Skip to content

S
sgxwallet
Unverified Commit 1b65b688 authored by Stan Kladko's avatar Stan Kladko Committed by GitHub
Browse files
Options

Merge pull request #91 from skalenetwork/SKALE-1880-FIX-ECDSA-VERIFICATION 

Skale 1880 fix ecdsa verification
parents 1aedf162 dcca6f29
Show whitespace changes
Inline Side-by-side
Showing with 694 additions and 503 deletions
.gitignore
View file @ 1b65b688
# Created by .ignore support plugin (hsz.mobi) /.idea/
.idea/ /cmake-build-debug/
sgx-gmp/ /build/
gmp-build /sgx_data/
tgmp-build /jsonrpc/
install-sh /gmp-build/
config.log /tgmp-build/
config.status /install-sh
Makefile.in /config.log
Makefile /config.status
secure_enclave_u.h /Makefile.in
secure_enclave_u.c /Makefile
secure_enclave.edl /secure_enclave_u.h
am--include-marker /secure_enclave_u.c
*.o /secure_enclave.edl
aclocal.m4 /am--include-marker
missing /*.o
compile /*.m4
depcomp /missing
ltmain.sh /compile
secure_enclave.signed.so /depcomp
sgxgmpmath /ltmain.sh
sgxgmppi /secure_enclave.signed.so
.deps /sgxgmpmath
CMakeCache.txt /sgxgmppi
cmake_install.cmake /.deps
sgxd.cbp /CMakeCache.txt
sgx-gmp /cmake_install.cmake
sgx-sdk-build /sgxd.cbp
secure_enclave/Makefile /sgx-gmp/
secure_enclave/secure_enclave.signed.so /sgx-sdk-build/
secure_enclave/secure_enclave.so /secure_enclave/Makefile
secure_enclave/secure_enclave_t.c /secure_enclave/secure_enclave.signed.so
secure_enclave/secure_enclave_t.h /secure_enclave/secure_enclave.so
sgxd /secure_enclave/secure_enclave_t.c
cert/SGXServerCertificate* /secure_enclave/secure_enclave_t.h
autom4te.cache /sgxd
sgxwallet /cert/SGXServerCertificate*
testw /autom4te.cache
configure /sgxwallet
jsonrpc/zlib /testw
jsonrpc/argtable2 /configure
jsonrpc/jsoncpp /secure_enclave/.deps
jsonrpc/libjson-rpc-cpp /test-driver
jsonrpc/curl-from-git.tar.gz /intel-sgx-ssl/
jsonrpc/curl /m4
jsonrpc/libmicrohttpd /.testw.py.swp
secure_enclave/.deps /cert_util
test-driver
Dockerfile
View file @ 1b65b688
FROM skalenetwork/sgxwallet_base:latest FROM skalenetwork/sgxwallet_base:latest
COPY . /usr/src/sdk
WORKDIR /usr/src/sdk WORKDIR /usr/src/sdk
RUN ccache -sz
RUN touch /var/hwmode
COPY *.cpp ./
COPY *.h ./
COPY *.txt ./
COPY *.c ./
COPY *.am ./
COPY *.hpp ./
COPY *.gmp ./
COPY *.ac ./
COPY *.json ./
COPY docker ./docker
COPY build-aux ./build-aux
COPY cert ./cert
COPY jsonrpc ./jsonrpc
COPY autoconf.bash ./
COPY leveldb ./leveldb
COPY m4 ./m4
COPY scripts ./scripts
COPY secure_enclave ./secure_enclave
COPY spdlog ./spdlog
COPY SGXWALLET_VERSION ./
RUN ./autoconf.bash RUN ./autoconf.bash
RUN ./configure RUN ./configure
......
ECDSACrypto.cpp
View file @ 1b65b688
...@@ -32,13 +32,15 @@ ...@@ -32,13 +32,15 @@
#include <random> #include <random>
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h" #include "common.h"
#include "secure_enclave/Verify.h"
#include "BLSCrypto.h" #include "BLSCrypto.h"
#include "ECDSACrypto.h"
#include "ECDSACrypto.h"
string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) { string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) {
...@@ -49,19 +51,19 @@ string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) { ...@@ -49,19 +51,19 @@ string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) {
} }
void fillRandomBuffer(vector<unsigned char>& _buffer) { void fillRandomBuffer(vector<unsigned char> &_buffer) {
ifstream devRandom("/dev/urandom", ios::in|ios::binary); ifstream devRandom("/dev/urandom", ios::in | ios::binary);
devRandom.exceptions(std::ifstream::failbit | std::ifstream::badbit); devRandom.exceptions(ifstream::failbit | ifstream::badbit);
devRandom.read((char*) _buffer.data(), _buffer.size()); devRandom.read((char *) _buffer.data(), _buffer.size());
devRandom.close(); devRandom.close();
} }
std::vector<std::string> genECDSAKey() { vector <string> genECDSAKey() {
vector<char> errMsg(1024, 0); vector<char> errMsg(1024, 0);
int errStatus = 0; int errStatus = 0;
vector<uint8_t> encr_pr_key(1024, 0); vector <uint8_t> encr_pr_key(1024, 0);
vector<char>pub_key_x(1024, 0); vector<char> pub_key_x(1024, 0);
vector<char>pub_key_y(1024, 0); vector<char> pub_key_y(1024, 0);
uint32_t enc_len = 0; uint32_t enc_len = 0;
...@@ -77,18 +79,18 @@ std::vector<std::string> genECDSAKey() { ...@@ -77,18 +79,18 @@ std::vector<std::string> genECDSAKey() {
spdlog::error("RPCException thrown with status {}", status); spdlog::error("RPCException thrown with status {}", status);
throw SGXException(status, errMsg.data()); throw SGXException(status, errMsg.data());
} }
std::vector<std::string> keys(3); vector <string> keys(3);
vector<char> hexEncrKey(BUF_LEN * 2, 0); vector<char> hexEncrKey(BUF_LEN * 2, 0);
carray2Hex(encr_pr_key.data(), enc_len, hexEncrKey.data()); carray2Hex(encr_pr_key.data(), enc_len, hexEncrKey.data());
keys.at(0) = hexEncrKey.data(); keys.at(0) = hexEncrKey.data();
keys.at(1) = std::string(pub_key_x.data()) + std::string(pub_key_y.data()); keys.at(1) = string(pub_key_x.data()) + string(pub_key_y.data());
vector<unsigned char> randBuffer(32,0); vector<unsigned char> randBuffer(32, 0);
fillRandomBuffer(randBuffer); fillRandomBuffer(randBuffer);
vector<char> rand_str(64,0); vector<char> rand_str(64, 0);
carray2Hex(randBuffer.data(), 32, rand_str.data()); carray2Hex(randBuffer.data(), 32, rand_str.data());
...@@ -99,12 +101,12 @@ std::vector<std::string> genECDSAKey() { ...@@ -99,12 +101,12 @@ std::vector<std::string> genECDSAKey() {
return keys; return keys;
} }
std::string getECDSAPubKey(const char *_encryptedKeyHex) { string getECDSAPubKey(const char *_encryptedKeyHex) {
vector<char> errMsg(BUF_LEN, 0); vector<char> errMsg(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0); vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0); vector<char> pubKeyY(BUF_LEN, 0);
vector<uint8_t> encrPrKey(BUF_LEN, 0); vector <uint8_t> encrPrKey(BUF_LEN, 0);
int errStatus = 0; int errStatus = 0;
uint64_t enc_len = 0; uint64_t enc_len = 0;
...@@ -116,76 +118,134 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) { ...@@ -116,76 +118,134 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
if (!encryptKeys) if (!encryptKeys)
status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(), status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(),
pubKeyY.data()); pubKeyY.data());
else status = trustedGetPublicEcdsaKeyAES(eid, &errStatus, else
status = trustedGetPublicEcdsaKeyAES(eid, &errStatus,
errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(), pubKeyY.data()); errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(), pubKeyY.data());
if (errStatus != 0) { if (errStatus != 0) {
throw SGXException(-666, errMsg.data()); throw SGXException(-666, errMsg.data());
} }
string pubKey = string(pubKeyX.data()) + string(pubKeyY.data());//concatPubKeyWith0x(pub_key_x, pub_key_y);// string pubKey = string(pubKeyX.data()) + string(pubKeyY.data());//concatPubKeyWith0x(pub_key_x, pub_key_y);//
spdlog::debug("enc_len is {}", enc_len);
spdlog::debug("pubkey is {}", pubKey);
spdlog::debug("pubkey length is {}", pubKey.length());
spdlog::debug("err str is {}", errMsg.data());
spdlog::debug("err status is {}", errStatus);
if (pubKey.size() != 128) {
spdlog::error("Incorrect pub key size", status);
throw SGXException(666, "Incorrect pub key size");
}
return pubKey; return pubKey;
} }
vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, int base) { bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatureR,
vector<string> signature_vect(3); const char *signatureS) {
char *errMsg = (char *) calloc(1024, 1); bool result = false;
int errStatus = 0;
char *signature_r = (char *) calloc(1024, 1); signature sig = signature_init();
char *signature_s = (char *) calloc(1024, 1);
uint8_t signature_v = 0; auto r = pubKeyStr.substr(0, 64);
uint64_t dec_len = 0; auto s = pubKeyStr.substr(64, 128);
domain_parameters curve = domain_parameters_init();
//uint8_t encr_key[BUF_LEN]; domain_parameters_load_curve(curve, secp256k1);
uint8_t *encr_key = (uint8_t *) calloc(1024, 1); point publicKey = point_init();
if (!hex2carray(encryptedKeyHex, &dec_len, encr_key)) {
throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
mpz_t msgMpz;
mpz_init(msgMpz);
if (mpz_set_str(msgMpz, hashHex, 16) == -1) {
spdlog::error("invalid message hash {}", hashHex);
goto clean;
}
signature_set_str(sig, signatureR, signatureS, 16);
point_set_hex(publicKey, r.c_str(), s.c_str());
if (!signature_verify(msgMpz, sig, publicKey, curve)) {
spdlog::error("ECDSA sig not verified");
goto clean;
} }
result = true;
spdlog::debug("encryptedKeyHex: {}", encryptedKeyHex); clean:
spdlog::debug("HASH: {}", hashHex);
spdlog::debug("encrypted len: {}", dec_len);
mpz_clear(msgMpz);
domain_parameters_clear(curve);
point_clear(publicKey);
signature_free(sig);
if (!encryptKeys) return result;
status = trustedEcdsaSign(eid, &errStatus, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char *) hashHex, signature_r,
signature_s, &signature_v, base); }
else
status = trustedEcdsaSignAES(eid, &errStatus, errMsg, encr_key, dec_len, (unsigned char *) hashHex, signature_r, vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, int base) {
signature_s, &signature_v, base); vector <string> signatureVector(3);
if (errStatus != 0) {
throw SGXException(-666, errMsg); vector<char> errMsg(1024, 0);
int errStatus = 0;
vector<char> signatureR(1024, 0);
vector<char> signatureS(1024, 0);
vector<uint8_t> encryptedKey(1024, 0);
uint8_t signatureV = 0;
uint64_t decLen = 0;
string pubKeyStr = "";
shared_ptr<SGXException> exception = NULL;
if (!hex2carray(encryptedKeyHex, &decLen, encryptedKey.data())) {
exception = make_shared<SGXException>(INVALID_HEX, "Invalid encryptedKeyHex");
goto clean;
} }
pubKeyStr = getECDSAPubKey(encryptedKeyHex);
spdlog::debug("signature r in ecdsa_sign_hash: {}", signature_r);
spdlog::debug("signature s in ecdsa_sign_hash: {}", signature_s); if (!encryptKeys) {
status = trustedEcdsaSign(eid, &errStatus, errMsg.data(),
encryptedKey.data(), ECDSA_ENCR_LEN, (unsigned char *) hashHex,
signatureR.data(),
signatureS.data(), &signatureV, base);
} else
status = trustedEcdsaSignAES(eid, &errStatus,
errMsg.data(), encryptedKey.data(), decLen, (unsigned char *) hashHex,
signatureR.data(),
signatureS.data(), &signatureV, base);
if (errStatus != 0) {
exception = make_shared<SGXException>(666, errMsg.data());
goto clean;
}
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
spdlog::error(" failed to sign "); spdlog::error("failed to sign {}", status);
exception = make_shared<SGXException>(666, "failed to sign");
goto clean;
} }
signature_vect.at(0) = to_string(signature_v); signatureVector.at(0) = to_string(signatureV);
if (base == 16) { if (base == 16) {
signature_vect.at(1) = "0x" + string(signature_r); signatureVector.at(1) = "0x" + string(signatureR.data());
signature_vect.at(2) = "0x" + string(signature_s); signatureVector.at(2) = "0x" + string(signatureS.data());
} else { } else {
signature_vect.at(1) = string(signature_r); signatureVector.at(1) = string(signatureR.data());
signature_vect.at(2) = string(signature_s); signatureVector.at(2) = string(signatureS.data());
} }
free(errMsg); /* Now verify signature */
free(signature_r);
free(signature_s); if (!verifyECDSASig(pubKeyStr, hashHex, signatureR.data(), signatureS.data())) {
free(encr_key); exception = make_shared<SGXException>(667, "ECDSA did not verify");
goto clean;
}
clean:
if (exception)
throw *exception;
return signature_vect; return signatureVector;
} }
\ No newline at end of file
ECDSAImpl.c 0 → 100644
View file @ 1b65b688
#include "secure_enclave/Point.c"
#include "secure_enclave/DomainParameters.c"
#include "secure_enclave/NumberTheory.c"
#include "secure_enclave/Signature.c"
#include "secure_enclave/Curves.c"
\ No newline at end of file
Makefile.am
View file @ 1b65b688
...@@ -10,7 +10,7 @@ include $(top_srcdir)/build-aux/sgx_app.am ...@@ -10,7 +10,7 @@ include $(top_srcdir)/build-aux/sgx_app.am
## ##
## And a pattern rule for building prexoxy functions from EDL files: ## And a pattern rule for building prexoxy functions from EDL files:
## ##
## %_u.h %_u.c: %.edl ## %_u.h %_u.c: %.edl34
## ##
## And sets these Makefile variables: ## And sets these Makefile variables:
## ##
...@@ -33,7 +33,7 @@ SUBDIRS=secure_enclave ...@@ -33,7 +33,7 @@ SUBDIRS=secure_enclave
## ##
## SGX_EDGER8R_FLAGS= ## SGX_EDGER8R_FLAGS=
WALLET_VERSION := $(shell cat VERSION)
## Needed to make our pattern rule work. ## Needed to make our pattern rule work.
...@@ -45,11 +45,11 @@ secure_enclave.edl: secure_enclave/secure_enclave.edl ...@@ -45,11 +45,11 @@ secure_enclave.edl: secure_enclave/secure_enclave.edl
#AM_CPPFLAGS += -g -Og #AM_CPPFLAGS += -g -Og
AM_CFLAGS = -g -Og -rdynamic -Wl,--no-as-needed -lSegFault AM_CFLAGS = -DUSER_SPACE -g -Og -rdynamic -Wl,--no-as-needed -lSegFault -DSGXWALLET_VERSION="$(WALLET_VERSION)"
AM_CXXFLAGS = ${AM_CPPFLAGS} -rdynamic -Wl,--no-as-needed -lSegFault AM_CXXFLAGS = ${AM_CPPFLAGS} -rdynamic -Wl,--no-as-needed -lSegFault -DSGXWALLET_VERSION="$(WALLET_VERSION)"
AM_CPPFLAGS += -Wall -DSKALE_SGX=1 -DBINARY_OUTPUT=1 -Ileveldb/include -IlibBLS/bls -IlibBLS/libff -IlibBLS -fno-builtin-memset $(GMP_CPPFLAGS) -I. -I./libBLS/deps/deps_inst/x86_or_x64/include AM_CPPFLAGS += -DSGXWALLET_VERSION="$(WALLET_VERSION)" -Wall -DSKALE_SGX=1 -DBINARY_OUTPUT=1 -Ileveldb/include -IlibBLS/bls -IlibBLS/libff -IlibBLS -fno-builtin-memset $(GMP_CPPFLAGS) -I. -I./libBLS/deps/deps_inst/x86_or_x64/include
## Additional targets to remove with 'make clean'. You must list ## Additional targets to remove with 'make clean'. You must list
## any edger8r generated files here. ## any edger8r generated files here.
...@@ -67,9 +67,11 @@ bin_PROGRAMS = sgxwallet testw cert_util ...@@ -67,9 +67,11 @@ bin_PROGRAMS = sgxwallet testw cert_util
## have to be explicitly listed. ## have to be explicitly listed.
COMMON_SRC = InvalidStateException.cpp Exception.cpp InvalidArgumentException.cpp Log.cpp \ COMMON_SRC = InvalidStateException.cpp Exception.cpp InvalidArgumentException.cpp Log.cpp \
SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp BLSCrypto.cpp ECDSACrypto.cpp \ SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp BLSCrypto.cpp \
ECDSACrypto.cpp \
DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp \ DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp \
sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c \
ECDSAImpl.c
COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h
sgxwallet_SOURCES = sgxwallet.c $(COMMON_SRC) sgxwallet_SOURCES = sgxwallet.c $(COMMON_SRC)
......
SGXWALLET_VERSION deleted 100644 → 0
View file @ 1aedf162
#define SGXWALLET_VERSION "1.49.5"
SGXWalletServer.cpp
View file @ 1b65b688
...@@ -212,15 +212,15 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin ...@@ -212,15 +212,15 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin
if (!checkName(_keyShareName, "BLS_KEY")) { if (!checkName(_keyShareName, "BLS_KEY")) {
throw SGXException(INVALID_POLY_NAME, "Invalid BLSKey name"); throw SGXException(INVALID_POLY_NAME, "Invalid BLSKey name");
} }
string cutHash = _messageHash; string hashTmp = _messageHash;
if (cutHash[0] == '0' && (cutHash[1] == 'x' || cutHash[1] == 'X')) { if (hashTmp[0] == '0' && (hashTmp[1] == 'x' || hashTmp[1] == 'X')) {
cutHash.erase(cutHash.begin(), cutHash.begin() + 2); hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 2);
} }
while (cutHash[0] == '0') { while (hashTmp[0] == '0') {
cutHash.erase(cutHash.begin(), cutHash.begin() + 1); hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 1);
} }
if (!checkHex(cutHash)) { if (!checkHex(hashTmp)) {
throw SGXException(INVALID_HEX, "Invalid hash"); throw SGXException(INVALID_HEX, "Invalid hash");
} }
...@@ -318,10 +318,10 @@ Json::Value SGXWalletServer::renameECDSAKeyImpl(const string &_keyName, const st ...@@ -318,10 +318,10 @@ Json::Value SGXWalletServer::renameECDSAKeyImpl(const string &_keyName, const st
throw SGXException(UNKNOWN_ERROR, "invalid key name"); throw SGXException(UNKNOWN_ERROR, "invalid key name");
} }
shared_ptr <string> key_ptr = readFromDb(_tempKeyName); shared_ptr <string> encryptedKey = readFromDb(_tempKeyName);
writeDataToDB(_keyName, *key_ptr); writeDataToDB(_keyName, *encryptedKey);
LevelDB::getLevelDb()->deleteTempNEK(_tempKeyName); LevelDB::getLevelDb()->deleteTempNEK(_tempKeyName);
} HANDLE_SGX_EXCEPTION(result) } HANDLE_SGX_EXCEPTION(result)
...@@ -339,40 +339,40 @@ Json::Value SGXWalletServer::ecdsaSignMessageHashImpl(int _base, const string &_ ...@@ -339,40 +339,40 @@ Json::Value SGXWalletServer::ecdsaSignMessageHashImpl(int _base, const string &_
result["signature_r"] = ""; result["signature_r"] = "";
result["signature_s"] = ""; result["signature_s"] = "";
vector <string> sign_vect(3); vector <string> signatureVector(3);
try { try {
string cutHash = _messageHash; string hashTmp = _messageHash;
if (cutHash[0] == '0' && (cutHash[1] == 'x' || cutHash[1] == 'X')) { if (hashTmp[0] == '0' && (hashTmp[1] == 'x' || hashTmp[1] == 'X')) {
cutHash.erase(cutHash.begin(), cutHash.begin() + 2); hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 2);
} }
while (cutHash[0] == '0') { while (hashTmp[0] == '0') {
cutHash.erase(cutHash.begin(), cutHash.begin() + 1); hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 1);
} }
if (!checkECDSAKeyName(_keyName)) { if (!checkECDSAKeyName(_keyName)) {
throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name"); throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
} }
if (!checkHex(cutHash)) { if (!checkHex(hashTmp)) {
throw SGXException(INVALID_HEX, "Invalid hash"); throw SGXException(INVALID_HEX, "Invalid hash");
} }
if (_base <= 0 || _base > 32) { if (_base <= 0 || _base > 32) {
throw SGXException(-22, "Invalid base"); throw SGXException(-22, "Invalid base");
} }
shared_ptr <string> key_ptr = readFromDb(_keyName, ""); shared_ptr <string> encryptedKey = readFromDb(_keyName, "");
sign_vect = ecdsaSignHash(key_ptr->c_str(), cutHash.c_str(), _base); signatureVector = ecdsaSignHash(encryptedKey->c_str(), hashTmp.c_str(), _base);
if (sign_vect.size() != 3) { if (signatureVector.size() != 3) {
throw SGXException(INVALID_ECSDA_SIGNATURE, "Invalid ecdsa signature"); throw SGXException(INVALID_ECSDA_SIGNATURE, "Invalid ecdsa signature");
} }
spdlog::debug("got signature_s {}", sign_vect.at(2)); spdlog::debug("got signature_s {}", signatureVector.at(2));
result["signature_v"] = sign_vect.at(0); result["signature_v"] = signatureVector.at(0);
result["signature_r"] = sign_vect.at(1); result["signature_r"] = signatureVector.at(1);
result["signature_s"] = sign_vect.at(2); result["signature_s"] = signatureVector.at(2);
} HANDLE_SGX_EXCEPTION(result) } HANDLE_SGX_EXCEPTION(result)
...@@ -443,14 +443,14 @@ Json::Value SGXWalletServer::getVerificationVectorImpl(const string &_polyName, ...@@ -443,14 +443,14 @@ Json::Value SGXWalletServer::getVerificationVectorImpl(const string &_polyName,
throw SGXException(INVALID_DKG_PARAMS, "Invalid parameters: n or t "); throw SGXException(INVALID_DKG_PARAMS, "Invalid parameters: n or t ");
} }
shared_ptr <string> encr_poly_ptr = readFromDb(_polyName); shared_ptr<string> encrPoly = readFromDb(_polyName);
verifVector = get_verif_vect(encr_poly_ptr->c_str(), _t, _n); verifVector = get_verif_vect(encrPoly->c_str(), _t, _n);
for (int i = 0; i < _t; i++) { for (int i = 0; i < _t; i++) {
vector <string> cur_coef = verifVector.at(i); vector <string> currentCoef = verifVector.at(i);
for (int j = 0; j < 4; j++) { for (int j = 0; j < 4; j++) {
result["verificationVector"][i][j] = cur_coef.at(j); result["verificationVector"][i][j] = currentCoef.at(j);
} }
} }
...@@ -480,7 +480,7 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J ...@@ -480,7 +480,7 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J
throw SGXException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t "); throw SGXException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
} }
shared_ptr <string> encr_poly_ptr = readFromDb(_polyName); shared_ptr <string> encrPoly = readFromDb(_polyName);
vector <string> pubKeysStrs; vector <string> pubKeysStrs;
for (int i = 0; i < _n; i++) { for (int i = 0; i < _n; i++) {
...@@ -490,7 +490,7 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J ...@@ -490,7 +490,7 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J
pubKeysStrs.push_back(_pubKeys[i].asString()); pubKeysStrs.push_back(_pubKeys[i].asString());
} }
string s = trustedGetSecretShares(_polyName, encr_poly_ptr->c_str(), pubKeysStrs, _t, _n); string s = trustedGetSecretShares(_polyName, encrPoly->c_str(), pubKeysStrs, _t, _n);
//cerr << "result is " << s << endl; //cerr << "result is " << s << endl;
result["secretShare"] = s; result["secretShare"] = s;
...@@ -678,12 +678,10 @@ Json::Value SGXWalletServer::getServerStatusImpl() { ...@@ -678,12 +678,10 @@ Json::Value SGXWalletServer::getServerStatusImpl() {
return result; return result;
} }
Json::Value SGXWalletServer::getServerVersionImpl() {
Json::Value SGXWalletServer::getServerVersionImpl() {
INIT_RESULT(result) INIT_RESULT(result)
result["version"] = TOSTRING(SGXWALLET_VERSION);
result["version"] = SGXWALLET_VERSION;
return result; return result;
} }
......
SGXWalletServer.hpp
View file @ 1b65b688
...@@ -33,8 +33,13 @@ ...@@ -33,8 +33,13 @@
using namespace jsonrpc; using namespace jsonrpc;
using namespace std; using namespace std;
#define STRINGIFY(x) #x
#define TOSTRING(x) STRINGIFY(x)
class SGXWalletServer : public AbstractStubServer { class SGXWalletServer : public AbstractStubServer {
recursive_mutex m; recursive_mutex m;
static shared_ptr<SGXWalletServer> server; static shared_ptr<SGXWalletServer> server;
...@@ -42,6 +47,11 @@ class SGXWalletServer : public AbstractStubServer { ...@@ -42,6 +47,11 @@ class SGXWalletServer : public AbstractStubServer {
public: public:
static const char* getVersion() {
return TOSTRING(SGXWALLET_VERSION);
}
SGXWalletServer(AbstractServerConnector &_connector, serverVersion_t _type); SGXWalletServer(AbstractServerConnector &_connector, serverVersion_t _type);
virtual Json::Value virtual Json::Value
......
ServerInit.cpp
View file @ 1b65b688
...@@ -111,7 +111,7 @@ void initAll(uint32_t _logLevel, bool _checkCert, bool _autoSign) { ...@@ -111,7 +111,7 @@ void initAll(uint32_t _logLevel, bool _checkCert, bool _autoSign) {
static int sgxServerInited; static int sgxServerInited;
cout << "Running sgxwallet version:" << SGXWALLET_VERSION << endl; cout << "Running sgxwallet version:" << SGXWalletServer::getVersion() << endl;
CHECK_STATE(sgxServerInited == 0) CHECK_STATE(sgxServerInited == 0)
sgxServerInited = 1; sgxServerInited = 1;
......
ServerInit.h
View file @ 1b65b688
...@@ -25,7 +25,6 @@ ...@@ -25,7 +25,6 @@
#define SGXWALLET_SERVERINIT_H #define SGXWALLET_SERVERINIT_H
#include "stdint.h" #include "stdint.h"
#include "SGXWALLET_VERSION"
#ifdef __cplusplus #ifdef __cplusplus
#define EXTERNC extern "C" #define EXTERNC extern "C"
......
VERSION
View file @ 1b65b688
1.49 1.50.2
\ No newline at end of file \ No newline at end of file
common.h
View file @ 1b65b688
...@@ -16,7 +16,7 @@ ...@@ -16,7 +16,7 @@
You should have received a copy of the GNU Affero General Public License You should have received a copy of the GNU Affero General Public License
along with sgxwallet. If not, see <https://www.gnu.org/licenses/>. along with sgxwallet. If not, see <https://www.gnu.org/licenses/>.
@file BLSEnclave.cpp @file common.h
@author Stan Kladko @author Stan Kladko
@date 2020 @date 2020
*/ */
...@@ -34,10 +34,13 @@ using namespace std; ...@@ -34,10 +34,13 @@ using namespace std;
#include <gmp.h>
#include "secure_enclave/Verify.h"
#include "InvalidStateException.h" #include "InvalidStateException.h"
#define SAFE_FREE(__POINTER__) {if (__POINTER__) {free(__POINTER__); __POINTER__ = NULL;}}
inline std::string className(const std::string &prettyFunction) { inline std::string className(const std::string &prettyFunction) {
size_t colons = prettyFunction.find("::"); size_t colons = prettyFunction.find("::");
if (colons == std::string::npos) if (colons == std::string::npos)
......
secure_enclave/Curves.c
View file @ 1b65b688
...@@ -24,7 +24,13 @@ ...@@ -24,7 +24,13 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <stdbool.h> #include <stdbool.h>
#ifdef USER_SPACE
#include <gmp.h>
#else
#include <../tgmp-build/include/sgx_tgmp.h> #include <../tgmp-build/include/sgx_tgmp.h>
#endif
#include "DomainParameters.h" #include "DomainParameters.h"
#include "Curves.h" #include "Curves.h"
#include "Point.h" #include "Point.h"
......
secure_enclave/Curves.h
View file @ 1b65b688
...@@ -25,6 +25,12 @@ ...@@ -25,6 +25,12 @@
#ifndef SGXWALLET_CURVES_H #ifndef SGXWALLET_CURVES_H
#define SGXWALLET_CURVES_H #define SGXWALLET_CURVES_H
#ifdef __cplusplus
#define EXTERNC extern "C"
#else
#define EXTERNC
#endif
/*Curves that can be loaded using domain_parameters_load_curve()*/ /*Curves that can be loaded using domain_parameters_load_curve()*/
typedef enum { secp112r1 = 0, typedef enum { secp112r1 = 0,
...@@ -47,7 +53,7 @@ typedef enum { secp112r1 = 0, ...@@ -47,7 +53,7 @@ typedef enum { secp112r1 = 0,
#define NUMBER_OF_CURVES (secp521r1+1) #define NUMBER_OF_CURVES (secp521r1+1)
/*Load a curve depending on it's curve number, defined by the enum*/ /*Load a curve depending on it's curve number, defined by the enum*/
void domain_parameters_load_curve(domain_parameters out, curve_list curve); EXTERNC void domain_parameters_load_curve(domain_parameters out, curve_list curve);
/* REMARK: /* REMARK:
For some weird reason secp112r2 and secp128r2 doesn't want to be stable. Actually they work once in a while. However running the benchmark command gives -1 as operation time, sometimes and only sometimes! For some weird reason secp112r2 and secp128r2 doesn't want to be stable. Actually they work once in a while. However running the benchmark command gives -1 as operation time, sometimes and only sometimes!
......
secure_enclave/DHDkg.c
View file @ 1b65b688
...@@ -23,7 +23,11 @@ ...@@ -23,7 +23,11 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdbool.h> #include <stdbool.h>
#ifdef USER_SPACE
#include <gmp.h>
#else
#include <../tgmp-build/include/sgx_tgmp.h> #include <../tgmp-build/include/sgx_tgmp.h>
#endif
#include "DomainParameters.h" #include "DomainParameters.h"
#include "Curves.h" #include "Curves.h"
......
secure_enclave/DKGUtils.cpp
View file @ 1b65b688
...@@ -23,7 +23,12 @@ ...@@ -23,7 +23,12 @@
#include "DKGUtils.h" #include "DKGUtils.h"
#include <sgx_tgmp.h> #ifdef USER_SPACE
#include <gmp.h>
#else
#include <../tgmp-build/include/sgx_tgmp.h>
#endif
#include <../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp> #include <../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp>
#include <../trusted_libff/libff/algebra/fields/fp.hpp> #include <../trusted_libff/libff/algebra/fields/fp.hpp>
......
secure_enclave/DKGUtils.h
View file @ 1b65b688
...@@ -30,7 +30,12 @@ ...@@ -30,7 +30,12 @@
#define EXTERNC #define EXTERNC
#endif #endif
#include <sgx_tgmp.h> #ifdef USER_SPACE
#include <gmp.h>
#else
#include <../tgmp-build/include/sgx_tgmp.h>
#endif
EXTERNC int gen_dkg_poly( char* secret, unsigned _t); EXTERNC int gen_dkg_poly( char* secret, unsigned _t);
......
secure_enclave/DomainParameters.c
View file @ 1b65b688
...@@ -21,7 +21,12 @@ ...@@ -21,7 +21,12 @@
@date 2019 @date 2019
*/ */
#ifdef USER_SPACE
#include <gmp.h>
#else
#include <../tgmp-build/include/sgx_tgmp.h> #include <../tgmp-build/include/sgx_tgmp.h>
#endif
#include <stdlib.h> #include <stdlib.h>
#include <stdbool.h> #include <stdbool.h>
#include <string.h> #include <string.h>
......
secure_enclave/DomainParameters.h
View file @ 1b65b688
...@@ -23,6 +23,11 @@ ...@@ -23,6 +23,11 @@
#ifndef SGXWALLET_DOMAINPARAMETERS_H #ifndef SGXWALLET_DOMAINPARAMETERS_H
#define SGXWALLET_DOMAINPARAMETERS_H #define SGXWALLET_DOMAINPARAMETERS_H
#ifdef __cplusplus
#define EXTERNC extern "C"
#else
#define EXTERNC
#endif
/*Type that represents a point*/ /*Type that represents a point*/
typedef struct point_s* point; typedef struct point_s* point;
...@@ -48,13 +53,13 @@ struct domain_parameters_s ...@@ -48,13 +53,13 @@ struct domain_parameters_s
}; };
/*Initialize a curve*/ /*Initialize a curve*/
domain_parameters domain_parameters_init(); EXTERNC domain_parameters domain_parameters_init();
/*Sets the name of a curve*/ /*Sets the name of a curve*/
void domain_parameters_set_name(domain_parameters curve, char* name); EXTERNC void domain_parameters_set_name(domain_parameters curve, char* name);
/*Set domain parameters from decimal unsigned long ints*/ /*Set domain parameters from decimal unsigned long ints*/
void domain_parameters_set_ui(domain_parameters curve, EXTERNC void domain_parameters_set_ui(domain_parameters curve,
char* name, char* name,
unsigned long int p, unsigned long int p,
unsigned long int a, unsigned long int a,
...@@ -65,9 +70,9 @@ void domain_parameters_set_ui(domain_parameters curve, ...@@ -65,9 +70,9 @@ void domain_parameters_set_ui(domain_parameters curve,
unsigned long int h); unsigned long int h);
/*Set domain parameters from hexadecimal string*/ /*Set domain parameters from hexadecimal string*/
void domain_parameters_set_hex(domain_parameters curve, char* name, char* p, char* a, char* b, char* Gx, char* Gy, char* n, char* h); EXTERNC void domain_parameters_set_hex(domain_parameters curve, char* name, char* p, char* a, char* b, char* Gx, char* Gy, char* n, char* h);
/*Release memory*/ /*Release memory*/
void domain_parameters_clear(domain_parameters curve); EXTERNC void domain_parameters_clear(domain_parameters curve);
#endif #endif
\ No newline at end of file
secure_enclave/EnclaveCommon.cpp
View file @ 1b65b688
...@@ -298,7 +298,7 @@ void logMsg(log_level _level, char* _msg) { ...@@ -298,7 +298,7 @@ void logMsg(log_level _level, char* _msg) {
EXTERNC void LOG_INFO(char* _msg) { EXTERNC void LOG_INFO(char* _msg) {
logMsg(L_INFO, _msg); logMsg(L_INFO, _msg);
}; };
EXTERNC void LOG_WARNING(char* _msg) { EXTERNC void LOG_WARN(char* _msg) {
logMsg(L_WARNING, _msg); logMsg(L_WARNING, _msg);
}; };
......
secure_enclave/EnclaveCommon.h
View file @ 1b65b688
...@@ -53,7 +53,7 @@ EXTERNC void enclave_init(); ...@@ -53,7 +53,7 @@ EXTERNC void enclave_init();
EXTERNC void LOG_INFO(char* msg); EXTERNC void LOG_INFO(char* msg);
EXTERNC void LOG_WARNING(char* _msg); EXTERNC void LOG_WARN(char* _msg);
EXTERNC void LOG_ERROR(char* _msg); EXTERNC void LOG_ERROR(char* _msg);
EXTERNC void LOG_DEBUG(char* _msg); EXTERNC void LOG_DEBUG(char* _msg);
EXTERNC void LOG_TRACE(char* _msg); EXTERNC void LOG_TRACE(char* _msg);
......
secure_enclave/NumberTheory.c
View file @ 1b65b688
...@@ -23,8 +23,14 @@ ...@@ -23,8 +23,14 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <../tgmp-build/include/sgx_tgmp.h>
#include <stdbool.h> #include <stdbool.h>
#ifdef USER_SPACE
#include <gmp.h>
#else
#include <../tgmp-build/include/sgx_tgmp.h>
#endif
#include "NumberTheory.h" #include "NumberTheory.h"
/*Calculate R = a^k mod P, using repeated square-and-multiply algorithm /*Calculate R = a^k mod P, using repeated square-and-multiply algorithm
......
secure_enclave/Point.c
View file @ 1b65b688
...@@ -23,11 +23,16 @@ ...@@ -23,11 +23,16 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <../tgmp-build/include/sgx_tgmp.h>
#include <string.h> #include <string.h>
#include <assert.h> #include <assert.h>
#include <stdbool.h> #include <stdbool.h>
#ifdef USER_SPACE
#include <gmp.h>
#else
#include <../tgmp-build/include/sgx_tgmp.h>
#endif
#include "NumberTheory.h" #include "NumberTheory.h"
#include "DomainParameters.h" #include "DomainParameters.h"
...@@ -77,14 +82,14 @@ void point_set(point R, point P) ...@@ -77,14 +82,14 @@ void point_set(point R, point P)
} }
/*Set point from strings of a base from 2-62*/ /*Set point from strings of a base from 2-62*/
void point_set_str(point p, char *x, char *y, int base) void point_set_str(point p, const char *x, const char *y, int base)
{ {
mpz_set_str(p->x, x, base); mpz_set_str(p->x, x, base);
mpz_set_str(p->y, y, base); mpz_set_str(p->y, y, base);
} }
/*Set point from hexadecimal strings*/ /*Set point from hexadecimal strings*/
void point_set_hex(point p, char *x, char *y) void point_set_hex(point p, const char *x, const char *y)
{ {
point_set_str(p,x,y,16); point_set_str(p,x,y,16);
} }
......
secure_enclave/Point.h
View file @ 1b65b688
...@@ -26,56 +26,58 @@ ...@@ -26,56 +26,58 @@
#define SGXWALLET_POINT_H #define SGXWALLET_POINT_H
#include "DomainParameters.h" #include "DomainParameters.h"
/*Initialize a point*/ /*Initialize a point*/
point point_init(); EXTERNC point point_init();
/*Release point*/ /*Release point*/
void point_clear(point p); EXTERNC void point_clear(point p);
/*Set point to be a infinity*/ /*Set point to be a infinity*/
void point_at_infinity(point p); EXTERNC void point_at_infinity(point p);
/*Set R to the additive inverse of P, in the curve curve*/ /*Set R to the additive inverse of P, in the curve curve*/
void point_inverse(point R, point P, domain_parameters curve); EXTERNC void point_inverse(point R, point P, domain_parameters curve);
/*Print point to standart output stream*/ /*Print point to standart output stream*/
void point_print(point p); EXTERNC void point_print(point p);
/*Set point from hexadecimal strings*/ /*Set point from hexadecimal strings*/
void point_set_hex(point p, char *x, char *y); EXTERNC void point_set_hex(point p, const char *x, const char *y);
/*Set point from decimal unsigned long ints*/ /*Set point from decimal unsigned long ints*/
void point_set_ui(point p, unsigned long int x, unsigned long int y); EXTERNC void point_set_ui(point p, unsigned long int x, unsigned long int y);
/*Addition of point P + Q = result*/ /*Addition of point P + Q = result*/
void point_addition(point result, point P, point Q, domain_parameters curve); EXTERNC void point_addition(point result, point P, point Q, domain_parameters curve);
/*Set point R = 2P*/ /*Set point R = 2P*/
void point_doubling(point R, point P, domain_parameters curve); EXTERNC void point_doubling(point R, point P, domain_parameters curve);
/*Perform scalar multiplication to P, with the factor multiplier, over the curve curve*/ /*Perform scalar multiplication to P, with the factor multiplier, over the curve curve*/
void point_multiplication(point R, mpz_t multiplier, point P, domain_parameters curve); EXTERNC void point_multiplication(point R, mpz_t multiplier, point P, domain_parameters curve);
/*Set point from strings of a base from 2-62*/ /*Set point from strings of a base from 2-62*/
void point_set_str(point p, char *x, char *y, int base); EXTERNC void point_set_str(point p, const char *x, const char *y, int base);
/*Compare two points return 1 if not the same, returns 0 if they are the same*/ /*Compare two points return 1 if not the same, returns 0 if they are the same*/
bool point_cmp(point P, point Q); EXTERNC bool point_cmp(point P, point Q);
/*Decompress a point from hexadecimal representation /*Decompress a point from hexadecimal representation
*This function is implemented as specified in SEC 1: Elliptic Curve Cryptography, section 2.3.4.*/ *This function is implemented as specified in SEC 1: Elliptic Curve Cryptography, section 2.3.4.*/
void point_decompress(point P, char* zPoint, domain_parameters curve); EXTERNC void point_decompress(point P, char* zPoint, domain_parameters curve);
/*Compress a point to hexadecimal string /*Compress a point to hexadecimal string
*This function is implemented as specified in SEC 1: Elliptic Curve Cryptography, section 2.3.3.*/ *This function is implemented as specified in SEC 1: Elliptic Curve Cryptography, section 2.3.3.*/
char* point_compress(point P); EXTERNC char* point_compress(point P);
/*Make R a copy of P*/ /*Make R a copy of P*/
void point_copy(point R, point P); EXTERNC void point_copy(point R, point P);
/*Set a point from another point*/ /*Set a point from another point*/
void point_set(point R, point P); EXTERNC void point_set(point R, point P);
#endif #endif
\ No newline at end of file
secure_enclave/Signature.c
View file @ 1b65b688
...@@ -23,9 +23,17 @@ ...@@ -23,9 +23,17 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <../tgmp-build/include/sgx_tgmp.h>
#include <stdbool.h> #include <stdbool.h>
#include <assert.h> #include <assert.h>
#ifdef USER_SPACE
#include <gmp.h>
#else
#include <../tgmp-build/include/sgx_tgmp.h>
#endif
#include "DomainParameters.h" #include "DomainParameters.h"
#include "Point.h" #include "Point.h"
#include "NumberTheory.h" #include "NumberTheory.h"
...@@ -51,13 +59,13 @@ void signature_print(signature sig) { ...@@ -51,13 +59,13 @@ void signature_print(signature sig) {
} }
/*Set signature from strings of a base from 2-62*/ /*Set signature from strings of a base from 2-62*/
void signature_set_str(signature sig, char *r, char *s, int base) { void signature_set_str(signature sig, const char *r, const char *s, int base) {
mpz_set_str(sig->r, r, base); mpz_set_str(sig->r, r, base);
mpz_set_str(sig->s, s, base); mpz_set_str(sig->s, s, base);
} }
/*Set signature from hexadecimal strings*/ /*Set signature from hexadecimal strings*/
void signature_set_hex(signature sig, char *r, char *s) { void signature_set_hex(signature sig, const char *r, const char *s) {
signature_set_str(sig, r, s, 16); signature_set_str(sig, r, s, 16);
} }
...@@ -84,6 +92,7 @@ void signature_extract_public_key(point public_key, mpz_t private_key, domain_pa ...@@ -84,6 +92,7 @@ void signature_extract_public_key(point public_key, mpz_t private_key, domain_pa
point_multiplication(public_key, private_key, curve->G, curve); point_multiplication(public_key, private_key, curve->G, curve);
} }
#ifndef USER_SPACE
/*Generate signature for a message*/ /*Generate signature for a message*/
void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve) { void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve) {
//message must not have a bit length longer than that of n //message must not have a bit length longer than that of n
...@@ -171,13 +180,26 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para ...@@ -171,13 +180,26 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para
} }
#endif
/*Release signature*/
void signature_free(signature sig) {
mpz_clear(sig->r);
mpz_clear(sig->s);
free(sig);
}
/*Verify the integrity of a message using it's signature*/ /*Verify the integrity of a message using it's signature*/
bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve) { bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve) {
//Initialize variables //Initialize variables
mpz_t one, w, u1, u2, t, tt2; mpz_t one, w, u1, u2, t, tt2;
mpz_init(one); mpz_init(w); mpz_init(u1); mpz_init(one);
mpz_init(u2); mpz_init(t); mpz_init(tt2); mpz_init(w);
mpz_init(u1);
mpz_init(u2);
mpz_init(t);
mpz_init(tt2);
mpz_set_ui(one, 1); mpz_set_ui(one, 1);
...@@ -224,15 +246,15 @@ bool signature_verify(mpz_t message, signature sig, point public_key, domain_par ...@@ -224,15 +246,15 @@ bool signature_verify(mpz_t message, signature sig, point public_key, domain_par
point_clear(t1); point_clear(t1);
point_clear(t2); point_clear(t2);
mpz_clear(one); mpz_clear(w); mpz_clear(u1); mpz_clear(u2); mpz_clear(t); mpz_clear(one);
mpz_clear(w);
mpz_clear(u1);
mpz_clear(u2);
mpz_clear(t);
mpz_clear(tt2); mpz_clear(tt2);
return result; return result;
}
/*Release signature*/
void signature_free(signature sig) {
mpz_clear(sig->r);
mpz_clear(sig->s);
free(sig);
} }
secure_enclave/Signature.h
View file @ 1b65b688
...@@ -24,6 +24,12 @@ ...@@ -24,6 +24,12 @@
#ifndef SGXWALLET_SIGNATURE_H #ifndef SGXWALLET_SIGNATURE_H
#define SGXWALLET_SIGNATURE_H #define SGXWALLET_SIGNATURE_H
#ifdef __cplusplus
#define EXTERNC extern "C"
#else
#define EXTERNC
#endif
/*Type for representing a signature*/ /*Type for representing a signature*/
struct signature_s struct signature_s
{ {
...@@ -35,36 +41,36 @@ struct signature_s ...@@ -35,36 +41,36 @@ struct signature_s
typedef struct signature_s* signature; typedef struct signature_s* signature;
/*Initialize a signature*/ /*Initialize a signature*/
signature signature_init(); EXTERNC signature signature_init();
/*Set signature from strings of a base from 2-62*/ /*Set signature from strings of a base from 2-62*/
void signature_set_str(signature sig, char *r, char *s, int base); EXTERNC void signature_set_str(signature sig, const char *r, const char *s, int base);
/*Set signature from hexadecimal strings*/ /*Set signature from hexadecimal strings*/
void signature_set_hex(signature sig, char *r, char *s); EXTERNC void signature_set_hex(signature sig, const char *r, const char *s);
/*Set signature from decimal unsigned long ints*/ /*Set signature from decimal unsigned long ints*/
void signature_set_ui(signature sig, unsigned long int r, unsigned long int s); EXTERNC void signature_set_ui(signature sig, unsigned long int r, unsigned long int s);
/*Print signature to standart output stream*/ /*Print signature to standart output stream*/
void signature_print(signature sig); EXTERNC void signature_print(signature sig);
/*Make R a copy of P*/ /*Make R a copy of P*/
void signature_copy(signature R, signature sig); EXTERNC void signature_copy(signature R, signature sig);
/*Compare two signatures return 1 if not the same, returns 0 if they are the same*/ /*Compare two signatures return 1 if not the same, returns 0 if they are the same*/
bool signature_cmp(signature sig1, signature sig2); EXTERNC bool signature_cmp(signature sig1, signature sig2);
/*Release signature*/ /*Release signature*/
void signature_free(signature sig); EXTERNC void signature_free(signature sig);
/*Generates a public key for a private key*/ /*Generates a public key for a private key*/
void signature_extract_public_key(point public_key, mpz_t private_key, domain_parameters curve); EXTERNC void signature_extract_public_key(point public_key, mpz_t private_key, domain_parameters curve);
/*Generate signature for a message*/ /*Generate signature for a message*/
void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve); EXTERNC void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve);
/*Verify the integrity of a message using it's signature*/ /*Verify the integrity of a message using it's signature*/
bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve); EXTERNC bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve);
#endif #endif
secure_enclave/Verify.h 0 → 100644
View file @ 1b65b688
/*
Copyright (C) 2019-Present SKALE Labs
This file is part of sgxwallet.
sgxwallet is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
sgxwallet is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with sgxwallet. If not, see <https://www.gnu.org/licenses/>.
@file Verify.h
@author Stan Kladko
@date 2020
*/
#ifndef SGXWALLET_VERIFY_H
#define SGXWALLET_VERIFY_H
#define USER_SPACE 1
#include "secure_enclave/Point.h"
#include "secure_enclave/DomainParameters.h"
#include "secure_enclave/NumberTheory.h"
#include "secure_enclave/Signature.h"
#include "secure_enclave/Curves.h"
#endif //SGXWALLET_VERIFY_H
secure_enclave/secure_enclave.c
View file @ 1b65b688
...@@ -137,8 +137,8 @@ void trustedEMpzDiv(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {} ...@@ -137,8 +137,8 @@ void trustedEMpzDiv(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void trustedEMpfDiv(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {} void trustedEMpfDiv(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {}
void trustedGenerateEcdsaKey(int *errStatus, char *err_string, void trustedGenerateEcdsaKey(int *errStatus, char *errString,
uint8_t *encrypted_key, uint32_t *enc_len, char *pub_key_x, char *pub_key_y) { uint8_t *encryptedPrivateKey, uint32_t *enc_len, char *pub_key_x, char *pub_key_y) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -174,10 +174,10 @@ void trustedGenerateEcdsaKey(int *errStatus, char *err_string, ...@@ -174,10 +174,10 @@ void trustedGenerateEcdsaKey(int *errStatus, char *err_string,
uint8_t base = 16; uint8_t base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2; int len = mpz_sizeinbase(Pkey->x, base) + 2;
//snprintf(err_string, BUF_LEN, "len = %d\n", len); //snprintf(errString, BUF_LEN, "len = %d\n", len);
char arr_x[len]; char arr_x[len];
char *px = mpz_get_str(arr_x, base, Pkey->x); char *px = mpz_get_str(arr_x, base, Pkey->x);
//snprintf(err_string, BUF_LEN, "arr=%p px=%p\n", arr_x, px); //snprintf(errString, BUF_LEN, "arr=%p px=%p\n", arr_x, px);
int n_zeroes = 64 - strlen(arr_x); int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) { for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0'; pub_key_x[i] = '0';
...@@ -194,14 +194,14 @@ void trustedGenerateEcdsaKey(int *errStatus, char *err_string, ...@@ -194,14 +194,14 @@ void trustedGenerateEcdsaKey(int *errStatus, char *err_string,
strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes); strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes);
char skey_str[mpz_sizeinbase(skey, ECDSA_SKEY_BASE) + 2]; char skey_str[mpz_sizeinbase(skey, ECDSA_SKEY_BASE) + 2];
char *s = mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey); char *s = mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey);
snprintf(err_string, BUF_LEN, "skey is %s len %d\n", skey_str, strlen(skey_str)); snprintf(errString, BUF_LEN, "skey is %s len %d\n", skey_str, strlen(skey_str));
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN); uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
sgx_status_t status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t *) skey_str, sealedLen, sgx_status_t status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t *) skey_str, sealedLen,
(sgx_sealed_data_t *) encrypted_key); (sgx_sealed_data_t *) encryptedPrivateKey);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "seal ecsdsa private key failed"); snprintf(errString, BUF_LEN, "seal ecsdsa private key failed");
*errStatus = status; *errStatus = status;
return; return;
} }
...@@ -214,8 +214,8 @@ void trustedGenerateEcdsaKey(int *errStatus, char *err_string, ...@@ -214,8 +214,8 @@ void trustedGenerateEcdsaKey(int *errStatus, char *err_string,
} }
void trustedGetPublicEcdsaKey(int *errStatus, char *err_string, void trustedGetPublicEcdsaKey(int *errStatus, char *errString,
uint8_t *encrypted_key, uint32_t dec_len, char *pub_key_x, char *pub_key_y) { uint8_t *encryptedPrivateKey, uint32_t dec_len, char *pub_key_x, char *pub_key_y) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -225,36 +225,36 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *err_string, ...@@ -225,36 +225,36 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *err_string,
char skey[ECDSA_SKEY_LEN]; char skey[ECDSA_SKEY_LEN];
sgx_status_t status = sgx_unseal_data( sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, (uint8_t *) skey, &dec_len); (const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) skey, &dec_len);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed with status %d", status); snprintf(errString, BUF_LEN, "sgx_unseal_data failed with status %d", status);
*errStatus = status; *errStatus = status;
return; return;
} }
//strncpy(err_string, skey, 1024); //strncpy(errString, skey, 1024);
mpz_t skey_mpz; mpz_t privateKeyMpz;
mpz_init(skey_mpz); mpz_init(privateKeyMpz);
// mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey); // mpz_import(privateKeyMpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
if (mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE) == -1) { if (mpz_set_str(privateKeyMpz, skey, ECDSA_SKEY_BASE) == -1) {
snprintf(err_string, BUF_LEN, "wrong string to init private key"); snprintf(errString, BUF_LEN, "wrong string to init private key");
*errStatus = -10; *errStatus = -10;
mpz_clear(skey_mpz); mpz_clear(privateKeyMpz);
return; return;
} }
//Public key //Public key
point Pkey = point_init(); point Pkey = point_init();
signature_extract_public_key(Pkey, skey_mpz, curve); signature_extract_public_key(Pkey, privateKeyMpz, curve);
point Pkey_test = point_init(); point Pkey_test = point_init();
point_multiplication(Pkey_test, skey_mpz, curve->G, curve); point_multiplication(Pkey_test, privateKeyMpz, curve->G, curve);
if (!point_cmp(Pkey, Pkey_test)) { if (!point_cmp(Pkey, Pkey_test)) {
snprintf(err_string, BUF_LEN, "Points are not equal"); snprintf(errString, BUF_LEN, "Points are not equal");
*errStatus = -11; *errStatus = -11;
return; return;
} }
...@@ -262,10 +262,10 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *err_string, ...@@ -262,10 +262,10 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *err_string,
int base = 16; int base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2; int len = mpz_sizeinbase(Pkey->x, base) + 2;
//snprintf(err_string, BUF_LEN, "len = %d\n", len); //snprintf(errString, BUF_LEN, "len = %d\n", len);
char arr_x[len]; char arr_x[len];
char *px = mpz_get_str(arr_x, base, Pkey->x); char *px = mpz_get_str(arr_x, base, Pkey->x);
//snprintf(err_string, BUF_LEN, "arr=%p px=%p\n", arr_x, px); //snprintf(errString, BUF_LEN, "arr=%p px=%p\n", arr_x, px);
int n_zeroes = 64 - strlen(arr_x); int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) { for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0'; pub_key_x[i] = '0';
...@@ -281,104 +281,130 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *err_string, ...@@ -281,104 +281,130 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *err_string,
} }
strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes); strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes);
mpz_clear(skey_mpz); mpz_clear(privateKeyMpz);
domain_parameters_clear(curve); domain_parameters_clear(curve);
point_clear(Pkey); point_clear(Pkey);
} }
void trustedEcdsaSign(int *errStatus, char *err_string, uint8_t *encrypted_key, uint32_t dec_len, void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivateKey, uint32_t dec_len,
unsigned char *hash, char *sig_r, char *sig_s, uint8_t *sig_v, int base) { unsigned char *hash, char *sigR, char *sigS, uint8_t *sig_v, int base) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
char* arr_m = NULL; char* arrM = NULL;
char* arr_r = NULL; char* arrR = NULL;
char* arr_s; char* arrS = NULL;
char* privateKey = calloc(ECDSA_SKEY_LEN,1);
mpz_t privateKeyMpz;
mpz_init(privateKeyMpz);
mpz_t msgMpz;
mpz_t skey_mpz;
mpz_init(skey_mpz);
mpz_t msg_mpz;
mpz_init(msg_mpz);
signature sign = signature_init(); signature sign = signature_init();
domain_parameters curve = domain_parameters_init(); domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1); domain_parameters_load_curve(curve, secp256k1);
point publicKey = point_init(); point publicKey = point_init();
char* secretKey = calloc(ECDSA_SKEY_LEN,1);
sgx_status_t status = sgx_unseal_data( if (!hash) {
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, secretKey, &dec_len); *errStatus = 1;
char* msg = "NULL message hash";
LOG_ERROR(msg);
snprintf(errString, BUF_LEN, msg);
goto clean;
}
if (status != SGX_SUCCESS) { if (strnlen(hash, 64 ) > 64) {
*errStatus = status; *errStatus = 2;
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed - encrypted_key with status %d", status); char* msg = "Hash too long";
LOG_ERROR(msg);
snprintf(errString, BUF_LEN, msg);
goto clean; goto clean;
} }
//snprintf(err_string, BUF_LEN, "pr key is %s length %d ", skey, strlen(skey)); mpz_init(msgMpz);
if (mpz_set_str(skey_mpz, secretKey, ECDSA_SKEY_BASE) == -1) { if (mpz_set_str(msgMpz, hash, 16) == -1) {
*errStatus = -1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid secret key"); snprintf(errString, BUF_LEN, "invalid message hash %s", hash);
LOG_WARN(errString);
goto clean; goto clean;
} }
if (mpz_set_str(msg_mpz, hash, 16) == -1) { if (!encryptedPrivateKey) {
*errStatus = -1; *errStatus = 3;
snprintf(err_string, BUF_LEN, "invalid message hash"); snprintf(errString, BUF_LEN, "NULL encrypted ECDSA private key");
LOG_ERROR(errString);
goto clean; goto clean;
} }
//mpz_set_str(msg_mpz,"4b688df40bcedbe641ddb16ff0a1842d9c67ea1c3bf63f3e0471baa664531d1a", 16);
signature_sign(sign, msg_mpz, skey_mpz, curve);
signature_extract_public_key(publicKey, skey_mpz, curve); sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, privateKey, &dec_len);
if (!signature_verify(msg_mpz, sign, publicKey, curve)) { if (status != SGX_SUCCESS) {
*errStatus = -2; *errStatus = status;
snprintf(err_string, BUF_LEN, "signature is not verified"); snprintf(errString, BUF_LEN,
"sgx_unseal_data failed for encryptedPrivateKey:status %d", status);
LOG_ERROR(errString);
goto clean;
}
if (mpz_set_str(privateKeyMpz, privateKey, ECDSA_SKEY_BASE) == -1) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "mpz_set_str(privateKeyMpz ...) failed");
LOG_ERROR(errString);
goto clean; goto clean;
} }
//char arr_x[mpz_sizeinbase (Pkey->x, 16) + 2];
//char* px = mpz_get_str(arr_x, 16, Pkey->x);
//snprintf(err_string, BUF_LEN,"pub key x %s ", arr_x);
arr_m = calloc(mpz_sizeinbase(msg_mpz, 16) + 2 ,1);
mpz_get_str(arr_m, 16, msg_mpz);
//snprintf(err_string, BUF_LEN, "message is %s ", arr_m);
arr_r = calloc(mpz_sizeinbase(sign->r, base) + 2,1); signature_sign(sign, msgMpz, privateKeyMpz, curve);
mpz_get_str(arr_r, base, sign->r);
strncpy(sig_r, arr_r, 1024); signature_extract_public_key(publicKey, privateKeyMpz, curve);
arr_s = calloc(mpz_sizeinbase(sign->s, base) + 2, 1);
mpz_get_str(arr_s, base, sign->s); if (!signature_verify(msgMpz, sign, publicKey, curve)) {
strncpy(sig_s, arr_s, 1024); *errStatus = 2;
snprintf(errString, BUF_LEN, "ECDSA sig not verified");
LOG_WARN(errString);
goto clean;
}
arrR = calloc(mpz_sizeinbase(sign->r, base) + 2,1);
mpz_get_str(arrR, base, sign->r);
strncpy(sigR, arrR, 1024);
arrS = calloc(mpz_sizeinbase(sign->s, base) + 2, 1);
mpz_get_str(arrS, base, sign->s);
strncpy(sigS, arrS, 1024);
*sig_v = sign->v; *sig_v = sign->v;
clean: clean:
mpz_clear(skey_mpz); mpz_clear(privateKeyMpz);
mpz_clear(msg_mpz); mpz_clear(msgMpz);
domain_parameters_clear(curve); domain_parameters_clear(curve);
point_clear(publicKey); point_clear(publicKey);
free(secretKey);
signature_free(sign); signature_free(sign);
if (arr_m != NULL) { if (privateKey)
free(arr_m); free(privateKey);
}
if (arr_r != NULL) {
free(arr_r); if (arrR) {
free(arrR);
} }
if (arr_s != NULL) { if (arrS) {
free(arr_s); free(arrS);
} }
return; return;
...@@ -386,19 +412,19 @@ void trustedEcdsaSign(int *errStatus, char *err_string, uint8_t *encrypted_key, ...@@ -386,19 +412,19 @@ void trustedEcdsaSign(int *errStatus, char *err_string, uint8_t *encrypted_key,
} }
void trustedEncryptKey(int *errStatus, char *err_string, char *key, void trustedEncryptKey(int *errStatus, char *errString, char *key,
uint8_t *encrypted_key, uint32_t *enc_len) { uint8_t *encryptedPrivateKey, uint32_t *enc_len) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
*errStatus = UNKNOWN_ERROR; *errStatus = UNKNOWN_ERROR;
memset(err_string, 0, BUF_LEN); memset(errString, 0, BUF_LEN);
checkKey(errStatus, err_string, key); checkKey(errStatus, errString, key);
if (*errStatus != 0) { if (*errStatus != 0) {
snprintf(err_string + strlen(err_string), BUF_LEN, "check_key failed"); snprintf(errString + strlen(errString), BUF_LEN, "check_key failed");
return; return;
} }
...@@ -407,18 +433,18 @@ void trustedEncryptKey(int *errStatus, char *err_string, char *key, ...@@ -407,18 +433,18 @@ void trustedEncryptKey(int *errStatus, char *err_string, char *key,
if (sealedLen > BUF_LEN) { if (sealedLen > BUF_LEN) {
*errStatus = ENCRYPTED_KEY_TOO_LONG; *errStatus = ENCRYPTED_KEY_TOO_LONG;
snprintf(err_string, BUF_LEN, "sealedLen > MAX_ENCRYPTED_KEY_LENGTH"); snprintf(errString, BUF_LEN, "sealedLen > MAX_ENCRYPTED_KEY_LENGTH");
return; return;
} }
memset(encrypted_key, 0, BUF_LEN); memset(encryptedPrivateKey, 0, BUF_LEN);
sgx_status_t status = sgx_seal_data(0, NULL, MAX_KEY_LENGTH, (uint8_t *) key, sealedLen, sgx_status_t status = sgx_seal_data(0, NULL, MAX_KEY_LENGTH, (uint8_t *) key, sealedLen,
(sgx_sealed_data_t *) encrypted_key); (sgx_sealed_data_t *) encryptedPrivateKey);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = SEAL_KEY_FAILED; *errStatus = SEAL_KEY_FAILED;
snprintf(err_string, BUF_LEN, "SGX seal data failed with status %d", status); snprintf(errString, BUF_LEN, "SGX seal data failed with status %d", status);
return; return;
} }
...@@ -427,17 +453,17 @@ void trustedEncryptKey(int *errStatus, char *err_string, char *key, ...@@ -427,17 +453,17 @@ void trustedEncryptKey(int *errStatus, char *err_string, char *key,
char decryptedKey[BUF_LEN]; char decryptedKey[BUF_LEN];
memset(decryptedKey, 0, BUF_LEN); memset(decryptedKey, 0, BUF_LEN);
trustedDecryptKey(errStatus, err_string, encrypted_key, sealedLen, decryptedKey); trustedDecryptKey(errStatus, errString, encryptedPrivateKey, sealedLen, decryptedKey);
if (*errStatus != 0) { if (*errStatus != 0) {
snprintf(err_string + strlen(err_string), BUF_LEN, ":trustedDecryptKey failed"); snprintf(errString + strlen(errString), BUF_LEN, ":trustedDecryptKey failed");
return; return;
} }
uint64_t decryptedKeyLen = strnlen(decryptedKey, MAX_KEY_LENGTH); uint64_t decryptedKeyLen = strnlen(decryptedKey, MAX_KEY_LENGTH);
if (decryptedKeyLen == MAX_KEY_LENGTH) { if (decryptedKeyLen == MAX_KEY_LENGTH) {
snprintf(err_string, BUF_LEN, "Decrypted key is not null terminated"); snprintf(errString, BUF_LEN, "Decrypted key is not null terminated");
return; return;
} }
...@@ -445,14 +471,14 @@ void trustedEncryptKey(int *errStatus, char *err_string, char *key, ...@@ -445,14 +471,14 @@ void trustedEncryptKey(int *errStatus, char *err_string, char *key,
*errStatus = -8; *errStatus = -8;
if (strncmp(key, decryptedKey, MAX_KEY_LENGTH) != 0) { if (strncmp(key, decryptedKey, MAX_KEY_LENGTH) != 0) {
snprintf(err_string, BUF_LEN, "Decrypted key does not match original key"); snprintf(errString, BUF_LEN, "Decrypted key does not match original key");
return; return;
} }
*errStatus = 0; *errStatus = 0;
} }
void trustedDecryptKey(int *errStatus, char *err_string, uint8_t *encrypted_key, void trustedDecryptKey(int *errStatus, char *errString, uint8_t *encryptedPrivateKey,
uint32_t enc_len, char *key) { uint32_t enc_len, char *key) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -462,18 +488,18 @@ void trustedDecryptKey(int *errStatus, char *err_string, uint8_t *encrypted_key, ...@@ -462,18 +488,18 @@ void trustedDecryptKey(int *errStatus, char *err_string, uint8_t *encrypted_key,
*errStatus = -9; *errStatus = -9;
sgx_status_t status = sgx_unseal_data( sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, (uint8_t *) key, &decLen); (const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) key, &decLen);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = status; *errStatus = status;
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed with status %d", status); snprintf(errString, BUF_LEN, "sgx_unseal_data failed with status %d", status);
return; return;
} }
//snprintf(err_string, BUF_LEN, "decr key is %s", key); //snprintf(errString, BUF_LEN, "decr key is %s", key);
if (decLen > MAX_KEY_LENGTH) { if (decLen > MAX_KEY_LENGTH) {
snprintf(err_string, BUF_LEN, "wrong decLen");//"decLen != MAX_KEY_LENGTH"); snprintf(errString, BUF_LEN, "wrong decLen");//"decLen != MAX_KEY_LENGTH");
return; return;
} }
...@@ -484,7 +510,7 @@ void trustedDecryptKey(int *errStatus, char *err_string, uint8_t *encrypted_key, ...@@ -484,7 +510,7 @@ void trustedDecryptKey(int *errStatus, char *err_string, uint8_t *encrypted_key,
if (keyLen == MAX_KEY_LENGTH) { if (keyLen == MAX_KEY_LENGTH) {
snprintf(err_string, BUF_LEN, "Key is not null terminated"); snprintf(errString, BUF_LEN, "Key is not null terminated");
return; return;
} }
...@@ -494,7 +520,7 @@ void trustedDecryptKey(int *errStatus, char *err_string, uint8_t *encrypted_key, ...@@ -494,7 +520,7 @@ void trustedDecryptKey(int *errStatus, char *err_string, uint8_t *encrypted_key,
} }
void trustedBlsSignMessage(int *errStatus, char *err_string, uint8_t *encrypted_key, void trustedBlsSignMessage(int *errStatus, char *errString, uint8_t *encryptedPrivateKey,
uint32_t enc_len, char *_hashX, uint32_t enc_len, char *_hashX,
char *_hashY, char *signature) { char *_hashY, char *signature) {
...@@ -507,10 +533,10 @@ void trustedBlsSignMessage(int *errStatus, char *err_string, uint8_t *encrypted_ ...@@ -507,10 +533,10 @@ void trustedBlsSignMessage(int *errStatus, char *err_string, uint8_t *encrypted_
trustedDecryptKey(errStatus, err_string, encrypted_key, enc_len, key); trustedDecryptKey(errStatus, errString, encryptedPrivateKey, enc_len, key);
if (*errStatus != 0) { if (*errStatus != 0) {
strncpy(signature, err_string, BUF_LEN); strncpy(signature, errString, BUF_LEN);
return; return;
} }
...@@ -526,7 +552,7 @@ void trustedBlsSignMessage(int *errStatus, char *err_string, uint8_t *encrypted_ ...@@ -526,7 +552,7 @@ void trustedBlsSignMessage(int *errStatus, char *err_string, uint8_t *encrypted_
free(sig); free(sig);
} }
void trustedGenDkgSecret(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t *enc_len, size_t _t) { void trustedGenDkgSecret(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint32_t *enc_len, size_t _t) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -537,7 +563,7 @@ void trustedGenDkgSecret(int *errStatus, char *err_string, uint8_t *encrypted_dk ...@@ -537,7 +563,7 @@ void trustedGenDkgSecret(int *errStatus, char *err_string, uint8_t *encrypted_dk
return; return;
} }
snprintf(err_string, BUF_LEN, "poly is %s ", dkg_secret); snprintf(errString, BUF_LEN, "poly is %s ", dkg_secret);
uint32_t sealedLen = sgx_calc_sealed_data_size(0, uint32_t sealedLen = sgx_calc_sealed_data_size(0,
DKG_BUFER_LENGTH);//sizeof(sgx_sealed_data_t) + sizeof(dkg_secret); DKG_BUFER_LENGTH);//sizeof(sgx_sealed_data_t) + sizeof(dkg_secret);
...@@ -546,7 +572,7 @@ void trustedGenDkgSecret(int *errStatus, char *err_string, uint8_t *encrypted_dk ...@@ -546,7 +572,7 @@ void trustedGenDkgSecret(int *errStatus, char *err_string, uint8_t *encrypted_dk
(sgx_sealed_data_t *) encrypted_dkg_secret); (sgx_sealed_data_t *) encrypted_dkg_secret);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "SGX seal data failed"); snprintf(errString, BUF_LEN, "SGX seal data failed");
*errStatus = status; *errStatus = status;
return; return;
} }
...@@ -555,7 +581,7 @@ void trustedGenDkgSecret(int *errStatus, char *err_string, uint8_t *encrypted_dk ...@@ -555,7 +581,7 @@ void trustedGenDkgSecret(int *errStatus, char *err_string, uint8_t *encrypted_dk
//free(dkg_secret); //free(dkg_secret);
} }
void trustedDecryptDkgSecret(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint8_t *decrypted_dkg_secret, void trustedDecryptDkgSecret(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint8_t *decrypted_dkg_secret,
uint32_t *dec_len) { uint32_t *dec_len) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -566,7 +592,7 @@ void trustedDecryptDkgSecret(int *errStatus, char *err_string, uint8_t *encrypte ...@@ -566,7 +592,7 @@ void trustedDecryptDkgSecret(int *errStatus, char *err_string, uint8_t *encrypte
(const sgx_sealed_data_t *) encrypted_dkg_secret, NULL, 0, decrypted_dkg_secret, &decr_len); (const sgx_sealed_data_t *) encrypted_dkg_secret, NULL, 0, decrypted_dkg_secret, &decr_len);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", status); snprintf(errString, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", status);
*errStatus = status; *errStatus = status;
return; return;
} }
...@@ -574,7 +600,7 @@ void trustedDecryptDkgSecret(int *errStatus, char *err_string, uint8_t *encrypte ...@@ -574,7 +600,7 @@ void trustedDecryptDkgSecret(int *errStatus, char *err_string, uint8_t *encrypte
*dec_len = decr_len; *dec_len = decr_len;
} }
void trustedGetSecretShares(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t *dec_len, void trustedGetSecretShares(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint32_t *dec_len,
char *secret_shares, char *secret_shares,
unsigned _t, unsigned _n) { unsigned _t, unsigned _n) {
...@@ -583,21 +609,21 @@ void trustedGetSecretShares(int *errStatus, char *err_string, uint8_t *encrypted ...@@ -583,21 +609,21 @@ void trustedGetSecretShares(int *errStatus, char *err_string, uint8_t *encrypted
char decrypted_dkg_secret[DKG_BUFER_LENGTH]; char decrypted_dkg_secret[DKG_BUFER_LENGTH];
uint32_t decr_len; uint32_t decr_len;
trustedDecryptDkgSecret(errStatus, err_string, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len); trustedDecryptDkgSecret(errStatus, errString, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len);
if (*errStatus != 0) { if (*errStatus != 0) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", *errStatus); snprintf(errString, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", *errStatus);
return; return;
} }
*dec_len = decr_len; *dec_len = decr_len;
// strncpy(err_string, decrypted_dkg_secret, 1024); // strncpy(errString, decrypted_dkg_secret, 1024);
calc_secret_shares(decrypted_dkg_secret, secret_shares, _t, _n); calc_secret_shares(decrypted_dkg_secret, secret_shares, _t, _n);
//free(decrypted_dkg_secret); //free(decrypted_dkg_secret);
} }
void trustedGetPublicShares(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t enc_len, void trustedGetPublicShares(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint32_t enc_len,
char *public_shares, char *public_shares,
unsigned _t, unsigned _n) { unsigned _t, unsigned _n) {
...@@ -605,23 +631,23 @@ void trustedGetPublicShares(int *errStatus, char *err_string, uint8_t *encrypted ...@@ -605,23 +631,23 @@ void trustedGetPublicShares(int *errStatus, char *err_string, uint8_t *encrypted
char *decrypted_dkg_secret = (char *) calloc(DKG_MAX_SEALED_LEN, 1); char *decrypted_dkg_secret = (char *) calloc(DKG_MAX_SEALED_LEN, 1);
uint32_t decr_len; uint32_t decr_len;
trustedDecryptDkgSecret(errStatus, err_string, (uint8_t *) encrypted_dkg_secret, decrypted_dkg_secret, &decr_len); trustedDecryptDkgSecret(errStatus, errString, (uint8_t *) encrypted_dkg_secret, decrypted_dkg_secret, &decr_len);
if (*errStatus != 0) { if (*errStatus != 0) {
snprintf(err_string, BUF_LEN, "trustedDecryptDkgSecret failed with status %d", *errStatus); snprintf(errString, BUF_LEN, "trustedDecryptDkgSecret failed with status %d", *errStatus);
return; return;
} }
//strncpy(err_string, decrypted_dkg_secret, 1024); //strncpy(errString, decrypted_dkg_secret, 1024);
// strncpy(err_string, "before calc_public_shares ", 1024); // strncpy(errString, "before calc_public_shares ", 1024);
if (calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0) { if (calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "t does not match polynomial in db"); snprintf(errString, BUF_LEN, "t does not match polynomial in db");
return; return;
} }
free(decrypted_dkg_secret); free(decrypted_dkg_secret);
} }
void trustedSetEncryptedDkgPoly(int *errStatus, char *err_string, uint8_t *encrypted_poly) { void trustedSetEncryptedDkgPoly(int *errStatus, char *errString, uint8_t *encrypted_poly) {
memset(decryptedDkgPoly, 0, DKG_BUFER_LENGTH); memset(decryptedDkgPoly, 0, DKG_BUFER_LENGTH);
uint32_t decr_len; uint32_t decr_len;
sgx_status_t status = sgx_unseal_data( sgx_status_t status = sgx_unseal_data(
...@@ -629,13 +655,13 @@ void trustedSetEncryptedDkgPoly(int *errStatus, char *err_string, uint8_t *encry ...@@ -629,13 +655,13 @@ void trustedSetEncryptedDkgPoly(int *errStatus, char *err_string, uint8_t *encry
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_poly failed with status %d", status); snprintf(errString, BUF_LEN, "sgx_unseal_data - encrypted_poly failed with status %d", status);
return; return;
} }
} }
void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *encrypted_skey, uint32_t *dec_len, void trustedGetEncryptedSecretShare(int *errStatus, char *errString, uint8_t *encrypted_skey, uint32_t *dec_len,
char *result_str, char *s_shareG2, char *pub_keyB, uint8_t _t, uint8_t _n, uint8_t ind) { char *result_str, char *s_shareG2, char *pub_keyB, uint8_t _t, uint8_t _n, uint8_t ind) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -648,7 +674,7 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *e ...@@ -648,7 +674,7 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *e
uint32_t enc_len; uint32_t enc_len;
trustedGenerateEcdsaKey(errStatus, err_string, encrypted_skey, &enc_len, pub_key_x, pub_key_y); trustedGenerateEcdsaKey(errStatus, errString, encrypted_skey, &enc_len, pub_key_x, pub_key_y);
if (*errStatus != 0) { if (*errStatus != 0) {
return; return;
} }
...@@ -659,11 +685,11 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *e ...@@ -659,11 +685,11 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *e
(const sgx_sealed_data_t *) encrypted_skey, NULL, 0, (uint8_t *) skey, &enc_len); (const sgx_sealed_data_t *) encrypted_skey, NULL, 0, (uint8_t *) skey, &enc_len);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed - encrypted_skey with status %d", status); snprintf(errString, BUF_LEN, "sgx_unseal_data failed - encrypted_skey with status %d", status);
*errStatus = status; *errStatus = status;
return; return;
} }
snprintf(err_string, BUF_LEN, "unsealed random skey is %s\n", skey); snprintf(errString, BUF_LEN, "unsealed random skey is %s\n", skey);
char *common_key[ECDSA_SKEY_LEN]; char *common_key[ECDSA_SKEY_LEN];
gen_session_key(skey, pub_keyB, common_key); gen_session_key(skey, pub_keyB, common_key);
...@@ -672,14 +698,14 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *e ...@@ -672,14 +698,14 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *e
if (calc_secret_share(decryptedDkgPoly, s_share, _t, _n, ind) != 0) { if (calc_secret_share(decryptedDkgPoly, s_share, _t, _n, ind) != 0) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "\nt does not match poly degree\n"); snprintf(errString, BUF_LEN, "\nt does not match poly degree\n");
return; return;
} }
snprintf(err_string + 88, BUF_LEN, "\nsecret share is %s", s_share); snprintf(errString + 88, BUF_LEN, "\nsecret share is %s", s_share);
if (calc_secret_shareG2(s_share, s_shareG2) != 0) { if (calc_secret_shareG2(s_share, s_shareG2) != 0) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "invalid decr secret share\n"); snprintf(errString, BUF_LEN, "invalid decr secret share\n");
return; return;
} }
...@@ -687,7 +713,7 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *e ...@@ -687,7 +713,7 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *e
xor_encrypt(common_key, s_share, cypher); xor_encrypt(common_key, s_share, cypher);
if (cypher == NULL) { if (cypher == NULL) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key"); snprintf(errString, BUF_LEN, "invalid common_key");
return; return;
} }
...@@ -698,7 +724,7 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *e ...@@ -698,7 +724,7 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *e
} }
void trustedComplaintResponse(int *errStatus, char *err_string, uint8_t *encryptedDHKey, uint8_t *encrypted_dkg_secret, void trustedComplaintResponse(int *errStatus, char *errString, uint8_t *encryptedDHKey, uint8_t *encrypted_dkg_secret,
uint32_t *dec_len, uint32_t *dec_len,
char *DH_key, char *s_shareG2, uint8_t _t, uint8_t _n, uint8_t ind1) { char *DH_key, char *s_shareG2, uint8_t _t, uint8_t _n, uint8_t ind1) {
...@@ -709,9 +735,9 @@ void trustedComplaintResponse(int *errStatus, char *err_string, uint8_t *encrypt ...@@ -709,9 +735,9 @@ void trustedComplaintResponse(int *errStatus, char *err_string, uint8_t *encrypt
char decrypted_dkg_secret[DKG_BUFER_LENGTH]; char decrypted_dkg_secret[DKG_BUFER_LENGTH];
uint32_t decr_len; uint32_t decr_len;
trustedDecryptDkgSecret(errStatus, err_string, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len); trustedDecryptDkgSecret(errStatus, errString, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len);
if (*errStatus != 0) { if (*errStatus != 0) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", *errStatus); snprintf(errString, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", *errStatus);
return; return;
} }
...@@ -719,18 +745,18 @@ void trustedComplaintResponse(int *errStatus, char *err_string, uint8_t *encrypt ...@@ -719,18 +745,18 @@ void trustedComplaintResponse(int *errStatus, char *err_string, uint8_t *encrypt
} }
void trustedDkgVerify(int *errStatus, char *err_string, const char *public_shares, const char *s_share, void trustedDkgVerify(int *errStatus, char *errString, const char *public_shares, const char *s_share,
uint8_t *encrypted_key, uint64_t key_len, unsigned _t, int _ind, int *result) { uint8_t *encryptedPrivateKey, uint64_t key_len, unsigned _t, int _ind, int *result) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
char skey[ECDSA_SKEY_LEN]; char skey[ECDSA_SKEY_LEN];
sgx_status_t status = sgx_unseal_data( sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, (uint8_t *) skey, &key_len); (const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) skey, &key_len);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = status; *errStatus = status;
snprintf(err_string, BUF_LEN, "sgx_unseal_key failed with status %d", status); snprintf(errString, BUF_LEN, "sgx_unseal_key failed with status %d", status);
return; return;
} }
...@@ -744,14 +770,14 @@ void trustedDkgVerify(int *errStatus, char *err_string, const char *public_share ...@@ -744,14 +770,14 @@ void trustedDkgVerify(int *errStatus, char *err_string, const char *public_share
common_key[ECDSA_SKEY_LEN - 1] = 0; common_key[ECDSA_SKEY_LEN - 1] = 0;
if (common_key == NULL) { if (common_key == NULL) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key"); snprintf(errString, BUF_LEN, "invalid common_key");
return; return;
} }
xor_decrypt(common_key, encr_sshare, decr_sshare); xor_decrypt(common_key, encr_sshare, decr_sshare);
if (decr_sshare == NULL) { if (decr_sshare == NULL) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key"); snprintf(errString, BUF_LEN, "invalid common_key");
return; return;
} }
...@@ -763,28 +789,28 @@ void trustedDkgVerify(int *errStatus, char *err_string, const char *public_share ...@@ -763,28 +789,28 @@ void trustedDkgVerify(int *errStatus, char *err_string, const char *public_share
mpz_init(s); mpz_init(s);
if (mpz_set_str(s, decr_sshare, 16) == -1) { if (mpz_set_str(s, decr_sshare, 16) == -1) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid decr secret share"); snprintf(errString, BUF_LEN, "invalid decr secret share");
mpz_clear(s); mpz_clear(s);
return; return;
} }
*result = Verification(public_shares, s, _t, _ind); *result = Verification(public_shares, s, _t, _ind);
snprintf(err_string, BUF_LEN, "common_key in verification is %s", common_key); snprintf(errString, BUF_LEN, "common_key in verification is %s", common_key);
} }
void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares, void trustedCreateBlsKey(int *errStatus, char *errString, const char *s_shares,
uint8_t *encrypted_key, uint64_t key_len, uint8_t *encr_bls_key, uint32_t *enc_bls_key_len) { uint8_t *encryptedPrivateKey, uint64_t key_len, uint8_t *encr_bls_key, uint32_t *enc_bls_key_len) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
char skey[ECDSA_SKEY_LEN]; char skey[ECDSA_SKEY_LEN];
sgx_status_t status = sgx_unseal_data( sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, (uint8_t *) skey, &key_len); (const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) skey, &key_len);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "sgx_unseal_key failed with status %d", status); snprintf(errString, BUF_LEN, "sgx_unseal_key failed with status %d", status);
return; return;
} }
...@@ -810,7 +836,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares, ...@@ -810,7 +836,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares,
if (common_key == NULL) { if (common_key == NULL) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key"); snprintf(errString, BUF_LEN, "invalid common_key");
mpz_clear(sum); mpz_clear(sum);
return; return;
} }
...@@ -820,7 +846,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares, ...@@ -820,7 +846,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares,
xor_decrypt(common_key, encr_sshare, decr_sshare); xor_decrypt(common_key, encr_sshare, decr_sshare);
if (decr_sshare == NULL) { if (decr_sshare == NULL) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key"); snprintf(errString, BUF_LEN, "invalid common_key");
mpz_clear(sum); mpz_clear(sum);
return; return;
} }
...@@ -829,7 +855,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares, ...@@ -829,7 +855,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares,
mpz_init(decr_secret_share); mpz_init(decr_secret_share);
if (mpz_set_str(decr_secret_share, decr_sshare, 16) == -1) { if (mpz_set_str(decr_secret_share, decr_sshare, 16) == -1) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid decrypted secret share"); snprintf(errString, BUF_LEN, "invalid decrypted secret share");
mpz_clear(decr_secret_share); mpz_clear(decr_secret_share);
return; return;
} }
...@@ -849,7 +875,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares, ...@@ -849,7 +875,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares,
char key_share[mpz_sizeinbase(bls_key, 16) + 2]; char key_share[mpz_sizeinbase(bls_key, 16) + 2];
char *key = mpz_get_str(key_share, 16, bls_key); char *key = mpz_get_str(key_share, 16, bls_key);
snprintf(err_string, BUF_LEN, " bls private key is %s", key_share); snprintf(errString, BUF_LEN, " bls private key is %s", key_share);
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN); uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
...@@ -857,7 +883,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares, ...@@ -857,7 +883,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares,
(sgx_sealed_data_t *) encr_bls_key); (sgx_sealed_data_t *) encr_bls_key);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "seal bls private key failed with status %d ", status); snprintf(errString, BUF_LEN, "seal bls private key failed with status %d ", status);
mpz_clear(bls_key); mpz_clear(bls_key);
mpz_clear(sum); mpz_clear(sum);
mpz_clear(q); mpz_clear(q);
...@@ -871,7 +897,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares, ...@@ -871,7 +897,7 @@ void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares,
mpz_clear(q); mpz_clear(q);
} }
void trustedGetBlsPubKey(int *errStatus, char *err_string, uint8_t *encrypted_key, uint64_t key_len, char *bls_pub_key) { void trustedGetBlsPubKey(int *errStatus, char *errString, uint8_t *encryptedPrivateKey, uint64_t key_len, char *bls_pub_key) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -880,21 +906,21 @@ void trustedGetBlsPubKey(int *errStatus, char *err_string, uint8_t *encrypted_ke ...@@ -880,21 +906,21 @@ void trustedGetBlsPubKey(int *errStatus, char *err_string, uint8_t *encrypted_ke
uint32_t len = key_len; uint32_t len = key_len;
sgx_status_t status = sgx_unseal_data( sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, (uint8_t *) skey_hex, &len); (const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) skey_hex, &len);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed with status %d", status); snprintf(errString, BUF_LEN, "sgx_unseal_data failed with status %d", status);
return; return;
} }
if (calc_bls_public_key(skey_hex, bls_pub_key) != 0) { if (calc_bls_public_key(skey_hex, bls_pub_key) != 0) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "could not calculate bls public key"); snprintf(errString, BUF_LEN, "could not calculate bls public key");
return; return;
} }
} }
void trustedGenerateSEK(int *errStatus, char *err_string, void trustedGenerateSEK(int *errStatus, char *errString,
uint8_t *encrypted_SEK, uint32_t *enc_len, char *SEK_hex) { uint8_t *encrypted_SEK, uint32_t *enc_len, char *SEK_hex) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -915,7 +941,7 @@ void trustedGenerateSEK(int *errStatus, char *err_string, ...@@ -915,7 +941,7 @@ void trustedGenerateSEK(int *errStatus, char *err_string,
sgx_status_t status = sgx_seal_data(0, NULL, hex_aes_key_length + 1, SEK_hex, sealedLen, sgx_status_t status = sgx_seal_data(0, NULL, hex_aes_key_length + 1, SEK_hex, sealedLen,
(sgx_sealed_data_t *) encrypted_SEK); (sgx_sealed_data_t *) encrypted_SEK);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "seal SEK failed"); snprintf(errString, BUF_LEN, "seal SEK failed");
*errStatus = status; *errStatus = status;
return; return;
} }
...@@ -925,7 +951,7 @@ void trustedGenerateSEK(int *errStatus, char *err_string, ...@@ -925,7 +951,7 @@ void trustedGenerateSEK(int *errStatus, char *err_string,
} }
void trustedSetSEK(int *errStatus, char *err_string, uint8_t *encrypted_SEK, uint64_t encr_len) { void trustedSetSEK(int *errStatus, char *errString, uint8_t *encrypted_SEK, uint64_t encr_len) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -936,7 +962,7 @@ void trustedSetSEK(int *errStatus, char *err_string, uint8_t *encrypted_SEK, uin ...@@ -936,7 +962,7 @@ void trustedSetSEK(int *errStatus, char *err_string, uint8_t *encrypted_SEK, uin
(const sgx_sealed_data_t *) encrypted_SEK, NULL, 0, aes_key_hex, &encr_len); (const sgx_sealed_data_t *) encrypted_SEK, NULL, 0, aes_key_hex, &encr_len);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = status; *errStatus = status;
snprintf(err_string, BUF_LEN, "sgx unseal SEK failed with status %d", status); snprintf(errString, BUF_LEN, "sgx unseal SEK failed with status %d", status);
return; return;
} }
...@@ -945,7 +971,7 @@ void trustedSetSEK(int *errStatus, char *err_string, uint8_t *encrypted_SEK, uin ...@@ -945,7 +971,7 @@ void trustedSetSEK(int *errStatus, char *err_string, uint8_t *encrypted_SEK, uin
} }
void trustedSetSEK_backup(int *errStatus, char *err_string, void trustedSetSEK_backup(int *errStatus, char *errString,
uint8_t *encrypted_SEK, uint32_t *enc_len, const char *SEK_hex) { uint8_t *encrypted_SEK, uint32_t *enc_len, const char *SEK_hex) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -958,7 +984,7 @@ void trustedSetSEK_backup(int *errStatus, char *err_string, ...@@ -958,7 +984,7 @@ void trustedSetSEK_backup(int *errStatus, char *err_string,
sgx_status_t status = sgx_seal_data(0, NULL, strlen(SEK_hex) + 1, SEK_hex, sealedLen, sgx_status_t status = sgx_seal_data(0, NULL, strlen(SEK_hex) + 1, SEK_hex, sealedLen,
(sgx_sealed_data_t *) encrypted_SEK); (sgx_sealed_data_t *) encrypted_SEK);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "seal SEK failed with status %d", status); snprintf(errString, BUF_LEN, "seal SEK failed with status %d", status);
*errStatus = status; *errStatus = status;
return; return;
} }
...@@ -966,8 +992,8 @@ void trustedSetSEK_backup(int *errStatus, char *err_string, ...@@ -966,8 +992,8 @@ void trustedSetSEK_backup(int *errStatus, char *err_string,
*enc_len = sealedLen; *enc_len = sealedLen;
} }
void trustedGenerateEcdsaKeyAES(int *errStatus, char *err_string, void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
uint8_t *encrypted_key, uint32_t *enc_len, char *pub_key_x, char *pub_key_y) { uint8_t *encryptedPrivateKey, uint32_t *enc_len, char *pub_key_x, char *pub_key_y) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -996,10 +1022,10 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *err_string, ...@@ -996,10 +1022,10 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *err_string,
uint8_t base = 16; uint8_t base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2; int len = mpz_sizeinbase(Pkey->x, base) + 2;
//snprintf(err_string, BUF_LEN, "len = %d\n", len); //snprintf(errString, BUF_LEN, "len = %d\n", len);
char arr_x[len]; char arr_x[len];
char *px = mpz_get_str(arr_x, base, Pkey->x); char *px = mpz_get_str(arr_x, base, Pkey->x);
//snprintf(err_string, BUF_LEN, "arr=%p px=%p\n", arr_x, px); //snprintf(errString, BUF_LEN, "arr=%p px=%p\n", arr_x, px);
int n_zeroes = 64 - strlen(arr_x); int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) { for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0'; pub_key_x[i] = '0';
...@@ -1016,21 +1042,21 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *err_string, ...@@ -1016,21 +1042,21 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *err_string,
strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes); strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes);
char skey_str[mpz_sizeinbase(skey, ECDSA_SKEY_BASE) + 2]; char skey_str[mpz_sizeinbase(skey, ECDSA_SKEY_BASE) + 2];
char *s = mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey); char *s = mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey);
snprintf(err_string, BUF_LEN, "skey is %s len %d\n", skey_str, strlen(skey_str)); snprintf(errString, BUF_LEN, "skey is %s len %d\n", skey_str, strlen(skey_str));
int stat = AES_encrypt(skey_str, encrypted_key); int stat = AES_encrypt(skey_str, encryptedPrivateKey);
if (stat != 0) { if (stat != 0) {
snprintf(err_string, BUF_LEN, "ecdsa private key encryption failed"); snprintf(errString, BUF_LEN, "ecdsa private key encryption failed");
*errStatus = stat; *errStatus = stat;
return; return;
} }
*enc_len = strlen(skey_str) + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE; *enc_len = strlen(skey_str) + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE;
stat = AES_decrypt(encrypted_key, *enc_len, skey_str); stat = AES_decrypt(encryptedPrivateKey, *enc_len, skey_str);
if (stat != 0) { if (stat != 0) {
snprintf(err_string + 19 + strlen(skey_str), BUF_LEN, "ecdsa private key decr failed with status %d", stat); snprintf(errString + 19 + strlen(skey_str), BUF_LEN, "ecdsa private key decr failed with status %d", stat);
//*errStatus = stat; //*errStatus = stat;
return; return;
} }
...@@ -1040,8 +1066,8 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *err_string, ...@@ -1040,8 +1066,8 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *err_string,
point_clear(Pkey); point_clear(Pkey);
} }
void trustedGetPublicEcdsaKeyAES(int *errStatus, char *err_string, void trustedGetPublicEcdsaKeyAES(int *errStatus, char *errString,
uint8_t *encrypted_key, uint32_t enc_len, char *pub_key_x, char *pub_key_y) { uint8_t *encryptedPrivateKey, uint32_t enc_len, char *pub_key_x, char *pub_key_y) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -1050,38 +1076,38 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *err_string, ...@@ -1050,38 +1076,38 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *err_string,
char skey[ECDSA_SKEY_LEN]; char skey[ECDSA_SKEY_LEN];
int status = AES_decrypt(encrypted_key, enc_len, skey); int status = AES_decrypt(encryptedPrivateKey, enc_len, skey);
if (status != 0) { if (status != 0) {
snprintf(err_string, BUF_LEN, "AES_decrypt failed with status %d", status); snprintf(errString, BUF_LEN, "AES_decrypt failed with status %d", status);
*errStatus = status; *errStatus = status;
return; return;
} }
skey[enc_len - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE] = '\0'; skey[enc_len - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE] = '\0';
strncpy(err_string, skey, 1024); strncpy(errString, skey, 1024);
mpz_t skey_mpz; mpz_t privateKeyMpz;
mpz_init(skey_mpz); mpz_init(privateKeyMpz);
// mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey); // mpz_import(privateKeyMpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
if (mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE) == -1) { if (mpz_set_str(privateKeyMpz, skey, ECDSA_SKEY_BASE) == -1) {
snprintf(err_string, BUF_LEN, "wrong string to init private key - %s", skey); snprintf(errString, BUF_LEN, "wrong string to init private key - %s", skey);
*errStatus = -10; *errStatus = -10;
mpz_clear(skey_mpz); mpz_clear(privateKeyMpz);
return; return;
} }
//Public key //Public key
point Pkey = point_init(); point Pkey = point_init();
signature_extract_public_key(Pkey, skey_mpz, curve); signature_extract_public_key(Pkey, privateKeyMpz, curve);
point Pkey_test = point_init(); point Pkey_test = point_init();
point_multiplication(Pkey_test, skey_mpz, curve->G, curve); point_multiplication(Pkey_test, privateKeyMpz, curve->G, curve);
if (!point_cmp(Pkey, Pkey_test)) { if (!point_cmp(Pkey, Pkey_test)) {
snprintf(err_string, BUF_LEN, "Points are not equal"); snprintf(errString, BUF_LEN, "Points are not equal");
*errStatus = -11; *errStatus = -11;
return; return;
} }
...@@ -1108,13 +1134,13 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *err_string, ...@@ -1108,13 +1134,13 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *err_string,
} }
strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes); strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes);
mpz_clear(skey_mpz); mpz_clear(privateKeyMpz);
domain_parameters_clear(curve); domain_parameters_clear(curve);
point_clear(Pkey); point_clear(Pkey);
} }
void trustedEcdsaSignAES(int *errStatus, char *err_string, uint8_t *encrypted_key, uint32_t enc_len, void trustedEcdsaSignAES(int *errStatus, char *errString, uint8_t *encryptedPrivateKey, uint32_t enc_len,
unsigned char *hash, char *sig_r, char *sig_s, uint8_t *sig_v, int base) { unsigned char *hash, char *sigR, char *sigS, uint8_t *sig_v, int base) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -1123,88 +1149,88 @@ void trustedEcdsaSignAES(int *errStatus, char *err_string, uint8_t *encrypted_ke ...@@ -1123,88 +1149,88 @@ void trustedEcdsaSignAES(int *errStatus, char *err_string, uint8_t *encrypted_ke
char skey[ECDSA_SKEY_LEN]; char skey[ECDSA_SKEY_LEN];
int status = AES_decrypt(encrypted_key, enc_len, skey); int status = AES_decrypt(encryptedPrivateKey, enc_len, skey);
if (status != 0) { if (status != 0) {
*errStatus = status; *errStatus = status;
snprintf(err_string, BUF_LEN, "aes decrypt failed with status %d", status); snprintf(errString, BUF_LEN, "aes decrypt failed with status %d", status);
return; return;
} }
skey[enc_len - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE - 1] = '\0'; skey[enc_len - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE - 1] = '\0';
snprintf(err_string, BUF_LEN, "pr key is %s length %d ", skey, strlen(skey)); snprintf(errString, BUF_LEN, "pr key is %s length %d ", skey, strlen(skey));
mpz_t skey_mpz; mpz_t privateKeyMpz;
mpz_init(skey_mpz); mpz_init(privateKeyMpz);
if (mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE) == -1) { if (mpz_set_str(privateKeyMpz, skey, ECDSA_SKEY_BASE) == -1) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "invalid secret key"); snprintf(errString, BUF_LEN, "invalid secret key");
mpz_clear(skey_mpz); mpz_clear(privateKeyMpz);
return; return;
} }
mpz_t msg_mpz; mpz_t msgMpz;
mpz_init(msg_mpz); mpz_init(msgMpz);
if (mpz_set_str(msg_mpz, hash, 16) == -1) { if (mpz_set_str(msgMpz, hash, 16) == -1) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "invalid message hash"); snprintf(errString, BUF_LEN, "invalid message hash");
mpz_clear(msg_mpz); mpz_clear(msgMpz);
return; return;
} }
signature sign = signature_init(); signature sign = signature_init();
signature_sign(sign, msg_mpz, skey_mpz, curve); signature_sign(sign, msgMpz, privateKeyMpz, curve);
point Pkey = point_init(); point Pkey = point_init();
signature_extract_public_key(Pkey, skey_mpz, curve); signature_extract_public_key(Pkey, privateKeyMpz, curve);
if (!signature_verify(msg_mpz, sign, Pkey, curve)) { if (!signature_verify(msgMpz, sign, Pkey, curve)) {
*errStatus = -2; *errStatus = -2;
snprintf(err_string, BUF_LEN, "signature is not verified! "); snprintf(errString, BUF_LEN, "signature is not verified! ");
return; return;
} }
char arr_m[mpz_sizeinbase(msg_mpz, 16) + 2]; char arrM[mpz_sizeinbase(msgMpz, 16) + 2];
char *msg = mpz_get_str(arr_m, 16, msg_mpz); char *msg = mpz_get_str(arrM, 16, msgMpz);
snprintf(err_string, BUF_LEN, "message is %s ", arr_m); snprintf(errString, BUF_LEN, "message is %s ", arrM);
char arr_r[mpz_sizeinbase(sign->r, base) + 2]; char arrR[mpz_sizeinbase(sign->r, base) + 2];
char *r = mpz_get_str(arr_r, base, sign->r); char *r = mpz_get_str(arrR, base, sign->r);
strncpy(sig_r, arr_r, 1024); strncpy(sigR, arrR, 1024);
char arr_s[mpz_sizeinbase(sign->s, base) + 2]; char arrS[mpz_sizeinbase(sign->s, base) + 2];
char *s = mpz_get_str(arr_s, base, sign->s); char *s = mpz_get_str(arrS, base, sign->s);
strncpy(sig_s, arr_s, 1024); strncpy(sigS, arrS, 1024);
*sig_v = sign->v; *sig_v = sign->v;
mpz_clear(skey_mpz); mpz_clear(privateKeyMpz);
mpz_clear(msg_mpz); mpz_clear(msgMpz);
domain_parameters_clear(curve); domain_parameters_clear(curve);
signature_free(sign); signature_free(sign);
point_clear(Pkey); point_clear(Pkey);
} }
void trustedEncryptKeyAES(int *errStatus, char *err_string, const char *key, void trustedEncryptKeyAES(int *errStatus, char *errString, const char *key,
uint8_t *encrypted_key, uint32_t *enc_len) { uint8_t *encryptedPrivateKey, uint32_t *enc_len) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
*errStatus = UNKNOWN_ERROR; *errStatus = UNKNOWN_ERROR;
memset(err_string, 0, BUF_LEN); memset(errString, 0, BUF_LEN);
memset(encrypted_key, 0, BUF_LEN); memset(encryptedPrivateKey, 0, BUF_LEN);
int stat = AES_encrypt(key, encrypted_key); int stat = AES_encrypt(key, encryptedPrivateKey);
if (stat != 0) { if (stat != 0) {
*errStatus = stat; *errStatus = stat;
snprintf(err_string, BUF_LEN, "AES encrypt failed with status %d", stat); snprintf(errString, BUF_LEN, "AES encrypt failed with status %d", stat);
return; return;
} }
...@@ -1213,18 +1239,18 @@ void trustedEncryptKeyAES(int *errStatus, char *err_string, const char *key, ...@@ -1213,18 +1239,18 @@ void trustedEncryptKeyAES(int *errStatus, char *err_string, const char *key,
char decryptedKey[BUF_LEN]; char decryptedKey[BUF_LEN];
memset(decryptedKey, 0, BUF_LEN); memset(decryptedKey, 0, BUF_LEN);
stat = AES_decrypt(encrypted_key, *enc_len, decryptedKey); stat = AES_decrypt(encryptedPrivateKey, *enc_len, decryptedKey);
if (stat != 0) { if (stat != 0) {
*errStatus = stat; *errStatus = stat;
snprintf(err_string, BUF_LEN, ":trustedDecryptKey failed with status %d", stat); snprintf(errString, BUF_LEN, ":trustedDecryptKey failed with status %d", stat);
return; return;
} }
uint64_t decryptedKeyLen = strnlen(decryptedKey, MAX_KEY_LENGTH); uint64_t decryptedKeyLen = strnlen(decryptedKey, MAX_KEY_LENGTH);
if (decryptedKeyLen == MAX_KEY_LENGTH) { if (decryptedKeyLen == MAX_KEY_LENGTH) {
snprintf(err_string, BUF_LEN, "Decrypted key is not null terminated"); snprintf(errString, BUF_LEN, "Decrypted key is not null terminated");
return; return;
} }
...@@ -1232,32 +1258,32 @@ void trustedEncryptKeyAES(int *errStatus, char *err_string, const char *key, ...@@ -1232,32 +1258,32 @@ void trustedEncryptKeyAES(int *errStatus, char *err_string, const char *key,
*errStatus = -8; *errStatus = -8;
if (strncmp(key, decryptedKey, MAX_KEY_LENGTH) != 0) { if (strncmp(key, decryptedKey, MAX_KEY_LENGTH) != 0) {
snprintf(err_string, BUF_LEN, "Decrypted key does not match original key"); snprintf(errString, BUF_LEN, "Decrypted key does not match original key");
return; return;
} }
*errStatus = 0; *errStatus = 0;
} }
void trustedDecryptKeyAES(int *errStatus, char *err_string, uint8_t *encrypted_key, void trustedDecryptKeyAES(int *errStatus, char *errString, uint8_t *encryptedPrivateKey,
uint32_t enc_len, char *key) { uint32_t enc_len, char *key) {
uint32_t decLen; uint32_t decLen;
*errStatus = -9; *errStatus = -9;
int status = AES_decrypt(encrypted_key, enc_len, key); int status = AES_decrypt(encryptedPrivateKey, enc_len, key);
if (status != 0) { if (status != 0) {
*errStatus = status; *errStatus = status;
snprintf(err_string, BUF_LEN, "aes decrypt failed with status %d", status); snprintf(errString, BUF_LEN, "aes decrypt failed with status %d", status);
return; return;
} }
if (decLen > MAX_KEY_LENGTH) { if (decLen > MAX_KEY_LENGTH) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "wrong decLen");//"decLen != MAX_KEY_LENGTH"); snprintf(errString, BUF_LEN, "wrong decLen");//"decLen != MAX_KEY_LENGTH");
return; return;
} }
...@@ -1268,16 +1294,16 @@ void trustedDecryptKeyAES(int *errStatus, char *err_string, uint8_t *encrypted_k ...@@ -1268,16 +1294,16 @@ void trustedDecryptKeyAES(int *errStatus, char *err_string, uint8_t *encrypted_k
if (keyLen == MAX_KEY_LENGTH) { if (keyLen == MAX_KEY_LENGTH) {
snprintf(err_string, BUF_LEN, "Key is not null terminated"); snprintf(errString, BUF_LEN, "Key is not null terminated");
return; return;
} }
*errStatus = 0; *errStatus = 0;
memcpy(err_string, AES_key, 1024); memcpy(errString, AES_key, 1024);
} }
void trustedBlsSignMessageAES(int *errStatus, char *err_string, uint8_t *encrypted_key, void trustedBlsSignMessageAES(int *errStatus, char *errString, uint8_t *encryptedPrivateKey,
uint32_t enc_len, char *_hashX, uint32_t enc_len, char *_hashX,
char *_hashY, char *signature) { char *_hashY, char *signature) {
...@@ -1288,11 +1314,11 @@ void trustedBlsSignMessageAES(int *errStatus, char *err_string, uint8_t *encrypt ...@@ -1288,11 +1314,11 @@ void trustedBlsSignMessageAES(int *errStatus, char *err_string, uint8_t *encrypt
char sig[BUF_LEN]; char sig[BUF_LEN];
memset(sig, 0, BUF_LEN); memset(sig, 0, BUF_LEN);
int stat = AES_decrypt(encrypted_key, enc_len, key); int stat = AES_decrypt(encryptedPrivateKey, enc_len, key);
if (stat != 0) { if (stat != 0) {
*errStatus = stat; *errStatus = stat;
strncpy(signature, err_string, BUF_LEN); strncpy(signature, errString, BUF_LEN);
return; return;
} }
...@@ -1308,7 +1334,7 @@ void trustedBlsSignMessageAES(int *errStatus, char *err_string, uint8_t *encrypt ...@@ -1308,7 +1334,7 @@ void trustedBlsSignMessageAES(int *errStatus, char *err_string, uint8_t *encrypt
} }
void void
trustedGenDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t *enc_len, size_t _t) { trustedGenDkgSecretAES(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint32_t *enc_len, size_t _t) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -1320,12 +1346,12 @@ trustedGenDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_ ...@@ -1320,12 +1346,12 @@ trustedGenDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_
return; return;
} }
snprintf(err_string, BUF_LEN, "poly is %s ", dkg_secret); snprintf(errString, BUF_LEN, "poly is %s ", dkg_secret);
int status = AES_encrypt(dkg_secret, encrypted_dkg_secret); int status = AES_encrypt(dkg_secret, encrypted_dkg_secret);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "SGX AES encrypt DKG poly failed"); snprintf(errString, BUF_LEN, "SGX AES encrypt DKG poly failed");
*errStatus = status; *errStatus = status;
return; return;
} }
...@@ -1338,14 +1364,14 @@ trustedGenDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_ ...@@ -1338,14 +1364,14 @@ trustedGenDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_
status = AES_decrypt(encrypted_dkg_secret, *enc_len, decr_dkg_secret); status = AES_decrypt(encrypted_dkg_secret, *enc_len, decr_dkg_secret);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "aes decrypt dkg poly failed"); snprintf(errString, BUF_LEN, "aes decrypt dkg poly failed");
*errStatus = status; *errStatus = status;
return; return;
} }
if (strcmp(dkg_secret, decr_dkg_secret) != 0) { if (strcmp(dkg_secret, decr_dkg_secret) != 0) {
snprintf(err_string, BUF_LEN, "poly is %s ", dkg_secret); snprintf(errString, BUF_LEN, "poly is %s ", dkg_secret);
snprintf(err_string + strlen(dkg_secret) + 8, BUF_LEN - strlen(dkg_secret) - 8, snprintf(errString + strlen(dkg_secret) + 8, BUF_LEN - strlen(dkg_secret) - 8,
"encrypted poly is not equal to decrypted poly"); "encrypted poly is not equal to decrypted poly");
*errStatus = -333; *errStatus = -333;
} }
...@@ -1354,7 +1380,7 @@ trustedGenDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_ ...@@ -1354,7 +1380,7 @@ trustedGenDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_
} }
void void
trustedDecryptDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint8_t *decrypted_dkg_secret, trustedDecryptDkgSecretAES(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint8_t *decrypted_dkg_secret,
uint32_t *dec_len) { uint32_t *dec_len) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -1362,14 +1388,14 @@ trustedDecryptDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_ ...@@ -1362,14 +1388,14 @@ trustedDecryptDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_
int status = AES_decrypt(encrypted_dkg_secret, dec_len, decrypted_dkg_secret); int status = AES_decrypt(encrypted_dkg_secret, dec_len, decrypted_dkg_secret);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "aes decrypt data - encrypted_dkg_secret failed with status %d", status); snprintf(errString, BUF_LEN, "aes decrypt data - encrypted_dkg_secret failed with status %d", status);
*errStatus = status; *errStatus = status;
return; return;
} }
} }
void trustedSetEncryptedDkgPolyAES(int *errStatus, char *err_string, uint8_t *encrypted_poly, uint64_t *enc_len) { void trustedSetEncryptedDkgPolyAES(int *errStatus, char *errString, uint8_t *encrypted_poly, uint64_t *enc_len) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -1378,12 +1404,12 @@ void trustedSetEncryptedDkgPolyAES(int *errStatus, char *err_string, uint8_t *en ...@@ -1378,12 +1404,12 @@ void trustedSetEncryptedDkgPolyAES(int *errStatus, char *err_string, uint8_t *en
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_poly failed with status %d", status); snprintf(errString, BUF_LEN, "sgx_unseal_data - encrypted_poly failed with status %d", status);
return; return;
} }
} }
void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t *encrypted_skey, uint32_t *dec_len, void trustedGetEncryptedSecretShareAES(int *errStatus, char *errString, uint8_t *encrypted_skey, uint32_t *dec_len,
char *result_str, char *s_shareG2, char *pub_keyB, uint8_t _t, uint8_t _n, uint8_t ind) { char *result_str, char *s_shareG2, char *pub_keyB, uint8_t _t, uint8_t _n, uint8_t ind) {
char skey[ECDSA_SKEY_LEN]; char skey[ECDSA_SKEY_LEN];
...@@ -1395,7 +1421,7 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t ...@@ -1395,7 +1421,7 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t
uint32_t enc_len; uint32_t enc_len;
trustedGenerateEcdsaKeyAES(errStatus, err_string, encrypted_skey, &enc_len, pub_key_x, pub_key_y); trustedGenerateEcdsaKeyAES(errStatus, errString, encrypted_skey, &enc_len, pub_key_x, pub_key_y);
if (*errStatus != 0) { if (*errStatus != 0) {
return; return;
} }
...@@ -1405,11 +1431,11 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t ...@@ -1405,11 +1431,11 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t
skey[ECDSA_SKEY_LEN - 1] = 0; skey[ECDSA_SKEY_LEN - 1] = 0;
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "AES_decrypt failed (in trustedGetEncryptedSecretShareAES) with status %d", status); snprintf(errString, BUF_LEN, "AES_decrypt failed (in trustedGetEncryptedSecretShareAES) with status %d", status);
*errStatus = status; *errStatus = status;
return; return;
} }
snprintf(err_string, BUF_LEN, "unsealed random skey is %s\n", skey); snprintf(errString, BUF_LEN, "unsealed random skey is %s\n", skey);
*dec_len = enc_len;// + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE; *dec_len = enc_len;// + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE;
...@@ -1422,14 +1448,14 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t ...@@ -1422,14 +1448,14 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t
if (calc_secret_share(decryptedDkgPoly, s_share, _t, _n, ind) != 0) { if (calc_secret_share(decryptedDkgPoly, s_share, _t, _n, ind) != 0) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, decryptedDkgPoly); snprintf(errString, BUF_LEN, decryptedDkgPoly);
return; return;
} }
snprintf(err_string + 88, BUF_LEN, "\nsecret share is %s", s_share); snprintf(errString + 88, BUF_LEN, "\nsecret share is %s", s_share);
if (calc_secret_shareG2(s_share, s_shareG2) != 0) { if (calc_secret_shareG2(s_share, s_shareG2) != 0) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "invalid decr secret share"); snprintf(errString, BUF_LEN, "invalid decr secret share");
return; return;
} }
...@@ -1437,7 +1463,7 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t ...@@ -1437,7 +1463,7 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t
xor_encrypt(common_key, s_share, cypher); xor_encrypt(common_key, s_share, cypher);
if (cypher == NULL) { if (cypher == NULL) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key"); snprintf(errString, BUF_LEN, "invalid common_key");
return; return;
} }
...@@ -1449,7 +1475,7 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t ...@@ -1449,7 +1475,7 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t
} }
void trustedGetPublicSharesAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t enc_len, void trustedGetPublicSharesAES(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint32_t enc_len,
char *public_shares, char *public_shares,
unsigned _t, unsigned _n) { unsigned _t, unsigned _n) {
...@@ -1463,33 +1489,33 @@ void trustedGetPublicSharesAES(int *errStatus, char *err_string, uint8_t *encryp ...@@ -1463,33 +1489,33 @@ void trustedGetPublicSharesAES(int *errStatus, char *err_string, uint8_t *encryp
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "aes decrypt data - encrypted_dkg_secret failed with status %d", status); snprintf(errString, BUF_LEN, "aes decrypt data - encrypted_dkg_secret failed with status %d", status);
*errStatus = status; *errStatus = status;
return; return;
} }
if (calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0) { if (calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "t does not match polynomial in db"); snprintf(errString, BUF_LEN, "t does not match polynomial in db");
return; return;
} }
} }
void trustedDkgVerifyAES(int *errStatus, char *err_string, const char *public_shares, const char *s_share, void trustedDkgVerifyAES(int *errStatus, char *errString, const char *public_shares, const char *s_share,
uint8_t *encrypted_key, uint64_t enc_len, unsigned _t, int _ind, int *result) { uint8_t *encryptedPrivateKey, uint64_t enc_len, unsigned _t, int _ind, int *result) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
char skey[ECDSA_SKEY_LEN]; char skey[ECDSA_SKEY_LEN];
memset(skey, 0, ECDSA_SKEY_LEN); memset(skey, 0, ECDSA_SKEY_LEN);
int status = AES_decrypt(encrypted_key, enc_len, skey); int status = AES_decrypt(encryptedPrivateKey, enc_len, skey);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "AES_decrypt failed (in trustedDkgVerifyAES) with status %d", status); snprintf(errString, BUF_LEN, "AES_decrypt failed (in trustedDkgVerifyAES) with status %d", status);
*errStatus = status; *errStatus = status;
return; return;
} }
...@@ -1506,7 +1532,7 @@ void trustedDkgVerifyAES(int *errStatus, char *err_string, const char *public_sh ...@@ -1506,7 +1532,7 @@ void trustedDkgVerifyAES(int *errStatus, char *err_string, const char *public_sh
if (common_key == NULL || strlen(common_key) == 0) { if (common_key == NULL || strlen(common_key) == 0) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key"); snprintf(errString, BUF_LEN, "invalid common_key");
return; return;
} }
...@@ -1515,7 +1541,7 @@ void trustedDkgVerifyAES(int *errStatus, char *err_string, const char *public_sh ...@@ -1515,7 +1541,7 @@ void trustedDkgVerifyAES(int *errStatus, char *err_string, const char *public_sh
xor_decrypt(common_key, encr_sshare, decr_sshare); xor_decrypt(common_key, encr_sshare, decr_sshare);
if (decr_sshare == NULL) { if (decr_sshare == NULL) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key"); snprintf(errString, BUF_LEN, "invalid common_key");
return; return;
} }
...@@ -1523,27 +1549,27 @@ void trustedDkgVerifyAES(int *errStatus, char *err_string, const char *public_sh ...@@ -1523,27 +1549,27 @@ void trustedDkgVerifyAES(int *errStatus, char *err_string, const char *public_sh
mpz_init(s); mpz_init(s);
if (mpz_set_str(s, decr_sshare, 16) == -1) { if (mpz_set_str(s, decr_sshare, 16) == -1) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid decr secret share"); snprintf(errString, BUF_LEN, "invalid decr secret share");
mpz_clear(s); mpz_clear(s);
return; return;
} }
*result = Verification(public_shares, s, _t, _ind); *result = Verification(public_shares, s, _t, _ind);
snprintf(err_string, BUF_LEN, "secret share dec %s", public_shares); snprintf(errString, BUF_LEN, "secret share dec %s", public_shares);
} }
void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shares, void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_shares,
uint8_t *encrypted_key, uint64_t key_len, uint8_t *encr_bls_key, uint32_t *enc_bls_key_len) { uint8_t *encryptedPrivateKey, uint64_t key_len, uint8_t *encr_bls_key, uint32_t *enc_bls_key_len) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
char skey[ECDSA_SKEY_LEN]; char skey[ECDSA_SKEY_LEN];
int status = AES_decrypt(encrypted_key, key_len, skey); int status = AES_decrypt(encryptedPrivateKey, key_len, skey);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = status; *errStatus = status;
snprintf(err_string, BUF_LEN, "aes decrypt failed with status %d", status); snprintf(errString, BUF_LEN, "aes decrypt failed with status %d", status);
return; return;
} }
skey[ECDSA_SKEY_LEN - 1] = 0; skey[ECDSA_SKEY_LEN - 1] = 0;
...@@ -1571,7 +1597,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar ...@@ -1571,7 +1597,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar
if (common_key == NULL) { if (common_key == NULL) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key"); snprintf(errString, BUF_LEN, "invalid common_key");
mpz_clear(sum); mpz_clear(sum);
return; return;
} }
...@@ -1581,7 +1607,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar ...@@ -1581,7 +1607,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar
xor_decrypt(common_key, encr_sshare, decr_sshare); xor_decrypt(common_key, encr_sshare, decr_sshare);
if (decr_sshare == NULL) { if (decr_sshare == NULL) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key"); snprintf(errString, BUF_LEN, "invalid common_key");
mpz_clear(sum); mpz_clear(sum);
return; return;
} }
...@@ -1591,8 +1617,8 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar ...@@ -1591,8 +1617,8 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar
mpz_init(decr_secret_share); mpz_init(decr_secret_share);
if (mpz_set_str(decr_secret_share, decr_sshare, 16) == -1) { if (mpz_set_str(decr_secret_share, decr_sshare, 16) == -1) {
*errStatus = 111; *errStatus = 111;
//snprintf(err_string, BUF_LEN ,"invalid decrypted secret share"); //snprintf(errString, BUF_LEN ,"invalid decrypted secret share");
snprintf(err_string, BUF_LEN, decr_sshare); snprintf(errString, BUF_LEN, decr_sshare);
mpz_clear(decr_secret_share); mpz_clear(decr_secret_share);
return; return;
} }
...@@ -1612,7 +1638,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar ...@@ -1612,7 +1638,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar
char key_share[mpz_sizeinbase(bls_key, 16) + 2]; char key_share[mpz_sizeinbase(bls_key, 16) + 2];
char *key = mpz_get_str(key_share, 16, bls_key); char *key = mpz_get_str(key_share, 16, bls_key);
snprintf(err_string, BUF_LEN, " bls private key is %s", key_share); snprintf(errString, BUF_LEN, " bls private key is %s", key_share);
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN); uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
...@@ -1620,7 +1646,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar ...@@ -1620,7 +1646,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "aes encrypt bls private key failed with status %d ", status); snprintf(errString, BUF_LEN, "aes encrypt bls private key failed with status %d ", status);
mpz_clear(bls_key); mpz_clear(bls_key);
mpz_clear(sum); mpz_clear(sum);
mpz_clear(q); mpz_clear(q);
...@@ -1634,7 +1660,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar ...@@ -1634,7 +1660,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shar
} }
void void
trustedGetBlsPubKeyAES(int *errStatus, char *err_string, uint8_t *encrypted_key, uint64_t key_len, char *bls_pub_key) { trustedGetBlsPubKeyAES(int *errStatus, char *errString, uint8_t *encryptedPrivateKey, uint64_t key_len, char *bls_pub_key) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
...@@ -1642,10 +1668,10 @@ trustedGetBlsPubKeyAES(int *errStatus, char *err_string, uint8_t *encrypted_key, ...@@ -1642,10 +1668,10 @@ trustedGetBlsPubKeyAES(int *errStatus, char *err_string, uint8_t *encrypted_key,
uint32_t len = key_len; uint32_t len = key_len;
int status = AES_decrypt(encrypted_key, key_len, skey_hex); int status = AES_decrypt(encryptedPrivateKey, key_len, skey_hex);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = 1; *errStatus = 1;
snprintf(err_string, BUF_LEN, "aes_decrypt failed with status %d", status); snprintf(errString, BUF_LEN, "aes_decrypt failed with status %d", status);
return; return;
} }
...@@ -1653,7 +1679,7 @@ trustedGetBlsPubKeyAES(int *errStatus, char *err_string, uint8_t *encrypted_key, ...@@ -1653,7 +1679,7 @@ trustedGetBlsPubKeyAES(int *errStatus, char *err_string, uint8_t *encrypted_key,
if (calc_bls_public_key(skey_hex, bls_pub_key) != 0) { if (calc_bls_public_key(skey_hex, bls_pub_key) != 0) {
*errStatus = -1; *errStatus = -1;
snprintf(err_string, BUF_LEN, "could not calculate bls public key"); snprintf(errString, BUF_LEN, "could not calculate bls public key");
return; return;
} }
} }
......
testw.cpp
View file @ 1b65b688
...@@ -776,7 +776,7 @@ TEST_CASE_METHOD(TestFixture, "Get ServerStatus", "[get-server-status]") { ...@@ -776,7 +776,7 @@ TEST_CASE_METHOD(TestFixture, "Get ServerStatus", "[get-server-status]") {
TEST_CASE_METHOD(TestFixture, "Get ServerVersion", "[get-server-version]") { TEST_CASE_METHOD(TestFixture, "Get ServerVersion", "[get-server-version]") {
HttpClient client(RPC_ENDPOINT); HttpClient client(RPC_ENDPOINT);
StubClient c(client, JSONRPC_CLIENT_V2); StubClient c(client, JSONRPC_CLIENT_V2);
REQUIRE(c.getServerVersion()["version"] == SGXWALLET_VERSION); REQUIRE(c.getServerVersion()["version"] == SGXWalletServer::getVersion());
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment