inclavare-containers / rats-tls Goto Github PK

View Code? Open in Web Editor NEW

26.0 3.0 32.0 2.68 MB

RATS architecture based TLS using librats

CMake 13.12% Makefile 0.16% C 81.89% Rust 0.97% C++ 3.87%

rats-tls's Introduction

Building

Build Requirements

git
make
autoconf
libtool
gcc
g++
openssl-devel / libssl-dev (only needed in host/tdx mode)
libcbor-devel / libcbor-dev (only needed in host/tdx mode)
cargo (only needed in host mode)
SGX driver, Intel SGX SDK & PSW: Please refer to this guide to install.
- Requires Intel SGX SDK and PSW version >= 2.18
SGX DCAP: please download and install the packages from this page.
- ubuntu 18.04: libsgx-dcap-quote-verify-dev, libsgx-dcap-ql-dev, libsgx-uae-service
- Requires Intel DCAP version >= 1.15
For TDX support, please refer to linux-sgx README to build the packages.

Build and Install

Please follow the command to build RATS TLS from the latested source code on your system.

Download the latest source code of RATS TLS

mkdir -p "$WORKSPACE"
cd "$WORKSPACE"
git clone https://github.com/inclavare-containers/rats-tls

Build and install RATS TLS

cd rats-tls
cmake -DBUILD_SAMPLES=on -H. -Bbuild
make -C build install

{rats-tls-server,rats-tls-client} will be installed to /usr/share/rats-tls/samples/{rats-tls-server,rats-tls-client} on your system. All instances are placed in /usr/local/lib/rats-tls.

If you want to build instances related to sgx(sgx_ecdsa, sgx_ecdsa_qve, sgx_la), please type the following command.

cmake -DRATS_TLS_BUILD_MODE="sgx" -DBUILD_SAMPLES=on -H. -Bbuild
make -C build install

If you want to run instances on libos occlum, please type the following command.

cmake -DRATS_TLS_BUILD_MODE="occlum" -DBUILD_SAMPLES=on -H. -Bbuild
make -C build install

If you want to run TDX instances, please type the following command.

cmake -DRATS_TLS_BUILD_MODE="tdx" -DBUILD_SAMPLES=on -H. -Bbuild
make -C build install

Note that SGX LVI mitigation is enabled by default. You can set macro SGX_LVI_MITIGATION to 0 to disable SGX LVI mitigation.

RUN

Right now, RATS TLS supports the following instance types:

Priority	Tls Wrapper instances	Attester instances	Verifier instances	Crypto Wrapper Instance
0	nulltls	nullattester	nullverifier	nullcrypto
15	openssl	sgx_la	sgx_la	openssl
20	openssl	csv	csv	openssl
35	openssl	sev	sev	openssl
42	openssl	sev_snp	sev_snp	openssl
42	openssl	tdx_ecdsa	tdx_ecdsa	openssl
52	openssl	sgx_ecdsa	sgx_ecdsa	openssl
53	openssl	sgx_ecdsa	sgx_ecdsa_qve	openssl

For instance priority, the higher, the stronger. By default, RATS TLS will select the highest priority instance to use.

Run RATS TLS server

cd /usr/share/rats-tls/samples
./rats-tls-server

By default, the listening port is 1234. -p option can be used to specify the listening port.

Run RATS TLS client

cd /usr/share/rats-tls/samples
./rats-tls-client

Notice: special prerequisites for TDX remote attestation in bios configuration and hardware capability.

Check msr 0x503, return value must be 0:

sudo rdmsr 0x503s

Note that if you want to run SEV-SNP remote attestation, please refer to link to set up the host and guest Linux kernel, qemu and ovmf bios used for launching SEV-SNP guest.

Notice: special prerequisites for SEV(-ES) remote attestation in software capability.

Kernel support SEV(-ES) runtime attestation, please manually apply these patches.
Start the attestation evidence broker service in host.

Notice: special prerequisites for CSV(2) remote attestation in software capability.

Kernel support CSV(2) runtime attestation, please manually apply these patches 1 and 2.

Specify the instance type

The options of rats-tls-server are as followed:

OPTIONS:
   --attester/-a value   set the type of quote attester
   --verifier/-v value   set the type of quote verifier
   --tls/-t value        set the type of tls wrapper
   --crypto/-c value     set the type of crypto wrapper
   --mutual/-m           set to enable mutual attestation
   --log-level/-l        set the log level
   --ip/-i               set the listening ip address
   --port/-p             set the listening tcp port
   --product-enclave/-P  set to enable product enclave
   --verdictd/-E         set to connect verdictd based on EAA protocol

You can set command line parameters to specify different configurations.

For example:

./rats-tls-server --tls openssl
./rats-tls-server --attester sgx_ecdsa
./rats-tls-server --attester sgx_ecdsa_qve
./rats-tls-server --attester sgx_la
./rats-tls-server --attester tdx_ecdsa
./rats-tls-server --crypto openssl

RATS TLS's log level can be set through -l option with 6 levels: off, fatal, error, warn, info, and debug. The default level is error. The most verbose level is debug.

For example:

./rats-tls-server -l debug

RATS TLS server binds 127.0.0.1:1234 by default. You can use -i and -p options to set custom configuration.

./rats-tls-server -i [ip_addr] -p [port]

Mutual attestation

You can use -m option to enable mutual attestation.

./rats-tls-server -m
./rats-tls-client -m

Enable bootstrap debugging

In the early bootstrap of rats-tls, the debug message is mute by default. In order to enable it, please explicitly set the environment variable RATS_TLS_GLOBAL_LOG_LEVEL=<log_level>, where <log_level> is same as the values of the option -l.

Deployment

Occlum LibOS

Please refer to this guide to run Rats Tls with Occlum and rune.

Non-SGX Enviroment

In non-sgx enviroment, it's possible to show the error messages as below when running the command ./rats-tls-client --attester sgx_ecdsa. According to Intel DCAP's implementation, when calling to sgx_qv_get_quote_supplemental_data_size(), if the libsgx_urts library is present, it will try to load QvE firstly. If failed, the verification will be launched by QVL. So the error info can be ignored and have no impact on the final attestation result.

[load_qve ../sgx_dcap_quoteverify.cpp:209] Error, call sgx_create_enclave for QvE fail [load_qve], SGXError:2006.
[sgx_qv_get_quote_supplemental_data_size ../sgx_dcap_quoteverify.cpp:527] Error, failed to load QvE.

Third Party Dependencies

Direct Dependencies

Name	Repo URL	Licenses
openssl	https://github.com/openssl/openssl	Apache
linux-sgx	https://github.com/intel/linux-sgx	BSD-3-clause
SGXDataCenterAttestationPrimitives	https://github.com/intel/SGXDataCenterAttestationPrimitives	BSD-3-clause
GNU C library	C library	GNU General Public License version 3

rats-tls's People

Contributors

Stargazers

Watchers

rats-tls's Issues

add rats-tls occlum test

failed to negotiate on ubuntu 20.04

When I run rats-tls nullattester and nullverifier instance on ubuntu 20.04 environment,
I have met the following error information.

Mon Mar  7 16:53:51 CST 2022: [DEBUG] nullverifier_init()@L14: ctx 0x55e59587c9f0, algo 1
[INFO] the enclave verifier 'nullverifier' selected
Mon Mar  7 16:53:51 CST 2022: [DEBUG] rtls_tls_wrapper_select()@L28: selecting the tls wrapper '(null)' ...
Mon Mar  7 16:53:51 CST 2022: [DEBUG] openssl_tls_init()@L14: ctx 0x55e59587ca60
[INFO] the tls wrapper 'openssl' selected
Mon Mar  7 16:53:51 CST 2022: [DEBUG] rats_tls_init()@L106: the handle 0x55e59587c890 returned
Mon Mar  7 16:53:51 CST 2022: [DEBUG] rats_tls_set_verification_callback()@L12: set user verification callback handle: 0x7ffc84bd4420, cb (nil)
Mon Mar  7 16:53:51 CST 2022: [DEBUG] rats_tls_negotiate()@L15: handle 0x55e59587c890, fd 3
Mon Mar  7 16:53:51 CST 2022: [DEBUG] openssl_tls_negotiate()@L110: ctx 0x55e59587ca60, fd 3
Mon Mar  7 16:53:51 CST 2022: [DEBUG] openssl_internal_negotiate()@L82: failed to connect 0xffffffff
Mon Mar  7 16:53:51 CST 2022: [DEBUG] print_openssl_err()@L44: Error 14161044: error:14161044:SSL routines:state_machine:internal error
[ERROR] Failed to negotiate 0x907fffff
Mon Mar  7 16:53:51 CST 2022: [DEBUG] rats_tls_cleanup()@L20: handle 0x55e59587c890
Mon Mar  7 16:53:51 CST 2022: [DEBUG] openssl_tls_cleanup()@L13: ctx 0x55e59587ca60
Mon Mar  7 16:53:51 CST 2022: [DEBUG] nullattester_cleanup()@L12: called

After analyze, I found the error is caused because of this commit.
After I revert this commit, rats-tls works fine.

add commit info to banner of components

Sometimes we need a quick way to know which version of rats-tls is running.

Enable QAT engine as crypto accelerator in openssl for host build

provide sdk and developer guide

Currently, the enclave-tls sdk cannot provide the support for the development for external sgx application or instance. In addition, developer guide and sample code should be provided as well.

rats-tls fails to test mutal sgx-la

random-port1 24783
- Welcome to RATS-TLS sample server program for Intel SGX
[INFO] load_enclave()@l47: Success to load enclave with enclave id 2
Error: librats_tls_init()@l66: failed to initialize rtls instance: sgx_ecdsa
- Welcome to RATS-TLS sample client program for Intel SGX
[INFO] load_enclave()@l49: Success to load enclave with enclave id 2
Error: ecall_rtls_client_startup()@l176: failed to call connect() 0 -1
Error: rats_tls_client_startup()@L77: failed to startup client: sgx status 0 return 0xffffffff
Error: Process completed with exit code 255.

allow to explictiy set cipher list from client side

provide sdk and developer guide

allow nullcrypto to work with other tls instances except nulltls

unify ASN.1 parser

in host mode, it should not depend on SGX libraries when building

divide deb package into sub-packages

tdx: uprev to the formal release

Currently, tdx instances are based on tdx attestation beta release. The formal release should be followed in future.

add to get and transmit evidence nonce function

sgx-ecdsa verifier supports tdx quote

support to specify user-defined certificate

Currently, even a server doesn't run in a TEE, by default it also generates a random key pair and certificate. Actually this is not the most use case.

The most use case is to allow to specify user-defined certificate, e.g, a client running in TEE connects to a public web server which doesn't run in a TEE. The commandline option could be --cert.

If current runtime environment is HW-TEE, --cert option will be rejected by default, because it will downgrade the security level. If another new option --insecure is specified, then it is allowed to use a user-defined certificate in HW-TEE.

design verification callback only mode

add td-event log function in attestation and verifier

lack of the auto-selection mechanism in sgx mode

./rats-tls-server -a sgx_ecdsa

Welcome to Rats-TLS sample server program for Intel SGX
[INFO] load_enclave()@l47: Success to load enclave with enclave id 2
[INFO] rtls_crypto_wrapper_select()@l67: the crypto wrapper 'nullcrypto' selected
[INFO] rtls_attester_select()@L74: the enclave attester 'sgx_ecdsa' selected
[INFO] rtls_verifier_select()@L73: the enclave verifier 'nullverifier' selected
[INFO] rtls_tls_wrapper_select()@l68: the tls wrapper 'nulltls' selected
It looks like all instances have to be explicitly specified. Otherwise, null instances are auto selected.

make rpm package will failed because CICD container lack of header file openssl/opensslv.h

specify whether to use the ras or ecc algorithm

How do users specify whether to use the ras or ecc algorithm?
Please add relevant information to the readme.

Now it is the default setting defined in code
typedef enum {
ENCLAVE_TLS_CERT_ALGO_RSA_3072_SHA256,
ENCLAVE_TLS_CERT_ALGO_ECC_256_SHA256,
ENCLAVE_TLS_CERT_ALGO_MAX,
ENCLAVE_TLS_CERT_ALGO_DEFAULT = ENCLAVE_TLS_CERT_ALGO_ECC_256_SHA256
} enclave_tls_cert_algo_t;
can be configured through configure file in future

Sound good. Please open an issue to address this issue.

add CI/CD for TDX attestation

gRPC with rats-tls for secure connections between two enclaves

support CSV attester and verifier instances

Add the basic compilation test with github action

fix build warning in sgx mode

In file included from /root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/cleanup.c:9:0:
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h: In function 'print_openssl_err':
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h:36:43: warning: unused parameter 'ssl' [-Wunused-parameter]
static inline void print_openssl_err(SSL *ssl, int ret)
^~~
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h:36:52: warning: unused parameter 'ret' [-Wunused-parameter]
static inline void print_openssl_err(SSL *ssl, int ret)
^~~
[ 56%] Building C object src/tls_wrappers/openssl/CMakeFiles/tls_wrapper_openssl.dir/init.c.o
In file included from /root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/init.c:10:0:
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h: In function 'print_openssl_err':
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h:36:43: warning: unused parameter 'ssl' [-Wunused-parameter]
static inline void print_openssl_err(SSL *ssl, int ret)
^~~
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h:36:52: warning: unused parameter 'ret' [-Wunused-parameter]
static inline void print_openssl_err(SSL *ssl, int ret)
^~~
[ 56%] Building C object src/tls_wrappers/openssl/CMakeFiles/tls_wrapper_openssl.dir/main.c.o
[ 57%] Building C object src/tls_wrappers/openssl/CMakeFiles/tls_wrapper_openssl.dir/negotiate.c.o
In file included from /root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/negotiate.c:12:0:
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h: In function 'print_openssl_err':
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h:36:43: warning: unused parameter 'ssl' [-Wunused-parameter]
static inline void print_openssl_err(SSL *ssl, int ret)
^~~
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h:36:52: warning: unused parameter 'ret' [-Wunused-parameter]
static inline void print_openssl_err(SSL *ssl, int ret)
^~~
[ 58%] Building C object src/tls_wrappers/openssl/CMakeFiles/tls_wrapper_openssl.dir/un_negotiate.c.o
In file included from /root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/un_negotiate.c:18:0:
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h: In function 'print_openssl_err':
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h:36:43: warning: unused parameter 'ssl' [-Wunused-parameter]
static inline void print_openssl_err(SSL *ssl, int ret)
^~~
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/openssl.h:36:52: warning: unused parameter 'ret' [-Wunused-parameter]
static inline void print_openssl_err(SSL *ssl, int ret)
^~~
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/un_negotiate.c: In function 'verify_certificate':
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/un_negotiate.c:387:21: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
ev.sgx.mr_enclave = (char *)quote3->report_body.mr_enclave.m;
^
/root/inclavare-containers-/rats-tls/src/tls_wrappers/openssl/un_negotiate.c:391:21: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
ev.sgx.attributes = (char *)&(quote3->report_body.attributes);
^

Fix readme and all docs to reflect the corrent project path

Because this project is out of ic primary repo.

verifiers/sev-snp: build warning in al2 dev image

/root/rats-tls/src/verifiers/sev-snp/crypto.c: In function 'ecdsa_verify':
/root/rats-tls/src/verifiers/sev-snp/crypto.c:77:6: warning: implicit declaration of function 'BN_lebin2bn'; did you mean 'BN_bin2bn'? [-Wimplicit-function-declaration]
   77 |  r = BN_lebin2bn(sig->ecdsa.r, sizeof(sig->ecdsa.r), NULL);
      |      ^~~~~~~~~~~
      |      BN_bin2bn
/root/rats-tls/src/verifiers/sev-snp/crypto.c:77:4: warning: assignment to 'BIGNUM *' {aka 'struct bignum_st *'} from 'int' makes pointer from integer without a cast [-Wint-conversion]
   77 |  r = BN_lebin2bn(sig->ecdsa.r, sizeof(sig->ecdsa.r), NULL);
      |    ^
/root/rats-tls/src/verifiers/sev-snp/crypto.c:78:4: warning: assignment to 'BIGNUM *' {aka 'struct bignum_st *'} from 'int' makes pointer from integer without a cast [-Wint-conversion]
   78 |  s = BN_lebin2bn(sig->ecdsa.s, sizeof(sig->ecdsa.s), NULL);
      |    ^
/root/rats-tls/src/verifiers/sev-snp/crypto.c:87:6: warning: implicit declaration of function 'ECDSA_SIG_set0'; did you mean 'ECDSA_SIG_new'? [-Wimplicit-function-declaration]
   87 |  if (ECDSA_SIG_set0(ecdsa_sig, r, s) != 1) {
      |      ^~~~~~~~~~~~~~
      |      ECDSA_SIG_new

the verify_ceritificate will be called twice.

Have no clue to the issue.

rats-tls: automatically build libverifier_sgx_ecdsa*.so in host mode according to user's build environment.

rats-tls: add td-event log function in attestation and verifier

compiling modularity

Each instance code can be compiled conditionally.

openssl: defer the generation of tls certificate in server side

In current implementation, the tls certificate in server side is always generated and its pubkey algorithm is also decided by self in advance. If the client side is not kept up-to-date to support the selected pubkey algorithm used in tls certificate, the negotiation will fail.

Please refer to the use of SSL_CTX_set_alpn_select_cb() and other functions documented in https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_alpn_select_cb.html to infer the implementation satisfying this requirement.

auto-detect compiling environment for default mode and specify mode with build summary ouput

For default built mode: user can build all default instances successfully under auto-detect compiling with build summary output;
For specify build mode: user can specify the build mode under auto-detect compiling summary ourput;

out-of-tree attester/verifier instances support

how to support trusted communication between SGX node and CSV node

Add the labels for issue

Refer to https://github.com/inclavare-containers/inclavare-containers/labels

The following labels are necessary for rats-tls:
blocked, bug, dependencies, discussion, documentation, duplicated, enhancement, epic, gating, high, invalid, medium, low, wontfix, workaround.

Need to specify the vendor prerequisite for tdx and sev/csr

For example:
In readme file:
If you need to run tdx attester, you need to make sure your physical CPU is intel.

calc_pubkey_hash()@L95: Unable to get ec key

Steps to reproduce （In Alibaba Cloud Linux 2 system with openssl 1.0）

# 1. start rats-tls-server in host mode
./rats-tls-server -a nullattester -v sgx_ecdsa -t openssl -c openssl -i 0.0.0.0 -l debug

# 2. start rats-tls-client in sgx mode
./rats-tls-client -a sgx_ecdsa -v nullverifier -t openssl -c openssl -i IP -l debug

The error is:

[ERROR] calc_pubkey_hash()@L95: Unable to get ec key
[DEBUG] openssl_internal_negotiate()@L82: failed to connect 0xffffffff
[DEBUG] print_openssl_err()@L44: Error 608308e: error:0608308E:digital envelope routines:EVP_PKEY_get0_EC_KEY:expecting a ec key
[DEBUG] print_openssl_err()@L44: Error 1416f086: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

abstract librats

X509_V_ERR_CERT_NOT_YET_VALID error occurs on certificate verification

If two peers have different time, the certificate verification will fail.

./rats-tls-server -a nullattester -v nullverifier -i 0.0.0.0 -p 1236 -l debug -m

./rats-tls-client --attester nullverifier --verifier nullverifier --mutual -i 101.133.216.190 -p 1236 -m -l debug

Server will report this failure if its time is slower than client:

support babassl enclavazation

install different dir according to build mode in cmake

rats-tls: tdx build mode should be included in host build mode.

rats-tls/tdx: use the formal td quote definition

conditionally build libverifier_sgx_ecdsa.so in host mode

If the build environment doesn't install SGX SDK, the build will fail due to libverifier_sgx_ecdsa.so. But it is able to make cmake smarter to conditionally build libverifier_sgx_ecdsa.so. It is better to print a warning about skipping building libverifier_sgx_ecdsa.so if SGX SDK is not installed.