temp commit

fuzz/CMakeLists.txt

@@ -1,4 +1,7 @@
 add_subdirectory(tls_init)
 add_subdirectory(tls_negotiate)
 add_subdirectory(tls_server)
-add_subdirectory(tls_transmit)
+add_subdirectory(tls_transmit)
+if(SGX)
+    add_subdirectory(sgx-stub-enclave)
+endif()

fuzz/sgx-stub-enclave/CMakeLists.txt

@@ -0,0 +1,81 @@
+# Project name
+project(sgx-stub-enclave)
+
+if(BUILD_FUZZ)
+    set(INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/rats-tls
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/external/sgx-ssl/intel-sgx-ssl/src/intel-sgx-ssl/Linux/package/include
+                     )
+
+    set(LIBRARY_DIRS ${INTEL_SGXSSL_LIB_PATH}
+                     ${LIBCBOR_LIB_PATH}
+                     ${CMAKE_BINARY_DIR}/src
+                     ${CMAKE_BINARY_DIR}/src/crypto_wrappers/nullcrypto
+                     ${CMAKE_BINARY_DIR}/src/crypto_wrappers/openssl
+                     ${CMAKE_BINARY_DIR}/src/tls_wrappers/nulltls
+                     ${CMAKE_BINARY_DIR}/src/tls_wrappers/openssl
+                     ${CMAKE_BINARY_DIR}/src/verifiers/nullverifier
+                     ${CMAKE_BINARY_DIR}/src/verifiers/sgx-ecdsa-qve
+                     ${CMAKE_BINARY_DIR}/src/verifiers/tdx-ecdsa
+                     ${CMAKE_BINARY_DIR}/src/verifiers/sgx-la
+                     ${CMAKE_BINARY_DIR}/src/attesters/nullattester
+                     ${CMAKE_BINARY_DIR}/src/attesters/sgx-ecdsa
+                     ${CMAKE_BINARY_DIR}/src/attesters/sgx-la
+                     )
+
+    set(EDL_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}
+                         ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl
+                         )
+else()
+    list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake")
+    include(CustomInstallDirs)
+    include(FindRatsTls)
+    if(NOT RATS_TLS_FOUND)
+        message(FATAL_ERROR "Failed to find rats_tls!")
+    endif()
+    include(FindSGX)
+    if(NOT SGX_FOUND)
+        message(FATAL_ERROR "Failed to find sgx!")
+    endif()
+    include(CompilerOptions)
+    include(SGXCommon)
+
+    set(INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/rats-tls
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl)
+
+    set(LIBRARY_DIRS ${RATS_TLS_INSTALL_LIB_PATH})
+
+    set(EDL_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl)
+endif()
+
+include_directories(${INCLUDE_DIRS})
+link_directories(${LIBRARY_DIRS})
+
+set(E_SRCS ${CMAKE_CURRENT_SOURCE_DIR}/sgx_stub_ecall.c)
+set(EDLS ${CMAKE_CURRENT_SOURCE_DIR}/sgx_stub.edl)
+set(LDS ${CMAKE_CURRENT_SOURCE_DIR}/sgx_stub_enclave.lds)
+set(DEPEND_TRUSTED_LIBS crypto_wrapper_nullcrypto
+                        crypto_wrapper_openssl
+                        tls_wrapper_nulltls
+                        tls_wrapper_openssl
+                        attester_nullattester
+                        attester_sgx_ecdsa
+                        attester_sgx_la
+                        verifier_nullverifier
+                        verifier_sgx_la
+                        verifier_sgx_ecdsa_qve
+                        verifier_tdx_ecdsa
+                        rats_tls
+                        cbor
+                        )
+
+# 不能开启 sample on
+add_enclave_library(sgx_stub_enclave SRCS ${E_SRCS} EDL ${EDLS} TRUSTED_LIBS ${DEPEND_TRUSTED_LIBS} EDL_SEARCH_PATHS ${EDL_SEARCH_PATHS} LDSCRIPT ${LDS})
+
+enclave_sign(sgx_stub_enclave KEY sgx_stub_enclave.pem CONFIG sgx_stub_enclave.xml)
+add_dependencies(sgx_stub_enclave rats_tls)
+
+install(FILES ${CMAKE_CURRENT_BINARY_DIR}/sgx_stub_enclave.signed.so
+        DESTINATION /usr/share/rats-tls/fuzz)

fuzz/sgx-stub-enclave/sgx_stub.edl

@@ -0,0 +1,29 @@
+enclave {
+        include "rats-tls/api.h"
+        include "internal/core.h"
+        include "sgx_eid.h"
+
+        from "../../src/include/edl/rtls.edl" import *;
+        from "sgx_tsgxssl.edl" import *;
+
+        trusted {
+                public int ecall_rtls_server_startup(rats_tls_log_level_t log_level,
+                                [in, string] char *attester_type,
+                                [in, string] char *verifier_type,
+                                [in, string] char *tls_type,
+                                [in, string] char *crypto_type,
+                                unsigned long flags,
+                                uint32_t s_ip,
+                                uint16_t s_port);
+                public int ecall_rtls_client_startup(rats_tls_log_level_t log_level,
+                                [in, string] char *attester_type,
+                                [in, string] char *verifier_type,
+                                [in, string] char *tls_type,
+                                [in, string] char *crypto_type,
+                                unsigned long flags,
+                                uint32_t s_ip,
+                                uint16_t s_port,
+                                bool verdictd);
+                public int ecall_rtsl_fuzz_inti(rats_tls_conf_t conf);
+        };
+};