Skip to content

Commit

Permalink
temporary storage, it wouldbe delete when finished
Browse files Browse the repository at this point in the history
  • Loading branch information
Ben-cpy committed Dec 11, 2023
1 parent d427a4e commit fb8ba10
Show file tree
Hide file tree
Showing 3 changed files with 148 additions and 126 deletions.
195 changes: 104 additions & 91 deletions fuzz/sgx-stub-enclave/sgx_stub_ecall.c
Original file line number Diff line number Diff line change
Expand Up @@ -12,38 +12,76 @@
#define FUZZ_IP "127.0.0.1"
#define FUZZ_PORT 1234

int ecall_client_startup(rats_tls_log_level_t log_level, char *fuzz_conf_bytes, char *attester_type,
char *verifier_type, char *tls_type, char *crypto_type,
unsigned long flags, uint32_t s_ip, uint16_t s_port)


int ecall_server_startup(rats_tls_log_level_t log_level, char *attester_type, char *verifier_type,
char *tls_type, char *crypto_type, unsigned long flags, uint32_t s_ip,
uint16_t s_port)
{

rats_tls_conf_t conf;
memset(&conf, 0, sizeof(rats_tls_conf_t));

memset(&conf, 0, sizeof(conf));
conf.log_level = log_level;
snprintf(conf.attester_type, sizeof(conf.attester_type), "%s", attester_type);
snprintf(conf.verifier_type, sizeof(conf.verifier_type), "%s", verifier_type);
snprintf(conf.tls_type, sizeof(conf.tls_type), "%s", tls_type);
snprintf(conf.crypto_type, sizeof(conf.crypto_type), "%s", crypto_type);
conf.flags = flags;
conf.cert_algo = RATS_TLS_CERT_ALGO_DEFAULT;

RTLS_INFO("Enter the client \n");

claim_t custom_claims[2] = {
{ .name = "key_0", .value = (uint8_t *)"value_0", .value_size = sizeof("value_0") },
{ .name = "key_1", .value = (uint8_t *)"value_1", .value_size = sizeof("value_1") },
};
conf.custom_claims = (claim_t *)custom_claims;
conf.custom_claims_length = 2;

/* Create a socket that uses an internet IPv4 address,
* Sets the socket to be stream based (TCP),
* 0 means choose the default protocol.
*/

int64_t sockfd;
int sgx_status = ocall_socket(&sockfd, RTLS_AF_INET, RTLS_SOCK_STREAM, 0);
if (sgx_status != SGX_SUCCESS || sockfd < 0) {
// RTLS_ERR("Failed to call socket() %#x %d\n", sgx_status, sockfd);
RTLS_ERR("Failed to call socket() %#x %d\n", sgx_status, sockfd);
return -1;
}

int reuse = 1;
int ocall_ret = 0;
sgx_status = ocall_setsockopt(&ocall_ret, sockfd, RTLS_SOL_SOCKET, RTLS_SO_REUSEADDR,
(const void *)&reuse, sizeof(int));
if (sgx_status != SGX_SUCCESS || ocall_ret < 0) {
RTLS_ERR("Failed to call setsockopt() %#x %d\n", sgx_status, ocall_ret);
return -1;
}

int flag = 1;
int tcp_keepalive_time = 30;
int tcp_keepalive_intvl = 10;
int tcp_keepalive_probes = 5;
sgx_status = ocall_setsockopt(&ocall_ret, sockfd, RTLS_SOL_SOCKET, RTLS_SO_KEEPALIVE, &flag,
sizeof(flag));
if (sgx_status != SGX_SUCCESS || ocall_ret < 0) {
RTLS_ERR("Failed to call setsockopt() %#x %d\n", sgx_status, ocall_ret);
return -1;
}

sgx_status = ocall_setsockopt(&ocall_ret, sockfd, RTLS_SOL_TCP, RTLS_TCP_KEEPIDLE,
&tcp_keepalive_time, sizeof(tcp_keepalive_time));
if (sgx_status != SGX_SUCCESS || ocall_ret < 0) {
RTLS_ERR("Failed to call setsockopt() %#x %d\n", sgx_status, ocall_ret);
return -1;
}

sgx_status = ocall_setsockopt(&ocall_ret, sockfd, RTLS_SOL_TCP, RTLS_TCP_KEEPINTVL,
&tcp_keepalive_intvl, sizeof(tcp_keepalive_intvl));
if (sgx_status != SGX_SUCCESS || ocall_ret < 0) {
RTLS_ERR("Failed to call setsockopt() %#x %d\n", sgx_status, ocall_ret);
return -1;
}

sgx_status = ocall_setsockopt(&ocall_ret, sockfd, RTLS_SOL_TCP, RTLS_TCP_KEEPCNT,
&tcp_keepalive_probes, sizeof(tcp_keepalive_probes));
if (sgx_status != SGX_SUCCESS || ocall_ret < 0) {
RTLS_ERR("Failed to call setsockopt() %#x %d\n", sgx_status, ocall_ret);
return -1;
}

Expand All @@ -53,138 +91,113 @@ int ecall_client_startup(rats_tls_log_level_t log_level, char *fuzz_conf_bytes,
s_addr.sin_addr.s_addr = s_ip;
s_addr.sin_port = s_port;

/* Connect to the server */
int ocall_ret = 0;
sgx_status = ocall_connect(&ocall_ret, sockfd, &s_addr, sizeof(s_addr));
sgx_status = ocall_bind(&ocall_ret, sockfd, &s_addr, sizeof(s_addr));
if (sgx_status != SGX_SUCCESS || ocall_ret == -1) {
// RTLS_ERR("failed to call connect() %#x %d\n", sgx_status, ocall_ret);
RTLS_ERR("Failed to call bind(), %#x %d\n", sgx_status, ocall_ret);
return -1;
}

/* Listen for a new connection, allow 5 pending connections */
sgx_status = ocall_listen(&ocall_ret, sockfd, 5);
if (sgx_status != SGX_SUCCESS || ocall_ret == -1) {
RTLS_ERR("Failed to call listen(), %#x %d\n", sgx_status, ocall_ret);
return -1;
}

// RTLS_INFO("Enter the init \n");
/* rats-tls init */
librats_tls_init();
rats_tls_handle handle;
rats_tls_err_t ret = rats_tls_init(&conf, &handle);
if (ret != RATS_TLS_ERR_NONE) {
// RTLS_ERR("Failed to initialize rats tls %#x\n", ret);
RTLS_ERR("Failed to initialize rats tls %#x\n", ret);
return -1;
}
// RTLS_INFO("start to negotiate\n");

ret = rats_tls_negotiate(handle, (int)sockfd);
ret = rats_tls_set_verification_callback(&handle, NULL);
if (ret != RATS_TLS_ERR_NONE) {
// RTLS_ERR("Failed to negotiate %#x\n", ret);
RTLS_ERR("Failed to set verification callback %#x\n", ret);
return -1;
}

const char *msg = "Hello and welcome to RATS-TLS!\n";
size_t len = strlen(msg);
// RTLS_INFO("Enter the transmit \n");
ret = rats_tls_transmit(handle, (void *)msg, &len);
if (ret != RATS_TLS_ERR_NONE || len != strlen(msg)) {
// RTLS_ERR("Failed to transmit %#x\n", ret);
goto err;
}
struct rtls_sockaddr_in c_addr;
uint32_t addrlen_in = sizeof(c_addr);
uint32_t addrlen_out;

ret = rats_tls_cleanup(handle);
if (ret != RATS_TLS_ERR_NONE)
// RTLS_ERR("Failed to cleanup %#x\n", ret);
while (1) {
RTLS_INFO("Waiting for a connection ...\n");

int64_t connd;
sgx_status = ocall_accept(&connd, sockfd, &c_addr, addrlen_in, &addrlen_out);
if (sgx_status != SGX_SUCCESS || connd < 0) {
RTLS_ERR("Failed to call accept() %#x %d\n", sgx_status, connd);
return -1;
}



// whether it need delete
ocall_close(&ocall_ret, connd);
}

RTLS_ERR("server Quick ecall \n");
return 0;

err:
rats_tls_cleanup(handle);
return -1;
}

int ecall_server_startup(rats_tls_log_level_t log_level, char *attester_type, char *verifier_type,
char *tls_type, char *crypto_type, unsigned long flags, uint32_t s_ip,
uint16_t s_port)
int ecall_client_startup(rats_tls_log_level_t log_level, char *fuzz_conf_bytes, char *attester_type,
char *verifier_type, char *tls_type, char *crypto_type,
unsigned long flags, uint32_t s_ip, uint16_t s_port)
{
rats_tls_conf_t conf;

memset(&conf, 0, sizeof(conf));
conf.log_level = log_level;

snprintf(conf.attester_type, sizeof(conf.attester_type), "%s", attester_type);
snprintf(conf.verifier_type, sizeof(conf.verifier_type), "%s", verifier_type);
snprintf(conf.tls_type, sizeof(conf.tls_type), "%s", tls_type);
snprintf(conf.crypto_type, sizeof(conf.crypto_type), "%s", crypto_type);

conf.flags = flags;
conf.cert_algo = RATS_TLS_CERT_ALGO_DEFAULT;

claim_t custom_claims[2] = {
{ .name = "key_0", .value = (uint8_t *)"value_0", .value_size = sizeof("value_0") },
{ .name = "key_1", .value = (uint8_t *)"value_1", .value_size = sizeof("value_1") },
};
conf.custom_claims = (claim_t *)custom_claims;
conf.custom_claims_length = 2;

int64_t sockfd;
int sgx_status = ocall_socket(&sockfd, RTLS_AF_INET, RTLS_SOCK_STREAM, 0);
if (sgx_status != SGX_SUCCESS || sockfd < 0) {
// RTLS_ERR("Failed to call socket() %#x %d\n", sgx_status, sockfd);
RTLS_ERR("Failed to call socket() %#x %d\n", sgx_status, sockfd);
return -1;
}

int ocall_ret = 0;

struct rtls_sockaddr_in s_addr;
memset(&s_addr, 0, sizeof(s_addr));
s_addr.sin_family = RTLS_AF_INET;
s_addr.sin_addr.s_addr = s_ip;
s_addr.sin_port = s_port;

/* Bind the server socket */
sgx_status = ocall_bind(&ocall_ret, sockfd, &s_addr, sizeof(s_addr));
if (sgx_status != SGX_SUCCESS || ocall_ret == -1) {
// RTLS_ERR("Failed to call bind(), %#x %d\n", sgx_status, ocall_ret);
return -1;
}

/* Listen for a new connection, allow 5 pending connections */
sgx_status = ocall_listen(&ocall_ret, sockfd, 5);
int ocall_ret = 0;
sgx_status = ocall_connect(&ocall_ret, sockfd, &s_addr, sizeof(s_addr));
if (sgx_status != SGX_SUCCESS || ocall_ret == -1) {
// RTLS_ERR("Failed to call listen(), %#x %d\n", sgx_status, ocall_ret);
RTLS_ERR("failed to call connect() %#x %d\n", sgx_status, ocall_ret);
return -1;
}
// RTLS_ERR("connect success\n");

/* rats-tls init */
librats_tls_init();
RTLS_ERR("Librats init Ok \n");
rats_tls_handle handle;
rats_tls_err_t ret = rats_tls_init(&conf, &handle);
if (ret != RATS_TLS_ERR_NONE) {
// RTLS_ERR("Failed to initialize rats tls %#x\n", ret);
return -1;
}

struct rtls_sockaddr_in c_addr;
uint32_t addrlen_in = sizeof(c_addr);
uint32_t addrlen_out;
while (1) {
// RTLS_INFO("Waiting for a connection ...\n");
RTLS_ERR("rats_tls_init Ok \n");
rats_tls_cleanup(handle);
// if (ret != RATS_TLS_ERR_NONE) {
// RTLS_ERR("Failed to initialize rats tls %#x\n", ret);
// return -1;
// }

int64_t connd;
sgx_status = ocall_accept(&connd, sockfd, &c_addr, addrlen_in, &addrlen_out);
if (sgx_status != SGX_SUCCESS || connd < 0) {
// RTLS_ERR("Failed to call accept() %#x %d\n", sgx_status, connd);
return -1;
}

ret = rats_tls_negotiate(handle, connd);
if (ret != RATS_TLS_ERR_NONE) {
// RTLS_ERR("Failed to negotiate %#x\n", ret);
goto err;
}
// ocall_close(&ocall_ret,sockfd);

// RTLS_INFO("Client connected successfully\n");
// ret = rats_tls_cleanup(handle);
// if (ret != RATS_TLS_ERR_NONE)
// RTLS_ERR("Failed to cleanup %#x\n", ret);

ocall_close(&ocall_ret, connd);
}
// return ret;

return 0;
err:
/* Ignore the error code of cleanup in order to return the prepositional error */
rats_tls_cleanup(handle);
return -1;
}
}
3 changes: 2 additions & 1 deletion fuzz/tls_server/fuzz_server.cc
Original file line number Diff line number Diff line change
Expand Up @@ -66,10 +66,11 @@ int main()
RTLS_ERR("Failed to load sgx stub enclave\n");
return -1;
}
RTLS_ERR("load enclave ok \n");

unsigned long flags = 0;
flags |= RATS_TLS_CONF_FLAGS_SERVER;
flags |= RATS_TLS_CONF_FLAGS_MUTUAL;
// flags |= RATS_TLS_CONF_FLAGS_MUTUAL;

// TODO: add sgx_ecdsa type
rats_tls_log_level_t log_level = RATS_TLS_LOG_LEVEL_INFO;
Expand Down
Loading

0 comments on commit fb8ba10

Please sign in to comment.