Merge pull request #91 from skalenetwork/SKALE-1880-FIX-ECDSA-VERIFICATION

Skale 1880 fix ecdsa verification

.gitignore

-# Created by .ignore support plugin (hsz.mobi)
-.idea/
-sgx-gmp/
-gmp-build
-tgmp-build
-install-sh
-config.log
-config.status
-Makefile.in
-Makefile
-secure_enclave_u.h
-secure_enclave_u.c
-secure_enclave.edl
-am--include-marker
-*.o
-aclocal.m4
-missing
-compile
-depcomp
-ltmain.sh
-secure_enclave.signed.so
-sgxgmpmath
-sgxgmppi
-.deps
-CMakeCache.txt
-cmake_install.cmake
-sgxd.cbp
-sgx-gmp
-sgx-sdk-build
-secure_enclave/Makefile
-secure_enclave/secure_enclave.signed.so
-secure_enclave/secure_enclave.so
-secure_enclave/secure_enclave_t.c
-secure_enclave/secure_enclave_t.h
-sgxd
-cert/SGXServerCertificate*
-autom4te.cache
-sgxwallet
-testw
-configure
-jsonrpc/zlib
-jsonrpc/argtable2
-jsonrpc/jsoncpp
-jsonrpc/libjson-rpc-cpp
-jsonrpc/curl-from-git.tar.gz
-jsonrpc/curl
-jsonrpc/libmicrohttpd
-secure_enclave/.deps
-test-driver
+/.idea/
+/cmake-build-debug/
+/build/
+/sgx_data/
+/jsonrpc/
+/gmp-build/
+/tgmp-build/
+/install-sh
+/config.log
+/config.status
+/Makefile.in
+/Makefile
+/secure_enclave_u.h
+/secure_enclave_u.c
+/secure_enclave.edl
+/am--include-marker
+/*.o
+/*.m4
+/missing
+/compile
+/depcomp
+/ltmain.sh
+/secure_enclave.signed.so
+/sgxgmpmath
+/sgxgmppi
+/.deps
+/CMakeCache.txt
+/cmake_install.cmake
+/sgxd.cbp
+/sgx-gmp/
+/sgx-sdk-build/
+/secure_enclave/Makefile
+/secure_enclave/secure_enclave.signed.so
+/secure_enclave/secure_enclave.so
+/secure_enclave/secure_enclave_t.c
+/secure_enclave/secure_enclave_t.h
+/sgxd
+/cert/SGXServerCertificate*
+/autom4te.cache
+/sgxwallet
+/testw
+/configure
+/secure_enclave/.deps
+/test-driver
+/intel-sgx-ssl/
+/m4
+/.testw.py.swp
+/cert_util

Dockerfile

 FROM skalenetwork/sgxwallet_base:latest
+
+COPY . /usr/src/sdk
 WORKDIR /usr/src/sdk
 
-RUN ccache -sz
-RUN touch /var/hwmode
-COPY *.cpp ./
-COPY *.h ./
-COPY *.txt ./
-COPY *.c ./
-COPY *.am ./
-COPY *.hpp ./
-COPY *.gmp ./
-COPY *.ac ./
-COPY *.json ./
-COPY docker ./docker
-COPY build-aux ./build-aux
-COPY  cert ./cert
-COPY jsonrpc ./jsonrpc
-COPY autoconf.bash ./
-COPY leveldb ./leveldb
-COPY m4 ./m4
-COPY scripts ./scripts
-COPY secure_enclave ./secure_enclave
-COPY spdlog ./spdlog
-COPY SGXWALLET_VERSION ./
 
 RUN ./autoconf.bash
 RUN ./configure

ECDSACrypto.cpp

@@ -32,13 +32,15 @@
 #include <random>
 
 
-
 #include "spdlog/spdlog.h"
 #include "common.h"
 
+
+#include "secure_enclave/Verify.h"
+
 #include "BLSCrypto.h"
-#include "ECDSACrypto.h"
 
+#include "ECDSACrypto.h"
 
 
 string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) {
@@ -49,46 +51,46 @@ string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) {
 }
 
 
-void fillRandomBuffer(vector<unsigned char>& _buffer) {
-    ifstream devRandom("/dev/urandom", ios::in|ios::binary);
-    devRandom.exceptions(std::ifstream::failbit | std::ifstream::badbit);
-    devRandom.read((char*) _buffer.data(), _buffer.size());
+void fillRandomBuffer(vector<unsigned char> &_buffer) {
+    ifstream devRandom("/dev/urandom", ios::in | ios::binary);
+    devRandom.exceptions(ifstream::failbit | ifstream::badbit);
+    devRandom.read((char *) _buffer.data(), _buffer.size());
     devRandom.close();
 }
 
-std::vector<std::string> genECDSAKey() {
+vector <string> genECDSAKey() {
     vector<char> errMsg(1024, 0);
     int errStatus = 0;
-    vector<uint8_t> encr_pr_key(1024, 0);
-    vector<char>pub_key_x(1024, 0);
-    vector<char>pub_key_y(1024, 0);
+    vector <uint8_t> encr_pr_key(1024, 0);
+    vector<char> pub_key_x(1024, 0);
+    vector<char> pub_key_y(1024, 0);
 
     uint32_t enc_len = 0;
 
     if (!encryptKeys)
         status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encr_pr_key.data(),
-                &enc_len, pub_key_x.data(), pub_key_y.data());
+                                         &enc_len, pub_key_x.data(), pub_key_y.data());
     else
         status = trustedGenerateEcdsaKeyAES(eid, &errStatus,
-                errMsg.data(), encr_pr_key.data(), &enc_len,
-                pub_key_x.data(), pub_key_y.data());
+                                            errMsg.data(), encr_pr_key.data(), &enc_len,
+                                            pub_key_x.data(), pub_key_y.data());
 
     if (status != SGX_SUCCESS || errStatus != 0) {
         spdlog::error("RPCException thrown with status {}", status);
         throw SGXException(status, errMsg.data());
     }
-    std::vector<std::string> keys(3);
+    vector <string> keys(3);
 
     vector<char> hexEncrKey(BUF_LEN * 2, 0);
     carray2Hex(encr_pr_key.data(), enc_len, hexEncrKey.data());
     keys.at(0) = hexEncrKey.data();
-    keys.at(1) = std::string(pub_key_x.data()) + std::string(pub_key_y.data());
+    keys.at(1) = string(pub_key_x.data()) + string(pub_key_y.data());
 
 
-    vector<unsigned char> randBuffer(32,0);
+    vector<unsigned char> randBuffer(32, 0);
     fillRandomBuffer(randBuffer);
 
-    vector<char> rand_str(64,0);
+    vector<char> rand_str(64, 0);
 
     carray2Hex(randBuffer.data(), 32, rand_str.data());
 
@@ -99,12 +101,12 @@ std::vector<std::string> genECDSAKey() {
     return keys;
 }
 
-std::string getECDSAPubKey(const char *_encryptedKeyHex) {
+string getECDSAPubKey(const char *_encryptedKeyHex) {
 
     vector<char> errMsg(BUF_LEN, 0);
     vector<char> pubKeyX(BUF_LEN, 0);
     vector<char> pubKeyY(BUF_LEN, 0);
-    vector<uint8_t> encrPrKey(BUF_LEN, 0);
+    vector <uint8_t> encrPrKey(BUF_LEN, 0);
 
     int errStatus = 0;
     uint64_t enc_len = 0;
@@ -115,77 +117,135 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
 
     if (!encryptKeys)
         status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(),
-                pubKeyY.data());
-    else status = trustedGetPublicEcdsaKeyAES(eid, &errStatus,
-            errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(), pubKeyY.data());
+                                          pubKeyY.data());
+    else
+        status = trustedGetPublicEcdsaKeyAES(eid, &errStatus,
+                                             errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(), pubKeyY.data());
     if (errStatus != 0) {
         throw SGXException(-666, errMsg.data());
     }
     string pubKey = string(pubKeyX.data()) + string(pubKeyY.data());//concatPubKeyWith0x(pub_key_x, pub_key_y);//
 
-        spdlog::debug("enc_len is {}", enc_len);
-        spdlog::debug("pubkey is {}", pubKey);
-        spdlog::debug("pubkey length is {}", pubKey.length());
-        spdlog::debug("err str is {}", errMsg.data());
-        spdlog::debug("err status is {}", errStatus);
 
+    if (pubKey.size() != 128) {
+        spdlog::error("Incorrect pub key size", status);
+        throw SGXException(666, "Incorrect pub key size");
+    }
 
     return pubKey;
 }
 
-vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, int base) {
-    vector<string> signature_vect(3);
+bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatureR,
+        const char *signatureS) {
 
-    char *errMsg = (char *) calloc(1024, 1);
-    int errStatus = 0;
-    char *signature_r = (char *) calloc(1024, 1);
-    char *signature_s = (char *) calloc(1024, 1);
-    uint8_t signature_v = 0;
-    uint64_t dec_len = 0;
-
-    //uint8_t encr_key[BUF_LEN];
-    uint8_t *encr_key = (uint8_t *) calloc(1024, 1);
-    if (!hex2carray(encryptedKeyHex, &dec_len, encr_key)) {
-        throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
+    bool result = false;
+
+    signature sig = signature_init();
+
+    auto r = pubKeyStr.substr(0, 64);
+    auto s = pubKeyStr.substr(64, 128);
+    domain_parameters curve = domain_parameters_init();
+    domain_parameters_load_curve(curve, secp256k1);
+    point publicKey = point_init();
+
+
+    mpz_t msgMpz;
+    mpz_init(msgMpz);
+
+
+    if (mpz_set_str(msgMpz, hashHex, 16) == -1) {
+        spdlog::error("invalid message hash {}", hashHex);
+        goto clean;
+    }
+
+    signature_set_str(sig, signatureR, signatureS, 16);
+
+    point_set_hex(publicKey, r.c_str(), s.c_str());
+    if (!signature_verify(msgMpz, sig, publicKey, curve)) {
+        spdlog::error("ECDSA sig not verified");
+        goto clean;
     }
 
+    result = true;
 
-    spdlog::debug("encryptedKeyHex: {}", encryptedKeyHex);
-    spdlog::debug("HASH: {}", hashHex);
-    spdlog::debug("encrypted len: {}", dec_len);
+    clean:
 
+    mpz_clear(msgMpz);
+    domain_parameters_clear(curve);
+    point_clear(publicKey);
+    signature_free(sig);
 
-    if (!encryptKeys)
-        status = trustedEcdsaSign(eid, &errStatus, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char *) hashHex, signature_r,
-                             signature_s, &signature_v, base);
-    else
-        status = trustedEcdsaSignAES(eid, &errStatus, errMsg, encr_key, dec_len, (unsigned char *) hashHex, signature_r,
-                                signature_s, &signature_v, base);
-    if (errStatus != 0) {
-        throw SGXException(-666, errMsg);
+    return result;
+
+}
+
+vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, int base) {
+    vector <string> signatureVector(3);
+
+    vector<char> errMsg(1024, 0);
+    int errStatus = 0;
+    vector<char> signatureR(1024, 0);
+    vector<char> signatureS(1024, 0);
+    vector<uint8_t> encryptedKey(1024, 0);
+    uint8_t signatureV = 0;
+    uint64_t decLen = 0;
+
+    string pubKeyStr = "";
+
+    shared_ptr<SGXException> exception = NULL;
+
+    if (!hex2carray(encryptedKeyHex, &decLen, encryptedKey.data())) {
+        exception = make_shared<SGXException>(INVALID_HEX, "Invalid encryptedKeyHex");
+        goto clean;
     }
 
+    pubKeyStr = getECDSAPubKey(encryptedKeyHex);
 
-    spdlog::debug("signature r in  ecdsa_sign_hash: {}", signature_r);
-    spdlog::debug("signature s in  ecdsa_sign_hash: {}", signature_s);
+
+    if (!encryptKeys) {
+        status = trustedEcdsaSign(eid, &errStatus, errMsg.data(),
+                 encryptedKey.data(), ECDSA_ENCR_LEN, (unsigned char *) hashHex,
+                                  signatureR.data(),
+                                  signatureS.data(), &signatureV, base);
+
+
+    } else
+        status = trustedEcdsaSignAES(eid, &errStatus,
+                errMsg.data(), encryptedKey.data(), decLen, (unsigned char *) hashHex,
+                                     signatureR.data(),
+                                     signatureS.data(), &signatureV, base);
+    if (errStatus != 0) {
+        exception = make_shared<SGXException>(666, errMsg.data());
+        goto clean;
+    }
 
 
     if (status != SGX_SUCCESS) {
-        spdlog::error("  failed to sign ");
+        spdlog::error("failed to sign {}", status);
+        exception = make_shared<SGXException>(666, "failed to sign");
+        goto clean;
     }
-    signature_vect.at(0) = to_string(signature_v);
+    signatureVector.at(0) = to_string(signatureV);
     if (base == 16) {
-        signature_vect.at(1) = "0x" + string(signature_r);
-        signature_vect.at(2) = "0x" + string(signature_s);
+        signatureVector.at(1) = "0x" + string(signatureR.data());
+        signatureVector.at(2) = "0x" + string(signatureS.data());
     } else {
-        signature_vect.at(1) = string(signature_r);
-        signature_vect.at(2) = string(signature_s);
+        signatureVector.at(1) = string(signatureR.data());
+        signatureVector.at(2) = string(signatureS.data());
     }
 
-    free(errMsg);
-    free(signature_r);
-    free(signature_s);
-    free(encr_key);
+    /* Now verify signature */
+
+    if (!verifyECDSASig(pubKeyStr, hashHex, signatureR.data(), signatureS.data())) {
+        exception = make_shared<SGXException>(667, "ECDSA did not verify");
+        goto clean;
+    }
+
+
+    clean:
+
+    if (exception)
+        throw *exception;
 
-    return signature_vect;
+    return signatureVector;
 }
\ No newline at end of file

ECDSAImpl.c

+#include "secure_enclave/Point.c"
+#include "secure_enclave/DomainParameters.c"
+#include "secure_enclave/NumberTheory.c"
+#include "secure_enclave/Signature.c"
+#include "secure_enclave/Curves.c"
\ No newline at end of file

Makefile.am

@@ -10,7 +10,7 @@ include $(top_srcdir)/build-aux/sgx_app.am
 ##
 ## And a pattern rule for building prexoxy functions from EDL files:
 ##
-##   %_u.h %_u.c: %.edl
+##   %_u.h %_u.c: %.edl34
 ##
 ## And sets these Makefile variables:
 ##
@@ -33,7 +33,7 @@ SUBDIRS=secure_enclave
 ##
 ## SGX_EDGER8R_FLAGS=
 
-
+WALLET_VERSION := $(shell cat VERSION)
 
 ## Needed to make our pattern rule work.
 
@@ -45,11 +45,11 @@ secure_enclave.edl: secure_enclave/secure_enclave.edl
 #AM_CPPFLAGS += -g -Og
 
 
-AM_CFLAGS = -g -Og -rdynamic -Wl,--no-as-needed -lSegFault
-AM_CXXFLAGS = ${AM_CPPFLAGS} -rdynamic -Wl,--no-as-needed -lSegFault
+AM_CFLAGS = -DUSER_SPACE -g -Og -rdynamic -Wl,--no-as-needed -lSegFault -DSGXWALLET_VERSION="$(WALLET_VERSION)"
+AM_CXXFLAGS = ${AM_CPPFLAGS} -rdynamic -Wl,--no-as-needed -lSegFault -DSGXWALLET_VERSION="$(WALLET_VERSION)"
 
 
-AM_CPPFLAGS += -Wall -DSKALE_SGX=1 -DBINARY_OUTPUT=1 -Ileveldb/include -IlibBLS/bls -IlibBLS/libff -IlibBLS -fno-builtin-memset $(GMP_CPPFLAGS)  -I.  -I./libBLS/deps/deps_inst/x86_or_x64/include
+AM_CPPFLAGS += -DSGXWALLET_VERSION="$(WALLET_VERSION)" -Wall -DSKALE_SGX=1 -DBINARY_OUTPUT=1 -Ileveldb/include -IlibBLS/bls -IlibBLS/libff -IlibBLS -fno-builtin-memset $(GMP_CPPFLAGS)  -I.  -I./libBLS/deps/deps_inst/x86_or_x64/include
 
 ## Additional targets to remove with 'make clean'. You must list
 ## any edger8r generated files here.
@@ -67,9 +67,11 @@ bin_PROGRAMS =  sgxwallet testw cert_util
 ## have to be explicitly listed.
 
 COMMON_SRC = InvalidStateException.cpp  Exception.cpp InvalidArgumentException.cpp Log.cpp  \
-             SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp  BLSCrypto.cpp ECDSACrypto.cpp \
+             SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp  BLSCrypto.cpp \
+             ECDSACrypto.cpp \
              DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp \
-             sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c
+             sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c \
+             ECDSAImpl.c
 COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h
 
 sgxwallet_SOURCES = sgxwallet.c  $(COMMON_SRC)
@@ -115,4 +117,4 @@ cert_util_SOURCES= InvalidStateException.cpp  Exception.cpp InvalidArgumentExcep
 cert_util_LDADD=-LlibBLS/deps/deps_inst/x86_or_x64/lib -Lleveldb/build -LlibBLS/build \
                    -LlibBLS/build/libff/libff \
                    -l:libbls.a -l:libleveldb.a \
-                   -l:libff.a -lgmp  -ljsonrpccpp-stub -ljsonrpccpp-server -ljsonrpccpp-client -ljsonrpccpp-common -ljsoncpp -lmicrohttpd -lgnutls -lgcrypt -lcurl -lssl -lcrypto -lz -lpthread -ldl
+                   -l:libff.a -lgmp  -ljsonrpccpp-stub -ljsonrpccpp-server -ljsonrpccpp-client -ljsonrpccpp-common -ljsoncpp -lmicrohttpd -lgnutls -lgcrypt -lcurl -lssl -lcrypto -lz -lpthread -ldl
\ No newline at end of file

SGXWALLET_VERSION

-#define SGXWALLET_VERSION "1.49.5"

SGXWalletServer.cpp

@@ -212,15 +212,15 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin
         if (!checkName(_keyShareName, "BLS_KEY")) {
             throw SGXException(INVALID_POLY_NAME, "Invalid BLSKey name");
         }
-        string cutHash = _messageHash;
-        if (cutHash[0] == '0' && (cutHash[1] == 'x' || cutHash[1] == 'X')) {
-            cutHash.erase(cutHash.begin(), cutHash.begin() + 2);
+        string hashTmp = _messageHash;
+        if (hashTmp[0] == '0' && (hashTmp[1] == 'x' || hashTmp[1] == 'X')) {
+            hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 2);
         }
-        while (cutHash[0] == '0') {
-            cutHash.erase(cutHash.begin(), cutHash.begin() + 1);
+        while (hashTmp[0] == '0') {
+            hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 1);
         }
 
-        if (!checkHex(cutHash)) {
+        if (!checkHex(hashTmp)) {
             throw SGXException(INVALID_HEX, "Invalid hash");
         }
 
@@ -318,10 +318,10 @@ Json::Value SGXWalletServer::renameECDSAKeyImpl(const string &_keyName, const st
             throw SGXException(UNKNOWN_ERROR, "invalid key name");
         }
 
-        shared_ptr <string> key_ptr = readFromDb(_tempKeyName);
+        shared_ptr <string> encryptedKey = readFromDb(_tempKeyName);
 
 
-        writeDataToDB(_keyName, *key_ptr);
+        writeDataToDB(_keyName, *encryptedKey);
         LevelDB::getLevelDb()->deleteTempNEK(_tempKeyName);
 
     } HANDLE_SGX_EXCEPTION(result)
@@ -339,40 +339,40 @@ Json::Value SGXWalletServer::ecdsaSignMessageHashImpl(int _base, const string &_
     result["signature_r"] = "";
     result["signature_s"] = "";
 
-    vector <string> sign_vect(3);
+    vector <string> signatureVector(3);
 
     try {
 
-        string cutHash = _messageHash;
-        if (cutHash[0] == '0' && (cutHash[1] == 'x' || cutHash[1] == 'X')) {
-            cutHash.erase(cutHash.begin(), cutHash.begin() + 2);
+        string hashTmp = _messageHash;
+        if (hashTmp[0] == '0' && (hashTmp[1] == 'x' || hashTmp[1] == 'X')) {
+            hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 2);
         }
-        while (cutHash[0] == '0') {
-            cutHash.erase(cutHash.begin(), cutHash.begin() + 1);
+        while (hashTmp[0] == '0') {
+            hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 1);
         }
 
         if (!checkECDSAKeyName(_keyName)) {
             throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
         }
-        if (!checkHex(cutHash)) {
+        if (!checkHex(hashTmp)) {
             throw SGXException(INVALID_HEX, "Invalid hash");
         }
         if (_base <= 0 || _base > 32) {
             throw SGXException(-22, "Invalid base");
         }
 
-        shared_ptr <string> key_ptr = readFromDb(_keyName, "");
+        shared_ptr <string> encryptedKey = readFromDb(_keyName, "");
 
-        sign_vect = ecdsaSignHash(key_ptr->c_str(), cutHash.c_str(), _base);
-        if (sign_vect.size() != 3) {
+        signatureVector = ecdsaSignHash(encryptedKey->c_str(), hashTmp.c_str(), _base);
+        if (signatureVector.size() != 3) {
             throw SGXException(INVALID_ECSDA_SIGNATURE, "Invalid ecdsa signature");
         }
 
-        spdlog::debug("got signature_s  {}", sign_vect.at(2));
+        spdlog::debug("got signature_s  {}", signatureVector.at(2));
 
-        result["signature_v"] = sign_vect.at(0);
-        result["signature_r"] = sign_vect.at(1);
-        result["signature_s"] = sign_vect.at(2);
+        result["signature_v"] = signatureVector.at(0);
+        result["signature_r"] = signatureVector.at(1);
+        result["signature_s"] = signatureVector.at(2);
 
     } HANDLE_SGX_EXCEPTION(result)
 
@@ -443,14 +443,14 @@ Json::Value SGXWalletServer::getVerificationVectorImpl(const string &_polyName,
             throw SGXException(INVALID_DKG_PARAMS, "Invalid parameters: n or t ");
         }
 
-        shared_ptr <string> encr_poly_ptr = readFromDb(_polyName);
+        shared_ptr<string> encrPoly = readFromDb(_polyName);
 
-        verifVector = get_verif_vect(encr_poly_ptr->c_str(), _t, _n);
+        verifVector = get_verif_vect(encrPoly->c_str(), _t, _n);
 
         for (int i = 0; i < _t; i++) {
-            vector <string> cur_coef = verifVector.at(i);
+            vector <string> currentCoef = verifVector.at(i);
             for (int j = 0; j < 4; j++) {
-                result["verificationVector"][i][j] = cur_coef.at(j);
+                result["verificationVector"][i][j] = currentCoef.at(j);
             }
         }
 
@@ -480,7 +480,7 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J
             throw SGXException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
         }
 
-        shared_ptr <string> encr_poly_ptr = readFromDb(_polyName);
+        shared_ptr <string> encrPoly = readFromDb(_polyName);
 
         vector <string> pubKeysStrs;
         for (int i = 0; i < _n; i++) {
@@ -490,7 +490,7 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J
             pubKeysStrs.push_back(_pubKeys[i].asString());
         }
 
-        string s = trustedGetSecretShares(_polyName, encr_poly_ptr->c_str(), pubKeysStrs, _t, _n);
+        string s = trustedGetSecretShares(_polyName, encrPoly->c_str(), pubKeysStrs, _t, _n);
         //cerr << "result is " << s << endl;
         result["secretShare"] = s;
 
@@ -678,12 +678,10 @@ Json::Value SGXWalletServer::getServerStatusImpl() {
     return result;
 }
 
-Json::Value SGXWalletServer::getServerVersionImpl() {
 
+Json::Value SGXWalletServer::getServerVersionImpl() {
     INIT_RESULT(result)
-
-    result["version"] = SGXWALLET_VERSION;
-
+    result["version"] = TOSTRING(SGXWALLET_VERSION);
     return result;
 }
 

SGXWalletServer.hpp

@@ -33,8 +33,13 @@
 using namespace jsonrpc;
 using namespace std;
 
+#define STRINGIFY(x) #x
+#define TOSTRING(x) STRINGIFY(x)
+
 class SGXWalletServer : public AbstractStubServer {
 
+
+
     recursive_mutex m;
 
     static shared_ptr<SGXWalletServer> server;
@@ -42,6 +47,11 @@ class SGXWalletServer : public AbstractStubServer {
 
 
 public:
+
+    static const char* getVersion() {
+        return TOSTRING(SGXWALLET_VERSION);
+    }
+
     SGXWalletServer(AbstractServerConnector &_connector, serverVersion_t _type);
 
     virtual Json::Value

ServerInit.cpp

@@ -111,7 +111,7 @@ void initAll(uint32_t  _logLevel, bool _checkCert, bool _autoSign) {
 
     static int sgxServerInited;
 
-    cout << "Running sgxwallet version:" << SGXWALLET_VERSION << endl;
+    cout << "Running sgxwallet version:" << SGXWalletServer::getVersion() << endl;
 
     CHECK_STATE(sgxServerInited == 0)
     sgxServerInited = 1;

ServerInit.h

@@ -25,7 +25,6 @@
 #define SGXWALLET_SERVERINIT_H
 
 #include "stdint.h"
-#include "SGXWALLET_VERSION"
 
 #ifdef __cplusplus
 #define EXTERNC extern "C"

VERSION

-1.49
\ No newline at end of file
+1.50.2
\ No newline at end of file

common.h

@@ -16,7 +16,7 @@
     You should have received a copy of the GNU Affero General Public License
     along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.
 
-    @file BLSEnclave.cpp
+    @file common.h
     @author Stan Kladko
     @date 2020
 */
@@ -34,10 +34,13 @@ using namespace std;
 
 
 
-
+#include <gmp.h>
+#include "secure_enclave/Verify.h"
 #include "InvalidStateException.h"
 
 
+#define SAFE_FREE(__POINTER__) {if (__POINTER__) {free(__POINTER__); __POINTER__ = NULL;}}
+
 inline std::string className(const std::string &prettyFunction) {
     size_t colons = prettyFunction.find("::");
     if (colons == std::string::npos)

secure_enclave/Curves.c

@@ -24,7 +24,13 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <stdbool.h>
+
+#ifdef USER_SPACE
+#include <gmp.h>
+#else
 #include <../tgmp-build/include/sgx_tgmp.h>
+#endif
+
 #include "DomainParameters.h"
 #include "Curves.h"
 #include "Point.h"

secure_enclave/Curves.h

@@ -25,6 +25,12 @@
 #ifndef SGXWALLET_CURVES_H
 #define SGXWALLET_CURVES_H
 
+#ifdef __cplusplus
+#define EXTERNC extern "C"
+#else
+#define EXTERNC
+#endif
+
 
 /*Curves that can be loaded using domain_parameters_load_curve()*/
 typedef enum {	secp112r1 = 0,
@@ -47,7 +53,7 @@ typedef enum {	secp112r1 = 0,
 #define NUMBER_OF_CURVES (secp521r1+1)
 
 /*Load a curve depending on it's curve number, defined by the enum*/
-void domain_parameters_load_curve(domain_parameters out, curve_list curve);
+EXTERNC void domain_parameters_load_curve(domain_parameters out, curve_list curve);
 
 /* REMARK:
 For some weird reason secp112r2 and secp128r2 doesn't want to be stable. Actually they work once in a while. However running the benchmark command gives -1 as operation time, sometimes and only sometimes!

secure_enclave/DHDkg.c

@@ -23,7 +23,11 @@
 
 #include <stdlib.h>
 #include <stdbool.h>
+#ifdef USER_SPACE
+#include <gmp.h>
+#else
 #include <../tgmp-build/include/sgx_tgmp.h>
+#endif
 
 #include "DomainParameters.h"
 #include "Curves.h"

secure_enclave/DKGUtils.cpp

@@ -23,7 +23,12 @@
 
 #include "DKGUtils.h"
 
-#include <sgx_tgmp.h>
+#ifdef USER_SPACE
+#include <gmp.h>
+#else
+#include <../tgmp-build/include/sgx_tgmp.h>
+#endif
+
 #include <../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp>
 #include <../trusted_libff/libff/algebra/fields/fp.hpp>
 

secure_enclave/DKGUtils.h

@@ -30,7 +30,12 @@
 #define EXTERNC
 #endif
 
-#include <sgx_tgmp.h>
+#ifdef USER_SPACE
+
+#include <gmp.h>
+#else
+#include <../tgmp-build/include/sgx_tgmp.h>
+#endif
 
 EXTERNC int gen_dkg_poly( char* secret, unsigned _t);
 

secure_enclave/DomainParameters.c

@@ -21,7 +21,12 @@
     @date 2019
 */
 
+#ifdef USER_SPACE
+#include <gmp.h>
+#else
 #include <../tgmp-build/include/sgx_tgmp.h>
+#endif
+
 #include <stdlib.h>
 #include <stdbool.h>
 #include <string.h>

secure_enclave/DomainParameters.h

@@ -23,6 +23,11 @@
 #ifndef SGXWALLET_DOMAINPARAMETERS_H
 #define SGXWALLET_DOMAINPARAMETERS_H
 
+#ifdef __cplusplus
+#define EXTERNC extern "C"
+#else
+#define EXTERNC
+#endif
 
 /*Type that represents a point*/
 typedef struct point_s* point;
@@ -48,13 +53,13 @@ struct domain_parameters_s
 };
 
 /*Initialize a curve*/
-domain_parameters domain_parameters_init();
+EXTERNC domain_parameters domain_parameters_init();
 
 /*Sets the name of a curve*/
-void domain_parameters_set_name(domain_parameters curve, char* name);
+EXTERNC void domain_parameters_set_name(domain_parameters curve, char* name);
 
 /*Set domain parameters from decimal unsigned long ints*/
-void domain_parameters_set_ui(domain_parameters curve,
+EXTERNC void domain_parameters_set_ui(domain_parameters curve,
 								char* name,
 								unsigned long int p,
 								unsigned long int a,
@@ -65,9 +70,9 @@ void domain_parameters_set_ui(domain_parameters curve,
 								unsigned long int h);
 
 /*Set domain parameters from hexadecimal string*/
-void domain_parameters_set_hex(domain_parameters curve, char* name, char* p, char* a, char* b, char* Gx, char* Gy, char* n, char* h);
+EXTERNC void domain_parameters_set_hex(domain_parameters curve, char* name, char* p, char* a, char* b, char* Gx, char* Gy, char* n, char* h);
 
 /*Release memory*/
-void domain_parameters_clear(domain_parameters curve);
+EXTERNC void domain_parameters_clear(domain_parameters curve);
 
 #endif
\ No newline at end of file

secure_enclave/EnclaveCommon.cpp

@@ -298,7 +298,7 @@ void logMsg(log_level _level, char* _msg) {
 EXTERNC void LOG_INFO(char* _msg) {
     logMsg(L_INFO, _msg);
 };
-EXTERNC void LOG_WARNING(char* _msg) {
+EXTERNC void LOG_WARN(char* _msg) {
     logMsg(L_WARNING, _msg);
 };
 

secure_enclave/EnclaveCommon.h

@@ -53,7 +53,7 @@ EXTERNC void enclave_init();
 
 
 EXTERNC void LOG_INFO(char* msg);
-EXTERNC void LOG_WARNING(char* _msg);
+EXTERNC void LOG_WARN(char* _msg);
 EXTERNC void LOG_ERROR(char* _msg);
 EXTERNC void LOG_DEBUG(char* _msg);
 EXTERNC void LOG_TRACE(char* _msg);

secure_enclave/NumberTheory.c

@@ -23,8 +23,14 @@
 
 #include <stdlib.h>
 #include <stdio.h>
-#include <../tgmp-build/include/sgx_tgmp.h>
 #include <stdbool.h>
+
+#ifdef USER_SPACE
+#include <gmp.h>
+#else
+#include <../tgmp-build/include/sgx_tgmp.h>
+#endif
+
 #include "NumberTheory.h"
 
 /*Calculate R = a^k mod P, using repeated square-and-multiply algorithm

secure_enclave/Point.c

@@ -23,11 +23,16 @@
 
 #include <stdlib.h>
 #include <stdio.h>
-#include <../tgmp-build/include/sgx_tgmp.h>
 #include <string.h>
 #include <assert.h>
 #include <stdbool.h>
 
+#ifdef USER_SPACE
+#include <gmp.h>
+#else
+#include <../tgmp-build/include/sgx_tgmp.h>
+#endif
+
 #include "NumberTheory.h"
 
 #include "DomainParameters.h"
@@ -77,14 +82,14 @@ void point_set(point R, point P)
 }
 
 /*Set point from strings of a base from 2-62*/
-void point_set_str(point p, char *x, char *y, int base)
+void point_set_str(point p, const  char *x, const char *y, int base)
 {
 	mpz_set_str(p->x, x, base);
 	mpz_set_str(p->y, y, base);
 }
 
 /*Set point from hexadecimal strings*/
-void point_set_hex(point p, char *x, char *y)
+void point_set_hex(point p, const char *x, const char *y)
 {
 	point_set_str(p,x,y,16);
 }

secure_enclave/Point.h

@@ -26,56 +26,58 @@
 #define SGXWALLET_POINT_H
 
 
+
+
 #include "DomainParameters.h"
 
 /*Initialize a point*/
-point point_init();
+EXTERNC point point_init();
 
 /*Release point*/
-void point_clear(point p);
+EXTERNC void point_clear(point p);
 
 /*Set point to be a infinity*/
-void point_at_infinity(point p);
+EXTERNC void point_at_infinity(point p);
 
 /*Set R to the additive inverse of P, in the curve curve*/
-void point_inverse(point R, point P, domain_parameters curve);
+EXTERNC void point_inverse(point R, point P, domain_parameters curve);
 
 /*Print point to standart output stream*/
-void point_print(point p);
+EXTERNC void point_print(point p);
 
 /*Set point from hexadecimal strings*/
-void point_set_hex(point p, char *x, char *y);
+EXTERNC void point_set_hex(point p, const char *x, const char *y);
 
 /*Set point from decimal unsigned long ints*/
-void point_set_ui(point p, unsigned long int x, unsigned long int y);
+EXTERNC void point_set_ui(point p, unsigned long int x, unsigned long int y);
 
 /*Addition of point P + Q = result*/
-void point_addition(point result, point P, point Q, domain_parameters curve);
+EXTERNC void point_addition(point result, point P, point Q, domain_parameters curve);
 
 /*Set point R = 2P*/
-void point_doubling(point R, point P, domain_parameters curve);
+EXTERNC void point_doubling(point R, point P, domain_parameters curve);
 
 /*Perform scalar multiplication to P, with the factor multiplier, over the curve curve*/
-void point_multiplication(point R, mpz_t multiplier, point P, domain_parameters curve);
+EXTERNC void point_multiplication(point R, mpz_t multiplier, point P, domain_parameters curve);
 
 /*Set point from strings of a base from 2-62*/
-void point_set_str(point p, char *x, char *y, int base);
+EXTERNC void point_set_str(point p, const char *x, const char *y, int base);
 
 /*Compare two points return 1 if not the same, returns 0 if they are the same*/
-bool point_cmp(point P, point Q);
+EXTERNC bool point_cmp(point P, point Q);
 
 /*Decompress a point from hexadecimal representation
  *This function is implemented as specified in SEC 1: Elliptic Curve Cryptography, section 2.3.4.*/
-void point_decompress(point P, char* zPoint, domain_parameters curve);
+EXTERNC void point_decompress(point P, char* zPoint, domain_parameters curve);
 
 /*Compress a point to hexadecimal string
  *This function is implemented as specified in SEC 1: Elliptic Curve Cryptography, section 2.3.3.*/
-char* point_compress(point P);
+EXTERNC char* point_compress(point P);
 
 /*Make R a copy of P*/
-void point_copy(point R, point P);
+EXTERNC void point_copy(point R, point P);
 
 /*Set a point from another point*/
-void point_set(point R, point P);
+EXTERNC void point_set(point R, point P);
 
 #endif
\ No newline at end of file

secure_enclave/Signature.c

@@ -23,9 +23,17 @@
 
 #include <stdlib.h>
 #include <stdio.h>
-#include <../tgmp-build/include/sgx_tgmp.h>
 #include <stdbool.h>
 #include <assert.h>
+
+#ifdef USER_SPACE
+#include <gmp.h>
+
+
+#else
+#include <../tgmp-build/include/sgx_tgmp.h>
+#endif
+
 #include "DomainParameters.h"
 #include "Point.h"
 #include "NumberTheory.h"
@@ -51,13 +59,13 @@ void signature_print(signature sig) {
 }
 
 /*Set signature from strings of a base from 2-62*/
-void signature_set_str(signature sig, char *r, char *s, int base) {
+void signature_set_str(signature sig, const char *r, const char *s, int base) {
     mpz_set_str(sig->r, r, base);
     mpz_set_str(sig->s, s, base);
 }
 
 /*Set signature from hexadecimal strings*/
-void signature_set_hex(signature sig, char *r, char *s) {
+void signature_set_hex(signature sig, const char *r, const char *s) {
     signature_set_str(sig, r, s, 16);
 }
 
@@ -84,6 +92,7 @@ void signature_extract_public_key(point public_key, mpz_t private_key, domain_pa
     point_multiplication(public_key, private_key, curve->G, curve);
 }
 
+#ifndef USER_SPACE
 /*Generate signature for a message*/
 void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve) {
     //message must not have a bit length longer than that of n
@@ -171,13 +180,26 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para
 
 }
 
+#endif
+
+/*Release signature*/
+void signature_free(signature sig) {
+    mpz_clear(sig->r);
+    mpz_clear(sig->s);
+    free(sig);
+}
+
 /*Verify the integrity of a message using it's signature*/
 bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve) {
 
     //Initialize variables
     mpz_t one, w, u1, u2, t, tt2;
-    mpz_init(one); mpz_init(w); mpz_init(u1);
-    mpz_init(u2); mpz_init(t); mpz_init(tt2);
+    mpz_init(one);
+    mpz_init(w);
+    mpz_init(u1);
+    mpz_init(u2);
+    mpz_init(t);
+    mpz_init(tt2);
 
     mpz_set_ui(one, 1);
 
@@ -224,15 +246,15 @@ bool signature_verify(mpz_t message, signature sig, point public_key, domain_par
     point_clear(t1);
     point_clear(t2);
 
-    mpz_clear(one); mpz_clear(w); mpz_clear(u1); mpz_clear(u2); mpz_clear(t);
+    mpz_clear(one);
+    mpz_clear(w);
+    mpz_clear(u1);
+    mpz_clear(u2);
+    mpz_clear(t);
     mpz_clear(tt2);
 
     return result;
-}
 
-/*Release signature*/
-void signature_free(signature sig) {
-    mpz_clear(sig->r);
-    mpz_clear(sig->s);
-    free(sig);
 }
+
+

secure_enclave/Signature.h

@@ -24,6 +24,12 @@
 #ifndef SGXWALLET_SIGNATURE_H
 #define SGXWALLET_SIGNATURE_H
 
+#ifdef __cplusplus
+#define EXTERNC extern "C"
+#else
+#define EXTERNC
+#endif
+
 /*Type for representing a signature*/
 struct signature_s
 {
@@ -35,36 +41,36 @@ struct signature_s
 typedef struct signature_s* signature;
 
 /*Initialize a signature*/
-signature signature_init();
+EXTERNC signature signature_init();
 
 /*Set signature from strings of a base from 2-62*/
-void signature_set_str(signature sig, char *r, char *s, int base);
+EXTERNC void signature_set_str(signature sig, const char *r, const char *s, int base);
 
 /*Set signature from hexadecimal strings*/
-void signature_set_hex(signature sig, char *r, char *s);
+EXTERNC void signature_set_hex(signature sig, const char *r, const char *s);
 
 /*Set signature from decimal unsigned long ints*/
-void signature_set_ui(signature sig, unsigned long int r, unsigned long int s);
+EXTERNC void signature_set_ui(signature sig, unsigned long int r, unsigned long int s);
 
 /*Print signature to standart output stream*/
-void signature_print(signature sig);
+EXTERNC void signature_print(signature sig);
 
 /*Make R a copy of P*/
-void signature_copy(signature R, signature sig);
+EXTERNC void signature_copy(signature R, signature sig);
 
 /*Compare two signatures return 1 if not the same, returns 0 if they are the same*/
-bool signature_cmp(signature sig1, signature sig2);
+EXTERNC bool signature_cmp(signature sig1, signature sig2);
 
 /*Release signature*/
-void signature_free(signature sig);
+EXTERNC void signature_free(signature sig);
 
 /*Generates a public key for a private key*/
-void signature_extract_public_key(point public_key, mpz_t private_key, domain_parameters curve);
+EXTERNC void signature_extract_public_key(point public_key, mpz_t private_key, domain_parameters curve);
 
 /*Generate signature for a message*/
-void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve);
+EXTERNC void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve);
 
 /*Verify the integrity of a message using it's signature*/
-bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve);
+EXTERNC bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve);
 
 #endif

secure_enclave/Verify.h

+/*
+    Copyright (C) 2019-Present SKALE Labs
+
+    This file is part of sgxwallet.
+
+    sgxwallet is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published
+    by the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    sgxwallet is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.
+
+    @file Verify.h
+    @author Stan Kladko
+    @date 2020
+*/
+#ifndef SGXWALLET_VERIFY_H
+#define SGXWALLET_VERIFY_H
+
+#define USER_SPACE 1
+
+#include "secure_enclave/Point.h"
+#include "secure_enclave/DomainParameters.h"
+#include "secure_enclave/NumberTheory.h"
+#include "secure_enclave/Signature.h"
+#include "secure_enclave/Curves.h"
+#endif //SGXWALLET_VERIFY_H

testw.cpp

@@ -776,7 +776,7 @@ TEST_CASE_METHOD(TestFixture, "Get ServerStatus", "[get-server-status]") {
 TEST_CASE_METHOD(TestFixture, "Get ServerVersion", "[get-server-version]") {
     HttpClient client(RPC_ENDPOINT);
     StubClient c(client, JSONRPC_CLIENT_V2);
-    REQUIRE(c.getServerVersion()["version"] == SGXWALLET_VERSION);
+    REQUIRE(c.getServerVersion()["version"] == SGXWalletServer::getVersion());
 
 }