Key gen

build.sbt

@@ -341,6 +341,7 @@ enclaveBuildTask := {
     ).!
   if (cmakeResult != 0) sys.error("C++ build failed.")
   val nproc = java.lang.Runtime.getRuntime.availableProcessors
+  val mode = sys.env.get("MODE").get
   val buildResult = Process(Seq("make", "-j" + nproc), enclaveBuildDir).!
   if (buildResult != 0) sys.error("C++ build failed.")
   val installResult = Process(Seq("make", "install"), enclaveBuildDir).!

gen_pubkey_header.sh

@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+
+# Copyright (c) Open Enclave SDK contributors.
+# Licensed under the MIT License.
+
+destfile="$1"
+pubkey_file="$2"
+
+cat > "$destfile" << EOF
+// Copyright (c) Open Enclave SDK contributors.
+// Licensed under the MIT License.
+
+EOF
+
+printf 'static const char OTHER_ENCLAVE_PUBLIC_KEY[] =' >> "$destfile"
+while IFS="" read -r p || [ -n "$p" ]
+do
+    # Sometimes openssl can insert carriage returns into the PEM files. Let's remove those!
+    CR=$(printf "\r")
+    p=$(echo "$p" | tr -d "$CR")
+    printf '\n    \"%s\\n\"' "$p" >> "$destfile"
+done < "$pubkey_file"
+printf ';\n' >> "$destfile"
+
+cat >> "$destfile" << EOF
+
+EOF

src/enclave/App/App.cpp

@@ -239,6 +239,88 @@ JNIEXPORT void JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_Fin
   env->ReleaseByteArrayElements(shared_key_msg_input, shared_key_msg_bytes, 0);
 }
 
+/////////////////////////////// Shared Key Gen Begin ////////////////////////////////
+
+JNIEXPORT jbyteArray JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_GetPublicKey(
+  JNIEnv *env, jobject obj, jlong eid) {
+  (void)obj;
+  (void)eid;
+
+  uint8_t* report_msg = NULL;
+  size_t report_msg_size = 0;
+
+  oe_check_and_time("Get enclave public key",
+                     ecall_get_public_key((oe_enclave_t*)eid,
+                                           &report_msg,
+                                           &report_msg_size));
+
+  // Allocate memory
+  jbyteArray report_msg_bytes = env->NewByteArray(report_msg_size);
+  env->SetByteArrayRegion(report_msg_bytes, 0, report_msg_size, reinterpret_cast<jbyte *>(report_msg));
+
+  return report_msg_bytes;
+}
+
+JNIEXPORT jbyteArray JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_GetListEncrypted(
+  JNIEnv *env, jobject obj, jlong eid, jbyteArray shared_key_msg_input) {
+  (void)obj;
+
+  jboolean if_copy = false;
+  jbyte *shared_key_msg_bytes = env->GetByteArrayElements(shared_key_msg_input, &if_copy);
+  uint32_t shared_key_msg_size = static_cast<uint32_t>(env->GetArrayLength(shared_key_msg_input));
+
+  size_t report_msg_size = OE_SHARED_KEY_CIPHERTEXT_SIZE * (shared_key_msg_size / OE_PUBLIC_KEY_SIZE);
+  uint8_t* report_msg = new uint8_t[report_msg_size];
+
+  oe_check_and_time("Get List Encrypted",
+                    ecall_get_list_encrypted((oe_enclave_t*)eid,
+                                             reinterpret_cast<uint8_t *>(shared_key_msg_bytes),
+                                             shared_key_msg_size,
+                                             report_msg,
+                                             report_msg_size));
+
+  // Allocate memory
+  jbyteArray report_msg_bytes = env->NewByteArray(report_msg_size);
+  env->SetByteArrayRegion(report_msg_bytes, 0, report_msg_size, reinterpret_cast<jbyte *>(report_msg));
+
+  env->ReleaseByteArrayElements(shared_key_msg_input, (jbyte *) shared_key_msg_bytes, 0);
+
+  delete[] report_msg;
+
+  return report_msg_bytes;
+}
+
+JNIEXPORT jbyteArray JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_FinishSharedKey(
+  JNIEnv *env, jobject obj, jlong eid, jbyteArray shared_key_msg_input) {
+  (void)obj;
+
+  jboolean if_copy = false;
+
+  jbyte *shared_key_msg_bytes = env->GetByteArrayElements(shared_key_msg_input, &if_copy);
+  uint32_t shared_key_msg_size = static_cast<uint32_t>(env->GetArrayLength(shared_key_msg_input));
+
+  size_t report_msg_size = SGX_AESGCM_KEY_SIZE;
+  uint8_t* report_msg = new uint8_t[report_msg_size];
+
+  oe_check_and_time("Finish attestation",
+                    ecall_finish_shared_key((oe_enclave_t*)eid,
+                                             reinterpret_cast<uint8_t *>(shared_key_msg_bytes),
+                                             shared_key_msg_size,
+                                             report_msg,
+                                             report_msg_size));
+
+  // Allocate memory
+  jbyteArray report_msg_bytes = env->NewByteArray(report_msg_size);
+  env->SetByteArrayRegion(report_msg_bytes, 0, report_msg_size, reinterpret_cast<jbyte *>(report_msg));
+
+  env->ReleaseByteArrayElements(shared_key_msg_input, shared_key_msg_bytes, 0);
+  delete[] report_msg;
+
+  return report_msg_bytes;
+}
+
+/////////////////////////////// Shared Key Gen End ////////////////////////////////
+
 JNIEXPORT void JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_StopEnclave(
     JNIEnv *env, jobject obj, jlong eid) {
   (void)env;
@@ -345,6 +427,39 @@ JNIEXPORT jbyteArray JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEncla
   return ciphertext;
 }
 
+// Added Decryption function
+JNIEXPORT jbyteArray JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_Decrypt(
+    JNIEnv *env, jobject obj, jlong eid, jbyteArray ciphertext) {
+  (void)obj;
+
+  uint32_t clength = (uint32_t)env->GetArrayLength(ciphertext);
+  jboolean if_copy = false;
+  uint8_t *ciphertext_ptr = (uint8_t *)env->GetByteArrayElements(ciphertext, &if_copy);
+
+  uint8_t *plaintext_copy = nullptr;
+  jsize plength = 0;
+
+  if (ciphertext_ptr == nullptr) {
+    ocall_throw("Encrypt: JNI failed to get input byte array.");
+  } else {
+    plength = clength - SGX_AESGCM_IV_SIZE - SGX_AESGCM_MAC_SIZE;
+    plaintext_copy = new uint8_t[clength];
+
+    oe_check("Decrypt", ecall_decrypt((oe_enclave_t *)eid, ciphertext_ptr, clength,
+                                      plaintext_copy, (uint32_t)plength));
+  }
+
+  jbyteArray plaintext = env->NewByteArray(plength);
+  env->SetByteArrayRegion(plaintext, 0, plength, (jbyte *)plaintext_copy);
+
+  env->ReleaseByteArrayElements(ciphertext, (jbyte *)ciphertext_ptr, 0);
+
+  delete[] plaintext_copy;
+
+  return plaintext;
+}
+
+
 JNIEXPORT jbyteArray JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_Sample(
     JNIEnv *env, jobject obj, jlong eid, jbyteArray input_rows) {
   (void)obj;

src/enclave/App/SGXEnclave.h

@@ -80,6 +80,15 @@ Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_GenerateReport(JNIEnv *, j
 JNIEXPORT void JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_FinishAttestation(
     JNIEnv *, jobject, jlong, jbyteArray);
 
+  JNIEXPORT jbyteArray JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_GetPublicKey(
+    JNIEnv *, jobject, jlong);
+
+  JNIEXPORT jbyteArray JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_GetListEncrypted(
+    JNIEnv *, jobject, jlong, jbyteArray);
+
+  JNIEXPORT jbyteArray JNICALL Java_edu_berkeley_cs_rise_opaque_execution_SGXEnclave_FinishSharedKey(
+    JNIEnv *, jobject, jlong, jbyteArray);
+
 #ifdef __cplusplus
 }
 #endif