From fd65b0234fd474e50df6642a3d5136f3173681c2 Mon Sep 17 00:00:00 2001 From: Guilhem Bryant Date: Fri, 12 Aug 2022 10:38:06 +0100 Subject: [PATCH 1/2] Add debug feature to session-manager --- runtime-manager/Cargo.toml | 3 +++ session-manager/Cargo.toml | 1 + 2 files changed, 4 insertions(+) diff --git a/runtime-manager/Cargo.toml b/runtime-manager/Cargo.toml index 19aa841ba..624e6b74f 100644 --- a/runtime-manager/Cargo.toml +++ b/runtime-manager/Cargo.toml @@ -15,6 +15,9 @@ name = "runtime_manager_enclave" path = "src/main.rs" [features] +debug = [ + "session-manager/debug", +] default = [] icecap = [ "bincode", diff --git a/session-manager/Cargo.toml b/session-manager/Cargo.toml index 4626205d1..47061cc8c 100644 --- a/session-manager/Cargo.toml +++ b/session-manager/Cargo.toml @@ -6,6 +6,7 @@ name = "session-manager" version = "0.3.0" [features] +debug = [] icecap = [ "policy-utils/icecap", ] From 0598d789d72ae40af1c82860c06ad07a9b2ca908 Mon Sep 17 00:00:00 2001 From: Guilhem Bryant Date: Fri, 12 Aug 2022 10:38:22 +0100 Subject: [PATCH 2/2] Configure Mbed TLS debug callback --- session-manager/src/session_context.rs | 12 ++++++++++++ veracruz-client/src/veracruz_client.rs | 7 +++++++ 2 files changed, 19 insertions(+) diff --git a/session-manager/src/session_context.rs b/session-manager/src/session_context.rs index b5f8d4307..6820a979b 100644 --- a/session-manager/src/session_context.rs +++ b/session-manager/src/session_context.rs @@ -25,6 +25,8 @@ use mbedtls::{ }; use platform_services::getrandom; use policy_utils::policy::Policy; +#[cfg(feature = "debug")] +use std::borrow::Cow; use std::{string::String, sync::Arc, vec::Vec}; //////////////////////////////////////////////////////////////////////////////// @@ -152,6 +154,16 @@ impl SessionContext { config::Transport::Stream, config::Preset::Default, ); + #[cfg(feature = "debug")] + { + let dbg_callback = + |level: i32, file: Cow<'_, str>, line: i32, message: Cow<'_, str>| { + print!("{} {}:{} {}", level, file, line, message); + }; + config.set_dbg_callback(dbg_callback); + // TODO: waiting for https://github.com/veracruz-project/rust-mbedtls/issues/1 to be fixed + //unsafe { mbedtls::set_global_debug_threshold(3); } + } config.set_ciphersuites(Arc::new(self.cipher_suites.clone())); let entropy = Arc::new(mbedtls::rng::OsEntropy::new()); let rng = Arc::new(mbedtls::rng::CtrDrbg::new(entropy, None)?); diff --git a/veracruz-client/src/veracruz_client.rs b/veracruz-client/src/veracruz_client.rs index 02ee08d39..c95aca866 100644 --- a/veracruz-client/src/veracruz_client.rs +++ b/veracruz-client/src/veracruz_client.rs @@ -15,6 +15,7 @@ use log::{error, info}; use mbedtls::{alloc::List, pk::Pk, ssl::Context, x509::Certificate}; use policy_utils::{parsers::enforce_leading_backslash, policy::Policy, Platform}; use std::{ + borrow::Cow, io::{Read, Write}, path::Path, sync::{ @@ -246,6 +247,12 @@ impl VeracruzClient { use mbedtls::ssl::config::{Config, Endpoint, Preset, Transport, Version}; let mut config = Config::new(Endpoint::Client, Transport::Stream, Preset::Default); + let dbg_callback = |level: i32, file: Cow<'_, str>, line: i32, message: Cow<'_, str>| { + print!("{} {}:{} {}", level, file, line, message); + }; + config.set_dbg_callback(dbg_callback); + // TODO: waiting for https://github.com/veracruz-project/rust-mbedtls/issues/1 to be fixed + //unsafe { mbedtls::set_global_debug_threshold(3); } config.set_min_version(Version::Tls1_3)?; config.set_max_version(Version::Tls1_3)?; let policy_ciphersuite = veracruz_utils::lookup_ciphersuite(policy.ciphersuite().as_str())