From 84981f92728fd9672d8ba30f03ddde0bc0cf00b1 Mon Sep 17 00:00:00 2001 From: MikkySnow Date: Fri, 26 Jul 2024 17:22:50 +0200 Subject: [PATCH] fix: fix build in simulation mode --- go-sgxvm/Cargo.toml | 4 +- go-sgxvm/Makefile | 6 ++ go-sgxvm/build.rs | 7 +- .../src/enclave/attestation/dcap_utils.rs | 7 ++ go-sgxvm/src/enclave/enclave_api.rs | 8 ++ go-sgxvm/src/enclave/mod.rs | 5 + go-sgxvm/src/ocall.rs | 99 +++++++++++++++++ go-sgxvm/types/ffi.pb.go | 102 +++++++++--------- go-sgxvm/types/node.pb.go | 48 ++++----- sgxvm/src/attestation/tls/helpers.rs | 2 + sgxvm/src/attestation/tls/mod.rs | 13 +++ 11 files changed, 221 insertions(+), 80 deletions(-) diff --git a/go-sgxvm/Cargo.toml b/go-sgxvm/Cargo.toml index 39db3ea6..a9893403 100644 --- a/go-sgxvm/Cargo.toml +++ b/go-sgxvm/Cargo.toml @@ -19,7 +19,9 @@ sgx_types = { git = "https://github.com/apache/teaclave-sgx-sdk.git", rev = "3c9 sgx_urts = { git = "https://github.com/apache/teaclave-sgx-sdk.git", rev = "3c903bda" } [features] -attestation_server = [] +attestation_server = ["hardware_mode"] +hardware_mode = [] +simulation_mode = [] [build-dependencies] cbindgen = "0.24.3" diff --git a/go-sgxvm/Makefile b/go-sgxvm/Makefile index f8cebee1..d77b94ed 100644 --- a/go-sgxvm/Makefile +++ b/go-sgxvm/Makefile @@ -18,6 +18,12 @@ ifeq ($(AS_MODE), true) Wrapper_build_feature += attestation_server endif +ifeq ($(SGX_MODE), HW) + Wrapper_build_feature += hardware_mode +else + Wrapper_build_feature += simulation_mode +endif + build: @ENCLAVE_HOME=$(ENCLAVE_HOME) PRODUCTION_MODE=$(PRODUCTION_MODE) SGX_MODE=$(SGX_MODE) AS_MODE=$(AS_MODE) VERSION=$(VERSION) make build -C ../sgxvm/ @protoc --rust_out src/protobuf_generated/ proto/node.proto diff --git a/go-sgxvm/build.rs b/go-sgxvm/build.rs index 2e3f2371..6dbfeed4 100644 --- a/go-sgxvm/build.rs +++ b/go-sgxvm/build.rs @@ -15,10 +15,6 @@ fn main () { println!("cargo:rustc-link-search=native=/opt/intel/sgxsdk/lib64"); println!("cargo:rustc-link-lib=sgx_uprotected_fs"); - - println!("cargo:rustc-link-lib=dylib=sgx_dcap_ql"); - println!("cargo:rustc-link-lib=dylib=sgx_dcap_quoteverify"); - println!("cargo:rustc-link-lib=dylib=dcap_quoteprov"); match is_sim.as_ref() { "SW" => { @@ -32,6 +28,9 @@ fn main () { println!("cargo:rustc-link-lib=dylib=sgx_epid"); println!("cargo:rustc-link-lib=dylib=sgx_quote_ex"); println!("cargo:rustc-link-lib=dylib=sgx_launch"); + println!("cargo:rustc-link-lib=dylib=sgx_dcap_ql"); + println!("cargo:rustc-link-lib=dylib=sgx_dcap_quoteverify"); + println!("cargo:rustc-link-lib=dylib=dcap_quoteprov"); } } } \ No newline at end of file diff --git a/go-sgxvm/src/enclave/attestation/dcap_utils.rs b/go-sgxvm/src/enclave/attestation/dcap_utils.rs index 2c6edde1..72eceb71 100644 --- a/go-sgxvm/src/enclave/attestation/dcap_utils.rs +++ b/go-sgxvm/src/enclave/attestation/dcap_utils.rs @@ -17,6 +17,7 @@ pub struct QlQveCollateral { pub qe_identity_size: u32, } +#[cfg(feature = "hardware_mode")] /// Returns target info from Quoting Enclave (QE) pub fn get_qe_target_info() -> Result { let mut qe_target_info = sgx_target_info_t::default(); @@ -32,6 +33,7 @@ pub fn get_qe_target_info() -> Result { Ok(qe_target_info) } +#[cfg(feature = "hardware_mode")] /// Returns size of buffer to allocate for the quote pub fn get_quote_size() -> Result { let mut quote_size = 0u32; @@ -47,6 +49,7 @@ pub fn get_quote_size() -> Result { Ok(quote_size) } +#[cfg(feature = "hardware_mode")] /// Returns DCAP quote from QE pub fn get_qe_quote(report: sgx_report_t, quote_size: u32, p_quote: *mut u8) -> SgxResult<()> { println!("[Enclave Wrapper]: get_qe_quote"); @@ -59,6 +62,7 @@ pub fn get_qe_quote(report: sgx_report_t, quote_size: u32, p_quote: *mut u8) -> } } +#[cfg(feature = "hardware_mode")] /// Generates quote inside the enclave and writes it to the file /// Since this function will be used only for test and dev purposes, /// we can ignore usages of `unwrap` or `expect`. @@ -101,6 +105,7 @@ pub fn dump_dcap_quote(eid: sgx_enclave_id_t, filepath: &str) -> Result<(), Erro Ok(()) } +#[cfg(feature = "hardware_mode")] pub fn verify_dcap_quote(eid: sgx_enclave_id_t, filepath: &str) -> Result<(), Error> { let mut file = std::fs::File::open(filepath).expect("Cannot open quote file"); let mut quote_buf = Vec::new(); @@ -136,6 +141,7 @@ pub fn verify_dcap_quote(eid: sgx_enclave_id_t, filepath: &str) -> Result<(), Er Ok(()) } +#[cfg(feature = "hardware_mode")] pub fn sgx_ql_qve_collateral_serialize( p_col: *const u8, n_col: u32, @@ -235,6 +241,7 @@ pub fn sgx_ql_qve_collateral_serialize( }; } +#[cfg(feature = "hardware_mode")] pub fn sgx_ql_qve_collateral_deserialize(p_ser: *const u8, n_ser: u32) -> sgx_ql_qve_collateral_t { let mut res = sgx_ql_qve_collateral_t { version: 0, diff --git a/go-sgxvm/src/enclave/enclave_api.rs b/go-sgxvm/src/enclave/enclave_api.rs index b751f90c..f20737be 100644 --- a/go-sgxvm/src/enclave/enclave_api.rs +++ b/go-sgxvm/src/enclave/enclave_api.rs @@ -40,6 +40,7 @@ impl EnclaveApi { } } + #[cfg(feature = "hardware_mode")] pub fn attest_peer(eid: sgx_enclave_id_t, fd: i32, is_dcap: bool) -> Result<(), Error> { match is_dcap { true => EnclaveApi::attest_peer_dcap(eid, fd), @@ -47,14 +48,17 @@ impl EnclaveApi { } } + #[cfg(feature = "hardware_mode")] pub fn dump_dcap_quote(eid: sgx_enclave_id_t, filepath: &str) -> Result<(), Error> { dcap_utils::dump_dcap_quote(eid, filepath) } + #[cfg(feature = "hardware_mode")] pub fn verify_dcap_quote(eid: sgx_enclave_id_t, filepath: &str) -> Result<(), Error> { dcap_utils::verify_dcap_quote(eid, filepath) } + #[cfg(feature = "hardware_mode")] fn attest_peer_dcap(eid: sgx_enclave_id_t, fd: i32) -> Result<(), Error> { let qe_target_info = dcap_utils::get_qe_target_info()?; let quote_size = dcap_utils::get_quote_size()?; @@ -83,6 +87,7 @@ impl EnclaveApi { Ok(()) } + #[cfg(feature = "hardware_mode")] fn attest_peer_epid(eid: sgx_enclave_id_t, fd: i32) -> Result<(), Error> { let mut retval = sgx_status_t::SGX_ERROR_UNEXPECTED; let res = unsafe { super::ecall_attest_peer_epid(eid, &mut retval, fd) }; @@ -106,6 +111,7 @@ impl EnclaveApi { Ok(()) } + #[cfg(feature = "hardware_mode")] pub fn request_remote_attestation( eid: sgx_enclave_id_t, hostname: String, @@ -118,6 +124,7 @@ impl EnclaveApi { } } + #[cfg(feature = "hardware_mode")] pub fn perform_epid_attestation( eid: sgx_enclave_id_t, hostname: String, @@ -157,6 +164,7 @@ impl EnclaveApi { Ok(()) } + #[cfg(feature = "hardware_mode")] pub fn perform_dcap_attestation( eid: sgx_enclave_id_t, hostname: String, diff --git a/go-sgxvm/src/enclave/mod.rs b/go-sgxvm/src/enclave/mod.rs index c710ce22..941e3c15 100644 --- a/go-sgxvm/src/enclave/mod.rs +++ b/go-sgxvm/src/enclave/mod.rs @@ -163,12 +163,14 @@ pub unsafe extern "C" fn handle_initialization_request( let response_bytes = response.write_to_bytes()?; Ok(response_bytes) } + #[cfg(feature = "hardware_mode")] node::SetupRequest_oneof_req::peerAttestationRequest(req) => { enclave_api::EnclaveApi::attest_peer(evm_enclave.geteid(), req.fd, req.isDCAP)?; let response = node::PeerAttestationResponse::new(); let response_bytes = response.write_to_bytes()?; Ok(response_bytes) } + #[cfg(feature = "hardware_mode")] node::SetupRequest_oneof_req::remoteAttestationRequest(req) => { enclave_api::EnclaveApi::request_remote_attestation(evm_enclave.geteid(), req.hostname, req.fd, req.isDCAP)?; let response = node::RemoteAttestationResponse::new(); @@ -182,12 +184,14 @@ pub unsafe extern "C" fn handle_initialization_request( let response_bytes = response.write_to_bytes()?; Ok(response_bytes) } + #[cfg(feature = "hardware_mode")] node::SetupRequest_oneof_req::dumpQuote(req) => { enclave_api::EnclaveApi::dump_dcap_quote(evm_enclave.geteid(), &req.filepath)?; let response = node::DumpQuoteResponse::new(); let response_bytes = response.write_to_bytes()?; Ok(response_bytes) } + #[cfg(feature = "hardware_mode")] node::SetupRequest_oneof_req::verifyQuote(req) => { enclave_api::EnclaveApi::verify_dcap_quote(evm_enclave.geteid(), &req.filepath)?; let response = node::VerifyQuoteResponse::new(); @@ -210,6 +214,7 @@ pub unsafe extern "C" fn handle_initialization_request( let response_bytes = response.write_to_bytes()?; Ok(response_bytes) } + _ => Err(Error::protobuf_decode("Unsupported request")) } } None => Err(Error::protobuf_decode("Request unwrapping failed")), diff --git a/go-sgxvm/src/ocall.rs b/go-sgxvm/src/ocall.rs index cc2ec876..9d7cc252 100644 --- a/go-sgxvm/src/ocall.rs +++ b/go-sgxvm/src/ocall.rs @@ -1,3 +1,4 @@ +#[cfg(feature = "hardware_mode")] use crate::enclave::attestation::dcap_utils::{get_qe_quote, sgx_ql_qve_collateral_serialize}; use crate::errors::GoError; use crate::memory::{U8SliceView, UnmanagedVector}; @@ -8,6 +9,7 @@ use std::net::{SocketAddr, TcpStream}; use std::os::unix::io::IntoRawFd; use std::slice; +#[cfg(feature = "hardware_mode")] #[no_mangle] pub extern "C" fn ocall_get_ecdsa_quote( p_report: *const sgx_report_t, @@ -24,6 +26,17 @@ pub extern "C" fn ocall_get_ecdsa_quote( } } +#[cfg(feature = "simulation_mode")] +#[no_mangle] +pub extern "C" fn ocall_get_ecdsa_quote( + p_report: *const sgx_report_t, + p_quote: *mut u8, + quote_size: u32, +) -> sgx_status_t { + sgx_status_t::SGX_ERROR_UNEXPECTED +} + +#[cfg(feature = "hardware_mode")] #[no_mangle] pub extern "C" fn ocall_get_quote( p_sigrl: *const u8, @@ -72,6 +85,24 @@ pub extern "C" fn ocall_get_quote( ret } +#[cfg(feature = "simulation_mode")] +#[no_mangle] +pub extern "C" fn ocall_get_quote( + p_sigrl: *const u8, + sigrl_len: u32, + p_report: *const sgx_report_t, + quote_type: sgx_quote_sign_type_t, + p_spid: *const sgx_spid_t, + p_nonce: *const sgx_quote_nonce_t, + p_qe_report: *mut sgx_report_t, + p_quote: *mut u8, + _maxlen: u32, + p_quote_len: *mut u32, +) -> sgx_status_t { + sgx_status_t::SGX_ERROR_UNEXPECTED +} + +#[cfg(feature = "hardware_mode")] #[no_mangle] pub extern "C" fn ocall_get_update_info( platform_blob: *const sgx_platform_info_t, @@ -81,6 +112,16 @@ pub extern "C" fn ocall_get_update_info( unsafe { sgx_report_attestation_status(platform_blob, enclave_trusted, update_info) } } +#[cfg(feature = "simulation_mode")] +#[no_mangle] +pub extern "C" fn ocall_get_update_info( + platform_blob: *const sgx_platform_info_t, + enclave_trusted: i32, + update_info: *mut sgx_update_info_bit_t, +) -> sgx_status_t { + sgx_status_t::SGX_ERROR_UNEXPECTED +} + #[no_mangle] pub extern "C" fn ocall_allocate(data: *const u8, len: usize) -> Allocation { let slice = unsafe { slice::from_raw_parts(data, len) }; @@ -96,6 +137,7 @@ pub extern "C" fn ocall_allocate(data: *const u8, len: usize) -> Allocation { } } +#[cfg(feature = "hardware_mode")] #[no_mangle] pub extern "C" fn ocall_sgx_init_quote( ret_ti: *mut sgx_target_info_t, @@ -104,6 +146,16 @@ pub extern "C" fn ocall_sgx_init_quote( unsafe { sgx_init_quote(ret_ti, ret_gid) } } +#[cfg(feature = "simulation_mode")] +#[no_mangle] +pub extern "C" fn ocall_sgx_init_quote( + ret_ti: *mut sgx_target_info_t, + ret_gid: *mut sgx_epid_group_id_t, +) -> sgx_status_t { + sgx_status_t::SGX_ERROR_UNEXPECTED +} + +#[cfg(feature = "hardware_mode")] #[no_mangle] pub extern "C" fn ocall_get_ias_socket(ret_fd: *mut c_int) -> sgx_status_t { let port = 443; @@ -118,6 +170,13 @@ pub extern "C" fn ocall_get_ias_socket(ret_fd: *mut c_int) -> sgx_status_t { sgx_status_t::SGX_SUCCESS } +#[cfg(feature = "simulation_mode")] +#[no_mangle] +pub extern "C" fn ocall_get_ias_socket(ret_fd: *mut c_int) -> sgx_status_t { + sgx_status_t::SGX_ERROR_UNEXPECTED +} + +#[cfg(feature = "hardware_mode")] pub fn lookup_ipv4(host: &str, port: u16) -> SocketAddr { use std::net::ToSocketAddrs; @@ -227,6 +286,7 @@ pub extern "C" fn ocall_query_raw( }; } +#[cfg(feature = "hardware_mode")] #[no_mangle] pub unsafe extern "C" fn ocall_get_qve_report( p_quote: *const u8, @@ -303,6 +363,25 @@ pub unsafe extern "C" fn ocall_get_qve_report( sgx_status_t::SGX_SUCCESS } +#[cfg(feature = "simulation_mode")] +#[no_mangle] +pub unsafe extern "C" fn ocall_get_qve_report( + p_quote: *const u8, + quote_len: u32, + timestamp: i64, + p_collateral_expiration_status: *mut u32, + p_quote_verification_result: *mut sgx_ql_qv_result_t, + p_qve_report_info: *mut sgx_ql_qe_report_info_t, + p_supplemental_data: *mut u8, + supplemental_data_size: u32, + p_collateral: *const u8, + collateral_len: u32, +) -> sgx_status_t { + sgx_status_t::SGX_ERROR_UNEXPECTED +} + + +#[cfg(feature = "hardware_mode")] #[no_mangle] pub unsafe extern "C" fn ocall_get_supplemental_data_size( data_size: *mut u32, @@ -317,6 +396,13 @@ pub unsafe extern "C" fn ocall_get_supplemental_data_size( sgx_status_t::SGX_SUCCESS } +#[cfg(feature = "simulation_mode")] +#[no_mangle] +pub unsafe extern "C" fn ocall_get_supplemental_data_size(_: *mut u32) -> sgx_status_t { + sgx_status_t::SGX_ERROR_UNEXPECTED +} + +#[cfg(feature = "hardware_mode")] #[no_mangle] pub extern "C" fn ocall_get_quote_ecdsa_collateral( p_quote: *const u8, @@ -342,4 +428,17 @@ pub extern "C" fn ocall_get_quote_ecdsa_collateral( }; sgx_status_t::SGX_SUCCESS +} + + +#[cfg(feature = "simulation_mode")] +#[no_mangle] +pub extern "C" fn ocall_get_quote_ecdsa_collateral( + p_quote: *const u8, + n_quote: u32, + p_col: *mut u8, + n_col: u32, + p_col_size: *mut u32, +) -> sgx_status_t { + sgx_status_t::SGX_ERROR_UNEXPECTED } \ No newline at end of file diff --git a/go-sgxvm/types/ffi.pb.go b/go-sgxvm/types/ffi.pb.go index 7f1f16ef..3a0347b0 100644 --- a/go-sgxvm/types/ffi.pb.go +++ b/go-sgxvm/types/ffi.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.31.0 -// protoc v3.12.4 +// protoc-gen-go v1.34.2 +// protoc v3.21.12 // source: ffi.proto package types @@ -3327,7 +3327,7 @@ func file_ffi_proto_rawDescGZIP() []byte { } var file_ffi_proto_msgTypes = make([]protoimpl.MessageInfo, 46) -var file_ffi_proto_goTypes = []interface{}{ +var file_ffi_proto_goTypes = []any{ (*AccessListItem)(nil), // 0: ffi.ffi.AccessListItem (*TransactionData)(nil), // 1: ffi.ffi.TransactionData (*TransactionContext)(nil), // 2: ffi.ffi.TransactionContext @@ -3419,7 +3419,7 @@ func file_ffi_proto_init() { return } if !protoimpl.UnsafeEnabled { - file_ffi_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[0].Exporter = func(v any, i int) any { switch v := v.(*AccessListItem); i { case 0: return &v.state @@ -3431,7 +3431,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[1].Exporter = func(v any, i int) any { switch v := v.(*TransactionData); i { case 0: return &v.state @@ -3443,7 +3443,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[2].Exporter = func(v any, i int) any { switch v := v.(*TransactionContext); i { case 0: return &v.state @@ -3455,7 +3455,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[3].Exporter = func(v any, i int) any { switch v := v.(*HandleTransactionRequest); i { case 0: return &v.state @@ -3467,7 +3467,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[4].Exporter = func(v any, i int) any { switch v := v.(*HandleTransactionResponse); i { case 0: return &v.state @@ -3479,7 +3479,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[5].Exporter = func(v any, i int) any { switch v := v.(*Topic); i { case 0: return &v.state @@ -3491,7 +3491,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[6].Exporter = func(v any, i int) any { switch v := v.(*Log); i { case 0: return &v.state @@ -3503,7 +3503,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[7].Exporter = func(v any, i int) any { switch v := v.(*QueryGetAccount); i { case 0: return &v.state @@ -3515,7 +3515,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[8].Exporter = func(v any, i int) any { switch v := v.(*QueryGetAccountResponse); i { case 0: return &v.state @@ -3527,7 +3527,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[9].Exporter = func(v any, i int) any { switch v := v.(*QueryInsertAccount); i { case 0: return &v.state @@ -3539,7 +3539,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[10].Exporter = func(v any, i int) any { switch v := v.(*QueryInsertAccountResponse); i { case 0: return &v.state @@ -3551,7 +3551,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[11].Exporter = func(v any, i int) any { switch v := v.(*QueryContainsKey); i { case 0: return &v.state @@ -3563,7 +3563,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[12].Exporter = func(v any, i int) any { switch v := v.(*QueryContainsKeyResponse); i { case 0: return &v.state @@ -3575,7 +3575,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[13].Exporter = func(v any, i int) any { switch v := v.(*QueryGetAccountStorageCell); i { case 0: return &v.state @@ -3587,7 +3587,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[14].Exporter = func(v any, i int) any { switch v := v.(*QueryGetAccountStorageCellResponse); i { case 0: return &v.state @@ -3599,7 +3599,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[15].Exporter = func(v any, i int) any { switch v := v.(*QueryGetAccountCode); i { case 0: return &v.state @@ -3611,7 +3611,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[16].Exporter = func(v any, i int) any { switch v := v.(*QueryGetAccountCodeResponse); i { case 0: return &v.state @@ -3623,7 +3623,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[17].Exporter = func(v any, i int) any { switch v := v.(*QueryInsertAccountCode); i { case 0: return &v.state @@ -3635,7 +3635,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[18].Exporter = func(v any, i int) any { switch v := v.(*QueryInsertAccountCodeResponse); i { case 0: return &v.state @@ -3647,7 +3647,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[19].Exporter = func(v any, i int) any { switch v := v.(*QueryInsertStorageCell); i { case 0: return &v.state @@ -3659,7 +3659,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[20].Exporter = func(v any, i int) any { switch v := v.(*QueryInsertStorageCellResponse); i { case 0: return &v.state @@ -3671,7 +3671,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[21].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[21].Exporter = func(v any, i int) any { switch v := v.(*QueryRemove); i { case 0: return &v.state @@ -3683,7 +3683,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[22].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[22].Exporter = func(v any, i int) any { switch v := v.(*QueryRemoveResponse); i { case 0: return &v.state @@ -3695,7 +3695,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[23].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[23].Exporter = func(v any, i int) any { switch v := v.(*QueryRemoveStorageCell); i { case 0: return &v.state @@ -3707,7 +3707,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[24].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[24].Exporter = func(v any, i int) any { switch v := v.(*QueryRemoveStorageCellResponse); i { case 0: return &v.state @@ -3719,7 +3719,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[25].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[25].Exporter = func(v any, i int) any { switch v := v.(*QueryRemoveStorage); i { case 0: return &v.state @@ -3731,7 +3731,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[26].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[26].Exporter = func(v any, i int) any { switch v := v.(*QueryRemoveStorageResponse); i { case 0: return &v.state @@ -3743,7 +3743,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[27].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[27].Exporter = func(v any, i int) any { switch v := v.(*QueryBlockHash); i { case 0: return &v.state @@ -3755,7 +3755,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[28].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[28].Exporter = func(v any, i int) any { switch v := v.(*QueryBlockHashResponse); i { case 0: return &v.state @@ -3767,7 +3767,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[29].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[29].Exporter = func(v any, i int) any { switch v := v.(*QueryAddVerificationDetails); i { case 0: return &v.state @@ -3779,7 +3779,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[30].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[30].Exporter = func(v any, i int) any { switch v := v.(*QueryAddVerificationDetailsResponse); i { case 0: return &v.state @@ -3791,7 +3791,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[31].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[31].Exporter = func(v any, i int) any { switch v := v.(*QueryHasVerification); i { case 0: return &v.state @@ -3803,7 +3803,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[32].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[32].Exporter = func(v any, i int) any { switch v := v.(*QueryHasVerificationResponse); i { case 0: return &v.state @@ -3815,7 +3815,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[33].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[33].Exporter = func(v any, i int) any { switch v := v.(*QueryGetVerificationData); i { case 0: return &v.state @@ -3827,7 +3827,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[34].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[34].Exporter = func(v any, i int) any { switch v := v.(*VerificationDetails); i { case 0: return &v.state @@ -3839,7 +3839,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[35].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[35].Exporter = func(v any, i int) any { switch v := v.(*QueryGetVerificationDataResponse); i { case 0: return &v.state @@ -3851,7 +3851,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[36].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[36].Exporter = func(v any, i int) any { switch v := v.(*CosmosRequest); i { case 0: return &v.state @@ -3863,7 +3863,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[37].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[37].Exporter = func(v any, i int) any { switch v := v.(*SGXVMCallParams); i { case 0: return &v.state @@ -3875,7 +3875,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[38].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[38].Exporter = func(v any, i int) any { switch v := v.(*SGXVMCreateParams); i { case 0: return &v.state @@ -3887,7 +3887,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[39].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[39].Exporter = func(v any, i int) any { switch v := v.(*SGXVMCallRequest); i { case 0: return &v.state @@ -3899,7 +3899,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[40].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[40].Exporter = func(v any, i int) any { switch v := v.(*SGXVMCreateRequest); i { case 0: return &v.state @@ -3911,7 +3911,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[41].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[41].Exporter = func(v any, i int) any { switch v := v.(*NodePublicKeyRequest); i { case 0: return &v.state @@ -3923,7 +3923,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[42].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[42].Exporter = func(v any, i int) any { switch v := v.(*NodePublicKeyResponse); i { case 0: return &v.state @@ -3935,7 +3935,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[43].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[43].Exporter = func(v any, i int) any { switch v := v.(*EpochData); i { case 0: return &v.state @@ -3947,7 +3947,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[44].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[44].Exporter = func(v any, i int) any { switch v := v.(*ListEpochsResponse); i { case 0: return &v.state @@ -3959,7 +3959,7 @@ func file_ffi_proto_init() { return nil } } - file_ffi_proto_msgTypes[45].Exporter = func(v interface{}, i int) interface{} { + file_ffi_proto_msgTypes[45].Exporter = func(v any, i int) any { switch v := v.(*FFIRequest); i { case 0: return &v.state @@ -3972,7 +3972,7 @@ func file_ffi_proto_init() { } } } - file_ffi_proto_msgTypes[36].OneofWrappers = []interface{}{ + file_ffi_proto_msgTypes[36].OneofWrappers = []any{ (*CosmosRequest_GetAccount)(nil), (*CosmosRequest_InsertAccount)(nil), (*CosmosRequest_ContainsKey)(nil), @@ -3988,7 +3988,7 @@ func file_ffi_proto_init() { (*CosmosRequest_HasVerification)(nil), (*CosmosRequest_GetVerificationData)(nil), } - file_ffi_proto_msgTypes[45].OneofWrappers = []interface{}{ + file_ffi_proto_msgTypes[45].OneofWrappers = []any{ (*FFIRequest_CallRequest)(nil), (*FFIRequest_CreateRequest)(nil), (*FFIRequest_PublicKeyRequest)(nil), diff --git a/go-sgxvm/types/node.pb.go b/go-sgxvm/types/node.pb.go index 5813915d..608e6a39 100644 --- a/go-sgxvm/types/node.pb.go +++ b/go-sgxvm/types/node.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.31.0 -// protoc v3.12.4 +// protoc-gen-go v1.34.2 +// protoc v3.21.12 // source: node.proto package types @@ -1141,7 +1141,7 @@ func file_node_proto_rawDescGZIP() []byte { } var file_node_proto_msgTypes = make([]protoimpl.MessageInfo, 20) -var file_node_proto_goTypes = []interface{}{ +var file_node_proto_goTypes = []any{ (*InitializeEnclaveRequest)(nil), // 0: node.node.InitializeEnclaveRequest (*InitializeEnclaveResponse)(nil), // 1: node.node.InitializeEnclaveResponse (*PeerAttestationRequest)(nil), // 2: node.node.PeerAttestationRequest @@ -1187,7 +1187,7 @@ func file_node_proto_init() { return } if !protoimpl.UnsafeEnabled { - file_node_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[0].Exporter = func(v any, i int) any { switch v := v.(*InitializeEnclaveRequest); i { case 0: return &v.state @@ -1199,7 +1199,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[1].Exporter = func(v any, i int) any { switch v := v.(*InitializeEnclaveResponse); i { case 0: return &v.state @@ -1211,7 +1211,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[2].Exporter = func(v any, i int) any { switch v := v.(*PeerAttestationRequest); i { case 0: return &v.state @@ -1223,7 +1223,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[3].Exporter = func(v any, i int) any { switch v := v.(*PeerAttestationResponse); i { case 0: return &v.state @@ -1235,7 +1235,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[4].Exporter = func(v any, i int) any { switch v := v.(*AddNewEpochRequest); i { case 0: return &v.state @@ -1247,7 +1247,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[5].Exporter = func(v any, i int) any { switch v := v.(*AddNewEpochResponse); i { case 0: return &v.state @@ -1259,7 +1259,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[6].Exporter = func(v any, i int) any { switch v := v.(*RemoveLatestEpochRequest); i { case 0: return &v.state @@ -1271,7 +1271,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[7].Exporter = func(v any, i int) any { switch v := v.(*RemoveLatestEpochResponse); i { case 0: return &v.state @@ -1283,7 +1283,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[8].Exporter = func(v any, i int) any { switch v := v.(*RemoteAttestationRequest); i { case 0: return &v.state @@ -1295,7 +1295,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[9].Exporter = func(v any, i int) any { switch v := v.(*RemoteAttestationResponse); i { case 0: return &v.state @@ -1307,7 +1307,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[10].Exporter = func(v any, i int) any { switch v := v.(*IsInitializedRequest); i { case 0: return &v.state @@ -1319,7 +1319,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[11].Exporter = func(v any, i int) any { switch v := v.(*IsInitializedResponse); i { case 0: return &v.state @@ -1331,7 +1331,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[12].Exporter = func(v any, i int) any { switch v := v.(*NodeStatusRequest); i { case 0: return &v.state @@ -1343,7 +1343,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[13].Exporter = func(v any, i int) any { switch v := v.(*NodeStatusResponse); i { case 0: return &v.state @@ -1355,7 +1355,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[14].Exporter = func(v any, i int) any { switch v := v.(*DumpQuoteRequest); i { case 0: return &v.state @@ -1367,7 +1367,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[15].Exporter = func(v any, i int) any { switch v := v.(*DumpQuoteResponse); i { case 0: return &v.state @@ -1379,7 +1379,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[16].Exporter = func(v any, i int) any { switch v := v.(*VerifyQuoteRequest); i { case 0: return &v.state @@ -1391,7 +1391,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[17].Exporter = func(v any, i int) any { switch v := v.(*VerifyQuoteResponse); i { case 0: return &v.state @@ -1403,7 +1403,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[18].Exporter = func(v any, i int) any { switch v := v.(*ListEpochsRequest); i { case 0: return &v.state @@ -1415,7 +1415,7 @@ func file_node_proto_init() { return nil } } - file_node_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} { + file_node_proto_msgTypes[19].Exporter = func(v any, i int) any { switch v := v.(*SetupRequest); i { case 0: return &v.state @@ -1428,7 +1428,7 @@ func file_node_proto_init() { } } } - file_node_proto_msgTypes[19].OneofWrappers = []interface{}{ + file_node_proto_msgTypes[19].OneofWrappers = []any{ (*SetupRequest_InitializeEnclave)(nil), (*SetupRequest_PeerAttestationRequest)(nil), (*SetupRequest_RemoteAttestationRequest)(nil), diff --git a/sgxvm/src/attestation/tls/helpers.rs b/sgxvm/src/attestation/tls/helpers.rs index 397a7efe..fd69c279 100644 --- a/sgxvm/src/attestation/tls/helpers.rs +++ b/sgxvm/src/attestation/tls/helpers.rs @@ -17,6 +17,7 @@ use crate::attestation::tls::auth::{ClientAuth, ServerAuth}; use crate::key_manager::{KeyManager, keys::RegistrationKey}; /// Prepares config for client side of TLS connection +#[cfg(feature = "hardware_mode")] pub(super) fn construct_client_config(key_der: Vec, cert_der: Vec, is_dcap: bool) -> ClientConfig { let mut cfg = rustls::ClientConfig::new(); let certs = vec![rustls::Certificate(cert_der)]; @@ -31,6 +32,7 @@ pub(super) fn construct_client_config(key_der: Vec, cert_der: Vec, is_dc } /// Prepares config for server side of TLS connection +#[cfg(feature = "hardware_mode")] pub(super) fn construct_server_config(key_der: Vec, cert_der: Vec, is_dcap: bool) -> ServerConfig { let mut cfg = rustls::ServerConfig::new(Arc::new(ClientAuth::new(true, is_dcap))); let certs = vec![rustls::Certificate(cert_der)]; diff --git a/sgxvm/src/attestation/tls/mod.rs b/sgxvm/src/attestation/tls/mod.rs index 42b1e444..48229041 100644 --- a/sgxvm/src/attestation/tls/mod.rs +++ b/sgxvm/src/attestation/tls/mod.rs @@ -12,7 +12,20 @@ use crate::key_manager::keys::RegistrationKey; pub mod helpers; pub mod auth; +#[cfg(feature = "simulation_mode")] +pub fn perform_master_key_request( + _: String, + _: c_int, + _: Option<&sgx_target_info_t>, + _: Option, + _: bool +) -> SgxResult<()> { + println!("perform_master_key_request disabled in Software Mode"); + Err(sgx_status_t::SGX_ERROR_UNEXPECTED) +} + /// Initializes new TLS client with report of Remote Attestation +#[cfg(feature = "hardware_mode")] pub fn perform_master_key_request( hostname: String, socket_fd: c_int,