ae_error_t EPIDBlob::read(epid_blob_with_cur_psvn_t& blob)
{
ae_error_t ae_ret = AE_FAILURE;
if(status == not_initialized){
uint32_t data_size = sizeof(blob_cache);
if((ae_ret=aesm_read_data(FT_PERSISTENT_STORAGE, EPID_DATA_BLOB_FID, reinterpret_cast<uint8_t *>(&blob_cache), &data_size))!=AE_SUCCESS){
goto CLEANUP_READ_FILE;
}
if( data_size != sizeof(blob_cache) )
{
ae_ret = QE_EPIDBLOB_ERROR;
goto CLEANUP_READ_FILE;
}
status = update_to_date;
CLEANUP_READ_FILE:
if(status!=update_to_date)
status = not_available;//epid blob lost
}
if(status == update_to_date){
if(memcpy_s(&blob, sizeof(blob), &blob_cache, sizeof(blob_cache))!=0){
status = not_available; //invalid
ae_ret = AE_FAILURE;
}else{
ae_ret = AE_SUCCESS;
}
}
return ae_ret;
}
ae_error_t EndpointSelectionInfo::verify_file_by_xgid(uint32_t xgid)
{
if (xgid == DEFAULT_EGID){//always return true for DEFAULT_EGID
return AE_SUCCESS;
}
aesm_server_url_infos_t urls;
uint32_t server_urls_size = sizeof(urls);
ae_error_t ae_err = aesm_read_data(FT_PERSISTENT_STORAGE, AESM_SERVER_URL_FID, reinterpret_cast<uint8_t *>(&urls), &server_urls_size, xgid);
if (AE_SUCCESS != ae_err ||
server_urls_size != sizeof(urls) ||
!is_valid_server_url_infos(urls)){
return OAL_CONFIG_FILE_ERROR;
}
return AE_SUCCESS;
}
ae_error_t XEGDBlob::verify_xegd_by_xgid(uint32_t xgid)
{
extended_epid_group_blob_t blob;
if (xgid == DEFAULT_EGID){//always return success for default xgid
return AE_SUCCESS;
}
uint32_t data_size = sizeof(blob);
ae_error_t ae_ret = aesm_read_data(FT_PERSISTENT_STORAGE, EXTENDED_EPID_GROUP_BLOB_INFO_FID, reinterpret_cast<uint8_t *>(&blob), &data_size, xgid);
if (AE_SUCCESS != ae_ret){
return ae_ret;
}
if (data_size != sizeof(blob)){
return OAL_CONFIG_FILE_ERROR;
}
ae_ret = verify(blob);
return ae_ret;
}
ae_error_t AESMLogic::save_unverified_white_list(const uint8_t *white_list_cert, uint32_t white_list_cert_size)
{
wl_cert_chain_t old_cert;
const wl_cert_chain_t *p_new_cert = reinterpret_cast<const wl_cert_chain_t *>(white_list_cert);
uint32_t old_cert_size = sizeof(old_cert);
memset(&old_cert, 0, sizeof(old_cert));
if((aesm_read_data(FT_PERSISTENT_STORAGE, AESM_WHITE_LIST_CERT_TO_BE_VERIFY_FID, reinterpret_cast<uint8_t *>(&old_cert), &old_cert_size) == AE_SUCCESS)
&& (old_cert_size == sizeof(old_cert)) && (white_list_cert_size >= sizeof(wl_cert_chain_t)))
{
if(_ntohl(p_new_cert->wl_cert.wl_version) <= _ntohl(old_cert.wl_cert.wl_version))
{
AESM_DBG_WARN("White list version downgraded! current version is %d, new version is %d",
_ntohl(old_cert.wl_cert.wl_version), _ntohl(p_new_cert->wl_cert.wl_version));
return OAL_PARAMETER_ERROR; // OAL_PARAMETER_ERROR used here is to indicate the white list is incorrect
}
}
return aesm_write_data(FT_PERSISTENT_STORAGE, AESM_WHITE_LIST_CERT_TO_BE_VERIFY_FID, white_list_cert, white_list_cert_size);
}
ae_error_t EndpointSelectionInfo::read_pek(endpoint_selection_infos_t& es_info)
{
ae_error_t ae_err=AE_SUCCESS;
uint32_t es_info_size = sizeof(es_info);
ae_err = aesm_read_data(FT_PERSISTENT_STORAGE, PROVISION_PEK_BLOB_FID, reinterpret_cast<uint8_t *>(&es_info), &es_info_size);
if(AE_SUCCESS == ae_err && (es_info_size != sizeof(es_info)||!is_valid_endpoint_selection_info(es_info))){
AESM_DBG_ERROR("Invalid ES result in persistent storage:size %d, expected size %d", es_info_size, sizeof(es_info));
ae_err = OAL_FILE_ACCESS_ERROR;
}
if(AE_SUCCESS == ae_err){
AESM_DBG_INFO("Read ES result from persistent storage successfully");
}else{
AESM_DBG_WARN("ES result in persistent storage failed to load:%d", ae_err);
}
return ae_err;
}
ae_error_t XEGDBlob::read(extended_epid_group_blob_t& blob)
{
ae_error_t ae_ret = AE_FAILURE;
if(status == not_initialized){
uint32_t data_size = sizeof(blob_cache);
if ((ae_ret = aesm_read_data(FT_PERSISTENT_STORAGE, EXTENDED_EPID_GROUP_BLOB_INFO_FID, reinterpret_cast<uint8_t *>(&blob_cache), &data_size, AESMLogic::get_active_extended_epid_group_id())) != AE_SUCCESS){
goto CLEANUP_READ_FILE;
}
if (data_size != sizeof(blob_cache)){
ae_ret = OAL_CONFIG_FILE_ERROR;
goto CLEANUP_READ_FILE;
}
ae_ret = verify(blob_cache);
if (AE_SUCCESS != ae_ret){
AESM_DBG_ERROR("signature error in XEGD file");
goto CLEANUP_READ_FILE;
}
status = update_to_date;
CLEANUP_READ_FILE:
if (status != update_to_date){
if (AESMLogic::get_active_extended_epid_group_id() == DEFAULT_EGID){
memset(&blob_cache, 0, sizeof(blob_cache));//indicate other part to use default data
status = update_to_date;
}
else{
status = not_available;//xegd blob lost
}
}
}
if(status == update_to_date){
if(memcpy_s(&blob, sizeof(blob), &blob_cache, sizeof(blob_cache))!=0){
status = not_available; //invalid
ae_ret = AE_FAILURE;
}else{
ae_ret = AE_SUCCESS;
}
}
return ae_ret;
}
//Function to read urls from configure files
ae_error_t EndpointSelectionInfo::get_url_info()
{
ae_error_t ae_err=AE_SUCCESS;
uint32_t server_urls_size = sizeof(_server_urls);
ae_err = aesm_read_data(FT_PERSISTENT_STORAGE, AESM_SERVER_URL_FID, reinterpret_cast<uint8_t *>(&_server_urls), &server_urls_size, AESMLogic::get_active_extended_epid_group_id());
if(AE_SUCCESS != ae_err ||
server_urls_size != sizeof(_server_urls)||
!is_valid_server_url_infos(_server_urls)){ //If fail to read or data format error, use default value
_is_server_url_valid = false;
if(AE_SUCCESS == ae_err){//File available but format error, report ERROR LOG
AESM_LOG_WARN("Server URL Blob file format error");
AESM_DBG_INFO("fail to read server url info from persistent storage, error code (%d), size %d, expected size %d",
ae_err, server_urls_size, sizeof(_server_urls));
ae_err = OAL_CONFIG_FILE_ERROR;
}else{
AESM_DBG_INFO("server url blob file not available in persistent storage");
}
if (AESMLogic::get_active_extended_epid_group_id() == DEFAULT_EGID){
if (strcpy_s(_server_urls.endpoint_url, MAX_PATH, DEFAULT_URL) != 0)
return AE_FAILURE;
if (strcpy_s(_server_urls.pse_rl_url, MAX_PATH, DEFAULT_PSE_RL_URL) != 0)
return AE_FAILURE;
if (strcpy_s(_server_urls.pse_ocsp_url, MAX_PATH, DEFAULT_PSE_OCSP_URL) != 0)
return AE_FAILURE;
_is_server_url_valid = true;
return AE_SUCCESS;
}
else{
return ae_err;
}
}
_is_server_url_valid = true;
return AE_SUCCESS;
}
ae_error_t upsePersistentStorage::Read(aesm_data_id_t data_id, upse::Buffer& data)
{
ae_error_t status = AESM_PSE_PR_PERSISTENT_STORAGE_READ_ERROR;
uint8_t* tempData = NULL;
do {
ae_error_t readError;
uint32_t sizeInout;
readError = aesm_query_data_size(FT_PERSISTENT_STORAGE, data_id, &sizeInout);
if ((readError != AE_SUCCESS) || (sizeInout == 0))
{
break;
}
tempData = (uint8_t*) malloc(sizeInout);
if (tempData == NULL)
{
break;
}
readError = aesm_read_data(FT_PERSISTENT_STORAGE, data_id, tempData, &sizeInout);
if (AE_SUCCESS != readError)
{
break;
}
data.Alloc(sizeInout);
upse::BufferWriter bw(data);
bw.writeRaw(tempData, sizeInout);
status = AE_SUCCESS;
} while (0);
if (NULL != tempData)
free(tempData);
return status;
}
