sangfansh/enclave.cpp

## enclave.cpp
int ecall_remove_item(const char* master_password, const int index) {

	//
	// OVERVIEW:
	//	1. check index bounds
	//	2. [ocall] load wallet
	//	3. unseal wallet
	//	4. verify master-password
	//	5. remove item from the wallet
	//	6. seal wallet
	//	7. [ocall] save sealed wallet
	//	8. exit enclave
	//
	//
	sgx_status_t ocall_status, sealing_status;
	int ocall_ret;


	// 1. check index bounds
	if (index < 0 || index >= MAX_ITEMS) {
		return ERR_ITEM_DOES_NOT_EXIST;
	}


	// 2. load wallet
	size_t sealed_size = sizeof(sgx_sealed_data_t) + sizeof(wallet_t);
	uint8_t* sealed_data = (uint8_t*)malloc(sealed_size);
	ocall_status = ocall_load_wallet(&ocall_ret, sealed_data, sealed_size);
	if (ocall_ret != 0 || ocall_status != SGX_SUCCESS) {
		free(sealed_data);
		return ERR_CANNOT_LOAD_WALLET;
	}


	// 3. unseal wallet
	uint32_t plaintext_size = sizeof(wallet_t);
    wallet_t* wallet = (wallet_t*)malloc(plaintext_size);
    sealing_status = unseal_wallet((sgx_sealed_data_t*)sealed_data, wallet, plaintext_size);
    free(sealed_data);
    if (sealing_status != SGX_SUCCESS) {
    	free(wallet);
		return ERR_FAIL_UNSEAL;
    }


	// 4. verify master-password
	if (strcmp(wallet->master_password, master_password) != 0) {
		free(wallet);
		return ERR_WRONG_MASTER_PASSWORD;
	}


	// 5. remove item from the wallet
	size_t wallet_size = wallet->size;
	if (index >= wallet_size) {
		free(wallet);
		return ERR_ITEM_DOES_NOT_EXIST;
	}
	for (int i = index; i < wallet_size-1; ++i) {
		wallet->items[i] = wallet->items[i+1];
	}
	--wallet->size;


	// 6. seal wallet
	sealed_data = (uint8_t*)malloc(sealed_size);
    sealing_status = seal_wallet(wallet, (sgx_sealed_data_t*)sealed_data, sealed_size);
    free(wallet);
    if (sealing_status != SGX_SUCCESS) {
		free(sealed_data);
		return ERR_FAIL_SEAL;
    }


	// 7. save wallet
	ocall_status = ocall_save_wallet(&ocall_ret, sealed_data, sealed_size);
	free(sealed_data);
	if (ocall_ret != 0 || ocall_status != SGX_SUCCESS) {
		return ERR_CANNOT_SAVE_WALLET;
	}


	// 8. exit enclave
	return RET_SUCCESS;
}
	int ecall_remove_item(const char* master_password, const int index) {

	//
	// OVERVIEW:
	// 1. check index bounds
	// 2. [ocall] load wallet
	// 3. unseal wallet
	// 4. verify master-password
	// 5. remove item from the wallet
	// 6. seal wallet
	// 7. [ocall] save sealed wallet
	// 8. exit enclave
	//
	//
	sgx_status_t ocall_status, sealing_status;
	int ocall_ret;



	// 1. check index bounds
	if (index < 0 \|\| index >= MAX_ITEMS) {
	return ERR_ITEM_DOES_NOT_EXIST;
	}


	// 2. load wallet
	size_t sealed_size = sizeof(sgx_sealed_data_t) + sizeof(wallet_t);
	uint8_t* sealed_data = (uint8_t*)malloc(sealed_size);
	ocall_status = ocall_load_wallet(&ocall_ret, sealed_data, sealed_size);
	if (ocall_ret != 0 \|\| ocall_status != SGX_SUCCESS) {
	free(sealed_data);
	return ERR_CANNOT_LOAD_WALLET;
	}


	// 3. unseal wallet
	uint32_t plaintext_size = sizeof(wallet_t);
	wallet_t* wallet = (wallet_t*)malloc(plaintext_size);
	sealing_status = unseal_wallet((sgx_sealed_data_t*)sealed_data, wallet, plaintext_size);
	free(sealed_data);
	if (sealing_status != SGX_SUCCESS) {
	free(wallet);
	return ERR_FAIL_UNSEAL;
	}


	// 4. verify master-password
	if (strcmp(wallet->master_password, master_password) != 0) {
	free(wallet);
	return ERR_WRONG_MASTER_PASSWORD;
	}


	// 5. remove item from the wallet
	size_t wallet_size = wallet->size;
	if (index >= wallet_size) {
	free(wallet);
	return ERR_ITEM_DOES_NOT_EXIST;
	}
	for (int i = index; i < wallet_size-1; ++i) {
	wallet->items[i] = wallet->items[i+1];
	}
	--wallet->size;


	// 6. seal wallet
	sealed_data = (uint8_t*)malloc(sealed_size);
	sealing_status = seal_wallet(wallet, (sgx_sealed_data_t*)sealed_data, sealed_size);
	free(wallet);
	if (sealing_status != SGX_SUCCESS) {
	free(sealed_data);
	return ERR_FAIL_SEAL;
	}


	// 7. save wallet
	ocall_status = ocall_save_wallet(&ocall_ret, sealed_data, sealed_size);
	free(sealed_data);
	if (ocall_ret != 0 \|\| ocall_status != SGX_SUCCESS) {
	return ERR_CANNOT_SAVE_WALLET;
	}


	// 8. exit enclave
	return RET_SUCCESS;
	}