Skip to content

Commit

Permalink
Implement create_multi_view_store_query API
Browse files Browse the repository at this point in the history
  • Loading branch information
@samdealy
samdealy committed Jun 9, 2022
1 parent 89e59d7 commit 17f56d0
Show file tree
Hide file tree
Showing 10 changed files with 62 additions and 15 deletions.
3 changes: 3 additions & 0 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 4 additions & 3 deletions fog/uri/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,9 +198,10 @@ mod tests {
);
assert!(!uri.use_tls());

let uri =
FogViewLoadBalancerUri::from_str("insecure-fog-view-load-balancer://node1.test.mobilecoin.com:3225/")
.unwrap();
let uri = FogViewLoadBalancerUri::from_str(
"insecure-fog-view-load-balancer://node1.test.mobilecoin.com:3225/",
)
.unwrap();
assert_eq!(uri.addr(), "node1.test.mobilecoin.com:3225");
assert_eq!(
uri.responder_id().unwrap(),
Expand Down
1 change: 1 addition & 0 deletions fog/view/enclave/api/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ mc-attest-core = { path = "../../../../attest/core", default-features = false }
mc-attest-enclave-api = { path = "../../../../attest/enclave-api", default-features = false }
mc-common = { path = "../../../../common", default-features = false }
mc-crypto-keys = { path = "../../../../crypto/keys", default-features = false }
mc-crypto-noise = { path = "../../../../crypto/noise", default-features = false }
mc-sgx-compat = { path = "../../../../sgx/compat", default-features = false }
mc-sgx-report-cache-api = { path = "../../../../sgx/report-cache/api" }
mc-sgx-types = { path = "../../../../sgx/types", default-features = false }
Expand Down
15 changes: 11 additions & 4 deletions fog/view/enclave/api/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,12 +138,11 @@ pub trait ViewEnclaveApi: ReportableEnclave {
/// enclave's ORAM
fn add_records(&self, records: Vec<ETxOutRecord>) -> Result<()>;

/// Transforms a client query request into a list of query requests to be
/// sent to each shard.
/// Transforms a client query request into a list of query request data.
///
/// The returned list is meant to be used to construct the
/// MultiViewStoreQuery.
fn create_multi_view_store_query(
/// MultiViewStoreQuery, which is sent to each shard.
fn create_multi_view_store_query_data(
&self,
client_query: EnclaveMessage<ClientSession>,
) -> Result<Vec<EnclaveMessage<ClientSession>>>;
Expand Down Expand Up @@ -200,6 +199,8 @@ pub enum Error {
Poison,
/// Enclave not initialized
EnclaveNotInitialized,
/// Cipher encryption failed
Cipher,
}

impl From<SgxError> for Error {
Expand Down Expand Up @@ -255,3 +256,9 @@ impl From<AddRecordsError> for Error {
Error::AddRecords(src)
}
}

impl From<mc_crypto_noise::CipherError> for Error {
fn from(_: mc_crypto_noise::CipherError) -> Self {
Error::Cipher
}
}
4 changes: 4 additions & 0 deletions fog/view/enclave/impl/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ license = "GPL-3.0"

[dependencies]
# mobilecoin
mc-attest-ake = { path = "../../../../attest/ake", default-features = false }
mc-attest-core = { path = "../../../../attest/core", default-features = false }
mc-attest-enclave-api = { path = "../../../../attest/enclave-api", default-features = false }
mc-common = { path = "../../../../common", default-features = false }
Expand All @@ -28,5 +29,8 @@ mc-fog-recovery-db-iface = { path = "../../../recovery_db_iface" }
mc-fog-types = { path = "../../../types" }
mc-fog-view-enclave-api = { path = "../api" }

# third-party
aes-gcm = "0.9.4"

[dev-dependencies]
mc-common = { path = "../../../../common", features = ["loggers"] }
27 changes: 24 additions & 3 deletions fog/view/enclave/impl/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,10 @@ extern crate alloc;
mod e_tx_out_store;
use e_tx_out_store::{ETxOutStore, StorageDataSize, StorageMetaSize};

use aes_gcm::Aes256Gcm;
use alloc::vec::Vec;
use core::ops::DerefMut;
use mc_attest_ake::Ready;
use mc_attest_core::{IasNonce, Quote, QuoteNonce, Report, TargetInfo, VerificationReport};
use mc_attest_enclave_api::{ClientAuthRequest, ClientAuthResponse, ClientSession, EnclaveMessage};
use mc_common::logger::{log, Logger};
Expand Down Expand Up @@ -39,6 +42,9 @@ where

/// Logger object
logger: Logger,

/// Encrypts a QueryRequest for each individual Fog View Store.
store_encryptors: Mutex<Vec<Ready<Aes256Gcm>>>,
}

impl<OSC> ViewEnclave<OSC>
Expand All @@ -48,6 +54,7 @@ where
pub fn new(logger: Logger) -> Self {
Self {
e_tx_out_store: Mutex::new(None),
store_encryptors: Mutex::new(Vec::new()),
ake: Default::default(),
logger,
}
Expand Down Expand Up @@ -182,15 +189,29 @@ where
for rec in records {
store.add_record(&rec.search_key, &rec.payload)?;
}

Ok(())
}

/// Takes in a client's query request and returns a list of query requests
/// to be sent off to each Fog View Store shard.
fn create_multi_view_store_query(
fn create_multi_view_store_query_data(
&self,
_client_query: EnclaveMessage<ClientSession>,
client_query: EnclaveMessage<ClientSession>,
) -> Result<Vec<EnclaveMessage<ClientSession>>> {
todo!()
let client_query_bytes = self.ake.client_decrypt(client_query.clone())?;

let mut encryptors = self.store_encryptors.lock()?;
let mut results = Vec::new();
for store_encryptor in encryptors.deref_mut() {
let data = store_encryptor.encrypt(&client_query.aad, &client_query_bytes)?;
results.push(EnclaveMessage {
aad: client_query.clone().aad,
channel_id: client_query.clone().channel_id,
data,
});
}

Ok(results)
}
}
7 changes: 4 additions & 3 deletions fog/view/enclave/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -180,12 +180,13 @@ impl ViewEnclaveApi for SgxViewEnclave {
mc_util_serial::deserialize(&outbuf[..])?
}

fn create_multi_view_store_query(
fn create_multi_view_store_query_data(
&self,
client_query: EnclaveMessage<ClientSession>,
) -> Result<Vec<EnclaveMessage<ClientSession>>> {
let inbuf =
mc_util_serial::serialize(&ViewEnclaveRequest::CreateMultiViewStoreQuery(client_query))?;
let inbuf = mc_util_serial::serialize(&ViewEnclaveRequest::CreateMultiViewStoreQuery(
client_query,
))?;
let outbuf = self.enclave_call(&inbuf)?;
mc_util_serial::deserialize(&outbuf[..])?
}
Expand Down
3 changes: 3 additions & 0 deletions fog/view/enclave/trusted/Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion fog/view/enclave/trusted/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,7 @@ pub fn ecall_dispatcher(inbuf: &[u8]) -> Result<Vec<u8>, sgx_status_t> {
serialize(&ENCLAVE.query(req, untrusted_query_response))
}
ViewEnclaveRequest::AddRecords(records) => serialize(&ENCLAVE.add_records(records)),
ViewEnclaveRequest::CreateMultiViewStoreQuery(client_query) => serialize(&ENCLAVE.create_multi_view_store_query(client_query)),
ViewEnclaveRequest::CreateMultiViewStoreQuery(client_query) => serialize(&ENCLAVE.create_multi_view_store_query_data(client_query)),
}
.or(Err(sgx_status_t::SGX_ERROR_UNEXPECTED))
}
8 changes: 7 additions & 1 deletion fog/view/server/src/fog_view_router_service.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

use futures::{future::try_join_all, FutureExt, SinkExt, TryFutureExt, TryStreamExt};
use grpcio::{DuplexSink, RequestStream, RpcContext, WriteFlags};
use mc_attest_api::attest;
use mc_common::logger::{log, Logger};
use mc_fog_api::{
view::{FogViewRouterRequest, FogViewRouterResponse},
Expand Down Expand Up @@ -95,7 +96,12 @@ async fn handle_request<E: ViewEnclaveProxy>(
}
}
} else if request.has_query() {
log::info!(logger, "Request has query");
let query: attest::Message = request.take_query();
// TODO: In the next PR, use this _shard_query_data to construct a
// MultiViewStoreQuery and send it off to the Fog View Load
// Balancers.
let _multi_view_store_query_data =
enclave.create_multi_view_store_query_data(query.into());
let _result = route_query(shards.clone(), logger.clone()).await;

let response = FogViewRouterResponse::new();
Expand Down

0 comments on commit 17f56d0

Please sign in to comment.