From 907b34fa937eb6e41f25ebff23db88956842c635 Mon Sep 17 00:00:00 2001 From: houmingyong Date: Sat, 27 May 2023 15:29:01 +0800 Subject: [PATCH] some code optimize --- .../remote_attest/ra_report/CMakeLists.txt | 2 -- .../remote_attest/ra_report/gp_ra_report.c | 11 +++---- .../remote_attest/ra_report/gp_ra_report.h | 24 --------------- .../remote_attest/ra_report/sgx_ra_report.c | 10 +++---- .../remote_attest/ra_report/sgx_ra_report.h | 24 --------------- .../remote_attest/ra_verify/CMakeLists.txt | 3 -- .../ra_verify/gp_ra_report_verify.c | 11 +++---- .../ra_verify/gp_ra_report_verify.h | 30 ------------------- .../ra_verify/sgx_ra_report_verify.c | 9 ++---- .../ra_verify/sgx_ra_report_verify.h | 30 ------------------- examples/secure_channel/client/CMakeLists.txt | 6 +++- .../client_with_recv_thread/CMakeLists.txt | 5 +++- .../client_with_recv_thread/client.c | 3 +- 13 files changed, 26 insertions(+), 142 deletions(-) delete mode 100644 component/remote_attest/ra_report/gp_ra_report.h delete mode 100644 component/remote_attest/ra_report/sgx_ra_report.h delete mode 100644 component/remote_attest/ra_verify/gp_ra_report_verify.h delete mode 100644 component/remote_attest/ra_verify/sgx_ra_report_verify.h diff --git a/component/remote_attest/ra_report/CMakeLists.txt b/component/remote_attest/ra_report/CMakeLists.txt index 548e786..2f00dc7 100644 --- a/component/remote_attest/ra_report/CMakeLists.txt +++ b/component/remote_attest/ra_report/CMakeLists.txt @@ -45,5 +45,3 @@ install(TARGETS ${TARGET} LIBRARY DESTINATION ${LIBRARY_INSTALL} PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) - - diff --git a/component/remote_attest/ra_report/gp_ra_report.c b/component/remote_attest/ra_report/gp_ra_report.c index 978127a..4625cd3 100644 --- a/component/remote_attest/ra_report/gp_ra_report.c +++ b/component/remote_attest/ra_report/gp_ra_report.c @@ -9,9 +9,6 @@ * PURPOSE. * See the Mulan PSL v2 for more details. */ - -#include "gp_ra_report.h" - #include #include #include "ra_client_api.h" @@ -171,7 +168,7 @@ static cc_enclave_result_t gp_ra_provision_no_as() return CC_SUCCESS; } -cc_enclave_result_t gp_prepare_ra_env(cc_ra_scenario_t scenario) +static cc_enclave_result_t gp_prepare_ra_env(cc_ra_scenario_t scenario) { cc_enclave_result_t ret = CC_SUCCESS; switch (scenario) { @@ -184,7 +181,7 @@ cc_enclave_result_t gp_prepare_ra_env(cc_ra_scenario_t scenario) return ret; } -cc_enclave_result_t gp_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report) +static cc_enclave_result_t gp_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report) { cc_ra_buf_t *ra_buf_in = NULL; cc_enclave_result_t ret = gen_ra_report_in_buff(in, &ra_buf_in); @@ -203,12 +200,12 @@ cc_enclave_result_t gp_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t * return CC_SUCCESS; } -uni_ree_agent_t g_gp_agent = { +static uni_ree_agent_t g_gp_agent = { .tee_type = CC_TEE_TYPE_GP, .prepare_ra_env = gp_prepare_ra_env, .get_ra_report = gp_get_ra_report, }; -static __attribute__((constructor)) void gp_register_ree_agent() +static __attribute__((constructor)) void gp_register_ree_agent(void) { cc_register_ree_agent(&g_gp_agent); } \ No newline at end of file diff --git a/component/remote_attest/ra_report/gp_ra_report.h b/component/remote_attest/ra_report/gp_ra_report.h deleted file mode 100644 index ed58bb0..0000000 --- a/component/remote_attest/ra_report/gp_ra_report.h +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. - * secGear is licensed under the Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR - * PURPOSE. - * See the Mulan PSL v2 for more details. - */ - -#ifndef SECGEAR_GP_RA_REPORT_H -#define SECGEAR_GP_RA_REPORT_H - -#include "status.h" -#include "sg_report_st.h" - -cc_enclave_result_t gp_prepare_ra_env(cc_ra_scenario_t scenario); - -cc_enclave_result_t gp_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report); - -#endif - diff --git a/component/remote_attest/ra_report/sgx_ra_report.c b/component/remote_attest/ra_report/sgx_ra_report.c index 8d02fc3..6bd0bdc 100644 --- a/component/remote_attest/ra_report/sgx_ra_report.c +++ b/component/remote_attest/ra_report/sgx_ra_report.c @@ -9,17 +9,15 @@ * PURPOSE. * See the Mulan PSL v2 for more details. */ - -#include "sgx_ra_report.h" #include "uni_ree_agent.h" -cc_enclave_result_t sgx_prepare_ra_env(cc_ra_scenario_t scenario) +static cc_enclave_result_t sgx_prepare_ra_env(cc_ra_scenario_t scenario) { (void)scenario; return CC_SUCCESS; } -cc_enclave_result_t sgx_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report) +static cc_enclave_result_t sgx_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report) { (void)in; (void)report; @@ -27,12 +25,12 @@ cc_enclave_result_t sgx_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t return CC_SUCCESS; } -uni_ree_agent_t g_sgx_agent = { +static uni_ree_agent_t g_sgx_agent = { .tee_type = CC_TEE_TYPE_SGX, .prepare_ra_env = sgx_prepare_ra_env, .get_ra_report = sgx_get_ra_report, }; -static __attribute__((constructor)) void sgx_register_ree_agent() +static __attribute__((constructor)) void sgx_register_ree_agent(void) { cc_register_ree_agent(&g_sgx_agent); } \ No newline at end of file diff --git a/component/remote_attest/ra_report/sgx_ra_report.h b/component/remote_attest/ra_report/sgx_ra_report.h deleted file mode 100644 index d9a33cc..0000000 --- a/component/remote_attest/ra_report/sgx_ra_report.h +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. - * secGear is licensed under the Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR - * PURPOSE. - * See the Mulan PSL v2 for more details. - */ - -#ifndef SECGEAR_SGX_RA_REPORT_H -#define SECGEAR_SGX_RA_REPORT_H - -#include "status.h" -#include "sg_report_st.h" - -cc_enclave_result_t sgx_prepare_ra_env(cc_ra_scenario_t scenario); - -cc_enclave_result_t sgx_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report); - -#endif - diff --git a/component/remote_attest/ra_verify/CMakeLists.txt b/component/remote_attest/ra_verify/CMakeLists.txt index 53707b1..54b2eca 100644 --- a/component/remote_attest/ra_verify/CMakeLists.txt +++ b/component/remote_attest/ra_verify/CMakeLists.txt @@ -31,7 +31,6 @@ if(${CMAKE_VERSION} VERSION_LESS "3.13.0") endif() include_directories( - ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_SOURCE_DIR}/.. ${LOCAL_ROOT_PATH}/inc/host_inc @@ -49,5 +48,3 @@ install(TARGETS ${TARGET} LIBRARY DESTINATION ${LIBRARY_INSTALL} PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) - - diff --git a/component/remote_attest/ra_verify/gp_ra_report_verify.c b/component/remote_attest/ra_verify/gp_ra_report_verify.c index 76debb4..f74c2ea 100644 --- a/component/remote_attest/ra_verify/gp_ra_report_verify.c +++ b/component/remote_attest/ra_verify/gp_ra_report_verify.c @@ -9,15 +9,12 @@ * PURPOSE. * See the Mulan PSL v2 for more details. */ - -#include "gp_ra_report_verify.h" - #include "teeverifier.h" #include "enclave_log.h" #include "uni_ra_verify_agent.h" -int convert_cctype_to_gptype(cc_ra_verify_type_t type) +static int convert_cctype_to_gptype(cc_ra_verify_type_t type) { // gp type, 1: compare image hash; 2: compare mem hash; 3: compare image and mem hash if (type == CC_RA_VERIFY_TYPE_LOOSE) { @@ -29,7 +26,7 @@ int convert_cctype_to_gptype(cc_ra_verify_type_t type) } } -cc_enclave_result_t gp_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce, +static cc_enclave_result_t gp_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce, cc_ra_verify_type_t type, char *basevalue) { int gp_type = convert_cctype_to_gptype(type); @@ -52,10 +49,10 @@ cc_enclave_result_t gp_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce, return ret; } -uni_ra_verify_agent_t g_gp_ra_verify_agent = { +static uni_ra_verify_agent_t g_gp_ra_verify_agent = { .verify_ra_report = gp_verify_report, }; -static __attribute__((constructor)) void gp_register_ra_agent() +static __attribute__((constructor)) void gp_register_ra_agent(void) { cc_register_ra_verify_agent(&g_gp_ra_verify_agent); } \ No newline at end of file diff --git a/component/remote_attest/ra_verify/gp_ra_report_verify.h b/component/remote_attest/ra_verify/gp_ra_report_verify.h deleted file mode 100644 index 68a7c38..0000000 --- a/component/remote_attest/ra_verify/gp_ra_report_verify.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. - * secGear is licensed under the Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR - * PURPOSE. - * See the Mulan PSL v2 for more details. - */ - -#ifndef SECGEAR_GP_RA_REPORT_VERIFY_H -#define SECGEAR_GP_RA_REPORT_VERIFY_H - -#include "status.h" -#include "sg_report_st.h" - -#ifdef __cplusplus -extern "C" { -#endif - -cc_enclave_result_t gp_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce, - cc_ra_verify_type_t type, char *basevalue); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/component/remote_attest/ra_verify/sgx_ra_report_verify.c b/component/remote_attest/ra_verify/sgx_ra_report_verify.c index 0e2e81f..e2472a3 100644 --- a/component/remote_attest/ra_verify/sgx_ra_report_verify.c +++ b/component/remote_attest/ra_verify/sgx_ra_report_verify.c @@ -9,12 +9,9 @@ * PURPOSE. * See the Mulan PSL v2 for more details. */ - -#include "sgx_ra_report_verify.h" - #include "uni_ra_verify_agent.h" -cc_enclave_result_t sgx_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce, +static cc_enclave_result_t sgx_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce, cc_ra_verify_type_t type, char *basevalue) { (void)report; @@ -24,10 +21,10 @@ cc_enclave_result_t sgx_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce, return CC_SUCCESS; } -uni_ra_verify_agent_t g_sgx_ra_verify_agent = { +static uni_ra_verify_agent_t g_sgx_ra_verify_agent = { .verify_ra_report = sgx_verify_report, }; -static __attribute__((constructor)) void gp_register_ra_agent() +static __attribute__((constructor)) void gp_register_ra_agent(void) { cc_register_ra_verify_agent(&g_sgx_ra_verify_agent); } \ No newline at end of file diff --git a/component/remote_attest/ra_verify/sgx_ra_report_verify.h b/component/remote_attest/ra_verify/sgx_ra_report_verify.h deleted file mode 100644 index 773f484..0000000 --- a/component/remote_attest/ra_verify/sgx_ra_report_verify.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. - * secGear is licensed under the Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR - * PURPOSE. - * See the Mulan PSL v2 for more details. - */ - -#ifndef SECGEAR_SGX_RA_REPORT_VERIFY_H -#define SECGEAR_SGX_RA_REPORT_VERIFY_H - -#include "status.h" -#include "sg_report_st.h" - -#ifdef __cplusplus -extern "C" { -#endif - -cc_enclave_result_t sgx_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce, - cc_ra_verify_type_t type, char *basevalue); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/examples/secure_channel/client/CMakeLists.txt b/examples/secure_channel/client/CMakeLists.txt index 4c05022..ea8f079 100644 --- a/examples/secure_channel/client/CMakeLists.txt +++ b/examples/secure_channel/client/CMakeLists.txt @@ -15,7 +15,11 @@ target_include_directories(${OUTPUT} PRIVATE if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") target_link_directories(${OUTPUT} PRIVATE /usr/lib64 /usr/local/lib) endif() -target_link_libraries(${OUTPUT} pthread csecure_channel) +if (CC_GP) + set(THIRDPARTY_VERIFY teeverifier) +endif() + +target_link_libraries(${OUTPUT} pthread csecure_channel ${THIRDPARTY_VERIFY}) set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE) diff --git a/examples/secure_channel/client_with_recv_thread/CMakeLists.txt b/examples/secure_channel/client_with_recv_thread/CMakeLists.txt index 63f2c78..1e27d72 100644 --- a/examples/secure_channel/client_with_recv_thread/CMakeLists.txt +++ b/examples/secure_channel/client_with_recv_thread/CMakeLists.txt @@ -15,7 +15,10 @@ target_include_directories(${OUTPUT} PRIVATE if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0") target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) endif() -target_link_libraries(${OUTPUT} pthread csecure_channel) +if (CC_GP) + set(THIRDPARTY_VERIFY teeverifier) +endif() +target_link_libraries(${OUTPUT} pthread csecure_channel ${THIRDPARTY_VERIFY}) set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE) diff --git a/examples/secure_channel/client_with_recv_thread/client.c b/examples/secure_channel/client_with_recv_thread/client.c index 52ebc10..db142bb 100644 --- a/examples/secure_channel/client_with_recv_thread/client.c +++ b/examples/secure_channel/client_with_recv_thread/client.c @@ -10,7 +10,7 @@ #include "secure_channel_client.h" -#define MAXBUF 1024 +#define MAXBUF 12800 cc_sec_chl_ctx_t g_ctx = {0}; void *recv_msg_thread(void *arg) @@ -87,6 +87,7 @@ int main(int argc, char **argv) // step1: 初始化安全通道客户端,注册消息发送函数 g_ctx.conn_kit.send = (void *)socket_write_adpt; g_ctx.conn_kit.conn = &sockfd; + g_ctx.basevalue = "/vendor/bin/basevalue.txt"; // content format:taid image_hash mem_hash // step2: 创建消息接收线程 pthread_t thread; -- 2.33.0