void cmd_mac(char *conf, char *key)
{
printf("# MAC information\n");
einittoken_t *token;
token = load_einittoken(conf);
unsigned char device_pubkey[DEVICE_KEY_LENGTH];
unsigned char device_seckey[DEVICE_KEY_LENGTH];
unsigned char launch_key[DEVICE_KEY_LENGTH];
unsigned char mac[MAC_SIZE];
//do we need this?
//rsa_context *ctx;
char *launch_key_str;
char *mac_str;
load_rsa_keys(key, device_pubkey, device_seckey, DEVICE_KEY_LENGTH_BITS);
{
char *pubkey_str = fmt_bytes(device_pubkey, DEVICE_KEY_LENGTH);
char *seckey_str = fmt_bytes(device_seckey, DEVICE_KEY_LENGTH);
printf("DEVICE PUBKEY : %s\n", pubkey_str);
printf("DEVICE SECKEY : %s\n", seckey_str);
free(pubkey_str);
free(seckey_str);
}
generate_launch_key(device_seckey, launch_key);
cmac(launch_key, (unsigned char *)token, 192, mac);
launch_key_str = fmt_bytes(launch_key, DEVICE_KEY_LENGTH);
mac_str = fmt_bytes(mac, MAC_SIZE);
printf("LAUNCH LEY : %s\n", launch_key_str);
printf("MAC : %s\n", mac_str);
memcpy(token->mac, mac, 16);
char *msg = dbg_dump_einittoken(token);
printf("# EINITTOKEN START\n");
printf("%s\n", msg);
printf("# EINITTOKEN END\n");
}
int main(int argc, char **argv)
{
int fd, ret;
egate_t e;
echan_t *channels;
echan_t *pchan[2];
int done = 0;
char *quoteenc, *quoteconf, *intelkey;
unsigned char intel_pubkey[KEY_LENGTH], intel_seckey[KEY_LENGTH];
int optend;
tcs_t *quotetcs;
sigstruct_t *quotess;
/* Parse options */
parse_options(argc, argv, "eenc, "econf, &intelkey, &optend);
if (optend > argc - 1) {
usage(argv[0]);
exit(-1);
}
/* After options are done, get teh test enclave and configuration file */
fd = open(argv[1], O_RDWR);
if (fd < 0) {
perror("open");
exit(-1);
}
load_rsa_keys(intelkey, intel_pubkey, intel_seckey, KEY_LENGTH_BITS);
sys_sgx_init(intel_pubkey);
channels = mmap(NULL, 2*sizeof(echan_t), PROT_READ|PROT_WRITE, MAP_SHARED,
fd, 0);
if (!channels) {
perror("mmap");
exit(-1);
}
close(fd);
pchan[0] = channels;
pchan[1] = channels + 1;
quotetcs = create_elf_enclave_conf(quoteenc, quoteconf, "ess, GDB_DEBUG);
if (!quotetcs) {
fprintf(stdout, "Unable to create quoting enclave.\n");
fflush(stdout);
exit(-1);
}
egate_proxy_init(&e, quotetcs, quotess, pchan);
/* Now do the while loop that serves the buffer. */
while (!done) {
ecmd_t c;
char buffer[2048];
ret = egate_user_poll(&e, &c, buffer, 2048);
if (ret) break;
if (c.t <= ECMD_LAST_SYSTEM) {
// Handle predefined cmd
egate_user_cmd(&e, &c, buffer, 2048, &done);
} else {
fprintf(stderr,
"Unhandled user-specific communication "
"from enclave: CMD %d LEN %lu.\n",
c.t, c.len);
}
}
munmap(channels, sizeof(2*sizeof(echan_t)));
unlink(argv[1]);
}
int main()
{
const char* testm = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaasdsdsdsdasfsadfasdfsdafasdfasdfasdfasdfsadfsadf";
BIGNUM* e;
BIGNUM* n;
if (load_rsa_keys(1, &e, &n) != 0) {
return 1;
}
size_t b_size = BN_num_bytes(n);
size_t m_size = strlen(testm) + 1;
struct message_blocks* b = create_message_bloks(m_size, b_size);
init_blocks(testm, m_size, b);
size_t o_size = b->size * b->b_size;
void* out_message = malloc(o_size);
int ind = 0;
for (; ind < b->size; ++ind) {
void* out;
size_t outsize;
RSA_EncDec_block(b->bloks[ind], b->b_size, e, n, &out, &outsize);
printf("\nOUT SIZE = %d m = %s\n", outsize, b->bloks[ind]);
assert(b_size == outsize);
memcpy(((char*)out_message) + ind * outsize, out, outsize);
}
if (load_rsa_keys(0, &e, &n) != 0) {
return 1;
}
ind = 0;
for (; ind < b->size; ++ind) {
void* out;
size_t outsize;
printf("\nOUT SIZE = %d m = %s\n", outsize, b->bloks[ind]);
RSA_EncDec_block(b->bloks[ind], b->b_size, e, n, &out, &outsize);
printf("\nOUT SIZE = %d m = %s\n", outsize, b->bloks[ind]);
assert(b_size == outsize);
memcpy(((char*)out_message) + ind * b_size, out, b_size);
}
printf("------------------------%s\n", out_message);
/*
FILE* pfp = fopen("./keys/private.pem","r");
if (pfp == NULL) printf("sdsds");
RSA *prsa = PEM_read_RSAPrivateKey(pfp, NULL, password_cb, "12345");
if (prsa == NULL) {
printf("error load pivate key\n");
fclose(pfp);
return 1;
}
RSA_EncDec_block(out, outsize, prsa->d, prsa->n, &out, &outsize);
size_t i = 0;
for (; i < outsize; ++i) {
printf("%c", ((char*)out)[i]);
}
printf("%c", '\n');
*/
return 0;
}
void cmd_sign(char *conf, char *key)
{
rsa_sig_t sign;
rsa_key_t pubkey;
rsa_key_t seckey;
rsa_context *ctx;
sigstruct_t *sigstruct;
// Load sigstruct from file
sigstruct = load_sigstruct(conf);
// Ignore fields don't need to sign
memset(sigstruct->modulus, 0, 384);
sigstruct->exponent = 0;
memset(sigstruct->signature, 0, 384);
memset(sigstruct->q1, 0, 384);
memset(sigstruct->q2, 0, 384);
// Load rsa keys from file
ctx = load_rsa_keys(key, pubkey, seckey, KEY_LENGTH_BITS);
#if 0
{
char *pubkey_str = fmt_bytes(pubkey, KEY_LENGTH);
char *seckey_str = fmt_bytes(seckey, KEY_LENGTH);
printf("PUBKEY: %.40s..\n", pubkey_str);
printf("SECKEY: %.40s..\n", seckey_str);
free(pubkey_str);
free(seckey_str);
}
#endif
// Generate rsa sign on sigstruct with private key
rsa_sign(ctx, sign, (unsigned char *)sigstruct, sizeof(sigstruct_t));
// Compute q1, q2
unsigned char *q1, *q2;
q1 = malloc(384);
q2 = malloc(384);
memset(q1, 0, 384);
memset(q2, 0, 384);
mpi Q1, Q2, S, M, T1, T2, R;
mpi_init(&Q1);
mpi_init(&Q2);
mpi_init(&S);
mpi_init(&M);
mpi_init(&T1);
mpi_init(&T2);
mpi_init(&R);
// q1 = signature ^ 2 / modulus
mpi_read_binary(&S, sign, 384);
mpi_read_binary(&M, pubkey, 384);
mpi_mul_mpi(&T1, &S, &S);
mpi_div_mpi(&Q1, &R, &T1, &M);
// q2 = (signature ^ 3 - q1 * signature * modulus) / modulus
mpi_init(&R);
mpi_mul_mpi(&T1, &T1, &S);
mpi_mul_mpi(&T2, &Q1, &S);
mpi_mul_mpi(&T2, &T2, &M);
mpi_sub_mpi(&Q2, &T1, &T2);
mpi_div_mpi(&Q2, &R, &Q2, &M);
mpi_write_binary(&Q1, q1, 384);
mpi_write_binary(&Q2, q2, 384);
mpi_free(&Q1);
mpi_free(&Q2);
mpi_free(&S);
mpi_free(&M);
mpi_free(&T1);
mpi_free(&T2);
mpi_free(&R);
sigstruct = load_sigstruct(conf);
sigstruct->exponent = 3;
memcpy(sigstruct->modulus, pubkey, 384);
memcpy(sigstruct->signature, sign, 384);
memcpy(sigstruct->q1, q1, 384);
memcpy(sigstruct->q2, q2, 384);
char *msg = dump_sigstruct(sigstruct);
printf("# SIGSTRUCT START\n");
printf("%s\n", msg);
printf("# SIGSTRUCT END\n");
/*unsigned char exp[4] = { 0x00, 0x00, 0x00, 0x03 };
char *mod_str = fmt_bytes(pubkey, 384);
char *exp_str = fmt_bytes(exp, 4);
char *sign_str = fmt_bytes(sign, 384);
char *q1_str = fmt_bytes(q1, 384);
char *q2_str = fmt_bytes(q2, 384);
printf("# sign information\n");
printf("MODULUS : %s\n", mod_str);
printf("EXPONENT : %s\n", exp_str);
printf("SIGNATURE : %s\n", sign_str);
printf("Q1 : %s\n", q1_str);
printf("Q2 : %s\n", q2_str);
free(mod_str);
free(exp_str);
free(sign_str);
unsigned char signer[32];
sha256(pubkey, KEY_LENGTH, signer, 0);
char *signer_str = fmt_bytes(pubkey, 32);
printf("# hash of public key\n");
printf("MRSIGNER : %s\n", signer_str);*/
}
