From bd21dace146c3c9b5af6d73320c2c6e7e52bab8e Mon Sep 17 00:00:00 2001 From: woxim Date: Fri, 15 Mar 2024 21:05:51 +0800 Subject: [PATCH 1/4] wallfacer1.0_modify --- .../encrypt/CMakeLists.txt | 38 + .../encrypt/enclave/CMakeLists.txt | 220 +++++ .../encrypt/enclave/Enclave.config.xml | 12 + .../encrypt/enclave/Enclave.lds | 11 + .../encrypt/enclave/common_utils.h | 58 ++ .../encrypt/enclave/hello.c | 917 ++++++++++++++++++ .../encrypt/enclave/manifest.txt.in | 8 + .../encrypt/enclave/rsa_public_key_cloud.pem | 11 + .../Wallfacer1.0-modify/encrypt/enclave/sm3.h | 190 ++++ .../Wallfacer1.0-modify/encrypt/enclave/sm4.h | 103 ++ .../Wallfacer1.0-modify/encrypt/encrypt.edl | 28 + .../encrypt/host/CMakeLists.txt | 120 +++ .../Wallfacer1.0-modify/encrypt/host/db.sh | 29 + .../Wallfacer1.0-modify/encrypt/host/dbend.sh | 23 + .../Wallfacer1.0-modify/encrypt/host/main.c | 253 +++++ .../Wallfacer1.0-modify/verify/CMakeLists.txt | 39 + .../verify/enclave/CMakeLists.txt | 157 +++ .../verify/enclave/Enclave.config.xml | 12 + .../verify/enclave/Enclave.lds | 11 + .../verify/enclave/enclave.cpp | 705 ++++++++++++++ .../verify/enclave/manifest.txt.in | 8 + .../verify/enclave/rsa_public_key_cloud.pem | 11 + .../verify/host/CMakeLists.txt | 93 ++ .../Wallfacer1.0-modify/verify/host/main.cpp | 103 ++ .../Wallfacer1.0-modify/verify/verify.edl | 28 + 25 files changed, 3188 insertions(+) create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/manifest.txt.in create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/rsa_public_key_cloud.pem create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm3.h create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt new file mode 100644 index 00000000..ce7892d9 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt @@ -0,0 +1,38 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +project(enclave C) + +set(CMAKE_C_STANDARD 99) + +set(CURRENT_ROOT_PATH ${CMAKE_CURRENT_SOURCE_DIR}) + +#set edl name +set(EDL_FILE encrypt.edl) +set(CODEGEN codegen) + +if(CC_GP) + set(CODETYPE trustzone) + set(UUID f68fd704-6eb1-4d14-b218-722850eb3ef0) + add_definitions(-DPATH="/data/${UUID}.sec") +endif() + +if(CC_SGX) + set(CODETYPE sgx) + add_definitions(-DPATH="${CMAKE_CURRENT_BINARY_DIR}/enclave/enclave.signed.so") +endif() + +if(CC_PL) + set(CODETYPE penglai) + add_definitions(-DPATH="${CMAKE_CURRENT_SOURCE_DIR}/enclave/penglai-ELF") +endif() + +add_subdirectory(${CURRENT_ROOT_PATH}/enclave) +add_subdirectory(${CURRENT_ROOT_PATH}/host) diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt new file mode 100644 index 00000000..a41cf01f --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt @@ -0,0 +1,220 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +#set auto code prefix +set(PREFIX encrypt) + +#set sign key +set(PEM Enclave_private.pem) + +#set sign tool +set(SIGN_TOOL ${LOCAL_ROOT_PATH}/tools/sign_tool/sign_tool.sh) + +#set enclave src code +set(SOURCE_FILES ${CMAKE_CURRENT_SOURCE_DIR}/hello.c) + +#set log level +set(PRINT_LEVEL 3) +add_definitions(-DPRINT_LEVEL=${PRINT_LEVEL}) + +if(CC_GP) + #set signed output + set(OUTPUT ${UUID}.sec) + #set whilelist. default: /vendor/bin/teec_hello + set(WHITE_LIST_0 /vendor/bin/enclave) + set(WHITE_LIST_OWNER root) + set(WHITE_LIST_1 /vendor/bin/secgear_helloworld) + set(WHITELIST WHITE_LIST_0 WHITE_LIST_1) + + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) +endif() + +if(CC_SGX) + set(OUTPUT enclave.signed.so) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include) +endif() + +if(CC_PL) + set(OUTPUT penglai-ELF) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/penglai) +endif() + +set(COMMON_C_FLAGS "-W -Wall -Werror -fno-short-enums -fno-omit-frame-pointer -fstack-protector \ + -Wstack-protector --param ssp-buffer-size=4 -frecord-gcc-switches -Wextra -nostdinc -nodefaultlibs \ + -fno-peephole -fno-peephole2 -Wno-main -Wno-error=unused-parameter \ + -Wno-error=unused-but-set-variable -Wno-error=format-truncation=") + +set(COMMON_C_LINK_FLAGS "-Wl,-z,now -Wl,-z,relro -Wl,-z,noexecstack -Wl,-nostdlib -nodefaultlibs -nostartfiles") + +if(CC_GP) + + set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -march=armv8-a ") + set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s -fPIC") + set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-s") + + set(ITRUSTEE_TEEDIR ${SDK_PATH}/) + set(ITRUSTEE_LIBC ${SDK_PATH}/thirdparty/open_source/musl/libc) + + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_BINARY_DIR}/lib/) + endif() + + add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) + + target_include_directories( ${PREFIX} PRIVATE + ${CMAKE_CURRENT_BINARY_DIR} + ${CMAKE_BINARY_DIR}/inc + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/gp + ${LOCAL_ROOT_PATH}/inc/enclave_inc + ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp + ${ITRUSTEE_TEEDIR}/include/TA + ${ITRUSTEE_TEEDIR}/include/TA/huawei_ext + ${ITRUSTEE_LIBC}/arch/aarch64 + ${ITRUSTEE_LIBC}/ + ${ITRUSTEE_LIBC}/arch/arm/bits + ${ITRUSTEE_LIBC}/arch/generic + ${ITRUSTEE_LIBC}/arch/arm + ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp/itrustee) + + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${PREFIX} PRIVATE + ${CMAKE_BINARY_DIR}/lib/) + endif() + + foreach(WHITE_LIST ${WHITELIST}) + add_definitions(-D${WHITE_LIST}="${${WHITE_LIST}}") + endforeach(WHITE_LIST) + add_definitions(-DWHITE_LIST_OWNER="${WHITE_LIST_OWNER}") + + target_link_libraries(${PREFIX} -lsecgear_tee) + + #for trustzone compiling, you should connact us to get config and private_key.pem for test, so we will not sign and install binary in this example # + # add_custom_command(TARGET ${PREFIX} + # POST_BUILD + # COMMAND bash ${SIGN_TOOL} -d sign -x trustzone -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -c ${CMAKE_CURRENT_SOURCE_DIR}/manifest.txt -m ${CMAKE_CURRENT_SOURCE_DIR}/config_cloud.ini -o ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT}) + + # install(FILES ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT} + # DESTINATION /data + # PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + +endif() + +if(CC_SGX) + set(SGX_DIR ${SDK_PATH}) + set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -m64 -fvisibility=hidden") + set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + set(LINK_LIBRARY_PATH ${SGX_DIR}/lib64) + + if(CC_SIM) + set(Trts_Library_Name sgx_trts_sim) + set(Service_Library_Name sgx_tservice_sim) + else() + set(Trts_Library_Name sgx_trts) + set(Service_Library_Name sgx_tservice) + endif() + + set(Crypto_Library_Name sgx_tcrypto) + + set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-z,defs -Wl,-pie -Bstatic -Bsymbolic -eenclave_entry \ + -Wl,--export-dynamic -Wl,--defsym,__ImageBase=0 -Wl,--gc-sections -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/Enclave.lds") + + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${LINK_LIBRARY_PATH}) + endif() + + add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) + + target_include_directories(${PREFIX} PRIVATE + ${CMAKE_CURRENT_BINARY_DIR} + ${SGX_DIR}/include/tlibc + ${SGX_DIR}/include/libcxx + ${SGX_DIR}/include + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/sgx) + + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${PREFIX} PRIVATE + ${LINK_LIBRARY_PATH}) + endif() + + target_link_libraries(${PREFIX} -Wl,--whole-archive ${Trts_Library_Name} -Wl,--no-whole-archive + -Wl,--start-group -lsgx_tstdc -lsgx_tcxx -l${Crypto_Library_Name} -l${Service_Library_Name} -Wl,--end-group) + # target_link_libraries(${PREFIX} /usr/lib/x86_64-linux-gnu/libmemcached.so) + add_custom_command(TARGET ${PREFIX} + POST_BUILD + COMMAND umask 0177 + COMMAND openssl genrsa -3 -out ${PEM} 3072 + COMMAND bash ${SIGN_TOOL} -d sign -x sgx -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -k ${PEM} -o ${OUTPUT} -c ${CMAKE_CURRENT_SOURCE_DIR}/Enclave.config.xml) +endif() + +if(NOT DEFINED CC_PL) + set_target_properties(${PREFIX} PROPERTIES SKIP_BUILD_RPATH TRUE) +endif() + +if(CC_PL) + set(SDK_LIB_DIR ${SDK_PATH}/lib) + set(SDK_INCLUDE_DIR ${SDK_LIB_DIR}/app/include) + set(SDK_APP_LIB ${SDK_LIB_DIR}/libpenglai-enclave-eapp.a) + set(MUSL_LIB_DIR ${SDK_PATH}/musl/lib) + set(MUSL_LIBC ${MUSL_LIB_DIR}/libc.a) + set(GCC_LIB ${SDK_LIB_DIR}/libgcc.a) + set(SECGEAR_TEE_LIB ${CMAKE_BINARY_DIR}/lib/libsecgear_tee.a) + + set(SOURCE_C_OBJS "") + foreach(SOURCE_FILE ${SOURCE_FILES}) + STRING(REGEX REPLACE ".+/(.+)\\..*" "\\1" SOURCE_FILE_NAME ${SOURCE_FILE}) + set(SOURCE_OBJ ${CMAKE_CURRENT_BINARY_DIR}/${SOURCE_FILE_NAME}.o) + add_custom_command( + OUTPUT ${SOURCE_OBJ} + DEPENDS ${SOURCE_FILES} + COMMAND gcc -Wall -I${SDK_INCLUDE_DIR} -I${CMAKE_CURRENT_BINARY_DIR} -I${CMAKE_BINARY_DIR}/inc + -I${LOCAL_ROOT_PATH}/inc/host_inc -I${LOCAL_ROOT_PATH}/inc/host_inc/penglai -I${LOCAL_ROOT_PATH}/inc/enclave_inc + -I${LOCAL_ROOT_PATH}/inc/enclave_inc/penglai -c -o ${SOURCE_OBJ} ${SOURCE_FILE} + COMMENT "generate SOURCE_OBJ" + ) + list(APPEND SOURCE_C_OBJS ${SOURCE_OBJ}) + endforeach() + + set(APP_C_OBJ ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.o) + add_custom_command( + OUTPUT ${APP_C_OBJ} + DEPENDS ${AUTO_FILES} + COMMAND gcc -Wall -I${SDK_INCLUDE_DIR} -I${CMAKE_CURRENT_BINARY_DIR} -I${CMAKE_BINARY_DIR}/inc + -I${LOCAL_ROOT_PATH}/inc/host_inc -I${LOCAL_ROOT_PATH}/inc/host_inc/penglai -I${LOCAL_ROOT_PATH}/inc/enclave_inc + -I${LOCAL_ROOT_PATH}/inc/enclave_inc/penglai -c -o ${APP_C_OBJ} ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c + COMMENT "generate APP_C_OBJ" + ) + + add_custom_command( + OUTPUT ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} + DEPENDS ${APP_C_OBJ} ${SOURCE_C_OBJS} ${SDK_APP_LIB} ${MUSL_LIBC} ${GCC_LIB} + COMMAND ld -static -L${SDK_LIB_DIR} -L${MUSL_LIB_DIR} -L/usr/lib64 -lpenglai-enclave-eapp -lsecgear_tee -lc + -o ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} ${APP_C_OBJ} ${SOURCE_C_OBJS} ${SDK_APP_LIB} ${SECGEAR_TEE_LIB} + ${MUSL_LIBC} ${GCC_LIB} -T ${SDK_PATH}/app.lds + COMMAND chmod -x ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} + COMMENT "generate penglai-ELF" + ) + add_custom_target( + ${OUTPUT} ALL + DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} + COMMENT "makefile target penglai-ELF" + ) + +endif() diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml new file mode 100644 index 00000000..e94c9bc5 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml @@ -0,0 +1,12 @@ + + 0 + 0 + 0x40000 + 0x100000 + 10 + 1 + + 0 + 0 + 0xFFFFFFFF + diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds new file mode 100644 index 00000000..ab77e647 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds @@ -0,0 +1,11 @@ +enclave.so +{ + global: + g_global_data_sim; + g_global_data; + enclave_entry; + g_peak_heap_used; + local: + *; +}; + diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h new file mode 100644 index 00000000..bd8c6471 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h @@ -0,0 +1,58 @@ +#ifndef SECGEAR_SM_COMMON_UTILS +#define SECGEAR_SM_COMMON_UTILS + +#include + +typedef __uint8_t uint8; +typedef __uint16_t uint16; +typedef __uint32_t uint32; +typedef __uint64_t uint64; + +#define CONCAT_8x4(x0, x1, x2, x3) ((((uint32)(x0) << 8 | (x1)) << 8 | (x2)) << 8 | (x3)) // X = (x0 || x1 || x2 || x3) +#define CONCAT_16x2(x0, x1) ((uint32)(x0) << 16 | (x1)) // X = (x0 || x1) +#define EXTRACT_8_32(X, i) (((X) >> (((i) ^ 3) << 3)) & 0xFF) // X = (x0 || x1 || x2 || x3) +#define EXTRACT_16_32(X, i) (((X) >> (((i) ^ 1) << 4)) & 0xFFFF) // X = (x0 || x1) +#define EXTRACT_16H_31(X) (((X) >> 15) & 0xFFFF) // Higher 16-bit from 31-bit +#define EXTRACT_16L_31(X) ((X) & 0xFFFF) // Lower 16-bit from 31-bit + +#define ROTATE(a, n) (((a) << (n)) | (((a) & 0xFFFFFFFF) >> (32 - (n)))) +#define ROTATE_31(a, n) ((((a) << (n)) & 0x7FFFFFFF) | (((a) & 0x7FFFFFFF) >> (31 - (n)))) + +#define GET_BIT_VALUE_32(x, i) (((x) >> (31 - (i))) & 1) + +const uint32 PREFIX_MASK_32[32] = { + 0x00000000, + 0x80000000, + 0xC0000000, + 0xE0000000, + 0xF0000000, + 0xF8000000, + 0xFC000000, + 0xFE000000, + 0xFF000000, + 0xFF800000, + 0xFFC00000, + 0xFFE00000, + 0xFFF00000, + 0xFFF80000, + 0xFFFC0000, + 0xFFFE0000, + 0xFFFF0000, + 0xFFFF8000, + 0xFFFFC000, + 0xFFFFE000, + 0xFFFFF000, + 0xFFFFF800, + 0xFFFFFC00, + 0xFFFFFE00, + 0xFFFFFF00, + 0xFFFFFF80, + 0xFFFFFFC0, + 0xFFFFFFE0, + 0xFFFFFFF0, + 0xFFFFFFF8, + 0xFFFFFFFC, + 0xFFFFFFFE +}; + +#endif \ No newline at end of file diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c new file mode 100644 index 00000000..abae42a6 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c @@ -0,0 +1,917 @@ +/* + * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. + * secGear is licensed under the Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR + * PURPOSE. + * See the Mulan PSL v2 for more details. + */ + +#include +#include +#include +#include +#include "encrypt_t.h" + +#define BUF_MAX 32 +#define Mkey "admin" //主密钥,用于生成存储密钥 +char uname[20];//用户名 +char upsw[56];//用户密码 +char buff[80];//用户名与密码相连字符串 +char uinfo[31];//用户机密信息,字符串 +char ucipher[64];//用户十六进制密文字符串 +char c[32];//用户十六进制转字符串 +unsigned char cipt[40];//sm3加密后生成的存储密钥 +int num=0; +char key[16];//sm4加密密钥 +char acipt[40];//sm4加密后生成的信息密文 +char temp[32]; +int nnn; + + + +void transname(char *name)//获得用户名 +{ + strncpy(uname,name, strlen(name)); +} +void transpsw(char *psw)//获得用户密码 +{ + strncpy(upsw,psw, strlen(psw)); +} +void transinfo(char *info)//获得用户机密信息 +{ + strncpy(uinfo,info, strlen(info)); +} +void transcipher(char *cipher)//获得用户机密信息 +{ + strncpy(ucipher,cipher, strlen(cipher)); +} + +//SM3 + +#include "sm3.h" + +void sm3() +{ + strncpy(buff, uname, strlen(uname));//获得用户名 + strncat(buff, upsw, strlen(upsw));//连接用户密码 + // strncat(buff, Mkey, strlen(Mkey));//连接用户密码 + SM3_CTX c; + sm3_init(&c); + sm3_update(&c, buff, strlen(buff)); + // sm3_final(&c, cipt); + sm3_final(cipt, &c); +} + +//SM4加密算法 + +#include "sm4.h" + +/** + * S盒 + */ +static const int S[16][16] = +{ + { + 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, + 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 + }, + { + 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, + 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 + }, + { + 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, + 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 + }, + { + 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, + 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 + }, + { + 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, + 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 + }, + { + 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, + 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf + }, + { + 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, + 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 + }, + { + 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, + 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 + }, + { + 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, + 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 + }, + { + 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, + 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb + }, + { + 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, + 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 + }, + { + 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, + 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 + }, + { + 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, + 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a + }, + { + 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, + 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e + }, + { + 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, + 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf + }, + { + 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, + 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 + } +}; +/** + * 逆S盒 + */ +static const int S2[16][16] = +{ + { + 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, + 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb + }, + { + 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, + 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb + }, + { + 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, + 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e + }, + { + 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, + 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 + }, + { + 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, + 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 + }, + { + 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, + 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 + }, + { + 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, + 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 + }, + { + 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, + 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b + }, + { + 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, + 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 + }, + { + 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, + 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e + }, + { + 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, + 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b + }, + { + 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, + 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 + }, + { + 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, + 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f + }, + { + 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, + 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef + }, + { + 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, + 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 + }, + { + 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, + 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d + } +}; +/** + * 获取整形数据的低8位的左4个位 + */ +static int getLeft4Bit(int num) +{ + int left = num & 0x000000f0; + return left >> 4; +} +/** + * 获取整形数据的低8位的右4个位 + */ +static int getRight4Bit(int num) +{ + return num & 0x0000000f; +} +/** + * 根据索引,从S盒中获得元素 + */ +static int getNumFromSBox(int index) +{ + int row = getLeft4Bit(index); + int col = getRight4Bit(index); + return S[row][col]; +} +/** + * 把一个字符转变成整型 + */ +static int getIntFromChar(char c) +{ + int result = (int) c; + return result & 0x000000ff; +} +/** + * 把16个字符转变成4X4的数组, + * 该矩阵中字节的排列顺序为从上到下, + * 从左到右依次排列。 + */ +static void convertToIntArray(char *str, int pa[4][4]) +{ + int k = 0; + for(int i = 0; i < 4; i++) + for(int j = 0; j < 4; j++) { + pa[j][i] = getIntFromChar(str[k]); + k++; + } +} +/** + * 把连续的4个字符合并成一个4字节的整型 + */ +static int getWordFromStr(char *str) +{ + int one = getIntFromChar(str[0]); + one = one << 24; + int two = getIntFromChar(str[1]); + two = two << 16; + int three = getIntFromChar(str[2]); + three = three << 8; + int four = getIntFromChar(str[3]); + return one | two | three | four; +} +/** + * 把一个4字节的数的第一、二、三、四个字节取出, + * 入进一个4个元素的整型数组里面。 + */ +static void splitIntToArray(int num, int array[4]) +{ + int one = num >> 24; + array[0] = one & 0x000000ff; + int two = num >> 16; + array[1] = two & 0x000000ff; + int three = num >> 8; + array[2] = three & 0x000000ff; + array[3] = num & 0x000000ff; +} +/** + * 将数组中的元素循环左移step位 + */ +static void leftLoop4int(int array[4], int step) +{ + int temp[4]; + for(int i = 0; i < 4; i++) + { + temp[i] = array[i]; + } + int index = step % 4 == 0 ? 0 : step % 4; + for(int i = 0; i < 4; i++) + { + array[i] = temp[index]; + index++; + index = index % 4; + } +} +/** + * 把数组中的第一、二、三和四元素分别作为 + * 4字节整型的第一、二、三和四字节,合并成一个4字节整型 + */ +static int mergeArrayToInt(int array[4]) +{ + int one = array[0] << 24; + int two = array[1] << 16; + int three = array[2] << 8; + int four = array[3]; + return one | two | three | four; +} + +/** + * 常量轮值表 + */ +static const int Rcon[10] = +{ + 0x01000000, 0x02000000, + 0x04000000, 0x08000000, + 0x10000000, 0x20000000, + 0x40000000, 0x80000000, + 0x1b000000, 0x36000000 +}; +/** + * 密钥扩展中的T函数 + */ +static int T1(int num, int round) +{ + int numArray[4]; + splitIntToArray(num, numArray); + leftLoop4int(numArray, 1);//字循环 + //字节代换 + for(int i = 0; i < 4; i++) + { + numArray[i] = getNumFromSBox(numArray[i]); + } + int result = mergeArrayToInt(numArray); + return result ^ Rcon[round]; +} +//密钥对应的扩展数组 +static int w[44]; +/** + * 扩展密钥,结果是把w[44]中的每个元素初始化 + */ +static void extendKey(char *key) +{ + for(int i = 0; i < 4; i++) + { + w[i] = getWordFromStr(key + i * 4); + } + for(int i = 4, j = 0; i < 44; i++) + { + if( i % 4 == 0) + { + w[i] = w[i - 4] ^ T1(w[i - 1], j); + j++;//下一轮 + } + else + { + w[i] = w[i - 4] ^ w[i - 1]; + } + } +} +/** + * 轮密钥加 + */ +static void addRoundKey(int array[4][4], int round) +{ + int warray[4]; + for(int i = 0; i < 4; i++) + { + splitIntToArray(w[ round * 4 + i], warray); + for(int j = 0; j < 4; j++) + { + array[j][i] = array[j][i] ^ warray[j]; + } + } +} +/** + * 字节代换 + */ +static void subBytes(int array[4][4]) +{ + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + array[i][j] = getNumFromSBox(array[i][j]); + } + } +} +/** + * 行移位 + */ +static void shiftRows(int array[4][4]) +{ + int rowTwo[4], rowThree[4], rowFour[4]; + //复制状态矩阵的第2,3,4行 + for(int i = 0; i < 4; i++) + { + rowTwo[i] = array[1][i]; + rowThree[i] = array[2][i]; + rowFour[i] = array[3][i]; + } + //循环左移相应的位数 + leftLoop4int(rowTwo, 1); + leftLoop4int(rowThree, 2); + leftLoop4int(rowFour, 3); + //把左移后的行复制回状态矩阵中 + for(int i = 0; i < 4; i++) + { + array[1][i] = rowTwo[i]; + array[2][i] = rowThree[i]; + array[3][i] = rowFour[i]; + } +} +/** + * 列混合要用到的矩阵 + */ +static const int colM[4][4] = +{ + {2, 3, 1, 1}, + {1, 2, 3, 1}, + {1, 1, 2, 3}, + {3, 1, 1, 2} +}; +static int GFMul2(int s) +{ + int result = s << 1; + int a7 = result & 0x00000100; + if(a7 != 0) + { + result = result & 0x000000ff; + result = result ^ 0x1b; + } + return result; +} +static int GFMul3(int s) +{ + return GFMul2(s) ^ s; +} +static int GFMul4(int s) +{ + return GFMul2(GFMul2(s)); +} +static int GFMul8(int s) +{ + return GFMul2(GFMul4(s)); +} +static int GFMul9(int s) +{ + return GFMul8(s) ^ s; +} +static int GFMul11(int s) +{ + return GFMul9(s) ^ GFMul2(s); +} +static int GFMul12(int s) +{ + return GFMul8(s) ^ GFMul4(s); +} +static int GFMul13(int s) +{ + return GFMul12(s) ^ s; +} +static int GFMul14(int s) +{ + return GFMul12(s) ^ GFMul2(s); +} +/** + * GF上的二元运算 + */ +static int GFMul(int n, int s) +{ + int result; + if(n == 1) + { + result = s; + } + else if(n == 2) + { + result = GFMul2(s); + } + else if(n == 3) + { + result = GFMul3(s); + } + else if(n == 0x9) + { + result = GFMul9(s); + } + else if(n == 0xb)//11 + { + result = GFMul11(s); + } + else if(n == 0xd)//13 + { + result = GFMul13(s); + } + else if(n == 0xe)//14 + { + result = GFMul14(s); + } + return result; +} +/** + * 列混合 + */ +static void mixColumns(int array[4][4]) +{ + int tempArray[4][4]; + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + tempArray[i][j] = array[i][j]; + } + } + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + array[i][j] = GFMul(colM[i][0],tempArray[0][j]) ^ + GFMul(colM[i][1],tempArray[1][j]) + ^ GFMul(colM[i][2],tempArray[2][j]) + ^ GFMul(colM[i][3], tempArray[3][j]); + } + } +} +/** + * 把4X4数组转回字符串 + */ +static void convertArrayToStr(int array[4][4], char *str) { + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + *str++ = (char)array[j][i]; + } + } +} +/** + * 参数 p: 明文的字符串数组。 + * 参数 plen: 明文的长度。 + * 参数 key: 密钥的字符串数组。 + */ +void sm4(char *p, int plen, char *key) +{ + extendKey(key);//扩展密钥 + int pArray[4][4]; + for(int k = 0; k < plen; k += 16) + { + convertToIntArray(p + k, pArray); + addRoundKey(pArray, 0);//一开始的轮密钥加 + for(int i = 1; i < 10; i++) + {//前9轮 + subBytes(pArray);//字节代换 + shiftRows(pArray);//行移位 + mixColumns(pArray);//列混合 + addRoundKey(pArray, i); + } + //第10轮 + subBytes(pArray);//字节代换 + shiftRows(pArray);//行移位 + addRoundKey(pArray, 10); + convertArrayToStr(pArray, p + k); + } +} +/** + * 根据索引从逆S盒中获取值 + */ +static int getNumFromS1Box(int index) +{ + int row = getLeft4Bit(index); + int col = getRight4Bit(index); + return S2[row][col]; +} +/** + * 逆字节变换 + */ +static void deSubBytes(int array[4][4]) +{ + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + array[i][j] = getNumFromS1Box(array[i][j]); + } + } +} +/** + * 把4个元素的数组循环右移step位 + */ +static void rightLoop4int(int array[4], int step) +{ + int temp[4]; + for(int i = 0; i < 4; i++) + { + temp[i] = array[i]; + } + int index = step % 4 == 0 ? 0 : step % 4; + index = 3 - index; + for(int i = 3; i >= 0; i--) + { + array[i] = temp[index]; + index--; + index = index == -1 ? 3 : index; + } +} +/** + * 逆行移位 + */ +static void deShiftRows(int array[4][4]) +{ + int rowTwo[4], rowThree[4], rowFour[4]; + for(int i = 0; i < 4; i++) + { + rowTwo[i] = array[1][i]; + rowThree[i] = array[2][i]; + rowFour[i] = array[3][i]; + } + rightLoop4int(rowTwo, 1); + rightLoop4int(rowThree, 2); + rightLoop4int(rowFour, 3); + for(int i = 0; i < 4; i++) + { + array[1][i] = rowTwo[i]; + array[2][i] = rowThree[i]; + array[3][i] = rowFour[i]; + } +} +/** + * 逆列混合用到的矩阵 + */ +static const int deColM[4][4] = +{ + {0xe, 0xb, 0xd, 0x9}, + {0x9, 0xe, 0xb, 0xd}, + {0xd, 0x9, 0xe, 0xb}, + {0xb, 0xd, 0x9, 0xe} +}; +/** + * 逆列混合 + */ +static void deMixColumns(int array[4][4]) +{ + int tempArray[4][4]; + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + tempArray[i][j] = array[i][j]; + } + } + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + array[i][j] = GFMul(deColM[i][0],tempArray[0][j]) ^ + GFMul(deColM[i][1],tempArray[1][j]) ^ + GFMul(deColM[i][2],tempArray[2][j]) ^ + GFMul(deColM[i][3], tempArray[3][j]); + } + } +} +/** + * 把两个4X4数组进行异或 + */ +static void addRoundTowArray(int aArray[4][4],int bArray[4][4]) +{ + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + aArray[i][j] = aArray[i][j] ^ bArray[i][j]; + } + } +} +/** + * 从4个32位的密钥字中获得4X4数组, + * 用于进行逆列混合 + */ +static void getArrayFrom4W(int i, int array[4][4]) +{ + int index = i * 4; + int colOne[4], colTwo[4], colThree[4], colFour[4]; + splitIntToArray(w[index], colOne); + splitIntToArray(w[index + 1], colTwo); + splitIntToArray(w[index + 2], colThree); + splitIntToArray(w[index + 3], colFour); + for(int i = 0; i < 4; i++) + { + array[i][0] = colOne[i]; + array[i][1] = colTwo[i]; + array[i][2] = colThree[i]; + array[i][3] = colFour[i]; + } +} +/** + * 参数 c: 密文的字符串数组。 + * 参数 clen: 密文的长度。 + * 参数 key: 密钥的字符串数组。 + */ +void desm4(char *c, int clen, char *key) +{ + extendKey(key);//扩展密钥 + int cArray[4][4]; + for(int k = 0; k < clen; k += 16) + { + convertToIntArray(c + k, cArray); + addRoundKey(cArray, 10); + int wArray[4][4]; + for(int i = 9; i >= 1; i--) + { + deSubBytes(cArray); + deShiftRows(cArray); + deMixColumns(cArray); + getArrayFrom4W(i, wArray); + deMixColumns(wArray); + addRoundTowArray(cArray, wArray); + } + deSubBytes(cArray); + deShiftRows(cArray); + addRoundKey(cArray, 0); + convertArrayToStr(cArray, c + k); + } +} + +#define MAXLEN 1024 + +void printASCII(char *str, int len) {//字符串转16进制 + for(int i = 0; i < len; i++) { + acipt[i] = (int)*str++; + acipt[i] = acipt[i] & 0x000000ff; + } +} + +void hex32_str(char *data,char *input)//将16进制串转字符串 +{ + int i=0,sum; + char t; + for(i=0;i<32;i=i+2) + { + sum=0; + t=data[i]; + if(t<='9') + { + sum=((int)t-48)*16; + } + else + { + switch(t) + { + case 'a':sum=10*16;break; + case 'b':sum=11*16;break; + case 'c':sum=12*16;break; + case 'd':sum=13*16;break; + case 'e':sum=14*16;break; + case 'f':sum=15*16;break; + } + } + t=data[i+1]; + if(t<='9') + { + sum=sum+((int)t-48); + } + else + { + switch(t) + { + case 'a':sum=sum+10;break; + case 'b':sum=sum+11;break; + case 'c':sum=sum+12;break; + case 'd':sum=sum+13;break; + case 'e':sum=sum+14;break; + case 'f':sum=sum+15;break; + } + } + input[i/2]=(char)sum; + } +} + +void hex16_str(char *data,char *output,int len)//将16进制转字符串 +{ + for(int i = 0; i < len; i++) { + output[i] = (char)data[i];//data中每个元素为字符对应的十进制数 + } +} + + +/** + * 使用PKCS#7 填充字符串 + p:要填充的明文字符串 + len:明文字符串长度 + */ +int PKCS7Padding(char *p, int len) +{ + //ascii码转16进制,temp中每个元素为字符对应的十进制数,方便填充 + for(int i = 0; i < len; i++) { + temp[i] = (int)*p++; + temp[i] = temp[i] & 0x000000ff;//temp中为字符转数字,即a=97 + } + + int i; + int block = len/16;//数据分组的组数 + int start = len;//开始补码的地址 + int end=(block+1)*16;//补码后总长度 + int t=16-len%16;//要补的位数,也即要补的字符 + if(t<10) + { + for(i = start; i < end; i++) + { + temp[i] = t; + }; + } + else if(t<=15) + { + for(i = start; i < end; i++) + { + temp[i] = t; + } + } + else if(t==16)//error + { + for(i = start; i < end; i++) + { + temp[i] = 16; + } + } + + hex16_str(temp,uinfo,end);//将temp中的每个元素对应的十进制数转为字符,方便后续对字符串加密 + nnn=end; + return end; +} + +/** + * 删除PKCS#7 填充字符串 + c:要删除填充的解密后的字符串 + len:解密后字符串长度 + padlen:删除填充后字符串长度 + */ +int dePKCS7Padding(char *c, int len) +{ +//送进来的为字符串,每个元素为字符,需要先获取最后一个字符,将字符转int,如0a=10,再从len-10开始置0到最后,返回重置后的字符串 + int padlen=(int)c[len-1]; + nnn=len-padlen; + for(int i=len-padlen;i +#include "common_utils.h" + +#define SM3_DIGEST_LENGTH 32 +#define SM3_WORD uint32 + +#define SM3_CBLOCK 64 +#define SM3_LBLOCK (SM3_CBLOCK/4) + +typedef struct SM3state_st { + SM3_WORD A, B, C, D, E, F, G, H; + SM3_WORD Nl, Nh; + SM3_WORD data[SM3_LBLOCK]; + unsigned int num; +} SM3_CTX; + +#define ROTATE(a, n) (((a) << (n)) | (((a) & 0xFFFFFFFF) >> (32 - (n)))) + +# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++))) ) ) +# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff), \ + l) + +#define P0(X) (X ^ ROTATE(X, 9) ^ ROTATE(X, 17)) +#define P1(X) (X ^ ROTATE(X, 15) ^ ROTATE(X, 23)) + +#define FF(J,X,Y,Z) (J<16 ? (X ^ Y ^ Z) : ((X & Y) | (X & Z) | (Y & Z))) +#define GG(J,X,Y,Z) (J<16 ? (X ^ Y ^ Z) : ((X & Y) | ((~X) & Z))) + +#define T(J) (J<16 ? 0x79cc4519 : 0x7a879d8a) + +#define EXPAND(W0,W7,W13,W3,W10) \ + (P1(W0 ^ W7 ^ ROTATE(W13, 15)) ^ ROTATE(W3, 7) ^ W10) + +#define SM3_A 0x7380166fUL +#define SM3_B 0x4914b2b9UL +#define SM3_C 0x172442d7UL +#define SM3_D 0xda8a0600UL +#define SM3_E 0xa96f30bcUL +#define SM3_F 0x163138aaUL +#define SM3_G 0xe38dee4dUL +#define SM3_H 0xb0fb0e4eUL + +#define SM3_MAKE_STRING(c, s) \ + do { \ + unsigned long ll; \ + ll=(c)->A; (void)HOST_l2c(ll, (s)); \ + ll=(c)->B; (void)HOST_l2c(ll, (s)); \ + ll=(c)->C; (void)HOST_l2c(ll, (s)); \ + ll=(c)->D; (void)HOST_l2c(ll, (s)); \ + ll=(c)->E; (void)HOST_l2c(ll, (s)); \ + ll=(c)->F; (void)HOST_l2c(ll, (s)); \ + ll=(c)->G; (void)HOST_l2c(ll, (s)); \ + ll=(c)->H; (void)HOST_l2c(ll, (s)); \ + } while (0) + +void sm3_block_data_order(SM3_CTX *ctx, const void *p, size_t num) { + const unsigned char *data = p; + SM3_WORD A, B, C, D, E, F, G, H; + SM3_WORD w[68]={}, ww[64]={}; + while (num--) { + A = ctx->A; + B = ctx->B; + C = ctx->C; + D = ctx->D; + E = ctx->E; + F = ctx->F; + G = ctx->G; + H = ctx->H; + for (int j = 0; j < 16; ++j) { + HOST_c2l(data, w[j]); + } + for (int j = 16; j < 68; ++j) { + w[j] = EXPAND(w[j-16], w[j-9], w[j-3], w[j-13], w[j-6]); + } + for (int j = 0; j < 64; ++j) { + ww[j] = w[j] ^ w[j+4]; + } + for (int j = 0; j < 64; j++) { + SM3_WORD SS1, SS2, TT1, TT2; + SS1 = ROTATE(ROTATE(A, 12) + E + ROTATE(T(j), j&31), 7); + SS2 = SS1 ^ ROTATE(A, 12); + TT1 = FF(j, A, B, C) + D + SS2 + ww[j]; + TT2 = GG(j, E, F, G) + H + SS1 + w[j]; + D = C; + C = ROTATE(B,9); + B = A; + A = TT1; + H = G; + G = ROTATE(F, 19); + F = E; + E = P0(TT2); + } + ctx->A ^= A; + ctx->B ^= B; + ctx->C ^= C; + ctx->D ^= D; + ctx->E ^= E; + ctx->F ^= F; + ctx->G ^= G; + ctx->H ^= H; + } +} + +int sm3_init(SM3_CTX *c) { + memset(c, 0, sizeof(*c)); + c->A = SM3_A; + c->B = SM3_B; + c->C = SM3_C; + c->D = SM3_D; + c->E = SM3_E; + c->F = SM3_F; + c->G = SM3_G; + c->H = SM3_H; + return 1; +} + +int sm3_update(SM3_CTX *c, const void *data_, size_t len) { + const unsigned char *data = data_; + unsigned char *p; + SM3_WORD l; + size_t n; + if (len == 0) return 1; + l = (c->Nl + (((SM3_WORD) len) << 3)) & 0xffffffffUL; + if (l < c->Nl) c->Nh++; + c->Nh += (SM3_WORD) (len >> 29); + c->Nl = l; + n = c->num; + if (n != 0) { + p = (unsigned char *)c->data; + if (len >= SM3_CBLOCK || len + n >= SM3_CBLOCK) { + memcpy(p + n, data, SM3_CBLOCK - n); + sm3_block_data_order(c, p, 1); + n = SM3_CBLOCK - n; + data += n; + len -= n; + c->num = 0; + memset(p, 0, SM3_CBLOCK); + } + else { + memcpy(p + n, data, len); + c->num += (unsigned int)len; + return 1; + } + } + n = len / SM3_CBLOCK; + if (n > 0) { + sm3_block_data_order(c, data, n); + n *= SM3_CBLOCK; + data += n; + len -= n; + } + if (len != 0) { + p = (unsigned char *)c->data; + c->num = (unsigned int)len; + memcpy(p, data, len); + } + return 1; +} + +int sm3_final(unsigned char *md, SM3_CTX *c) { + unsigned char *p = (unsigned char *)c->data; + size_t n = c->num; + p[n] = 0x80; + n++; + if (n > (SM3_CBLOCK - 8)) { + memset(p + n, 0, SM3_CBLOCK - n); + n = 0; + sm3_block_data_order(c, p, 1); + } + memset(p + n, 0, SM3_CBLOCK - 8 - n); + p += SM3_CBLOCK - 8; + (void)HOST_l2c(c->Nh, p); + (void)HOST_l2c(c->Nl, p); + p -= SM3_CBLOCK; + sm3_block_data_order(c, p, 1); + c->num = 0; + SM3_MAKE_STRING(c, md); + return 1; +} + +#endif \ No newline at end of file diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h new file mode 100644 index 00000000..5b30416f --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h @@ -0,0 +1,103 @@ +#ifndef SECGEAR_SM4_H +#define SECGEAR_SM4_H + +#include +#include "common_utils.h" + +#define ENCRYPT 0 +#define DECRYPT 1 +const uint8 Sbox[256] = { + 0xD6, 0x90, 0xE9, 0xFE, 0xCC, 0xE1, 0x3D, 0xB7, 0x16, 0xB6, 0x14, 0xC2, 0x28, 0xFB, 0x2C, 0x05, + 0x2B, 0x67, 0x9A, 0x76, 0x2A, 0xBE, 0x04, 0xC3, 0xAA, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, + 0x9C, 0x42, 0x50, 0xF4, 0x91, 0xEF, 0x98, 0x7A, 0x33, 0x54, 0x0B, 0x43, 0xED, 0xCF, 0xAC, 0x62, + 0xE4, 0xB3, 0x1C, 0xA9, 0xC9, 0x08, 0xE8, 0x95, 0x80, 0xDF, 0x94, 0xFA, 0x75, 0x8F, 0x3F, 0xA6, + 0x47, 0x07, 0xA7, 0xFC, 0xF3, 0x73, 0x17, 0xBA, 0x83, 0x59, 0x3C, 0x19, 0xE6, 0x85, 0x4F, 0xA8, + 0x68, 0x6B, 0x81, 0xB2, 0x71, 0x64, 0xDA, 0x8B, 0xF8, 0xEB, 0x0F, 0x4B, 0x70, 0x56, 0x9D, 0x35, + 0x1E, 0x24, 0x0E, 0x5E, 0x63, 0x58, 0xD1, 0xA2, 0x25, 0x22, 0x7C, 0x3B, 0x01, 0x21, 0x78, 0x87, + 0xD4, 0x00, 0x46, 0x57, 0x9F, 0xD3, 0x27, 0x52, 0x4C, 0x36, 0x02, 0xE7, 0xA0, 0xC4, 0xC8, 0x9E, + 0xEA, 0xBF, 0x8A, 0xD2, 0x40, 0xC7, 0x38, 0xB5, 0xA3, 0xF7, 0xF2, 0xCE, 0xF9, 0x61, 0x15, 0xA1, + 0xE0, 0xAE, 0x5D, 0xA4, 0x9B, 0x34, 0x1A, 0x55, 0xAD, 0x93, 0x32, 0x30, 0xF5, 0x8C, 0xB1, 0xE3, + 0x1D, 0xF6, 0xE2, 0x2E, 0x82, 0x66, 0xCA, 0x60, 0xC0, 0x29, 0x23, 0xAB, 0x0D, 0x53, 0x4E, 0x6F, + 0xD5, 0xDB, 0x37, 0x45, 0xDE, 0xFD, 0x8E, 0x2F, 0x03, 0xFF, 0x6A, 0x72, 0x6D, 0x6C, 0x5B, 0x51, + 0x8D, 0x1B, 0xAF, 0x92, 0xBB, 0xDD, 0xBC, 0x7F, 0x11, 0xD9, 0x5C, 0x41, 0x1F, 0x10, 0x5A, 0xD8, + 0x0A, 0xC1, 0x31, 0x88, 0xA5, 0xCD, 0x7B, 0xBD, 0x2D, 0x74, 0xD0, 0x12, 0xB8, 0xE5, 0xB4, 0xB0, + 0x89, 0x69, 0x97, 0x4A, 0x0C, 0x96, 0x77, 0x7E, 0x65, 0xB9, 0xF1, 0x09, 0xC5, 0x6E, 0xC6, 0x84, + 0x18, 0xF0, 0x7D, 0xEC, 0x3A, 0xDC, 0x4D, 0x20, 0x79, 0xEE, 0x5F, 0x3E, 0xD7, 0xCB, 0x39, 0x48, +}; +const uint32 FK[4] = { + 0xA3B1BAC6, 0x56AA3350, 0x677D9197, 0xB27022DC, +}; +const uint32 CK[32] = { + 0x00070E15, 0x1C232A31, 0x383F464D, 0x545B6269, + 0x70777E85, 0x8C939AA1, 0xA8AFB6BD, 0xC4CBD2D9, + 0xE0E7EEF5, 0xFC030A11, 0x181F262D, 0x343B4249, + 0x50575E65, 0x6C737A81, 0x888F969D, 0xA4ABB2B9, + 0xC0C7CED5, 0xDCE3EAF1, 0xF8FF060D, 0x141B2229, + 0x30373E45, 0x4C535A61, 0x686F767D, 0x848B9299, + 0xA0A7AEB5, 0xBCC3CAD1, 0xD8DFE6ED, 0xF4FB0209, + 0x10171E25, 0x2C333A41, 0x484F565D, 0x646B7279, +}; +#define L(B) ((B) ^ (ROTATE((B), 2)) ^ (ROTATE((B), 10)) ^ (ROTATE((B), 18)) ^ (ROTATE((B), 24))) +#define LP(B) ((B) ^ (ROTATE((B), 13)) ^ (ROTATE((B), 23))) +#define S(X) (((uint32)Sbox[((X) >> 24) & 0xFF] << 24) | \ + ((uint32)Sbox[((X) >> 16) & 0xFF] << 16) | \ + ((uint32)Sbox[((X) >> 8) & 0xFF] << 8) | \ + ((uint32)Sbox[(X) & 0xFF])) + +#define TT(X) L(S(X)) +#define TP(X) LP(S(X)) +#define F(X0, X1, X2, X3, rk) ((X0) ^ TT((X1) ^ (X2) ^ (X3) ^ (rk))) + +typedef struct sm4_ctx_st { + uint32 M[4]; + uint32 rk[32]; +} SM4_CTX; + +int sm4_init(SM4_CTX *ctx, const uint32 *M, const uint32 *MK) { + memset(ctx, 0, sizeof(*ctx)); + uint32 K[36]; + memset(K, 0, sizeof(K)); + int i; + for (i = 0; i < 4; ++i) { + K[i] = MK[i] ^ FK[i]; + ctx->M[i] = M[i]; + } + for (i = 0; i < 32; ++i) { + ctx->rk[i] = K[i+4] = K[i] ^ TP(K[i+1] ^ K[i+2] ^ K[i+3] ^ CK[i]); + } + return 1; +} + +int sm4_round(SM4_CTX *ctx, int crypt_flag) { + int offset = (crypt_flag ? 31 : 0), i; + uint32 X[36]; + memset(X, 0, sizeof(X)); + for (i = 0; i < 4; ++i) { + X[i] = ctx->M[i]; + } + for (i = 0; i < 32; ++i) { + X[i+4] = F(X[i], X[i+1], X[i+2], X[i+3], ctx->rk[i^offset]); + } + ctx->M[0] = X[35]; + ctx->M[1] = X[34]; + ctx->M[2] = X[33]; + ctx->M[3] = X[32]; + return 1; +} + +int sm4_encrypt(SM4_CTX *ctx) { + return sm4_round(ctx, ENCRYPT); +} + +int sm4_decrypt(SM4_CTX *ctx) { + return sm4_round(ctx, DECRYPT); +} + +int sm4_final(uint32 *out, SM4_CTX *ctx) { + if (!memcpy(out, ctx->M, sizeof(ctx->M))) { + return 0; + } + return 1; +} + +#endif \ No newline at end of file diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl b/wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl new file mode 100644 index 00000000..77bc7c74 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl @@ -0,0 +1,28 @@ +/*S + * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. + * secGear is licensed under the Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR + * PURPOSE. + * See the Mulan PSL v2 for more details. + */ + +enclave { + include "secgear_urts.h" + from "secgear_tstdc.edl" import *; + trusted { + public int get_int(); + public int get_string([out, size=80]unsigned char *buf); + public void transname([in,size=20]char *name); + public void transpsw([in,size=56]char *psw); + public void transinfo([in,size=31]char *info); + public void transcipher([in,size=64]char *cipher); + public void sm3(); + public void sm4crypt(int len); + public void desm4crypt(); + + }; +}; diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt new file mode 100644 index 00000000..bc1bd4d5 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt @@ -0,0 +1,120 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +#set auto code prefix +set(PREFIX encrypt) +#set host exec name +set(OUTPUT secgear_encrypt) +#set host src code +set(SOURCE_FILE ${CMAKE_CURRENT_SOURCE_DIR}/main.c) + +#set auto code +if(CC_GP) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) +endif() + +if(CC_SGX) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include) +endif() + +if(CC_PL) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/penglai) +endif() + +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE") +set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + +if(CC_GP) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${CMAKE_BINARY_DIR}/inc + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/gp + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_SGX) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/sgx + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_PL) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/penglai + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_SIM) + target_link_libraries(${OUTPUT} secgearsim pthread) +else() + target_link_libraries(${OUTPUT} secgear pthread) + target_link_libraries(${OUTPUT} /usr/lib/x86_64-linux-gnu/libmemcached.so) +endif() +set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE) + +if(CC_GP) + #itrustee install whitelist /vender/bin/teec_hello + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION /vendor/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() + +if(CC_SGX) + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION ${CMAKE_BINARY_DIR}/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() + +if(CC_PL) + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION ${CMAKE_BINARY_DIR}/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh new file mode 100644 index 00000000..30f650ae --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh @@ -0,0 +1,29 @@ +#! /bin/bash +#test +echo "read start" +echo "" + +docker -v +echo "docker start" +echo "========================================================" +systemctl start docker +docker ps -a +echo "container start" +echo "========================================================" +docker start opengauss +docker ps -a +docker exec -it opengauss sh +echo "container stop" +echo "========================================================" +docker stop opengauss +docker ps -a + + +echo "grinfo copy to host and wait to settle" +sudo cp /var/lib/docker/volumes/dbvol/_data/omm/grinfo /opt/secGear/debug/examples/helloworld/host +sudo chmod 777 /opt/secGear/debug/examples/helloworld/host/grinfo + + +echo "" +echo "read stop" + diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh new file mode 100644 index 00000000..8c11f0ac --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh @@ -0,0 +1,23 @@ +#! /bin/bash +#test +echo "write start" +echo "" + +echo "grinfo copy to docker and wait to wirte" +sudo docker cp grinfo opengauss:/home/omm +echo "container start" +echo "========================================================" +docker start opengauss +docker ps -a +docker exec -it opengauss sh + +echo "container stop" +echo "========================================================" +docker stop opengauss +docker ps -a +echo "docker stop" +echo "========================================================" +systemctl stop docker + +echo "" +echo "write stop" diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c new file mode 100644 index 00000000..51650268 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c @@ -0,0 +1,253 @@ +/* + * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. + * secGear is licensed under the Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR + * PURPOSE. + * See the Mulan PSL v2 for more details. + */ + +#include +#include +#include +#include +#include "encrypt_u.h" +#define MAXLEN 64 +#define idoffset 41 +#define phoneoffset 74 + + + +/** +* 从文件中读取字符串,加密字符串小于32B,解密字符串(16进制)小于64B +*/ +int readStrFromFile(char *filename, char *str,int offset) { + FILE *fp = fopen(filename, "r"); + if(fp == NULL) { + printf("打开文件出错,请确认文件存在当前目录下!\n"); + exit(0); + } + + int val=1; + char sym[4]={'C','O','P','Y'}; + char temp[150]; + memset(temp,'0',sizeof(temp)); + while(1) + { + if (!fgets(temp,150,fp)) { + return 0; + } + val=strncmp(sym,temp,4); + if(val==0) + break; + } + memset(temp,'0',sizeof(temp)); + if (!fgets(temp,150,fp)) { + return 0; + } + char t[32]; + for(int i=offset;i<(offset+32);i++)//id:41~73,phone:74~106 + { + if(temp[i]==' ') break; + t[i-offset]=temp[i]; + } + + // strncpy(str, t, strlen(t)); + memcpy(str, t, strlen(t)); + fclose(fp); + return 0; +} + +/** + * 把字符串写进文件 + */ +void writeStrToFile(unsigned char *str, char *filename,int offset) { + FILE *fp; + fp = fopen(filename, "r+"); + char temp[100]; + for(int i=0;i<1;) + { + while(fgetc(fp)!='\n') + i++; + } + fprintf(fp,"\ndrop table grinfo; \n");//写回数据时对原有数据表清除,防止表内数据不唯一出现差错 + + int val=1; + char sym[4]={'C','O','P','Y'}; + memset(temp,'0',sizeof(temp)); + while(1) + { + if (!fgets(temp,100,fp)) { + return; + } + val=strncmp(sym,temp,4); + if(val==0) + break; + } + int size=ftell (fp);//返回文件指针相对于起始位置的偏移量 + memset(temp,'0',sizeof(temp)); + if (!fgets(temp,100,fp)) { + return; + } + size=size+offset;//id:offset 40,phone:offset 73 + fseek(fp,size,SEEK_SET);//根据文件指针的位置和偏移量来定位文件指针 + + + for(int i = 0; i < 16; i++) + { + fprintf(fp,"%02x",str[i]); + } + fclose(fp); +} + + +int main() +{ + int retval = 0; + char *path = PATH; + unsigned char buf[80]; + int rvalue; + char name[20]; + char psw[56]; + char fname[17];//文件名 + char info[31];//文件中要加密信息 + char cipher[64];//文件中要解密信息 + int tag; + cc_enclave_t context = {0}; + cc_enclave_result_t res; + // cc_enclave_result_t rres; + + printf("Create secgear enclave\n"); + res = cc_enclave_create(path, AUTO_ENCLAVE_TYPE, 0, SECGEAR_DEBUG_FLAG, NULL, 0, &context); + if (res != CC_SUCCESS) { + printf("Create enclave error\n"); + return res; + } + + //清空原内存中数据 + /*memset(fname,'0',sizeof(fname)); + memset(info,'0',sizeof(info)); + memset(cipher,'0',sizeof(cipher));*/ + + + //SM3生成存储密钥 + printf("请输入用户名:\n");//获得用户名 + // gets(name); // 不建议使用gets函数 + if (!scanf("%s", name)) { + return 0; + } + transname(&context, name); + printf("请输入密码 :\n");//获得用户密码 + // gets(psw); + if (!scanf("%s", psw)) { + return 0; + } + transpsw(&context, psw); + sm3(&context); + printf("加密成功!密文如下:\n"); + res = get_string(&context, &retval, buf); + if (res != CC_SUCCESS || retval != (int)CC_SUCCESS) { + printf("Ecall enclave error\n"); + } + else { + for(int i = 0; i < 16; i++) + { + printf("%02x", buf[i]); + } + printf("\n"); + } + + //通过脚本登陆数据库获取个人信息进行复制提取工作 + if (!system("./db.sh")) { + return 0; + } + + + //SM4对文件加解密 + printf("选择加密输入1,选择解密输入2:"); + if (!scanf("%d",&tag)) { + return 0; + } + // char gg=getchar();//取走缓存区的回车符 + int offset,len; + if(tag==1){ + printf("请输入要加密的文件名:(该文件必须和本程序在同一目录)\n");//传输要加密的用户信息 + // gets(fname); + if (!scanf("%s", fname)) { + return 0; + } + // printf("\n"); + for(int i = 0; i < 2; i++) + { + if(i==0) + offset = idoffset; + else + offset=phoneoffset; + readStrFromFile(fname,info,offset);//取出要加密字符串 + printf("将要加密的信息:\n"); + puts(info); + len=strlen(info);//识别要机密字符串长度 + transinfo(&context, info);//传送到安全区进行加密 + sm4crypt(&context, len); + printf("加密成功!密文如下:\n"); + res = get_string(&context, &retval, buf); + if (res != CC_SUCCESS || retval != (int)CC_SUCCESS) { + printf("Ecall enclave error\n"); + } else { + char* buf1 = (char*)buf; + for(size_t i = 0; i < strlen(buf1); i++){ + printf("%02x",buf1[i]);//输出将无符号字符串以16进制形式输出 + } + printf("\n"); + } + printf("密文将写回原文件中!\n"); + writeStrToFile(buf,fname,offset); + printf("第%d加密写回完成!\n\n",i+1); + } + } + else if(tag==2){ + printf("请输入要解密的文件名:(该文件必须和本程序在同一目录)\n"); + // gets(fname); + if (!scanf("%s", fname)) { + return 0; + } + printf("\n"); + for(int i=0;i<2;i++) + { + if(i==0) + offset=idoffset; + else + offset=phoneoffset; + readStrFromFile(fname,cipher,offset);//取出要解密的字符串 + transcipher(&context, cipher);//传送到安全区解密 + desm4crypt(&context); + printf("第%d解密成功!明文如下:\n",i+1); + res = get_string(&context, &retval, buf); + if (res != CC_SUCCESS || retval != (int)CC_SUCCESS) { + printf("Ecall enclave error\n"); + } else { + char *buf1 = (char*)buf; + for(size_t i = 0; i < strlen(buf1); i++) { + printf("%c",buf1[i]);//输出将无符号字符串以16进制形式输出 + } + res = get_int(&context, &rvalue); + printf("\n明文长度为:%d",rvalue); + printf("\n\n"); + } + } + } + + //操作结束,将修改文件写回数据库 + if (!system("./dbend.sh")) { + return 0; + } + + res = cc_enclave_destroy(&context); + if(res != CC_SUCCESS) { + printf("Destroy enclave error\n"); + } + return res; +} diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt new file mode 100644 index 00000000..286e0401 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt @@ -0,0 +1,39 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +cmake_minimum_required(VERSION 3.10 FATAL_ERROR) +project(enclave) + +set(CMAKE_C_STANDARD 99) + +set(CURRENT_ROOT_PATH ${CMAKE_CURRENT_SOURCE_DIR}) + +#set edl name +set(EDL_FILE verify.edl) +set(CODEGEN codegen) +#set(LOCAL_ROOT_PATH "$ENV{CC_SDK}") +#set(SECGEAR_INSTALL_PATH /usr/lib64/) + +if(CC_GP) + set(CODETYPE trustzone) + set(CODEGEN codegen_arm64) + execute_process(COMMAND uuidgen -r OUTPUT_VARIABLE UUID) + string(REPLACE "\n" "" UUID ${UUID}) + add_definitions(-DPATH="/data/${UUID}.sec") +endif() + +if(CC_SGX) + set(CODETYPE sgx) + #set(CODEGEN codegen_x86_64) + add_definitions(-DPATH="${CMAKE_CURRENT_BINARY_DIR}/enclave/enclave.signed.so") +endif() + +add_subdirectory(${CURRENT_ROOT_PATH}/enclave) +add_subdirectory(${CURRENT_ROOT_PATH}/host) diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt new file mode 100644 index 00000000..e868b8bd --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt @@ -0,0 +1,157 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +#set auto code prefix +set(PREFIX verify) +#set sign key +set(PEM Enclave_private.pem) +#set sign tool +set(SIGN_TOOL ${LOCAL_ROOT_PATH}/tools/sign_tool/sign_tool.sh) +#set enclave src code +set(CMAKE_CXX_STANDARD 11) + + +set(SOURCE_FILES ${CMAKE_CURRENT_SOURCE_DIR}/enclave.cpp) +#set log level +set(PRINT_LEVEL 3) +add_definitions(-DPRINT_LEVEL=${PRINT_LEVEL}) + +if(CC_GP) + #set signed output + set(OUTPUT ${UUID}.sec) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + #set whilelist. default: /vendor/bin/teec_hello + set(WHITE_LIST_0 /vendor/bin/enclave) + set(WHITE_LIST_1 /vendor/bin/secgear_enclave) + set(WHITELIST WHITE_LIST_0 WHITE_LIST_1) + + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) +endif() + +if(CC_SGX) + #set signed output + set(OUTPUT enclave.signed.so) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include ) +endif() + +set(COMMON_C_FLAGS "-W -Wall -Werror -fno-short-enums -fno-omit-frame-pointer -fstack-protector \ + -Wstack-protector --param ssp-buffer-size=4 -frecord-gcc-switches -Wextra -nostdinc -nodefaultlibs \ + -fno-peephole -fno-peephole2 -Wno-main -Wno-error=unused-parameter \ + -Wno-error=unused-but-set-variable -Wno-error=format-truncation=") + +set(COMMON_C_LINK_FLAGS "-Wl,-z,now -Wl,-z,relro -Wl,-z,noexecstack -Wl,-nostdlib -nodefaultlibs -nostartfiles") + +if(CC_GP) + set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -march=armv8-a ") + set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-s -fPIC") + + set(ITRUSTEE_TEEDIR ${SDK_PATH}/) + set(ITRUSTEE_LIBC ${SDK_PATH}/thirdparty/open_source/musl/libc) + + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_BINARY_DIR}/lib/) + endif() + add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES} ) + + target_include_directories( ${PREFIX} PRIVATE + ${CMAKE_CURRENT_BINARY_DIR} + ${CMAKE_BINARY_DIR}/inc + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/gp + ${LOCAL_ROOT_PATH}/inc/enclave_inc + ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp + ${ITRUSTEE_TEEDIR}/include/TA + ${ITRUSTEE_TEEDIR}/include/TA/huawei_ext + ${ITRUSTEE_LIBC}/arch/aarch64 + ${ITRUSTEE_LIBC}/ + ${ITRUSTEE_LIBC}/arch/arm/bits + ${ITRUSTEE_LIBC}/arch/generic + ${ITRUSTEE_LIBC}/arch/arm + ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp/itrustee) + + + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${PREFIX} PRIVATE + ${CMAKE_BINARY_DIR}/lib/) + endif() + + foreach(WHITE_LIST ${WHITELIST}) + add_definitions(-D${WHITE_LIST}="${${WHITE_LIST}}") + endforeach(WHITE_LIST) + + target_link_libraries(${PREFIX} -lsecgear_tee) + # for trustzone compiling, you should connact us to get config and private_key.pem for test, so we will not sign and install binary in this example # + # add_custom_command(TARGET ${PREFIX} + # POST_BUILD + # COMMAND bash ${SIGN_TOOL} -d sign -x trustzone -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -c ${CMAKE_CURRENT_SOURCE_DIR}/manifest.txt -m ${CMAKE_CURRENT_SOURCE_DIR}/config_cloud.ini -o ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT}) + + # install(FILES ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT} + # DESTINATION /data + # PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + +endif() + +if(CC_SGX) + set(SGX_DIR ${SDK_PATH}) + set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -m64 -fvisibility=hidden") + set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + set(LINK_LIBRARY_PATH ${SGX_DIR}/lib64) + + if(CC_SIM) + set(Trts_Library_Name sgx_trts_sim) + set(Service_Library_Name sgx_tservice_sim) + else() + set(Trts_Library_Name sgx_trts) + set(Service_Library_Name sgx_tservice) + endif() + + set(Crypto_Library_Name sgx_tcrypto) + + set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-z,defs -Wl,-pie -Bstatic -Bsymbolic -eenclave_entry \ + -Wl,--export-dynamic -Wl,--defsym,__ImageBase=0 -Wl,--gc-sections -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/Enclave.lds") + + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_BINARY_DIR}/lib ${LINK_LIBRARY_PATH}) + endif() + add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) + + + target_include_directories(${PREFIX} PRIVATE + ${CMAKE_CURRENT_BINARY_DIR} + ${SGX_DIR}/include/tlibc + ${SGX_DIR}/include/libcxx + ${SGX_DIR}/include + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/sgx + ${LOCAL_ROOT_PATH}/inc/enclave_inc) + + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${PREFIX} PRIVATE + ${LINK_LIBRARY_PATH} + ${CMAKE_BINARY_DIR}/lib/) + endif() + + target_link_libraries(${PREFIX} -lsecgear_tee -Wl,--whole-archive ${Trts_Library_Name} -Wl,--no-whole-archive + -Wl,--start-group -lsgx_tstdc -lsgx_tcxx -l${Crypto_Library_Name} -l${Service_Library_Name} -Wl,--end-group) + + add_custom_command(TARGET ${PREFIX} + POST_BUILD + COMMAND umask 0177 + COMMAND openssl genrsa -3 -out ${PEM} 3072 + COMMAND bash ${SIGN_TOOL} -d sign -x sgx -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -k ${PEM} -o ${OUTPUT} -c ${CMAKE_CURRENT_SOURCE_DIR}/Enclave.config.xml) +endif() + +set_target_properties(${PREFIX} PROPERTIES SKIP_BUILD_RPATH TRUE) diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml new file mode 100644 index 00000000..e94c9bc5 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml @@ -0,0 +1,12 @@ + + 0 + 0 + 0x40000 + 0x100000 + 10 + 1 + + 0 + 0 + 0xFFFFFFFF + diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds new file mode 100644 index 00000000..ab77e647 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds @@ -0,0 +1,11 @@ +enclave.so +{ + global: + g_global_data_sim; + g_global_data; + enclave_entry; + g_peak_heap_used; + local: + *; +}; + diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp new file mode 100644 index 00000000..18cf3f0c --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp @@ -0,0 +1,705 @@ +#include "verify_t.h" +#include +#include +#include +#include +#define MAX_LEN 1024 + +using namespace std; + +namespace calc { + const int L = 16; + const std::string hexChars = "0123456789abcdef"; + int dec(char ch) { + if ('0' <= ch && ch <= '9') { + return ch - '0'; + } + if ('a' <= ch && ch <= 'f') { + return ch - 'a' + 10; + } + if ('A' <= ch && ch <= 'F') { + return ch - 'A' + 10; + } + return -1; + } + std::string hex(unsigned int x) { + std::string result = ""; + for (int j = 28; j >= 0; j -= 4) { + result += hexChars[x >> j & 0x0F]; + } + return result; + } + std::string hex(unsigned long long x) { + std::string result = ""; + for (int j = 60; j >= 0; j -= 4) { + result += hexChars[x >> j & 0x0F]; + } + return result; + } + std::string bin(unsigned int x) { + std::string result = ""; + for (int j = 31; j >= 0; j--) { + result += hexChars[x >> j & 0x01]; + } + return result; + } + std::string bin(unsigned long long x) { + std::string result = ""; + for (int j = 63; j >= 0; j--) { + result += hexChars[x >> j & 0x01]; + } + return result; + } + unsigned int rightRotate(unsigned int x, int u) { + unsigned long long xx = (unsigned long long)x << 32 | x; + return (unsigned int)((xx >> u)&(unsigned int)-1); + } + unsigned int LeftRotate(unsigned int x, int u) { + u &= 31; + unsigned long long xx = (unsigned long long)x << 32 | x; + return (unsigned int)((xx >> (32 - u))&(unsigned int)-1); + } + struct bigNum { + int siz, hexLen; + std::vectornum; + bigNum(int _siz = L) { + siz = _siz; hexLen = siz << 4; + num.resize(_siz, 0); + } + bigNum(std::string src) { + int len = src.length(); hexLen = src.length(); + siz = (len + 15) >> 4; + num.resize(siz, 0); + for (int i = 0, cnt = 0; i < len; i++, cnt++) { + num[cnt >> 4] |= (unsigned long long)dec(src[i]) << (((cnt & 0x0F) ^ 15) << 2); + } + } + bigNum FromU32(uint32_t src) { + bigNum result = bigNum(1); + result.num[0] = src; + return result; + } + std::string hex() { + std::string result = ""; + for (int i = 0; i < siz; i++) { + for (int j = 60; j >= 0; j -= 4) { + result += hexChars[num[i] >> j & 0x0F]; + } + } + result.erase(hexLen); + return result; + } + std::string bin() { + std::string result = "b"; + for (int i = 0; i < siz; i++) { + for (int j = 63; j >= 0; j--) { + result += hexChars[num[i] >> j & 0x01]; + } + } + result.erase(hexLen << 2); + return result; + } + bigNum& operator^=(const bigNum &rhs) { + bigNum result = *this; + int lmt = siz; + if (rhs.siz < lmt) lmt = rhs.siz; + for (int i = 0; i < lmt; i++) { + result.num[i] ^= rhs.num[i]; + } + return *this = result; + } + friend bigNum operator^(const bigNum& lhs, const bigNum& rhs) { + if(lhs.siz>=rhs.siz) return bigNum(lhs) ^= rhs; + else return bigNum(rhs) ^= lhs; + } + friend bigNum operator||(const bigNum& lhs, const bigNum& rhs) { + bigNum result = bigNum(bigNum(lhs).hex() + bigNum(rhs).hex()); + return result; + } + }; + + unsigned int P0(unsigned int x) { + return x ^ LeftRotate(x, 9) ^ LeftRotate(x, 17); + } + unsigned int P1(unsigned int x) { + return x ^ LeftRotate(x, 15) ^ LeftRotate(x, 23); + } + unsigned int FF(unsigned int j, unsigned int x, unsigned int y, unsigned int z) { + if (j < 16) return x ^ y ^ z; + else return (x&y) | (x&z) | (y&z); + } + unsigned int GG(unsigned int j, unsigned int x, unsigned int y, unsigned int z) { + if (j < 16) return x ^ y ^ z; + else return (x&y) | ((~x)&z) ; + } + bigNum SM3(bigNum src) { + const unsigned int T[64] = { + 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, + 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, }; + unsigned int h[8] = { + 0x7380166f, 0x4914b2b9, 0x172442d7, 0xda8a0600, 0xa96f30bc, 0x163138aa, 0xe38dee4d, 0xb0fb0e4e }; + std::string tmpstr = bigNum(src).hex(); + tmpstr += "8"; + while (tmpstr.length() % 128 != 112) { + tmpstr += "0"; + } + tmpstr += hex((unsigned long long)src.hexLen << 2); + bigNum tmpnum = bigNum(tmpstr); + + for (int i = 0; i < tmpnum.siz; i += 8) { + unsigned int w[68] = {}, ww[64] = {}; + for (int j = 0; j < 16; j += 2) { + w[j] = (unsigned int)(tmpnum.num[i + (j >> 1)] >> 32); + w[j + 1] = (unsigned int)(tmpnum.num[i + (j >> 1)]); + } + for (int j = 16; j < 68; j++) { + w[j] = P1(w[j - 16] ^ w[j - 9] ^ LeftRotate(w[j - 3], 15)) ^ LeftRotate(w[j - 13], 7) ^ w[j - 6]; + } + for (int j = 0; j < 64; j++) { + ww[j] = w[j] ^ w[j + 4]; + } + unsigned int t[8] = {}; + for (int j = 0; j < 8; j++) { + t[j] = h[j]; + } + for (int j = 0; j < 64; j++) { + unsigned int SS1, SS2, TT1, TT2; + SS1 = LeftRotate(LeftRotate(t[0], 12) + t[4] + LeftRotate(T[j], j), 7); + SS2 = SS1 ^ LeftRotate(t[0], 12); + TT1 = FF(j, t[0], t[1], t[2]) + t[3] + SS2 + ww[j]; + TT2 = GG(j, t[4], t[5], t[6]) + t[7] + SS1 + w[j]; + t[7] = t[6]; + t[6] = LeftRotate(t[5], 19); + t[5] = t[4]; + t[4] = P0(TT2); + t[3] = t[2]; + t[2] = LeftRotate(t[1],9); + t[1] = t[0]; + t[0] = TT1; + } + for (int j = 0; j < 8; j++) { + h[j] = h[j] ^ t[j]; + } + } + + bigNum result = bigNum(4); + result.num[0] = ((unsigned long long)h[0] << 32) | h[1]; + result.num[1] = ((unsigned long long)h[2] << 32) | h[3]; + result.num[2] = ((unsigned long long)h[4] << 32) | h[5]; + result.num[3] = ((unsigned long long)h[6] << 32) | h[7]; + return result; + } + + struct smallNum { + int siz; + std::vectornum; + smallNum(int _siz = 1) { + siz = _siz; + num.resize(_siz, 0); + } + smallNum(char ch) { + siz = 1; + num.push_back(ch - '0'); + } + smallNum(std::string src) { + int len = src.length(); + siz = (len + 15) >> 4; + num.resize(siz, 0); + for (int i = len - 1, cnt = 0; i >= 0; i--, cnt++) { + num[cnt >> 4] |= (unsigned long long)dec(src[i]) << ((cnt & 0x0F) << 2); + } + } + smallNum fromBin(std::string src) { + smallNum result = smallNum(); + int len = src.length(); + if (!len) { + return smallNum(); + } + result.siz = (len + 63) >> 6; + result.num.resize(result.siz, 0); + for (int i = len - 1, cnt = 0; i >= 0; i--, cnt++) { + result.num[cnt >> 6] |= (unsigned long long)dec(src[i]) << (cnt & 0x3F); + } + return result; + } + smallNum(bigNum src) { + std::string srcstr = src.hex(); + *this = smallNum(srcstr); + } + smallNum fromBigNum(bigNum src) { + std::string srcstr = src.hex(); + return smallNum(srcstr); + } + bigNum toBigNum(smallNum src, int minHexLength = 0) { + std::string srcstr = src.hex(); + return bigNum(srcstr); + } + smallNum e() { + smallNum result = smallNum(1); + result.num[0] = 1; + return result; + } + smallNum FromU32(uint32_t src) { + smallNum result = smallNum(1); + result.num[0] = src; + return result; + } + std::string hex() { + std::string result = ""; + for (int i = siz - 1; i >= 0; i--) { + for (int j = 60; j >= 0; j -= 4) { + result += hexChars[num[i] >> j & 0x0F]; + } + } + return result; + } + std::string bin() { + std::string result = ""; + for (int i = siz - 1; i >= 0; i--) { + for (int j = 63; j >= 0; j--) { + result += hexChars[num[i] >> j & 0x01]; + } + } + return result; + } + smallNum& operator^=(const smallNum &rhs) { + smallNum result = *this; + int lmt = rhs.siz; + for (int i = 0; i < lmt; i++) { + result.num[i] ^= rhs.num[i]; + } + return *this = result; + } + friend smallNum operator^(const smallNum& lhs, const smallNum& rhs) { + if(lhs.siz>rhs.siz) return smallNum(lhs) ^= rhs; + else return smallNum(rhs) ^= lhs; + } + friend bool operator<(const smallNum& lhs, const smallNum& rhs) { + if (lhs.siz^rhs.siz) { + return lhs.siz < rhs.siz; + } + for (int i = lhs.siz - 1; i >= 0; i--) { + if (lhs.num[i] ^ rhs.num[i]) { + return lhs.num[i] < rhs.num[i]; + } + } + return 0; + } + friend bool operator<=(const smallNum& lhs, const smallNum& rhs) { + if (lhs.siz^rhs.siz) { + return lhs.siz < rhs.siz; + } + for (int i = lhs.siz - 1; i >= 0; i--) { + if (lhs.num[i] ^ rhs.num[i]) { + return lhs.num[i] < rhs.num[i]; + } + } + return 1; + } + friend bool operator>(const smallNum& lhs, const smallNum& rhs) { + return smallNum(rhs) < smallNum(lhs); + } + friend bool operator>=(const smallNum& lhs, const smallNum& rhs) { + return smallNum(rhs) <= smallNum(lhs); + } + friend bool operator==(const smallNum& lhs, const smallNum& rhs) { + if (lhs.siz^rhs.siz) { + return 0; + } + for (int i = lhs.siz - 1; i >= 0; i--) { + if (lhs.num[i] ^ rhs.num[i]) { + return 0; + } + } + return 1; + } + friend bool operator!=(const smallNum& lhs, const smallNum& rhs) { + if (lhs.siz^rhs.siz) { + return 1; + } + for (int i = lhs.siz - 1; i >= 0; i--) { + if (lhs.num[i] ^ rhs.num[i]) { + return 1; + } + } + return 0; + } + smallNum& operator+=(const smallNum& rhs) { + while (siz < rhs.siz) { + ++siz; num.push_back(0ULL); + } + unsigned long long carry0 = 0ULL, carry1 = 0ULL; + for (int i = 0; i < rhs.siz; i++) { + if (((num[i] >> 1) + (rhs.num[i] >> 1) + (((num[i] & 1ULL) + (rhs.num[i] & 1ULL) + carry0) >> 1)) >> 63) { + if (i + 1 == siz) { + ++siz; num.push_back(0ULL); + } + carry1 = 1ULL; + } + num[i] += rhs.num[i] + carry0; + carry0 = carry1; + carry1 = 0ULL; + } + for (int i = rhs.siz; i < siz; i++) { + if (((num[i] >> 1) + (((num[i] & 1ULL) + carry0) >> 1)) >> 63) { + if (i + 1 == siz) { + ++siz; num.push_back(0ULL); + } + carry1 = 1ULL; + } + num[i] += carry0; + carry0 = carry1; + carry1 = 0ULL; + } + return *this; + } + friend smallNum operator+(const smallNum& lhs, const smallNum&rhs) { + return smallNum(lhs) += rhs; + } + smallNum& operator-=(const smallNum& rhs){ + unsigned long long tmp,carry0=0,carry1=0; + for(int i=0;itmp){ + carry1=1; + } + tmp=num[i]; + num[i]-=carry0; + if(num[i]>tmp){ + carry1=1; + } + carry0=carry1; + carry1=0; + } + for(int i=rhs.siz;itmp){ + carry1=1; + } + carry0=carry1; + carry1=0; + } + while(siz>1&&!num[siz-1]){ + --siz;num.pop_back(); + } + return *this; + } + friend smallNum operator-(const smallNum& lhs, const smallNum&rhs) { + return smallNum(lhs) -= rhs; + } + void _add(unsigned long long u,unsigned long long v,unsigned long long &x,unsigned long long &y,unsigned long long &z){ + x+=u; if(x=rhs.siz?k-rhs.siz+1:0),j=k-i;i>64)&(-1ULL)),result.num[k],result.num[k+1],result.num[k+2]); + } + } + result.num.pop_back(); + if(result.siz>1&&!result.num[SIZ-1]){ + --result.siz; + result.num.pop_back(); + } + return *this=result; + } + + friend smallNum operator*(const smallNum& lhs, const smallNum&rhs) { + return smallNum(lhs) *= rhs; + } + smallNum pow(unsigned long long rhs) { + smallNum result = smallNum().e(), u = smallNum(*this); + while (rhs) { + if (rhs & 1) { + result *= u; + } + u *= u; + rhs >>= 1; + } + return result; + } + smallNum& operator%=(const smallNum& rhs) { + smallNum result = smallNum(); + std::string lhsBin = smallNum(*this).bin(); + int lhsLen = lhsBin.length(); + for (int i = 0; i < lhsLen; i++) { + result = result + result; + if (lhsBin[i] & 1) { + result.num[0] |= 1; + } + if (rhs <= result) { + result = result - rhs; + } + } + return *this = result; + } + friend smallNum operator%(const smallNum& lhs, const smallNum&rhs) { + return smallNum(lhs) %= rhs; + } + smallNum pow_mod(unsigned long long rhs, smallNum _mod) { + smallNum result = smallNum().e(), u = smallNum(*this); + while (rhs) { + if (rhs & 1) { + result = (result*u) % _mod; + } + u = (u*u) % _mod; + rhs >>= 1; + } + return result; + } + smallNum pow_mod(smallNum rhs, smallNum _mod) { + smallNum result = smallNum().e(), u = smallNum(*this); + std::string rhsstr = rhs.bin(); + int rhsLen = rhsstr.length(); + for (int i = rhsLen - 1; i >= 0; i--) { + if (rhsstr[i] & 1) { + result = (result*u) % _mod; + } + u = (u*u) % _mod; + } + return result; + } + smallNum fromDec(std::string src) { + if (src == "") { + return smallNum(); + } + smallNum result = smallNum(); + int siz = src.length(); + for (int i = 0; i < siz; i++) { + result *= smallNum("a"); + result += smallNum(src[i]); + } + return result; + } + }; + smallNum big2Small(bigNum src) { + std::string srcstr = src.hex(); + return smallNum(srcstr); + } + bigNum small2Big(smallNum src, int minHexLength = 0) { + std::string srcstr = src.hex(); + return bigNum(srcstr); + } +} + +namespace interface { + using namespace calc; + smallNum rsa_d(smallNum rsa_e, smallNum d, smallNum n) { + return rsa_e.pow_mod(d, n); + } +} + +char tmpresult[512]; +char* transferFromString(string src) { + int siz = src.length(); + if (siz < 512) { + for (int i = 0; i <= siz; i++) { + tmpresult[i] = src[i]; + } + } + return tmpresult; +} + +string transferToString(char* src) { + string result; + for (int i = 0; src[i]; i++) { + result += src[i]; + } + return result; +} + +unsigned int randSeed = 0; + +unsigned int getNextRand(unsigned int preRand) { + if (!preRand) return -1; + unsigned x = preRand; + x ^= x << 13; + x ^= x >> 17; + x ^= x << 5; + return x; +} + +unsigned int getNextRand(unsigned int preRand,int rounds) { + if (!preRand) return -1; + unsigned x = preRand; + for (int i = 0; i < rounds; i++) { + x = getNextRand(x); + } + return x; +} + +uint32_t Keys[2]; + +void sealKeys() { + Keys[0] ^= getNextRand(12345678, 32); + Keys[1] ^= getNextRand(87654321, 32); +} + +void decryptKeys(uint32_t *keybuf) { + keybuf[0] = Keys[0] ^ getNextRand(12345678, 32); + keybuf[1] = Keys[1] ^ getNextRand(87654321, 32); +} + +void initKeys(uint32_t *src) { + randSeed = src[0]; + randSeed ^= getNextRand(randSeed, 16); + Keys[0] = getNextRand(randSeed, 555); // Ku + Keys[1] = getNextRand(randSeed, 777); // Kw + sealKeys(); +} + +void setKeys(uint32_t *K) { + memcpy(Keys, K, sizeof Keys); +} + +void getKeys(uint32_t *K) { + memcpy(K, Keys, sizeof Keys); +} + +using namespace calc; +string DebugStr; +string Dstr, Nstr, CDstr, NPWstr; + +void encryptD() { + uint32_t Dkeys[2] = {}; + decryptKeys(Dkeys); + CDstr = (smallNum(Dstr) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Nstr)))).hex(); + Dstr = ""; +} + +void decryptD() { + uint32_t Dkeys[2] = {}; + decryptKeys(Dkeys); + Dstr = (smallNum(CDstr) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Nstr)))).hex(); +} + +void setCD(char* src, size_t len) { + char source[MAX_LEN]; + if (len < MAX_LEN) { + memcpy(source, src, len + 1); + } + CDstr = transferToString(source); +} + +void setD(char* src, size_t len){ + char source[MAX_LEN]; + if (len < MAX_LEN) { + memcpy(source, src, len + 1); + } + Dstr = transferToString(source); + encryptD(); +} + +void setN(char* src, size_t len){ + char source[MAX_LEN]; + if (len < MAX_LEN) { + memcpy(source, src, len + 1); + } + Nstr = transferToString(source); +} + +void getCD(char *buf, size_t len) { + char* result = transferFromString(CDstr); + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} + +string RSAsource; + +void setRSAsource(char* src, size_t len) { + char source[MAX_LEN]; + if (len < MAX_LEN) { + memcpy(source, src, len + 1); + } + RSAsource = transferToString(source); +} + +void getRSAresult(char *buf, size_t len) { + decryptD(); + string hpw = interface::rsa_d(smallNum(RSAsource), smallNum(Dstr), smallNum(Nstr)).hex(); + uint32_t Dkeys[2] = {}; + decryptKeys(Dkeys); + string npw = (smallNum(hpw) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Dstr)))).hex(); + char* result = transferFromString(npw); + Dstr = ""; + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} + +uint32_t _uints[3]; + +void registerSeed(uint32_t *src){ + randSeed = src[0]; + randSeed ^= getNextRand(randSeed, 16); + _uints[0] = getNextRand(randSeed, 111) % 2001 + 2000; // x + _uints[1] = getNextRand(randSeed, 222) % 1001 + 2000; // mu + _uints[2] = getNextRand(randSeed, 333) % 15 + 1; // k +} + +void setNPW(char* src, size_t len) { + char source[MAX_LEN]; + if (len < MAX_LEN) { + memcpy(source, src, len + 1); + } + NPWstr = transferToString(source); +} + +string _xStr, _muStr, _kStr,_nwidStr; + +void calcEmbeddingResult() { + decryptD(); + string hwid = interface::rsa_d(smallNum(RSAsource), smallNum(Dstr), smallNum(Nstr)).hex(); + uint32_t Dkeys[2] = {}; + decryptKeys(Dkeys); + _nwidStr = (smallNum(hwid) ^ big2Small(SM3(bigNum().FromU32(Dkeys[1]) || bigNum(Dstr)))).hex(); + string hpw = (smallNum(NPWstr) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Dstr)))).hex(); + smallNum hashPart = big2Small(SM3(bigNum(hpw) || bigNum(hwid)).hex()); + _xStr = (smallNum().FromU32(_uints[0])*smallNum("001001001001001001001001001001001001001001001001001001001001001") ^ hashPart).hex(); + _muStr = (smallNum().FromU32(_uints[1])*smallNum("001001001001001001001001001001001001001001001001001001001001001") ^ hashPart).hex(); + _kStr = (smallNum().FromU32(_uints[2])*smallNum("1111111111111111111111111111111111111111111111111111111111111111") ^ hashPart).hex(); + Dstr = ""; + NPWstr = ""; +} + +void getX(char *buf, size_t len) { + char* result = transferFromString(_xStr); + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} + +void getMu(char *buf, size_t len) { + char* result = transferFromString(_muStr); + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} + +void getK(char *buf, size_t len) { + char* result = transferFromString(_kStr); + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} + +void getNWID(char *buf, size_t len) { + char* result = transferFromString(_nwidStr); + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in new file mode 100644 index 00000000..7b8ecf59 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in @@ -0,0 +1,8 @@ +gpd.ta.appID: @UUID@ +gpd.ta.service_name: test0108 +gpd.ta.singleInstance: true +gpd.ta.multiSession: false +gpd.ta.multiCommand: false +gpd.ta.instanceKeepAlive: false +gpd.ta.dataSize: 16384 +gpd.ta.stackSize: 20480 diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem new file mode 100644 index 00000000..a321f63e --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem @@ -0,0 +1,11 @@ +-----BEGIN PUBLIC KEY----- +MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAzAPwbnbgBg7JgXERA9Bx +p7GLI1S3e1zL83RMd2+GXb6kO4yMKUL3NUCE2HhA2BtQYmLyGovx59UUcKnU58is +Xux++kH+A2shmOPjYvEFuX0Kt8tc19b8M9b/iHsY8ZmKykqia2a5U+IrECRFJo5p +DWUnl7jrHVtq78BSR1c7iXG1frrEC0AYCuqKJo/fxfmOKL0Y9mENCB3nAwjn9unD +BsO/OhkqvvB3nkeuMfNKPh4wCqtQPve13eTojbuxjX/3ePijplTI5X2Gr+n6Ximn +fYRlytQmMgMl/db0ARSKNApq9bmwzVNrnGWWZWJksdRvf6iL7t17Gs4L9AApOuC9 +WkzxPvwp5ZUqjsGd4oJGWeC6ZE6BTw2vxE+xMFI9uAKHxq9pBKkcGMa0g4fANNNV ++W+8JZGanxEXKB3y/M7BCyQAPCWOHC/RNjmRA1gczLYCPzC4pWu935UZdF1RR6zY +CD3t+FoOGGET/g4CwWgyhb5qkp65Hs6ayYt/DUAqo+yBAgMBAAE= +-----END PUBLIC KEY----- diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt new file mode 100644 index 00000000..53c73199 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt @@ -0,0 +1,93 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +#set auto code prefix +set(PREFIX verify) +#set host exec name +set(OUTPUT secgear_enclave) +#set host src code +set(SOURCE_FILE main.cpp) + +set(CMAKE_CXX_STANDARD 11) +#set auto code +if(CC_GP) + set(AUTO_FILES ${PREFIX}_u.h ${PREFIX}_u.c ${PREFIX}_args.h) + set(SEARCH_PATH ${LOCAL_ROOT_PATH}/inc/host_inc/gp) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${SEARCH_PATH}) +endif() + +if(CC_SGX) + set(AUTO_FILES ${PREFIX}_u.h ${PREFIX}_u.c) + set(SEARCH_PATH ${LOCAL_ROOT_PATH}/inc/host_inc/sgx) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${SEARCH_PATH} --search-path ${SDK_PATH}/include) +endif() + +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE") +set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + +if(CC_GP) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${CMAKE_BINARY_DIR}/inc + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/gp + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_SGX) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/sgx + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_SIM) + target_link_libraries(${OUTPUT} secgearsim pthread) +else() + target_link_libraries(${OUTPUT} secgear pthread) +endif() +set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE) + +if(CC_GP) + #itrustee install whitelist /vender/bin/teec_hello + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION /vendor/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() + +if(CC_SGX) + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION ${CMAKE_BINARY_DIR}/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() + diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp b/wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp new file mode 100644 index 00000000..6979fe30 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp @@ -0,0 +1,103 @@ +#include +#include +#include +#include +#include "verify_u.h" + +#define MAX_LEN 1024 + +using namespace std; + +const char hexChars[] = "0123456789abcdef"; +int dec(char ch) { + if ('0' <= ch && ch <= '9') { + return ch - '0'; + } + if ('a' <= ch && ch <= 'f') { + return ch - 'a' + 10; + } + if ('A' <= ch && ch <= 'F') { + return ch - 'A' + 10; + } + return -1; +} +uint32_t transferToU32(char* src,int base=10) { + uint32_t result = 0; + for (int i = 0; src[i]; i++) { + result = result * base + dec(src[i]); + } + return result; +} + +char tmpresult[512]; +char* transferFromString(string src) { + int siz = src.length(); + if (siz < 512) { + for (int i = 0; i <= siz; i++) { + tmpresult[i] = src[i]; + } + } + return tmpresult; +} + +int main(int argc, char* argv[]) { + cc_enclave_t eid = {}; + cc_enclave_result_t ret; + char *path = transferFromString(PATH); + // char *path = PATH; + + ret = cc_enclave_create(path, AUTO_ENCLAVE_TYPE, 0, SECGEAR_DEBUG_FLAG, NULL, 0, &eid); + cout << ret << endl; + if (ret != CC_SUCCESS) { + printf("ERR: %#x ,failed to create enclave.\n", ret); + return -1; + } + char buffer[MAX_LEN]; + uint32_t uints[2] = {}; + if (argc > 1) { + if(strcmp(argv[1],"initServer") == 0){ + uints[0] = transferToU32(argv[4]); + initKeys(&eid, uints); + setN(&eid, argv[3], strlen(argv[3]) + 1); + setD(&eid, argv[2], strlen(argv[2]) + 1); + getCD(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + getKeys(&eid, uints); + printf("%u\n%u\n", uints[0], uints[1]); + } + else if(strcmp(argv[1], "passwordEncryption") == 0){ + setN(&eid, argv[4], strlen(argv[4]) + 1); + setCD(&eid, argv[3], strlen(argv[3]) + 1); + setRSAsource(&eid, argv[2], strlen(argv[2]) + 1); + uints[0] = transferToU32(argv[5]); + setKeys(&eid, uints); + getRSAresult(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + } + else if(strcmp(argv[1], "embedding") == 0){ + setN(&eid, argv[5], strlen(argv[5]) + 1); + setCD(&eid, argv[4], strlen(argv[4]) + 1); + setNPW(&eid, argv[3], strlen(argv[3]) + 1); + setRSAsource(&eid, argv[2], strlen(argv[2]) + 1); + uints[0] = transferToU32(argv[8]); + registerSeed(&eid, uints); + uints[0] = transferToU32(argv[6]); + uints[1] = transferToU32(argv[7]); + setKeys(&eid, uints); + calcEmbeddingResult(&eid); + getX(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + getMu(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + getK(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + getNWID(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + } + } + + if (CC_SUCCESS != cc_enclave_destroy(&eid)) { + return -1; + } + return 0; +} diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl b/wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl new file mode 100644 index 00000000..73fc1846 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl @@ -0,0 +1,28 @@ +enclave { + include "secgear_urts.h" + from "secgear_tstdc.edl" import *; + + trusted { + public void setRSAsource([in, size=len] char* src, size_t len); + public void getRSAresult([out, size=len] char* buf, size_t len); + public void calcEmbeddingResult(); + public void initKeys([in] uint32_t *src); + public void registerSeed([in] uint32_t *src); + public void setKeys([in,count=2] uint32_t *K); + public void getKeys([out,count=2] uint32_t *K); + public void setD([in, size=len] char* src, size_t len); + public void setCD([in, size=len] char* src, size_t len); + public void setN([in, size=len] char* src, size_t len); + public void getCD([out, size=len] char* buf, size_t len); + public void getX([out, size=len] char* buf, size_t len); + public void getMu([out, size=len] char* buf, size_t len); + public void getK([out, size=len] char* buf, size_t len); + public void getNWID([out, size=len] char* buf, size_t len); + public void setNPW([in, size=len] char* src, size_t len); + + }; + + untrusted { + + }; +}; -- Gitee From 9d5392c12723b5e77103ec1e2b4505f23c4a8f88 Mon Sep 17 00:00:00 2001 From: woxim Date: Fri, 15 Mar 2024 21:33:10 +0800 Subject: [PATCH 2/4] 1 --- .../encrypt/CMakeLists.txt | 38 - .../encrypt/enclave/CMakeLists.txt | 220 ----- .../encrypt/enclave/Enclave.config.xml | 12 - .../encrypt/enclave/Enclave.lds | 11 - .../encrypt/enclave/common_utils.h | 58 -- .../encrypt/enclave/hello.c | 917 ------------------ .../encrypt/enclave/manifest.txt.in | 8 - .../encrypt/enclave/rsa_public_key_cloud.pem | 11 - .../Wallfacer1.0-modify/encrypt/enclave/sm3.h | 190 ---- .../Wallfacer1.0-modify/encrypt/enclave/sm4.h | 103 -- .../Wallfacer1.0-modify/encrypt/encrypt.edl | 28 - .../encrypt/host/CMakeLists.txt | 120 --- .../Wallfacer1.0-modify/encrypt/host/db.sh | 29 - .../Wallfacer1.0-modify/encrypt/host/dbend.sh | 23 - .../Wallfacer1.0-modify/encrypt/host/main.c | 253 ----- .../Wallfacer1.0-modify/verify/CMakeLists.txt | 39 - .../verify/enclave/CMakeLists.txt | 157 --- .../verify/enclave/Enclave.config.xml | 12 - .../verify/enclave/Enclave.lds | 11 - .../verify/enclave/enclave.cpp | 705 -------------- .../verify/enclave/manifest.txt.in | 8 - .../verify/enclave/rsa_public_key_cloud.pem | 11 - .../verify/host/CMakeLists.txt | 93 -- .../Wallfacer1.0-modify/verify/host/main.cpp | 103 -- .../Wallfacer1.0-modify/verify/verify.edl | 28 - 25 files changed, 3188 deletions(-) delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/manifest.txt.in delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/rsa_public_key_cloud.pem delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm3.h delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp delete mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt deleted file mode 100644 index ce7892d9..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. -# secGear is licensed under the Mulan PSL v2. -# You can use this software according to the terms and conditions of the Mulan PSL v2. -# You may obtain a copy of Mulan PSL v2 at: -# http://license.coscl.org.cn/MulanPSL2 -# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR -# PURPOSE. -# See the Mulan PSL v2 for more details. - -project(enclave C) - -set(CMAKE_C_STANDARD 99) - -set(CURRENT_ROOT_PATH ${CMAKE_CURRENT_SOURCE_DIR}) - -#set edl name -set(EDL_FILE encrypt.edl) -set(CODEGEN codegen) - -if(CC_GP) - set(CODETYPE trustzone) - set(UUID f68fd704-6eb1-4d14-b218-722850eb3ef0) - add_definitions(-DPATH="/data/${UUID}.sec") -endif() - -if(CC_SGX) - set(CODETYPE sgx) - add_definitions(-DPATH="${CMAKE_CURRENT_BINARY_DIR}/enclave/enclave.signed.so") -endif() - -if(CC_PL) - set(CODETYPE penglai) - add_definitions(-DPATH="${CMAKE_CURRENT_SOURCE_DIR}/enclave/penglai-ELF") -endif() - -add_subdirectory(${CURRENT_ROOT_PATH}/enclave) -add_subdirectory(${CURRENT_ROOT_PATH}/host) diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt deleted file mode 100644 index a41cf01f..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt +++ /dev/null @@ -1,220 +0,0 @@ -# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. -# secGear is licensed under the Mulan PSL v2. -# You can use this software according to the terms and conditions of the Mulan PSL v2. -# You may obtain a copy of Mulan PSL v2 at: -# http://license.coscl.org.cn/MulanPSL2 -# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR -# PURPOSE. -# See the Mulan PSL v2 for more details. - -#set auto code prefix -set(PREFIX encrypt) - -#set sign key -set(PEM Enclave_private.pem) - -#set sign tool -set(SIGN_TOOL ${LOCAL_ROOT_PATH}/tools/sign_tool/sign_tool.sh) - -#set enclave src code -set(SOURCE_FILES ${CMAKE_CURRENT_SOURCE_DIR}/hello.c) - -#set log level -set(PRINT_LEVEL 3) -add_definitions(-DPRINT_LEVEL=${PRINT_LEVEL}) - -if(CC_GP) - #set signed output - set(OUTPUT ${UUID}.sec) - #set whilelist. default: /vendor/bin/teec_hello - set(WHITE_LIST_0 /vendor/bin/enclave) - set(WHITE_LIST_OWNER root) - set(WHITE_LIST_1 /vendor/bin/secgear_helloworld) - set(WHITELIST WHITE_LIST_0 WHITE_LIST_1) - - set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) - add_custom_command(OUTPUT ${AUTO_FILES} - DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} - COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) -endif() - -if(CC_SGX) - set(OUTPUT enclave.signed.so) - set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c) - add_custom_command(OUTPUT ${AUTO_FILES} - DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} - COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include) -endif() - -if(CC_PL) - set(OUTPUT penglai-ELF) - set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) - add_custom_command(OUTPUT ${AUTO_FILES} - DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} - COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/penglai) -endif() - -set(COMMON_C_FLAGS "-W -Wall -Werror -fno-short-enums -fno-omit-frame-pointer -fstack-protector \ - -Wstack-protector --param ssp-buffer-size=4 -frecord-gcc-switches -Wextra -nostdinc -nodefaultlibs \ - -fno-peephole -fno-peephole2 -Wno-main -Wno-error=unused-parameter \ - -Wno-error=unused-but-set-variable -Wno-error=format-truncation=") - -set(COMMON_C_LINK_FLAGS "-Wl,-z,now -Wl,-z,relro -Wl,-z,noexecstack -Wl,-nostdlib -nodefaultlibs -nostartfiles") - -if(CC_GP) - - set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -march=armv8-a ") - set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s -fPIC") - set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-s") - - set(ITRUSTEE_TEEDIR ${SDK_PATH}/) - set(ITRUSTEE_LIBC ${SDK_PATH}/thirdparty/open_source/musl/libc) - - if(${CMAKE_VERSION} VERSION_LESS "3.13.0") - link_directories(${CMAKE_BINARY_DIR}/lib/) - endif() - - add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) - - target_include_directories( ${PREFIX} PRIVATE - ${CMAKE_CURRENT_BINARY_DIR} - ${CMAKE_BINARY_DIR}/inc - ${LOCAL_ROOT_PATH}/inc/host_inc - ${LOCAL_ROOT_PATH}/inc/host_inc/gp - ${LOCAL_ROOT_PATH}/inc/enclave_inc - ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp - ${ITRUSTEE_TEEDIR}/include/TA - ${ITRUSTEE_TEEDIR}/include/TA/huawei_ext - ${ITRUSTEE_LIBC}/arch/aarch64 - ${ITRUSTEE_LIBC}/ - ${ITRUSTEE_LIBC}/arch/arm/bits - ${ITRUSTEE_LIBC}/arch/generic - ${ITRUSTEE_LIBC}/arch/arm - ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp/itrustee) - - if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") - target_link_directories(${PREFIX} PRIVATE - ${CMAKE_BINARY_DIR}/lib/) - endif() - - foreach(WHITE_LIST ${WHITELIST}) - add_definitions(-D${WHITE_LIST}="${${WHITE_LIST}}") - endforeach(WHITE_LIST) - add_definitions(-DWHITE_LIST_OWNER="${WHITE_LIST_OWNER}") - - target_link_libraries(${PREFIX} -lsecgear_tee) - - #for trustzone compiling, you should connact us to get config and private_key.pem for test, so we will not sign and install binary in this example # - # add_custom_command(TARGET ${PREFIX} - # POST_BUILD - # COMMAND bash ${SIGN_TOOL} -d sign -x trustzone -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -c ${CMAKE_CURRENT_SOURCE_DIR}/manifest.txt -m ${CMAKE_CURRENT_SOURCE_DIR}/config_cloud.ini -o ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT}) - - # install(FILES ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT} - # DESTINATION /data - # PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) - -endif() - -if(CC_SGX) - set(SGX_DIR ${SDK_PATH}) - set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -m64 -fvisibility=hidden") - set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") - set(LINK_LIBRARY_PATH ${SGX_DIR}/lib64) - - if(CC_SIM) - set(Trts_Library_Name sgx_trts_sim) - set(Service_Library_Name sgx_tservice_sim) - else() - set(Trts_Library_Name sgx_trts) - set(Service_Library_Name sgx_tservice) - endif() - - set(Crypto_Library_Name sgx_tcrypto) - - set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-z,defs -Wl,-pie -Bstatic -Bsymbolic -eenclave_entry \ - -Wl,--export-dynamic -Wl,--defsym,__ImageBase=0 -Wl,--gc-sections -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/Enclave.lds") - - if(${CMAKE_VERSION} VERSION_LESS "3.13.0") - link_directories(${LINK_LIBRARY_PATH}) - endif() - - add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) - - target_include_directories(${PREFIX} PRIVATE - ${CMAKE_CURRENT_BINARY_DIR} - ${SGX_DIR}/include/tlibc - ${SGX_DIR}/include/libcxx - ${SGX_DIR}/include - ${LOCAL_ROOT_PATH}/inc/host_inc - ${LOCAL_ROOT_PATH}/inc/host_inc/sgx) - - if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") - target_link_directories(${PREFIX} PRIVATE - ${LINK_LIBRARY_PATH}) - endif() - - target_link_libraries(${PREFIX} -Wl,--whole-archive ${Trts_Library_Name} -Wl,--no-whole-archive - -Wl,--start-group -lsgx_tstdc -lsgx_tcxx -l${Crypto_Library_Name} -l${Service_Library_Name} -Wl,--end-group) - # target_link_libraries(${PREFIX} /usr/lib/x86_64-linux-gnu/libmemcached.so) - add_custom_command(TARGET ${PREFIX} - POST_BUILD - COMMAND umask 0177 - COMMAND openssl genrsa -3 -out ${PEM} 3072 - COMMAND bash ${SIGN_TOOL} -d sign -x sgx -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -k ${PEM} -o ${OUTPUT} -c ${CMAKE_CURRENT_SOURCE_DIR}/Enclave.config.xml) -endif() - -if(NOT DEFINED CC_PL) - set_target_properties(${PREFIX} PROPERTIES SKIP_BUILD_RPATH TRUE) -endif() - -if(CC_PL) - set(SDK_LIB_DIR ${SDK_PATH}/lib) - set(SDK_INCLUDE_DIR ${SDK_LIB_DIR}/app/include) - set(SDK_APP_LIB ${SDK_LIB_DIR}/libpenglai-enclave-eapp.a) - set(MUSL_LIB_DIR ${SDK_PATH}/musl/lib) - set(MUSL_LIBC ${MUSL_LIB_DIR}/libc.a) - set(GCC_LIB ${SDK_LIB_DIR}/libgcc.a) - set(SECGEAR_TEE_LIB ${CMAKE_BINARY_DIR}/lib/libsecgear_tee.a) - - set(SOURCE_C_OBJS "") - foreach(SOURCE_FILE ${SOURCE_FILES}) - STRING(REGEX REPLACE ".+/(.+)\\..*" "\\1" SOURCE_FILE_NAME ${SOURCE_FILE}) - set(SOURCE_OBJ ${CMAKE_CURRENT_BINARY_DIR}/${SOURCE_FILE_NAME}.o) - add_custom_command( - OUTPUT ${SOURCE_OBJ} - DEPENDS ${SOURCE_FILES} - COMMAND gcc -Wall -I${SDK_INCLUDE_DIR} -I${CMAKE_CURRENT_BINARY_DIR} -I${CMAKE_BINARY_DIR}/inc - -I${LOCAL_ROOT_PATH}/inc/host_inc -I${LOCAL_ROOT_PATH}/inc/host_inc/penglai -I${LOCAL_ROOT_PATH}/inc/enclave_inc - -I${LOCAL_ROOT_PATH}/inc/enclave_inc/penglai -c -o ${SOURCE_OBJ} ${SOURCE_FILE} - COMMENT "generate SOURCE_OBJ" - ) - list(APPEND SOURCE_C_OBJS ${SOURCE_OBJ}) - endforeach() - - set(APP_C_OBJ ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.o) - add_custom_command( - OUTPUT ${APP_C_OBJ} - DEPENDS ${AUTO_FILES} - COMMAND gcc -Wall -I${SDK_INCLUDE_DIR} -I${CMAKE_CURRENT_BINARY_DIR} -I${CMAKE_BINARY_DIR}/inc - -I${LOCAL_ROOT_PATH}/inc/host_inc -I${LOCAL_ROOT_PATH}/inc/host_inc/penglai -I${LOCAL_ROOT_PATH}/inc/enclave_inc - -I${LOCAL_ROOT_PATH}/inc/enclave_inc/penglai -c -o ${APP_C_OBJ} ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c - COMMENT "generate APP_C_OBJ" - ) - - add_custom_command( - OUTPUT ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} - DEPENDS ${APP_C_OBJ} ${SOURCE_C_OBJS} ${SDK_APP_LIB} ${MUSL_LIBC} ${GCC_LIB} - COMMAND ld -static -L${SDK_LIB_DIR} -L${MUSL_LIB_DIR} -L/usr/lib64 -lpenglai-enclave-eapp -lsecgear_tee -lc - -o ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} ${APP_C_OBJ} ${SOURCE_C_OBJS} ${SDK_APP_LIB} ${SECGEAR_TEE_LIB} - ${MUSL_LIBC} ${GCC_LIB} -T ${SDK_PATH}/app.lds - COMMAND chmod -x ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} - COMMENT "generate penglai-ELF" - ) - add_custom_target( - ${OUTPUT} ALL - DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} - COMMENT "makefile target penglai-ELF" - ) - -endif() diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml deleted file mode 100644 index e94c9bc5..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml +++ /dev/null @@ -1,12 +0,0 @@ - - 0 - 0 - 0x40000 - 0x100000 - 10 - 1 - - 0 - 0 - 0xFFFFFFFF - diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds deleted file mode 100644 index ab77e647..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds +++ /dev/null @@ -1,11 +0,0 @@ -enclave.so -{ - global: - g_global_data_sim; - g_global_data; - enclave_entry; - g_peak_heap_used; - local: - *; -}; - diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h deleted file mode 100644 index bd8c6471..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h +++ /dev/null @@ -1,58 +0,0 @@ -#ifndef SECGEAR_SM_COMMON_UTILS -#define SECGEAR_SM_COMMON_UTILS - -#include - -typedef __uint8_t uint8; -typedef __uint16_t uint16; -typedef __uint32_t uint32; -typedef __uint64_t uint64; - -#define CONCAT_8x4(x0, x1, x2, x3) ((((uint32)(x0) << 8 | (x1)) << 8 | (x2)) << 8 | (x3)) // X = (x0 || x1 || x2 || x3) -#define CONCAT_16x2(x0, x1) ((uint32)(x0) << 16 | (x1)) // X = (x0 || x1) -#define EXTRACT_8_32(X, i) (((X) >> (((i) ^ 3) << 3)) & 0xFF) // X = (x0 || x1 || x2 || x3) -#define EXTRACT_16_32(X, i) (((X) >> (((i) ^ 1) << 4)) & 0xFFFF) // X = (x0 || x1) -#define EXTRACT_16H_31(X) (((X) >> 15) & 0xFFFF) // Higher 16-bit from 31-bit -#define EXTRACT_16L_31(X) ((X) & 0xFFFF) // Lower 16-bit from 31-bit - -#define ROTATE(a, n) (((a) << (n)) | (((a) & 0xFFFFFFFF) >> (32 - (n)))) -#define ROTATE_31(a, n) ((((a) << (n)) & 0x7FFFFFFF) | (((a) & 0x7FFFFFFF) >> (31 - (n)))) - -#define GET_BIT_VALUE_32(x, i) (((x) >> (31 - (i))) & 1) - -const uint32 PREFIX_MASK_32[32] = { - 0x00000000, - 0x80000000, - 0xC0000000, - 0xE0000000, - 0xF0000000, - 0xF8000000, - 0xFC000000, - 0xFE000000, - 0xFF000000, - 0xFF800000, - 0xFFC00000, - 0xFFE00000, - 0xFFF00000, - 0xFFF80000, - 0xFFFC0000, - 0xFFFE0000, - 0xFFFF0000, - 0xFFFF8000, - 0xFFFFC000, - 0xFFFFE000, - 0xFFFFF000, - 0xFFFFF800, - 0xFFFFFC00, - 0xFFFFFE00, - 0xFFFFFF00, - 0xFFFFFF80, - 0xFFFFFFC0, - 0xFFFFFFE0, - 0xFFFFFFF0, - 0xFFFFFFF8, - 0xFFFFFFFC, - 0xFFFFFFFE -}; - -#endif \ No newline at end of file diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c deleted file mode 100644 index abae42a6..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c +++ /dev/null @@ -1,917 +0,0 @@ -/* - * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. - * secGear is licensed under the Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR - * PURPOSE. - * See the Mulan PSL v2 for more details. - */ - -#include -#include -#include -#include -#include "encrypt_t.h" - -#define BUF_MAX 32 -#define Mkey "admin" //主密钥,用于生成存储密钥 -char uname[20];//用户名 -char upsw[56];//用户密码 -char buff[80];//用户名与密码相连字符串 -char uinfo[31];//用户机密信息,字符串 -char ucipher[64];//用户十六进制密文字符串 -char c[32];//用户十六进制转字符串 -unsigned char cipt[40];//sm3加密后生成的存储密钥 -int num=0; -char key[16];//sm4加密密钥 -char acipt[40];//sm4加密后生成的信息密文 -char temp[32]; -int nnn; - - - -void transname(char *name)//获得用户名 -{ - strncpy(uname,name, strlen(name)); -} -void transpsw(char *psw)//获得用户密码 -{ - strncpy(upsw,psw, strlen(psw)); -} -void transinfo(char *info)//获得用户机密信息 -{ - strncpy(uinfo,info, strlen(info)); -} -void transcipher(char *cipher)//获得用户机密信息 -{ - strncpy(ucipher,cipher, strlen(cipher)); -} - -//SM3 - -#include "sm3.h" - -void sm3() -{ - strncpy(buff, uname, strlen(uname));//获得用户名 - strncat(buff, upsw, strlen(upsw));//连接用户密码 - // strncat(buff, Mkey, strlen(Mkey));//连接用户密码 - SM3_CTX c; - sm3_init(&c); - sm3_update(&c, buff, strlen(buff)); - // sm3_final(&c, cipt); - sm3_final(cipt, &c); -} - -//SM4加密算法 - -#include "sm4.h" - -/** - * S盒 - */ -static const int S[16][16] = -{ - { - 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, - 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 - }, - { - 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, - 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 - }, - { - 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, - 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 - }, - { - 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, - 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 - }, - { - 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, - 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 - }, - { - 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, - 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf - }, - { - 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, - 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 - }, - { - 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, - 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 - }, - { - 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, - 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 - }, - { - 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, - 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb - }, - { - 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, - 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 - }, - { - 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, - 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 - }, - { - 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, - 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a - }, - { - 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, - 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e - }, - { - 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, - 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf - }, - { - 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, - 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 - } -}; -/** - * 逆S盒 - */ -static const int S2[16][16] = -{ - { - 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, - 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb - }, - { - 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, - 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb - }, - { - 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, - 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e - }, - { - 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, - 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 - }, - { - 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, - 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 - }, - { - 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, - 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 - }, - { - 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, - 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 - }, - { - 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, - 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b - }, - { - 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, - 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 - }, - { - 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, - 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e - }, - { - 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, - 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b - }, - { - 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, - 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 - }, - { - 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, - 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f - }, - { - 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, - 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef - }, - { - 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, - 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 - }, - { - 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, - 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d - } -}; -/** - * 获取整形数据的低8位的左4个位 - */ -static int getLeft4Bit(int num) -{ - int left = num & 0x000000f0; - return left >> 4; -} -/** - * 获取整形数据的低8位的右4个位 - */ -static int getRight4Bit(int num) -{ - return num & 0x0000000f; -} -/** - * 根据索引,从S盒中获得元素 - */ -static int getNumFromSBox(int index) -{ - int row = getLeft4Bit(index); - int col = getRight4Bit(index); - return S[row][col]; -} -/** - * 把一个字符转变成整型 - */ -static int getIntFromChar(char c) -{ - int result = (int) c; - return result & 0x000000ff; -} -/** - * 把16个字符转变成4X4的数组, - * 该矩阵中字节的排列顺序为从上到下, - * 从左到右依次排列。 - */ -static void convertToIntArray(char *str, int pa[4][4]) -{ - int k = 0; - for(int i = 0; i < 4; i++) - for(int j = 0; j < 4; j++) { - pa[j][i] = getIntFromChar(str[k]); - k++; - } -} -/** - * 把连续的4个字符合并成一个4字节的整型 - */ -static int getWordFromStr(char *str) -{ - int one = getIntFromChar(str[0]); - one = one << 24; - int two = getIntFromChar(str[1]); - two = two << 16; - int three = getIntFromChar(str[2]); - three = three << 8; - int four = getIntFromChar(str[3]); - return one | two | three | four; -} -/** - * 把一个4字节的数的第一、二、三、四个字节取出, - * 入进一个4个元素的整型数组里面。 - */ -static void splitIntToArray(int num, int array[4]) -{ - int one = num >> 24; - array[0] = one & 0x000000ff; - int two = num >> 16; - array[1] = two & 0x000000ff; - int three = num >> 8; - array[2] = three & 0x000000ff; - array[3] = num & 0x000000ff; -} -/** - * 将数组中的元素循环左移step位 - */ -static void leftLoop4int(int array[4], int step) -{ - int temp[4]; - for(int i = 0; i < 4; i++) - { - temp[i] = array[i]; - } - int index = step % 4 == 0 ? 0 : step % 4; - for(int i = 0; i < 4; i++) - { - array[i] = temp[index]; - index++; - index = index % 4; - } -} -/** - * 把数组中的第一、二、三和四元素分别作为 - * 4字节整型的第一、二、三和四字节,合并成一个4字节整型 - */ -static int mergeArrayToInt(int array[4]) -{ - int one = array[0] << 24; - int two = array[1] << 16; - int three = array[2] << 8; - int four = array[3]; - return one | two | three | four; -} - -/** - * 常量轮值表 - */ -static const int Rcon[10] = -{ - 0x01000000, 0x02000000, - 0x04000000, 0x08000000, - 0x10000000, 0x20000000, - 0x40000000, 0x80000000, - 0x1b000000, 0x36000000 -}; -/** - * 密钥扩展中的T函数 - */ -static int T1(int num, int round) -{ - int numArray[4]; - splitIntToArray(num, numArray); - leftLoop4int(numArray, 1);//字循环 - //字节代换 - for(int i = 0; i < 4; i++) - { - numArray[i] = getNumFromSBox(numArray[i]); - } - int result = mergeArrayToInt(numArray); - return result ^ Rcon[round]; -} -//密钥对应的扩展数组 -static int w[44]; -/** - * 扩展密钥,结果是把w[44]中的每个元素初始化 - */ -static void extendKey(char *key) -{ - for(int i = 0; i < 4; i++) - { - w[i] = getWordFromStr(key + i * 4); - } - for(int i = 4, j = 0; i < 44; i++) - { - if( i % 4 == 0) - { - w[i] = w[i - 4] ^ T1(w[i - 1], j); - j++;//下一轮 - } - else - { - w[i] = w[i - 4] ^ w[i - 1]; - } - } -} -/** - * 轮密钥加 - */ -static void addRoundKey(int array[4][4], int round) -{ - int warray[4]; - for(int i = 0; i < 4; i++) - { - splitIntToArray(w[ round * 4 + i], warray); - for(int j = 0; j < 4; j++) - { - array[j][i] = array[j][i] ^ warray[j]; - } - } -} -/** - * 字节代换 - */ -static void subBytes(int array[4][4]) -{ - for(int i = 0; i < 4; i++) - { - for(int j = 0; j < 4; j++) - { - array[i][j] = getNumFromSBox(array[i][j]); - } - } -} -/** - * 行移位 - */ -static void shiftRows(int array[4][4]) -{ - int rowTwo[4], rowThree[4], rowFour[4]; - //复制状态矩阵的第2,3,4行 - for(int i = 0; i < 4; i++) - { - rowTwo[i] = array[1][i]; - rowThree[i] = array[2][i]; - rowFour[i] = array[3][i]; - } - //循环左移相应的位数 - leftLoop4int(rowTwo, 1); - leftLoop4int(rowThree, 2); - leftLoop4int(rowFour, 3); - //把左移后的行复制回状态矩阵中 - for(int i = 0; i < 4; i++) - { - array[1][i] = rowTwo[i]; - array[2][i] = rowThree[i]; - array[3][i] = rowFour[i]; - } -} -/** - * 列混合要用到的矩阵 - */ -static const int colM[4][4] = -{ - {2, 3, 1, 1}, - {1, 2, 3, 1}, - {1, 1, 2, 3}, - {3, 1, 1, 2} -}; -static int GFMul2(int s) -{ - int result = s << 1; - int a7 = result & 0x00000100; - if(a7 != 0) - { - result = result & 0x000000ff; - result = result ^ 0x1b; - } - return result; -} -static int GFMul3(int s) -{ - return GFMul2(s) ^ s; -} -static int GFMul4(int s) -{ - return GFMul2(GFMul2(s)); -} -static int GFMul8(int s) -{ - return GFMul2(GFMul4(s)); -} -static int GFMul9(int s) -{ - return GFMul8(s) ^ s; -} -static int GFMul11(int s) -{ - return GFMul9(s) ^ GFMul2(s); -} -static int GFMul12(int s) -{ - return GFMul8(s) ^ GFMul4(s); -} -static int GFMul13(int s) -{ - return GFMul12(s) ^ s; -} -static int GFMul14(int s) -{ - return GFMul12(s) ^ GFMul2(s); -} -/** - * GF上的二元运算 - */ -static int GFMul(int n, int s) -{ - int result; - if(n == 1) - { - result = s; - } - else if(n == 2) - { - result = GFMul2(s); - } - else if(n == 3) - { - result = GFMul3(s); - } - else if(n == 0x9) - { - result = GFMul9(s); - } - else if(n == 0xb)//11 - { - result = GFMul11(s); - } - else if(n == 0xd)//13 - { - result = GFMul13(s); - } - else if(n == 0xe)//14 - { - result = GFMul14(s); - } - return result; -} -/** - * 列混合 - */ -static void mixColumns(int array[4][4]) -{ - int tempArray[4][4]; - for(int i = 0; i < 4; i++) - { - for(int j = 0; j < 4; j++) - { - tempArray[i][j] = array[i][j]; - } - } - for(int i = 0; i < 4; i++) - { - for(int j = 0; j < 4; j++) - { - array[i][j] = GFMul(colM[i][0],tempArray[0][j]) ^ - GFMul(colM[i][1],tempArray[1][j]) - ^ GFMul(colM[i][2],tempArray[2][j]) - ^ GFMul(colM[i][3], tempArray[3][j]); - } - } -} -/** - * 把4X4数组转回字符串 - */ -static void convertArrayToStr(int array[4][4], char *str) { - for(int i = 0; i < 4; i++) - { - for(int j = 0; j < 4; j++) - { - *str++ = (char)array[j][i]; - } - } -} -/** - * 参数 p: 明文的字符串数组。 - * 参数 plen: 明文的长度。 - * 参数 key: 密钥的字符串数组。 - */ -void sm4(char *p, int plen, char *key) -{ - extendKey(key);//扩展密钥 - int pArray[4][4]; - for(int k = 0; k < plen; k += 16) - { - convertToIntArray(p + k, pArray); - addRoundKey(pArray, 0);//一开始的轮密钥加 - for(int i = 1; i < 10; i++) - {//前9轮 - subBytes(pArray);//字节代换 - shiftRows(pArray);//行移位 - mixColumns(pArray);//列混合 - addRoundKey(pArray, i); - } - //第10轮 - subBytes(pArray);//字节代换 - shiftRows(pArray);//行移位 - addRoundKey(pArray, 10); - convertArrayToStr(pArray, p + k); - } -} -/** - * 根据索引从逆S盒中获取值 - */ -static int getNumFromS1Box(int index) -{ - int row = getLeft4Bit(index); - int col = getRight4Bit(index); - return S2[row][col]; -} -/** - * 逆字节变换 - */ -static void deSubBytes(int array[4][4]) -{ - for(int i = 0; i < 4; i++) - { - for(int j = 0; j < 4; j++) - { - array[i][j] = getNumFromS1Box(array[i][j]); - } - } -} -/** - * 把4个元素的数组循环右移step位 - */ -static void rightLoop4int(int array[4], int step) -{ - int temp[4]; - for(int i = 0; i < 4; i++) - { - temp[i] = array[i]; - } - int index = step % 4 == 0 ? 0 : step % 4; - index = 3 - index; - for(int i = 3; i >= 0; i--) - { - array[i] = temp[index]; - index--; - index = index == -1 ? 3 : index; - } -} -/** - * 逆行移位 - */ -static void deShiftRows(int array[4][4]) -{ - int rowTwo[4], rowThree[4], rowFour[4]; - for(int i = 0; i < 4; i++) - { - rowTwo[i] = array[1][i]; - rowThree[i] = array[2][i]; - rowFour[i] = array[3][i]; - } - rightLoop4int(rowTwo, 1); - rightLoop4int(rowThree, 2); - rightLoop4int(rowFour, 3); - for(int i = 0; i < 4; i++) - { - array[1][i] = rowTwo[i]; - array[2][i] = rowThree[i]; - array[3][i] = rowFour[i]; - } -} -/** - * 逆列混合用到的矩阵 - */ -static const int deColM[4][4] = -{ - {0xe, 0xb, 0xd, 0x9}, - {0x9, 0xe, 0xb, 0xd}, - {0xd, 0x9, 0xe, 0xb}, - {0xb, 0xd, 0x9, 0xe} -}; -/** - * 逆列混合 - */ -static void deMixColumns(int array[4][4]) -{ - int tempArray[4][4]; - for(int i = 0; i < 4; i++) - { - for(int j = 0; j < 4; j++) - { - tempArray[i][j] = array[i][j]; - } - } - for(int i = 0; i < 4; i++) - { - for(int j = 0; j < 4; j++) - { - array[i][j] = GFMul(deColM[i][0],tempArray[0][j]) ^ - GFMul(deColM[i][1],tempArray[1][j]) ^ - GFMul(deColM[i][2],tempArray[2][j]) ^ - GFMul(deColM[i][3], tempArray[3][j]); - } - } -} -/** - * 把两个4X4数组进行异或 - */ -static void addRoundTowArray(int aArray[4][4],int bArray[4][4]) -{ - for(int i = 0; i < 4; i++) - { - for(int j = 0; j < 4; j++) - { - aArray[i][j] = aArray[i][j] ^ bArray[i][j]; - } - } -} -/** - * 从4个32位的密钥字中获得4X4数组, - * 用于进行逆列混合 - */ -static void getArrayFrom4W(int i, int array[4][4]) -{ - int index = i * 4; - int colOne[4], colTwo[4], colThree[4], colFour[4]; - splitIntToArray(w[index], colOne); - splitIntToArray(w[index + 1], colTwo); - splitIntToArray(w[index + 2], colThree); - splitIntToArray(w[index + 3], colFour); - for(int i = 0; i < 4; i++) - { - array[i][0] = colOne[i]; - array[i][1] = colTwo[i]; - array[i][2] = colThree[i]; - array[i][3] = colFour[i]; - } -} -/** - * 参数 c: 密文的字符串数组。 - * 参数 clen: 密文的长度。 - * 参数 key: 密钥的字符串数组。 - */ -void desm4(char *c, int clen, char *key) -{ - extendKey(key);//扩展密钥 - int cArray[4][4]; - for(int k = 0; k < clen; k += 16) - { - convertToIntArray(c + k, cArray); - addRoundKey(cArray, 10); - int wArray[4][4]; - for(int i = 9; i >= 1; i--) - { - deSubBytes(cArray); - deShiftRows(cArray); - deMixColumns(cArray); - getArrayFrom4W(i, wArray); - deMixColumns(wArray); - addRoundTowArray(cArray, wArray); - } - deSubBytes(cArray); - deShiftRows(cArray); - addRoundKey(cArray, 0); - convertArrayToStr(cArray, c + k); - } -} - -#define MAXLEN 1024 - -void printASCII(char *str, int len) {//字符串转16进制 - for(int i = 0; i < len; i++) { - acipt[i] = (int)*str++; - acipt[i] = acipt[i] & 0x000000ff; - } -} - -void hex32_str(char *data,char *input)//将16进制串转字符串 -{ - int i=0,sum; - char t; - for(i=0;i<32;i=i+2) - { - sum=0; - t=data[i]; - if(t<='9') - { - sum=((int)t-48)*16; - } - else - { - switch(t) - { - case 'a':sum=10*16;break; - case 'b':sum=11*16;break; - case 'c':sum=12*16;break; - case 'd':sum=13*16;break; - case 'e':sum=14*16;break; - case 'f':sum=15*16;break; - } - } - t=data[i+1]; - if(t<='9') - { - sum=sum+((int)t-48); - } - else - { - switch(t) - { - case 'a':sum=sum+10;break; - case 'b':sum=sum+11;break; - case 'c':sum=sum+12;break; - case 'd':sum=sum+13;break; - case 'e':sum=sum+14;break; - case 'f':sum=sum+15;break; - } - } - input[i/2]=(char)sum; - } -} - -void hex16_str(char *data,char *output,int len)//将16进制转字符串 -{ - for(int i = 0; i < len; i++) { - output[i] = (char)data[i];//data中每个元素为字符对应的十进制数 - } -} - - -/** - * 使用PKCS#7 填充字符串 - p:要填充的明文字符串 - len:明文字符串长度 - */ -int PKCS7Padding(char *p, int len) -{ - //ascii码转16进制,temp中每个元素为字符对应的十进制数,方便填充 - for(int i = 0; i < len; i++) { - temp[i] = (int)*p++; - temp[i] = temp[i] & 0x000000ff;//temp中为字符转数字,即a=97 - } - - int i; - int block = len/16;//数据分组的组数 - int start = len;//开始补码的地址 - int end=(block+1)*16;//补码后总长度 - int t=16-len%16;//要补的位数,也即要补的字符 - if(t<10) - { - for(i = start; i < end; i++) - { - temp[i] = t; - }; - } - else if(t<=15) - { - for(i = start; i < end; i++) - { - temp[i] = t; - } - } - else if(t==16)//error - { - for(i = start; i < end; i++) - { - temp[i] = 16; - } - } - - hex16_str(temp,uinfo,end);//将temp中的每个元素对应的十进制数转为字符,方便后续对字符串加密 - nnn=end; - return end; -} - -/** - * 删除PKCS#7 填充字符串 - c:要删除填充的解密后的字符串 - len:解密后字符串长度 - padlen:删除填充后字符串长度 - */ -int dePKCS7Padding(char *c, int len) -{ -//送进来的为字符串,每个元素为字符,需要先获取最后一个字符,将字符转int,如0a=10,再从len-10开始置0到最后,返回重置后的字符串 - int padlen=(int)c[len-1]; - nnn=len-padlen; - for(int i=len-padlen;i -#include "common_utils.h" - -#define SM3_DIGEST_LENGTH 32 -#define SM3_WORD uint32 - -#define SM3_CBLOCK 64 -#define SM3_LBLOCK (SM3_CBLOCK/4) - -typedef struct SM3state_st { - SM3_WORD A, B, C, D, E, F, G, H; - SM3_WORD Nl, Nh; - SM3_WORD data[SM3_LBLOCK]; - unsigned int num; -} SM3_CTX; - -#define ROTATE(a, n) (((a) << (n)) | (((a) & 0xFFFFFFFF) >> (32 - (n)))) - -# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++))) ) ) -# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff), \ - l) - -#define P0(X) (X ^ ROTATE(X, 9) ^ ROTATE(X, 17)) -#define P1(X) (X ^ ROTATE(X, 15) ^ ROTATE(X, 23)) - -#define FF(J,X,Y,Z) (J<16 ? (X ^ Y ^ Z) : ((X & Y) | (X & Z) | (Y & Z))) -#define GG(J,X,Y,Z) (J<16 ? (X ^ Y ^ Z) : ((X & Y) | ((~X) & Z))) - -#define T(J) (J<16 ? 0x79cc4519 : 0x7a879d8a) - -#define EXPAND(W0,W7,W13,W3,W10) \ - (P1(W0 ^ W7 ^ ROTATE(W13, 15)) ^ ROTATE(W3, 7) ^ W10) - -#define SM3_A 0x7380166fUL -#define SM3_B 0x4914b2b9UL -#define SM3_C 0x172442d7UL -#define SM3_D 0xda8a0600UL -#define SM3_E 0xa96f30bcUL -#define SM3_F 0x163138aaUL -#define SM3_G 0xe38dee4dUL -#define SM3_H 0xb0fb0e4eUL - -#define SM3_MAKE_STRING(c, s) \ - do { \ - unsigned long ll; \ - ll=(c)->A; (void)HOST_l2c(ll, (s)); \ - ll=(c)->B; (void)HOST_l2c(ll, (s)); \ - ll=(c)->C; (void)HOST_l2c(ll, (s)); \ - ll=(c)->D; (void)HOST_l2c(ll, (s)); \ - ll=(c)->E; (void)HOST_l2c(ll, (s)); \ - ll=(c)->F; (void)HOST_l2c(ll, (s)); \ - ll=(c)->G; (void)HOST_l2c(ll, (s)); \ - ll=(c)->H; (void)HOST_l2c(ll, (s)); \ - } while (0) - -void sm3_block_data_order(SM3_CTX *ctx, const void *p, size_t num) { - const unsigned char *data = p; - SM3_WORD A, B, C, D, E, F, G, H; - SM3_WORD w[68]={}, ww[64]={}; - while (num--) { - A = ctx->A; - B = ctx->B; - C = ctx->C; - D = ctx->D; - E = ctx->E; - F = ctx->F; - G = ctx->G; - H = ctx->H; - for (int j = 0; j < 16; ++j) { - HOST_c2l(data, w[j]); - } - for (int j = 16; j < 68; ++j) { - w[j] = EXPAND(w[j-16], w[j-9], w[j-3], w[j-13], w[j-6]); - } - for (int j = 0; j < 64; ++j) { - ww[j] = w[j] ^ w[j+4]; - } - for (int j = 0; j < 64; j++) { - SM3_WORD SS1, SS2, TT1, TT2; - SS1 = ROTATE(ROTATE(A, 12) + E + ROTATE(T(j), j&31), 7); - SS2 = SS1 ^ ROTATE(A, 12); - TT1 = FF(j, A, B, C) + D + SS2 + ww[j]; - TT2 = GG(j, E, F, G) + H + SS1 + w[j]; - D = C; - C = ROTATE(B,9); - B = A; - A = TT1; - H = G; - G = ROTATE(F, 19); - F = E; - E = P0(TT2); - } - ctx->A ^= A; - ctx->B ^= B; - ctx->C ^= C; - ctx->D ^= D; - ctx->E ^= E; - ctx->F ^= F; - ctx->G ^= G; - ctx->H ^= H; - } -} - -int sm3_init(SM3_CTX *c) { - memset(c, 0, sizeof(*c)); - c->A = SM3_A; - c->B = SM3_B; - c->C = SM3_C; - c->D = SM3_D; - c->E = SM3_E; - c->F = SM3_F; - c->G = SM3_G; - c->H = SM3_H; - return 1; -} - -int sm3_update(SM3_CTX *c, const void *data_, size_t len) { - const unsigned char *data = data_; - unsigned char *p; - SM3_WORD l; - size_t n; - if (len == 0) return 1; - l = (c->Nl + (((SM3_WORD) len) << 3)) & 0xffffffffUL; - if (l < c->Nl) c->Nh++; - c->Nh += (SM3_WORD) (len >> 29); - c->Nl = l; - n = c->num; - if (n != 0) { - p = (unsigned char *)c->data; - if (len >= SM3_CBLOCK || len + n >= SM3_CBLOCK) { - memcpy(p + n, data, SM3_CBLOCK - n); - sm3_block_data_order(c, p, 1); - n = SM3_CBLOCK - n; - data += n; - len -= n; - c->num = 0; - memset(p, 0, SM3_CBLOCK); - } - else { - memcpy(p + n, data, len); - c->num += (unsigned int)len; - return 1; - } - } - n = len / SM3_CBLOCK; - if (n > 0) { - sm3_block_data_order(c, data, n); - n *= SM3_CBLOCK; - data += n; - len -= n; - } - if (len != 0) { - p = (unsigned char *)c->data; - c->num = (unsigned int)len; - memcpy(p, data, len); - } - return 1; -} - -int sm3_final(unsigned char *md, SM3_CTX *c) { - unsigned char *p = (unsigned char *)c->data; - size_t n = c->num; - p[n] = 0x80; - n++; - if (n > (SM3_CBLOCK - 8)) { - memset(p + n, 0, SM3_CBLOCK - n); - n = 0; - sm3_block_data_order(c, p, 1); - } - memset(p + n, 0, SM3_CBLOCK - 8 - n); - p += SM3_CBLOCK - 8; - (void)HOST_l2c(c->Nh, p); - (void)HOST_l2c(c->Nl, p); - p -= SM3_CBLOCK; - sm3_block_data_order(c, p, 1); - c->num = 0; - SM3_MAKE_STRING(c, md); - return 1; -} - -#endif \ No newline at end of file diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h deleted file mode 100644 index 5b30416f..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h +++ /dev/null @@ -1,103 +0,0 @@ -#ifndef SECGEAR_SM4_H -#define SECGEAR_SM4_H - -#include -#include "common_utils.h" - -#define ENCRYPT 0 -#define DECRYPT 1 -const uint8 Sbox[256] = { - 0xD6, 0x90, 0xE9, 0xFE, 0xCC, 0xE1, 0x3D, 0xB7, 0x16, 0xB6, 0x14, 0xC2, 0x28, 0xFB, 0x2C, 0x05, - 0x2B, 0x67, 0x9A, 0x76, 0x2A, 0xBE, 0x04, 0xC3, 0xAA, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, - 0x9C, 0x42, 0x50, 0xF4, 0x91, 0xEF, 0x98, 0x7A, 0x33, 0x54, 0x0B, 0x43, 0xED, 0xCF, 0xAC, 0x62, - 0xE4, 0xB3, 0x1C, 0xA9, 0xC9, 0x08, 0xE8, 0x95, 0x80, 0xDF, 0x94, 0xFA, 0x75, 0x8F, 0x3F, 0xA6, - 0x47, 0x07, 0xA7, 0xFC, 0xF3, 0x73, 0x17, 0xBA, 0x83, 0x59, 0x3C, 0x19, 0xE6, 0x85, 0x4F, 0xA8, - 0x68, 0x6B, 0x81, 0xB2, 0x71, 0x64, 0xDA, 0x8B, 0xF8, 0xEB, 0x0F, 0x4B, 0x70, 0x56, 0x9D, 0x35, - 0x1E, 0x24, 0x0E, 0x5E, 0x63, 0x58, 0xD1, 0xA2, 0x25, 0x22, 0x7C, 0x3B, 0x01, 0x21, 0x78, 0x87, - 0xD4, 0x00, 0x46, 0x57, 0x9F, 0xD3, 0x27, 0x52, 0x4C, 0x36, 0x02, 0xE7, 0xA0, 0xC4, 0xC8, 0x9E, - 0xEA, 0xBF, 0x8A, 0xD2, 0x40, 0xC7, 0x38, 0xB5, 0xA3, 0xF7, 0xF2, 0xCE, 0xF9, 0x61, 0x15, 0xA1, - 0xE0, 0xAE, 0x5D, 0xA4, 0x9B, 0x34, 0x1A, 0x55, 0xAD, 0x93, 0x32, 0x30, 0xF5, 0x8C, 0xB1, 0xE3, - 0x1D, 0xF6, 0xE2, 0x2E, 0x82, 0x66, 0xCA, 0x60, 0xC0, 0x29, 0x23, 0xAB, 0x0D, 0x53, 0x4E, 0x6F, - 0xD5, 0xDB, 0x37, 0x45, 0xDE, 0xFD, 0x8E, 0x2F, 0x03, 0xFF, 0x6A, 0x72, 0x6D, 0x6C, 0x5B, 0x51, - 0x8D, 0x1B, 0xAF, 0x92, 0xBB, 0xDD, 0xBC, 0x7F, 0x11, 0xD9, 0x5C, 0x41, 0x1F, 0x10, 0x5A, 0xD8, - 0x0A, 0xC1, 0x31, 0x88, 0xA5, 0xCD, 0x7B, 0xBD, 0x2D, 0x74, 0xD0, 0x12, 0xB8, 0xE5, 0xB4, 0xB0, - 0x89, 0x69, 0x97, 0x4A, 0x0C, 0x96, 0x77, 0x7E, 0x65, 0xB9, 0xF1, 0x09, 0xC5, 0x6E, 0xC6, 0x84, - 0x18, 0xF0, 0x7D, 0xEC, 0x3A, 0xDC, 0x4D, 0x20, 0x79, 0xEE, 0x5F, 0x3E, 0xD7, 0xCB, 0x39, 0x48, -}; -const uint32 FK[4] = { - 0xA3B1BAC6, 0x56AA3350, 0x677D9197, 0xB27022DC, -}; -const uint32 CK[32] = { - 0x00070E15, 0x1C232A31, 0x383F464D, 0x545B6269, - 0x70777E85, 0x8C939AA1, 0xA8AFB6BD, 0xC4CBD2D9, - 0xE0E7EEF5, 0xFC030A11, 0x181F262D, 0x343B4249, - 0x50575E65, 0x6C737A81, 0x888F969D, 0xA4ABB2B9, - 0xC0C7CED5, 0xDCE3EAF1, 0xF8FF060D, 0x141B2229, - 0x30373E45, 0x4C535A61, 0x686F767D, 0x848B9299, - 0xA0A7AEB5, 0xBCC3CAD1, 0xD8DFE6ED, 0xF4FB0209, - 0x10171E25, 0x2C333A41, 0x484F565D, 0x646B7279, -}; -#define L(B) ((B) ^ (ROTATE((B), 2)) ^ (ROTATE((B), 10)) ^ (ROTATE((B), 18)) ^ (ROTATE((B), 24))) -#define LP(B) ((B) ^ (ROTATE((B), 13)) ^ (ROTATE((B), 23))) -#define S(X) (((uint32)Sbox[((X) >> 24) & 0xFF] << 24) | \ - ((uint32)Sbox[((X) >> 16) & 0xFF] << 16) | \ - ((uint32)Sbox[((X) >> 8) & 0xFF] << 8) | \ - ((uint32)Sbox[(X) & 0xFF])) - -#define TT(X) L(S(X)) -#define TP(X) LP(S(X)) -#define F(X0, X1, X2, X3, rk) ((X0) ^ TT((X1) ^ (X2) ^ (X3) ^ (rk))) - -typedef struct sm4_ctx_st { - uint32 M[4]; - uint32 rk[32]; -} SM4_CTX; - -int sm4_init(SM4_CTX *ctx, const uint32 *M, const uint32 *MK) { - memset(ctx, 0, sizeof(*ctx)); - uint32 K[36]; - memset(K, 0, sizeof(K)); - int i; - for (i = 0; i < 4; ++i) { - K[i] = MK[i] ^ FK[i]; - ctx->M[i] = M[i]; - } - for (i = 0; i < 32; ++i) { - ctx->rk[i] = K[i+4] = K[i] ^ TP(K[i+1] ^ K[i+2] ^ K[i+3] ^ CK[i]); - } - return 1; -} - -int sm4_round(SM4_CTX *ctx, int crypt_flag) { - int offset = (crypt_flag ? 31 : 0), i; - uint32 X[36]; - memset(X, 0, sizeof(X)); - for (i = 0; i < 4; ++i) { - X[i] = ctx->M[i]; - } - for (i = 0; i < 32; ++i) { - X[i+4] = F(X[i], X[i+1], X[i+2], X[i+3], ctx->rk[i^offset]); - } - ctx->M[0] = X[35]; - ctx->M[1] = X[34]; - ctx->M[2] = X[33]; - ctx->M[3] = X[32]; - return 1; -} - -int sm4_encrypt(SM4_CTX *ctx) { - return sm4_round(ctx, ENCRYPT); -} - -int sm4_decrypt(SM4_CTX *ctx) { - return sm4_round(ctx, DECRYPT); -} - -int sm4_final(uint32 *out, SM4_CTX *ctx) { - if (!memcpy(out, ctx->M, sizeof(ctx->M))) { - return 0; - } - return 1; -} - -#endif \ No newline at end of file diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl b/wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl deleted file mode 100644 index 77bc7c74..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl +++ /dev/null @@ -1,28 +0,0 @@ -/*S - * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. - * secGear is licensed under the Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR - * PURPOSE. - * See the Mulan PSL v2 for more details. - */ - -enclave { - include "secgear_urts.h" - from "secgear_tstdc.edl" import *; - trusted { - public int get_int(); - public int get_string([out, size=80]unsigned char *buf); - public void transname([in,size=20]char *name); - public void transpsw([in,size=56]char *psw); - public void transinfo([in,size=31]char *info); - public void transcipher([in,size=64]char *cipher); - public void sm3(); - public void sm4crypt(int len); - public void desm4crypt(); - - }; -}; diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt deleted file mode 100644 index bc1bd4d5..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt +++ /dev/null @@ -1,120 +0,0 @@ -# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. -# secGear is licensed under the Mulan PSL v2. -# You can use this software according to the terms and conditions of the Mulan PSL v2. -# You may obtain a copy of Mulan PSL v2 at: -# http://license.coscl.org.cn/MulanPSL2 -# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR -# PURPOSE. -# See the Mulan PSL v2 for more details. - -#set auto code prefix -set(PREFIX encrypt) -#set host exec name -set(OUTPUT secgear_encrypt) -#set host src code -set(SOURCE_FILE ${CMAKE_CURRENT_SOURCE_DIR}/main.c) - -#set auto code -if(CC_GP) - set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) - add_custom_command(OUTPUT ${AUTO_FILES} - DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} - COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) -endif() - -if(CC_SGX) - set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c) - add_custom_command(OUTPUT ${AUTO_FILES} - DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} - COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include) -endif() - -if(CC_PL) - set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c) - add_custom_command(OUTPUT ${AUTO_FILES} - DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} - COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/penglai) -endif() - -set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE") -set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") - -if(CC_GP) - if(${CMAKE_VERSION} VERSION_LESS "3.13.0") - link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - endif() - add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) - target_include_directories(${OUTPUT} PRIVATE - ${CMAKE_BINARY_DIR}/inc - ${LOCAL_ROOT_PATH}/inc/host_inc - ${LOCAL_ROOT_PATH}/inc/host_inc/gp - ${CMAKE_CURRENT_BINARY_DIR}) - if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") - target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - endif() -endif() - -if(CC_SGX) - if(${CMAKE_VERSION} VERSION_LESS "3.13.0") - link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - endif() - add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) - target_include_directories(${OUTPUT} PRIVATE - ${LOCAL_ROOT_PATH}/inc/host_inc - ${LOCAL_ROOT_PATH}/inc/host_inc/sgx - ${CMAKE_CURRENT_BINARY_DIR}) - if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") - target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - endif() -endif() - -if(CC_PL) - if(${CMAKE_VERSION} VERSION_LESS "3.13.0") - link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - endif() - add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) - target_include_directories(${OUTPUT} PRIVATE - ${LOCAL_ROOT_PATH}/inc/host_inc - ${LOCAL_ROOT_PATH}/inc/host_inc/penglai - ${CMAKE_CURRENT_BINARY_DIR}) - if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") - target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - endif() -endif() - -if(CC_SIM) - target_link_libraries(${OUTPUT} secgearsim pthread) -else() - target_link_libraries(${OUTPUT} secgear pthread) - target_link_libraries(${OUTPUT} /usr/lib/x86_64-linux-gnu/libmemcached.so) -endif() -set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE) - -if(CC_GP) - #itrustee install whitelist /vender/bin/teec_hello - install(TARGETS ${OUTPUT} - RUNTIME - DESTINATION /vendor/bin/ - PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ - GROUP_EXECUTE GROUP_READ - WORLD_EXECUTE WORLD_READ) -endif() - -if(CC_SGX) - install(TARGETS ${OUTPUT} - RUNTIME - DESTINATION ${CMAKE_BINARY_DIR}/bin/ - PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ - GROUP_EXECUTE GROUP_READ - WORLD_EXECUTE WORLD_READ) -endif() - -if(CC_PL) - install(TARGETS ${OUTPUT} - RUNTIME - DESTINATION ${CMAKE_BINARY_DIR}/bin/ - PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ - GROUP_EXECUTE GROUP_READ - WORLD_EXECUTE WORLD_READ) -endif() diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh deleted file mode 100644 index 30f650ae..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh +++ /dev/null @@ -1,29 +0,0 @@ -#! /bin/bash -#test -echo "read start" -echo "" - -docker -v -echo "docker start" -echo "========================================================" -systemctl start docker -docker ps -a -echo "container start" -echo "========================================================" -docker start opengauss -docker ps -a -docker exec -it opengauss sh -echo "container stop" -echo "========================================================" -docker stop opengauss -docker ps -a - - -echo "grinfo copy to host and wait to settle" -sudo cp /var/lib/docker/volumes/dbvol/_data/omm/grinfo /opt/secGear/debug/examples/helloworld/host -sudo chmod 777 /opt/secGear/debug/examples/helloworld/host/grinfo - - -echo "" -echo "read stop" - diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh deleted file mode 100644 index 8c11f0ac..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh +++ /dev/null @@ -1,23 +0,0 @@ -#! /bin/bash -#test -echo "write start" -echo "" - -echo "grinfo copy to docker and wait to wirte" -sudo docker cp grinfo opengauss:/home/omm -echo "container start" -echo "========================================================" -docker start opengauss -docker ps -a -docker exec -it opengauss sh - -echo "container stop" -echo "========================================================" -docker stop opengauss -docker ps -a -echo "docker stop" -echo "========================================================" -systemctl stop docker - -echo "" -echo "write stop" diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c deleted file mode 100644 index 51650268..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c +++ /dev/null @@ -1,253 +0,0 @@ -/* - * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. - * secGear is licensed under the Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR - * PURPOSE. - * See the Mulan PSL v2 for more details. - */ - -#include -#include -#include -#include -#include "encrypt_u.h" -#define MAXLEN 64 -#define idoffset 41 -#define phoneoffset 74 - - - -/** -* 从文件中读取字符串,加密字符串小于32B,解密字符串(16进制)小于64B -*/ -int readStrFromFile(char *filename, char *str,int offset) { - FILE *fp = fopen(filename, "r"); - if(fp == NULL) { - printf("打开文件出错,请确认文件存在当前目录下!\n"); - exit(0); - } - - int val=1; - char sym[4]={'C','O','P','Y'}; - char temp[150]; - memset(temp,'0',sizeof(temp)); - while(1) - { - if (!fgets(temp,150,fp)) { - return 0; - } - val=strncmp(sym,temp,4); - if(val==0) - break; - } - memset(temp,'0',sizeof(temp)); - if (!fgets(temp,150,fp)) { - return 0; - } - char t[32]; - for(int i=offset;i<(offset+32);i++)//id:41~73,phone:74~106 - { - if(temp[i]==' ') break; - t[i-offset]=temp[i]; - } - - // strncpy(str, t, strlen(t)); - memcpy(str, t, strlen(t)); - fclose(fp); - return 0; -} - -/** - * 把字符串写进文件 - */ -void writeStrToFile(unsigned char *str, char *filename,int offset) { - FILE *fp; - fp = fopen(filename, "r+"); - char temp[100]; - for(int i=0;i<1;) - { - while(fgetc(fp)!='\n') - i++; - } - fprintf(fp,"\ndrop table grinfo; \n");//写回数据时对原有数据表清除,防止表内数据不唯一出现差错 - - int val=1; - char sym[4]={'C','O','P','Y'}; - memset(temp,'0',sizeof(temp)); - while(1) - { - if (!fgets(temp,100,fp)) { - return; - } - val=strncmp(sym,temp,4); - if(val==0) - break; - } - int size=ftell (fp);//返回文件指针相对于起始位置的偏移量 - memset(temp,'0',sizeof(temp)); - if (!fgets(temp,100,fp)) { - return; - } - size=size+offset;//id:offset 40,phone:offset 73 - fseek(fp,size,SEEK_SET);//根据文件指针的位置和偏移量来定位文件指针 - - - for(int i = 0; i < 16; i++) - { - fprintf(fp,"%02x",str[i]); - } - fclose(fp); -} - - -int main() -{ - int retval = 0; - char *path = PATH; - unsigned char buf[80]; - int rvalue; - char name[20]; - char psw[56]; - char fname[17];//文件名 - char info[31];//文件中要加密信息 - char cipher[64];//文件中要解密信息 - int tag; - cc_enclave_t context = {0}; - cc_enclave_result_t res; - // cc_enclave_result_t rres; - - printf("Create secgear enclave\n"); - res = cc_enclave_create(path, AUTO_ENCLAVE_TYPE, 0, SECGEAR_DEBUG_FLAG, NULL, 0, &context); - if (res != CC_SUCCESS) { - printf("Create enclave error\n"); - return res; - } - - //清空原内存中数据 - /*memset(fname,'0',sizeof(fname)); - memset(info,'0',sizeof(info)); - memset(cipher,'0',sizeof(cipher));*/ - - - //SM3生成存储密钥 - printf("请输入用户名:\n");//获得用户名 - // gets(name); // 不建议使用gets函数 - if (!scanf("%s", name)) { - return 0; - } - transname(&context, name); - printf("请输入密码 :\n");//获得用户密码 - // gets(psw); - if (!scanf("%s", psw)) { - return 0; - } - transpsw(&context, psw); - sm3(&context); - printf("加密成功!密文如下:\n"); - res = get_string(&context, &retval, buf); - if (res != CC_SUCCESS || retval != (int)CC_SUCCESS) { - printf("Ecall enclave error\n"); - } - else { - for(int i = 0; i < 16; i++) - { - printf("%02x", buf[i]); - } - printf("\n"); - } - - //通过脚本登陆数据库获取个人信息进行复制提取工作 - if (!system("./db.sh")) { - return 0; - } - - - //SM4对文件加解密 - printf("选择加密输入1,选择解密输入2:"); - if (!scanf("%d",&tag)) { - return 0; - } - // char gg=getchar();//取走缓存区的回车符 - int offset,len; - if(tag==1){ - printf("请输入要加密的文件名:(该文件必须和本程序在同一目录)\n");//传输要加密的用户信息 - // gets(fname); - if (!scanf("%s", fname)) { - return 0; - } - // printf("\n"); - for(int i = 0; i < 2; i++) - { - if(i==0) - offset = idoffset; - else - offset=phoneoffset; - readStrFromFile(fname,info,offset);//取出要加密字符串 - printf("将要加密的信息:\n"); - puts(info); - len=strlen(info);//识别要机密字符串长度 - transinfo(&context, info);//传送到安全区进行加密 - sm4crypt(&context, len); - printf("加密成功!密文如下:\n"); - res = get_string(&context, &retval, buf); - if (res != CC_SUCCESS || retval != (int)CC_SUCCESS) { - printf("Ecall enclave error\n"); - } else { - char* buf1 = (char*)buf; - for(size_t i = 0; i < strlen(buf1); i++){ - printf("%02x",buf1[i]);//输出将无符号字符串以16进制形式输出 - } - printf("\n"); - } - printf("密文将写回原文件中!\n"); - writeStrToFile(buf,fname,offset); - printf("第%d加密写回完成!\n\n",i+1); - } - } - else if(tag==2){ - printf("请输入要解密的文件名:(该文件必须和本程序在同一目录)\n"); - // gets(fname); - if (!scanf("%s", fname)) { - return 0; - } - printf("\n"); - for(int i=0;i<2;i++) - { - if(i==0) - offset=idoffset; - else - offset=phoneoffset; - readStrFromFile(fname,cipher,offset);//取出要解密的字符串 - transcipher(&context, cipher);//传送到安全区解密 - desm4crypt(&context); - printf("第%d解密成功!明文如下:\n",i+1); - res = get_string(&context, &retval, buf); - if (res != CC_SUCCESS || retval != (int)CC_SUCCESS) { - printf("Ecall enclave error\n"); - } else { - char *buf1 = (char*)buf; - for(size_t i = 0; i < strlen(buf1); i++) { - printf("%c",buf1[i]);//输出将无符号字符串以16进制形式输出 - } - res = get_int(&context, &rvalue); - printf("\n明文长度为:%d",rvalue); - printf("\n\n"); - } - } - } - - //操作结束,将修改文件写回数据库 - if (!system("./dbend.sh")) { - return 0; - } - - res = cc_enclave_destroy(&context); - if(res != CC_SUCCESS) { - printf("Destroy enclave error\n"); - } - return res; -} diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt deleted file mode 100644 index 286e0401..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. -# secGear is licensed under the Mulan PSL v2. -# You can use this software according to the terms and conditions of the Mulan PSL v2. -# You may obtain a copy of Mulan PSL v2 at: -# http://license.coscl.org.cn/MulanPSL2 -# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR -# PURPOSE. -# See the Mulan PSL v2 for more details. - -cmake_minimum_required(VERSION 3.10 FATAL_ERROR) -project(enclave) - -set(CMAKE_C_STANDARD 99) - -set(CURRENT_ROOT_PATH ${CMAKE_CURRENT_SOURCE_DIR}) - -#set edl name -set(EDL_FILE verify.edl) -set(CODEGEN codegen) -#set(LOCAL_ROOT_PATH "$ENV{CC_SDK}") -#set(SECGEAR_INSTALL_PATH /usr/lib64/) - -if(CC_GP) - set(CODETYPE trustzone) - set(CODEGEN codegen_arm64) - execute_process(COMMAND uuidgen -r OUTPUT_VARIABLE UUID) - string(REPLACE "\n" "" UUID ${UUID}) - add_definitions(-DPATH="/data/${UUID}.sec") -endif() - -if(CC_SGX) - set(CODETYPE sgx) - #set(CODEGEN codegen_x86_64) - add_definitions(-DPATH="${CMAKE_CURRENT_BINARY_DIR}/enclave/enclave.signed.so") -endif() - -add_subdirectory(${CURRENT_ROOT_PATH}/enclave) -add_subdirectory(${CURRENT_ROOT_PATH}/host) diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt deleted file mode 100644 index e868b8bd..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt +++ /dev/null @@ -1,157 +0,0 @@ -# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. -# secGear is licensed under the Mulan PSL v2. -# You can use this software according to the terms and conditions of the Mulan PSL v2. -# You may obtain a copy of Mulan PSL v2 at: -# http://license.coscl.org.cn/MulanPSL2 -# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR -# PURPOSE. -# See the Mulan PSL v2 for more details. - -#set auto code prefix -set(PREFIX verify) -#set sign key -set(PEM Enclave_private.pem) -#set sign tool -set(SIGN_TOOL ${LOCAL_ROOT_PATH}/tools/sign_tool/sign_tool.sh) -#set enclave src code -set(CMAKE_CXX_STANDARD 11) - - -set(SOURCE_FILES ${CMAKE_CURRENT_SOURCE_DIR}/enclave.cpp) -#set log level -set(PRINT_LEVEL 3) -add_definitions(-DPRINT_LEVEL=${PRINT_LEVEL}) - -if(CC_GP) - #set signed output - set(OUTPUT ${UUID}.sec) - set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) - #set whilelist. default: /vendor/bin/teec_hello - set(WHITE_LIST_0 /vendor/bin/enclave) - set(WHITE_LIST_1 /vendor/bin/secgear_enclave) - set(WHITELIST WHITE_LIST_0 WHITE_LIST_1) - - add_custom_command(OUTPUT ${AUTO_FILES} - DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} - COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) -endif() - -if(CC_SGX) - #set signed output - set(OUTPUT enclave.signed.so) - set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c) - add_custom_command(OUTPUT ${AUTO_FILES} - DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} - COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include ) -endif() - -set(COMMON_C_FLAGS "-W -Wall -Werror -fno-short-enums -fno-omit-frame-pointer -fstack-protector \ - -Wstack-protector --param ssp-buffer-size=4 -frecord-gcc-switches -Wextra -nostdinc -nodefaultlibs \ - -fno-peephole -fno-peephole2 -Wno-main -Wno-error=unused-parameter \ - -Wno-error=unused-but-set-variable -Wno-error=format-truncation=") - -set(COMMON_C_LINK_FLAGS "-Wl,-z,now -Wl,-z,relro -Wl,-z,noexecstack -Wl,-nostdlib -nodefaultlibs -nostartfiles") - -if(CC_GP) - set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -march=armv8-a ") - set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") - set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-s -fPIC") - - set(ITRUSTEE_TEEDIR ${SDK_PATH}/) - set(ITRUSTEE_LIBC ${SDK_PATH}/thirdparty/open_source/musl/libc) - - if(${CMAKE_VERSION} VERSION_LESS "3.13.0") - link_directories(${CMAKE_BINARY_DIR}/lib/) - endif() - add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES} ) - - target_include_directories( ${PREFIX} PRIVATE - ${CMAKE_CURRENT_BINARY_DIR} - ${CMAKE_BINARY_DIR}/inc - ${LOCAL_ROOT_PATH}/inc/host_inc - ${LOCAL_ROOT_PATH}/inc/host_inc/gp - ${LOCAL_ROOT_PATH}/inc/enclave_inc - ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp - ${ITRUSTEE_TEEDIR}/include/TA - ${ITRUSTEE_TEEDIR}/include/TA/huawei_ext - ${ITRUSTEE_LIBC}/arch/aarch64 - ${ITRUSTEE_LIBC}/ - ${ITRUSTEE_LIBC}/arch/arm/bits - ${ITRUSTEE_LIBC}/arch/generic - ${ITRUSTEE_LIBC}/arch/arm - ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp/itrustee) - - - if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") - target_link_directories(${PREFIX} PRIVATE - ${CMAKE_BINARY_DIR}/lib/) - endif() - - foreach(WHITE_LIST ${WHITELIST}) - add_definitions(-D${WHITE_LIST}="${${WHITE_LIST}}") - endforeach(WHITE_LIST) - - target_link_libraries(${PREFIX} -lsecgear_tee) - # for trustzone compiling, you should connact us to get config and private_key.pem for test, so we will not sign and install binary in this example # - # add_custom_command(TARGET ${PREFIX} - # POST_BUILD - # COMMAND bash ${SIGN_TOOL} -d sign -x trustzone -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -c ${CMAKE_CURRENT_SOURCE_DIR}/manifest.txt -m ${CMAKE_CURRENT_SOURCE_DIR}/config_cloud.ini -o ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT}) - - # install(FILES ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT} - # DESTINATION /data - # PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) - -endif() - -if(CC_SGX) - set(SGX_DIR ${SDK_PATH}) - set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -m64 -fvisibility=hidden") - set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") - set(LINK_LIBRARY_PATH ${SGX_DIR}/lib64) - - if(CC_SIM) - set(Trts_Library_Name sgx_trts_sim) - set(Service_Library_Name sgx_tservice_sim) - else() - set(Trts_Library_Name sgx_trts) - set(Service_Library_Name sgx_tservice) - endif() - - set(Crypto_Library_Name sgx_tcrypto) - - set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-z,defs -Wl,-pie -Bstatic -Bsymbolic -eenclave_entry \ - -Wl,--export-dynamic -Wl,--defsym,__ImageBase=0 -Wl,--gc-sections -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/Enclave.lds") - - if(${CMAKE_VERSION} VERSION_LESS "3.13.0") - link_directories(${CMAKE_BINARY_DIR}/lib ${LINK_LIBRARY_PATH}) - endif() - add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) - - - target_include_directories(${PREFIX} PRIVATE - ${CMAKE_CURRENT_BINARY_DIR} - ${SGX_DIR}/include/tlibc - ${SGX_DIR}/include/libcxx - ${SGX_DIR}/include - ${LOCAL_ROOT_PATH}/inc/host_inc - ${LOCAL_ROOT_PATH}/inc/host_inc/sgx - ${LOCAL_ROOT_PATH}/inc/enclave_inc) - - if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") - target_link_directories(${PREFIX} PRIVATE - ${LINK_LIBRARY_PATH} - ${CMAKE_BINARY_DIR}/lib/) - endif() - - target_link_libraries(${PREFIX} -lsecgear_tee -Wl,--whole-archive ${Trts_Library_Name} -Wl,--no-whole-archive - -Wl,--start-group -lsgx_tstdc -lsgx_tcxx -l${Crypto_Library_Name} -l${Service_Library_Name} -Wl,--end-group) - - add_custom_command(TARGET ${PREFIX} - POST_BUILD - COMMAND umask 0177 - COMMAND openssl genrsa -3 -out ${PEM} 3072 - COMMAND bash ${SIGN_TOOL} -d sign -x sgx -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -k ${PEM} -o ${OUTPUT} -c ${CMAKE_CURRENT_SOURCE_DIR}/Enclave.config.xml) -endif() - -set_target_properties(${PREFIX} PROPERTIES SKIP_BUILD_RPATH TRUE) diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml deleted file mode 100644 index e94c9bc5..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml +++ /dev/null @@ -1,12 +0,0 @@ - - 0 - 0 - 0x40000 - 0x100000 - 10 - 1 - - 0 - 0 - 0xFFFFFFFF - diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds deleted file mode 100644 index ab77e647..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds +++ /dev/null @@ -1,11 +0,0 @@ -enclave.so -{ - global: - g_global_data_sim; - g_global_data; - enclave_entry; - g_peak_heap_used; - local: - *; -}; - diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp deleted file mode 100644 index 18cf3f0c..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp +++ /dev/null @@ -1,705 +0,0 @@ -#include "verify_t.h" -#include -#include -#include -#include -#define MAX_LEN 1024 - -using namespace std; - -namespace calc { - const int L = 16; - const std::string hexChars = "0123456789abcdef"; - int dec(char ch) { - if ('0' <= ch && ch <= '9') { - return ch - '0'; - } - if ('a' <= ch && ch <= 'f') { - return ch - 'a' + 10; - } - if ('A' <= ch && ch <= 'F') { - return ch - 'A' + 10; - } - return -1; - } - std::string hex(unsigned int x) { - std::string result = ""; - for (int j = 28; j >= 0; j -= 4) { - result += hexChars[x >> j & 0x0F]; - } - return result; - } - std::string hex(unsigned long long x) { - std::string result = ""; - for (int j = 60; j >= 0; j -= 4) { - result += hexChars[x >> j & 0x0F]; - } - return result; - } - std::string bin(unsigned int x) { - std::string result = ""; - for (int j = 31; j >= 0; j--) { - result += hexChars[x >> j & 0x01]; - } - return result; - } - std::string bin(unsigned long long x) { - std::string result = ""; - for (int j = 63; j >= 0; j--) { - result += hexChars[x >> j & 0x01]; - } - return result; - } - unsigned int rightRotate(unsigned int x, int u) { - unsigned long long xx = (unsigned long long)x << 32 | x; - return (unsigned int)((xx >> u)&(unsigned int)-1); - } - unsigned int LeftRotate(unsigned int x, int u) { - u &= 31; - unsigned long long xx = (unsigned long long)x << 32 | x; - return (unsigned int)((xx >> (32 - u))&(unsigned int)-1); - } - struct bigNum { - int siz, hexLen; - std::vectornum; - bigNum(int _siz = L) { - siz = _siz; hexLen = siz << 4; - num.resize(_siz, 0); - } - bigNum(std::string src) { - int len = src.length(); hexLen = src.length(); - siz = (len + 15) >> 4; - num.resize(siz, 0); - for (int i = 0, cnt = 0; i < len; i++, cnt++) { - num[cnt >> 4] |= (unsigned long long)dec(src[i]) << (((cnt & 0x0F) ^ 15) << 2); - } - } - bigNum FromU32(uint32_t src) { - bigNum result = bigNum(1); - result.num[0] = src; - return result; - } - std::string hex() { - std::string result = ""; - for (int i = 0; i < siz; i++) { - for (int j = 60; j >= 0; j -= 4) { - result += hexChars[num[i] >> j & 0x0F]; - } - } - result.erase(hexLen); - return result; - } - std::string bin() { - std::string result = "b"; - for (int i = 0; i < siz; i++) { - for (int j = 63; j >= 0; j--) { - result += hexChars[num[i] >> j & 0x01]; - } - } - result.erase(hexLen << 2); - return result; - } - bigNum& operator^=(const bigNum &rhs) { - bigNum result = *this; - int lmt = siz; - if (rhs.siz < lmt) lmt = rhs.siz; - for (int i = 0; i < lmt; i++) { - result.num[i] ^= rhs.num[i]; - } - return *this = result; - } - friend bigNum operator^(const bigNum& lhs, const bigNum& rhs) { - if(lhs.siz>=rhs.siz) return bigNum(lhs) ^= rhs; - else return bigNum(rhs) ^= lhs; - } - friend bigNum operator||(const bigNum& lhs, const bigNum& rhs) { - bigNum result = bigNum(bigNum(lhs).hex() + bigNum(rhs).hex()); - return result; - } - }; - - unsigned int P0(unsigned int x) { - return x ^ LeftRotate(x, 9) ^ LeftRotate(x, 17); - } - unsigned int P1(unsigned int x) { - return x ^ LeftRotate(x, 15) ^ LeftRotate(x, 23); - } - unsigned int FF(unsigned int j, unsigned int x, unsigned int y, unsigned int z) { - if (j < 16) return x ^ y ^ z; - else return (x&y) | (x&z) | (y&z); - } - unsigned int GG(unsigned int j, unsigned int x, unsigned int y, unsigned int z) { - if (j < 16) return x ^ y ^ z; - else return (x&y) | ((~x)&z) ; - } - bigNum SM3(bigNum src) { - const unsigned int T[64] = { - 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, - 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, - 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, - 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, - 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, - 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, - 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, - 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, }; - unsigned int h[8] = { - 0x7380166f, 0x4914b2b9, 0x172442d7, 0xda8a0600, 0xa96f30bc, 0x163138aa, 0xe38dee4d, 0xb0fb0e4e }; - std::string tmpstr = bigNum(src).hex(); - tmpstr += "8"; - while (tmpstr.length() % 128 != 112) { - tmpstr += "0"; - } - tmpstr += hex((unsigned long long)src.hexLen << 2); - bigNum tmpnum = bigNum(tmpstr); - - for (int i = 0; i < tmpnum.siz; i += 8) { - unsigned int w[68] = {}, ww[64] = {}; - for (int j = 0; j < 16; j += 2) { - w[j] = (unsigned int)(tmpnum.num[i + (j >> 1)] >> 32); - w[j + 1] = (unsigned int)(tmpnum.num[i + (j >> 1)]); - } - for (int j = 16; j < 68; j++) { - w[j] = P1(w[j - 16] ^ w[j - 9] ^ LeftRotate(w[j - 3], 15)) ^ LeftRotate(w[j - 13], 7) ^ w[j - 6]; - } - for (int j = 0; j < 64; j++) { - ww[j] = w[j] ^ w[j + 4]; - } - unsigned int t[8] = {}; - for (int j = 0; j < 8; j++) { - t[j] = h[j]; - } - for (int j = 0; j < 64; j++) { - unsigned int SS1, SS2, TT1, TT2; - SS1 = LeftRotate(LeftRotate(t[0], 12) + t[4] + LeftRotate(T[j], j), 7); - SS2 = SS1 ^ LeftRotate(t[0], 12); - TT1 = FF(j, t[0], t[1], t[2]) + t[3] + SS2 + ww[j]; - TT2 = GG(j, t[4], t[5], t[6]) + t[7] + SS1 + w[j]; - t[7] = t[6]; - t[6] = LeftRotate(t[5], 19); - t[5] = t[4]; - t[4] = P0(TT2); - t[3] = t[2]; - t[2] = LeftRotate(t[1],9); - t[1] = t[0]; - t[0] = TT1; - } - for (int j = 0; j < 8; j++) { - h[j] = h[j] ^ t[j]; - } - } - - bigNum result = bigNum(4); - result.num[0] = ((unsigned long long)h[0] << 32) | h[1]; - result.num[1] = ((unsigned long long)h[2] << 32) | h[3]; - result.num[2] = ((unsigned long long)h[4] << 32) | h[5]; - result.num[3] = ((unsigned long long)h[6] << 32) | h[7]; - return result; - } - - struct smallNum { - int siz; - std::vectornum; - smallNum(int _siz = 1) { - siz = _siz; - num.resize(_siz, 0); - } - smallNum(char ch) { - siz = 1; - num.push_back(ch - '0'); - } - smallNum(std::string src) { - int len = src.length(); - siz = (len + 15) >> 4; - num.resize(siz, 0); - for (int i = len - 1, cnt = 0; i >= 0; i--, cnt++) { - num[cnt >> 4] |= (unsigned long long)dec(src[i]) << ((cnt & 0x0F) << 2); - } - } - smallNum fromBin(std::string src) { - smallNum result = smallNum(); - int len = src.length(); - if (!len) { - return smallNum(); - } - result.siz = (len + 63) >> 6; - result.num.resize(result.siz, 0); - for (int i = len - 1, cnt = 0; i >= 0; i--, cnt++) { - result.num[cnt >> 6] |= (unsigned long long)dec(src[i]) << (cnt & 0x3F); - } - return result; - } - smallNum(bigNum src) { - std::string srcstr = src.hex(); - *this = smallNum(srcstr); - } - smallNum fromBigNum(bigNum src) { - std::string srcstr = src.hex(); - return smallNum(srcstr); - } - bigNum toBigNum(smallNum src, int minHexLength = 0) { - std::string srcstr = src.hex(); - return bigNum(srcstr); - } - smallNum e() { - smallNum result = smallNum(1); - result.num[0] = 1; - return result; - } - smallNum FromU32(uint32_t src) { - smallNum result = smallNum(1); - result.num[0] = src; - return result; - } - std::string hex() { - std::string result = ""; - for (int i = siz - 1; i >= 0; i--) { - for (int j = 60; j >= 0; j -= 4) { - result += hexChars[num[i] >> j & 0x0F]; - } - } - return result; - } - std::string bin() { - std::string result = ""; - for (int i = siz - 1; i >= 0; i--) { - for (int j = 63; j >= 0; j--) { - result += hexChars[num[i] >> j & 0x01]; - } - } - return result; - } - smallNum& operator^=(const smallNum &rhs) { - smallNum result = *this; - int lmt = rhs.siz; - for (int i = 0; i < lmt; i++) { - result.num[i] ^= rhs.num[i]; - } - return *this = result; - } - friend smallNum operator^(const smallNum& lhs, const smallNum& rhs) { - if(lhs.siz>rhs.siz) return smallNum(lhs) ^= rhs; - else return smallNum(rhs) ^= lhs; - } - friend bool operator<(const smallNum& lhs, const smallNum& rhs) { - if (lhs.siz^rhs.siz) { - return lhs.siz < rhs.siz; - } - for (int i = lhs.siz - 1; i >= 0; i--) { - if (lhs.num[i] ^ rhs.num[i]) { - return lhs.num[i] < rhs.num[i]; - } - } - return 0; - } - friend bool operator<=(const smallNum& lhs, const smallNum& rhs) { - if (lhs.siz^rhs.siz) { - return lhs.siz < rhs.siz; - } - for (int i = lhs.siz - 1; i >= 0; i--) { - if (lhs.num[i] ^ rhs.num[i]) { - return lhs.num[i] < rhs.num[i]; - } - } - return 1; - } - friend bool operator>(const smallNum& lhs, const smallNum& rhs) { - return smallNum(rhs) < smallNum(lhs); - } - friend bool operator>=(const smallNum& lhs, const smallNum& rhs) { - return smallNum(rhs) <= smallNum(lhs); - } - friend bool operator==(const smallNum& lhs, const smallNum& rhs) { - if (lhs.siz^rhs.siz) { - return 0; - } - for (int i = lhs.siz - 1; i >= 0; i--) { - if (lhs.num[i] ^ rhs.num[i]) { - return 0; - } - } - return 1; - } - friend bool operator!=(const smallNum& lhs, const smallNum& rhs) { - if (lhs.siz^rhs.siz) { - return 1; - } - for (int i = lhs.siz - 1; i >= 0; i--) { - if (lhs.num[i] ^ rhs.num[i]) { - return 1; - } - } - return 0; - } - smallNum& operator+=(const smallNum& rhs) { - while (siz < rhs.siz) { - ++siz; num.push_back(0ULL); - } - unsigned long long carry0 = 0ULL, carry1 = 0ULL; - for (int i = 0; i < rhs.siz; i++) { - if (((num[i] >> 1) + (rhs.num[i] >> 1) + (((num[i] & 1ULL) + (rhs.num[i] & 1ULL) + carry0) >> 1)) >> 63) { - if (i + 1 == siz) { - ++siz; num.push_back(0ULL); - } - carry1 = 1ULL; - } - num[i] += rhs.num[i] + carry0; - carry0 = carry1; - carry1 = 0ULL; - } - for (int i = rhs.siz; i < siz; i++) { - if (((num[i] >> 1) + (((num[i] & 1ULL) + carry0) >> 1)) >> 63) { - if (i + 1 == siz) { - ++siz; num.push_back(0ULL); - } - carry1 = 1ULL; - } - num[i] += carry0; - carry0 = carry1; - carry1 = 0ULL; - } - return *this; - } - friend smallNum operator+(const smallNum& lhs, const smallNum&rhs) { - return smallNum(lhs) += rhs; - } - smallNum& operator-=(const smallNum& rhs){ - unsigned long long tmp,carry0=0,carry1=0; - for(int i=0;itmp){ - carry1=1; - } - tmp=num[i]; - num[i]-=carry0; - if(num[i]>tmp){ - carry1=1; - } - carry0=carry1; - carry1=0; - } - for(int i=rhs.siz;itmp){ - carry1=1; - } - carry0=carry1; - carry1=0; - } - while(siz>1&&!num[siz-1]){ - --siz;num.pop_back(); - } - return *this; - } - friend smallNum operator-(const smallNum& lhs, const smallNum&rhs) { - return smallNum(lhs) -= rhs; - } - void _add(unsigned long long u,unsigned long long v,unsigned long long &x,unsigned long long &y,unsigned long long &z){ - x+=u; if(x=rhs.siz?k-rhs.siz+1:0),j=k-i;i>64)&(-1ULL)),result.num[k],result.num[k+1],result.num[k+2]); - } - } - result.num.pop_back(); - if(result.siz>1&&!result.num[SIZ-1]){ - --result.siz; - result.num.pop_back(); - } - return *this=result; - } - - friend smallNum operator*(const smallNum& lhs, const smallNum&rhs) { - return smallNum(lhs) *= rhs; - } - smallNum pow(unsigned long long rhs) { - smallNum result = smallNum().e(), u = smallNum(*this); - while (rhs) { - if (rhs & 1) { - result *= u; - } - u *= u; - rhs >>= 1; - } - return result; - } - smallNum& operator%=(const smallNum& rhs) { - smallNum result = smallNum(); - std::string lhsBin = smallNum(*this).bin(); - int lhsLen = lhsBin.length(); - for (int i = 0; i < lhsLen; i++) { - result = result + result; - if (lhsBin[i] & 1) { - result.num[0] |= 1; - } - if (rhs <= result) { - result = result - rhs; - } - } - return *this = result; - } - friend smallNum operator%(const smallNum& lhs, const smallNum&rhs) { - return smallNum(lhs) %= rhs; - } - smallNum pow_mod(unsigned long long rhs, smallNum _mod) { - smallNum result = smallNum().e(), u = smallNum(*this); - while (rhs) { - if (rhs & 1) { - result = (result*u) % _mod; - } - u = (u*u) % _mod; - rhs >>= 1; - } - return result; - } - smallNum pow_mod(smallNum rhs, smallNum _mod) { - smallNum result = smallNum().e(), u = smallNum(*this); - std::string rhsstr = rhs.bin(); - int rhsLen = rhsstr.length(); - for (int i = rhsLen - 1; i >= 0; i--) { - if (rhsstr[i] & 1) { - result = (result*u) % _mod; - } - u = (u*u) % _mod; - } - return result; - } - smallNum fromDec(std::string src) { - if (src == "") { - return smallNum(); - } - smallNum result = smallNum(); - int siz = src.length(); - for (int i = 0; i < siz; i++) { - result *= smallNum("a"); - result += smallNum(src[i]); - } - return result; - } - }; - smallNum big2Small(bigNum src) { - std::string srcstr = src.hex(); - return smallNum(srcstr); - } - bigNum small2Big(smallNum src, int minHexLength = 0) { - std::string srcstr = src.hex(); - return bigNum(srcstr); - } -} - -namespace interface { - using namespace calc; - smallNum rsa_d(smallNum rsa_e, smallNum d, smallNum n) { - return rsa_e.pow_mod(d, n); - } -} - -char tmpresult[512]; -char* transferFromString(string src) { - int siz = src.length(); - if (siz < 512) { - for (int i = 0; i <= siz; i++) { - tmpresult[i] = src[i]; - } - } - return tmpresult; -} - -string transferToString(char* src) { - string result; - for (int i = 0; src[i]; i++) { - result += src[i]; - } - return result; -} - -unsigned int randSeed = 0; - -unsigned int getNextRand(unsigned int preRand) { - if (!preRand) return -1; - unsigned x = preRand; - x ^= x << 13; - x ^= x >> 17; - x ^= x << 5; - return x; -} - -unsigned int getNextRand(unsigned int preRand,int rounds) { - if (!preRand) return -1; - unsigned x = preRand; - for (int i = 0; i < rounds; i++) { - x = getNextRand(x); - } - return x; -} - -uint32_t Keys[2]; - -void sealKeys() { - Keys[0] ^= getNextRand(12345678, 32); - Keys[1] ^= getNextRand(87654321, 32); -} - -void decryptKeys(uint32_t *keybuf) { - keybuf[0] = Keys[0] ^ getNextRand(12345678, 32); - keybuf[1] = Keys[1] ^ getNextRand(87654321, 32); -} - -void initKeys(uint32_t *src) { - randSeed = src[0]; - randSeed ^= getNextRand(randSeed, 16); - Keys[0] = getNextRand(randSeed, 555); // Ku - Keys[1] = getNextRand(randSeed, 777); // Kw - sealKeys(); -} - -void setKeys(uint32_t *K) { - memcpy(Keys, K, sizeof Keys); -} - -void getKeys(uint32_t *K) { - memcpy(K, Keys, sizeof Keys); -} - -using namespace calc; -string DebugStr; -string Dstr, Nstr, CDstr, NPWstr; - -void encryptD() { - uint32_t Dkeys[2] = {}; - decryptKeys(Dkeys); - CDstr = (smallNum(Dstr) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Nstr)))).hex(); - Dstr = ""; -} - -void decryptD() { - uint32_t Dkeys[2] = {}; - decryptKeys(Dkeys); - Dstr = (smallNum(CDstr) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Nstr)))).hex(); -} - -void setCD(char* src, size_t len) { - char source[MAX_LEN]; - if (len < MAX_LEN) { - memcpy(source, src, len + 1); - } - CDstr = transferToString(source); -} - -void setD(char* src, size_t len){ - char source[MAX_LEN]; - if (len < MAX_LEN) { - memcpy(source, src, len + 1); - } - Dstr = transferToString(source); - encryptD(); -} - -void setN(char* src, size_t len){ - char source[MAX_LEN]; - if (len < MAX_LEN) { - memcpy(source, src, len + 1); - } - Nstr = transferToString(source); -} - -void getCD(char *buf, size_t len) { - char* result = transferFromString(CDstr); - if (len > strlen(result)) { - memcpy(buf, result, strlen(result) + 1); - } -} - -string RSAsource; - -void setRSAsource(char* src, size_t len) { - char source[MAX_LEN]; - if (len < MAX_LEN) { - memcpy(source, src, len + 1); - } - RSAsource = transferToString(source); -} - -void getRSAresult(char *buf, size_t len) { - decryptD(); - string hpw = interface::rsa_d(smallNum(RSAsource), smallNum(Dstr), smallNum(Nstr)).hex(); - uint32_t Dkeys[2] = {}; - decryptKeys(Dkeys); - string npw = (smallNum(hpw) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Dstr)))).hex(); - char* result = transferFromString(npw); - Dstr = ""; - if (len > strlen(result)) { - memcpy(buf, result, strlen(result) + 1); - } -} - -uint32_t _uints[3]; - -void registerSeed(uint32_t *src){ - randSeed = src[0]; - randSeed ^= getNextRand(randSeed, 16); - _uints[0] = getNextRand(randSeed, 111) % 2001 + 2000; // x - _uints[1] = getNextRand(randSeed, 222) % 1001 + 2000; // mu - _uints[2] = getNextRand(randSeed, 333) % 15 + 1; // k -} - -void setNPW(char* src, size_t len) { - char source[MAX_LEN]; - if (len < MAX_LEN) { - memcpy(source, src, len + 1); - } - NPWstr = transferToString(source); -} - -string _xStr, _muStr, _kStr,_nwidStr; - -void calcEmbeddingResult() { - decryptD(); - string hwid = interface::rsa_d(smallNum(RSAsource), smallNum(Dstr), smallNum(Nstr)).hex(); - uint32_t Dkeys[2] = {}; - decryptKeys(Dkeys); - _nwidStr = (smallNum(hwid) ^ big2Small(SM3(bigNum().FromU32(Dkeys[1]) || bigNum(Dstr)))).hex(); - string hpw = (smallNum(NPWstr) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Dstr)))).hex(); - smallNum hashPart = big2Small(SM3(bigNum(hpw) || bigNum(hwid)).hex()); - _xStr = (smallNum().FromU32(_uints[0])*smallNum("001001001001001001001001001001001001001001001001001001001001001") ^ hashPart).hex(); - _muStr = (smallNum().FromU32(_uints[1])*smallNum("001001001001001001001001001001001001001001001001001001001001001") ^ hashPart).hex(); - _kStr = (smallNum().FromU32(_uints[2])*smallNum("1111111111111111111111111111111111111111111111111111111111111111") ^ hashPart).hex(); - Dstr = ""; - NPWstr = ""; -} - -void getX(char *buf, size_t len) { - char* result = transferFromString(_xStr); - if (len > strlen(result)) { - memcpy(buf, result, strlen(result) + 1); - } -} - -void getMu(char *buf, size_t len) { - char* result = transferFromString(_muStr); - if (len > strlen(result)) { - memcpy(buf, result, strlen(result) + 1); - } -} - -void getK(char *buf, size_t len) { - char* result = transferFromString(_kStr); - if (len > strlen(result)) { - memcpy(buf, result, strlen(result) + 1); - } -} - -void getNWID(char *buf, size_t len) { - char* result = transferFromString(_nwidStr); - if (len > strlen(result)) { - memcpy(buf, result, strlen(result) + 1); - } -} diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in deleted file mode 100644 index 7b8ecf59..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in +++ /dev/null @@ -1,8 +0,0 @@ -gpd.ta.appID: @UUID@ -gpd.ta.service_name: test0108 -gpd.ta.singleInstance: true -gpd.ta.multiSession: false -gpd.ta.multiCommand: false -gpd.ta.instanceKeepAlive: false -gpd.ta.dataSize: 16384 -gpd.ta.stackSize: 20480 diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem deleted file mode 100644 index a321f63e..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAzAPwbnbgBg7JgXERA9Bx -p7GLI1S3e1zL83RMd2+GXb6kO4yMKUL3NUCE2HhA2BtQYmLyGovx59UUcKnU58is -Xux++kH+A2shmOPjYvEFuX0Kt8tc19b8M9b/iHsY8ZmKykqia2a5U+IrECRFJo5p -DWUnl7jrHVtq78BSR1c7iXG1frrEC0AYCuqKJo/fxfmOKL0Y9mENCB3nAwjn9unD -BsO/OhkqvvB3nkeuMfNKPh4wCqtQPve13eTojbuxjX/3ePijplTI5X2Gr+n6Ximn -fYRlytQmMgMl/db0ARSKNApq9bmwzVNrnGWWZWJksdRvf6iL7t17Gs4L9AApOuC9 -WkzxPvwp5ZUqjsGd4oJGWeC6ZE6BTw2vxE+xMFI9uAKHxq9pBKkcGMa0g4fANNNV -+W+8JZGanxEXKB3y/M7BCyQAPCWOHC/RNjmRA1gczLYCPzC4pWu935UZdF1RR6zY -CD3t+FoOGGET/g4CwWgyhb5qkp65Hs6ayYt/DUAqo+yBAgMBAAE= ------END PUBLIC KEY----- diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt deleted file mode 100644 index 53c73199..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt +++ /dev/null @@ -1,93 +0,0 @@ -# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. -# secGear is licensed under the Mulan PSL v2. -# You can use this software according to the terms and conditions of the Mulan PSL v2. -# You may obtain a copy of Mulan PSL v2 at: -# http://license.coscl.org.cn/MulanPSL2 -# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR -# PURPOSE. -# See the Mulan PSL v2 for more details. - -#set auto code prefix -set(PREFIX verify) -#set host exec name -set(OUTPUT secgear_enclave) -#set host src code -set(SOURCE_FILE main.cpp) - -set(CMAKE_CXX_STANDARD 11) -#set auto code -if(CC_GP) - set(AUTO_FILES ${PREFIX}_u.h ${PREFIX}_u.c ${PREFIX}_args.h) - set(SEARCH_PATH ${LOCAL_ROOT_PATH}/inc/host_inc/gp) - add_custom_command(OUTPUT ${AUTO_FILES} - DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} - COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${SEARCH_PATH}) -endif() - -if(CC_SGX) - set(AUTO_FILES ${PREFIX}_u.h ${PREFIX}_u.c) - set(SEARCH_PATH ${LOCAL_ROOT_PATH}/inc/host_inc/sgx) - add_custom_command(OUTPUT ${AUTO_FILES} - DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} - COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${SEARCH_PATH} --search-path ${SDK_PATH}/include) -endif() - -set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE") -set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") - -if(CC_GP) - if(${CMAKE_VERSION} VERSION_LESS "3.13.0") - link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - endif() - add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) - target_include_directories(${OUTPUT} PRIVATE - ${CMAKE_BINARY_DIR}/inc - ${LOCAL_ROOT_PATH}/inc/host_inc - ${LOCAL_ROOT_PATH}/inc/host_inc/gp - ${CMAKE_CURRENT_BINARY_DIR}) - if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") - target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - endif() -endif() - -if(CC_SGX) - if(${CMAKE_VERSION} VERSION_LESS "3.13.0") - link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - endif() - add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) - target_include_directories(${OUTPUT} PRIVATE - ${LOCAL_ROOT_PATH}/inc/host_inc - ${LOCAL_ROOT_PATH}/inc/host_inc/sgx - ${CMAKE_CURRENT_BINARY_DIR}) - if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") - target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - endif() -endif() - -if(CC_SIM) - target_link_libraries(${OUTPUT} secgearsim pthread) -else() - target_link_libraries(${OUTPUT} secgear pthread) -endif() -set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE) - -if(CC_GP) - #itrustee install whitelist /vender/bin/teec_hello - install(TARGETS ${OUTPUT} - RUNTIME - DESTINATION /vendor/bin/ - PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ - GROUP_EXECUTE GROUP_READ - WORLD_EXECUTE WORLD_READ) -endif() - -if(CC_SGX) - install(TARGETS ${OUTPUT} - RUNTIME - DESTINATION ${CMAKE_BINARY_DIR}/bin/ - PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ - GROUP_EXECUTE GROUP_READ - WORLD_EXECUTE WORLD_READ) -endif() - diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp b/wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp deleted file mode 100644 index 6979fe30..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp +++ /dev/null @@ -1,103 +0,0 @@ -#include -#include -#include -#include -#include "verify_u.h" - -#define MAX_LEN 1024 - -using namespace std; - -const char hexChars[] = "0123456789abcdef"; -int dec(char ch) { - if ('0' <= ch && ch <= '9') { - return ch - '0'; - } - if ('a' <= ch && ch <= 'f') { - return ch - 'a' + 10; - } - if ('A' <= ch && ch <= 'F') { - return ch - 'A' + 10; - } - return -1; -} -uint32_t transferToU32(char* src,int base=10) { - uint32_t result = 0; - for (int i = 0; src[i]; i++) { - result = result * base + dec(src[i]); - } - return result; -} - -char tmpresult[512]; -char* transferFromString(string src) { - int siz = src.length(); - if (siz < 512) { - for (int i = 0; i <= siz; i++) { - tmpresult[i] = src[i]; - } - } - return tmpresult; -} - -int main(int argc, char* argv[]) { - cc_enclave_t eid = {}; - cc_enclave_result_t ret; - char *path = transferFromString(PATH); - // char *path = PATH; - - ret = cc_enclave_create(path, AUTO_ENCLAVE_TYPE, 0, SECGEAR_DEBUG_FLAG, NULL, 0, &eid); - cout << ret << endl; - if (ret != CC_SUCCESS) { - printf("ERR: %#x ,failed to create enclave.\n", ret); - return -1; - } - char buffer[MAX_LEN]; - uint32_t uints[2] = {}; - if (argc > 1) { - if(strcmp(argv[1],"initServer") == 0){ - uints[0] = transferToU32(argv[4]); - initKeys(&eid, uints); - setN(&eid, argv[3], strlen(argv[3]) + 1); - setD(&eid, argv[2], strlen(argv[2]) + 1); - getCD(&eid, buffer, MAX_LEN); - printf("%s\n", buffer); - getKeys(&eid, uints); - printf("%u\n%u\n", uints[0], uints[1]); - } - else if(strcmp(argv[1], "passwordEncryption") == 0){ - setN(&eid, argv[4], strlen(argv[4]) + 1); - setCD(&eid, argv[3], strlen(argv[3]) + 1); - setRSAsource(&eid, argv[2], strlen(argv[2]) + 1); - uints[0] = transferToU32(argv[5]); - setKeys(&eid, uints); - getRSAresult(&eid, buffer, MAX_LEN); - printf("%s\n", buffer); - } - else if(strcmp(argv[1], "embedding") == 0){ - setN(&eid, argv[5], strlen(argv[5]) + 1); - setCD(&eid, argv[4], strlen(argv[4]) + 1); - setNPW(&eid, argv[3], strlen(argv[3]) + 1); - setRSAsource(&eid, argv[2], strlen(argv[2]) + 1); - uints[0] = transferToU32(argv[8]); - registerSeed(&eid, uints); - uints[0] = transferToU32(argv[6]); - uints[1] = transferToU32(argv[7]); - setKeys(&eid, uints); - calcEmbeddingResult(&eid); - getX(&eid, buffer, MAX_LEN); - printf("%s\n", buffer); - getMu(&eid, buffer, MAX_LEN); - printf("%s\n", buffer); - getK(&eid, buffer, MAX_LEN); - printf("%s\n", buffer); - getNWID(&eid, buffer, MAX_LEN); - printf("%s\n", buffer); - } - } - - if (CC_SUCCESS != cc_enclave_destroy(&eid)) { - return -1; - } - return 0; -} diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl b/wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl deleted file mode 100644 index 73fc1846..00000000 --- a/wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl +++ /dev/null @@ -1,28 +0,0 @@ -enclave { - include "secgear_urts.h" - from "secgear_tstdc.edl" import *; - - trusted { - public void setRSAsource([in, size=len] char* src, size_t len); - public void getRSAresult([out, size=len] char* buf, size_t len); - public void calcEmbeddingResult(); - public void initKeys([in] uint32_t *src); - public void registerSeed([in] uint32_t *src); - public void setKeys([in,count=2] uint32_t *K); - public void getKeys([out,count=2] uint32_t *K); - public void setD([in, size=len] char* src, size_t len); - public void setCD([in, size=len] char* src, size_t len); - public void setN([in, size=len] char* src, size_t len); - public void getCD([out, size=len] char* buf, size_t len); - public void getX([out, size=len] char* buf, size_t len); - public void getMu([out, size=len] char* buf, size_t len); - public void getK([out, size=len] char* buf, size_t len); - public void getNWID([out, size=len] char* buf, size_t len); - public void setNPW([in, size=len] char* src, size_t len); - - }; - - untrusted { - - }; -}; -- Gitee From 375844268e583f5841b229fda677294fe5cb94d3 Mon Sep 17 00:00:00 2001 From: woxim Date: Fri, 15 Mar 2024 21:34:37 +0800 Subject: [PATCH 3/4] wallfacer2.0_modify --- .../encrypt/CMakeLists.txt | 38 + .../encrypt/enclave/CMakeLists.txt | 220 +++++ .../encrypt/enclave/Enclave.config.xml | 12 + .../encrypt/enclave/Enclave.lds | 11 + .../encrypt/enclave/common_utils.h | 58 ++ .../encrypt/enclave/hello.c | 917 ++++++++++++++++++ .../encrypt/enclave/manifest.txt.in | 8 + .../encrypt/enclave/rsa_public_key_cloud.pem | 11 + .../Wallfacer1.0-modify/encrypt/enclave/sm3.h | 190 ++++ .../Wallfacer1.0-modify/encrypt/enclave/sm4.h | 103 ++ .../Wallfacer1.0-modify/encrypt/encrypt.edl | 28 + .../encrypt/host/CMakeLists.txt | 120 +++ .../Wallfacer1.0-modify/encrypt/host/db.sh | 29 + .../Wallfacer1.0-modify/encrypt/host/dbend.sh | 23 + .../Wallfacer1.0-modify/encrypt/host/main.c | 253 +++++ .../Wallfacer1.0-modify/verify/CMakeLists.txt | 39 + .../verify/enclave/CMakeLists.txt | 157 +++ .../verify/enclave/Enclave.config.xml | 12 + .../verify/enclave/Enclave.lds | 11 + .../verify/enclave/enclave.cpp | 705 ++++++++++++++ .../verify/enclave/manifest.txt.in | 8 + .../verify/enclave/rsa_public_key_cloud.pem | 11 + .../verify/host/CMakeLists.txt | 93 ++ .../Wallfacer1.0-modify/verify/host/main.cpp | 103 ++ .../Wallfacer1.0-modify/verify/verify.edl | 28 + 25 files changed, 3188 insertions(+) create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/manifest.txt.in create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/rsa_public_key_cloud.pem create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm3.h create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh create mode 100644 wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp create mode 100644 wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt new file mode 100644 index 00000000..ce7892d9 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/CMakeLists.txt @@ -0,0 +1,38 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +project(enclave C) + +set(CMAKE_C_STANDARD 99) + +set(CURRENT_ROOT_PATH ${CMAKE_CURRENT_SOURCE_DIR}) + +#set edl name +set(EDL_FILE encrypt.edl) +set(CODEGEN codegen) + +if(CC_GP) + set(CODETYPE trustzone) + set(UUID f68fd704-6eb1-4d14-b218-722850eb3ef0) + add_definitions(-DPATH="/data/${UUID}.sec") +endif() + +if(CC_SGX) + set(CODETYPE sgx) + add_definitions(-DPATH="${CMAKE_CURRENT_BINARY_DIR}/enclave/enclave.signed.so") +endif() + +if(CC_PL) + set(CODETYPE penglai) + add_definitions(-DPATH="${CMAKE_CURRENT_SOURCE_DIR}/enclave/penglai-ELF") +endif() + +add_subdirectory(${CURRENT_ROOT_PATH}/enclave) +add_subdirectory(${CURRENT_ROOT_PATH}/host) diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt new file mode 100644 index 00000000..a41cf01f --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/CMakeLists.txt @@ -0,0 +1,220 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +#set auto code prefix +set(PREFIX encrypt) + +#set sign key +set(PEM Enclave_private.pem) + +#set sign tool +set(SIGN_TOOL ${LOCAL_ROOT_PATH}/tools/sign_tool/sign_tool.sh) + +#set enclave src code +set(SOURCE_FILES ${CMAKE_CURRENT_SOURCE_DIR}/hello.c) + +#set log level +set(PRINT_LEVEL 3) +add_definitions(-DPRINT_LEVEL=${PRINT_LEVEL}) + +if(CC_GP) + #set signed output + set(OUTPUT ${UUID}.sec) + #set whilelist. default: /vendor/bin/teec_hello + set(WHITE_LIST_0 /vendor/bin/enclave) + set(WHITE_LIST_OWNER root) + set(WHITE_LIST_1 /vendor/bin/secgear_helloworld) + set(WHITELIST WHITE_LIST_0 WHITE_LIST_1) + + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) +endif() + +if(CC_SGX) + set(OUTPUT enclave.signed.so) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include) +endif() + +if(CC_PL) + set(OUTPUT penglai-ELF) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/penglai) +endif() + +set(COMMON_C_FLAGS "-W -Wall -Werror -fno-short-enums -fno-omit-frame-pointer -fstack-protector \ + -Wstack-protector --param ssp-buffer-size=4 -frecord-gcc-switches -Wextra -nostdinc -nodefaultlibs \ + -fno-peephole -fno-peephole2 -Wno-main -Wno-error=unused-parameter \ + -Wno-error=unused-but-set-variable -Wno-error=format-truncation=") + +set(COMMON_C_LINK_FLAGS "-Wl,-z,now -Wl,-z,relro -Wl,-z,noexecstack -Wl,-nostdlib -nodefaultlibs -nostartfiles") + +if(CC_GP) + + set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -march=armv8-a ") + set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s -fPIC") + set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-s") + + set(ITRUSTEE_TEEDIR ${SDK_PATH}/) + set(ITRUSTEE_LIBC ${SDK_PATH}/thirdparty/open_source/musl/libc) + + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_BINARY_DIR}/lib/) + endif() + + add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) + + target_include_directories( ${PREFIX} PRIVATE + ${CMAKE_CURRENT_BINARY_DIR} + ${CMAKE_BINARY_DIR}/inc + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/gp + ${LOCAL_ROOT_PATH}/inc/enclave_inc + ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp + ${ITRUSTEE_TEEDIR}/include/TA + ${ITRUSTEE_TEEDIR}/include/TA/huawei_ext + ${ITRUSTEE_LIBC}/arch/aarch64 + ${ITRUSTEE_LIBC}/ + ${ITRUSTEE_LIBC}/arch/arm/bits + ${ITRUSTEE_LIBC}/arch/generic + ${ITRUSTEE_LIBC}/arch/arm + ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp/itrustee) + + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${PREFIX} PRIVATE + ${CMAKE_BINARY_DIR}/lib/) + endif() + + foreach(WHITE_LIST ${WHITELIST}) + add_definitions(-D${WHITE_LIST}="${${WHITE_LIST}}") + endforeach(WHITE_LIST) + add_definitions(-DWHITE_LIST_OWNER="${WHITE_LIST_OWNER}") + + target_link_libraries(${PREFIX} -lsecgear_tee) + + #for trustzone compiling, you should connact us to get config and private_key.pem for test, so we will not sign and install binary in this example # + # add_custom_command(TARGET ${PREFIX} + # POST_BUILD + # COMMAND bash ${SIGN_TOOL} -d sign -x trustzone -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -c ${CMAKE_CURRENT_SOURCE_DIR}/manifest.txt -m ${CMAKE_CURRENT_SOURCE_DIR}/config_cloud.ini -o ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT}) + + # install(FILES ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT} + # DESTINATION /data + # PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + +endif() + +if(CC_SGX) + set(SGX_DIR ${SDK_PATH}) + set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -m64 -fvisibility=hidden") + set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + set(LINK_LIBRARY_PATH ${SGX_DIR}/lib64) + + if(CC_SIM) + set(Trts_Library_Name sgx_trts_sim) + set(Service_Library_Name sgx_tservice_sim) + else() + set(Trts_Library_Name sgx_trts) + set(Service_Library_Name sgx_tservice) + endif() + + set(Crypto_Library_Name sgx_tcrypto) + + set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-z,defs -Wl,-pie -Bstatic -Bsymbolic -eenclave_entry \ + -Wl,--export-dynamic -Wl,--defsym,__ImageBase=0 -Wl,--gc-sections -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/Enclave.lds") + + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${LINK_LIBRARY_PATH}) + endif() + + add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) + + target_include_directories(${PREFIX} PRIVATE + ${CMAKE_CURRENT_BINARY_DIR} + ${SGX_DIR}/include/tlibc + ${SGX_DIR}/include/libcxx + ${SGX_DIR}/include + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/sgx) + + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${PREFIX} PRIVATE + ${LINK_LIBRARY_PATH}) + endif() + + target_link_libraries(${PREFIX} -Wl,--whole-archive ${Trts_Library_Name} -Wl,--no-whole-archive + -Wl,--start-group -lsgx_tstdc -lsgx_tcxx -l${Crypto_Library_Name} -l${Service_Library_Name} -Wl,--end-group) + # target_link_libraries(${PREFIX} /usr/lib/x86_64-linux-gnu/libmemcached.so) + add_custom_command(TARGET ${PREFIX} + POST_BUILD + COMMAND umask 0177 + COMMAND openssl genrsa -3 -out ${PEM} 3072 + COMMAND bash ${SIGN_TOOL} -d sign -x sgx -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -k ${PEM} -o ${OUTPUT} -c ${CMAKE_CURRENT_SOURCE_DIR}/Enclave.config.xml) +endif() + +if(NOT DEFINED CC_PL) + set_target_properties(${PREFIX} PROPERTIES SKIP_BUILD_RPATH TRUE) +endif() + +if(CC_PL) + set(SDK_LIB_DIR ${SDK_PATH}/lib) + set(SDK_INCLUDE_DIR ${SDK_LIB_DIR}/app/include) + set(SDK_APP_LIB ${SDK_LIB_DIR}/libpenglai-enclave-eapp.a) + set(MUSL_LIB_DIR ${SDK_PATH}/musl/lib) + set(MUSL_LIBC ${MUSL_LIB_DIR}/libc.a) + set(GCC_LIB ${SDK_LIB_DIR}/libgcc.a) + set(SECGEAR_TEE_LIB ${CMAKE_BINARY_DIR}/lib/libsecgear_tee.a) + + set(SOURCE_C_OBJS "") + foreach(SOURCE_FILE ${SOURCE_FILES}) + STRING(REGEX REPLACE ".+/(.+)\\..*" "\\1" SOURCE_FILE_NAME ${SOURCE_FILE}) + set(SOURCE_OBJ ${CMAKE_CURRENT_BINARY_DIR}/${SOURCE_FILE_NAME}.o) + add_custom_command( + OUTPUT ${SOURCE_OBJ} + DEPENDS ${SOURCE_FILES} + COMMAND gcc -Wall -I${SDK_INCLUDE_DIR} -I${CMAKE_CURRENT_BINARY_DIR} -I${CMAKE_BINARY_DIR}/inc + -I${LOCAL_ROOT_PATH}/inc/host_inc -I${LOCAL_ROOT_PATH}/inc/host_inc/penglai -I${LOCAL_ROOT_PATH}/inc/enclave_inc + -I${LOCAL_ROOT_PATH}/inc/enclave_inc/penglai -c -o ${SOURCE_OBJ} ${SOURCE_FILE} + COMMENT "generate SOURCE_OBJ" + ) + list(APPEND SOURCE_C_OBJS ${SOURCE_OBJ}) + endforeach() + + set(APP_C_OBJ ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.o) + add_custom_command( + OUTPUT ${APP_C_OBJ} + DEPENDS ${AUTO_FILES} + COMMAND gcc -Wall -I${SDK_INCLUDE_DIR} -I${CMAKE_CURRENT_BINARY_DIR} -I${CMAKE_BINARY_DIR}/inc + -I${LOCAL_ROOT_PATH}/inc/host_inc -I${LOCAL_ROOT_PATH}/inc/host_inc/penglai -I${LOCAL_ROOT_PATH}/inc/enclave_inc + -I${LOCAL_ROOT_PATH}/inc/enclave_inc/penglai -c -o ${APP_C_OBJ} ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c + COMMENT "generate APP_C_OBJ" + ) + + add_custom_command( + OUTPUT ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} + DEPENDS ${APP_C_OBJ} ${SOURCE_C_OBJS} ${SDK_APP_LIB} ${MUSL_LIBC} ${GCC_LIB} + COMMAND ld -static -L${SDK_LIB_DIR} -L${MUSL_LIB_DIR} -L/usr/lib64 -lpenglai-enclave-eapp -lsecgear_tee -lc + -o ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} ${APP_C_OBJ} ${SOURCE_C_OBJS} ${SDK_APP_LIB} ${SECGEAR_TEE_LIB} + ${MUSL_LIBC} ${GCC_LIB} -T ${SDK_PATH}/app.lds + COMMAND chmod -x ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} + COMMENT "generate penglai-ELF" + ) + add_custom_target( + ${OUTPUT} ALL + DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} + COMMENT "makefile target penglai-ELF" + ) + +endif() diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml new file mode 100644 index 00000000..e94c9bc5 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.config.xml @@ -0,0 +1,12 @@ + + 0 + 0 + 0x40000 + 0x100000 + 10 + 1 + + 0 + 0 + 0xFFFFFFFF + diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds new file mode 100644 index 00000000..ab77e647 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/Enclave.lds @@ -0,0 +1,11 @@ +enclave.so +{ + global: + g_global_data_sim; + g_global_data; + enclave_entry; + g_peak_heap_used; + local: + *; +}; + diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h new file mode 100644 index 00000000..bd8c6471 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/common_utils.h @@ -0,0 +1,58 @@ +#ifndef SECGEAR_SM_COMMON_UTILS +#define SECGEAR_SM_COMMON_UTILS + +#include + +typedef __uint8_t uint8; +typedef __uint16_t uint16; +typedef __uint32_t uint32; +typedef __uint64_t uint64; + +#define CONCAT_8x4(x0, x1, x2, x3) ((((uint32)(x0) << 8 | (x1)) << 8 | (x2)) << 8 | (x3)) // X = (x0 || x1 || x2 || x3) +#define CONCAT_16x2(x0, x1) ((uint32)(x0) << 16 | (x1)) // X = (x0 || x1) +#define EXTRACT_8_32(X, i) (((X) >> (((i) ^ 3) << 3)) & 0xFF) // X = (x0 || x1 || x2 || x3) +#define EXTRACT_16_32(X, i) (((X) >> (((i) ^ 1) << 4)) & 0xFFFF) // X = (x0 || x1) +#define EXTRACT_16H_31(X) (((X) >> 15) & 0xFFFF) // Higher 16-bit from 31-bit +#define EXTRACT_16L_31(X) ((X) & 0xFFFF) // Lower 16-bit from 31-bit + +#define ROTATE(a, n) (((a) << (n)) | (((a) & 0xFFFFFFFF) >> (32 - (n)))) +#define ROTATE_31(a, n) ((((a) << (n)) & 0x7FFFFFFF) | (((a) & 0x7FFFFFFF) >> (31 - (n)))) + +#define GET_BIT_VALUE_32(x, i) (((x) >> (31 - (i))) & 1) + +const uint32 PREFIX_MASK_32[32] = { + 0x00000000, + 0x80000000, + 0xC0000000, + 0xE0000000, + 0xF0000000, + 0xF8000000, + 0xFC000000, + 0xFE000000, + 0xFF000000, + 0xFF800000, + 0xFFC00000, + 0xFFE00000, + 0xFFF00000, + 0xFFF80000, + 0xFFFC0000, + 0xFFFE0000, + 0xFFFF0000, + 0xFFFF8000, + 0xFFFFC000, + 0xFFFFE000, + 0xFFFFF000, + 0xFFFFF800, + 0xFFFFFC00, + 0xFFFFFE00, + 0xFFFFFF00, + 0xFFFFFF80, + 0xFFFFFFC0, + 0xFFFFFFE0, + 0xFFFFFFF0, + 0xFFFFFFF8, + 0xFFFFFFFC, + 0xFFFFFFFE +}; + +#endif \ No newline at end of file diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c new file mode 100644 index 00000000..abae42a6 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/hello.c @@ -0,0 +1,917 @@ +/* + * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. + * secGear is licensed under the Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR + * PURPOSE. + * See the Mulan PSL v2 for more details. + */ + +#include +#include +#include +#include +#include "encrypt_t.h" + +#define BUF_MAX 32 +#define Mkey "admin" //主密钥,用于生成存储密钥 +char uname[20];//用户名 +char upsw[56];//用户密码 +char buff[80];//用户名与密码相连字符串 +char uinfo[31];//用户机密信息,字符串 +char ucipher[64];//用户十六进制密文字符串 +char c[32];//用户十六进制转字符串 +unsigned char cipt[40];//sm3加密后生成的存储密钥 +int num=0; +char key[16];//sm4加密密钥 +char acipt[40];//sm4加密后生成的信息密文 +char temp[32]; +int nnn; + + + +void transname(char *name)//获得用户名 +{ + strncpy(uname,name, strlen(name)); +} +void transpsw(char *psw)//获得用户密码 +{ + strncpy(upsw,psw, strlen(psw)); +} +void transinfo(char *info)//获得用户机密信息 +{ + strncpy(uinfo,info, strlen(info)); +} +void transcipher(char *cipher)//获得用户机密信息 +{ + strncpy(ucipher,cipher, strlen(cipher)); +} + +//SM3 + +#include "sm3.h" + +void sm3() +{ + strncpy(buff, uname, strlen(uname));//获得用户名 + strncat(buff, upsw, strlen(upsw));//连接用户密码 + // strncat(buff, Mkey, strlen(Mkey));//连接用户密码 + SM3_CTX c; + sm3_init(&c); + sm3_update(&c, buff, strlen(buff)); + // sm3_final(&c, cipt); + sm3_final(cipt, &c); +} + +//SM4加密算法 + +#include "sm4.h" + +/** + * S盒 + */ +static const int S[16][16] = +{ + { + 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, + 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 + }, + { + 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, + 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 + }, + { + 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, + 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 + }, + { + 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, + 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 + }, + { + 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, + 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 + }, + { + 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, + 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf + }, + { + 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, + 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 + }, + { + 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, + 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 + }, + { + 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, + 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 + }, + { + 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, + 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb + }, + { + 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, + 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 + }, + { + 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, + 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 + }, + { + 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, + 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a + }, + { + 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, + 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e + }, + { + 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, + 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf + }, + { + 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, + 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 + } +}; +/** + * 逆S盒 + */ +static const int S2[16][16] = +{ + { + 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, + 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb + }, + { + 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, + 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb + }, + { + 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, + 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e + }, + { + 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, + 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 + }, + { + 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, + 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 + }, + { + 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, + 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 + }, + { + 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, + 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 + }, + { + 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, + 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b + }, + { + 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, + 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 + }, + { + 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, + 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e + }, + { + 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, + 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b + }, + { + 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, + 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 + }, + { + 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, + 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f + }, + { + 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, + 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef + }, + { + 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, + 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 + }, + { + 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, + 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d + } +}; +/** + * 获取整形数据的低8位的左4个位 + */ +static int getLeft4Bit(int num) +{ + int left = num & 0x000000f0; + return left >> 4; +} +/** + * 获取整形数据的低8位的右4个位 + */ +static int getRight4Bit(int num) +{ + return num & 0x0000000f; +} +/** + * 根据索引,从S盒中获得元素 + */ +static int getNumFromSBox(int index) +{ + int row = getLeft4Bit(index); + int col = getRight4Bit(index); + return S[row][col]; +} +/** + * 把一个字符转变成整型 + */ +static int getIntFromChar(char c) +{ + int result = (int) c; + return result & 0x000000ff; +} +/** + * 把16个字符转变成4X4的数组, + * 该矩阵中字节的排列顺序为从上到下, + * 从左到右依次排列。 + */ +static void convertToIntArray(char *str, int pa[4][4]) +{ + int k = 0; + for(int i = 0; i < 4; i++) + for(int j = 0; j < 4; j++) { + pa[j][i] = getIntFromChar(str[k]); + k++; + } +} +/** + * 把连续的4个字符合并成一个4字节的整型 + */ +static int getWordFromStr(char *str) +{ + int one = getIntFromChar(str[0]); + one = one << 24; + int two = getIntFromChar(str[1]); + two = two << 16; + int three = getIntFromChar(str[2]); + three = three << 8; + int four = getIntFromChar(str[3]); + return one | two | three | four; +} +/** + * 把一个4字节的数的第一、二、三、四个字节取出, + * 入进一个4个元素的整型数组里面。 + */ +static void splitIntToArray(int num, int array[4]) +{ + int one = num >> 24; + array[0] = one & 0x000000ff; + int two = num >> 16; + array[1] = two & 0x000000ff; + int three = num >> 8; + array[2] = three & 0x000000ff; + array[3] = num & 0x000000ff; +} +/** + * 将数组中的元素循环左移step位 + */ +static void leftLoop4int(int array[4], int step) +{ + int temp[4]; + for(int i = 0; i < 4; i++) + { + temp[i] = array[i]; + } + int index = step % 4 == 0 ? 0 : step % 4; + for(int i = 0; i < 4; i++) + { + array[i] = temp[index]; + index++; + index = index % 4; + } +} +/** + * 把数组中的第一、二、三和四元素分别作为 + * 4字节整型的第一、二、三和四字节,合并成一个4字节整型 + */ +static int mergeArrayToInt(int array[4]) +{ + int one = array[0] << 24; + int two = array[1] << 16; + int three = array[2] << 8; + int four = array[3]; + return one | two | three | four; +} + +/** + * 常量轮值表 + */ +static const int Rcon[10] = +{ + 0x01000000, 0x02000000, + 0x04000000, 0x08000000, + 0x10000000, 0x20000000, + 0x40000000, 0x80000000, + 0x1b000000, 0x36000000 +}; +/** + * 密钥扩展中的T函数 + */ +static int T1(int num, int round) +{ + int numArray[4]; + splitIntToArray(num, numArray); + leftLoop4int(numArray, 1);//字循环 + //字节代换 + for(int i = 0; i < 4; i++) + { + numArray[i] = getNumFromSBox(numArray[i]); + } + int result = mergeArrayToInt(numArray); + return result ^ Rcon[round]; +} +//密钥对应的扩展数组 +static int w[44]; +/** + * 扩展密钥,结果是把w[44]中的每个元素初始化 + */ +static void extendKey(char *key) +{ + for(int i = 0; i < 4; i++) + { + w[i] = getWordFromStr(key + i * 4); + } + for(int i = 4, j = 0; i < 44; i++) + { + if( i % 4 == 0) + { + w[i] = w[i - 4] ^ T1(w[i - 1], j); + j++;//下一轮 + } + else + { + w[i] = w[i - 4] ^ w[i - 1]; + } + } +} +/** + * 轮密钥加 + */ +static void addRoundKey(int array[4][4], int round) +{ + int warray[4]; + for(int i = 0; i < 4; i++) + { + splitIntToArray(w[ round * 4 + i], warray); + for(int j = 0; j < 4; j++) + { + array[j][i] = array[j][i] ^ warray[j]; + } + } +} +/** + * 字节代换 + */ +static void subBytes(int array[4][4]) +{ + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + array[i][j] = getNumFromSBox(array[i][j]); + } + } +} +/** + * 行移位 + */ +static void shiftRows(int array[4][4]) +{ + int rowTwo[4], rowThree[4], rowFour[4]; + //复制状态矩阵的第2,3,4行 + for(int i = 0; i < 4; i++) + { + rowTwo[i] = array[1][i]; + rowThree[i] = array[2][i]; + rowFour[i] = array[3][i]; + } + //循环左移相应的位数 + leftLoop4int(rowTwo, 1); + leftLoop4int(rowThree, 2); + leftLoop4int(rowFour, 3); + //把左移后的行复制回状态矩阵中 + for(int i = 0; i < 4; i++) + { + array[1][i] = rowTwo[i]; + array[2][i] = rowThree[i]; + array[3][i] = rowFour[i]; + } +} +/** + * 列混合要用到的矩阵 + */ +static const int colM[4][4] = +{ + {2, 3, 1, 1}, + {1, 2, 3, 1}, + {1, 1, 2, 3}, + {3, 1, 1, 2} +}; +static int GFMul2(int s) +{ + int result = s << 1; + int a7 = result & 0x00000100; + if(a7 != 0) + { + result = result & 0x000000ff; + result = result ^ 0x1b; + } + return result; +} +static int GFMul3(int s) +{ + return GFMul2(s) ^ s; +} +static int GFMul4(int s) +{ + return GFMul2(GFMul2(s)); +} +static int GFMul8(int s) +{ + return GFMul2(GFMul4(s)); +} +static int GFMul9(int s) +{ + return GFMul8(s) ^ s; +} +static int GFMul11(int s) +{ + return GFMul9(s) ^ GFMul2(s); +} +static int GFMul12(int s) +{ + return GFMul8(s) ^ GFMul4(s); +} +static int GFMul13(int s) +{ + return GFMul12(s) ^ s; +} +static int GFMul14(int s) +{ + return GFMul12(s) ^ GFMul2(s); +} +/** + * GF上的二元运算 + */ +static int GFMul(int n, int s) +{ + int result; + if(n == 1) + { + result = s; + } + else if(n == 2) + { + result = GFMul2(s); + } + else if(n == 3) + { + result = GFMul3(s); + } + else if(n == 0x9) + { + result = GFMul9(s); + } + else if(n == 0xb)//11 + { + result = GFMul11(s); + } + else if(n == 0xd)//13 + { + result = GFMul13(s); + } + else if(n == 0xe)//14 + { + result = GFMul14(s); + } + return result; +} +/** + * 列混合 + */ +static void mixColumns(int array[4][4]) +{ + int tempArray[4][4]; + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + tempArray[i][j] = array[i][j]; + } + } + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + array[i][j] = GFMul(colM[i][0],tempArray[0][j]) ^ + GFMul(colM[i][1],tempArray[1][j]) + ^ GFMul(colM[i][2],tempArray[2][j]) + ^ GFMul(colM[i][3], tempArray[3][j]); + } + } +} +/** + * 把4X4数组转回字符串 + */ +static void convertArrayToStr(int array[4][4], char *str) { + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + *str++ = (char)array[j][i]; + } + } +} +/** + * 参数 p: 明文的字符串数组。 + * 参数 plen: 明文的长度。 + * 参数 key: 密钥的字符串数组。 + */ +void sm4(char *p, int plen, char *key) +{ + extendKey(key);//扩展密钥 + int pArray[4][4]; + for(int k = 0; k < plen; k += 16) + { + convertToIntArray(p + k, pArray); + addRoundKey(pArray, 0);//一开始的轮密钥加 + for(int i = 1; i < 10; i++) + {//前9轮 + subBytes(pArray);//字节代换 + shiftRows(pArray);//行移位 + mixColumns(pArray);//列混合 + addRoundKey(pArray, i); + } + //第10轮 + subBytes(pArray);//字节代换 + shiftRows(pArray);//行移位 + addRoundKey(pArray, 10); + convertArrayToStr(pArray, p + k); + } +} +/** + * 根据索引从逆S盒中获取值 + */ +static int getNumFromS1Box(int index) +{ + int row = getLeft4Bit(index); + int col = getRight4Bit(index); + return S2[row][col]; +} +/** + * 逆字节变换 + */ +static void deSubBytes(int array[4][4]) +{ + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + array[i][j] = getNumFromS1Box(array[i][j]); + } + } +} +/** + * 把4个元素的数组循环右移step位 + */ +static void rightLoop4int(int array[4], int step) +{ + int temp[4]; + for(int i = 0; i < 4; i++) + { + temp[i] = array[i]; + } + int index = step % 4 == 0 ? 0 : step % 4; + index = 3 - index; + for(int i = 3; i >= 0; i--) + { + array[i] = temp[index]; + index--; + index = index == -1 ? 3 : index; + } +} +/** + * 逆行移位 + */ +static void deShiftRows(int array[4][4]) +{ + int rowTwo[4], rowThree[4], rowFour[4]; + for(int i = 0; i < 4; i++) + { + rowTwo[i] = array[1][i]; + rowThree[i] = array[2][i]; + rowFour[i] = array[3][i]; + } + rightLoop4int(rowTwo, 1); + rightLoop4int(rowThree, 2); + rightLoop4int(rowFour, 3); + for(int i = 0; i < 4; i++) + { + array[1][i] = rowTwo[i]; + array[2][i] = rowThree[i]; + array[3][i] = rowFour[i]; + } +} +/** + * 逆列混合用到的矩阵 + */ +static const int deColM[4][4] = +{ + {0xe, 0xb, 0xd, 0x9}, + {0x9, 0xe, 0xb, 0xd}, + {0xd, 0x9, 0xe, 0xb}, + {0xb, 0xd, 0x9, 0xe} +}; +/** + * 逆列混合 + */ +static void deMixColumns(int array[4][4]) +{ + int tempArray[4][4]; + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + tempArray[i][j] = array[i][j]; + } + } + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + array[i][j] = GFMul(deColM[i][0],tempArray[0][j]) ^ + GFMul(deColM[i][1],tempArray[1][j]) ^ + GFMul(deColM[i][2],tempArray[2][j]) ^ + GFMul(deColM[i][3], tempArray[3][j]); + } + } +} +/** + * 把两个4X4数组进行异或 + */ +static void addRoundTowArray(int aArray[4][4],int bArray[4][4]) +{ + for(int i = 0; i < 4; i++) + { + for(int j = 0; j < 4; j++) + { + aArray[i][j] = aArray[i][j] ^ bArray[i][j]; + } + } +} +/** + * 从4个32位的密钥字中获得4X4数组, + * 用于进行逆列混合 + */ +static void getArrayFrom4W(int i, int array[4][4]) +{ + int index = i * 4; + int colOne[4], colTwo[4], colThree[4], colFour[4]; + splitIntToArray(w[index], colOne); + splitIntToArray(w[index + 1], colTwo); + splitIntToArray(w[index + 2], colThree); + splitIntToArray(w[index + 3], colFour); + for(int i = 0; i < 4; i++) + { + array[i][0] = colOne[i]; + array[i][1] = colTwo[i]; + array[i][2] = colThree[i]; + array[i][3] = colFour[i]; + } +} +/** + * 参数 c: 密文的字符串数组。 + * 参数 clen: 密文的长度。 + * 参数 key: 密钥的字符串数组。 + */ +void desm4(char *c, int clen, char *key) +{ + extendKey(key);//扩展密钥 + int cArray[4][4]; + for(int k = 0; k < clen; k += 16) + { + convertToIntArray(c + k, cArray); + addRoundKey(cArray, 10); + int wArray[4][4]; + for(int i = 9; i >= 1; i--) + { + deSubBytes(cArray); + deShiftRows(cArray); + deMixColumns(cArray); + getArrayFrom4W(i, wArray); + deMixColumns(wArray); + addRoundTowArray(cArray, wArray); + } + deSubBytes(cArray); + deShiftRows(cArray); + addRoundKey(cArray, 0); + convertArrayToStr(cArray, c + k); + } +} + +#define MAXLEN 1024 + +void printASCII(char *str, int len) {//字符串转16进制 + for(int i = 0; i < len; i++) { + acipt[i] = (int)*str++; + acipt[i] = acipt[i] & 0x000000ff; + } +} + +void hex32_str(char *data,char *input)//将16进制串转字符串 +{ + int i=0,sum; + char t; + for(i=0;i<32;i=i+2) + { + sum=0; + t=data[i]; + if(t<='9') + { + sum=((int)t-48)*16; + } + else + { + switch(t) + { + case 'a':sum=10*16;break; + case 'b':sum=11*16;break; + case 'c':sum=12*16;break; + case 'd':sum=13*16;break; + case 'e':sum=14*16;break; + case 'f':sum=15*16;break; + } + } + t=data[i+1]; + if(t<='9') + { + sum=sum+((int)t-48); + } + else + { + switch(t) + { + case 'a':sum=sum+10;break; + case 'b':sum=sum+11;break; + case 'c':sum=sum+12;break; + case 'd':sum=sum+13;break; + case 'e':sum=sum+14;break; + case 'f':sum=sum+15;break; + } + } + input[i/2]=(char)sum; + } +} + +void hex16_str(char *data,char *output,int len)//将16进制转字符串 +{ + for(int i = 0; i < len; i++) { + output[i] = (char)data[i];//data中每个元素为字符对应的十进制数 + } +} + + +/** + * 使用PKCS#7 填充字符串 + p:要填充的明文字符串 + len:明文字符串长度 + */ +int PKCS7Padding(char *p, int len) +{ + //ascii码转16进制,temp中每个元素为字符对应的十进制数,方便填充 + for(int i = 0; i < len; i++) { + temp[i] = (int)*p++; + temp[i] = temp[i] & 0x000000ff;//temp中为字符转数字,即a=97 + } + + int i; + int block = len/16;//数据分组的组数 + int start = len;//开始补码的地址 + int end=(block+1)*16;//补码后总长度 + int t=16-len%16;//要补的位数,也即要补的字符 + if(t<10) + { + for(i = start; i < end; i++) + { + temp[i] = t; + }; + } + else if(t<=15) + { + for(i = start; i < end; i++) + { + temp[i] = t; + } + } + else if(t==16)//error + { + for(i = start; i < end; i++) + { + temp[i] = 16; + } + } + + hex16_str(temp,uinfo,end);//将temp中的每个元素对应的十进制数转为字符,方便后续对字符串加密 + nnn=end; + return end; +} + +/** + * 删除PKCS#7 填充字符串 + c:要删除填充的解密后的字符串 + len:解密后字符串长度 + padlen:删除填充后字符串长度 + */ +int dePKCS7Padding(char *c, int len) +{ +//送进来的为字符串,每个元素为字符,需要先获取最后一个字符,将字符转int,如0a=10,再从len-10开始置0到最后,返回重置后的字符串 + int padlen=(int)c[len-1]; + nnn=len-padlen; + for(int i=len-padlen;i +#include "common_utils.h" + +#define SM3_DIGEST_LENGTH 32 +#define SM3_WORD uint32 + +#define SM3_CBLOCK 64 +#define SM3_LBLOCK (SM3_CBLOCK/4) + +typedef struct SM3state_st { + SM3_WORD A, B, C, D, E, F, G, H; + SM3_WORD Nl, Nh; + SM3_WORD data[SM3_LBLOCK]; + unsigned int num; +} SM3_CTX; + +#define ROTATE(a, n) (((a) << (n)) | (((a) & 0xFFFFFFFF) >> (32 - (n)))) + +# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++))) ) ) +# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff), \ + l) + +#define P0(X) (X ^ ROTATE(X, 9) ^ ROTATE(X, 17)) +#define P1(X) (X ^ ROTATE(X, 15) ^ ROTATE(X, 23)) + +#define FF(J,X,Y,Z) (J<16 ? (X ^ Y ^ Z) : ((X & Y) | (X & Z) | (Y & Z))) +#define GG(J,X,Y,Z) (J<16 ? (X ^ Y ^ Z) : ((X & Y) | ((~X) & Z))) + +#define T(J) (J<16 ? 0x79cc4519 : 0x7a879d8a) + +#define EXPAND(W0,W7,W13,W3,W10) \ + (P1(W0 ^ W7 ^ ROTATE(W13, 15)) ^ ROTATE(W3, 7) ^ W10) + +#define SM3_A 0x7380166fUL +#define SM3_B 0x4914b2b9UL +#define SM3_C 0x172442d7UL +#define SM3_D 0xda8a0600UL +#define SM3_E 0xa96f30bcUL +#define SM3_F 0x163138aaUL +#define SM3_G 0xe38dee4dUL +#define SM3_H 0xb0fb0e4eUL + +#define SM3_MAKE_STRING(c, s) \ + do { \ + unsigned long ll; \ + ll=(c)->A; (void)HOST_l2c(ll, (s)); \ + ll=(c)->B; (void)HOST_l2c(ll, (s)); \ + ll=(c)->C; (void)HOST_l2c(ll, (s)); \ + ll=(c)->D; (void)HOST_l2c(ll, (s)); \ + ll=(c)->E; (void)HOST_l2c(ll, (s)); \ + ll=(c)->F; (void)HOST_l2c(ll, (s)); \ + ll=(c)->G; (void)HOST_l2c(ll, (s)); \ + ll=(c)->H; (void)HOST_l2c(ll, (s)); \ + } while (0) + +void sm3_block_data_order(SM3_CTX *ctx, const void *p, size_t num) { + const unsigned char *data = p; + SM3_WORD A, B, C, D, E, F, G, H; + SM3_WORD w[68]={}, ww[64]={}; + while (num--) { + A = ctx->A; + B = ctx->B; + C = ctx->C; + D = ctx->D; + E = ctx->E; + F = ctx->F; + G = ctx->G; + H = ctx->H; + for (int j = 0; j < 16; ++j) { + HOST_c2l(data, w[j]); + } + for (int j = 16; j < 68; ++j) { + w[j] = EXPAND(w[j-16], w[j-9], w[j-3], w[j-13], w[j-6]); + } + for (int j = 0; j < 64; ++j) { + ww[j] = w[j] ^ w[j+4]; + } + for (int j = 0; j < 64; j++) { + SM3_WORD SS1, SS2, TT1, TT2; + SS1 = ROTATE(ROTATE(A, 12) + E + ROTATE(T(j), j&31), 7); + SS2 = SS1 ^ ROTATE(A, 12); + TT1 = FF(j, A, B, C) + D + SS2 + ww[j]; + TT2 = GG(j, E, F, G) + H + SS1 + w[j]; + D = C; + C = ROTATE(B,9); + B = A; + A = TT1; + H = G; + G = ROTATE(F, 19); + F = E; + E = P0(TT2); + } + ctx->A ^= A; + ctx->B ^= B; + ctx->C ^= C; + ctx->D ^= D; + ctx->E ^= E; + ctx->F ^= F; + ctx->G ^= G; + ctx->H ^= H; + } +} + +int sm3_init(SM3_CTX *c) { + memset(c, 0, sizeof(*c)); + c->A = SM3_A; + c->B = SM3_B; + c->C = SM3_C; + c->D = SM3_D; + c->E = SM3_E; + c->F = SM3_F; + c->G = SM3_G; + c->H = SM3_H; + return 1; +} + +int sm3_update(SM3_CTX *c, const void *data_, size_t len) { + const unsigned char *data = data_; + unsigned char *p; + SM3_WORD l; + size_t n; + if (len == 0) return 1; + l = (c->Nl + (((SM3_WORD) len) << 3)) & 0xffffffffUL; + if (l < c->Nl) c->Nh++; + c->Nh += (SM3_WORD) (len >> 29); + c->Nl = l; + n = c->num; + if (n != 0) { + p = (unsigned char *)c->data; + if (len >= SM3_CBLOCK || len + n >= SM3_CBLOCK) { + memcpy(p + n, data, SM3_CBLOCK - n); + sm3_block_data_order(c, p, 1); + n = SM3_CBLOCK - n; + data += n; + len -= n; + c->num = 0; + memset(p, 0, SM3_CBLOCK); + } + else { + memcpy(p + n, data, len); + c->num += (unsigned int)len; + return 1; + } + } + n = len / SM3_CBLOCK; + if (n > 0) { + sm3_block_data_order(c, data, n); + n *= SM3_CBLOCK; + data += n; + len -= n; + } + if (len != 0) { + p = (unsigned char *)c->data; + c->num = (unsigned int)len; + memcpy(p, data, len); + } + return 1; +} + +int sm3_final(unsigned char *md, SM3_CTX *c) { + unsigned char *p = (unsigned char *)c->data; + size_t n = c->num; + p[n] = 0x80; + n++; + if (n > (SM3_CBLOCK - 8)) { + memset(p + n, 0, SM3_CBLOCK - n); + n = 0; + sm3_block_data_order(c, p, 1); + } + memset(p + n, 0, SM3_CBLOCK - 8 - n); + p += SM3_CBLOCK - 8; + (void)HOST_l2c(c->Nh, p); + (void)HOST_l2c(c->Nl, p); + p -= SM3_CBLOCK; + sm3_block_data_order(c, p, 1); + c->num = 0; + SM3_MAKE_STRING(c, md); + return 1; +} + +#endif \ No newline at end of file diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h new file mode 100644 index 00000000..5b30416f --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/enclave/sm4.h @@ -0,0 +1,103 @@ +#ifndef SECGEAR_SM4_H +#define SECGEAR_SM4_H + +#include +#include "common_utils.h" + +#define ENCRYPT 0 +#define DECRYPT 1 +const uint8 Sbox[256] = { + 0xD6, 0x90, 0xE9, 0xFE, 0xCC, 0xE1, 0x3D, 0xB7, 0x16, 0xB6, 0x14, 0xC2, 0x28, 0xFB, 0x2C, 0x05, + 0x2B, 0x67, 0x9A, 0x76, 0x2A, 0xBE, 0x04, 0xC3, 0xAA, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, + 0x9C, 0x42, 0x50, 0xF4, 0x91, 0xEF, 0x98, 0x7A, 0x33, 0x54, 0x0B, 0x43, 0xED, 0xCF, 0xAC, 0x62, + 0xE4, 0xB3, 0x1C, 0xA9, 0xC9, 0x08, 0xE8, 0x95, 0x80, 0xDF, 0x94, 0xFA, 0x75, 0x8F, 0x3F, 0xA6, + 0x47, 0x07, 0xA7, 0xFC, 0xF3, 0x73, 0x17, 0xBA, 0x83, 0x59, 0x3C, 0x19, 0xE6, 0x85, 0x4F, 0xA8, + 0x68, 0x6B, 0x81, 0xB2, 0x71, 0x64, 0xDA, 0x8B, 0xF8, 0xEB, 0x0F, 0x4B, 0x70, 0x56, 0x9D, 0x35, + 0x1E, 0x24, 0x0E, 0x5E, 0x63, 0x58, 0xD1, 0xA2, 0x25, 0x22, 0x7C, 0x3B, 0x01, 0x21, 0x78, 0x87, + 0xD4, 0x00, 0x46, 0x57, 0x9F, 0xD3, 0x27, 0x52, 0x4C, 0x36, 0x02, 0xE7, 0xA0, 0xC4, 0xC8, 0x9E, + 0xEA, 0xBF, 0x8A, 0xD2, 0x40, 0xC7, 0x38, 0xB5, 0xA3, 0xF7, 0xF2, 0xCE, 0xF9, 0x61, 0x15, 0xA1, + 0xE0, 0xAE, 0x5D, 0xA4, 0x9B, 0x34, 0x1A, 0x55, 0xAD, 0x93, 0x32, 0x30, 0xF5, 0x8C, 0xB1, 0xE3, + 0x1D, 0xF6, 0xE2, 0x2E, 0x82, 0x66, 0xCA, 0x60, 0xC0, 0x29, 0x23, 0xAB, 0x0D, 0x53, 0x4E, 0x6F, + 0xD5, 0xDB, 0x37, 0x45, 0xDE, 0xFD, 0x8E, 0x2F, 0x03, 0xFF, 0x6A, 0x72, 0x6D, 0x6C, 0x5B, 0x51, + 0x8D, 0x1B, 0xAF, 0x92, 0xBB, 0xDD, 0xBC, 0x7F, 0x11, 0xD9, 0x5C, 0x41, 0x1F, 0x10, 0x5A, 0xD8, + 0x0A, 0xC1, 0x31, 0x88, 0xA5, 0xCD, 0x7B, 0xBD, 0x2D, 0x74, 0xD0, 0x12, 0xB8, 0xE5, 0xB4, 0xB0, + 0x89, 0x69, 0x97, 0x4A, 0x0C, 0x96, 0x77, 0x7E, 0x65, 0xB9, 0xF1, 0x09, 0xC5, 0x6E, 0xC6, 0x84, + 0x18, 0xF0, 0x7D, 0xEC, 0x3A, 0xDC, 0x4D, 0x20, 0x79, 0xEE, 0x5F, 0x3E, 0xD7, 0xCB, 0x39, 0x48, +}; +const uint32 FK[4] = { + 0xA3B1BAC6, 0x56AA3350, 0x677D9197, 0xB27022DC, +}; +const uint32 CK[32] = { + 0x00070E15, 0x1C232A31, 0x383F464D, 0x545B6269, + 0x70777E85, 0x8C939AA1, 0xA8AFB6BD, 0xC4CBD2D9, + 0xE0E7EEF5, 0xFC030A11, 0x181F262D, 0x343B4249, + 0x50575E65, 0x6C737A81, 0x888F969D, 0xA4ABB2B9, + 0xC0C7CED5, 0xDCE3EAF1, 0xF8FF060D, 0x141B2229, + 0x30373E45, 0x4C535A61, 0x686F767D, 0x848B9299, + 0xA0A7AEB5, 0xBCC3CAD1, 0xD8DFE6ED, 0xF4FB0209, + 0x10171E25, 0x2C333A41, 0x484F565D, 0x646B7279, +}; +#define L(B) ((B) ^ (ROTATE((B), 2)) ^ (ROTATE((B), 10)) ^ (ROTATE((B), 18)) ^ (ROTATE((B), 24))) +#define LP(B) ((B) ^ (ROTATE((B), 13)) ^ (ROTATE((B), 23))) +#define S(X) (((uint32)Sbox[((X) >> 24) & 0xFF] << 24) | \ + ((uint32)Sbox[((X) >> 16) & 0xFF] << 16) | \ + ((uint32)Sbox[((X) >> 8) & 0xFF] << 8) | \ + ((uint32)Sbox[(X) & 0xFF])) + +#define TT(X) L(S(X)) +#define TP(X) LP(S(X)) +#define F(X0, X1, X2, X3, rk) ((X0) ^ TT((X1) ^ (X2) ^ (X3) ^ (rk))) + +typedef struct sm4_ctx_st { + uint32 M[4]; + uint32 rk[32]; +} SM4_CTX; + +int sm4_init(SM4_CTX *ctx, const uint32 *M, const uint32 *MK) { + memset(ctx, 0, sizeof(*ctx)); + uint32 K[36]; + memset(K, 0, sizeof(K)); + int i; + for (i = 0; i < 4; ++i) { + K[i] = MK[i] ^ FK[i]; + ctx->M[i] = M[i]; + } + for (i = 0; i < 32; ++i) { + ctx->rk[i] = K[i+4] = K[i] ^ TP(K[i+1] ^ K[i+2] ^ K[i+3] ^ CK[i]); + } + return 1; +} + +int sm4_round(SM4_CTX *ctx, int crypt_flag) { + int offset = (crypt_flag ? 31 : 0), i; + uint32 X[36]; + memset(X, 0, sizeof(X)); + for (i = 0; i < 4; ++i) { + X[i] = ctx->M[i]; + } + for (i = 0; i < 32; ++i) { + X[i+4] = F(X[i], X[i+1], X[i+2], X[i+3], ctx->rk[i^offset]); + } + ctx->M[0] = X[35]; + ctx->M[1] = X[34]; + ctx->M[2] = X[33]; + ctx->M[3] = X[32]; + return 1; +} + +int sm4_encrypt(SM4_CTX *ctx) { + return sm4_round(ctx, ENCRYPT); +} + +int sm4_decrypt(SM4_CTX *ctx) { + return sm4_round(ctx, DECRYPT); +} + +int sm4_final(uint32 *out, SM4_CTX *ctx) { + if (!memcpy(out, ctx->M, sizeof(ctx->M))) { + return 0; + } + return 1; +} + +#endif \ No newline at end of file diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl b/wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl new file mode 100644 index 00000000..77bc7c74 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/encrypt.edl @@ -0,0 +1,28 @@ +/*S + * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. + * secGear is licensed under the Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR + * PURPOSE. + * See the Mulan PSL v2 for more details. + */ + +enclave { + include "secgear_urts.h" + from "secgear_tstdc.edl" import *; + trusted { + public int get_int(); + public int get_string([out, size=80]unsigned char *buf); + public void transname([in,size=20]char *name); + public void transpsw([in,size=56]char *psw); + public void transinfo([in,size=31]char *info); + public void transcipher([in,size=64]char *cipher); + public void sm3(); + public void sm4crypt(int len); + public void desm4crypt(); + + }; +}; diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt new file mode 100644 index 00000000..bc1bd4d5 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/CMakeLists.txt @@ -0,0 +1,120 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +#set auto code prefix +set(PREFIX encrypt) +#set host exec name +set(OUTPUT secgear_encrypt) +#set host src code +set(SOURCE_FILE ${CMAKE_CURRENT_SOURCE_DIR}/main.c) + +#set auto code +if(CC_GP) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) +endif() + +if(CC_SGX) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include) +endif() + +if(CC_PL) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/penglai) +endif() + +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE") +set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + +if(CC_GP) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${CMAKE_BINARY_DIR}/inc + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/gp + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_SGX) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/sgx + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_PL) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/penglai + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_SIM) + target_link_libraries(${OUTPUT} secgearsim pthread) +else() + target_link_libraries(${OUTPUT} secgear pthread) + target_link_libraries(${OUTPUT} /usr/lib/x86_64-linux-gnu/libmemcached.so) +endif() +set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE) + +if(CC_GP) + #itrustee install whitelist /vender/bin/teec_hello + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION /vendor/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() + +if(CC_SGX) + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION ${CMAKE_BINARY_DIR}/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() + +if(CC_PL) + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION ${CMAKE_BINARY_DIR}/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh new file mode 100644 index 00000000..30f650ae --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/db.sh @@ -0,0 +1,29 @@ +#! /bin/bash +#test +echo "read start" +echo "" + +docker -v +echo "docker start" +echo "========================================================" +systemctl start docker +docker ps -a +echo "container start" +echo "========================================================" +docker start opengauss +docker ps -a +docker exec -it opengauss sh +echo "container stop" +echo "========================================================" +docker stop opengauss +docker ps -a + + +echo "grinfo copy to host and wait to settle" +sudo cp /var/lib/docker/volumes/dbvol/_data/omm/grinfo /opt/secGear/debug/examples/helloworld/host +sudo chmod 777 /opt/secGear/debug/examples/helloworld/host/grinfo + + +echo "" +echo "read stop" + diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh new file mode 100644 index 00000000..8c11f0ac --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/dbend.sh @@ -0,0 +1,23 @@ +#! /bin/bash +#test +echo "write start" +echo "" + +echo "grinfo copy to docker and wait to wirte" +sudo docker cp grinfo opengauss:/home/omm +echo "container start" +echo "========================================================" +docker start opengauss +docker ps -a +docker exec -it opengauss sh + +echo "container stop" +echo "========================================================" +docker stop opengauss +docker ps -a +echo "docker stop" +echo "========================================================" +systemctl stop docker + +echo "" +echo "write stop" diff --git a/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c new file mode 100644 index 00000000..51650268 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/encrypt/host/main.c @@ -0,0 +1,253 @@ +/* + * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. + * secGear is licensed under the Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR + * PURPOSE. + * See the Mulan PSL v2 for more details. + */ + +#include +#include +#include +#include +#include "encrypt_u.h" +#define MAXLEN 64 +#define idoffset 41 +#define phoneoffset 74 + + + +/** +* 从文件中读取字符串,加密字符串小于32B,解密字符串(16进制)小于64B +*/ +int readStrFromFile(char *filename, char *str,int offset) { + FILE *fp = fopen(filename, "r"); + if(fp == NULL) { + printf("打开文件出错,请确认文件存在当前目录下!\n"); + exit(0); + } + + int val=1; + char sym[4]={'C','O','P','Y'}; + char temp[150]; + memset(temp,'0',sizeof(temp)); + while(1) + { + if (!fgets(temp,150,fp)) { + return 0; + } + val=strncmp(sym,temp,4); + if(val==0) + break; + } + memset(temp,'0',sizeof(temp)); + if (!fgets(temp,150,fp)) { + return 0; + } + char t[32]; + for(int i=offset;i<(offset+32);i++)//id:41~73,phone:74~106 + { + if(temp[i]==' ') break; + t[i-offset]=temp[i]; + } + + // strncpy(str, t, strlen(t)); + memcpy(str, t, strlen(t)); + fclose(fp); + return 0; +} + +/** + * 把字符串写进文件 + */ +void writeStrToFile(unsigned char *str, char *filename,int offset) { + FILE *fp; + fp = fopen(filename, "r+"); + char temp[100]; + for(int i=0;i<1;) + { + while(fgetc(fp)!='\n') + i++; + } + fprintf(fp,"\ndrop table grinfo; \n");//写回数据时对原有数据表清除,防止表内数据不唯一出现差错 + + int val=1; + char sym[4]={'C','O','P','Y'}; + memset(temp,'0',sizeof(temp)); + while(1) + { + if (!fgets(temp,100,fp)) { + return; + } + val=strncmp(sym,temp,4); + if(val==0) + break; + } + int size=ftell (fp);//返回文件指针相对于起始位置的偏移量 + memset(temp,'0',sizeof(temp)); + if (!fgets(temp,100,fp)) { + return; + } + size=size+offset;//id:offset 40,phone:offset 73 + fseek(fp,size,SEEK_SET);//根据文件指针的位置和偏移量来定位文件指针 + + + for(int i = 0; i < 16; i++) + { + fprintf(fp,"%02x",str[i]); + } + fclose(fp); +} + + +int main() +{ + int retval = 0; + char *path = PATH; + unsigned char buf[80]; + int rvalue; + char name[20]; + char psw[56]; + char fname[17];//文件名 + char info[31];//文件中要加密信息 + char cipher[64];//文件中要解密信息 + int tag; + cc_enclave_t context = {0}; + cc_enclave_result_t res; + // cc_enclave_result_t rres; + + printf("Create secgear enclave\n"); + res = cc_enclave_create(path, AUTO_ENCLAVE_TYPE, 0, SECGEAR_DEBUG_FLAG, NULL, 0, &context); + if (res != CC_SUCCESS) { + printf("Create enclave error\n"); + return res; + } + + //清空原内存中数据 + /*memset(fname,'0',sizeof(fname)); + memset(info,'0',sizeof(info)); + memset(cipher,'0',sizeof(cipher));*/ + + + //SM3生成存储密钥 + printf("请输入用户名:\n");//获得用户名 + // gets(name); // 不建议使用gets函数 + if (!scanf("%s", name)) { + return 0; + } + transname(&context, name); + printf("请输入密码 :\n");//获得用户密码 + // gets(psw); + if (!scanf("%s", psw)) { + return 0; + } + transpsw(&context, psw); + sm3(&context); + printf("加密成功!密文如下:\n"); + res = get_string(&context, &retval, buf); + if (res != CC_SUCCESS || retval != (int)CC_SUCCESS) { + printf("Ecall enclave error\n"); + } + else { + for(int i = 0; i < 16; i++) + { + printf("%02x", buf[i]); + } + printf("\n"); + } + + //通过脚本登陆数据库获取个人信息进行复制提取工作 + if (!system("./db.sh")) { + return 0; + } + + + //SM4对文件加解密 + printf("选择加密输入1,选择解密输入2:"); + if (!scanf("%d",&tag)) { + return 0; + } + // char gg=getchar();//取走缓存区的回车符 + int offset,len; + if(tag==1){ + printf("请输入要加密的文件名:(该文件必须和本程序在同一目录)\n");//传输要加密的用户信息 + // gets(fname); + if (!scanf("%s", fname)) { + return 0; + } + // printf("\n"); + for(int i = 0; i < 2; i++) + { + if(i==0) + offset = idoffset; + else + offset=phoneoffset; + readStrFromFile(fname,info,offset);//取出要加密字符串 + printf("将要加密的信息:\n"); + puts(info); + len=strlen(info);//识别要机密字符串长度 + transinfo(&context, info);//传送到安全区进行加密 + sm4crypt(&context, len); + printf("加密成功!密文如下:\n"); + res = get_string(&context, &retval, buf); + if (res != CC_SUCCESS || retval != (int)CC_SUCCESS) { + printf("Ecall enclave error\n"); + } else { + char* buf1 = (char*)buf; + for(size_t i = 0; i < strlen(buf1); i++){ + printf("%02x",buf1[i]);//输出将无符号字符串以16进制形式输出 + } + printf("\n"); + } + printf("密文将写回原文件中!\n"); + writeStrToFile(buf,fname,offset); + printf("第%d加密写回完成!\n\n",i+1); + } + } + else if(tag==2){ + printf("请输入要解密的文件名:(该文件必须和本程序在同一目录)\n"); + // gets(fname); + if (!scanf("%s", fname)) { + return 0; + } + printf("\n"); + for(int i=0;i<2;i++) + { + if(i==0) + offset=idoffset; + else + offset=phoneoffset; + readStrFromFile(fname,cipher,offset);//取出要解密的字符串 + transcipher(&context, cipher);//传送到安全区解密 + desm4crypt(&context); + printf("第%d解密成功!明文如下:\n",i+1); + res = get_string(&context, &retval, buf); + if (res != CC_SUCCESS || retval != (int)CC_SUCCESS) { + printf("Ecall enclave error\n"); + } else { + char *buf1 = (char*)buf; + for(size_t i = 0; i < strlen(buf1); i++) { + printf("%c",buf1[i]);//输出将无符号字符串以16进制形式输出 + } + res = get_int(&context, &rvalue); + printf("\n明文长度为:%d",rvalue); + printf("\n\n"); + } + } + } + + //操作结束,将修改文件写回数据库 + if (!system("./dbend.sh")) { + return 0; + } + + res = cc_enclave_destroy(&context); + if(res != CC_SUCCESS) { + printf("Destroy enclave error\n"); + } + return res; +} diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt new file mode 100644 index 00000000..286e0401 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/CMakeLists.txt @@ -0,0 +1,39 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +cmake_minimum_required(VERSION 3.10 FATAL_ERROR) +project(enclave) + +set(CMAKE_C_STANDARD 99) + +set(CURRENT_ROOT_PATH ${CMAKE_CURRENT_SOURCE_DIR}) + +#set edl name +set(EDL_FILE verify.edl) +set(CODEGEN codegen) +#set(LOCAL_ROOT_PATH "$ENV{CC_SDK}") +#set(SECGEAR_INSTALL_PATH /usr/lib64/) + +if(CC_GP) + set(CODETYPE trustzone) + set(CODEGEN codegen_arm64) + execute_process(COMMAND uuidgen -r OUTPUT_VARIABLE UUID) + string(REPLACE "\n" "" UUID ${UUID}) + add_definitions(-DPATH="/data/${UUID}.sec") +endif() + +if(CC_SGX) + set(CODETYPE sgx) + #set(CODEGEN codegen_x86_64) + add_definitions(-DPATH="${CMAKE_CURRENT_BINARY_DIR}/enclave/enclave.signed.so") +endif() + +add_subdirectory(${CURRENT_ROOT_PATH}/enclave) +add_subdirectory(${CURRENT_ROOT_PATH}/host) diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt new file mode 100644 index 00000000..e868b8bd --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/CMakeLists.txt @@ -0,0 +1,157 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +#set auto code prefix +set(PREFIX verify) +#set sign key +set(PEM Enclave_private.pem) +#set sign tool +set(SIGN_TOOL ${LOCAL_ROOT_PATH}/tools/sign_tool/sign_tool.sh) +#set enclave src code +set(CMAKE_CXX_STANDARD 11) + + +set(SOURCE_FILES ${CMAKE_CURRENT_SOURCE_DIR}/enclave.cpp) +#set log level +set(PRINT_LEVEL 3) +add_definitions(-DPRINT_LEVEL=${PRINT_LEVEL}) + +if(CC_GP) + #set signed output + set(OUTPUT ${UUID}.sec) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + #set whilelist. default: /vendor/bin/teec_hello + set(WHITE_LIST_0 /vendor/bin/enclave) + set(WHITE_LIST_1 /vendor/bin/secgear_enclave) + set(WHITELIST WHITE_LIST_0 WHITE_LIST_1) + + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) +endif() + +if(CC_SGX) + #set signed output + set(OUTPUT enclave.signed.so) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include ) +endif() + +set(COMMON_C_FLAGS "-W -Wall -Werror -fno-short-enums -fno-omit-frame-pointer -fstack-protector \ + -Wstack-protector --param ssp-buffer-size=4 -frecord-gcc-switches -Wextra -nostdinc -nodefaultlibs \ + -fno-peephole -fno-peephole2 -Wno-main -Wno-error=unused-parameter \ + -Wno-error=unused-but-set-variable -Wno-error=format-truncation=") + +set(COMMON_C_LINK_FLAGS "-Wl,-z,now -Wl,-z,relro -Wl,-z,noexecstack -Wl,-nostdlib -nodefaultlibs -nostartfiles") + +if(CC_GP) + set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -march=armv8-a ") + set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-s -fPIC") + + set(ITRUSTEE_TEEDIR ${SDK_PATH}/) + set(ITRUSTEE_LIBC ${SDK_PATH}/thirdparty/open_source/musl/libc) + + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_BINARY_DIR}/lib/) + endif() + add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES} ) + + target_include_directories( ${PREFIX} PRIVATE + ${CMAKE_CURRENT_BINARY_DIR} + ${CMAKE_BINARY_DIR}/inc + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/gp + ${LOCAL_ROOT_PATH}/inc/enclave_inc + ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp + ${ITRUSTEE_TEEDIR}/include/TA + ${ITRUSTEE_TEEDIR}/include/TA/huawei_ext + ${ITRUSTEE_LIBC}/arch/aarch64 + ${ITRUSTEE_LIBC}/ + ${ITRUSTEE_LIBC}/arch/arm/bits + ${ITRUSTEE_LIBC}/arch/generic + ${ITRUSTEE_LIBC}/arch/arm + ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp/itrustee) + + + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${PREFIX} PRIVATE + ${CMAKE_BINARY_DIR}/lib/) + endif() + + foreach(WHITE_LIST ${WHITELIST}) + add_definitions(-D${WHITE_LIST}="${${WHITE_LIST}}") + endforeach(WHITE_LIST) + + target_link_libraries(${PREFIX} -lsecgear_tee) + # for trustzone compiling, you should connact us to get config and private_key.pem for test, so we will not sign and install binary in this example # + # add_custom_command(TARGET ${PREFIX} + # POST_BUILD + # COMMAND bash ${SIGN_TOOL} -d sign -x trustzone -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -c ${CMAKE_CURRENT_SOURCE_DIR}/manifest.txt -m ${CMAKE_CURRENT_SOURCE_DIR}/config_cloud.ini -o ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT}) + + # install(FILES ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT} + # DESTINATION /data + # PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + +endif() + +if(CC_SGX) + set(SGX_DIR ${SDK_PATH}) + set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -m64 -fvisibility=hidden") + set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + set(LINK_LIBRARY_PATH ${SGX_DIR}/lib64) + + if(CC_SIM) + set(Trts_Library_Name sgx_trts_sim) + set(Service_Library_Name sgx_tservice_sim) + else() + set(Trts_Library_Name sgx_trts) + set(Service_Library_Name sgx_tservice) + endif() + + set(Crypto_Library_Name sgx_tcrypto) + + set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-z,defs -Wl,-pie -Bstatic -Bsymbolic -eenclave_entry \ + -Wl,--export-dynamic -Wl,--defsym,__ImageBase=0 -Wl,--gc-sections -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/Enclave.lds") + + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_BINARY_DIR}/lib ${LINK_LIBRARY_PATH}) + endif() + add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) + + + target_include_directories(${PREFIX} PRIVATE + ${CMAKE_CURRENT_BINARY_DIR} + ${SGX_DIR}/include/tlibc + ${SGX_DIR}/include/libcxx + ${SGX_DIR}/include + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/sgx + ${LOCAL_ROOT_PATH}/inc/enclave_inc) + + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${PREFIX} PRIVATE + ${LINK_LIBRARY_PATH} + ${CMAKE_BINARY_DIR}/lib/) + endif() + + target_link_libraries(${PREFIX} -lsecgear_tee -Wl,--whole-archive ${Trts_Library_Name} -Wl,--no-whole-archive + -Wl,--start-group -lsgx_tstdc -lsgx_tcxx -l${Crypto_Library_Name} -l${Service_Library_Name} -Wl,--end-group) + + add_custom_command(TARGET ${PREFIX} + POST_BUILD + COMMAND umask 0177 + COMMAND openssl genrsa -3 -out ${PEM} 3072 + COMMAND bash ${SIGN_TOOL} -d sign -x sgx -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -k ${PEM} -o ${OUTPUT} -c ${CMAKE_CURRENT_SOURCE_DIR}/Enclave.config.xml) +endif() + +set_target_properties(${PREFIX} PROPERTIES SKIP_BUILD_RPATH TRUE) diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml new file mode 100644 index 00000000..e94c9bc5 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.config.xml @@ -0,0 +1,12 @@ + + 0 + 0 + 0x40000 + 0x100000 + 10 + 1 + + 0 + 0 + 0xFFFFFFFF + diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds new file mode 100644 index 00000000..ab77e647 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/Enclave.lds @@ -0,0 +1,11 @@ +enclave.so +{ + global: + g_global_data_sim; + g_global_data; + enclave_entry; + g_peak_heap_used; + local: + *; +}; + diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp new file mode 100644 index 00000000..18cf3f0c --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/enclave.cpp @@ -0,0 +1,705 @@ +#include "verify_t.h" +#include +#include +#include +#include +#define MAX_LEN 1024 + +using namespace std; + +namespace calc { + const int L = 16; + const std::string hexChars = "0123456789abcdef"; + int dec(char ch) { + if ('0' <= ch && ch <= '9') { + return ch - '0'; + } + if ('a' <= ch && ch <= 'f') { + return ch - 'a' + 10; + } + if ('A' <= ch && ch <= 'F') { + return ch - 'A' + 10; + } + return -1; + } + std::string hex(unsigned int x) { + std::string result = ""; + for (int j = 28; j >= 0; j -= 4) { + result += hexChars[x >> j & 0x0F]; + } + return result; + } + std::string hex(unsigned long long x) { + std::string result = ""; + for (int j = 60; j >= 0; j -= 4) { + result += hexChars[x >> j & 0x0F]; + } + return result; + } + std::string bin(unsigned int x) { + std::string result = ""; + for (int j = 31; j >= 0; j--) { + result += hexChars[x >> j & 0x01]; + } + return result; + } + std::string bin(unsigned long long x) { + std::string result = ""; + for (int j = 63; j >= 0; j--) { + result += hexChars[x >> j & 0x01]; + } + return result; + } + unsigned int rightRotate(unsigned int x, int u) { + unsigned long long xx = (unsigned long long)x << 32 | x; + return (unsigned int)((xx >> u)&(unsigned int)-1); + } + unsigned int LeftRotate(unsigned int x, int u) { + u &= 31; + unsigned long long xx = (unsigned long long)x << 32 | x; + return (unsigned int)((xx >> (32 - u))&(unsigned int)-1); + } + struct bigNum { + int siz, hexLen; + std::vectornum; + bigNum(int _siz = L) { + siz = _siz; hexLen = siz << 4; + num.resize(_siz, 0); + } + bigNum(std::string src) { + int len = src.length(); hexLen = src.length(); + siz = (len + 15) >> 4; + num.resize(siz, 0); + for (int i = 0, cnt = 0; i < len; i++, cnt++) { + num[cnt >> 4] |= (unsigned long long)dec(src[i]) << (((cnt & 0x0F) ^ 15) << 2); + } + } + bigNum FromU32(uint32_t src) { + bigNum result = bigNum(1); + result.num[0] = src; + return result; + } + std::string hex() { + std::string result = ""; + for (int i = 0; i < siz; i++) { + for (int j = 60; j >= 0; j -= 4) { + result += hexChars[num[i] >> j & 0x0F]; + } + } + result.erase(hexLen); + return result; + } + std::string bin() { + std::string result = "b"; + for (int i = 0; i < siz; i++) { + for (int j = 63; j >= 0; j--) { + result += hexChars[num[i] >> j & 0x01]; + } + } + result.erase(hexLen << 2); + return result; + } + bigNum& operator^=(const bigNum &rhs) { + bigNum result = *this; + int lmt = siz; + if (rhs.siz < lmt) lmt = rhs.siz; + for (int i = 0; i < lmt; i++) { + result.num[i] ^= rhs.num[i]; + } + return *this = result; + } + friend bigNum operator^(const bigNum& lhs, const bigNum& rhs) { + if(lhs.siz>=rhs.siz) return bigNum(lhs) ^= rhs; + else return bigNum(rhs) ^= lhs; + } + friend bigNum operator||(const bigNum& lhs, const bigNum& rhs) { + bigNum result = bigNum(bigNum(lhs).hex() + bigNum(rhs).hex()); + return result; + } + }; + + unsigned int P0(unsigned int x) { + return x ^ LeftRotate(x, 9) ^ LeftRotate(x, 17); + } + unsigned int P1(unsigned int x) { + return x ^ LeftRotate(x, 15) ^ LeftRotate(x, 23); + } + unsigned int FF(unsigned int j, unsigned int x, unsigned int y, unsigned int z) { + if (j < 16) return x ^ y ^ z; + else return (x&y) | (x&z) | (y&z); + } + unsigned int GG(unsigned int j, unsigned int x, unsigned int y, unsigned int z) { + if (j < 16) return x ^ y ^ z; + else return (x&y) | ((~x)&z) ; + } + bigNum SM3(bigNum src) { + const unsigned int T[64] = { + 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, + 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, 0x79cc4519, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, + 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, 0x7a879d8a, }; + unsigned int h[8] = { + 0x7380166f, 0x4914b2b9, 0x172442d7, 0xda8a0600, 0xa96f30bc, 0x163138aa, 0xe38dee4d, 0xb0fb0e4e }; + std::string tmpstr = bigNum(src).hex(); + tmpstr += "8"; + while (tmpstr.length() % 128 != 112) { + tmpstr += "0"; + } + tmpstr += hex((unsigned long long)src.hexLen << 2); + bigNum tmpnum = bigNum(tmpstr); + + for (int i = 0; i < tmpnum.siz; i += 8) { + unsigned int w[68] = {}, ww[64] = {}; + for (int j = 0; j < 16; j += 2) { + w[j] = (unsigned int)(tmpnum.num[i + (j >> 1)] >> 32); + w[j + 1] = (unsigned int)(tmpnum.num[i + (j >> 1)]); + } + for (int j = 16; j < 68; j++) { + w[j] = P1(w[j - 16] ^ w[j - 9] ^ LeftRotate(w[j - 3], 15)) ^ LeftRotate(w[j - 13], 7) ^ w[j - 6]; + } + for (int j = 0; j < 64; j++) { + ww[j] = w[j] ^ w[j + 4]; + } + unsigned int t[8] = {}; + for (int j = 0; j < 8; j++) { + t[j] = h[j]; + } + for (int j = 0; j < 64; j++) { + unsigned int SS1, SS2, TT1, TT2; + SS1 = LeftRotate(LeftRotate(t[0], 12) + t[4] + LeftRotate(T[j], j), 7); + SS2 = SS1 ^ LeftRotate(t[0], 12); + TT1 = FF(j, t[0], t[1], t[2]) + t[3] + SS2 + ww[j]; + TT2 = GG(j, t[4], t[5], t[6]) + t[7] + SS1 + w[j]; + t[7] = t[6]; + t[6] = LeftRotate(t[5], 19); + t[5] = t[4]; + t[4] = P0(TT2); + t[3] = t[2]; + t[2] = LeftRotate(t[1],9); + t[1] = t[0]; + t[0] = TT1; + } + for (int j = 0; j < 8; j++) { + h[j] = h[j] ^ t[j]; + } + } + + bigNum result = bigNum(4); + result.num[0] = ((unsigned long long)h[0] << 32) | h[1]; + result.num[1] = ((unsigned long long)h[2] << 32) | h[3]; + result.num[2] = ((unsigned long long)h[4] << 32) | h[5]; + result.num[3] = ((unsigned long long)h[6] << 32) | h[7]; + return result; + } + + struct smallNum { + int siz; + std::vectornum; + smallNum(int _siz = 1) { + siz = _siz; + num.resize(_siz, 0); + } + smallNum(char ch) { + siz = 1; + num.push_back(ch - '0'); + } + smallNum(std::string src) { + int len = src.length(); + siz = (len + 15) >> 4; + num.resize(siz, 0); + for (int i = len - 1, cnt = 0; i >= 0; i--, cnt++) { + num[cnt >> 4] |= (unsigned long long)dec(src[i]) << ((cnt & 0x0F) << 2); + } + } + smallNum fromBin(std::string src) { + smallNum result = smallNum(); + int len = src.length(); + if (!len) { + return smallNum(); + } + result.siz = (len + 63) >> 6; + result.num.resize(result.siz, 0); + for (int i = len - 1, cnt = 0; i >= 0; i--, cnt++) { + result.num[cnt >> 6] |= (unsigned long long)dec(src[i]) << (cnt & 0x3F); + } + return result; + } + smallNum(bigNum src) { + std::string srcstr = src.hex(); + *this = smallNum(srcstr); + } + smallNum fromBigNum(bigNum src) { + std::string srcstr = src.hex(); + return smallNum(srcstr); + } + bigNum toBigNum(smallNum src, int minHexLength = 0) { + std::string srcstr = src.hex(); + return bigNum(srcstr); + } + smallNum e() { + smallNum result = smallNum(1); + result.num[0] = 1; + return result; + } + smallNum FromU32(uint32_t src) { + smallNum result = smallNum(1); + result.num[0] = src; + return result; + } + std::string hex() { + std::string result = ""; + for (int i = siz - 1; i >= 0; i--) { + for (int j = 60; j >= 0; j -= 4) { + result += hexChars[num[i] >> j & 0x0F]; + } + } + return result; + } + std::string bin() { + std::string result = ""; + for (int i = siz - 1; i >= 0; i--) { + for (int j = 63; j >= 0; j--) { + result += hexChars[num[i] >> j & 0x01]; + } + } + return result; + } + smallNum& operator^=(const smallNum &rhs) { + smallNum result = *this; + int lmt = rhs.siz; + for (int i = 0; i < lmt; i++) { + result.num[i] ^= rhs.num[i]; + } + return *this = result; + } + friend smallNum operator^(const smallNum& lhs, const smallNum& rhs) { + if(lhs.siz>rhs.siz) return smallNum(lhs) ^= rhs; + else return smallNum(rhs) ^= lhs; + } + friend bool operator<(const smallNum& lhs, const smallNum& rhs) { + if (lhs.siz^rhs.siz) { + return lhs.siz < rhs.siz; + } + for (int i = lhs.siz - 1; i >= 0; i--) { + if (lhs.num[i] ^ rhs.num[i]) { + return lhs.num[i] < rhs.num[i]; + } + } + return 0; + } + friend bool operator<=(const smallNum& lhs, const smallNum& rhs) { + if (lhs.siz^rhs.siz) { + return lhs.siz < rhs.siz; + } + for (int i = lhs.siz - 1; i >= 0; i--) { + if (lhs.num[i] ^ rhs.num[i]) { + return lhs.num[i] < rhs.num[i]; + } + } + return 1; + } + friend bool operator>(const smallNum& lhs, const smallNum& rhs) { + return smallNum(rhs) < smallNum(lhs); + } + friend bool operator>=(const smallNum& lhs, const smallNum& rhs) { + return smallNum(rhs) <= smallNum(lhs); + } + friend bool operator==(const smallNum& lhs, const smallNum& rhs) { + if (lhs.siz^rhs.siz) { + return 0; + } + for (int i = lhs.siz - 1; i >= 0; i--) { + if (lhs.num[i] ^ rhs.num[i]) { + return 0; + } + } + return 1; + } + friend bool operator!=(const smallNum& lhs, const smallNum& rhs) { + if (lhs.siz^rhs.siz) { + return 1; + } + for (int i = lhs.siz - 1; i >= 0; i--) { + if (lhs.num[i] ^ rhs.num[i]) { + return 1; + } + } + return 0; + } + smallNum& operator+=(const smallNum& rhs) { + while (siz < rhs.siz) { + ++siz; num.push_back(0ULL); + } + unsigned long long carry0 = 0ULL, carry1 = 0ULL; + for (int i = 0; i < rhs.siz; i++) { + if (((num[i] >> 1) + (rhs.num[i] >> 1) + (((num[i] & 1ULL) + (rhs.num[i] & 1ULL) + carry0) >> 1)) >> 63) { + if (i + 1 == siz) { + ++siz; num.push_back(0ULL); + } + carry1 = 1ULL; + } + num[i] += rhs.num[i] + carry0; + carry0 = carry1; + carry1 = 0ULL; + } + for (int i = rhs.siz; i < siz; i++) { + if (((num[i] >> 1) + (((num[i] & 1ULL) + carry0) >> 1)) >> 63) { + if (i + 1 == siz) { + ++siz; num.push_back(0ULL); + } + carry1 = 1ULL; + } + num[i] += carry0; + carry0 = carry1; + carry1 = 0ULL; + } + return *this; + } + friend smallNum operator+(const smallNum& lhs, const smallNum&rhs) { + return smallNum(lhs) += rhs; + } + smallNum& operator-=(const smallNum& rhs){ + unsigned long long tmp,carry0=0,carry1=0; + for(int i=0;itmp){ + carry1=1; + } + tmp=num[i]; + num[i]-=carry0; + if(num[i]>tmp){ + carry1=1; + } + carry0=carry1; + carry1=0; + } + for(int i=rhs.siz;itmp){ + carry1=1; + } + carry0=carry1; + carry1=0; + } + while(siz>1&&!num[siz-1]){ + --siz;num.pop_back(); + } + return *this; + } + friend smallNum operator-(const smallNum& lhs, const smallNum&rhs) { + return smallNum(lhs) -= rhs; + } + void _add(unsigned long long u,unsigned long long v,unsigned long long &x,unsigned long long &y,unsigned long long &z){ + x+=u; if(x=rhs.siz?k-rhs.siz+1:0),j=k-i;i>64)&(-1ULL)),result.num[k],result.num[k+1],result.num[k+2]); + } + } + result.num.pop_back(); + if(result.siz>1&&!result.num[SIZ-1]){ + --result.siz; + result.num.pop_back(); + } + return *this=result; + } + + friend smallNum operator*(const smallNum& lhs, const smallNum&rhs) { + return smallNum(lhs) *= rhs; + } + smallNum pow(unsigned long long rhs) { + smallNum result = smallNum().e(), u = smallNum(*this); + while (rhs) { + if (rhs & 1) { + result *= u; + } + u *= u; + rhs >>= 1; + } + return result; + } + smallNum& operator%=(const smallNum& rhs) { + smallNum result = smallNum(); + std::string lhsBin = smallNum(*this).bin(); + int lhsLen = lhsBin.length(); + for (int i = 0; i < lhsLen; i++) { + result = result + result; + if (lhsBin[i] & 1) { + result.num[0] |= 1; + } + if (rhs <= result) { + result = result - rhs; + } + } + return *this = result; + } + friend smallNum operator%(const smallNum& lhs, const smallNum&rhs) { + return smallNum(lhs) %= rhs; + } + smallNum pow_mod(unsigned long long rhs, smallNum _mod) { + smallNum result = smallNum().e(), u = smallNum(*this); + while (rhs) { + if (rhs & 1) { + result = (result*u) % _mod; + } + u = (u*u) % _mod; + rhs >>= 1; + } + return result; + } + smallNum pow_mod(smallNum rhs, smallNum _mod) { + smallNum result = smallNum().e(), u = smallNum(*this); + std::string rhsstr = rhs.bin(); + int rhsLen = rhsstr.length(); + for (int i = rhsLen - 1; i >= 0; i--) { + if (rhsstr[i] & 1) { + result = (result*u) % _mod; + } + u = (u*u) % _mod; + } + return result; + } + smallNum fromDec(std::string src) { + if (src == "") { + return smallNum(); + } + smallNum result = smallNum(); + int siz = src.length(); + for (int i = 0; i < siz; i++) { + result *= smallNum("a"); + result += smallNum(src[i]); + } + return result; + } + }; + smallNum big2Small(bigNum src) { + std::string srcstr = src.hex(); + return smallNum(srcstr); + } + bigNum small2Big(smallNum src, int minHexLength = 0) { + std::string srcstr = src.hex(); + return bigNum(srcstr); + } +} + +namespace interface { + using namespace calc; + smallNum rsa_d(smallNum rsa_e, smallNum d, smallNum n) { + return rsa_e.pow_mod(d, n); + } +} + +char tmpresult[512]; +char* transferFromString(string src) { + int siz = src.length(); + if (siz < 512) { + for (int i = 0; i <= siz; i++) { + tmpresult[i] = src[i]; + } + } + return tmpresult; +} + +string transferToString(char* src) { + string result; + for (int i = 0; src[i]; i++) { + result += src[i]; + } + return result; +} + +unsigned int randSeed = 0; + +unsigned int getNextRand(unsigned int preRand) { + if (!preRand) return -1; + unsigned x = preRand; + x ^= x << 13; + x ^= x >> 17; + x ^= x << 5; + return x; +} + +unsigned int getNextRand(unsigned int preRand,int rounds) { + if (!preRand) return -1; + unsigned x = preRand; + for (int i = 0; i < rounds; i++) { + x = getNextRand(x); + } + return x; +} + +uint32_t Keys[2]; + +void sealKeys() { + Keys[0] ^= getNextRand(12345678, 32); + Keys[1] ^= getNextRand(87654321, 32); +} + +void decryptKeys(uint32_t *keybuf) { + keybuf[0] = Keys[0] ^ getNextRand(12345678, 32); + keybuf[1] = Keys[1] ^ getNextRand(87654321, 32); +} + +void initKeys(uint32_t *src) { + randSeed = src[0]; + randSeed ^= getNextRand(randSeed, 16); + Keys[0] = getNextRand(randSeed, 555); // Ku + Keys[1] = getNextRand(randSeed, 777); // Kw + sealKeys(); +} + +void setKeys(uint32_t *K) { + memcpy(Keys, K, sizeof Keys); +} + +void getKeys(uint32_t *K) { + memcpy(K, Keys, sizeof Keys); +} + +using namespace calc; +string DebugStr; +string Dstr, Nstr, CDstr, NPWstr; + +void encryptD() { + uint32_t Dkeys[2] = {}; + decryptKeys(Dkeys); + CDstr = (smallNum(Dstr) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Nstr)))).hex(); + Dstr = ""; +} + +void decryptD() { + uint32_t Dkeys[2] = {}; + decryptKeys(Dkeys); + Dstr = (smallNum(CDstr) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Nstr)))).hex(); +} + +void setCD(char* src, size_t len) { + char source[MAX_LEN]; + if (len < MAX_LEN) { + memcpy(source, src, len + 1); + } + CDstr = transferToString(source); +} + +void setD(char* src, size_t len){ + char source[MAX_LEN]; + if (len < MAX_LEN) { + memcpy(source, src, len + 1); + } + Dstr = transferToString(source); + encryptD(); +} + +void setN(char* src, size_t len){ + char source[MAX_LEN]; + if (len < MAX_LEN) { + memcpy(source, src, len + 1); + } + Nstr = transferToString(source); +} + +void getCD(char *buf, size_t len) { + char* result = transferFromString(CDstr); + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} + +string RSAsource; + +void setRSAsource(char* src, size_t len) { + char source[MAX_LEN]; + if (len < MAX_LEN) { + memcpy(source, src, len + 1); + } + RSAsource = transferToString(source); +} + +void getRSAresult(char *buf, size_t len) { + decryptD(); + string hpw = interface::rsa_d(smallNum(RSAsource), smallNum(Dstr), smallNum(Nstr)).hex(); + uint32_t Dkeys[2] = {}; + decryptKeys(Dkeys); + string npw = (smallNum(hpw) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Dstr)))).hex(); + char* result = transferFromString(npw); + Dstr = ""; + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} + +uint32_t _uints[3]; + +void registerSeed(uint32_t *src){ + randSeed = src[0]; + randSeed ^= getNextRand(randSeed, 16); + _uints[0] = getNextRand(randSeed, 111) % 2001 + 2000; // x + _uints[1] = getNextRand(randSeed, 222) % 1001 + 2000; // mu + _uints[2] = getNextRand(randSeed, 333) % 15 + 1; // k +} + +void setNPW(char* src, size_t len) { + char source[MAX_LEN]; + if (len < MAX_LEN) { + memcpy(source, src, len + 1); + } + NPWstr = transferToString(source); +} + +string _xStr, _muStr, _kStr,_nwidStr; + +void calcEmbeddingResult() { + decryptD(); + string hwid = interface::rsa_d(smallNum(RSAsource), smallNum(Dstr), smallNum(Nstr)).hex(); + uint32_t Dkeys[2] = {}; + decryptKeys(Dkeys); + _nwidStr = (smallNum(hwid) ^ big2Small(SM3(bigNum().FromU32(Dkeys[1]) || bigNum(Dstr)))).hex(); + string hpw = (smallNum(NPWstr) ^ big2Small(SM3(bigNum().FromU32(Dkeys[0]) || bigNum(Dstr)))).hex(); + smallNum hashPart = big2Small(SM3(bigNum(hpw) || bigNum(hwid)).hex()); + _xStr = (smallNum().FromU32(_uints[0])*smallNum("001001001001001001001001001001001001001001001001001001001001001") ^ hashPart).hex(); + _muStr = (smallNum().FromU32(_uints[1])*smallNum("001001001001001001001001001001001001001001001001001001001001001") ^ hashPart).hex(); + _kStr = (smallNum().FromU32(_uints[2])*smallNum("1111111111111111111111111111111111111111111111111111111111111111") ^ hashPart).hex(); + Dstr = ""; + NPWstr = ""; +} + +void getX(char *buf, size_t len) { + char* result = transferFromString(_xStr); + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} + +void getMu(char *buf, size_t len) { + char* result = transferFromString(_muStr); + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} + +void getK(char *buf, size_t len) { + char* result = transferFromString(_kStr); + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} + +void getNWID(char *buf, size_t len) { + char* result = transferFromString(_nwidStr); + if (len > strlen(result)) { + memcpy(buf, result, strlen(result) + 1); + } +} diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in new file mode 100644 index 00000000..7b8ecf59 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/manifest.txt.in @@ -0,0 +1,8 @@ +gpd.ta.appID: @UUID@ +gpd.ta.service_name: test0108 +gpd.ta.singleInstance: true +gpd.ta.multiSession: false +gpd.ta.multiCommand: false +gpd.ta.instanceKeepAlive: false +gpd.ta.dataSize: 16384 +gpd.ta.stackSize: 20480 diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem new file mode 100644 index 00000000..a321f63e --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/enclave/rsa_public_key_cloud.pem @@ -0,0 +1,11 @@ +-----BEGIN PUBLIC KEY----- +MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAzAPwbnbgBg7JgXERA9Bx +p7GLI1S3e1zL83RMd2+GXb6kO4yMKUL3NUCE2HhA2BtQYmLyGovx59UUcKnU58is +Xux++kH+A2shmOPjYvEFuX0Kt8tc19b8M9b/iHsY8ZmKykqia2a5U+IrECRFJo5p +DWUnl7jrHVtq78BSR1c7iXG1frrEC0AYCuqKJo/fxfmOKL0Y9mENCB3nAwjn9unD +BsO/OhkqvvB3nkeuMfNKPh4wCqtQPve13eTojbuxjX/3ePijplTI5X2Gr+n6Ximn +fYRlytQmMgMl/db0ARSKNApq9bmwzVNrnGWWZWJksdRvf6iL7t17Gs4L9AApOuC9 +WkzxPvwp5ZUqjsGd4oJGWeC6ZE6BTw2vxE+xMFI9uAKHxq9pBKkcGMa0g4fANNNV ++W+8JZGanxEXKB3y/M7BCyQAPCWOHC/RNjmRA1gczLYCPzC4pWu935UZdF1RR6zY +CD3t+FoOGGET/g4CwWgyhb5qkp65Hs6ayYt/DUAqo+yBAgMBAAE= +-----END PUBLIC KEY----- diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt b/wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt new file mode 100644 index 00000000..53c73199 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/host/CMakeLists.txt @@ -0,0 +1,93 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +#set auto code prefix +set(PREFIX verify) +#set host exec name +set(OUTPUT secgear_enclave) +#set host src code +set(SOURCE_FILE main.cpp) + +set(CMAKE_CXX_STANDARD 11) +#set auto code +if(CC_GP) + set(AUTO_FILES ${PREFIX}_u.h ${PREFIX}_u.c ${PREFIX}_args.h) + set(SEARCH_PATH ${LOCAL_ROOT_PATH}/inc/host_inc/gp) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${SEARCH_PATH}) +endif() + +if(CC_SGX) + set(AUTO_FILES ${PREFIX}_u.h ${PREFIX}_u.c) + set(SEARCH_PATH ${LOCAL_ROOT_PATH}/inc/host_inc/sgx) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${SEARCH_PATH} --search-path ${SDK_PATH}/include) +endif() + +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE") +set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + +if(CC_GP) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${CMAKE_BINARY_DIR}/inc + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/gp + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_SGX) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/sgx + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_SIM) + target_link_libraries(${OUTPUT} secgearsim pthread) +else() + target_link_libraries(${OUTPUT} secgear pthread) +endif() +set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE) + +if(CC_GP) + #itrustee install whitelist /vender/bin/teec_hello + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION /vendor/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() + +if(CC_SGX) + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION ${CMAKE_BINARY_DIR}/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() + diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp b/wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp new file mode 100644 index 00000000..6979fe30 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/host/main.cpp @@ -0,0 +1,103 @@ +#include +#include +#include +#include +#include "verify_u.h" + +#define MAX_LEN 1024 + +using namespace std; + +const char hexChars[] = "0123456789abcdef"; +int dec(char ch) { + if ('0' <= ch && ch <= '9') { + return ch - '0'; + } + if ('a' <= ch && ch <= 'f') { + return ch - 'a' + 10; + } + if ('A' <= ch && ch <= 'F') { + return ch - 'A' + 10; + } + return -1; +} +uint32_t transferToU32(char* src,int base=10) { + uint32_t result = 0; + for (int i = 0; src[i]; i++) { + result = result * base + dec(src[i]); + } + return result; +} + +char tmpresult[512]; +char* transferFromString(string src) { + int siz = src.length(); + if (siz < 512) { + for (int i = 0; i <= siz; i++) { + tmpresult[i] = src[i]; + } + } + return tmpresult; +} + +int main(int argc, char* argv[]) { + cc_enclave_t eid = {}; + cc_enclave_result_t ret; + char *path = transferFromString(PATH); + // char *path = PATH; + + ret = cc_enclave_create(path, AUTO_ENCLAVE_TYPE, 0, SECGEAR_DEBUG_FLAG, NULL, 0, &eid); + cout << ret << endl; + if (ret != CC_SUCCESS) { + printf("ERR: %#x ,failed to create enclave.\n", ret); + return -1; + } + char buffer[MAX_LEN]; + uint32_t uints[2] = {}; + if (argc > 1) { + if(strcmp(argv[1],"initServer") == 0){ + uints[0] = transferToU32(argv[4]); + initKeys(&eid, uints); + setN(&eid, argv[3], strlen(argv[3]) + 1); + setD(&eid, argv[2], strlen(argv[2]) + 1); + getCD(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + getKeys(&eid, uints); + printf("%u\n%u\n", uints[0], uints[1]); + } + else if(strcmp(argv[1], "passwordEncryption") == 0){ + setN(&eid, argv[4], strlen(argv[4]) + 1); + setCD(&eid, argv[3], strlen(argv[3]) + 1); + setRSAsource(&eid, argv[2], strlen(argv[2]) + 1); + uints[0] = transferToU32(argv[5]); + setKeys(&eid, uints); + getRSAresult(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + } + else if(strcmp(argv[1], "embedding") == 0){ + setN(&eid, argv[5], strlen(argv[5]) + 1); + setCD(&eid, argv[4], strlen(argv[4]) + 1); + setNPW(&eid, argv[3], strlen(argv[3]) + 1); + setRSAsource(&eid, argv[2], strlen(argv[2]) + 1); + uints[0] = transferToU32(argv[8]); + registerSeed(&eid, uints); + uints[0] = transferToU32(argv[6]); + uints[1] = transferToU32(argv[7]); + setKeys(&eid, uints); + calcEmbeddingResult(&eid); + getX(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + getMu(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + getK(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + getNWID(&eid, buffer, MAX_LEN); + printf("%s\n", buffer); + } + } + + if (CC_SUCCESS != cc_enclave_destroy(&eid)) { + return -1; + } + return 0; +} diff --git a/wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl b/wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl new file mode 100644 index 00000000..73fc1846 --- /dev/null +++ b/wallfacer2.0/Wallfacer1.0-modify/verify/verify.edl @@ -0,0 +1,28 @@ +enclave { + include "secgear_urts.h" + from "secgear_tstdc.edl" import *; + + trusted { + public void setRSAsource([in, size=len] char* src, size_t len); + public void getRSAresult([out, size=len] char* buf, size_t len); + public void calcEmbeddingResult(); + public void initKeys([in] uint32_t *src); + public void registerSeed([in] uint32_t *src); + public void setKeys([in,count=2] uint32_t *K); + public void getKeys([out,count=2] uint32_t *K); + public void setD([in, size=len] char* src, size_t len); + public void setCD([in, size=len] char* src, size_t len); + public void setN([in, size=len] char* src, size_t len); + public void getCD([out, size=len] char* buf, size_t len); + public void getX([out, size=len] char* buf, size_t len); + public void getMu([out, size=len] char* buf, size_t len); + public void getK([out, size=len] char* buf, size_t len); + public void getNWID([out, size=len] char* buf, size_t len); + public void setNPW([in, size=len] char* src, size_t len); + + }; + + untrusted { + + }; +}; -- Gitee From a16dc96f6afd89f6d1feab0ed5c5a870299ce025 Mon Sep 17 00:00:00 2001 From: woxim Date: Fri, 15 Mar 2024 21:46:14 +0800 Subject: [PATCH 4/4] key_value_search --- wallfacer2.0/helloworld/CMakeLists.txt | 38 ++ .../helloworld/enclave/CMakeLists.txt | 219 ++++++++ .../helloworld/enclave/Enclave.config.xml | 12 + wallfacer2.0/helloworld/enclave/Enclave.lds | 11 + .../helloworld/enclave/config_cloud.ini | 60 ++ wallfacer2.0/helloworld/enclave/hello.cpp | 519 ++++++++++++++++++ wallfacer2.0/helloworld/enclave/manifest.txt | 7 + wallfacer2.0/helloworld/helloworld.edl | 21 + wallfacer2.0/helloworld/host/CMakeLists.txt | 119 ++++ wallfacer2.0/helloworld/host/main.cpp | 184 +++++++ 10 files changed, 1190 insertions(+) create mode 100644 wallfacer2.0/helloworld/CMakeLists.txt create mode 100644 wallfacer2.0/helloworld/enclave/CMakeLists.txt create mode 100644 wallfacer2.0/helloworld/enclave/Enclave.config.xml create mode 100644 wallfacer2.0/helloworld/enclave/Enclave.lds create mode 100644 wallfacer2.0/helloworld/enclave/config_cloud.ini create mode 100644 wallfacer2.0/helloworld/enclave/hello.cpp create mode 100644 wallfacer2.0/helloworld/enclave/manifest.txt create mode 100644 wallfacer2.0/helloworld/helloworld.edl create mode 100644 wallfacer2.0/helloworld/host/CMakeLists.txt create mode 100644 wallfacer2.0/helloworld/host/main.cpp diff --git a/wallfacer2.0/helloworld/CMakeLists.txt b/wallfacer2.0/helloworld/CMakeLists.txt new file mode 100644 index 00000000..b51bdd22 --- /dev/null +++ b/wallfacer2.0/helloworld/CMakeLists.txt @@ -0,0 +1,38 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +project(HelloWorld CXX) + +set(CMAKE_CXX_STANDARD 11) + +set(CURRENT_ROOT_PATH ${CMAKE_CURRENT_SOURCE_DIR}) + +#set edl name +set(EDL_FILE helloworld.edl) +set(CODEGEN codegen) + +if(CC_GP) + set(CODETYPE trustzone) + set(UUID f68fd704-6eb1-4d14-b218-722850eb3ef0) + add_definitions(-DPATH="/data/${UUID}.sec") +endif() + +if(CC_SGX) + set(CODETYPE sgx) + add_definitions(-DPATH="${CMAKE_CURRENT_BINARY_DIR}/enclave/enclave.signed.so") +endif() + +if(CC_PL) + set(CODETYPE penglai) + add_definitions(-DPATH="${CMAKE_CURRENT_SOURCE_DIR}/enclave/penglai-ELF") +endif() + +add_subdirectory(${CURRENT_ROOT_PATH}/enclave) +add_subdirectory(${CURRENT_ROOT_PATH}/host) diff --git a/wallfacer2.0/helloworld/enclave/CMakeLists.txt b/wallfacer2.0/helloworld/enclave/CMakeLists.txt new file mode 100644 index 00000000..de2a8e83 --- /dev/null +++ b/wallfacer2.0/helloworld/enclave/CMakeLists.txt @@ -0,0 +1,219 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +#set auto code prefix +set(PREFIX helloworld) + +#set sign key +set(PEM Enclave_private.pem) + +#set sign tool +set(SIGN_TOOL ${LOCAL_ROOT_PATH}/tools/sign_tool/sign_tool.sh) + +#set enclave src code +set(SOURCE_FILES ${CMAKE_CURRENT_SOURCE_DIR}/hello.cpp) + +#set log level +set(PRINT_LEVEL 3) +add_definitions(-DPRINT_LEVEL=${PRINT_LEVEL}) + +if(CC_GP) + #set signed output + set(OUTPUT ${UUID}.sec) + #set whilelist. default: /vendor/bin/teec_hello + set(WHITE_LIST_0 /vendor/bin/helloworld) + set(WHITE_LIST_OWNER root) + set(WHITE_LIST_1 /vendor/bin/secgear_helloworld) + set(WHITELIST WHITE_LIST_0 WHITE_LIST_1) + + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) +endif() + +if(CC_SGX) + set(OUTPUT enclave.signed.so) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include) +endif() + +if(CC_PL) + set(OUTPUT penglai-ELF) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --trusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/penglai) +endif() + +set(COMMON_C_FLAGS "-W -Wall -Werror -fno-short-enums -fno-omit-frame-pointer -fstack-protector \ + -Wstack-protector --param ssp-buffer-size=4 -frecord-gcc-switches -Wextra -nostdinc -nodefaultlibs \ + -fno-peephole -fno-peephole2 -Wno-main -Wno-error=unused-parameter \ + -Wno-error=unused-but-set-variable -Wno-error=format-truncation=") + +set(COMMON_C_LINK_FLAGS "-Wl,-z,now -Wl,-z,relro -Wl,-z,noexecstack -Wl,-nostdlib -nodefaultlibs -nostartfiles") + +if(CC_GP) + + set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -march=armv8-a ") + set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s -fPIC") + set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-s") + + set(ITRUSTEE_TEEDIR ${SDK_PATH}/) + set(ITRUSTEE_LIBC ${SDK_PATH}/thirdparty/open_source/musl/libc) + + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_BINARY_DIR}/lib/) + endif() + + add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) + + target_include_directories( ${PREFIX} PRIVATE + ${CMAKE_CURRENT_BINARY_DIR} + ${CMAKE_BINARY_DIR}/inc + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/gp + ${LOCAL_ROOT_PATH}/inc/enclave_inc + ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp + ${ITRUSTEE_TEEDIR}/include/TA + ${ITRUSTEE_TEEDIR}/include/TA/huawei_ext + ${ITRUSTEE_LIBC}/arch/aarch64 + ${ITRUSTEE_LIBC}/ + ${ITRUSTEE_LIBC}/arch/arm/bits + ${ITRUSTEE_LIBC}/arch/generic + ${ITRUSTEE_LIBC}/arch/arm + ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp/itrustee) + + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${PREFIX} PRIVATE + ${CMAKE_BINARY_DIR}/lib/) + endif() + + foreach(WHITE_LIST ${WHITELIST}) + add_definitions(-D${WHITE_LIST}="${${WHITE_LIST}}") + endforeach(WHITE_LIST) + add_definitions(-DWHITE_LIST_OWNER="${WHITE_LIST_OWNER}") + + target_link_libraries(${PREFIX} -lsecgear_tee) + + #for trustzone compiling, you should connact us to get config and private_key.pem for test, so we will not sign and install binary in this example # + # add_custom_command(TARGET ${PREFIX} + # POST_BUILD + # COMMAND bash ${SIGN_TOOL} -d sign -x trustzone -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -c ${CMAKE_CURRENT_SOURCE_DIR}/manifest.txt -m ${CMAKE_CURRENT_SOURCE_DIR}/config_cloud.ini -o ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT}) + + # install(FILES ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${OUTPUT} + # DESTINATION /data + # PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + +endif() + +if(CC_SGX) + set(SGX_DIR ${SDK_PATH}) + set(CMAKE_C_FLAGS "${COMMON_C_FLAGS} -m64 -fvisibility=hidden") + set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + set(LINK_LIBRARY_PATH ${SGX_DIR}/lib64) + + if(CC_SIM) + set(Trts_Library_Name sgx_trts_sim) + set(Service_Library_Name sgx_tservice_sim) + else() + set(Trts_Library_Name sgx_trts) + set(Service_Library_Name sgx_tservice) + endif() + + set(Crypto_Library_Name sgx_tcrypto) + + set(CMAKE_SHARED_LINKER_FLAGS "${COMMON_C_LINK_FLAGS} -Wl,-z,defs -Wl,-pie -Bstatic -Bsymbolic -eenclave_entry \ + -Wl,--export-dynamic -Wl,--defsym,__ImageBase=0 -Wl,--gc-sections -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/Enclave.lds") + + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${LINK_LIBRARY_PATH}) + endif() + + add_library(${PREFIX} SHARED ${SOURCE_FILES} ${AUTO_FILES}) + + target_include_directories(${PREFIX} PRIVATE + ${CMAKE_CURRENT_BINARY_DIR} + ${SGX_DIR}/include/tlibc + ${SGX_DIR}/include/libcxx + ${SGX_DIR}/include + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/sgx) + + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${PREFIX} PRIVATE + ${LINK_LIBRARY_PATH}) + endif() + + target_link_libraries(${PREFIX} -Wl,--whole-archive ${Trts_Library_Name} -Wl,--no-whole-archive + -Wl,--start-group -lsgx_tstdc -lsgx_tcxx -l${Crypto_Library_Name} -l${Service_Library_Name} -Wl,--end-group) + add_custom_command(TARGET ${PREFIX} + POST_BUILD + COMMAND umask 0177 + COMMAND openssl genrsa -3 -out ${PEM} 3072 + COMMAND bash ${SIGN_TOOL} -d sign -x sgx -i ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/lib${PREFIX}.so -k ${PEM} -o ${OUTPUT} -c ${CMAKE_CURRENT_SOURCE_DIR}/Enclave.config.xml) +endif() + +if(NOT DEFINED CC_PL) + set_target_properties(${PREFIX} PROPERTIES SKIP_BUILD_RPATH TRUE) +endif() + +if(CC_PL) + set(SDK_LIB_DIR ${SDK_PATH}/lib) + set(SDK_INCLUDE_DIR ${SDK_LIB_DIR}/app/include) + set(SDK_APP_LIB ${SDK_LIB_DIR}/libpenglai-enclave-eapp.a) + set(MUSL_LIB_DIR ${SDK_PATH}/musl/lib) + set(MUSL_LIBC ${MUSL_LIB_DIR}/libc.a) + set(GCC_LIB ${SDK_LIB_DIR}/libgcc.a) + set(SECGEAR_TEE_LIB ${CMAKE_BINARY_DIR}/lib/libsecgear_tee.a) + + set(SOURCE_C_OBJS "") + foreach(SOURCE_FILE ${SOURCE_FILES}) + STRING(REGEX REPLACE ".+/(.+)\\..*" "\\1" SOURCE_FILE_NAME ${SOURCE_FILE}) + set(SOURCE_OBJ ${CMAKE_CURRENT_BINARY_DIR}/${SOURCE_FILE_NAME}.o) + add_custom_command( + OUTPUT ${SOURCE_OBJ} + DEPENDS ${SOURCE_FILES} + COMMAND gcc -Wall -I${SDK_INCLUDE_DIR} -I${CMAKE_CURRENT_BINARY_DIR} -I${CMAKE_BINARY_DIR}/inc + -I${LOCAL_ROOT_PATH}/inc/host_inc -I${LOCAL_ROOT_PATH}/inc/host_inc/penglai -I${LOCAL_ROOT_PATH}/inc/enclave_inc + -I${LOCAL_ROOT_PATH}/inc/enclave_inc/penglai -c -o ${SOURCE_OBJ} ${SOURCE_FILE} + COMMENT "generate SOURCE_OBJ" + ) + list(APPEND SOURCE_C_OBJS ${SOURCE_OBJ}) + endforeach() + + set(APP_C_OBJ ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.o) + add_custom_command( + OUTPUT ${APP_C_OBJ} + DEPENDS ${AUTO_FILES} + COMMAND gcc -Wall -I${SDK_INCLUDE_DIR} -I${CMAKE_CURRENT_BINARY_DIR} -I${CMAKE_BINARY_DIR}/inc + -I${LOCAL_ROOT_PATH}/inc/host_inc -I${LOCAL_ROOT_PATH}/inc/host_inc/penglai -I${LOCAL_ROOT_PATH}/inc/enclave_inc + -I${LOCAL_ROOT_PATH}/inc/enclave_inc/penglai -c -o ${APP_C_OBJ} ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_t.c + COMMENT "generate APP_C_OBJ" + ) + + add_custom_command( + OUTPUT ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} + DEPENDS ${APP_C_OBJ} ${SOURCE_C_OBJS} ${SDK_APP_LIB} ${MUSL_LIBC} ${GCC_LIB} + COMMAND ld -static -L${SDK_LIB_DIR} -L${MUSL_LIB_DIR} -L/usr/lib64 -lpenglai-enclave-eapp -lsecgear_tee -lc + -o ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} ${APP_C_OBJ} ${SOURCE_C_OBJS} ${SDK_APP_LIB} ${SECGEAR_TEE_LIB} + ${MUSL_LIBC} ${GCC_LIB} -T ${SDK_PATH}/app.lds + COMMAND chmod -x ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} + COMMENT "generate penglai-ELF" + ) + add_custom_target( + ${OUTPUT} ALL + DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/${OUTPUT} + COMMENT "makefile target penglai-ELF" + ) + +endif() diff --git a/wallfacer2.0/helloworld/enclave/Enclave.config.xml b/wallfacer2.0/helloworld/enclave/Enclave.config.xml new file mode 100644 index 00000000..e94c9bc5 --- /dev/null +++ b/wallfacer2.0/helloworld/enclave/Enclave.config.xml @@ -0,0 +1,12 @@ + + 0 + 0 + 0x40000 + 0x100000 + 10 + 1 + + 0 + 0 + 0xFFFFFFFF + diff --git a/wallfacer2.0/helloworld/enclave/Enclave.lds b/wallfacer2.0/helloworld/enclave/Enclave.lds new file mode 100644 index 00000000..ab77e647 --- /dev/null +++ b/wallfacer2.0/helloworld/enclave/Enclave.lds @@ -0,0 +1,11 @@ +enclave.so +{ + global: + g_global_data_sim; + g_global_data; + enclave_entry; + g_peak_heap_used; + local: + *; +}; + diff --git a/wallfacer2.0/helloworld/enclave/config_cloud.ini b/wallfacer2.0/helloworld/enclave/config_cloud.ini new file mode 100644 index 00000000..8c70225e --- /dev/null +++ b/wallfacer2.0/helloworld/enclave/config_cloud.ini @@ -0,0 +1,60 @@ +[signSecPrivateCfg] +;;; +;private key length for signing TA: +;[fixed value] +;256 ECDSA Alg +;2048/4096 RSA Alg +secSignKeyLen = 4096 +;;; +;[fixed value] +;0 means SHA256 hash type +;1 means SHA512 hash type +secHashType = 0 +;;; +; [fixed value] +;0 means padding type is pkcs1v15 +;1 means padding type is PSS +;[fixed value] +secPaddingType = 1 +;;; +;[fixed value] +;RSA alg +;ECDSA alg +;SM2 alg +secSignAlg = RSA +;;; +;public key for encrypt TA +secEncryptKey = rsa_public_key_cloud.pem +;;; +;public key length +secEncryptKeyLen = 3072 + +[signSecPublicCfg] +;;; +;[fixed value] +; sec sign key type +;0 means debug +;1 means release +secReleaseType = 1 +;;; +;0 means TA not installed by OTRP +;1 means TA installed by OTRP +secOtrpFlag = 0 +;;; +;0 means not sign +;1 means signed by local private +;2 means signed using native sign tool; +;3 means signed by CI +;[fixed value] +secSignType = 1 +;;; +;server address for signing TA +secSignServerIp = +;;; +;private key for signing TA +;[private key owned by yourself] +secSignKey = /home/TA_cert/private_key.pem +;;; +;config file +;[signed config file by Huawei] +configPath = /home/TA_cert/secgear-app1/config diff --git a/wallfacer2.0/helloworld/enclave/hello.cpp b/wallfacer2.0/helloworld/enclave/hello.cpp new file mode 100644 index 00000000..1d2f63ae --- /dev/null +++ b/wallfacer2.0/helloworld/enclave/hello.cpp @@ -0,0 +1,519 @@ +/* + * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. + * secGear is licensed under the Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR + * PURPOSE. + * See the Mulan PSL v2 for more details. + */ + +#include +#include +#include "helloworld_t.h" +#include +#include +#include + + +#define TA_HELLO_WORLD "secgear hello world!" +#define BUF_MAX 32 + +///////AES + +const uint8_t key2[]="1234567890123456"; + +typedef struct{ + uint32_t eK[44], dK[44]; // encKey, decKey + int Nr; // 10 rounds +}AesKey; + +#define BLOCKSIZE 16 //AES-128分组长度为16字节 + + +// uint8_t y[4] -> uint32_t x +#define LOAD32H(x, y) \ + do { (x) = ((uint32_t)((y)[0] & 0xff)<<24) | ((uint32_t)((y)[1] & 0xff)<<16) | \ + ((uint32_t)((y)[2] & 0xff)<<8) | ((uint32_t)((y)[3] & 0xff));} while(0) + +// uint32_t x -> uint8_t y[4] +#define STORE32H(x, y) \ + do { (y)[0] = (uint8_t)(((x)>>24) & 0xff); (y)[1] = (uint8_t)(((x)>>16) & 0xff); \ + (y)[2] = (uint8_t)(((x)>>8) & 0xff); (y)[3] = (uint8_t)((x) & 0xff); } while(0) + +// 从uint32_t x中提取从低位开始的第n个字节 +#define BYTE(x, n) (((x) >> (8 * (n))) & 0xff) + +/* used for keyExpansion */ +// 字节替换然后循环左移1位 +#define MIX(x) (((S[BYTE(x, 2)] << 24) & 0xff000000) ^ ((S[BYTE(x, 1)] << 16) & 0xff0000) ^ \ + ((S[BYTE(x, 0)] << 8) & 0xff00) ^ (S[BYTE(x, 3)] & 0xff)) + +// uint32_t x循环左移n位 +#define ROF32(x, n) (((x) << (n)) | ((x) >> (32-(n)))) +// uint32_t x循环右移n位 +#define ROR32(x, n) (((x) >> (n)) | ((x) << (32-(n)))) + +/* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ +// AES-128轮常量 +static const uint32_t rcon[10] = { + 0x01000000UL, 0x02000000UL, 0x04000000UL, 0x08000000UL, 0x10000000UL, + 0x20000000UL, 0x40000000UL, 0x80000000UL, 0x1B000000UL, 0x36000000UL +}; +// S盒 +unsigned char S[256] = { + 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, + 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, + 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, + 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, + 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, + 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, + 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, + 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, + 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, + 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, + 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, + 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, + 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, + 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, + 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, + 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 +}; + +//逆S盒 +unsigned char inv_S[256] = { + 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, + 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, + 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, + 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, + 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, + 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, + 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, + 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, + 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, + 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, + 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, + 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, + 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, + 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, + 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, + 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D +}; + +/* copy in[16] to state[4][4] */ +int loadStateArray(uint8_t (*state)[4], const uint8_t *in) { + for (int i = 0; i < 4; ++i) { + for (int j = 0; j < 4; ++j) { + state[j][i] = *in++; + } + } + return 0; +} + +/* copy state[4][4] to out[16] */ +int storeStateArray(uint8_t (*state)[4], uint8_t *out) { + for (int i = 0; i < 4; ++i) { + for (int j = 0; j < 4; ++j) { + *out++ = state[j][i]; + } + } + return 0; +} +//秘钥扩展 +int keyExpansion(const uint8_t *key, uint32_t keyLen, AesKey *aesKey) { + + if (NULL == key || NULL == aesKey){ + // printf("keyExpansion param is NULL\n"); + return -1; + } + + if (keyLen != 16){ + // printf("keyExpansion keyLen = %d, Not support.\n", keyLen); + return -1; + } + + uint32_t *w = aesKey->eK; //加密秘钥 + uint32_t *v = aesKey->dK; //解密秘钥 + + /* keyLen is 16 Bytes, generate uint32_t W[44]. */ + + /* W[0-3] */ + for (int i = 0; i < 4; ++i) { + LOAD32H(w[i], key + 4*i); + } + + /* W[4-43] */ + for (int i = 0; i < 10; ++i) { + w[4] = w[0] ^ MIX(w[3]) ^ rcon[i]; + w[5] = w[1] ^ w[4]; + w[6] = w[2] ^ w[5]; + w[7] = w[3] ^ w[6]; + w += 4; + } + + w = aesKey->eK+44 - 4; + //解密秘钥矩阵为加密秘钥矩阵的倒序,方便使用,把ek的11个矩阵倒序排列分配给dk作为解密秘钥 + //即dk[0-3]=ek[41-44], dk[4-7]=ek[37-40]... dk[41-44]=ek[0-3] + for (int j = 0; j < 11; ++j) { + + for (int i = 0; i < 4; ++i) { + v[i] = w[i]; + } + w -= 4; + v += 4; + } + + return 0; +} + +// 轮秘钥加 +int addRoundKey(uint8_t (*state)[4], const uint32_t *key) { + uint8_t k[4][4]; + + /* i: row, j: col */ + for (int i = 0; i < 4; ++i) { + for (int j = 0; j < 4; ++j) { + k[i][j] = (uint8_t) BYTE(key[j], 3 - i); /* 把 uint32 key[4] 先转换为矩阵 uint8 k[4][4] */ + state[i][j] ^= k[i][j]; + } + } + + return 0; +} + +//字节替换 +int subBytes(uint8_t (*state)[4]) { + /* i: row, j: col */ + for (int i = 0; i < 4; ++i) { + for (int j = 0; j < 4; ++j) { + state[i][j] = S[state[i][j]]; //直接使用原始字节作为S盒数据下标 + } + } + + return 0; +} + +//逆字节替换 +int invSubBytes(uint8_t (*state)[4]) { + /* i: row, j: col */ + for (int i = 0; i < 4; ++i) { + for (int j = 0; j < 4; ++j) { + state[i][j] = inv_S[state[i][j]]; + } + } + return 0; +} + +//行移位 +int shiftRows(uint8_t (*state)[4]) { + uint32_t block[4] = {0}; + + /* i: row */ + for (int i = 0; i < 4; ++i) { + //便于行循环移位,先把一行4字节拼成uint_32结构,移位后再转成独立的4个字节uint8_t + LOAD32H(block[i], state[i]); + block[i] = ROF32(block[i], 8*i); + STORE32H(block[i], state[i]); + } + + return 0; +} + +//逆行移位 +int invShiftRows(uint8_t (*state)[4]) { + uint32_t block[4] = {0}; + + /* i: row */ + for (int i = 0; i < 4; ++i) { + LOAD32H(block[i], state[i]); + block[i] = ROR32(block[i], 8*i); + STORE32H(block[i], state[i]); + } + + return 0; +} + +/* Galois Field (256) Multiplication of two Bytes */ +// 两字节的伽罗华域乘法运算 +uint8_t GMul(uint8_t u, uint8_t v) { + uint8_t p = 0; + + for (int i = 0; i < 8; ++i) { + if (u & 0x01) { // + p ^= v; + } + + int flag = (v & 0x80); + v <<= 1; + if (flag) { + v ^= 0x1B; /* x^8 + x^4 + x^3 + x + 1 */ + } + + u >>= 1; + } + + return p; +} + +// 列混合 +int mixColumns(uint8_t (*state)[4]) { + uint8_t tmp[4][4]; + uint8_t M[4][4] = {{0x02, 0x03, 0x01, 0x01}, + {0x01, 0x02, 0x03, 0x01}, + {0x01, 0x01, 0x02, 0x03}, + {0x03, 0x01, 0x01, 0x02}}; + + /* copy state[4][4] to tmp[4][4] */ + for (int i = 0; i < 4; ++i) { + for (int j = 0; j < 4; ++j){ + tmp[i][j] = state[i][j]; + } + } + + for (int i = 0; i < 4; ++i) { + for (int j = 0; j < 4; ++j) { //伽罗华域加法和乘法 + state[i][j] = GMul(M[i][0], tmp[0][j]) ^ GMul(M[i][1], tmp[1][j]) + ^ GMul(M[i][2], tmp[2][j]) ^ GMul(M[i][3], tmp[3][j]); + } + } + + return 0; +} + +// 逆列混合 +int invMixColumns(uint8_t (*state)[4]) { + uint8_t tmp[4][4]; + uint8_t M[4][4] = {{0x0E, 0x0B, 0x0D, 0x09}, + {0x09, 0x0E, 0x0B, 0x0D}, + {0x0D, 0x09, 0x0E, 0x0B}, + {0x0B, 0x0D, 0x09, 0x0E}}; //使用列混合矩阵的逆矩阵 + + /* copy state[4][4] to tmp[4][4] */ + for (int i = 0; i < 4; ++i) { + for (int j = 0; j < 4; ++j){ + tmp[i][j] = state[i][j]; + } + } + + for (int i = 0; i < 4; ++i) { + for (int j = 0; j < 4; ++j) { + state[i][j] = GMul(M[i][0], tmp[0][j]) ^ GMul(M[i][1], tmp[1][j]) + ^ GMul(M[i][2], tmp[2][j]) ^ GMul(M[i][3], tmp[3][j]); + } + } + + return 0; +} + +// AES-128加密接口,输入key应为16字节长度,输入长度应该是16字节整倍数, +// 这样输出长度与输入长度相同,函数调用外部为输出数据分配内存 +int aesEncrypt(const uint8_t *key, uint32_t keyLen, const uint8_t *pt, uint8_t *ct, uint32_t len) { + + AesKey aesKey; + uint8_t *pos = ct; + const uint32_t *rk = aesKey.eK; //解密秘钥指针 + uint8_t out[BLOCKSIZE] = {0}; + uint8_t actualKey[16] = {0}; + uint8_t state[4][4] = {0}; + + if (NULL == key || NULL == pt || NULL == ct){ + // printf("param err.\n"); + return -1; + } + + if (keyLen > 16){ + // printf("keyLen must be 16.\n"); + return -1; + } + + if (len % BLOCKSIZE){ + // printf("inLen is invalid.\n"); + return -1; + } + + memcpy(actualKey, key, keyLen); + keyExpansion(actualKey, 16, &aesKey); // 秘钥扩展 + + // 使用ECB模式循环加密多个分组长度的数据 + for (int i = 0; i < len; i += BLOCKSIZE) { + // 把16字节的明文转换为4x4状态矩阵来进行处理 + loadStateArray(state, pt); + // 轮秘钥加 + addRoundKey(state, rk); + + for (int j = 1; j < 10; ++j) { + rk += 4; + subBytes(state); // 字节替换 + shiftRows(state); // 行移位 + mixColumns(state); // 列混合 + addRoundKey(state, rk); // 轮秘钥加 + } + + subBytes(state); // 字节替换 + shiftRows(state); // 行移位 + // 此处不进行列混合 + addRoundKey(state, rk+4); // 轮秘钥加 + + // 把4x4状态矩阵转换为uint8_t一维数组输出保存 + storeStateArray(state, pos); + + pos += BLOCKSIZE; // 加密数据内存指针移动到下一个分组 + pt += BLOCKSIZE; // 明文数据指针移动到下一个分组 + rk = aesKey.eK; // 恢复rk指针到秘钥初始位置 + } + return 0; +} + +// AES128解密, 参数要求同加密 +int aesDecrypt(const uint8_t *key, uint32_t keyLen, const uint8_t *ct, uint8_t *pt, uint32_t len) { + AesKey aesKey; + uint8_t *pos = pt; + const uint32_t *rk = aesKey.dK; //解密秘钥指针 + uint8_t out[BLOCKSIZE] = {0}; + uint8_t actualKey[16] = {0}; + uint8_t state[4][4] = {0}; + + if (NULL == key || NULL == ct || NULL == pt){ + // printf("param err.\n"); + return -1; + } + + if (keyLen > 16){ + // printf("keyLen must be 16.\n"); + return -1; + } + + if (len % BLOCKSIZE){ + // printf("inLen is invalid.\n"); + return -1; + } + + memcpy(actualKey, key, keyLen); + keyExpansion(actualKey, 16, &aesKey); //秘钥扩展,同加密 + + for (int i = 0; i < len; i += BLOCKSIZE) { + // 把16字节的密文转换为4x4状态矩阵来进行处理 + loadStateArray(state, ct); + // 轮秘钥加,同加密 + addRoundKey(state, rk); + + for (int j = 1; j < 10; ++j) { + rk += 4; + invShiftRows(state); // 逆行移位 + invSubBytes(state); // 逆字节替换,这两步顺序可以颠倒 + addRoundKey(state, rk); // 轮秘钥加,同加密 + invMixColumns(state); // 逆列混合 + } + + invSubBytes(state); // 逆字节替换 + invShiftRows(state); // 逆行移位 + // 此处没有逆列混合 + addRoundKey(state, rk+4); // 轮秘钥加,同加密 + + storeStateArray(state, pos); // 保存明文数据 + pos += BLOCKSIZE; // 输出数据内存指针移位分组长度 + ct += BLOCKSIZE; // 输入数据内存指针移位分组长度 + rk = aesKey.dK; // 恢复rk指针到秘钥初始位置 + } + return 0; +} + +// 方便输出16进制数据 + + +//////////////////start + +struct ListNode{ + uint8_t hint; + uint8_t key[32]; + uint8_t val[32]; + ListNode *nextPoint; +}; + +void setData(ListNode* head, uint8_t hint, uint8_t* encryptKey, uint8_t* encryptVal){ + if(!head->hint){ // 检查头节点是否为空 + head->hint = hint; + memcpy(head->key,encryptKey,32); + memcpy(head->val,encryptVal,32); + head->nextPoint = nullptr; + } + else{ + ListNode *newNode = new ListNode(); // 创建新节点 + newNode->hint = hint; + memcpy(newNode->key,encryptKey,32); + memcpy(newNode->val,encryptVal,32); + newNode->nextPoint = nullptr; + ListNode *nowTemp = head; + while(nowTemp->nextPoint != nullptr){ // 遍历链表找到末尾 + nowTemp = nowTemp->nextPoint; + } + nowTemp->nextPoint = newNode; // 将新节点链接到链表末尾 + } +} + +int setDataInEnclave(uint64_t head_addr, uint8_t* key, uint8_t* val){ + ListNode* head = (ListNode*)head_addr; + std::string dataString(reinterpret_cast(key), sizeof(key)); + std::hash hasher; + size_t hashValue = hasher(dataString); + uint8_t hint = hashValue & 0xFF; + + + uint8_t encryptKey[32] = {0}; + uint8_t encryptVal[32] = {0}; + aesEncrypt(key2, 16, key, encryptKey, 32); + aesEncrypt(key2, 16, val, encryptVal, 32); + + setData(head,hint,encryptKey,encryptVal); + return 0; +} + +int getDataInEnclave(uint64_t head_addr, uint8_t* key, uint64_t searchList_addr, uint8_t* valReturn){ + ListNode* head = (ListNode*)head_addr; + ListNode* searchList = (ListNode*)searchList_addr; + + std::string dataString(reinterpret_cast(key), sizeof(key)); + std::hash hasher; + size_t hashValue = hasher(dataString); + uint8_t hint = hashValue & 0xFF; + // std::cout << "First bit of hash value: " << static_cast(hint) << std::endl; + + ListNode *now = head; + // std::cout << "First bit of hash value: " << static_cast(now->hint) << std::endl; + while(now != nullptr){ + if(now->hint == hint){ + setData(searchList, now->hint, now->key, now->val); + } + now = now->nextPoint; + } + ListNode *nowTemp = searchList; + + + while (nowTemp != nullptr) { + + uint8_t plain2[32] = {0}; + aesDecrypt(key2, 16, nowTemp->key, plain2, 32); + if (!memcmp(plain2, key,32)) { + + uint8_t val_value[32] = {0}; + // memcpy(val_value,nowTemp->val,32); + // val_value = nowTemp->val; + aesDecrypt(key2, 16, nowTemp->val, valReturn, 32); + + // strcpy(valReturn, decryptValArray); + break; // 找到匹配的键后立即停止搜索 + } + nowTemp = nowTemp->nextPoint; + } + + return 0; +} + + +int get_string(char *buf) +{ + strncpy(buf, TA_HELLO_WORLD, strlen(TA_HELLO_WORLD) + 1); + return 0; +} diff --git a/wallfacer2.0/helloworld/enclave/manifest.txt b/wallfacer2.0/helloworld/enclave/manifest.txt new file mode 100644 index 00000000..d78354e6 --- /dev/null +++ b/wallfacer2.0/helloworld/enclave/manifest.txt @@ -0,0 +1,7 @@ +gpd.ta.appID: f68fd704-6eb1-4d14-b218-722850eb3ef0 +gpd.ta.service_name: rsa-demo +gpd.ta.singleInstance: true +gpd.ta.multiSession: false +gpd.ta.instanceKeepAlive: false +gpd.ta.dataSize: 819200 +gpd.ta.stackSize: 40960 diff --git a/wallfacer2.0/helloworld/helloworld.edl b/wallfacer2.0/helloworld/helloworld.edl new file mode 100644 index 00000000..8d2f4c74 --- /dev/null +++ b/wallfacer2.0/helloworld/helloworld.edl @@ -0,0 +1,21 @@ +/* + * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. + * secGear is licensed under the Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR + * PURPOSE. + * See the Mulan PSL v2 for more details. + */ + +enclave { + include "secgear_urts.h" + from "secgear_tstdc.edl" import *; + trusted { + public int get_string([out, size=32]char *buf); + public int setDataInEnclave(uint64_t head_addr, [in, size=32]uint8_t* key, [in, size=32]uint8_t* val); + public int getDataInEnclave(uint64_t head_addr, [in, size=32]uint8_t* key, uint64_t searchList_addr, [out, size=32]uint8_t* valReturn); + }; +}; diff --git a/wallfacer2.0/helloworld/host/CMakeLists.txt b/wallfacer2.0/helloworld/host/CMakeLists.txt new file mode 100644 index 00000000..83968fc4 --- /dev/null +++ b/wallfacer2.0/helloworld/host/CMakeLists.txt @@ -0,0 +1,119 @@ +# Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. +# secGear is licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. + +#set auto code prefix +set(PREFIX helloworld) +#set host exec name +set(OUTPUT secgear_helloworld) +#set host src code +set(SOURCE_FILE ${CMAKE_CURRENT_SOURCE_DIR}/main.cpp) + +#set auto code +if(CC_GP) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_args.h) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/gp) +endif() + +if(CC_SGX) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/sgx --search-path ${SDK_PATH}/include) +endif() + +if(CC_PL) + set(AUTO_FILES ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.h ${CMAKE_CURRENT_BINARY_DIR}/${PREFIX}_u.c) + add_custom_command(OUTPUT ${AUTO_FILES} + DEPENDS ${CURRENT_ROOT_PATH}/${EDL_FILE} + COMMAND ${CODEGEN} --${CODETYPE} --untrusted ${CURRENT_ROOT_PATH}/${EDL_FILE} --search-path ${LOCAL_ROOT_PATH}/inc/host_inc/penglai) +endif() + +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE") +set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS} -s") + +if(CC_GP) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${CMAKE_BINARY_DIR}/inc + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/gp + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_SGX) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/sgx + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_PL) + if(${CMAKE_VERSION} VERSION_LESS "3.13.0") + link_directories(${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() + add_executable(${OUTPUT} ${SOURCE_FILE} ${AUTO_FILES}) + target_include_directories(${OUTPUT} PRIVATE + ${LOCAL_ROOT_PATH}/inc/host_inc + ${LOCAL_ROOT_PATH}/inc/host_inc/penglai + ${CMAKE_CURRENT_BINARY_DIR}) + if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") + target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) + endif() +endif() + +if(CC_SIM) + target_link_libraries(${OUTPUT} secgearsim pthread) +else() + target_link_libraries(${OUTPUT} secgear pthread) +endif() +set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE) + +if(CC_GP) + #itrustee install whitelist /vender/bin/teec_hello + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION /vendor/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() + +if(CC_SGX) + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION ${CMAKE_BINARY_DIR}/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() + +if(CC_PL) + install(TARGETS ${OUTPUT} + RUNTIME + DESTINATION ${CMAKE_BINARY_DIR}/bin/ + PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ + GROUP_EXECUTE GROUP_READ + WORLD_EXECUTE WORLD_READ) +endif() diff --git a/wallfacer2.0/helloworld/host/main.cpp b/wallfacer2.0/helloworld/host/main.cpp new file mode 100644 index 00000000..2457a177 --- /dev/null +++ b/wallfacer2.0/helloworld/host/main.cpp @@ -0,0 +1,184 @@ +/* + * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. + * secGear is licensed under the Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR + * PURPOSE. + * See the Mulan PSL v2 for more details. + */ + +#include +#include +#include +#include "enclave.h" +#include "helloworld_u.h" +#include "string.h" + +#define BUF_LEN 32 + +struct ListNode{ + uint8_t hint; + uint8_t key[32]; + uint8_t val[32]; + ListNode *nextPoint; +}; + +void printInfo(uint8_t* data){ + for (int i = 0; i < 32; ++i) { + printf("%c", data[i]); + } +} + +int main() +{ + int retval = 0; + char *path = PATH; + char buf[BUF_LEN]; + cc_enclave_t context = {}; + cc_enclave_result_t res = CC_FAIL; + + char real_p[PATH_MAX]; + /* check file exists, if not exist then use absolute path */ + if (realpath(path, real_p) == NULL) { + if (getcwd(real_p, sizeof(real_p)) == NULL) { + printf("Cannot find enclave.sign.so"); + // goto end; + return res; + } + if (PATH_MAX - strlen(real_p) <= strlen("/enclave.signed.so")) { + printf("Failed to strcat enclave.sign.so path"); + // goto end; + return res; + } + (void)strcat(real_p, "/enclave.signed.so"); + } + + res = cc_enclave_create(real_p, AUTO_ENCLAVE_TYPE, 0, SECGEAR_DEBUG_FLAG, NULL, 0, &context); + if (res != CC_SUCCESS) { + printf("host create enclave error\n"); + // goto end; + return res; + } + printf("host create enclave success\n"); + + res = get_string(&context, &retval, buf); + if (res != CC_SUCCESS || retval != (int)CC_SUCCESS) { + printf("Ecall enclave error\n"); + } else { + printf("enclave say:%s\n", buf); + } + + ///////////////////////// + ListNode head; + head.hint = '\0'; // 初始化头节点 + ListNode searchList; + searchList.hint = '\0'; + uint64_t head_addr = (uint64_t)&head; + uint64_t searchList_addr = (uint64_t)&searchList; + + char choice; + while(true){ + printf("请您选择您需要的功能:\n"); + printf("1. 存储\n"); + printf("2. 取值\n"); + printf("3. 退出\n"); + scanf("%c",&choice); + if(choice == '1'){ + printf("请输入您要存储数据的键:"); + char input_key[33]; + scanf("%s",input_key); + if(strlen(input_key) > 32){ + input_key[32] = '\0'; + } + for(int i = strlen(input_key); i < 32; i++){ + input_key[i] = ' '; + } + input_key[32] = '\0'; + printf("请输入您要存储数据的值:"); + char input_val[33]; + scanf("%s",input_val); + if(strlen(input_val) > 32){ + input_val[32] = '\0'; + } + for(int i = strlen(input_val); i < 32; i++){ + input_val[i] = ' '; + } + input_val[32] = '\0'; + int res = setDataInEnclave(&context, &retval,head_addr,reinterpret_cast(input_key),reinterpret_cast(input_val)); + if(res == 0){ + printf("数据存储成功!\n"); + } + else{ + printf("数据存储失败!\n"); + } + } + else if(choice == '2'){ + printf("请输入您要查找数据的键:"); + char input_key[33]; + scanf("%s",input_key); + if(strlen(input_key) > 32){ + input_key[32] = '\0'; + } + for(int i = strlen(input_key); i < 32; i++){ + input_key[i] = ' '; + } + input_key[32] = '\0'; + uint8_t val_rec[32] = {0}; + int res2 = getDataInEnclave(&context, &retval,head_addr,reinterpret_cast(input_key),searchList_addr,val_rec); + if(res2 == 0){ + printf("数据查找成功!"); + printf("您查找的值为:\n"); + printf("============================\n"); + for (int i = 0; i < 32; ++i) { + printf("%c", val_rec[i]); + } + printf("\n============================\n"); + printf("\n"); + } + else{ + printf("数据查找失败!\n"); + } + } + else if(choice == '3'){ + printf("程序已退出!\n"); + break; + } + else{ + printf("选项不存在,请重新输入!\n"); + } + printf("\n"); + while(getchar() != '\n'); + } + + + // uint8_t val_rec2[32] = {0}; + + // setDataInEnclave(&context, &retval,head_addr,(uint8_t*)"abcdefghijklmnopqrstuvwxyz123456",(uint8_t*)"123456abcdefghijklmnopqrstuvwxyz"); + // setDataInEnclave(&context, &retval,head_addr,(uint8_t*)"oaugdfiugsoidfugwefiuwgfiougdsiu",(uint8_t*)"idzugfiubseifglwiuegfiuwgefowiug"); + // // std::cout << "First bit of hash value: " << static_cast(head.hint) << std::endl; + // getDataInEnclave(&context, &retval,head_addr,(uint8_t*)"abcdefghijklmnopqrstuvwxyz123456",searchList_addr,val_rec); + // getDataInEnclave(&context, &retval,head_addr,(uint8_t*)"oaugdfiugsoidfugwefiuwgfiougdsiu",searchList_addr,val_rec2); + // printf("search value1 is:\n"); + // for (int i = 0; i < 32; ++i) { + // printf("%c", val_rec[i]); + // } + // printf("\n"); + // printf("search value2 is:\n"); + // for (int i = 0; i < 32; ++i) { + // printf("%c", val_rec2[i]); + // } + // printf("\n"); + ///////////////////////// + + res = cc_enclave_destroy(&context); + if(res != CC_SUCCESS) { + printf("host destroy enclave error\n"); + } else { + printf("host destroy enclave success\n"); + } +// end: +// return res; +} -- Gitee