//********************************************************************* // Main engine routine for Certificate Chain Provisioning //********************************************************************* ae_error_t certificate_chain_provisioning(const endpoint_selection_infos_t& es_info, platform_info_blob_wrapper_t* pib_wrapper) { ae_error_t status = AE_FAILURE; AESM_DBG_TRACE("enter fun"); try { do { status = do_certificate_chain_provisioning(es_info, pib_wrapper); if (status == PSE_PR_ENCLAVE_LOST_ERROR) { // // went to sleep while in enclave // in this case (beginning of flow), we should just retry, after first destroying and then reloading // note that this code gets significantly more complicated if the PSE-pr ever becomes multi-threaded // for (unsigned rcount = 0; rcount < PSEPR_LOST_ENCLAVE_RETRY_COUNT; rcount++) { CPSEPRClass::instance().unload_enclave(); if (0 != CPSEPRClass::instance().load_enclave()) { status = AE_FAILURE; break; } SaveEnclaveID(CPSEPRClass::instance().GetEID()); status = do_certificate_chain_provisioning(es_info, pib_wrapper); if (status != PSE_PR_ENCLAVE_LOST_ERROR) break; } } BREAK_IF_FAILED(status); status = AE_SUCCESS; } while (0); } catch (...) { status = AESM_PSE_PR_EXCEPTION; } SGX_DBGPRINT_PRINT_FUNCTION_AND_RETURNVAL(__FUNCTION__, status); SGX_DBGPRINT_PRINT_ANSI_STRING("End Certificate Chain Provisioning"); return status; }
ae_error_t upse_long_term_pairing(sgx_enclave_id_t enclave_id, bool* new_pairing) { ae_error_t status = AE_SUCCESS; AESM_DBG_TRACE("enter fun"); SaveEnclaveID(enclave_id); // Save the enclave ID for use in ECALLs do { status = create_sigma_long_term_pairing(new_pairing); BREAK_IF_FAILED(status); } while (0); return status; }
ae_error_t upse_certificate_provisioning(sgx_enclave_id_t enclave_id, platform_info_blob_wrapper_t* pib_wrapper) { ae_error_t status = AE_SUCCESS; AESM_DBG_TRACE("enter fun"); SaveEnclaveID(enclave_id); // Save the enclave ID for use in ECALLs do { endpoint_selection_infos_t es_info; if(AE_SUCCESS == (status = (ae_error_t)AESMLogic::endpoint_selection(es_info)) ) { status = certificate_chain_provisioning(es_info, pib_wrapper); } BREAK_IF_FAILED(status); } while (0); return status; }