feat(rtc_types::enclave_messages): add ng_set_access_key

Non-generic version of [`set_access_key`], with conversions. This is a workaround for cbindgen not supporting const generics in structs yet, and should be removed once cbindgen implements that. Tracking issue: <mozilla/cbindgen#687>
ntls-io · Jun 11, 2021 · 98c61c0 · 98c61c0
1 parent 0ab12a8
commit 98c61c0
Show file tree

Hide file tree

Showing 6 changed files with 132 additions and 0 deletions.
diff --git a/codegen/auth_enclave/bindings.h b/codegen/auth_enclave/bindings.h
@@ -12,6 +12,10 @@
  */
 #define DATA_UPLOAD_RESPONSE_LEN (16 + (24 + 16))
 
+#define SET_ACCESS_KEY_REQUEST_SIZE 40
+
+#define SET_ACCESS_KEY_RESPONSE_SIZE 1
+
 /**
  * FFI safe result type that can be converted to and from a rust result.
  */

diff --git a/codegen/data_enclave/bindings.h b/codegen/data_enclave/bindings.h
@@ -12,6 +12,10 @@
  */
 #define DATA_UPLOAD_RESPONSE_LEN (16 + (24 + 16))
 
+#define SET_ACCESS_KEY_REQUEST_SIZE 40
+
+#define SET_ACCESS_KEY_RESPONSE_SIZE 1
+
 typedef struct DataUploadResponse {
   uint8_t ciphertext[DATA_UPLOAD_RESPONSE_LEN];
   uint8_t nonce[24];

diff --git a/codegen/exec_enclave/bindings.h b/codegen/exec_enclave/bindings.h
@@ -12,6 +12,10 @@
  */
 #define DATA_UPLOAD_RESPONSE_LEN (16 + (24 + 16))
 
+#define SET_ACCESS_KEY_REQUEST_SIZE 40
+
+#define SET_ACCESS_KEY_RESPONSE_SIZE 1
+
 /**
  * FFI safe result type that can be converted to and from a rust result.
  */

diff --git a/rtc_types/src/enclave_messages/ffi_set_access_key.rs b/rtc_types/src/enclave_messages/ffi_set_access_key.rs
@@ -0,0 +1,118 @@
+//! FIXME: Non-generic version of [`set_access_key`], with conversions.
+//!
+//! This is a workaround for cbindgen not supporting const generics in structs yet,
+//! and should be removed once cbindgen implements that.
+//!
+//! Tracking issue: <https://github.com/eqrion/cbindgen/issues/687>
+//!
+//! These sizes should match the ones computed in `set_access_key`.
+//! (The Rust compiler should report an error if these don't line up:
+//! this can be used to update these if `set_access_key` changes.)
+
+use sgx_types::sgx_aes_gcm_128bit_tag_t;
+
+use super::{set_access_key, RecommendedAesGcmIv};
+
+// Begin FFI types
+// (Keep these FFI type comments in sync between set_access_key and ffi_set_access_key, for diffing!)
+
+// FFI type: REQUEST_SIZE
+pub const SET_ACCESS_KEY_REQUEST_SIZE: usize = 40;
+
+// FFI type: EncryptedRequest
+#[repr(C)]
+pub struct SetAccessKeyEncryptedRequest {
+    pub tag: sgx_aes_gcm_128bit_tag_t,
+    pub ciphertext: [u8; SET_ACCESS_KEY_REQUEST_SIZE],
+    pub aad: [u8; 0],
+    pub nonce: RecommendedAesGcmIv,
+}
+
+// FFI type: RESPONSE_SIZE
+pub const SET_ACCESS_KEY_RESPONSE_SIZE: usize = 1;
+
+// FFI type: EncryptedResponse
+#[derive(Default)]
+#[repr(C)]
+pub struct SetAccessKeyEncryptedResponse {
+    pub tag: sgx_aes_gcm_128bit_tag_t,
+    pub ciphertext: [u8; SET_ACCESS_KEY_RESPONSE_SIZE],
+    pub aad: [u8; 0],
+    pub nonce: RecommendedAesGcmIv,
+}
+
+// End FFI types
+
+// Boilerplate From implementations:
+
+impl From<set_access_key::EncryptedRequest> for SetAccessKeyEncryptedRequest {
+    fn from(
+        set_access_key::EncryptedRequest {
+            tag,
+            ciphertext,
+            aad,
+            nonce,
+        }: set_access_key::EncryptedRequest,
+    ) -> Self {
+        return SetAccessKeyEncryptedRequest {
+            tag,
+            ciphertext,
+            aad,
+            nonce,
+        };
+    }
+}
+
+impl From<SetAccessKeyEncryptedRequest> for set_access_key::EncryptedRequest {
+    fn from(
+        SetAccessKeyEncryptedRequest {
+            tag,
+            ciphertext,
+            aad,
+            nonce,
+        }: SetAccessKeyEncryptedRequest,
+    ) -> Self {
+        return set_access_key::EncryptedRequest {
+            tag,
+            ciphertext,
+            aad,
+            nonce,
+        };
+    }
+}
+
+impl From<set_access_key::EncryptedResponse> for SetAccessKeyEncryptedResponse {
+    fn from(
+        set_access_key::EncryptedResponse {
+            tag,
+            ciphertext,
+            aad,
+            nonce,
+        }: set_access_key::EncryptedResponse,
+    ) -> Self {
+        return SetAccessKeyEncryptedResponse {
+            tag,
+            ciphertext,
+            aad,
+            nonce,
+        };
+    }
+}
+
+impl From<SetAccessKeyEncryptedResponse> for set_access_key::EncryptedResponse {
+    fn from(
+        SetAccessKeyEncryptedResponse {
+            tag,
+            ciphertext,
+            aad,
+            nonce,
+        }: SetAccessKeyEncryptedResponse,
+    ) -> Self {
+        return set_access_key::EncryptedResponse {
+            tag,
+            ciphertext,
+            aad,
+            nonce,
+        };
+    }
+}
diff --git a/rtc_types/src/enclave_messages/mod.rs b/rtc_types/src/enclave_messages/mod.rs
@@ -11,4 +11,5 @@ pub struct EncryptedEnclaveMessage<const MESSAGE_SIZE: usize, const AAD_SIZE: us
     pub nonce: RecommendedAesGcmIv,
 }
 
+pub mod ffi_set_access_key;
 pub mod set_access_key;
diff --git a/rtc_types/src/enclave_messages/set_access_key.rs b/rtc_types/src/enclave_messages/set_access_key.rs
@@ -18,6 +18,7 @@ pub struct Response {
 }
 
 // Begin FFI types
+// (Keep these FFI type comments in sync between set_access_key and ffi_set_access_key, for diffing!)
 
 // FFI type: REQUEST_SIZE
 pub const REQUEST_SIZE: usize = mem::size_of::<ArchivedRequest>();