samplecode/static-data-distribution/app/src/main.rs - incubator-teaclave-sgx-sdk - Git at Google

 // Licensed to the Apache Software Foundation (ASF) under one
 // or more contributor license agreements.  See the NOTICE file
 // distributed with this work for additional information
 // regarding copyright ownership.  The ASF licenses this file
 // to you under the Apache License, Version 2.0 (the
 // "License"); you may not use this file except in compliance
 // with the License.  You may obtain a copy of the License at
 //
 //   http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing,
 // software distributed under the License is distributed on an
 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License..

 extern crate serde_json;
 extern crate sgx_crypto_helper;
 extern crate sgx_types;
 extern crate sgx_urts;
 use sgx_types::*;
 use sgx_urts::SgxEnclave;

 use sgx_crypto_helper::RsaKeyPair;
 use sgx_crypto_helper::rsa3072::{Rsa3072KeyPair, Rsa3072PubKey};

 static ENCLAVE_FILE: &'static str = "enclave.signed.so";
 use std::io::Write;

 extern "C" {
     fn say_something(
         eid: sgx_enclave_id_t,
         retval: *mut sgx_status_t,
         some_string: *const u8,
         len: usize,
     ) -> sgx_status_t;
     fn fake_provisioning(
         eid: sgx_enclave_id_t,
         retval: *mut sgx_status_t,
         key_ptr: *const u8,
         len: usize,
     ) -> sgx_status_t;
 }

 fn init_enclave() -> SgxResult<SgxEnclave> {
     let mut launch_token: sgx_launch_token_t = [0; 1024];
     let mut launch_token_updated: i32 = 0;
     // call sgx_create_enclave to initialize an enclave instance
     // Debug Support: set 2nd parameter to 1
     let debug = 1;
     let mut misc_attr = sgx_misc_attribute_t {secs_attr: sgx_attributes_t { flags:0, xfrm:0}, misc_select:0};
     SgxEnclave::create(ENCLAVE_FILE,
                        debug,
                        &mut launch_token,
                        &mut launch_token_updated,
                        &mut misc_attr)
 }

 fn main() {
     let enclave = match init_enclave() {
         Ok(r) => {
             println!("[+] Init Enclave Successful {}!", r.geteid());
             r
         }
         Err(x) => {
             println!("[-] Init Enclave Failed {}!", x.as_str());
             return;
         }
     };

     // Step 1: Generate a pair of RSA key
     let rsa_keypair = Rsa3072KeyPair::new().unwrap();

     // Step 2: Provision it to an enclave. RA-TLS based solution is more practical.
     // The current solution is just for demo. Do not use it in production.
     let rsa_key_json = serde_json::to_string(&rsa_keypair).unwrap();

     let mut retval = sgx_status_t::SGX_SUCCESS;

     let result = unsafe {
         fake_provisioning(
             enclave.geteid(),
             &mut retval,
             rsa_key_json.as_ptr() as *const u8,
             rsa_key_json.len(),
         )
     };

     match result {
         sgx_status_t::SGX_SUCCESS => {}
         _ => {
             println!("[-] ECALL Enclave Failed {}!", result.as_str());
             return;
         }
     }

     // Step 3: Generate a static data

     let text = String::from("Can you decrypt this").repeat(300);
     let text_slice = &text.into_bytes();

     let mut ciphertext = Vec::new();
     //match rsa_keypair.encrypt_buffer(text_slice, &mut ciphertext) {
     //    Ok(n) => println!("Generated payload {} bytes", n),
     //    Err(x) => println!("Error occured during encryption {}", x),
     //}

     let exported_pubkey: Rsa3072PubKey = rsa_keypair.export_pubkey().unwrap();
     let serialized_pubkey = serde_json::to_string(&exported_pubkey).unwrap();
     println!("exported pubkey = {}", serialized_pubkey);

     let imported_pubkey: Rsa3072PubKey = serde_json::from_str(&serialized_pubkey).unwrap();
     println!("imported pubkey = {:?}", imported_pubkey);
     match imported_pubkey.encrypt_buffer(text_slice, &mut ciphertext) {
         Ok(n) => println!("Generated payload {} bytes", n),
         Err(x) => println!("Error occured during encryption {}", x),
     }

     match std::fs::File::create("static_data.bin") {
         Ok(mut f) => {
             f.write_all(&ciphertext).unwrap();
             println!("File saved successfully!");
         }
         Err(x) => {
             println!("Create static_data.bin failed {}", x);
             return;
         }
     }

     let hello_string = "Hello world!".to_string();
     let result = unsafe {
         say_something(
             enclave.geteid(),
             &mut retval,
             hello_string.as_ptr() as *const u8,
             hello_string.len(),
         )
     };

     match result {
         sgx_status_t::SGX_SUCCESS => {}
         _ => {
             println!("[-] ECALL Enclave Failed {}!", result.as_str());
             return;
         }
     }

     println!("[+] say_something success...");

     enclave.destroy();
 }
	// Licensed to the Apache Software Foundation (ASF) under one
	// or more contributor license agreements. See the NOTICE file
	// distributed with this work for additional information
	// regarding copyright ownership. The ASF licenses this file
	// to you under the Apache License, Version 2.0 (the
	// "License"); you may not use this file except in compliance
	// with the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing,
	// software distributed under the License is distributed on an
	// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	// KIND, either express or implied. See the License for the
	// specific language governing permissions and limitations
	// under the License..

	extern crate serde_json;
	extern crate sgx_crypto_helper;
	extern crate sgx_types;
	extern crate sgx_urts;
	use sgx_types::*;
	use sgx_urts::SgxEnclave;

	use sgx_crypto_helper::RsaKeyPair;
	use sgx_crypto_helper::rsa3072::{Rsa3072KeyPair, Rsa3072PubKey};

	static ENCLAVE_FILE: &'static str = "enclave.signed.so";
	use std::io::Write;

	extern "C" {
	fn say_something(
	eid: sgx_enclave_id_t,
	retval: *mut sgx_status_t,
	some_string: *const u8,
	len: usize,
	) -> sgx_status_t;
	fn fake_provisioning(
	eid: sgx_enclave_id_t,
	retval: *mut sgx_status_t,
	key_ptr: *const u8,
	len: usize,
	) -> sgx_status_t;
	}

	fn init_enclave() -> SgxResult<SgxEnclave> {
	let mut launch_token: sgx_launch_token_t = [0; 1024];
	let mut launch_token_updated: i32 = 0;
	// call sgx_create_enclave to initialize an enclave instance
	// Debug Support: set 2nd parameter to 1
	let debug = 1;
	let mut misc_attr = sgx_misc_attribute_t {secs_attr: sgx_attributes_t { flags:0, xfrm:0}, misc_select:0};
	SgxEnclave::create(ENCLAVE_FILE,
	debug,
	&mut launch_token,
	&mut launch_token_updated,
	&mut misc_attr)
	}

	fn main() {
	let enclave = match init_enclave() {
	Ok(r) => {
	println!("[+] Init Enclave Successful {}!", r.geteid());
	r
	}
	Err(x) => {
	println!("[-] Init Enclave Failed {}!", x.as_str());
	return;
	}
	};

	// Step 1: Generate a pair of RSA key
	let rsa_keypair = Rsa3072KeyPair::new().unwrap();

	// Step 2: Provision it to an enclave. RA-TLS based solution is more practical.
	// The current solution is just for demo. Do not use it in production.
	let rsa_key_json = serde_json::to_string(&rsa_keypair).unwrap();

	let mut retval = sgx_status_t::SGX_SUCCESS;

	let result = unsafe {
	fake_provisioning(
	enclave.geteid(),
	&mut retval,
	rsa_key_json.as_ptr() as *const u8,
	rsa_key_json.len(),
	)
	};

	match result {
	sgx_status_t::SGX_SUCCESS => {}
	_ => {
	println!("[-] ECALL Enclave Failed {}!", result.as_str());
	return;
	}
	}

	// Step 3: Generate a static data

	let text = String::from("Can you decrypt this").repeat(300);
	let text_slice = &text.into_bytes();

	let mut ciphertext = Vec::new();
	//match rsa_keypair.encrypt_buffer(text_slice, &mut ciphertext) {
	// Ok(n) => println!("Generated payload {} bytes", n),
	// Err(x) => println!("Error occured during encryption {}", x),
	//}

	let exported_pubkey: Rsa3072PubKey = rsa_keypair.export_pubkey().unwrap();
	let serialized_pubkey = serde_json::to_string(&exported_pubkey).unwrap();
	println!("exported pubkey = {}", serialized_pubkey);

	let imported_pubkey: Rsa3072PubKey = serde_json::from_str(&serialized_pubkey).unwrap();
	println!("imported pubkey = {:?}", imported_pubkey);
	match imported_pubkey.encrypt_buffer(text_slice, &mut ciphertext) {
	Ok(n) => println!("Generated payload {} bytes", n),
	Err(x) => println!("Error occured during encryption {}", x),
	}

	match std::fs::File::create("static_data.bin") {
	Ok(mut f) => {
	f.write_all(&ciphertext).unwrap();
	println!("File saved successfully!");
	}
	Err(x) => {
	println!("Create static_data.bin failed {}", x);
	return;
	}
	}

	let hello_string = "Hello world!".to_string();
	let result = unsafe {
	say_something(
	enclave.geteid(),
	&mut retval,
	hello_string.as_ptr() as *const u8,
	hello_string.len(),
	)
	};

	match result {
	sgx_status_t::SGX_SUCCESS => {}
	_ => {
	println!("[-] ECALL Enclave Failed {}!", result.as_str());
	return;
	}
	}

	println!("[+] say_something success...");

	enclave.destroy();
	}