Initial Implementation

.gitignore

@@ -1,2 +1,3 @@
 /target
 Cargo.lock
+/sgx-dcap-ql-sys/target

Cargo.toml

@@ -0,0 +1,20 @@
+[package]
+name = "dcap_attestation"
+version = "0.1.0"
+edition = "2018"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[features]
+default = ["bindings"]
+test = ["sgx-dcap-ql-sys/mock"]
+bindings = ["sgx-dcap-ql-sys/bindings"]
+
+[dependencies]
+sgx_types = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk", rev = "e8a9fc22939befa27ff67f5509b2c2dfe8499945", features = [ "extra_traits" ] }
+libloading = "0.7.2"
+sgx-dcap-ql-sys = { path = "sgx-dcap-ql-sys" }
+
+[dev-dependencies]
+mockall = { version = "0.10.2", features = ["nightly"] }
+once_cell = "1.10.0"

enclave-test/.gitignore

@@ -0,0 +1,2 @@
+/build
+/keys

enclave-test/Makefile

@@ -0,0 +1,46 @@
+# Dummy makefile, will call the host and enclave makefile when requested.
+
+SRC_U = app/
+SRC_T = enclave/
+
+# Compilation process, will call the appropriate makefiles.
+
+all: host enclave
+
+host:
+	@echo "\033[32mRequest to compile the host part...\033[0m"
+	@make -C $(SRC_U)
+
+enclave:
+	@echo "\033[32mRequest to compile the enclave part...\033[0m"
+	@make -C $(SRC_T)
+
+clean:
+	@make -C $(SRC_U) clean
+	@make -C $(SRC_T) clean
+
+fclean:
+	@make -C $(SRC_U) fclean
+	@make -C $(SRC_T) fclean
+
+clean_host:
+	@make -C $(SRC_U) clean
+
+clean_enclave:
+	@make -C $(SRC_T) clean
+
+fclean_host:
+	@make -C $(SRC_U) fclean
+
+fclean_enclave:
+	@make -C $(SRC_T) fclean
+
+re_host: fclean_host host
+
+re_enclave: fclean_enclave enclave
+
+re: fclean all
+
+# Dummy rules to let make know that those rules are not files.
+
+.PHONY: host enclave clean clean_host clean_enclave fclean_host fclean_enclave fclean re re_host re_enclave

enclave-test/Makefile.toml

@@ -0,0 +1,8 @@
+[env]
+
+# https://github.com/sagiegurari/cargo-make#workspace-emulation
+CARGO_MAKE_WORKSPACE_EMULATION = true
+CARGO_MAKE_CRATE_WORKSPACE_MEMBERS = ["app", "enclave"]
+
+# https://github.com/sagiegurari/cargo-make#automatically-extend-workspace-makefile
+CARGO_MAKE_EXTEND_WORKSPACE_MAKEFILE = true

enclave-test/README.md

@@ -0,0 +1,70 @@
+# Rust SGX - Template project
+==================================
+
+### This is a template project to start developing with the Rust SGX SDK (https://github.com/apache/incubator-teaclave-sgx-sdk/) easily.
+
+You will find in its template:
+- Makefiles to build your project easily, and link the ```SGX EDL C``` generated files to your Rust SGX projects
+- The file ```buildenv.mk``` that contains compilation rules when building enclave. No need to specify anymore where this file is located.
+- The file ```build.rs``` already configured to build the app/host part properly.
+- The file rust-toolchain, so we can force the use of one specific toolchain (```nightly-2020-10-25``` in this case)
+- ```Cargo/Xargo.toml``` files to set up your project easily. All the dependencies you might need has been added.
+
+You can find those files in this template: 
+
+```
+|-- app/
+|   |-- src/
+|       |-- main.rs
+|   |-- Cargo.toml
+|   |-- Makefile
+|   |-- build.rs
+|   +-- rust-toolchain
+|-- enclave/
+|   |-- src/
+|       |-- lib.rs
+|   |-- Cargo.toml
+|   |-- Enclave.config.xml
+|   |-- Enclave.edl
+|   |-- Enclave.lds
+|   |-- Makefile
+|   |-- Xargo.toml
+|   +-- rust-toolchain
+|-- Makefile
++-- buildenv.mk
+```
+
+## Setting up your project
+
+You need to follow a few steps to use this template properly:
+- Add your ```.rs``` files to the ```src/``` folders (```lib.rs``` / your enclave source code goes in ```enclave/src```, your host/app source code goes in ```app/src```), or modify the ```.rs``` files already included with the project
+- Add your own ```Enclave.edl``` file, or modify the one joined in the project.
+- Change the ```Cargo.toml (or/and Xargo.toml if you want to use Xargo)``` files depending on of your needs (adding/removing dependencies).
+    - Be careful if you want to change the library name on the ```Cargo.toml``` file (enclave part), you will need to reflect this change on the enclave ```Makefile```, more specifically on the ```ENCLAVE_CARGO_LIB``` variable, and on the ```lib.rs``` file.
+    - If you need to change the app/host name, please make sure to edit the host ```Makefile```, and change the variable ```APP_U```.
+
+## Build your project
+
+### Before starting the building process, please make sure you downloaded the Rust SGX SDK repository, we're going to need the EDL and headers files joined in the SDK.
+
+Once you downloaded the Rust SGX SDK, you have multiple ways to start the building process: 
+- Run this command: ```CUSTOM_EDL_PATH=~/teaenclave/edl CUSTOM_COMMON_PATH=~/teaenclave/common make``` (replace ```~/teaenclave``` by the actual SDK location)
+- You can also run the command export (```export CUSTOM_EDL_PATH=~/teaenclave/edl```), and specify the variables before calling make. It is advised to add this command on your ```.bashrc``` file (if you use bash), or your favorite shell configuration file.
+
+### By default, your project will be compiled in hardware mode. If you wish to compile your project in software/simulation mode, you will need to specify it, either by adding ```SGX_MODE=SW``` before make, or by setting the SGX_MODE variable environment to SW.
+
+### Cargo is used by default when compiling, but you can also use Xargo either by adding ```XARGO_SGX=1``` before make, or by setting the XARGO_SGX variable environment to 1. You will also need to specify Xargo library path with XARGO_PATH.
+
+### The makefile has those commands available: 
+- make (will compile everything)
+- make host (will only compile the host part)
+- make enclave (will only compile the enclave part)
+- make clean (will clean the objects/C edl files generated)
+- make clean_host (will clean the objects/C edl files generated for the host only)
+- make clean_enclave (will clean the objects/C edl files generated for the enclave only)
+- make fclean (will clean objects/C edl files and the binaries, plus calling cargo clean for everything)
+- make fclean_host (will clean objects/C edl files and the binaries, plus calling cargo clean for the host only)
+- make fclean_enclave (will clean objects/C edl files and the binaries, plus calling cargo clean for the enclave only)
+- make re (re as relink, will clean everything then compile everything again)
+- make re_host (re as relink, will clean the host part then compile it again)
+- make re_enclave (re as relink, will clean the enclave part then compile it again)

enclave-test/app/.gitignore

@@ -0,0 +1 @@
+/target

enclave-test/app/Cargo.toml

@@ -0,0 +1,14 @@
+[package]
+# name matches APP_U in Makefile
+name = "template-app"
+version = "0.1.0"
+edition = "2018"
+authors = ["Teaclave"]
+build = "build.rs"
+
+[dependencies]
+sgx_types = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk", rev = "e8a9fc22939befa27ff67f5509b2c2dfe8499945", features = [ "extra_traits" ] }
+sgx_urts = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk", rev = "e8a9fc22939befa27ff67f5509b2c2dfe8499945" }
+dcap_attestation = { path = "../../" }
+
+[patch.'https://github.com/apache/teaclave-sgx-sdk.git']

enclave-test/app/Makefile

@@ -0,0 +1,100 @@
+# Makefile settings - Host part
+
+LIB = ../build/lib/
+BIN = ../build/bin/
+# APP_U matches name in Cargo.toml
+APP_U = template-app
+APP_T = enclave.so
+NAME_U = libEnclave_u.a
+SRC_U = ./
+CODEGEN_U = $(SRC_U)/codegen/
+SRC_T = ../enclave/
+OBJ_U = ../build/obj/
+FLAGS = -Wall -Wextra
+GCC_STEP1_U = -I $(CODEGEN_U) -I./include -I$(SGX_SDK)/include -I$(CUSTOM_EDL_PATH) -fPIC -Wno-attributes $(SGX_COMMON_CFLAGS)
+FILES_U = Enclave_u.c
+FILES_U_H = Enclave_u.h
+SGX_ARCH = x64
+TRTS_LIB = sgx_trts
+SERVICE_LIB = sgx_tservice
+# Addprefix dependant variables, no need to change those
+OUTPUT_U = $(FILES_U:.c=.o)
+BIN_U = $(addprefix $(BIN), $(APP_U))
+NAME_U_D = $(addprefix $(LIB), $(NAME_U))
+FILES_U_F=$(addprefix $(CODEGEN_U), $(FILES_U))
+FILES_U_H_F=$(addprefix $(CODEGEN_U), $(FILES_U_H))
+OUTPUT_W_FU=$(addprefix $(OBJ_U), $(OUTPUT_U))
+
+# All Rust and other source files that the Cargo build depends on.
+FILES_RUST_F = Cargo.toml Cargo.lock build.rs $(shell find src -name '*.rs') $(CODEGEN_U)Enclave_u.rs
+
+# Contains compilation rules for the enclave part
+
+include ../buildenv.mk
+include ../buildenv_sgx.mk
+
+# Custom libraries, EDL paths. Needs to be specified with make (CUSTOM_EDL_PATH) (CUSTOM_COMMON_PATH)
+
+# Compilation process, we set up all the dependencies needed to have the correct order of build, and avoid relink
+
+all: $(BIN_U)
+
+$(FILES_U_F): $(SGX_EDGER8R) $(SRC_T)/Enclave.edl
+	@echo "\033[32mGenerating untrusted SGX C edl files...\033[0m"
+	@$(SGX_EDGER8R) --untrusted $(SRC_T)/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir $(CODEGEN_U)
+
+$(NAME_U_D): $(FILES_U_F) $(OUTPUT_W_FU)
+	@echo "\033[32mBuilding untrusted C edl static library...\033[0m"
+	@mkdir -p $(LIB)
+	@$(AR) rcsD $@ $(OUTPUT_W_FU)
+
+$(OBJ_U)%.o:$(CODEGEN_U)%.c
+	@mkdir -p $(OBJ_U)
+	@echo "\033[32m$?: Build in progress...\033[0m"
+	@$(CC) $(FLAGS) $(GCC_STEP1_U) -o $@ -c $?
+
+# We print the compilation mode we're in (hardware/software mode), just as a reminder.
+
+$(BIN_U): $(NAME_U_D) $(FILES_RUST_F) $(FILES_U_H_F)
+ifeq ($(SGX_MODE), SW)
+	@echo "\033[32mSoftware / Simulation mode\033[0m"
+else
+	@echo "\033[32mHardware mode\033[0m"
+endif
+	@echo "\033[32mStarting cargo to build the host...\033[0m"
+	@cd $(SRC_U) && SGX_SDK=$(SGX_SDK) cargo build --release
+	@echo "\033[32mCopying the host to the correct location... ($(BIN_U))\033[0m"
+	@mkdir -p $(BIN)
+	@cp $(SRC_U)/target/release/$(APP_U) $(BIN)
+
+$(CODEGEN_U)Enclave_u.rs: $(CODEGEN_U)Enclave_u.h
+	@echo "\033[32mGenerating Rust bindings: $@\033[0m"
+	@bindgen \
+		--no-recursive-allowlist \
+		--raw-line 'use sgx_types::*;' \
+		--allowlist-function ecall_test \
+		--allowlist-function enclave_create_report \
+		--output $@ \
+		$? \
+		-- -I$(SGX_SDK)/include -I$(CUSTOM_EDL_PATH)
+
+clean: c_clean
+	@rm -rf $(OBJ_U)
+	@echo "\033[32mObject files deleted\033[0m"
+
+fclean: clean fclean_host
+
+fclean_host:
+	@echo "\033[32mBinary file $(BIN_U) deleted\033[0m"
+	@rm -f $(BIN_U)
+	@rm -f $(NAME_U_D)
+	@cargo clean
+
+c_clean:
+	@echo "\033[32mC edl generated files deleted\033[0m"
+	@rm -rf $(FILES_U_F)
+	@rm -rf $(FILES_U_H_F)
+
+re: fclean all
+
+.PHONY: all clean c_clean fclean re fclean_host

enclave-test/app/build.rs

@@ -0,0 +1,19 @@
+use std::env;
+
+fn main() {
+    println!("cargo:rerun-if-env-changed=SGX_SDK");
+    println!("cargo:rerun-if-env-changed=SGX_MODE");
+
+    let sdk_dir = env::var("SGX_SDK").unwrap_or_else(|_| "/opt/sgxsdk".to_string());
+    let is_sim = env::var("SGX_MODE").unwrap_or_else(|_| "HW".to_string());
+
+    println!("cargo:rustc-link-search=native=../build/lib");
+    println!("cargo:rustc-link-lib=static=Enclave_u");
+
+    println!("cargo:rustc-link-search=native={}/lib64", sdk_dir);
+    match is_sim.as_ref() {
+        "SW" => println!("cargo:rustc-link-lib=dylib=sgx_urts_sim"),
+        "HW" => println!("cargo:rustc-link-lib=dylib=sgx_urts"),
+        _ => println!("cargo:rustc-link-lib=dylib=sgx_urts"), // Treat undefined as HW
+    }
+}