Chris Rankin c545a58c1d
Remote Attestation Phase 2 (#235)
* Initial host server skeleton.
* Create IASProxy project, and skeleton for attestation host.
* Fix up tests
* Extend attestation host skeleton, and make test ports configurable.
* Enhance MockIAS to make pseManifestStatus optional.
* Make IASProxy endpoints asynchronous.
* Add sub-modules for challenger and for common code.
* Create integration test for host's provisioning endpoint.
* Flesh out attestation challenger WAR.
* Package refactoring, to be more Java9 friendly.
* Refactor more messages into attestation-common.
* Remove our private key from the repository.
* Declare an empty PSE Manifest to be invalid.
* Fix basic integration test issues for challenger and host.
* Integrate keystore scripts into the build properly.
* Name keystore targets explicitly for Gradle.
* Allow HTTP conversation between Challenger, Host and ISV using session ID.
* Add MockHost for challenger's integration tests.
* Reconcile HTTP port numbers between Phase1 and Phase2 components.
* Remove elements that can be inherited from root project.
* Add placeholder README.
* Add convenient extension functions to ObjectMapper.
* Extend integration test coverage for challenger/host/isv.
* Catch IOException from HttpClient for challenger.
* Integrate host sub-module with remote-attestation project.
* Begin integrating host/enclave code from Phase I.
* Rename challenger's HTTP endpoint.
* Generate keystore for challenger "on the fly".
* Add native JNI code for accessing the SGX enclave.
* Point Gradle to the correct enclave object.
* Fixes for generating a Quote for this enclave.
* Return the IAS report to the challenger for verification.
* Begin populating the challenger's AttestationResponse message.
* Enable the challenger to pass encrypted secrets into the enclave.
* Align challenger, host and isv ports.
* Refactor challenger as a fat-jar application.
* AttestationResponse is not shared, so refactor into challenger.
* Move HttpClientContext objects into HttpClient blocks.
* Remove unused Message2 and Message3 objects.
* Add realistic dummy value for reportID from IAS.
* Small tidy-up on attestation host.
* First set of review comments.
* Add missing exception message.
* Update location of environment file.
* Use empty mock revocation lists by default.
* Improve logging and add "happy path" test for provisioning secrets.
* Update Gradle files so that we can run attestation-host from IntelliJ.
* The platformInfo field from IAS can be null, so allow this.
Also protect other JNI pointer parameters from NPE.
* Allow Gradle to build hardware enclave.
2017-12-22 14:42:42 +00:00
..
sx
2017-12-22 14:42:42 +00:00

SGX Build Container and Utilities

Project Organisation

  • Containers

    To pin down dependencies and simplify development and testing, we have a Docker image with all necessary compile- and run-time dependencies pre-installed. This image supports mounting of volumes for the user's home directory, code repository, and SGX SDK directory. It also exposes various ports for debuggable targets (JVM and native). To run SGX-enabled applications in hardware mode, the user must pass in a reference to the SGX kernel driver (which is done automagically if the sx command is used).

  • Tools

    sx is a utility that simplifies running builds and tests inside the SGX container, and also provides some additional helper functions for things like generating tags databases, starting debug servers, etc.

Getting Started

To get started, run the following commands in sgx-jvm:

> source environment
> sx help

Yielding the following output:

usage: <variables> sx <command> <options>

<command>
  build                build project in container (<directory> <arguments>)
  containers           actions related to containers
  debug                actions related to debugging
  exec                 shorthand for `containers exec core`
  get-started          build containers and key components
  help                 show help information
  hsm                  actions related to the hsm simulator
  logs                 tail application logs
  reports              actions related to reports
  shell                show information about shell commands
  tags                 actions related to tag databases

<options>
  -c                   colours = on | off (-C)
  -d                   debug = on | off (-D)
  -f                   force operation
  -h                   hardware = on | off (-s)
  -r                   target = release | pre-release (-p)
  -s                   hsm profile = simulator | development hsm (-S) | production (-P)
  -t                   tty = on | off (-T)
  -v                   verbose output

<variables>
  LINES                number of lines to return from the end of the log files (default 50)
  PORT                 port number used for connecting to the ISV (default 9080)

The first command simply sets up an alias pointing to sgx-jvm/tools/sx/sx, and enables Bash auto-completion for the various command options. For example:

> sx b<tab> # will expand to "sx build"

The second command shows all the available sub-commands and options.

If this is your first time using sx, you will most likely have to build the Docker container used for building and running the various components of the SGX projects. To do that, run the command:

> sx get-started

This command will also set up default configuration for SGX-GDB, both inside and outside of the container, and Visual Studio Code configuration if you fancy running remote debugging sessions from an IDE.

Building Components

As an example, this section will go through the process of building the various components of the remote attestation project.

Enclave

To build the enclave and sign it with a self-signed OpenSSL certificate (for testing), run the following command:

> sx build remote-attestation/enclave clean all

This command runs make -C sgx-jvm/remote-attestation/enclave clean all inside the SGX container.

To build the enclave in hardware and pre-release mode, use the -h and -p switches like this:

> sx build -hp remote-attestation/enclave clean all

Host

Similarly, to build the host (JVM-layer), you can run the following command:

> sx build remote-attestation/host

This will run gradlew in the host/ directory, with the necessary paths and environment variables set.

JNI Library

This is a native library, so you can compile it either for use with software simulation or hardware.

> sx build remote-attestation/host/native       # simulation, debug mode
# or:
> sx build -hp remote-attestation/host/native   # hardware, pre-release mode

As part of the build, as seen in host/native/Makefile, we run javah on the NativeWrapper class to extract its JNI mapping. This mapping will be written to wrapper.hpp. This means that the JVM-layer needs building prior to this step.

Running and Debugging Components

Unit Tests

The unit tests are run through Gradle inside the SGX container, with the various paths set to necessary dependencies. For instance, we need to set the java.library.path and corda.sgx.enclave.path variables to point to the JNI library and the enclave shared object, respectively. This is all done for you by the Gradle build script, the container, and the sx tool.

Provided that you have built the aforementioned components, you can now run the unit tests with the following command:

> sx build remote-attestation/host unit-tests

You can open the output report by issuing the following command:

> sx reports unit-tests

Integration Tests

Similarly, you can run the integration tests with the following command:

> sx build remote-attestation/host integration-tests

This requires that the service provider (in the future challenger and IAS proxy) is running. Say that the service is running on port 12345, you can run the tests like this:

> PORT=12345 sx build remote-attestation/host integration-tests

You can open the output report by issuing the following command:

> sx reports integration-tests

If you want to explore the logs, you can use the logs command:

> LINES=100 sx logs

Test Flow

There is also a simple attestation flow which similarly to the integration test requires the service provider to run on a specific port. This flow can be run with the sx build command.

To run the simple flow without attaching a debugger, run:

> PORT=8080 sx build remote-attestation/host run

There are a few different debug targets depending on how you want to run your debugger:

  • Local

    Runs gdb inside the Docker container (if you don't have gdb installed on your computer): run-local.

  • Remote

    Runs gdbserver inside the Docker container so that you can attach to it from the host computer or another machine: run-remote.

  • SGX

    Runs sgx-gdb inside the Docker container (if you don't have sgx-gdb installed on your computer): run-sgx. This lets you step through enclave-code, inspect stack traces in the trusted environment, etc. Obviously, this is only possible if the program has been compiled for debug and simulation mode.

For all of the above, and for the unit and integration tests, you can attach a Java debugger remotely as well, using JDWP.

Other Tools

CTags

For the C/C++ part of the project, you might wish to construct a tags file to easily jump back and forth between symbols. You can construct this either with or without the symbols from the Linux SGX SDK:

> sx tags lean remote-attestation # Remote Attestation project only
> sx tags full remote-attestation # Include symbols from the SGX SDK

Dependencies