diff --git a/SGX_Linux/README.md b/SGX_Linux/README.md index f3a658d9..d308d2c7 100644 --- a/SGX_Linux/README.md +++ b/SGX_Linux/README.md @@ -2,6 +2,12 @@ This repository contains an example application, written in C, which demonstrates how to link with the wolfSSL lightweight SSL/TLS library with a simple Enclave using Linux. The example has been tested with Ubuntu 16.04. +Note that the example passes pointers using [user_check]. For more information +about what [user_check] is, and precautions needed when developing an application +that uses it, see Intel documentation located here +https://software.intel.com/en-us/sgx-sdk-dev-reference-attribute-user-check. An +application could be developed to completely avoid passing the WOLFSSL_CTX +pointer between trusted and untrusted code for more security. ## Prerequisites diff --git a/SGX_Linux/trusted/Wolfssl_Enclave.c b/SGX_Linux/trusted/Wolfssl_Enclave.c index 155df0b8..daed9a08 100644 --- a/SGX_Linux/trusted/Wolfssl_Enclave.c +++ b/SGX_Linux/trusted/Wolfssl_Enclave.c @@ -6,6 +6,27 @@ #include "sgx_trts.h" +#if defined(XMALLOC_USER) || defined(XMALLOC_OVERRIDE) + #warning verfication of heap hint pointers needed when overriding default malloc/free +#endif + +#if defined(WOLFSSL_STATIC_MEMORY) +/* check on heap hint when used, aborts if pointer is not in Enclave. + * In the default case where wolfSSL_Malloc is used the heap hint pointer is not + * used.*/ +static void checkHeapHint(WOLFSSL_CTX* ctx, WOLFSSL* ssl) +{ + void* heap; + if ((heap = wolfSSL_CTX_getHeap(ctx, ssl)) != NULL) { + if(sgx_is_within_enclave(heap, sizeof(WOLFSSL_HEAP_HINT)) != 1) + abort(); + if(sgx_is_within_enclave(heap->memory, sizeof(WOLFSSL_HEAP)) != 1) + abort(); + } +} +#endif /* WOLFSSL_STATIC_MEMORY */ + + int wc_test(void* args) { #ifdef HAVE_WOLFSSL_TEST @@ -65,6 +86,11 @@ int enc_wolfSSL_CTX_use_certificate_chain_buffer_format(WOLFSSL_CTX* ctx, { if(sgx_is_within_enclave(ctx, wolfSSL_CTX_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(ctx, NULL); +#endif + return wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, buf, sz, type); } @@ -73,6 +99,11 @@ int enc_wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX* ctx, { if(sgx_is_within_enclave(ctx, wolfSSL_CTX_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(ctx, NULL); +#endif + return wolfSSL_CTX_use_certificate_buffer(ctx, buf, sz, type); } @@ -81,6 +112,11 @@ int enc_wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX* ctx, const unsigned char* { if(sgx_is_within_enclave(ctx, wolfSSL_CTX_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(ctx, NULL); +#endif + return wolfSSL_CTX_use_PrivateKey_buffer(ctx, buf, sz, type); } @@ -89,12 +125,22 @@ int enc_wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX* ctx, const unsigned char* in { if(sgx_is_within_enclave(ctx, wolfSSL_CTX_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(ctx, NULL); +#endif + return wolfSSL_CTX_load_verify_buffer(ctx, in, sz, format); } int enc_wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list) { if(sgx_is_within_enclave(ctx, wolfSSL_CTX_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(ctx, NULL); +#endif + return wolfSSL_CTX_set_cipher_list(ctx, list); } @@ -109,6 +155,11 @@ int enc_wolfSSL_set_fd(WOLFSSL* ssl, int fd) { if(sgx_is_within_enclave(ssl, wolfSSL_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(NULL, ssl); +#endif + return wolfSSL_set_fd(ssl, fd); } @@ -116,6 +167,11 @@ int enc_wolfSSL_connect(WOLFSSL* ssl) { if(sgx_is_within_enclave(ssl, wolfSSL_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(NULL, ssl); +#endif + return wolfSSL_connect(ssl); } @@ -123,6 +179,11 @@ int enc_wolfSSL_write(WOLFSSL* ssl, const void* in, int sz) { if(sgx_is_within_enclave(ssl, wolfSSL_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(NULL, ssl); +#endif + return wolfSSL_write(ssl, in, sz); } @@ -130,6 +191,11 @@ int enc_wolfSSL_get_error(WOLFSSL* ssl, int ret) { if(sgx_is_within_enclave(ssl, wolfSSL_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(NULL, ssl); +#endif + return wolfSSL_get_error(ssl, ret); } @@ -137,6 +203,11 @@ int enc_wolfSSL_read(WOLFSSL* ssl, void* data, int sz) { if(sgx_is_within_enclave(ssl, wolfSSL_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(NULL, ssl); +#endif + return wolfSSL_read(ssl, data, sz); } @@ -144,6 +215,11 @@ void enc_wolfSSL_free(WOLFSSL* ssl) { if(sgx_is_within_enclave(ssl, wolfSSL_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(NULL, ssl); +#endif + wolfSSL_free(ssl); } @@ -151,6 +227,11 @@ void enc_wolfSSL_CTX_free(WOLFSSL_CTX* ctx) { if(sgx_is_within_enclave(ctx, wolfSSL_CTX_GetObjectSize()) != 1) abort(); + +#if defined(WOLFSSL_STATIC_MEMORY) + checkHeapHint(ctx, NULL); +#endif + wolfSSL_CTX_free(ctx); } diff --git a/SGX_Windows/README.md b/SGX_Windows/README.md index 0433d208..472b87f0 100644 --- a/SGX_Windows/README.md +++ b/SGX_Windows/README.md @@ -7,6 +7,13 @@ simple Enclave. First create wolfssl.lib from /IDE/WIN-SGX then copy wolfssl.lib to SGX_example/. Steps for creating wolfssl.lib can be found in the main wolfSSL directory. /IDE/WIN-SGX/ReadMe.txt. +Note that the example passes pointers using [user_check]. For more information +about what [user_check] is, and precautions needed when developing an application +that uses it, see Intel documentation located here +https://software.intel.com/en-us/sgx-sdk-dev-reference-attribute-user-check. An +application could be developed to completely avoid passing the WOLFSSL_CTX +pointer between trusted and untrusted code for more security. + ![location for wolfssl.lib](README-images/wolfssl-lib.PNG) After creating and moving wolfssl.lib add the include path to wolfSSL header