void cmd_mac(char *conf, char *key) { printf("# MAC information\n"); einittoken_t *token; token = load_einittoken(conf); unsigned char device_pubkey[DEVICE_KEY_LENGTH]; unsigned char device_seckey[DEVICE_KEY_LENGTH]; unsigned char launch_key[DEVICE_KEY_LENGTH]; unsigned char mac[MAC_SIZE]; //do we need this? //rsa_context *ctx; char *launch_key_str; char *mac_str; load_rsa_keys(key, device_pubkey, device_seckey, DEVICE_KEY_LENGTH_BITS); { char *pubkey_str = fmt_bytes(device_pubkey, DEVICE_KEY_LENGTH); char *seckey_str = fmt_bytes(device_seckey, DEVICE_KEY_LENGTH); printf("DEVICE PUBKEY : %s\n", pubkey_str); printf("DEVICE SECKEY : %s\n", seckey_str); free(pubkey_str); free(seckey_str); } generate_launch_key(device_seckey, launch_key); cmac(launch_key, (unsigned char *)token, 192, mac); launch_key_str = fmt_bytes(launch_key, DEVICE_KEY_LENGTH); mac_str = fmt_bytes(mac, MAC_SIZE); printf("LAUNCH LEY : %s\n", launch_key_str); printf("MAC : %s\n", mac_str); memcpy(token->mac, mac, 16); char *msg = dbg_dump_einittoken(token); printf("# EINITTOKEN START\n"); printf("%s\n", msg); printf("# EINITTOKEN END\n"); }
int main(int argc, char **argv) { int fd, ret; egate_t e; echan_t *channels; echan_t *pchan[2]; int done = 0; char *quoteenc, *quoteconf, *intelkey; unsigned char intel_pubkey[KEY_LENGTH], intel_seckey[KEY_LENGTH]; int optend; tcs_t *quotetcs; sigstruct_t *quotess; /* Parse options */ parse_options(argc, argv, "eenc, "econf, &intelkey, &optend); if (optend > argc - 1) { usage(argv[0]); exit(-1); } /* After options are done, get teh test enclave and configuration file */ fd = open(argv[1], O_RDWR); if (fd < 0) { perror("open"); exit(-1); } load_rsa_keys(intelkey, intel_pubkey, intel_seckey, KEY_LENGTH_BITS); sys_sgx_init(intel_pubkey); channels = mmap(NULL, 2*sizeof(echan_t), PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0); if (!channels) { perror("mmap"); exit(-1); } close(fd); pchan[0] = channels; pchan[1] = channels + 1; quotetcs = create_elf_enclave_conf(quoteenc, quoteconf, "ess, GDB_DEBUG); if (!quotetcs) { fprintf(stdout, "Unable to create quoting enclave.\n"); fflush(stdout); exit(-1); } egate_proxy_init(&e, quotetcs, quotess, pchan); /* Now do the while loop that serves the buffer. */ while (!done) { ecmd_t c; char buffer[2048]; ret = egate_user_poll(&e, &c, buffer, 2048); if (ret) break; if (c.t <= ECMD_LAST_SYSTEM) { // Handle predefined cmd egate_user_cmd(&e, &c, buffer, 2048, &done); } else { fprintf(stderr, "Unhandled user-specific communication " "from enclave: CMD %d LEN %lu.\n", c.t, c.len); } } munmap(channels, sizeof(2*sizeof(echan_t))); unlink(argv[1]); }
int main() { const char* testm = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaasdsdsdsdasfsadfasdfsdafasdfasdfasdfasdfsadfsadf"; BIGNUM* e; BIGNUM* n; if (load_rsa_keys(1, &e, &n) != 0) { return 1; } size_t b_size = BN_num_bytes(n); size_t m_size = strlen(testm) + 1; struct message_blocks* b = create_message_bloks(m_size, b_size); init_blocks(testm, m_size, b); size_t o_size = b->size * b->b_size; void* out_message = malloc(o_size); int ind = 0; for (; ind < b->size; ++ind) { void* out; size_t outsize; RSA_EncDec_block(b->bloks[ind], b->b_size, e, n, &out, &outsize); printf("\nOUT SIZE = %d m = %s\n", outsize, b->bloks[ind]); assert(b_size == outsize); memcpy(((char*)out_message) + ind * outsize, out, outsize); } if (load_rsa_keys(0, &e, &n) != 0) { return 1; } ind = 0; for (; ind < b->size; ++ind) { void* out; size_t outsize; printf("\nOUT SIZE = %d m = %s\n", outsize, b->bloks[ind]); RSA_EncDec_block(b->bloks[ind], b->b_size, e, n, &out, &outsize); printf("\nOUT SIZE = %d m = %s\n", outsize, b->bloks[ind]); assert(b_size == outsize); memcpy(((char*)out_message) + ind * b_size, out, b_size); } printf("------------------------%s\n", out_message); /* FILE* pfp = fopen("./keys/private.pem","r"); if (pfp == NULL) printf("sdsds"); RSA *prsa = PEM_read_RSAPrivateKey(pfp, NULL, password_cb, "12345"); if (prsa == NULL) { printf("error load pivate key\n"); fclose(pfp); return 1; } RSA_EncDec_block(out, outsize, prsa->d, prsa->n, &out, &outsize); size_t i = 0; for (; i < outsize; ++i) { printf("%c", ((char*)out)[i]); } printf("%c", '\n'); */ return 0; }
void cmd_sign(char *conf, char *key) { rsa_sig_t sign; rsa_key_t pubkey; rsa_key_t seckey; rsa_context *ctx; sigstruct_t *sigstruct; // Load sigstruct from file sigstruct = load_sigstruct(conf); // Ignore fields don't need to sign memset(sigstruct->modulus, 0, 384); sigstruct->exponent = 0; memset(sigstruct->signature, 0, 384); memset(sigstruct->q1, 0, 384); memset(sigstruct->q2, 0, 384); // Load rsa keys from file ctx = load_rsa_keys(key, pubkey, seckey, KEY_LENGTH_BITS); #if 0 { char *pubkey_str = fmt_bytes(pubkey, KEY_LENGTH); char *seckey_str = fmt_bytes(seckey, KEY_LENGTH); printf("PUBKEY: %.40s..\n", pubkey_str); printf("SECKEY: %.40s..\n", seckey_str); free(pubkey_str); free(seckey_str); } #endif // Generate rsa sign on sigstruct with private key rsa_sign(ctx, sign, (unsigned char *)sigstruct, sizeof(sigstruct_t)); // Compute q1, q2 unsigned char *q1, *q2; q1 = malloc(384); q2 = malloc(384); memset(q1, 0, 384); memset(q2, 0, 384); mpi Q1, Q2, S, M, T1, T2, R; mpi_init(&Q1); mpi_init(&Q2); mpi_init(&S); mpi_init(&M); mpi_init(&T1); mpi_init(&T2); mpi_init(&R); // q1 = signature ^ 2 / modulus mpi_read_binary(&S, sign, 384); mpi_read_binary(&M, pubkey, 384); mpi_mul_mpi(&T1, &S, &S); mpi_div_mpi(&Q1, &R, &T1, &M); // q2 = (signature ^ 3 - q1 * signature * modulus) / modulus mpi_init(&R); mpi_mul_mpi(&T1, &T1, &S); mpi_mul_mpi(&T2, &Q1, &S); mpi_mul_mpi(&T2, &T2, &M); mpi_sub_mpi(&Q2, &T1, &T2); mpi_div_mpi(&Q2, &R, &Q2, &M); mpi_write_binary(&Q1, q1, 384); mpi_write_binary(&Q2, q2, 384); mpi_free(&Q1); mpi_free(&Q2); mpi_free(&S); mpi_free(&M); mpi_free(&T1); mpi_free(&T2); mpi_free(&R); sigstruct = load_sigstruct(conf); sigstruct->exponent = 3; memcpy(sigstruct->modulus, pubkey, 384); memcpy(sigstruct->signature, sign, 384); memcpy(sigstruct->q1, q1, 384); memcpy(sigstruct->q2, q2, 384); char *msg = dump_sigstruct(sigstruct); printf("# SIGSTRUCT START\n"); printf("%s\n", msg); printf("# SIGSTRUCT END\n"); /*unsigned char exp[4] = { 0x00, 0x00, 0x00, 0x03 }; char *mod_str = fmt_bytes(pubkey, 384); char *exp_str = fmt_bytes(exp, 4); char *sign_str = fmt_bytes(sign, 384); char *q1_str = fmt_bytes(q1, 384); char *q2_str = fmt_bytes(q2, 384); printf("# sign information\n"); printf("MODULUS : %s\n", mod_str); printf("EXPONENT : %s\n", exp_str); printf("SIGNATURE : %s\n", sign_str); printf("Q1 : %s\n", q1_str); printf("Q2 : %s\n", q2_str); free(mod_str); free(exp_str); free(sign_str); unsigned char signer[32]; sha256(pubkey, KEY_LENGTH, signer, 0); char *signer_str = fmt_bytes(pubkey, 32); printf("# hash of public key\n"); printf("MRSIGNER : %s\n", signer_str);*/ }