } else // Return EPID attestation key id { - memcpy_s(p_msg0_resp_full->body, msg0_resp_size, - g_epid_unlinkable_att_key_id_list, msg0_resp_size); + if(memcpy_s(p_msg0_resp_full->body, msg0_resp_size, + g_epid_unlinkable_att_key_id_list, msg0_resp_size)) { + fprintf(stderr, "\nError, cannot do memcpy in [%s].", __FUNCTION__); + ret = SP_INTERNAL_ERROR; + goto CLEANUP; + } } p_msg0_resp_full->type = TYPE_RA_MSG0; p_msg0_resp_full->size = msg0_resp_size; @@ -872,7 +881,3 @@ int sp_ra_proc_msg3_req(const sample_ra_msg3_t *p_msg3, } return ret; } - - - - diff --git a/SampleCode/SampleEnclaveGMIPP/App/App.cpp b/SampleCode/SampleEnclaveGMIPP/App/App.cpp index 8b2123c0a..c4ad71dae 100644 --- a/SampleCode/SampleEnclaveGMIPP/App/App.cpp +++ b/SampleCode/SampleEnclaveGMIPP/App/App.cpp @@ -187,11 +187,27 @@ void ocall_print_string(const char *str) } /* ECall functions */ -/* GM SM2 functions */ -int ecall_sm2_functions() +/* GM SM2 sign and verify functions */ +int ecall_sm2_sign_verify_functions() { int rev = -1; - ecall_sm2(global_eid, &rev); + ecall_sm2_sign_verify(global_eid, &rev); + return rev; +} + +/* GM SM2 encrypt and decrypt functions(GM version) */ +int ecall_sm2_encrypt_decrypt_gm_functions() +{ + int rev = -1; + ecall_sm2_encrypt_decrypt_gm(global_eid, &rev); + return rev; +} + +/* GM SM2 encrypt and decrypt functions(IEEE version) */ +int ecall_sm2_encrypt_decrypt_ieee_functions() +{ + int rev = -1; + ecall_sm2_encrypt_decrypt_ieee(global_eid, &rev); return rev; } @@ -235,24 +251,34 @@ int SGX_CDECL main(int argc, char *argv[]) /* GM SMx functions test */ /* SM2 */ - if (ecall_sm2_functions() == SGX_SUCCESS) + if (ecall_sm2_sign_verify_functions() == 0) printf("GM SM2 - sign and verify: PASS\n"); else printf("GM SM2 - sign and verify: FAIL\n"); + if (ecall_sm2_encrypt_decrypt_gm_functions() == 0) + printf("GM SM2 - encrypt and decrypt(GM version): PASS\n"); + else + printf("GM SM2 - encrypt and decrypt(GM version): FAIL\n"); + + if (ecall_sm2_encrypt_decrypt_ieee_functions() == 0) + printf("GM SM2 - encrypt and decrypt(IEEE version): PASS\n"); + else + printf("GM SM2 - encrypt and decrypt(IEEE version): FAIL\n"); + /* SM3 */ - if (ecall_sm3_functions() == SGX_SUCCESS) + if (ecall_sm3_functions() == 0) printf("GM SM3 - compute digest of message: PASS\n"); else printf("GM SM3 - compute digest of message: FAIL\n"); /* SM4 */ - if (ecall_sm4_cbc_functions() == SGX_SUCCESS) + if (ecall_sm4_cbc_functions() == 0) printf("GM SM4 - cbc encrypt and decrypt: PASS\n"); else printf("GM SM4 - cbc encrypt and decrypt: FAIL\n"); - if (ecall_sm4_ctr_functions () == SGX_SUCCESS) + if (ecall_sm4_ctr_functions () == 0) printf("GM SM4 - ctr encrypt and decrypt: PASS\n"); else printf("GM SM4 - ctr encrypt and decrypt: FAIL\n"); diff --git a/SampleCode/SampleEnclaveGMIPP/App/App.h b/SampleCode/SampleEnclaveGMIPP/App/App.h index 46afb20bf..2949a8b09 100644 --- a/SampleCode/SampleEnclaveGMIPP/App/App.h +++ b/SampleCode/SampleEnclaveGMIPP/App/App.h @@ -57,7 +57,9 @@ extern sgx_enclave_id_t global_eid; /* global enclave id */ extern "C" { #endif -int ecall_sm2_functions(void); +int ecall_sm2_sign_verify_functions(void); +int ecall_sm2_encrypt_decrypt_gm_functions(void); +int ecall_sm2_encrypt_decrypt_ieee_functions(void); int ecall_sm3_functions(void); int ecall_sm4_cbc_functions(void); int ecall_sm4_ctr_functions(void); diff --git a/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.cpp b/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.cpp index 52fd16b40..9e66c748d 100644 --- a/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.cpp +++ b/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.cpp @@ -35,6 +35,7 @@ #include /* vsnprintf */ #include #include "sgx_trts.h" +#include "mbusafecrt.h" #include /* ipp library */ @@ -218,19 +219,19 @@ static IppsPRNGState* new_PRNG(void) if (ipp_ret != ippStsNoErr) { printf("Error: fail to set the seed value of PRNG\n"); SAFE_FREE(pPRNG, size); - SAFE_FREE(pBN, sizeof(pBN)); - SAFE_FREE(pBN, sizeof(augm)); - SAFE_FREE(pBN, sizeof(seed)); + free(pBN); + SAFE_FREE(augm, seedSize); + SAFE_FREE(seed, seedSize); return NULL; } - SAFE_FREE(pBN, sizeof(pBN)); + free(pBN); ipp_ret = ippsPRNGSetAugment(pBN=new_BN(seedSize, rand32(augm, seedSize)), pPRNG); if (ipp_ret != ippStsNoErr) { printf("Error: fail to set the entropy augmentation of PRNG\n"); SAFE_FREE(pPRNG, size); - SAFE_FREE(pBN, sizeof(pBN)); - SAFE_FREE(pBN, sizeof(augm)); - SAFE_FREE(pBN, sizeof(seed)); + free(pBN); + SAFE_FREE(augm, seedSize); + SAFE_FREE(seed, seedSize); return NULL; } @@ -379,7 +380,7 @@ static int hash_digest_z(const IppsHashMethod *hash_method, const char *id, cons } } while(0); - SAFE_FREE(hash_handle, sizeof(hash_handle)); + SAFE_FREE(hash_handle, ctx_size); return ret; } @@ -453,7 +454,7 @@ static int hash_digest_with_preprocess(const IppsHashMethod *hash_method, const } } while(0); - SAFE_FREE(hash_handle, sizeof(hash_handle)); + SAFE_FREE(hash_handle, ctx_size); return ret; } @@ -526,19 +527,19 @@ static int sm2_do_sign(const IppsBigNumState *regPrivateKey, const IppsHashMetho if (pX == NULL){ printf("Error: fail to create pX\n"); ret = -8; - break; + break; } pY = new_BN(ordSize, 0); if (pY == NULL){ printf("Error: fail to create pY\n"); ret = -9; - break; + break; } ipp_ret = ippsECCPGetPoint(pX, pY, regPublicKey, pECCPS); if (ipp_ret != ippStsNoErr) { printf("Error: fail to convert internal presentation EC point into regular affine coordinates EC point\n"); ret = -10; - break; + break; } // 5. Do user message digest @@ -552,7 +553,7 @@ static int sm2_do_sign(const IppsBigNumState *regPrivateKey, const IppsHashMetho if (pMsg == NULL) { printf("Error: fail to create BN\n"); ret = -12; - break; + break; } ipp_ret = ippsSetOctString_BN(hash, sizeof(hash), pMsg); if (ipp_ret != ippStsNoErr) { @@ -577,14 +578,15 @@ static int sm2_do_sign(const IppsBigNumState *regPrivateKey, const IppsHashMetho } while(0); // 7. Final, remove secret and release resources - SAFE_FREE(pY, sizeof(pY)); - SAFE_FREE(pX, sizeof(pX)); - SAFE_FREE(pMsg, sizeof(pMsg)); - SAFE_FREE(regPublicKey, sizeof(regPublicKey)); - SAFE_FREE(ephPublicKey, sizeof(ephPublicKey)); - SAFE_FREE(ephPrivateKey, sizeof(ephPrivateKey)); - SAFE_FREE(pPRNGS, sizeof(pPRNGS)); - SAFE_FREE(pECCPS, sizeof(pECCPS)); + // !!!Please clear secret including key/context related buffer/big number by manual!!! + free(pY); + free(pX); + free(pMsg); + free(regPublicKey); + free(ephPublicKey); + free(ephPrivateKey); + free(pPRNGS); + free(pECCPS); return ret; } @@ -614,19 +616,19 @@ static int sm2_do_verify(const IppsECCPPointState *regPublicKey, const IppsHashM if (pX == NULL){ printf("Error: fail to create pX\n"); ret = -2; - break; + break; } pY = new_BN(ordSize, 0); if (pY == NULL){ printf("Error: fail to create pY\n"); ret = -3; - break; + break; } ipp_ret = ippsECCPGetPoint(pX, pY, regPublicKey, pECCPS); if (ipp_ret != ippStsNoErr) { printf("Error: fail to convert internal presentation EC point into regular affine coordinates EC point\n"); ret = -4; - break; + break; } // 3. Do user message digest @@ -664,17 +666,18 @@ static int sm2_do_verify(const IppsECCPPointState *regPublicKey, const IppsHashM } } while(0); - // 5. Final, remove secret and release resources - SAFE_FREE(pY, sizeof(pY)); - SAFE_FREE(pX, sizeof(pX)); - SAFE_FREE(pMsg, sizeof(pMsg)); - SAFE_FREE(pECCPS, sizeof(pECCPS)); + // 5. Final, remove secret and release resourcesz + // !!!Please clear secret including key/context related buffer/big number by manual!!! + free(pY); + free(pX); + free(pMsg); + free(pECCPS); return ret; } /* Signing and verification using ECC context for SM2 */ -int ecall_sm2(void) +int ecall_sm2_sign_verify(void) { IppsECCPState *pECCPS = NULL; IppsBigNumState *regPrivateKey = NULL; @@ -685,7 +688,13 @@ int ecall_sm2(void) char *message = "context need to be signed"; char *user_id = "1234567812345678"; - unsigned char priKey[] = "\xd0\x91\x56\x73\x30\x17\xbd\xad\x80\x9f\xd9\xbb\xd8\xc6\x93\xf6\x02\x30\x59\x31\x69\xb6\xf9\x4a\xaf\x1c\x8e\xe1\x38\xcc\x99\xb5"; + + /* + Generate a SM2 random key + !!! THIS IS ONLY A SIMPLE SAMPLE OF RANDOM KEY GENERATION, YOU STILL HAVE TO GENERATE YOUR KEY WITH ENOUGH ENTROPY !!! + */ + unsigned char priKey[32] = {0}; + rand32((unsigned int*)priKey, 8); do { // 1. Create ECC context for SM2 @@ -730,13 +739,13 @@ int ecall_sm2(void) printf("Error: fail to create signX\n"); ret = -6; break; - } + } signY = new_BN(ordSize, 0); if (signY == NULL) { printf("Error: fail to create signY\n"); ret = -7; break; - } + } // 5. Sign using ECC context for SM2 ret = sm2_do_sign(regPrivateKey, ippsHashMethod_SM3(), user_id, strlen(user_id), message, strlen(message), signX, signY); @@ -758,15 +767,482 @@ int ecall_sm2(void) } while(0); // 7. Final, remove secret and release resources - SAFE_FREE(signY, sizeof(signY)); - SAFE_FREE(signX, sizeof(signX)); - SAFE_FREE(regPublicKey, sizeof(regPublicKey)); - SAFE_FREE(regPrivateKey, sizeof(regPrivateKey)); - SAFE_FREE(pECCPS, sizeof(pECCPS)); + // !!!Please clear secret including key/context related buffer/big number by manual!!! + free(signY); + free(signX); + free(regPublicKey); + free(regPrivateKey); + free(pECCPS); + + return ret; +} + +/* SM2 encrypt(GM version) */ +static int sm2_do_encrypt_gm(const char* message, int message_len, Ipp8u** cipher_text, int* cipher_len, IppsECCPState *pECCPS, IppsECCPPointState *regPublicKey, IppsECCPPointState *ephPublicKey, IppsBigNumState *ephPrivateKey) +{ + int maxOutlen = 0; + int pOutSize = 0; + IppsGFpECState *pEC = NULL; + Ipp8u* pScratchBuffer = NULL; + IppStatus ipp_ret = ippStsNoErr; + int ret = 0; + + do { + maxOutlen = 64 + message_len + 32 + 1; // encrypt/decrypt buffer = pubkey (64B) + message (inpLen) + tag (32B) + *cipher_text = (Ipp8u*)malloc(maxOutlen); + memset(*cipher_text, 0, maxOutlen); + pEC = pECCPS; + pScratchBuffer = (Ipp8u*)malloc(1024 * 10); + + ipp_ret = ippsGFpECEncryptSM2_Ext(*cipher_text, maxOutlen, &pOutSize, (Ipp8u*)message, message_len, regPublicKey, ephPublicKey, ephPrivateKey, pEC, pScratchBuffer); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to encrypt.\n"); + ret = -1; + break; + } + *cipher_len = pOutSize; + } while(0); + + SAFE_FREE(pScratchBuffer, 1024 * 10); + + return ret; +} + +/* SM2 decrypt(GM version) */ +static int sm2_do_decrypt_gm(const Ipp8u* cipher_text, int message_len, Ipp8u** plain_text, int* plain_len, IppsECCPState *pECCPS, IppsBigNumState *regPrivateKey) +{ + int maxOutlen = 0; + int pOutSize = 0; + IppsGFpECState *pEC = NULL; + Ipp8u* pScratchBuffer = NULL; + IppStatus ipp_ret = ippStsNoErr; + int ret = 0; + + do { + maxOutlen = 64 + message_len + 32 + 1; // encrypt/decrypt buffer = pubkey (64B) + message (inpLen) + tag (32B) + *plain_text = (Ipp8u*)malloc(maxOutlen); + memset(*plain_text, 0, maxOutlen); + pEC = pECCPS; + pScratchBuffer = (Ipp8u*)malloc(1024 * 10); + + ipp_ret = ippsGFpECDecryptSM2_Ext(*plain_text, maxOutlen, &pOutSize, cipher_text, maxOutlen, regPrivateKey, pEC, pScratchBuffer); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to decrypt.\n"); + ret = -1; + break; + } + *plain_len = pOutSize; + } while(0); + + SAFE_FREE(pScratchBuffer, 1024 * 10); + + return ret; +} + +/* Encryption and decryption using ECC context for SM2 (GM version, standard is GM/T 0003-2012) */ +int ecall_sm2_encrypt_decrypt_gm(void) +{ + IppsECCPState *pECCPS = NULL; + IppsBigNumState *regPrivateKey = NULL; + IppsECCPPointState *regPublicKey = NULL; + IppsPRNGState *pPRNGS = NULL; + IppsBigNumState *ephPrivateKey = NULL; + IppsECCPPointState *ephPublicKey = NULL; + Ipp8u *cipher_text = NULL, *plain_text = NULL; + int cipher_len = 0, plain_len = 0; + + IppStatus ipp_ret = ippStsNoErr; + int ret = 0; + + char *message = "context need to be encrypted"; + int message_len = strlen(message); + + /* + Generate a SM2 random key + !!! THIS IS ONLY A SIMPLE SAMPLE OF RANDOM KEY GENERATION, YOU STILL HAVE TO GENERATE YOUR KEY WITH ENOUGH ENTROPY !!! + */ + unsigned char priKey[32] = {0}; + rand32((unsigned int*)priKey, 8); + + do { + // 1. Create ECC context for SM2 + pECCPS = new_ECC_sm2(); + if (pECCPS == NULL) { + printf("Error: fail to create ecc context for sm2\n"); + ret = -1; + break; + } + + // 2. Create regular private key and public key + regPrivateKey = new_BN(ordSize, 0); + if (regPrivateKey == NULL) { + printf("Error: fail to create regular private key\n"); + ret = -2; + break; + } + regPublicKey = new_ECC_Point(); + if (regPublicKey == NULL) { + printf("Error: fail to create regular public key\n"); + ret = -3; + break; + } + + // 3. Generate regular private and public key pairs + ipp_ret = ippsSetOctString_BN(priKey, sizeof(priKey)-1, regPrivateKey); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to convert octet string into BN value\n"); + ret = -4; + break; + } + ipp_ret = ippsECCPPublicKey(regPrivateKey, regPublicKey, pECCPS); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to calculate regular public key\n"); + ret = -5; + break; + } + + // 4. Generate ephemeral private and public key pairs + pPRNGS = new_PRNG(); + if (pPRNGS == NULL) { + printf("Error: fail to create pPRNGS\n"); + ret = -6; + break; + } + + ephPrivateKey = new_BN(ordSize, 0); + if (ephPrivateKey == NULL) { + printf("Error: fail to create ephemeral private key\n"); + ret = -7; + break; + } + ephPublicKey = new_ECC_Point(); + if (ephPublicKey == NULL) { + printf("Error: fail to create ephemeral public key\n"); + ret = -8; + break; + } + + ipp_ret = ippsECCPGenKeyPair(ephPrivateKey, ephPublicKey, pECCPS, ippsPRNGen, pPRNGS); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to generate ephemeral key pairs.\n"); + ret = -9; + break; + } + + ipp_ret = ippsECCPSetKeyPair(ephPrivateKey, ephPublicKey, ippFalse, pECCPS); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to set ephemeral key pairs\n"); + ret = -10; + break; + } + + // 5. Encrypt + ret = sm2_do_encrypt_gm(message, message_len, &cipher_text, &cipher_len, pECCPS, regPublicKey, ephPublicKey, ephPrivateKey); + if (ret != 0) { + printf("Error: fail to encrypt.\n"); + ret = -11; + break; + } + + // 6. Decrypt + ret = sm2_do_decrypt_gm(cipher_text, message_len, &plain_text, &plain_len, pECCPS, regPrivateKey); + if (ret != 0) { + printf("Error: fail to decrypt.\n"); + ret = -12; + break; + } + + // 7. Compare decrypted message and original message + if(strlen((char*)message) != strlen((char*)plain_text) || memcmp(message, plain_text, strlen((char*)message)) != 0) + { + printf("Error: decrypted message does not match original message!\n"); + ret = -13; + break; + } + + } while(0); + + // 8. Final, remove secret and release resources + // !!!Please clear secret including key/context related buffer/big number by manual!!! + free(plain_text); + free(cipher_text); + free(ephPublicKey); + free(ephPrivateKey); + free(pPRNGS); + free(regPublicKey); + free(regPrivateKey); + free(pECCPS); return ret; } +/* SM2 encrypt(IEEE version) */ +static int sm2_do_encrypt_ieee(const char* message, int message_len, Ipp8u** cipher_text, IppsECCPState *pECCPS, IppsBigNumState *regPrivateKey, IppsECCPPointState *ephPublicKey) +{ + IppsGFpECState *pEC = pECCPS; + int pSize = 0; + IppsECESState_SM2 *pState = NULL; + Ipp8u* pEcScratchBuffer = NULL; + IppStatus ipp_ret = ippStsNoErr; + int ret = 0; + + do { + ipp_ret = ippsGFpECESGetSize_SM2(pEC, &pSize); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to get size of the SM2 ECC\n"); + ret = -1; + break; + } + + pState = (IppsECESState_SM2*)malloc(pSize); + ipp_ret = ippsGFpECESInit_SM2(pEC, pState, pSize); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to init the SM2 ECC\n"); + ret = -2; + break; + } + + pEcScratchBuffer = (Ipp8u*)malloc(1024 * 10); + ipp_ret = ippsGFpECESSetKey_SM2(regPrivateKey, ephPublicKey, pState, pEC, pEcScratchBuffer); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to compute a shared secret\n"); + ret = -3; + break; + } + + ipp_ret = ippsGFpECESStart_SM2(pState); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to start the ECES SM2 encryption chain\n"); + ret = -4; + break; + } + + *cipher_text = (Ipp8u*)malloc(64 + message_len + 32); //encrypt/decrypt buffer = pubkey(64B) + message(len) + tag(32B) + memset(*cipher_text, 0, 64 + message_len + 32); + ipp_ret = ippsGFpECESEncrypt_SM2((Ipp8u*)message, *cipher_text, 64 + message_len + 32, pState); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to encrypt the plaintext data buffer\n"); + ret = -5; + break; + } + + ipp_ret = ippsGFpECESFinal_SM2(*cipher_text + 64 + message_len, 32, pState); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to complete the ECES SM2 encryption chain\n"); + ret = -6; + break; + } + + } while(0); + + SAFE_FREE(pEcScratchBuffer, 1024 * 10); + SAFE_FREE(pState, pSize); + + return ret; +} + +/* SM2 decrypt(IEEE version) */ +static int sm2_do_decrypt_ieee(const Ipp8u* cipher_text, int message_len, Ipp8u** plain_text, IppsECCPState *pECCPS, IppsBigNumState *ephPrivateKey, IppsECCPPointState *regPublicKey) +{ + IppsGFpECState *pEC = pECCPS; + int pSize = 0; + IppsECESState_SM2 *pState = NULL; + Ipp8u* pEcScratchBuffer = NULL; + IppStatus ipp_ret = ippStsNoErr; + int ret = 0; + + do { + ipp_ret = ippsGFpECESGetSize_SM2(pEC, &pSize); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to get size of the SM2 ECC\n"); + ret = -1; + break; + } + + pState = (IppsECESState_SM2*)malloc(pSize); + ipp_ret = ippsGFpECESInit_SM2(pEC, pState, pSize); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to init the SM2 ECC\n"); + ret = -2; + break; + } + + pEcScratchBuffer = (Ipp8u*)malloc(1024 * 10); + ipp_ret = ippsGFpECESSetKey_SM2(ephPrivateKey, regPublicKey, pState, pEC, pEcScratchBuffer); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to compute a shared secret\n"); + ret = -3; + break; + } + + ipp_ret = ippsGFpECESStart_SM2(pState); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to start the ECES SM2 decryption chain\n"); + ret = -4; + break; + } + + *plain_text = (Ipp8u*)malloc(64 + message_len + 32); + memset(*plain_text, 0, 64 + message_len + 32); + ipp_ret = ippsGFpECESDecrypt_SM2(cipher_text, *plain_text, message_len, pState); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to decrypt the ciphertext data buffer\n"); + ret = -5; + break; + } + + ipp_ret = ippsGFpECESFinal_SM2(*plain_text + 64 + message_len, 32, pState); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to complete the ECES SM2 decryption chain\n"); + ret = -6; + break; + } + } while(0); + + SAFE_FREE(pEcScratchBuffer, 1024 * 10); + SAFE_FREE(pState, pSize); + + return ret; +} + +/* Encryption and decryption using ECC context for SM2 (IEEE version, standard is IEEE Std 1363A-2004) */ +int ecall_sm2_encrypt_decrypt_ieee(void) +{ + IppsECCPState *pECCPS = NULL; + IppsBigNumState *regPrivateKey = NULL; + IppsECCPPointState *regPublicKey = NULL; + IppsPRNGState *pPRNGS = NULL; + IppsBigNumState *ephPrivateKey = NULL; + IppsECCPPointState *ephPublicKey = NULL; + IppsECESState_SM2 *pState = NULL; + Ipp8u* pEcScratchBuffer = NULL; + Ipp8u *cipher_text = NULL, *plain_text = NULL; + + IppStatus ipp_ret = ippStsNoErr; + int ret = 0; + + char *message = "context need to be encrypted"; + int message_len = strlen(message); + + /* + Generate a SM2 random key + !!! THIS IS ONLY A SIMPLE SAMPLE OF RANDOM KEY GENERATION, YOU STILL HAVE TO GENERATE YOUR KEY WITH ENOUGH ENTROPY !!! + */ + unsigned char priKey[32] = {0}; + rand32((unsigned int*)priKey, 8); + + do { + // 1. Create ECC context for SM2 + pECCPS = new_ECC_sm2(); + if (pECCPS == NULL) { + printf("Error: fail to create ECC context for SM2\n"); + ret = -1; + break; + } + + // 2. Create regular private key and public key + regPrivateKey = new_BN(ordSize, 0); + if (regPrivateKey == NULL) { + printf("Error: fail to create regular private key\n"); + ret = -2; + break; + } + regPublicKey = new_ECC_Point(); + if (regPublicKey == NULL) { + printf("Error: fail to create regular public key\n"); + ret = -3; + break; + } + + // 3. Generate regular private and public key pairs + ipp_ret = ippsSetOctString_BN(priKey, sizeof(priKey)-1, regPrivateKey); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to convert octet string into BN value\n"); + ret = -4; + break; + } + ipp_ret = ippsECCPPublicKey(regPrivateKey, regPublicKey, pECCPS); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to calculate regular public key\n"); + ret = -5; + break; + } + + // 4. Generate ephemeral private and public key pairs + pPRNGS = new_PRNG(); + if (pPRNGS == NULL) { + printf("Error: fail to create pPRNGS\n"); + ret = -6; + break; + } + + ephPrivateKey = new_BN(ordSize, 0); + if (ephPrivateKey == NULL) { + printf("Error: fail to create ephemeral private key\n"); + ret = -7; + break; + } + ephPublicKey = new_ECC_Point(); + if (ephPublicKey == NULL) { + printf("Error: fail to create ephemeral public key\n"); + ret = -8; + break; + } + + ipp_ret = ippsECCPGenKeyPair(ephPrivateKey, ephPublicKey, pECCPS, ippsPRNGen, pPRNGS); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to generate ephemeral key pairs\n"); + ret = -9; + break; + } + + ipp_ret = ippsECCPSetKeyPair(ephPrivateKey, ephPublicKey, ippFalse, pECCPS); + if (ipp_ret != ippStsNoErr) { + printf("Error: fail to set ephemeral key pairs\n"); + ret = -10; + break; + } + + // 5. Encrypt + ret = sm2_do_encrypt_ieee(message, message_len, &cipher_text, pECCPS, regPrivateKey, ephPublicKey); + if (ret != 0) { + printf("Error: fail to encrypt.\n"); + ret = -11; + break; + } + + // 6. Decrypt + ret = sm2_do_decrypt_ieee(cipher_text, message_len, &plain_text, pECCPS, ephPrivateKey, regPublicKey); + if (ret != 0) { + printf("Error: fail to decrypt.\n"); + ret = -12; + break; + } + + // 7. Compare decrypted message and original message + if(strlen((char*)message) != strlen((char*)plain_text) || memcmp(message, plain_text, strlen((char*)message)) != 0) + { + printf("Error: decrypted message does not match original message!\n"); + ret = -13; + break; + } + + } while(0); + + // 8. Final, remove secret and release resources + // !!!Please clear secret including key/context related buffer/big number by manual!!! + free(pEcScratchBuffer); + free(pState); + free(ephPublicKey); + free(ephPrivateKey); + free(pPRNGS); + free(regPublicKey); + free(regPrivateKey); + free(pECCPS); + + return 0; +} + /* Compute a SM3 digest of a message. */ int ecall_sm3(void) { @@ -833,6 +1309,7 @@ int ecall_sm3(void) } while(0); //Remove secret and release resources + // !!!Please clear secret including key/context related buffer/big number by manual!!! SAFE_FREE(pSM3, ctxSize); return ret; @@ -846,16 +1323,21 @@ int ecall_sm4_cbc() 0xAA,0xAA,0xAA,0xAA,0xBB,0xBB,0xBB,0xBB, 0xCC,0xCC,0xCC,0xCC,0xDD,0xDD,0xDD,0xDD }; - // Secret key - unsigned char key[16] = { - 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF, - 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 - }; - // Initialization vector - unsigned char iv[16] = { - 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, - 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F - }; + + /* + Generate a SM4 random secret key + !!! THIS IS ONLY A SIMPLE SAMPLE OF RANDOM KEY GENERATION, YOU STILL HAVE TO GENERATE YOUR KEY WITH ENOUGH ENTROPY !!! + */ + unsigned char key[16] = {0}; + rand32((unsigned int*)key, 4); + + /* + Generate a SM4 random initialization vector(iv) + !!! THIS IS ONLY A SIMPLE SAMPLE OF RANDOM IV GENERATION, YOU STILL HAVE TO GENERATE YOUR IV WITH ENOUGH ENTROPY !!! + */ + unsigned char iv[16] = {0}; + rand32((unsigned int*)iv, 4); + unsigned char encryptedText[16] = {}; unsigned char decryptedText[16] = {}; @@ -912,6 +1394,7 @@ int ecall_sm4_cbc() } while (0); // 6. Remove secret and release resources + // !!!Please clear secret including key/context related buffer/big number by manual!!! SAFE_FREE(pSM4, ctxSize); return ret; @@ -922,10 +1405,21 @@ int ecall_sm4_ctr() { // message to be encrypted unsigned char msg[] = "the message to be encrypted"; - // secret key - unsigned char key[] = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x10\x11\x12\x13\x14\x15"; - // initial counter - unsigned char ctr0[] = "\xff\xee\xdd\xcc\xbb\xaa\x99\x88\x77\x66\x55\x44\x33\x22\x11\x00"; + + /* + Generate a SM4 random secret key + !!! THIS IS ONLY A SIMPLE SAMPLE OF RANDOM KEY GENERATION, YOU STILL HAVE TO GENERATE YOUR KEY WITH ENOUGH ENTROPY !!! + */ + unsigned char key[16] = {0}; + rand32((unsigned int*)key, 4); + + /* + Generate a SM4 random initial counter + !!! THIS IS ONLY A SIMPLE SAMPLE OF RANDOM COUNTER GENERATION, YOU STILL HAVE TO GENERATE YOUR COUNTER WITH ENOUGH ENTROPY !!! + */ + unsigned char ctr0[16] = {0}; + rand32((unsigned int*)ctr0, 4); + // counter unsigned char ctr[16]; @@ -991,6 +1485,7 @@ int ecall_sm4_ctr() } while (0); // 6. Remove secret and release resources + // !!!Please clear secret including key/context related buffer/big number by manual!!! SAFE_FREE(pSM4, ctxSize); return ret; diff --git a/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.edl b/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.edl index af2d8896f..2cb2d2dac 100644 --- a/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.edl +++ b/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.edl @@ -39,7 +39,9 @@ enclave { * [*]: implies to import all functions. */ trusted { - public int ecall_sm2(void); + public int ecall_sm2_sign_verify(void); + public int ecall_sm2_encrypt_decrypt_gm(void); + public int ecall_sm2_encrypt_decrypt_ieee(void); public int ecall_sm3(void); public int ecall_sm4_cbc(void); public int ecall_sm4_ctr(void); diff --git a/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.h b/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.h index 0af101bf8..5aa07023a 100644 --- a/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.h +++ b/SampleCode/SampleEnclaveGMIPP/Enclave/Enclave.h @@ -41,7 +41,9 @@ extern "C" { int printf(const char* fmt, ...); -int ecall_sm2(void); +int ecall_sm2_sign_verify(void); +int ecall_sm2_encrypt_decrypt_gm(void); +int ecall_sm2_encrypt_decrypt_ieee(void); int ecall_sm3(void); int ecall_sm4_cbc(void); int ecall_sm4_ctr(void); diff --git a/buildenv.mk b/buildenv.mk index 4e0ebf9bc..6cbf7a6c8 100644 --- a/buildenv.mk +++ b/buildenv.mk @@ -120,8 +120,8 @@ ifeq ($(BUILD_REF_LE), 1) COMMON_FLAGS += -DREF_LE endif -ifdef _TD_MIGRATION - COMMON_FLAGS += -D_TD_MIGRATION +ifdef SERVTD_ATTEST + COMMON_FLAGS += -DSERVTD_ATTEST endif COMMON_FLAGS += -ffunction-sections -fdata-sections diff --git a/common/inc/internal/se_version.h b/common/inc/internal/se_version.h index f2b7c65fe..ed5ee5279 100644 --- a/common/inc/internal/se_version.h +++ b/common/inc/internal/se_version.h @@ -31,21 +31,21 @@ #ifndef _SE_VERSION_H_ #define _SE_VERSION_H_ -#define STRFILEVER "2.22.100.3" +#define STRFILEVER "2.23.100.2" #define SGX_MAJOR_VERSION 2 -#define SGX_MINOR_VERSION 22 +#define SGX_MINOR_VERSION 23 #define SGX_REVISION_VERSION 100 #define MAKE_VERSION_UINT(major,minor,rev) (((uint64_t)major)<<32 | ((uint64_t)minor) << 16 | rev) #define VERSION_UINT MAKE_VERSION_UINT(SGX_MAJOR_VERSION, SGX_MINOR_VERSION, SGX_REVISION_VERSION) #define COPYRIGHT "Copyright (C) 2023 Intel Corporation" -#define UAE_SERVICE_VERSION "2.3.221.3" -#define URTS_VERSION "2.0.105.3" -#define ENCLAVE_COMMON_VERSION "1.2.105.3" -#define LAUNCH_VERSION "1.0.123.3" -#define EPID_VERSION "1.0.123.3" -#define QUOTE_EX_VERSION "1.1.123.3" +#define UAE_SERVICE_VERSION "2.3.222.2" +#define URTS_VERSION "2.0.106.2" +#define ENCLAVE_COMMON_VERSION "1.2.106.2" +#define LAUNCH_VERSION "1.0.124.2" +#define EPID_VERSION "1.0.124.2" +#define QUOTE_EX_VERSION "1.1.124.2" #define PCE_VERSION "1.22.100.1" #define LE_VERSION "1.22.100.1" diff --git a/common/inc/tlibc/wchar.h b/common/inc/tlibc/wchar.h index 3a9207fa1..fb9b20c55 100644 --- a/common/inc/tlibc/wchar.h +++ b/common/inc/tlibc/wchar.h @@ -127,6 +127,9 @@ int _TLIBC_CDECL_ wmemcmp(const wchar_t *, const wchar_t *, size_t); wchar_t * _TLIBC_CDECL_ wmemcpy(wchar_t *, const wchar_t *, size_t); wchar_t * _TLIBC_CDECL_ wmemmove(wchar_t *, const wchar_t *, size_t); wchar_t * _TLIBC_CDECL_ wmemset(wchar_t *, wchar_t, size_t); +int _TLIBC_CDECL_ wcsncasecmp(const wchar_t *, const wchar_t *, size_t); +size_t _TLIBC_CDECL_ wcsnrtombs(char *__restrict, const wchar_t **__restrict, size_t, size_t, mbstate_t *__restrict); +size_t _TLIBC_CDECL_ mbsnrtowcs(wchar_t *__restrict, const char **__restrict, size_t, size_t, mbstate_t *__restrict); int _TLIBC_CDECL_ swprintf(wchar_t *, size_t, const wchar_t *, ...); int _TLIBC_CDECL_ vswprintf(wchar_t *, size_t, const wchar_t *, __va_list); diff --git a/common/src/sgx_read_rand.cpp b/common/src/sgx_read_rand.cpp index 31b9a922d..67ed11f2a 100644 --- a/common/src/sgx_read_rand.cpp +++ b/common/src/sgx_read_rand.cpp @@ -33,7 +33,7 @@ /* Please add external/rdrand into INCLUDE path and correpondent library to project */ #include -#ifndef _TD_MIGRATION +#ifndef SERVTD_ATTEST #include #else #include @@ -41,7 +41,7 @@ #include #include "sgx.h" #include "sgx_defs.h" -#ifndef _TD_MIGRATION +#ifndef SERVTD_ATTEST #include "se_wrapper.h" #endif #include "rdrand.h" @@ -90,7 +90,7 @@ extern "C" sgx_status_t SGXAPI sgx_read_rand(uint8_t *buf, size_t size) g_is_rdrand_supported = rdrand_cpuid(); } if(!g_is_rdrand_supported){ -#ifndef _TD_MIGRATION +#ifndef SERVTD_ATTEST uint32_t i; for(i=0;i<(uint32_t)size;++i){ buf[i]=(uint8_t)rand(); diff --git a/docker/build/tdx-qgs.dockerfile b/docker/build/tdx-qgs.dockerfile index 2bbbffe55..0a5174d35 100644 --- a/docker/build/tdx-qgs.dockerfile +++ b/docker/build/tdx-qgs.dockerfile @@ -47,6 +47,7 @@ RUN sh -c 'echo yes | /linux-sgx/linux/installer/bin/sgx_linux_x64_sdk_*.bin' WORKDIR /linux-sgx ENV BUILD_PLATFORM="docker" +ENV SGX_SDK=/opt/intel/sgxsdk RUN make rpm_local_repo diff --git a/download_prebuilt.sh b/download_prebuilt.sh index 17d3c75d7..7865a907a 100755 --- a/download_prebuilt.sh +++ b/download_prebuilt.sh @@ -33,11 +33,11 @@ top_dir=`dirname $0` out_dir=$top_dir -optlib_name=optimized_libs_2.22.tar.gz -ae_file_name=prebuilt_ae_2.22.tar.gz +optlib_name=optimized_libs_2.23.tar.gz +ae_file_name=prebuilt_ae_2.23.tar.gz binutils_file_name=as.ld.objdump.r4.tar.gz -checksum_file=SHA256SUM_prebuilt_2.22.cfg -server_url_path=https://download.01.org/intel-sgx/sgx-linux/2.22 +checksum_file=SHA256SUM_prebuilt_2.23.cfg +server_url_path=https://download.01.org/intel-sgx/sgx-linux/2.23 server_optlib_url=$server_url_path/$optlib_name server_ae_url=$server_url_path/$ae_file_name server_binutils_url=$server_url_path/$binutils_file_name diff --git a/external/CppMicroServices/util/src/FileSystem.cpp b/external/CppMicroServices/util/src/FileSystem.cpp index 3a3ffab02..650c9fbb1 100644 --- a/external/CppMicroServices/util/src/FileSystem.cpp +++ b/external/CppMicroServices/util/src/FileSystem.cpp @@ -28,6 +28,7 @@ #include #include #include +#include #ifdef US_PLATFORM_POSIX # include diff --git a/external/dcap_source b/external/dcap_source index 8a407331e..f2bf3c4ef 160000 --- a/external/dcap_source +++ b/external/dcap_source @@ -1 +1 @@ -Subproject commit 8a407331e0d38be89a64d9eac54ab764792fb490 +Subproject commit f2bf3c4ef3a6f916246401dc41b6931811e667d9 diff --git a/external/mbedtls/mbedtls_code b/external/mbedtls/mbedtls_code index 1873d3bfc..1ec69067f 160000 --- a/external/mbedtls/mbedtls_code +++ b/external/mbedtls/mbedtls_code @@ -1 +1 @@ -Subproject commit 1873d3bfc2da771672bd8e7e8f41f57e0af77f33 +Subproject commit 1ec69067fa1351427f904362c1221b31538c8b57 diff --git a/external/mbedtls/sgx_mbedtls.patch b/external/mbedtls/sgx_mbedtls.patch index d62c36f3c..1ff47bf9d 100644 --- a/external/mbedtls/sgx_mbedtls.patch +++ b/external/mbedtls/sgx_mbedtls.patch @@ -1,5 +1,5 @@ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h -index 4292b493b..a0fd173f4 100644 +index af0761395..9e37ba855 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -89,7 +89,7 @@ @@ -38,7 +38,7 @@ index 4292b493b..a0fd173f4 100644 /** * \def MBEDTLS_PLATFORM_MEMORY -@@ -264,7 +264,7 @@ +@@ -339,7 +339,7 @@ * * Uncomment to get errors on using deprecated functions and features. */ @@ -47,7 +47,7 @@ index 4292b493b..a0fd173f4 100644 /** \} name SECTION: System support */ -@@ -477,7 +477,7 @@ +@@ -552,7 +552,7 @@ * * Uncomment to use your own hardware entropy collector. */ @@ -56,7 +56,7 @@ index 4292b493b..a0fd173f4 100644 /** * \def MBEDTLS_AES_ROM_TABLES -@@ -1045,7 +1045,7 @@ +@@ -1192,7 +1192,7 @@ * * Enable functions that use the filesystem. */ @@ -65,7 +65,7 @@ index 4292b493b..a0fd173f4 100644 /** * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES -@@ -1068,7 +1068,7 @@ +@@ -1215,7 +1215,7 @@ * * Uncomment this macro to disable the built-in platform entropy functions. */ @@ -74,7 +74,7 @@ index 4292b493b..a0fd173f4 100644 /** * \def MBEDTLS_ENTROPY_FORCE_SHA256 -@@ -1917,7 +1917,7 @@ +@@ -2085,7 +2085,7 @@ * * Uncomment this to enable pthread mutexes. */ @@ -83,7 +83,16 @@ index 4292b493b..a0fd173f4 100644 /** * \def MBEDTLS_USE_PSA_CRYPTO -@@ -2778,7 +2778,7 @@ +@@ -2813,7 +2813,7 @@ + * + * Uncomment to enable the LMS verification algorithm and public key operations. + */ +-#define MBEDTLS_LMS_C ++//#define MBEDTLS_LMS_C + + /** + * \def MBEDTLS_LMS_PRIVATE +@@ -2964,7 +2964,7 @@ * * This modules adds support for the VIA PadLock on x86. */ @@ -92,7 +101,16 @@ index 4292b493b..a0fd173f4 100644 /** * \def MBEDTLS_PEM_PARSE_C -@@ -2994,7 +2994,7 @@ +@@ -3146,7 +3146,7 @@ + * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. + * + */ +-#define MBEDTLS_PSA_CRYPTO_C ++//#define MBEDTLS_PSA_CRYPTO_C + + /** + * \def MBEDTLS_PSA_CRYPTO_SE_C +@@ -3175,7 +3175,7 @@ * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of * the PSA ITS interface */ @@ -101,7 +119,7 @@ index 4292b493b..a0fd173f4 100644 /** * \def MBEDTLS_PSA_ITS_FILE_C -@@ -3006,7 +3006,7 @@ +@@ -3187,7 +3187,7 @@ * * Requires: MBEDTLS_FS_IO */ @@ -110,16 +128,16 @@ index 4292b493b..a0fd173f4 100644 /** * \def MBEDTLS_RIPEMD160_C -@@ -3312,7 +3312,7 @@ +@@ -3522,7 +3522,7 @@ * - * Enable this layer to allow use of mutexes within mbed TLS + * Enable this layer to allow use of mutexes within Mbed TLS */ -//#define MBEDTLS_THREADING_C +#define MBEDTLS_THREADING_C /** * \def MBEDTLS_TIMING_C -@@ -3336,7 +3336,7 @@ +@@ -3546,7 +3546,7 @@ * * Module: library/timing.c */ @@ -129,7 +147,7 @@ index 4292b493b..a0fd173f4 100644 /** * \def MBEDTLS_VERSION_C diff --git a/library/aesni.c b/library/aesni.c -index a23c5b595..db1cf1ccd 100644 +index 5f25a8249..18fbd22bf 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -23,6 +23,7 @@ @@ -140,7 +158,7 @@ index a23c5b595..db1cf1ccd 100644 #if defined(MBEDTLS_AESNI_C) -@@ -48,21 +49,11 @@ int mbedtls_aesni_has_support(unsigned int what) +@@ -51,21 +52,11 @@ int mbedtls_aesni_has_support(unsigned int what) static unsigned int c = 0; if (!done) { @@ -168,7 +186,7 @@ index a23c5b595..db1cf1ccd 100644 } diff --git a/library/entropy.c b/library/entropy.c -index e55410c76..0853577ae 100644 +index 00079176a..a04b64836 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -16,6 +16,7 @@ @@ -179,7 +197,7 @@ index e55410c76..0853577ae 100644 #include "common.h" -@@ -548,6 +549,19 @@ static int entropy_dummy_source(void *data, unsigned char *output, +@@ -504,6 +505,19 @@ static int entropy_dummy_source(void *data, unsigned char *output, #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) @@ -200,7 +218,7 @@ index e55410c76..0853577ae 100644 { int ret = 0; diff --git a/library/rsa.c b/library/rsa.c -index 01159dfa2..a1978d106 100644 +index 3c538bf43..4ddf06ba3 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -34,6 +34,7 @@ @@ -211,7 +229,7 @@ index 01159dfa2..a1978d106 100644 #include "common.h" -@@ -2404,15 +2405,12 @@ void mbedtls_rsa_free(mbedtls_rsa_context *ctx) +@@ -2476,15 +2477,12 @@ void mbedtls_rsa_free(mbedtls_rsa_context *ctx) static int myrand(void *rng_state, unsigned char *output, size_t len) { #if !defined(__OpenBSD__) && !defined(__NetBSD__) diff --git a/external/protobuf/sgx_protobuf.patch b/external/protobuf/sgx_protobuf.patch index 615ccb022..2b41ebe93 100644 --- a/external/protobuf/sgx_protobuf.patch +++ b/external/protobuf/sgx_protobuf.patch @@ -1,11 +1,12 @@ -From 693787f29e638e6f65dfdd5ee3dd9c2a45b7d3df Mon Sep 17 00:00:00 2001 +From e68261ed6a9abbaa98a5bd183d5fe985485c1379 Mon Sep 17 00:00:00 2001 From: yanxue -Date: Tue, 1 Aug 2023 07:12:57 +0000 +Date: Thu, 7 Dec 2023 00:46:13 -0500 Subject: [PATCH] Enable Protobuf in SGX --- cmake/CMakeLists.txt | 31 +++- cmake/libsgx_protobuf.cmake | 140 ++++++++++++++++++ + cmake/protoc.cmake | 2 + configure.ac | 2 +- .../google/protobuf/MessageReflection.java | 26 +++- .../protobuf/io/zero_copy_stream_impl.cc | 6 + @@ -29,7 +30,7 @@ Subject: [PATCH] Enable Protobuf in SGX .../protobuf/util/delimited_message_util.cc | 2 + .../protobuf/util/delimited_message_util.h | 7 +- src/google/protobuf/util/time_util.h | 4 + - 25 files changed, 317 insertions(+), 15 deletions(-) + 26 files changed, 319 insertions(+), 15 deletions(-) create mode 100644 cmake/libsgx_protobuf.cmake diff --git a/cmake/CMakeLists.txt b/cmake/CMakeLists.txt @@ -234,6 +235,19 @@ index 000000000..2d5b33da5 + OUTPUT_NAME ${LIB_PREFIX}protobuf + DEBUG_POSTFIX "${protobuf_DEBUG_POSTFIX}") +add_library(protobuf::libprotobuf ALIAS libprotobuf) +diff --git a/cmake/protoc.cmake b/cmake/protoc.cmake +index c86d6628f..7089948ed 100644 +--- a/cmake/protoc.cmake ++++ b/cmake/protoc.cmake +@@ -2,6 +2,8 @@ set(protoc_files + ${protobuf_source_dir}/src/google/protobuf/compiler/main.cc + ) + ++string(APPEND CMAKE_CXX_FLAGS " -D_FORTIFY_SOURCE=2") ++ + if (CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") + set(protoc_rc_files + ${CMAKE_CURRENT_BINARY_DIR}/version.rc diff --git a/configure.ac b/configure.ac index 7c5c2c799..31c63629f 100644 --- a/configure.ac diff --git a/external/sgxssl/prepare_sgxssl.sh b/external/sgxssl/prepare_sgxssl.sh index 8a89f598b..74184128f 100755 --- a/external/sgxssl/prepare_sgxssl.sh +++ b/external/sgxssl/prepare_sgxssl.sh @@ -32,16 +32,15 @@ top_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" openssl_out_dir=$top_dir/openssl_source -openssl_ver=3.0.10 +openssl_ver=3.0.12 openssl_ver_name=openssl-$openssl_ver sgxssl_github_archive=https://github.com/intel/intel-sgx-ssl/archive -sgxssl_file_name=3.0_Rev1 +sgxssl_file_name=3.0_Rev2 build_script=$top_dir/Linux/build_openssl.sh server_url_path=https://www.openssl.org/source full_openssl_url=$server_url_path/old/3.0/$openssl_ver_name.tar.gz -sgxssl_chksum=6371dbe25acdc5a3bbb2978a0a559ad2eefd713b9bbf5d3a45236229c9cc53b6 -openssl_chksum=1761d4f5b13a1028b9b6f3d4b8e17feb0cedc9370f6afe61d7193d2cdce83323 +sgxssl_chksum=269e1171f566ac6630d83c3b6cf9669e254b08a7f208cc8cf59f471f3d8a579b rm -f check_sum_sgxssl.txt check_sum_openssl.txt if [ ! -f $build_script ]; then wget $sgxssl_github_archive/$sgxssl_file_name.zip -P $top_dir || exit 1 @@ -60,8 +59,9 @@ fi if [ ! -f $openssl_out_dir/$openssl_ver_name.tar.gz ]; then wget $server_url_path/$openssl_ver_name.tar.gz -P $openssl_out_dir || wget $full_openssl_url -P $openssl_out_dir || exit 1 - sha256sum $openssl_out_dir/$openssl_ver_name.tar.gz > check_sum_openssl.txt - grep $openssl_chksum check_sum_openssl.txt + wget $server_url_path/$openssl_ver_name.tar.gz.sha256 -O expected_chksum_openssl.txt || wget $full_openssl_url.sha256 -O expected_chksum_openssl.txt || exit 1 + openssl_chksum=`sha256sum $openssl_out_dir/$openssl_ver_name.tar.gz | awk '{print $1}'` + grep $openssl_chksum expected_chksum_openssl.txt if [ $? -ne 0 ]; then echo "File $openssl_out_dir/$openssl_ver_name.tar.gz checksum failure" rm -f $openssl_out_dir/$openssl_ver_name.tar.gz @@ -70,6 +70,10 @@ if [ ! -f $openssl_out_dir/$openssl_ver_name.tar.gz ]; then fi pushd $top_dir/Linux/ +patched=$(grep -c 2023-5678 build_openssl.sh) +if [ '0' -eq $patched ]; then + sed -i '141a patch --merge -p1 < ../../../../dcap-trunk/dcap_source/prebuilt/openssl/openssl.CVE-2023-5678.patch || exit 1 ' build_openssl.sh +fi if [ "$MITIGATION" != "" ]; then make clean all LINUX_SGX_BUILD=1 DEBUG=$DEBUG else diff --git a/linux/installer/common/sdk/BOMs/sdk_base.txt b/linux/installer/common/sdk/BOMs/sdk_base.txt index 4c9e3d421..da72f5cf8 100644 --- a/linux/installer/common/sdk/BOMs/sdk_base.txt +++ b/linux/installer/common/sdk/BOMs/sdk_base.txt @@ -712,4 +712,7 @@ DeliveryName InstallName FileCheckSum FileFeature FileOwner /external/mbedtls/mbedtls_code/include/mbedtls/cmac.h /package/include/mbedtls/cmac.h 0 main STP /external/mbedtls/mbedtls_code/include/mbedtls/rsa.h /package/include/mbedtls/rsa.h 0 main STP /external/mbedtls/mbedtls_code/include/mbedtls/gcm.h /package/include/mbedtls/gcm.h 0 main STP +/external/mbedtls/mbedtls_code/include/mbedtls/config_adjust_legacy_crypto.h /package/include/mbedtls/config_adjust_legacy_crypto.h 0 main STP +/external/mbedtls/mbedtls_code/include/mbedtls/config_adjust_x509.h /package/include/mbedtls/config_adjust_x509.h 0 main STP +/external/mbedtls/mbedtls_code/include/mbedtls/config_adjust_ssl.h /package/include/mbedtls/config_adjust_ssl.h 0 main STP /common/buildenv.mk /package/buildenv.mk 0 main STP diff --git a/linux/installer/deb/local_repo_tool/conf/distributions b/linux/installer/deb/local_repo_tool/conf/distributions index df10f428a..70a0683ae 100644 --- a/linux/installer/deb/local_repo_tool/conf/distributions +++ b/linux/installer/deb/local_repo_tool/conf/distributions @@ -61,3 +61,11 @@ Architectures: amd64 Components: main Description: debian/bullseye repository for SGX PSW DebIndices: Packages . + +Origin: Intel Corporation +Label: Intel Corporation +Codename: mantic +Architectures: amd64 +Components: main +Description: ubuntu/mantic repository for SGX PSW +DebIndices: Packages . diff --git a/linux/installer/deb/sgx-aesm-service/sgx-aesm-service-1.0/debian/control b/linux/installer/deb/sgx-aesm-service/sgx-aesm-service-1.0/debian/control index 7f4315479..bf8645f5c 100644 --- a/linux/installer/deb/sgx-aesm-service/sgx-aesm-service-1.0/debian/control +++ b/linux/installer/deb/sgx-aesm-service/sgx-aesm-service-1.0/debian/control @@ -37,12 +37,12 @@ Description: Unified Quote Plugin for Intel(R) Software Guard Extensions AESM Se Package: libsgx-aesm-ecdsa-plugin Architecture: amd64 -Depends: ${shlibs:Depends}, ${misc:Depends}, sgx-aesm-service(>= @dep_version@), libsgx-qe3-logic(>= 1.19), libsgx-aesm-pce-plugin(>= @dep_version@) +Depends: ${shlibs:Depends}, ${misc:Depends}, sgx-aesm-service(>= @dep_version@), libsgx-qe3-logic(>= 1.20), libsgx-aesm-pce-plugin(>= @dep_version@) Description: ECDSA Quote Plugin for Intel(R) Software Guard Extensions AESM Service Package: libsgx-aesm-pce-plugin Architecture: amd64 -Depends: ${shlibs:Depends}, ${misc:Depends}, sgx-aesm-service(>= @dep_version@), libsgx-pce-logic(>= 1.19), libsgx-ae-pce(>= @dep_version@) +Depends: ${shlibs:Depends}, ${misc:Depends}, sgx-aesm-service(>= @dep_version@), libsgx-pce-logic(>= 1.20), libsgx-ae-pce(>= @dep_version@) Description: PCE Plugin for Intel(R) Software Guard Extensions AESM Service Package: libsgx-ae-pce diff --git a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-ecdsa-plugin.spec b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-ecdsa-plugin.spec index e69ee1923..b3894c1b4 100644 --- a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-ecdsa-plugin.spec +++ b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-ecdsa-plugin.spec @@ -38,7 +38,7 @@ Version: @version@ Release: 1%{?dist} Summary: ECDSA Quote Plugin for Intel(R) Software Guard Extensions AESM Service Group: Development/System -Requires: sgx-aesm-service >= %{version}-%{release} libsgx-qe3-logic >= 1.19 libsgx-aesm-pce-plugin >= %{version}-%{release} +Requires: sgx-aesm-service >= %{version}-%{release} libsgx-qe3-logic >= 1.20 libsgx-aesm-pce-plugin >= %{version}-%{release} License: BSD License URL: https://github.com/intel/linux-sgx diff --git a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-pce-plugin.spec b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-pce-plugin.spec index f6d75526e..f9e4ab398 100644 --- a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-pce-plugin.spec +++ b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-pce-plugin.spec @@ -38,7 +38,7 @@ Version: @version@ Release: 1%{?dist} Summary: PCE Plugin for Intel(R) Software Guard Extensions AESM Service Group: Development/System -Requires: sgx-aesm-service >= %{version}-%{release} libsgx-pce-logic >= 1.19 +Requires: sgx-aesm-service >= %{version}-%{release} libsgx-pce-logic >= 1.20 License: BSD License URL: https://github.com/intel/linux-sgx diff --git a/linux/reproducibility/ae_reproducibility_verifier/README.md b/linux/reproducibility/ae_reproducibility_verifier/README.md index 707a0062e..3ff0c2c3a 100644 --- a/linux/reproducibility/ae_reproducibility_verifier/README.md +++ b/linux/reproducibility/ae_reproducibility_verifier/README.md @@ -1,100 +1,63 @@ -Verify Intel(R) Prebuilt AE Reproducibility: -================================ ---------- +# How to Verify Intel(R) Prebuilt Architectural Enclaves (AE) Reproducibility ## Purpose ---- -Since Intel(R) prebuilt AEs have been signed by Intel's private key, it's hard to verify AE reproduciblity by comparing your local AE builds with Intel AEs using "diff" command. -So this doc will give an approach using your local AE builds to verify Intel(R) prebuilt AEs are: -* Built using same code and toolsets that being opensourced -* Signed using same config.xml that being opensourced +IntelĀ® prebuilt AEs have been signed by Intel which include the [Enclave Signature Structure](https://download.01.org/intel-sgx/sgx-linux/2.22/docs/Intel_SGX_Developer_Reference_Linux_2.22_Open_Source.pdf) to the files. Therefore, it's not easy to verify they are reproducible by comparing the checksums of your AE builds with the ones found in Intel(R) prebuilt AEs. +This document outlines a process to guarantee Intel(R) prebuilt AEs are: +- Built using the open source codebase and toolchain +- Signed using the open source enclave config.xml -## Verify AE reproducibility ---- -### Prequisites: -* Prepare below 4 materials +## Prerequisites - 1. intel_signed_ae: - It is the Intel(R) prebuilt AE to be verified, and can be downloaded from - https://download.01.org/intel-sgx/latest/dcap-latest/linux/ (for ECDSA-based - attestation) or https://download.01.org/intel-sgx/latest/linux-latest/. - 2. user_build_unsigned_ae: - The unsigned AE is built by yourself in an SGX docker container. You can follow the [reproducibility README.md](../README.md) to build all AEs in a container. - 3. user_private_key: - This private key is generated by yourself for signing user_build_unsigned_ae. - 4. intel_ae_config_xml: - It is the opensource enclave config.xml of Intel(R) prebuilt AE, and can be downloaded from Intel(R) SGX GitHub repo. +- Ensure Intel(R) SGX SDK is installed (), and the required environment variables are set: - -* Ensure Intel(R) SGX SDK is installed(https://github.com/intel/linux-sgx#install-the-intelr-sgx-sdk), and your environment is set: - ``` + ```shell $ source ${sgx-sdk-install-path}/environment ``` -### Detailed Steps: -You can either verify by the provided automated scripts [*reproducibility_verifier.sh*](reproducibility_verifier.sh), or by manual. - -#### 1. Verify by running automated scripts (Recommended) -To see the usage, you can directly run *`$./reproducibility_verifier.sh`* without any arguments. -To do verification, please follow below usage. - -##### Usage: -``` -$ ./reproducibility_verifier.sh intel_signed_ae user_build_unsigned_ae user_private_key intel_ae_config_xml -``` -##### Parameters: -The script MUST take four parameters in above order. For the parameters, please see the description [Prequisites: Prepare below 4 materials](#materials) - -##### Outputs: -If the verification succeeds, you will see below info in command line window: - -``` -$ ./reproducibility_verifier.sh intel_signed_ae user_build_unsigned_ae user_private_key intel_ae_config_xml -... -Reproducibility Verification PASSED! - -``` -If the verification fails, you will see below info in command line window: - -``` -$ ./reproducibility_verifier.sh intel_signed_ae user_build_unsigned_ae user_private_key intel_ae_config_xml -... -Reproducibility Verification FAILED! -Please find the diff contents in output/metadata_diff.txt -``` - -Meanwhile, you can find the extracted intel & user metadata to be compared in *./output/intel_metadata.txt* and *./output/user_metadata.txt*. - -#### 2. Verify by manual -1) Dump the whole enclave_metadata of intel_signed_ae, and then extract partial enclave_metadata to "intel_metadata.txt" excluding below fields: - "enclave_css.header.date, enclave_css.enclave_css.key.modulus, enclave_css.key.exponent, enclave_css.key.signature, enclave_css.buffer.q1, enclave_css.buffer.q2" - - ``` - # dump metadata - $ {SGX_SDK}/bin/x64/sgx_sign dump -enclave intel_signed_ae -dumpfile intel_metadata_orig.txt - - # extract metadata - $ sed -n '/metadata->magic_num/,/metadata->enclave_css.header.module_vendor/p;/metadata->enclave_css.header.header2/,/metadata->enclave_css.header.hw_version/p;/metadata->enclave_css.body.misc_select/,/metadata->enclave_css.body.isv_svn/p;' intel_metadata_orig.txt > intel_metadata.txt - ``` -2) Sign user_build_unsigned_ae with user_private_key and intel_ae_config_xml, and generate user_signed_ae. - ``` - $ {SGX_SDK}/bin/x64/sgx_sign sign -enclave user_build_unsigned_ae -key user_private_key -config intel_ae_config_xml -out user_signed_ae - ``` -3) Dump the whole enclave_metadata of user_signed_a, and then extract partial enclave_metadata to "user_metadata.txt" excluding below fields: - "enclave_css.header.date, enclave_css.enclave_css.key.modulus, enclave_css.key.exponent, enclave_css.key.signature, enclave_css.buffer.q1, enclave_css.buffer.q2" +- Prepare below 4 materials + - **intel_signed_ae** + The Intel(R) prebuilt AE to be verified, which can be downloaded from or . + - **user_build_unsigned_ae** + The unsigned AE built by yourself in an SGX docker container by following the [reproducibility README.md](../README.md). + - **user_private_key** + The private key file generated by yourself for signing *user_build_unsigned_ae*. + It should follow the PEM format which contains an unencrypted RSA 3072-bit key. The public exponent must be 3. + E.g. *'openssl genrsa -out my_priv_key.pem -3 3072'* + - **intel_ae_config_xml** + The open source enclave configuration file of the Intel(R) prebuilt AE. + E.g. the config.xml of PCE: + +## How to verify + +- Run below command to verify + + ```shell + $ ./reproducibility_verifier.sh intel_signed_ae user_build_unsigned_ae user_private_key intel_ae_config_xml [output_dir] + ``` + + Note: + - To show the usage, please run `./reproducibility_verifier.sh`. + - The first four required arguments **MUST** in the same order above. (See [Prerequisites - Prepare below 4 materials](#materials)). + - The last argument 'output_dir' is optional. If not provided, it will use 'output' by default. The result will be generated in 'output_dir'. + +- Check the verification result + - If successful, the exit code will be 0, and the following message will be displayed: + + ```shell + $ ./reproducibility_verifier.sh intel_signed_ae user_build_unsigned_ae user_private_key intel_ae_config_xml + ... + Reproducibility Verification PASSED! + ``` + - If it fails, the exit code will be 1 or 2, and the following message will be displayed: - ``` - # dump metadata - $ {SGX_SDK}/bin/x64/sgx_sign dump -enclave intel_signed_ae -dumpfile intel_metadata_orig.txt - - # extract metadata - $ sed -n '/metadata->magic_num/,/metadata->enclave_css.header.module_vendor/p;/metadata->enclave_css.header.header2/,/metadata->enclave_css.header.hw_version/p;/metadata->enclave_css.body.misc_select/,/metadata->enclave_css.body.isv_svn/p;' user_metadata_orig.txt > user_metadata.txt - ``` -4) Compare the content of intel_metadata.txt and user_metadata.txt. If the result is same, then the verification succeeds; otherwise, the verification fails. + ```shell + $ ./reproducibility_verifier.sh intel_signed_ae user_build_unsigned_ae user_private_key intel_ae_config_xml output + ... + Reproducibility Verification FAILED! + Please find the diff contents in output/metadata_diff.txt + ``` -``` - $ diff intel_metadata.txt user_metadata.txt -``` + Meanwhile, you can find the metadata of Intel and user are generated in *./output/intel_metadata.txt* and *./output/user_metadata.txt* diff --git a/linux/reproducibility/ae_reproducibility_verifier/reproducibility_verifier.sh b/linux/reproducibility/ae_reproducibility_verifier/reproducibility_verifier.sh index bd21fbae0..f5d241eaa 100755 --- a/linux/reproducibility/ae_reproducibility_verifier/reproducibility_verifier.sh +++ b/linux/reproducibility/ae_reproducibility_verifier/reproducibility_verifier.sh @@ -32,36 +32,36 @@ usage() { - echo -e "Usage: - ./reproducibility_verifier.sh [intel_signed_ae] [user_build_unsigned_ae] [user_private_key] [intel_ae_config_xml] + cat << EOM +Usage: + ./reproducibility_verifier.sh intel_signed_ae user_build_unsigned_ae user_private_key intel_ae_config_xml [output_dir] The script is to verify Intel(R) prebuilt AEs are: - * Built using same code and toolsets that being opensourced - * Signed using same config.xml that being opensourced + * Built using the open source codebase and toolchain + * Signed using the open source enclave config.xml Arguments: - intel_signed_ae: It's the Intel(R) prebuilt AE to be verified, - and can be downloaded from - https://download.01.org/intel-sgx/latest/dcap-latest/linux/ or - https://download.01.org/intel-sgx/latest/linux-latest/. - user_build_unsigned_ae: It's built by yourself in an SGX docker container. - user_private_key: It's generated by yourself for signing user_build_unsigned_ae in bullet 1. - intel_ae_config_xml: It's the opensource enclave config.xml of Intel(R) prebuilt AE, - and can be downloaded from Intel(R) SGX GitHub repo. + intel_signed_ae : Required. Intel(R) prebuilt AE (*.signed.so) to be verified. + user_build_unsigned_ae : Required. Your self-build AE (*.so) in an SGX docker container. + user_private_key : Required. Your private key (PEM format) for signing user_build_unsigned_ae. + intel_ae_config_xml : Required. The opensource enclave config.xml of Intel(R) prebuilt AE. + output_dir : Optional. The folder the results generated in. Use ./output as default. + Note: - * All of above 4 arguments are required. - * If no arguments, './reproducibility_verifier.sh' will show the usage. + If no arguments, './reproducibility_verifier.sh' will show the usage. Result: * If the verification succeeds: - Display info: Reproducibility Verification PASSED! - Exit status: 0 + Display info: Reproducibility Verification PASSED! + Exit status: 0 * If the verification fails: - Display info: Reproducibility Verification FAILED! - Exit status: 1 + Display info: Reproducibility Verification FAILED! + Exit status: 1 * Other Error: - Display the specific error info - Exit status: 2" + Display the specific error info + Exit status: 2 + You can find the detailed result in the output_dir folder. +EOM } is_file_existed() @@ -87,7 +87,7 @@ check_cmd_status() check_input_parameter() { is_file_existed $1 "Please check the path for $2 is correct!" - echo -e "* $2 is: \t$1" + echo -e "* $2\t: $1" } @@ -103,9 +103,18 @@ prepare() check_input_parameter $user_unsigned_ae 'user unsigned AE' check_input_parameter $user_key 'user private key' check_input_parameter $intel_config 'intel config.xml' - - if [ 0"$SGX_SDK" = 0"" ]; then - echo -e "Error: \$SGX_SDK is not found, please ensure Intel(R) SGX SDK is installed and environment is set!\n" + if [ -z "$output_dir" ]; then + output_dir='output' + fi + user_signed_ae=$output_dir'/user_ae.signed.so' + metadata1_orig=$output_dir'/intel_metadata_orig.txt' + metadata2_orig=$output_dir'/user_metadata_orig.txt' + metadata1=$output_dir'/intel_metadata.txt' + metadata2=$output_dir'/user_metadata.txt' + metadata_diff=$output_dir'/metadata_diff.txt' + + if [ 0"${SGX_SDK}" = 0"" ]; then + echo -e "Error: \$SGX_SDK is not found, please ensure Intel(R) SGX SDK is installed and the required environment variables are set!\n" exit 2 fi @@ -120,7 +129,7 @@ extract_enclave_metadata() # get the whole enclave metadata including keys related is_file_existed $1 "the signed enclave for sgx dump is not existed" ${SGX_SDK}/bin/x64/sgx_sign dump -enclave $1 -dumpfile $2 > /dev/null 2>&1 - check_cmd_status $? "sgn_sign dump the signed enclave failed!" + check_cmd_status $? "sgn_sign dump the signed enclave failed" # extract part of enclave metadata by excluding below fields: # enclave_css.header.date @@ -143,7 +152,7 @@ extract_user_enclave_metadata() { # sgx_sign user's unsigned AE with Intel config.xml and user's private key ${SGX_SDK}/bin/x64/sgx_sign sign -enclave $user_unsigned_ae -key $user_key -config $intel_config -out $user_signed_ae > /dev/null 2>&1 - check_cmd_status $? "sgx_sign sign user_build_ae failed!" + check_cmd_status $? "sgx_sign sign user_build_ae failed" # extract user signed AE's metadata extract_enclave_metadata $user_signed_ae $metadata2_orig $metadata2 @@ -157,14 +166,14 @@ check_ae_reproducibility() diff $metadata1 $metadata2 > $metadata_diff 2>&1 diff_status=$? if [ $diff_status -eq 0 ]; then - echo -e "Reproducibility Verification PASSED! \n" + echo -e "\nReproducibility Verification PASSED!\n" exit 0 elif [ $diff_status -eq 1 ]; then - echo -e "Reproducibility Verification FAILED! \n" + echo -e "\nReproducibility Verification FAILED!\n" echo -e "Please find the diff contents in $metadata_diff" exit 1 else - echo -e "Error: There was something wrong with the diff command!\n" + echo -e "\nError: There was something wrong with the diff command!\n" exit 2 fi } @@ -175,16 +184,7 @@ intel_signed_ae=$1 user_unsigned_ae=$2 user_key=$3 intel_config=$4 - -output_dir='output' -user_signed_ae=$output_dir'/user_ae.signed.so' - -metadata1_orig=$output_dir'/intel_metadata_orig.txt' -metadata2_orig=$output_dir'/user_metadata_orig.txt' -metadata1=$output_dir'/intel_metadata.txt' -metadata2=$output_dir'/user_metadata.txt' -metadata_diff=$output_dir'/metadata_diff.txt' - +output_dir=$5 # Step 1: check input parameters and prepare enviroment prepare $@ @@ -192,7 +192,7 @@ prepare $@ # Step 2: extract Intel signed AE's metadata extract_intel_enclave_metadata -# Step 3: sgx_sign user's local build AE and extract user signed AE's metadata +# Step 3: sgx_sign user's self build AE and extract user signed AE's metadata extract_user_enclave_metadata # Step 4: compare metadata between intel signed ae and user signed ae diff --git a/linux/reproducibility/build_and_launch_docker.sh b/linux/reproducibility/build_and_launch_docker.sh index 494d3ced7..ed5f84a4b 100755 --- a/linux/reproducibility/build_and_launch_docker.sh +++ b/linux/reproducibility/build_and_launch_docker.sh @@ -75,8 +75,8 @@ mount_dir="/linux-sgx" sdk_installer="" sgx_src="" -default_sdk_installer=sgx_linux_x64_sdk_reproducible_2.22.100.1.bin -default_sdk_installer_url=https://download.01.org/intel-sgx/sgx-linux/2.22/distro/nix_reproducibility/$default_sdk_installer +default_sdk_installer=sgx_linux_x64_sdk_reproducible_2.23.100.1.bin +default_sdk_installer_url=https://download.01.org/intel-sgx/sgx-linux/2.23/distro/nix_reproducibility/$default_sdk_installer usage() @@ -177,7 +177,7 @@ prepare_sgx_src() if [ "$sgx_src" != "" ]; then mkdir -p "$sgx_repo" && cp -a "$sgx_src/." "$sgx_repo" else - git clone -b sgx_2.22_reproducible https://github.com/intel/linux-sgx.git $sgx_repo + git clone -b sgx_2.23_reproducible https://github.com/intel/linux-sgx.git $sgx_repo fi cd "$sgx_repo" && make preparation diff --git a/psw/urts/enclave_creator_hw.h b/psw/urts/enclave_creator_hw.h index 48f362659..9907c79c4 100644 --- a/psw/urts/enclave_creator_hw.h +++ b/psw/urts/enclave_creator_hw.h @@ -71,6 +71,7 @@ class EnclaveCreatorHW : public EnclaveCreator bool m_sig_registered; se_mutex_t m_sig_mutex; enclave_elrange_t m_enclave_elrange; + int m_driver_type; }; #endif diff --git a/psw/urts/linux/edmm_utility.cpp b/psw/urts/linux/edmm_utility.cpp index a7e9f73ce..49f2b9aa9 100644 --- a/psw/urts/linux/edmm_utility.cpp +++ b/psw/urts/linux/edmm_utility.cpp @@ -229,22 +229,20 @@ extern "C" bool is_cpu_support_edmm() /* is_driver_support_edmm() * Parameters: + * driver_type [in] - The driver type (kernel/out-of-tree/dcap) * hdevice [in] - The device handle used to communicate with driver. * Return Value: * true - Driver supports EDMM. * false - Driver does not support EDMM. */ -extern "C" bool is_driver_support_edmm(int hdevice) +extern "C" bool is_driver_support_edmm(int driver_type, int hdevice) { - if (-1 == hdevice){ - if(!open_se_device(SGX_DRIVER_IN_KERNEL, &hdevice)) - return false; + if (driver_type == SGX_DRIVER_IN_KERNEL) { struct sgx_enclave_restrict_permissions ioc; memset(&ioc, 0, sizeof(ioc)); int ret = ioctl(hdevice, SGX_IOC_ENCLAVE_RESTRICT_PERMISSIONS, &ioc); bool supported = ret != -1 || (errno != ENOTTY); - close_se_device(&hdevice); return supported; } @@ -282,7 +280,7 @@ extern "C" bool is_support_edmm() return false; } - if (false == is_driver_support_edmm(hdevice)) + if (false == is_driver_support_edmm(driver_type, hdevice)) { close_se_device(&hdevice); return false; diff --git a/psw/urts/linux/edmm_utility.h b/psw/urts/linux/edmm_utility.h index f448ab3e6..34c2ba7bc 100644 --- a/psw/urts/linux/edmm_utility.h +++ b/psw/urts/linux/edmm_utility.h @@ -82,12 +82,13 @@ bool is_cpu_support_edmm(); /* is_driver_support_edmm() * Parameters: + * driver_type [in] - The driver type (kernel/out-of-tree/dcap). * hdevice [in] - The device handle used to communicate with driver. * Return Value: * true - Driver supports EDMM. * false - Driver does not support EDMM. */ -bool is_driver_support_edmm(int hdevice); +bool is_driver_support_edmm(int driver_type, int hdevice); /* is_support_edmm() * Parameters: diff --git a/psw/urts/linux/enclave_creator_hw.cpp b/psw/urts/linux/enclave_creator_hw.cpp index 21bae2ffd..a862d19f6 100644 --- a/psw/urts/linux/enclave_creator_hw.cpp +++ b/psw/urts/linux/enclave_creator_hw.cpp @@ -60,7 +60,8 @@ static uint64_t g_eid = 0x1; EnclaveCreatorHW::EnclaveCreatorHW(): m_hdevice(-1), - m_sig_registered(false) + m_sig_registered(false), + m_driver_type(SGX_DRIVER_UNKNOWN) { se_mutex_init(&m_sig_mutex); memset(&m_enclave_elrange, 0, sizeof(m_enclave_elrange)); @@ -289,13 +290,8 @@ bool EnclaveCreatorHW::open_device() return false; } - if(driver_type == SGX_DRIVER_OUT_OF_TREE) - { - return ::open_se_device(driver_type, &m_hdevice); - } - - return true; - + m_driver_type = driver_type; + return ::open_se_device(driver_type, &m_hdevice); } void EnclaveCreatorHW::close_device() @@ -304,6 +300,7 @@ void EnclaveCreatorHW::close_device() ::close_se_device(&m_hdevice); m_hdevice = -1; + m_driver_type = SGX_DRIVER_UNKNOWN; } //EDMM is supported if and only if all of the following requirements are met: @@ -330,8 +327,9 @@ bool EnclaveCreatorHW::is_EDMM_supported(sgx_enclave_id_t enclave_id) bool EnclaveCreatorHW::is_driver_compatible() { - open_device(); - return is_driver_support_edmm(m_hdevice); + if (false == open_device()) + return false; + return is_driver_support_edmm(m_driver_type, m_hdevice); } diff --git a/sdk/Makefile.source b/sdk/Makefile.source index d4ab3f7ee..4bbfd4f37 100644 --- a/sdk/Makefile.source +++ b/sdk/Makefile.source @@ -76,7 +76,7 @@ components: tstdc tcxx tservice trts tcrypto tkey_exchange ukey_exchange tprotec .PHONY: tstdc tstdc: $(LIBTLIBC) -ifndef _TD_MIGRATION +ifndef SERVTD_ATTEST $(LIBTLIBC): tlibthread compiler-rt tsafecrt tsetjmp tmm_rsrv $(MAKE) -C tlibc/ -j$(shell nproc) 2> /dev/null @$(MKDIR) $(BUILD_DIR)/.compiler-rt $(BUILD_DIR)/.tlibthread $(BUILD_DIR)/.tsafecrt $(BUILD_DIR)/.tsetjmp $(BUILD_DIR)/.tmm_rsrv @@ -96,7 +96,7 @@ $(LIBTLIBC): tlibthread compiler-rt tsafecrt tsetjmp tmm_rsrv @$(RM) -rf $(BUILD_DIR)/.tsetjmp $(BUILD_DIR)/.tmm_rsrv else $(LIBTLIBC): tlibthread tsafecrt tsetjmp tmm_rsrv - $(MAKE) -C tlibc/ _TD_MIGRATION=1 -j$(shell nproc) 2> /dev/null + $(MAKE) -C tlibc/ SERVTD_ATTEST=1 -j$(shell nproc) 2> /dev/null @$(MKDIR) $(BUILD_DIR)/.tlibthread $(BUILD_DIR)/.tsafecrt $(BUILD_DIR)/.tsetjmp $(BUILD_DIR)/.tmm_rsrv @$(RM) -f $(BUILD_DIR)/.tlibthread/* && cd $(BUILD_DIR)/.tlibthread && $(AR) x $(LINUX_SDK_DIR)/tlibthread/libtlibthread.a @$(RM) -f $(BUILD_DIR)/.tsafecrt/* && cd $(BUILD_DIR)/.tsafecrt && $(AR) x $(LINUX_SDK_DIR)/tsafecrt/libsgx_tsafecrt.a @@ -150,7 +150,7 @@ $(LIBTCXX): cpprt tlibcxx @cd $(BUILD_DIR)/.tlibcxx && $(AR) x $(LINUX_SDK_DIR)/tlibcxx/libcxx.a $(CP) $(LINUX_SDK_DIR)/cpprt/libcpprt.a $@ $(AR) qD $@ $(BUILD_DIR)/.tlibcxx/*.o -ifdef _TD_MIGRATION +ifdef SERVTD_ATTEST @$(MKDIR) $(BUILD_DIR)/.cpprt @$(RM) -f $(BUILD_DIR)/.cpprt/* && cd $(BUILD_DIR)/.cpprt && $(AR) x $(LINUX_SDK_DIR)/cpprt/libcpprt.a else @@ -307,8 +307,8 @@ sgx_encrypt: tservice $(BUILD_DIR): $(MKDIR) $@ -.PHONY: td_migration -td_migration: tstdc tcxx edger8r +.PHONY: servtd_attest +servtd_attest: tstdc tcxx edger8r .PHONY: clean clean: diff --git a/sdk/cpprt/linux/libunwind/src/elfxx.h b/sdk/cpprt/linux/libunwind/src/elfxx.h index 40efc9a26..85bbac901 100644 --- a/sdk/cpprt/linux/libunwind/src/elfxx.h +++ b/sdk/cpprt/linux/libunwind/src/elfxx.h @@ -100,4 +100,6 @@ elf_map_image (struct elf_image *ei, const char *path) return 0; } +#else +int elf_w (valid_object) (struct elf_image *); #endif diff --git a/sdk/cpprt/linux/libunwind/src/x86_64/Ginit.c b/sdk/cpprt/linux/libunwind/src/x86_64/Ginit.c index f3caf7d8f..47c2f7bfa 100644 --- a/sdk/cpprt/linux/libunwind/src/x86_64/Ginit.c +++ b/sdk/cpprt/linux/libunwind/src/x86_64/Ginit.c @@ -38,6 +38,10 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ #include "unwind_i.h" +#if defined(HAVE_SGX) +#include "sgx_trts.h" +#endif + #ifdef UNW_REMOTE_ONLY /* unw_local_addr_space is a NULL pointer in this case. */ diff --git a/sdk/protected_code_loader/Makefile b/sdk/protected_code_loader/Makefile index 335643806..899542991 100644 --- a/sdk/protected_code_loader/Makefile +++ b/sdk/protected_code_loader/Makefile @@ -39,6 +39,8 @@ else PCLVERBOSE := endif +# optimize bug on GCC 13.3.2, we need to disable optimize when build with GCC 13.3.2 +CC_NO_LESS_THAN_13 := $(shell expr $(CC_VERSION) \>\= "13") ifeq ($(ARCH), x86) $(error x86 build is not supported, only x64!!) @@ -99,6 +101,12 @@ PCL_LIB_CPP_FLAGS := $(TCXXFLAGS) $(ENCLAVE_CXXFLAGS) $(PCL_INCLUDE_PATH) PCL_SIM_LIB_C_FLAGS := $(TCFLAGS) $(ENCLAVE_CFLAGS) -DSE_SIM=1 $(PCL_INCLUDE_PATH) -I$(LINUX_SDK_DIR)/simulation/tinst PCL_SIM_LIB_CPP_FLAGS := $(TCXXFLAGS) $(ENCLAVE_CXXFLAGS) -DSE_SIM=1 $(PCL_INCLUDE_PATH) -I$(LINUX_SDK_DIR)/simulation/tinst +ifeq ($(CC_NO_LESS_THAN_13), 1) +PCL_LIB_C_FLAGS += -DTURN_OFF_O2_GCC13 +PCL_LIB_CPP_FLAGS += -DTURN_OFF_O2_GCC13 +PCL_SIM_LIB_C_FLAGS += -DTURN_OFF_O2_GCC13 +PCL_SIM_LIB_CPP_FLAGS += -DTURN_OFF_O2_GCC13 +endif # targets .PHONY: all diff --git a/sdk/protected_code_loader/crypto/pcl_gcm128.c b/sdk/protected_code_loader/crypto/pcl_gcm128.c index 5667f696c..d78b4ffe5 100644 --- a/sdk/protected_code_loader/crypto/pcl_gcm128.c +++ b/sdk/protected_code_loader/crypto/pcl_gcm128.c @@ -806,6 +806,10 @@ void pcl_gcm_gmult_clmul(u64 Xi[2], const u128 Htable[16]); void pcl_gcm_ghash_clmul(u64 Xi[2], const u128 Htable[16], const u8 *inp, size_t len); +#ifdef TURN_OFF_O2_GCC13 +#pragma GCC push_options +#pragma GCC optimize("O0") +#endif # define GCM_MUL(ctx,Xi) pcl_gcm_gmult_clmul(ctx->Xi.u,ctx->Htable) # define GHASH(ctx,in,len) (*gcm_ghash_p)(ctx->Xi.u,ctx->Htable,in,len) /* PCL UNUSED START @@ -939,6 +943,9 @@ void pcl_CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block) PCL UNUSED END */ } +#ifdef TURN_OFF_O2_GCC13 +#pragma GCC pop_options +#endif void pcl_CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv, size_t len) { diff --git a/sdk/protected_code_loader/crypto/pcl_sha256.c b/sdk/protected_code_loader/crypto/pcl_sha256.c index dbe4154cf..64dbb2b4e 100644 --- a/sdk/protected_code_loader/crypto/pcl_sha256.c +++ b/sdk/protected_code_loader/crypto/pcl_sha256.c @@ -134,7 +134,10 @@ static const SHA_LONG pcl_K256[64] = { 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL }; - +#ifdef TURN_OFF_O2_GCC13 +#pragma GCC push_option +#pragma GCC optimize("O0") +#endif /* * FIPS specification refers to right rotations, while our ROTATE macro * is left one. This is why you might notice that rotation coefficients @@ -212,4 +215,6 @@ static void pcl_sha256_block_data_order(SHA256_CTX *ctx, const void *in, } } - +#ifdef TURN_OFF_O2_GCC13 +#pragma GCC pop_option +#endif diff --git a/sdk/sign_tool/SignTool/sign_tool.cpp b/sdk/sign_tool/SignTool/sign_tool.cpp index c20c2a3e0..b06d38204 100644 --- a/sdk/sign_tool/SignTool/sign_tool.cpp +++ b/sdk/sign_tool/SignTool/sign_tool.cpp @@ -231,7 +231,7 @@ static bool measure_enclave(uint8_t *hash, const char *dllpath, const xml_parame res = false; break; case SGX_SUCCESS: - ret = dynamic_cast(get_enclave_creator())->get_enclave_info(hash, SGX_HASH_SIZE, "a); + ret = static_cast(get_enclave_creator())->get_enclave_info(hash, SGX_HASH_SIZE, "a); if(ret != SGX_SUCCESS) { res = false; diff --git a/sdk/tlibc/gen/sbrk.c b/sdk/tlibc/gen/sbrk.c index 30aa25d91..8f4a25925 100644 --- a/sdk/tlibc/gen/sbrk.c +++ b/sdk/tlibc/gen/sbrk.c @@ -41,7 +41,7 @@ SE_DECLSPEC_EXPORT size_t g_peak_heap_used = 0; /* Please be aware of: sbrk is not thread safe by default. */ -#ifndef _TD_MIGRATION +#ifndef SERVTD_ATTEST static void *heap_base __attribute__((section(RELRO_SECTION_NAME))) = NULL; static size_t heap_size __attribute__((section(RELRO_SECTION_NAME))) = 0; static int is_edmm_supported __attribute__((section(RELRO_SECTION_NAME))) = 0; @@ -53,6 +53,9 @@ int is_edmm_supported = 0; size_t heap_min_size = 0; #endif +extern int mm_commit(void* addr, size_t size); +extern int mm_uncommit(void* addr, size_t size); + int heap_init(void *_heap_base, size_t _heap_size, size_t _heap_min_size, int _is_edmm_supported) { if (heap_base != NULL) diff --git a/sdk/tlibc/math/e_powl.c b/sdk/tlibc/math/e_powl.c index 6e9568116..dc345c725 100644 --- a/sdk/tlibc/math/e_powl.c +++ b/sdk/tlibc/math/e_powl.c @@ -464,7 +464,6 @@ if( nflg ) return( z ); } -DEF_STD(powl); /* Find a multiple of 1/NXT that is within 1/NXT of x. */ diff --git a/sdk/tlibc/stdlib/malloc.c b/sdk/tlibc/stdlib/malloc.c index 479703266..4599c515e 100755 --- a/sdk/tlibc/stdlib/malloc.c +++ b/sdk/tlibc/stdlib/malloc.c @@ -1,13 +1,24 @@ /* - This is a version (aka dlmalloc) of malloc/free/realloc written by - Doug Lea and released to the public domain, as explained at - http://creativecommons.org/publicdomain/zero/1.0/ Send questions, - comments, complaints, performance data, etc to dl@cs.oswego.edu +Copyright 2023 Doug Lea + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. * Version 2.8.6 Wed Aug 29 06:57:58 2012 Doug Lea - Note: There may be an updated version of this malloc obtainable at - ftp://gee.cs.oswego.edu/pub/misc/malloc.c - Check before installing! + Re-licensed 25 Sep 2023 with MIT-0 replacing obsolete CC0 + See https://opensource.org/license/mit-0/ * Quickstart diff --git a/sdk/tlibc/string/strchr.c b/sdk/tlibc/string/strchr.c index c0f865dd5..7903c3a33 100644 --- a/sdk/tlibc/string/strchr.c +++ b/sdk/tlibc/string/strchr.c @@ -30,8 +30,6 @@ #include -__weak_alias(index, strchr); - #ifdef _TLIBC_USE_INTEL_FAST_STRING_ extern char *_intel_fast_strchr(const char *, int); #else diff --git a/sdk/tlibc/string/wcsncasecmp.c b/sdk/tlibc/string/wcsncasecmp.c new file mode 100644 index 000000000..315faf5f9 --- /dev/null +++ b/sdk/tlibc/string/wcsncasecmp.c @@ -0,0 +1,9 @@ +#include +#include + +int wcsncasecmp(const wchar_t *l, const wchar_t *r, size_t n) +{ + if (!n--) return 0; + for (; *l && *r && n && (*l == *r || towlower(*l) == towlower(*r)); l++, r++, n--); + return towlower(*l) - towlower(*r); +} diff --git a/sdk/trts/ctd.c b/sdk/trts/ctd.c index 6244fe9f9..ef532e80e 100644 --- a/sdk/trts/ctd.c +++ b/sdk/trts/ctd.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2023 Intel Corporation. All rights reserved. + * Copyright (C) 2011-2021 Intel Corporation. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/sdk/trts/ctd.h b/sdk/trts/ctd.h index 140ad72db..bac7ea9cf 100644 --- a/sdk/trts/ctd.h +++ b/sdk/trts/ctd.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2023 Intel Corporation. All rights reserved. + * Copyright (C) 2011-2021 Intel Corporation. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/sdk/ttls/Makefile b/sdk/ttls/Makefile index 1e7e757dd..b897421fc 100644 --- a/sdk/ttls/Makefile +++ b/sdk/ttls/Makefile @@ -77,11 +77,14 @@ LIBSGX_CBOR = libsgx_cbor.a LIBCBOR = libcbor.a LIBSGX_CBOR_PATH = $(CBOR_PATH)/trusted/lib LIBCBOR_PATH = $(CBOR_PATH)/untrusted/lib +CBOR_HEADER = cbor.h +SGXCBOR_INCLUDE = $(CBOR_PATH)/trusted/include +CBOR_INCLUDE = $(CBOR_PATH)/untrusted/include LIBNAME := libsgx_ttls.a LIBNAME_TDX := libtdx_tls.a -.PHONY: all PREPARE_SGX_SSL +.PHONY: all cbor_trusted cbor_untrusted PREPARE_SGX_SSL all: $(LIBNAME) $(LIBNAME_TDX) | $(BUILD_DIR) $(CP) $(LIBNAME) $| $(CP) $(LIBNAME_TDX) $| @@ -108,16 +111,22 @@ $(LIBNAME_TDX): $(OBJ_TDX) @$(RM) -r $(BUILD_DIR)/.libcbor $(OBJ): $(TLSNAME)_t.h -$(OBJ): %.o :%.cpp $(LIBSGX_CBOR) +$(OBJ): %.o : %.cpp $(CXX) $(CXXFLAGS) $(INCLUDE) -c $< -o $@ -$(OBJ_TDX): tdx_%.o :%.cpp $(LIBCBOR) +$(OBJ_TDX): tdx_%.o : %.cpp $(CXX) $(CXXFLAGS_TDX) $(INCLUDE_TDX) -DTDX_ENV -c $< -o $@ -$(LIBSGX_CBOR): - @test -f $(LIBSGX_CBOR_PATH)/$(LIBSGX_CBOR) || $(MAKE) -C $(CBOR_RELATIVE_PATH) cbor_trusted +$(SRC): cbor_trusted cbor_untrusted -$(LIBCBOR): - @test -f $(LIBCBOR_PATH)/$(LIBCBOR) || $(MAKE) -C $(CBOR_RELATIVE_PATH) cbor_untrusted +cbor_trusted: + @if [ ! -f $(SGXCBOR_INCLUDE)/$(CBOR_HEADER) ] || [ ! -f $(LIBSGX_CBOR_PATH)/$(LIBSGX_CBOR) ]; then \ + $(MAKE) -C $(CBOR_RELATIVE_PATH) cbor_trusted; \ + fi + +cbor_untrusted: + @if [ ! -f $(CBOR_INCLUDE)/$(CBOR_HEADER) ] || [ ! -f $(LIBCBOR_PATH)/$(LIBCBOR) ]; then \ + $(MAKE) -C $(CBOR_RELATIVE_PATH) cbor_untrusted; \ + fi .PHONY: clean clean: diff --git a/sdk/utls/Makefile b/sdk/utls/Makefile index 530a47408..0497c82c4 100644 --- a/sdk/utls/Makefile +++ b/sdk/utls/Makefile @@ -36,7 +36,8 @@ CERT_UTIL_DIR := ../ttls SGX_QV_PATH ?= ../../external/dcap_source/QuoteVerification PREBUILD_OPENSSL_PATH ?= $(SGX_QV_PATH)/../prebuilt/openssl CBOR_PATH ?= $(LINUX_EXTERNAL_DIR)/cbor -LIBCBOR_PATH ?= $(CBOR_PATH)/untrusted/lib +LIBCBOR_PATH := $(CBOR_PATH)/untrusted/lib +CBOR_INCLUDE := $(CBOR_PATH)/untrusted/include INCLUDE += -I. INCLUDE += -I$(COMMON_DIR) \ @@ -61,7 +62,7 @@ SRC := utls.cpp LIBCBOR := libcbor.a -HOST_CERT_SRC := cert_verifier.cpp +HOST_CERT_SRC := $(CERT_UTIL_DIR)/cert_verifier.cpp OBJ := $(SRC:.cpp=.o) @@ -69,7 +70,9 @@ CERT_OBJ := $(HOST_CERT_SRC:.cpp=.o) LIBNAME = libsgx_utls.a -.PHONY: all +CBOR_HEADER := cbor.h + +.PHONY: all cbor_untrusted all: $(LIBNAME) | $(BUILD_DIR) $(CP) $(LIBNAME) $| @@ -80,14 +83,19 @@ $(LIBNAME): $(OBJ) $(CERT_OBJ) $(AR) rs $@ $(BUILD_DIR)/.libcbor/*.o @$(RM) -r $(BUILD_DIR)/.libcbor -$(OBJ): $(LIBCBOR) $(SRC) +$(OBJ): cbor_untrusted $(SRC) $(CXX) $(CXXFLAGS) -Wno-deprecated-declarations $(INCLUDE) -c $(SRC) -o $@ $(CERT_OBJ): $(HOST_CERT_SRC) $(CXX) $(CXXFLAGS) -Wno-deprecated-declarations $(INCLUDE) -c $< -o $@ -$(LIBCBOR): - @test -f $(LIBCBOR_PATH)/$(LIBCBOR) || $(MAKE) -C $(CBOR_PATH) cbor_untrusted +$(HOST_CERT_SRC): cbor_untrusted + +cbor_untrusted: + # before build utls, check cbor untrusted + @if [ ! -f $(CBOR_INCLUDE)/$(CBOR_HEADER) ] || [ ! -f $(LIBCBOR_PATH)/$(LIBCBOR) ]; then \ + $(MAKE) -C $(CBOR_PATH) cbor_untrusted; \ + fi .PHONY: clean clean: