SKALE-2019 Rename enclave private key

LevelDB.cpp

@@ -62,9 +62,6 @@ std::shared_ptr<std::string> LevelDB::readString(const std::string &_key) {
 
     auto status = db->Get(readOptions, _key, &*result);
 
-//    if (result == nullptr) {
-//      throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist");
-//    }
     if (DEBUG_PRINT) {
       spdlog::info("key to read from db: {}",_key );
       //std::cerr << "key to read from db: " << _key << std::endl;
@@ -107,22 +104,6 @@ void LevelDB::deleteDHDKGKey (const std::string &_key) {
       spdlog::info("key deleted: {}",full_key );
       //std::cerr << "key deleted " << full_key << std::endl;
     }
-
-}
-
-void LevelDB::deleteOlegKey (const std::string &_key) {
-
-    std::lock_guard<std::recursive_mutex> lock(mutex);
-
-    std::string full_key = "key" + _key;
-
-    auto status = db->Delete(writeOptions, Slice(_key));
-
-    throwExceptionOnError(status);
-
-    if (DEBUG_PRINT) {
-      std::cerr << "key deleted " << full_key << std::endl;
-    }
 }
 
 void LevelDB::deleteTempNEK(const std::string &_key){

LevelDB.h

@@ -61,8 +61,6 @@ public:
 
     void deleteDHDKGKey (const std::string &_key);
 
-    void deleteOlegKey (const std::string &_key);
-
     void deleteTempNEK (const std::string &_key);
 
     void deleteKey(const std::string &_key);

SGXWalletServer.cpp

@@ -602,7 +602,7 @@ Json::Value CreateBLSPrivateKeyImpl(const std::string & BLSKeyName, const std::s
     std::shared_ptr<std::string> encryptedKeyHex_ptr = readFromDb(EthKeyName);
 
     bool res = CreateBLSShare(BLSKeyName, SecretShare.c_str(), encryptedKeyHex_ptr->c_str());
-     if ( res){
+     if (res){
          spdlog::info("BLS KEY SHARE CREATED ");
      }
      else {
@@ -612,6 +612,8 @@ Json::Value CreateBLSPrivateKeyImpl(const std::string & BLSKeyName, const std::s
      for ( int i = 0; i < n; i++){
        std::string name = polyName + "_" + std::to_string(i) + ":";
        levelDb -> deleteDHDKGKey(name);
+       std::string shareG2_name = "shareG2_" + polyName + "_" + std::to_string(i) + ":";
+       levelDb -> deleteKey(shareG2_name);
      }
 
   } catch (RPCException &_e) {

ServerInit.cpp

@@ -85,6 +85,11 @@ void init_daemon() {
     static std::string csr_status_dbname = "SGXData/CSR_STATUS_DB";
     csrStatusDb = new LevelDB(csr_status_dbname);
 
+    std::shared_ptr<std::string> encr_SEK_ptr = levelDb->readString("SEK");
+    if (encr_SEK_ptr == nullptr){
+      spdlog::info("SEK was not created yet");
+    }
+
 }
 
 
@@ -106,7 +111,6 @@ void init_enclave() {
 
     if ( DEBUG_PRINT) {
       spdlog::info("SGX_DEBUG_FLAG = {}", SGX_DEBUG_FLAG);
-      //std::cerr << "SGX_DEBUG_FLAG = " << SGX_DEBUG_FLAG << std::endl;
     }
 
     status = sgx_create_enclave_search(ENCLAVE_NAME, SGX_DEBUG_FLAG, &token,

secure_enclave/Makefile.am

@@ -50,7 +50,7 @@ include $(top_srcdir)/build-aux/sgx_enclave.am
 
 ENCLAVE=secure_enclave
 ENCLAVE_CONFIG=$(ENCLAVE).config.xml
-ENCLAVE_KEY=$(ENCLAVE)_private.pem
+ENCLAVE_KEY=test_insecure_private_key.pem       #$(ENCLAVE)_private.pem
 
 
 ## Provide additional flags to sgx_sign when signing the enclave.

secure_enclave/Makefile.in

@@ -343,7 +343,7 @@ CLEANFILES = $(ENCLAVE).signed.so secure_enclave_t.c \
 @ENCLAVE_RELEASE_SIGN_FALSE@nodist_signed_enclave_debug_SOURCES = signed_enclave_debug.c
 ENCLAVE = secure_enclave
 ENCLAVE_CONFIG = $(ENCLAVE).config.xml
-ENCLAVE_KEY = $(ENCLAVE)_private.pem
+ENCLAVE_KEY = test_insecure_private_key.pem       #$(ENCLAVE)_private.pem
 secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
 	secure_enclave.c \
 	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c \

secure_enclave/secure_enclave.c

@@ -894,5 +894,25 @@ void get_bls_pub_key(int *err_status, char* err_string, uint8_t* encrypted_key,
   }
 }
 
+void generate_SEK(int *err_status, char *err_string,
+                        uint8_t *encrypted_SEK, uint32_t *enc_len){
+
+  unsigned char* rand_char = (unsigned char*)malloc(16);
+  sgx_read_rand( rand_char, 16);
+
+  uint32_t sealedLen = sgx_calc_sealed_data_size(0, 32);
+
+  sgx_status_t status = sgx_seal_data(0, NULL, 32, (uint8_t *)rand_char, sealedLen,(sgx_sealed_data_t*)encrypted_SEK);
+  if( status !=  SGX_SUCCESS) {
+    snprintf(err_string, BUF_LEN,"seal SEK failed");
+    *err_status = status;
+    return;
+  }
+
+  *enc_len = sealedLen;
+
+    free(rand_char);
+}
+
 
 

secure_enclave/secure_enclave.edl

@@ -157,6 +157,12 @@ enclave {
                                 uint8_t _t,
                                 uint8_t _n,
                                 uint8_t ind1);
+
+         public void generate_SEK(
+                                [user_check] int *err_status,
+                                [out, count = 1024] char *err_string,
+                                [in, count = 1024] uint8_t *encrypted_SEK,
+                                [user_check] uint32_t *enc_len);
 	};
 
 

secure_enclave/secure_enclave_private.pem

------BEGIN RSA PRIVATE KEY-----
-MIIG4gIBAAKCAYEAqeoFQkeMt+491hAJZOAFewOFSpEASJSxtBZdzR0yX9tMzU8R
-t5g8+84HDl7jEJUrGYsRMv6cGnLmoUR9jYAtOvKvcSk4912uvIMeAxJnp4SUgj/e
-GqnrKOj25EkoWldDpJa/v+TRx19nrx47ItRBGLyQkFHb65ZCc8uHdUVo0LRXmUp9
-/1lTSVBIuuI1BK0TK3MUBH5Zt9/gqXvzSPMxUr/siHNLh/RqKm+E5NcmiG9e02mR
-38ruoFjVQN46MmYjJHcMyD4p0asHVX5lgbG7mcdtLW7KNMwOhHVnlsliTqM6aRmQ
-/cvxi6Rj8GTrde66RgQXJTNS4MTjCXcbpMkelQzlONN2srCw1ID/z99dQvdMts18
-cAnxB2apPbQtHC7HycrswCQfPFflzM5so+zfLvxZpSf47OwD9QdlmrUPwH1agkfK
-jvVD1BelZrHZ5R3MWA0FqbvoGR2DwzHE1r0uMIEo1AqlfE24YfYCYzEn1jkoWWDM
-GmLT5mVVoJDagxq5AgEDAoIBgHFGriwvsyVJfo61W5iVWPytA4cLVYW4dngO6TNo
-zD/niIjfYSUQKKfer17p7LW4x2ZctiH/ErxMmcDYU7OqyNH3H6DGJfo+dH2svqy2
-78UDDawqlBHGnMXwpJgwxZGPgm251SqYi9o/mnS+0hc4K2XTCwrhPUe5gaKHr6OD
-mzXNj7uG/qo7jNuK2ydBeK3It3JMuAL+5nqVQHD9TNtMy4x/8wWiMlqi8XGfre3k
-xFr06eJGYT/cnxWQjis+0XbuwQF+xbd32LywVJ05jlNo72jufoPpUbpEYeUoo9DG
-ykVF9DSUlzrkB7KG0ySWD8j0a/o5OS2802SCoWqSoryTsd3HVlk45AryzL9Yfx/C
-kip7Gdyk8RkUA/VyOq5zx/O+ld9R26MEQCaBn/T/o37JC4RBEFWVVJEL75s0QaZK
-oY7LlZZFDUSGr2XxSp5tKA7OaK5GarEZAmDozNmdYzJjmjSLklv5tZgUhgfGmR41
-liQ9z5ckkPbbCYmoyCBodOYJqwKBwQDgQiJtn96gkHkaBZ0cgyPIh6vuTUFhnD6/
-XTEkbrIs3ecHAnPByEF0JPKRgJaGlqUOV1+nXTER3YxokKkmbln0QNgFtux3ix38
-FiFtxH9h5B1whiVD1nPzeQEK9Jn/hKb3Gd8O0tY1Wi3x+rdJMLuZ96CLKPei6QmN
-Fgw87D8b2/DwlAd52zOgkCr6vQ0bVNdgiFRLB4bv2kvsxx8tc8x7sR6LAlG6wF0p
-YHE4hk42XdrN3QVu1cIuwCRFNnIJcJECgcEAwfbBx2qGFhIPT6Jy6BEws9oDeUOO
-O8k87VtAuTCAudxlEzg6Y62ki7U0qAM9QelzQFbhuTrkuCNkgQp+Y3051CELrUc0
-KrlfuWYfsncCoVqIe0/thpV3I8JQLRHnLwxAA7ZEPMrozTtH61RAHI6STqMgmZ8C
-cHES/yL25FjeTnAJMEwvLlAJGp2KflEQs5NX8hsRVQ7dl+YEj/6Q3bP6Zf6uvxHD
-XW6SLOurfVp4aX6WKMztOUSDaSgFKr25IJupAoHBAJWBbEkVPxW1phFZE2hXbTBa
-cp7eK5ZoKdToy22fIXM+mgSsTSva1k1t9wurDwRkbgmPlRo+ILaTsvBgcMRJkU2A
-kAPPSE+yE/1kFkktqkFCvksEGNfkTUz7VgdNu/+txKS76gnh5CORc/anJNt10mal
-FbIbT8HwsQi5XX3y1L09S0sNWlE8zRW1cfx+CLzjOkBa4tyvr0qRh/Mvah5NMv0g
-vwdW4Scq6MZAS3sENCQ+kd6TWPSOgXSAGC4kTAZLCwKBwQCBTyvaRwQOtrTfwaHw
-C3XNPAJQ17Qn233zkismIFXRPZi3etGXyRhdI3hwAijWm6Iq5JZ7fJh6wkMAsamX
-qNE4FgfI2iLHJj/Q7r/MT1cWPFr83/OvDk9tLDVzYUTKCCqtJC193JszfNqc4tVo
-Xww0bMBmagGgS2H/bKSYOz7e9Vt1iB90NVtnE7Gpi2B3t4/2vLY4tJO6mVhf/ws+
-d/xD/x8qC9eTnwwd8nJTkaWbqblwiJ4mLazwxVjHKSYVvRsCgcBbJrUHJpcHzjou
-fD+3GZ7uBv0EG2hKtzBAe40TOQBcZjyzOBgrM076jVDXNJqWxYKLvjBCJ8IFdV9L
-3OKReq6bILXkbhbXNlO9w1G4qhmK7rlg3RqO/I1w+P9V0MnUdsHV3CdiBCwN9PXj
-lqNm3Hut+du9B8jPatYxRy3+lmHHVutidrXqkNxTlKg57Gl9ENVIl3moAjlL/IB1
-tNXJBCvW+6JF1HhamQm0uVHe3Udhd68M/3qgxBx1ghTQ+zAEGQ8=
------END RSA PRIVATE KEY-----

testw.cpp

@@ -885,10 +885,6 @@ TEST_CASE("API test", "[api_test]") {
     cerr << "Client inited" << endl;
 
     try {
-        //levelDb->deleteOlegKey("0");
-        //levelDb->deleteOlegKey("1");
-       // levelDb->deleteDHDKGKey("p2_0:");
-        //levelDb->deleteDHDKGKey("p2_1:");
 //        for ( uint8_t i = 0; i < 2; i++) {
 //        levelDb->deleteKey("POLY:SCHAIN_ID:1:NODE_ID:" + std::to_string(i) +
 //                             ":DKG_ID:0");