Merge pull request #75 from skalenetwork/SKALE-2454-add-log-levels-to-enclave

Skale 2454 add log levels to enclave

Merge pull request #75 from skalenetwork/SKALE-2454-add-log-levels-to-enclave
Skale 2454 add log levels to enclave
1deead1b · Stan Kladko · GitHub · 3baf6d2e · 1d56b136 · 1deead1b
Unverified Commit 1deead1b authored Apr 17, 2020 by Stan Kladko Committed by GitHub Apr 17, 2020
46 changed files
--- a/BLSCrypto.cpp
+++ b/BLSCrypto.cpp
@@ -49,7 +49,7 @@
 #include "BLSCrypto.h"
 #include "ServerInit.h"

-#include "RPCException.h"
+#include "SGXException.h"

 #include "spdlog/spdlog.h"
 #include "common.h"
@@ -160,9 +160,9 @@ bool sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t
    uint64_t binLen;

    if (!hex2carray(_hashHex, &binLen, hash->data())) {
-        throw RPCException(INVALID_HEX, "Invalid hash");
+        throw SGXException(INVALID_HEX, "Invalid hash");
    }
-    // assert(binLen == hash->size());
+



@@ -201,9 +201,8 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
    uint64_t binLen;

    if (!hex2carray(_hashHex, &binLen, hash->data())) {
-        throw RPCException(INVALID_HEX, "Invalid hash");
+        throw SGXException(INVALID_HEX, "Invalid hash");
    }
-    // assert(binLen == hash->size());



@@ -267,13 +266,13 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
    }

    sgx_status_t status =
-            bls_sign_message_aes(eid, &errStatus, errMsg, encryptedKey,
+            trustedBlsSignMessageAES(eid, &errStatus, errMsg, encryptedKey,
                                 sz, xStrArg, yStrArg, signature);


    if (status != SGX_SUCCESS) {
-        cerr << "SGX enclave call  to bls_sign_message failed:" << status << std::endl;
-        BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call  to bls_sign_message failed"));
+        cerr << "SGX enclave call  to trustedBlsSignMessage failed:" << status << std::endl;
+        BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call  to trustedBlsSignMessage failed"));
    }


@@ -321,8 +320,8 @@ char *encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key)

    unsigned int encryptedLen = 0;

-    //status = encrypt_key(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
-    status = encrypt_key_aes(eid, errStatus, errMsg->data(), keyArray->data(), encryptedKey->data(), &encryptedLen);
+    //status = trustedEncryptKey(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
+    status = trustedEncryptKeyAES(eid, errStatus, errMsg->data(), keyArray->data(), encryptedKey->data(), &encryptedLen);

    spdlog::debug("errStatus is {}", *errStatus);
    spdlog::debug(" errMsg is ", errMsg->data());
@@ -335,7 +334,7 @@ char *encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key)
    }

    if (*errStatus != 0) {
-        throw RPCException(-666, errMsg->data());
+        throw SGXException(-666, errMsg->data());
    }


@@ -361,8 +360,8 @@ char *decryptBLSKeyShareFromHex(int *errStatus, char *errMsg, const char *_encry

    char *plaintextKey = (char *) calloc(BUF_LEN, 1);

-    //status = decrypt_key(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
-    status = decrypt_key_aes(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
+    //status = trustedDecryptKey(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
+    status = trustedDecryptKeyAES(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);

    if (status != SGX_SUCCESS) {
        return nullptr;

--- a/BLSCrypto.h
+++ b/BLSCrypto.h
@@ -30,11 +30,8 @@
 #define EXTERNC
 #endif

-//EXTERNC void init_all();
-//
-//EXTERNC void init_daemon();
-//
-//EXTERNC  void init_enclave();
+#include "stddef.h"
+#include "stdint.h"

 EXTERNC bool bls_sign(const char* encryptedKeyHex, const char* hashHex, size_t t, size_t n,
        size_t signerIndex, char* _sig);

--- a/BLSPrivateKeyShareSGX.cpp
+++ b/BLSPrivateKeyShareSGX.cpp
@@ -165,7 +165,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
  cerr << "Key is " + *encryptedKeyHex << endl;

  sgx_status_t status =
-      bls_sign_message(eid, &errStatus, errMsg, encryptedKey,
+      trustedBlsSignMessage(eid, &errStatus, errMsg, encryptedKey,
                       encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);

 // strncpy(signature, "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855", 1024);
@@ -174,13 +174,13 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(


  if (status != SGX_SUCCESS) {
-    gmp_printf("SGX enclave call  to bls_sign_message failed: 0x%04x\n", status);
-    BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call  to bls_sign_message failed"));
+    gmp_printf("SGX enclave call  to trustedBlsSignMessage failed: 0x%04x\n", status);
+    BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call  to trustedBlsSignMessage failed"));
  }


  if (errStatus != 0) {
-    BOOST_THROW_EXCEPTION(runtime_error("Enclave bls_sign_message failed:" + to_string(errStatus) + ":" + errMsg ));
+    BOOST_THROW_EXCEPTION(runtime_error("Enclave trustedBlsSignMessage failed:" + to_string(errStatus) + ":" + errMsg ));
    return nullptr;
  }

@@ -269,7 +269,7 @@ std::shared_ptr<BLSSigShare> BLSPrivateKeyShareSGX::signWithHelperSGX(
  cerr << "Key is " + *encryptedKeyHex << endl;

 //  sgx_status_t status =
-//      bls_sign_message(eid, &errStatus, errMsg, encryptedKey,
+//      trustedBlsSignMessage(eid, &errStatus, errMsg, encryptedKey,
 //                       encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);

  strncpy(signature, "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855", 1024);
@@ -278,13 +278,13 @@ std::shared_ptr<BLSSigShare> BLSPrivateKeyShareSGX::signWithHelperSGX(


 //  if (status != SGX_SUCCESS) {
-//    gmp_printf("SGX enclave call  to bls_sign_message failed: 0x%04x\n", status);
-//    BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call  to bls_sign_message failed"));
+//    gmp_printf("SGX enclave call  to trustedBlsSignMessage failed: 0x%04x\n", status);
+//    BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call  to trustedBlsSignMessage failed"));
 //  }


 //  if (errStatus != 0) {
-//    BOOST_THROW_EXCEPTION(runtime_error("Enclave bls_sign_message failed:" + to_string(errStatus) + ":" + errMsg ));
+//    BOOST_THROW_EXCEPTION(runtime_error("Enclave trustedBlsSignMessage failed:" + to_string(errStatus) + ":" + errMsg ));
 //    return nullptr;
 //  }


--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -12,19 +12,19 @@ include_directories(tgmp-build/include)
 add_executable(sgxwallet
        secure_enclave/AESUtils.c
        secure_enclave/AESUtils.h
-        secure_enclave/BLSEnclave.cpp
-        secure_enclave/BLSEnclave.h
-        secure_enclave/curves.c
-        secure_enclave/curves.h
-        secure_enclave/DH_dkg.c
-        secure_enclave/DH_dkg.h
+        secure_enclave/EnclaveCommon.cpp
+        secure_enclave/EnclaveCommon.h
+        secure_enclave/Curves.c
+        secure_enclave/Curves.h
+        secure_enclave/DHDkg.c
+        secure_enclave/DHDkg.h
        secure_enclave/DKGUtils.cpp
        secure_enclave/DKGUtils.h
-        secure_enclave/domain_parameters.c
-        secure_enclave/domain_parameters.h
-        secure_enclave/enclave_common.h
-        secure_enclave/numbertheory.c
-        secure_enclave/numbertheory.h
+        secure_enclave/DomainParameters.c
+        secure_enclave/DomainParameters.h
+        secure_enclave/EnclaveConstants.h
+        secure_enclave/NumberTheory.c
+        secure_enclave/NumberTheory.h
        secure_enclave/point.c
        secure_enclave/point.h
        secure_enclave/secure_enclave.c
@@ -58,7 +58,7 @@ add_executable(sgxwallet
        LevelDB.h
        oc_alloc.c
        RPCException.cpp
-        RPCException.h
+        SGXException.h
        secure_enclave_u.c
        secure_enclave_u.h
        SEKManager.cpp

--- a/CSRManagerServer.cpp
+++ b/CSRManagerServer.cpp
@@ -23,7 +23,7 @@


 #include "CSRManagerServer.h"
-#include "RPCException.h"
+#include "SGXException.h"
 #include "sgxwallet_common.h"

 #include <iostream>
@@ -40,108 +40,107 @@ jsonrpc::HttpServer *hs3 = nullptr;


 CSRManagerServer::CSRManagerServer(AbstractServerConnector &connector,
-    serverVersion_t type):abstractCSRManagerServer(connector, type){}
+                                   serverVersion_t type) : abstractCSRManagerServer(connector, type) {}


-Json::Value getUnsignedCSRsImpl(){
-  spdlog::info("Enter getUnsignedCSRsImpl");
-  Json::Value result;
-  result["status"] = 0;
-  result["errorMessage"] = "";
+Json::Value getUnsignedCSRsImpl() {
+    spdlog::info("Enter getUnsignedCSRsImpl");
+    Json::Value result;
+    result["status"] = 0;
+    result["errorMessage"] = "";

-  try{
-    vector<string> hashes_vect = LevelDB::getCsrDb()->writeKeysToVector1(MAX_CSR_NUM);
-    for (int i = 0; i < (int) hashes_vect.size(); i++){
-      result["hashes"][i] = hashes_vect.at(i);
-    }
-  } catch (RPCException &_e) {
-    cerr << " err str " << _e.errString << endl;
-    result["status"] = _e.status;
-    result["errorMessage"] = _e.errString;
-
-  }
-
-  return result;
-}
-
-Json::Value signByHashImpl(const string& hash, int status){
-  Json::Value result;
-  result["errorMessage"] = "";
-
-  try{
-    if ( !(status == 0 || status == 2)){
-      throw RPCException(-111, "Invalid csr status");
-    }
+    try {
+        vector<string> hashes_vect = LevelDB::getCsrDb()->writeKeysToVector1(MAX_CSR_NUM);
+        for (int i = 0; i < (int) hashes_vect.size(); i++) {
+            result["hashes"][i] = hashes_vect.at(i);
+        }
+    } catch (SGXException &_e) {
+        cerr << " err str " << _e.errString << endl;
+        result["status"] = _e.status;
+        result["errorMessage"] = _e.errString;

-    string csr_db_key = "CSR:HASH:" + hash;
-    shared_ptr<string> csr_ptr = LevelDB::getCsrDb()->readString(csr_db_key);
-    if (csr_ptr == nullptr){
-      throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "HASH DOES NOT EXIST IN DB");
    }

-    if (status == 0) {
-      string csr_name = "sgx_data/cert/" + hash + ".csr";
-      ofstream outfile(csr_name);
-      outfile << *csr_ptr << endl;
-      outfile.close();
-      if (access(csr_name.c_str(), F_OK) != 0) {
-        LevelDB::getCsrDb()->deleteKey(csr_db_key);
-        throw RPCException(FILE_NOT_FOUND, "Csr does not exist");
-      }
+    return result;
+}

-      string signClientCert = "cd sgx_data/cert && ./create_client_cert " + hash;
+Json::Value signByHashImpl(const string &hash, int status) {
+    Json::Value result;
+    result["errorMessage"] = "";
+
+    try {
+        if (!(status == 0 || status == 2)) {
+            throw SGXException(-111, "Invalid csr status");
+        }
+
+        string csr_db_key = "CSR:HASH:" + hash;
+        shared_ptr<string> csr_ptr = LevelDB::getCsrDb()->readString(csr_db_key);
+        if (csr_ptr == nullptr) {
+            throw SGXException(KEY_SHARE_DOES_NOT_EXIST, "HASH DOES NOT EXIST IN DB");
+        }
+
+        if (status == 0) {
+            string csr_name = "sgx_data/cert/" + hash + ".csr";
+            ofstream outfile(csr_name);
+            outfile << *csr_ptr << endl;
+            outfile.close();
+            if (access(csr_name.c_str(), F_OK) != 0) {
+                LevelDB::getCsrDb()->deleteKey(csr_db_key);
+                throw SGXException(FILE_NOT_FOUND, "Csr does not exist");
+            }
+
+            string signClientCert = "cd sgx_data/cert && ./create_client_cert " + hash;
+
+            if (system(signClientCert.c_str()) == 0) {
+                spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED");
+            } else {
+                spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
+                LevelDB::getCsrDb()->deleteKey(csr_db_key);
+                string status_db_key = "CSR:HASH:" + hash + "STATUS:";
+                LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
+                LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, "-1");
+                throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
+                //exit(-1);
+            }
+        }

-      if (system(signClientCert.c_str()) == 0) {
-        spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED");
-      } else {
-        spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
        LevelDB::getCsrDb()->deleteKey(csr_db_key);
        string status_db_key = "CSR:HASH:" + hash + "STATUS:";
        LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
-        LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, "-1");
-        throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
-        //exit(-1);
-      }
-    }
-
-    LevelDB::getCsrDb()->deleteKey(csr_db_key);
-    string status_db_key = "CSR:HASH:" + hash + "STATUS:";
-    LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
-    LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(status));
+        LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(status));

-    result["status"] = status;
+        result["status"] = status;

-  } catch (RPCException &_e) {
-    cerr << " err str " << _e.errString << endl;
-    result["status"] = _e.status;
-    result["errorMessage"] = _e.errString;
-  }
+    } catch (SGXException &_e) {
+        cerr << " err str " << _e.errString << endl;
+        result["status"] = _e.status;
+        result["errorMessage"] = _e.errString;
+    }

-  return result;
+    return result;
 }


-Json::Value CSRManagerServer::getUnsignedCSRs(){
-  lock_guard<recursive_mutex> lock(m);
-  return getUnsignedCSRsImpl();
+Json::Value CSRManagerServer::getUnsignedCSRs() {
+    lock_guard<recursive_mutex> lock(m);
+    return getUnsignedCSRsImpl();
 }

-Json::Value CSRManagerServer::signByHash(const string& hash, int status){
-   lock_guard<recursive_mutex> lock(m);
-   return signByHashImpl(hash, status);
+Json::Value CSRManagerServer::signByHash(const string &hash, int status) {
+    lock_guard<recursive_mutex> lock(m);
+    return signByHashImpl(hash, status);
 }

-int init_csrmanager_server(){
-  hs3 = new jsonrpc::HttpServer(BASE_PORT + 2);
-  hs3 -> BindLocalhost();
-  cs = new CSRManagerServer(*hs3, JSONRPC_SERVER_V2); // server (json-rpc 2.0)
-
-  if (!cs->StartListening()) {
-    spdlog::info("CSR manager server could not start listening");
-    exit(-1);
-  }
-  else {
-    spdlog::info("CSR manager server started on port {}", BASE_PORT + 2);
-  }
-  return 0;
+int init_csrmanager_server() {
+    hs3 = new jsonrpc::HttpServer(BASE_PORT + 2);
+    hs3->BindLocalhost();
+    cs = new CSRManagerServer(*hs3, JSONRPC_SERVER_V2); // server (json-rpc 2.0)
+
+    if (!cs->StartListening()) {
+        spdlog::info("CSR manager server could not start listening");
+        exit(-1);
+    } else {
+        spdlog::info("CSR manager server started on port {}", BASE_PORT + 2);
+    }
+    return 0;
 };
\ No newline at end of file
--- a/DKGCrypto.cpp
+++ b/DKGCrypto.cpp
--- a/DKGCrypto.h
+++ b/DKGCrypto.h
@@ -31,13 +31,13 @@ std::string gen_dkg_poly( int _t);

 std::vector <std::vector<std::string>> get_verif_vect(const char* encryptedPolyHex, int t, int n);

-std::vector<std::string> splitString(const char* koefs, const char symbol);
+std::vector<std::string> splitString(const char* coeffs, const char symbol);

-std::string get_secret_shares(const std::string& _polyName, const char* _encryptedPolyHex, const std::vector<std::string>& _publicKeys, int _t, int _n);
+std::string trustedGetSecretShares(const std::string& _polyName, const char* _encryptedPolyHex, const std::vector<std::string>& _publicKeys, int _t, int _n);

 bool verifyShares(const char* publicShares, const char* encr_sshare, const char * encryptedKeyHex, int t, int n, int ind);

-std::string decrypt_DHKey(const std::string& polyName, int ind);
+std::string decryptDHKey(const std::string& polyName, int ind);

 bool CreateBLSShare( const std::string& blsKeyName, const char * s_shares, const char * encryptedKeyHex);


--- a/ECDSACrypto.cpp
+++ b/ECDSACrypto.cpp
@@ -25,7 +25,7 @@
 #include "BLSCrypto.h"
 #include "sgxwallet.h"

-#include "RPCException.h"
+#include "SGXException.h"

 #include <iostream>
 #include <gmp.h>
@@ -45,20 +45,20 @@ string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) {

 std::vector<std::string> genECDSAKey() {
    char *errMsg = (char *) calloc(1024, 1);
-    int err_status = 0;
+    int errStatus = 0;
    uint8_t *encr_pr_key = (uint8_t *) calloc(1024, 1);
    char *pub_key_x = (char *) calloc(1024, 1);
    char *pub_key_y = (char *) calloc(1024, 1);
    uint32_t enc_len = 0;

    if (!encryptKeys)
-        status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y);
+        status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y);
    else
-        status = generate_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y);
+        status = trustedGenerateEcdsaKeyAES(eid, &errStatus, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y);

-    if (status != SGX_SUCCESS || err_status != 0) {
+    if (status != SGX_SUCCESS || errStatus != 0) {
        spdlog::error("RPCException thrown with status {}", status);
-        throw RPCException(status, errMsg);
+        throw SGXException(status, errMsg);
    }
    std::vector<std::string> keys(3);

@@ -106,20 +106,20 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
    vector<char> pubKeyY(BUF_LEN, 0);
    vector<uint8_t> encrPrKey(BUF_LEN, 0);

-    int err_status = 0;
+    int errStatus = 0;
    uint64_t enc_len = 0;

    if (!hex2carray(_encryptedKeyHex, &enc_len, encrPrKey.data())) {
-        throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
+        throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
    }

    if (!encryptKeys)
-        status = get_public_ecdsa_key(eid, &err_status, errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(),
+        status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(),
                pubKeyY.data());
-    else status = get_public_ecdsa_key_aes(eid, &err_status,
+    else status = trustedGetPublicEcdsaKeyAES(eid, &errStatus,
            errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(), pubKeyY.data());
-    if (err_status != 0) {
-        throw RPCException(-666, errMsg.data());
+    if (errStatus != 0) {
+        throw SGXException(-666, errMsg.data());
    }
    string pubKey = string(pubKeyX.data()) + string(pubKeyY.data());//concatPubKeyWith0x(pub_key_x, pub_key_y);//

@@ -127,7 +127,7 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
        spdlog::debug("pubkey is {}", pubKey);
        spdlog::debug("pubkey length is {}", pubKey.length());
        spdlog::debug("err str is {}", errMsg.data());
-        spdlog::debug("err status is {}", err_status);
+        spdlog::debug("err status is {}", errStatus);


    return pubKey;
@@ -137,7 +137,7 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i
    vector<string> signature_vect(3);

    char *errMsg = (char *) calloc(1024, 1);
-    int err_status = 0;
+    int errStatus = 0;
    char *signature_r = (char *) calloc(1024, 1);
    char *signature_s = (char *) calloc(1024, 1);
    uint8_t signature_v = 0;
@@ -146,7 +146,7 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i
    //uint8_t encr_key[BUF_LEN];
    uint8_t *encr_key = (uint8_t *) calloc(1024, 1);
    if (!hex2carray(encryptedKeyHex, &dec_len, encr_key)) {
-        throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
+        throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
    }


@@ -156,13 +156,13 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i


    if (!encryptKeys)
-        status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char *) hashHex, signature_r,
+        status = trustedEcdsaSign(eid, &errStatus, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char *) hashHex, signature_r,
                             signature_s, &signature_v, base);
    else
-        status = ecdsa_sign_aes(eid, &err_status, errMsg, encr_key, dec_len, (unsigned char *) hashHex, signature_r,
+        status = trustedEcdsaSignAES(eid, &errStatus, errMsg, encr_key, dec_len, (unsigned char *) hashHex, signature_r,
                                signature_s, &signature_v, base);
-    if (err_status != 0) {
-        throw RPCException(-666, errMsg);
+    if (errStatus != 0) {
+        throw SGXException(-666, errMsg);
    }



--- a/LevelDB.cpp
+++ b/LevelDB.cpp
@@ -31,7 +31,7 @@
 #include "leveldb/db.h"

 #include "sgxwallet_common.h"
-#include "RPCException.h"
+#include "SGXException.h"
 #include "LevelDB.h"

 #include "ServerInit.h"
@@ -57,7 +57,7 @@ std::shared_ptr<string> LevelDB::readString(const string &_key) {
    auto result = std::make_shared<string>();

    if (db == nullptr) {
-        throw RPCException(NULL_DATABASE, "Null db");
+        throw SGXException(NULL_DATABASE, "Null db");
    }

    auto status = db->Get(readOptions, _key, &*result);
@@ -163,7 +163,7 @@ void LevelDB::throwExceptionOnError(Status _status) {
        return;

    if (!_status.ok()) {
-        throw RPCException(COULD_NOT_ACCESS_DATABASE, ("Could not access database database:" + _status.ToString()).c_str());
+        throw SGXException(COULD_NOT_ACCESS_DATABASE, ("Could not access database database:" + _status.ToString()).c_str());
    }

 }
@@ -213,7 +213,7 @@ void LevelDB::writeDataUnique(const string & Name, const string &value) {
  if (readString(Name) != nullptr) {
    spdlog::debug("name {}",Name, " already exists");
     // std::cerr << "name " << Name << " already exists" << std::endl;
-    throw RPCException(KEY_SHARE_ALREADY_EXISTS, "Data with this name already exists");
+    throw SGXException(KEY_SHARE_ALREADY_EXISTS, "Data with this name already exists");
  }

  writeString(key, value);

--- a/RPCException.cpp
+++ b/RPCException.cpp
@@ -21,4 +21,4 @@
    @date 2019
 */

-#include "RPCException.h"
+#include "SGXException.h"
--- a/SEKManager.cpp
+++ b/SEKManager.cpp
@@ -22,7 +22,7 @@
 */

 #include "SEKManager.h"
-#include "RPCException.h"
+#include "SGXException.h"
 #include "BLSCrypto.h"
 #include "LevelDB.h"

@@ -53,10 +53,10 @@ void create_test_key(){

  std::string key = TEST_VALUE;

-  status = encrypt_key_aes(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key, &enc_len);
+  status = trustedEncryptKeyAES(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key, &enc_len);
  if ( status != 0){
    std::cerr << "encrypt test key failed with status " << status << std::endl;
-    throw RPCException(status, errMsg.data()) ;
+    throw SGXException(status, errMsg.data()) ;
  }

  //std::cerr << "enc len is " << enc_len << std::endl;
@@ -98,13 +98,13 @@ bool check_SEK(std::string SEK){
    uint32_t l = len;
    std::cerr << " l is " << l << std::endl;

-    status = set_SEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &l, SEK.c_str() );
+    status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &l, SEK.c_str() );
    if (status != SGX_SUCCESS){
      cerr << "RPCException thrown with status " << status << endl;
-      throw RPCException(status, errMsg.data());
+      throw SGXException(status, errMsg.data());
    }

-    status = decrypt_key_aes(eid, &err_status, errMsg.data(), encr_test_key.data(), len, decr_key.data());
+    status = trustedDecryptKeyAES(eid, &err_status, errMsg.data(), encr_test_key.data(), len, decr_key.data());
    if (status != SGX_SUCCESS || err_status != 0){
      spdlog::error("failed to decrypt test key" );
      spdlog::error(errMsg.data());
@@ -133,9 +133,9 @@ void gen_SEK(){
  char SEK[65];
  memset(SEK, 0, 65);

-  status = generate_SEK(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK);
+  status = trustedGenerateSEK(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK);
  if (status != SGX_SUCCESS ||  err_status != 0  ){
-    throw RPCException(status, errMsg.data()) ;
+    throw SGXException(status, errMsg.data()) ;
  }

  vector<char> hexEncrKey(2 * enc_len + 1, 0);
@@ -164,7 +164,7 @@ void gen_SEK(){
  create_test_key();
 }

-void set_SEK(std::shared_ptr<std::string> hex_encr_SEK){
+void trustedSetSEK(std::shared_ptr<std::string> hex_encr_SEK){
  vector<char> errMsg(1024,0);
  int err_status = 0;
  //vector<uint8_t> encr_SEK(1024, 0);
@@ -175,13 +175,13 @@ void set_SEK(std::shared_ptr<std::string> hex_encr_SEK){
  uint64_t len;

  if (!hex2carray(hex_encr_SEK->c_str(), &len, encr_SEK)){
-    throw RPCException(INVALID_HEX, "Invalid encrypted SEK Hex");
+    throw SGXException(INVALID_HEX, "Invalid encrypted SEK Hex");
  }

-  status = set_SEK(eid, &err_status, errMsg.data(), encr_SEK, len );
+  status = trustedSetSEK(eid, &err_status, errMsg.data(), encr_SEK, len );
  if ( status != SGX_SUCCESS || err_status != 0 ){
    cerr << "RPCException thrown" << endl;
-    throw RPCException(status, errMsg.data()) ;
+    throw SGXException(status, errMsg.data()) ;
  }

 }
@@ -210,10 +210,10 @@ void enter_SEK(){
 //   std::cerr << "your key is " << SEK << std::endl;


-  status = set_SEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK.c_str() );
+  status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK.c_str() );
  if (status != SGX_SUCCESS){
    cerr << "RPCException thrown with status " << status << endl;
-    throw RPCException(status, errMsg.data());
+    throw SGXException(status, errMsg.data());
  }

  vector<char> hexEncrKey(2 * enc_len + 1, 0);
@@ -224,14 +224,14 @@ void enter_SEK(){
  LevelDB::getLevelDb() -> writeDataUnique("SEK", hexEncrKey.data());
 }

-void init_SEK(){
+void initSEK(){
  std::shared_ptr<std::string> encr_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
  if (encr_SEK_ptr == nullptr){
    spdlog::error("SEK was not created yet. Going to create SEK");
    gen_SEK();
  }
  else{
-    set_SEK(encr_SEK_ptr);
+    trustedSetSEK(encr_SEK_ptr);
  }
 }


--- a/SEKManager.h
+++ b/SEKManager.h
@@ -35,7 +35,7 @@
 void gen_SEK();

 #ifdef __cplusplus
-void set_SEK(std::shared_ptr<std::string> hex_encr_SEK);
+void trustedSetSEK(std::shared_ptr<std::string> hex_encr_SEK);
 #endif

 #ifdef __cplusplus
@@ -46,7 +46,7 @@ void set_SEK(std::shared_ptr<std::string> hex_encr_SEK);

 EXTERNC void enter_SEK();

-EXTERNC void init_SEK();
+EXTERNC void initSEK();


 #endif //SGXD_SEKMANAGER_H
--- a/RPCException.h
+++ b/RPCException.h
@@ -28,14 +28,14 @@
 #include <string>
 #include <exception>

-class RPCException : public std::exception {
+class SGXException : public std::exception {

 public:

    int32_t status;
    std::string errString;

-    RPCException(int32_t _status, const char* _errString) : status(_status), errString(_errString) {}
+    SGXException(int32_t _status, const char* _errString) : status(_status), errString(_errString) {}

 };


--- a/SGXRegistrationServer.cpp
+++ b/SGXRegistrationServer.cpp
@@ -32,7 +32,7 @@

 #include "sgxwallet_common.h"

-#include "RPCException.h"
+#include "SGXException.h"
 #include "LevelDB.h"

 #include <thread>
@@ -79,7 +79,7 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
            outfile << _csr << endl;
            outfile.close();
            if (access(csr_name.c_str(), F_OK) != 0) {
-                throw RPCException(FILE_NOT_FOUND, "Csr does not exist");
+                throw SGXException(FILE_NOT_FOUND, "Csr does not exist");
            }

            string genCert = "cd cert && ./create_client_cert " + hash;
@@ -91,7 +91,7 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
                spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
                string status_db_key = "CSR:HASH:" + hash + "STATUS:";
                LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(FAIL_TO_CREATE_CERTIFICATE));
-                throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
+                throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
                //exit(-1);
            }
        }
@@ -102,7 +102,7 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
        string db_key = "CSR:HASH:" + hash + "STATUS:";
        LevelDB::getCsrStatusDb()->writeDataUnique(db_key, status);

-    } catch (RPCException &_e) {
+    } catch (SGXException &_e) {
        cerr << " err str " << _e.errString << endl;
        result["status"] = _e.status;
        result["errorMessage"] = _e.errString;
@@ -120,7 +120,7 @@ Json::Value GetSertificateImpl(const string &hash) {
        string db_key = "CSR:HASH:" + hash + "STATUS:";
        shared_ptr<string> status_str_ptr = LevelDB::getCsrStatusDb()->readString(db_key);
        if (status_str_ptr == nullptr) {
-            throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist in csr db");
+            throw SGXException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist in csr db");
        }
        int status = atoi(status_str_ptr->c_str());

@@ -132,7 +132,7 @@ Json::Value GetSertificateImpl(const string &hash) {
                string status_db_key = "CSR:HASH:" + hash + "STATUS:";
                LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
                LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(FILE_NOT_FOUND));
-                throw RPCException(FILE_NOT_FOUND, "Certificate does not exist");
+                throw SGXException(FILE_NOT_FOUND, "Certificate does not exist");
            } else {
                ostringstream ss;
                ss << infile.rdbuf();
@@ -154,7 +154,7 @@ Json::Value GetSertificateImpl(const string &hash) {
        result["status"] = status;
        result["cert"] = cert;

-    } catch (RPCException &_e) {
+    } catch (SGXException &_e) {
        cerr << " err str " << _e.errString << endl;
        result["status"] = _e.status;
        result["errorMessage"] = _e.errString;

--- a/SGXWALLET_VERSION
+++ b/SGXWALLET_VERSION
-#define SGXWALLET_VERSION "1.45.1"
\ No newline at end of file
+#define SGXWALLET_VERSION "1.47.1"
\ No newline at end of file
--- a/SGXWalletServer.cpp
+++ b/SGXWalletServer.cpp
--- a/SGXWalletServer.h
+++ b/SGXWalletServer.h
@@ -31,8 +31,12 @@
 #endif


-EXTERNC void setFullOptions(int _printDebugInfo, int _useHTTPS, int _autoconfirm, int _encryptKeys);
-EXTERNC void setOptions(int _printDebugInfo, int _useHTTPS, int _autoconfirm);
+EXTERNC void setFullOptions(int _printDebugInfo,
+                            int _printTraceInfo, int _useHTTPS, int _autoconfirm, int _encryptKeys);
+
+
+EXTERNC void setOptions(int _printDebugInfo,
+                        int _printTraceInfo, int _useHTTPS, int _autoconfirm);




--- a/ServerInit.cpp
+++ b/ServerInit.cpp
@@ -62,7 +62,7 @@ void initUserSpace() {
 }


-void initEnclave() {
+void initEnclave(uint32_t _logLevel) {

    eid = 0;
    updated = 0;
@@ -85,38 +85,37 @@ void initEnclave() {

    if (status != SGX_SUCCESS) {
        if (status == SGX_ERROR_ENCLAVE_FILE_ACCESS) {
-            fprintf(stderr, "sgx_create_enclave: %s: file not found\n", ENCLAVE_NAME);
-            fprintf(stderr, "Did you forget to set LD_LIBRARY_PATH?\n");
+            spdlog::error("sgx_create_enclave: {}: file not found", ENCLAVE_NAME);
+            spdlog::error("Did you forget to set LD_LIBRARY_PATH?");
        } else {
-            spdlog::error("sgx_create_enclave_search failed");
-            fprintf(stderr, "%s: 0x%04x\n", ENCLAVE_NAME, status);
+            spdlog::error("sgx_create_enclave_search failed {} {}", ENCLAVE_NAME, status);
        }
        exit(1);
    }

    spdlog::info("Enclave created and started successfully");

-    status = tgmp_init(eid);
+    status = trustedEnclaveInit(eid, _logLevel);
    if (status != SGX_SUCCESS) {
-        fprintf(stderr, "ECALL tgmp_init: 0x%04x\n", status);
+        spdlog::error("trustedEnclaveInit failed: {}", status);
        exit(1);
    }

-    spdlog::info("Enclave libtgmp library initialized successfully");
+    spdlog::info("Enclave libtgmp library and logging initialized successfully");

 }


 int sgxServerInited = 0;

-void initAll(bool _checkCert, bool _autoSign) {
+void initAll(uint32_t  _logLevel, bool _checkCert, bool _autoSign) {

    cout << "Running sgxwallet version:" << SGXWALLET_VERSION << endl;
    CHECK_STATE(sgxServerInited == 0)
    sgxServerInited = 1;
-    initEnclave();
+    initEnclave(_logLevel);
    initUserSpace();
-    init_SEK();
+    initSEK();

    if (useHTTPS) {
        SGXWalletServer::initHttpsServer(_checkCert);

--- a/ServerInit.h
+++ b/ServerInit.h
@@ -24,17 +24,19 @@
 #ifndef SGXWALLET_SERVERINIT_H
 #define SGXWALLET_SERVERINIT_H

+#include "stdint.h"
+
 #ifdef __cplusplus
 #define EXTERNC extern "C"
 #else
 #define EXTERNC
 #endif

-EXTERNC void initAll(bool _checkCert, bool _autoSign);
+EXTERNC void initAll(uint32_t  _logLevel, bool _checkCert, bool _autoSign);

 EXTERNC void initUserSpace();

-EXTERNC void initEnclave();
+EXTERNC void initEnclave(uint32_t _logLevel);




--- a/oc_alloc.c
+++ b/oc_alloc.c
@@ -47,7 +47,7 @@ void oc_printf (const char *str) {
    /* Proxy/Bridge will check the length and null-terminate
     * the input string to prevent buffer overflow.
     * */
-    fprintf(stderr, "***ENCLAVE_LOG***: %s", str);
+    fprintf(stderr, "%s", str);
 }



--- a/secure_enclave/curves.c
+++ b/secure_enclave/curves.c
@@ -21,13 +21,13 @@
    @date 2019
 */

-#include <../tgmp-build/include/sgx_tgmp.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include <stdbool.h>
-#include "domain_parameters.h"
-#include "curves.h"
-#include "point.h"
+#include <../tgmp-build/include/sgx_tgmp.h>
+#include "DomainParameters.h"
+#include "Curves.h"
+#include "Point.h"

 /*Load a curve depending on it's curve number, defined by the enum*/
 void domain_parameters_load_curve(domain_parameters out, curve_list curve)

--- a/secure_enclave/curves.h
+++ b/secure_enclave/curves.h
@@ -21,6 +21,11 @@
    @date 2019
 */

+
+#ifndef SGXWALLET_CURVES_H
+#define SGXWALLET_CURVES_H
+
+
 /*Curves that can be loaded using domain_parameters_load_curve()*/
 typedef enum {	secp112r1 = 0,
 				//secp112r2,	//See remark below
@@ -50,3 +55,6 @@ Benchmark is supposed to write -1 as operation time if the operation failed.
 As I don't see any reason to have extent my headache I'm putting this problem to rest by commenting these curves out. Furthermore it's very limited in terms of what can be done to debug these curves, since I don't have any test vectors for them.
 It's probably related to a bug in the implementation, perhaps an exception I didn't handle or round of, who knows.
 */
+
+
+#endif
\ No newline at end of file
--- a/secure_enclave/DH_dkg.c
+++ b/secure_enclave/DH_dkg.c
@@ -16,30 +16,31 @@
    You should have received a copy of the GNU Affero General Public License
    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.

-    @file DH_dkg.c
+    @file DHDkg.c
    @author Stan Kladko
    @date 2019
 */

 #include <stdlib.h>
-#include <../tgmp-build/include/sgx_tgmp.h>
 #include <stdbool.h>
-#include "domain_parameters.h"
-#include "curves.h"
-#include "point.h"
-#include "numbertheory.h"
+#include <../tgmp-build/include/sgx_tgmp.h>
+
+#include "DomainParameters.h"
+#include "Curves.h"
+#include "Point.h"
+#include "NumberTheory.h"

 #include <stdint.h>
-#include "BLSEnclave.h"
+#include "EnclaveCommon.h"
 #include <string.h>

 void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){

-    char* pb_keyB_x = (char*)malloc(65);
+    char* pb_keyB_x = (char*)calloc(65, 1);
    strncpy(pb_keyB_x, pb_keyB, 64);
    pb_keyB_x[64] = 0;

-    char* pb_keyB_y = (char*)malloc(65);
+    char* pb_keyB_y = (char*)calloc(65,1);
    strncpy(pb_keyB_y, pb_keyB + 64, 64);
    pb_keyB_y[64] = 0;

@@ -75,11 +76,11 @@ void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){

 void session_key_recover(const char *skey_str, const char* sshare, char* common_key){

-    char* pb_keyB_x = (char*)malloc(65);
+    char* pb_keyB_x = (char*)calloc(65, 1);
    strncpy(pb_keyB_x, sshare + 64, 64);
    pb_keyB_x[64] = 0;

-    char* pb_keyB_y = (char*)malloc(65);
+    char* pb_keyB_y = (char*)calloc(65, 1);
    strncpy(pb_keyB_y, sshare + 128, 64);
    pb_keyB_y[64] = 0;

@@ -122,7 +123,7 @@ void xor_encrypt(char* key, char* message, char* cypher){
   uint8_t cypher_bin[33];

   //uint8_t key_bin[33];
-   uint8_t* key_bin = (uint8_t*)malloc(33);
+   uint8_t* key_bin = (uint8_t*)calloc(33,1);
   uint64_t key_length;
   if (!hex2carray(key, &key_length, key_bin)){
     cypher = NULL;
@@ -151,7 +152,7 @@ void xor_decrypt(char* key, char* cypher, char* message){
    uint8_t msg_bin[33];

    //uint8_t key_bin[33];
-    uint8_t* key_bin = (uint8_t*)malloc(33);
+    uint8_t* key_bin = (uint8_t*)calloc(33,1);
    uint64_t key_length;
    if (!hex2carray(key, &key_length, key_bin)){
      message = NULL;

--- a/secure_enclave/DH_dkg.h
+++ b/secure_enclave/DH_dkg.h
--- a/secure_enclave/DKGUtils.cpp
+++ b/secure_enclave/DKGUtils.cpp
--- a/secure_enclave/DKGUtils.h
+++ b/secure_enclave/DKGUtils.h
@@ -21,8 +21,8 @@
    @date 2019
 */

-#ifndef SGXD_DKGUTILS_H
-#define SGXD_DKGUTILS_H
+#ifndef SGXWALLET_DKGUTILS_H
+#define SGXWALLET_DKGUTILS_H

 #ifdef __cplusplus
 #define EXTERNC extern "C"
@@ -34,13 +34,13 @@

 EXTERNC int gen_dkg_poly( char* secret, unsigned _t);

-EXTERNC void calc_secret_shares(const char* decrypted_koefs, char * secret_shares,
+EXTERNC void calc_secret_shares(const char* decrypted_coeffs, char * secret_shares,
                        unsigned _t, unsigned _n);

-EXTERNC int calc_secret_share(const char* decrypted_koefs, char * s_share,
+EXTERNC int calc_secret_share(const char* decrypted_coeffs, char * s_share,
                               unsigned _t, unsigned _n, unsigned ind);

-EXTERNC int calc_public_shares(const char* decrypted_koefs, char * public_shares,
+EXTERNC int calc_public_shares(const char* decrypted_coeffs, char * public_shares,
                        unsigned _t);

 EXTERNC int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int ind);
@@ -51,5 +51,5 @@ EXTERNC void calc_secret_shareG2_old(const char* public_shares, char * s_shareG2
                                 unsigned _t, unsigned ind);

 EXTERNC int calc_secret_shareG2(const char* s_share, char * s_shareG2);
-#endif //SGXD_DKGUTILS_H
+#endif

--- a/secure_enclave/domain_parameters.c
+++ b/secure_enclave/domain_parameters.c
@@ -25,14 +25,14 @@
 #include <stdlib.h>
 #include <stdbool.h>
 #include <string.h>
-#include "domain_parameters.h"
-#include "point.h"
+#include "Point.h"
+#include "DomainParameters.h"

 /*Initialize a curve*/
 domain_parameters domain_parameters_init()
 {
 	domain_parameters curve;
-	curve = malloc(sizeof(struct domain_parameters_s));
+	curve = calloc(sizeof(struct domain_parameters_s),1);

 	//Initialize all members
 	mpz_init(curve->p);
@@ -49,7 +49,7 @@ domain_parameters domain_parameters_init()
 void domain_parameters_set_name(domain_parameters curve, char* name)
 {
 	int len = strlen(name);
-	curve->name = (char*)malloc( sizeof(char) * (len+1) );
+	curve->name = (char*)calloc( sizeof(char) * (len+1), 1 );
 	curve->name[len] = '\0';
 	strncpy(curve->name, name, len+1);
 }

--- a/secure_enclave/domain_parameters.h
+++ b/secure_enclave/domain_parameters.h
@@ -20,16 +20,20 @@
    @author Stan Kladko
    @date 2019
 */
+#ifndef SGXWALLET_DOMAINPARAMETERS_H
+#define SGXWALLET_DOMAINPARAMETERS_H
+

 /*Type that represents a point*/
 typedef struct point_s* point;
 struct point_s
 {
-	mpz_t x;
-	mpz_t y;
-	bool infinity;
+    mpz_t x;
+    mpz_t y;
+    bool infinity;
 };

+
 /*Type that represents a curve*/
 typedef struct domain_parameters_s* domain_parameters;
 struct domain_parameters_s
@@ -66,3 +70,4 @@ void domain_parameters_set_hex(domain_parameters curve, char* name, char* p, cha
 /*Release memory*/
 void domain_parameters_clear(domain_parameters curve);

+#endif
\ No newline at end of file
--- a/secure_enclave/BLSEnclave.cpp
+++ b/secure_enclave/BLSEnclave.cpp
@@ -16,7 +16,7 @@
    You should have received a copy of the GNU Affero General Public License
    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.

-    @file BLSEnclave.cpp
+    @file EnclaveCommon.cpp
    @author Stan Kladko
    @date 2019
 */
@@ -25,15 +25,19 @@

 #include <string.h>
 #include <cstdint>
-//#include "../sgxwallet_common.h"
-#include "enclave_common.h"

-
-#include "BLSEnclave.h"
 #include "../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.hpp"
 #include "../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp"

-std::string *stringFromKey(libff::alt_bn128_Fr *_key) {
+#include "secure_enclave_t.h"
+
+#include "EnclaveConstants.h"
+#include "EnclaveCommon.h"
+
+using namespace  std;
+
+
+string *stringFromKey(libff::alt_bn128_Fr *_key) {

    mpz_t t;
    mpz_init(t);
@@ -45,10 +49,10 @@ std::string *stringFromKey(libff::alt_bn128_Fr *_key) {
    char *tmp = mpz_get_str(arr, 10, t);
    mpz_clear(t);

-    return new std::string(tmp);
+    return new string(tmp);
 }

-std::string *stringFromFq(libff::alt_bn128_Fq *_fq) {
+string *stringFromFq(libff::alt_bn128_Fq *_fq) {

    mpz_t t;
    mpz_init(t);
@@ -60,10 +64,10 @@ std::string *stringFromFq(libff::alt_bn128_Fq *_fq) {
    char *tmp = mpz_get_str(arr, 10, t);
    mpz_clear(t);

-    return new std::string(tmp);
+    return new string(tmp);
 }

-std::string *stringFromG1(libff::alt_bn128_G1 *_g1) {
+string *stringFromG1(libff::alt_bn128_G1 *_g1) {


    _g1->to_affine_coordinates();
@@ -71,7 +75,7 @@ std::string *stringFromG1(libff::alt_bn128_G1 *_g1) {
    auto sX = stringFromFq(&_g1->X);
    auto sY = stringFromFq(&_g1->Y);

-    auto sG1 = new std::string(*sX + ":" + *sY);
+    auto sG1 = new string(*sX + ":" + *sY);

    delete (sX);
    delete (sY);
@@ -95,14 +99,14 @@ libff::alt_bn128_Fr *keyFromString(const char *_keyStringHex) {

 int inited = 0;

-void init() {
+void enclave_init() {
    if (inited == 1)
        return;
    inited = 1;
    libff::init_alt_bn128_params();
 }

-void checkKey(int *err_status, char *err_string, const char *_keyString) {
+void checkKey(int *errStatus, char *err_string, const char *_keyString) {

    uint64_t keyLen = strnlen(_keyString, MAX_KEY_LENGTH);

@@ -114,7 +118,7 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
    }


-    *err_status = -2;
+    *errStatus = -2;


    if (_keyString == nullptr) {
@@ -122,7 +126,7 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
        return;
    }

-    *err_status = -3;
+    *errStatus = -3;

     //check that key is padded with 0s

@@ -132,9 +136,9 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
        }
    }

-//    std::string ks(_keyString);
+//    string ks(_keyString);
 //
-//    // std::string  keyString =
+//    // string  keyString =
 //    // "4160780231445160889237664391382223604184857153814275770598791864649971919844";
 //
 //    auto key = keyFromString(ks.c_str());
@@ -142,10 +146,10 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
 //    auto s1 = stringFromKey(key);
 //
 //    if (s1->compare(ks) != 0) {
-//        throw std::exception();
+//        throw exception();
 //    }

-    *err_status = 0;
+    *errStatus = 0;

   // return;
 }
@@ -161,7 +165,7 @@ bool enclave_sign(const char *_keyString, const char *_hashXString, const char *
    auto key = keyFromString(_keyString);

    if (key == nullptr) {
-        throw std::exception();
+        throw exception();
    }

    libff::alt_bn128_Fq hashX(_hashXString);
@@ -270,4 +274,41 @@ bool hex2carray(const char * _hex, uint64_t  *_bin_len,

 }

+enum log_level {L_TRACE = 0, L_DEBUG = 1, L_INFO = 2,L_WARNING = 3,  L_ERROR = 4 };
+
+
+uint32_t globalLogLevel_ = 2;
+
+void logMsg(log_level _level, char* _msg) {
+
+    if (_level < globalLogLevel_)
+        return;
+
+    if (!_msg) {
+        oc_printf("Null msg in logMsg");
+        return;
+    }
+
+    oc_printf("***ENCLAVE_LOG***:");
+    oc_printf(_msg);
+    oc_printf("\n");
+}
+
+
+EXTERNC void LOG_INFO(char* _msg) {
+    logMsg(L_INFO, _msg);
+};
+EXTERNC void LOG_WARNING(char* _msg) {
+    logMsg(L_WARNING, _msg);
+};
+
+EXTERNC void LOG_ERROR(char* _msg) {
+    logMsg(L_ERROR, _msg);
+};
+EXTERNC void LOG_DEBUG(char* _msg) {
+    logMsg(L_DEBUG, _msg);
+};
+EXTERNC void LOG_TRACE(char* _msg) {
+    logMsg(L_TRACE, _msg);
+};

--- a/secure_enclave/BLSEnclave.h
+++ b/secure_enclave/BLSEnclave.h
@@ -21,8 +21,8 @@
    @date 2019
 */

-#ifndef SGXWALLET_BLSUTILS_H
-#define SGXWALLET_BLSUTILS_H
+#ifndef SGXWALLET_ENCLAVECOMMON_H
+#define SGXWALLET_ENCLAVECOMMON_H



@@ -34,9 +34,9 @@

 //#include <stdint.h>

-EXTERNC void checkKey(int *err_status, char *err_string, const char* _keyString);
+EXTERNC void checkKey(int *errStatus, char *err_string, const char* _keyString);

-EXTERNC void check_key(int *err_status, char *err_string, const char* _keyString);
+EXTERNC void check_key(int *errStatus, char *err_string, const char* _keyString);



@@ -49,7 +49,18 @@ EXTERNC bool hex2carray(const char * _hex, uint64_t  *_bin_len,
                       uint8_t* _bin );
 EXTERNC bool hex2carray2(const char * _hex, uint64_t  *_bin_len,
                         uint8_t* _bin, const int _max_length );
-EXTERNC void init();
+EXTERNC void enclave_init();


-#endif //SGXWALLET_BLSUTILS_H
+EXTERNC void LOG_INFO(char* msg);
+EXTERNC void LOG_WARNING(char* _msg);
+EXTERNC void LOG_ERROR(char* _msg);
+EXTERNC void LOG_DEBUG(char* _msg);
+EXTERNC void LOG_TRACE(char* _msg);
+
+
+extern uint32_t globalLogLevel_;
+
+
+
+#endif //SGXWALLET_ENCLAVECOMMON_H
--- a/secure_enclave/enclave_common.h
+++ b/secure_enclave/enclave_common.h
--- a/secure_enclave/Makefile.am
+++ b/secure_enclave/Makefile.am
@@ -85,8 +85,8 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h

 secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
 	secure_enclave.c \
-	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c AESUtils.c \
-    DKGUtils.cpp   BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
+	Curves.c DomainParameters.c NumberTheory.c Point.c Signature.c DHDkg.c AESUtils.c \
+    DKGUtils.cpp   EnclaveCommon.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
                ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
                ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)


--- a/secure_enclave/Makefile.in
+++ b/secure_enclave/Makefile.in
@@ -107,10 +107,10 @@ am__installdirs = "$(DESTDIR)$(libexecdir)"
 PROGRAMS = $(libexec_PROGRAMS)
 am__objects_1 =
 am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \
-	secure_enclave.$(OBJEXT) curves.$(OBJEXT) \
-	domain_parameters.$(OBJEXT) numbertheory.$(OBJEXT) \
-	point.$(OBJEXT) signature.$(OBJEXT) DH_dkg.$(OBJEXT) \
-	AESUtils.$(OBJEXT) DKGUtils.$(OBJEXT) BLSEnclave.$(OBJEXT) \
+	secure_enclave.$(OBJEXT) Curves.$(OBJEXT) \
+	DomainParameters.$(OBJEXT) NumberTheory.$(OBJEXT) \
+	Point.$(OBJEXT) Signature.$(OBJEXT) DHDkg.$(OBJEXT) \
+	AESUtils.$(OBJEXT) DKGUtils.$(OBJEXT) EnclaveCommon.$(OBJEXT) \
 	alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \
 	alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1)
 secure_enclave_OBJECTS = $(am_secure_enclave_OBJECTS)
@@ -338,8 +338,8 @@ ENCLAVE_CONFIG = $(ENCLAVE).config.xml
 ENCLAVE_KEY = test_insecure_private_key.pem       #$(ENCLAVE)_private.pem
 secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
 	secure_enclave.c \
-	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c AESUtils.c \
-    DKGUtils.cpp   BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
+	Curves.c DomainParameters.c NumberTheory.c Point.c Signature.c DHDkg.c AESUtils.c \
+    DKGUtils.cpp   EnclaveCommon.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
                ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
                ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)

@@ -433,19 +433,19 @@ distclean-compile:
 	-rm -f *.tab.c

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/AESUtils.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Curves.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DHDkg.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DomainParameters.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/EnclaveCommon.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/NumberTheory.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Point.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Signature.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/curves.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domain_parameters.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numbertheory.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/point.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signature.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@


--- a/secure_enclave/numbertheory.c
+++ b/secure_enclave/numbertheory.c
@@ -25,7 +25,7 @@
 #include <stdio.h>
 #include <../tgmp-build/include/sgx_tgmp.h>
 #include <stdbool.h>
-#include "numbertheory.h"
+#include "NumberTheory.h"

 /*Calculate R = a^k mod P, using repeated square-and-multiply algorithm
 *Handbook of applied cryptography: Algorithm 2.143. */

--- a/secure_enclave/numbertheory.h
+++ b/secure_enclave/numbertheory.h
--- a/secure_enclave/point.c
+++ b/secure_enclave/point.c
@@ -27,15 +27,16 @@
 #include <string.h>
 #include <assert.h>
 #include <stdbool.h>
-#include "domain_parameters.h"
-#include "point.h"
-#include "numbertheory.h"

+#include "NumberTheory.h"
+
+#include "DomainParameters.h"
+#include "Point.h"
 /*Initialize a point*/
 point point_init()
 {
 	point p;
-	p = malloc(sizeof(struct point_s));
+	p = calloc(sizeof(struct point_s), 1);
 	mpz_init(p->x);
 	mpz_init(p->y);
 	p->infinity = false;
@@ -364,7 +365,7 @@ char* point_compress(point P)

 	//Reserve memory
 	int l = mpz_sizeinbase(P->x, 16) + 2;
-	char* result = (char*)malloc(l + 1);
+	char* result = (char*)calloc(l + 1, 1);
 	result[l] = '\0';
 	mpz_t t1;mpz_init(t1);


--- a/secure_enclave/point.h
+++ b/secure_enclave/point.h
@@ -21,6 +21,13 @@
    @date 2019
 */

+
+#ifndef SGXWALLET_POINT_H
+#define SGXWALLET_POINT_H
+
+
+#include "DomainParameters.h"
+
 /*Initialize a point*/
 point point_init();

@@ -71,3 +78,4 @@ void point_copy(point R, point P);
 /*Set a point from another point*/
 void point_set(point R, point P);

+#endif
\ No newline at end of file
--- a/secure_enclave/signature.c
+++ b/secure_enclave/signature.c
@@ -26,10 +26,10 @@
 #include <../tgmp-build/include/sgx_tgmp.h>
 #include <stdbool.h>
 #include <assert.h>
-#include "domain_parameters.h"
-#include "point.h"
-#include "signature.h"
-#include "numbertheory.h"
+#include "DomainParameters.h"
+#include "Point.h"
+#include "NumberTheory.h"
+#include "Signature.h"

 /*Initialize a signature*/
 signature signature_init() {
@@ -97,7 +97,7 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para
    mpz_init(k); mpz_init(x); mpz_init(r); mpz_init(t1); mpz_init(t2); mpz_init(t3); mpz_init(s);
    mpz_init(t4); mpz_init(t5); mpz_init(n_div_2); mpz_init(rem); mpz_init(neg); mpz_init(seed);

-    unsigned char *rand_char = (unsigned char *) malloc(32);
+    unsigned char *rand_char = (unsigned char *) calloc(32,1);

    sgx_read_rand(rand_char, 32);


--- a/secure_enclave/signature.h
+++ b/secure_enclave/signature.h
@@ -21,6 +21,9 @@
    @date 2019
 */

+#ifndef SGXWALLET_SIGNATURE_H
+#define SGXWALLET_SIGNATURE_H
+
 /*Type for representing a signature*/
 struct signature_s
 {
@@ -64,4 +67,4 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para
 /*Verify the integrity of a message using it's signature*/
 bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve);

-
+#endif
--- a/secure_enclave/secure_enclave.c
+++ b/secure_enclave/secure_enclave.c
--- a/secure_enclave/secure_enclave.edl
+++ b/secure_enclave/secure_enclave.edl
--- a/secure_enclave/secure_enclave.i
+++ b/secure_enclave/secure_enclave.i
@@ -5464,19 +5464,19 @@ enum
 # 10 "secure_enclave_t.h" 2
 # 19 "secure_enclave_t.h"
 void tgmp_init(void);
-void e_mpz_add(mpz_t* c, mpz_t* a, mpz_t* b);
-void e_mpz_mul(mpz_t* c, mpz_t* a, mpz_t* b);
-void e_mpz_div(mpz_t* c, mpz_t* a, mpz_t* b);
-void e_mpf_div(mpf_t* c, mpf_t* a, mpf_t* b);
-void generate_ecdsa_key(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t* enc_len, char* pub_key_x, char* pub_key_y);
-void encrypt_key(int* err_status, char* err_string, char* key, uint8_t* encrypted_key, uint32_t* enc_len);
-void decrypt_key(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* key);
-void bls_sign_message(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* hashX, char* hashY, char* signature);
-void gen_dkg_secret(int* err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t* enc_len, size_t _t);
-void decrypt_dkg_secret(int* err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len);
-void get_secret_shares(int* err_status, char* err_string, uint8_t* decrypted_dkg_secret, uint32_t enc_len, char* secret_shares, unsigned int _t, unsigned int _n);
-void get_public_shares(int* err_status, char* err_string, uint8_t* decrypted_dkg_secret, uint32_t enc_len, char* public_shares, unsigned int _t, unsigned int _n);
-void ecdsa_sign1(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t dec_len, unsigned char* hash, char* signature, int test_len);
+void trustedEMpzAdd(mpz_t* c, mpz_t* a, mpz_t* b);
+void trustedEMpzMul(mpz_t* c, mpz_t* a, mpz_t* b);
+void trustedEMpzDiv(mpz_t* c, mpz_t* a, mpz_t* b);
+void trustedEMpfDiv(mpf_t* c, mpf_t* a, mpf_t* b);
+void trustedGenerateEcdsaKey(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t* enc_len, char* pub_key_x, char* pub_key_y);
+void trustedEncryptKey(int* err_status, char* err_string, char* key, uint8_t* encrypted_key, uint32_t* enc_len);
+void trustedDecryptKey(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* key);
+void trustedBlsSignMessage(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* hashX, char* hashY, char* signature);
+void trustedGenDkgSecret(int* err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t* enc_len, size_t _t);
+void trustedDecryptDkgSecret(int* err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len);
+void trustedGetSecretShares(int* err_status, char* err_string, uint8_t* decrypted_dkg_secret, uint32_t enc_len, char* secret_shares, unsigned int _t, unsigned int _n);
+void trustedGetPublicShares(int* err_status, char* err_string, uint8_t* decrypted_dkg_secret, uint32_t enc_len, char* public_shares, unsigned int _t, unsigned int _n);
+void trustedEcdsaSign(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t dec_len, unsigned char* hash, char* signature, int test_len);

 sgx_status_t oc_realloc(uint64_t* retval, void* optr, size_t osz, size_t nsz);
 sgx_status_t oc_free(void* optr, size_t sz);
@@ -6682,16 +6682,16 @@ void *reallocate_function(void *ptr, size_t osize, size_t nsize) {
    return (void *) nptr;
 }

-void e_mpz_add(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
+void trustedEMpzAdd(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}

-void e_mpz_mul(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
+void trustedEMpzMul(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}

-void e_mpz_div(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
+void trustedEMpzDiv(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}

-void e_mpf_div(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {}
+void trustedEMpfDiv(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {}


-void generate_ecdsa_key(int *err_status, char *err_string,
+void trustedGenerateEcdsaKey(int *err_status, char *err_string,
                        uint8_t *encrypted_key, uint32_t *enc_len, char * pub_key_x, char * pub_key_y) {

  domain_parameters curve = domain_parameters_init();
@@ -6741,7 +6741,7 @@ void generate_ecdsa_key(int *err_status, char *err_string,
 }


-void encrypt_key(int *err_status, char *err_string, char *key,
+void trustedEncryptKey(int *err_status, char *err_string, char *key,
                 uint8_t *encrypted_key, uint32_t *enc_len) {

    init();
@@ -6782,10 +6782,10 @@ void encrypt_key(int *err_status, char *err_string, char *key,
    char decryptedKey[1024];
    memset(decryptedKey, 0, 1024);

-    decrypt_key(err_status, err_string, encrypted_key, sealedLen, decryptedKey);
+    trustedDecryptKey(err_status, err_string, encrypted_key, sealedLen, decryptedKey);

    if (*err_status != 0) {
-        snprintf(err_string + strlen(err_string), 1024, ":decrypt_key failed");
+        snprintf(err_string + strlen(err_string), 1024, ":trustedDecryptKey failed");
        return;
    }

@@ -6807,7 +6807,7 @@ void encrypt_key(int *err_status, char *err_string, char *key,
    *err_status = 0;
 }

-void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
+void trustedDecryptKey(int *err_status, char *err_string, uint8_t *encrypted_key,
                 uint32_t enc_len, char *key) {

    init();
@@ -6857,7 +6857,7 @@ void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
 }


-void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
+void trustedBlsSignMessage(int *err_status, char *err_string, uint8_t *encrypted_key,
                      uint32_t enc_len, char *_hashX,
                      char *_hashY, char *signature) {

@@ -6869,7 +6869,7 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
    init();


-    decrypt_key(err_status, err_string, encrypted_key, enc_len, key);
+    trustedDecryptKey(err_status, err_string, encrypted_key, enc_len, key);

    if (*err_status != 0) {
        return;
@@ -6887,7 +6887,7 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,

 }

-void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t* enc_len, size_t _t){
+void trustedGenDkgSecret (int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t* enc_len, size_t _t){

  char* dkg_secret = (char*)malloc(1250);

@@ -6905,7 +6905,7 @@ void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_s
  free(dkg_secret);
 }

-void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len){
+void trustedDecryptDkgSecret (int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len){



@@ -6918,17 +6918,17 @@ void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_d
  }
 }

-void get_secret_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* secret_shares,
+void trustedGetSecretShares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* secret_shares,
    unsigned _t, unsigned _n){
  char* decrypted_dkg_secret = (char*)malloc(2000);
-  decrypt_dkg_secret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len);
+  trustedDecryptDkgSecret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len);
  calc_secret_shares(decrypted_dkg_secret, secret_shares, _t, _n);
 }

-void get_public_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* public_shares,
+void trustedGetPublicShares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* public_shares,
                       unsigned _t, unsigned _n){
    char* decrypted_dkg_secret = (char*)malloc(2000);
-    decrypt_dkg_secret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len);
+    trustedDecryptDkgSecret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len);
    calc_public_shares(decrypted_dkg_secret, public_shares, _t);
 }

@@ -6940,7 +6940,7 @@ struct signature_s
  mpz_t s;
 };

-void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key,
+void trustedEcdsaSign(int *err_status, char *err_string, uint8_t *encrypted_key,
                        uint32_t dec_len, unsigned char* hash, char * signature, int test_len) {

  domain_parameters curve = domain_parameters_init();

--- a/sgxwallet.c
+++ b/sgxwallet.c
@@ -33,15 +33,14 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 */

+#include <stdbool.h>

-#include "sgxwallet.h"
 #include "BLSCrypto.h"
 #include "ServerInit.h"

 #include "SEKManager.h"
-
-
-#include <stdbool.h>
+#include "SGXWalletServer.h"
+#include "sgxwallet.h"


 void usage() {
@@ -59,16 +58,21 @@ void printUsage() {
    fprintf(stderr, "-c  do not verify client certificate\n");
    fprintf(stderr, "-s  sign client certificate without human confirmation \n");
    fprintf(stderr, "-d  turn on debug output\n");
+    fprintf(stderr, "-v  verbose mode: turn on debug output\n");
+    fprintf(stderr, "-vv  detailed verbose mode: turn on debug and trace outputs\n");
    fprintf(stderr, "-0  launch SGXWalletServer using http (not https)\n");
    fprintf(stderr, "-b  Restore from back up (you will need to enter backup key) \n");
    fprintf(stderr, "-y  Do not ask user to acknoledge receipt of backup key \n");
 }

+enum log_level {L_TRACE = 0, L_DEBUG = 1, L_INFO = 2,L_WARNING = 3,  L_ERROR = 4 };
+
 int main(int argc, char *argv[]) {

    bool encryptKeysOption  = false;
    bool useHTTPSOption = true;
    bool printDebugInfoOption = false;
+    bool printTraceInfoOption = false;
    bool autoconfirmOption = false;
    bool checkClientCertOption = true;
    bool autoSignClientCertOption = false;
@@ -83,17 +87,11 @@ int main(int argc, char *argv[]) {



-    while ((opt = getopt(argc, argv, "cshd0aby")) != -1) {
+    while ((opt = getopt(argc, argv, "cshd0abyvV")) != -1) {
        switch (opt) {
            case 'h':
-                if (strlen(argv[1]) == 2) {
-                    printUsage();
-                    exit(0);
-                } else {
-                    fprintf(stderr, "unknown flag %s\n", argv[1]);
-                    printUsage();
-                    exit(1);
-                }
+                printUsage();
+                exit(0);
            case 'c':
                checkClientCertOption = false;
                break;
@@ -103,6 +101,13 @@ int main(int argc, char *argv[]) {
            case 'd':
                printDebugInfoOption = true;
                break;
+            case 'v':
+                printDebugInfoOption = true;
+                break;
+            case 'V':
+                printDebugInfoOption = true;
+                printTraceInfoOption = true;
+                break;
            case '0':
                useHTTPSOption = false;
                break;
@@ -115,17 +120,26 @@ int main(int argc, char *argv[]) {
            case 'y':
                autoconfirmOption = true;
                break;
-            case '?':
+            default:
                printUsage();
                exit(1);
-            default:
                break;
        }
    }

-    setFullOptions(printDebugInfoOption, useHTTPSOption, autoconfirmOption, encryptKeysOption);
+    setFullOptions(printDebugInfoOption, printTraceInfoOption, useHTTPSOption, autoconfirmOption, encryptKeysOption);
+
+
+
+    uint32_t  enclaveLogLevel = L_INFO;
+
+    if (printTraceInfoOption) {
+        enclaveLogLevel = L_TRACE;
+    } else if (printDebugInfoOption) {
+        enclaveLogLevel = L_DEBUG;
+    }

-    initAll(checkClientCertOption, autoSignClientCertOption);
+    initAll(enclaveLogLevel, checkClientCertOption, autoSignClientCertOption);

    while (true) {
        sleep(10);

--- a/sgxwallet_common.h
+++ b/sgxwallet_common.h
@@ -35,7 +35,7 @@



-extern int printDebugInfo;
+
 extern int useHTTPS;
 extern int encryptKeys;
 extern int autoconfirm;

--- a/testw.cpp
+++ b/testw.cpp
--- a/testw.py
+++ b/testw.py
@@ -29,7 +29,6 @@ username = getpass.getuser()



-assert username == "root"

 topDir = os.getcwd() + "/sgxwallet"
 print("Starting build push")