mirror of
https://github.com/corda/corda.git
synced 2025-01-03 19:54:13 +00:00
c545a58c1d
* Initial host server skeleton. * Create IASProxy project, and skeleton for attestation host. * Fix up tests * Extend attestation host skeleton, and make test ports configurable. * Enhance MockIAS to make pseManifestStatus optional. * Make IASProxy endpoints asynchronous. * Add sub-modules for challenger and for common code. * Create integration test for host's provisioning endpoint. * Flesh out attestation challenger WAR. * Package refactoring, to be more Java9 friendly. * Refactor more messages into attestation-common. * Remove our private key from the repository. * Declare an empty PSE Manifest to be invalid. * Fix basic integration test issues for challenger and host. * Integrate keystore scripts into the build properly. * Name keystore targets explicitly for Gradle. * Allow HTTP conversation between Challenger, Host and ISV using session ID. * Add MockHost for challenger's integration tests. * Reconcile HTTP port numbers between Phase1 and Phase2 components. * Remove elements that can be inherited from root project. * Add placeholder README. * Add convenient extension functions to ObjectMapper. * Extend integration test coverage for challenger/host/isv. * Catch IOException from HttpClient for challenger. * Integrate host sub-module with remote-attestation project. * Begin integrating host/enclave code from Phase I. * Rename challenger's HTTP endpoint. * Generate keystore for challenger "on the fly". * Add native JNI code for accessing the SGX enclave. * Point Gradle to the correct enclave object. * Fixes for generating a Quote for this enclave. * Return the IAS report to the challenger for verification. * Begin populating the challenger's AttestationResponse message. * Enable the challenger to pass encrypted secrets into the enclave. * Align challenger, host and isv ports. * Refactor challenger as a fat-jar application. * AttestationResponse is not shared, so refactor into challenger. * Move HttpClientContext objects into HttpClient blocks. * Remove unused Message2 and Message3 objects. * Add realistic dummy value for reportID from IAS. * Small tidy-up on attestation host. * First set of review comments. * Add missing exception message. * Update location of environment file. * Use empty mock revocation lists by default. * Improve logging and add "happy path" test for provisioning secrets. * Update Gradle files so that we can run attestation-host from IntelliJ. * The platformInfo field from IAS can be null, so allow this. Also protect other JNI pointer parameters from NPE. * Allow Gradle to build hardware enclave.
105 lines
4.1 KiB
Plaintext
105 lines
4.1 KiB
Plaintext
enclave {
|
|
from "sgx_tkey_exchange.edl" import *;
|
|
include "sgx_key_exchange.h"
|
|
include "sgx_tseal.h"
|
|
|
|
trusted {
|
|
|
|
/**
|
|
* Initialize the remote attestation process.
|
|
*
|
|
* @param usePlatformServices If true, the enclave establishes a
|
|
* session with the PSE before initializing the attestation context.
|
|
* This provides additional nonce replay protection and a reliable
|
|
* monotonic counter.
|
|
* @param challengerKey ECDSA public key of the challenger with the 8
|
|
* magic bytes removed, and X and Y components changed to little
|
|
* endian.
|
|
* @param context The variable receiving the context constructed during
|
|
* initialization.
|
|
*
|
|
* @return Status code indicative of the outcome of the operation.
|
|
*/
|
|
public sgx_status_t initializeRemoteAttestation(
|
|
bool usePlatformServices,
|
|
[in] const sgx_ec256_public_t *challengerKey,
|
|
[out] sgx_ra_context_t *context
|
|
);
|
|
|
|
/**
|
|
* Clean up and finalize the remote attestation process.
|
|
*
|
|
* @param context The context constructed during initialization.
|
|
*
|
|
* @return SGX_SUCCESS if successful, or SGX_ERROR_INVALID_PARAMETER if
|
|
* an invalid context is provided.
|
|
*/
|
|
public sgx_status_t finalizeRemoteAttestation(
|
|
sgx_ra_context_t context
|
|
);
|
|
|
|
/**
|
|
* Verify CMAC of attestation result from challenger using the MK key.
|
|
*
|
|
* @param context The context constructed during initialization.
|
|
* @param message The status obtained from the challenger as part of
|
|
* the attestation result.
|
|
* @param messageSize The size of the attestation status payload.
|
|
* @param cmac The CMAC received from the challenger.
|
|
* @param cmacSize The size of the CMAC received.
|
|
*
|
|
* @return Status code indicative of the outcome of the operation.
|
|
*/
|
|
public sgx_status_t verifyCMAC(
|
|
sgx_ra_context_t context,
|
|
[in,size=messageSize] const uint8_t *message,
|
|
size_t messageSize,
|
|
[in,size=cmacSize] const uint8_t *cmac,
|
|
size_t cmacSize
|
|
);
|
|
|
|
/**
|
|
* Verify an attestation response from the service provider.
|
|
*
|
|
* @param context The context constructed during initialization.
|
|
* @param secret Message containing the secret.
|
|
* @param secretSize Size of the secret message, in bytes.
|
|
* @param gcmIV The initialization vector used in the decryption.
|
|
* @param gcmMac Pointer to the AES-GCM MAC for the secret message.
|
|
* @param gcmMacSize Size of the AES-GCM MAC.
|
|
* @param sealedSecret Pre-allocated buffer receiving the sealed
|
|
* secret. If NULL, the sealed secret will not be returned.
|
|
* @param maxSealedSecretSize The maximum size of the sealed secret.
|
|
* This must be less than or equal to the size of the pre-allocated
|
|
* buffer above, and no larger than the upper limit of 128 bytes.
|
|
*
|
|
* @return Status code indicative of the outcome of the operation.
|
|
*/
|
|
public sgx_status_t verifyAttestationResponse(
|
|
sgx_ra_context_t context,
|
|
[in,size=secretSize] const uint8_t *secret,
|
|
size_t secretSize,
|
|
[in,count=12] const uint8_t *gcmIV,
|
|
[in,size=gcmMacSize] const uint8_t *gcmMac,
|
|
size_t gcmMacSize,
|
|
[out,size=maxSealedSecretSize] uint8_t *sealedSecret,
|
|
size_t maxSealedSecretSize
|
|
);
|
|
|
|
/**
|
|
* Check whether the application enclave is able to unseal a secret.
|
|
*
|
|
* @param sealedSecret The previously sealed secret.
|
|
* @param sealedSecretSize The size of the sealed secret.
|
|
*
|
|
* @return Status code indicative of the outcome of the operation.
|
|
*/
|
|
public sgx_status_t unsealSecret(
|
|
[in,size=sealedSecretSize] uint8_t *sealedSecret,
|
|
size_t sealedSecretSize
|
|
);
|
|
|
|
};
|
|
|
|
};
|