From d8eba96a6d444b9a4beb982827b98e2873fac94a Mon Sep 17 00:00:00 2001 From: Pi Delport Date: Thu, 28 Apr 2022 11:36:31 +0200 Subject: [PATCH 1/4] feat: add Vault CLI & data package library (#1) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(ntc-vault-cli): initial layout * style(ntc-vault-cli): add rustfmt.toml * feat(ntc-vault-cli): add clap-based CLI skeleton * feat(ntc-vault-cli): flesh out structure, implement identity subcommand * refactor(ntc-vault-cli): separate code into two crates: core, cli * refactor(ntc-vault-cli): move rand-using code from core to cli * test(ntc-vault-cli): generate_secure_seed smoke test * feat(ntc-vault-cli): data package and JSON Schema work-in-progress * refactor: move crates into rust-workspace * docs: add comment about using "cargo +nightly fmt" * docs: add ARCHITECTURE.md * refactor: rename package "ntc-vault-core" → "ntc-data-packages" * feat(ntc-data-packages): replace anyhow with thiserror * build(ntc-data-packages): drop jsonschema's default features We don't need jsonschema's CLI, or the file / HTTP resolving features. This greatly reduces our dependency tree. * build: declare rust-version * docs: add package descriptions * feat(ntc-data-packages): better validation error messages * ci(rust-workspace): add check and test workflows for GitHub Actions * docs: fix rustdoc link issues * build(rust-workspace): add rust-toolchain.toml, with channel = "stable" * docs(README): add link to ARCHITECTURE.md * deps(ntc-vault-cli): update confy revision for store_path fix Upstream PR: https://github.com/rust-cli/confy/pull/60 (fix: `store_path` should create missing directories, like `load_path`) * refactor(ntc-data-packages): move tests to API-based integration tests Motivation: https://matklad.github.io/2021/02/27/delete-cargo-integration-tests.html * refactor(ntc-vault-cli): move try_exists to compat module * refactor(ntc-vault-cli): VaultIdentityConfig: make pub * deps(ntc-vault-cli): add dev dependencies for CLI tests * test(ntc-vault-cli): add snapshot-based CLI tests * deps(ntc-data-packages): add serde * feat(ntc-data-packages): add Metadata::from_json_bytes * feat(ntc-vault-cli): add fs_io, with read_metadata * feat(ntc-vault-cli): implement more of the "data" subcommand * chore: add todos to keep track of changes that needs to be made to allign with design * chore(deps): update dependencies and bump jsonschema to 0.16 Co-authored-by: Herman --- .github/workflows/rust-workspace-check.yaml | 93 ++ .github/workflows/rust-workspace-test.yaml | 56 + ARCHITECTURE.md | 25 + README.md | 2 + rust-workspace/.gitignore | 1 + rust-workspace/Cargo.lock | 1184 +++++++++++++++++ rust-workspace/Cargo.toml | 2 + .../crates/ntc-data-packages/Cargo.toml | 20 + .../src/data_packages/common.rs | 49 + .../src/data_packages/json_schema.rs | 103 ++ .../src/data_packages/mod.rs | 5 + .../src/data_packages/sealing.rs | 34 + .../crates/ntc-data-packages/src/identity.rs | 17 + .../crates/ntc-data-packages/src/lib.rs | 4 + .../tests/data_packages/common.rs | 47 + .../tests/data_packages/json_schema.rs | 130 ++ .../tests/data_packages/main.rs | 4 + .../crates/ntc-vault-cli/Cargo.toml | 33 + .../crates/ntc-vault-cli/src/actions.rs | 64 + .../crates/ntc-vault-cli/src/bin/ntc-vault.rs | 5 + .../crates/ntc-vault-cli/src/commands.rs | 116 ++ .../crates/ntc-vault-cli/src/compat.rs | 17 + .../crates/ntc-vault-cli/src/crypto.rs | 22 + .../crates/ntc-vault-cli/src/fs_io.rs | 37 + .../ntc-vault-cli/src/identity_files.rs | 45 + .../crates/ntc-vault-cli/src/lib.rs | 8 + .../tests/subcommands/common/cli_fixture.rs | 207 +++ .../tests/subcommands/common/mod.rs | 3 + .../ntc-vault-cli/tests/subcommands/data.rs | 161 +++ .../tests/subcommands/identity.rs | 115 ++ .../ntc-vault-cli/tests/subcommands/main.rs | 6 + .../ntc-vault-cli/tests/subcommands/usage.rs | 57 + rust-workspace/rust-toolchain.toml | 4 + rust-workspace/rustfmt.toml | 6 + 34 files changed, 2682 insertions(+) create mode 100644 .github/workflows/rust-workspace-check.yaml create mode 100644 .github/workflows/rust-workspace-test.yaml create mode 100644 ARCHITECTURE.md create mode 100644 rust-workspace/.gitignore create mode 100644 rust-workspace/Cargo.lock create mode 100644 rust-workspace/Cargo.toml create mode 100644 rust-workspace/crates/ntc-data-packages/Cargo.toml create mode 100644 rust-workspace/crates/ntc-data-packages/src/data_packages/common.rs create mode 100644 rust-workspace/crates/ntc-data-packages/src/data_packages/json_schema.rs create mode 100644 rust-workspace/crates/ntc-data-packages/src/data_packages/mod.rs create mode 100644 rust-workspace/crates/ntc-data-packages/src/data_packages/sealing.rs create mode 100644 rust-workspace/crates/ntc-data-packages/src/identity.rs create mode 100644 rust-workspace/crates/ntc-data-packages/src/lib.rs create mode 100644 rust-workspace/crates/ntc-data-packages/tests/data_packages/common.rs create mode 100644 rust-workspace/crates/ntc-data-packages/tests/data_packages/json_schema.rs create mode 100644 rust-workspace/crates/ntc-data-packages/tests/data_packages/main.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/Cargo.toml create mode 100644 rust-workspace/crates/ntc-vault-cli/src/actions.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/src/bin/ntc-vault.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/src/commands.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/src/compat.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/src/crypto.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/src/fs_io.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/src/identity_files.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/src/lib.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/tests/subcommands/common/cli_fixture.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/tests/subcommands/common/mod.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/tests/subcommands/data.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/tests/subcommands/identity.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/tests/subcommands/main.rs create mode 100644 rust-workspace/crates/ntc-vault-cli/tests/subcommands/usage.rs create mode 100644 rust-workspace/rust-toolchain.toml create mode 100644 rust-workspace/rustfmt.toml diff --git a/.github/workflows/rust-workspace-check.yaml b/.github/workflows/rust-workspace-check.yaml new file mode 100644 index 0000000..fafc38b --- /dev/null +++ b/.github/workflows/rust-workspace-check.yaml @@ -0,0 +1,93 @@ +# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions + +name: rust-workspace (check) + +on: push + +# Action docs: +# https://github.com/actions/checkout#readme +# https://github.com/actions-rs/toolchain#readme +# https://github.com/Swatinem/rust-cache#readme +# https://github.com/actions-rs/cargo#readme + +# NOTE: This uses the fork to work around + +jobs: + + # "cargo fmt" produces no changes + rustfmt-check: + runs-on: ubuntu-latest + steps: + - + uses: actions/checkout@v3 + - + uses: actions-rs/toolchain@v1 + with: + # Use nightly toolchain, for unstable features in rustfmt.toml + toolchain: nightly + profile: minimal + components: rustfmt + default: true + - + name: cargo fmt + uses: MarcoPolo/cargo@a527bf4d534717ff4424a84446c5d710f8833139 + with: + working-directory: rust-workspace + command: fmt + args: -- --check + + # "cargo clippy" produces no errors or warnings (for all targets) + clippy: + runs-on: ubuntu-latest + steps: + - + uses: actions/checkout@v3 + - + uses: actions-rs/toolchain@v1 + with: + toolchain: stable + profile: minimal + components: clippy + default: true + - + uses: Swatinem/rust-cache@v1 + with: + working-directory: rust-workspace + sharedKey: clippy + key: ${{ github.ref }} + - + name: cargo clippy + uses: MarcoPolo/cargo@a527bf4d534717ff4424a84446c5d710f8833139 + with: + working-directory: rust-workspace + command: clippy + args: --all-targets -- --deny warnings + + # "cargo doc" builds cleanly (including private items) + doc-check: + runs-on: ubuntu-latest + steps: + - + uses: actions/checkout@v3 + - + uses: actions-rs/toolchain@v1 + with: + toolchain: stable + profile: minimal + components: rust-docs + default: true + - + uses: Swatinem/rust-cache@v1 + with: + working-directory: rust-workspace + sharedKey: doc-check + key: ${{ github.ref }} + - + name: cargo doc + uses: MarcoPolo/cargo@a527bf4d534717ff4424a84446c5d710f8833139 + with: + working-directory: rust-workspace + command: doc + args: --no-deps --document-private-items + env: + RUSTDOCFLAGS: --deny warnings diff --git a/.github/workflows/rust-workspace-test.yaml b/.github/workflows/rust-workspace-test.yaml new file mode 100644 index 0000000..f645dff --- /dev/null +++ b/.github/workflows/rust-workspace-test.yaml @@ -0,0 +1,56 @@ +# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions + +name: rust-workspace (test) + +on: push + +# Action docs: +# https://github.com/actions/checkout#readme +# https://github.com/actions-rs/toolchain#readme +# https://github.com/Swatinem/rust-cache#readme +# https://github.com/actions-rs/cargo#readme + +# NOTE: This uses the fork to work around + +jobs: + + # "cargo build" and "cargo test" pass on all supported Rust toolchain channels. + test: + runs-on: ubuntu-latest + strategy: + # No fail-fast: We want to see test results for all toolchain channels, even if one fails. + fail-fast: false + matrix: + rust: + - '1.57' # MSRV + - stable + - nightly + steps: + - + uses: actions/checkout@v3 + - + uses: actions-rs/toolchain@v1 + with: + toolchain: ${{ matrix.rust }} + profile: minimal + default: true + - + uses: Swatinem/rust-cache@v1 + with: + working-directory: rust-workspace + sharedKey: test + key: ${{ github.ref }} + - + name: cargo build + uses: MarcoPolo/cargo@a527bf4d534717ff4424a84446c5d710f8833139 + with: + working-directory: rust-workspace + command: build + args: ${{ matrix.cargo-flags }} --all-targets + - + name: cargo test + uses: MarcoPolo/cargo@a527bf4d534717ff4424a84446c5d710f8833139 + with: + working-directory: rust-workspace + command: test + args: ${{ matrix.cargo-flags }} diff --git a/ARCHITECTURE.md b/ARCHITECTURE.md new file mode 100644 index 0000000..83a2333 --- /dev/null +++ b/ARCHITECTURE.md @@ -0,0 +1,25 @@ +# Nautilus Trusted Compute Architecture + +This document describes the high-level architecture of Nautilus Trusted Compute. + +(Inspired by Aleksey Klado's [ARCHITECTURE.md]) + +[ARCHITECTURE.md]: https://matklad.github.io/2021/02/06/ARCHITECTURE.md.html + +## Cargo workspaces + +The repository is organised into Cargo workspaces, each containing a flat layout of crates under `crates/*`, as described in "[Large Rust Workspaces]". + +[Large Rust Workspaces]: https://matklad.github.io/2021/08/22/large-rust-workspaces.html + +### `rust-workspace/crates/*` + +This workspace contains all crates that compile with the Rust's `stable` toolchain. + +### `rust-sgx-workspace/crates/*` + +This workspace contains all "SGX-flavoured" crates: that is, all crates that depend on [incubator-teaclave-sgx-sdk] and a supported Rust `nightly` toolchain to compile. + +[incubator-teaclave-sgx-sdk]: https://github.com/apache/incubator-teaclave-sgx-sdk + +**Architecture Invariant:** `rust-sgx-workspace` crates may depend on `rust-workspace` crates, but not the other way around. diff --git a/README.md b/README.md index e241cc0..99e9399 100644 --- a/README.md +++ b/README.md @@ -1 +1,3 @@ # Nautilus Trusted Compute + +See [ARCHITECTURE.md](ARCHITECTURE.md) for an overview of the repository layout. diff --git a/rust-workspace/.gitignore b/rust-workspace/.gitignore new file mode 100644 index 0000000..2f7896d --- /dev/null +++ b/rust-workspace/.gitignore @@ -0,0 +1 @@ +target/ diff --git a/rust-workspace/Cargo.lock b/rust-workspace/Cargo.lock new file mode 100644 index 0000000..31bd13e --- /dev/null +++ b/rust-workspace/Cargo.lock @@ -0,0 +1,1184 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "ahash" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fcb51a0695d8f838b1ee009b3fbf66bda078cd64590202a864a8f3e8c4315c47" +dependencies = [ + "getrandom", + "once_cell", + "serde", + "version_check", +] + +[[package]] +name = "aho-corasick" +version = "0.7.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e37cfd5e7657ada45f742d6e99ca5788580b5c529dc78faf11ece6dc702656f" +dependencies = [ + "memchr", +] + +[[package]] +name = "anyhow" +version = "1.0.57" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08f9b8508dccb7687a1d6c4ce66b2b0ecef467c94667de27d8d7fe1f8d2a9cdc" + +[[package]] +name = "assert_cmd" +version = "2.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93ae1ddd39efd67689deb1979d80bad3bf7f2b09c6e6117c8d1f2443b5e2f83e" +dependencies = [ + "bstr", + "doc-comment", + "predicates", + "predicates-core", + "predicates-tree", + "wait-timeout", +] + +[[package]] +name = "atty" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" +dependencies = [ + "hermit-abi", + "libc", + "winapi", +] + +[[package]] +name = "autocfg" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" + +[[package]] +name = "base64" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" + +[[package]] +name = "bit-set" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e11e16035ea35e4e5997b393eacbf6f63983188f7a2ad25bfb13465f5ad59de" +dependencies = [ + "bit-vec", +] + +[[package]] +name = "bit-vec" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb" + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "bstr" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba3569f383e8f1598449f1a423e72e99569137b47740b1da11ef19af3d5c3223" +dependencies = [ + "lazy_static", + "memchr", + "regex-automata", +] + +[[package]] +name = "bytecount" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72feb31ffc86498dacdbd0fcebb56138e7177a8cc5cea4516031d15ae85a742e" + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "clap" +version = "3.1.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7c167e37342afc5f33fd87bbc870cedd020d2a6dffa05d45ccd9241fbdd146db" +dependencies = [ + "atty", + "bitflags", + "clap_derive", + "clap_lex", + "indexmap", + "lazy_static", + "strsim", + "termcolor", + "textwrap", +] + +[[package]] +name = "clap_derive" +version = "3.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a3aab4734e083b809aaf5794e14e756d1c798d2c69c7f7de7a09a2f5214993c1" +dependencies = [ + "heck", + "proc-macro-error", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "clap_lex" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "189ddd3b5d32a70b35e7686054371742a937b0d99128e76dde6340210e966669" +dependencies = [ + "os_str_bytes", +] + +[[package]] +name = "colored" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4ffc801dacf156c5854b9df4f425a626539c3a6ef7893cc0c5084a23f0b6c59" +dependencies = [ + "atty", + "lazy_static", + "winapi", +] + +[[package]] +name = "confy" +version = "0.4.0" +source = "git+https://github.com/rust-cli/confy?branch=master#642822413139ce38a96b916190e8c7fd5b88e814" +dependencies = [ + "directories-next", + "serde", + "thiserror", + "toml", +] + +[[package]] +name = "darling" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a01d95850c592940db9b8194bc39f4bc0e89dee5c4265e4b1807c34a9aba453c" +dependencies = [ + "darling_core", + "darling_macro", +] + +[[package]] +name = "darling_core" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "859d65a907b6852c9361e3185c862aae7fafd2887876799fa55f5f99dc40d610" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim", + "syn", +] + +[[package]] +name = "darling_macro" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c972679f83bdf9c42bd905396b6c3588a843a17f0f16dfcfa3e2c5d57441835" +dependencies = [ + "darling_core", + "quote", + "syn", +] + +[[package]] +name = "diff" +version = "0.1.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e25ea47919b1560c4e3b7fe0aaab9becf5b84a10325ddf7db0f0ba5e1026499" + +[[package]] +name = "difflib" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6184e33543162437515c2e2b48714794e37845ec9851711914eec9d308f6ebe8" + +[[package]] +name = "directories-next" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "339ee130d97a610ea5a5872d2bbb130fdf68884ff09d3028b81bec8a1ac23bbc" +dependencies = [ + "cfg-if", + "dirs-sys-next", +] + +[[package]] +name = "dirs-sys-next" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ebda144c4fe02d1f7ea1a7d9641b6fc6b580adcfa024ae48797ecdeb6825b4d" +dependencies = [ + "libc", + "redox_users", + "winapi", +] + +[[package]] +name = "doc-comment" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10" + +[[package]] +name = "either" +version = "1.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e78d4f1cc4ae33bbfc157ed5d5a5ef3bc29227303d595861deb238fcec4e9457" + +[[package]] +name = "fancy-regex" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d95b4efe5be9104a4a18a9916e86654319895138be727b229820c39257c30dda" +dependencies = [ + "bit-set", + "regex", +] + +[[package]] +name = "fastrand" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3fcf0cee53519c866c09b5de1f6c56ff9d647101f81c1964fa632e148896cdf" +dependencies = [ + "instant", +] + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "form_urlencoded" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5fc25a87fa4fd2094bffb06925852034d90a17f0d1e05197d4956d3555752191" +dependencies = [ + "matches", + "percent-encoding", +] + +[[package]] +name = "fraction" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6bb65943183b6b3cbf00f64c181e8178217e30194381b150e4f87ec59864c803" +dependencies = [ + "lazy_static", + "num", +] + +[[package]] +name = "getrandom" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9be70c98951c83b8d2f8f60d7065fa6d5146873094452a1008da8c2f1e4205ad" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + +[[package]] +name = "hashbrown" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ab5ef0d4909ef3724cc8cce6ccc8572c5c817592e9285f5464f8e86f8bd3726e" + +[[package]] +name = "heck" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2540771e65fc8cb83cd6e8a237f70c319bd5c29f78ed1084ba5d50eeac86f7f9" + +[[package]] +name = "hermit-abi" +version = "0.1.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" +dependencies = [ + "libc", +] + +[[package]] +name = "ident_case" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" + +[[package]] +name = "idna" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "418a0a6fab821475f634efe3ccc45c013f742efe03d853e8d3355d5cb850ecf8" +dependencies = [ + "matches", + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "index-fixed" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4161ceaf2f41b6cd3f6502f5da085d4ad4393a51e0c70ed2fce1d5698d798fae" + +[[package]] +name = "indexmap" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0f647032dfaa1f8b6dc29bd3edb7bbef4861b8b8007ebb118d6db284fd59f6ee" +dependencies = [ + "autocfg", + "hashbrown", +] + +[[package]] +name = "instant" +version = "0.1.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "iso8601" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a59a3f2be6271b2a844cd0dd13bf8ccc88a9540482d872c7ce58ab1c4db9fab" +dependencies = [ + "nom", +] + +[[package]] +name = "itertools" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9a9d19fa1e79b6215ff29b9d6880b706147f16e9b1dbb1e4e5947b5b02bc5e3" +dependencies = [ + "either", +] + +[[package]] +name = "itoa" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1aab8fc367588b89dcee83ab0fd66b72b50b72fa1904d7095045ace2b0c81c35" + +[[package]] +name = "jsonschema" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ebd40599e7f1230ce296f73b88c022b98ed66689f97eaa54bbeadc337a2ffa6" +dependencies = [ + "ahash", + "anyhow", + "base64", + "bytecount", + "fancy-regex", + "fraction", + "iso8601", + "itoa", + "lazy_static", + "memchr", + "num-cmp", + "parking_lot", + "percent-encoding", + "regex", + "serde", + "serde_json", + "time", + "url", + "uuid", +] + +[[package]] +name = "k9" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "611dc69892d72bfa0848a2e6bf55ef2e3fdc7283381c97713a75043326decc5d" +dependencies = [ + "anyhow", + "colored", + "diff", + "lazy_static", + "libc", + "proc-macro2", + "regex", + "syn", + "term_size", +] + +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + +[[package]] +name = "libc" +version = "0.2.124" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "21a41fed9d98f27ab1c6d161da622a4fa35e8a54a8adc24bbf3ddd0ef70b0e50" + +[[package]] +name = "lock_api" +version = "0.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "327fa5b6a6940e4699ec49a9beae1ea4845c6bab9314e4f84ac68742139d8c53" +dependencies = [ + "autocfg", + "scopeguard", +] + +[[package]] +name = "matches" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a3e378b66a060d48947b590737b30a1be76706c8dd7b8ba0f2fe3989c68a853f" + +[[package]] +name = "memchr" +version = "2.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "308cc39be01b73d0d18f82a0e7b2a3df85245f84af96fdddc5d202d27e47b86a" + +[[package]] +name = "minimal-lexical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" + +[[package]] +name = "nom" +version = "7.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8903e5a29a317527874d0402f867152a3d21c908bb0b933e416c65e301d4c36" +dependencies = [ + "memchr", + "minimal-lexical", +] + +[[package]] +name = "ntc-data-packages" +version = "0.1.0" +dependencies = [ + "anyhow", + "jsonschema", + "k9", + "rusty-sodalite", + "serde", + "serde_json", + "thiserror", +] + +[[package]] +name = "ntc-vault-cli" +version = "0.1.0" +dependencies = [ + "anyhow", + "assert_cmd", + "base64", + "clap", + "confy", + "k9", + "ntc-data-packages", + "rand", + "rusty-sodalite", + "serde", + "serde_with", + "tempfile", + "walkdir", +] + +[[package]] +name = "num" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8536030f9fea7127f841b45bb6243b27255787fb4eb83958aa1ef9d2fdc0c36" +dependencies = [ + "num-bigint", + "num-complex", + "num-integer", + "num-iter", + "num-rational", + "num-traits", +] + +[[package]] +name = "num-bigint" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-cmp" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "63335b2e2c34fae2fb0aa2cecfd9f0832a1e24b3b32ecec612c3426d46dc8aaa" + +[[package]] +name = "num-complex" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6b19411a9719e753aff12e5187b74d60d3dc449ec3f4dc21e3989c3f554bc95" +dependencies = [ + "autocfg", + "num-traits", +] + +[[package]] +name = "num-integer" +version = "0.1.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db" +dependencies = [ + "autocfg", + "num-traits", +] + +[[package]] +name = "num-iter" +version = "0.1.43" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d03e6c028c5dc5cac6e2dec0efda81fc887605bb3d884578bb6d6bf7514e252" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-rational" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c000134b5dbf44adc5cb772486d335293351644b801551abe8f75c84cfa4aef" +dependencies = [ + "autocfg", + "num-bigint", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290" +dependencies = [ + "autocfg", +] + +[[package]] +name = "num_threads" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aba1801fb138d8e85e11d0fc70baf4fe1cdfffda7c6cd34a854905df588e5ed0" +dependencies = [ + "libc", +] + +[[package]] +name = "once_cell" +version = "1.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87f3e037eac156d1775da914196f0f37741a274155e34a0b7e427c35d2a2ecb9" + +[[package]] +name = "os_str_bytes" +version = "6.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e22443d1643a904602595ba1cd8f7d896afe56d26712531c5ff73a15b2fbf64" + +[[package]] +name = "parking_lot" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87f5ec2493a61ac0506c0f4199f99070cbe83857b0337006a30f3e6719b8ef58" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "995f667a6c822200b0433ac218e05582f0e2efa1b922a3fd2fbaadc5f87bab37" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall", + "smallvec", + "windows-sys", +] + +[[package]] +name = "percent-encoding" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e" + +[[package]] +name = "ppv-lite86" +version = "0.2.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb9f9e6e233e5c4a35559a617bf40a4ec447db2e84c20b55a6f83167b7e57872" + +[[package]] +name = "predicates" +version = "2.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a5aab5be6e4732b473071984b3164dbbfb7a3674d30ea5ff44410b6bcd960c3c" +dependencies = [ + "difflib", + "itertools", + "predicates-core", +] + +[[package]] +name = "predicates-core" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da1c2388b1513e1b605fcec39a95e0a9e8ef088f71443ef37099fa9ae6673fcb" + +[[package]] +name = "predicates-tree" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d86de6de25020a36c6d3643a86d9a6a9f552107c0559c60ea03551b5e16c032" +dependencies = [ + "predicates-core", + "termtree", +] + +[[package]] +name = "proc-macro-error" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" +dependencies = [ + "proc-macro-error-attr", + "proc-macro2", + "quote", + "syn", + "version_check", +] + +[[package]] +name = "proc-macro-error-attr" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" +dependencies = [ + "proc-macro2", + "quote", + "version_check", +] + +[[package]] +name = "proc-macro2" +version = "1.0.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec757218438d5fda206afc041538b2f6d889286160d649a86a24d37e1235afd1" +dependencies = [ + "unicode-xid", +] + +[[package]] +name = "quote" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1feb54ed693b93a84e14094943b84b7c4eae204c512b7ccb95ab0c66d278ad1" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha", + "rand_core", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" +dependencies = [ + "getrandom", +] + +[[package]] +name = "redox_syscall" +version = "0.2.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62f25bc4c7e55e0b0b7a1d43fb893f4fa1361d0abe38b9ce4f323c2adfe6ef42" +dependencies = [ + "bitflags", +] + +[[package]] +name = "redox_users" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b033d837a7cf162d7993aded9304e30a83213c648b6e389db233191f891e5c2b" +dependencies = [ + "getrandom", + "redox_syscall", + "thiserror", +] + +[[package]] +name = "regex" +version = "1.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a11647b6b25ff05a515cb92c365cec08801e83423a235b51e231e1808747286" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" + +[[package]] +name = "regex-syntax" +version = "0.6.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f497285884f3fcff424ffc933e56d7cbca511def0c9831a7f9b5f6153e3cc89b" + +[[package]] +name = "remove_dir_all" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3acd125665422973a33ac9d3dd2df85edad0f4ae9b00dafb1a05e43a9f5ef8e7" +dependencies = [ + "winapi", +] + +[[package]] +name = "rustversion" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2cc38e8fa666e2de3c4aba7edeb5ffc5246c1c2ed0e3d17e560aeeba736b23f" + +[[package]] +name = "rusty-sodalite" +version = "0.1.0" +source = "git+https://github.com/PiDelport/rusty-sodalite?branch=initial-version#42480a9a1698e6e8604075ad7f063117fcc14524" +dependencies = [ + "sodalite", +] + +[[package]] +name = "ryu" +version = "1.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73b4b750c782965c211b42f022f59af1fbceabdd026623714f104152f1ec149f" + +[[package]] +name = "same-file" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "scopeguard" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" + +[[package]] +name = "serde" +version = "1.0.136" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce31e24b01e1e524df96f1c2fdd054405f8d7376249a5110886fb4b658484789" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.136" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08597e7152fcd306f41838ed3e37be9eaeed2b61c42e2117266a554fab4662f9" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "serde_json" +version = "1.0.79" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e8d9fa5c3b304765ce1fd9c4c8a3de2c8db365a5b91be52f186efc675681d95" +dependencies = [ + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "serde_with" +version = "1.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b827f2113224f3f19a665136f006709194bdfdcb1fdc1e4b2b5cbac8e0cced54" +dependencies = [ + "base64", + "rustversion", + "serde", + "serde_with_macros", +] + +[[package]] +name = "serde_with_macros" +version = "1.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e182d6ec6f05393cc0e5ed1bf81ad6db3a8feedf8ee515ecdd369809bcce8082" +dependencies = [ + "darling", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "smallvec" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2dd574626839106c320a323308629dcb1acfc96e32a8cba364ddc61ac23ee83" + +[[package]] +name = "sodalite" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41784a359d15c58bba298cccb7f30a847a1a42d0620c9bdaa0aa42fdb3c280e0" +dependencies = [ + "index-fixed", +] + +[[package]] +name = "strsim" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" + +[[package]] +name = "syn" +version = "1.0.91" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b683b2b825c8eef438b77c36a06dc262294da3d5a5813fac20da149241dcd44d" +dependencies = [ + "proc-macro2", + "quote", + "unicode-xid", +] + +[[package]] +name = "tempfile" +version = "3.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4" +dependencies = [ + "cfg-if", + "fastrand", + "libc", + "redox_syscall", + "remove_dir_all", + "winapi", +] + +[[package]] +name = "term_size" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e4129646ca0ed8f45d09b929036bafad5377103edd06e50bf574b353d2b08d9" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "termcolor" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bab24d30b911b2376f3a13cc2cd443142f0c81dda04c118693e35b3835757755" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "termtree" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "507e9898683b6c43a9aa55b64259b721b52ba226e0f3779137e50ad114a4c90b" + +[[package]] +name = "textwrap" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1141d4d61095b28419e22cb0bbf02755f5e54e0526f97f1e3d1d160e60885fb" + +[[package]] +name = "thiserror" +version = "1.0.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "854babe52e4df1653706b98fcfc05843010039b406875930a70e4d9644e5c417" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa32fd3f627f367fe16f893e2597ae3c05020f8bba2666a4e6ea73d377e5714b" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "time" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2702e08a7a860f005826c6815dcac101b19b5eb330c27fe4a5928fec1d20ddd" +dependencies = [ + "libc", + "num_threads", + "time-macros", +] + +[[package]] +name = "time-macros" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42657b1a6f4d817cda8e7a0ace261fe0cc946cf3a80314390b22cc61ae080792" + +[[package]] +name = "tinyvec" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87cc5ceb3875bb20c2890005a4e226a4651264a5c75edb2421b52861a0a0cb50" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" + +[[package]] +name = "toml" +version = "0.5.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d82e1a7758622a465f8cee077614c73484dac5b836c02ff6a40d5d1010324d7" +dependencies = [ + "serde", +] + +[[package]] +name = "unicode-bidi" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "099b7128301d285f79ddd55b9a83d5e6b9e97c92e0ea0daebee7263e932de992" + +[[package]] +name = "unicode-normalization" +version = "0.1.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d54590932941a9e9266f0832deed84ebe1bf2e4c9e4a3554d393d18f5e854bf9" +dependencies = [ + "tinyvec", +] + +[[package]] +name = "unicode-xid" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3" + +[[package]] +name = "url" +version = "2.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a507c383b2d33b5fc35d1861e77e6b383d158b2da5e14fe51b83dfedf6fd578c" +dependencies = [ + "form_urlencoded", + "idna", + "matches", + "percent-encoding", +] + +[[package]] +name = "uuid" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7" + +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + +[[package]] +name = "wait-timeout" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9f200f5b12eb75f8c1ed65abd4b2db8a6e1b138a20de009dacee265a2498f3f6" +dependencies = [ + "libc", +] + +[[package]] +name = "walkdir" +version = "2.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "808cf2735cd4b6866113f648b791c6adc5714537bc222d9347bb203386ffda56" +dependencies = [ + "same-file", + "winapi", + "winapi-util", +] + +[[package]] +name = "wasi" +version = "0.10.2+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd6fbd9a79829dd1ad0cc20627bf1ed606756a7f77edff7b66b7064f9cb327c6" + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-util" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" +dependencies = [ + "winapi", +] + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-sys" +version = "0.34.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5acdd78cb4ba54c0045ac14f62d8f94a03d10047904ae2a40afa1e99d8f70825" +dependencies = [ + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows_aarch64_msvc" +version = "0.34.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17cffbe740121affb56fad0fc0e421804adf0ae00891205213b5cecd30db881d" + +[[package]] +name = "windows_i686_gnu" +version = "0.34.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2564fde759adb79129d9b4f54be42b32c89970c18ebf93124ca8870a498688ed" + +[[package]] +name = "windows_i686_msvc" +version = "0.34.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9cd9d32ba70453522332c14d38814bceeb747d80b3958676007acadd7e166956" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.34.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cfce6deae227ee8d356d19effc141a509cc503dfd1f850622ec4b0f84428e1f4" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.34.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d19538ccc21819d01deaf88d6a17eae6596a12e9aafdbb97916fb49896d89de9" diff --git a/rust-workspace/Cargo.toml b/rust-workspace/Cargo.toml new file mode 100644 index 0000000..4216c62 --- /dev/null +++ b/rust-workspace/Cargo.toml @@ -0,0 +1,2 @@ +[workspace] +members = ['crates/*'] diff --git a/rust-workspace/crates/ntc-data-packages/Cargo.toml b/rust-workspace/crates/ntc-data-packages/Cargo.toml new file mode 100644 index 0000000..219b922 --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/Cargo.toml @@ -0,0 +1,20 @@ +[package] +name = "ntc-data-packages" +version = "0.1.0" +edition = "2021" +rust-version = "1.56" +description = "Support for working with Nautilus Trusted Compute data packages" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +jsonschema = { version = "0.16", default-features = false } +serde = "1.0" +serde_json = "1.0" +thiserror = "1.0" + +rusty-sodalite = { git = "https://github.com/PiDelport/rusty-sodalite", branch = "initial-version" } + +[dev-dependencies] +anyhow = "1.0" +k9 = "0.11" diff --git a/rust-workspace/crates/ntc-data-packages/src/data_packages/common.rs b/rust-workspace/crates/ntc-data-packages/src/data_packages/common.rs new file mode 100644 index 0000000..ef39554 --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/src/data_packages/common.rs @@ -0,0 +1,49 @@ +//! The common, serialised representation of data packages. + +use serde::{Deserialize, Serialize}; + +/// A data package associates a [`Dataset`] with some descriptive [`Metadata`]. +pub struct DataPackage { + pub metadata: Metadata, + pub dataset: Dataset, +} + +/// Metadata that describes some [`Dataset`]. +#[derive(Debug)] // core +#[derive(Serialize, Deserialize)] // serde +pub struct Metadata { + pub name: String, + pub version: String, + pub creator: String, + pub timestamp: String, + pub description: String, + // TODO: Add oracle node URIs and public keys +} + +impl Metadata { + pub fn from_json_bytes(value: &[u8]) -> Result { + serde_json::from_slice(value) + } +} + +/// A serialised dataset contains some serialised data, and some serialised schema describing it. +#[derive(Debug)] +pub struct Dataset { + pub schema_type: SchemaType, + pub schema: Box<[u8]>, + + pub data_type: DataType, + pub data: Box<[u8]>, +} + +#[derive(Copy, Clone, Debug)] +#[non_exhaustive] +pub enum SchemaType { + JsonSchema, +} + +#[derive(Copy, Clone, Debug)] +#[non_exhaustive] +pub enum DataType { + Json, +} diff --git a/rust-workspace/crates/ntc-data-packages/src/data_packages/json_schema.rs b/rust-workspace/crates/ntc-data-packages/src/data_packages/json_schema.rs new file mode 100644 index 0000000..99f852a --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/src/data_packages/json_schema.rs @@ -0,0 +1,103 @@ +//! Support for JSON + JSON Schema datasets. +//! +//! # Choice of JSON Schema implementation +//! +//! (As of 2022, by Pi Delport) +//! +//! 1. : Well-maintained, fast, comprehensive. +//! 2. : Inactive (~1 year), less comprehensive. +//! 3. : Inactive (~2 years), less comprehensive. + +use jsonschema::JSONSchema; +use thiserror::Error; + +use crate::data_packages::common::{DataType, Dataset, SchemaType}; + +#[derive(Debug)] +pub struct JsonDataset { + pub schema: serde_json::Value, + pub data: serde_json::Value, +} + +impl TryFrom for JsonDataset { + type Error = JsonDatasetParseError; + + fn try_from( + Dataset { + schema_type, + schema, + data_type, + data, + }: Dataset, + ) -> Result { + match (schema_type, data_type) { + (SchemaType::JsonSchema, DataType::Json) => { + let schema = serde_json::from_slice(&schema) + .map_err(JsonDatasetParseError::ParseSchemaFailed)?; + let data = serde_json::from_slice(&data) + .map_err(JsonDatasetParseError::ParseDataFailed)?; + Ok(Self { schema, data }) + } + } + } +} + +impl JsonDataset { + pub fn validate(&self) -> Result<(), JsonDatasetValidationError> { + let compiled = JSONSchema::compile(&self.schema) + .map_err(|err| JsonDatasetValidationError::CompileSchemaFailed(err.into()))?; + compiled + .validate(&self.data) + .map_err(|errs| JsonDatasetValidationError::InvalidData(errs.into())) + } +} + +#[derive(Debug, Error)] +pub enum JsonDatasetParseError { + #[error("failed to parse schema as JSON")] + ParseSchemaFailed(#[source] serde_json::Error), + + #[error("failed to parse data as JSON")] + ParseDataFailed(#[source] serde_json::Error), +} + +#[derive(Debug, Error)] +pub enum JsonDatasetValidationError { + #[error("failed to compile JSON Schema")] + CompileSchemaFailed(#[source] ValidationErrorMessage), + + #[error("data validation failed")] + InvalidData(#[source] ValidationErrorMessages), +} + +/// This contains the message from [`jsonschema::ValidationError`] as a string, +/// to avoid propagating the error's lifetime. +#[derive(Debug, Error)] +#[error("validation error: {0}")] +pub struct ValidationErrorMessage(String); + +impl From> for ValidationErrorMessage { + fn from(err: jsonschema::ValidationError) -> Self { + Self(validation_error_message(err)) + } +} + +/// This contains messages from [`jsonschema::ErrorIterator`] as strings, +/// to avoid propagating the iterator's lifetime. +#[derive(Debug, Error)] +#[error("validation errors: {}", .0.join(", "))] +pub struct ValidationErrorMessages(Box<[String]>); + +impl From> for ValidationErrorMessages { + fn from(errs: jsonschema::ErrorIterator) -> Self { + Self(errs.map(validation_error_message).collect()) + } +} + +/// Internal helper: Format a validation error as a stand-alone error message. +fn validation_error_message(err: jsonschema::ValidationError) -> String { + format!( + "{} (path={} schema={})", + err, err.instance_path, err.schema_path + ) +} diff --git a/rust-workspace/crates/ntc-data-packages/src/data_packages/mod.rs b/rust-workspace/crates/ntc-data-packages/src/data_packages/mod.rs new file mode 100644 index 0000000..4877cf3 --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/src/data_packages/mod.rs @@ -0,0 +1,5 @@ +//! Data package support. + +pub mod common; +pub mod json_schema; +pub mod sealing; diff --git a/rust-workspace/crates/ntc-data-packages/src/data_packages/sealing.rs b/rust-workspace/crates/ntc-data-packages/src/data_packages/sealing.rs new file mode 100644 index 0000000..81c8c86 --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/src/data_packages/sealing.rs @@ -0,0 +1,34 @@ +//! Data package sealing. + +use std::fs::Metadata; + +use crate::data_packages::common::{DataType, SchemaType}; + +// TODO(Herman): Update doc or types here to be consistent. +// Data packages is currently assumed to be sealed in the doc. +// TODO: Wrap unsealed representation of datasets with zeroize? + +/// Information about how a data package was sealed. +pub struct Seal { + // TODO +} + +/// A [`DataPackage`] with a sealed dataset. +/// +/// [`DataPackage`]: crate::data_packages::common::DataPackage +pub struct SealedDataPackage { + pub seal: Seal, + pub metadata: Metadata, + pub sealed_dataset: SealedDataset, +} + +/// A [`Dataset`] with sealed data. +/// +/// [`Dataset`]: crate::data_packages::common::Dataset +pub struct SealedDataset { + pub schema_type: SchemaType, + pub schema: Box<[u8]>, + + pub data_type: DataType, + pub sealed_data: Box<[u8]>, +} diff --git a/rust-workspace/crates/ntc-data-packages/src/identity.rs b/rust-workspace/crates/ntc-data-packages/src/identity.rs new file mode 100644 index 0000000..811f060 --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/src/identity.rs @@ -0,0 +1,17 @@ +//! Identity and key management. + +use rusty_sodalite::safe_sign::{safe_sign_keypair_seed, SafeSignPublicKey}; +use rusty_sodalite::types::SafeSecureSeed; + +pub struct VaultIdentity { + pub name: String, + + pub seed: SafeSecureSeed, +} + +impl VaultIdentity { + pub fn get_sign_public_key(&self) -> SafeSignPublicKey { + let (pk, _sk) = safe_sign_keypair_seed(&self.seed); + pk + } +} diff --git a/rust-workspace/crates/ntc-data-packages/src/lib.rs b/rust-workspace/crates/ntc-data-packages/src/lib.rs new file mode 100644 index 0000000..b94a04c --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/src/lib.rs @@ -0,0 +1,4 @@ +//! Support for working with Nautilus Trusted Compute data packages. + +pub mod data_packages; +pub mod identity; diff --git a/rust-workspace/crates/ntc-data-packages/tests/data_packages/common.rs b/rust-workspace/crates/ntc-data-packages/tests/data_packages/common.rs new file mode 100644 index 0000000..4b9fe5b --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/tests/data_packages/common.rs @@ -0,0 +1,47 @@ +//! Tests for [`ntc_data_packages::data_packages::common`]. + +/// Tests for [`Metadata`]. +mod metadata { + use ntc_data_packages::data_packages::common::Metadata; + use serde_json::json; + + #[test] + fn from_json_bytes_empty() { + let err = Metadata::from_json_bytes(b"").unwrap_err(); + k9::snapshot!( + err, + r#"Error("EOF while parsing a value", line: 1, column: 0)"# + ); + } + + #[test] + fn from_json_bytes_invalid() { + let err = Metadata::from_json_bytes(b"{}").unwrap_err(); + k9::snapshot!(err, r#"Error("missing field `name`", line: 1, column: 2)"#); + } + + #[test] + fn from_json_bytes_valid() { + let value = serde_json::to_vec(&json!({ + "name": "Test Data", + "version": "0.1", + "creator": "Test Creator", + "timestamp": "2022-01-01", + "description": "A test data package", + })) + .unwrap(); + let metadata = Metadata::from_json_bytes(&value).unwrap(); + k9::snapshot!( + metadata, + r#" +Metadata { + name: "Test Data", + version: "0.1", + creator: "Test Creator", + timestamp: "2022-01-01", + description: "A test data package", +} +"# + ); + } +} diff --git a/rust-workspace/crates/ntc-data-packages/tests/data_packages/json_schema.rs b/rust-workspace/crates/ntc-data-packages/tests/data_packages/json_schema.rs new file mode 100644 index 0000000..1535525 --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/tests/data_packages/json_schema.rs @@ -0,0 +1,130 @@ +//! Tests for [`ntc_data_packages::data_packages::json_schema`]. + +use ntc_data_packages::data_packages::common::{DataType, Dataset, SchemaType}; +use ntc_data_packages::data_packages::json_schema::JsonDataset; +use serde_json::{json, Value}; + +#[test] +fn json_try_from_no_data() { + let dataset = Dataset { + schema_type: SchemaType::JsonSchema, + schema: "".as_bytes().into(), + data_type: DataType::Json, + data: "".as_bytes().into(), + }; + let err = JsonDataset::try_from(dataset).unwrap_err(); + k9::snapshot!( + format_err(err), + " +failed to parse schema as JSON + +Caused by: + EOF while parsing a value at line 1 column 0 +" + ); +} + +#[test] +fn json_try_from_empty_object() { + let dataset = Dataset { + schema_type: SchemaType::JsonSchema, + schema: "{}".as_bytes().into(), + data_type: DataType::Json, + data: "{}".as_bytes().into(), + }; + let json_dataset = JsonDataset::try_from(dataset).unwrap(); + assert_eq!(json_dataset.schema, json!({})); + assert_eq!(json_dataset.data, json!({})); +} + +#[test] +fn validate_empty() { + let json_dataset = JsonDataset { + schema: json!({}), + data: json!({}), + }; + json_dataset.validate().unwrap(); +} + +#[test] +fn validate_false_schema() { + let json_dataset = JsonDataset { + schema: json!(false), + data: json!({}), + }; + let err = json_dataset.validate().unwrap_err(); + k9::snapshot!( + format_err(err), + " +data validation failed + +Caused by: + validation errors: False schema does not allow {} (path= schema=) +" + ); +} + +#[test] +fn validate_example_person_schema() { + let json_dataset = JsonDataset { + schema: example_person_schema(), + data: json!({ + "firstName": "John", + "lastName": "Doe", + "age": 21 + }), + }; + json_dataset.validate().expect("validate should succeed"); +} + +#[test] +fn validate_example_person_schema_invalid() { + let json_dataset = JsonDataset { + schema: example_person_schema(), + data: json!({ + "firstName": false, + "lastName": null, + "age": -1, + }), + }; + let err = json_dataset.validate().unwrap_err(); + k9::snapshot!( + format_err(err), + r#" +data validation failed + +Caused by: + validation errors: -1 is less than the minimum of 0 (path=/age schema=/properties/age/minimum), false is not of type "string" (path=/firstName schema=/properties/firstName/type), null is not of type "string" (path=/lastName schema=/properties/lastName/type) +"# + ); +} + +/// The `person.schema.json` example schema from . +fn example_person_schema() -> Value { + json!({ + "$id": "https://example.com/person.schema.json", + "$schema": "https://json-schema.org/draft/2020-12/schema", + "title": "Person", + "type": "object", + "properties": { + "firstName": { + "type": "string", + "description": "The person's first name." + }, + "lastName": { + "type": "string", + "description": "The person's last name." + }, + "age": { + "description": "Age in years which must be equal to or greater than zero.", + "type": "integer", + "minimum": 0 + } + } + }) +} + +/// Helper: Format an error chain as a readable string. +fn format_err(err: impl Into) -> String { + format!("{:?}", err.into()) +} diff --git a/rust-workspace/crates/ntc-data-packages/tests/data_packages/main.rs b/rust-workspace/crates/ntc-data-packages/tests/data_packages/main.rs new file mode 100644 index 0000000..eca7961 --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/tests/data_packages/main.rs @@ -0,0 +1,4 @@ +//! Tests for the [`ntc_data_packages::data_packages`] API. + +mod common; +mod json_schema; diff --git a/rust-workspace/crates/ntc-vault-cli/Cargo.toml b/rust-workspace/crates/ntc-vault-cli/Cargo.toml new file mode 100644 index 0000000..a70dce0 --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/Cargo.toml @@ -0,0 +1,33 @@ +[package] +name = "ntc-vault-cli" +version = "0.1.0" +edition = "2021" +rust-version = "1.57" +description = "Nautilus Trusted Compute Vault CLI" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +anyhow = "1.0" +base64 = "0.13" +clap = { version = "3.1", features = ["derive"] } +serde = { version = "1.0", features = ["derive"] } +serde_with = { version = "1.12", features = ["base64"] } + +# XXX: Waiting for release 0.5.0: +# (Please release more often #41) +# (fix: store_path should create missing directories, like load_path #60) +confy = { git = "https://github.com/rust-cli/confy", branch = "master" } + +# Crypto libraries +rand = "0.8" +rusty-sodalite = { git = "https://github.com/PiDelport/rusty-sodalite", branch = "initial-version" } + +# Local libraries +ntc-data-packages = { path = "../ntc-data-packages" } + +[dev-dependencies] +assert_cmd = "2" +k9 = "0.11" +tempfile = "3" +walkdir = "2" diff --git a/rust-workspace/crates/ntc-vault-cli/src/actions.rs b/rust-workspace/crates/ntc-vault-cli/src/actions.rs new file mode 100644 index 0000000..b576d7a --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/src/actions.rs @@ -0,0 +1,64 @@ +//! CLI action implementations. +//! +//! These provide the functionality invoked by [`crate::commands`]. + +use std::fs; +use std::path::Path; + +use anyhow::{anyhow, Context}; +use ntc_data_packages::identity::VaultIdentity; + +use crate::crypto::generate_secure_seed; +use crate::identity_files::VaultIdentityConfig; +use crate::{compat, fs_io}; + +pub fn identity_create(name: String) -> anyhow::Result<()> { + let path = &VaultIdentityConfig::get_default_path()?; + if compat::try_exists(path)? { + Err(anyhow!("File exists: {}", path.to_string_lossy()) + .context("Identity already configured")) + } else { + let seed = generate_secure_seed()?; + let config = VaultIdentityConfig { name, seed }; + config.store(path)?; + println!("Identity created at {}", path.to_string_lossy()); + Ok(()) + } +} + +pub fn identity_show() -> anyhow::Result<()> { + let path = &VaultIdentityConfig::get_default_path()?; + if compat::try_exists(path)? { + let config = VaultIdentityConfig::load(path)?; + let identity: VaultIdentity = config.into(); + let pk = identity.get_sign_public_key(); + let pk_base64 = base64::encode(*pk.as_ref()); + println!("Path: {}", path.to_string_lossy()); + println!("Name: {}", identity.name); + println!("Public key: {}", pk_base64); + Ok(()) + } else { + Err(anyhow!("File not found: {}", path.to_string_lossy()) + .context("Identity not configured")) + } +} + +pub(crate) fn data_create( + metadata: &Path, + schema: &Path, + data: &Path, + output: &Path, +) -> anyhow::Result<()> { + fs_io::read_metadata(metadata).context(anyhow!("failed to read metadata from {metadata:?}"))?; + fs::read(schema)?; + fs::read(data)?; + fs::write(output, "")?; + todo!(); + // Ok(()) +} + +pub fn data_inspect(path: &Path) -> anyhow::Result<()> { + fs::read(path) + .with_context(|| format!("failed to inspect file: {}", path.to_string_lossy()))?; + Ok(()) +} diff --git a/rust-workspace/crates/ntc-vault-cli/src/bin/ntc-vault.rs b/rust-workspace/crates/ntc-vault-cli/src/bin/ntc-vault.rs new file mode 100644 index 0000000..ab141ae --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/src/bin/ntc-vault.rs @@ -0,0 +1,5 @@ +//! `ntc-vault` binary entrypoint. + +fn main() -> anyhow::Result<()> { + ntc_vault_cli::commands::main() +} diff --git a/rust-workspace/crates/ntc-vault-cli/src/commands.rs b/rust-workspace/crates/ntc-vault-cli/src/commands.rs new file mode 100644 index 0000000..e822146 --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/src/commands.rs @@ -0,0 +1,116 @@ +//! [`clap`] command and argument definitions. +//! +//! See [`crate::actions`] for the implementations of these commands. +//! +//! Quick reference: +//! +//! * +//! * + +use std::path::PathBuf; + +use clap::{Parser, Subcommand}; + +use crate::actions; + +/// Top-level entrypoint. +pub fn main() -> anyhow::Result<()> { + VaultInvocation::parse().invoke() +} + +/// Nautilus Trusted Compute Vault +#[derive(Debug, Parser)] +#[clap(version, about)] +#[clap(disable_help_subcommand = true)] +#[clap(infer_subcommands = true)] +struct VaultInvocation { + // TODO: Allow overriding identity file with global arg or env var. + #[clap(subcommand)] + command: VaultCommand, +} + +impl VaultInvocation { + pub fn invoke(self) -> anyhow::Result<()> { + self.command.invoke() + } +} + +#[derive(Debug, Subcommand)] +enum VaultCommand { + #[clap(subcommand)] + Identity(IdentityCommand), + + #[clap(subcommand)] + Data(DataCommand), +} + +impl VaultCommand { + fn invoke(self) -> anyhow::Result<()> { + match self { + VaultCommand::Identity(command) => command.invoke(), + VaultCommand::Data(command) => command.invoke(), + } + } +} + +/// Manage identities +#[derive(Debug, Subcommand)] +enum IdentityCommand { + /// Create a new identity + Create { + /// Public name to attach to this identity. + #[clap(long, short)] + name: String, + }, + + /// Show the current identity + Show, +} + +impl IdentityCommand { + fn invoke(self) -> anyhow::Result<()> { + match self { + IdentityCommand::Create { name } => actions::identity_create(name), + IdentityCommand::Show => actions::identity_show(), + } + } +} + +/// Manage data packages +#[derive(Debug, Subcommand)] +enum DataCommand { + /// Create a new data package + Create { + #[clap(long, short)] + metadata: PathBuf, + + #[clap(long, short)] + schema: PathBuf, + + #[clap(long, short)] + data: PathBuf, + + #[clap(long, short)] + output: PathBuf, + }, + + /// Inspect a data package + Inspect { + #[clap(long, short)] + file: PathBuf, + }, +} + +impl DataCommand { + fn invoke(&self) -> anyhow::Result<()> { + match self { + DataCommand::Create { + metadata, + schema, + data, + output, + } => actions::data_create(metadata, schema, data, output), + DataCommand::Inspect { file } => actions::data_inspect(file), + } + } +} diff --git a/rust-workspace/crates/ntc-vault-cli/src/compat.rs b/rust-workspace/crates/ntc-vault-cli/src/compat.rs new file mode 100644 index 0000000..3b1038a --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/src/compat.rs @@ -0,0 +1,17 @@ +//! Compatibility code. + +use std::io; +use std::path::Path; + +/// See: [`Path::try_exists`] +/// +/// TODO: Drop this once `path_try_exists` is stable. +/// +/// Tracking Issue: +pub fn try_exists(path: &Path) -> io::Result { + match path.metadata() { + Ok(_) => Ok(true), + Err(error) if error.kind() == io::ErrorKind::NotFound => Ok(false), + Err(error) => Err(error), + } +} diff --git a/rust-workspace/crates/ntc-vault-cli/src/crypto.rs b/rust-workspace/crates/ntc-vault-cli/src/crypto.rs new file mode 100644 index 0000000..3968365 --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/src/crypto.rs @@ -0,0 +1,22 @@ +//! Cryptographic helper code. + +use rand::{thread_rng, RngCore}; +use rusty_sodalite::types::SecureSeed; + +/// Generate a new secure seed using [`thread_rng`]. +pub(crate) fn generate_secure_seed() -> Result { + let mut seed = SecureSeed::default(); + thread_rng().try_fill_bytes(&mut seed)?; + Ok(seed) +} + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn generate_secure_seed_works() { + let seed = generate_secure_seed().unwrap(); + assert_ne!(seed, SecureSeed::default()); + } +} diff --git a/rust-workspace/crates/ntc-vault-cli/src/fs_io.rs b/rust-workspace/crates/ntc-vault-cli/src/fs_io.rs new file mode 100644 index 0000000..b6f80de --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/src/fs_io.rs @@ -0,0 +1,37 @@ +//! File I/O support. + +use std::fs; +use std::path::Path; + +use anyhow::anyhow; +use ntc_data_packages::data_packages::common::Metadata; + +enum FileType { + Json, +} + +impl FileType { + fn for_extension(path: &Path) -> anyhow::Result { + let extension = path + .extension() + .ok_or_else(|| anyhow!("file has no extension: {}", path.to_string_lossy()))?; + if extension.eq_ignore_ascii_case("json") { + Ok(Self::Json) + } else { + Err(anyhow!( + "unsupported file extension {extension:?} ({})", + path.to_string_lossy() + )) + } + } +} + +/// Read [`Metadata`] from the given file. +pub fn read_metadata(path: &Path) -> anyhow::Result { + let file_type = FileType::for_extension(path)?; + let bytes = fs::read(path)?; + let metadata = match file_type { + FileType::Json => Metadata::from_json_bytes(&bytes)?, + }; + Ok(metadata) +} diff --git a/rust-workspace/crates/ntc-vault-cli/src/identity_files.rs b/rust-workspace/crates/ntc-vault-cli/src/identity_files.rs new file mode 100644 index 0000000..a1023c4 --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/src/identity_files.rs @@ -0,0 +1,45 @@ +//! Support for working with identity files. + +use std::path::{Path, PathBuf}; + +use anyhow::Context; +use confy::ConfyError; +use ntc_data_packages::identity::VaultIdentity; +use rusty_sodalite::types::SecureSeed; +use serde::{Deserialize, Serialize}; +use serde_with::base64::Base64; +use serde_with::serde_as; + +#[derive(Default, Debug)] // core +#[serde_as] +#[derive(Serialize, Deserialize)] // serde +pub struct VaultIdentityConfig { + pub(crate) name: String, + + #[serde_as(as = "Base64")] + pub(crate) seed: SecureSeed, +} + +impl VaultIdentityConfig { + pub fn load(path: impl AsRef) -> anyhow::Result { + let path = path.as_ref(); + confy::load_path(path).with_context(|| format!("Failed to load {}", path.to_string_lossy())) + } + + pub(crate) fn store(&self, path: impl AsRef) -> anyhow::Result<()> { + let path = path.as_ref(); + confy::store_path(path, self) + .with_context(|| format!("Failed to store {}", path.to_string_lossy())) + } + + pub(crate) fn get_default_path() -> Result { + confy::get_configuration_file_path("ntc-vault", "identity") + } +} + +impl From for VaultIdentity { + fn from(VaultIdentityConfig { name, seed }: VaultIdentityConfig) -> Self { + let seed = seed.into(); + VaultIdentity { name, seed } + } +} diff --git a/rust-workspace/crates/ntc-vault-cli/src/lib.rs b/rust-workspace/crates/ntc-vault-cli/src/lib.rs new file mode 100644 index 0000000..78ac370 --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/src/lib.rs @@ -0,0 +1,8 @@ +//! Nautilus Trusted Compute Vault CLI. + +pub mod actions; +pub mod commands; +mod compat; +mod crypto; +mod fs_io; +pub mod identity_files; diff --git a/rust-workspace/crates/ntc-vault-cli/tests/subcommands/common/cli_fixture.rs b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/common/cli_fixture.rs new file mode 100644 index 0000000..fa9d3f1 --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/common/cli_fixture.rs @@ -0,0 +1,207 @@ +//! Fixture-based CLI tests. + +use std::ffi::OsStr; +use std::path::{Path, PathBuf}; +use std::process::Output; +use std::{fs, io}; + +use anyhow::{anyhow, Context}; +use assert_cmd::Command; +use ntc_data_packages::identity::VaultIdentity; +use ntc_vault_cli::identity_files::VaultIdentityConfig; +use tempfile::TempDir; +use walkdir::{DirEntry, WalkDir}; + +/// CLI executable name. +const CLI_NAME: &str = "ntc-vault"; + +/// Config file path, relative to the home directory. +const CONFIG_REL_PATH: &str = ".config/ntc-vault/identity.toml"; + +/// A fixture for invoking CLI commands in. +#[derive(Debug)] +pub struct CliFixture { + base_dir: TempDir, +} + +impl CliFixture { + pub fn with(f: fn(&Self) -> R) -> R { + let fixture = Self::new().unwrap(); + let result = f(&fixture); + fixture.close().unwrap(); + result + } + + pub fn new() -> anyhow::Result { + let base = TempDir::new()?; + let fixture = Self { base_dir: base }; + fs::create_dir(fixture.home_dir())?; + fs::create_dir(fixture.current_dir())?; + Ok(fixture) + } + + fn home_dir(&self) -> PathBuf { + self.base_dir.path().join("home") + } + + fn current_dir(&self) -> PathBuf { + self.base_dir.path().join("cwd") + } + + pub fn command(&self) -> anyhow::Result { + FixtureCommand::new(self) + } + + pub fn invoke_without_args(&self) -> anyhow::Result { + let mut command = self.command()?; + let result: InvocationResult = command.invoke()?; + Ok(result) + } + + pub fn invoke( + &self, + args: impl IntoIterator>, + ) -> anyhow::Result { + self.command()?.args(args).invoke() + } + + pub fn list_files(&self) -> anyhow::Result> { + list_files(self.base_dir.path()) + } + + pub fn close(self) -> io::Result<()> { + self.base_dir.close() + } +} + +fn list_files(base: &Path) -> anyhow::Result> { + WalkDir::new(base) + .sort_by_file_name() + .into_iter() + .filter_map(|entry| match entry { + Ok(entry) if entry.file_type().is_dir() => None, // Skip directories + Ok(entry) => Some(rel_path(base, entry)), // List files + Err(err) => Some(Err(err.into())), // Propagate errors + }) + .collect() +} + +fn rel_path(base: &Path, entry: DirEntry) -> anyhow::Result { + let rel_path = entry.path().strip_prefix(base)?; + Ok(rel_path.to_path_buf()) +} + +/// A [`Command`] in the context of a [`CliFixture`]. +pub struct FixtureCommand<'a> { + fixture: &'a CliFixture, + command: Command, +} + +impl<'a> FixtureCommand<'a> { + fn new(fixture: &'a CliFixture) -> anyhow::Result { + let mut command = Command::cargo_bin(CLI_NAME)?; + command.env_clear(); + command.env("HOME", fixture.home_dir()); + command.current_dir(&fixture.current_dir()); + Ok(Self { fixture, command }) + } + pub fn args(mut self, args: impl IntoIterator>) -> Self { + self.command.args(args); + self + } + + pub fn invoke(&mut self) -> anyhow::Result> { + let output = self.command.output()?; + let mut result = InvocationResult::from_output(self.fixture, output)?; + result.redact_defaults()?; + Ok(result) + } +} + +/// The result of invoking a [`FixtureCommand`]. +#[derive(Debug)] +pub struct InvocationResult<'a> { + fixture: &'a CliFixture, + + /// Like [`Output`], but assume a non-signal exit code. + pub status: i32, + + /// Like [`Output`], but assume a UTF-8 string result. + pub stdout: String, + + /// Like [`Output`], but assume a UTF-8 string result. + pub stderr: String, +} + +impl<'a> InvocationResult<'a> { + /// Convert an [`Output`] to an [`InvocationResult`]. + /// + /// Fail if the CLI binary was terminated by a signal, or if `stdout` and `stderr` are not valid UTF-8. + pub fn from_output(fixture: &'a CliFixture, output: Output) -> anyhow::Result { + Ok(Self { + fixture, + status: output.status.code().ok_or_else(|| { + anyhow!("expected non-signal exit status, got {:?}", output.status) + })?, + stdout: String::from_utf8(output.stdout).context("expected UTF-8 stdout")?, + stderr: String::from_utf8(output.stderr).context("expected UTF-8 stderr")?, + }) + } + + /// Redact a string from `stdout` and `stderr`. + fn redact(&mut self, from: &str, to: &str) { + for s in [&mut self.stdout, &mut self.stderr] { + *s = s.replace(from, to); + } + } + + /// Redact the home directory prefix. + fn redact_home_dir(&mut self, to: &str) { + let home_dir = self.fixture.home_dir(); + let home_dir_str = home_dir.to_str().unwrap(); + self.redact(home_dir_str, to) + } + + /// Redact the configured public key, if any + fn redact_public_key(&mut self, to: &str) -> anyhow::Result<()> { + let config_path = self.fixture.home_dir().join(CONFIG_REL_PATH); + if config_path.exists() { + let config = VaultIdentityConfig::load(&config_path)?; + let identity: VaultIdentity = config.into(); + let pk = identity.get_sign_public_key(); + let pk_base64 = base64::encode(pk.as_ref()); + self.redact(&pk_base64, to); + } + Ok(()) + } + + /// Redact a default set of values. + fn redact_defaults(&mut self) -> anyhow::Result<()> { + self.redact_home_dir("${HOME}"); + self.redact_public_key("<>")?; + Ok(()) + } + + pub fn expect_success(&self) -> anyhow::Result<&str> { + if self.status == 0 && self.stderr.is_empty() { + Ok(&self.stdout) + } else { + Err(anyhow!("{self:?}")) + } + } + + pub fn expect_error_code(&self, code: i32) -> anyhow::Result<&str> { + if self.status == code && self.stdout.is_empty() { + Ok(&self.stderr) + } else { + Err(anyhow!("{self:?}")) + } + } + + pub fn expect_app_error(&self) -> anyhow::Result<&str> { + self.expect_error_code(1) + } + pub fn expect_usage_error(&self) -> anyhow::Result<&str> { + self.expect_error_code(2) + } +} diff --git a/rust-workspace/crates/ntc-vault-cli/tests/subcommands/common/mod.rs b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/common/mod.rs new file mode 100644 index 0000000..d67dd08 --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/common/mod.rs @@ -0,0 +1,3 @@ +//! Common test helpers. + +pub mod cli_fixture; diff --git a/rust-workspace/crates/ntc-vault-cli/tests/subcommands/data.rs b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/data.rs new file mode 100644 index 0000000..bf3e37c --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/data.rs @@ -0,0 +1,161 @@ +//! Test the `data` subcommand + +use crate::common::cli_fixture::CliFixture; + +#[test] +fn usage() { + CliFixture::with(|fixture| { + let result = fixture.invoke(["data"]).unwrap(); + let stderr = result.expect_usage_error().unwrap(); + k9::snapshot!( + stderr, + " +ntc-vault-data +Manage data packages + +USAGE: + ntc-vault data + +OPTIONS: + -h, --help Print help information + +SUBCOMMANDS: + create Create a new data package + inspect Inspect a data package + +" + ); + }); +} + +#[test] +fn create_usage() { + CliFixture::with(|fixture| { + let result = fixture.invoke(["data", "create"]).unwrap(); + let stderr = result.expect_usage_error().unwrap(); + k9::snapshot!( + stderr, + " +error: The following required arguments were not provided: + --metadata + --schema + --data + --output + +USAGE: + ntc-vault data create --metadata --schema --data --output + +For more information try --help + +" + ); + }); +} + +#[test] +fn create_no_extension() { + CliFixture::with(|fixture| { + let result = fixture + .invoke([ + "data", "create", "-m", "spam", "-s", "spam", "-d", "spam", "-o", "out", + ]) + .unwrap(); + let stderr = result.expect_app_error().unwrap(); + k9::snapshot!( + stderr, + r#" +Error: failed to read metadata from "spam" + +Caused by: + file has no extension: spam + +"# + ); + }); +} + +#[test] +fn create_bad_extension() { + CliFixture::with(|fixture| { + let result = fixture + .invoke([ + "data", "create", "-m", "ham.spam", "-s", "ham.spam", "-d", "ham.spam", "-o", "out", + ]) + .unwrap(); + let stderr = result.expect_app_error().unwrap(); + k9::snapshot!( + stderr, + r#" +Error: failed to read metadata from "ham.spam" + +Caused by: + unsupported file extension "spam" (ham.spam) + +"# + ); + }); +} + +#[test] +fn inspect_usage() { + CliFixture::with(|fixture| { + let result = fixture.invoke(["data", "inspect"]).unwrap(); + let stderr = result.expect_usage_error().unwrap(); + k9::snapshot!( + stderr, + " +error: The following required arguments were not provided: + --file + +USAGE: + ntc-vault data inspect --file + +For more information try --help + +" + ); + }); +} + +#[test] +fn inspect_help() { + CliFixture::with(|fixture| { + let result = fixture.invoke(["data", "inspect", "-h"]).unwrap(); + let stderr = result.expect_success().unwrap(); + k9::snapshot!( + stderr, + " +ntc-vault-data-inspect +Inspect a data package + +USAGE: + ntc-vault data inspect --file + +OPTIONS: + -f, --file + -h, --help Print help information + +" + ); + }); +} + +#[test] +fn inspect_nonexistent() { + CliFixture::with(|fixture| { + let result = fixture + .invoke(["data", "inspect", "-f", "nonexistent"]) + .unwrap(); + let stderr = result.expect_app_error().unwrap(); + k9::snapshot!( + stderr, + " +Error: failed to inspect file: nonexistent + +Caused by: + No such file or directory (os error 2) + +" + ); + }); +} diff --git a/rust-workspace/crates/ntc-vault-cli/tests/subcommands/identity.rs b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/identity.rs new file mode 100644 index 0000000..ce1ea30 --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/identity.rs @@ -0,0 +1,115 @@ +//! Test the `identity` subcommand. + +use crate::common::cli_fixture::CliFixture; + +#[test] +fn usage() { + CliFixture::with(|fixture| { + let result = fixture.invoke(["identity"]).unwrap(); + let stderr = result.expect_usage_error().unwrap(); + k9::snapshot!( + stderr, + " +ntc-vault-identity +Manage identities + +USAGE: + ntc-vault identity + +OPTIONS: + -h, --help Print help information + +SUBCOMMANDS: + create Create a new identity + show Show the current identity + +" + ); + }); +} + +#[test] +fn create_no_args() { + CliFixture::with(|fixture| { + let result = fixture.invoke(["identity", "create"]).unwrap(); + let stderr = result.expect_usage_error().unwrap(); + k9::snapshot!( + stderr, + " +error: The following required arguments were not provided: + --name + +USAGE: + ntc-vault identity create --name + +For more information try --help + +" + ); + }); +} + +#[test] +fn create_with_name() { + CliFixture::with(|fixture| { + let result = fixture + .invoke(["identity", "create", "--name", "Test User"]) + .unwrap(); + let stdout = result.expect_success().unwrap(); + + k9::snapshot!( + stdout, + " +Identity created at ${HOME}/.config/ntc-vault/identity.toml + +" + ); + let files = fixture.list_files().unwrap(); + k9::snapshot!( + files, + r#" +[ + "home/.config/ntc-vault/identity.toml", +] +"# + ); + }); +} + +#[test] +fn show_not_configured() { + CliFixture::with(|fixture| { + let result = fixture.invoke(["identity", "show"]).unwrap(); + let stderr = result.expect_app_error().unwrap(); + k9::snapshot!( + stderr, + " +Error: Identity not configured + +Caused by: + File not found: ${HOME}/.config/ntc-vault/identity.toml + +" + ); + }); +} + +#[test] +fn create_show() { + CliFixture::with(|fixture| { + fixture + .invoke(["identity", "create", "--name", "Test User"]) + .unwrap(); + let result = fixture.invoke(["identity", "show"]).unwrap(); + let stdout = result.expect_success().unwrap(); + k9::snapshot!( + stdout, + " +Path: ${HOME}/.config/ntc-vault/identity.toml +Name: Test User +Public key: <> + +" + ); + }); +} diff --git a/rust-workspace/crates/ntc-vault-cli/tests/subcommands/main.rs b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/main.rs new file mode 100644 index 0000000..9c8fa32 --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/main.rs @@ -0,0 +1,6 @@ +//! Tests for the CLI subcommands. + +mod common; +mod data; +mod identity; +mod usage; diff --git a/rust-workspace/crates/ntc-vault-cli/tests/subcommands/usage.rs b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/usage.rs new file mode 100644 index 0000000..41ba32b --- /dev/null +++ b/rust-workspace/crates/ntc-vault-cli/tests/subcommands/usage.rs @@ -0,0 +1,57 @@ +//! Test the top-level CLI usage. + +use crate::common::cli_fixture::CliFixture; + +#[test] +fn usage_no_args() { + CliFixture::with(|fixture| { + let result = fixture.invoke_without_args().unwrap(); + let stderr = result.expect_usage_error().unwrap(); + k9::snapshot!( + stderr, + " +ntc-vault-cli 0.1.0 +Nautilus Trusted Compute Vault CLI + +USAGE: + ntc-vault + +OPTIONS: + -h, --help Print help information + -V, --version Print version information + +SUBCOMMANDS: + data Manage data packages + identity Manage identities + +" + ); + }); +} + +#[test] +fn help() { + CliFixture::with(|fixture| { + let result = fixture.invoke(["-h"]).unwrap(); + let stderr = result.expect_success().unwrap(); + k9::snapshot!( + stderr, + " +ntc-vault-cli 0.1.0 +Nautilus Trusted Compute Vault CLI + +USAGE: + ntc-vault + +OPTIONS: + -h, --help Print help information + -V, --version Print version information + +SUBCOMMANDS: + data Manage data packages + identity Manage identities + +" + ); + }); +} diff --git a/rust-workspace/rust-toolchain.toml b/rust-workspace/rust-toolchain.toml new file mode 100644 index 0000000..d39cd72 --- /dev/null +++ b/rust-workspace/rust-toolchain.toml @@ -0,0 +1,4 @@ +# Docs: https://rust-lang.github.io/rustup/overrides.html#the-toolchain-file +[toolchain] +# This workspace should work with the latest stable Rust. +channel = "stable" diff --git a/rust-workspace/rustfmt.toml b/rust-workspace/rustfmt.toml new file mode 100644 index 0000000..437afce --- /dev/null +++ b/rust-workspace/rustfmt.toml @@ -0,0 +1,6 @@ +# https://rust-lang.github.io/rustfmt/ +# Use "cargo +nightly fmt" to take advantage of the group_imports feature. + +imports_layout = "HorizontalVertical" +imports_granularity = "Module" +group_imports = "StdExternalCrate" From a1a57f01599ac42130db0858a3cf66165cc1e3cd Mon Sep 17 00:00:00 2001 From: Pi Delport Date: Thu, 28 Apr 2022 13:13:29 +0200 Subject: [PATCH 2/4] feat: add initial TEE server (#3) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * build(rust-sgx-workspace): add workspace for SGX code * build(ntc-tee-server): add SGX project for the TEE server * build(ntc-tee-server): bump Rust edition: "2018" → "2021" * build(ntc-tee-server): better error message for missing Enclave_u library * ci(rust-sgx-workspace): add check and test workflows for GitHub Actions * ci: use nested checkout for the multiple repositories to prevent _temp being deleted * style: fix clippy warnings * ci: remove --all-targets build arg to fix enclave builds and checks Co-authored-by: Herman --- .../workflows/rust-sgx-workspace-check.yaml | 162 + .../workflows/rust-sgx-workspace-test.yaml | 81 + rust-sgx-workspace/.gitignore | 1 + rust-sgx-workspace/Cargo.lock | 125 + rust-sgx-workspace/Cargo.toml | 8 + rust-sgx-workspace/README-SGX.md | 22 + .../projects/ntc-tee-server/.gitignore | 2 + .../projects/ntc-tee-server/Makefile | 46 + .../projects/ntc-tee-server/app/.gitignore | 1 + .../projects/ntc-tee-server/app/Cargo.toml | 10 + .../projects/ntc-tee-server/app/Makefile | 99 + .../projects/ntc-tee-server/app/build.rs | 47 + .../ntc-tee-server/app/codegen/Enclave_u.c | 964 ++++ .../ntc-tee-server/app/codegen/Enclave_u.h | 257 + .../ntc-tee-server/app/codegen/Enclave_u.rs | 12 + .../projects/ntc-tee-server/app/src/main.rs | 74 + .../projects/ntc-tee-server/buildenv.mk | 167 + .../projects/ntc-tee-server/buildenv_sgx.mk | 49 + .../ntc-tee-server/enclave/.gitignore | 1 + .../ntc-tee-server/enclave/Cargo.toml | 16 + .../ntc-tee-server/enclave/Enclave.config.xml | 12 + .../ntc-tee-server/enclave/Enclave.edl | 11 + .../ntc-tee-server/enclave/Enclave.lds | 9 + .../projects/ntc-tee-server/enclave/Makefile | 118 + .../enclave/codegen/Enclave_t.c | 4554 +++++++++++++++++ .../enclave/codegen/Enclave_t.h | 88 + .../ntc-tee-server/enclave/src/lib.rs | 25 + rust-sgx-workspace/rust-toolchain.toml | 4 + rust-sgx-workspace/rustfmt.toml | 6 + 29 files changed, 6971 insertions(+) create mode 100644 .github/workflows/rust-sgx-workspace-check.yaml create mode 100644 .github/workflows/rust-sgx-workspace-test.yaml create mode 100644 rust-sgx-workspace/.gitignore create mode 100644 rust-sgx-workspace/Cargo.lock create mode 100644 rust-sgx-workspace/Cargo.toml create mode 100644 rust-sgx-workspace/README-SGX.md create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/.gitignore create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/Makefile create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/app/.gitignore create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/app/Cargo.toml create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/app/Makefile create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/app/build.rs create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.c create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.h create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.rs create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/app/src/main.rs create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/buildenv.mk create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/buildenv_sgx.mk create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/enclave/.gitignore create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/enclave/Cargo.toml create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.config.xml create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.edl create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.lds create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/enclave/Makefile create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/enclave/codegen/Enclave_t.c create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/enclave/codegen/Enclave_t.h create mode 100644 rust-sgx-workspace/projects/ntc-tee-server/enclave/src/lib.rs create mode 100644 rust-sgx-workspace/rust-toolchain.toml create mode 100644 rust-sgx-workspace/rustfmt.toml diff --git a/.github/workflows/rust-sgx-workspace-check.yaml b/.github/workflows/rust-sgx-workspace-check.yaml new file mode 100644 index 0000000..4f9bcff --- /dev/null +++ b/.github/workflows/rust-sgx-workspace-check.yaml @@ -0,0 +1,162 @@ +# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions + +name: rust-sgx-workspace (check) + +on: push + +# Action docs: +# https://github.com/actions/checkout#readme +# https://github.com/actions-rs/toolchain#readme +# https://github.com/Swatinem/rust-cache#readme +# https://github.com/actions-rs/cargo#readme + +# NOTE: This uses the fork to work around + +jobs: + + # "cargo fmt" produces no changes + rustfmt-check: + runs-on: ubuntu-latest + steps: + # Checkout the workspace first to prevent temp files from being deleted. + # See: https://github.com/actions/checkout#checkout-multiple-repos-nested + - + uses: actions/checkout@v3 + - + name: Checkout rust-sgx-sdk-dev-env + uses: actions/checkout@v3 + with: + repository: PiDelport/rust-sgx-sdk-dev-env + path: _temp/rust-sgx-sdk-dev-env + - + name: Prepare SGX environment + working-directory: _temp/rust-sgx-sdk-dev-env + run: | + ./prepare-1.1.4-intel-2.15.1.sh + . environment + # Persist environment to following steps. + echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >>$GITHUB_ENV + echo "SGX_SDK=$SGX_SDK" >>$GITHUB_ENV + echo "SGX_MODE=$SGX_MODE" >>$GITHUB_ENV + echo "CUSTOM_COMMON_PATH=$CUSTOM_COMMON_PATH" >>$GITHUB_ENV + echo "CUSTOM_EDL_PATH=$CUSTOM_EDL_PATH" >>$GITHUB_ENV + - + uses: actions-rs/toolchain@v1 + with: + # Use same toolchain as rust-sgx-workspace/rust-toolchain.toml + toolchain: nightly-2021-11-01 + profile: minimal + components: rustfmt + default: true + - + name: cargo fmt + uses: MarcoPolo/cargo@a527bf4d534717ff4424a84446c5d710f8833139 + with: + working-directory: rust-sgx-workspace + command: fmt + args: -- --check + + # "cargo clippy" produces no errors or warnings + clippy: + runs-on: ubuntu-latest + steps: + - + uses: actions/checkout@v3 + - + name: Checkout rust-sgx-sdk-dev-env + uses: actions/checkout@v3 + with: + repository: PiDelport/rust-sgx-sdk-dev-env + path: _temp/rust-sgx-sdk-dev-env + - + name: Prepare SGX environment + working-directory: _temp/rust-sgx-sdk-dev-env + run: | + ./prepare-1.1.4-intel-2.15.1.sh + . environment + # Persist environment to following steps. + echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >>$GITHUB_ENV + echo "SGX_SDK=$SGX_SDK" >>$GITHUB_ENV + echo "SGX_MODE=$SGX_MODE" >>$GITHUB_ENV + echo "CUSTOM_COMMON_PATH=$CUSTOM_COMMON_PATH" >>$GITHUB_ENV + echo "CUSTOM_EDL_PATH=$CUSTOM_EDL_PATH" >>$GITHUB_ENV + - + uses: actions-rs/toolchain@v1 + with: + # Use same toolchain as rust-sgx-workspace/rust-toolchain.toml + toolchain: nightly-2021-11-01 + profile: minimal + components: clippy + default: true + - + uses: Swatinem/rust-cache@v1 + with: + working-directory: rust-sgx-workspace + sharedKey: clippy + key: ${{ github.ref }} + - + name: Generate untrusted C EDL static library + working-directory: rust-sgx-workspace/projects/ntc-tee-server/app + run: | + make ../build/lib/libEnclave_u.a + - + name: cargo clippy + uses: MarcoPolo/cargo@a527bf4d534717ff4424a84446c5d710f8833139 + with: + working-directory: rust-sgx-workspace + command: clippy + # Do not use --all-targets to prevent enclave builds from failing + args: -- --deny warnings + + # "cargo doc" builds cleanly (including private items) + doc-check: + runs-on: ubuntu-latest + steps: + - + uses: actions/checkout@v3 + - + name: Checkout rust-sgx-sdk-dev-env + uses: actions/checkout@v3 + with: + repository: PiDelport/rust-sgx-sdk-dev-env + path: _temp/rust-sgx-sdk-dev-env + - + name: Prepare SGX environment + working-directory: _temp/rust-sgx-sdk-dev-env + run: | + ./prepare-1.1.4-intel-2.15.1.sh + . environment + # Persist environment to following steps. + echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >>$GITHUB_ENV + echo "SGX_SDK=$SGX_SDK" >>$GITHUB_ENV + echo "SGX_MODE=$SGX_MODE" >>$GITHUB_ENV + echo "CUSTOM_COMMON_PATH=$CUSTOM_COMMON_PATH" >>$GITHUB_ENV + echo "CUSTOM_EDL_PATH=$CUSTOM_EDL_PATH" >>$GITHUB_ENV + - + uses: actions-rs/toolchain@v1 + with: + # Use same toolchain as rust-sgx-workspace/rust-toolchain.toml + toolchain: nightly-2021-11-01 + profile: minimal + components: rust-docs + default: true + - + uses: Swatinem/rust-cache@v1 + with: + working-directory: rust-sgx-workspace + sharedKey: doc-check + key: ${{ github.ref }} + - + name: Generate untrusted C EDL static library + working-directory: rust-sgx-workspace/projects/ntc-tee-server/app + run: | + make ../build/lib/libEnclave_u.a + - + name: cargo doc + uses: MarcoPolo/cargo@a527bf4d534717ff4424a84446c5d710f8833139 + with: + working-directory: rust-sgx-workspace + command: doc + args: --no-deps --document-private-items + env: + RUSTDOCFLAGS: --deny warnings diff --git a/.github/workflows/rust-sgx-workspace-test.yaml b/.github/workflows/rust-sgx-workspace-test.yaml new file mode 100644 index 0000000..376811a --- /dev/null +++ b/.github/workflows/rust-sgx-workspace-test.yaml @@ -0,0 +1,81 @@ +# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions + +name: rust-sgx-workspace (test) + +on: push + +# Action docs: +# https://github.com/actions/checkout#readme +# https://github.com/actions-rs/toolchain#readme +# https://github.com/Swatinem/rust-cache#readme +# https://github.com/actions-rs/cargo#readme + +# NOTE: This uses the fork to work around + +jobs: + + # "cargo build" and "cargo test" pass on all supported Rust toolchain channels. + test: + runs-on: ubuntu-latest + strategy: + # No fail-fast: We want to see test results for all toolchain channels, even if one fails. + fail-fast: false + matrix: + rust: + # Use same toolchain as rust-sgx-workspace/rust-toolchain.toml + - nightly-2021-11-01 + steps: + # Checkout the workspace first to prevent temp files from being deleted. + # See: https://github.com/actions/checkout#checkout-multiple-repos-nested + - + uses: actions/checkout@v3 + - + name: Checkout rust-sgx-sdk-dev-env + uses: actions/checkout@v3 + with: + repository: PiDelport/rust-sgx-sdk-dev-env + path: _temp/rust-sgx-sdk-dev-env + - + name: Prepare SGX environment + working-directory: _temp/rust-sgx-sdk-dev-env + run: | + ./prepare-1.1.4-intel-2.15.1.sh + . environment + # Persist environment to following steps. + echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >>$GITHUB_ENV + echo "SGX_SDK=$SGX_SDK" >>$GITHUB_ENV + echo "SGX_MODE=$SGX_MODE" >>$GITHUB_ENV + echo "CUSTOM_COMMON_PATH=$CUSTOM_COMMON_PATH" >>$GITHUB_ENV + echo "CUSTOM_EDL_PATH=$CUSTOM_EDL_PATH" >>$GITHUB_ENV + - + uses: actions-rs/toolchain@v1 + with: + toolchain: ${{ matrix.rust }} + profile: minimal + default: true + - + uses: Swatinem/rust-cache@v1 + with: + working-directory: rust-sgx-workspace + sharedKey: test + key: ${{ github.ref }} + - + name: Generate untrusted C EDL static library + working-directory: rust-sgx-workspace/projects/ntc-tee-server/app + run: | + make ../build/lib/libEnclave_u.a + - + name: cargo build + uses: MarcoPolo/cargo@a527bf4d534717ff4424a84446c5d710f8833139 + with: + working-directory: rust-sgx-workspace + command: build + # Do not use --all-targets to prevent enclave builds from failing + args: ${{ matrix.cargo-flags }} + - + name: cargo test + uses: MarcoPolo/cargo@a527bf4d534717ff4424a84446c5d710f8833139 + with: + working-directory: rust-sgx-workspace + command: test + args: ${{ matrix.cargo-flags }} diff --git a/rust-sgx-workspace/.gitignore b/rust-sgx-workspace/.gitignore new file mode 100644 index 0000000..2f7896d --- /dev/null +++ b/rust-sgx-workspace/.gitignore @@ -0,0 +1 @@ +target/ diff --git a/rust-sgx-workspace/Cargo.lock b/rust-sgx-workspace/Cargo.lock new file mode 100644 index 0000000..e607395 --- /dev/null +++ b/rust-sgx-workspace/Cargo.lock @@ -0,0 +1,125 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "cc" +version = "1.0.73" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" + +[[package]] +name = "hashbrown_tstd" +version = "0.11.2" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" + +[[package]] +name = "libc" +version = "0.2.119" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bf2e165bb3457c8e098ea76f3e3bc9db55f87aa90d52d0e6be741470916aaa4" + +[[package]] +name = "ntc-tee-server-app" +version = "0.1.0" +dependencies = [ + "sgx_types", + "sgx_urts", +] + +[[package]] +name = "ntc-tee-server-enclave" +version = "0.1.0" +dependencies = [ + "sgx_tstd", + "sgx_types", +] + +[[package]] +name = "sgx_alloc" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" + +[[package]] +name = "sgx_backtrace_sys" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" +dependencies = [ + "cc", + "sgx_build_helper", + "sgx_libc", +] + +[[package]] +name = "sgx_build_helper" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" + +[[package]] +name = "sgx_demangle" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" + +[[package]] +name = "sgx_libc" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" +dependencies = [ + "sgx_types", +] + +[[package]] +name = "sgx_tprotected_fs" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" +dependencies = [ + "sgx_trts", + "sgx_types", +] + +[[package]] +name = "sgx_trts" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" +dependencies = [ + "sgx_libc", + "sgx_types", +] + +[[package]] +name = "sgx_tstd" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" +dependencies = [ + "hashbrown_tstd", + "sgx_alloc", + "sgx_backtrace_sys", + "sgx_demangle", + "sgx_libc", + "sgx_tprotected_fs", + "sgx_trts", + "sgx_types", + "sgx_unwind", +] + +[[package]] +name = "sgx_types" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" + +[[package]] +name = "sgx_unwind" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" +dependencies = [ + "sgx_build_helper", +] + +[[package]] +name = "sgx_urts" +version = "1.1.4" +source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk#e8a9fc22939befa27ff67f5509b2c2dfe8499945" +dependencies = [ + "libc", + "sgx_types", +] diff --git a/rust-sgx-workspace/Cargo.toml b/rust-sgx-workspace/Cargo.toml new file mode 100644 index 0000000..c55b651 --- /dev/null +++ b/rust-sgx-workspace/Cargo.toml @@ -0,0 +1,8 @@ +[workspace] +members = [ +# 'crates/*', + 'projects/*/app', + 'projects/*/enclave', +] + +[patch.'https://github.com/apache/teaclave-sgx-sdk.git'] diff --git a/rust-sgx-workspace/README-SGX.md b/rust-sgx-workspace/README-SGX.md new file mode 100644 index 0000000..282269f --- /dev/null +++ b/rust-sgx-workspace/README-SGX.md @@ -0,0 +1,22 @@ +# Rust SGX workspace + +This workspace requires mutually-compatible versions of the following tools, +listed here with their current versions: + +1. **Rust SGX SDK:** 1.1.4 + updates (revision [e8a9fc22939befa27ff67f5509b2c2dfe8499945]) +2. **Rust toolchain:** `nightly-2021-11-01` +3. **Intel SGX SDK:** [2.15.1] + +[e8a9fc22939befa27ff67f5509b2c2dfe8499945]: https://github.com/apache/incubator-teaclave-sgx-sdk/commit/e8a9fc22939befa27ff67f5509b2c2dfe8499945 + +[2.15.1]: https://01.org/intel-softwareguard-extensions/downloads/intel-sgx-linux-2.15.1-release + +To install and switch between versions of the SDK packages, you can use the [rust-sgx-sdk-dev-env] helper scripts. + +[rust-sgx-sdk-dev-env]: https://github.com/PiDelport/rust-sgx-sdk-dev-env + +## Notes + +* The Rust SGX SDK Git revision should be pinned and patched for all crates and all SGX dependencies in this project, to avoid Cargo dependency resolution and compilation issues. + +* When adding or upgrading SGX dependencies, monitor `Cargo.lock` to check that the change does not introduce multiple revisions of the same underlying SGX SDK crates: these should be patched to refer to the pinned revision above. diff --git a/rust-sgx-workspace/projects/ntc-tee-server/.gitignore b/rust-sgx-workspace/projects/ntc-tee-server/.gitignore new file mode 100644 index 0000000..438fbf5 --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/.gitignore @@ -0,0 +1,2 @@ +/build +/keys diff --git a/rust-sgx-workspace/projects/ntc-tee-server/Makefile b/rust-sgx-workspace/projects/ntc-tee-server/Makefile new file mode 100644 index 0000000..1955bdd --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/Makefile @@ -0,0 +1,46 @@ +# Dummy makefile, will call the host and enclave makefile when requested. + +SRC_U = app/ +SRC_T = enclave/ + +# Compilation process, will call the appropriate makefiles. + +all: host enclave + +host: + @echo "\033[32mRequest to compile the host part...\033[0m" + @make -C $(SRC_U) + +enclave: + @echo "\033[32mRequest to compile the enclave part...\033[0m" + @make -C $(SRC_T) + +clean: + @make -C $(SRC_U) clean + @make -C $(SRC_T) clean + +fclean: + @make -C $(SRC_U) fclean + @make -C $(SRC_T) fclean + +clean_host: + @make -C $(SRC_U) clean + +clean_enclave: + @make -C $(SRC_T) clean + +fclean_host: + @make -C $(SRC_U) fclean + +fclean_enclave: + @make -C $(SRC_T) fclean + +re_host: fclean_host host + +re_enclave: fclean_enclave enclave + +re: fclean all + +# Dummy rules to let make know that those rules are not files. + +.PHONY: host enclave clean clean_host clean_enclave fclean_host fclean_enclave fclean re re_host re_enclave \ No newline at end of file diff --git a/rust-sgx-workspace/projects/ntc-tee-server/app/.gitignore b/rust-sgx-workspace/projects/ntc-tee-server/app/.gitignore new file mode 100644 index 0000000..ea8c4bf --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/app/.gitignore @@ -0,0 +1 @@ +/target diff --git a/rust-sgx-workspace/projects/ntc-tee-server/app/Cargo.toml b/rust-sgx-workspace/projects/ntc-tee-server/app/Cargo.toml new file mode 100644 index 0000000..7dfbe89 --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/app/Cargo.toml @@ -0,0 +1,10 @@ +[package] +# name matches APP_U in Makefile +name = "ntc-tee-server-app" +version = "0.1.0" +edition = "2021" +build = "build.rs" + +[dependencies] +sgx_types = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk" } +sgx_urts = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk" } diff --git a/rust-sgx-workspace/projects/ntc-tee-server/app/Makefile b/rust-sgx-workspace/projects/ntc-tee-server/app/Makefile new file mode 100644 index 0000000..39763ec --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/app/Makefile @@ -0,0 +1,99 @@ +# Makefile settings - Host part + +LIB = ../build/lib/ +BIN = ../build/bin/ +# APP_U matches name in Cargo.toml +APP_U = ntc-tee-server-app +APP_T = enclave.so +NAME_U = libEnclave_u.a +SRC_U = ./ +CODEGEN_U = $(SRC_U)/codegen/ +SRC_T = ../enclave/ +OBJ_U = ../build/obj/ +FLAGS = -Wall -Wextra +GCC_STEP1_U = -I $(CODEGEN_U) -I./include -I$(SGX_SDK)/include -I$(CUSTOM_EDL_PATH) -fPIC -Wno-attributes $(SGX_COMMON_CFLAGS) +FILES_U = Enclave_u.c +FILES_U_H = Enclave_u.h +SGX_ARCH = x64 +TRTS_LIB = sgx_trts +SERVICE_LIB = sgx_tservice +# Addprefix dependant variables, no need to change those +OUTPUT_U = $(FILES_U:.c=.o) +BIN_U = $(addprefix $(BIN), $(APP_U)) +NAME_U_D = $(addprefix $(LIB), $(NAME_U)) +FILES_U_F=$(addprefix $(CODEGEN_U), $(FILES_U)) +FILES_U_H_F=$(addprefix $(CODEGEN_U), $(FILES_U_H)) +OUTPUT_W_FU=$(addprefix $(OBJ_U), $(OUTPUT_U)) + +# All Rust and other source files that the Cargo build depends on. +FILES_RUST_F = Cargo.toml ../../../Cargo.lock build.rs $(shell find src -name '*.rs') $(CODEGEN_U)Enclave_u.rs + +# Contains compilation rules for the enclave part + +include ../buildenv.mk +include ../buildenv_sgx.mk + +# Custom libraries, EDL paths. Needs to be specified with make (CUSTOM_EDL_PATH) (CUSTOM_COMMON_PATH) + +# Compilation process, we set up all the dependencies needed to have the correct order of build, and avoid relink + +all: $(BIN_U) + +$(FILES_U_F): $(SGX_EDGER8R) $(SRC_T)/Enclave.edl + @echo "\033[32mGenerating untrusted SGX C edl files...\033[0m" + @$(SGX_EDGER8R) --untrusted $(SRC_T)/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir $(CODEGEN_U) + +$(NAME_U_D): $(FILES_U_F) $(OUTPUT_W_FU) + @echo "\033[32mBuilding untrusted C edl static library...\033[0m" + @mkdir -p $(LIB) + @$(AR) rcsD $@ $(OUTPUT_W_FU) + +$(OBJ_U)%.o:$(CODEGEN_U)%.c + @mkdir -p $(OBJ_U) + @echo "\033[32m$?: Build in progress...\033[0m" + @$(CC) $(FLAGS) $(GCC_STEP1_U) -o $@ -c $? + +# We print the compilation mode we're in (hardware/software mode), just as a reminder. + +$(BIN_U): $(NAME_U_D) $(FILES_RUST_F) $(FILES_U_H_F) +ifeq ($(SGX_MODE), SW) + @echo "\033[32mSoftware / Simulation mode\033[0m" +else + @echo "\033[32mHardware mode\033[0m" +endif + @echo "\033[32mStarting cargo to build the host...\033[0m" + @cd $(SRC_U) && SGX_SDK=$(SGX_SDK) cargo build --release + @echo "\033[32mCopying the host to the correct location... ($(BIN_U))\033[0m" + @mkdir -p $(BIN) + @cp ../../../target/release/$(APP_U) $(BIN) + +$(CODEGEN_U)Enclave_u.rs: $(CODEGEN_U)Enclave_u.h + @echo "\033[32mGenerating Rust bindings: $@\033[0m" + @bindgen \ + --no-recursive-allowlist \ + --raw-line 'use sgx_types::*;' \ + --allowlist-function ecall_test \ + --output $@ \ + $? \ + -- -I$(SGX_SDK)/include -I$(CUSTOM_EDL_PATH) + +clean: c_clean + @rm -rf $(OBJ_U) + @echo "\033[32mObject files deleted\033[0m" + +fclean: clean fclean_host + +fclean_host: + @echo "\033[32mBinary file $(BIN_U) deleted\033[0m" + @rm -f $(BIN_U) + @rm -f $(NAME_U_D) + @cargo clean + +c_clean: + @echo "\033[32mC edl generated files deleted\033[0m" + @rm -rf $(FILES_U_F) + @rm -rf $(FILES_U_H_F) + +re: fclean all + +.PHONY: all clean c_clean fclean re fclean_host diff --git a/rust-sgx-workspace/projects/ntc-tee-server/app/build.rs b/rust-sgx-workspace/projects/ntc-tee-server/app/build.rs new file mode 100644 index 0000000..215eb30 --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/app/build.rs @@ -0,0 +1,47 @@ +use std::env; +use std::path::PathBuf; + +fn main() { + println!("cargo:rerun-if-env-changed=SGX_SDK"); + println!("cargo:rerun-if-env-changed=SGX_MODE"); + + let sdk_dir = env::var("SGX_SDK").unwrap_or_else(|_| "/opt/sgxsdk".to_string()); + let is_sim = env::var("SGX_MODE").unwrap_or_else(|_| "HW".to_string()); + + link_enclave_u(); + + println!("cargo:rustc-link-search=native={}/lib64", sdk_dir); + match is_sim.as_ref() { + "SW" => println!("cargo:rustc-link-lib=dylib=sgx_urts_sim"), + "HW" => println!("cargo:rustc-link-lib=dylib=sgx_urts"), + _ => println!("cargo:rustc-link-lib=dylib=sgx_urts"), // Treat undefined as HW + } +} + +/// Link the untrusted C EDL static library. +/// Fail with a helpful message if it does not exist. +fn link_enclave_u() { + // Match LIB and NAME_U_D in the Makefile. + const LIB: &str = "../build/lib"; + const NAME_U_D: &str = "libEnclave_u.a"; + + // Resolve paths relative to the local Cargo.toml + let cargo_dir = env::var("CARGO_MANIFEST_DIR").unwrap(); + let lib_dir = PathBuf::from(cargo_dir).join(LIB); + + assert!( + lib_dir.join(NAME_U_D).exists(), + r#" + Could not find the untrusted C EDL static library. + Run "make {}/{}" or "make" to generate it. +"#, + LIB, + NAME_U_D, + ); + + std::println!( + "cargo:rustc-link-search=native={}", + lib_dir.to_str().unwrap() + ); + println!("cargo:rustc-link-lib=static=Enclave_u"); +} diff --git a/rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.c b/rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.c new file mode 100644 index 0000000..c4b408c --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.c @@ -0,0 +1,964 @@ +#include "Enclave_u.h" +#include + +typedef struct ms_ecall_test_t { + sgx_status_t ms_retval; + const uint8_t* ms_some_string; + size_t ms_len; +} ms_ecall_test_t; + +typedef struct ms_t_global_init_ecall_t { + uint64_t ms_id; + const uint8_t* ms_path; + size_t ms_len; +} ms_t_global_init_ecall_t; + +typedef struct ms_u_thread_set_event_ocall_t { + int ms_retval; + int* ms_error; + const void* ms_tcs; +} ms_u_thread_set_event_ocall_t; + +typedef struct ms_u_thread_wait_event_ocall_t { + int ms_retval; + int* ms_error; + const void* ms_tcs; + const struct timespec* ms_timeout; +} ms_u_thread_wait_event_ocall_t; + +typedef struct ms_u_thread_set_multiple_events_ocall_t { + int ms_retval; + int* ms_error; + const void** ms_tcss; + int ms_total; +} ms_u_thread_set_multiple_events_ocall_t; + +typedef struct ms_u_thread_setwait_events_ocall_t { + int ms_retval; + int* ms_error; + const void* ms_waiter_tcs; + const void* ms_self_tcs; + const struct timespec* ms_timeout; +} ms_u_thread_setwait_events_ocall_t; + +typedef struct ms_u_clock_gettime_ocall_t { + int ms_retval; + int* ms_error; + int ms_clk_id; + struct timespec* ms_tp; +} ms_u_clock_gettime_ocall_t; + +typedef struct ms_u_read_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + void* ms_buf; + size_t ms_count; +} ms_u_read_ocall_t; + +typedef struct ms_u_pread64_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + void* ms_buf; + size_t ms_count; + int64_t ms_offset; +} ms_u_pread64_ocall_t; + +typedef struct ms_u_readv_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const struct iovec* ms_iov; + int ms_iovcnt; +} ms_u_readv_ocall_t; + +typedef struct ms_u_preadv64_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const struct iovec* ms_iov; + int ms_iovcnt; + int64_t ms_offset; +} ms_u_preadv64_ocall_t; + +typedef struct ms_u_write_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const void* ms_buf; + size_t ms_count; +} ms_u_write_ocall_t; + +typedef struct ms_u_pwrite64_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const void* ms_buf; + size_t ms_count; + int64_t ms_offset; +} ms_u_pwrite64_ocall_t; + +typedef struct ms_u_writev_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const struct iovec* ms_iov; + int ms_iovcnt; +} ms_u_writev_ocall_t; + +typedef struct ms_u_pwritev64_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const struct iovec* ms_iov; + int ms_iovcnt; + int64_t ms_offset; +} ms_u_pwritev64_ocall_t; + +typedef struct ms_u_fcntl_arg0_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int ms_cmd; +} ms_u_fcntl_arg0_ocall_t; + +typedef struct ms_u_fcntl_arg1_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int ms_cmd; + int ms_arg; +} ms_u_fcntl_arg1_ocall_t; + +typedef struct ms_u_ioctl_arg0_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int ms_request; +} ms_u_ioctl_arg0_ocall_t; + +typedef struct ms_u_ioctl_arg1_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int ms_request; + int* ms_arg; +} ms_u_ioctl_arg1_ocall_t; + +typedef struct ms_u_close_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; +} ms_u_close_ocall_t; + +typedef struct ms_u_malloc_ocall_t { + void* ms_retval; + int* ms_error; + size_t ms_size; +} ms_u_malloc_ocall_t; + +typedef struct ms_u_free_ocall_t { + void* ms_p; +} ms_u_free_ocall_t; + +typedef struct ms_u_mmap_ocall_t { + void* ms_retval; + int* ms_error; + void* ms_start; + size_t ms_length; + int ms_prot; + int ms_flags; + int ms_fd; + int64_t ms_offset; +} ms_u_mmap_ocall_t; + +typedef struct ms_u_munmap_ocall_t { + int ms_retval; + int* ms_error; + void* ms_start; + size_t ms_length; +} ms_u_munmap_ocall_t; + +typedef struct ms_u_msync_ocall_t { + int ms_retval; + int* ms_error; + void* ms_addr; + size_t ms_length; + int ms_flags; +} ms_u_msync_ocall_t; + +typedef struct ms_u_mprotect_ocall_t { + int ms_retval; + int* ms_error; + void* ms_addr; + size_t ms_length; + int ms_prot; +} ms_u_mprotect_ocall_t; + +typedef struct ms_u_open_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_pathname; + int ms_flags; +} ms_u_open_ocall_t; + +typedef struct ms_u_open64_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + int ms_oflag; + int ms_mode; +} ms_u_open64_ocall_t; + +typedef struct ms_u_fstat_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + struct stat_t* ms_buf; +} ms_u_fstat_ocall_t; + +typedef struct ms_u_fstat64_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + struct stat64_t* ms_buf; +} ms_u_fstat64_ocall_t; + +typedef struct ms_u_stat_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + struct stat_t* ms_buf; +} ms_u_stat_ocall_t; + +typedef struct ms_u_stat64_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + struct stat64_t* ms_buf; +} ms_u_stat64_ocall_t; + +typedef struct ms_u_lstat_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + struct stat_t* ms_buf; +} ms_u_lstat_ocall_t; + +typedef struct ms_u_lstat64_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + struct stat64_t* ms_buf; +} ms_u_lstat64_ocall_t; + +typedef struct ms_u_lseek_ocall_t { + uint64_t ms_retval; + int* ms_error; + int ms_fd; + int64_t ms_offset; + int ms_whence; +} ms_u_lseek_ocall_t; + +typedef struct ms_u_lseek64_ocall_t { + int64_t ms_retval; + int* ms_error; + int ms_fd; + int64_t ms_offset; + int ms_whence; +} ms_u_lseek64_ocall_t; + +typedef struct ms_u_ftruncate_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int64_t ms_length; +} ms_u_ftruncate_ocall_t; + +typedef struct ms_u_ftruncate64_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int64_t ms_length; +} ms_u_ftruncate64_ocall_t; + +typedef struct ms_u_truncate_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + int64_t ms_length; +} ms_u_truncate_ocall_t; + +typedef struct ms_u_truncate64_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + int64_t ms_length; +} ms_u_truncate64_ocall_t; + +typedef struct ms_u_fsync_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; +} ms_u_fsync_ocall_t; + +typedef struct ms_u_fdatasync_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; +} ms_u_fdatasync_ocall_t; + +typedef struct ms_u_fchmod_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + uint32_t ms_mode; +} ms_u_fchmod_ocall_t; + +typedef struct ms_u_unlink_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_pathname; +} ms_u_unlink_ocall_t; + +typedef struct ms_u_link_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_oldpath; + const char* ms_newpath; +} ms_u_link_ocall_t; + +typedef struct ms_u_linkat_ocall_t { + int ms_retval; + int* ms_error; + int ms_olddirfd; + const char* ms_oldpath; + int ms_newdirfd; + const char* ms_newpath; + int ms_flags; +} ms_u_linkat_ocall_t; + +typedef struct ms_u_rename_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_oldpath; + const char* ms_newpath; +} ms_u_rename_ocall_t; + +typedef struct ms_u_chmod_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + uint32_t ms_mode; +} ms_u_chmod_ocall_t; + +typedef struct ms_u_readlink_ocall_t { + size_t ms_retval; + int* ms_error; + const char* ms_path; + char* ms_buf; + size_t ms_bufsz; +} ms_u_readlink_ocall_t; + +typedef struct ms_u_symlink_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path1; + const char* ms_path2; +} ms_u_symlink_ocall_t; + +typedef struct ms_u_realpath_ocall_t { + char* ms_retval; + int* ms_error; + const char* ms_pathname; +} ms_u_realpath_ocall_t; + +typedef struct ms_u_mkdir_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_pathname; + uint32_t ms_mode; +} ms_u_mkdir_ocall_t; + +typedef struct ms_u_rmdir_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_pathname; +} ms_u_rmdir_ocall_t; + +typedef struct ms_u_opendir_ocall_t { + void* ms_retval; + int* ms_error; + const char* ms_pathname; +} ms_u_opendir_ocall_t; + +typedef struct ms_u_readdir64_r_ocall_t { + int ms_retval; + void* ms_dirp; + struct dirent64_t* ms_entry; + struct dirent64_t** ms_result; +} ms_u_readdir64_r_ocall_t; + +typedef struct ms_u_closedir_ocall_t { + int ms_retval; + int* ms_error; + void* ms_dirp; +} ms_u_closedir_ocall_t; + +typedef struct ms_u_dirfd_ocall_t { + int ms_retval; + int* ms_error; + void* ms_dirp; +} ms_u_dirfd_ocall_t; + +typedef struct ms_u_fstatat64_ocall_t { + int ms_retval; + int* ms_error; + int ms_dirfd; + const char* ms_pathname; + struct stat64_t* ms_buf; + int ms_flags; +} ms_u_fstatat64_ocall_t; + +static sgx_status_t SGX_CDECL Enclave_u_thread_set_event_ocall(void* pms) +{ + ms_u_thread_set_event_ocall_t* ms = SGX_CAST(ms_u_thread_set_event_ocall_t*, pms); + ms->ms_retval = u_thread_set_event_ocall(ms->ms_error, ms->ms_tcs); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_thread_wait_event_ocall(void* pms) +{ + ms_u_thread_wait_event_ocall_t* ms = SGX_CAST(ms_u_thread_wait_event_ocall_t*, pms); + ms->ms_retval = u_thread_wait_event_ocall(ms->ms_error, ms->ms_tcs, ms->ms_timeout); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_thread_set_multiple_events_ocall(void* pms) +{ + ms_u_thread_set_multiple_events_ocall_t* ms = SGX_CAST(ms_u_thread_set_multiple_events_ocall_t*, pms); + ms->ms_retval = u_thread_set_multiple_events_ocall(ms->ms_error, ms->ms_tcss, ms->ms_total); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_thread_setwait_events_ocall(void* pms) +{ + ms_u_thread_setwait_events_ocall_t* ms = SGX_CAST(ms_u_thread_setwait_events_ocall_t*, pms); + ms->ms_retval = u_thread_setwait_events_ocall(ms->ms_error, ms->ms_waiter_tcs, ms->ms_self_tcs, ms->ms_timeout); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_clock_gettime_ocall(void* pms) +{ + ms_u_clock_gettime_ocall_t* ms = SGX_CAST(ms_u_clock_gettime_ocall_t*, pms); + ms->ms_retval = u_clock_gettime_ocall(ms->ms_error, ms->ms_clk_id, ms->ms_tp); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_read_ocall(void* pms) +{ + ms_u_read_ocall_t* ms = SGX_CAST(ms_u_read_ocall_t*, pms); + ms->ms_retval = u_read_ocall(ms->ms_error, ms->ms_fd, ms->ms_buf, ms->ms_count); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_pread64_ocall(void* pms) +{ + ms_u_pread64_ocall_t* ms = SGX_CAST(ms_u_pread64_ocall_t*, pms); + ms->ms_retval = u_pread64_ocall(ms->ms_error, ms->ms_fd, ms->ms_buf, ms->ms_count, ms->ms_offset); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_readv_ocall(void* pms) +{ + ms_u_readv_ocall_t* ms = SGX_CAST(ms_u_readv_ocall_t*, pms); + ms->ms_retval = u_readv_ocall(ms->ms_error, ms->ms_fd, ms->ms_iov, ms->ms_iovcnt); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_preadv64_ocall(void* pms) +{ + ms_u_preadv64_ocall_t* ms = SGX_CAST(ms_u_preadv64_ocall_t*, pms); + ms->ms_retval = u_preadv64_ocall(ms->ms_error, ms->ms_fd, ms->ms_iov, ms->ms_iovcnt, ms->ms_offset); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_write_ocall(void* pms) +{ + ms_u_write_ocall_t* ms = SGX_CAST(ms_u_write_ocall_t*, pms); + ms->ms_retval = u_write_ocall(ms->ms_error, ms->ms_fd, ms->ms_buf, ms->ms_count); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_pwrite64_ocall(void* pms) +{ + ms_u_pwrite64_ocall_t* ms = SGX_CAST(ms_u_pwrite64_ocall_t*, pms); + ms->ms_retval = u_pwrite64_ocall(ms->ms_error, ms->ms_fd, ms->ms_buf, ms->ms_count, ms->ms_offset); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_writev_ocall(void* pms) +{ + ms_u_writev_ocall_t* ms = SGX_CAST(ms_u_writev_ocall_t*, pms); + ms->ms_retval = u_writev_ocall(ms->ms_error, ms->ms_fd, ms->ms_iov, ms->ms_iovcnt); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_pwritev64_ocall(void* pms) +{ + ms_u_pwritev64_ocall_t* ms = SGX_CAST(ms_u_pwritev64_ocall_t*, pms); + ms->ms_retval = u_pwritev64_ocall(ms->ms_error, ms->ms_fd, ms->ms_iov, ms->ms_iovcnt, ms->ms_offset); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_fcntl_arg0_ocall(void* pms) +{ + ms_u_fcntl_arg0_ocall_t* ms = SGX_CAST(ms_u_fcntl_arg0_ocall_t*, pms); + ms->ms_retval = u_fcntl_arg0_ocall(ms->ms_error, ms->ms_fd, ms->ms_cmd); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_fcntl_arg1_ocall(void* pms) +{ + ms_u_fcntl_arg1_ocall_t* ms = SGX_CAST(ms_u_fcntl_arg1_ocall_t*, pms); + ms->ms_retval = u_fcntl_arg1_ocall(ms->ms_error, ms->ms_fd, ms->ms_cmd, ms->ms_arg); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_ioctl_arg0_ocall(void* pms) +{ + ms_u_ioctl_arg0_ocall_t* ms = SGX_CAST(ms_u_ioctl_arg0_ocall_t*, pms); + ms->ms_retval = u_ioctl_arg0_ocall(ms->ms_error, ms->ms_fd, ms->ms_request); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_ioctl_arg1_ocall(void* pms) +{ + ms_u_ioctl_arg1_ocall_t* ms = SGX_CAST(ms_u_ioctl_arg1_ocall_t*, pms); + ms->ms_retval = u_ioctl_arg1_ocall(ms->ms_error, ms->ms_fd, ms->ms_request, ms->ms_arg); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_close_ocall(void* pms) +{ + ms_u_close_ocall_t* ms = SGX_CAST(ms_u_close_ocall_t*, pms); + ms->ms_retval = u_close_ocall(ms->ms_error, ms->ms_fd); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_malloc_ocall(void* pms) +{ + ms_u_malloc_ocall_t* ms = SGX_CAST(ms_u_malloc_ocall_t*, pms); + ms->ms_retval = u_malloc_ocall(ms->ms_error, ms->ms_size); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_free_ocall(void* pms) +{ + ms_u_free_ocall_t* ms = SGX_CAST(ms_u_free_ocall_t*, pms); + u_free_ocall(ms->ms_p); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_mmap_ocall(void* pms) +{ + ms_u_mmap_ocall_t* ms = SGX_CAST(ms_u_mmap_ocall_t*, pms); + ms->ms_retval = u_mmap_ocall(ms->ms_error, ms->ms_start, ms->ms_length, ms->ms_prot, ms->ms_flags, ms->ms_fd, ms->ms_offset); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_munmap_ocall(void* pms) +{ + ms_u_munmap_ocall_t* ms = SGX_CAST(ms_u_munmap_ocall_t*, pms); + ms->ms_retval = u_munmap_ocall(ms->ms_error, ms->ms_start, ms->ms_length); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_msync_ocall(void* pms) +{ + ms_u_msync_ocall_t* ms = SGX_CAST(ms_u_msync_ocall_t*, pms); + ms->ms_retval = u_msync_ocall(ms->ms_error, ms->ms_addr, ms->ms_length, ms->ms_flags); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_mprotect_ocall(void* pms) +{ + ms_u_mprotect_ocall_t* ms = SGX_CAST(ms_u_mprotect_ocall_t*, pms); + ms->ms_retval = u_mprotect_ocall(ms->ms_error, ms->ms_addr, ms->ms_length, ms->ms_prot); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_open_ocall(void* pms) +{ + ms_u_open_ocall_t* ms = SGX_CAST(ms_u_open_ocall_t*, pms); + ms->ms_retval = u_open_ocall(ms->ms_error, ms->ms_pathname, ms->ms_flags); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_open64_ocall(void* pms) +{ + ms_u_open64_ocall_t* ms = SGX_CAST(ms_u_open64_ocall_t*, pms); + ms->ms_retval = u_open64_ocall(ms->ms_error, ms->ms_path, ms->ms_oflag, ms->ms_mode); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_fstat_ocall(void* pms) +{ + ms_u_fstat_ocall_t* ms = SGX_CAST(ms_u_fstat_ocall_t*, pms); + ms->ms_retval = u_fstat_ocall(ms->ms_error, ms->ms_fd, ms->ms_buf); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_fstat64_ocall(void* pms) +{ + ms_u_fstat64_ocall_t* ms = SGX_CAST(ms_u_fstat64_ocall_t*, pms); + ms->ms_retval = u_fstat64_ocall(ms->ms_error, ms->ms_fd, ms->ms_buf); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_stat_ocall(void* pms) +{ + ms_u_stat_ocall_t* ms = SGX_CAST(ms_u_stat_ocall_t*, pms); + ms->ms_retval = u_stat_ocall(ms->ms_error, ms->ms_path, ms->ms_buf); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_stat64_ocall(void* pms) +{ + ms_u_stat64_ocall_t* ms = SGX_CAST(ms_u_stat64_ocall_t*, pms); + ms->ms_retval = u_stat64_ocall(ms->ms_error, ms->ms_path, ms->ms_buf); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_lstat_ocall(void* pms) +{ + ms_u_lstat_ocall_t* ms = SGX_CAST(ms_u_lstat_ocall_t*, pms); + ms->ms_retval = u_lstat_ocall(ms->ms_error, ms->ms_path, ms->ms_buf); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_lstat64_ocall(void* pms) +{ + ms_u_lstat64_ocall_t* ms = SGX_CAST(ms_u_lstat64_ocall_t*, pms); + ms->ms_retval = u_lstat64_ocall(ms->ms_error, ms->ms_path, ms->ms_buf); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_lseek_ocall(void* pms) +{ + ms_u_lseek_ocall_t* ms = SGX_CAST(ms_u_lseek_ocall_t*, pms); + ms->ms_retval = u_lseek_ocall(ms->ms_error, ms->ms_fd, ms->ms_offset, ms->ms_whence); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_lseek64_ocall(void* pms) +{ + ms_u_lseek64_ocall_t* ms = SGX_CAST(ms_u_lseek64_ocall_t*, pms); + ms->ms_retval = u_lseek64_ocall(ms->ms_error, ms->ms_fd, ms->ms_offset, ms->ms_whence); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_ftruncate_ocall(void* pms) +{ + ms_u_ftruncate_ocall_t* ms = SGX_CAST(ms_u_ftruncate_ocall_t*, pms); + ms->ms_retval = u_ftruncate_ocall(ms->ms_error, ms->ms_fd, ms->ms_length); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_ftruncate64_ocall(void* pms) +{ + ms_u_ftruncate64_ocall_t* ms = SGX_CAST(ms_u_ftruncate64_ocall_t*, pms); + ms->ms_retval = u_ftruncate64_ocall(ms->ms_error, ms->ms_fd, ms->ms_length); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_truncate_ocall(void* pms) +{ + ms_u_truncate_ocall_t* ms = SGX_CAST(ms_u_truncate_ocall_t*, pms); + ms->ms_retval = u_truncate_ocall(ms->ms_error, ms->ms_path, ms->ms_length); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_truncate64_ocall(void* pms) +{ + ms_u_truncate64_ocall_t* ms = SGX_CAST(ms_u_truncate64_ocall_t*, pms); + ms->ms_retval = u_truncate64_ocall(ms->ms_error, ms->ms_path, ms->ms_length); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_fsync_ocall(void* pms) +{ + ms_u_fsync_ocall_t* ms = SGX_CAST(ms_u_fsync_ocall_t*, pms); + ms->ms_retval = u_fsync_ocall(ms->ms_error, ms->ms_fd); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_fdatasync_ocall(void* pms) +{ + ms_u_fdatasync_ocall_t* ms = SGX_CAST(ms_u_fdatasync_ocall_t*, pms); + ms->ms_retval = u_fdatasync_ocall(ms->ms_error, ms->ms_fd); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_fchmod_ocall(void* pms) +{ + ms_u_fchmod_ocall_t* ms = SGX_CAST(ms_u_fchmod_ocall_t*, pms); + ms->ms_retval = u_fchmod_ocall(ms->ms_error, ms->ms_fd, ms->ms_mode); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_unlink_ocall(void* pms) +{ + ms_u_unlink_ocall_t* ms = SGX_CAST(ms_u_unlink_ocall_t*, pms); + ms->ms_retval = u_unlink_ocall(ms->ms_error, ms->ms_pathname); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_link_ocall(void* pms) +{ + ms_u_link_ocall_t* ms = SGX_CAST(ms_u_link_ocall_t*, pms); + ms->ms_retval = u_link_ocall(ms->ms_error, ms->ms_oldpath, ms->ms_newpath); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_linkat_ocall(void* pms) +{ + ms_u_linkat_ocall_t* ms = SGX_CAST(ms_u_linkat_ocall_t*, pms); + ms->ms_retval = u_linkat_ocall(ms->ms_error, ms->ms_olddirfd, ms->ms_oldpath, ms->ms_newdirfd, ms->ms_newpath, ms->ms_flags); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_rename_ocall(void* pms) +{ + ms_u_rename_ocall_t* ms = SGX_CAST(ms_u_rename_ocall_t*, pms); + ms->ms_retval = u_rename_ocall(ms->ms_error, ms->ms_oldpath, ms->ms_newpath); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_chmod_ocall(void* pms) +{ + ms_u_chmod_ocall_t* ms = SGX_CAST(ms_u_chmod_ocall_t*, pms); + ms->ms_retval = u_chmod_ocall(ms->ms_error, ms->ms_path, ms->ms_mode); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_readlink_ocall(void* pms) +{ + ms_u_readlink_ocall_t* ms = SGX_CAST(ms_u_readlink_ocall_t*, pms); + ms->ms_retval = u_readlink_ocall(ms->ms_error, ms->ms_path, ms->ms_buf, ms->ms_bufsz); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_symlink_ocall(void* pms) +{ + ms_u_symlink_ocall_t* ms = SGX_CAST(ms_u_symlink_ocall_t*, pms); + ms->ms_retval = u_symlink_ocall(ms->ms_error, ms->ms_path1, ms->ms_path2); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_realpath_ocall(void* pms) +{ + ms_u_realpath_ocall_t* ms = SGX_CAST(ms_u_realpath_ocall_t*, pms); + ms->ms_retval = u_realpath_ocall(ms->ms_error, ms->ms_pathname); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_mkdir_ocall(void* pms) +{ + ms_u_mkdir_ocall_t* ms = SGX_CAST(ms_u_mkdir_ocall_t*, pms); + ms->ms_retval = u_mkdir_ocall(ms->ms_error, ms->ms_pathname, ms->ms_mode); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_rmdir_ocall(void* pms) +{ + ms_u_rmdir_ocall_t* ms = SGX_CAST(ms_u_rmdir_ocall_t*, pms); + ms->ms_retval = u_rmdir_ocall(ms->ms_error, ms->ms_pathname); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_opendir_ocall(void* pms) +{ + ms_u_opendir_ocall_t* ms = SGX_CAST(ms_u_opendir_ocall_t*, pms); + ms->ms_retval = u_opendir_ocall(ms->ms_error, ms->ms_pathname); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_readdir64_r_ocall(void* pms) +{ + ms_u_readdir64_r_ocall_t* ms = SGX_CAST(ms_u_readdir64_r_ocall_t*, pms); + ms->ms_retval = u_readdir64_r_ocall(ms->ms_dirp, ms->ms_entry, ms->ms_result); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_closedir_ocall(void* pms) +{ + ms_u_closedir_ocall_t* ms = SGX_CAST(ms_u_closedir_ocall_t*, pms); + ms->ms_retval = u_closedir_ocall(ms->ms_error, ms->ms_dirp); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_dirfd_ocall(void* pms) +{ + ms_u_dirfd_ocall_t* ms = SGX_CAST(ms_u_dirfd_ocall_t*, pms); + ms->ms_retval = u_dirfd_ocall(ms->ms_error, ms->ms_dirp); + + return SGX_SUCCESS; +} + +static sgx_status_t SGX_CDECL Enclave_u_fstatat64_ocall(void* pms) +{ + ms_u_fstatat64_ocall_t* ms = SGX_CAST(ms_u_fstatat64_ocall_t*, pms); + ms->ms_retval = u_fstatat64_ocall(ms->ms_error, ms->ms_dirfd, ms->ms_pathname, ms->ms_buf, ms->ms_flags); + + return SGX_SUCCESS; +} + +static const struct { + size_t nr_ocall; + void * table[56]; +} ocall_table_Enclave = { + 56, + { + (void*)Enclave_u_thread_set_event_ocall, + (void*)Enclave_u_thread_wait_event_ocall, + (void*)Enclave_u_thread_set_multiple_events_ocall, + (void*)Enclave_u_thread_setwait_events_ocall, + (void*)Enclave_u_clock_gettime_ocall, + (void*)Enclave_u_read_ocall, + (void*)Enclave_u_pread64_ocall, + (void*)Enclave_u_readv_ocall, + (void*)Enclave_u_preadv64_ocall, + (void*)Enclave_u_write_ocall, + (void*)Enclave_u_pwrite64_ocall, + (void*)Enclave_u_writev_ocall, + (void*)Enclave_u_pwritev64_ocall, + (void*)Enclave_u_fcntl_arg0_ocall, + (void*)Enclave_u_fcntl_arg1_ocall, + (void*)Enclave_u_ioctl_arg0_ocall, + (void*)Enclave_u_ioctl_arg1_ocall, + (void*)Enclave_u_close_ocall, + (void*)Enclave_u_malloc_ocall, + (void*)Enclave_u_free_ocall, + (void*)Enclave_u_mmap_ocall, + (void*)Enclave_u_munmap_ocall, + (void*)Enclave_u_msync_ocall, + (void*)Enclave_u_mprotect_ocall, + (void*)Enclave_u_open_ocall, + (void*)Enclave_u_open64_ocall, + (void*)Enclave_u_fstat_ocall, + (void*)Enclave_u_fstat64_ocall, + (void*)Enclave_u_stat_ocall, + (void*)Enclave_u_stat64_ocall, + (void*)Enclave_u_lstat_ocall, + (void*)Enclave_u_lstat64_ocall, + (void*)Enclave_u_lseek_ocall, + (void*)Enclave_u_lseek64_ocall, + (void*)Enclave_u_ftruncate_ocall, + (void*)Enclave_u_ftruncate64_ocall, + (void*)Enclave_u_truncate_ocall, + (void*)Enclave_u_truncate64_ocall, + (void*)Enclave_u_fsync_ocall, + (void*)Enclave_u_fdatasync_ocall, + (void*)Enclave_u_fchmod_ocall, + (void*)Enclave_u_unlink_ocall, + (void*)Enclave_u_link_ocall, + (void*)Enclave_u_linkat_ocall, + (void*)Enclave_u_rename_ocall, + (void*)Enclave_u_chmod_ocall, + (void*)Enclave_u_readlink_ocall, + (void*)Enclave_u_symlink_ocall, + (void*)Enclave_u_realpath_ocall, + (void*)Enclave_u_mkdir_ocall, + (void*)Enclave_u_rmdir_ocall, + (void*)Enclave_u_opendir_ocall, + (void*)Enclave_u_readdir64_r_ocall, + (void*)Enclave_u_closedir_ocall, + (void*)Enclave_u_dirfd_ocall, + (void*)Enclave_u_fstatat64_ocall, + } +}; +sgx_status_t ecall_test(sgx_enclave_id_t eid, sgx_status_t* retval, const uint8_t* some_string, size_t len) +{ + sgx_status_t status; + ms_ecall_test_t ms; + ms.ms_some_string = some_string; + ms.ms_len = len; + status = sgx_ecall(eid, 0, &ocall_table_Enclave, &ms); + if (status == SGX_SUCCESS && retval) *retval = ms.ms_retval; + return status; +} + +sgx_status_t t_global_init_ecall(sgx_enclave_id_t eid, uint64_t id, const uint8_t* path, size_t len) +{ + sgx_status_t status; + ms_t_global_init_ecall_t ms; + ms.ms_id = id; + ms.ms_path = path; + ms.ms_len = len; + status = sgx_ecall(eid, 1, &ocall_table_Enclave, &ms); + return status; +} + +sgx_status_t t_global_exit_ecall(sgx_enclave_id_t eid) +{ + sgx_status_t status; + status = sgx_ecall(eid, 2, &ocall_table_Enclave, NULL); + return status; +} + diff --git a/rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.h b/rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.h new file mode 100644 index 0000000..701aeb0 --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.h @@ -0,0 +1,257 @@ +#ifndef ENCLAVE_U_H__ +#define ENCLAVE_U_H__ + +#include +#include +#include +#include +#include "sgx_edger8r.h" /* for sgx_status_t etc. */ + +#include "time.h" +#include "inc/stat.h" +#include "sys/uio.h" +#include "inc/stat.h" +#include "inc/dirent.h" + +#include /* for size_t */ + +#define SGX_CAST(type, item) ((type)(item)) + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef U_THREAD_SET_EVENT_OCALL_DEFINED__ +#define U_THREAD_SET_EVENT_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_thread_set_event_ocall, (int* error, const void* tcs)); +#endif +#ifndef U_THREAD_WAIT_EVENT_OCALL_DEFINED__ +#define U_THREAD_WAIT_EVENT_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_thread_wait_event_ocall, (int* error, const void* tcs, const struct timespec* timeout)); +#endif +#ifndef U_THREAD_SET_MULTIPLE_EVENTS_OCALL_DEFINED__ +#define U_THREAD_SET_MULTIPLE_EVENTS_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_thread_set_multiple_events_ocall, (int* error, const void** tcss, int total)); +#endif +#ifndef U_THREAD_SETWAIT_EVENTS_OCALL_DEFINED__ +#define U_THREAD_SETWAIT_EVENTS_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_thread_setwait_events_ocall, (int* error, const void* waiter_tcs, const void* self_tcs, const struct timespec* timeout)); +#endif +#ifndef U_CLOCK_GETTIME_OCALL_DEFINED__ +#define U_CLOCK_GETTIME_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_clock_gettime_ocall, (int* error, int clk_id, struct timespec* tp)); +#endif +#ifndef U_READ_OCALL_DEFINED__ +#define U_READ_OCALL_DEFINED__ +size_t SGX_UBRIDGE(SGX_NOCONVENTION, u_read_ocall, (int* error, int fd, void* buf, size_t count)); +#endif +#ifndef U_PREAD64_OCALL_DEFINED__ +#define U_PREAD64_OCALL_DEFINED__ +size_t SGX_UBRIDGE(SGX_NOCONVENTION, u_pread64_ocall, (int* error, int fd, void* buf, size_t count, int64_t offset)); +#endif +#ifndef U_READV_OCALL_DEFINED__ +#define U_READV_OCALL_DEFINED__ +size_t SGX_UBRIDGE(SGX_NOCONVENTION, u_readv_ocall, (int* error, int fd, const struct iovec* iov, int iovcnt)); +#endif +#ifndef U_PREADV64_OCALL_DEFINED__ +#define U_PREADV64_OCALL_DEFINED__ +size_t SGX_UBRIDGE(SGX_NOCONVENTION, u_preadv64_ocall, (int* error, int fd, const struct iovec* iov, int iovcnt, int64_t offset)); +#endif +#ifndef U_WRITE_OCALL_DEFINED__ +#define U_WRITE_OCALL_DEFINED__ +size_t SGX_UBRIDGE(SGX_NOCONVENTION, u_write_ocall, (int* error, int fd, const void* buf, size_t count)); +#endif +#ifndef U_PWRITE64_OCALL_DEFINED__ +#define U_PWRITE64_OCALL_DEFINED__ +size_t SGX_UBRIDGE(SGX_NOCONVENTION, u_pwrite64_ocall, (int* error, int fd, const void* buf, size_t count, int64_t offset)); +#endif +#ifndef U_WRITEV_OCALL_DEFINED__ +#define U_WRITEV_OCALL_DEFINED__ +size_t SGX_UBRIDGE(SGX_NOCONVENTION, u_writev_ocall, (int* error, int fd, const struct iovec* iov, int iovcnt)); +#endif +#ifndef U_PWRITEV64_OCALL_DEFINED__ +#define U_PWRITEV64_OCALL_DEFINED__ +size_t SGX_UBRIDGE(SGX_NOCONVENTION, u_pwritev64_ocall, (int* error, int fd, const struct iovec* iov, int iovcnt, int64_t offset)); +#endif +#ifndef U_FCNTL_ARG0_OCALL_DEFINED__ +#define U_FCNTL_ARG0_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_fcntl_arg0_ocall, (int* error, int fd, int cmd)); +#endif +#ifndef U_FCNTL_ARG1_OCALL_DEFINED__ +#define U_FCNTL_ARG1_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_fcntl_arg1_ocall, (int* error, int fd, int cmd, int arg)); +#endif +#ifndef U_IOCTL_ARG0_OCALL_DEFINED__ +#define U_IOCTL_ARG0_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_ioctl_arg0_ocall, (int* error, int fd, int request)); +#endif +#ifndef U_IOCTL_ARG1_OCALL_DEFINED__ +#define U_IOCTL_ARG1_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_ioctl_arg1_ocall, (int* error, int fd, int request, int* arg)); +#endif +#ifndef U_CLOSE_OCALL_DEFINED__ +#define U_CLOSE_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_close_ocall, (int* error, int fd)); +#endif +#ifndef U_MALLOC_OCALL_DEFINED__ +#define U_MALLOC_OCALL_DEFINED__ +void* SGX_UBRIDGE(SGX_NOCONVENTION, u_malloc_ocall, (int* error, size_t size)); +#endif +#ifndef U_FREE_OCALL_DEFINED__ +#define U_FREE_OCALL_DEFINED__ +void SGX_UBRIDGE(SGX_NOCONVENTION, u_free_ocall, (void* p)); +#endif +#ifndef U_MMAP_OCALL_DEFINED__ +#define U_MMAP_OCALL_DEFINED__ +void* SGX_UBRIDGE(SGX_NOCONVENTION, u_mmap_ocall, (int* error, void* start, size_t length, int prot, int flags, int fd, int64_t offset)); +#endif +#ifndef U_MUNMAP_OCALL_DEFINED__ +#define U_MUNMAP_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_munmap_ocall, (int* error, void* start, size_t length)); +#endif +#ifndef U_MSYNC_OCALL_DEFINED__ +#define U_MSYNC_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_msync_ocall, (int* error, void* addr, size_t length, int flags)); +#endif +#ifndef U_MPROTECT_OCALL_DEFINED__ +#define U_MPROTECT_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_mprotect_ocall, (int* error, void* addr, size_t length, int prot)); +#endif +#ifndef U_OPEN_OCALL_DEFINED__ +#define U_OPEN_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_open_ocall, (int* error, const char* pathname, int flags)); +#endif +#ifndef U_OPEN64_OCALL_DEFINED__ +#define U_OPEN64_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_open64_ocall, (int* error, const char* path, int oflag, int mode)); +#endif +#ifndef U_FSTAT_OCALL_DEFINED__ +#define U_FSTAT_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_fstat_ocall, (int* error, int fd, struct stat_t* buf)); +#endif +#ifndef U_FSTAT64_OCALL_DEFINED__ +#define U_FSTAT64_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_fstat64_ocall, (int* error, int fd, struct stat64_t* buf)); +#endif +#ifndef U_STAT_OCALL_DEFINED__ +#define U_STAT_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_stat_ocall, (int* error, const char* path, struct stat_t* buf)); +#endif +#ifndef U_STAT64_OCALL_DEFINED__ +#define U_STAT64_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_stat64_ocall, (int* error, const char* path, struct stat64_t* buf)); +#endif +#ifndef U_LSTAT_OCALL_DEFINED__ +#define U_LSTAT_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_lstat_ocall, (int* error, const char* path, struct stat_t* buf)); +#endif +#ifndef U_LSTAT64_OCALL_DEFINED__ +#define U_LSTAT64_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_lstat64_ocall, (int* error, const char* path, struct stat64_t* buf)); +#endif +#ifndef U_LSEEK_OCALL_DEFINED__ +#define U_LSEEK_OCALL_DEFINED__ +uint64_t SGX_UBRIDGE(SGX_NOCONVENTION, u_lseek_ocall, (int* error, int fd, int64_t offset, int whence)); +#endif +#ifndef U_LSEEK64_OCALL_DEFINED__ +#define U_LSEEK64_OCALL_DEFINED__ +int64_t SGX_UBRIDGE(SGX_NOCONVENTION, u_lseek64_ocall, (int* error, int fd, int64_t offset, int whence)); +#endif +#ifndef U_FTRUNCATE_OCALL_DEFINED__ +#define U_FTRUNCATE_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_ftruncate_ocall, (int* error, int fd, int64_t length)); +#endif +#ifndef U_FTRUNCATE64_OCALL_DEFINED__ +#define U_FTRUNCATE64_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_ftruncate64_ocall, (int* error, int fd, int64_t length)); +#endif +#ifndef U_TRUNCATE_OCALL_DEFINED__ +#define U_TRUNCATE_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_truncate_ocall, (int* error, const char* path, int64_t length)); +#endif +#ifndef U_TRUNCATE64_OCALL_DEFINED__ +#define U_TRUNCATE64_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_truncate64_ocall, (int* error, const char* path, int64_t length)); +#endif +#ifndef U_FSYNC_OCALL_DEFINED__ +#define U_FSYNC_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_fsync_ocall, (int* error, int fd)); +#endif +#ifndef U_FDATASYNC_OCALL_DEFINED__ +#define U_FDATASYNC_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_fdatasync_ocall, (int* error, int fd)); +#endif +#ifndef U_FCHMOD_OCALL_DEFINED__ +#define U_FCHMOD_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_fchmod_ocall, (int* error, int fd, uint32_t mode)); +#endif +#ifndef U_UNLINK_OCALL_DEFINED__ +#define U_UNLINK_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_unlink_ocall, (int* error, const char* pathname)); +#endif +#ifndef U_LINK_OCALL_DEFINED__ +#define U_LINK_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_link_ocall, (int* error, const char* oldpath, const char* newpath)); +#endif +#ifndef U_LINKAT_OCALL_DEFINED__ +#define U_LINKAT_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_linkat_ocall, (int* error, int olddirfd, const char* oldpath, int newdirfd, const char* newpath, int flags)); +#endif +#ifndef U_RENAME_OCALL_DEFINED__ +#define U_RENAME_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_rename_ocall, (int* error, const char* oldpath, const char* newpath)); +#endif +#ifndef U_CHMOD_OCALL_DEFINED__ +#define U_CHMOD_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_chmod_ocall, (int* error, const char* path, uint32_t mode)); +#endif +#ifndef U_READLINK_OCALL_DEFINED__ +#define U_READLINK_OCALL_DEFINED__ +size_t SGX_UBRIDGE(SGX_NOCONVENTION, u_readlink_ocall, (int* error, const char* path, char* buf, size_t bufsz)); +#endif +#ifndef U_SYMLINK_OCALL_DEFINED__ +#define U_SYMLINK_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_symlink_ocall, (int* error, const char* path1, const char* path2)); +#endif +#ifndef U_REALPATH_OCALL_DEFINED__ +#define U_REALPATH_OCALL_DEFINED__ +char* SGX_UBRIDGE(SGX_NOCONVENTION, u_realpath_ocall, (int* error, const char* pathname)); +#endif +#ifndef U_MKDIR_OCALL_DEFINED__ +#define U_MKDIR_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_mkdir_ocall, (int* error, const char* pathname, uint32_t mode)); +#endif +#ifndef U_RMDIR_OCALL_DEFINED__ +#define U_RMDIR_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_rmdir_ocall, (int* error, const char* pathname)); +#endif +#ifndef U_OPENDIR_OCALL_DEFINED__ +#define U_OPENDIR_OCALL_DEFINED__ +void* SGX_UBRIDGE(SGX_NOCONVENTION, u_opendir_ocall, (int* error, const char* pathname)); +#endif +#ifndef U_READDIR64_R_OCALL_DEFINED__ +#define U_READDIR64_R_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_readdir64_r_ocall, (void* dirp, struct dirent64_t* entry, struct dirent64_t** result)); +#endif +#ifndef U_CLOSEDIR_OCALL_DEFINED__ +#define U_CLOSEDIR_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_closedir_ocall, (int* error, void* dirp)); +#endif +#ifndef U_DIRFD_OCALL_DEFINED__ +#define U_DIRFD_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_dirfd_ocall, (int* error, void* dirp)); +#endif +#ifndef U_FSTATAT64_OCALL_DEFINED__ +#define U_FSTATAT64_OCALL_DEFINED__ +int SGX_UBRIDGE(SGX_NOCONVENTION, u_fstatat64_ocall, (int* error, int dirfd, const char* pathname, struct stat64_t* buf, int flags)); +#endif + +sgx_status_t ecall_test(sgx_enclave_id_t eid, sgx_status_t* retval, const uint8_t* some_string, size_t len); +sgx_status_t t_global_init_ecall(sgx_enclave_id_t eid, uint64_t id, const uint8_t* path, size_t len); +sgx_status_t t_global_exit_ecall(sgx_enclave_id_t eid); + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif diff --git a/rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.rs b/rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.rs new file mode 100644 index 0000000..06883f4 --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/app/codegen/Enclave_u.rs @@ -0,0 +1,12 @@ +/* automatically generated by rust-bindgen 0.59.1 */ + +use sgx_types::*; + +extern "C" { + pub fn ecall_test( + eid: sgx_enclave_id_t, + retval: *mut sgx_status_t, + some_string: *const u8, + len: size_t, + ) -> sgx_status_t; +} diff --git a/rust-sgx-workspace/projects/ntc-tee-server/app/src/main.rs b/rust-sgx-workspace/projects/ntc-tee-server/app/src/main.rs new file mode 100644 index 0000000..1b3d152 --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/app/src/main.rs @@ -0,0 +1,74 @@ +extern crate sgx_types; +extern crate sgx_urts; + +#[path = "../codegen/Enclave_u.rs"] +mod enclave_u; + +use enclave_u::ecall_test; +use sgx_types::{ + sgx_attributes_t, + sgx_launch_token_t, + sgx_misc_attribute_t, + sgx_status_t, + SgxResult, +}; +use sgx_urts::SgxEnclave; + +static ENCLAVE_FILE: &str = "enclave.signed.so"; + +fn init_enclave() -> SgxResult { + let mut launch_token: sgx_launch_token_t = [0; 1024]; + let mut launch_token_updated: i32 = 0; + // call sgx_create_enclave to initialize an enclave instance + // Debug Support: set 2nd parameter to 1 + let debug = 1; + let mut misc_attr = sgx_misc_attribute_t { + secs_attr: sgx_attributes_t { flags: 0, xfrm: 0 }, + misc_select: 0, + }; + SgxEnclave::create( + ENCLAVE_FILE, + debug, + &mut launch_token, + &mut launch_token_updated, + &mut misc_attr, + ) +} + +fn main() { + let enclave = match init_enclave() { + Ok(r) => { + println!("[+] Init Enclave Successful {}!", r.geteid()); + r + } + Err(x) => { + println!("[-] Init Enclave Failed {}!", x.as_str()); + return; + } + }; + + let input_string = String::from("Sending this string to the enclave then printing it\n"); + + let mut retval = sgx_status_t::SGX_SUCCESS; + + let result = unsafe { + ecall_test( + enclave.geteid(), + &mut retval, + input_string.as_ptr() as *const u8, + input_string.len(), + ) + }; + + match result { + sgx_status_t::SGX_SUCCESS => {} + _ => { + println!("[-] ECALL Enclave Failed {}!", result.as_str()); + return; + } + } + + println!("[+] ecall_test success..."); + + enclave.destroy(); +} diff --git a/rust-sgx-workspace/projects/ntc-tee-server/buildenv.mk b/rust-sgx-workspace/projects/ntc-tee-server/buildenv.mk new file mode 100644 index 0000000..a86675e --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/buildenv.mk @@ -0,0 +1,167 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License.. +# +# + +CP := /bin/cp -f +MKDIR := mkdir -p +STRIP := strip +OBJCOPY := objcopy + +# clean the content of 'INCLUDE' - this variable will be set by vcvars32.bat +# thus it will cause build error when this variable is used by our Makefile, +# when compiling the code under Cygwin tainted by MSVC environment settings. +INCLUDE := + +# turn on stack protector for SDK +COMMON_FLAGS += -fstack-protector + +ifdef DEBUG + COMMON_FLAGS += -O0 -g -DDEBUG -UNDEBUG +else + COMMON_FLAGS += -O2 -D_FORTIFY_SOURCE=2 -UDEBUG -DNDEBUG +endif + +# turn on compiler warnings as much as possible +COMMON_FLAGS += -Wall -Wextra -Winit-self -Wpointer-arith -Wreturn-type \ + -Waddress -Wsequence-point -Wformat-security \ + -Wmissing-include-dirs -Wfloat-equal -Wundef -Wshadow \ + -Wcast-align -Wconversion -Wredundant-decls + +# additional warnings flags for C +CFLAGS += -Wjump-misses-init -Wstrict-prototypes -Wunsuffixed-float-constants + +# additional warnings flags for C++ +CXXFLAGS += -Wnon-virtual-dtor + +# for static_assert() +CXXFLAGS += -std=c++0x + +.DEFAULT_GOAL := all +# this turns off the RCS / SCCS implicit rules of GNU Make +% : RCS/%,v +% : RCS/% +% : %,v +% : s.% +% : SCCS/s.% + +# If a rule fails, delete $@. +.DELETE_ON_ERROR: + +HOST_FILE_PROGRAM := file + +UNAME := $(shell uname -m) +ifneq (,$(findstring 86,$(UNAME))) + HOST_ARCH := x86 + ifneq (,$(shell $(HOST_FILE_PROGRAM) -L $(SHELL) | grep 'x86[_-]64')) + HOST_ARCH := x86_64 + endif +else + $(info Unknown host CPU arhitecture $(UNAME)) + $(error Aborting) +endif + + +ifeq "$(findstring __INTEL_COMPILER, $(shell $(CC) -E -dM -xc /dev/null))" "__INTEL_COMPILER" + ifeq ($(shell test -f /usr/bin/dpkg; echo $$?), 0) + ADDED_INC := -I /usr/include/$(shell dpkg-architecture -qDEB_BUILD_MULTIARCH) + endif +endif + +ARCH := $(HOST_ARCH) +ifeq "$(findstring -m32, $(CXXFLAGS))" "-m32" + ARCH := x86 +endif + +ifeq ($(ARCH), x86) +COMMON_FLAGS += -DITT_ARCH_IA32 +else +COMMON_FLAGS += -DITT_ARCH_IA64 +endif + +CFLAGS += $(COMMON_FLAGS) +CXXFLAGS += $(COMMON_FLAGS) + +# Enable the security flags +COMMON_LDFLAGS := -Wl,-z,relro,-z,now,-z,noexecstack + +# mitigation options +MITIGATION_INDIRECT ?= 0 +MITIGATION_RET ?= 0 +MITIGATION_C ?= 0 +MITIGATION_ASM ?= 0 +MITIGATION_AFTERLOAD ?= 0 +MITIGATION_LIB_PATH := + +ifeq ($(MITIGATION-CVE-2020-0551), LOAD) + MITIGATION_C := 1 + MITIGATION_ASM := 1 + MITIGATION_INDIRECT := 1 + MITIGATION_RET := 1 + MITIGATION_AFTERLOAD := 1 + MITIGATION_LIB_PATH := cve_2020_0551_load +else ifeq ($(MITIGATION-CVE-2020-0551), CF) + MITIGATION_C := 1 + MITIGATION_ASM := 1 + MITIGATION_INDIRECT := 1 + MITIGATION_RET := 1 + MITIGATION_AFTERLOAD := 0 + MITIGATION_LIB_PATH := cve_2020_0551_cf +endif + +MITIGATION_CFLAGS := +MITIGATION_ASFLAGS := +ifeq ($(MITIGATION_C), 1) +ifeq ($(MITIGATION_INDIRECT), 1) + MITIGATION_CFLAGS += -mindirect-branch-register +endif +ifeq ($(MITIGATION_RET), 1) + MITIGATION_CFLAGS += -mfunction-return=thunk-extern +endif +endif + +ifeq ($(MITIGATION_ASM), 1) + MITIGATION_ASFLAGS += -fno-plt +ifeq ($(MITIGATION_AFTERLOAD), 1) + MITIGATION_ASFLAGS += -Wa,-mlfence-after-load=yes +else + MITIGATION_ASFLAGS += -Wa,-mlfence-before-indirect-branch=register +endif +ifeq ($(MITIGATION_RET), 1) + MITIGATION_ASFLAGS += -Wa,-mlfence-before-ret=not +endif +endif + +MITIGATION_CFLAGS += $(MITIGATION_ASFLAGS) + +# Compiler and linker options for an Enclave +# +# We are using '--export-dynamic' so that `g_global_data_sim' etc. +# will be exported to dynamic symbol table. +# +# When `pie' is enabled, the linker (both BFD and Gold) under Ubuntu 14.04 +# will hide all symbols from dynamic symbol table even if they are marked +# as `global' in the LD version script. +ENCLAVE_CFLAGS = -ffreestanding -nostdinc -fvisibility=hidden -fpie -fno-strict-overflow -fno-delete-null-pointer-checks +ENCLAVE_CXXFLAGS = $(ENCLAVE_CFLAGS) -nostdinc++ +ENCLAVE_LDFLAGS = $(COMMON_LDFLAGS) -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \ + -Wl,-pie,-eenclave_entry -Wl,--export-dynamic \ + -Wl,--gc-sections \ + -Wl,--defsym,__ImageBase=0 + +ENCLAVE_CFLAGS += $(MITIGATION_CFLAGS) +ENCLAVE_ASFLAGS = $(MITIGATION_ASFLAGS) \ No newline at end of file diff --git a/rust-sgx-workspace/projects/ntc-tee-server/buildenv_sgx.mk b/rust-sgx-workspace/projects/ntc-tee-server/buildenv_sgx.mk new file mode 100644 index 0000000..4ec0119 --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/buildenv_sgx.mk @@ -0,0 +1,49 @@ +SGX_SDK ?= /opt/sgxsdk + +# Directly imported from the original Intel SGX samples, helpful to detect the system architecture + +ifeq ($(shell getconf LONG_BIT), 32) + SGX_ARCH := x86 +else ifeq ($(findstring -m32, $(CXXFLAGS)), -m32) + SGX_ARCH := x86 +endif + +ifeq ($(SGX_ARCH), x86) + SGX_COMMON_CFLAGS := -m32 + SGX_LIBRARY_PATH := $(SGX_SDK)/lib + SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x86/sgx_sign + SGX_EDGER8R := $(SGX_SDK)/bin/x86/sgx_edger8r +else + SGX_COMMON_CFLAGS := -m64 + SGX_LIBRARY_PATH := $(SGX_SDK)/lib64 + SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x64/sgx_sign + SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r +endif + +# If specified, software / simulation mode. Otherwise, hardware mode no matter what. + +ifeq ($(SGX_MODE), SW) + TRTS_LIB := sgx_trts_sim + SERVICE_LIB := sgx_tservice_sim +endif + +# If debug mode, we can set up extra options such as the debug flags + +ifeq ($(SGX_DEBUG), 1) + SGX_COMMON_CFLAGS += -O0 -g +else + SGX_COMMON_CFLAGS += -O2 +endif + +# Show helpful error messages if main environment variables are not set. + +$(SGX_EDGER8R): + $(error "$@" does not exist. (Is SGX_SDK set correctly?)) + +ifndef CUSTOM_EDL_PATH +$(error CUSTOM_EDL_PATH not set) +endif + +ifndef CUSTOM_COMMON_PATH +$(error CUSTOM_COMMON_PATH not set) +endif diff --git a/rust-sgx-workspace/projects/ntc-tee-server/enclave/.gitignore b/rust-sgx-workspace/projects/ntc-tee-server/enclave/.gitignore new file mode 100644 index 0000000..ea8c4bf --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/enclave/.gitignore @@ -0,0 +1 @@ +/target diff --git a/rust-sgx-workspace/projects/ntc-tee-server/enclave/Cargo.toml b/rust-sgx-workspace/projects/ntc-tee-server/enclave/Cargo.toml new file mode 100644 index 0000000..70772aa --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/enclave/Cargo.toml @@ -0,0 +1,16 @@ +[package] +# name matches ENCLAVE_CARGO_LIB in Makefile +name = "ntc-tee-server-enclave" +version = "0.1.0" +edition = "2021" + +[lib] +crate-type = ["staticlib"] +test = false + +[features] +default = [] + +[dependencies] +sgx_types = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk" } +sgx_tstd = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk", features = ["backtrace"] } diff --git a/rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.config.xml b/rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.config.xml new file mode 100644 index 0000000..ee4c3f7 --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.config.xml @@ -0,0 +1,12 @@ + + + 0 + 0 + 0x40000 + 0x100000 + 1 + 1 + 0 + 0 + 0xFFFFFFFF + diff --git a/rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.edl b/rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.edl new file mode 100644 index 0000000..740d877 --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.edl @@ -0,0 +1,11 @@ +enclave { + from "sgx_tstd.edl" import *; + from "sgx_backtrace.edl" import *; + trusted + { + public sgx_status_t ecall_test([in, size=len] const uint8_t* some_string, size_t len); + }; + untrusted + { + }; +}; diff --git a/rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.lds b/rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.lds new file mode 100644 index 0000000..e3d9d0e --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/enclave/Enclave.lds @@ -0,0 +1,9 @@ +enclave.so +{ + global: + g_global_data_sim; + g_global_data; + enclave_entry; + local: + *; +}; diff --git a/rust-sgx-workspace/projects/ntc-tee-server/enclave/Makefile b/rust-sgx-workspace/projects/ntc-tee-server/enclave/Makefile new file mode 100644 index 0000000..439358a --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/enclave/Makefile @@ -0,0 +1,118 @@ +# Makefile settings + +APP_T_SIGNED = enclave.signed.so +KEYS = ../keys +LIB = ../build/lib/ +BIN = ../build/bin/ +APP_T = enclave.so +NAME_T = libenclave.a +SRC_U = ../app/ +SRC_T = ./ +CODEGEN_T = $(SRC_T)/codegen/ +OBJ_T = ../build/obj/ +FLAGS = -Wall -Wextra +GCC_STEP1_T = -fstack-protector -I$(CUSTOM_COMMON_PATH)/inc -I$(CUSTOM_EDL_PATH) -I$(SGX_SDK)/include \ + -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport -I$(SGX_SDK)/include/epid -I $(CODEGEN_T) \ + -L$(LIB) $(ENCLAVE_CFLAGS) $(SGX_COMMON_CFLAGS) +GCC_STEP2_T = -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \ + -Wl,--whole-archive -l$(TRTS_LIB) -Wl,--no-whole-archive \ + -Wl,--start-group -lsgx_tstdc -l$(SERVICE_LIB) -lsgx_tcrypto -L$(LIB) -lenclave -Wl,--end-group \ + -Wl,--version-script=$(SRC_T)Enclave.lds $(ENCLAVE_LDFLAGS) +FILES_T = Enclave_t.c +FILES_T_H = Enclave_t.h +EDL_FILE = Enclave.edl +ENCLAVE_CONFIG = Enclave.config.xml +SGX_ARCH = x64 +TRTS_LIB = sgx_trts +SERVICE_LIB = sgx_tservice +# ENCLAVE_CARGO_LIB matches name in Cargo.toml +ENCLAVE_CARGO_LIB=libntc_tee_server_enclave.a +# Addprefix dependant variables, no need to change those +OUTPUT_T = $(FILES_T:.c=.o) +NAME = $(addprefix $(BIN), $(APP_T_SIGNED)) +BIN_T = $(addprefix $(BIN), $(APP_T)) +NAME_T_D = $(addprefix $(LIB), $(NAME_T)) +OUTPUT_W_FU=$(addprefix $(OBJ_U), $(OUTPUT_U)) +FILES_T_F=$(addprefix $(CODEGEN_T), $(FILES_T)) +FILES_T_H_F=$(addprefix $(CODEGEN_T), $(FILES_T_H)) +FILES_T_F_RUST=$(addprefix $(SRC_T), $(FILES_T_RUST)) +OUTPUT_W_FT=$(addprefix $(OBJ_T), $(OUTPUT_T)) + +# All Rust and other source files that the Cargo build depends on. +FILES_RUST_F = Cargo.toml ../../../Cargo.lock $(shell find src -name '*.rs') + +# Contains compilation rules for the enclave part + +include ../buildenv.mk +include ../buildenv_sgx.mk + +# Custom header files and EDL paths needs to be specified with make (CUSTOM_EDL_PATH) (CUSTOM_COMMON_PATH) + +ifeq ($(MITIGATION-CVE-2020-0551), LOAD) +export MITIGATION_CVE_2020_0551=LOAD +else ifeq ($(MITIGATION-CVE-2020-0551), CF) +export MITIGATION_CVE_2020_0551=CF +endif + +# Compilation process, we set up all the dependencies needed to have the correct order of build, and avoid relink + +all: $(NAME) + +# We print the compilation mode we're in (hardware/software mode), just as a reminder. + +$(NAME): $(BIN_T) $(KEYS)/Enclave_private.pem +ifeq ($(SGX_MODE), SW) + @echo "\033[32mSoftware / Simulation mode\033[0m" +else + @echo "\033[32mHardware mode\033[0m" +endif + @echo "\033[32mSigning the enclave...\033[0m" + @mkdir -p $(BIN) + @$(SGX_ENCLAVE_SIGNER) sign -key $(KEYS)/Enclave_private.pem -enclave $(BIN_T) -out $@ -config $(SRC_T)Enclave.config.xml + +$(KEYS)/Enclave_private.pem $(KEYS)/Enclave_public.pem: + @echo "\033[32mGenerating keys...\033[0m" + @mkdir -p $(KEYS) + @openssl genrsa -out $(KEYS)/Enclave_private.pem -3 3072 + @openssl rsa -in $(KEYS)/Enclave_private.pem -pubout -out $(KEYS)/Enclave_public.pem + +$(BIN_T): $(NAME_T_D) + @echo "\033[32mBuilding the enclave...\033[0m" + @mkdir -p $(BIN) + @$(CXX) $(OUTPUT_W_FT) -o $@ $(GCC_STEP2_T) + +$(NAME_T_D): $(FILES_T_F) $(OUTPUT_W_FT) $(FILES_RUST_F) $(EDL_FILE) $(ENCLAVE_CONFIG) # We added as a reference the rust files, along with the EDL, the XML config file and the cargo.toml file, so Make can detect if any change was made + @echo "\033[32mBuilding enclave static library with Cargo...\033[0m" + @cargo build --release + @cp ../../../target/release/$(ENCLAVE_CARGO_LIB) $(LIB)libenclave.a + +$(FILES_T_F): $(SGX_EDGER8R) $(SRC_T)/Enclave.edl + @echo "\033[32mGenerating trusted SGX C edl files...\033[0m" + @$(SGX_EDGER8R) --trusted $(SRC_T)/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir $(CODEGEN_T) + +$(OBJ_T)%.o:$(CODEGEN_T)%.c + @mkdir -p $(OBJ_T) + @echo "\033[32m$?: Build in progress...\033[0m" + @$(CC) $(FLAGS) $(GCC_STEP1_T) -o $@ -c $? + +clean: c_clean + @rm -rf $(OBJ_T) + @echo "\033[32mObject files deleted\033[0m" + +fclean: clean fclean_enclave + +fclean_enclave: + @echo "\033[32mBinary file $(NAME) deleted\033[0m" + @rm -f $(NAME) + @rm -f $(BIN_T) + @rm -f $(LIB)libenclave.a + @cargo clean + +c_clean: + @echo "\033[32mC edl generated files deleted\033[0m" + @rm -rf $(FILES_T_F) + @rm -f $(FILES_T_H_F) + +re: fclean all + +.PHONY: all clean c_clean fclean re fclean_enclave diff --git a/rust-sgx-workspace/projects/ntc-tee-server/enclave/codegen/Enclave_t.c b/rust-sgx-workspace/projects/ntc-tee-server/enclave/codegen/Enclave_t.c new file mode 100644 index 0000000..04ac8fb --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/enclave/codegen/Enclave_t.c @@ -0,0 +1,4554 @@ +#include "Enclave_t.h" + +#include "sgx_trts.h" /* for sgx_ocalloc, sgx_is_outside_enclave */ +#include "sgx_lfence.h" /* for sgx_lfence */ + +#include +#include /* for memcpy_s etc */ +#include /* for malloc/free etc */ + +#define CHECK_REF_POINTER(ptr, siz) do { \ + if (!(ptr) || ! sgx_is_outside_enclave((ptr), (siz))) \ + return SGX_ERROR_INVALID_PARAMETER;\ +} while (0) + +#define CHECK_UNIQUE_POINTER(ptr, siz) do { \ + if ((ptr) && ! sgx_is_outside_enclave((ptr), (siz))) \ + return SGX_ERROR_INVALID_PARAMETER;\ +} while (0) + +#define CHECK_ENCLAVE_POINTER(ptr, siz) do { \ + if ((ptr) && ! sgx_is_within_enclave((ptr), (siz))) \ + return SGX_ERROR_INVALID_PARAMETER;\ +} while (0) + +#define ADD_ASSIGN_OVERFLOW(a, b) ( \ + ((a) += (b)) < (b) \ +) + + +typedef struct ms_ecall_test_t { + sgx_status_t ms_retval; + const uint8_t* ms_some_string; + size_t ms_len; +} ms_ecall_test_t; + +typedef struct ms_t_global_init_ecall_t { + uint64_t ms_id; + const uint8_t* ms_path; + size_t ms_len; +} ms_t_global_init_ecall_t; + +typedef struct ms_u_thread_set_event_ocall_t { + int ms_retval; + int* ms_error; + const void* ms_tcs; +} ms_u_thread_set_event_ocall_t; + +typedef struct ms_u_thread_wait_event_ocall_t { + int ms_retval; + int* ms_error; + const void* ms_tcs; + const struct timespec* ms_timeout; +} ms_u_thread_wait_event_ocall_t; + +typedef struct ms_u_thread_set_multiple_events_ocall_t { + int ms_retval; + int* ms_error; + const void** ms_tcss; + int ms_total; +} ms_u_thread_set_multiple_events_ocall_t; + +typedef struct ms_u_thread_setwait_events_ocall_t { + int ms_retval; + int* ms_error; + const void* ms_waiter_tcs; + const void* ms_self_tcs; + const struct timespec* ms_timeout; +} ms_u_thread_setwait_events_ocall_t; + +typedef struct ms_u_clock_gettime_ocall_t { + int ms_retval; + int* ms_error; + int ms_clk_id; + struct timespec* ms_tp; +} ms_u_clock_gettime_ocall_t; + +typedef struct ms_u_read_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + void* ms_buf; + size_t ms_count; +} ms_u_read_ocall_t; + +typedef struct ms_u_pread64_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + void* ms_buf; + size_t ms_count; + int64_t ms_offset; +} ms_u_pread64_ocall_t; + +typedef struct ms_u_readv_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const struct iovec* ms_iov; + int ms_iovcnt; +} ms_u_readv_ocall_t; + +typedef struct ms_u_preadv64_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const struct iovec* ms_iov; + int ms_iovcnt; + int64_t ms_offset; +} ms_u_preadv64_ocall_t; + +typedef struct ms_u_write_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const void* ms_buf; + size_t ms_count; +} ms_u_write_ocall_t; + +typedef struct ms_u_pwrite64_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const void* ms_buf; + size_t ms_count; + int64_t ms_offset; +} ms_u_pwrite64_ocall_t; + +typedef struct ms_u_writev_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const struct iovec* ms_iov; + int ms_iovcnt; +} ms_u_writev_ocall_t; + +typedef struct ms_u_pwritev64_ocall_t { + size_t ms_retval; + int* ms_error; + int ms_fd; + const struct iovec* ms_iov; + int ms_iovcnt; + int64_t ms_offset; +} ms_u_pwritev64_ocall_t; + +typedef struct ms_u_fcntl_arg0_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int ms_cmd; +} ms_u_fcntl_arg0_ocall_t; + +typedef struct ms_u_fcntl_arg1_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int ms_cmd; + int ms_arg; +} ms_u_fcntl_arg1_ocall_t; + +typedef struct ms_u_ioctl_arg0_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int ms_request; +} ms_u_ioctl_arg0_ocall_t; + +typedef struct ms_u_ioctl_arg1_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int ms_request; + int* ms_arg; +} ms_u_ioctl_arg1_ocall_t; + +typedef struct ms_u_close_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; +} ms_u_close_ocall_t; + +typedef struct ms_u_malloc_ocall_t { + void* ms_retval; + int* ms_error; + size_t ms_size; +} ms_u_malloc_ocall_t; + +typedef struct ms_u_free_ocall_t { + void* ms_p; +} ms_u_free_ocall_t; + +typedef struct ms_u_mmap_ocall_t { + void* ms_retval; + int* ms_error; + void* ms_start; + size_t ms_length; + int ms_prot; + int ms_flags; + int ms_fd; + int64_t ms_offset; +} ms_u_mmap_ocall_t; + +typedef struct ms_u_munmap_ocall_t { + int ms_retval; + int* ms_error; + void* ms_start; + size_t ms_length; +} ms_u_munmap_ocall_t; + +typedef struct ms_u_msync_ocall_t { + int ms_retval; + int* ms_error; + void* ms_addr; + size_t ms_length; + int ms_flags; +} ms_u_msync_ocall_t; + +typedef struct ms_u_mprotect_ocall_t { + int ms_retval; + int* ms_error; + void* ms_addr; + size_t ms_length; + int ms_prot; +} ms_u_mprotect_ocall_t; + +typedef struct ms_u_open_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_pathname; + int ms_flags; +} ms_u_open_ocall_t; + +typedef struct ms_u_open64_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + int ms_oflag; + int ms_mode; +} ms_u_open64_ocall_t; + +typedef struct ms_u_fstat_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + struct stat_t* ms_buf; +} ms_u_fstat_ocall_t; + +typedef struct ms_u_fstat64_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + struct stat64_t* ms_buf; +} ms_u_fstat64_ocall_t; + +typedef struct ms_u_stat_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + struct stat_t* ms_buf; +} ms_u_stat_ocall_t; + +typedef struct ms_u_stat64_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + struct stat64_t* ms_buf; +} ms_u_stat64_ocall_t; + +typedef struct ms_u_lstat_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + struct stat_t* ms_buf; +} ms_u_lstat_ocall_t; + +typedef struct ms_u_lstat64_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + struct stat64_t* ms_buf; +} ms_u_lstat64_ocall_t; + +typedef struct ms_u_lseek_ocall_t { + uint64_t ms_retval; + int* ms_error; + int ms_fd; + int64_t ms_offset; + int ms_whence; +} ms_u_lseek_ocall_t; + +typedef struct ms_u_lseek64_ocall_t { + int64_t ms_retval; + int* ms_error; + int ms_fd; + int64_t ms_offset; + int ms_whence; +} ms_u_lseek64_ocall_t; + +typedef struct ms_u_ftruncate_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int64_t ms_length; +} ms_u_ftruncate_ocall_t; + +typedef struct ms_u_ftruncate64_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + int64_t ms_length; +} ms_u_ftruncate64_ocall_t; + +typedef struct ms_u_truncate_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + int64_t ms_length; +} ms_u_truncate_ocall_t; + +typedef struct ms_u_truncate64_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + int64_t ms_length; +} ms_u_truncate64_ocall_t; + +typedef struct ms_u_fsync_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; +} ms_u_fsync_ocall_t; + +typedef struct ms_u_fdatasync_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; +} ms_u_fdatasync_ocall_t; + +typedef struct ms_u_fchmod_ocall_t { + int ms_retval; + int* ms_error; + int ms_fd; + uint32_t ms_mode; +} ms_u_fchmod_ocall_t; + +typedef struct ms_u_unlink_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_pathname; +} ms_u_unlink_ocall_t; + +typedef struct ms_u_link_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_oldpath; + const char* ms_newpath; +} ms_u_link_ocall_t; + +typedef struct ms_u_linkat_ocall_t { + int ms_retval; + int* ms_error; + int ms_olddirfd; + const char* ms_oldpath; + int ms_newdirfd; + const char* ms_newpath; + int ms_flags; +} ms_u_linkat_ocall_t; + +typedef struct ms_u_rename_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_oldpath; + const char* ms_newpath; +} ms_u_rename_ocall_t; + +typedef struct ms_u_chmod_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path; + uint32_t ms_mode; +} ms_u_chmod_ocall_t; + +typedef struct ms_u_readlink_ocall_t { + size_t ms_retval; + int* ms_error; + const char* ms_path; + char* ms_buf; + size_t ms_bufsz; +} ms_u_readlink_ocall_t; + +typedef struct ms_u_symlink_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_path1; + const char* ms_path2; +} ms_u_symlink_ocall_t; + +typedef struct ms_u_realpath_ocall_t { + char* ms_retval; + int* ms_error; + const char* ms_pathname; +} ms_u_realpath_ocall_t; + +typedef struct ms_u_mkdir_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_pathname; + uint32_t ms_mode; +} ms_u_mkdir_ocall_t; + +typedef struct ms_u_rmdir_ocall_t { + int ms_retval; + int* ms_error; + const char* ms_pathname; +} ms_u_rmdir_ocall_t; + +typedef struct ms_u_opendir_ocall_t { + void* ms_retval; + int* ms_error; + const char* ms_pathname; +} ms_u_opendir_ocall_t; + +typedef struct ms_u_readdir64_r_ocall_t { + int ms_retval; + void* ms_dirp; + struct dirent64_t* ms_entry; + struct dirent64_t** ms_result; +} ms_u_readdir64_r_ocall_t; + +typedef struct ms_u_closedir_ocall_t { + int ms_retval; + int* ms_error; + void* ms_dirp; +} ms_u_closedir_ocall_t; + +typedef struct ms_u_dirfd_ocall_t { + int ms_retval; + int* ms_error; + void* ms_dirp; +} ms_u_dirfd_ocall_t; + +typedef struct ms_u_fstatat64_ocall_t { + int ms_retval; + int* ms_error; + int ms_dirfd; + const char* ms_pathname; + struct stat64_t* ms_buf; + int ms_flags; +} ms_u_fstatat64_ocall_t; + +static sgx_status_t SGX_CDECL sgx_ecall_test(void* pms) +{ + CHECK_REF_POINTER(pms, sizeof(ms_ecall_test_t)); + // + // fence after pointer checks + // + sgx_lfence(); + ms_ecall_test_t* ms = SGX_CAST(ms_ecall_test_t*, pms); + sgx_status_t status = SGX_SUCCESS; + const uint8_t* _tmp_some_string = ms->ms_some_string; + size_t _tmp_len = ms->ms_len; + size_t _len_some_string = _tmp_len; + uint8_t* _in_some_string = NULL; + + CHECK_UNIQUE_POINTER(_tmp_some_string, _len_some_string); + + // + // fence after pointer checks + // + sgx_lfence(); + + if (_tmp_some_string != NULL && _len_some_string != 0) { + if ( _len_some_string % sizeof(*_tmp_some_string) != 0) + { + status = SGX_ERROR_INVALID_PARAMETER; + goto err; + } + _in_some_string = (uint8_t*)malloc(_len_some_string); + if (_in_some_string == NULL) { + status = SGX_ERROR_OUT_OF_MEMORY; + goto err; + } + + if (memcpy_s(_in_some_string, _len_some_string, _tmp_some_string, _len_some_string)) { + status = SGX_ERROR_UNEXPECTED; + goto err; + } + + } + + ms->ms_retval = ecall_test((const uint8_t*)_in_some_string, _tmp_len); + +err: + if (_in_some_string) free(_in_some_string); + return status; +} + +static sgx_status_t SGX_CDECL sgx_t_global_init_ecall(void* pms) +{ + CHECK_REF_POINTER(pms, sizeof(ms_t_global_init_ecall_t)); + // + // fence after pointer checks + // + sgx_lfence(); + ms_t_global_init_ecall_t* ms = SGX_CAST(ms_t_global_init_ecall_t*, pms); + sgx_status_t status = SGX_SUCCESS; + const uint8_t* _tmp_path = ms->ms_path; + size_t _tmp_len = ms->ms_len; + size_t _len_path = _tmp_len; + uint8_t* _in_path = NULL; + + CHECK_UNIQUE_POINTER(_tmp_path, _len_path); + + // + // fence after pointer checks + // + sgx_lfence(); + + if (_tmp_path != NULL && _len_path != 0) { + if ( _len_path % sizeof(*_tmp_path) != 0) + { + status = SGX_ERROR_INVALID_PARAMETER; + goto err; + } + _in_path = (uint8_t*)malloc(_len_path); + if (_in_path == NULL) { + status = SGX_ERROR_OUT_OF_MEMORY; + goto err; + } + + if (memcpy_s(_in_path, _len_path, _tmp_path, _len_path)) { + status = SGX_ERROR_UNEXPECTED; + goto err; + } + + } + + t_global_init_ecall(ms->ms_id, (const uint8_t*)_in_path, _tmp_len); + +err: + if (_in_path) free(_in_path); + return status; +} + +static sgx_status_t SGX_CDECL sgx_t_global_exit_ecall(void* pms) +{ + sgx_status_t status = SGX_SUCCESS; + if (pms != NULL) return SGX_ERROR_INVALID_PARAMETER; + t_global_exit_ecall(); + return status; +} + +SGX_EXTERNC const struct { + size_t nr_ecall; + struct {void* ecall_addr; uint8_t is_priv; uint8_t is_switchless;} ecall_table[3]; +} g_ecall_table = { + 3, + { + {(void*)(uintptr_t)sgx_ecall_test, 0, 0}, + {(void*)(uintptr_t)sgx_t_global_init_ecall, 0, 0}, + {(void*)(uintptr_t)sgx_t_global_exit_ecall, 0, 0}, + } +}; + +SGX_EXTERNC const struct { + size_t nr_ocall; + uint8_t entry_table[56][3]; +} g_dyn_entry_table = { + 56, + { + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + {0, 0, 0, }, + } +}; + + +sgx_status_t SGX_CDECL u_thread_set_event_ocall(int* retval, int* error, const void* tcs) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_thread_set_event_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_thread_set_event_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_thread_set_event_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_thread_set_event_ocall_t)); + ocalloc_size -= sizeof(ms_u_thread_set_event_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_tcs = tcs; + status = sgx_ocall(0, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_thread_wait_event_ocall(int* retval, int* error, const void* tcs, const struct timespec* timeout) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_timeout = sizeof(struct timespec); + + ms_u_thread_wait_event_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_thread_wait_event_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(timeout, _len_timeout); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (timeout != NULL) ? _len_timeout : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_thread_wait_event_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_thread_wait_event_ocall_t)); + ocalloc_size -= sizeof(ms_u_thread_wait_event_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_tcs = tcs; + if (timeout != NULL) { + ms->ms_timeout = (const struct timespec*)__tmp; + if (memcpy_s(__tmp, ocalloc_size, timeout, _len_timeout)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_timeout); + ocalloc_size -= _len_timeout; + } else { + ms->ms_timeout = NULL; + } + + status = sgx_ocall(1, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_thread_set_multiple_events_ocall(int* retval, int* error, const void** tcss, int total) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_tcss = total * sizeof(void*); + + ms_u_thread_set_multiple_events_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_thread_set_multiple_events_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(tcss, _len_tcss); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (tcss != NULL) ? _len_tcss : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_thread_set_multiple_events_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_thread_set_multiple_events_ocall_t)); + ocalloc_size -= sizeof(ms_u_thread_set_multiple_events_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (tcss != NULL) { + ms->ms_tcss = (const void**)__tmp; + if (_len_tcss % sizeof(*tcss) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, tcss, _len_tcss)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_tcss); + ocalloc_size -= _len_tcss; + } else { + ms->ms_tcss = NULL; + } + + ms->ms_total = total; + status = sgx_ocall(2, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_thread_setwait_events_ocall(int* retval, int* error, const void* waiter_tcs, const void* self_tcs, const struct timespec* timeout) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_timeout = sizeof(struct timespec); + + ms_u_thread_setwait_events_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_thread_setwait_events_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(timeout, _len_timeout); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (timeout != NULL) ? _len_timeout : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_thread_setwait_events_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_thread_setwait_events_ocall_t)); + ocalloc_size -= sizeof(ms_u_thread_setwait_events_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_waiter_tcs = waiter_tcs; + ms->ms_self_tcs = self_tcs; + if (timeout != NULL) { + ms->ms_timeout = (const struct timespec*)__tmp; + if (memcpy_s(__tmp, ocalloc_size, timeout, _len_timeout)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_timeout); + ocalloc_size -= _len_timeout; + } else { + ms->ms_timeout = NULL; + } + + status = sgx_ocall(3, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_clock_gettime_ocall(int* retval, int* error, int clk_id, struct timespec* tp) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_tp = sizeof(struct timespec); + + ms_u_clock_gettime_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_clock_gettime_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + void *__tmp_tp = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(tp, _len_tp); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (tp != NULL) ? _len_tp : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_clock_gettime_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_clock_gettime_ocall_t)); + ocalloc_size -= sizeof(ms_u_clock_gettime_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_clk_id = clk_id; + if (tp != NULL) { + ms->ms_tp = (struct timespec*)__tmp; + __tmp_tp = __tmp; + memset(__tmp_tp, 0, _len_tp); + __tmp = (void *)((size_t)__tmp + _len_tp); + ocalloc_size -= _len_tp; + } else { + ms->ms_tp = NULL; + } + + status = sgx_ocall(4, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (tp) { + if (memcpy_s((void*)tp, _len_tp, __tmp_tp, _len_tp)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_read_ocall(size_t* retval, int* error, int fd, void* buf, size_t count) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_read_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_read_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_read_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_read_ocall_t)); + ocalloc_size -= sizeof(ms_u_read_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_buf = buf; + ms->ms_count = count; + status = sgx_ocall(5, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_pread64_ocall(size_t* retval, int* error, int fd, void* buf, size_t count, int64_t offset) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_pread64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_pread64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_pread64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_pread64_ocall_t)); + ocalloc_size -= sizeof(ms_u_pread64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_buf = buf; + ms->ms_count = count; + ms->ms_offset = offset; + status = sgx_ocall(6, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_readv_ocall(size_t* retval, int* error, int fd, const struct iovec* iov, int iovcnt) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_iov = iovcnt * sizeof(struct iovec); + + ms_u_readv_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_readv_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(iov, _len_iov); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (iov != NULL) ? _len_iov : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_readv_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_readv_ocall_t)); + ocalloc_size -= sizeof(ms_u_readv_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + if (iov != NULL) { + ms->ms_iov = (const struct iovec*)__tmp; + if (memcpy_s(__tmp, ocalloc_size, iov, _len_iov)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_iov); + ocalloc_size -= _len_iov; + } else { + ms->ms_iov = NULL; + } + + ms->ms_iovcnt = iovcnt; + status = sgx_ocall(7, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_preadv64_ocall(size_t* retval, int* error, int fd, const struct iovec* iov, int iovcnt, int64_t offset) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_iov = iovcnt * sizeof(struct iovec); + + ms_u_preadv64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_preadv64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(iov, _len_iov); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (iov != NULL) ? _len_iov : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_preadv64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_preadv64_ocall_t)); + ocalloc_size -= sizeof(ms_u_preadv64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + if (iov != NULL) { + ms->ms_iov = (const struct iovec*)__tmp; + if (memcpy_s(__tmp, ocalloc_size, iov, _len_iov)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_iov); + ocalloc_size -= _len_iov; + } else { + ms->ms_iov = NULL; + } + + ms->ms_iovcnt = iovcnt; + ms->ms_offset = offset; + status = sgx_ocall(8, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_write_ocall(size_t* retval, int* error, int fd, const void* buf, size_t count) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_write_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_write_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_write_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_write_ocall_t)); + ocalloc_size -= sizeof(ms_u_write_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_buf = buf; + ms->ms_count = count; + status = sgx_ocall(9, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_pwrite64_ocall(size_t* retval, int* error, int fd, const void* buf, size_t count, int64_t offset) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_pwrite64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_pwrite64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_pwrite64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_pwrite64_ocall_t)); + ocalloc_size -= sizeof(ms_u_pwrite64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_buf = buf; + ms->ms_count = count; + ms->ms_offset = offset; + status = sgx_ocall(10, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_writev_ocall(size_t* retval, int* error, int fd, const struct iovec* iov, int iovcnt) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_iov = iovcnt * sizeof(struct iovec); + + ms_u_writev_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_writev_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(iov, _len_iov); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (iov != NULL) ? _len_iov : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_writev_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_writev_ocall_t)); + ocalloc_size -= sizeof(ms_u_writev_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + if (iov != NULL) { + ms->ms_iov = (const struct iovec*)__tmp; + if (memcpy_s(__tmp, ocalloc_size, iov, _len_iov)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_iov); + ocalloc_size -= _len_iov; + } else { + ms->ms_iov = NULL; + } + + ms->ms_iovcnt = iovcnt; + status = sgx_ocall(11, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_pwritev64_ocall(size_t* retval, int* error, int fd, const struct iovec* iov, int iovcnt, int64_t offset) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_iov = iovcnt * sizeof(struct iovec); + + ms_u_pwritev64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_pwritev64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(iov, _len_iov); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (iov != NULL) ? _len_iov : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_pwritev64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_pwritev64_ocall_t)); + ocalloc_size -= sizeof(ms_u_pwritev64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + if (iov != NULL) { + ms->ms_iov = (const struct iovec*)__tmp; + if (memcpy_s(__tmp, ocalloc_size, iov, _len_iov)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_iov); + ocalloc_size -= _len_iov; + } else { + ms->ms_iov = NULL; + } + + ms->ms_iovcnt = iovcnt; + ms->ms_offset = offset; + status = sgx_ocall(12, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_fcntl_arg0_ocall(int* retval, int* error, int fd, int cmd) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_fcntl_arg0_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_fcntl_arg0_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_fcntl_arg0_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_fcntl_arg0_ocall_t)); + ocalloc_size -= sizeof(ms_u_fcntl_arg0_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_cmd = cmd; + status = sgx_ocall(13, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_fcntl_arg1_ocall(int* retval, int* error, int fd, int cmd, int arg) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_fcntl_arg1_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_fcntl_arg1_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_fcntl_arg1_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_fcntl_arg1_ocall_t)); + ocalloc_size -= sizeof(ms_u_fcntl_arg1_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_cmd = cmd; + ms->ms_arg = arg; + status = sgx_ocall(14, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_ioctl_arg0_ocall(int* retval, int* error, int fd, int request) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_ioctl_arg0_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_ioctl_arg0_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_ioctl_arg0_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_ioctl_arg0_ocall_t)); + ocalloc_size -= sizeof(ms_u_ioctl_arg0_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_request = request; + status = sgx_ocall(15, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_ioctl_arg1_ocall(int* retval, int* error, int fd, int request, int* arg) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_arg = sizeof(int); + + ms_u_ioctl_arg1_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_ioctl_arg1_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + void *__tmp_arg = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(arg, _len_arg); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (arg != NULL) ? _len_arg : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_ioctl_arg1_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_ioctl_arg1_ocall_t)); + ocalloc_size -= sizeof(ms_u_ioctl_arg1_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_request = request; + if (arg != NULL) { + ms->ms_arg = (int*)__tmp; + __tmp_arg = __tmp; + if (_len_arg % sizeof(*arg) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, arg, _len_arg)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_arg); + ocalloc_size -= _len_arg; + } else { + ms->ms_arg = NULL; + } + + status = sgx_ocall(16, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (arg) { + if (memcpy_s((void*)arg, _len_arg, __tmp_arg, _len_arg)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_close_ocall(int* retval, int* error, int fd) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_close_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_close_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_close_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_close_ocall_t)); + ocalloc_size -= sizeof(ms_u_close_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + status = sgx_ocall(17, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_malloc_ocall(void** retval, int* error, size_t size) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_malloc_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_malloc_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_malloc_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_malloc_ocall_t)); + ocalloc_size -= sizeof(ms_u_malloc_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_size = size; + status = sgx_ocall(18, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_free_ocall(void* p) +{ + sgx_status_t status = SGX_SUCCESS; + + ms_u_free_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_free_ocall_t); + void *__tmp = NULL; + + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_free_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_free_ocall_t)); + ocalloc_size -= sizeof(ms_u_free_ocall_t); + + ms->ms_p = p; + status = sgx_ocall(19, ms); + + if (status == SGX_SUCCESS) { + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_mmap_ocall(void** retval, int* error, void* start, size_t length, int prot, int flags, int fd, int64_t offset) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_mmap_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_mmap_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_mmap_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_mmap_ocall_t)); + ocalloc_size -= sizeof(ms_u_mmap_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_start = start; + ms->ms_length = length; + ms->ms_prot = prot; + ms->ms_flags = flags; + ms->ms_fd = fd; + ms->ms_offset = offset; + status = sgx_ocall(20, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_munmap_ocall(int* retval, int* error, void* start, size_t length) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_munmap_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_munmap_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_munmap_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_munmap_ocall_t)); + ocalloc_size -= sizeof(ms_u_munmap_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_start = start; + ms->ms_length = length; + status = sgx_ocall(21, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_msync_ocall(int* retval, int* error, void* addr, size_t length, int flags) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_msync_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_msync_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_msync_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_msync_ocall_t)); + ocalloc_size -= sizeof(ms_u_msync_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_addr = addr; + ms->ms_length = length; + ms->ms_flags = flags; + status = sgx_ocall(22, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_mprotect_ocall(int* retval, int* error, void* addr, size_t length, int prot) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_mprotect_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_mprotect_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_mprotect_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_mprotect_ocall_t)); + ocalloc_size -= sizeof(ms_u_mprotect_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_addr = addr; + ms->ms_length = length; + ms->ms_prot = prot; + status = sgx_ocall(23, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_open_ocall(int* retval, int* error, const char* pathname, int flags) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_pathname = pathname ? strlen(pathname) + 1 : 0; + + ms_u_open_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_open_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(pathname, _len_pathname); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (pathname != NULL) ? _len_pathname : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_open_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_open_ocall_t)); + ocalloc_size -= sizeof(ms_u_open_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (pathname != NULL) { + ms->ms_pathname = (const char*)__tmp; + if (_len_pathname % sizeof(*pathname) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, pathname, _len_pathname)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_pathname); + ocalloc_size -= _len_pathname; + } else { + ms->ms_pathname = NULL; + } + + ms->ms_flags = flags; + status = sgx_ocall(24, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_open64_ocall(int* retval, int* error, const char* path, int oflag, int mode) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_path = path ? strlen(path) + 1 : 0; + + ms_u_open64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_open64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(path, _len_path); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path != NULL) ? _len_path : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_open64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_open64_ocall_t)); + ocalloc_size -= sizeof(ms_u_open64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (path != NULL) { + ms->ms_path = (const char*)__tmp; + if (_len_path % sizeof(*path) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path, _len_path)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path); + ocalloc_size -= _len_path; + } else { + ms->ms_path = NULL; + } + + ms->ms_oflag = oflag; + ms->ms_mode = mode; + status = sgx_ocall(25, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_fstat_ocall(int* retval, int* error, int fd, struct stat_t* buf) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_buf = sizeof(struct stat_t); + + ms_u_fstat_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_fstat_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + void *__tmp_buf = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(buf, _len_buf); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (buf != NULL) ? _len_buf : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_fstat_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_fstat_ocall_t)); + ocalloc_size -= sizeof(ms_u_fstat_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + if (buf != NULL) { + ms->ms_buf = (struct stat_t*)__tmp; + __tmp_buf = __tmp; + memset(__tmp_buf, 0, _len_buf); + __tmp = (void *)((size_t)__tmp + _len_buf); + ocalloc_size -= _len_buf; + } else { + ms->ms_buf = NULL; + } + + status = sgx_ocall(26, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (buf) { + if (memcpy_s((void*)buf, _len_buf, __tmp_buf, _len_buf)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_fstat64_ocall(int* retval, int* error, int fd, struct stat64_t* buf) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_buf = sizeof(struct stat64_t); + + ms_u_fstat64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_fstat64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + void *__tmp_buf = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(buf, _len_buf); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (buf != NULL) ? _len_buf : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_fstat64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_fstat64_ocall_t)); + ocalloc_size -= sizeof(ms_u_fstat64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + if (buf != NULL) { + ms->ms_buf = (struct stat64_t*)__tmp; + __tmp_buf = __tmp; + memset(__tmp_buf, 0, _len_buf); + __tmp = (void *)((size_t)__tmp + _len_buf); + ocalloc_size -= _len_buf; + } else { + ms->ms_buf = NULL; + } + + status = sgx_ocall(27, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (buf) { + if (memcpy_s((void*)buf, _len_buf, __tmp_buf, _len_buf)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_stat_ocall(int* retval, int* error, const char* path, struct stat_t* buf) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_path = path ? strlen(path) + 1 : 0; + size_t _len_buf = sizeof(struct stat_t); + + ms_u_stat_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_stat_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + void *__tmp_buf = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(path, _len_path); + CHECK_ENCLAVE_POINTER(buf, _len_buf); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path != NULL) ? _len_path : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (buf != NULL) ? _len_buf : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_stat_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_stat_ocall_t)); + ocalloc_size -= sizeof(ms_u_stat_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (path != NULL) { + ms->ms_path = (const char*)__tmp; + if (_len_path % sizeof(*path) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path, _len_path)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path); + ocalloc_size -= _len_path; + } else { + ms->ms_path = NULL; + } + + if (buf != NULL) { + ms->ms_buf = (struct stat_t*)__tmp; + __tmp_buf = __tmp; + memset(__tmp_buf, 0, _len_buf); + __tmp = (void *)((size_t)__tmp + _len_buf); + ocalloc_size -= _len_buf; + } else { + ms->ms_buf = NULL; + } + + status = sgx_ocall(28, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (buf) { + if (memcpy_s((void*)buf, _len_buf, __tmp_buf, _len_buf)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_stat64_ocall(int* retval, int* error, const char* path, struct stat64_t* buf) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_path = path ? strlen(path) + 1 : 0; + size_t _len_buf = sizeof(struct stat64_t); + + ms_u_stat64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_stat64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + void *__tmp_buf = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(path, _len_path); + CHECK_ENCLAVE_POINTER(buf, _len_buf); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path != NULL) ? _len_path : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (buf != NULL) ? _len_buf : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_stat64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_stat64_ocall_t)); + ocalloc_size -= sizeof(ms_u_stat64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (path != NULL) { + ms->ms_path = (const char*)__tmp; + if (_len_path % sizeof(*path) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path, _len_path)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path); + ocalloc_size -= _len_path; + } else { + ms->ms_path = NULL; + } + + if (buf != NULL) { + ms->ms_buf = (struct stat64_t*)__tmp; + __tmp_buf = __tmp; + memset(__tmp_buf, 0, _len_buf); + __tmp = (void *)((size_t)__tmp + _len_buf); + ocalloc_size -= _len_buf; + } else { + ms->ms_buf = NULL; + } + + status = sgx_ocall(29, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (buf) { + if (memcpy_s((void*)buf, _len_buf, __tmp_buf, _len_buf)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_lstat_ocall(int* retval, int* error, const char* path, struct stat_t* buf) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_path = path ? strlen(path) + 1 : 0; + size_t _len_buf = sizeof(struct stat_t); + + ms_u_lstat_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_lstat_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + void *__tmp_buf = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(path, _len_path); + CHECK_ENCLAVE_POINTER(buf, _len_buf); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path != NULL) ? _len_path : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (buf != NULL) ? _len_buf : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_lstat_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_lstat_ocall_t)); + ocalloc_size -= sizeof(ms_u_lstat_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (path != NULL) { + ms->ms_path = (const char*)__tmp; + if (_len_path % sizeof(*path) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path, _len_path)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path); + ocalloc_size -= _len_path; + } else { + ms->ms_path = NULL; + } + + if (buf != NULL) { + ms->ms_buf = (struct stat_t*)__tmp; + __tmp_buf = __tmp; + memset(__tmp_buf, 0, _len_buf); + __tmp = (void *)((size_t)__tmp + _len_buf); + ocalloc_size -= _len_buf; + } else { + ms->ms_buf = NULL; + } + + status = sgx_ocall(30, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (buf) { + if (memcpy_s((void*)buf, _len_buf, __tmp_buf, _len_buf)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_lstat64_ocall(int* retval, int* error, const char* path, struct stat64_t* buf) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_path = path ? strlen(path) + 1 : 0; + size_t _len_buf = sizeof(struct stat64_t); + + ms_u_lstat64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_lstat64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + void *__tmp_buf = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(path, _len_path); + CHECK_ENCLAVE_POINTER(buf, _len_buf); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path != NULL) ? _len_path : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (buf != NULL) ? _len_buf : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_lstat64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_lstat64_ocall_t)); + ocalloc_size -= sizeof(ms_u_lstat64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (path != NULL) { + ms->ms_path = (const char*)__tmp; + if (_len_path % sizeof(*path) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path, _len_path)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path); + ocalloc_size -= _len_path; + } else { + ms->ms_path = NULL; + } + + if (buf != NULL) { + ms->ms_buf = (struct stat64_t*)__tmp; + __tmp_buf = __tmp; + memset(__tmp_buf, 0, _len_buf); + __tmp = (void *)((size_t)__tmp + _len_buf); + ocalloc_size -= _len_buf; + } else { + ms->ms_buf = NULL; + } + + status = sgx_ocall(31, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (buf) { + if (memcpy_s((void*)buf, _len_buf, __tmp_buf, _len_buf)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_lseek_ocall(uint64_t* retval, int* error, int fd, int64_t offset, int whence) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_lseek_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_lseek_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_lseek_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_lseek_ocall_t)); + ocalloc_size -= sizeof(ms_u_lseek_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_offset = offset; + ms->ms_whence = whence; + status = sgx_ocall(32, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_lseek64_ocall(int64_t* retval, int* error, int fd, int64_t offset, int whence) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_lseek64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_lseek64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_lseek64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_lseek64_ocall_t)); + ocalloc_size -= sizeof(ms_u_lseek64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_offset = offset; + ms->ms_whence = whence; + status = sgx_ocall(33, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_ftruncate_ocall(int* retval, int* error, int fd, int64_t length) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_ftruncate_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_ftruncate_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_ftruncate_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_ftruncate_ocall_t)); + ocalloc_size -= sizeof(ms_u_ftruncate_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_length = length; + status = sgx_ocall(34, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_ftruncate64_ocall(int* retval, int* error, int fd, int64_t length) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_ftruncate64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_ftruncate64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_ftruncate64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_ftruncate64_ocall_t)); + ocalloc_size -= sizeof(ms_u_ftruncate64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_length = length; + status = sgx_ocall(35, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_truncate_ocall(int* retval, int* error, const char* path, int64_t length) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_path = path ? strlen(path) + 1 : 0; + + ms_u_truncate_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_truncate_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(path, _len_path); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path != NULL) ? _len_path : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_truncate_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_truncate_ocall_t)); + ocalloc_size -= sizeof(ms_u_truncate_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (path != NULL) { + ms->ms_path = (const char*)__tmp; + if (_len_path % sizeof(*path) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path, _len_path)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path); + ocalloc_size -= _len_path; + } else { + ms->ms_path = NULL; + } + + ms->ms_length = length; + status = sgx_ocall(36, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_truncate64_ocall(int* retval, int* error, const char* path, int64_t length) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_path = path ? strlen(path) + 1 : 0; + + ms_u_truncate64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_truncate64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(path, _len_path); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path != NULL) ? _len_path : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_truncate64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_truncate64_ocall_t)); + ocalloc_size -= sizeof(ms_u_truncate64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (path != NULL) { + ms->ms_path = (const char*)__tmp; + if (_len_path % sizeof(*path) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path, _len_path)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path); + ocalloc_size -= _len_path; + } else { + ms->ms_path = NULL; + } + + ms->ms_length = length; + status = sgx_ocall(37, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_fsync_ocall(int* retval, int* error, int fd) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_fsync_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_fsync_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_fsync_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_fsync_ocall_t)); + ocalloc_size -= sizeof(ms_u_fsync_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + status = sgx_ocall(38, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_fdatasync_ocall(int* retval, int* error, int fd) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_fdatasync_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_fdatasync_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_fdatasync_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_fdatasync_ocall_t)); + ocalloc_size -= sizeof(ms_u_fdatasync_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + status = sgx_ocall(39, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_fchmod_ocall(int* retval, int* error, int fd, uint32_t mode) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_fchmod_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_fchmod_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_fchmod_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_fchmod_ocall_t)); + ocalloc_size -= sizeof(ms_u_fchmod_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_fd = fd; + ms->ms_mode = mode; + status = sgx_ocall(40, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_unlink_ocall(int* retval, int* error, const char* pathname) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_pathname = pathname ? strlen(pathname) + 1 : 0; + + ms_u_unlink_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_unlink_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(pathname, _len_pathname); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (pathname != NULL) ? _len_pathname : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_unlink_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_unlink_ocall_t)); + ocalloc_size -= sizeof(ms_u_unlink_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (pathname != NULL) { + ms->ms_pathname = (const char*)__tmp; + if (_len_pathname % sizeof(*pathname) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, pathname, _len_pathname)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_pathname); + ocalloc_size -= _len_pathname; + } else { + ms->ms_pathname = NULL; + } + + status = sgx_ocall(41, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_link_ocall(int* retval, int* error, const char* oldpath, const char* newpath) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_oldpath = oldpath ? strlen(oldpath) + 1 : 0; + size_t _len_newpath = newpath ? strlen(newpath) + 1 : 0; + + ms_u_link_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_link_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(oldpath, _len_oldpath); + CHECK_ENCLAVE_POINTER(newpath, _len_newpath); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (oldpath != NULL) ? _len_oldpath : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (newpath != NULL) ? _len_newpath : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_link_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_link_ocall_t)); + ocalloc_size -= sizeof(ms_u_link_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (oldpath != NULL) { + ms->ms_oldpath = (const char*)__tmp; + if (_len_oldpath % sizeof(*oldpath) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, oldpath, _len_oldpath)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_oldpath); + ocalloc_size -= _len_oldpath; + } else { + ms->ms_oldpath = NULL; + } + + if (newpath != NULL) { + ms->ms_newpath = (const char*)__tmp; + if (_len_newpath % sizeof(*newpath) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, newpath, _len_newpath)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_newpath); + ocalloc_size -= _len_newpath; + } else { + ms->ms_newpath = NULL; + } + + status = sgx_ocall(42, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_linkat_ocall(int* retval, int* error, int olddirfd, const char* oldpath, int newdirfd, const char* newpath, int flags) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_oldpath = oldpath ? strlen(oldpath) + 1 : 0; + size_t _len_newpath = newpath ? strlen(newpath) + 1 : 0; + + ms_u_linkat_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_linkat_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(oldpath, _len_oldpath); + CHECK_ENCLAVE_POINTER(newpath, _len_newpath); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (oldpath != NULL) ? _len_oldpath : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (newpath != NULL) ? _len_newpath : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_linkat_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_linkat_ocall_t)); + ocalloc_size -= sizeof(ms_u_linkat_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_olddirfd = olddirfd; + if (oldpath != NULL) { + ms->ms_oldpath = (const char*)__tmp; + if (_len_oldpath % sizeof(*oldpath) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, oldpath, _len_oldpath)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_oldpath); + ocalloc_size -= _len_oldpath; + } else { + ms->ms_oldpath = NULL; + } + + ms->ms_newdirfd = newdirfd; + if (newpath != NULL) { + ms->ms_newpath = (const char*)__tmp; + if (_len_newpath % sizeof(*newpath) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, newpath, _len_newpath)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_newpath); + ocalloc_size -= _len_newpath; + } else { + ms->ms_newpath = NULL; + } + + ms->ms_flags = flags; + status = sgx_ocall(43, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_rename_ocall(int* retval, int* error, const char* oldpath, const char* newpath) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_oldpath = oldpath ? strlen(oldpath) + 1 : 0; + size_t _len_newpath = newpath ? strlen(newpath) + 1 : 0; + + ms_u_rename_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_rename_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(oldpath, _len_oldpath); + CHECK_ENCLAVE_POINTER(newpath, _len_newpath); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (oldpath != NULL) ? _len_oldpath : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (newpath != NULL) ? _len_newpath : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_rename_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_rename_ocall_t)); + ocalloc_size -= sizeof(ms_u_rename_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (oldpath != NULL) { + ms->ms_oldpath = (const char*)__tmp; + if (_len_oldpath % sizeof(*oldpath) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, oldpath, _len_oldpath)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_oldpath); + ocalloc_size -= _len_oldpath; + } else { + ms->ms_oldpath = NULL; + } + + if (newpath != NULL) { + ms->ms_newpath = (const char*)__tmp; + if (_len_newpath % sizeof(*newpath) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, newpath, _len_newpath)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_newpath); + ocalloc_size -= _len_newpath; + } else { + ms->ms_newpath = NULL; + } + + status = sgx_ocall(44, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_chmod_ocall(int* retval, int* error, const char* path, uint32_t mode) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_path = path ? strlen(path) + 1 : 0; + + ms_u_chmod_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_chmod_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(path, _len_path); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path != NULL) ? _len_path : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_chmod_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_chmod_ocall_t)); + ocalloc_size -= sizeof(ms_u_chmod_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (path != NULL) { + ms->ms_path = (const char*)__tmp; + if (_len_path % sizeof(*path) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path, _len_path)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path); + ocalloc_size -= _len_path; + } else { + ms->ms_path = NULL; + } + + ms->ms_mode = mode; + status = sgx_ocall(45, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_readlink_ocall(size_t* retval, int* error, const char* path, char* buf, size_t bufsz) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_path = path ? strlen(path) + 1 : 0; + size_t _len_buf = bufsz; + + ms_u_readlink_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_readlink_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + void *__tmp_buf = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(path, _len_path); + CHECK_ENCLAVE_POINTER(buf, _len_buf); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path != NULL) ? _len_path : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (buf != NULL) ? _len_buf : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_readlink_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_readlink_ocall_t)); + ocalloc_size -= sizeof(ms_u_readlink_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (path != NULL) { + ms->ms_path = (const char*)__tmp; + if (_len_path % sizeof(*path) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path, _len_path)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path); + ocalloc_size -= _len_path; + } else { + ms->ms_path = NULL; + } + + if (buf != NULL) { + ms->ms_buf = (char*)__tmp; + __tmp_buf = __tmp; + if (_len_buf % sizeof(*buf) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_buf, 0, _len_buf); + __tmp = (void *)((size_t)__tmp + _len_buf); + ocalloc_size -= _len_buf; + } else { + ms->ms_buf = NULL; + } + + ms->ms_bufsz = bufsz; + status = sgx_ocall(46, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (buf) { + if (memcpy_s((void*)buf, _len_buf, __tmp_buf, _len_buf)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_symlink_ocall(int* retval, int* error, const char* path1, const char* path2) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_path1 = path1 ? strlen(path1) + 1 : 0; + size_t _len_path2 = path2 ? strlen(path2) + 1 : 0; + + ms_u_symlink_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_symlink_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(path1, _len_path1); + CHECK_ENCLAVE_POINTER(path2, _len_path2); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path1 != NULL) ? _len_path1 : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (path2 != NULL) ? _len_path2 : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_symlink_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_symlink_ocall_t)); + ocalloc_size -= sizeof(ms_u_symlink_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (path1 != NULL) { + ms->ms_path1 = (const char*)__tmp; + if (_len_path1 % sizeof(*path1) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path1, _len_path1)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path1); + ocalloc_size -= _len_path1; + } else { + ms->ms_path1 = NULL; + } + + if (path2 != NULL) { + ms->ms_path2 = (const char*)__tmp; + if (_len_path2 % sizeof(*path2) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, path2, _len_path2)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_path2); + ocalloc_size -= _len_path2; + } else { + ms->ms_path2 = NULL; + } + + status = sgx_ocall(47, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_realpath_ocall(char** retval, int* error, const char* pathname) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_pathname = pathname ? strlen(pathname) + 1 : 0; + + ms_u_realpath_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_realpath_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(pathname, _len_pathname); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (pathname != NULL) ? _len_pathname : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_realpath_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_realpath_ocall_t)); + ocalloc_size -= sizeof(ms_u_realpath_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (pathname != NULL) { + ms->ms_pathname = (const char*)__tmp; + if (_len_pathname % sizeof(*pathname) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, pathname, _len_pathname)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_pathname); + ocalloc_size -= _len_pathname; + } else { + ms->ms_pathname = NULL; + } + + status = sgx_ocall(48, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_mkdir_ocall(int* retval, int* error, const char* pathname, uint32_t mode) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_pathname = pathname ? strlen(pathname) + 1 : 0; + + ms_u_mkdir_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_mkdir_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(pathname, _len_pathname); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (pathname != NULL) ? _len_pathname : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_mkdir_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_mkdir_ocall_t)); + ocalloc_size -= sizeof(ms_u_mkdir_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (pathname != NULL) { + ms->ms_pathname = (const char*)__tmp; + if (_len_pathname % sizeof(*pathname) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, pathname, _len_pathname)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_pathname); + ocalloc_size -= _len_pathname; + } else { + ms->ms_pathname = NULL; + } + + ms->ms_mode = mode; + status = sgx_ocall(49, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_rmdir_ocall(int* retval, int* error, const char* pathname) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_pathname = pathname ? strlen(pathname) + 1 : 0; + + ms_u_rmdir_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_rmdir_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(pathname, _len_pathname); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (pathname != NULL) ? _len_pathname : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_rmdir_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_rmdir_ocall_t)); + ocalloc_size -= sizeof(ms_u_rmdir_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (pathname != NULL) { + ms->ms_pathname = (const char*)__tmp; + if (_len_pathname % sizeof(*pathname) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, pathname, _len_pathname)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_pathname); + ocalloc_size -= _len_pathname; + } else { + ms->ms_pathname = NULL; + } + + status = sgx_ocall(50, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_opendir_ocall(void** retval, int* error, const char* pathname) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_pathname = pathname ? strlen(pathname) + 1 : 0; + + ms_u_opendir_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_opendir_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(pathname, _len_pathname); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (pathname != NULL) ? _len_pathname : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_opendir_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_opendir_ocall_t)); + ocalloc_size -= sizeof(ms_u_opendir_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + if (pathname != NULL) { + ms->ms_pathname = (const char*)__tmp; + if (_len_pathname % sizeof(*pathname) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, pathname, _len_pathname)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_pathname); + ocalloc_size -= _len_pathname; + } else { + ms->ms_pathname = NULL; + } + + status = sgx_ocall(51, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_readdir64_r_ocall(int* retval, void* dirp, struct dirent64_t* entry, struct dirent64_t** result) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_entry = sizeof(struct dirent64_t); + size_t _len_result = sizeof(struct dirent64_t*); + + ms_u_readdir64_r_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_readdir64_r_ocall_t); + void *__tmp = NULL; + + void *__tmp_entry = NULL; + void *__tmp_result = NULL; + + CHECK_ENCLAVE_POINTER(entry, _len_entry); + CHECK_ENCLAVE_POINTER(result, _len_result); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (entry != NULL) ? _len_entry : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (result != NULL) ? _len_result : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_readdir64_r_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_readdir64_r_ocall_t)); + ocalloc_size -= sizeof(ms_u_readdir64_r_ocall_t); + + ms->ms_dirp = dirp; + if (entry != NULL) { + ms->ms_entry = (struct dirent64_t*)__tmp; + __tmp_entry = __tmp; + if (memcpy_s(__tmp, ocalloc_size, entry, _len_entry)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_entry); + ocalloc_size -= _len_entry; + } else { + ms->ms_entry = NULL; + } + + if (result != NULL) { + ms->ms_result = (struct dirent64_t**)__tmp; + __tmp_result = __tmp; + if (_len_result % sizeof(*result) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_result, 0, _len_result); + __tmp = (void *)((size_t)__tmp + _len_result); + ocalloc_size -= _len_result; + } else { + ms->ms_result = NULL; + } + + status = sgx_ocall(52, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (entry) { + if (memcpy_s((void*)entry, _len_entry, __tmp_entry, _len_entry)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (result) { + if (memcpy_s((void*)result, _len_result, __tmp_result, _len_result)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_closedir_ocall(int* retval, int* error, void* dirp) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_closedir_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_closedir_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_closedir_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_closedir_ocall_t)); + ocalloc_size -= sizeof(ms_u_closedir_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_dirp = dirp; + status = sgx_ocall(53, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_dirfd_ocall(int* retval, int* error, void* dirp) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + + ms_u_dirfd_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_dirfd_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_dirfd_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_dirfd_ocall_t)); + ocalloc_size -= sizeof(ms_u_dirfd_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_dirp = dirp; + status = sgx_ocall(54, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + +sgx_status_t SGX_CDECL u_fstatat64_ocall(int* retval, int* error, int dirfd, const char* pathname, struct stat64_t* buf, int flags) +{ + sgx_status_t status = SGX_SUCCESS; + size_t _len_error = sizeof(int); + size_t _len_pathname = pathname ? strlen(pathname) + 1 : 0; + size_t _len_buf = sizeof(struct stat64_t); + + ms_u_fstatat64_ocall_t* ms = NULL; + size_t ocalloc_size = sizeof(ms_u_fstatat64_ocall_t); + void *__tmp = NULL; + + void *__tmp_error = NULL; + void *__tmp_buf = NULL; + + CHECK_ENCLAVE_POINTER(error, _len_error); + CHECK_ENCLAVE_POINTER(pathname, _len_pathname); + CHECK_ENCLAVE_POINTER(buf, _len_buf); + + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (error != NULL) ? _len_error : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (pathname != NULL) ? _len_pathname : 0)) + return SGX_ERROR_INVALID_PARAMETER; + if (ADD_ASSIGN_OVERFLOW(ocalloc_size, (buf != NULL) ? _len_buf : 0)) + return SGX_ERROR_INVALID_PARAMETER; + + __tmp = sgx_ocalloc(ocalloc_size); + if (__tmp == NULL) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + ms = (ms_u_fstatat64_ocall_t*)__tmp; + __tmp = (void *)((size_t)__tmp + sizeof(ms_u_fstatat64_ocall_t)); + ocalloc_size -= sizeof(ms_u_fstatat64_ocall_t); + + if (error != NULL) { + ms->ms_error = (int*)__tmp; + __tmp_error = __tmp; + if (_len_error % sizeof(*error) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + memset(__tmp_error, 0, _len_error); + __tmp = (void *)((size_t)__tmp + _len_error); + ocalloc_size -= _len_error; + } else { + ms->ms_error = NULL; + } + + ms->ms_dirfd = dirfd; + if (pathname != NULL) { + ms->ms_pathname = (const char*)__tmp; + if (_len_pathname % sizeof(*pathname) != 0) { + sgx_ocfree(); + return SGX_ERROR_INVALID_PARAMETER; + } + if (memcpy_s(__tmp, ocalloc_size, pathname, _len_pathname)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + __tmp = (void *)((size_t)__tmp + _len_pathname); + ocalloc_size -= _len_pathname; + } else { + ms->ms_pathname = NULL; + } + + if (buf != NULL) { + ms->ms_buf = (struct stat64_t*)__tmp; + __tmp_buf = __tmp; + memset(__tmp_buf, 0, _len_buf); + __tmp = (void *)((size_t)__tmp + _len_buf); + ocalloc_size -= _len_buf; + } else { + ms->ms_buf = NULL; + } + + ms->ms_flags = flags; + status = sgx_ocall(55, ms); + + if (status == SGX_SUCCESS) { + if (retval) *retval = ms->ms_retval; + if (error) { + if (memcpy_s((void*)error, _len_error, __tmp_error, _len_error)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + if (buf) { + if (memcpy_s((void*)buf, _len_buf, __tmp_buf, _len_buf)) { + sgx_ocfree(); + return SGX_ERROR_UNEXPECTED; + } + } + } + sgx_ocfree(); + return status; +} + diff --git a/rust-sgx-workspace/projects/ntc-tee-server/enclave/codegen/Enclave_t.h b/rust-sgx-workspace/projects/ntc-tee-server/enclave/codegen/Enclave_t.h new file mode 100644 index 0000000..5c5a7db --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/enclave/codegen/Enclave_t.h @@ -0,0 +1,88 @@ +#ifndef ENCLAVE_T_H__ +#define ENCLAVE_T_H__ + +#include +#include +#include +#include "sgx_edger8r.h" /* for sgx_ocall etc. */ + +#include "time.h" +#include "inc/stat.h" +#include "sys/uio.h" +#include "inc/stat.h" +#include "inc/dirent.h" + +#include /* for size_t */ + +#define SGX_CAST(type, item) ((type)(item)) + +#ifdef __cplusplus +extern "C" { +#endif + +sgx_status_t ecall_test(const uint8_t* some_string, size_t len); +void t_global_init_ecall(uint64_t id, const uint8_t* path, size_t len); +void t_global_exit_ecall(void); + +sgx_status_t SGX_CDECL u_thread_set_event_ocall(int* retval, int* error, const void* tcs); +sgx_status_t SGX_CDECL u_thread_wait_event_ocall(int* retval, int* error, const void* tcs, const struct timespec* timeout); +sgx_status_t SGX_CDECL u_thread_set_multiple_events_ocall(int* retval, int* error, const void** tcss, int total); +sgx_status_t SGX_CDECL u_thread_setwait_events_ocall(int* retval, int* error, const void* waiter_tcs, const void* self_tcs, const struct timespec* timeout); +sgx_status_t SGX_CDECL u_clock_gettime_ocall(int* retval, int* error, int clk_id, struct timespec* tp); +sgx_status_t SGX_CDECL u_read_ocall(size_t* retval, int* error, int fd, void* buf, size_t count); +sgx_status_t SGX_CDECL u_pread64_ocall(size_t* retval, int* error, int fd, void* buf, size_t count, int64_t offset); +sgx_status_t SGX_CDECL u_readv_ocall(size_t* retval, int* error, int fd, const struct iovec* iov, int iovcnt); +sgx_status_t SGX_CDECL u_preadv64_ocall(size_t* retval, int* error, int fd, const struct iovec* iov, int iovcnt, int64_t offset); +sgx_status_t SGX_CDECL u_write_ocall(size_t* retval, int* error, int fd, const void* buf, size_t count); +sgx_status_t SGX_CDECL u_pwrite64_ocall(size_t* retval, int* error, int fd, const void* buf, size_t count, int64_t offset); +sgx_status_t SGX_CDECL u_writev_ocall(size_t* retval, int* error, int fd, const struct iovec* iov, int iovcnt); +sgx_status_t SGX_CDECL u_pwritev64_ocall(size_t* retval, int* error, int fd, const struct iovec* iov, int iovcnt, int64_t offset); +sgx_status_t SGX_CDECL u_fcntl_arg0_ocall(int* retval, int* error, int fd, int cmd); +sgx_status_t SGX_CDECL u_fcntl_arg1_ocall(int* retval, int* error, int fd, int cmd, int arg); +sgx_status_t SGX_CDECL u_ioctl_arg0_ocall(int* retval, int* error, int fd, int request); +sgx_status_t SGX_CDECL u_ioctl_arg1_ocall(int* retval, int* error, int fd, int request, int* arg); +sgx_status_t SGX_CDECL u_close_ocall(int* retval, int* error, int fd); +sgx_status_t SGX_CDECL u_malloc_ocall(void** retval, int* error, size_t size); +sgx_status_t SGX_CDECL u_free_ocall(void* p); +sgx_status_t SGX_CDECL u_mmap_ocall(void** retval, int* error, void* start, size_t length, int prot, int flags, int fd, int64_t offset); +sgx_status_t SGX_CDECL u_munmap_ocall(int* retval, int* error, void* start, size_t length); +sgx_status_t SGX_CDECL u_msync_ocall(int* retval, int* error, void* addr, size_t length, int flags); +sgx_status_t SGX_CDECL u_mprotect_ocall(int* retval, int* error, void* addr, size_t length, int prot); +sgx_status_t SGX_CDECL u_open_ocall(int* retval, int* error, const char* pathname, int flags); +sgx_status_t SGX_CDECL u_open64_ocall(int* retval, int* error, const char* path, int oflag, int mode); +sgx_status_t SGX_CDECL u_fstat_ocall(int* retval, int* error, int fd, struct stat_t* buf); +sgx_status_t SGX_CDECL u_fstat64_ocall(int* retval, int* error, int fd, struct stat64_t* buf); +sgx_status_t SGX_CDECL u_stat_ocall(int* retval, int* error, const char* path, struct stat_t* buf); +sgx_status_t SGX_CDECL u_stat64_ocall(int* retval, int* error, const char* path, struct stat64_t* buf); +sgx_status_t SGX_CDECL u_lstat_ocall(int* retval, int* error, const char* path, struct stat_t* buf); +sgx_status_t SGX_CDECL u_lstat64_ocall(int* retval, int* error, const char* path, struct stat64_t* buf); +sgx_status_t SGX_CDECL u_lseek_ocall(uint64_t* retval, int* error, int fd, int64_t offset, int whence); +sgx_status_t SGX_CDECL u_lseek64_ocall(int64_t* retval, int* error, int fd, int64_t offset, int whence); +sgx_status_t SGX_CDECL u_ftruncate_ocall(int* retval, int* error, int fd, int64_t length); +sgx_status_t SGX_CDECL u_ftruncate64_ocall(int* retval, int* error, int fd, int64_t length); +sgx_status_t SGX_CDECL u_truncate_ocall(int* retval, int* error, const char* path, int64_t length); +sgx_status_t SGX_CDECL u_truncate64_ocall(int* retval, int* error, const char* path, int64_t length); +sgx_status_t SGX_CDECL u_fsync_ocall(int* retval, int* error, int fd); +sgx_status_t SGX_CDECL u_fdatasync_ocall(int* retval, int* error, int fd); +sgx_status_t SGX_CDECL u_fchmod_ocall(int* retval, int* error, int fd, uint32_t mode); +sgx_status_t SGX_CDECL u_unlink_ocall(int* retval, int* error, const char* pathname); +sgx_status_t SGX_CDECL u_link_ocall(int* retval, int* error, const char* oldpath, const char* newpath); +sgx_status_t SGX_CDECL u_linkat_ocall(int* retval, int* error, int olddirfd, const char* oldpath, int newdirfd, const char* newpath, int flags); +sgx_status_t SGX_CDECL u_rename_ocall(int* retval, int* error, const char* oldpath, const char* newpath); +sgx_status_t SGX_CDECL u_chmod_ocall(int* retval, int* error, const char* path, uint32_t mode); +sgx_status_t SGX_CDECL u_readlink_ocall(size_t* retval, int* error, const char* path, char* buf, size_t bufsz); +sgx_status_t SGX_CDECL u_symlink_ocall(int* retval, int* error, const char* path1, const char* path2); +sgx_status_t SGX_CDECL u_realpath_ocall(char** retval, int* error, const char* pathname); +sgx_status_t SGX_CDECL u_mkdir_ocall(int* retval, int* error, const char* pathname, uint32_t mode); +sgx_status_t SGX_CDECL u_rmdir_ocall(int* retval, int* error, const char* pathname); +sgx_status_t SGX_CDECL u_opendir_ocall(void** retval, int* error, const char* pathname); +sgx_status_t SGX_CDECL u_readdir64_r_ocall(int* retval, void* dirp, struct dirent64_t* entry, struct dirent64_t** result); +sgx_status_t SGX_CDECL u_closedir_ocall(int* retval, int* error, void* dirp); +sgx_status_t SGX_CDECL u_dirfd_ocall(int* retval, int* error, void* dirp); +sgx_status_t SGX_CDECL u_fstatat64_ocall(int* retval, int* error, int dirfd, const char* pathname, struct stat64_t* buf, int flags); + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif diff --git a/rust-sgx-workspace/projects/ntc-tee-server/enclave/src/lib.rs b/rust-sgx-workspace/projects/ntc-tee-server/enclave/src/lib.rs new file mode 100644 index 0000000..d18f06d --- /dev/null +++ b/rust-sgx-workspace/projects/ntc-tee-server/enclave/src/lib.rs @@ -0,0 +1,25 @@ +#![deny(unsafe_op_in_unsafe_fn)] +#![no_std] + +extern crate sgx_types; +#[macro_use] +extern crate sgx_tstd as std; + +use std::io::{self, Write}; +use std::slice; + +use sgx_types::sgx_status_t; + +/// Does a test ecall +/// +/// # Safety +/// Caller needs to ensure that `some_string` points to a valid slice of length `some_len` +#[no_mangle] +pub unsafe extern "C" fn ecall_test(some_string: *const u8, some_len: usize) -> sgx_status_t { + let str_slice = unsafe { slice::from_raw_parts(some_string, some_len) }; + let _ = io::stdout().write(str_slice); + + println!("Message from the enclave"); + + sgx_status_t::SGX_SUCCESS +} diff --git a/rust-sgx-workspace/rust-toolchain.toml b/rust-sgx-workspace/rust-toolchain.toml new file mode 100644 index 0000000..ff277a1 --- /dev/null +++ b/rust-sgx-workspace/rust-toolchain.toml @@ -0,0 +1,4 @@ +# Docs: https://rust-lang.github.io/rustup/overrides.html#the-toolchain-file +[toolchain] +# See README-SGX.md +channel = "nightly-2021-11-01" diff --git a/rust-sgx-workspace/rustfmt.toml b/rust-sgx-workspace/rustfmt.toml new file mode 100644 index 0000000..437afce --- /dev/null +++ b/rust-sgx-workspace/rustfmt.toml @@ -0,0 +1,6 @@ +# https://rust-lang.github.io/rustfmt/ +# Use "cargo +nightly fmt" to take advantage of the group_imports feature. + +imports_layout = "HorizontalVertical" +imports_granularity = "Module" +group_imports = "StdExternalCrate" From ce07644dc9acf8a42cfa7928126c41338e5639c6 Mon Sep 17 00:00:00 2001 From: Herman Date: Fri, 29 Apr 2022 16:03:05 +0200 Subject: [PATCH 3/4] feat(crypto): add basic data sealing roundtrip implementation using hpke --- rust-workspace/Cargo.lock | 379 +++++++++++++++++- .../crates/ntc-data-packages/Cargo.toml | 3 +- .../ntc-data-packages/src/crypto/mod.rs | 102 +++++ .../crates/ntc-data-packages/src/lib.rs | 1 + 4 files changed, 482 insertions(+), 3 deletions(-) create mode 100644 rust-workspace/crates/ntc-data-packages/src/crypto/mod.rs diff --git a/rust-workspace/Cargo.lock b/rust-workspace/Cargo.lock index 31bd13e..92e314f 100644 --- a/rust-workspace/Cargo.lock +++ b/rust-workspace/Cargo.lock @@ -2,6 +2,41 @@ # It is not intended for manual editing. version = 3 +[[package]] +name = "aead" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b613b8e1e3cf911a086f53f03bf286f52fd7a7258e4fa606f0ef220d39d8877" +dependencies = [ + "generic-array", +] + +[[package]] +name = "aes" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e8b47f52ea9bae42228d07ec09eb676433d7c4ed1ebdf0f1d1c29ed446f1ab8" +dependencies = [ + "cfg-if", + "cipher", + "cpufeatures", + "opaque-debug", +] + +[[package]] +name = "aes-gcm" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df5f85a83a7d8b0442b6aa7b504b8212c1733da07b98aae43d4bc21b2cb3cdf6" +dependencies = [ + "aead", + "aes", + "cipher", + "ctr", + "ghash", + "subtle", +] + [[package]] name = "ahash" version = "0.7.6" @@ -87,6 +122,15 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "block-buffer" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" +dependencies = [ + "generic-array", +] + [[package]] name = "bstr" version = "0.2.17" @@ -104,12 +148,52 @@ version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "72feb31ffc86498dacdbd0fcebb56138e7177a8cc5cea4516031d15ae85a742e" +[[package]] +name = "byteorder" +version = "1.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" + [[package]] name = "cfg-if" version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" +[[package]] +name = "chacha20" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01b72a433d0cf2aef113ba70f62634c56fddb0f244e6377185c56a7cadbd8f91" +dependencies = [ + "cfg-if", + "cipher", + "cpufeatures", + "zeroize", +] + +[[package]] +name = "chacha20poly1305" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b84ed6d1d5f7aa9bdde921a5090e0ca4d934d250ea3b402a5fab3a994e28a2a" +dependencies = [ + "aead", + "chacha20", + "cipher", + "poly1305", + "zeroize", +] + +[[package]] +name = "cipher" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ee52072ec15386f770805afd189a01c8841be8696bed250fa2f13c4c0d6dfb7" +dependencies = [ + "generic-array", +] + [[package]] name = "clap" version = "3.1.12" @@ -171,6 +255,59 @@ dependencies = [ "toml", ] +[[package]] +name = "cpufeatures" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59a6001667ab124aebae2a495118e11d30984c3a653e99d86d58971708cf5e4b" +dependencies = [ + "libc", +] + +[[package]] +name = "crypto-bigint" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f83bd3bb4314701c568e340cd8cf78c975aa0ca79e03d3f6d1677d5b0c9c0c03" +dependencies = [ + "generic-array", + "rand_core 0.6.3", + "subtle", + "zeroize", +] + +[[package]] +name = "crypto-mac" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1d1a86f49236c215f271d40892d5fc950490551400b02ef360692c29815c714" +dependencies = [ + "generic-array", + "subtle", +] + +[[package]] +name = "ctr" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "049bb91fb4aaf0e3c7efa6cd5ef877dbbbd15b39dad06d9948de4ec8a75761ea" +dependencies = [ + "cipher", +] + +[[package]] +name = "curve25519-dalek" +version = "3.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90f9d052967f590a76e62eb387bd0bbb1b000182c3cefe5364db6b7211651bc0" +dependencies = [ + "byteorder", + "digest", + "rand_core 0.5.1", + "subtle", + "zeroize", +] + [[package]] name = "darling" version = "0.13.4" @@ -218,6 +355,15 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6184e33543162437515c2e2b48714794e37845ec9851711914eec9d308f6ebe8" +[[package]] +name = "digest" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" +dependencies = [ + "generic-array", +] + [[package]] name = "directories-next" version = "2.0.0" @@ -251,6 +397,21 @@ version = "1.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e78d4f1cc4ae33bbfc157ed5d5a5ef3bc29227303d595861deb238fcec4e9457" +[[package]] +name = "elliptic-curve" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "beca177dcb8eb540133e7680baff45e7cc4d93bf22002676cec549f82343721b" +dependencies = [ + "crypto-bigint", + "ff", + "generic-array", + "group", + "rand_core 0.6.3", + "subtle", + "zeroize", +] + [[package]] name = "fancy-regex" version = "0.8.0" @@ -270,6 +431,16 @@ dependencies = [ "instant", ] +[[package]] +name = "ff" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d0f40b2dcd8bc322217a5f6559ae5f9e9d1de202a2ecee2e9eafcbece7562a4f" +dependencies = [ + "rand_core 0.6.3", + "subtle", +] + [[package]] name = "fnv" version = "1.0.7" @@ -296,6 +467,16 @@ dependencies = [ "num", ] +[[package]] +name = "generic-array" +version = "0.14.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd48d33ec7f05fbfa152300fdad764757cbded343c1aa1cff2fbaf4134851803" +dependencies = [ + "typenum", + "version_check", +] + [[package]] name = "getrandom" version = "0.2.6" @@ -307,6 +488,27 @@ dependencies = [ "wasi", ] +[[package]] +name = "ghash" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1583cc1656d7839fd3732b80cf4f38850336cdb9b8ded1cd399ca62958de3c99" +dependencies = [ + "opaque-debug", + "polyval", +] + +[[package]] +name = "group" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c363a5301b8f153d80747126a04b3c82073b9fe3130571a9d170cacdeaf7912" +dependencies = [ + "ff", + "rand_core 0.6.3", + "subtle", +] + [[package]] name = "hashbrown" version = "0.11.2" @@ -328,6 +530,48 @@ dependencies = [ "libc", ] +[[package]] +name = "hkdf" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01706d578d5c281058480e673ae4086a9f4710d8df1ad80a5b03e39ece5f886b" +dependencies = [ + "digest", + "hmac", +] + +[[package]] +name = "hmac" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b" +dependencies = [ + "crypto-mac", + "digest", +] + +[[package]] +name = "hpke" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "849e95e93b040915ae2ea8ae9cc0e73a0dc9804e557fa7959c1ba9dce20215a6" +dependencies = [ + "aead", + "aes-gcm", + "byteorder", + "chacha20poly1305", + "digest", + "generic-array", + "hkdf", + "p256", + "paste", + "rand_core 0.6.3", + "sha2", + "subtle", + "x25519-dalek", + "zeroize", +] + [[package]] name = "ident_case" version = "1.0.1" @@ -493,8 +737,10 @@ name = "ntc-data-packages" version = "0.1.0" dependencies = [ "anyhow", + "hpke", "jsonschema", "k9", + "rand", "rusty-sodalite", "serde", "serde_json", @@ -618,12 +864,27 @@ version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "87f3e037eac156d1775da914196f0f37741a274155e34a0b7e427c35d2a2ecb9" +[[package]] +name = "opaque-debug" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" + [[package]] name = "os_str_bytes" version = "6.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8e22443d1643a904602595ba1cd8f7d896afe56d26712531c5ff73a15b2fbf64" +[[package]] +name = "p256" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d053368e1bae4c8a672953397bd1bd7183dde1c72b0b7612a15719173148d186" +dependencies = [ + "elliptic-curve", +] + [[package]] name = "parking_lot" version = "0.12.0" @@ -647,12 +908,41 @@ dependencies = [ "windows-sys", ] +[[package]] +name = "paste" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c520e05135d6e763148b6426a837e239041653ba7becd2e538c076c738025fc" + [[package]] name = "percent-encoding" version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e" +[[package]] +name = "poly1305" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "048aeb476be11a4b6ca432ca569e375810de9294ae78f4774e78ea98a9246ede" +dependencies = [ + "cpufeatures", + "opaque-debug", + "universal-hash", +] + +[[package]] +name = "polyval" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8419d2b623c7c0896ff2d5d96e2cb4ede590fed28fcc34934f4c33c036e620a1" +dependencies = [ + "cfg-if", + "cpufeatures", + "opaque-debug", + "universal-hash", +] + [[package]] name = "ppv-lite86" version = "0.2.16" @@ -736,7 +1026,7 @@ checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" dependencies = [ "libc", "rand_chacha", - "rand_core", + "rand_core 0.6.3", ] [[package]] @@ -746,9 +1036,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" dependencies = [ "ppv-lite86", - "rand_core", + "rand_core 0.6.3", ] +[[package]] +name = "rand_core" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" + [[package]] name = "rand_core" version = "0.6.3" @@ -900,6 +1196,19 @@ dependencies = [ "syn", ] +[[package]] +name = "sha2" +version = "0.9.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" +dependencies = [ + "block-buffer", + "cfg-if", + "cpufeatures", + "digest", + "opaque-debug", +] + [[package]] name = "smallvec" version = "1.8.0" @@ -921,6 +1230,12 @@ version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" +[[package]] +name = "subtle" +version = "2.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" + [[package]] name = "syn" version = "1.0.91" @@ -932,6 +1247,18 @@ dependencies = [ "unicode-xid", ] +[[package]] +name = "synstructure" +version = "0.12.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f36bdaa60a83aca3921b5259d5400cbf5e90fc51931376a9bd4a0eb79aa7210f" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "unicode-xid", +] + [[package]] name = "tempfile" version = "3.3.0" @@ -1038,6 +1365,12 @@ dependencies = [ "serde", ] +[[package]] +name = "typenum" +version = "1.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" + [[package]] name = "unicode-bidi" version = "0.3.8" @@ -1059,6 +1392,16 @@ version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3" +[[package]] +name = "universal-hash" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9f214e8f697e925001e66ec2c6e37a4ef93f0f78c2eed7814394e10c62025b05" +dependencies = [ + "generic-array", + "subtle", +] + [[package]] name = "url" version = "2.2.2" @@ -1182,3 +1525,35 @@ name = "windows_x86_64_msvc" version = "0.34.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d19538ccc21819d01deaf88d6a17eae6596a12e9aafdbb97916fb49896d89de9" + +[[package]] +name = "x25519-dalek" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2392b6b94a576b4e2bf3c5b2757d63f10ada8020a2e4d08ac849ebcf6ea8e077" +dependencies = [ + "curve25519-dalek", + "rand_core 0.5.1", + "zeroize", +] + +[[package]] +name = "zeroize" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4756f7db3f7b5574938c3eb1c117038b8e07f95ee6718c0efad4ac21508f1efd" +dependencies = [ + "zeroize_derive", +] + +[[package]] +name = "zeroize_derive" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f8f187641dad4f680d25c4bfc4225b418165984179f26ca76ec4fb6441d3a17" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "synstructure", +] diff --git a/rust-workspace/crates/ntc-data-packages/Cargo.toml b/rust-workspace/crates/ntc-data-packages/Cargo.toml index 219b922..d224cae 100644 --- a/rust-workspace/crates/ntc-data-packages/Cargo.toml +++ b/rust-workspace/crates/ntc-data-packages/Cargo.toml @@ -12,9 +12,10 @@ jsonschema = { version = "0.16", default-features = false } serde = "1.0" serde_json = "1.0" thiserror = "1.0" - +hpke = "0.8.0" rusty-sodalite = { git = "https://github.com/PiDelport/rusty-sodalite", branch = "initial-version" } [dev-dependencies] anyhow = "1.0" k9 = "0.11" +rand = "0.8.5" diff --git a/rust-workspace/crates/ntc-data-packages/src/crypto/mod.rs b/rust-workspace/crates/ntc-data-packages/src/crypto/mod.rs new file mode 100644 index 0000000..ac07742 --- /dev/null +++ b/rust-workspace/crates/ntc-data-packages/src/crypto/mod.rs @@ -0,0 +1,102 @@ +use hpke::{ + aead::{AeadTag, ChaCha20Poly1305}, + kdf::HkdfSha384, + kem::X25519HkdfSha256, + rand_core::{CryptoRng, RngCore}, + HpkeError, Kem, OpModeR, OpModeS, +}; + +// TODO: Define info that can be sent alongside the message - application defined +// like which sk to use etc. +const INFO_STR: &[u8] = b"test"; + +pub struct SealedMessage { + pub encapped_key: ::EncappedKey, + pub ciphertext: Box<[u8]>, + pub tag: AeadTag, +} + +pub fn seal_message( + msg: &[u8], + associated_data: &[u8], + pk_recipient: ::PublicKey, + pk_sender: ::PublicKey, + sk_sender: ::PrivateKey, + csprng: &mut R, +) -> Result { + let (encapsulated_key, mut encryption_context) = + hpke::setup_sender::( + &OpModeS::Auth((sk_sender, pk_sender)), + &pk_recipient, + INFO_STR, + csprng, + )?; + let mut msg_copy = msg.to_vec(); + // TODO: add option for seal in place or use seal in place instead? + let tag = encryption_context.seal_in_place_detached(&mut msg_copy, associated_data)?; + + Ok(SealedMessage { + encapped_key: encapsulated_key, + ciphertext: msg_copy.into_boxed_slice(), + tag, + }) +} + +pub fn unseal_message( + sealed_message: &SealedMessage, + associated_data: &[u8], + sk_recipient: ::PrivateKey, + pk_sender: ::PublicKey, +) -> Result, HpkeError> { + let mut receiver_ctx = hpke::setup_receiver::( + &OpModeR::Auth(pk_sender), + &sk_recipient, + &sealed_message.encapped_key, + INFO_STR, + )?; + + let mut cipherext_copy = sealed_message.ciphertext.to_vec(); + + receiver_ctx.open_in_place_detached( + &mut cipherext_copy, + associated_data, + &sealed_message.tag, + )?; + + // Rename for clarity + let plaintext = cipherext_copy; + + Ok(plaintext.into_boxed_slice()) +} + +#[cfg(test)] +mod test { + + use super::*; + use rand::{self, SeedableRng}; + + #[test] + fn seal_unseal_roundtrip_success() { + let message = b"some string to send"; + let associated_data = b"some associated data to share"; + let (sk_sender, pk_sender) = X25519HkdfSha256::derive_keypair(b"some key material"); + let (sk_recipient, pk_recipient) = + X25519HkdfSha256::derive_keypair(b"some different key material"); + let mut csprng = rand::rngs::StdRng::from_entropy(); + + let sealed_message = seal_message( + message, + associated_data, + pk_recipient, + pk_sender.clone(), + sk_sender, + &mut csprng, + ) + .unwrap(); + + let unsealed_message = + unseal_message(&sealed_message, associated_data, sk_recipient, pk_sender).unwrap(); + + assert_eq!(unsealed_message, message.to_vec().into_boxed_slice()); + } +} diff --git a/rust-workspace/crates/ntc-data-packages/src/lib.rs b/rust-workspace/crates/ntc-data-packages/src/lib.rs index b94a04c..217b8db 100644 --- a/rust-workspace/crates/ntc-data-packages/src/lib.rs +++ b/rust-workspace/crates/ntc-data-packages/src/lib.rs @@ -1,4 +1,5 @@ //! Support for working with Nautilus Trusted Compute data packages. +pub mod crypto; pub mod data_packages; pub mod identity; From a0595e1eaef6bcf139634a159ed68c6b85d7177e Mon Sep 17 00:00:00 2001 From: Herman Date: Thu, 5 May 2022 15:33:32 +0200 Subject: [PATCH 4/4] feat(data-packages): update implementation with in-place implementation to prevent allocating --- .../ntc-data-packages/src/crypto/mod.rs | 98 ++++++++++--------- 1 file changed, 54 insertions(+), 44 deletions(-) diff --git a/rust-workspace/crates/ntc-data-packages/src/crypto/mod.rs b/rust-workspace/crates/ntc-data-packages/src/crypto/mod.rs index ac07742..8d01371 100644 --- a/rust-workspace/crates/ntc-data-packages/src/crypto/mod.rs +++ b/rust-workspace/crates/ntc-data-packages/src/crypto/mod.rs @@ -3,89 +3,90 @@ use hpke::{ kdf::HkdfSha384, kem::X25519HkdfSha256, rand_core::{CryptoRng, RngCore}, - HpkeError, Kem, OpModeR, OpModeS, + HpkeError, Kem as KemTrait, OpModeR, OpModeS, }; +type Kem = X25519HkdfSha256; +type Kdf = HkdfSha384; +type Aead = ChaCha20Poly1305; // TODO: Define info that can be sent alongside the message - application defined // like which sk to use etc. const INFO_STR: &[u8] = b"test"; -pub struct SealedMessage { - pub encapped_key: ::EncappedKey, - pub ciphertext: Box<[u8]>, - pub tag: AeadTag, +pub struct SealedMessage<'a> { + pub encapped_key: ::EncappedKey, + pub ciphertext: &'a [u8], + pub tag: AeadTag, } -pub fn seal_message( - msg: &[u8], +pub fn seal_message_in_place<'a, R: CryptoRng + RngCore>( + msg: &'a mut [u8], associated_data: &[u8], - pk_recipient: ::PublicKey, - pk_sender: ::PublicKey, - sk_sender: ::PrivateKey, + pk_recipient: ::PublicKey, + pk_sender: ::PublicKey, + sk_sender: ::PrivateKey, csprng: &mut R, -) -> Result { - let (encapsulated_key, mut encryption_context) = - hpke::setup_sender::( - &OpModeS::Auth((sk_sender, pk_sender)), - &pk_recipient, - INFO_STR, - csprng, - )?; - let mut msg_copy = msg.to_vec(); - // TODO: add option for seal in place or use seal in place instead? - let tag = encryption_context.seal_in_place_detached(&mut msg_copy, associated_data)?; +) -> Result, HpkeError> { + let (encapsulated_key, mut encryption_context) = hpke::setup_sender::( + &OpModeS::Auth((sk_sender, pk_sender)), + &pk_recipient, + INFO_STR, + csprng, + )?; + + let tag = encryption_context.seal_in_place_detached(msg, associated_data)?; Ok(SealedMessage { encapped_key: encapsulated_key, - ciphertext: msg_copy.into_boxed_slice(), + // TODO: don't copy + ciphertext: msg, tag, }) } -pub fn unseal_message( - sealed_message: &SealedMessage, +pub fn unseal_message_in_place<'a>( + ciphertext: &'a mut [u8], + encapped_key: ::EncappedKey, + tag: AeadTag, associated_data: &[u8], - sk_recipient: ::PrivateKey, - pk_sender: ::PublicKey, -) -> Result, HpkeError> { - let mut receiver_ctx = hpke::setup_receiver::( + sk_recipient: ::PrivateKey, + pk_sender: ::PublicKey, +) -> Result<&'a [u8], HpkeError> { + let mut receiver_ctx = hpke::setup_receiver::( &OpModeR::Auth(pk_sender), &sk_recipient, - &sealed_message.encapped_key, + &encapped_key, INFO_STR, )?; - let mut cipherext_copy = sealed_message.ciphertext.to_vec(); - - receiver_ctx.open_in_place_detached( - &mut cipherext_copy, - associated_data, - &sealed_message.tag, - )?; + receiver_ctx.open_in_place_detached(ciphertext, associated_data, &tag)?; // Rename for clarity - let plaintext = cipherext_copy; + let plaintext = ciphertext; - Ok(plaintext.into_boxed_slice()) + Ok(plaintext) } #[cfg(test)] mod test { + use std::vec; + use super::*; use rand::{self, SeedableRng}; #[test] fn seal_unseal_roundtrip_success() { - let message = b"some string to send"; + let message = vec![1, 2, 3, 4]; + let mut message_copy = message.clone(); let associated_data = b"some associated data to share"; let (sk_sender, pk_sender) = X25519HkdfSha256::derive_keypair(b"some key material"); let (sk_recipient, pk_recipient) = X25519HkdfSha256::derive_keypair(b"some different key material"); let mut csprng = rand::rngs::StdRng::from_entropy(); - let sealed_message = seal_message( - message, + let sealed_message = seal_message_in_place( + &mut message_copy, associated_data, pk_recipient, pk_sender.clone(), @@ -94,9 +95,18 @@ mod test { ) .unwrap(); - let unsealed_message = - unseal_message(&sealed_message, associated_data, sk_recipient, pk_sender).unwrap(); + let mut ciphertext = sealed_message.ciphertext.to_vec(); + + let unsealed_message = unseal_message_in_place( + &mut ciphertext, + sealed_message.encapped_key, + sealed_message.tag, + associated_data, + sk_recipient, + pk_sender, + ) + .unwrap(); - assert_eq!(unsealed_message, message.to_vec().into_boxed_slice()); + assert_eq!(unsealed_message, message); } }