Giters

kaist-ina / SGX-Tor

Tor anonymity network for SGX

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

client private key is leaked.

jmp0x7c00 opened this issue · comments

commented

hi,sir
I think there is a securty issue here:
in file Enclave/TorSGX/rendservice.c:

  • Create private key for client
if (client->client_key) {
      char *client_key_out = NULL;
      if (crypto_pk_write_private_key_to_string(client->client_key,
                                                &client_key_out, &len) != 0) {
        log_warn(LD_BUG, "Internal error: "
                 "crypto_pk_write_private_key_to_string() failed.");
        goto err;
      }
      if (rend_get_service_id(client->client_key, service_id)<0) {
        log_warn(LD_BUG, "Internal error: couldn't encode service ID.");
        /*
         * len is string length, not buffer length, but last byte is NUL
         * anyway.
         */
        memwipe(client_key_out, 0, len);
        tor_free(client_key_out);
        goto err;
      }
      written = tor_snprintf(buf + written, sizeof(buf) - written,
                             "client-key\n%s", client_key_out); // ===========>1. the private is written into buf
      memwipe(client_key_out, 0, len);
      tor_free(client_key_out);
      if (written < 0) {
        log_warn(LD_BUG, "Could not write client entry.");
        goto err;
      }
    }

    if (sgx_fputs(buf, cfile) < 0) { // ===========>2. buf is passed to  function sgx_fputs
      log_warn(LD_FS, "Could not append client entry to file: %s",
               strerror(errno));
      goto err;
    }

in file Enclave/TorSGX/TorSGX.cpp:

int sgx_fputs(const char *str, sgx_file *f)
{
	if(f == NULL || str == NULL) {
		printf("sgx_fputs: Error! sgx_fputs: wrong arguments (NULL)\n");
		return -1;
	}
	int retv = -1;
	long seek = f->seek;
	long content_len = f->content_len;
	long n = strlen(str);
	long mem_size = f->content_len > n + seek ? f->content_len : n + seek;	
	char *new_cont = (char *)sgx_calloc(1, mem_size); // // ===========>3. calloc memory , HOWEVER, the memory new_cont  points to is UNTRUSTED.  
	if (f->content != NULL) {
		int remain = content_len - seek - n;
		remain = remain > 0 ? remain : 0;
		memcpy(new_cont, f->content, seek); 
		memcpy(new_cont+seek, str, n);	//===========>4. client private key is copied to memory outside Enclave.
		memcpy(new_cont+seek+n, f->content, remain);
		f->content_len = seek+n+remain;	
		f->seek = seek+n;
		sgx_free(f->content);
		f->content = new_cont;
	}
	else {
		memcpy(new_cont, str, n);
		f->content_len = n;
		f->seek = n;
		f->content = new_cont;
	}	
	f->mtime = time(NULL);
	retv = n;
	return retv;
}