linux-sgx: Improve the remote attestation (#1695)

The current implementation of remote attestation does not take into account the integrity of the wasm module. The SHA256 of the wasm module has been put into user_data to generate the quote, and more parameters are exposed for further verification.
2022-11-22 14:45:03 +08:00
parent 87c3195d47
commit 656a8427e6
11 changed files with 298 additions and 65 deletions
--- a/samples/sgx-ra/CMakeLists.txt
+++ b/samples/sgx-ra/CMakeLists.txt
@ -64,7 +64,8 @@ add_custom_command (
 add_custom_target (vmlib_untrusted ALL DEPENDS libvmlib_untrusted.a)

 execute_process (
-    COMMAND bash -c "sed -i -E 's/^#define LIB_RATS 0/#define LIB_RATS 1/g' ${SGX_PLATFORM_DIR}/enclave-sample/Enclave/Enclave.edl"
+    COMMAND bash -c "sed -i -E 's/^#define WASM_ENABLE_LIB_RATS 0/#define WASM_ENABLE_LIB_RATS 1/g' ${SGX_PLATFORM_DIR}/enclave-sample/Enclave/Enclave.edl"
+    COMMAND bash -c "sed -i -E 's/^WAMR_BUILD_LIB_RATS = 0/WAMR_BUILD_LIB_RATS = 1/g' ${SGX_PLATFORM_DIR}/enclave-sample/Makefile"
    OUTPUT_VARIABLE cmdOutput
 )

--- a/samples/sgx-ra/README.md
+++ b/samples/sgx-ra/README.md
@ -37,6 +37,21 @@ $ echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bioni
 $ wget -O - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add -
 $ sudo apt-get update
 $ sudo apt-get install -y libsgx-uae-service libsgx-dcap-default-qpl-dev libsgx-dcap-ql-dev libsgx-dcap-quote-verify-dev
+$ # install SGX SSL Library
+$ git clone https://github.com/intel/linux-sgx.git
+$ cd linux-sgx && make preparation
+$ sudo cp external/toolset/{current_distr}/* /usr/local/bin
+$ # Verify that the paths are correctly set 
+$ which ar as ld objcopy objdump ranlib
+$ cd ../
+$ git clone https://github.com/intel/intel-sgx-ssl.git
+$ wget https://www.openssl.org/source/openssl-1.1.1q.tar.gz
+$ cp openssl-1.1.1q.tar.gz intel-sgx-ssl/openssl_source
+$ rm -f openssl-1.1.1q.tar.gz
+$ cd intel-sgx-ssl/Linux
+$ source /opt/intel/sgxsdk/environment
+$ make all
+$ sudo make install
 ```

 You can optionally grant users to communicate with the SDK platform using the following command.
--- a/samples/sgx-ra/wasm-app/main.c
+++ b/samples/sgx-ra/wasm-app/main.c
@ -9,28 +9,109 @@
 #include <stdlib.h>
 #include "lib_rats_wrapper.h"

+#define __is_print(ch) ((unsigned int)((ch) - ' ') < 127u - ' ')
+
+/**
+ * hex_dump
+ *
+ * @brief dump data in hex format
+ *
+ * @param title: Title
+ * @param buf: User buffer
+ * @param size: Dump data size
+ * @param number: The number of outputs per line
+ *
+ * @return void
+ */
+void
+hex_dump(const char *title, const uint8_t *buf, uint32_t size, uint32_t number)
+{
+    int i, j;
+    if (title) {
+        printf("\n\t%s:\n\n", title);
+    }
+
+    for (i = 0; i < size; i += number) {
+        printf("%08X: ", i);
+
+        for (j = 0; j < number; j++) {
+            if (j % 8 == 0) {
+                printf(" ");
+            }
+            if (i + j < size)
+                printf("%02X ", buf[i + j]);
+            else
+                printf("   ");
+        }
+        printf(" ");
+
+        for (j = 0; j < number; j++) {
+            if (i + j < size) {
+                printf("%c", __is_print(buf[i + j]) ? buf[i + j] : '.');
+            }
+        }
+        printf("\n");
+    }
+}
+
 int
 main(int argc, char **argv)
 {
+    int ret_code = -1;
    char *evidence_json = NULL;
-    const char *hash = "12345678123456781234567812345678";
-    evidence_json = librats_collect((const uint8_t *)hash);
-    if (evidence_json == NULL) {
-        printf("Librats collect evidence failed.\n");
-        return -1;
-    }
-    printf("evidence json:\n%s\n", evidence_json);

-    if (librats_verify(evidence_json, (const uint8_t *)hash) != 0) {
-        printf("Evidence is not trusted.\n");
-    }
-    else {
-        printf("Evidence is trusted.\n");
+    // Generate user_data by SHA256 buffer and the wasm module.
+    // user_data = SHA256(sha256_wasm_module || buffer)
+    const char *buffer = "This is a sample.";
+
+    // If you want to declare the evidence of type rats_sgx_evidence_t on the
+    // stack, you should modify the stack size of the CMAKE_EXE_LINKER_FLAGS in
+    // CMakeLists.txt to 51200 at least.
+    rats_sgx_evidence_t *evidence =
+        (rats_sgx_evidence_t *)malloc(sizeof(rats_sgx_evidence_t));
+    if (!evidence) {
+        printf("ERROR: No memory to allocate.\n");
+        goto err;
    }

+    int rats_err = librats_collect(&evidence_json, buffer);
+    if (rats_err != 0) {
+        printf("ERROR: Collect evidence failed, error code: %#x\n", rats_err);
+        goto err;
+    }
+
+    if (librats_parse_evidence(evidence_json, evidence) != 0) {
+        printf("ERROR: Parse evidence failed.\n");
+        goto err;
+    }
+
+    // You could use these parameters for further verification.
+    hex_dump("Quote", evidence->quote, evidence->quote_size, 32);
+    hex_dump("User Data", evidence->user_data, SGX_USER_DATA_SIZE, 32);
+    hex_dump("MRENCLAVE", evidence->mr_enclave, SGX_MEASUREMENT_SIZE, 32);
+    hex_dump("MRSIGNER", evidence->mr_signer, SGX_MEASUREMENT_SIZE, 32);
+    printf("\n\tProduct ID:\t\t%u\n", evidence->product_id);
+    printf("\tSecurity Version:\t%u\n", evidence->security_version);
+    printf("\tAttributes.flags:\t%llu\n", evidence->att_flags);
+    printf("\tAttribute.xfrm:\t\t%llu\n", evidence->att_xfrm);
+
+    rats_err = librats_verify((const char *)evidence_json, evidence->user_data);
+    if (rats_err != 0) {
+        printf("ERROR: Evidence is not trusted, error code: %#x.\n", rats_err);
+        goto err;
+    }
+
+    ret_code = 0;
+    printf("Evidence is trusted.\n");
+
+err:
    if (evidence_json) {
        free(evidence_json);
    }

-    return 0;
+    if (evidence) {
+        free(evidence);
+    }
+
+    return ret_code;
 }