master

分支 (16)

标签 (13)

管理

管理

master

openEuler-22.03-LTS-SP3

openEuler-22.03-LTS-Next

openEuler-23.09

openEuler-22.03-LTS-SP2

openEuler-23.03

openEuler-20.03-LTS-SP3

openEuler-20.03-LTS-SP4

openEuler-22.03-LTS

openEuler-22.03-LTS-SP1

openEuler-20.03-LTS-SP1

openEuler-22.09

openEuler-20.03-LTS-Next

openEuler-21.09

openEuler-20.03-LTS-SP2

openEuler-21.03

openEuler-23.09-rc5

openEuler-22.03-LTS-SP1-release

openEuler-22.09-release

openEuler-22.09-rc5

openEuler-22.09-20220829

openEuler-22.03-LTS-20220331

openEuler-22.03-LTS-round5

openEuler-22.03-LTS-round3

openEuler-22.03-LTS-round2

openEuler-22.03-LTS-round1

openEuler-20.03-LTS-SP3-release

openEuler-20.03-LTS-SP2-20210624

openEuler-21.03-20210330

secGear
/
0063-some-code-optimize.patch

From 907b34fa937eb6e41f25ebff23db88956842c635 Mon Sep 17 00:00:00 2001
From: houmingyong <houmingyong@huawei.com>
Date: Sat, 27 May 2023 15:29:01 +0800
Subject: [PATCH] some code optimize

---
 .../remote_attest/ra_report/CMakeLists.txt    |  2 --
 .../remote_attest/ra_report/gp_ra_report.c    | 11 +++----
 .../remote_attest/ra_report/gp_ra_report.h    | 24 ---------------
 .../remote_attest/ra_report/sgx_ra_report.c   | 10 +++----
 .../remote_attest/ra_report/sgx_ra_report.h   | 24 ---------------
 .../remote_attest/ra_verify/CMakeLists.txt    |  3 --
 .../ra_verify/gp_ra_report_verify.c           | 11 +++----
 .../ra_verify/gp_ra_report_verify.h           | 30 -------------------
 .../ra_verify/sgx_ra_report_verify.c          |  9 ++----
 .../ra_verify/sgx_ra_report_verify.h          | 30 -------------------
 examples/secure_channel/client/CMakeLists.txt |  6 +++-
 .../client_with_recv_thread/CMakeLists.txt    |  5 +++-
 .../client_with_recv_thread/client.c          |  3 +-
 13 files changed, 26 insertions(+), 142 deletions(-)
 delete mode 100644 component/remote_attest/ra_report/gp_ra_report.h
 delete mode 100644 component/remote_attest/ra_report/sgx_ra_report.h
 delete mode 100644 component/remote_attest/ra_verify/gp_ra_report_verify.h
 delete mode 100644 component/remote_attest/ra_verify/sgx_ra_report_verify.h

diff --git a/component/remote_attest/ra_report/CMakeLists.txt b/component/remote_attest/ra_report/CMakeLists.txt
index 548e786..2f00dc7 100644
--- a/component/remote_attest/ra_report/CMakeLists.txt
+++ b/component/remote_attest/ra_report/CMakeLists.txt
@@ -45,5 +45,3 @@ install(TARGETS ${TARGET}
         LIBRARY
         DESTINATION ${LIBRARY_INSTALL}
         PERMISSIONS  OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ  GROUP_EXECUTE WORLD_READ  WORLD_EXECUTE)
-
-
diff --git a/component/remote_attest/ra_report/gp_ra_report.c b/component/remote_attest/ra_report/gp_ra_report.c
index 978127a..4625cd3 100644
--- a/component/remote_attest/ra_report/gp_ra_report.c
+++ b/component/remote_attest/ra_report/gp_ra_report.c
@@ -9,9 +9,6 @@
  * PURPOSE.
  * See the Mulan PSL v2 for more details.
  */
-
-#include "gp_ra_report.h"
-
 #include <stdlib.h>
 #include <string.h>
 #include "ra_client_api.h"
@@ -171,7 +168,7 @@ static cc_enclave_result_t gp_ra_provision_no_as()
     return CC_SUCCESS;
 }

-cc_enclave_result_t gp_prepare_ra_env(cc_ra_scenario_t scenario)
+static cc_enclave_result_t gp_prepare_ra_env(cc_ra_scenario_t scenario)
 {
     cc_enclave_result_t ret = CC_SUCCESS;
     switch (scenario) {
@@ -184,7 +181,7 @@ cc_enclave_result_t gp_prepare_ra_env(cc_ra_scenario_t scenario)
     return ret;
 }

-cc_enclave_result_t gp_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report)
+static cc_enclave_result_t gp_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report)
 {
     cc_ra_buf_t *ra_buf_in = NULL;
     cc_enclave_result_t ret = gen_ra_report_in_buff(in, &ra_buf_in);
@@ -203,12 +200,12 @@ cc_enclave_result_t gp_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *
     return CC_SUCCESS;
 }

-uni_ree_agent_t g_gp_agent = {
+static uni_ree_agent_t g_gp_agent = {
     .tee_type = CC_TEE_TYPE_GP,
     .prepare_ra_env = gp_prepare_ra_env,
     .get_ra_report = gp_get_ra_report,
 };
-static __attribute__((constructor)) void gp_register_ree_agent()
+static __attribute__((constructor)) void gp_register_ree_agent(void)
 {
     cc_register_ree_agent(&g_gp_agent);
 }
\ No newline at end of file
diff --git a/component/remote_attest/ra_report/gp_ra_report.h b/component/remote_attest/ra_report/gp_ra_report.h
deleted file mode 100644
index ed58bb0..0000000
--- a/component/remote_attest/ra_report/gp_ra_report.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved.
- * secGear is licensed under the Mulan PSL v2.
- * You can use this software according to the terms and conditions of the Mulan PSL v2.
- * You may obtain a copy of Mulan PSL v2 at:
- *     http://license.coscl.org.cn/MulanPSL2
- * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
- * PURPOSE.
- * See the Mulan PSL v2 for more details.
- */
-
-#ifndef SECGEAR_GP_RA_REPORT_H
-#define SECGEAR_GP_RA_REPORT_H
-
-#include "status.h"
-#include "sg_report_st.h"
-
-cc_enclave_result_t gp_prepare_ra_env(cc_ra_scenario_t scenario);
-
-cc_enclave_result_t gp_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report);
-
-#endif
-
diff --git a/component/remote_attest/ra_report/sgx_ra_report.c b/component/remote_attest/ra_report/sgx_ra_report.c
index 8d02fc3..6bd0bdc 100644
--- a/component/remote_attest/ra_report/sgx_ra_report.c
+++ b/component/remote_attest/ra_report/sgx_ra_report.c
@@ -9,17 +9,15 @@
  * PURPOSE.
  * See the Mulan PSL v2 for more details.
  */
-
-#include "sgx_ra_report.h"
 #include "uni_ree_agent.h"

-cc_enclave_result_t sgx_prepare_ra_env(cc_ra_scenario_t scenario)
+static cc_enclave_result_t sgx_prepare_ra_env(cc_ra_scenario_t scenario)
 {
     (void)scenario;
     return CC_SUCCESS;
 }

-cc_enclave_result_t sgx_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report)
+static cc_enclave_result_t sgx_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report)
 {
     (void)in;
     (void)report;
@@ -27,12 +25,12 @@ cc_enclave_result_t sgx_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t
     return CC_SUCCESS;
 }

-uni_ree_agent_t g_sgx_agent = {
+static uni_ree_agent_t g_sgx_agent = {
     .tee_type = CC_TEE_TYPE_SGX,
     .prepare_ra_env = sgx_prepare_ra_env,
     .get_ra_report = sgx_get_ra_report,
 };
-static __attribute__((constructor)) void sgx_register_ree_agent()
+static __attribute__((constructor)) void sgx_register_ree_agent(void)
 {
     cc_register_ree_agent(&g_sgx_agent);
 }
\ No newline at end of file
diff --git a/component/remote_attest/ra_report/sgx_ra_report.h b/component/remote_attest/ra_report/sgx_ra_report.h
deleted file mode 100644
index d9a33cc..0000000
--- a/component/remote_attest/ra_report/sgx_ra_report.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved.
- * secGear is licensed under the Mulan PSL v2.
- * You can use this software according to the terms and conditions of the Mulan PSL v2.
- * You may obtain a copy of Mulan PSL v2 at:
- *     http://license.coscl.org.cn/MulanPSL2
- * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
- * PURPOSE.
- * See the Mulan PSL v2 for more details.
- */
-
-#ifndef SECGEAR_SGX_RA_REPORT_H
-#define SECGEAR_SGX_RA_REPORT_H
-
-#include "status.h"
-#include "sg_report_st.h"
-
-cc_enclave_result_t sgx_prepare_ra_env(cc_ra_scenario_t scenario);
-
-cc_enclave_result_t sgx_get_ra_report(cc_get_ra_report_input_t *in, cc_ra_buf_t *report);
-
-#endif
-
diff --git a/component/remote_attest/ra_verify/CMakeLists.txt b/component/remote_attest/ra_verify/CMakeLists.txt
index 53707b1..54b2eca 100644
--- a/component/remote_attest/ra_verify/CMakeLists.txt
+++ b/component/remote_attest/ra_verify/CMakeLists.txt
@@ -31,7 +31,6 @@ if(${CMAKE_VERSION} VERSION_LESS "3.13.0")
 endif()

 include_directories(
-    ${CMAKE_CURRENT_BINARY_DIR}
     ${CMAKE_CURRENT_SOURCE_DIR}
     ${CMAKE_CURRENT_SOURCE_DIR}/..
     ${LOCAL_ROOT_PATH}/inc/host_inc
@@ -49,5 +48,3 @@ install(TARGETS ${TARGET}
         LIBRARY
         DESTINATION ${LIBRARY_INSTALL}
         PERMISSIONS  OWNER_EXECUTE OWNER_WRITE OWNER_READ GROUP_READ  GROUP_EXECUTE WORLD_READ  WORLD_EXECUTE)
-
-
diff --git a/component/remote_attest/ra_verify/gp_ra_report_verify.c b/component/remote_attest/ra_verify/gp_ra_report_verify.c
index 76debb4..f74c2ea 100644
--- a/component/remote_attest/ra_verify/gp_ra_report_verify.c
+++ b/component/remote_attest/ra_verify/gp_ra_report_verify.c
@@ -9,15 +9,12 @@
  * PURPOSE.
  * See the Mulan PSL v2 for more details.
  */
-
-#include "gp_ra_report_verify.h"
-
 #include "teeverifier.h"
 #include "enclave_log.h"

 #include "uni_ra_verify_agent.h"

-int convert_cctype_to_gptype(cc_ra_verify_type_t type)
+static int convert_cctype_to_gptype(cc_ra_verify_type_t type)
 {
     // gp type, 1: compare image hash; 2: compare mem hash; 3: compare image and mem hash
     if (type == CC_RA_VERIFY_TYPE_LOOSE) {
@@ -29,7 +26,7 @@ int convert_cctype_to_gptype(cc_ra_verify_type_t type)
     }
 }

-cc_enclave_result_t gp_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce,
+static cc_enclave_result_t gp_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce,
     cc_ra_verify_type_t type, char *basevalue)
 {
     int gp_type = convert_cctype_to_gptype(type);
@@ -52,10 +49,10 @@ cc_enclave_result_t gp_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce,
     return ret;
 }

-uni_ra_verify_agent_t g_gp_ra_verify_agent = {
+static uni_ra_verify_agent_t g_gp_ra_verify_agent = {
     .verify_ra_report = gp_verify_report,
 };
-static __attribute__((constructor)) void gp_register_ra_agent()
+static __attribute__((constructor)) void gp_register_ra_agent(void)
 {
     cc_register_ra_verify_agent(&g_gp_ra_verify_agent);
 }
\ No newline at end of file
diff --git a/component/remote_attest/ra_verify/gp_ra_report_verify.h b/component/remote_attest/ra_verify/gp_ra_report_verify.h
deleted file mode 100644
index 68a7c38..0000000
--- a/component/remote_attest/ra_verify/gp_ra_report_verify.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved.
- * secGear is licensed under the Mulan PSL v2.
- * You can use this software according to the terms and conditions of the Mulan PSL v2.
- * You may obtain a copy of Mulan PSL v2 at:
- *     http://license.coscl.org.cn/MulanPSL2
- * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
- * PURPOSE.
- * See the Mulan PSL v2 for more details.
- */
-
-#ifndef SECGEAR_GP_RA_REPORT_VERIFY_H
-#define SECGEAR_GP_RA_REPORT_VERIFY_H
-
-#include "status.h"
-#include "sg_report_st.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-cc_enclave_result_t gp_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce,
-    cc_ra_verify_type_t type, char *basevalue);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/component/remote_attest/ra_verify/sgx_ra_report_verify.c b/component/remote_attest/ra_verify/sgx_ra_report_verify.c
index 0e2e81f..e2472a3 100644
--- a/component/remote_attest/ra_verify/sgx_ra_report_verify.c
+++ b/component/remote_attest/ra_verify/sgx_ra_report_verify.c
@@ -9,12 +9,9 @@
  * PURPOSE.
  * See the Mulan PSL v2 for more details.
  */
-
-#include "sgx_ra_report_verify.h"
-
 #include "uni_ra_verify_agent.h"

-cc_enclave_result_t sgx_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce,
+static cc_enclave_result_t sgx_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce,
     cc_ra_verify_type_t type, char *basevalue)
 {
     (void)report;
@@ -24,10 +21,10 @@ cc_enclave_result_t sgx_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce,
     return CC_SUCCESS;
 }

-uni_ra_verify_agent_t g_sgx_ra_verify_agent = {
+static uni_ra_verify_agent_t g_sgx_ra_verify_agent = {
     .verify_ra_report = sgx_verify_report,
 };
-static __attribute__((constructor)) void gp_register_ra_agent()
+static __attribute__((constructor)) void gp_register_ra_agent(void)
 {
     cc_register_ra_verify_agent(&g_sgx_ra_verify_agent);
 }
\ No newline at end of file
diff --git a/component/remote_attest/ra_verify/sgx_ra_report_verify.h b/component/remote_attest/ra_verify/sgx_ra_report_verify.h
deleted file mode 100644
index 773f484..0000000
--- a/component/remote_attest/ra_verify/sgx_ra_report_verify.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved.
- * secGear is licensed under the Mulan PSL v2.
- * You can use this software according to the terms and conditions of the Mulan PSL v2.
- * You may obtain a copy of Mulan PSL v2 at:
- *     http://license.coscl.org.cn/MulanPSL2
- * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
- * PURPOSE.
- * See the Mulan PSL v2 for more details.
- */
-
-#ifndef SECGEAR_SGX_RA_REPORT_VERIFY_H
-#define SECGEAR_SGX_RA_REPORT_VERIFY_H
-
-#include "status.h"
-#include "sg_report_st.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-cc_enclave_result_t sgx_verify_report(cc_ra_buf_t *report, cc_ra_buf_t *nonce,
-    cc_ra_verify_type_t type, char *basevalue);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/examples/secure_channel/client/CMakeLists.txt b/examples/secure_channel/client/CMakeLists.txt
index 4c05022..ea8f079 100644
--- a/examples/secure_channel/client/CMakeLists.txt
+++ b/examples/secure_channel/client/CMakeLists.txt
@@ -15,7 +15,11 @@ target_include_directories(${OUTPUT} PRIVATE
 if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0")
     target_link_directories(${OUTPUT} PRIVATE /usr/lib64 /usr/local/lib)
 endif()
-target_link_libraries(${OUTPUT} pthread csecure_channel)
+if (CC_GP)
+    set(THIRDPARTY_VERIFY teeverifier)
+endif()
+
+target_link_libraries(${OUTPUT} pthread csecure_channel ${THIRDPARTY_VERIFY})

 set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE)

diff --git a/examples/secure_channel/client_with_recv_thread/CMakeLists.txt b/examples/secure_channel/client_with_recv_thread/CMakeLists.txt
index 63f2c78..1e27d72 100644
--- a/examples/secure_channel/client_with_recv_thread/CMakeLists.txt
+++ b/examples/secure_channel/client_with_recv_thread/CMakeLists.txt
@@ -15,7 +15,10 @@ target_include_directories(${OUTPUT} PRIVATE
 if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.13.0")
     target_link_directories(${OUTPUT} PRIVATE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY})
 endif()
-target_link_libraries(${OUTPUT} pthread csecure_channel)
+if (CC_GP)
+    set(THIRDPARTY_VERIFY teeverifier)
+endif()
+target_link_libraries(${OUTPUT} pthread csecure_channel ${THIRDPARTY_VERIFY})

 set_target_properties(${OUTPUT} PROPERTIES SKIP_BUILD_RPATH TRUE)

diff --git a/examples/secure_channel/client_with_recv_thread/client.c b/examples/secure_channel/client_with_recv_thread/client.c
index 52ebc10..db142bb 100644
--- a/examples/secure_channel/client_with_recv_thread/client.c
+++ b/examples/secure_channel/client_with_recv_thread/client.c
@@ -10,7 +10,7 @@
 #include "secure_channel_client.h"


-#define MAXBUF 1024
+#define MAXBUF 12800
 cc_sec_chl_ctx_t g_ctx = {0};

 void *recv_msg_thread(void *arg)
@@ -87,6 +87,7 @@ int main(int argc, char **argv)
     // step1: 初始化安全通道客户端，注册消息发送函数
     g_ctx.conn_kit.send = (void *)socket_write_adpt;
     g_ctx.conn_kit.conn = &sockfd;
+    g_ctx.basevalue = "/vendor/bin/basevalue.txt";  // content format:taid image_hash mem_hash

     // step2: 创建消息接收线程
     pthread_t thread;
--
2.33.0