Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[security]user_key is leaked in enclave code #3

Open
jmp0x7c00 opened this issue Mar 20, 2022 · 0 comments
Open

[security]user_key is leaked in enclave code #3

jmp0x7c00 opened this issue Mar 20, 2022 · 0 comments

Comments

@jmp0x7c00
Copy link

jmp0x7c00 commented Mar 20, 2022

hi,sir
in file Enclave/Enclave.cpp:

sgx_status_t enclave_get_user_key(unsigned char *enc_user_key, size_t enc_user_key_len,
				  unsigned char *iv, size_t iv_len, sgx_aes_gcm_128bit_tag_t *tag)
{
  sgx_status_t ctx;
  sgx_ra_key_128_t k;
  
  sgx_status_t get_keys_ret = sgx_ra_get_keys(ctx, SGX_RA_KEY_SK, &k);
  if ( get_keys_ret != SGX_SUCCESS ) return get_keys_ret;
  
  unsigned char *user_key = (unsigned char*)malloc(16);
  sgx_status_t ret;
  
  //decrypt user's key that was used for encrypting source & data.
  ret = sgx_rijndael128GCM_decrypt(&k, enc_user_key, enc_user_key_len, user_key, iv, 12, NULL, 0, tag);
  
  print_hexstring(enc_user_key,16);
  print_hexstring(iv,12);
  print_hexstring((unsigned char*)tag,16);
  print_hexstring(user_key,16); // ==========================>decrypted user_key is leaked by invoking ocall
  
  //for security reason
  memset(user_key, 0x00, 16);
  free(user_key);
  
  return ret;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant