Skip to content

S
sgxwallet
Unverified Commit 1deead1b authored by Stan Kladko's avatar Stan Kladko Committed by GitHub
Browse files
Options

Merge pull request #75 from skalenetwork/SKALE-2454-add-log-levels-to-enclave 

Skale 2454 add log levels to enclave
parents 3baf6d2e 1d56b136
Hide whitespace changes
Inline Side-by-side
Showing with 1139 additions and 1100 deletions
BLSCrypto.cpp
View file @ 1deead1b
......@@ -49,7 +49,7 @@
#include "BLSCrypto.h"
#include "ServerInit.h"
#include "RPCException.h"
#include "SGXException.h"
#include "spdlog/spdlog.h"
#include "common.h"
......@@ -160,9 +160,9 @@ bool sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t
uint64_t binLen;
if (!hex2carray(_hashHex, &binLen, hash->data())) {
throw RPCException(INVALID_HEX, "Invalid hash");
throw SGXException(INVALID_HEX, "Invalid hash");
}
// assert(binLen == hash->size());
......@@ -201,9 +201,8 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
uint64_t binLen;
if (!hex2carray(_hashHex, &binLen, hash->data())) {
throw RPCException(INVALID_HEX, "Invalid hash");
throw SGXException(INVALID_HEX, "Invalid hash");
}
// assert(binLen == hash->size());
......@@ -267,13 +266,13 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
}
sgx_status_t status =
bls_sign_message_aes(eid, &errStatus, errMsg, encryptedKey,
trustedBlsSignMessageAES(eid, &errStatus, errMsg, encryptedKey,
sz, xStrArg, yStrArg, signature);
if (status != SGX_SUCCESS) {
cerr << "SGX enclave call to bls_sign_message failed:" << status << std::endl;
BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to bls_sign_message failed"));
cerr << "SGX enclave call to trustedBlsSignMessage failed:" << status << std::endl;
BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
}
......@@ -321,8 +320,8 @@ char *encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key)
unsigned int encryptedLen = 0;
//status = encrypt_key(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
status = encrypt_key_aes(eid, errStatus, errMsg->data(), keyArray->data(), encryptedKey->data(), &encryptedLen);
//status = trustedEncryptKey(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
status = trustedEncryptKeyAES(eid, errStatus, errMsg->data(), keyArray->data(), encryptedKey->data(), &encryptedLen);
spdlog::debug("errStatus is {}", *errStatus);
spdlog::debug(" errMsg is ", errMsg->data());
......@@ -335,7 +334,7 @@ char *encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key)
}
if (*errStatus != 0) {
throw RPCException(-666, errMsg->data());
throw SGXException(-666, errMsg->data());
}
......@@ -361,8 +360,8 @@ char *decryptBLSKeyShareFromHex(int *errStatus, char *errMsg, const char *_encry
char *plaintextKey = (char *) calloc(BUF_LEN, 1);
//status = decrypt_key(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
status = decrypt_key_aes(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
//status = trustedDecryptKey(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
status = trustedDecryptKeyAES(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
if (status != SGX_SUCCESS) {
return nullptr;
......
BLSCrypto.h
View file @ 1deead1b
......@@ -30,11 +30,8 @@
#define EXTERNC
#endif
//EXTERNC void init_all();
//
//EXTERNC void init_daemon();
//
//EXTERNC void init_enclave();
#include "stddef.h"
#include "stdint.h"
EXTERNC bool bls_sign(const char* encryptedKeyHex, const char* hashHex, size_t t, size_t n,
size_t signerIndex, char* _sig);
......
BLSPrivateKeyShareSGX.cpp
View file @ 1deead1b
......@@ -165,7 +165,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
cerr << "Key is " + *encryptedKeyHex << endl;
sgx_status_t status =
bls_sign_message(eid, &errStatus, errMsg, encryptedKey,
trustedBlsSignMessage(eid, &errStatus, errMsg, encryptedKey,
encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);
// strncpy(signature, "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855", 1024);
......@@ -174,13 +174,13 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
if (status != SGX_SUCCESS) {
gmp_printf("SGX enclave call to bls_sign_message failed: 0x%04x\n", status);
BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to bls_sign_message failed"));
gmp_printf("SGX enclave call to trustedBlsSignMessage failed: 0x%04x\n", status);
BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
}
if (errStatus != 0) {
BOOST_THROW_EXCEPTION(runtime_error("Enclave bls_sign_message failed:" + to_string(errStatus) + ":" + errMsg ));
BOOST_THROW_EXCEPTION(runtime_error("Enclave trustedBlsSignMessage failed:" + to_string(errStatus) + ":" + errMsg ));
return nullptr;
}
......@@ -269,7 +269,7 @@ std::shared_ptr<BLSSigShare> BLSPrivateKeyShareSGX::signWithHelperSGX(
cerr << "Key is " + *encryptedKeyHex << endl;
// sgx_status_t status =
// bls_sign_message(eid, &errStatus, errMsg, encryptedKey,
// trustedBlsSignMessage(eid, &errStatus, errMsg, encryptedKey,
// encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);
strncpy(signature, "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855", 1024);
......@@ -278,13 +278,13 @@ std::shared_ptr<BLSSigShare> BLSPrivateKeyShareSGX::signWithHelperSGX(
// if (status != SGX_SUCCESS) {
// gmp_printf("SGX enclave call to bls_sign_message failed: 0x%04x\n", status);
// BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to bls_sign_message failed"));
// gmp_printf("SGX enclave call to trustedBlsSignMessage failed: 0x%04x\n", status);
// BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
// }
// if (errStatus != 0) {
// BOOST_THROW_EXCEPTION(runtime_error("Enclave bls_sign_message failed:" + to_string(errStatus) + ":" + errMsg ));
// BOOST_THROW_EXCEPTION(runtime_error("Enclave trustedBlsSignMessage failed:" + to_string(errStatus) + ":" + errMsg ));
// return nullptr;
// }
......
CMakeLists.txt
View file @ 1deead1b
......@@ -12,19 +12,19 @@ include_directories(tgmp-build/include)
add_executable(sgxwallet
secure_enclave/AESUtils.c
secure_enclave/AESUtils.h
secure_enclave/BLSEnclave.cpp
secure_enclave/BLSEnclave.h
secure_enclave/curves.c
secure_enclave/curves.h
secure_enclave/DH_dkg.c
secure_enclave/DH_dkg.h
secure_enclave/EnclaveCommon.cpp
secure_enclave/EnclaveCommon.h
secure_enclave/Curves.c
secure_enclave/Curves.h
secure_enclave/DHDkg.c
secure_enclave/DHDkg.h
secure_enclave/DKGUtils.cpp
secure_enclave/DKGUtils.h
secure_enclave/domain_parameters.c
secure_enclave/domain_parameters.h
secure_enclave/enclave_common.h
secure_enclave/numbertheory.c
secure_enclave/numbertheory.h
secure_enclave/DomainParameters.c
secure_enclave/DomainParameters.h
secure_enclave/EnclaveConstants.h
secure_enclave/NumberTheory.c
secure_enclave/NumberTheory.h
secure_enclave/point.c
secure_enclave/point.h
secure_enclave/secure_enclave.c
......@@ -58,7 +58,7 @@ add_executable(sgxwallet
LevelDB.h
oc_alloc.c
RPCException.cpp
RPCException.h
SGXException.h
secure_enclave_u.c
secure_enclave_u.h
SEKManager.cpp
......
CSRManagerServer.cpp
View file @ 1deead1b
......@@ -23,7 +23,7 @@
#include "CSRManagerServer.h"
#include "RPCException.h"
#include "SGXException.h"
#include "sgxwallet_common.h"
#include <iostream>
......@@ -40,108 +40,107 @@ jsonrpc::HttpServer *hs3 = nullptr;
CSRManagerServer::CSRManagerServer(AbstractServerConnector &connector,
serverVersion_t type):abstractCSRManagerServer(connector, type){}
serverVersion_t type) : abstractCSRManagerServer(connector, type) {}
Json::Value getUnsignedCSRsImpl(){
spdlog::info("Enter getUnsignedCSRsImpl");
Json::Value result;
result["status"] = 0;
result["errorMessage"] = "";
Json::Value getUnsignedCSRsImpl() {
spdlog::info("Enter getUnsignedCSRsImpl");
Json::Value result;
result["status"] = 0;
result["errorMessage"] = "";
try{
vector<string> hashes_vect = LevelDB::getCsrDb()->writeKeysToVector1(MAX_CSR_NUM);
for (int i = 0; i < (int) hashes_vect.size(); i++){
result["hashes"][i] = hashes_vect.at(i);
}
} catch (RPCException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
}
return result;
}
Json::Value signByHashImpl(const string& hash, int status){
Json::Value result;
result["errorMessage"] = "";
try{
if ( !(status == 0 || status == 2)){
throw RPCException(-111, "Invalid csr status");
}
try {
vector<string> hashes_vect = LevelDB::getCsrDb()->writeKeysToVector1(MAX_CSR_NUM);
for (int i = 0; i < (int) hashes_vect.size(); i++) {
result["hashes"][i] = hashes_vect.at(i);
}
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
string csr_db_key = "CSR:HASH:" + hash;
shared_ptr<string> csr_ptr = LevelDB::getCsrDb()->readString(csr_db_key);
if (csr_ptr == nullptr){
throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "HASH DOES NOT EXIST IN DB");
}
if (status == 0) {
string csr_name = "sgx_data/cert/" + hash + ".csr";
ofstream outfile(csr_name);
outfile << *csr_ptr << endl;
outfile.close();
if (access(csr_name.c_str(), F_OK) != 0) {
LevelDB::getCsrDb()->deleteKey(csr_db_key);
throw RPCException(FILE_NOT_FOUND, "Csr does not exist");
}
return result;
}
string signClientCert = "cd sgx_data/cert && ./create_client_cert " + hash;
Json::Value signByHashImpl(const string &hash, int status) {
Json::Value result;
result["errorMessage"] = "";
try {
if (!(status == 0 || status == 2)) {
throw SGXException(-111, "Invalid csr status");
}
string csr_db_key = "CSR:HASH:" + hash;
shared_ptr<string> csr_ptr = LevelDB::getCsrDb()->readString(csr_db_key);
if (csr_ptr == nullptr) {
throw SGXException(KEY_SHARE_DOES_NOT_EXIST, "HASH DOES NOT EXIST IN DB");
}
if (status == 0) {
string csr_name = "sgx_data/cert/" + hash + ".csr";
ofstream outfile(csr_name);
outfile << *csr_ptr << endl;
outfile.close();
if (access(csr_name.c_str(), F_OK) != 0) {
LevelDB::getCsrDb()->deleteKey(csr_db_key);
throw SGXException(FILE_NOT_FOUND, "Csr does not exist");
}
string signClientCert = "cd sgx_data/cert && ./create_client_cert " + hash;
if (system(signClientCert.c_str()) == 0) {
spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED");
} else {
spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
LevelDB::getCsrDb()->deleteKey(csr_db_key);
string status_db_key = "CSR:HASH:" + hash + "STATUS:";
LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, "-1");
throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
//exit(-1);
}
}
if (system(signClientCert.c_str()) == 0) {
spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED");
} else {
spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
LevelDB::getCsrDb()->deleteKey(csr_db_key);
string status_db_key = "CSR:HASH:" + hash + "STATUS:";
LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, "-1");
throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
//exit(-1);
}
}
LevelDB::getCsrDb()->deleteKey(csr_db_key);
string status_db_key = "CSR:HASH:" + hash + "STATUS:";
LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(status));
LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(status));
result["status"] = status;
result["status"] = status;
} catch (RPCException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
}
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
}
return result;
return result;
}
Json::Value CSRManagerServer::getUnsignedCSRs(){
lock_guard<recursive_mutex> lock(m);
return getUnsignedCSRsImpl();
Json::Value CSRManagerServer::getUnsignedCSRs() {
lock_guard<recursive_mutex> lock(m);
return getUnsignedCSRsImpl();
}
Json::Value CSRManagerServer::signByHash(const string& hash, int status){
lock_guard<recursive_mutex> lock(m);
return signByHashImpl(hash, status);
Json::Value CSRManagerServer::signByHash(const string &hash, int status) {
lock_guard<recursive_mutex> lock(m);
return signByHashImpl(hash, status);
}
int init_csrmanager_server(){
hs3 = new jsonrpc::HttpServer(BASE_PORT + 2);
hs3 -> BindLocalhost();
cs = new CSRManagerServer(*hs3, JSONRPC_SERVER_V2); // server (json-rpc 2.0)
if (!cs->StartListening()) {
spdlog::info("CSR manager server could not start listening");
exit(-1);
}
else {
spdlog::info("CSR manager server started on port {}", BASE_PORT + 2);
}
return 0;
int init_csrmanager_server() {
hs3 = new jsonrpc::HttpServer(BASE_PORT + 2);
hs3->BindLocalhost();
cs = new CSRManagerServer(*hs3, JSONRPC_SERVER_V2); // server (json-rpc 2.0)
if (!cs->StartListening()) {
spdlog::info("CSR manager server could not start listening");
exit(-1);
} else {
spdlog::info("CSR manager server started on port {}", BASE_PORT + 2);
}
return 0;
};
\ No newline at end of file
DKGCrypto.cpp
View file @ 1deead1b
......@@ -28,7 +28,7 @@
#include <memory>
#include "SGXWalletServer.hpp"
#include "RPCException.h"
#include "SGXException.h"
//#include <libBLS/libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp>
#include <libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp>
......@@ -38,8 +38,8 @@
#define DKG_MAX_SEALED_LEN 3100
vector<string> splitString(const char *koefs, const char symbol) {
string str(koefs);
vector<string> splitString(const char *coeffs, const char symbol) {
string str(coeffs);
string delim;
delim.push_back(symbol);
vector<string> G2_strings;
......@@ -49,8 +49,8 @@ vector<string> splitString(const char *koefs, const char symbol) {
if (pos == string::npos) pos = str.length();
string token = str.substr(prev, pos - prev);
if (!token.empty()) {
string koef(token.c_str());
G2_strings.push_back(koef);
string coeff(token.c_str());
G2_strings.push_back(coeff);
}
prev = pos + delim.length();
} while (pos < str.length() && prev < str.length());
......@@ -77,21 +77,21 @@ string ConvertToString(T field_elem, int base = 10) {
string gen_dkg_poly(int _t) {
vector<char> errMsg(1024, 0);
int err_status = 0;
int errStatus = 0;
vector<uint8_t> encrypted_dkg_secret(BUF_LEN, 0);
uint32_t enc_len = 0;
if (!encryptKeys)
status = gen_dkg_secret(eid, &err_status, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, _t);
status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, _t);
else
status = gen_dkg_secret_aes(eid, &err_status, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, _t);
if (err_status != 0) {
throw RPCException(-666, errMsg.data());
status = trustedGenDkgSecretAES(eid, &errStatus, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, _t);
if (errStatus != 0) {
throw SGXException(-666, errMsg.data());
}
spdlog::debug("gen_dkg_secret, status {}", err_status, " err msg ", errMsg.data());
spdlog::debug("trustedGenDkgSecret, status {}", errStatus, " err msg ", errMsg.data());
spdlog::debug("in DKGCrypto encr len is {}", enc_len);
uint64_t length = DKG_MAX_SEALED_LEN;
......@@ -99,11 +99,8 @@ string gen_dkg_poly(int _t) {
length = enc_len;
}
//vector<char> hexEncrPoly(DKG_MAX_SEALED_LEN * 2 + 1, 0);//(4*BUF_LEN, 1);
vector<char> hexEncrPoly(2 * length + 1, 0);
assert(encrypted_dkg_secret.size() >= length);
//carray2Hex(encrypted_dkg_secret.data(), DKG_MAX_SEALED_LEN, hexEncrPoly.data());
CHECK_STATE(encrypted_dkg_secret.size() >= length);
carray2Hex(encrypted_dkg_secret.data(), length, hexEncrPoly.data());
string result(hexEncrPoly.data());
......@@ -127,7 +124,7 @@ vector<vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n
vector<uint8_t> encrDKGPoly(2 * BUF_LEN, 0);
if (!hex2carray2(encryptedPolyHex, &encLen, encrDKGPoly.data(), 6100)) {
throw RPCException(INVALID_HEX, "Invalid encryptedPolyHex");
throw SGXException(INVALID_HEX, "Invalid encryptedPolyHex");
}
......@@ -138,13 +135,15 @@ vector<vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n
uint32_t len = 0;
if (!encryptKeys)
status = get_public_shares(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), len, pubShares.data(), t, n);
status = trustedGetPublicShares(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), len, pubShares.data(), t,
n);
else {
status = get_public_shares_aes(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), encLen, pubShares.data(), t, n);
status = trustedGetPublicSharesAES(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), encLen,
pubShares.data(), t, n);
}
if (errStatus != 0) {
throw RPCException(-666, errMsg1.data());
throw SGXException(-666, errMsg1.data());
}
......@@ -152,7 +151,7 @@ vector<vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n
spdlog::debug("public_shares:");
spdlog::debug("{}", pubShares.data());;
spdlog::debug("get_public_shares status: {}", errStatus);
spdlog::debug("trustedGetPublicShares status: {}", errStatus);
vector<string> g2Strings = splitString(pubShares.data(), ',');
vector<vector<string>> pubSharesVect;
......@@ -164,8 +163,9 @@ vector<vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n
return pubSharesVect;
}
string get_secret_shares(const string &_polyName, const char *_encryptedPolyHex, const vector<string> &_publicKeys, int _t,
int _n) {
string trustedGetSecretShares(const string &_polyName, const char *_encryptedPolyHex, const vector<string> &_publicKeys,
int _t,
int _n) {
vector<char> errMsg1(BUF_LEN, 0);
vector<char> hexEncrKey(BUF_LEN, 0);
......@@ -173,34 +173,33 @@ string get_secret_shares(const string &_polyName, const char *_encryptedPolyHex,
uint64_t encLen = 0;
vector<uint8_t > encrDKGPoly(BUF_LEN, 0);
vector<uint8_t> encrDKGPoly(BUF_LEN, 0);
if (!hex2carray2(_encryptedPolyHex, &encLen, encrDKGPoly.data(), 6100)) {
throw RPCException(INVALID_HEX, "Invalid encryptedPolyHex");
throw SGXException(INVALID_HEX, "Invalid encryptedPolyHex");
}
if (!encryptKeys)
status = set_encrypted_dkg_poly(eid, &errStatus, errMsg1.data(), encrDKGPoly.data());
status = trustedSetEncryptedDkgPoly(eid, &errStatus, errMsg1.data(), encrDKGPoly.data());
else
status = set_encrypted_dkg_poly_aes(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), &encLen);
status = trustedSetEncryptedDkgPolyAES(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), &encLen);
if (status != SGX_SUCCESS || errStatus != 0) {
throw RPCException(-666, errMsg1.data());
throw SGXException(-666, errMsg1.data());
}
string result;
for (int i = 0; i < _n; i++) {
vector<uint8_t > encryptedSkey(BUF_LEN, 0);
vector<uint8_t> encryptedSkey(BUF_LEN, 0);
uint32_t decLen;
vector<char> currentShare(193, 0);
vector<char> sShareG2(320, 0);
string pub_keyB = _publicKeys.at(i);
vector<char> pubKeyB(129,0);
vector<char> pubKeyB(129, 0);
strncpy(pubKeyB.data(), pub_keyB.c_str(), 128);
pubKeyB.at(128) = 0;
......@@ -209,13 +208,13 @@ string get_secret_shares(const string &_polyName, const char *_encryptedPolyHex,
if (!encryptKeys)
get_encr_sshare(eid, &errStatus, errMsg1.data(), encryptedSkey.data(), &decLen,
currentShare.data(), sShareG2.data(), pubKeyB.data(), _t, _n, i + 1);
trustedGetEncryptedSecretShare(eid, &errStatus, errMsg1.data(), encryptedSkey.data(), &decLen,
currentShare.data(), sShareG2.data(), pubKeyB.data(), _t, _n, i + 1);
else
get_encr_sshare_aes(eid, &errStatus, errMsg1.data(), encryptedSkey.data(), &decLen,
currentShare.data(), sShareG2.data(), pubKeyB.data(), _t, _n, i + 1);
trustedGetEncryptedSecretShareAES(eid, &errStatus, errMsg1.data(), encryptedSkey.data(), &decLen,
currentShare.data(), sShareG2.data(), pubKeyB.data(), _t, _n, i + 1);
if (errStatus != 0) {
throw RPCException(-666, errMsg1.data());
throw SGXException(-666, errMsg1.data());
}
spdlog::debug("cur_share is {}", currentShare.data());
......@@ -245,15 +244,14 @@ string get_secret_shares(const string &_polyName, const char *_encryptedPolyHex,
bool
verifyShares(const char *publicShares, const char *encr_sshare, const char *encryptedKeyHex, int t, int n, int ind) {
//char* errMsg1 = (char*) calloc(1024,1);
char errMsg1[BUF_LEN];
int err_status = 0;
char errMsg[BUF_LEN];
int errStatus = 0;
uint64_t dec_key_len;
uint64_t decKeyLen;
uint8_t encr_key[BUF_LEN];
memset(encr_key, 0, BUF_LEN);
if (!hex2carray(encryptedKeyHex, &dec_key_len, encr_key)) {
throw RPCException(INVALID_HEX, "Invalid encryptedPolyHex");
if (!hex2carray(encryptedKeyHex, &decKeyLen, encr_key)) {
throw SGXException(INVALID_HEX, "Invalid encryptedPolyHex");
}
int result;
......@@ -265,19 +263,17 @@ verifyShares(const char *publicShares, const char *encr_sshare, const char *encr
if (!encryptKeys)
dkg_verification(eid, &err_status, errMsg1, pshares, encr_sshare, encr_key, dec_key_len, t, ind, &result);
trustedDkgVerify(eid, &errStatus, errMsg, pshares, encr_sshare, encr_key, decKeyLen, t, ind, &result);
else
dkg_verification_aes(eid, &err_status, errMsg1, pshares, encr_sshare, encr_key, dec_key_len, t, ind, &result);
trustedDkgVerifyAES(eid, &errStatus, errMsg, pshares, encr_sshare, encr_key, decKeyLen, t, ind, &result);
if (result == 2) {
throw RPCException(INVALID_HEX, "Invalid public shares");
throw SGXException(INVALID_HEX, "Invalid public shares");
}
spdlog::debug("errMsg1: {}", errMsg1);
spdlog::debug("errMsg1: {}", errMsg);
spdlog::debug("result is: {}", result);
//free(errMsg1);
return result;
}
......@@ -286,31 +282,31 @@ bool CreateBLSShare(const string &blsKeyName, const char *s_shares, const char *
spdlog::debug("ENTER CreateBLSShare");
// char* errMsg1 = (char*) calloc(1024,1);
char errMsg1[BUF_LEN];
int err_status = 0;
char errMsg[BUF_LEN];
int errStatus = 0;
uint64_t dec_key_len;
uint64_t decKeyLen;
uint8_t encr_bls_key[BUF_LEN];
memset(encr_bls_key, 0, BUF_LEN);
uint8_t encr_key[BUF_LEN];
memset(encr_key, 0, BUF_LEN);
if (!hex2carray(encryptedKeyHex, &dec_key_len, encr_key)) {
throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
if (!hex2carray(encryptedKeyHex, &decKeyLen, encr_key)) {
throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
}
uint32_t enc_bls_len = 0;
if (!encryptKeys)
create_bls_key(eid, &err_status, errMsg1, s_shares, encr_key, dec_key_len, encr_bls_key, &enc_bls_len);
trustedCreateBlsKey(eid, &errStatus, errMsg, s_shares, encr_key, decKeyLen, encr_bls_key, &enc_bls_len);
else
create_bls_key_aes(eid, &err_status, errMsg1, s_shares, encr_key, dec_key_len, encr_bls_key, &enc_bls_len);
trustedCreateBlsKeyAES(eid, &errStatus, errMsg, s_shares, encr_key, decKeyLen, encr_bls_key, &enc_bls_len);
if (err_status != 0) {
if (errStatus != 0) {
spdlog::error(errMsg1);
spdlog::error("status {}", err_status);
throw RPCException(ERROR_IN_ENCLAVE, "Create BLS private key failed in enclave");
spdlog::error(errMsg);
spdlog::error("status {}", errStatus);
throw SGXException(ERROR_IN_ENCLAVE, "Create BLS private key failed in enclave");
} else {
char hexBLSKey[2 * BUF_LEN];
......@@ -326,67 +322,67 @@ bool CreateBLSShare(const string &blsKeyName, const char *s_shares, const char *
}
vector<string> GetBLSPubKey(const char *encryptedKeyHex) {
//char* errMsg1 = (char*) calloc(1024,1);
char errMsg1[BUF_LEN];
int err_status = 0;
int errStatus = 0;
uint64_t dec_key_len;
uint8_t encr_key[BUF_LEN];
if (!hex2carray(encryptedKeyHex, &dec_key_len, encr_key)) {
throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
uint64_t decKeyLen;
uint8_t encrKey[BUF_LEN];
if (!hex2carray(encryptedKeyHex, &decKeyLen, encrKey)) {
throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
}
char pub_key[320];
spdlog::debug("dec_key_len is {}", dec_key_len);
char pubKey[320];
spdlog::debug("decKeyLen is {}", decKeyLen);
if (!encryptKeys)
get_bls_pub_key(eid, &err_status, errMsg1, encr_key, dec_key_len, pub_key);
trustedGetBlsPubKey(eid, &errStatus, errMsg1, encrKey, decKeyLen, pubKey);
else
get_bls_pub_key_aes(eid, &err_status, errMsg1, encr_key, dec_key_len, pub_key);
if (err_status != 0) {
spdlog::error(string(errMsg1) + " . Status is {}", err_status);
throw RPCException(ERROR_IN_ENCLAVE, "Failed to get BLS public key in enclave");
trustedGetBlsPubKeyAES(eid, &errStatus, errMsg1, encrKey, decKeyLen, pubKey);
if (errStatus != 0) {
spdlog::error(string(errMsg1) + " . Status is {}", errStatus);
throw SGXException(ERROR_IN_ENCLAVE, "Failed to get BLS public key in enclave");
}
vector<string> pub_key_vect = splitString(pub_key, ':');
vector<string> pubKeyVect = splitString(pubKey, ':');
spdlog::debug("errMsg1 is {}", errMsg1);
spdlog::debug("pub key is ");
for (int i = 0; i < 4; i++)
spdlog::debug("{}", pub_key_vect.at(i));
spdlog::debug("{}", pubKeyVect.at(i));
return pub_key_vect;
return pubKeyVect;
}
string decrypt_DHKey(const string &polyName, int ind) {
string decryptDHKey(const string &polyName, int ind) {
vector<char> errMsg1(1024, 0);
int err_status = 0;
int errStatus = 0;
string DH_key_name = polyName + "_" + to_string(ind) + ":";
shared_ptr<string> hexEncrKey_ptr = SGXWalletServer::readFromDb(DH_key_name, "DKG_DH_KEY_");
shared_ptr<string> hexEncrKeyPtr = SGXWalletServer::readFromDb(DH_key_name, "DKG_DH_KEY_");
spdlog::debug("encr DH key is {}", *hexEncrKey_ptr);
spdlog::debug("encr DH key is {}", *hexEncrKeyPtr);
vector<char> hexEncrKey(2 * BUF_LEN, 0);
uint64_t DH_enc_len = 0;
uint8_t encrypted_DHkey[BUF_LEN];
if (!hex2carray(hexEncrKey_ptr->c_str(), &DH_enc_len, encrypted_DHkey)) {
throw RPCException(INVALID_HEX, "Invalid hexEncrKey");
uint64_t dhEncLen = 0;
uint8_t encryptedDHKey[BUF_LEN];
if (!hex2carray(hexEncrKeyPtr->c_str(), &dhEncLen, encryptedDHKey)) {
throw SGXException(INVALID_HEX, "Invalid hexEncrKey");
}
spdlog::debug("encr DH key length is {}", DH_enc_len);
spdlog::debug("hex encr DH key length is {}", hexEncrKey_ptr->length());
spdlog::debug("encr DH key length is {}", dhEncLen);
spdlog::debug("hex encr DH key length is {}", hexEncrKeyPtr->length());
char DHKey[ECDSA_SKEY_LEN];
if (!encryptKeys)
decrypt_key(eid, &err_status, errMsg1.data(), encrypted_DHkey, DH_enc_len, DHKey);
trustedDecryptKey(eid, &errStatus, errMsg1.data(), encryptedDHKey, dhEncLen, DHKey);
else
decrypt_key_aes(eid, &err_status, errMsg1.data(), encrypted_DHkey, DH_enc_len, DHKey);
if (err_status != 0) {
throw RPCException(/*ERROR_IN_ENCLAVE*/ err_status, "decrypt key failed in enclave");
trustedDecryptKeyAES(eid, &errStatus, errMsg1.data(), encryptedDHKey, dhEncLen, DHKey);
if (errStatus != 0) {
throw SGXException(/*ERROR_IN_ENCLAVE*/ errStatus, "decrypt key failed in enclave");
}
return DHKey;
......
DKGCrypto.h
View file @ 1deead1b
......@@ -31,13 +31,13 @@ std::string gen_dkg_poly( int _t);
std::vector <std::vector<std::string>> get_verif_vect(const char* encryptedPolyHex, int t, int n);
std::vector<std::string> splitString(const char* koefs, const char symbol);
std::vector<std::string> splitString(const char* coeffs, const char symbol);
std::string get_secret_shares(const std::string& _polyName, const char* _encryptedPolyHex, const std::vector<std::string>& _publicKeys, int _t, int _n);
std::string trustedGetSecretShares(const std::string& _polyName, const char* _encryptedPolyHex, const std::vector<std::string>& _publicKeys, int _t, int _n);
bool verifyShares(const char* publicShares, const char* encr_sshare, const char * encryptedKeyHex, int t, int n, int ind);
std::string decrypt_DHKey(const std::string& polyName, int ind);
std::string decryptDHKey(const std::string& polyName, int ind);
bool CreateBLSShare( const std::string& blsKeyName, const char * s_shares, const char * encryptedKeyHex);
......
ECDSACrypto.cpp
View file @ 1deead1b
......@@ -25,7 +25,7 @@
#include "BLSCrypto.h"
#include "sgxwallet.h"
#include "RPCException.h"
#include "SGXException.h"
#include <iostream>
#include <gmp.h>
......@@ -45,20 +45,20 @@ string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) {
std::vector<std::string> genECDSAKey() {
char *errMsg = (char *) calloc(1024, 1);
int err_status = 0;
int errStatus = 0;
uint8_t *encr_pr_key = (uint8_t *) calloc(1024, 1);
char *pub_key_x = (char *) calloc(1024, 1);
char *pub_key_y = (char *) calloc(1024, 1);
uint32_t enc_len = 0;
if (!encryptKeys)
status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y);
status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y);
else
status = generate_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y);
status = trustedGenerateEcdsaKeyAES(eid, &errStatus, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y);
if (status != SGX_SUCCESS || err_status != 0) {
if (status != SGX_SUCCESS || errStatus != 0) {
spdlog::error("RPCException thrown with status {}", status);
throw RPCException(status, errMsg);
throw SGXException(status, errMsg);
}
std::vector<std::string> keys(3);
......@@ -106,20 +106,20 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
vector<char> pubKeyY(BUF_LEN, 0);
vector<uint8_t> encrPrKey(BUF_LEN, 0);
int err_status = 0;
int errStatus = 0;
uint64_t enc_len = 0;
if (!hex2carray(_encryptedKeyHex, &enc_len, encrPrKey.data())) {
throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
}
if (!encryptKeys)
status = get_public_ecdsa_key(eid, &err_status, errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(),
status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(),
pubKeyY.data());
else status = get_public_ecdsa_key_aes(eid, &err_status,
else status = trustedGetPublicEcdsaKeyAES(eid, &errStatus,
errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(), pubKeyY.data());
if (err_status != 0) {
throw RPCException(-666, errMsg.data());
if (errStatus != 0) {
throw SGXException(-666, errMsg.data());
}
string pubKey = string(pubKeyX.data()) + string(pubKeyY.data());//concatPubKeyWith0x(pub_key_x, pub_key_y);//
......@@ -127,7 +127,7 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
spdlog::debug("pubkey is {}", pubKey);
spdlog::debug("pubkey length is {}", pubKey.length());
spdlog::debug("err str is {}", errMsg.data());
spdlog::debug("err status is {}", err_status);
spdlog::debug("err status is {}", errStatus);
return pubKey;
......@@ -137,7 +137,7 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i
vector<string> signature_vect(3);
char *errMsg = (char *) calloc(1024, 1);
int err_status = 0;
int errStatus = 0;
char *signature_r = (char *) calloc(1024, 1);
char *signature_s = (char *) calloc(1024, 1);
uint8_t signature_v = 0;
......@@ -146,7 +146,7 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i
//uint8_t encr_key[BUF_LEN];
uint8_t *encr_key = (uint8_t *) calloc(1024, 1);
if (!hex2carray(encryptedKeyHex, &dec_len, encr_key)) {
throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
}
......@@ -156,13 +156,13 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i
if (!encryptKeys)
status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char *) hashHex, signature_r,
status = trustedEcdsaSign(eid, &errStatus, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char *) hashHex, signature_r,
signature_s, &signature_v, base);
else
status = ecdsa_sign_aes(eid, &err_status, errMsg, encr_key, dec_len, (unsigned char *) hashHex, signature_r,
status = trustedEcdsaSignAES(eid, &errStatus, errMsg, encr_key, dec_len, (unsigned char *) hashHex, signature_r,
signature_s, &signature_v, base);
if (err_status != 0) {
throw RPCException(-666, errMsg);
if (errStatus != 0) {
throw SGXException(-666, errMsg);
}
......
LevelDB.cpp
View file @ 1deead1b
......@@ -31,7 +31,7 @@
#include "leveldb/db.h"
#include "sgxwallet_common.h"
#include "RPCException.h"
#include "SGXException.h"
#include "LevelDB.h"
#include "ServerInit.h"
......@@ -57,7 +57,7 @@ std::shared_ptr<string> LevelDB::readString(const string &_key) {
auto result = std::make_shared<string>();
if (db == nullptr) {
throw RPCException(NULL_DATABASE, "Null db");
throw SGXException(NULL_DATABASE, "Null db");
}
auto status = db->Get(readOptions, _key, &*result);
......@@ -163,7 +163,7 @@ void LevelDB::throwExceptionOnError(Status _status) {
return;
if (!_status.ok()) {
throw RPCException(COULD_NOT_ACCESS_DATABASE, ("Could not access database database:" + _status.ToString()).c_str());
throw SGXException(COULD_NOT_ACCESS_DATABASE, ("Could not access database database:" + _status.ToString()).c_str());
}
}
......@@ -213,7 +213,7 @@ void LevelDB::writeDataUnique(const string & Name, const string &value) {
if (readString(Name) != nullptr) {
spdlog::debug("name {}",Name, " already exists");
// std::cerr << "name " << Name << " already exists" << std::endl;
throw RPCException(KEY_SHARE_ALREADY_EXISTS, "Data with this name already exists");
throw SGXException(KEY_SHARE_ALREADY_EXISTS, "Data with this name already exists");
}
writeString(key, value);
......
RPCException.cpp
View file @ 1deead1b
......@@ -21,4 +21,4 @@
@date 2019
*/
#include "RPCException.h"
#include "SGXException.h"
SEKManager.cpp
View file @ 1deead1b
......@@ -22,7 +22,7 @@
*/
#include "SEKManager.h"
#include "RPCException.h"
#include "SGXException.h"
#include "BLSCrypto.h"
#include "LevelDB.h"
......@@ -53,10 +53,10 @@ void create_test_key(){
std::string key = TEST_VALUE;
status = encrypt_key_aes(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key, &enc_len);
status = trustedEncryptKeyAES(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key, &enc_len);
if ( status != 0){
std::cerr << "encrypt test key failed with status " << status << std::endl;
throw RPCException(status, errMsg.data()) ;
throw SGXException(status, errMsg.data()) ;
}
//std::cerr << "enc len is " << enc_len << std::endl;
......@@ -98,13 +98,13 @@ bool check_SEK(std::string SEK){
uint32_t l = len;
std::cerr << " l is " << l << std::endl;
status = set_SEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &l, SEK.c_str() );
status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &l, SEK.c_str() );
if (status != SGX_SUCCESS){
cerr << "RPCException thrown with status " << status << endl;
throw RPCException(status, errMsg.data());
throw SGXException(status, errMsg.data());
}
status = decrypt_key_aes(eid, &err_status, errMsg.data(), encr_test_key.data(), len, decr_key.data());
status = trustedDecryptKeyAES(eid, &err_status, errMsg.data(), encr_test_key.data(), len, decr_key.data());
if (status != SGX_SUCCESS || err_status != 0){
spdlog::error("failed to decrypt test key" );
spdlog::error(errMsg.data());
......@@ -133,9 +133,9 @@ void gen_SEK(){
char SEK[65];
memset(SEK, 0, 65);
status = generate_SEK(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK);
status = trustedGenerateSEK(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK);
if (status != SGX_SUCCESS || err_status != 0 ){
throw RPCException(status, errMsg.data()) ;
throw SGXException(status, errMsg.data()) ;
}
vector<char> hexEncrKey(2 * enc_len + 1, 0);
......@@ -164,7 +164,7 @@ void gen_SEK(){
create_test_key();
}
void set_SEK(std::shared_ptr<std::string> hex_encr_SEK){
void trustedSetSEK(std::shared_ptr<std::string> hex_encr_SEK){
vector<char> errMsg(1024,0);
int err_status = 0;
//vector<uint8_t> encr_SEK(1024, 0);
......@@ -175,13 +175,13 @@ void set_SEK(std::shared_ptr<std::string> hex_encr_SEK){
uint64_t len;
if (!hex2carray(hex_encr_SEK->c_str(), &len, encr_SEK)){
throw RPCException(INVALID_HEX, "Invalid encrypted SEK Hex");
throw SGXException(INVALID_HEX, "Invalid encrypted SEK Hex");
}
status = set_SEK(eid, &err_status, errMsg.data(), encr_SEK, len );
status = trustedSetSEK(eid, &err_status, errMsg.data(), encr_SEK, len );
if ( status != SGX_SUCCESS || err_status != 0 ){
cerr << "RPCException thrown" << endl;
throw RPCException(status, errMsg.data()) ;
throw SGXException(status, errMsg.data()) ;
}
}
......@@ -210,10 +210,10 @@ void enter_SEK(){
// std::cerr << "your key is " << SEK << std::endl;
status = set_SEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK.c_str() );
status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK.c_str() );
if (status != SGX_SUCCESS){
cerr << "RPCException thrown with status " << status << endl;
throw RPCException(status, errMsg.data());
throw SGXException(status, errMsg.data());
}
vector<char> hexEncrKey(2 * enc_len + 1, 0);
......@@ -224,14 +224,14 @@ void enter_SEK(){
LevelDB::getLevelDb() -> writeDataUnique("SEK", hexEncrKey.data());
}
void init_SEK(){
void initSEK(){
std::shared_ptr<std::string> encr_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
if (encr_SEK_ptr == nullptr){
spdlog::error("SEK was not created yet. Going to create SEK");
gen_SEK();
}
else{
set_SEK(encr_SEK_ptr);
trustedSetSEK(encr_SEK_ptr);
}
}
......
SEKManager.h
View file @ 1deead1b
......@@ -35,7 +35,7 @@
void gen_SEK();
#ifdef __cplusplus
void set_SEK(std::shared_ptr<std::string> hex_encr_SEK);
void trustedSetSEK(std::shared_ptr<std::string> hex_encr_SEK);
#endif
#ifdef __cplusplus
......@@ -46,7 +46,7 @@ void set_SEK(std::shared_ptr<std::string> hex_encr_SEK);
EXTERNC void enter_SEK();
EXTERNC void init_SEK();
EXTERNC void initSEK();
#endif //SGXD_SEKMANAGER_H
RPCException.h SGXException.h
View file @ 1deead1b
......@@ -28,14 +28,14 @@
#include <string>
#include <exception>
class RPCException : public std::exception {
class SGXException : public std::exception {
public:
int32_t status;
std::string errString;
RPCException(int32_t _status, const char* _errString) : status(_status), errString(_errString) {}
SGXException(int32_t _status, const char* _errString) : status(_status), errString(_errString) {}
};
......
SGXRegistrationServer.cpp
View file @ 1deead1b
......@@ -32,7 +32,7 @@
#include "sgxwallet_common.h"
#include "RPCException.h"
#include "SGXException.h"
#include "LevelDB.h"
#include <thread>
......@@ -79,7 +79,7 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
outfile << _csr << endl;
outfile.close();
if (access(csr_name.c_str(), F_OK) != 0) {
throw RPCException(FILE_NOT_FOUND, "Csr does not exist");
throw SGXException(FILE_NOT_FOUND, "Csr does not exist");
}
string genCert = "cd cert && ./create_client_cert " + hash;
......@@ -91,7 +91,7 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
string status_db_key = "CSR:HASH:" + hash + "STATUS:";
LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(FAIL_TO_CREATE_CERTIFICATE));
throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
//exit(-1);
}
}
......@@ -102,7 +102,7 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
string db_key = "CSR:HASH:" + hash + "STATUS:";
LevelDB::getCsrStatusDb()->writeDataUnique(db_key, status);
} catch (RPCException &_e) {
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -120,7 +120,7 @@ Json::Value GetSertificateImpl(const string &hash) {
string db_key = "CSR:HASH:" + hash + "STATUS:";
shared_ptr<string> status_str_ptr = LevelDB::getCsrStatusDb()->readString(db_key);
if (status_str_ptr == nullptr) {
throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist in csr db");
throw SGXException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist in csr db");
}
int status = atoi(status_str_ptr->c_str());
......@@ -132,7 +132,7 @@ Json::Value GetSertificateImpl(const string &hash) {
string status_db_key = "CSR:HASH:" + hash + "STATUS:";
LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(FILE_NOT_FOUND));
throw RPCException(FILE_NOT_FOUND, "Certificate does not exist");
throw SGXException(FILE_NOT_FOUND, "Certificate does not exist");
} else {
ostringstream ss;
ss << infile.rdbuf();
......@@ -154,7 +154,7 @@ Json::Value GetSertificateImpl(const string &hash) {
result["status"] = status;
result["cert"] = cert;
} catch (RPCException &_e) {
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......
SGXWALLET_VERSION
View file @ 1deead1b
#define SGXWALLET_VERSION "1.45.1"
\ No newline at end of file
#define SGXWALLET_VERSION "1.47.1"
\ No newline at end of file
SGXWalletServer.cpp
View file @ 1deead1b
......@@ -23,7 +23,7 @@
#include "sgxwallet_common.h"
#include "RPCException.h"
#include "SGXException.h"
#include "LevelDB.h"
#include "BLSCrypto.h"
#include "ECDSACrypto.h"
......@@ -45,21 +45,25 @@
#include "common.h"
void setFullOptions(int _printDebugInfo, int _useHTTPS, int _autoconfirm, int _encryptKeys) {
void setFullOptions(int _printDebugInfo,
int _printTraceInfo, int _useHTTPS, int _autoconfirm, int _encryptKeys) {
if (_printDebugInfo)
spdlog::set_level(spdlog::level::debug);
else {
else if (_printTraceInfo) {
spdlog::set_level(spdlog::level::trace);
} else if (_printTraceInfo) {
spdlog::set_level(spdlog::level::info);
}
printDebugInfo = _printDebugInfo;
useHTTPS = _useHTTPS;
autoconfirm = _autoconfirm;
encryptKeys = _encryptKeys;
}
void setOptions(int _printDebugInfo, int _useHTTPS, int _autoconfirm) {
setFullOptions(_printDebugInfo, _useHTTPS, _autoconfirm, false);
void setOptions(int _printDebugInfo,
int _printTraceInfo, int _useHTTPS, int _autoconfirm) {
setFullOptions(_printDebugInfo,
_printTraceInfo, _useHTTPS, _autoconfirm, false);
}
......@@ -171,18 +175,18 @@ SGXWalletServer::importBLSKeyShareImpl(const string &_keyShare, const string &_k
encryptedKeyShareHex = encryptBLSKeyShare2Hex(&errStatus, errMsg, _keyShare.c_str());
if (encryptedKeyShareHex == nullptr) {
throw RPCException(UNKNOWN_ERROR, "");
throw SGXException(UNKNOWN_ERROR, "");
}
if (errStatus != 0) {
throw RPCException(errStatus, errMsg);
throw SGXException(errStatus, errMsg);
}
result["encryptedKeyShare"] = string(encryptedKeyShareHex);
writeKeyShare(_keyShareName, encryptedKeyShareHex, _index, n, t);
} catch (RPCException &_e) {
} catch (SGXException &_e) {
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
}
......@@ -195,7 +199,8 @@ SGXWalletServer::importBLSKeyShareImpl(const string &_keyShare, const string &_k
}
Json::Value
SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const string &_messageHash, int t, int n, int _signerIndex) {
SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const string &_messageHash, int t, int n,
int _signerIndex) {
Json::Value result;
result["status"] = -1;
result["errorMessage"] = "Unknown server error";
......@@ -207,7 +212,7 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin
try {
if (!checkName(_keyShareName, "BLS_KEY")) {
throw RPCException(INVALID_POLY_NAME, "Invalid BLSKey name");
throw SGXException(INVALID_POLY_NAME, "Invalid BLSKey name");
}
string cutHash = _messageHash;
if (cutHash[0] == '0' && (cutHash[1] == 'x' || cutHash[1] == 'X')) {
......@@ -218,11 +223,11 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin
}
if (!checkHex(cutHash)) {
throw RPCException(INVALID_HEX, "Invalid hash");
throw SGXException(INVALID_HEX, "Invalid hash");
}
value = readFromDb(_keyShareName);
} catch (RPCException _e) {
} catch (SGXException _e) {
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
return result;
......@@ -276,7 +281,7 @@ Json::Value SGXWalletServer::generateECDSAKeyImpl() {
keys = genECDSAKey();
if (keys.size() == 0) {
throw RPCException(UNKNOWN_ERROR, "key was not generated");
throw SGXException(UNKNOWN_ERROR, "key was not generated");
}
string keyName = "NEK:" + keys.at(2);
......@@ -291,7 +296,7 @@ Json::Value SGXWalletServer::generateECDSAKeyImpl() {
result["PublicKey"] = keys.at(1);
result["keyName"] = keyName;
} catch (RPCException &_e) {
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -310,15 +315,15 @@ Json::Value SGXWalletServer::renameECDSAKeyImpl(const string &_keyName, const st
string prefix = _tempKeyName.substr(0, 8);
if (prefix != "tmp_NEK:") {
throw RPCException(UNKNOWN_ERROR, "invalid temp key name");
throw SGXException(UNKNOWN_ERROR, "invalid temp key name");
}
prefix = _keyName.substr(0, 12);
if (prefix != "NEK_NODE_ID:") {
throw RPCException(UNKNOWN_ERROR, "invalid key name");
throw SGXException(UNKNOWN_ERROR, "invalid key name");
}
string postfix = _keyName.substr(12, _keyName.length());
if (!isStringDec(postfix)) {
throw RPCException(UNKNOWN_ERROR, "invalid key name");
throw SGXException(UNKNOWN_ERROR, "invalid key name");
}
shared_ptr<string> key_ptr = readFromDb(_tempKeyName);
......@@ -326,7 +331,7 @@ Json::Value SGXWalletServer::renameECDSAKeyImpl(const string &_keyName, const st
writeDataToDB(_keyName, *key_ptr);
LevelDB::getLevelDb()->deleteTempNEK(_tempKeyName);
} catch (RPCException &_e) {
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -357,20 +362,20 @@ Json::Value SGXWalletServer::ecdsaSignMessageHashImpl(int _base, const string &_
}
if (!checkECDSAKeyName(_keyName)) {
throw RPCException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
}
if (!checkHex(cutHash)) {
throw RPCException(INVALID_HEX, "Invalid hash");
throw SGXException(INVALID_HEX, "Invalid hash");
}
if (_base <= 0 || _base > 32) {
throw RPCException(-22, "Invalid base");
throw SGXException(-22, "Invalid base");
}
shared_ptr<string> key_ptr = readFromDb(_keyName, "");
sign_vect = ecdsaSignHash(key_ptr->c_str(), cutHash.c_str(), _base);
if (sign_vect.size() != 3) {
throw RPCException(INVALID_ECSDA_SIGNATURE, "Invalid ecdsa signature");
throw SGXException(INVALID_ECSDA_SIGNATURE, "Invalid ecdsa signature");
}
spdlog::debug("got signature_s {}", sign_vect.at(2));
......@@ -379,7 +384,7 @@ Json::Value SGXWalletServer::ecdsaSignMessageHashImpl(int _base, const string &_
result["signature_r"] = sign_vect.at(1);
result["signature_s"] = sign_vect.at(2);
} catch (RPCException &_e) {
} catch (SGXException &_e) {
cerr << "err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -399,7 +404,7 @@ Json::Value SGXWalletServer::getPublicECDSAKeyImpl(const string &_keyName) {
try {
if (!checkECDSAKeyName(_keyName)) {
throw RPCException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
}
shared_ptr<string> keyStr = readFromDb(_keyName);
publicKey = getECDSAPubKey(keyStr->c_str());
......@@ -409,7 +414,7 @@ Json::Value SGXWalletServer::getPublicECDSAKeyImpl(const string &_keyName) {
result["PublicKey"] = publicKey;
result["publicKey"] = publicKey;
} catch (RPCException &_e) {
} catch (SGXException &_e) {
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
}
......@@ -428,17 +433,17 @@ Json::Value SGXWalletServer::generateDKGPolyImpl(const string &_polyName, int _t
try {
if (!checkName(_polyName, "POLY")) {
throw RPCException(INVALID_POLY_NAME,
throw SGXException(INVALID_POLY_NAME,
"Invalid polynomial name, it should be like POLY:SCHAIN_ID:1:NODE_ID:1:DKG_ID:1");
}
if (_t <= 0 || _t > 32) {
throw RPCException(INVALID_DKG_PARAMS, "Invalid parameter t ");
throw SGXException(INVALID_DKG_PARAMS, "Invalid parameter t ");
}
encrPolyHex = gen_dkg_poly(_t);
writeDataToDB(_polyName, encrPolyHex);
//result["encryptedPoly"] = encrPolyHex;
} catch (RPCException &_e) {
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -456,10 +461,10 @@ Json::Value SGXWalletServer::getVerificationVectorImpl(const string &_polyName,
vector<vector<string>> verifVector;
try {
if (!checkName(_polyName, "POLY")) {
throw RPCException(INVALID_POLY_NAME, "Invalid polynomial name");
throw SGXException(INVALID_POLY_NAME, "Invalid polynomial name");
}
if (!check_n_t(_t, _n)) {
throw RPCException(INVALID_DKG_PARAMS, "Invalid parameters: n or t ");
throw SGXException(INVALID_DKG_PARAMS, "Invalid parameters: n or t ");
}
shared_ptr<string> encr_poly_ptr = readFromDb(_polyName);
......@@ -475,7 +480,7 @@ Json::Value SGXWalletServer::getVerificationVectorImpl(const string &_polyName,
}
}
} catch (RPCException &_e) {
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -493,13 +498,13 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J
try {
if (_pubKeys.size() != (uint64_t) _n) {
throw RPCException(INVALID_DKG_PARAMS, "invalid number of public keys");
throw SGXException(INVALID_DKG_PARAMS, "invalid number of public keys");
}
if (!checkName(_polyName, "POLY")) {
throw RPCException(INVALID_POLY_NAME, "Invalid polynomial name");
throw SGXException(INVALID_POLY_NAME, "Invalid polynomial name");
}
if (!check_n_t(_t, _n)) {
throw RPCException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
throw SGXException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
}
shared_ptr<string> encr_poly_ptr = readFromDb(_polyName);
......@@ -507,16 +512,16 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J
vector<string> pubKeysStrs;
for (int i = 0; i < _n; i++) {
if (!checkHex(_pubKeys[i].asString(), 64)) {
throw RPCException(INVALID_HEX, "Invalid public key");
throw SGXException(INVALID_HEX, "Invalid public key");
}
pubKeysStrs.push_back(_pubKeys[i].asString());
}
string s = get_secret_shares(_polyName, encr_poly_ptr->c_str(), pubKeysStrs, _t, _n);
string s = trustedGetSecretShares(_polyName, encr_poly_ptr->c_str(), pubKeysStrs, _t, _n);
//cerr << "result is " << s << endl;
result["secretShare"] = s;
} catch (RPCException &_e) {
} catch (SGXException &_e) {
//cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -538,16 +543,16 @@ Json::Value SGXWalletServer::dkgVerificationImpl(const string &_publicShares, co
try {
if (!checkECDSAKeyName(_ethKeyName)) {
throw RPCException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
}
if (!check_n_t(_t, _n) || _index > _n || _index < 0) {
throw RPCException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
throw SGXException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
}
if (!checkHex(_secretShare, SECRET_SHARE_NUM_BYTES)) {
throw RPCException(INVALID_HEX, "Invalid Secret share");
throw SGXException(INVALID_HEX, "Invalid Secret share");
}
if (_publicShares.length() != (uint64_t) 256 * _t) {
throw RPCException(INVALID_DKG_PARAMS, "Invalid length of public shares");
throw SGXException(INVALID_DKG_PARAMS, "Invalid length of public shares");
}
shared_ptr<string> encryptedKeyHex_ptr = readFromDb(_ethKeyName);
......@@ -556,7 +561,7 @@ Json::Value SGXWalletServer::dkgVerificationImpl(const string &_publicShares, co
result["result"] = false;
}
} catch (RPCException &_e) {
} catch (SGXException &_e) {
//cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -566,8 +571,9 @@ Json::Value SGXWalletServer::dkgVerificationImpl(const string &_publicShares, co
return result;
}
Json::Value SGXWalletServer::createBLSPrivateKeyImpl(const string &_blsKeyName, const string &_ethKeyName, const string &_polyName,
const string &_secretShare, int _t, int _n) {
Json::Value
SGXWalletServer::createBLSPrivateKeyImpl(const string &_blsKeyName, const string &_ethKeyName, const string &_polyName,
const string &_secretShare, int _t, int _n) {
Json::Value result;
......@@ -579,19 +585,19 @@ Json::Value SGXWalletServer::createBLSPrivateKeyImpl(const string &_blsKeyName,
if (_secretShare.length() != (uint64_t) _n * 192) {
spdlog::error("Invalid secret share length - {}", _secretShare.length());
spdlog::error("Secret share - {}", _secretShare);
throw RPCException(INVALID_SECRET_SHARES_LENGTH, "Invalid secret share length");
throw SGXException(INVALID_SECRET_SHARES_LENGTH, "Invalid secret share length");
}
if (!checkECDSAKeyName(_ethKeyName)) {
throw RPCException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
}
if (!checkName(_polyName, "POLY")) {
throw RPCException(INVALID_POLY_NAME, "Invalid polynomial name");
throw SGXException(INVALID_POLY_NAME, "Invalid polynomial name");
}
if (!checkName(_blsKeyName, "BLS_KEY")) {
throw RPCException(INVALID_POLY_NAME, "Invalid BLS key name");
throw SGXException(INVALID_POLY_NAME, "Invalid BLS key name");
}
if (!check_n_t(_t, _n)) {
throw RPCException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
throw SGXException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
}
vector<string> sshares_vect;
......@@ -603,7 +609,7 @@ Json::Value SGXWalletServer::createBLSPrivateKeyImpl(const string &_blsKeyName,
if (res) {
spdlog::info("BLS KEY SHARE CREATED ");
} else {
throw RPCException(-122, "Error while creating BLS key share");
throw SGXException(-122, "Error while creating BLS key share");
}
for (int i = 0; i < _n; i++) {
......@@ -613,7 +619,7 @@ Json::Value SGXWalletServer::createBLSPrivateKeyImpl(const string &_blsKeyName,
LevelDB::getLevelDb()->deleteKey(shareG2_name);
}
} catch (RPCException &_e) {
} catch (SGXException &_e) {
//cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -631,7 +637,7 @@ Json::Value SGXWalletServer::getBLSPublicKeyShareImpl(const string &_blsKeyName)
try {
if (!checkName(_blsKeyName, "BLS_KEY")) {
throw RPCException(INVALID_POLY_NAME, "Invalid BLSKey name");
throw SGXException(INVALID_POLY_NAME, "Invalid BLSKey name");
}
shared_ptr<string> encryptedKeyHex_ptr = readFromDb(_blsKeyName);
spdlog::debug("encr_bls_key_share is {}", *encryptedKeyHex_ptr);
......@@ -643,7 +649,7 @@ Json::Value SGXWalletServer::getBLSPublicKeyShareImpl(const string &_blsKeyName)
result["BlsPublicKeyShare"][i] = public_key_vect.at(i);
}
} catch (RPCException &_e) {
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -660,18 +666,18 @@ Json::Value SGXWalletServer::complaintResponseImpl(const string &_polyName, int
result["errorMessage"] = "";
try {
if (!checkName(_polyName, "POLY")) {
throw RPCException(INVALID_POLY_NAME, "Invalid polynomial name");
throw SGXException(INVALID_POLY_NAME, "Invalid polynomial name");
}
string shareG2_name = "shareG2_" + _polyName + "_" + to_string(_ind) + ":";
shared_ptr<string> shareG2_ptr = readFromDb(shareG2_name);
string DHKey = decrypt_DHKey(_polyName, _ind);
string DHKey = decryptDHKey(_polyName, _ind);
result["share*G2"] = *shareG2_ptr;
result["dhKey"] = DHKey;
result["DHKey"] = DHKey;
} catch (RPCException &_e) {
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -691,7 +697,7 @@ Json::Value SGXWalletServer::multG2Impl(const string &_x) {
result["x*G2"][i] = xG2_vect.at(i);
}
} catch (RPCException &_e) {
} catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -714,7 +720,7 @@ Json::Value SGXWalletServer::isPolyExistsImpl(const string &_polyName) {
result["status"] = 0;
result["errorMessage"] = "";
}
} catch (RPCException &_e) {
} catch (SGXException &_e) {
std::cerr << " err str " << _e.errString << std::endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -751,7 +757,8 @@ Json::Value SGXWalletServer::getSecretShare(const string &_polyName, const Json:
}
Json::Value
SGXWalletServer::dkgVerification(const string &_publicShares, const string &ethKeyName, const string &SecretShare, int t,
SGXWalletServer::dkgVerification(const string &_publicShares, const string &ethKeyName, const string &SecretShare,
int t,
int n, int index) {
lock_guard<recursive_mutex> lock(m);
return dkgVerificationImpl(_publicShares, ethKeyName, SecretShare, t, n, index);
......@@ -836,7 +843,7 @@ shared_ptr<string> SGXWalletServer::readFromDb(const string &name, const string
auto dataStr = LevelDB::getLevelDb()->readString(prefix + name);
if (dataStr == nullptr) {
throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist");
throw SGXException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist");
}
return dataStr;
......@@ -847,7 +854,7 @@ shared_ptr<string> SGXWalletServer::readKeyShare(const string &_keyShareName) {
auto keyShareStr = LevelDB::getLevelDb()->readString("BLSKEYSHARE:" + _keyShareName);
if (keyShareStr == nullptr) {
throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Key share with this name does not exist");
throw SGXException(KEY_SHARE_DOES_NOT_EXIST, "Key share with this name does not exist");
}
return keyShareStr;
......@@ -869,7 +876,7 @@ void SGXWalletServer::writeKeyShare(const string &_keyShareName, const string &_
auto key = "BLSKEYSHARE:" + _keyShareName;
if (LevelDB::getLevelDb()->readString(_keyShareName) != nullptr) {
throw RPCException(KEY_SHARE_ALREADY_EXISTS, "Key share with this name already exists");
throw SGXException(KEY_SHARE_ALREADY_EXISTS, "Key share with this name already exists");
}
LevelDB::getLevelDb()->writeString(key, _value);
......@@ -886,7 +893,7 @@ void SGXWalletServer::writeDataToDB(const string &Name, const string &value) {
if (LevelDB::getLevelDb()->readString(Name) != nullptr) {
spdlog::info("name {}", Name, " already exists");
throw RPCException(KEY_SHARE_ALREADY_EXISTS, "Key share already exists");
throw SGXException(KEY_SHARE_ALREADY_EXISTS, "Key share already exists");
}
LevelDB::getLevelDb()->writeString(key, value);
......
SGXWalletServer.h
View file @ 1deead1b
......@@ -31,8 +31,12 @@
#endif
EXTERNC void setFullOptions(int _printDebugInfo, int _useHTTPS, int _autoconfirm, int _encryptKeys);
EXTERNC void setOptions(int _printDebugInfo, int _useHTTPS, int _autoconfirm);
EXTERNC void setFullOptions(int _printDebugInfo,
int _printTraceInfo, int _useHTTPS, int _autoconfirm, int _encryptKeys);
EXTERNC void setOptions(int _printDebugInfo,
int _printTraceInfo, int _useHTTPS, int _autoconfirm);
......
ServerInit.cpp
View file @ 1deead1b
......@@ -62,7 +62,7 @@ void initUserSpace() {
}
void initEnclave() {
void initEnclave(uint32_t _logLevel) {
eid = 0;
updated = 0;
......@@ -85,38 +85,37 @@ void initEnclave() {
if (status != SGX_SUCCESS) {
if (status == SGX_ERROR_ENCLAVE_FILE_ACCESS) {
fprintf(stderr, "sgx_create_enclave: %s: file not found\n", ENCLAVE_NAME);
fprintf(stderr, "Did you forget to set LD_LIBRARY_PATH?\n");
spdlog::error("sgx_create_enclave: {}: file not found", ENCLAVE_NAME);
spdlog::error("Did you forget to set LD_LIBRARY_PATH?");
} else {
spdlog::error("sgx_create_enclave_search failed");
fprintf(stderr, "%s: 0x%04x\n", ENCLAVE_NAME, status);
spdlog::error("sgx_create_enclave_search failed {} {}", ENCLAVE_NAME, status);
}
exit(1);
}
spdlog::info("Enclave created and started successfully");
status = tgmp_init(eid);
status = trustedEnclaveInit(eid, _logLevel);
if (status != SGX_SUCCESS) {
fprintf(stderr, "ECALL tgmp_init: 0x%04x\n", status);
spdlog::error("trustedEnclaveInit failed: {}", status);
exit(1);
}
spdlog::info("Enclave libtgmp library initialized successfully");
spdlog::info("Enclave libtgmp library and logging initialized successfully");
}
int sgxServerInited = 0;
void initAll(bool _checkCert, bool _autoSign) {
void initAll(uint32_t _logLevel, bool _checkCert, bool _autoSign) {
cout << "Running sgxwallet version:" << SGXWALLET_VERSION << endl;
CHECK_STATE(sgxServerInited == 0)
sgxServerInited = 1;
initEnclave();
initEnclave(_logLevel);
initUserSpace();
init_SEK();
initSEK();
if (useHTTPS) {
SGXWalletServer::initHttpsServer(_checkCert);
......
ServerInit.h
View file @ 1deead1b
......@@ -24,17 +24,19 @@
#ifndef SGXWALLET_SERVERINIT_H
#define SGXWALLET_SERVERINIT_H
#include "stdint.h"
#ifdef __cplusplus
#define EXTERNC extern "C"
#else
#define EXTERNC
#endif
EXTERNC void initAll(bool _checkCert, bool _autoSign);
EXTERNC void initAll(uint32_t _logLevel, bool _checkCert, bool _autoSign);
EXTERNC void initUserSpace();
EXTERNC void initEnclave();
EXTERNC void initEnclave(uint32_t _logLevel);
......
oc_alloc.c
View file @ 1deead1b
......@@ -47,7 +47,7 @@ void oc_printf (const char *str) {
/* Proxy/Bridge will check the length and null-terminate
* the input string to prevent buffer overflow.
* */
fprintf(stderr, "***ENCLAVE_LOG***: %s", str);
fprintf(stderr, "%s", str);
}
......
secure_enclave/curves.c secure_enclave/Curves.c
View file @ 1deead1b
......@@ -21,13 +21,13 @@
@date 2019
*/
#include <../tgmp-build/include/sgx_tgmp.h>
#include <stdlib.h>
#include <stdio.h>
#include <stdbool.h>
#include "domain_parameters.h"
#include "curves.h"
#include "point.h"
#include <../tgmp-build/include/sgx_tgmp.h>
#include "DomainParameters.h"
#include "Curves.h"
#include "Point.h"
/*Load a curve depending on it's curve number, defined by the enum*/
void domain_parameters_load_curve(domain_parameters out, curve_list curve)
......
secure_enclave/curves.h secure_enclave/Curves.h
View file @ 1deead1b
......@@ -21,6 +21,11 @@
@date 2019
*/
#ifndef SGXWALLET_CURVES_H
#define SGXWALLET_CURVES_H
/*Curves that can be loaded using domain_parameters_load_curve()*/
typedef enum { secp112r1 = 0,
//secp112r2, //See remark below
......@@ -50,3 +55,6 @@ Benchmark is supposed to write -1 as operation time if the operation failed.
As I don't see any reason to have extent my headache I'm putting this problem to rest by commenting these curves out. Furthermore it's very limited in terms of what can be done to debug these curves, since I don't have any test vectors for them.
It's probably related to a bug in the implementation, perhaps an exception I didn't handle or round of, who knows.
*/
#endif
\ No newline at end of file
secure_enclave/DH_dkg.c secure_enclave/DHDkg.c
View file @ 1deead1b
......@@ -16,30 +16,31 @@
You should have received a copy of the GNU Affero General Public License
along with sgxwallet. If not, see <https://www.gnu.org/licenses/>.
@file DH_dkg.c
@file DHDkg.c
@author Stan Kladko
@date 2019
*/
#include <stdlib.h>
#include <../tgmp-build/include/sgx_tgmp.h>
#include <stdbool.h>
#include "domain_parameters.h"
#include "curves.h"
#include "point.h"
#include "numbertheory.h"
#include <../tgmp-build/include/sgx_tgmp.h>
#include "DomainParameters.h"
#include "Curves.h"
#include "Point.h"
#include "NumberTheory.h"
#include <stdint.h>
#include "BLSEnclave.h"
#include "EnclaveCommon.h"
#include <string.h>
void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
char* pb_keyB_x = (char*)malloc(65);
char* pb_keyB_x = (char*)calloc(65, 1);
strncpy(pb_keyB_x, pb_keyB, 64);
pb_keyB_x[64] = 0;
char* pb_keyB_y = (char*)malloc(65);
char* pb_keyB_y = (char*)calloc(65,1);
strncpy(pb_keyB_y, pb_keyB + 64, 64);
pb_keyB_y[64] = 0;
......@@ -75,11 +76,11 @@ void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
void session_key_recover(const char *skey_str, const char* sshare, char* common_key){
char* pb_keyB_x = (char*)malloc(65);
char* pb_keyB_x = (char*)calloc(65, 1);
strncpy(pb_keyB_x, sshare + 64, 64);
pb_keyB_x[64] = 0;
char* pb_keyB_y = (char*)malloc(65);
char* pb_keyB_y = (char*)calloc(65, 1);
strncpy(pb_keyB_y, sshare + 128, 64);
pb_keyB_y[64] = 0;
......@@ -122,7 +123,7 @@ void xor_encrypt(char* key, char* message, char* cypher){
uint8_t cypher_bin[33];
//uint8_t key_bin[33];
uint8_t* key_bin = (uint8_t*)malloc(33);
uint8_t* key_bin = (uint8_t*)calloc(33,1);
uint64_t key_length;
if (!hex2carray(key, &key_length, key_bin)){
cypher = NULL;
......@@ -151,7 +152,7 @@ void xor_decrypt(char* key, char* cypher, char* message){
uint8_t msg_bin[33];
//uint8_t key_bin[33];
uint8_t* key_bin = (uint8_t*)malloc(33);
uint8_t* key_bin = (uint8_t*)calloc(33,1);
uint64_t key_length;
if (!hex2carray(key, &key_length, key_bin)){
message = NULL;
......
secure_enclave/DKGUtils.cpp
View file @ 1deead1b
......@@ -31,17 +31,18 @@
//#include "../sgxwallet_common.h"
#include "enclave_common.h"
#include "EnclaveConstants.h"
#include <cstdio>
#include <stdio.h>
#include "DH_dkg.h"
#include "DHDkg.h"
using namespace std;
std::string stringFromFr(libff::alt_bn128_Fr& _el) {
string stringFromFr(libff::alt_bn128_Fr& _el) {
mpz_t t;
mpz_init(t);
......@@ -53,11 +54,11 @@ std::string stringFromFr(libff::alt_bn128_Fr& _el) {
char *tmp = mpz_get_str(arr, 10, t);
mpz_clear(t);
return std::string(tmp);
return string(tmp);
}
template<class T>
std::string ConvertToString(T field_elem, int base = 10) {
string ConvertToString(T field_elem, int base = 10) {
mpz_t t;
mpz_init(t);
......@@ -68,13 +69,13 @@ std::string ConvertToString(T field_elem, int base = 10) {
char * tmp = mpz_get_str(arr, base, t);
mpz_clear(t);
std::string output = tmp;
string output = tmp;
return output;
}
std::string ConvertG2ToString(const libff::alt_bn128_G2 & elem, int base = 10, std::string delim = ":"){
std::string result;
string ConvertG2ToString(const libff::alt_bn128_G2 & elem, int base = 10, string delim = ":"){
string result;
result += ConvertToString(elem.X.c0);
result += delim;
result += ConvertToString(elem.X.c1);
......@@ -86,20 +87,20 @@ std::string ConvertG2ToString(const libff::alt_bn128_G2 & elem, int base = 10, s
return result;
}
std::vector<libff::alt_bn128_Fr> SplitStringToFr(const char* koefs, const char symbol){
std::string str(koefs);
std::string delim;
vector<libff::alt_bn128_Fr> SplitStringToFr(const char* coeffs, const char symbol){
string str(coeffs);
string delim;
delim.push_back(symbol);
std::vector<libff::alt_bn128_Fr> tokens;
vector<libff::alt_bn128_Fr> tokens;
size_t prev = 0, pos = 0;
do
{
pos = str.find(delim, prev);
if (pos == std::string::npos) pos = str.length();
std::string token = str.substr(prev, pos-prev);
if (pos == string::npos) pos = str.length();
string token = str.substr(prev, pos-prev);
if (!token.empty()) {
libff::alt_bn128_Fr koef(token.c_str());
tokens.push_back(koef);
libff::alt_bn128_Fr coeff(token.c_str());
tokens.push_back(coeff);
}
prev = pos + delim.length();
}
......@@ -110,7 +111,7 @@ std::vector<libff::alt_bn128_Fr> SplitStringToFr(const char* koefs, const char s
int gen_dkg_poly( char* secret, unsigned _t ){
libff::init_alt_bn128_params();
std::string result;
string result;
for (size_t i = 0; i < _t; ++i) {
libff::alt_bn128_Fr cur_coef = libff::alt_bn128_Fr::random_element();
......@@ -129,7 +130,7 @@ int gen_dkg_poly( char* secret, unsigned _t ){
return 0;
}
libff::alt_bn128_Fr PolynomialValue(const std::vector<libff::alt_bn128_Fr>& pol, libff::alt_bn128_Fr point, unsigned _t) {
libff::alt_bn128_Fr PolynomialValue(const vector<libff::alt_bn128_Fr>& pol, libff::alt_bn128_Fr point, unsigned _t) {
libff::alt_bn128_Fr value = libff::alt_bn128_Fr::zero();
......@@ -146,12 +147,12 @@ libff::alt_bn128_Fr PolynomialValue(const std::vector<libff::alt_bn128_Fr>& pol,
return value;
}
void calc_secret_shares(const char* decrypted_koefs, char * secret_shares, // calculates secret shares in base 10 to a string secret_shares,
void calc_secret_shares(const char* decrypted_coeffs, char * secret_shares, // calculates secret shares in base 10 to a string secret_shares,
unsigned _t, unsigned _n) { // separated by ":"
// calculate for each node a list of secret values that will be used for verification
std::string result;
string result;
char symbol = ':';
std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, symbol);
vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_coeffs, symbol);
for (size_t i = 0; i < _n; ++i) {
libff::alt_bn128_Fr secret_share = PolynomialValue(poly, libff::alt_bn128_Fr(i + 1), _t);
......@@ -159,21 +160,21 @@ void calc_secret_shares(const char* decrypted_koefs, char * secret_shares,
result += ":";
}
strncpy(secret_shares, result.c_str(), result.length() + 1);
//strncpy(secret_shares, decrypted_koefs, 3650);
//strncpy(secret_shares, decrypted_coeffs, 3650);
}
int calc_secret_share(const char* decrypted_koefs, char * s_share,
int calc_secret_share(const char* decrypted_coeffs, char * s_share,
unsigned _t, unsigned _n, unsigned ind) {
libff::init_alt_bn128_params();
char symbol = ':';
std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, symbol);
vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_coeffs, symbol);
if ( poly.size() != _t){
return 1;
}
libff::alt_bn128_Fr secret_share = PolynomialValue(poly, libff::alt_bn128_Fr(ind), _t);
std::string cur_share = ConvertToString(secret_share, 16);//stringFromFr(secret_share);
string cur_share = ConvertToString(secret_share, 16);//stringFromFr(secret_share);
int n_zeroes = 64 - cur_share.size();
cur_share.insert(0, n_zeroes, '0');
......@@ -182,25 +183,25 @@ int calc_secret_share(const char* decrypted_koefs, char * s_share,
}
void calc_secret_shareG2_old(const char* decrypted_koefs, char * s_shareG2,
void calc_secret_shareG2_old(const char* decrypted_coeffs, char * s_shareG2,
unsigned _t, unsigned ind){
libff::init_alt_bn128_params();
char symbol = ':';
std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, symbol);
vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_coeffs, symbol);
// if ( poly.size() != _t){
// //"t != poly.size()" +
// //strncpy(s_shareG2, std::to_string(poly.size()).c_str(), 18);
// //strncpy(s_shareG2, to_string(poly.size()).c_str(), 18);
// }
libff::alt_bn128_Fr secret_share = PolynomialValue(poly, libff::alt_bn128_Fr(ind), _t);
libff::alt_bn128_G2 secret_shareG2 = secret_share * libff::alt_bn128_G2::one();
std::string secret_shareG2_str = ConvertG2ToString(secret_shareG2);
string secret_shareG2_str = ConvertG2ToString(secret_shareG2);
strncpy(s_shareG2, secret_shareG2_str.c_str(), secret_shareG2_str.length() + 1);
//strncpy(s_shareG2, decrypted_koefs, 320);
//strncpy(s_shareG2, decrypted_coeffs, 320);
}
int calc_secret_shareG2(const char* s_share, char * s_shareG2){
......@@ -222,27 +223,27 @@ int calc_secret_shareG2(const char* s_share, char * s_shareG2){
secret_shareG2.to_affine_coordinates();
std::string secret_shareG2_str = ConvertG2ToString(secret_shareG2);
string secret_shareG2_str = ConvertG2ToString(secret_shareG2);
strncpy(s_shareG2, secret_shareG2_str.c_str(), secret_shareG2_str.length() + 1);
return 0;
}
int calc_public_shares(const char* decrypted_koefs, char * public_shares,
int calc_public_shares(const char* decrypted_coeffs, char * public_shares,
unsigned _t) {
libff::init_alt_bn128_params();
// calculate for each node a list of public shares
std::string result;
string result;
char symbol = ':';
std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, symbol);
vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_coeffs, symbol);
if (poly.size() != _t){
return 1;
}
for (size_t i = 0; i < _t; ++i) {
libff::alt_bn128_G2 pub_share = poly.at(i) * libff::alt_bn128_G2::one() ;
pub_share.to_affine_coordinates();
std::string pub_share_str = ConvertG2ToString(pub_share);
string pub_share_str = ConvertG2ToString(pub_share);
result += pub_share_str + ",";
}
strncpy(public_shares, result.c_str(), result.length());
......@@ -250,7 +251,7 @@ int calc_public_shares(const char* decrypted_koefs, char * public_shares,
}
//extern "C" int __gmpz_set_str (mpz_ptr, const char *, int);
std::string ConvertHexToDec(std::string hex_str){
string ConvertHexToDec(string hex_str){
mpz_t dec;
mpz_init(dec);
......@@ -269,10 +270,10 @@ std::string ConvertHexToDec(std::string hex_str){
int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int ind ){
std::string pub_shares_str = public_shares;
string pub_shares_str = public_shares;
libff::init_alt_bn128_params();
std::vector<libff::alt_bn128_G2> pub_shares;
vector<libff::alt_bn128_G2> pub_shares;
uint64_t share_length = 256;
uint8_t coord_length = 64;
......@@ -280,10 +281,10 @@ int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int in
libff::alt_bn128_G2 pub_share;
uint64_t pos0 = share_length * i;
std::string x_c0_str = ConvertHexToDec(pub_shares_str.substr(pos0, coord_length));
std::string x_c1_str = ConvertHexToDec(pub_shares_str.substr(pos0 + coord_length, coord_length));
std::string y_c0_str = ConvertHexToDec(pub_shares_str.substr(pos0 + 2 * coord_length, coord_length));
std::string y_c1_str = ConvertHexToDec(pub_shares_str.substr(pos0 + 3 * coord_length, coord_length));
string x_c0_str = ConvertHexToDec(pub_shares_str.substr(pos0, coord_length));
string x_c1_str = ConvertHexToDec(pub_shares_str.substr(pos0 + coord_length, coord_length));
string y_c0_str = ConvertHexToDec(pub_shares_str.substr(pos0 + 2 * coord_length, coord_length));
string y_c1_str = ConvertHexToDec(pub_shares_str.substr(pos0 + 3 * coord_length, coord_length));
if (x_c0_str == "false" || x_c1_str == "false" || y_c0_str == "false" || y_c1_str == "false"){
return 2;
}
......@@ -296,10 +297,10 @@ int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int in
//for ( int j = 0; j < 4; j++) {
//uint64_t pos0 = share_length * j;
//std::string coord = ConvertHexToDec(pub_shares_str.substr(pos0 + j * coord_length, coord_length));
//string coord = ConvertHexToDec(pub_shares_str.substr(pos0 + j * coord_length, coord_length));
// if ( i == 0) {
// memset(public_shares, 0, strlen(public_shares));
// std::string coord = ConvertToString(pub_share.Y.c1);
// string coord = ConvertToString(pub_share.Y.c1);
// strncpy(public_shares, coord.c_str(), coord.length());
// }
//}
......@@ -318,7 +319,7 @@ int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int in
libff::alt_bn128_Fr sshare(tmp);
// strncpy(public_shares, tmp, strlen(tmp));
// std::string res = ConvertHexToDec("fe43567238abcdef98760");
// string res = ConvertHexToDec("fe43567238abcdef98760");
// strncpy(public_shares, res.c_str(), res.length());
......@@ -367,7 +368,7 @@ int calc_bls_public_key(char* skey_hex, char* pub_key){
libff::alt_bn128_G2 public_key = bls_skey * libff::alt_bn128_G2::one();
public_key.to_affine_coordinates();
std::string result = ConvertG2ToString(public_key);
string result = ConvertG2ToString(public_key);
strncpy(pub_key, result.c_str(), result.length());
......
secure_enclave/DKGUtils.h
View file @ 1deead1b
......@@ -21,8 +21,8 @@
@date 2019
*/
#ifndef SGXD_DKGUTILS_H
#define SGXD_DKGUTILS_H
#ifndef SGXWALLET_DKGUTILS_H
#define SGXWALLET_DKGUTILS_H
#ifdef __cplusplus
#define EXTERNC extern "C"
......@@ -34,13 +34,13 @@
EXTERNC int gen_dkg_poly( char* secret, unsigned _t);
EXTERNC void calc_secret_shares(const char* decrypted_koefs, char * secret_shares,
EXTERNC void calc_secret_shares(const char* decrypted_coeffs, char * secret_shares,
unsigned _t, unsigned _n);
EXTERNC int calc_secret_share(const char* decrypted_koefs, char * s_share,
EXTERNC int calc_secret_share(const char* decrypted_coeffs, char * s_share,
unsigned _t, unsigned _n, unsigned ind);
EXTERNC int calc_public_shares(const char* decrypted_koefs, char * public_shares,
EXTERNC int calc_public_shares(const char* decrypted_coeffs, char * public_shares,
unsigned _t);
EXTERNC int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int ind);
......@@ -51,5 +51,5 @@ EXTERNC void calc_secret_shareG2_old(const char* public_shares, char * s_shareG2
unsigned _t, unsigned ind);
EXTERNC int calc_secret_shareG2(const char* s_share, char * s_shareG2);
#endif //SGXD_DKGUTILS_H
#endif
secure_enclave/domain_parameters.c secure_enclave/DomainParameters.c
View file @ 1deead1b
......@@ -25,14 +25,14 @@
#include <stdlib.h>
#include <stdbool.h>
#include <string.h>
#include "domain_parameters.h"
#include "point.h"
#include "Point.h"
#include "DomainParameters.h"
/*Initialize a curve*/
domain_parameters domain_parameters_init()
{
domain_parameters curve;
curve = malloc(sizeof(struct domain_parameters_s));
curve = calloc(sizeof(struct domain_parameters_s),1);
//Initialize all members
mpz_init(curve->p);
......@@ -49,7 +49,7 @@ domain_parameters domain_parameters_init()
void domain_parameters_set_name(domain_parameters curve, char* name)
{
int len = strlen(name);
curve->name = (char*)malloc( sizeof(char) * (len+1) );
curve->name = (char*)calloc( sizeof(char) * (len+1), 1 );
curve->name[len] = '\0';
strncpy(curve->name, name, len+1);
}
......
secure_enclave/domain_parameters.h secure_enclave/DomainParameters.h
View file @ 1deead1b
......@@ -20,16 +20,20 @@
@author Stan Kladko
@date 2019
*/
#ifndef SGXWALLET_DOMAINPARAMETERS_H
#define SGXWALLET_DOMAINPARAMETERS_H
/*Type that represents a point*/
typedef struct point_s* point;
struct point_s
{
mpz_t x;
mpz_t y;
bool infinity;
mpz_t x;
mpz_t y;
bool infinity;
};
/*Type that represents a curve*/
typedef struct domain_parameters_s* domain_parameters;
struct domain_parameters_s
......@@ -66,3 +70,4 @@ void domain_parameters_set_hex(domain_parameters curve, char* name, char* p, cha
/*Release memory*/
void domain_parameters_clear(domain_parameters curve);
#endif
\ No newline at end of file
secure_enclave/BLSEnclave.cpp secure_enclave/EnclaveCommon.cpp
View file @ 1deead1b
......@@ -16,7 +16,7 @@
You should have received a copy of the GNU Affero General Public License
along with sgxwallet. If not, see <https://www.gnu.org/licenses/>.
@file BLSEnclave.cpp
@file EnclaveCommon.cpp
@author Stan Kladko
@date 2019
*/
......@@ -25,15 +25,19 @@
#include <string.h>
#include <cstdint>
//#include "../sgxwallet_common.h"
#include "enclave_common.h"
#include "BLSEnclave.h"
#include "../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.hpp"
#include "../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp"
std::string *stringFromKey(libff::alt_bn128_Fr *_key) {
#include "secure_enclave_t.h"
#include "EnclaveConstants.h"
#include "EnclaveCommon.h"
using namespace std;
string *stringFromKey(libff::alt_bn128_Fr *_key) {
mpz_t t;
mpz_init(t);
......@@ -45,10 +49,10 @@ std::string *stringFromKey(libff::alt_bn128_Fr *_key) {
char *tmp = mpz_get_str(arr, 10, t);
mpz_clear(t);
return new std::string(tmp);
return new string(tmp);
}
std::string *stringFromFq(libff::alt_bn128_Fq *_fq) {
string *stringFromFq(libff::alt_bn128_Fq *_fq) {
mpz_t t;
mpz_init(t);
......@@ -60,10 +64,10 @@ std::string *stringFromFq(libff::alt_bn128_Fq *_fq) {
char *tmp = mpz_get_str(arr, 10, t);
mpz_clear(t);
return new std::string(tmp);
return new string(tmp);
}
std::string *stringFromG1(libff::alt_bn128_G1 *_g1) {
string *stringFromG1(libff::alt_bn128_G1 *_g1) {
_g1->to_affine_coordinates();
......@@ -71,7 +75,7 @@ std::string *stringFromG1(libff::alt_bn128_G1 *_g1) {
auto sX = stringFromFq(&_g1->X);
auto sY = stringFromFq(&_g1->Y);
auto sG1 = new std::string(*sX + ":" + *sY);
auto sG1 = new string(*sX + ":" + *sY);
delete (sX);
delete (sY);
......@@ -95,14 +99,14 @@ libff::alt_bn128_Fr *keyFromString(const char *_keyStringHex) {
int inited = 0;
void init() {
void enclave_init() {
if (inited == 1)
return;
inited = 1;
libff::init_alt_bn128_params();
}
void checkKey(int *err_status, char *err_string, const char *_keyString) {
void checkKey(int *errStatus, char *err_string, const char *_keyString) {
uint64_t keyLen = strnlen(_keyString, MAX_KEY_LENGTH);
......@@ -114,7 +118,7 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
}
*err_status = -2;
*errStatus = -2;
if (_keyString == nullptr) {
......@@ -122,7 +126,7 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
return;
}
*err_status = -3;
*errStatus = -3;
//check that key is padded with 0s
......@@ -132,9 +136,9 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
}
}
// std::string ks(_keyString);
// string ks(_keyString);
//
// // std::string keyString =
// // string keyString =
// // "4160780231445160889237664391382223604184857153814275770598791864649971919844";
//
// auto key = keyFromString(ks.c_str());
......@@ -142,10 +146,10 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
// auto s1 = stringFromKey(key);
//
// if (s1->compare(ks) != 0) {
// throw std::exception();
// throw exception();
// }
*err_status = 0;
*errStatus = 0;
// return;
}
......@@ -161,7 +165,7 @@ bool enclave_sign(const char *_keyString, const char *_hashXString, const char *
auto key = keyFromString(_keyString);
if (key == nullptr) {
throw std::exception();
throw exception();
}
libff::alt_bn128_Fq hashX(_hashXString);
......@@ -270,4 +274,41 @@ bool hex2carray(const char * _hex, uint64_t *_bin_len,
}
enum log_level {L_TRACE = 0, L_DEBUG = 1, L_INFO = 2,L_WARNING = 3, L_ERROR = 4 };
uint32_t globalLogLevel_ = 2;
void logMsg(log_level _level, char* _msg) {
if (_level < globalLogLevel_)
return;
if (!_msg) {
oc_printf("Null msg in logMsg");
return;
}
oc_printf("***ENCLAVE_LOG***:");
oc_printf(_msg);
oc_printf("\n");
}
EXTERNC void LOG_INFO(char* _msg) {
logMsg(L_INFO, _msg);
};
EXTERNC void LOG_WARNING(char* _msg) {
logMsg(L_WARNING, _msg);
};
EXTERNC void LOG_ERROR(char* _msg) {
logMsg(L_ERROR, _msg);
};
EXTERNC void LOG_DEBUG(char* _msg) {
logMsg(L_DEBUG, _msg);
};
EXTERNC void LOG_TRACE(char* _msg) {
logMsg(L_TRACE, _msg);
};
secure_enclave/BLSEnclave.h secure_enclave/EnclaveCommon.h
View file @ 1deead1b
......@@ -21,8 +21,8 @@
@date 2019
*/
#ifndef SGXWALLET_BLSUTILS_H
#define SGXWALLET_BLSUTILS_H
#ifndef SGXWALLET_ENCLAVECOMMON_H
#define SGXWALLET_ENCLAVECOMMON_H
......@@ -34,9 +34,9 @@
//#include <stdint.h>
EXTERNC void checkKey(int *err_status, char *err_string, const char* _keyString);
EXTERNC void checkKey(int *errStatus, char *err_string, const char* _keyString);
EXTERNC void check_key(int *err_status, char *err_string, const char* _keyString);
EXTERNC void check_key(int *errStatus, char *err_string, const char* _keyString);
......@@ -49,7 +49,18 @@ EXTERNC bool hex2carray(const char * _hex, uint64_t *_bin_len,
uint8_t* _bin );
EXTERNC bool hex2carray2(const char * _hex, uint64_t *_bin_len,
uint8_t* _bin, const int _max_length );
EXTERNC void init();
EXTERNC void enclave_init();
#endif //SGXWALLET_BLSUTILS_H
EXTERNC void LOG_INFO(char* msg);
EXTERNC void LOG_WARNING(char* _msg);
EXTERNC void LOG_ERROR(char* _msg);
EXTERNC void LOG_DEBUG(char* _msg);
EXTERNC void LOG_TRACE(char* _msg);
extern uint32_t globalLogLevel_;
#endif //SGXWALLET_ENCLAVECOMMON_H
secure_enclave/Makefile.am
View file @ 1deead1b
......@@ -85,8 +85,8 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h
secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
secure_enclave.c \
curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c AESUtils.c \
DKGUtils.cpp BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
Curves.c DomainParameters.c NumberTheory.c Point.c Signature.c DHDkg.c AESUtils.c \
DKGUtils.cpp EnclaveCommon.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
......
secure_enclave/Makefile.in
View file @ 1deead1b
......@@ -107,10 +107,10 @@ am__installdirs = "$(DESTDIR)$(libexecdir)"
PROGRAMS = $(libexec_PROGRAMS)
am__objects_1 =
am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \
secure_enclave.$(OBJEXT) curves.$(OBJEXT) \
domain_parameters.$(OBJEXT) numbertheory.$(OBJEXT) \
point.$(OBJEXT) signature.$(OBJEXT) DH_dkg.$(OBJEXT) \
AESUtils.$(OBJEXT) DKGUtils.$(OBJEXT) BLSEnclave.$(OBJEXT) \
secure_enclave.$(OBJEXT) Curves.$(OBJEXT) \
DomainParameters.$(OBJEXT) NumberTheory.$(OBJEXT) \
Point.$(OBJEXT) Signature.$(OBJEXT) DHDkg.$(OBJEXT) \
AESUtils.$(OBJEXT) DKGUtils.$(OBJEXT) EnclaveCommon.$(OBJEXT) \
alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \
alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1)
secure_enclave_OBJECTS = $(am_secure_enclave_OBJECTS)
......@@ -338,8 +338,8 @@ ENCLAVE_CONFIG = $(ENCLAVE).config.xml
ENCLAVE_KEY = test_insecure_private_key.pem #$(ENCLAVE)_private.pem
secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
secure_enclave.c \
curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c AESUtils.c \
DKGUtils.cpp BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
Curves.c DomainParameters.c NumberTheory.c Point.c Signature.c DHDkg.c AESUtils.c \
DKGUtils.cpp EnclaveCommon.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
......@@ -433,19 +433,19 @@ distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/AESUtils.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Curves.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DHDkg.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DomainParameters.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/EnclaveCommon.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/NumberTheory.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Point.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Signature.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/curves.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domain_parameters.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numbertheory.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/point.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signature.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@
......
secure_enclave/numbertheory.c secure_enclave/NumberTheory.c
View file @ 1deead1b
......@@ -25,7 +25,7 @@
#include <stdio.h>
#include <../tgmp-build/include/sgx_tgmp.h>
#include <stdbool.h>
#include "numbertheory.h"
#include "NumberTheory.h"
/*Calculate R = a^k mod P, using repeated square-and-multiply algorithm
*Handbook of applied cryptography: Algorithm 2.143. */
......
secure_enclave/point.c secure_enclave/Point.c
View file @ 1deead1b
......@@ -27,15 +27,16 @@
#include <string.h>
#include <assert.h>
#include <stdbool.h>
#include "domain_parameters.h"
#include "point.h"
#include "numbertheory.h"
#include "NumberTheory.h"
#include "DomainParameters.h"
#include "Point.h"
/*Initialize a point*/
point point_init()
{
point p;
p = malloc(sizeof(struct point_s));
p = calloc(sizeof(struct point_s), 1);
mpz_init(p->x);
mpz_init(p->y);
p->infinity = false;
......@@ -364,7 +365,7 @@ char* point_compress(point P)
//Reserve memory
int l = mpz_sizeinbase(P->x, 16) + 2;
char* result = (char*)malloc(l + 1);
char* result = (char*)calloc(l + 1, 1);
result[l] = '\0';
mpz_t t1;mpz_init(t1);
......
secure_enclave/point.h secure_enclave/Point.h
View file @ 1deead1b
......@@ -21,6 +21,13 @@
@date 2019
*/
#ifndef SGXWALLET_POINT_H
#define SGXWALLET_POINT_H
#include "DomainParameters.h"
/*Initialize a point*/
point point_init();
......@@ -71,3 +78,4 @@ void point_copy(point R, point P);
/*Set a point from another point*/
void point_set(point R, point P);
#endif
\ No newline at end of file
secure_enclave/signature.c secure_enclave/Signature.c
View file @ 1deead1b
......@@ -26,10 +26,10 @@
#include <../tgmp-build/include/sgx_tgmp.h>
#include <stdbool.h>
#include <assert.h>
#include "domain_parameters.h"
#include "point.h"
#include "signature.h"
#include "numbertheory.h"
#include "DomainParameters.h"
#include "Point.h"
#include "NumberTheory.h"
#include "Signature.h"
/*Initialize a signature*/
signature signature_init() {
......@@ -97,7 +97,7 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para
mpz_init(k); mpz_init(x); mpz_init(r); mpz_init(t1); mpz_init(t2); mpz_init(t3); mpz_init(s);
mpz_init(t4); mpz_init(t5); mpz_init(n_div_2); mpz_init(rem); mpz_init(neg); mpz_init(seed);
unsigned char *rand_char = (unsigned char *) malloc(32);
unsigned char *rand_char = (unsigned char *) calloc(32,1);
sgx_read_rand(rand_char, 32);
......
secure_enclave/signature.h secure_enclave/Signature.h
View file @ 1deead1b
......@@ -21,6 +21,9 @@
@date 2019
*/
#ifndef SGXWALLET_SIGNATURE_H
#define SGXWALLET_SIGNATURE_H
/*Type for representing a signature*/
struct signature_s
{
......@@ -64,4 +67,4 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para
/*Verify the integrity of a message using it's signature*/
bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve);
#endif
secure_enclave/secure_enclave.c
View file @ 1deead1b
......@@ -31,32 +31,32 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <math.h>
#include <string.h>
#include <stdio.h>
#include <stdbool.h>
#include "secure_enclave_t.h"
#include "sgx_tcrypto.h"
#include "sgx_tseal.h"
#include <sgx_tgmp.h>
#include <sgx_trts.h>
#include <math.h>
#include <string.h>
#include <stdio.h>
#include <stdbool.h>
#include "domain_parameters.h"
#include "point.h"
#include "signature.h"
#include "curves.h"
#include "DH_dkg.h"
#include <sgx_tcrypto.h>
#include "Point.h"
#include "DomainParameters.h"
#include "Signature.h"
#include "Curves.h"
#include "DHDkg.h"
#include "AESUtils.h"
//#include "../sgxwallet_common.h"
#include "enclave_common.h"
uint8_t Decrypted_dkg_poly[DKG_BUFER_LENGTH];
#include "EnclaveConstants.h"
#include "EnclaveCommon.h"
uint8_t decryptedDkgPoly[DKG_BUFER_LENGTH];
void *(*gmp_realloc_func)(void *, size_t, size_t);
......@@ -72,13 +72,24 @@ void *reallocate_function(void *, size_t, size_t);
void free_function(void *, size_t);
void tgmp_init() {
oc_printf("Initing tgmp library\n");
void trustedEnclaveInit(uint32_t _logLevel) {
LOG_DEBUG (__FUNCTION__);
globalLogLevel_ = _logLevel;
oc_realloc_func = &reallocate_function;
oc_free_func = &free_function;
mp_get_memory_functions(NULL, &gmp_realloc_func, &gmp_free_func);
mp_set_memory_functions(NULL, oc_realloc_func, oc_free_func);
enclave_init();
LOG_DEBUG("SUCCESS");
}
void free_function(void *ptr, size_t sz) {
......@@ -117,22 +128,24 @@ void *reallocate_function(void *ptr, size_t osize, size_t nsize) {
return (void *) nptr;
}
void e_mpz_add(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void trustedEMpzAdd(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void e_mpz_mul(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void trustedEMpzMul(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void e_mpz_div(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void trustedEMpzDiv(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void e_mpf_div(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {}
void trustedEMpfDiv(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {}
void generate_ecdsa_key(int *err_status, char *err_string,
void trustedGenerateEcdsaKey(int *errStatus, char *err_string,
uint8_t *encrypted_key, uint32_t *enc_len, char *pub_key_x, char *pub_key_y) {
LOG_DEBUG (__FUNCTION__);
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
unsigned char *rand_char = (unsigned char *) malloc(32);
unsigned char *rand_char = (unsigned char *) calloc(32, 1);
sgx_read_rand(rand_char, 32);
mpz_t seed;
......@@ -189,7 +202,7 @@ void generate_ecdsa_key(int *err_status, char *err_string,
(sgx_sealed_data_t *) encrypted_key);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "seal ecsdsa private key failed");
*err_status = status;
*errStatus = status;
return;
}
......@@ -201,10 +214,10 @@ void generate_ecdsa_key(int *err_status, char *err_string,
}
void get_public_ecdsa_key(int *err_status, char *err_string,
void trustedGetPublicEcdsaKey(int *errStatus, char *err_string,
uint8_t *encrypted_key, uint32_t dec_len, char *pub_key_x, char *pub_key_y) {
//uint32_t dec_len = 0;
LOG_DEBUG (__FUNCTION__);
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
......@@ -216,7 +229,7 @@ void get_public_ecdsa_key(int *err_status, char *err_string,
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed with status %d", status);
*err_status = status;
*errStatus = status;
return;
}
......@@ -227,7 +240,7 @@ void get_public_ecdsa_key(int *err_status, char *err_string,
// mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
if (mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE) == -1) {
snprintf(err_string, BUF_LEN, "wrong string to init private key");
*err_status = -10;
*errStatus = -10;
mpz_clear(skey_mpz);
return;
}
......@@ -242,7 +255,7 @@ void get_public_ecdsa_key(int *err_status, char *err_string,
if (!point_cmp(Pkey, Pkey_test)) {
snprintf(err_string, BUF_LEN, "Points are not equal");
*err_status = -11;
*errStatus = -11;
return;
}
......@@ -273,9 +286,11 @@ void get_public_ecdsa_key(int *err_status, char *err_string,
point_clear(Pkey);
}
void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint32_t dec_len,
void trustedEcdsaSign(int *errStatus, char *err_string, uint8_t *encrypted_key, uint32_t dec_len,
unsigned char *hash, char *sig_r, char *sig_s, uint8_t *sig_v, int base) {
LOG_DEBUG (__FUNCTION__);
char* arr_m = NULL;
char* arr_r = NULL;
char* arr_s;
......@@ -298,7 +313,7 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, secretKey, &dec_len);
if (status != SGX_SUCCESS) {
*err_status = status;
*errStatus = status;
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed - encrypted_key with status %d", status);
goto clean;
}
......@@ -306,13 +321,13 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint
//snprintf(err_string, BUF_LEN, "pr key is %s length %d ", skey, strlen(skey));
if (mpz_set_str(skey_mpz, secretKey, ECDSA_SKEY_BASE) == -1) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "invalid secret key");
goto clean;
}
if (mpz_set_str(msg_mpz, hash, 16) == -1) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "invalid message hash");
goto clean;
}
......@@ -323,7 +338,7 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint
signature_extract_public_key(publicKey, skey_mpz, curve);
if (!signature_verify(msg_mpz, sign, publicKey, curve)) {
*err_status = -2;
*errStatus = -2;
snprintf(err_string, BUF_LEN, "signature is not verified");
goto clean;
}
......@@ -371,18 +386,18 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint
}
void encrypt_key(int *err_status, char *err_string, char *key,
void trustedEncryptKey(int *errStatus, char *err_string, char *key,
uint8_t *encrypted_key, uint32_t *enc_len) {
//init();
LOG_DEBUG (__FUNCTION__);
*err_status = UNKNOWN_ERROR;
*errStatus = UNKNOWN_ERROR;
memset(err_string, 0, BUF_LEN);
checkKey(err_status, err_string, key);
checkKey(errStatus, err_string, key);
if (*err_status != 0) {
if (*errStatus != 0) {
snprintf(err_string + strlen(err_string), BUF_LEN, "check_key failed");
return;
}
......@@ -391,7 +406,7 @@ void encrypt_key(int *err_status, char *err_string, char *key,
if (sealedLen > BUF_LEN) {
*err_status = ENCRYPTED_KEY_TOO_LONG;
*errStatus = ENCRYPTED_KEY_TOO_LONG;
snprintf(err_string, BUF_LEN, "sealedLen > MAX_ENCRYPTED_KEY_LENGTH");
return;
}
......@@ -402,7 +417,7 @@ void encrypt_key(int *err_status, char *err_string, char *key,
sgx_status_t status = sgx_seal_data(0, NULL, MAX_KEY_LENGTH, (uint8_t *) key, sealedLen,
(sgx_sealed_data_t *) encrypted_key);
if (status != SGX_SUCCESS) {
*err_status = SEAL_KEY_FAILED;
*errStatus = SEAL_KEY_FAILED;
snprintf(err_string, BUF_LEN, "SGX seal data failed with status %d", status);
return;
}
......@@ -412,10 +427,10 @@ void encrypt_key(int *err_status, char *err_string, char *key,
char decryptedKey[BUF_LEN];
memset(decryptedKey, 0, BUF_LEN);
decrypt_key(err_status, err_string, encrypted_key, sealedLen, decryptedKey);
trustedDecryptKey(errStatus, err_string, encrypted_key, sealedLen, decryptedKey);
if (*err_status != 0) {
snprintf(err_string + strlen(err_string), BUF_LEN, ":decrypt_key failed");
if (*errStatus != 0) {
snprintf(err_string + strlen(err_string), BUF_LEN, ":trustedDecryptKey failed");
return;
}
......@@ -427,30 +442,30 @@ void encrypt_key(int *err_status, char *err_string, char *key,
}
*err_status = -8;
*errStatus = -8;
if (strncmp(key, decryptedKey, MAX_KEY_LENGTH) != 0) {
snprintf(err_string, BUF_LEN, "Decrypted key does not match original key");
return;
}
*err_status = 0;
*errStatus = 0;
}
void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
void trustedDecryptKey(int *errStatus, char *err_string, uint8_t *encrypted_key,
uint32_t enc_len, char *key) {
init();
LOG_DEBUG (__FUNCTION__);
uint32_t decLen;
*err_status = -9;
*errStatus = -9;
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, (uint8_t *) key, &decLen);
if (status != SGX_SUCCESS) {
*err_status = status;
*errStatus = status;
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed with status %d", status);
return;
}
......@@ -462,7 +477,7 @@ void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
return;
}
*err_status = -10;
*errStatus = -10;
uint64_t keyLen = strnlen(key, MAX_KEY_LENGTH);
......@@ -473,38 +488,28 @@ void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
return;
}
// check that key is padded with 0s
// for (int i = keyLen; i < MAX_KEY_LENGTH; i++) {
// if (key[i] != 0) {
// snprintf(err_string, BUF_LEN, "Unpadded key");
// return;
// }
// }
//strncpy(key, "2f993bb09f16c402a27dae868c02791bca7fcf564f1c9e2ba50b142b843a4b60", BUF_LEN);
*err_status = 0;
*errStatus = 0;
return;
}
void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
void trustedBlsSignMessage(int *errStatus, char *err_string, uint8_t *encrypted_key,
uint32_t enc_len, char *_hashX,
char *_hashY, char *signature) {
LOG_DEBUG (__FUNCTION__);
char key[BUF_LEN];
char *sig = (char *) calloc(BUF_LEN, 1);
// char sig[2 * BUF_LEN];
init();
decrypt_key(err_status, err_string, encrypted_key, enc_len, key);
if (*err_status != 0) {
trustedDecryptKey(errStatus, err_string, encrypted_key, enc_len, key);
if (*errStatus != 0) {
strncpy(signature, err_string, BUF_LEN);
return;
}
......@@ -514,19 +519,21 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
strncpy(signature, sig, BUF_LEN);
if (strnlen(signature, BUF_LEN) < 10) {
*err_status = -1;
*errStatus = -1;
return;
}
free(sig);
}
void gen_dkg_secret(int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t *enc_len, size_t _t) {
void trustedGenDkgSecret(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t *enc_len, size_t _t) {
LOG_DEBUG (__FUNCTION__);
char dkg_secret[DKG_BUFER_LENGTH]; //= (char*)malloc(DKG_BUFER_LENGTH);
char dkg_secret[DKG_BUFER_LENGTH];
if (gen_dkg_poly(dkg_secret, _t) != 0) {
*err_status = -1;
*errStatus = -1;
return;
}
......@@ -540,7 +547,7 @@ void gen_dkg_secret(int *err_status, char *err_string, uint8_t *encrypted_dkg_se
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "SGX seal data failed");
*err_status = status;
*errStatus = status;
return;
}
......@@ -548,38 +555,38 @@ void gen_dkg_secret(int *err_status, char *err_string, uint8_t *encrypted_dkg_se
//free(dkg_secret);
}
void decrypt_dkg_secret(int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint8_t *decrypted_dkg_secret,
void trustedDecryptDkgSecret(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint8_t *decrypted_dkg_secret,
uint32_t *dec_len) {
//uint32_t dec_size = DKG_BUFER_LENGTH;//sgx_get_encrypt_txt_len( ( sgx_sealed_data_t *)encrypted_dkg_secret);
LOG_DEBUG (__FUNCTION__);
uint32_t decr_len;
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_dkg_secret, NULL, 0, decrypted_dkg_secret, &decr_len);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", status);
*err_status = status;
*errStatus = status;
return;
}
*dec_len = decr_len;
}
void get_secret_shares(int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t *dec_len,
void trustedGetSecretShares(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t *dec_len,
char *secret_shares,
unsigned _t, unsigned _n) {
char decrypted_dkg_secret[DKG_BUFER_LENGTH]; //= (char*)malloc(DKG_BUFER_LENGTH);
LOG_DEBUG (__FUNCTION__);
char decrypted_dkg_secret[DKG_BUFER_LENGTH];
//char decrypted_dkg_secret[DKG_MAX_SEALED_LEN];
uint32_t decr_len;
//uint32_t* decr_len_test = (char*)malloc(1);
decrypt_dkg_secret(err_status, err_string, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len);
//sgx_status_t status = sgx_unseal_data(
// (const sgx_sealed_data_t *)encrypted_dkg_secret, NULL, 0, (uint8_t*)decrypted_dkg_secret, &decr_len);
trustedDecryptDkgSecret(errStatus, err_string, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len);
if (*err_status != 0) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", *err_status);
if (*errStatus != 0) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", *errStatus);
return;
}
......@@ -590,22 +597,23 @@ void get_secret_shares(int *err_status, char *err_string, uint8_t *encrypted_dkg
//free(decrypted_dkg_secret);
}
void get_public_shares(int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t enc_len,
void trustedGetPublicShares(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t enc_len,
char *public_shares,
unsigned _t, unsigned _n) {
//char decrypted_dkg_secret[DKG_MAX_SEALED_LEN * 2]; //= (char*)malloc(DKG_MAX_SEALED_LEN);
char *decrypted_dkg_secret = (char *) malloc(DKG_MAX_SEALED_LEN);
LOG_DEBUG (__FUNCTION__);
char *decrypted_dkg_secret = (char *) calloc(DKG_MAX_SEALED_LEN, 1);
uint32_t decr_len;
decrypt_dkg_secret(err_status, err_string, (uint8_t *) encrypted_dkg_secret, decrypted_dkg_secret, &decr_len);
if (*err_status != 0) {
snprintf(err_string, BUF_LEN, "decrypt_dkg_secret failed with status %d", *err_status);
trustedDecryptDkgSecret(errStatus, err_string, (uint8_t *) encrypted_dkg_secret, decrypted_dkg_secret, &decr_len);
if (*errStatus != 0) {
snprintf(err_string, BUF_LEN, "trustedDecryptDkgSecret failed with status %d", *errStatus);
return;
}
//strncpy(err_string, decrypted_dkg_secret, 1024);
// strncpy(err_string, "before calc_public_shares ", 1024);
if (calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "t does not match polynomial in db");
return;
}
......@@ -613,23 +621,25 @@ void get_public_shares(int *err_status, char *err_string, uint8_t *encrypted_dkg
}
void set_encrypted_dkg_poly(int *err_status, char *err_string, uint8_t *encrypted_poly) {
memset(Decrypted_dkg_poly, 0, DKG_BUFER_LENGTH);
void trustedSetEncryptedDkgPoly(int *errStatus, char *err_string, uint8_t *encrypted_poly) {
memset(decryptedDkgPoly, 0, DKG_BUFER_LENGTH);
uint32_t decr_len;
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_poly, NULL, 0, Decrypted_dkg_poly, &decr_len);
(const sgx_sealed_data_t *) encrypted_poly, NULL, 0, decryptedDkgPoly, &decr_len);
if (status != SGX_SUCCESS) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_poly failed with status %d", status);
return;
}
}
void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey, uint32_t *dec_len,
void trustedGetEncryptedSecretShare(int *errStatus, char *err_string, uint8_t *encrypted_skey, uint32_t *dec_len,
char *result_str, char *s_shareG2, char *pub_keyB, uint8_t _t, uint8_t _n, uint8_t ind) {
LOG_DEBUG (__FUNCTION__);
char skey[ECDSA_SKEY_LEN];
char pub_key_x[BUF_LEN];
memset(pub_key_x, 0, BUF_LEN);
......@@ -640,11 +650,10 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey,
uint32_t enc_len;
generate_ecdsa_key(err_status, err_string, encrypted_skey, &enc_len, pub_key_x, pub_key_y);
if (*err_status != 0) {
trustedGenerateEcdsaKey(errStatus, err_string, encrypted_skey, &enc_len, pub_key_x, pub_key_y);
if (*errStatus != 0) {
return;
}
// snprintf(err_string, BUF_LEN,"pub_key_x is %s", pub_key_x);
*dec_len = enc_len;
......@@ -653,95 +662,76 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey,
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed - encrypted_skey with status %d", status);
*err_status = status;
*errStatus = status;
return;
}
snprintf(err_string, BUF_LEN, "unsealed random skey is %s\n", skey);
char *common_key[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
char *common_key[ECDSA_SKEY_LEN];
gen_session_key(skey, pub_keyB, common_key);
//snprintf(err_string + 81, BUF_LEN,"pub_key_B is %s length is %d", pub_keyB, strlen(pub_keyB));
//snprintf(err_string + 88, BUF_LEN - 88,"\ncommon key is %s", common_key);
char *s_share[ECDSA_SKEY_LEN]; ;
char *s_share[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
//char s_share[65];
if (calc_secret_share(Decrypted_dkg_poly, s_share, _t, _n, ind) != 0) {
*err_status = -1;
if (calc_secret_share(decryptedDkgPoly, s_share, _t, _n, ind) != 0) {
*errStatus = -1;
snprintf(err_string, BUF_LEN, "\nt does not match poly degree\n");
return;
}
snprintf(err_string + 88, BUF_LEN, "\nsecret share is %s", s_share);
if (calc_secret_shareG2(s_share, s_shareG2) != 0) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "invalid decr secret share\n");
return;
}
char *cypher[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
char *cypher[ECDSA_SKEY_LEN];
xor_encrypt(common_key, s_share, cypher);
if (cypher == NULL) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key");
return;
}
//snprintf(err_string, BUF_LEN ,"cypher is %s length is %d", cypher, strlen(cypher));
strncpy(result_str, cypher, strlen(cypher));
strncpy(result_str + strlen(cypher), pub_key_x, strlen(pub_key_x));
strncpy(result_str + strlen(pub_key_x) + strlen(pub_key_y), pub_key_y, strlen(pub_key_y));
// snprintf(err_string, BUF_LEN,"s_share is %s length is %d", result_str, strlen(result_str));
//mpz_clear(skey);
//free(skey);
//free(common_key);
//free(pub_key_x);
//free(pub_key_y);
//free(s_share);
//free(cypher);
}
void complaint_response(int *err_status, char *err_string, uint8_t *encrypted_DHkey, uint8_t *encrypted_dkg_secret,
void trustedComplaintResponse(int *errStatus, char *err_string, uint8_t *encryptedDHKey, uint8_t *encrypted_dkg_secret,
uint32_t *dec_len,
char *DH_key, char *s_shareG2, uint8_t _t, uint8_t _n, uint8_t ind1) {
LOG_DEBUG (__FUNCTION__);
uint32_t enc_len;
// sgx_status_t status = sgx_unseal_data(
// (const sgx_sealed_data_t *)encrypted_DHkey, NULL, 0, (uint8_t *)DH_key, &enc_len);
// if (status != SGX_SUCCESS) {
// snprintf(err_string, BUF_LEN,"sgx_unseal_data - encrypted_DHkey failed with status %d", status);
// return;
// }
char decrypted_dkg_secret[DKG_BUFER_LENGTH]; //= (char*)malloc(DKG_BUFER_LENGTH);
char decrypted_dkg_secret[DKG_BUFER_LENGTH];
uint32_t decr_len;
decrypt_dkg_secret(err_status, err_string, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len);
if (*err_status != 0) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", *err_status);
trustedDecryptDkgSecret(errStatus, err_string, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len);
if (*errStatus != 0) {
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", *errStatus);
return;
}
calc_secret_shareG2_old(decrypted_dkg_secret, s_shareG2, _t, ind1);
//snprintf(err_string, BUF_LEN,"poly:%s", decrypted_dkg_secret);
// snprintf(err_string, BUF_LEN,"what the ...");
//snprintf(err_string, BUF_LEN,"s_shareG2:%s", s_shareG2);
// free(decrypted_dkg_secret);
}
void dkg_verification(int *err_status, char *err_string, const char *public_shares, const char *s_share,
void trustedDkgVerify(int *errStatus, char *err_string, const char *public_shares, const char *s_share,
uint8_t *encrypted_key, uint64_t key_len, unsigned _t, int _ind, int *result) {
//uint32_t dec_len = 625;
LOG_DEBUG (__FUNCTION__);
char skey[ECDSA_SKEY_LEN];
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, (uint8_t *) skey, &key_len);
if (status != SGX_SUCCESS) {
*err_status = status;
*errStatus = status;
snprintf(err_string, BUF_LEN, "sgx_unseal_key failed with status %d", status);
return;
}
......@@ -755,31 +745,26 @@ void dkg_verification(int *err_status, char *err_string, const char *public_shar
session_key_recover(skey, s_share, common_key);
common_key[ECDSA_SKEY_LEN - 1] = 0;
if (common_key == NULL) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key");
return;
}
xor_decrypt(common_key, encr_sshare, decr_sshare);
if (decr_sshare == NULL) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key");
return;
}
//snprintf(err_string, BUF_LEN,"encr_share is %s length is %d", encr_sshare, strlen(encr_sshare));
//snprintf(err_string, BUF_LEN,"s_share is %s length is %d", s_share, strlen(s_share));
// snprintf(err_string, BUF_LEN,"sshare is %s\n", decr_sshare);
// snprintf(err_string + 75, BUF_LEN - 75,"common_key is %s\n", common_key);
// snprintf(err_string + 153, BUF_LEN - 153," s_key is %s", skey);
LOG_DEBUG (__FUNCTION__);
mpz_t s;
mpz_init(s);
if (mpz_set_str(s, decr_sshare, 16) == -1) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid decr secret share");
mpz_clear(s);
return;
......@@ -791,14 +776,16 @@ void dkg_verification(int *err_status, char *err_string, const char *public_shar
}
void create_bls_key(int *err_status, char *err_string, const char *s_shares,
void trustedCreateBlsKey(int *errStatus, char *err_string, const char *s_shares,
uint8_t *encrypted_key, uint64_t key_len, uint8_t *encr_bls_key, uint32_t *enc_bls_key_len) {
LOG_DEBUG (__FUNCTION__);
char skey[ECDSA_SKEY_LEN];
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, (uint8_t *) skey, &key_len);
if (status != SGX_SUCCESS) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "sgx_unseal_key failed with status %d", status);
return;
}
......@@ -810,9 +797,6 @@ void create_bls_key(int *err_status, char *err_string, const char *s_shares,
mpz_set_ui(sum, 0);
//snprintf(err_string, BUF_LEN,"comon0 is %s len is %d\n", common_key, strlen(common_key));
for (int i = 0; i < num_shares; i++) {
char encr_sshare[65];
strncpy(encr_sshare, s_shares + 192 * i, 64);
......@@ -827,34 +811,26 @@ void create_bls_key(int *err_status, char *err_string, const char *s_shares,
common_key[64] = 0;
if (common_key == NULL) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key");
mpz_clear(sum);
return;
}
//snprintf(err_string + 85*(i+1) , BUF_LEN,"common is %s len is %d\n", common_key, strlen(common_key));
//snprintf(err_string + 201*i , BUF_LEN,"secret is %s",s_share);
char decr_sshare[65];
xor_decrypt(common_key, encr_sshare, decr_sshare);
if (decr_sshare == NULL) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key");
mpz_clear(sum);
return;
}
//decr_sshare[64] = 0;
//snprintf(err_string + 158 * i, BUF_LEN,"decr sshare is %s", decr_sshare);
//snprintf(err_string + 158 * i + 79, BUF_LEN," common_key is %s", common_key);
mpz_t decr_secret_share;
mpz_init(decr_secret_share);
if (mpz_set_str(decr_secret_share, decr_sshare, 16) == -1) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid decrypted secret share");
mpz_clear(decr_secret_share);
return;
......@@ -882,7 +858,7 @@ void create_bls_key(int *err_status, char *err_string, const char *s_shares,
status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t *) key_share, sealedLen,
(sgx_sealed_data_t *) encr_bls_key);
if (status != SGX_SUCCESS) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "seal bls private key failed with status %d ", status);
mpz_clear(bls_key);
mpz_clear(sum);
......@@ -892,20 +868,14 @@ void create_bls_key(int *err_status, char *err_string, const char *s_shares,
*enc_bls_key_len = sealedLen;
// mpz_t s;
// mpz_init(s);
// mpz_set_str(s, decr_sshare, 16);
//snprintf(err_string, BUF_LEN,"val is %s", decrypted_dkg_secret);
mpz_clear(bls_key);
mpz_clear(sum);
mpz_clear(q);
}
void get_bls_pub_key(int *err_status, char *err_string, uint8_t *encrypted_key, uint64_t key_len, char *bls_pub_key) {
void trustedGetBlsPubKey(int *errStatus, char *err_string, uint8_t *encrypted_key, uint64_t key_len, char *bls_pub_key) {
LOG_DEBUG (__FUNCTION__);
char skey_hex[ECDSA_SKEY_LEN];
......@@ -914,22 +884,24 @@ void get_bls_pub_key(int *err_status, char *err_string, uint8_t *encrypted_key,
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, (uint8_t *) skey_hex, &len);
if (status != SGX_SUCCESS) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed with status %d", status);
return;
}
if (calc_bls_public_key(skey_hex, bls_pub_key) != 0) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "could not calculate bls public key");
return;
}
}
void generate_SEK(int *err_status, char *err_string,
void trustedGenerateSEK(int *errStatus, char *err_string,
uint8_t *encrypted_SEK, uint32_t *enc_len, char *SEK_hex) {
LOG_DEBUG (__FUNCTION__);
uint8_t SEK_raw[SGX_AESGCM_KEY_SIZE];
//unsigned char* rand_char = (unsigned char*)malloc(16);
sgx_read_rand(SEK_raw, SGX_AESGCM_KEY_SIZE);
uint32_t hex_aes_key_length = SGX_AESGCM_KEY_SIZE * 2;
......@@ -946,19 +918,18 @@ void generate_SEK(int *err_status, char *err_string,
(sgx_sealed_data_t *) encrypted_SEK);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "seal SEK failed");
*err_status = status;
*errStatus = status;
return;
}
//strncpy(SEK_hex, SEK, hex_aes_key_length);
*enc_len = sealedLen;
//free(rand_char);
}
void set_SEK(int *err_status, char *err_string, uint8_t *encrypted_SEK, uint64_t encr_len) {
void trustedSetSEK(int *errStatus, char *err_string, uint8_t *encrypted_SEK, uint64_t encr_len) {
//memset(AES_key, 0, SGX_AESGCM_KEY_SIZE);
LOG_DEBUG (__FUNCTION__);
uint8_t aes_key_hex[SGX_AESGCM_KEY_SIZE * 2];
memset(aes_key_hex, 0, SGX_AESGCM_KEY_SIZE * 2);
......@@ -966,7 +937,7 @@ void set_SEK(int *err_status, char *err_string, uint8_t *encrypted_SEK, uint64_t
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_SEK, NULL, 0, aes_key_hex, &encr_len);
if (status != SGX_SUCCESS) {
*err_status = status;
*errStatus = status;
snprintf(err_string, BUF_LEN, "sgx unseal SEK failed with status %d", status);
return;
}
......@@ -976,9 +947,11 @@ void set_SEK(int *err_status, char *err_string, uint8_t *encrypted_SEK, uint64_t
}
void set_SEK_backup(int *err_status, char *err_string,
void trustedSetSEK_backup(int *errStatus, char *err_string,
uint8_t *encrypted_SEK, uint32_t *enc_len, const char *SEK_hex) {
LOG_DEBUG (__FUNCTION__);
uint64_t len;
hex2carray(SEK_hex, &len, (uint8_t *) AES_key);
......@@ -988,22 +961,22 @@ void set_SEK_backup(int *err_status, char *err_string,
(sgx_sealed_data_t *) encrypted_SEK);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "seal SEK failed with status %d", status);
*err_status = status;
*errStatus = status;
return;
}
//strncpy(SEK_hex, SEK, hex_aes_key_length);
*enc_len = sealedLen;
}
void generate_ecdsa_key_aes(int *err_status, char *err_string,
void trustedGenerateEcdsaKeyAES(int *errStatus, char *err_string,
uint8_t *encrypted_key, uint32_t *enc_len, char *pub_key_x, char *pub_key_y) {
LOG_DEBUG (__FUNCTION__);
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
unsigned char *rand_char = (unsigned char *) malloc(32);
unsigned char *rand_char = (unsigned char *) calloc(32, 1);
sgx_read_rand(rand_char, 32);
mpz_t seed;
......@@ -1051,7 +1024,7 @@ void generate_ecdsa_key_aes(int *err_status, char *err_string,
if (stat != 0) {
snprintf(err_string, BUF_LEN, "ecdsa private key encryption failed");
*err_status = stat;
*errStatus = stat;
return;
}
......@@ -1060,7 +1033,7 @@ void generate_ecdsa_key_aes(int *err_status, char *err_string,
stat = AES_decrypt(encrypted_key, *enc_len, skey_str);
if (stat != 0) {
snprintf(err_string + 19 + strlen(skey_str), BUF_LEN, "ecdsa private key decr failed with status %d", stat);
//*err_status = stat;
//*errStatus = stat;
return;
}
......@@ -1069,9 +1042,11 @@ void generate_ecdsa_key_aes(int *err_status, char *err_string,
point_clear(Pkey);
}
void get_public_ecdsa_key_aes(int *err_status, char *err_string,
void trustedGetPublicEcdsaKeyAES(int *errStatus, char *err_string,
uint8_t *encrypted_key, uint32_t enc_len, char *pub_key_x, char *pub_key_y) {
LOG_DEBUG (__FUNCTION__);
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
......@@ -1081,7 +1056,7 @@ void get_public_ecdsa_key_aes(int *err_status, char *err_string,
if (status != 0) {
snprintf(err_string, BUF_LEN, "AES_decrypt failed with status %d", status);
*err_status = status;
*errStatus = status;
return;
}
......@@ -1094,7 +1069,7 @@ void get_public_ecdsa_key_aes(int *err_status, char *err_string,
// mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
if (mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE) == -1) {
snprintf(err_string, BUF_LEN, "wrong string to init private key - %s", skey);
*err_status = -10;
*errStatus = -10;
mpz_clear(skey_mpz);
return;
}
......@@ -1109,17 +1084,17 @@ void get_public_ecdsa_key_aes(int *err_status, char *err_string,
if (!point_cmp(Pkey, Pkey_test)) {
snprintf(err_string, BUF_LEN, "Points are not equal");
*err_status = -11;
*errStatus = -11;
return;
}
int base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2;
//snprintf(err_string, BUF_LEN, "len = %d\n", len);
char arr_x[len];
char *px = mpz_get_str(arr_x, base, Pkey->x);
//snprintf(err_string, BUF_LEN, "arr=%p px=%p\n", arr_x, px);
int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0';
......@@ -1140,9 +1115,11 @@ void get_public_ecdsa_key_aes(int *err_status, char *err_string,
point_clear(Pkey);
}
void ecdsa_sign_aes(int *err_status, char *err_string, uint8_t *encrypted_key, uint32_t enc_len,
void trustedEcdsaSignAES(int *errStatus, char *err_string, uint8_t *encrypted_key, uint32_t enc_len,
unsigned char *hash, char *sig_r, char *sig_s, uint8_t *sig_v, int base) {
LOG_DEBUG (__FUNCTION__);
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
......@@ -1151,7 +1128,7 @@ void ecdsa_sign_aes(int *err_status, char *err_string, uint8_t *encrypted_key, u
int status = AES_decrypt(encrypted_key, enc_len, skey);
if (status != 0) {
*err_status = status;
*errStatus = status;
snprintf(err_string, BUF_LEN, "aes decrypt failed with status %d", status);
return;
}
......@@ -1162,7 +1139,7 @@ void ecdsa_sign_aes(int *err_status, char *err_string, uint8_t *encrypted_key, u
mpz_t skey_mpz;
mpz_init(skey_mpz);
if (mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE) == -1) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "invalid secret key");
mpz_clear(skey_mpz);
return;
......@@ -1172,7 +1149,7 @@ void ecdsa_sign_aes(int *err_status, char *err_string, uint8_t *encrypted_key, u
mpz_t msg_mpz;
mpz_init(msg_mpz);
if (mpz_set_str(msg_mpz, hash, 16) == -1) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "invalid message hash");
mpz_clear(msg_mpz);
return;
......@@ -1187,14 +1164,11 @@ void ecdsa_sign_aes(int *err_status, char *err_string, uint8_t *encrypted_key, u
signature_extract_public_key(Pkey, skey_mpz, curve);
if (!signature_verify(msg_mpz, sign, Pkey, curve)) {
*err_status = -2;
*errStatus = -2;
snprintf(err_string, BUF_LEN, "signature is not verified! ");
return;
}
//char arr_x[mpz_sizeinbase (Pkey->x, 16) + 2];
//char* px = mpz_get_str(arr_x, 16, Pkey->x);
//snprintf(err_string, BUF_LEN,"pub key x %s ", arr_x);
char arr_m[mpz_sizeinbase(msg_mpz, 16) + 2];
char *msg = mpz_get_str(arr_m, 16, msg_mpz);
......@@ -1218,27 +1192,20 @@ void ecdsa_sign_aes(int *err_status, char *err_string, uint8_t *encrypted_key, u
}
void encrypt_key_aes(int *err_status, char *err_string, const char *key,
void trustedEncryptKeyAES(int *errStatus, char *err_string, const char *key,
uint8_t *encrypted_key, uint32_t *enc_len) {
//init();
LOG_DEBUG (__FUNCTION__);
*err_status = UNKNOWN_ERROR;
*errStatus = UNKNOWN_ERROR;
memset(err_string, 0, BUF_LEN);
// checkKey(err_status, err_string, key);
//
// if (*err_status != 0) {
// snprintf(err_string + strlen(err_string), BUF_LEN, "check_key failed");
// return;
// }
memset(encrypted_key, 0, BUF_LEN);
int stat = AES_encrypt(key, encrypted_key);
if (stat != 0) {
*err_status = stat;
*errStatus = stat;
snprintf(err_string, BUF_LEN, "AES encrypt failed with status %d", stat);
return;
}
......@@ -1251,8 +1218,8 @@ void encrypt_key_aes(int *err_status, char *err_string, const char *key,
stat = AES_decrypt(encrypted_key, *enc_len, decryptedKey);
if (stat != 0) {
*err_status = stat;
snprintf(err_string, BUF_LEN, ":decrypt_key failed with status %d", stat);
*errStatus = stat;
snprintf(err_string, BUF_LEN, ":trustedDecryptKey failed with status %d", stat);
return;
}
......@@ -1264,42 +1231,39 @@ void encrypt_key_aes(int *err_status, char *err_string, const char *key,
}
*err_status = -8;
*errStatus = -8;
if (strncmp(key, decryptedKey, MAX_KEY_LENGTH) != 0) {
snprintf(err_string, BUF_LEN, "Decrypted key does not match original key");
return;
}
*err_status = 0;
*errStatus = 0;
}
void decrypt_key_aes(int *err_status, char *err_string, uint8_t *encrypted_key,
void trustedDecryptKeyAES(int *errStatus, char *err_string, uint8_t *encrypted_key,
uint32_t enc_len, char *key) {
init();
uint32_t decLen;
*err_status = -9;
*errStatus = -9;
int status = AES_decrypt(encrypted_key, enc_len, key);
if (status != 0) {
*err_status = status;
*errStatus = status;
snprintf(err_string, BUF_LEN, "aes decrypt failed with status %d", status);
return;
}
//snprintf(err_string, BUF_LEN, "decr key is %s", key);
if (decLen > MAX_KEY_LENGTH) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "wrong decLen");//"decLen != MAX_KEY_LENGTH");
return;
}
*err_status = -10;
*errStatus = -10;
uint64_t keyLen = strnlen(key, MAX_KEY_LENGTH);
......@@ -1310,28 +1274,26 @@ void decrypt_key_aes(int *err_status, char *err_string, uint8_t *encrypted_key,
return;
}
*err_status = 0;
*errStatus = 0;
memcpy(err_string, AES_key, 1024);
}
void bls_sign_message_aes(int *err_status, char *err_string, uint8_t *encrypted_key,
void trustedBlsSignMessageAES(int *errStatus, char *err_string, uint8_t *encrypted_key,
uint32_t enc_len, char *_hashX,
char *_hashY, char *signature) {
LOG_DEBUG (__FUNCTION__);
char key[BUF_LEN];
memset(key, 0, BUF_LEN);
char sig[BUF_LEN];
memset(sig, 0, BUF_LEN);
//char* sig = (char*) calloc(BUF_LEN, 1);
init();
int stat = AES_decrypt(encrypted_key, enc_len, key);
if (stat != 0) {
*err_status = stat;
*errStatus = stat;
strncpy(signature, err_string, BUF_LEN);
return;
}
......@@ -1341,20 +1303,22 @@ void bls_sign_message_aes(int *err_status, char *err_string, uint8_t *encrypted_
strncpy(signature, sig, BUF_LEN);
if (strnlen(signature, BUF_LEN) < 10) {
*err_status = -1;
*errStatus = -1;
return;
}
//free(sig);
}
void
gen_dkg_secret_aes(int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t *enc_len, size_t _t) {
trustedGenDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t *enc_len, size_t _t) {
LOG_DEBUG (__FUNCTION__);
char dkg_secret[DKG_BUFER_LENGTH];// = (char*)calloc(DKG_BUFER_LENGTH, 1);
memset(dkg_secret, 0, DKG_BUFER_LENGTH);
if (gen_dkg_poly(dkg_secret, _t) != 0) {
*err_status = -1;
*errStatus = -1;
return;
}
......@@ -1364,7 +1328,7 @@ gen_dkg_secret_aes(int *err_status, char *err_string, uint8_t *encrypted_dkg_sec
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "SGX AES encrypt DKG poly failed");
*err_status = status;
*errStatus = status;
return;
}
......@@ -1377,7 +1341,7 @@ gen_dkg_secret_aes(int *err_status, char *err_string, uint8_t *encrypted_dkg_sec
status = AES_decrypt(encrypted_dkg_secret, *enc_len, decr_dkg_secret);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "aes decrypt dkg poly failed");
*err_status = status;
*errStatus = status;
return;
}
......@@ -1385,38 +1349,43 @@ gen_dkg_secret_aes(int *err_status, char *err_string, uint8_t *encrypted_dkg_sec
snprintf(err_string, BUF_LEN, "poly is %s ", dkg_secret);
snprintf(err_string + strlen(dkg_secret) + 8, BUF_LEN - strlen(dkg_secret) - 8,
"encrypted poly is not equal to decrypted poly");
*err_status = -333;
*errStatus = -333;
}
// free(dkg_secret);
}
void
decrypt_dkg_secret_aes(int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint8_t *decrypted_dkg_secret,
trustedDecryptDkgSecretAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint8_t *decrypted_dkg_secret,
uint32_t *dec_len) {
LOG_DEBUG (__FUNCTION__);
int status = AES_decrypt(encrypted_dkg_secret, dec_len, decrypted_dkg_secret);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "aes decrypt data - encrypted_dkg_secret failed with status %d", status);
*err_status = status;
*errStatus = status;
return;
}
//*dec_len = decr_len;
}
void set_encrypted_dkg_poly_aes(int *err_status, char *err_string, uint8_t *encrypted_poly, uint64_t *enc_len) {
memset(Decrypted_dkg_poly, 0, DKG_BUFER_LENGTH);
int status = AES_decrypt(encrypted_poly, *enc_len, Decrypted_dkg_poly);
void trustedSetEncryptedDkgPolyAES(int *errStatus, char *err_string, uint8_t *encrypted_poly, uint64_t *enc_len) {
LOG_DEBUG (__FUNCTION__);
memset(decryptedDkgPoly, 0, DKG_BUFER_LENGTH);
int status = AES_decrypt(encrypted_poly, *enc_len, decryptedDkgPoly);
if (status != SGX_SUCCESS) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "sgx_unseal_data - encrypted_poly failed with status %d", status);
return;
}
}
void get_encr_sshare_aes(int *err_status, char *err_string, uint8_t *encrypted_skey, uint32_t *dec_len,
void trustedGetEncryptedSecretShareAES(int *errStatus, char *err_string, uint8_t *encrypted_skey, uint32_t *dec_len,
char *result_str, char *s_shareG2, char *pub_keyB, uint8_t _t, uint8_t _n, uint8_t ind) {
char skey[ECDSA_SKEY_LEN];
......@@ -1425,131 +1394,120 @@ void get_encr_sshare_aes(int *err_status, char *err_string, uint8_t *encrypted_s
memset(pub_key_x, 0, BUF_LEN);
char pub_key_y[BUF_LEN];
memset(pub_key_y, 0, BUF_LEN);
//char *pub_key_x = (char *)calloc(1024, 1);
// char *pub_key_y = (char *)calloc(1024, 1);
uint32_t enc_len;
generate_ecdsa_key_aes(err_status, err_string, encrypted_skey, &enc_len, pub_key_x, pub_key_y);
if (*err_status != 0) {
trustedGenerateEcdsaKeyAES(errStatus, err_string, encrypted_skey, &enc_len, pub_key_x, pub_key_y);
if (*errStatus != 0) {
return;
}
// snprintf(err_string, BUF_LEN,"pub_key_x is %s", pub_key_x);
int status = AES_decrypt(encrypted_skey, enc_len, skey);
skey[ECDSA_SKEY_LEN - 1] = 0;
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "AES_decrypt failed (in get_encr_sshare_aes) with status %d", status);
*err_status = status;
snprintf(err_string, BUF_LEN, "AES_decrypt failed (in trustedGetEncryptedSecretShareAES) with status %d", status);
*errStatus = status;
return;
}
snprintf(err_string, BUF_LEN, "unsealed random skey is %s\n", skey);
*dec_len = enc_len;// + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE;
char *common_key[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
char *common_key[ECDSA_SKEY_LEN];
gen_session_key(skey, pub_keyB, common_key);
//snprintf(err_string + 81, BUF_LEN,"pub_key_B is %s length is %d", pub_keyB, strlen(pub_keyB));
//snprintf(err_string + 88, BUF_LEN - 88,"\ncommon key is %s", common_key);
char *s_share[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
//char s_share[65];
char *s_share[ECDSA_SKEY_LEN];
if (calc_secret_share(decryptedDkgPoly, s_share, _t, _n, ind) != 0) {
*errStatus = -1;
if (calc_secret_share(Decrypted_dkg_poly, s_share, _t, _n, ind) != 0) {
*err_status = -1;
// snprintf(err_string, BUF_LEN,"t does not match poly degree");
snprintf(err_string, BUF_LEN, Decrypted_dkg_poly);
snprintf(err_string, BUF_LEN, decryptedDkgPoly);
return;
}
snprintf(err_string + 88, BUF_LEN, "\nsecret share is %s", s_share);
if (calc_secret_shareG2(s_share, s_shareG2) != 0) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "invalid decr secret share");
return;
}
char *cypher[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
char *cypher[ECDSA_SKEY_LEN];
xor_encrypt(common_key, s_share, cypher);
if (cypher == NULL) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key");
return;
}
//snprintf(err_string, BUF_LEN ,"cypher is %s length is %d", cypher, strlen(cypher));
strncpy(result_str, cypher, strlen(cypher));
strncpy(result_str + strlen(cypher), pub_key_x, strlen(pub_key_x));
strncpy(result_str + strlen(pub_key_x) + strlen(pub_key_y), pub_key_y, strlen(pub_key_y));
// snprintf(err_string, BUF_LEN,"s_share is %s length is %d", result_str, strlen(result_str));
//mpz_clear(skey);
//free(skey);
//free(common_key);
//free(pub_key_x);
//free(pub_key_y);
//free(s_share);
//free(cypher);
}
void get_public_shares_aes(int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t enc_len,
void trustedGetPublicSharesAES(int *errStatus, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t enc_len,
char *public_shares,
unsigned _t, unsigned _n) {
LOG_DEBUG (__FUNCTION__);
char *decrypted_dkg_secret = (char *) calloc(DKG_MAX_SEALED_LEN, 1);
memset(decrypted_dkg_secret, 0, DKG_MAX_SEALED_LEN);
//char decrypted_dkg_secret[ DKG_MAX_SEALED_LEN];
int status = AES_decrypt(encrypted_dkg_secret, enc_len, decrypted_dkg_secret);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "aes decrypt data - encrypted_dkg_secret failed with status %d", status);
*err_status = status;
*errStatus = status;
return;
}
//strncpy(err_string, decrypted_dkg_secret, 1024);
// strncpy(err_string, "before calc_public_shares ", 1024);
if (calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "t does not match polynomial in db");
return;
}
//free(decrypted_dkg_secret);
}
void dkg_verification_aes(int *err_status, char *err_string, const char *public_shares, const char *s_share,
void trustedDkgVerifyAES(int *errStatus, char *err_string, const char *public_shares, const char *s_share,
uint8_t *encrypted_key, uint64_t enc_len, unsigned _t, int _ind, int *result) {
//uint32_t dec_len = 625;
LOG_DEBUG (__FUNCTION__);
char skey[ECDSA_SKEY_LEN];
memset(skey, 0, ECDSA_SKEY_LEN);
int status = AES_decrypt(encrypted_key, enc_len, skey);
//skey[ECDSA_SKEY_LEN - 1] = 0;
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN, "AES_decrypt failed (in dkg_verification_aes) with status %d", status);
*err_status = status;
snprintf(err_string, BUF_LEN, "AES_decrypt failed (in trustedDkgVerifyAES) with status %d", status);
*errStatus = status;
return;
}
char encr_sshare[ECDSA_SKEY_LEN];
memset(encr_sshare, 0, ECDSA_SKEY_LEN);
strncpy(encr_sshare, s_share, ECDSA_SKEY_LEN - 1);
//encr_sshare[ECDSA_SKEY_LEN - 1] = 0;
char common_key[ECDSA_SKEY_LEN];
memset(common_key, 0, ECDSA_SKEY_LEN);
session_key_recover(skey, s_share, common_key);
//common_key[ECDSA_SKEY_LEN - 1] = 0;
if (common_key == NULL || strlen(common_key) == 0) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key");
return;
}
......@@ -1558,24 +1516,15 @@ void dkg_verification_aes(int *err_status, char *err_string, const char *public_
memset(decr_sshare, 0, ECDSA_SKEY_LEN);
xor_decrypt(common_key, encr_sshare, decr_sshare);
if (decr_sshare == NULL) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key");
return;
}
//decr_sshare[ECDSA_SKEY_LEN - 1] = 0;
//snprintf(err_string, BUF_LEN,"encr_share is %s length is %d", encr_sshare, strlen(encr_sshare));
//snprintf(err_string, BUF_LEN,"s_share is %s length is %d", s_share, strlen(s_share));
// snprintf(err_string, BUF_LEN,"sshare is %s\n", decr_sshare);
// snprintf(err_string + 75, BUF_LEN - 75,"common_key is %s\n", common_key);
// snprintf(err_string + 153, BUF_LEN - 153," s_key is %s", skey);
mpz_t s;
mpz_init(s);
if (mpz_set_str(s, decr_sshare, 16) == -1) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid decr secret share");
mpz_clear(s);
return;
......@@ -1587,13 +1536,15 @@ void dkg_verification_aes(int *err_status, char *err_string, const char *public_
}
void create_bls_key_aes(int *err_status, char *err_string, const char *s_shares,
void trustedCreateBlsKeyAES(int *errStatus, char *err_string, const char *s_shares,
uint8_t *encrypted_key, uint64_t key_len, uint8_t *encr_bls_key, uint32_t *enc_bls_key_len) {
LOG_DEBUG (__FUNCTION__);
char skey[ECDSA_SKEY_LEN];
int status = AES_decrypt(encrypted_key, key_len, skey);
if (status != SGX_SUCCESS) {
*err_status = status;
*errStatus = status;
snprintf(err_string, BUF_LEN, "aes decrypt failed with status %d", status);
return;
}
......@@ -1606,8 +1557,6 @@ void create_bls_key_aes(int *err_status, char *err_string, const char *s_shares,
mpz_set_ui(sum, 0);
//snprintf(err_string, BUF_LEN,"comon0 is %s len is %d\n", common_key, strlen(common_key));
for (int i = 0; i < num_shares; i++) {
char encr_sshare[65];
......@@ -1623,34 +1572,27 @@ void create_bls_key_aes(int *err_status, char *err_string, const char *s_shares,
common_key[64] = 0;
if (common_key == NULL) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key");
mpz_clear(sum);
return;
}
//snprintf(err_string + 85*(i+1) , BUF_LEN,"common is %s len is %d\n", common_key, strlen(common_key));
//snprintf(err_string + 201*i , BUF_LEN,"secret is %s",s_share);
char decr_sshare[65];
xor_decrypt(common_key, encr_sshare, decr_sshare);
if (decr_sshare == NULL) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "invalid common_key");
mpz_clear(sum);
return;
}
decr_sshare[64] = 0;
//snprintf(err_string + 158 * i, BUF_LEN,"decr sshare is %s", decr_sshare);
//snprintf(err_string + 158 * i + 79, BUF_LEN," common_key is %s", common_key);
mpz_t decr_secret_share;
mpz_init(decr_secret_share);
if (mpz_set_str(decr_secret_share, decr_sshare, 16) == -1) {
*err_status = 111;
*errStatus = 111;
//snprintf(err_string, BUF_LEN ,"invalid decrypted secret share");
snprintf(err_string, BUF_LEN, decr_sshare);
mpz_clear(decr_secret_share);
......@@ -1679,7 +1621,7 @@ void create_bls_key_aes(int *err_status, char *err_string, const char *s_shares,
status = AES_encrypt(key_share, encr_bls_key);
if (status != SGX_SUCCESS) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "aes encrypt bls private key failed with status %d ", status);
mpz_clear(bls_key);
mpz_clear(sum);
......@@ -1694,7 +1636,9 @@ void create_bls_key_aes(int *err_status, char *err_string, const char *s_shares,
}
void
get_bls_pub_key_aes(int *err_status, char *err_string, uint8_t *encrypted_key, uint64_t key_len, char *bls_pub_key) {
trustedGetBlsPubKeyAES(int *errStatus, char *err_string, uint8_t *encrypted_key, uint64_t key_len, char *bls_pub_key) {
LOG_DEBUG (__FUNCTION__);
char skey_hex[ECDSA_SKEY_LEN];
......@@ -1702,7 +1646,7 @@ get_bls_pub_key_aes(int *err_status, char *err_string, uint8_t *encrypted_key, u
int status = AES_decrypt(encrypted_key, key_len, skey_hex);
if (status != SGX_SUCCESS) {
*err_status = 1;
*errStatus = 1;
snprintf(err_string, BUF_LEN, "aes_decrypt failed with status %d", status);
return;
}
......@@ -1710,7 +1654,7 @@ get_bls_pub_key_aes(int *err_status, char *err_string, uint8_t *encrypted_key, u
skey_hex[ECDSA_SKEY_LEN - 1] = 0;
if (calc_bls_public_key(skey_hex, bls_pub_key) != 0) {
*err_status = -1;
*errStatus = -1;
snprintf(err_string, BUF_LEN, "could not calculate bls public key");
return;
}
......
secure_enclave/secure_enclave.edl
View file @ 1deead1b
......@@ -3,121 +3,121 @@
#define ECDSA_SKEY_BASE 16
#define ECDSA_ENCR_LEN 93
#define ECDSA_BIN_LEN 33
#define SMALL_BUF_SIZE 1024
enclave {
trusted {
include "sgx_tgmp.h"
public void tgmp_init();
public void trustedEnclaveInit(uint32_t _logLevel);
public void e_mpz_add(
public void trustedEMpzAdd(
[user_check] mpz_t *c, [user_check] mpz_t *a, [user_check] mpz_t *b
);
public void e_mpz_mul(
public void trustedEMpzMul(
[user_check] mpz_t *c, [user_check] mpz_t *a, [user_check] mpz_t *b
);
public void e_mpz_div(
public void trustedEMpzDiv(
[user_check] mpz_t *c, [user_check] mpz_t *a, [user_check] mpz_t *b
);
public void e_mpf_div(
public void trustedEMpfDiv(
[user_check] mpf_t *c, [user_check] mpf_t *a, [user_check] mpf_t *b
);
public void generate_ecdsa_key (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[out, count = 1024] uint8_t* encrypted_key,
public void trustedGenerateEcdsaKey (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len,
[out, count = 1024] char * pub_key_x,
[out, count = 1024] char * pub_key_y);
[out, count = SMALL_BUF_SIZE] char * pub_key_x,
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void get_public_ecdsa_key (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
public void trustedGetPublicEcdsaKey (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t dec_len,
[out, count = 1024] char * pub_key_x,
[out, count = 1024] char * pub_key_y);
public void encrypt_key (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] char* key,
[out, count = 1024] uint8_t* encrypted_key,
[out, count = SMALL_BUF_SIZE] char * pub_key_x,
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void trustedEncryptKey (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] char* key,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len);
public void decrypt_key (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
public void trustedDecryptKey (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[out, count = 1024] char* key );
[out, count = SMALL_BUF_SIZE] char* key );
public void bls_sign_message (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
public void trustedBlsSignMessage (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[in, count = 1024] char* hashX ,
[in, count = 1024] char* hashY ,
[out, count = 1024] char* signature);
[in, count = SMALL_BUF_SIZE] char* hashX ,
[in, count = SMALL_BUF_SIZE] char* hashY ,
[out, count = SMALL_BUF_SIZE] char* signature);
public void gen_dkg_secret (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedGenDkgSecret (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = 3050] uint8_t* encrypted_dkg_secret,
[user_check] uint32_t * enc_len,
size_t _t);
public void decrypt_dkg_secret (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedDecryptDkgSecret (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[out, count = 2490] uint8_t* decrypted_dkg_secret,
[user_check] uint32_t* dec_len);
public void get_secret_shares (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedGetSecretShares (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[user_check] uint32_t* dec_len,
[out, count = 2490] char* secret_shares,
unsigned _t,
unsigned _n);
public void get_public_shares (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedGetPublicShares (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
uint32_t enc_len,
[out, count = 10000] char* public_shares,
unsigned _t,
unsigned _n);
public void ecdsa_sign1(
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
public void trustedEcdsaSign(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[in, count = 1024] unsigned char* hash,
[out, count = 1024] char* sig_r,
[out, count = 1024] char* sig_s,
[in, count = SMALL_BUF_SIZE] unsigned char* hash,
[out, count = SMALL_BUF_SIZE] char* sig_r,
[out, count = SMALL_BUF_SIZE] char* sig_s,
[user_check] uint8_t* sig_v,
int base);
public void set_encrypted_dkg_poly( [user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedSetEncryptedDkgPoly( [user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_poly);
public void get_encr_sshare(
[user_check]int *err_status,
[out, count = 1024] char *err_string,
[out, count = 1024] uint8_t *encrypted_skey,
public void trustedGetEncryptedSecretShare(
[user_check]int *errStatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_skey,
[user_check] uint32_t* dec_len,
[out, count = 193] char* result_str,
[out, count = 320] char* s_shareG2,
......@@ -126,37 +126,37 @@ enclave {
uint8_t _n,
uint8_t ind);
public void dkg_verification(
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedDkgVerify(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 8193] const char* public_shares,
[in, count = 193] const char* s_share,
[in, count = 1024] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
unsigned _t,
int _ind,
[user_check] int* result);
public void create_bls_key(
[user_check]int *err_status,
[out, count = 1024] char* err_string,
public void trustedCreateBlsKey(
[user_check]int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 6145] const char* s_shares,
[in, count = 1024] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
[out, count = 1024] uint8_t * encr_bls_key,
[out, count = SMALL_BUF_SIZE] uint8_t * encr_bls_key,
[user_check] uint32_t *enc_bls_key_len);
public void get_bls_pub_key(
[user_check]int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
public void trustedGetBlsPubKey(
[user_check]int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
[out, count = 320] char* bls_pub_key);
public void complaint_response(
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t *encrypted_DHkey,
public void trustedComplaintResponse(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t *encryptedDHKey,
[in, count = 3050] uint8_t *encrypted_dkg_secret,
[user_check] uint32_t* dec_len,
[out, count = 65] char* DH_key,
......@@ -165,92 +165,92 @@ enclave {
uint8_t _n,
uint8_t ind1);
public void generate_SEK(
[user_check] int *err_status,
[out, count = 1024] char *err_string,
[out, count = 1024] uint8_t *encrypted_SEK,
public void trustedGenerateSEK(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_SEK,
[user_check] uint32_t *enc_len,
[out, count = 65] char* hex_SEK);
public void set_SEK(
[user_check] int *err_status,
[out, count = 1024] char *err_string,
[in, count = 1024] uint8_t *encrypted_SEK,
public void trustedSetSEK(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[in, count = SMALL_BUF_SIZE] uint8_t *encrypted_SEK,
uint64_t encr_len);
public void set_SEK_backup(
[user_check] int *err_status,
[out, count = 1024] char *err_string,
[out, count = 1024] uint8_t *encrypted_SEK,
public void trustedSetSEK_backup(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_SEK,
[user_check] uint32_t *enc_len,
[in, count = 65] const char* SEK_hex);
public void generate_ecdsa_key_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedGenerateEcdsaKeyAES (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = ECDSA_ENCR_LEN] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len,
[out, count = 1024] char * pub_key_x,
[out, count = 1024] char * pub_key_y);
[out, count = SMALL_BUF_SIZE] char * pub_key_x,
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void get_public_ecdsa_key_aes(
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
public void trustedGetPublicEcdsaKeyAES(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t dec_len,
[out, count = 1024] char * pub_key_x,
[out, count = 1024] char * pub_key_y);
[out, count = SMALL_BUF_SIZE] char * pub_key_x,
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void ecdsa_sign_aes(
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
public void trustedEcdsaSignAES(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[in, count = 1024] unsigned char* hash,
[out, count = 1024] char* sig_r,
[out, count = 1024] char* sig_s,
[in, count = SMALL_BUF_SIZE] unsigned char* hash,
[out, count = SMALL_BUF_SIZE] char* sig_r,
[out, count = SMALL_BUF_SIZE] char* sig_s,
[user_check] uint8_t* sig_v,
int base);
public void encrypt_key_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] const char* key,
[out, count = 1024] uint8_t* encrypted_key,
public void trustedEncryptKeyAES (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] const char* key,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len);
public void decrypt_key_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
public void trustedDecryptKeyAES (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[out, count = 1024] char* key );
[out, count = SMALL_BUF_SIZE] char* key );
public void gen_dkg_secret_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedGenDkgSecretAES (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = 3050] uint8_t* encrypted_dkg_secret,
[user_check] uint32_t * enc_len,
size_t _t);
public void decrypt_dkg_secret_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedDecryptDkgSecretAES (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[out, count = 2490] uint8_t* decrypted_dkg_secret,
[user_check] uint32_t* dec_len);
public void set_encrypted_dkg_poly_aes(
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedSetEncryptedDkgPolyAES(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_poly,
[user_check] uint64_t* enc_len);
public void get_encr_sshare_aes(
[user_check]int *err_status,
[out, count = 1024] char *err_string,
[out, count = 1024] uint8_t *encrypted_skey,
public void trustedGetEncryptedSecretShareAES(
[user_check]int *errStatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_skey,
[user_check] uint32_t* dec_len,
[out, count = 193] char* result_str,
[out, count = 320] char* s_shareG2,
......@@ -259,49 +259,49 @@ enclave {
uint8_t _n,
uint8_t ind);
public void get_public_shares_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedGetPublicSharesAES(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
uint32_t enc_len,
[out, count = 10000] char* public_shares,
unsigned _t,
unsigned _n);
public void dkg_verification_aes(
[user_check] int *err_status,
[out, count = 1024] char* err_string,
public void trustedDkgVerifyAES(
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 8193] const char* public_shares,
[in, count = 193] const char* s_share,
[in, count = 1024] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
unsigned _t,
int _ind,
[user_check] int* result);
public void create_bls_key_aes(
[user_check]int *err_status,
[out, count = 1024] char* err_string,
public void trustedCreateBlsKeyAES(
[user_check]int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 6145] const char* s_shares,
[in, count = 1024] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
[out, count = 1024] uint8_t * encr_bls_key,
[out, count = SMALL_BUF_SIZE] uint8_t * encr_bls_key,
[user_check] uint32_t *enc_bls_key_len);
public void bls_sign_message_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
public void trustedBlsSignMessageAES (
[user_check] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[in, count = 1024] char* hashX ,
[in, count = 1024] char* hashY ,
[out, count = 1024] char* signature);
public void get_bls_pub_key_aes(
[user_check]int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] char* hashX ,
[in, count = SMALL_BUF_SIZE] char* hashY ,
[out, count = SMALL_BUF_SIZE] char* signature);
public void trustedGetBlsPubKeyAES(
[user_check]int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
[out, count = 320] char* bls_pub_key);
......
secure_enclave/secure_enclave.i
View file @ 1deead1b
......@@ -5464,19 +5464,19 @@ enum
# 10 "secure_enclave_t.h" 2
# 19 "secure_enclave_t.h"
void tgmp_init(void);
void e_mpz_add(mpz_t* c, mpz_t* a, mpz_t* b);
void e_mpz_mul(mpz_t* c, mpz_t* a, mpz_t* b);
void e_mpz_div(mpz_t* c, mpz_t* a, mpz_t* b);
void e_mpf_div(mpf_t* c, mpf_t* a, mpf_t* b);
void generate_ecdsa_key(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t* enc_len, char* pub_key_x, char* pub_key_y);
void encrypt_key(int* err_status, char* err_string, char* key, uint8_t* encrypted_key, uint32_t* enc_len);
void decrypt_key(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* key);
void bls_sign_message(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* hashX, char* hashY, char* signature);
void gen_dkg_secret(int* err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t* enc_len, size_t _t);
void decrypt_dkg_secret(int* err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len);
void get_secret_shares(int* err_status, char* err_string, uint8_t* decrypted_dkg_secret, uint32_t enc_len, char* secret_shares, unsigned int _t, unsigned int _n);
void get_public_shares(int* err_status, char* err_string, uint8_t* decrypted_dkg_secret, uint32_t enc_len, char* public_shares, unsigned int _t, unsigned int _n);
void ecdsa_sign1(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t dec_len, unsigned char* hash, char* signature, int test_len);
void trustedEMpzAdd(mpz_t* c, mpz_t* a, mpz_t* b);
void trustedEMpzMul(mpz_t* c, mpz_t* a, mpz_t* b);
void trustedEMpzDiv(mpz_t* c, mpz_t* a, mpz_t* b);
void trustedEMpfDiv(mpf_t* c, mpf_t* a, mpf_t* b);
void trustedGenerateEcdsaKey(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t* enc_len, char* pub_key_x, char* pub_key_y);
void trustedEncryptKey(int* err_status, char* err_string, char* key, uint8_t* encrypted_key, uint32_t* enc_len);
void trustedDecryptKey(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* key);
void trustedBlsSignMessage(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* hashX, char* hashY, char* signature);
void trustedGenDkgSecret(int* err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t* enc_len, size_t _t);
void trustedDecryptDkgSecret(int* err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len);
void trustedGetSecretShares(int* err_status, char* err_string, uint8_t* decrypted_dkg_secret, uint32_t enc_len, char* secret_shares, unsigned int _t, unsigned int _n);
void trustedGetPublicShares(int* err_status, char* err_string, uint8_t* decrypted_dkg_secret, uint32_t enc_len, char* public_shares, unsigned int _t, unsigned int _n);
void trustedEcdsaSign(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t dec_len, unsigned char* hash, char* signature, int test_len);
sgx_status_t oc_realloc(uint64_t* retval, void* optr, size_t osz, size_t nsz);
sgx_status_t oc_free(void* optr, size_t sz);
......@@ -6682,16 +6682,16 @@ void *reallocate_function(void *ptr, size_t osize, size_t nsize) {
return (void *) nptr;
}
void e_mpz_add(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void trustedEMpzAdd(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void e_mpz_mul(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void trustedEMpzMul(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void e_mpz_div(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void trustedEMpzDiv(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void e_mpf_div(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {}
void trustedEMpfDiv(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {}
void generate_ecdsa_key(int *err_status, char *err_string,
void trustedGenerateEcdsaKey(int *err_status, char *err_string,
uint8_t *encrypted_key, uint32_t *enc_len, char * pub_key_x, char * pub_key_y) {
domain_parameters curve = domain_parameters_init();
......@@ -6741,7 +6741,7 @@ void generate_ecdsa_key(int *err_status, char *err_string,
}
void encrypt_key(int *err_status, char *err_string, char *key,
void trustedEncryptKey(int *err_status, char *err_string, char *key,
uint8_t *encrypted_key, uint32_t *enc_len) {
init();
......@@ -6782,10 +6782,10 @@ void encrypt_key(int *err_status, char *err_string, char *key,
char decryptedKey[1024];
memset(decryptedKey, 0, 1024);
decrypt_key(err_status, err_string, encrypted_key, sealedLen, decryptedKey);
trustedDecryptKey(err_status, err_string, encrypted_key, sealedLen, decryptedKey);
if (*err_status != 0) {
snprintf(err_string + strlen(err_string), 1024, ":decrypt_key failed");
snprintf(err_string + strlen(err_string), 1024, ":trustedDecryptKey failed");
return;
}
......@@ -6807,7 +6807,7 @@ void encrypt_key(int *err_status, char *err_string, char *key,
*err_status = 0;
}
void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
void trustedDecryptKey(int *err_status, char *err_string, uint8_t *encrypted_key,
uint32_t enc_len, char *key) {
init();
......@@ -6857,7 +6857,7 @@ void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
}
void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
void trustedBlsSignMessage(int *err_status, char *err_string, uint8_t *encrypted_key,
uint32_t enc_len, char *_hashX,
char *_hashY, char *signature) {
......@@ -6869,7 +6869,7 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
init();
decrypt_key(err_status, err_string, encrypted_key, enc_len, key);
trustedDecryptKey(err_status, err_string, encrypted_key, enc_len, key);
if (*err_status != 0) {
return;
......@@ -6887,7 +6887,7 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
}
void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t* enc_len, size_t _t){
void trustedGenDkgSecret (int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t* enc_len, size_t _t){
char* dkg_secret = (char*)malloc(1250);
......@@ -6905,7 +6905,7 @@ void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_s
free(dkg_secret);
}
void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len){
void trustedDecryptDkgSecret (int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len){
......@@ -6918,17 +6918,17 @@ void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_d
}
}
void get_secret_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* secret_shares,
void trustedGetSecretShares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* secret_shares,
unsigned _t, unsigned _n){
char* decrypted_dkg_secret = (char*)malloc(2000);
decrypt_dkg_secret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len);
trustedDecryptDkgSecret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len);
calc_secret_shares(decrypted_dkg_secret, secret_shares, _t, _n);
}
void get_public_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* public_shares,
void trustedGetPublicShares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* public_shares,
unsigned _t, unsigned _n){
char* decrypted_dkg_secret = (char*)malloc(2000);
decrypt_dkg_secret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len);
trustedDecryptDkgSecret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len);
calc_public_shares(decrypted_dkg_secret, public_shares, _t);
}
......@@ -6940,7 +6940,7 @@ struct signature_s
mpz_t s;
};
void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key,
void trustedEcdsaSign(int *err_status, char *err_string, uint8_t *encrypted_key,
uint32_t dec_len, unsigned char* hash, char * signature, int test_len) {
domain_parameters curve = domain_parameters_init();
......
sgxwallet.c
View file @ 1deead1b
......@@ -33,15 +33,14 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdbool.h>
#include "sgxwallet.h"
#include "BLSCrypto.h"
#include "ServerInit.h"
#include "SEKManager.h"
#include <stdbool.h>
#include "SGXWalletServer.h"
#include "sgxwallet.h"
void usage() {
......@@ -59,16 +58,21 @@ void printUsage() {
fprintf(stderr, "-c do not verify client certificate\n");
fprintf(stderr, "-s sign client certificate without human confirmation \n");
fprintf(stderr, "-d turn on debug output\n");
fprintf(stderr, "-v verbose mode: turn on debug output\n");
fprintf(stderr, "-vv detailed verbose mode: turn on debug and trace outputs\n");
fprintf(stderr, "-0 launch SGXWalletServer using http (not https)\n");
fprintf(stderr, "-b Restore from back up (you will need to enter backup key) \n");
fprintf(stderr, "-y Do not ask user to acknoledge receipt of backup key \n");
}
enum log_level {L_TRACE = 0, L_DEBUG = 1, L_INFO = 2,L_WARNING = 3, L_ERROR = 4 };
int main(int argc, char *argv[]) {
bool encryptKeysOption = false;
bool useHTTPSOption = true;
bool printDebugInfoOption = false;
bool printTraceInfoOption = false;
bool autoconfirmOption = false;
bool checkClientCertOption = true;
bool autoSignClientCertOption = false;
......@@ -83,17 +87,11 @@ int main(int argc, char *argv[]) {
while ((opt = getopt(argc, argv, "cshd0aby")) != -1) {
while ((opt = getopt(argc, argv, "cshd0abyvV")) != -1) {
switch (opt) {
case 'h':
if (strlen(argv[1]) == 2) {
printUsage();
exit(0);
} else {
fprintf(stderr, "unknown flag %s\n", argv[1]);
printUsage();
exit(1);
}
printUsage();
exit(0);
case 'c':
checkClientCertOption = false;
break;
......@@ -103,6 +101,13 @@ int main(int argc, char *argv[]) {
case 'd':
printDebugInfoOption = true;
break;
case 'v':
printDebugInfoOption = true;
break;
case 'V':
printDebugInfoOption = true;
printTraceInfoOption = true;
break;
case '0':
useHTTPSOption = false;
break;
......@@ -115,17 +120,26 @@ int main(int argc, char *argv[]) {
case 'y':
autoconfirmOption = true;
break;
case '?':
default:
printUsage();
exit(1);
default:
break;
}
}
setFullOptions(printDebugInfoOption, useHTTPSOption, autoconfirmOption, encryptKeysOption);
setFullOptions(printDebugInfoOption, printTraceInfoOption, useHTTPSOption, autoconfirmOption, encryptKeysOption);
uint32_t enclaveLogLevel = L_INFO;
if (printTraceInfoOption) {
enclaveLogLevel = L_TRACE;
} else if (printDebugInfoOption) {
enclaveLogLevel = L_DEBUG;
}
initAll(checkClientCertOption, autoSignClientCertOption);
initAll(enclaveLogLevel, checkClientCertOption, autoSignClientCertOption);
while (true) {
sleep(10);
......
sgxwallet_common.h
View file @ 1deead1b
......@@ -35,7 +35,7 @@
extern int printDebugInfo;
extern int useHTTPS;
extern int encryptKeys;
extern int autoconfirm;
......
testw.cpp
View file @ 1deead1b
......@@ -52,7 +52,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "BLSCrypto.h"
#include "ServerInit.h"
#include "DKGCrypto.h"
#include "RPCException.h"
#include "SGXException.h"
#include "LevelDB.h"
#include "SGXWalletServer.hpp"
......@@ -134,8 +134,8 @@ void destroyEnclave() {
TEST_CASE("BLS key encrypt", "[bls-key-encrypt]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
auto key = encryptTestKey();
REQUIRE(key != nullptr);
}
......@@ -143,8 +143,8 @@ TEST_CASE("BLS key encrypt", "[bls-key-encrypt]") {
/* Do later
TEST_CASE("BLS key encrypt/decrypt", "[bls-key-encrypt-decrypt]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
//init_enclave();
......@@ -175,31 +175,31 @@ TEST_CASE("BLS key encrypt/decrypt", "[bls-key-encrypt-decrypt]") {
TEST_CASE("DKG gen test", "[dkg-gen]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
vector<char> errMsg(BUF_LEN, 0);
int err_status = 0;
int errStatus = 0;
uint32_t enc_len = 0;
status = gen_dkg_secret(eid, &err_status, errMsg.data(), encryptedDKGSecret.data(), &enc_len, 32);
status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &enc_len, 32);
REQUIRE(status == SGX_SUCCESS);
// printf("gen_dkg_secret completed with status: %d %s \n", err_status, errMsg.data());
// printf("trustedGenDkgSecret completed with status: %d %s \n", errStatus, errMsg.data());
// printf("\n Length: %d \n", enc_len);
vector<char> secret(BUF_LEN, 0);
vector<char> errMsg1(BUF_LEN, 0);
uint32_t dec_len;
status = decrypt_dkg_secret(eid, &err_status, errMsg1.data(), encryptedDKGSecret.data(),
status = trustedDecryptDkgSecret(eid, &errStatus, errMsg1.data(), encryptedDKGSecret.data(),
(uint8_t *) secret.data(), &dec_len);
REQUIRE(status == SGX_SUCCESS);
// printf("\ndecrypt_dkg_secret completed with status: %d %s \n", err_status, errMsg1.data());
// printf("\ntrustedDecryptDkgSecret completed with status: %d %s \n", errStatus, errMsg1.data());
// printf("decrypted secret %s \n\n", secret.data());
// printf("secret length %d \n", (int) strlen(secret.data()));
// printf("decr length %d \n", dec_len);
......@@ -207,8 +207,8 @@ TEST_CASE("DKG gen test", "[dkg-gen]") {
sgx_destroy_enclave(eid);
}
vector<libff::alt_bn128_Fr> SplitStringToFr(const char *koefs, const char symbol) {
string str(koefs);
vector<libff::alt_bn128_Fr> SplitStringToFr(const char *coeffs, const char symbol) {
string str(coeffs);
string delim;
delim.push_back(symbol);
vector<libff::alt_bn128_Fr> tokens;
......@@ -218,8 +218,8 @@ vector<libff::alt_bn128_Fr> SplitStringToFr(const char *koefs, const char symbol
if (pos == string::npos) pos = str.length();
string token = str.substr(prev, pos - prev);
if (!token.empty()) {
libff::alt_bn128_Fr koef(token.c_str());
tokens.push_back(koef);
libff::alt_bn128_Fr coeff(token.c_str());
tokens.push_back(coeff);
}
prev = pos + delim.length();
} while (pos < str.length() && prev < str.length());
......@@ -227,9 +227,9 @@ vector<libff::alt_bn128_Fr> SplitStringToFr(const char *koefs, const char symbol
return tokens;
}
vector<string> SplitStringTest(const char *koefs, const char symbol) {
vector<string> SplitStringTest(const char *coeffs, const char symbol) {
libff::init_alt_bn128_params();
string str(koefs);
string str(coeffs);
string delim;
delim.push_back(symbol);
vector<string> G2_strings;
......@@ -239,8 +239,8 @@ vector<string> SplitStringTest(const char *koefs, const char symbol) {
if (pos == string::npos) pos = str.length();
string token = str.substr(prev, pos - prev);
if (!token.empty()) {
string koef(token.c_str());
G2_strings.push_back(koef);
string coeff(token.c_str());
G2_strings.push_back(coeff);
}
prev = pos + delim.length();
} while (pos < str.length() && prev < str.length());
......@@ -250,21 +250,21 @@ vector<string> SplitStringTest(const char *koefs, const char symbol) {
libff::alt_bn128_G2 VectStringToG2(const vector<string> &G2_str_vect) {
libff::init_alt_bn128_params();
libff::alt_bn128_G2 koef = libff::alt_bn128_G2::zero();
koef.X.c0 = libff::alt_bn128_Fq(G2_str_vect.at(0).c_str());
koef.X.c1 = libff::alt_bn128_Fq(G2_str_vect.at(1).c_str());
koef.Y.c0 = libff::alt_bn128_Fq(G2_str_vect.at(2).c_str());
koef.Y.c1 = libff::alt_bn128_Fq(G2_str_vect.at(3).c_str());
koef.Z.c0 = libff::alt_bn128_Fq::one();
koef.Z.c1 = libff::alt_bn128_Fq::zero();
return koef;
libff::alt_bn128_G2 coeff = libff::alt_bn128_G2::zero();
coeff.X.c0 = libff::alt_bn128_Fq(G2_str_vect.at(0).c_str());
coeff.X.c1 = libff::alt_bn128_Fq(G2_str_vect.at(1).c_str());
coeff.Y.c0 = libff::alt_bn128_Fq(G2_str_vect.at(2).c_str());
coeff.Y.c1 = libff::alt_bn128_Fq(G2_str_vect.at(3).c_str());
coeff.Z.c0 = libff::alt_bn128_Fq::one();
coeff.Z.c1 = libff::alt_bn128_Fq::zero();
return coeff;
}
TEST_CASE("DKG public shares test", "[dkg-pub-shares]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
libff::init_alt_bn128_params();
......@@ -272,14 +272,14 @@ TEST_CASE("DKG public shares test", "[dkg-pub-shares]") {
vector<uint8_t> encrypted_dkg_secret(BUF_LEN, 0);
vector<char> errMsg(BUF_LEN, 0);
int err_status = 0;
int errStatus = 0;
uint32_t enc_len = 0;
unsigned t = 32, n = 32;
status = gen_dkg_secret(eid, &err_status, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, n);
status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, n);
REQUIRE(status == SGX_SUCCESS);
//printf("gen_dkg_public completed with status: %d %s \n", err_status, errMsg);
//printf("gen_dkg_public completed with status: %d %s \n", errStatus, errMsg);
vector<char> errMsg1(BUF_LEN, 0);
......@@ -287,29 +287,29 @@ TEST_CASE("DKG public shares test", "[dkg-pub-shares]") {
char colon = ':';
vector<char> public_shares(10000, 0);
status = get_public_shares(eid, &err_status, errMsg1.data(),
status = trustedGetPublicShares(eid, &errStatus, errMsg1.data(),
encrypted_dkg_secret.data(), enc_len, public_shares.data(), t, n);
REQUIRE(status == SGX_SUCCESS);
// printf("\nget_public_shares status: %d error %s \n\n", err_status, errMsg1.data());
// printf("\ntrustedGetPublicShares status: %d error %s \n\n", errStatus, errMsg1.data());
// printf(" LEN: %d \n", (int) strlen(public_shares.data()));
// printf(" result: %s \n", public_shares.data());
vector<string> G2_strings = splitString(public_shares.data(), ',');
vector<libff::alt_bn128_G2> pub_shares_G2;
for (u_int64_t i = 0; i < G2_strings.size(); i++) {
vector<string> koef_str = splitString(G2_strings.at(i).c_str(), ':');
//libff::alt_bn128_G2 el = VectStringToG2(koef_str);
vector<string> coeff_str = splitString(G2_strings.at(i).c_str(), ':');
//libff::alt_bn128_G2 el = VectStringToG2(coeff_str);
//cerr << "pub_share G2 " << i+1 << " : " << endl;
//el.print_coordinates();
pub_shares_G2.push_back(VectStringToG2(koef_str));
pub_shares_G2.push_back(VectStringToG2(coeff_str));
}
vector<char> secret(BUF_LEN, 0);
status = decrypt_dkg_secret(eid, &err_status, errMsg1.data(), encrypted_dkg_secret.data(),
status = trustedDecryptDkgSecret(eid, &errStatus, errMsg1.data(), encrypted_dkg_secret.data(),
(uint8_t *) secret.data(), &enc_len);
REQUIRE(status == SGX_SUCCESS);
//printf("\ndecrypt_dkg_secret completed with status: %d %s \n", err_status, errMsg1.data());
//printf("\ntrustedDecryptDkgSecret completed with status: %d %s \n", errStatus, errMsg1.data());
signatures::Dkg dkg_obj(t, n);
......@@ -338,22 +338,22 @@ TEST_CASE("DKG public shares test", "[dkg-pub-shares]") {
TEST_CASE("DKG encrypted secret shares test", "[dkg-encr-sshares]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
vector<char> errMsg(BUF_LEN, 0);
vector<char> result(BUF_LEN, 0);
int err_status = 0;
int errStatus = 0;
uint32_t enc_len = 0;
vector<uint8_t> encrypted_dkg_secret(BUF_LEN, 0);
status = gen_dkg_secret(eid, &err_status, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, 2);
status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, 2);
REQUIRE(status == SGX_SUCCESS);
// cerr << " poly generated" << endl;
status = set_encrypted_dkg_poly(eid, &err_status, errMsg.data(), encrypted_dkg_secret.data());
status = trustedSetEncryptedDkgPoly(eid, &errStatus, errMsg.data(), encrypted_dkg_secret.data());
REQUIRE(status == SGX_SUCCESS);
// cerr << " poly set" << endl;
......@@ -362,7 +362,7 @@ TEST_CASE("DKG encrypted secret shares test", "[dkg-encr-sshares]") {
string pub_keyB = "c0152c48bf640449236036075d65898fded1e242c00acb45519ad5f788ea7cbf9a5df1559e7fc87932eee5478b1b9023de19df654395574a690843988c3ff475";
vector<char> s_shareG2(BUF_LEN, 0);
status = get_encr_sshare(eid, &err_status, errMsg.data(), encrPRDHKey.data(), &enc_len, result.data(),
status = trustedGetEncryptedSecretShare(eid, &errStatus, errMsg.data(), encrPRDHKey.data(), &enc_len, result.data(),
s_shareG2.data(),
(char *) pub_keyB.data(), 2, 2, 1);
......@@ -375,23 +375,23 @@ TEST_CASE("DKG encrypted secret shares test", "[dkg-encr-sshares]") {
TEST_CASE("DKG verification test", "[dkg-verify]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
vector<char> errMsg(BUF_LEN, 0);
vector<char> result(BUF_LEN, 0);
int err_status = 0;
int errStatus = 0;
uint32_t enc_len = 0;
vector<uint8_t> encrypted_dkg_secret(BUF_LEN, 0);
status = gen_dkg_secret(eid, &err_status, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, 2);
status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, 2);
REQUIRE(status == SGX_SUCCESS);
// cerr << " poly generated" << endl;
status = set_encrypted_dkg_poly(eid, &err_status, errMsg.data(), encrypted_dkg_secret.data());
status = trustedSetEncryptedDkgPoly(eid, &errStatus, errMsg.data(), encrypted_dkg_secret.data());
REQUIRE(status == SGX_SUCCESS);
// cerr << " poly set" << endl;
......@@ -401,11 +401,11 @@ TEST_CASE("DKG verification test", "[dkg-verify]") {
vector<char> s_shareG2(BUF_LEN, 0);
status = get_encr_sshare(eid, &err_status, errMsg.data(), encrPrDHKey.data(), &enc_len, result.data(),
status = trustedGetEncryptedSecretShare(eid, &errStatus, errMsg.data(), encrPrDHKey.data(), &enc_len, result.data(),
s_shareG2.data(),
(char *) pub_keyB.data(), 2, 2, 1);
REQUIRE(status == SGX_SUCCESS);
// printf(" get_encr_sshare completed with status: %d %s \n", err_status, errMsg.data());
// printf(" trustedGetEncryptedSecretShare completed with status: %d %s \n", errStatus, errMsg.data());
// cerr << "secret share is " << result.data() << endl;
......@@ -416,12 +416,12 @@ TEST_CASE("DKG verification test", "[dkg-verify]") {
TEST_CASE("ECDSA keygen and signature test", "[ecdsa]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
vector<char> errMsg(BUF_LEN, 0);
int err_status = 0;
int errStatus = 0;
vector<uint8_t> encr_pr_key(BUF_LEN, 0);
vector<char> pub_key_x(BUF_LEN, 0);
vector<char> pub_key_y(BUF_LEN, 0);
......@@ -430,7 +430,7 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa]") {
//printf("before %p\n", pub_key_x);
status = generate_ecdsa_key(eid, &err_status, errMsg.data(), encr_pr_key.data(), &enc_len, pub_key_x.data(),
status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encr_pr_key.data(), &enc_len, pub_key_x.data(),
pub_key_y.data());
// printf("\nerrMsg %s\n", errMsg.data());
REQUIRE(status == SGX_SUCCESS);
......@@ -444,7 +444,7 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa]") {
vector<char> signature_s(BUF_LEN, 0);
uint8_t signature_v = 0;
status = ecdsa_sign1(eid, &err_status, errMsg.data(), encr_pr_key.data(), enc_len, (unsigned char *) hex.data(),
status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encr_pr_key.data(), enc_len, (unsigned char *) hex.data(),
signature_r.data(),
signature_s.data(), &signature_v, 16);
REQUIRE(status == SGX_SUCCESS);
......@@ -460,17 +460,17 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa]") {
TEST_CASE("Test test", "[test]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
vector<char> errMsg(BUF_LEN, 0);
int err_status = 0;
int errStatus = 0;
vector<uint8_t> encr_pr_key(BUF_LEN, 0);
vector<char> pub_key_x(BUF_LEN, 0);
vector<char> pub_key_y(BUF_LEN, 0);
uint32_t enc_len = 0;
status = generate_ecdsa_key(eid, &err_status, errMsg.data(), encr_pr_key.data(), &enc_len, pub_key_x.data(),
status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encr_pr_key.data(), &enc_len, pub_key_x.data(),
pub_key_y.data());
REQUIRE(status == SGX_SUCCESS);
......@@ -482,8 +482,8 @@ TEST_CASE("Test test", "[test]") {
TEST_CASE("get public ECDSA key", "[get-pub-ecdsa-key]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
int errStatus = 0;
vector<char> errMsg(BUF_LEN, 0);
......@@ -493,7 +493,7 @@ TEST_CASE("get public ECDSA key", "[get-pub-ecdsa-key]") {
uint32_t encLen = 0;
status = generate_ecdsa_key(eid, &errStatus, errMsg.data(), encPrivKey.data(), &encLen, pubKeyX.data(),
status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encPrivKey.data(), &encLen, pubKeyX.data(),
pubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
......@@ -501,7 +501,7 @@ TEST_CASE("get public ECDSA key", "[get-pub-ecdsa-key]") {
vector<char> receivedPubKeyX(BUF_LEN, 0);
vector<char> receivedPubKeyY(BUF_LEN, 0);
status = get_public_ecdsa_key(eid, &errStatus, errMsg.data(), encPrivKey.data(), encLen, receivedPubKeyX.data(),
status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encPrivKey.data(), encLen, receivedPubKeyX.data(),
receivedPubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
//printf("\nnow pub_key_x %s: \n", got_pub_key_x.data());
......@@ -550,8 +550,8 @@ string ConvertDecToHex(string dec, int numBytes = 32) {
TEST_CASE("BLS_DKG test", "[bls-dkg]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2);
......@@ -636,7 +636,7 @@ TEST_CASE("BLS_DKG test", "[bls-dkg]") {
auto hash_arr = make_shared<array<uint8_t, 32>>();
uint64_t binLen;
if (!hex2carray(hash.c_str(), &binLen, hash_arr->data())) {
throw RPCException(INVALID_HEX, "Invalid hash");
throw SGXException(INVALID_HEX, "Invalid hash");
}
......@@ -678,8 +678,8 @@ TEST_CASE("BLS_DKG test", "[bls-dkg]") {
}
TEST_CASE("API test", "[api]") {
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
//HttpServer httpserver(1025);
//SGXWalletServer s(httpserver,
......@@ -733,8 +733,8 @@ TEST_CASE("API test", "[api]") {
TEST_CASE("getServerStatus test", "[get-server-status]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2);
REQUIRE(c.getServerStatus()["status"] == 0);
......@@ -806,10 +806,10 @@ void SendRPCRequest() {
auto hash_arr = make_shared<array<uint8_t, 32>>();
uint64_t binLen;
if (!hex2carray(hash.c_str(), &binLen, hash_arr->data())) {
throw RPCException(INVALID_HEX, "Invalid hash");
throw SGXException(INVALID_HEX, "Invalid hash");
}
map<size_t, shared_ptr<BLSPublicKeyShare>> koefs_pkeys_map;
map<size_t, shared_ptr<BLSPublicKeyShare>> coeffs_pkeys_map;
for (int i = 0; i < t; i++) {
......@@ -839,9 +839,9 @@ void SendRPCRequest() {
TEST_CASE("ManySimultaneousThreads", "[many-threads-test]") {
resetDB();
setOptions(false, false, true);
setOptions(false, false, false, true);
initAll(false, true);
initAll(0, false, true);
vector<thread> threads;
int num_threads = 4;
......@@ -858,8 +858,8 @@ TEST_CASE("ManySimultaneousThreads", "[many-threads-test]") {
TEST_CASE("ecdsa API test", "[ecdsa-api]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
HttpClient client("http://localhost:1029");
......@@ -906,8 +906,8 @@ TEST_CASE("ecdsa API test", "[ecdsa-api]") {
TEST_CASE("dkg API test", "[dkg-api]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
HttpClient client("http://localhost:1029");
......@@ -979,8 +979,8 @@ TEST_CASE("dkg API test", "[dkg-api]") {
TEST_CASE("isPolyExists test", "[is-poly]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
HttpClient client("http://localhost:1029");
......@@ -1005,10 +1005,10 @@ TEST_CASE("isPolyExists test", "[is-poly]") {
TEST_CASE("AES_DKG test", "[aes-dkg]") {
resetDB();
setOptions(false, false, true);
setOptions(false, false, false, true);
initAll(false, true);
initAll(0, false, true);
HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2);
......@@ -1078,11 +1078,11 @@ TEST_CASE("AES_DKG test", "[aes-dkg]") {
auto hash_arr = make_shared<array<uint8_t, 32>>();
uint64_t binLen;
if (!hex2carray(hash.c_str(), &binLen, hash_arr->data())) {
throw RPCException(INVALID_HEX, "Invalid hash");
throw SGXException(INVALID_HEX, "Invalid hash");
}
map<size_t, shared_ptr<BLSPublicKeyShare>> koefs_pkeys_map;
map<size_t, shared_ptr<BLSPublicKeyShare>> coeffs_pkeys_map;
for (int i = 0; i < t; i++) {
string endName = poly_names[i].substr(4);
......@@ -1108,12 +1108,12 @@ TEST_CASE("AES_DKG test", "[aes-dkg]") {
BLSPublicKeyShare pubKey(make_shared<vector<string>>(pubKey_vect), t, n);
REQUIRE(pubKey.VerifySigWithHelper(hash_arr, make_shared<BLSSigShare>(sig), t, n));
koefs_pkeys_map[i + 1] = make_shared<BLSPublicKeyShare>(pubKey);
coeffs_pkeys_map[i + 1] = make_shared<BLSPublicKeyShare>(pubKey);
}
shared_ptr<BLSSignature> commonSig = sigShareSet.merge();
BLSPublicKey common_public(make_shared<map<size_t, shared_ptr<BLSPublicKeyShare>>>(koefs_pkeys_map), t, n);
BLSPublicKey common_public(make_shared<map<size_t, shared_ptr<BLSPublicKeyShare>>>(coeffs_pkeys_map), t, n);
REQUIRE(common_public.VerifySigWithHelper(hash_arr, commonSig, t, n));
sgx_destroy_enclave(eid);
......@@ -1121,8 +1121,8 @@ TEST_CASE("AES_DKG test", "[aes-dkg]") {
TEST_CASE("bls_sign_api test", "[bls-sign]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2);
......@@ -1143,8 +1143,8 @@ TEST_CASE("bls_sign_api test", "[bls-sign]") {
TEST_CASE("AES encrypt/decrypt", "[AES-encrypt-decrypt]") {
resetDB();
setOptions(false, false, true);
initAll(false, true);
setOptions(false, false, false, true);
initAll(0, false, true);
int errStatus = -1;
......@@ -1153,13 +1153,13 @@ TEST_CASE("AES encrypt/decrypt", "[AES-encrypt-decrypt]") {
string key = "123456789";
vector<uint8_t> encrypted_key(BUF_LEN, 0);
status = encrypt_key_aes(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key.data(), &enc_len);
status = trustedEncryptKeyAES(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key.data(), &enc_len);
REQUIRE(status == 0);
vector<char> decr_key(BUF_LEN, 0);
status = decrypt_key_aes(eid, &errStatus, errMsg.data(), encrypted_key.data(), enc_len, decr_key.data());
status = trustedDecryptKeyAES(eid, &errStatus, errMsg.data(), encrypted_key.data(), enc_len, decr_key.data());
REQUIRE(status == 0);
......
testw.py
View file @ 1deead1b
......@@ -29,7 +29,6 @@ username = getpass.getuser()
assert username == "root"
topDir = os.getcwd() + "/sgxwallet"
print("Starting build push")
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment