Add backup schema for sgx_kms

Author: JinkaiYang

cczoo/ehsm/README.md

@@ -0,0 +1,16 @@
+rkeyserver/App/enclave_u.*
+rkeyserver/Enclave/enclave_t.*
+rkeyserver/App/*.o
+rkeyserver/Enclave/*.o
+
+utils/tkey_exchange/*.o
+utils/tkey_exchange/sgx_tkey_exchange_t.*
+utils/tkey_exchange/sgx_tkey_exchange_u.*
+utils/ukey_exchange/*.o
+
+out/
+
+.history/
+.vscode/
+
+rkeyserver/App/auto_version.h

cczoo/ehsm/ehsm

@@ -0,0 +1,31 @@
+BSD 3-clause "New" or "Revised" License
+
+Copyright (C) 2020-2022 Intel Corporation. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+  * Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
+  * Redistributions in binary form must reproduce the above copyright
+    notice, this list of conditions and the following disclaimer in
+    the documentation and/or other materials provided with the
+    distribution.
+  * Neither the name of Intel Corporation nor the names of its
+    contributors may be used to endorse or promote products derived
+    from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+=================================================================

cczoo/sgx_kms/.gitignore

@@ -0,0 +1,61 @@
+#
+# Copyright (C) 2011-2020 Intel Corporation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+#   * Redistributions of source code must retain the above copyright
+#     notice, this list of conditions and the following disclaimer.
+#   * Redistributions in binary form must reproduce the above copyright
+#     notice, this list of conditions and the following disclaimer in
+#     the documentation and/or other materials provided with the
+#     distribution.
+#   * Neither the name of Intel Corporation nor the names of its
+#     contributors may be used to endorse or promote products derived
+#     from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+#
+
+include buildenv.mk
+
+SUB_DIR := utils/tkey_exchange utils/ukey_exchange rkeyserver
+
+.PHONY: all clean
+
+all:
+	for dir in $(SUB_DIR); do \
+		$(MAKE) -C $$dir; \
+	done
+
+ifeq ($(Build_Mode), HW_DEBUG)
+	@echo "The project has been built in hardware debug mode."
+else ifeq ($(Build_Mode), HW_RELEAESE)
+	@echo "The project has been built in hardware release mode."
+else ifeq ($(Build_Mode), HW_PRERELEAESE)
+	@echo "The project has been built in hardware pre-release mode."
+else ifeq ($(Build_Mode), SIM_DEBUG)
+	@echo "The project has been built in simulation debug mode."
+else ifeq ($(Build_Mode), SIM_RELEAESE)
+	@echo "The project has been built in simulation release mode."
+else ifeq ($(Build_Mode), SIM_PRERELEAESE)
+	@echo "The project has been built in simulation pre-release mode."
+endif
+
+clean:
+	@rm -rf $(OUTDIR)
+	for dir in $(SUB_DIR); do \
+		$(MAKE) -C $$dir clean; \
+	done

cczoo/sgx_kms/License.txt

@@ -0,0 +1,61 @@
+## Overview of this backup schema of sgx_kms
+
+In the design architecture of sgx_kms, the TCP/IP socket server is used to provide the root key, the remote secure channel provided by SGX is used to transmit the root key in the enclave, and the SGX Keys are used to encrypt the root key and store it in a local file or database, so that it can be safely stored outside the enclave environment. In this way, the root key is also bound with the unique SGX Keys of the processor, reducing the correlation between the root key and the maintenance personnel. Considering that the server may fail, we have designed a backup architecture. When we start the standby server, we will ask the primary server for the root key and keep it securely. When the primary server goes down, the backup server can play a role as the primary server.
+
+The root key stored in the keystore needs to be decrypted by all root key providing service instances, while other platforms cannot decrypt the root key encrypted through the SGX sealing mechanism. Therefore, in the SGX security enhanced root key providing service design, the Root Key is deployed in each backup instance by using SGX remote authentication to establish a secure session. The scheme design is shown in the figure. This scheme is stored on the platform through SGX sealed encryption, and the root key is only used for decryption in Enclave, so that every instance has the same root key, and the attacker is prevented from directly obtaining the master key from memory.
+
+<img src="./docs/arch-of-back-sgxkms.png" alt="arch-of-back-sgxkms" style="zoom:50%;" />
+
+## Build Instructions
+
+- If you need to synchronize the domain key between the host machine (the machine that has the domain key) and the backup machine (the machine that requests the domain key from the host machine), then you can compile first.
+
+``` bash
+make
+```
+
+- In this way, the directory `out/` will be generated, and in this directory, there will be the following files
+
+``` 
+rkeyserver 
+
+lib
+```
+
+- Enter the folder rkeyserver, there will be the following file rkeyserver
+
+```
+ libenclave-rkeyserver.signed.so 
+
+ libenclave-rkeyserver.so
+```
+
+- On the host side, execute
+
+``` bash
+./rkeyserver
+```
+
+- on the backup machine, execute
+
+``` bash
+./ehsm-rkeyserver -i 10.23.100.2 -p 8888
+```
+
+`-i` is followed by the ip address of the host (`10.23.100.2` is used here as an example), `-p` is the port number of the host, the default is `8888`.
+
+- If the following message is displayed
+
+```
+INFO [App/ra_getkey.cpp(454) -> start_getkey]: Successfully received the DomainKey from deploy server.
+```
+
+It means that the domain key is successfully obtained on the backup machine. By default, the domain key is stored in the directory `/etc/rkey.bin` in encrypted form.
+
+It is worth mentioning that when the `/etc/rkey.bin` file already exists, when the backup machine continues to request the domain key from the host, the original `rkey.bin` file will be replaced by the new `rkey.bin` file and the following information is output on the screen
+
+```
+file already exist, substitute by new file
+```
+
+

cczoo/sgx_kms/Makefile

@@ -0,0 +1,151 @@
+#
+# Copyright (C) 2011-2020 Intel Corporation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+#   * Redistributions of source code must retain the above copyright
+#     notice, this list of conditions and the following disclaimer.
+#   * Redistributions in binary form must reproduce the above copyright
+#     notice, this list of conditions and the following disclaimer in
+#     the documentation and/or other materials provided with the
+#     distribution.
+#   * Neither the name of Intel Corporation nor the names of its
+#     contributors may be used to endorse or promote products derived
+#     from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+#
+
+######## auto_version Settings ########
+DATE_STRING := `date "+20%y.%m.%d %k:%M"`
+KMS_GIT_SHA=$(shell git rev-parse --short=7 --verify HEAD)
+
+# -------------------------------------------------------------------
+#  Function : parent-dir
+#  Arguments: 1: path
+#  Returns  : Parent dir or path of $1, with final separator removed.
+# -------------------------------------------------------------------
+parent-dir = $(patsubst %/,%,$(dir $(1:%/=%)))
+
+# ------------------------------------------------------------------
+#  Macro    : my-dir
+#  Returns  : the directory of the current Makefile
+#  Usage    : $(my-dir)
+# ------------------------------------------------------------------
+my-dir = $(realpath $(call parent-dir,$(lastword $(MAKEFILE_LIST))))
+
+ROOT_DIR := $(call my-dir)
+ifneq ($(words $(subst :, ,$(ROOT_DIR))), 1)
+  $(error main directory cannot contain spaces nor colons)
+endif
+
+######## Output Settings ########
+TOPDIR = $(ROOT_DIR)
+OUTDIR := out
+OUTLIB_DIR := $(OUTDIR)/lib
+
+######## Compiler Settings ########
+CP = cp
+CC ?= gcc
+CXX ?= g++
+RM = rm -f
+
+######## SGX SDK Settings ########
+
+SGX_SDK ?= /opt/intel/sgxsdk
+SGX_MODE ?= HW
+SGX_ARCH ?= x64
+SGX_DEBUG ?= 1
+#SUPPLIED_KEY_DERIVATION ?= 1
+
+include $(SGX_SDK)/buildenv.mk
+
+ifeq ($(shell getconf LONG_BIT), 32)
+	SGX_ARCH := x86
+else ifeq ($(findstring -m32, $(CXXFLAGS)), -m32)
+	SGX_ARCH := x86
+endif
+
+ifeq ($(SGX_ARCH), x86)
+	SGX_COMMON_FLAGS := -m32
+	SGX_LIBRARY_PATH := $(SGX_SDK)/lib
+	SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x86/sgx_sign
+	SGX_EDGER8R := $(SGX_SDK)/bin/x86/sgx_edger8r
+else
+	SGX_COMMON_FLAGS := -m64
+	SGX_LIBRARY_PATH := $(SGX_SDK)/lib64
+	SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x64/sgx_sign
+	SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r
+endif
+
+ifeq ($(SGX_DEBUG), 1)
+ifeq ($(SGX_PRERELEASE), 1)
+$(error Cannot set SGX_DEBUG and SGX_PRERELEASE at the same time!!)
+endif
+endif
+
+ifeq ($(SUPPLIED_KEY_DERIVATION), 1)
+	SGX_COMMON_FLAGS += -DSUPPLIED_KEY_DERIVATION
+endif
+
+ifeq ($(SGX_DEBUG), 1)
+    SGX_COMMON_FLAGS += -O0 -ggdb3
+else
+    SGX_COMMON_FLAGS += -O2
+endif
+
+SGX_COMMON_FLAGS += -Wall -Wextra -Winit-self -Wpointer-arith -Wreturn-type \
+    -Waddress -Wsequence-point -Wformat-security \
+    -Wmissing-include-dirs -Wfloat-equal -Wundef -Wshadow \
+    -Wcast-align -Wredundant-decls
+
+#SGX_COMMON_CFLAGS += $(SGX_COMMON_FLAGS) -Wstrict-prototypes -Wunsuffixed-float-constants -Wcast-qual
+
+SGX_COMMON_CXXFLAGS := $(SGX_COMMON_FLAGS) -Wnon-virtual-dtor -std=c++11
+
+######## BUILD Settings ########
+ifeq ($(SGX_MODE), HW)
+ifeq ($(SGX_DEBUG), 1)
+	Build_Mode = HW_DEBUG
+else ifeq ($(SGX_PRERELEASE), 1)
+	Build_Mode = HW_PRERELEASE
+else
+	Build_Mode = HW_RELEASE
+endif
+else
+ifeq ($(SGX_DEBUG), 1)
+	Build_Mode = SIM_DEBUG
+else ifeq ($(SGX_PRERELEASE), 1)
+	Build_Mode = SIM_PRERELEASE
+else
+	Build_Mode = SIM_RELEASE
+endif
+endif
+
+ifneq ($(SGX_MODE), HW)
+	Urts_Library_Name := sgx_urts_sim
+else
+	Urts_Library_Name := sgx_urts
+endif
+
+ifneq ($(SGX_MODE), HW)
+	Trts_Library_Name := sgx_trts_sim
+	Service_Library_Name := sgx_tservice_sim
+else
+	Trts_Library_Name := sgx_trts
+	Service_Library_Name := sgx_tservice
+endif
+