Merge #219

219: more flexible get_quote in aesm-client (fixes #116 and #113) r=jethrogb a=tomtau - extended the `get_quote` function with quote type and nonce - bumped aesm-client version to 0.4 (as function params changed) and *-tools patch version (as nothing changed in them, except for using a new version of aesm-client) Co-authored-by: Tomas Tauber <[email protected]>
fortanix · Mar 19, 2020 · bb10e94 · bb10e94
2 parents 243570d + 3ba8664
commit bb10e94
Show file tree

Hide file tree

Showing 8 changed files with 27 additions and 14 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/aesm-client/Cargo.toml b/aesm-client/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "aesm-client"
-version = "0.3.1"
+version = "0.4.0"
 authors = ["Fortanix, Inc."]
 license = "MPL-2.0"
 description = """

diff --git a/aesm-client/src/imp/unix.rs b/aesm-client/src/imp/unix.rs
@@ -114,12 +114,14 @@ impl AesmClient {
         report: Vec<u8>,
         spid: Vec<u8>,
         sig_rl: Vec<u8>,
+        quote_type: QuoteType,
+        nonce: Vec<u8>,
     ) -> Result<QuoteResult> {
         let mut req = Request_GetQuoteRequest::new();
         req.set_report(report);
-        req.set_quote_type(QuoteType::Linkable.into());
+        req.set_quote_type(quote_type.into());
         req.set_spid(spid);
-        req.set_nonce(vec![0; 16]); // TODO: caller-supplied nonce
+        req.set_nonce(nonce);
         req.set_buf_size(session.quote_buffer_size(&sig_rl));
         if sig_rl.len() != 0 {
             req.set_sig_rl(sig_rl);

diff --git a/aesm-client/src/imp/windows.rs b/aesm-client/src/imp/windows.rs
@@ -116,8 +116,9 @@ impl AesmClient {
         report: Vec<u8>,
         spid: Vec<u8>,
         sig_rl: Vec<u8>,
+        quote_type: QuoteType,
+        nonce: Vec<u8>,
     ) -> Result<QuoteResult> {
-        let nonce = [0u8; 64];
         let quote_buffer_size = session.quote_buffer_size(&sig_rl);
         let mut qe_report: Vec<u8> = vec![0; Report::UNPADDED_SIZE];
         let mut quote: Vec<u8> = vec![0; quote_buffer_size as usize];
@@ -129,11 +130,12 @@ impl AesmClient {
             };
             assert_eq!(qe_report.len(), Report::UNPADDED_SIZE);
             assert_eq!(spid.len(), 16);
+            assert_eq!(nonce.len(), 16);
             let error = (&self.library.get_quote)(
                     report.as_ptr() as _,
-                    QuoteType::Linkable.into(),
+                    quote_type.into(),
                     spid.as_ptr() as _,
-                    nonce.as_ptr() as _,
+                    &nonce[0],
                     sig_rl_in,
                     sig_rl_size_in as _,
                     qe_report.as_mut_ptr() as _,

diff --git a/aesm-client/src/lib.rs b/aesm-client/src/lib.rs
@@ -179,12 +179,16 @@ impl AesmClient {
         report: Vec<u8>,
         spid: Vec<u8>,
         sig_rl: Vec<u8>,
+        quote_type: QuoteType,
+        nonce: Vec<u8>,
     ) -> Result<QuoteResult> {
         self.inner.get_quote(
             session,
             report,
             spid,
             sig_rl,
+            quote_type,
+            nonce,
         )
     }
 
@@ -345,6 +349,7 @@ mod tests {
     use super::*;
 
     const SPID_SIZE: usize = 16;
+    const NONCE_SIZE: usize = 16;
 
     #[test]
     fn test_init_quote() {
@@ -371,6 +376,8 @@ mod tests {
                 vec![0u8; Report::UNPADDED_SIZE],
                 vec![0u8; SPID_SIZE],
                 vec![],
+                QuoteType::Linkable,
+                vec![0u8; NONCE_SIZE],
             )
             .unwrap_err();
 

diff --git a/aesm-client/tests/live_quote.rs b/aesm-client/tests/live_quote.rs
@@ -10,7 +10,7 @@ extern crate sgx_isa;
 extern crate sgxs;
 extern crate sgxs_loaders;
 
-use aesm_client::AesmClient;
+use aesm_client::{AesmClient, QuoteType};
 use sgx_isa::Targetinfo;
 #[cfg(unix)]
 use sgxs_loaders::isgx::Device as IsgxDevice;
@@ -36,6 +36,8 @@ fn live_quote() {
             report.as_ref().to_owned(),
             DUMMY_SPID.to_vec(),
             vec![],
+            QuoteType::Linkable,
+            [0; 16].to_vec(),
         )
         .expect("quote result");
 }
diff --git a/fortanix-sgx-tools/Cargo.toml b/fortanix-sgx-tools/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "fortanix-sgx-tools"
-version = "0.3.0"
+version = "0.3.1"
 authors = ["Fortanix, Inc."]
 license = "MPL-2.0"
 description = """
@@ -18,7 +18,7 @@ categories = ["development-tools::build-utils", "command-line-utilities"]
 
 [dependencies]
 # Project dependencies
-aesm-client = { version = "0.3.0", path = "../aesm-client", features = ["sgxs"] }
+aesm-client = { version = "0.4.0", path = "../aesm-client", features = ["sgxs"] }
 sgxs-loaders = { version = "0.2.0", path = "../sgxs-loaders" }
 enclave-runner = { version = "0.3.0", path = "../enclave-runner" }
 sgxs = { version = "0.7.0", path = "../sgxs" }

diff --git a/sgxs-tools/Cargo.toml b/sgxs-tools/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "sgxs-tools"
-version = "0.8.0"
+version = "0.8.1"
 authors = ["Fortanix, Inc."]
 license = "MPL-2.0"
 description = """
@@ -31,7 +31,7 @@ path = "src/sgx_detect/main.rs"
 # Project dependencies
 "sgxs" = { version = "0.7.0", path = "../sgxs", features = ["crypto-openssl"] }
 "sgxs-loaders" = { version = "0.2.0", path = "../sgxs-loaders" }
-"aesm-client" = { version = "0.3.0", path = "../aesm-client", features = ["sgxs"] }
+"aesm-client" = { version = "0.4.0", path = "../aesm-client", features = ["sgxs"] }
 "sgx-isa" = { version = "0.3.0", path = "../sgx-isa" }
 "report-test" = { version = "0.3.0", path = "../report-test" }
 "enclave-runner" = { version = "0.3.0", path = "../enclave-runner" }