Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Windows: Implement crypto functions for host on BCrypt #375

Closed
CodeMonkeyLeet opened this issue Jun 27, 2018 · 1 comment · Fixed by #2072
Closed

Windows: Implement crypto functions for host on BCrypt #375

CodeMonkeyLeet opened this issue Jun 27, 2018 · 1 comment · Fixed by #2072
Assignees
@CodeMonkeyLeet
Labels
core Issue is related to the core design of Open Enclave and its default 3rd party libs functionality Issue describes an enhancement or addition of functionality to Open Enclave SDK windows Issue has to do with supporting Open Enclave on Windows
Projects
Windows Support
Milestone
v0.7

Comments

@CodeMonkeyLeet
Copy link
Contributor

CodeMonkeyLeet commented Jun 27, 2018
edited
Loading

The host side implementation of crypto functions (other than hashing) are all not yet implemented. This means that features such as loading unsigned debug enclaves, which test sign during loading, will fail.

This issue includes refactoring existing BCrypt implementations on the host side used by oesign:

  • host/crypto/bcrypt/rsa.c has copied structs and functions from host/crypto/openssl/[rsa.c|keys.[c|h]], so they need to be consolidated.

This also includes enabling the following tests for enclaves on Windows:

  • crypto
  • crypto_crls_cert_chains
  • mbed

This has a dependency on #839 as mbedtls has a dependency on CPUID in enclaves which OE provides through handling the illegal instruction exception.

This is related to the #1003 in terms of the broader crypto API refactor.
@CodeMonkeyLeet CodeMonkeyLeet added the functionality Issue describes an enhancement or addition of functionality to Open Enclave SDK label Jun 27, 2018
@CodeMonkeyLeet CodeMonkeyLeet added this to the Future.Windows milestone Jun 27, 2018
@CodeMonkeyLeet CodeMonkeyLeet added this to Backlog in Public preview via automation Jun 27, 2018
@CodeMonkeyLeet CodeMonkeyLeet mentioned this issue Jun 27, 2018
Open
8 tasks
@CodeMonkeyLeet CodeMonkeyLeet mentioned this issue Oct 5, 2018
Closed
@CodeMonkeyLeet CodeMonkeyLeet added the windows Issue has to do with supporting Open Enclave on Windows label Nov 6, 2018
@CodeMonkeyLeet CodeMonkeyLeet removed this from the Future.Windows milestone Nov 6, 2018
@CodeMonkeyLeet CodeMonkeyLeet removed this from Backlog in Public preview Nov 6, 2018
@CodeMonkeyLeet CodeMonkeyLeet mentioned this issue Nov 7, 2018
Closed
8 tasks
@lilyfang lilyfang added security Issue impacts the security of the Open Enclave SDK core Issue is related to the core design of Open Enclave and its default 3rd party libs labels Nov 10, 2018
@johnkord johnkord added this to the v0.6 milestone Mar 21, 2019
@CodeMonkeyLeet CodeMonkeyLeet moved this from Backlog to Priority Queue in Windows Support Mar 21, 2019
@CodeMonkeyLeet CodeMonkeyLeet removed the security Issue impacts the security of the Open Enclave SDK label Mar 21, 2019
@anitagov
Copy link
Contributor

mbed test has been enabled on Windows (PR #1372 )

@yakman2020 yakman2020 modified the milestones: v0.6, v0.7 Jun 25, 2019
@gupta-ak gupta-ak mentioned this issue Jul 10, 2019
Open
6 tasks
CodeMonkeyLeet pushed a commit that referenced this issue Jul 30, 2019
Implement host crypto functions on BCrypt for Windows
1601341 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enclave tests/crypto_crls_cert_chain on Windows.

Fixes #375
CodeMonkeyLeet pushed a commit that referenced this issue Jul 30, 2019
Implement host crypto functions on BCrypt for Windows
f57f0b7 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enclave tests/crypto_crls_cert_chain on Windows.

Fixes #375
CodeMonkeyLeet pushed a commit that referenced this issue Jul 30, 2019
Implement host crypto functions on BCrypt for Windows
1a1590c 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enclave tests/crypto_crls_cert_chain on Windows.

Fixes #375
CodeMonkeyLeet pushed a commit that referenced this issue Aug 1, 2019
Implement host crypto functions on BCrypt for Windows
723befd 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enclave tests/crypto_crls_cert_chain on Windows.

Fixes #375
CodeMonkeyLeet pushed a commit that referenced this issue Aug 1, 2019
Implement host crypto functions on BCrypt for Windows
5f9b5bc 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enclave tests/crypto_crls_cert_chain on Windows.

Fixes #375
CodeMonkeyLeet pushed a commit that referenced this issue Aug 2, 2019
Implement host crypto functions on BCrypt for Windows
c322975 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enable tests/crypto_crls_cert_chain on Windows.
    - Disable positive tests with extra certs on Windows, revisit this as part of #1593.

Fixes #375
CodeMonkeyLeet pushed a commit that referenced this issue Aug 2, 2019
Implement host crypto functions on BCrypt for Windows
b68f5fe 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enable tests/crypto_crls_cert_chain on Windows.
    - Disable positive tests with extra certs on Windows, revisit this as part of #1593.

Fixes #375
@CodeMonkeyLeet CodeMonkeyLeet mentioned this issue Aug 2, 2019
Merged
CodeMonkeyLeet pushed a commit that referenced this issue Aug 3, 2019
Implement host crypto functions on BCrypt for Windows
43ee6ec 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enable tests/crypto_crls_cert_chain on Windows.
    - Disable positive tests with extra certs on Windows, revisit this as part of #1593.

Fixes #375
CodeMonkeyLeet pushed a commit that referenced this issue Aug 9, 2019
Implement host crypto functions on BCrypt for Windows
d7204a0 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enable tests/crypto_crls_cert_chain on Windows.
    - Disable positive tests with extra certs on Windows, revisit this as part of #1593.

Fixes #375
CodeMonkeyLeet pushed a commit that referenced this issue Aug 14, 2019
Implement host crypto functions on BCrypt for Windows
0dd7c8c 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enable tests/crypto_crls_cert_chain on Windows.
    - Disable positive tests with extra certs on Windows, revisit this as part of #1593.

Fixes #375
oe-bors bot pushed a commit that referenced this issue Aug 14, 2019
@oeciteam
Merge #2072
f3c1009 
2072: Implement host crypto functions on BCrypt for Windows r=CodeMonkeyLeet a=CodeMonkeyLeet

This change set brings Windows `host/crypto/bcrypt` implementations up to parity with the `openssl` equivalents for Linux and includes the following:

- Implement missing cert.c, crl.c, ec.c functions.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, CRL, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enable tests/crypto_crls_cert_chain on Windows.
    - Disable positive tests with extra certs on Windows, revisit this as part of #1593.

Fixes #375

Co-authored-by: Simon Leet <simon.leet@microsoft.com>
CodeMonkeyLeet pushed a commit that referenced this issue Aug 14, 2019
Implement host crypto functions on BCrypt for Windows
d95cc38 
- Implement host/crypto/bcrypt parity with openssl for Windows.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, crl, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enable tests/crypto_crls_cert_chain on Windows.
    - Disable positive tests with extra certs on Windows, revisit this as part of #1593.

Fixes #375
oe-bors bot pushed a commit that referenced this issue Aug 14, 2019
@oeciteam
Merge #2072
ef927c4 
2072: Implement host crypto functions on BCrypt for Windows r=CodeMonkeyLeet a=CodeMonkeyLeet

This change set brings Windows `host/crypto/bcrypt` implementations up to parity with the `openssl` equivalents for Linux and includes the following:

- Implement missing cert.c, crl.c, ec.c functions.
- Refactor rsa.c to share code with new ec.c via key.c.
- Add PEM encoding functions for Windows crypto implementation.
    - Standardize constant names in internal/pem.h include header.
- Change common/cert.c to only provide `oe_get_crl_distribution_points()` impl on OpenSSL/mbedTLS Linux builds.
    - host/crypto/bcrypt/cert.c provides the Windows impl.
- Enable tests/crypto cert, CRL, EC and RSA tests on Windows.
    - ASN tests are not enabled or supported on Windows.
- Enable tests/crypto_crls_cert_chain on Windows.
    - Disable positive tests with extra certs on Windows, revisit this as part of #1593.

Fixes #375

Co-authored-by: Simon Leet <simon.leet@microsoft.com>
@oe-bors oe-bors bot closed this as completed in #2072 Aug 14, 2019
Windows Support automation moved this from In Progress Issues to Done Aug 14, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@CodeMonkeyLeet CodeMonkeyLeet

Labels
core Issue is related to the core design of Open Enclave and its default 3rd party libs functionality Issue describes an enhancement or addition of functionality to Open Enclave SDK windows Issue has to do with supporting Open Enclave on Windows
Projects
No open projects
Windows Support
  
Done
Milestone
v0.7
Development

Successfully merging a pull request may close this issue.

Implement host crypto functions on BCrypt for Windows openenclave/openenclave
5 participants
@lilyfang @yakman2020 @johnkord @anitagov @CodeMonkeyLeet