From 8c6c0565e44f3d0e00bc3e4a6e77fc84c9e6d343 Mon Sep 17 00:00:00 2001 From: Dayeol Lee Date: Thu, 4 Mar 2021 20:31:11 -0800 Subject: [PATCH] Make it work with the new security monitor (#18) --- CMakeLists.txt | 2 +- README.md | 43 +++++++++++++++++++++++++++++---- include/enclave_expected_hash.h | 14 ++++++----- quick-start.sh | 7 +++--- server_eapp/channel.c | 5 ++++ server_eapp/channel.h | 8 +++--- 6 files changed, 60 insertions(+), 19 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 21e7f81..9977150 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -71,7 +71,7 @@ target_link_libraries(${host_bin} ${KEYSTONE_LIB_HOST} ${KEYSTONE_LIB_EDGE} ${KE set(eyrie_files_to_copy eyrie-rt) add_eyrie_runtime(${eapp_bin}-eyrie - "origin/master" + "v1.0.0" ${eyrie_plugins} ${eyrie_files_to_copy}) diff --git a/README.md b/README.md index 6ad07d5..ac552f8 100644 --- a/README.md +++ b/README.md @@ -15,12 +15,45 @@ The demo will generally work on the master branch of Keystone, but will ALWAYS work on the dev branch. We suggest building the dev branch of Keystone if you have any issues with the demo on master. +# Quick Start + +The demo requires the expected hash of the security monitor. +The hash will be used by the trusted client to verify that the server enclave +is created and initialized by the known version of the SM. + +If you want to skip this verification, you can pass in `--ignore-valid` flag +to the client. + +Please see the security monitor's documentation to see how to generate a hash. + +Once you generated the `sm_expected_hash.h`, try: + +``` +SM_HASH= ./quick-start.sh +``` + +You should be able to see the server enclave package `demo-server.ke` and the +trusted client `trusted_client.riscv` under `build` directory. + +Copy these files into the machine, and run the server enclave. +Then, connect to the server using the client. + +``` +# on the server side +./demo-server.ke +``` + +``` +# on the client side +./trusted_client.riscv +``` + +The client will connect to the enclave and perform the remote attestation. +If the attestation is successful, the client can send an arbitrary message to the server +so that the server counts the number of words in the message and reply. + ## Attestation Failures It is expected that the client will reject the attestation report from the host if you haven't regenerated the expected hashes for the SM and -eapp. - -You can either use `make build-hash-using-qemu` to attempt a rebuild -with new hashes or pass the `--ignore-valid` flag to the client for -testing. +eapp. Pass the `--ignore-valid` flag to the client for testing. diff --git a/include/enclave_expected_hash.h b/include/enclave_expected_hash.h index 82a9c2e..78db3c1 100644 --- a/include/enclave_expected_hash.h +++ b/include/enclave_expected_hash.h @@ -1,9 +1,11 @@ unsigned char enclave_expected_hash[] = { - 0xc3, 0x77, 0x32, 0x1b, 0xb3, 0x9f, 0x2a, 0x61, 0xac, 0x68, 0x6c, 0xcb, - 0x00, 0x08, 0x6d, 0x72, 0x7f, 0x5d, 0xb7, 0x30, 0x49, 0x86, 0xe8, 0x54, - 0xba, 0x3a, 0xa1, 0x77, 0xcd, 0xce, 0xfa, 0x0b, 0x58, 0x3e, 0x5d, 0xec, - 0x53, 0xbc, 0x5a, 0x95, 0xb9, 0xd0, 0x34, 0xb0, 0xc0, 0x1a, 0xe5, 0x4e, - 0xd5, 0x22, 0x3b, 0xd9, 0x66, 0x77, 0x7a, 0x6a, 0x9d, 0xdc, 0x17, 0x4d, - 0xab, 0x33, 0x8e, 0x93 + 0x24, 0x68, 0x70, 0x51, 0x40, 0x1f, 0x75, 0x27, + 0x6f, 0xdb, 0x98, 0xd1, 0xd1, 0xdb, 0x6f, 0xff, + 0x7a, 0x8a, 0x72, 0x14, 0x91, 0x2f, 0x43, 0x1a, + 0x13, 0xa9, 0x63, 0x10, 0x2c, 0xba, 0xb1, 0x06, + 0x97, 0x29, 0xc7, 0x14, 0x3f, 0x2d, 0xb1, 0x94, + 0xcd, 0x18, 0xf3, 0xdc, 0xbd, 0x90, 0x77, 0xc1, + 0xcc, 0x00, 0x86, 0x86, 0x80, 0x32, 0xb1, 0x9e, + 0x9d, 0x4c, 0x3d, 0x88, 0x1f, 0x90, 0x8b, 0x57, }; unsigned int enclave_expected_hash_len = 64; diff --git a/quick-start.sh b/quick-start.sh index 6153925..3967d54 100755 --- a/quick-start.sh +++ b/quick-start.sh @@ -29,9 +29,9 @@ then exit 0 fi -if [[ ! -v KEYSTONE_DIR ]] +if [[ ! -v SM_HASH ]] then - echo "KEYSTONE_DIR is not set! Please set this to where you cloned Keystone repo." + echo "SM_HASH is not set! Please follow README to generate the expected hash" exit 0 fi @@ -78,13 +78,14 @@ cd .. # Copy the expected hash over echo "Copying expected sm hash from riscv-pk, this may be incorrect!" -cp $KEYSTONE_DIR/riscv-pk/hash/*.h include/ +cp $SM_HASH include/ # Build the demo mkdir -p build cd build cmake .. make +make package # Done! echo -e "************ Demo binaries built and copied into overlay directory. *************** diff --git a/server_eapp/channel.c b/server_eapp/channel.c index 9803b8f..ac94cac 100644 --- a/server_eapp/channel.c +++ b/server_eapp/channel.c @@ -4,6 +4,11 @@ #include "string.h" #include "edge_wrapper.h" +unsigned char server_pk[crypto_kx_PUBLICKEYBYTES], server_sk[crypto_kx_SECRETKEYBYTES]; +unsigned char client_pk[crypto_kx_PUBLICKEYBYTES]; +unsigned char rx[crypto_kx_SESSIONKEYBYTES]; +unsigned char tx[crypto_kx_SESSIONKEYBYTES]; + void channel_init(){ /* libsodium config */ diff --git a/server_eapp/channel.h b/server_eapp/channel.h index c296973..116affa 100644 --- a/server_eapp/channel.h +++ b/server_eapp/channel.h @@ -6,10 +6,10 @@ void channel_establish(); int channel_recv(unsigned char* msg_buffer, size_t len, size_t* datalen); size_t channel_get_send_size(size_t len); void channel_send(unsigned char* msg, size_t len, unsigned char* ctx); -unsigned char server_pk[crypto_kx_PUBLICKEYBYTES], server_sk[crypto_kx_SECRETKEYBYTES]; -unsigned char client_pk[crypto_kx_PUBLICKEYBYTES]; -unsigned char rx[crypto_kx_SESSIONKEYBYTES]; -unsigned char tx[crypto_kx_SESSIONKEYBYTES]; +extern unsigned char server_pk[], server_sk[]; +extern unsigned char client_pk[]; +extern unsigned char rx[]; +extern unsigned char tx[]; #endif /* _CHANNEL_H_ */