YPC  0.2.0
sealed_data_provider.h
1 #pragma once
2 #include "eparser_t.h"
3 #include "hpda/extractor/extractor_base.h"
4 #include "ypc/common/limits.h"
5 #include "ypc/core_t/analyzer/data_source.h"
6 #include "ypc/core_t/ecommon/package.h"
7 #include "ypc/corecommon/package.h"
8 #include "ypc/stbox/ebyte.h"
9 #include "ypc/stbox/stx_common.h"
10 #include "ypc/stbox/tsgx/channel/dh_session_initiator.h"
11 #include "ypc/stbox/tsgx/log.h"
12 #include <ff/util/ntobject.h>
13 
14 namespace ypc {
15 template <typename Crypto>
16 class sealed_data_provider : public data_source_with_dhash {
17  typedef Crypto crypto;
18 public:
19  sealed_data_provider(const stbox::bytes &data_hash,
20  const stbox::bytes &private_key)
21  : data_source_with_dhash(data_hash), m_private_key(private_key) {
22  // magic string here, Do Not Change!
23  crypto::hash_256(stbox::bytes("Fidelius"), m_actual_data_hash);
24  m_data_reach_end = false;
25  }
26 
27  virtual ~sealed_data_provider() {}
28 
29  virtual bool process() {
30  if (m_data_reach_end) {
31  return false;
32  }
33  if (m_item_index + 1 < m_items.size()) {
34  m_item_index++;
35  return true;
36  } else {
37  uint8_t *t_sealed_data;
38  uint32_t t_sealed_data_len;
39  auto ret = stbox::ocall_cast<uint32_t>(next_data_batch)(
40  m_expect_data_hash.data(), m_expect_data_hash.size(), &t_sealed_data,
41  &t_sealed_data_len);
42 
43  if (ret != stbox::stx_status::success) {
44  m_data_reach_end = true;
45  return false;
46  }
47  // We need move the sealed data from untrusted memory to trusted memory
48  stbox::bytes sealed_data(t_sealed_data_len);
49  memcpy(sealed_data.data(), t_sealed_data, t_sealed_data_len);
52  stbox::ocall_cast<void>(free_data_batch)(t_sealed_data);
53 
54  // TODO we may optimize this by reusing the shared key
55  stbox::bytes msg;
56  ret = crypto::decrypt_message_with_prefix(
57  m_private_key, sealed_data, msg, ypc::utc::crypto_prefix_arbitrary);
58  if (ret) {
59  LOG(ERROR) << "decrypt_message_with_prefix fail: "
60  << stbox::status_string(ret);
61  m_data_reach_end = true;
62  return false;
63  }
64  typedef nt<stbox::bytes> ntt;
65  try {
66  auto pkg = make_package<ntt::batch_data_pkg_t>::from_bytes(msg);
67  m_items = pkg.get<ntt::batch_data>();
68  if (m_items.size() == 0) {
69  m_data_reach_end = true;
70  return false;
71  }
72 
73  for (auto b : m_items) {
74  stbox::bytes k = m_actual_data_hash + b;
75  crypto::hash_256(k, m_actual_data_hash);
76  }
77 
78  m_item_index = 0;
79  return true;
80  } catch (const std::exception &e) {
81  LOG(ERROR) << "make_package got: " << e.what();
82  m_data_reach_end = true;
83  return false;
84  }
85  return true;
86  }
87  }
88 
89  virtual data_source_output_t output_value() {
90  data_source_output_t ret;
91  ret.set<nt<bytes>::data>(m_items[m_item_index]);
92  return ret;
93  }
94 
95  virtual const bytes &data_hash() const { return m_actual_data_hash; }
96  const bytes &private_key() const { return m_private_key; }
97 
98 protected:
99  bytes m_actual_data_hash;
100  std::vector<stbox::bytes> m_items;
101  size_t m_item_index;
102  bytes m_private_key;
103 };
104 } // namespace ypc
ypc::sealed_data_provider::process
virtual bool process()
Definition: sealed_data_provider.h:29
ypc::data_source_with_dhash
Definition: data_source.h:15
ypc::sealed_data_provider
Definition: sealed_data_provider.h:16
ypc::nt
Definition: nt_cols.h:6
ypc::make_package
Definition: package.h:48
ypc::crypto::crypto_pack
Definition: crypto_pack.h:14
Generated by   doxygen 1.8.17