Commit Graph

3 Commits

Author SHA1 Message Date
josecoll
729aa65e7f Merge from R3 Corda 3.0 Dev Preview release branch to master 2018-01-13 11:00:01 +00:00
Chris Rankin
c545a58c1d
Remote Attestation Phase 2 (#235)
* Initial host server skeleton.
* Create IASProxy project, and skeleton for attestation host.
* Fix up tests
* Extend attestation host skeleton, and make test ports configurable.
* Enhance MockIAS to make pseManifestStatus optional.
* Make IASProxy endpoints asynchronous.
* Add sub-modules for challenger and for common code.
* Create integration test for host's provisioning endpoint.
* Flesh out attestation challenger WAR.
* Package refactoring, to be more Java9 friendly.
* Refactor more messages into attestation-common.
* Remove our private key from the repository.
* Declare an empty PSE Manifest to be invalid.
* Fix basic integration test issues for challenger and host.
* Integrate keystore scripts into the build properly.
* Name keystore targets explicitly for Gradle.
* Allow HTTP conversation between Challenger, Host and ISV using session ID.
* Add MockHost for challenger's integration tests.
* Reconcile HTTP port numbers between Phase1 and Phase2 components.
* Remove elements that can be inherited from root project.
* Add placeholder README.
* Add convenient extension functions to ObjectMapper.
* Extend integration test coverage for challenger/host/isv.
* Catch IOException from HttpClient for challenger.
* Integrate host sub-module with remote-attestation project.
* Begin integrating host/enclave code from Phase I.
* Rename challenger's HTTP endpoint.
* Generate keystore for challenger "on the fly".
* Add native JNI code for accessing the SGX enclave.
* Point Gradle to the correct enclave object.
* Fixes for generating a Quote for this enclave.
* Return the IAS report to the challenger for verification.
* Begin populating the challenger's AttestationResponse message.
* Enable the challenger to pass encrypted secrets into the enclave.
* Align challenger, host and isv ports.
* Refactor challenger as a fat-jar application.
* AttestationResponse is not shared, so refactor into challenger.
* Move HttpClientContext objects into HttpClient blocks.
* Remove unused Message2 and Message3 objects.
* Add realistic dummy value for reportID from IAS.
* Small tidy-up on attestation host.
* First set of review comments.
* Add missing exception message.
* Update location of environment file.
* Use empty mock revocation lists by default.
* Improve logging and add "happy path" test for provisioning secrets.
* Update Gradle files so that we can run attestation-host from IntelliJ.
* The platformInfo field from IAS can be null, so allow this.
Also protect other JNI pointer parameters from NPE.
* Allow Gradle to build hardware enclave.
2017-12-22 14:42:42 +00:00
Chris Rankin
2725f53ef5
ENT-1074 - Proof-of-concept ISV for SGX remote attestation (#161)
* Initial WIP.
* Configure IAS host via system properties.
* Create separate Gretty configurations for testing and for IAS.
* (WIP) Separate configuration values from WAR; Add msg3 -> msg4 handling.
* Check the IAS report's cryptographic signature.
* Accept CertPath from IAS instead of a Certificate.
* Validate the certificate chain for the IAS report.
* Refactor response handling, and add a secret to Message4.
* Append public DH keys to generated shared secret.
* Use DH secret to generate a 256 bit AES key.
* Fix runISV Gradle task so that it creates WAR file.
* Migrate MockIAS service into a separate package.
* Remove unused aesCMAC field from Message3.
* Configure HTTP sessions to expire after 10 idle minutes.
* Ensure we select the "isv" key for MTLS with Intel Attestation Service.
* Set key alias for Intel's public certificate.
* Implement GET /attest/provision endpoint.
* Use elliptic curves for Diffie-Hellman keys.
* Pass public keys as Little Endian byte arrays without ASN.1 encoding.
* Add AES-CMAC signature to Message2.
* Remove signature fields from QUOTE body for sending to IAS.
* Add a dummy AES-CMAC field to Message3 for later validation.
* Generate AEC-CMAC for Message 3, and refactor crypto functionality.
* Calculate AES-CMAC using AES/CBC/PKCS5Padding algorithm.
* Use BouncyCastle's AESCMAC algorithm for MAC calculation.
* Include standard crypto test vectors to the unit tests.
* Encrypt MSG3 secret using AES/GCM/NoPadding with 128 bit key.
* Hash shared key with Little Endian versions of public keys.
* Refactor so that hexToBytes() is a utility.
* Simplify signing of MocKIAS report.
* Separate AES/GCM authentication tag from the encrypted data.
* Create /ias/report endpoint for ISV which proxies IAS.
* Remove unnecessary @Throws from MockIAS handlers.
* Log HTTP error status from IAS.
* Replace runISV task with startISV and stopISV tasks.
* Refactor tests to use CryptoProvider @Rule instead of @Suite.
* Move Web server for integration tests to use non-production ports.
* Add proxy endpoint for IAS revocation list.
* Generate an ECDSA "service key" for signing (gb|ga).
* Generate a persistent key-pair for the ISV to sign with.
* Verify the (Gb|Ga) signature from Message2.
* Add debugging aids.
* Fix Gradle warning.
* Remove TLV header from Platform Info Body for MSG4.
* Small tidy-up.
* Use SPID "as-is" when calculating CMAC for MSG2.
* Add DEBUG messages for MSG2's KDK and SMK values (AES-CMAC).
* Add DEBUG logging for ECDH shared secret.
* More DEBUG logging.
* The ECDH shared secret *is* the x-coordinate: no need to subrange.
* Adjust MockIAS to return an empty revocationList for GID 0000000b.
* Fix ArrayOutOfBoundsException for "small" integer values.
* Test MSG1 with empty revocation list.
* Add extra logging for IAS report request.
* ReportResponse object cannot be null.
* Fix misreading of spec - don't remove quote's signature when requesting report from IAS.
* Log invalid contents of X-IAS-Report-Signing-Certificate HTTP header.
* Build CertPath for IAS from explicit list of Certificates.
* Rename quote fields on IAS ReportResponse to match Intel.
* Log report ID and quote status from IAS.
* Add a revocation list checker to the certificate path validator.
* Tweak revocation list options, depending on IAS vs MockIAS.
* Extract Intel's certificate specifically by alias for PKIX.
* Tune quote body returned by MockIAS.
* Add AES-CMAC field to Message4 for validation.
* Increase GCM authentication tag to 128 bits.
* Receive platformInfoBlob from IAS as hexadecimal string.
* Generate secret encryption key using KDK and SK values.
* Marshall platformInfoBlob between Base16 string and ByteArray.
* Interpret status results from IAS as enums.
* Use lateinit for HttpServletRequest field.
* Refactor ExceptionHandler out of messages package.
* Alias is for ISV, so rename it.
* Refactor classes into more correct packages.
* Use random 96 bit IV for GCM encryption.
* Parameterise HTTP/HTTPS ports via Gradle.
* Do not forward a securityManifest containing only zeros to IAS.
* Address review comments.
* Review comment: Use NativePRNGNonBlocking for SecureRandom.
* Rename isv.pfx to isv-svc.pfx
* Rename keystore to isv.pfx, for clarity.
* Update scripts so that they no longer require user input.
* Generate isv.pfx from the key and certificates.
* Remove private key from repository.
* Declare an empty PSE Manifest to be invalid.
* Generate keystores "on the fly".
* Rename integration tests to end in "IT" instead of "Test".
* Add README
* Turn remote-attestation into a separate Gradle project.
2017-12-12 13:34:26 +00:00