BLD: started implementing add_data (WIP)

Author: lacabra

enclave/safetrace/app/src/networking/ipc_listener.rs

@@ -57,8 +57,14 @@ pub(self) mod handling {
     use serde_json::Value;
 
     extern {
-    fn ecall_add_personal_data(eid: sgx_enclave_id_t, ret: *mut sgx_status_t,
-                     some_string: *const u8, len: usize) -> sgx_status_t;
+    fn ecall_add_personal_data(
+        eid: sgx_enclave_id_t,
+        ret: *mut sgx_status_t,
+        encryptedUserId: *const u8,
+        encryptedUserId_len: usize,
+        encryptedData: *const u8,
+        encryptedData_len: usize,
+        userPubKey: &[u8; 64]) -> sgx_status_t;
     }
 
     type ResponseResult = Result<IpcResponse, Error>;
@@ -102,10 +108,20 @@ pub(self) mod handling {
     // TODO
     //#[logfn(DEBUG)]
     pub fn add_personal_data( input: IpcInput, eid: sgx_enclave_id_t) -> ResponseResult {
-        let mut ret = sgx_status_t::SGX_SUCCESS;
-        let data = serde_json::to_string(&input).unwrap();
 
-        unsafe { ecall_add_personal_data(eid, &mut ret as *mut sgx_status_t, data.as_ptr() as * const u8, data.len()) };
+        let mut ret = sgx_status_t::SGX_SUCCESS;
+        let encryptedUserId = input.encryptedUserId.from_hex()?;
+        let encryptedData = input.encryptedData.from_hex()?;
+        let mut userPubKey = [0u8; 64];
+        userPubKey.clone_from_slice(&input.userPubKey.from_hex()?);
+
+        unsafe { ecall_add_personal_data(eid,
+                                         &mut ret as *mut sgx_status_t,
+                                         encryptedUserId.as_ptr() as * const u8,
+                                         encryptedUserId.len(),
+                                         encryptedData.as_ptr() as * const u8,
+                                         encryptedData.len(),
+                                         &userPubKey) };
 
         let result = IpcResults::AddPersonalData { status: Status::Passed };
         Ok(IpcResponse::AddPersonalData { result })

enclave/safetrace/enclave/Cargo.toml

@@ -26,6 +26,8 @@ libsecp256k1 = { version = "0.2" }
 lazy_static = {version = "1.3.0", features = ["spin_no_std"] }
 tiny-keccak = { version = "1.4" }
 sha2 = { version = "0.8.0", default-features = false}
+ring = { git = "https://github.com/elichai/ring.git", rev = "sgx-manual", default-features = false }
+
 
 [patch.'https://github.com/apache/teaclave-sgx-sdk.git']
 sgx_alloc = { path = "../../incubator-teaclave-sgx-sdk/sgx_alloc" }

enclave/safetrace/enclave/Enclave.edl

@@ -26,7 +26,13 @@ enclave {
     trusted {
         /* define ECALLs here. */
 
-        public sgx_status_t ecall_add_personal_data([in, size=len] const uint8_t* some_string, size_t len);
+        public sgx_status_t ecall_add_personal_data(
+            [in, size=encryptedUserId_len] const uint8_t* encryptedUserId,
+            size_t encryptedUserId_len,
+            [in, size=encryptedData_len] const uint8_t* encryptedData,
+            size_t encryptedData_len,
+            [in] uint8_t user_key[64]
+            );
 
         public sgx_status_t ecall_get_user_key(
             [out] uint8_t sig[65],

enclave/safetrace/enclave/src/data.rs

@@ -1,8 +1,9 @@
-use sgx_types::*;
 use serde::{Serialize, Deserialize};
-use std::{slice};
+// use std::{slice};
 use std::string::String;
-//use std::vec::Vec;
+use errors_t::EnclaveError;
+use types::{PubKey, DhKey};
+
 
 // Structs
 #[derive(Serialize, Deserialize, Clone, Debug)]
@@ -20,12 +21,29 @@ pub struct Request {
     userPubKey: String
 }
 
-pub fn ecall_add_personal_data_internal(data_json: *const u8, some_len: usize)  -> sgx_status_t {
+pub fn ecall_add_personal_data_internal(
+    encryptedUserId: &[u8],
+    encryptedData: &[u8],
+    userPubKey: &PubKey,
+    dhKey: &DhKey)  -> Result<(), EnclaveError> {
+
+
+    println!("Add personal data inside the enclave");
+
+    println!("{:?}", dhKey);
+    println!("Received UserPub Key Again: {:?}", userPubKey.to_vec());
+
+
+    // // let str_slice = unsafe { slice::from_raw_parts(data_json, some_len) };
+
+    // // Input sanitised in EngimaJS to object type
+    // let mut request: Request = serde_json::from_slice(str_slice).unwrap();
+
+    // println!("EncryptedUserId: {:?}", request.encryptedUserId);
+
+    // let inputkey = request.userPubKey;
 
-    let str_slice = unsafe { slice::from_raw_parts(data_json, some_len) };
 
-    // Input sanitised in EngimaJS to object type
-    let mut request: Request = serde_json::from_slice(str_slice).unwrap();
 
     // Read from the state
     // let mut data = Self::get_data();
@@ -35,7 +53,7 @@ pub fn ecall_add_personal_data_internal(data_json: *const u8, some_len: usize)
     // write_state!(DATASET => data);
 
     // Ocall to normal world for output
-    println!("Received Data: {:?}", &request);
+    //println!("Received Data: {:?}", &request);
 
-    sgx_status_t::SGX_SUCCESS
+    Ok(())
 }

enclave/safetrace/enclave/src/keys_t.rs

@@ -1,12 +1,15 @@
 use crate::SIGNING_KEY;
-use types::{PubKey, DhKey};
+use types::{PubKey, DhKey, SymmetricKey};
 use std::collections::HashMap;
 use std::{sync::SgxMutex as Mutex, sync::SgxMutexGuard as MutexGuard, vec::Vec};
 use serde::{Deserialize, Serialize};
 use secp256k1::{PublicKey, SecretKey, SharedSecret};
 use errors_t::{CryptoError, EnclaveError, ToolsError::MessagingError};
 use hash::{Keccak256, prepare_hash_multiple};
 
+//use ring::aead::{self, Nonce, Aad};
+//use std::{borrow::ToOwned};
+
 
 #[derive(Debug)]
 pub struct KeyPair {
@@ -50,11 +53,11 @@ impl KeyPair {
         let pubkey = PublicKey::parse(&pubarr)
             .map_err(|e| CryptoError::KeyError { key_type: "Private Key", err: Some(e) })?;
 
-        // let shared = SharedSecret::new(&pubkey, &self.privkey)
-        //     .map_err(|_| CryptoError::DerivingKeyError { self_key: self.get_pubkey(), other_key: *_pubarr })?;
+        let shared = SharedSecret::new(&pubkey, &self.privkey)
+            .map_err(|_| CryptoError::DerivingKeyError { self_key: self.get_pubkey(), other_key: *_pubarr })?;
 
         let mut result = [0u8; 32];
-        //result.copy_from_slice(shared.as_ref());
+        result.copy_from_slice(shared.as_ref());
         Ok(result)
     }
 
@@ -161,6 +164,28 @@ impl UserMessage {
     // }
 }
 
+
+// const IV_SIZE: usize = 96/8;
+// static AES_MODE: &aead::Algorithm = &aead::AES_256_GCM;
+// type IV = [u8; IV_SIZE];
+
+// pub fn decrypt(cipheriv: &[u8], key: &SymmetricKey) -> Result<Vec<u8>, CryptoError> {
+//     if cipheriv.len() < IV_SIZE {
+//         return Err(CryptoError::ImproperEncryption);
+//     }
+//     let aes_decrypt = aead::OpeningKey::new(&AES_MODE, key)
+//         .map_err(|_| CryptoError::KeyError { key_type: "Decryption", err: None })?;
+
+//     let (ciphertext, iv) = cipheriv.split_at(cipheriv.len()-12);
+//     let nonce = aead::Nonce::try_assume_unique_for_key(&iv).unwrap(); // This Cannot fail because split_at promises that iv.len()==12
+//     let mut ciphertext = ciphertext.to_owned();
+//     let decrypted_data = aead::open_in_place(&aes_decrypt, nonce, Aad::empty(), 0, &mut ciphertext);
+//     let decrypted_data = decrypted_data.map_err(|_| CryptoError::DecryptionError)?;
+
+//     Ok(decrypted_data.to_vec())
+// }
+
+
 /// A trait that is basically a shortcut for `mutex.lock().expect(format!("{} mutex is posion", name))`
 /// you instead call `mutex.lock_expect(name)` and it will act the same.
 pub trait LockExpectMutex<T> {

enclave/safetrace/enclave/src/lib.rs

@@ -36,12 +36,7 @@ extern crate lazy_static;
 // extern crate sgx_serialize_derive;
 
 use sgx_types::*;
-use std::string::String;
-use std::vec::Vec;
-use std::io::{self, Write};
 use std::{slice};
-//use std::{path::PathBuf, str};
-
 
 extern crate serde;
 extern crate serde_json;
@@ -50,6 +45,7 @@ extern crate tiny_keccak;
 extern crate sha2;
 extern crate rustc_hex;
 extern crate arrayvec;
+//extern crate ring;
 
 #[macro_use]
 mod macros;
@@ -61,11 +57,11 @@ mod types;
 mod hash;
 mod traits;
 
-use keys_t::{ecall_get_user_key_internal, KeyPair};
+use keys_t::{ecall_get_user_key_internal, KeyPair, DH_KEYS, LockExpectMutex};
 use data::ecall_add_personal_data_internal;
 use storage::*;
-use types::EnclaveReturn;
-use errors_t::EnclaveError;
+use types::{PubKey, DhKey, EnclaveReturn};
+use errors_t::{EnclaveError, CryptoError};
 use traits::SliceCPtr;
 
 lazy_static! {
@@ -114,8 +110,31 @@ pub unsafe extern "C" fn ecall_get_user_key(sig: &mut [u8; 65], user_pubkey: &[u
     EnclaveReturn::Success
 }
 
+fn get_io_key(user_key: &PubKey) -> Result<DhKey, EnclaveError> {
+    let io_key = DH_KEYS
+        .lock_expect("User DH Key")
+        .remove(&user_key[..])
+        .ok_or(CryptoError::MissingKeyError { key_type: "DH Key" })?;
+    Ok(io_key)
+}
+
 #[no_mangle]
-pub extern "C" fn ecall_add_personal_data(data_string: *const u8, data_len: usize) -> sgx_status_t {
-    ecall_add_personal_data_internal(data_string, data_len);
-    sgx_status_t::SGX_SUCCESS
+pub unsafe extern "C" fn ecall_add_personal_data(
+    encryptedUserId: *const u8,
+    encryptedUserId_len: usize,
+    encryptedData: *const u8,
+    encryptedData_len: usize,
+    userPubKey: &[u8; 64]) -> EnclaveReturn {
+
+    let encryptedUserId = slice::from_raw_parts(encryptedUserId, encryptedUserId_len);
+    let encryptedData = slice::from_raw_parts(encryptedData, encryptedData_len);
+
+    let io_key;
+    match get_io_key(userPubKey) {
+        Ok(v) => io_key = v,
+        Err(e) => return e.into(),
+    }
+
+    let result = ecall_add_personal_data_internal(encryptedUserId, encryptedData, userPubKey, &io_key);
+    EnclaveReturn::Success
 }