Skip to content

S
sgxwallet
Unverified Commit 2dc5a146 authored by Oleh Nikolaiev's avatar Oleh Nikolaiev
Browse files
Options

SKALE-2002 clean up and fix incorrect memset

parent 5d159a10
Hide whitespace changes
Inline Side-by-side
Showing with 19 additions and 53 deletions
SGXWalletServer.cpp
View file @ 2dc5a146
......@@ -98,7 +98,6 @@ void SGXWalletServer::printDB() {
}
int SGXWalletServer::initHttpsServer(bool _checkCerts) {
string rootCAPath = string(SGXDATA_FOLDER) + "cert_data/rootCA.pem";
string keyCAPath = string(SGXDATA_FOLDER) + "cert_data/rootCA.key";
......@@ -147,7 +146,6 @@ int SGXWalletServer::initHttpsServer(bool _checkCerts) {
int SGXWalletServer::initHttpServer() { //without ssl
httpServer = make_shared<HttpServer>(BASE_PORT + 3);
server = make_shared<SGXWalletServer>(*httpServer,
JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
......@@ -269,7 +267,6 @@ Json::Value SGXWalletServer::importECDSAKeyImpl(const string &_key, const string
Json::Value SGXWalletServer::generateECDSAKeyImpl() {
Json::Value result;
result["status"] = 0;
result["errorMessage"] = "";
......@@ -323,7 +320,6 @@ Json::Value SGXWalletServer::renameECDSAKeyImpl(const string &_keyName, const st
shared_ptr <string> encryptedKey = readFromDb(_tempKeyName);
writeDataToDB(_keyName, *encryptedKey);
LevelDB::getLevelDb()->deleteTempNEK(_tempKeyName);
......@@ -334,10 +330,8 @@ Json::Value SGXWalletServer::renameECDSAKeyImpl(const string &_keyName, const st
Json::Value SGXWalletServer::ecdsaSignMessageHashImpl(int _base, const string &_keyName, const string &_messageHash) {
INIT_RESULT(result)
result["signature_v"] = "";
result["signature_r"] = "";
result["signature_s"] = "";
......@@ -345,7 +339,6 @@ Json::Value SGXWalletServer::ecdsaSignMessageHashImpl(int _base, const string &_
vector <string> signatureVector(3);
try {
string hashTmp = _messageHash;
if (hashTmp[0] == '0' && (hashTmp[1] == 'x' || hashTmp[1] == 'X')) {
hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 2);
......@@ -383,7 +376,6 @@ Json::Value SGXWalletServer::ecdsaSignMessageHashImpl(int _base, const string &_
}
Json::Value SGXWalletServer::getPublicECDSAKeyImpl(const string &_keyName) {
INIT_RESULT(result)
result["publicKey"] = "";
......@@ -409,7 +401,6 @@ Json::Value SGXWalletServer::getPublicECDSAKeyImpl(const string &_keyName) {
}
Json::Value SGXWalletServer::generateDKGPolyImpl(const string &_polyName, int _t) {
INIT_RESULT(result)
string encrPolyHex;
......@@ -432,7 +423,6 @@ Json::Value SGXWalletServer::generateDKGPolyImpl(const string &_polyName, int _t
}
Json::Value SGXWalletServer::getVerificationVectorImpl(const string &_polyName, int _t, int _n) {
Json::Value result;
result["status"] = 0;
result["errorMessage"] = "";
......@@ -494,7 +484,6 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J
}
string s = trustedGetSecretShares(_polyName, encrPoly->c_str(), pubKeysStrs, _t, _n);
//cerr << "result is " << s << endl;
result["secretShare"] = s;
} catch (SGXException &_e) {
......@@ -509,14 +498,12 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J
Json::Value SGXWalletServer::dkgVerificationImpl(const string &_publicShares, const string &_ethKeyName,
const string &_secretShare, int _t, int _n, int _index) {
Json::Value result;
result["status"] = 0;
result["errorMessage"] = "";
result["result"] = true;
try {
if (!checkECDSAKeyName(_ethKeyName)) {
throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
}
......@@ -537,7 +524,6 @@ Json::Value SGXWalletServer::dkgVerificationImpl(const string &_publicShares, co
}
} catch (SGXException &_e) {
//cerr << " err str " << _e.errString << endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
result["result"] = false;
......@@ -549,14 +535,11 @@ Json::Value SGXWalletServer::dkgVerificationImpl(const string &_publicShares, co
Json::Value
SGXWalletServer::createBLSPrivateKeyImpl(const string &_blsKeyName, const string &_ethKeyName, const string &_polyName,
const string &_secretShare, int _t, int _n) {
Json::Value result;
result["status"] = 0;
result["errorMessage"] = "";
try {
if (_secretShare.length() != (uint64_t) _n * 192) {
spdlog::error("Invalid secret share length - {}", _secretShare.length());
spdlog::error("Secret share - {}", _secretShare);
......@@ -600,7 +583,6 @@ SGXWalletServer::createBLSPrivateKeyImpl(const string &_blsKeyName, const string
}
Json::Value SGXWalletServer::getBLSPublicKeyShareImpl(const string &_blsKeyName) {
INIT_RESULT(result)
try {
......@@ -615,14 +597,12 @@ Json::Value SGXWalletServer::getBLSPublicKeyShareImpl(const string &_blsKeyName)
for (uint8_t i = 0; i < 4; i++) {
result["blsPublicKeyShare"][i] = public_key_vect.at(i);
}
} HANDLE_SGX_EXCEPTION(result)
return result;
}
Json::Value SGXWalletServer::complaintResponseImpl(const string &_polyName, int _ind) {
INIT_RESULT(result)
try {
......@@ -644,7 +624,6 @@ Json::Value SGXWalletServer::complaintResponseImpl(const string &_polyName, int
}
Json::Value SGXWalletServer::multG2Impl(const string &_x) {
INIT_RESULT(result)
try {
......@@ -675,7 +654,6 @@ Json::Value SGXWalletServer::isPolyExistsImpl(const string &_polyName) {
}
Json::Value SGXWalletServer::getServerStatusImpl() {
INIT_RESULT(result)
return result;
......@@ -792,7 +770,6 @@ Json::Value SGXWalletServer::getServerVersion() {
}
shared_ptr <string> SGXWalletServer::readFromDb(const string &name, const string &prefix) {
auto dataStr = LevelDB::getLevelDb()->readString(prefix + name);
if (dataStr == nullptr) {
......@@ -803,7 +780,6 @@ shared_ptr <string> SGXWalletServer::readFromDb(const string &name, const string
}
shared_ptr <string> SGXWalletServer::readKeyShare(const string &_keyShareName) {
auto keyShareStr = LevelDB::getLevelDb()->readString("BLSKEYSHARE:" + _keyShareName);
if (keyShareStr == nullptr) {
......@@ -815,7 +791,6 @@ shared_ptr <string> SGXWalletServer::readKeyShare(const string &_keyShareName) {
}
void SGXWalletServer::writeKeyShare(const string &_keyShareName, const string &_value, int _index, int _n, int _t) {
Json::Value val;
Json::FastWriter writer;
......@@ -850,6 +825,5 @@ void SGXWalletServer::writeDataToDB(const string &Name, const string &value) {
}
LevelDB::getLevelDb()->writeString(key, value);
}
ServerInit.cpp
View file @ 2dc5a146
......@@ -60,13 +60,10 @@ void initUserSpace() {
LevelDB::initDataFolderAndDBs();
}
void initEnclave(uint32_t _logLevel) {
eid = 0;
updated = 0;
#ifndef SGX_HW_SIM
unsigned long support;
support = get_sgx_support();
......@@ -78,7 +75,6 @@ void initEnclave(uint32_t _logLevel) {
spdlog::debug("SGX_DEBUG_FLAG = {}", SGX_DEBUG_FLAG);
status = sgx_create_enclave_search(ENCLAVE_NAME, SGX_DEBUG_FLAG, &token,
&updated, &eid, 0);
......@@ -101,14 +97,9 @@ void initEnclave(uint32_t _logLevel) {
}
spdlog::info("Enclave libtgmp library and logging initialized successfully");
}
void initAll(uint32_t _logLevel, bool _checkCert, bool _autoSign) {
static int sgxServerInited;
cout << "Running sgxwallet version:" << SGXWalletServer::getVersion() << endl;
......
secure_enclave/secure_enclave.c
View file @ 2dc5a146
......@@ -1097,7 +1097,9 @@ void trustedEcdsaSignAES(int *errStatus, char *errString, uint8_t *encryptedPriv
if (status != 0) {
*errStatus = status;
snprintf(errString, BUF_LEN, "aes decrypt failed with status %d", status);
domain_parameters_clear(curve);
return;
}
......@@ -1109,8 +1111,10 @@ void trustedEcdsaSignAES(int *errStatus, char *errString, uint8_t *encryptedPriv
if (mpz_set_str(privateKeyMpz, skey, ECDSA_SKEY_BASE) == -1) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "invalid secret key");
mpz_clear(privateKeyMpz);
domain_parameters_clear(curve);
return;
}
......@@ -1119,9 +1123,11 @@ void trustedEcdsaSignAES(int *errStatus, char *errString, uint8_t *encryptedPriv
if (mpz_set_str(msgMpz, hash, 16) == -1) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "invalid message hash");
mpz_clear(privateKeyMpz);
mpz_clear(msgMpz);
domain_parameters_clear(curve);
return;
}
......@@ -1352,7 +1358,7 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *errString, uint8_t
LOG_DEBUG(__FUNCTION__);
char skey[ECDSA_SKEY_LEN];
memset(skey, 0, BUF_LEN);
memset(skey, 0, ECDSA_SKEY_LEN);
char pub_key_x[BUF_LEN];
memset(pub_key_x, 0, BUF_LEN);
char pub_key_y[BUF_LEN];
......
sgxwallet.c
View file @ 2dc5a146
......@@ -68,7 +68,6 @@ void printUsage() {
enum log_level {L_TRACE = 0, L_DEBUG = 1, L_INFO = 2,L_WARNING = 3, L_ERROR = 4 };
int main(int argc, char *argv[]) {
bool encryptKeysOption = false;
bool useHTTPSOption = true;
bool printDebugInfoOption = false;
......@@ -84,9 +83,6 @@ int main(int argc, char *argv[]) {
exit(1);
}
while ((opt = getopt(argc, argv, "cshd0abyvVn")) != -1) {
switch (opt) {
case 'h':
......
testw.cpp
View file @ 2dc5a146
......@@ -1011,6 +1011,7 @@ TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypt
TEST_CASE_METHOD(TestFixture, "AES == NOT AES", "[aes-not-aes]") {
std::string key = SAMPLE_AES_KEY;
std::string hex = SAMPLE_HEX_HASH;
int errStatus = 0;
vector<char> errMsg(BUF_LEN, 0);
......@@ -1019,36 +1020,34 @@ TEST_CASE_METHOD(TestFixture, "AES == NOT AES", "[aes-not-aes]") {
trustedEncryptKey(eid, &errStatus, errMsg.data(), key.c_str(), encrPrivKey.data(), &enc_len);
REQUIRE(errStatus == SGX_SUCCESS);
int errStatusAES = 0;
vector<char> errMsgAES(BUF_LEN, 0);
vector <uint8_t> encrPrivKeyAES(BUF_LEN, 0);
uint32_t enc_lenAES = 0;
trustedEncryptKeyAES(eid, &errStatusAES, errMsgAES.data(), key.c_str(), encrPrivKeyAES.data(), &enc_lenAES);
REQUIRE( errStatusAES == SGX_SUCCESS );
errMsg.clear();
string hex = SAMPLE_HEX_HASH;
vector<char> signatureR(BUF_LEN, 0);
vector<char> signatureS(BUF_LEN, 0);
uint8_t signatureV = 0;
//uint32_t dec_len = 0;
status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encrPrivKey.data(), enc_len, (unsigned char *) hex.data(),
signatureR.data(),
signatureS.data(), &signatureV, 16);
REQUIRE( status == SGX_SUCCESS );
REQUIRE( errStatus == SGX_SUCCESS );
int errStatusAES = 0;
vector<char> errMsgAES(BUF_LEN, 0);
vector <uint8_t> encrPrivKeyAES(BUF_LEN, 0);
uint32_t enc_lenAES = 0;
trustedEncryptKeyAES(eid, &errStatusAES, errMsgAES.data(), key.c_str(), encrPrivKeyAES.data(), &enc_lenAES);
REQUIRE( errStatusAES == SGX_SUCCESS );
errMsgAES.clear();
vector<char> signatureRAES(BUF_LEN, 0);
vector<char> signatureSAES(BUF_LEN, 0);
uint8_t signatureVAES = 0;
uint32_t dec_lenAES = 0;
status = trustedEcdsaSignAES(eid, &errStatusAES, errMsgAES.data(), encrPrivKeyAES.data(), dec_lenAES, (unsigned char *) hex.data(),
status = trustedEcdsaSignAES(eid, &errStatusAES, errMsgAES.data(), encrPrivKeyAES.data(), enc_lenAES, (unsigned char *) hex.data(),
signatureRAES.data(),
signatureSAES.data(), &signatureVAES, 16);
REQUIRE( status == SGX_SUCCESS );
REQUIRE( errStatusAES == SGX_SUCCESS );
REQUIRE( signatureR == signatureRAES );
REQUIRE( signatureS == signatureSAES );
......
testw.py
View file @ 2dc5a146
......@@ -50,8 +50,8 @@ testList = [ "[cert-sign]",
"[many-threads-crypto]",
"[aes-encrypt-decrypt]",
"[sgx-encrypt-decrypt]",
"[aes-dkg]"#,
#"[aes-not-aes]" <- this test doesn't pass for now - will fix it later
"[aes-dkg]",
"[aes-not-aes]"
]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment