cloud-security-research / sgx-ra-tls Goto Github PK

So I have been working on expanding on the given examples, both with the goal of being able to add to the list of examples with a Python example for Graphene and in general for utilizing your platform. One consistent problem I have had is that I am not clear on the process to reset file and rebuild my application. For example if I want to modify https-server.py to run in SGX-LKL I need to delete the image being produced and possibly the duplicated https-server.py for my changes to go through. Would it be possible to update the Makefiles to more consistently rebuild after source code changes or at least provide some documentation on how to reset/update files for each example, including possible changes to the libraries being built?

when run "make -C sgxlkl run-https-server", I met the error "curl_easy_perform = 5",I checked it , and it means that "CURLE_COULDNT_RESOLVE_PROXY",but I run "./App -s" no problem,how can i resolve this problem? thanks.

I want to run the https server,and I executed the command :
make -C sgxlkl run-https-server
the information is :
make: Entering directory '/opt/sgx_main/ai_security_lkl/sgx-ra-tls/sgxlkl'
LD_PRELOAD=/ldpreload.so SGXLKL_TAP=sgxlkl_tap0 RATLS_AESMD_IP=10.0.1.254 SGXLKL_HEAP=268435456 SGXLKL_KEY=/opt/sgx_main/ai_security_lkl/sgx-ra-tls/sgxlkl/sgx-lkl/build/config/enclave_debug.key sgx-lkl/build/sgx-lkl-run sgx-lkl/apps/https-server/sgxlkl-miniroot-fs.img /usr/bin/python /https-server.py
ERROR: ld.so: object '/ldpreload.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
Assertion failed: rc != -1 (../nonsdk-ra-attester.c: open_socket: 262)
Segmentation fault (core dumped)
Makefile:118: recipe for target 'run-https-server' failed
make: *** [run-https-server] Error 139
make: Leaving directory '/opt/sgx_main/ai_security_lkl/sgx-ra-tls/sgxlkl'

Why?

Hello,

I am running sgx-ra-tls with wolfSSL but I got the following issue raising from the client side:

`[+] Client Test:
[+] Connection with server has been established
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
wolfSSL Entering TLSv1_2_client_method_ex
wolfSSL Entering wolfSSL_CTX_new_ex
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_set_verify
wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
wolfSSL Entering SSL_set_fd
wolfSSL Entering SSL_set_read_fd
wolfSSL Leaving SSL_set_read_fd, return 1
wolfSSL Entering SSL_set_write_fd
wolfSSL Leaving SSL_set_write_fd, return 1
wolfSSL Entering SSL_connect()
wolfSSL Entering SendClientHello
Adding signature algorithms extension
growing output buffer

Signature Algorithms extension to write
Point Formats extension to write
Supported Groups extension to write
Encrypt-Then-Mac extension to write
EMS extension to write
Shrinking output buffer

wolfSSL Leaving SendClientHello, return 0
connect state: CLIENT_HELLO_SENT
growing input buffer

received record layer msg
got HANDSHAKE
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello
wolfSSL Entering DoServerHello
wolfSSL Entering VerifyClientSuite
wolfSSL Leaving DoServerHello, return 0
Shrinking input buffer

wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
growing input buffer

received record layer msg
got HANDSHAKE
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing certificate
wolfSSL Entering DoCertificate
wolfSSL Entering ProcessPeerCerts
Loading peer's cert chain
Put another cert into chain
Verifying Peer's cert
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
No CA signer to verify with
Failed to verify Peer's cert
Callback override available, will continue
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
quote size is 4594; quote signature_data_len is 4158.
[load_qve ../sgx_dcap_quoteverify.cpp:199] Call sgx_create_enclave for QvE. /usr/lib/x86_64-linux-gnu/libsgx_qve.signed.so
[sgx_qv_get_quote_supplemental_data_size ../sgx_dcap_quoteverify.cpp:541] Info: sgx_qve_get_quote_supplemental_data_version successfully returned.
[sgx_qv_get_quote_supplemental_data_size ../sgx_dcap_quoteverify.cpp:551] Info: sgx_qve_get_quote_supplemental_data_size successfully returned.
[unload_qve ../sgx_dcap_quoteverify.cpp:267] unload qve enclave 0X3
sgx_qv_get_quote_supplemental_data_size successfully returned.
[load_qve ../sgx_dcap_quoteverify.cpp:199] Call sgx_create_enclave for QvE. /usr/lib/x86_64-linux-gnu/libsgx_qve.signed.so
[sgx_qv_get_quote_supplemental_data_size ../sgx_dcap_quoteverify.cpp:541] Info: sgx_qve_get_quote_supplemental_data_version successfully returned.
[sgx_qv_get_quote_supplemental_data_size ../sgx_dcap_quoteverify.cpp:551] Info: sgx_qve_get_quote_supplemental_data_size successfully returned.
[unload_qve ../sgx_dcap_quoteverify.cpp:267] unload qve enclave 0X4
[sgx_qv_verify_quote ../sgx_dcap_quoteverify.cpp:450] Info: get_fmspc_ca_from_quote successfully returned.
[sgx_qv_verify_quote ../sgx_dcap_quoteverify.cpp:465] Info: sgx_dcap_retrieve_verification_collateral successfully returned.
[sgx_qv_verify_quote ../sgx_dcap_quoteverify.cpp:484] Info: QVL: sgx_qve_verify_quote successfully returned.
App: sgx_qv_verify_quote successfully returned.
Warning: App: Verification completed with Non-terminal result: a007
Verifying SGX certificate extensions ... Success
wolfSSL Entering SendAlert
growing output buffer

Shrinking output buffer

wolfSSL Leaving SendAlert, return 0
wolfSSL Leaving ProcessPeerCerts, return -188
wolfSSL Leaving DoCertificate, return -188
wolfSSL Leaving DoHandShakeMsgType(), return -188
wolfSSL Leaving DoHandShakeMsg(), return -188
wolfSSL error occurred, error = -188
wolfSSL error occurred, error = -188
ERROR: failed to connect to wolfSSL
wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
Shrinking input buffer`

When I track this error, it mentions "ASN sig error, no CA signer to verify certificate". Does it mean after calling a verify_certificate_callback, it still needs a trusted CA to verify the server's certificate?

Here is a part of the code I implemented on the client side:

....
`wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, cert_verify_callback);

WOLFSSL *ssl = wolfSSL_new(ctx);
if (!ssl) {
	fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
	goto err_ctx;
}

/* Attach wolfSSL to the socket */
wolfSSL_set_fd(ssl, sockfd);

if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
	fprintf(stderr, "ERROR: failed to connect to wolfSSL\n");
	goto err_ssl;
}

WOLFSSL_X509 *srvcrt = wolfSSL_get_peer_certificate(ssl);

int derSz;
const unsigned char *der = wolfSSL_X509_get_der(srvcrt, &derSz);
sgx_report_body_t *body = NULL;`

...

Thank you in advance,

Best Regards,
Sri Yulianti

Remove IAS Signing CA certificate from RA-TLS certificate. We currently hard-code the IAS signing CA certificate.

curl_easy_perform() used to communicate with IAS uses curl_multi_perform() under the hood which spawns an additional thread. In particular, the main Curl thread creates a signal pipe, spawns a child thread, and waits till child signals that it's done. The child does the actual poll/send/recv system calls.

This additional thread forces us to increase the number of SGX threads. Even worse, for switchless mode, it requires to increase the number of outside threads as well.

This can be a source of much confusion for users of SGX-RA-TLS. Users' single-threaded applications now suddenly require two threads.

Hi so this issue is not necessarily related to any of the examples but I thought perhaps someone who worked on the project could provide some guidance. I am working on porting the https-server into Graphene (and later once I get that ported I plan on changing the API to prevent writing files to /tmp). To do so I built a shared library to be imported by python using its C Foreign Function Interface and then linked inside the library ldpreload.so (or a renamed variant). Upon moving it into Graphene I encountered an issue with

curl_easy_perform= 35

I then modified the version of Curl being used to rely on openssl in reference to issue I saw in #1 and rebuilt curl as a dynamic library as opposed to static, which now results in

curl_easy_perform= 58

I was wondering if this could be related to #8 as it seems to rejecting the certificate or if anyone had any experience with a similar issue.

In addition to EPID and ECDSA, it might be valuable to support local attestation. The attester creates an X.509 certificate including the enclave report. The verifier checks the report.

Hi Sir/Madam,

I follow the docker build for sgxsdk, and all the compilation succeeded. However, it is giving me
Assertion `sig_begin != NULL' failed. After investigation, i find out the problem is with curl with IAS server. It is /* 58 - problem with the local certificate */. I can use that certificate with the other remote attestation sample provided by Intel. https://github.com/intel/sgx-ra-sample.

I am receiving the following warning. Is there any plan on update this project according to the API change?

warning: 299 test-as.sgx.trustedservices.intel.com "The version of Attestation Service for Intel(R) Software Guard Extensions API you are using has reached end of life and is no longer available. For details on how to update to the latest version of the API, please refer to the IAS API spec [located here: https://software.intel.com/sites/default/files/managed/7e/3b/ias-api-spec.pdf]."

Turns out I can change /sgx-ra-tls/ias-ra.c v2 to v3 to the following and communicate with IAS server!
ret = snprintf(url, sizeof(url), "https://%s/attestation/sgx/v3/report",

Thanks!
Rd

In sgx enclave,can we verify the certificate signature and verify the certificate chain?I tried,but failed.I want to know whether or not the wolfssl support verify the certificate chain and signature?

Currently, EPID/ECDSA support is determined at build time. In the future, it is desirable to distinguish between EPID/ECDSA dynamically at runtime.

Curl checks both no_proxy and NO_PROXY environment variables. If needed, prepend bash commands with no_proxy="" NO_PROXY="" for attesters/servers.

when i debuged the demo,I found when the demo execute the function which named enc_wolfSSL_read in server-tls.c , the demo called the function ocall_send which in App.c.I want to know what's the relation between enc_wolfSSL_read and ocall_send?thanks.

if no /lib/ld-musl-x86_64.so.1 existed, run ./build.sh sgxlkl will failed for the reson sgxlkl/dep/curl[protobuf] configure failed, and no lib will install at sgxlkl/deps/local/lib

os env:

➜ sgx-ra-tls git:(master) ✗ uname -a
Linux sun 4.15.0-50-generic #5416.04.1-Ubuntu SMP Wed May 8 15:55:19 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
➜ sgx-ra-tls git:(master) ✗ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.6 LTS"
➜ sgx-ra-tls git:(master) ✗ gcc --version
gcc (Ubuntu 5.4.0-6ubuntu116.04.11) 5.4.0 20160609
Copyright (C) 2015 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

➜ sgx-ra-tls git:(master) ✗

Running ra_tls_options.c.sh on a system where python refers to Python 3, a TypeError: 'float' object cannot be interpreted as an integer is thrown and the SPID is not filled in the ra_tls_options structure.

The simple fix is to install Python 2 and change the script to use python2.

I'm getting exactly the same error as this while running run-https-server and run-wolfssl-server examples with SGX-LKL.

I did run the EXTERNAL_IFACE=eth0 make -C sgxlkl up-sgxlkl-network before running the examples.

The last few lines of https-server reads:

make[1]: Leaving directory '/home/bhamidi/clones/sgx-ra-tls/sgxlkl/sgx-lkl'
LD_PRELOAD=/ldpreload.so SGXLKL_TAP=sgxlkl_tap0 RATLS_AESMD_IP=10.0.1.254 SGXLKL_HEAP=268435456 SGXLKL_KEY=/home/bhamidi/clones/sgx-ra-tls/sgxlkl/sgx-lkl/build/config/enclave_debug.key sgx-lkl/build/sgx-lkl-run sgx-lkl/apps/https-server/sgxlkl-miniroot-fs.img /usr/bin/python /https-server.py
Makefile:118: recipe for target 'run-https-server' failed
make: Leaving directory '/home/bhamidi/clones/sgx-ra-tls/sgxlkl'
Assertion failed: rc != -1 (../nonsdk-ra-attester.c: open_socket: 262)
Segmentation fault
make: *** [run-https-server] Error 139

The detailed logs for both the example are attached.
run-wolfssl-server
run-https-server

Note: I'm able to run SGX-SDK and graphene examples without any problems.

Where am I going wrong?

I am attempting to follow the example for launching the Python-based HTTPS server inside the docker container but the server keeps crashing before I can get any client to connect. The client begins launching with the message

LD_PRELOAD=/ldpreload.so SGXLKL_TAP=sgxlkl_tap0 RATLS_AESMD_IP=10.0.1.254 SGXLKL_HEAP=268435456 SGXLKL_KEY=/project/sgxlkl/sgx-lkl/build/config/enclave_debug.key sgx-lkl/build/sgx-lkl-run sgx-lkl/apps/https-server/sgxlkl-miniroot-fs.img /usr/bin/python /https-server.py
ERROR: ld.so: object '/ldpreload.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
Server listening on 10.0.1.1:4443

which appears to be the normal intended behavior. However a couple of seconds later before I have launched any client it errors with the message:

Traceback (most recent call last):
File "/https-server.py", line 32, in
httpd.socket = ssl.wrap_socket (httpd.socket, keyfile='/tmp/key.pem', certfile='/tmp/crt.pem', server_side=True)
File "/usr/lib/python2.7/ssl.py", line 949, in wrap_socket
ciphers=ciphers)
File "/usr/lib/python2.7/ssl.py", line 560, in init
self._context.load_cert_chain(certfile, keyfile)
ssl.SSLError: [SSL] PEM lib (_ssl.c:2798).

I was able to successfully run the attestation examples for both Graphene (including mutual attestation) and the wolfssl example for SGX-LKL if that is of any use for you. I am also registered with intel and have my key and certificate in the default location.

Verify that all attester variants generate certificates with the same validity period, issuer/subject name, signature scheme (sha1 vs sha256), etc.

Hi,

I use docker ubuntu 16.04 to run the project with SPID, EPID_SUBSCRIPTION_KEY, QUOTE_TYPE correctly set up. The docker build command receives the following warnings when installing libsgx_enclave_common but no errors.

Optional modules libiclsclient.so or iclsInit() cannot be found.
Trusted platform service is unavailable. Refer to README for details.

Then I run the docker image and first build with sgxsdk, it was correct but when I ran the example ./App -s I received Failed to create Enclave : error 8198 - 0x2006.

The other problem is when building with graphene, I received the following error.

Traceback (most recent call last):
  File "deps/graphene/Pal/src/host/Linux-SGX/signer/pal-sgx-get-token", line 157, in <module>
    sys.exit(main())
  File "deps/graphene/Pal/src/host/Linux-SGX/signer/pal-sgx-get-token", line 151, in main
    token = connect_aesmd(attr)
  File "deps/graphene/Pal/src/host/Linux-SGX/signer/pal-sgx-get-token", line 117, in connect_aesmd
    raise Exception("Failed. (Error Code = %d)" % (ret_msg.ret.error))
Exception: Failed. (Error Code = 30)
Makefile:169: recipe for target 'wolfssl-ssl-server' failed
make: *** [wolfssl-ssl-server] Error 1
rm ias-ra-wolfssl.c
+ exit 1

It seems that both problems are related to aesmd service. I checked this service in the host os and it is running normally. I wonder if there is anything I missed here. Any advice would be highly appreciated.

Thanks and best regards,
Yuncheng

I tested the project sgx-ra-tls/deps/wolfssl-examples/SGX_Linux, I want use the function which name enc_wolfSSL_CTX_load_verify_buffer, its return value is -150,i checkd the info is: ASN date error, current date before.The same method I test wolfSSL_CTX_load_verify_buffer outer enclave , it reurn ssl_success,why?

In some situations is is impractical/impossible for the attester to talk to IAS. In this case, the attester may embed the quote in the X.509 certificate and the verifier interacts with IAS to have the quote validated.

Backporting wolfSSL's #2036 was less work than forward-porting all existing wolfSSL patches. Eventually, forward-porting the patches is the cleaner solution though.

SGX-RA-TLS uses Curl to send HTTPS requests to the IAS web service. For HTTPS, Curl needs to use a TLS library. By default, Curl is built against OpenSSL which works nicely.

Curl can be also built with an alternative TLS library, like mbedTLS or WolfSSL.

For clearness, one would want to build Curl with mbedTLS if the attester is built with mbedTLS and thus decouple SGX-RA-TLS from OpenSSL completely. (Same for WolfSSL.)

This is impossible however. mbedTLS and WolfSSL do not support large IAS responses ("We don't support fragmentation of ClientHello"). Thus, Curl built with these libs fails with obscure error (CURLE_SSL_CONNECT_ERROR (35)).

Conclusion: Curl must be built with OpenSSL as backend, because it is the only library that correctly communicates with IAS. Even if our attester is built against mbedTLS/WolfSSL, we cannot reuse their functionality in Curl. Thus, we are stuck with two TLS libs as dependencies in SGX-RA-TLS.