sangfansh/enclave.cpp

## enclave.cpp
int ecall_change_master_password(const char* old_password, const char* new_password) {

	//
	// OVERVIEW:
	//	1. check password policy
	//	2. [ocall] load wallet
	// 	3. unseal wallet
	//	4. verify old password
	//	5. update password
	//	6. seal wallet
	// 	7. [ocall] save sealed wallet
	//	8. exit enclave
	//
	//
	sgx_status_t ocall_status, sealing_status;
	int ocall_ret;


	// 1. check passaword policy
	if (strlen(new_password) < 8 || strlen(new_password)+1 > MAX_ITEM_SIZE) {
		return ERR_PASSWORD_OUT_OF_RANGE;
	}


	// 2. load wallet
	size_t sealed_size = sizeof(sgx_sealed_data_t) + sizeof(wallet_t);
	uint8_t* sealed_data = (uint8_t*)malloc(sealed_size);
	ocall_status = ocall_load_wallet(&ocall_ret, sealed_data, sealed_size);
	if (ocall_ret != 0 || ocall_status != SGX_SUCCESS) {
		free(sealed_data);
		return ERR_CANNOT_LOAD_WALLET;
	}


	// 3. unseal wallet
	uint32_t plaintext_size = sizeof(wallet_t);
    wallet_t* wallet = (wallet_t*)malloc(plaintext_size);
    sealing_status = unseal_wallet((sgx_sealed_data_t*)sealed_data, wallet, plaintext_size);
    free(sealed_data);
    if (sealing_status != SGX_SUCCESS) {
    	free(wallet);
		return ERR_FAIL_UNSEAL;
    }


	// 4. verify master-password
	if (strcmp(wallet->master_password, old_password) != 0) {
		free(wallet);
		return ERR_WRONG_MASTER_PASSWORD;
	}


	// 5. update password
	strncpy(wallet->master_password, new_password, strlen(new_password)+1);


	// 6. seal wallet
	sealed_data = (uint8_t*)malloc(sealed_size);
    sealing_status = seal_wallet(wallet, (sgx_sealed_data_t*)sealed_data, sealed_size);
    free(wallet);
    if (sealing_status != SGX_SUCCESS) {
    	free(wallet);
		free(sealed_data);
		return ERR_FAIL_SEAL;
    }


	// 7. save wallet
	ocall_status = ocall_save_wallet(&ocall_ret, sealed_data, sealed_size);
	free(sealed_data);
	if (ocall_ret != 0 || ocall_status != SGX_SUCCESS) {
		return ERR_CANNOT_SAVE_WALLET;
	}


	// 6. exit enclave
	return RET_SUCCESS;
}
	int ecall_change_master_password(const char* old_password, const char* new_password) {

	//
	// OVERVIEW:
	// 1. check password policy
	// 2. [ocall] load wallet
	// 3. unseal wallet
	// 4. verify old password
	// 5. update password
	// 6. seal wallet
	// 7. [ocall] save sealed wallet
	// 8. exit enclave
	//
	//
	sgx_status_t ocall_status, sealing_status;
	int ocall_ret;



	// 1. check passaword policy
	if (strlen(new_password) < 8 \|\| strlen(new_password)+1 > MAX_ITEM_SIZE) {
	return ERR_PASSWORD_OUT_OF_RANGE;
	}


	// 2. load wallet
	size_t sealed_size = sizeof(sgx_sealed_data_t) + sizeof(wallet_t);
	uint8_t* sealed_data = (uint8_t*)malloc(sealed_size);
	ocall_status = ocall_load_wallet(&ocall_ret, sealed_data, sealed_size);
	if (ocall_ret != 0 \|\| ocall_status != SGX_SUCCESS) {
	free(sealed_data);
	return ERR_CANNOT_LOAD_WALLET;
	}


	// 3. unseal wallet
	uint32_t plaintext_size = sizeof(wallet_t);
	wallet_t* wallet = (wallet_t*)malloc(plaintext_size);
	sealing_status = unseal_wallet((sgx_sealed_data_t*)sealed_data, wallet, plaintext_size);
	free(sealed_data);
	if (sealing_status != SGX_SUCCESS) {
	free(wallet);
	return ERR_FAIL_UNSEAL;
	}


	// 4. verify master-password
	if (strcmp(wallet->master_password, old_password) != 0) {
	free(wallet);
	return ERR_WRONG_MASTER_PASSWORD;
	}


	// 5. update password
	strncpy(wallet->master_password, new_password, strlen(new_password)+1);


	// 6. seal wallet
	sealed_data = (uint8_t*)malloc(sealed_size);
	sealing_status = seal_wallet(wallet, (sgx_sealed_data_t*)sealed_data, sealed_size);
	free(wallet);
	if (sealing_status != SGX_SUCCESS) {
	free(wallet);
	free(sealed_data);
	return ERR_FAIL_SEAL;
	}


	// 7. save wallet
	ocall_status = ocall_save_wallet(&ocall_ret, sealed_data, sealed_size);
	free(sealed_data);
	if (ocall_ret != 0 \|\| ocall_status != SGX_SUCCESS) {
	return ERR_CANNOT_SAVE_WALLET;
	}


	// 6. exit enclave
	return RET_SUCCESS;
	}