feat(user-auth): initial implementation #1
Conversation
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
6 times, most recently
from
be2452a to
906fb31
Compare
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
8 times, most recently
from
473784e to
45b9074
Compare
user-auth/README.md
Outdated
| | |-- Enclave.lds | ||
| | |-- Makefile | ||
| | |-- Xargo.toml | ||
| | +-- rust-toolchain |
There was a problem hiding this comment.
same here, to avoid duplicating this info
There was a problem hiding this comment.
This is a draft only. The final version will look different.
|
General note: copyright blurbs are not needed at the top of the source files, because LICENSE (at the repo root) should cover it. See Rust project (rust-lang/rust) as an example. |
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
from
45b9074 to
e084035
Compare
|
I see that we actually have a mix of licenses, something to be clear about (what is the criteria?). As a sidenote, it looks like one can create AGPL software that depends (via static or dynamic linking) on Apache 2 software. |
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
from
e084035 to
391c07d
Compare
In this case yes but this is not true in general. Free software licenses, even permissive ones. virtually always require that one preserve any copyright notices. See for example section 4 of the Apache-2.0 license. |
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
from
391c07d to
fb2d3b6
Compare
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
from
fb2d3b6 to
15d4de7
Compare
|
ah, good to know |
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
3 times, most recently
from
fd94cf6 to
26bd60a
Compare
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
5 times, most recently
from
f23ded4 to
259933f
Compare
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
from
259933f to
4c7fd4d
Compare
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
from
4c7fd4d to
5261174
Compare
| @@ -0,0 +1,161 @@ | |||
| #![no_std] | |||
There was a problem hiding this comment.
perhaps redundant, since std will result in build errors anyways
There was a problem hiding this comment.
unexcellent thought... ignore me
user-auth/enclave/src/lib.rs
Outdated
| fn new_hash_context<'a>(pepper: &'a [u8]) -> Result<Argon2<'a>, argon2::Error> { | ||
| Argon2::<'a>::new_with_secret( |
| let hash_ctx = new_hash_context(pepper.as_ref()); | ||
|
|
||
| match hash_ctx { | ||
| Err(_) => sgx_status_t::SGX_ERROR_UNEXPECTED, |
There was a problem hiding this comment.
would be kool to display the error value (perhaps with eprintln! OCALL), of if it really is not useful, use an if let Ok(ctx) to reduce right-ward drift (and perhaps improve readability)
user-auth/enclave/src/lib.rs
Outdated
| // Convert the Argon2 memory cost from MiB to KiB | ||
| const fn m_cost_calc(mebibytes: u32) -> { | ||
| mebibytes * 1024 | ||
| } |
There was a problem hiding this comment.
Just do this in a constant called M_COST_KIB and remove M_COST_MIB. Much simpler.
user-auth/enclave/src/lib.rs
Outdated
| /// dynammically calculated! | ||
| // XXX: Certain assumptions are made here that relate to the hash context. See | ||
| // the doc comment above. | ||
| pub const HASH_STRING_LENGTH: usize = 97; |
There was a problem hiding this comment.
Link the PHC specification
jdvlio
force-pushed
the
feat-initial-user-auth-enclave
branch
from
5261174 to
fea6380
Compare
| @@ -3,4 +3,5 @@ | |||
| [workspace] | |||
| members = [ | |||
| "sealing", | |||
| "user-auth" | |||
There was a problem hiding this comment.
| "user-auth" | |
| "user-auth", |
make diffs more pleasant to read :)
| @@ -0,0 +1,8 @@ | |||
| [package] | |||
| name = "user-auth-common" | |||
| version = "0.1.0" | |||
There was a problem hiding this comment.
nit: I like leaving this at 0.0.0 until we actually make releases, where it actually matters
|
|
||
| # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html | ||
|
|
||
| [dependencies] |
There was a problem hiding this comment.
nit: noise :)
| # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html | |
| [dependencies] |
| @@ -0,0 +1 @@ | |||
| {"rustc_fingerprint":14295617405981936619,"outputs":{"15697416045686424142":{"success":true,"status":"","code":0,"stdout":"___\nlib___.rlib\nlib___.so\nlib___.so\nlib___.a\nlib___.so\n","stderr":""},"10376369925670944939":{"success":true,"status":"","code":0,"stdout":"___\nlib___.rlib\nlib___.so\nlib___.so\nlib___.a\nlib___.so\n/home/jean-pierre/.rustup/toolchains/nightly-2022-10-22-x86_64-unknown-linux-gnu\ndebug_assertions\npanic=\"unwind\"\nproc_macro\ntarget_abi=\"\"\ntarget_arch=\"x86_64\"\ntarget_endian=\"little\"\ntarget_env=\"gnu\"\ntarget_family=\"unix\"\ntarget_feature=\"fxsr\"\ntarget_feature=\"llvm14-builtins-abi\"\ntarget_feature=\"sse\"\ntarget_feature=\"sse2\"\ntarget_has_atomic=\"16\"\ntarget_has_atomic=\"32\"\ntarget_has_atomic=\"64\"\ntarget_has_atomic=\"8\"\ntarget_has_atomic=\"ptr\"\ntarget_has_atomic_equal_alignment=\"16\"\ntarget_has_atomic_equal_alignment=\"32\"\ntarget_has_atomic_equal_alignment=\"64\"\ntarget_has_atomic_equal_alignment=\"8\"\ntarget_has_atomic_equal_alignment=\"ptr\"\ntarget_has_atomic_load_store=\"16\"\ntarget_has_atomic_load_store=\"32\"\ntarget_has_atomic_load_store=\"64\"\ntarget_has_atomic_load_store=\"8\"\ntarget_has_atomic_load_store=\"ptr\"\ntarget_os=\"linux\"\ntarget_pointer_width=\"64\"\ntarget_thread_local\ntarget_vendor=\"unknown\"\nunix\n","stderr":""},"4614504638168534921":{"success":true,"status":"","code":0,"stdout":"rustc 1.66.0-nightly (5c8bff74b 2022-10-21)\nbinary: rustc\ncommit-hash: 5c8bff74bc1c52bef0c79f3689bb227f51f3e82d\ncommit-date: 2022-10-21\nhost: x86_64-unknown-linux-gnu\nrelease: 1.66.0-nightly\nLLVM version: 15.0.2\n","stderr":""}},"successes":{}} | |||
There was a problem hiding this comment.
hm, somehow .gitignore was ignored :)
| password-hash = { version = "0.4", features = ["std"] } | ||
| argon2 = { version = "0.4", features = ["rand"] } | ||
|
|
||
| [patch.'https://github.com/apache/teaclave-sgx-sdk.git'] |
| match verify_status { | ||
| VerifyPasswordStatus::InvalidPassword => Ok(VerifyPasswordStatus::InvalidPassword), | ||
| VerifyPasswordStatus::PasswordVerified => Ok(VerifyPasswordStatus::PasswordVerified), | ||
| } |
There was a problem hiding this comment.
| match verify_status { | |
| VerifyPasswordStatus::InvalidPassword => Ok(VerifyPasswordStatus::InvalidPassword), | |
| VerifyPasswordStatus::PasswordVerified => Ok(VerifyPasswordStatus::PasswordVerified), | |
| } | |
| Ok(verify_status) |
| user_auth_sgx, | ||
| InvalidHashString, | ||
| PyException, | ||
| "supplied hash is not a valid PHC string" |
There was a problem hiding this comment.
| "supplied hash is not a valid PHC string" | |
| "supplied hash is not a valid PHC string", |
| <ProdID>0</ProdID> | ||
| <ISVSVN>0</ISVSVN> | ||
| <StackMaxSize>0x40000</StackMaxSize> | ||
| <HeapMaxSize>0x1600000</HeapMaxSize> |
There was a problem hiding this comment.
would be kool to explan here why this was increased
| @@ -0,0 +1,161 @@ | |||
| #![no_std] | |||
There was a problem hiding this comment.
unexcellent thought... ignore me
| unsafe { *verify_status = VerifyPasswordStatus::InvalidPassword }; | ||
| sgx_status_t::SGX_SUCCESS | ||
| } | ||
| Err(_) => sgx_status_t::SGX_ERROR_UNEXPECTED, |
There was a problem hiding this comment.
I would at least do eprintln! ocall, or debugging this may get unpleasant, requiring a re-compile. We can also do a TODO note, so we don't forget to look at it again when it gets to production.
Initial implementation of the user authentication enclave