fuzz sgx,exist bugs, just for pr review

Author: Ben-cpy

cmake/CompilerOptions.cmake

@@ -1,5 +1,5 @@
 # Normal and occlum mode
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu11 -fPIC -Werror=implicit-function-declaration")
+# set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu11 -fPIC -Werror=implicit-function-declaration")
 set(RATS_TLS_LDFLAGS "-fPIC -Bsymbolic -ldl")
 
 if(OCCLUM)
@@ -12,6 +12,16 @@ else()
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O2")
 endif()
 
+if((BUILD_FUZZ) AND (SGX))
+    set(SGX_COMMON_CFLAGS "${SGX_COMMON_FLAGS} -Wstrict-prototypes  -Wno-implicit-function-declaration")
+    set(SGX_COMMON_CXXFLAGS "${SGX_COMMON_FLAGS} -Wnon-virtual-dtor")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC -Werror=implicit-function-declaration")
+elseif()
+    set(SGX_COMMON_CFLAGS "${SGX_COMMON_FLAGS} -Wstrict-prototypes -Wunsuffixed-float-constants -Wno-implicit-function-declaration -std=c11")
+    set(SGX_COMMON_CXXFLAGS "${SGX_COMMON_FLAGS} -Wnon-virtual-dtor -std=c++11")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu11 -fPIC -Werror=implicit-function-declaration")
+endif()
+
 # SGX mode
 if(SGX)
     if(SGX_HW)
@@ -56,8 +66,8 @@ if(SGX)
         set(ENCLAVE_COMMON_FLAGS "${ENCLAVE_COMMON_FLAGS} -fstack-protector-strong")
     endif()
 
-    set(SGX_COMMON_CFLAGS "${SGX_COMMON_FLAGS} -Wstrict-prototypes -Wunsuffixed-float-constants -Wno-implicit-function-declaration -std=c11")
-    set(SGX_COMMON_CXXFLAGS "${SGX_COMMON_FLAGS} -Wnon-virtual-dtor -std=c++11")
+    # set(SGX_COMMON_CFLAGS "${SGX_COMMON_FLAGS} -Wstrict-prototypes -Wunsuffixed-float-constants -Wno-implicit-function-declaration -std=c11")
+    # set(SGX_COMMON_CXXFLAGS "${SGX_COMMON_FLAGS} -Wnon-virtual-dtor -std=c++11")
 
     set(ENCLAVE_INCLUDES "${SGX_INCLUDE}" "${SGX_TLIBC_INCLUDE}" "${SGX_LIBCXX_INCLUDE}" "/usr/include")
     set(ENCLAVE_C_FLAGS "${CMAKE_C_FLAGS} ${SGX_COMMON_CFLAGS} ${ENCLAVE_COMMON_FLAGS}")
@@ -67,3 +77,4 @@ if(SGX)
     set(APP_C_FLAGS "${CMAKE_C_FLAGS} ${SGX_COMMON_CFLAGS} ${APP_COMMON_FLAGS}")
     set(APP_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${SGX_COMMON_CXXFLAGS} ${APP_COMMON_FLAGS}")
 endif()
+

fuzz/CMakeLists.txt

@@ -1,4 +1,11 @@
-add_subdirectory(tls_init)
-add_subdirectory(tls_negotiate)
+if(SGX)
+    add_subdirectory(tls_sgx_mode)
+    add_subdirectory(sgx-stub-enclave)
+else()
+    add_subdirectory(tls_init)
+    add_subdirectory(tls_negotiate)
+    add_subdirectory(tls_transmit)
+endif()
 add_subdirectory(tls_server)
-add_subdirectory(tls_transmit)
+
+

fuzz/sgx-stub-enclave/CMakeLists.txt

@@ -0,0 +1,83 @@
+# Project name
+project(sgx-stub-enclave CXX)
+
+set(CMAKE_CXX_COMPILER "/usr/bin/clang++")
+set(CMAKE_CXX_FLAGS "-g ${CMAKE_CXX_FLAGS}")
+set(RATS_TLS_INSTALL_FUZZ_PATH /usr/share/rats-tls/fuzz)
+
+if((BUILD_SAMPLES) OR (BUILD_FUZZ))
+    set(INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/rats-tls
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/external/sgx-ssl/intel-sgx-ssl/src/intel-sgx-ssl/Linux/package/include
+                     )
+
+    set(LIBRARY_DIRS ${INTEL_SGXSSL_LIB_PATH}
+                     ${LIBCBOR_LIB_PATH}
+                     ${CMAKE_BINARY_DIR}/src
+                     ${CMAKE_BINARY_DIR}/src/crypto_wrappers/nullcrypto
+                     ${CMAKE_BINARY_DIR}/src/crypto_wrappers/openssl
+                     ${CMAKE_BINARY_DIR}/src/tls_wrappers/nulltls
+                     ${CMAKE_BINARY_DIR}/src/tls_wrappers/openssl
+                     ${CMAKE_BINARY_DIR}/src/verifiers/nullverifier
+                     ${CMAKE_BINARY_DIR}/src/verifiers/sgx-ecdsa-qve
+                     ${CMAKE_BINARY_DIR}/src/verifiers/tdx-ecdsa
+                     ${CMAKE_BINARY_DIR}/src/verifiers/sgx-la
+                     ${CMAKE_BINARY_DIR}/src/attesters/nullattester
+                     ${CMAKE_BINARY_DIR}/src/attesters/sgx-ecdsa
+                     ${CMAKE_BINARY_DIR}/src/attesters/sgx-la
+                     )
+
+    set(EDL_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}
+                         ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl
+                         )
+else()
+    list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake")
+    include(CustomInstallDirs)
+    include(FindRatsTls)
+    if(NOT RATS_TLS_FOUND)
+        message(FATAL_ERROR "Failed to find rats_tls!")
+    endif()
+    include(FindSGX)
+    if(NOT SGX_FOUND)
+        message(FATAL_ERROR "Failed to find sgx!")
+    endif()
+    include(CompilerOptions)
+    include(SGXCommon)
+
+    set(INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/rats-tls
+                     ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl)
+
+    set(LIBRARY_DIRS ${RATS_TLS_INSTALL_LIB_PATH})
+
+    set(EDL_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/../../src/include/edl)
+endif()
+
+include_directories(${INCLUDE_DIRS})
+link_directories(${LIBRARY_DIRS})
+
+set(E_SRCS ${CMAKE_CURRENT_SOURCE_DIR}/sgx_stub_ecall.c)
+set(EDLS ${CMAKE_CURRENT_SOURCE_DIR}/sgx_stub.edl)
+set(LDS ${CMAKE_CURRENT_SOURCE_DIR}/sgx_stub_enclave.lds)
+set(DEPEND_TRUSTED_LIBS crypto_wrapper_nullcrypto
+                        crypto_wrapper_openssl
+                        tls_wrapper_nulltls
+                        tls_wrapper_openssl
+                        attester_nullattester
+                        attester_sgx_ecdsa
+                        attester_sgx_la
+                        verifier_nullverifier
+                        verifier_sgx_la
+                        verifier_sgx_ecdsa_qve
+                        verifier_tdx_ecdsa
+                        rats_tls
+                        cbor
+                        )
+
+add_enclave_library(sgx_stub_enclave SRCS ${E_SRCS} EDL ${EDLS} TRUSTED_LIBS ${DEPEND_TRUSTED_LIBS} EDL_SEARCH_PATHS ${EDL_SEARCH_PATHS} LDSCRIPT ${LDS})
+enclave_sign(sgx_stub_enclave KEY sgx_stub_enclave.pem CONFIG sgx_stub_enclave.xml) 
+add_dependencies(sgx_stub_enclave rats_tls)
+
+install(FILES ${CMAKE_CURRENT_BINARY_DIR}/sgx_stub_enclave.signed.so
+        DESTINATION ${RATS_TLS_INSTALL_FUZZ_PATH})

fuzz/sgx-stub-enclave/sgx_stub.edl

@@ -0,0 +1,28 @@
+enclave {
+        include "rats-tls/api.h"
+        include "internal/core.h"
+        include "sgx_eid.h"
+
+        from "../../src/include/edl/rtls.edl" import *;
+        from "sgx_tsgxssl.edl" import *;
+
+        trusted {
+            public int ecall_client_startup(
+                                rats_tls_log_level_t log_level,
+                                [in, string] char *fuzz_conf_bytes,
+                                [in, string] char *attester_type,
+                                [in, string] char *verifier_type,
+                                [in, string] char *tls_type,
+                                [in, string] char *crypto_type,
+                                unsigned long flags);
+
+            public int ecall_server_startup(
+                                rats_tls_log_level_t log_level,
+                                [in, string] char *fuzz_conf_bytes,
+                                [in, string] char *attester_type,
+                                [in, string] char *verifier_type,
+                                [in, string] char *tls_type,
+                                [in, string] char *crypto_type,
+                                unsigned long flags);
+        };
+};

fuzz/sgx-stub-enclave/sgx_stub_ecall.c

@@ -0,0 +1,90 @@
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <errno.h>
+
+
+#include <rats-tls/api.h>
+#include <rats-tls/log.h>
+#include "rats-tls/api.h"
+#include "sgx_urts.h"
+#include "sgx_stub_t.h"
+
+#define FUZZ_IP		   "127.0.0.1"
+#define FUZZ_PORT	   1234
+
+int ecall_client_startup(rats_tls_log_level_t log_level,char *fuzz_conf_bytes,char *attester_type,char *verifier_type, char *tls_type, char *crypto_type, unsigned long flags){
+    
+    rats_tls_conf_t conf;
+    memcpy(&conf,fuzz_conf_bytes,sizeof(&conf));
+
+    // little confused, why use snprintf 
+    snprintf(conf.attester_type, sizeof(conf.attester_type), "%s", attester_type);
+	snprintf(conf.verifier_type, sizeof(conf.verifier_type), "%s", verifier_type);
+	snprintf(conf.tls_type, sizeof(conf.tls_type), "%s", tls_type);
+	snprintf(conf.crypto_type, sizeof(conf.crypto_type), "%s", crypto_type);
+    conf.flags = flags;
+    conf.cert_algo = RATS_TLS_CERT_ALGO_DEFAULT;
+
+    /*passing a struct into enclave seems a little complicated,
+    use the default instead */
+    claim_t custom_claims[2] = {
+		{ .name = "key_0", .value = (uint8_t *)"value_0", .value_size = sizeof("value_0") },
+		{ .name = "key_1", .value = (uint8_t *)"value_1", .value_size = sizeof("value_1") },
+	};
+	conf.custom_claims = (claim_t *)custom_claims;
+	conf.custom_claims_length = 2;
+    
+	/* Create a socket that uses an internet IPv4 address,
+	 * Sets the socket to be stream based (TCP),
+	 * 0 means choose the default protocol.
+	 */
+
+	int64_t sockfd;
+	int sgx_status = ocall_socket(&sockfd, RTLS_AF_INET, RTLS_SOCK_STREAM, 0);
+	if (sgx_status != SGX_SUCCESS || sockfd < 0) {
+		RTLS_ERR("Failed to call socket() %#x %d\n", sgx_status, sockfd);
+		return -1;
+	}
+
+	struct rtls_sockaddr_in s_addr;
+	memset(&s_addr, 0, sizeof(s_addr));
+	s_addr.sin_family = RTLS_AF_INET;
+	s_addr.sin_addr.s_addr = FUZZ_IP;
+	s_addr.sin_port = FUZZ_PORT;
+
+	/* Connect to the server */
+	int ocall_ret = 0;
+	sgx_status = ocall_connect(&ocall_ret, sockfd, &s_addr, sizeof(s_addr));
+	if (sgx_status != SGX_SUCCESS || ocall_ret == -1) {
+		RTLS_ERR("failed to call connect() %#x %d\n", sgx_status, ocall_ret);
+		return -1;
+	}
+
+    /* rats-tls init */
+	librats_tls_init();
+	rats_tls_handle handle;
+	rats_tls_err_t ret = rats_tls_init(&conf, &handle);
+	if (ret != RATS_TLS_ERR_NONE) {
+		RTLS_ERR("Failed to initialize rats tls %#x\n", ret);
+		return -1;
+	}
+
+	ret = rats_tls_negotiate(handle, (int)sockfd);
+	if (ret != RATS_TLS_ERR_NONE) {
+		RTLS_ERR("Failed to negotiate %#x\n", ret);
+		return -1;
+	}
+	
+	const char* msg = "Hello and welcome to RATS-TLS!\n";
+
+
+    return 0;
+}
+
+
+int ecall_server_startup(rats_tls_log_level_t log_level,char *fuzz_conf_bytes,char *attester_type,char *verifier_type, char *tls_type, char *crypto_type, unsigned long flags){
+	RTLS_ERR("entering into the server ");
+	return 0;
+
+}

fuzz/sgx-stub-enclave/sgx_stub_ecall.h

@@ -0,0 +1,3 @@
+#ifndef _SGX_STUB_ECALL_H_
+#define _SGX_STUB_ECALL_H_
+#endif

fuzz/sgx-stub-enclave/sgx_stub_enclave.lds

@@ -0,0 +1,11 @@
+libsgx_stub_enclave.so.so
+{
+    global:
+        g_global_data_sim;
+        g_global_data;
+        enclave_entry;
+        g_peak_heap_used;
+        g_peak_rsrv_mem_committed;
+    local:
+        *;
+};

fuzz/sgx-stub-enclave/sgx_stub_enclave.pem

@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4gIBAAKCAYEAroOogvsj/fZDZY8XFdkl6dJmky0lRvnWMmpeH41Bla6U1qLZ
+AmZuyIF+mQC/cgojIsrBMzBxb1kKqzATF4+XwPwgKz7fmiddmHyYz2WDJfAjIveJ
+ZjdMjM4+EytGlkkJ52T8V8ds0/L2qKexJ+NBLxkeQLfV8n1mIk7zX7jguwbCG1Pr
+nEMdJ3Sew20vnje+RsngAzdPChoJpVsWi/K7cettX/tbnre1DL02GXc5qJoQYk7b
+3zkmhz31TgFrd9VVtmUGyFXAysuSAb3EN+5VnHGr0xKkeg8utErea2FNtNIgua8H
+ONfm9Eiyaav1SVKzPHlyqLtcdxH3I8Wg7yqMsaprZ1n5A1v/levxnL8+It02KseD
+5HqV4rf/cImSlCt3lpRg8U5E1pyFQ2IVEC/XTDMiI3c+AR+w2jSRB3Bwn9zJtFlW
+KHG3m1xGI4ck+Lci1JvWWLXQagQSPtZTsubxTQNx1gsgZhgv1JHVZMdbVlAbbRMC
+1nSuJNl7KPAS/VfzAgEDAoIBgHRXxaynbVP5gkO0ug6Qw/E27wzIw4SmjsxG6Wpe
+K7kfDeRskKxESdsA/xCrKkwGwhcx1iIgS5+Qscd1Yg+1D9X9asd/P7waPmWoZd+Z
+AhlKwhdPsO7PiF3e1AzHhGQwsUTt/Y/aSI1MpHBvy2/s1h9mFCslOUxTmWw0oj/Q
+ldIEgWeNR72CE2+jFIJIyml6ftnb6qzPiga8Bm48ubKh0kvySOqnkmnPzgh+JBD6
+JnBmtZbfPT97bwTT+N6rnPqOOApvfHPf15kWI8yDbprG1l4OCUaIUH1AszxLd826
+5IPM+8gINLRDP1MA6azECPjTyHXhtnSIBZCyWSVkc05vYmNXYUNiXWMajcxW9M02
+wKzFELO8NCEAkaTPxwo4SCyIjUxiK1LbQ9h8PSy4c1+gGP4LAMR8xqP4QKg6zdu9
+osUGG/xRe/uufgTBFkcjqBHtK5L5VI0jeNIUAgW/6iNbYXjBMJ0GfauLs+g1VsOm
+WfdgXzsb9DYdMa0OXXHypmV4GwKBwQDUwQj8RKJ6c8cT4vcWCoJvJF00+RFL+P3i
+Gx2DLERxRrDa8AVGfqaCjsR+3vLgG8V/py+z+dxZYSqeB80Qeo6PDITcRKoeAYh9
+xlT3LJOS+k1cJcEmlbbO2IjLkTmzSwa80fWexKu8/Xv6vv15gpqYl1ngYoqJM3pd
+vzmTIOi7MKSZ0WmEQavrZj8zK4endE3v0eAEeQ55j1GImbypSf7Idh7wOXtjZ7WD
+Dg6yWDrri+AP/L3gClMj8wsAxMV4ZR8CgcEA0fzDHkFa6raVOxWnObmRoDhAtE0a
+cjUj976NM5yyfdf2MrKy4/RhdTiPZ6b08/lBC/+xRfV3xKVGzacm6QjqjZrUpgHC
+0LKiZaMtccCJjLtPwQd0jGQEnKfMFaPsnhOc5y8qVkCzVOSthY5qhz0XNotHHFmJ
+gffVgB0iqrMTvSL7IA2yqqpOqNRlhaYhNl8TiFP3gIeMtVa9rZy31JPgT2uJ+kfo
+gV7sdTPEjPWZd7OshGxWpT6QfVDj/T9T7L6tAoHBAI3WBf2DFvxNL2KXT2QHAZ9t
+k3imC4f7U+wSE6zILaDZyzygA4RUbwG0gv8/TJVn2P/Eynf76DuWHGlaiLWnCbSz
+Az2DHBQBBaku409zDQym3j1ugMRjzzSQWzJg0SIyBH3hTmnYcn3+Uqcp/lEBvGW6
+O+rsXFt3pukqJmIV8HzLGGaLm62BHUeZf3dyWm+i3p/hQAL7Xvu04QW70xuGqdr5
+afV7p5eaeQIJXyGQJ0eylV/90+qxjMKiB1XYg6WYvwKBwQCL/ddpgOdHJGN8uRom
+e7Zq0Csi3hGheMKlKbN3vcxT5U7MdyHtTZZOJbTvxKNNUNYH/8uD+PqDGNneb29G
+BfGzvI3EASyLIcGZF3OhKwZd0jUrWk2y7Vhob91jwp2+t73vdMbkKyI4mHOuXvGv
+fg95si9oO7EBT+Oqvhccd2J+F1IVXncccYnF4u5ZGWt5lLewN/pVr7MjjykeaHqN
+t+rfnQam2psA6fL4zS2zTmZPzR2tnY8Y1GBTi0Ko1OKd1HMCgcAb5cB/7/AQlhP9
+yQa04PLH9ygQkKKptZp7dy5WcWRx0K/hAHRoi2aw1wZqfm7VBNu2SLcs90kCCCxp
+6C5sfJi6b8NpNbIPC+sc9wsFr7pGo9SFzQ78UlcWYK2Gu2FxlMjonhka5hvo4zvg
+WxlpXKEkaFt3gLd92m/dMqBrHfafH7VwOJY2zT3WIpjwuk0ZzmRg5p0pG/svVQEH
+NZmwRwlopysbR69B/n1nefJ84UO50fLh5s5Zr3gBRwbWNZyzhXk=
+-----END RSA PRIVATE KEY-----

fuzz/sgx-stub-enclave/sgx_stub_enclave.xml

@@ -0,0 +1,9 @@
+<EnclaveConfiguration>
+  <ProdID>0</ProdID>
+  <ISVSVN>0</ISVSVN>
+  <StackMaxSize>0x400000</StackMaxSize>
+  <HeapMaxSize>0x1000000</HeapMaxSize>
+  <TCSNum>10</TCSNum>
+  <TCSPolicy>1</TCSPolicy>
+  <DisableDebug>0</DisableDebug>
+</EnclaveConfiguration>