Skip to content

S
sgxwallet
Unverified Commit 31b40357 authored by Stan Kladko's avatar Stan Kladko Committed by GitHub
Browse files
Options

Merge pull request #38 from skalenetwork/SKALE-2077-cleanup-sgx 

SKALE-2077 cleaned up SGX
parents b099b4fb b808c1bc
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 675 additions and 1817 deletions
.github/workflows/dockerimagesim.yml
View file @ 31b40357
...@@ -18,6 +18,10 @@ jobs: ...@@ -18,6 +18,10 @@ jobs:
run: git submodule update --init --recursive run: git submodule update --init --recursive
- name: Build the Docker image - name: Build the Docker image
run: docker build . --file DockerfileSimulation --tag skalenetwork/sgxwalletsim:latest run: docker build . --file DockerfileSimulation --tag skalenetwork/sgxwalletsim:latest
- name: run docker image
run: docker run -v ${PWD}/sgx_data:/usr/src/sdk/sgx_data -d --network=host skalenetwork/sgxwalletsim:latest
- name: sleep and check
run: sleep 5; scripts/docker_test.py
- name: push docker image - name: push docker image
run: docker push skalenetwork/sgxwalletsim:latest run: docker push skalenetwork/sgxwalletsim:latest
.gitignore
View file @ 31b40357
# Created by .ignore support plugin (hsz.mobi) # Created by .ignore support plugin (hsz.mobi)
.idea/ .idea/
sgx-gmp/
gmp-build gmp-build
tgmp-build tgmp-build
install-sh install-sh
...@@ -13,6 +14,10 @@ secure_enclave.edl ...@@ -13,6 +14,10 @@ secure_enclave.edl
am--include-marker am--include-marker
*.o *.o
aclocal.m4 aclocal.m4
missing
compile
depcomp
ltmain.sh
secure_enclave.signed.so secure_enclave.signed.so
sgxgmpmath sgxgmpmath
sgxgmppi sgxgmppi
......
BLSCrypto.cpp
View file @ 31b40357
...@@ -51,6 +51,7 @@ ...@@ -51,6 +51,7 @@
#include "RPCException.h" #include "RPCException.h"
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h"
int char2int(char _input) { int char2int(char _input) {
if (_input >= '0' && _input <= '9') if (_input >= '0' && _input <= '9')
...@@ -135,11 +136,11 @@ bool hex2carray2(const char * _hex, uint64_t *_bin_len, ...@@ -135,11 +136,11 @@ bool hex2carray2(const char * _hex, uint64_t *_bin_len,
bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t _n, size_t _signerIndex, bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t _n, size_t _signerIndex,
char* _sig) { char* _sig) {
//std::cerr << "ENTER SIGN" << std::endl; //cerr << "ENTER SIGN" << endl;
auto keyStr = std::make_shared<std::string>(_encryptedKeyHex); auto keyStr = make_shared<string>(_encryptedKeyHex);
auto hash = std::make_shared<std::array<uint8_t, 32>>(); auto hash = make_shared<array<uint8_t, 32>>();
uint64_t binLen; uint64_t binLen;
...@@ -150,9 +151,9 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t ...@@ -150,9 +151,9 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t
auto keyShare = std::make_shared<BLSPrivateKeyShareSGX>(keyStr, _t, _n); auto keyShare = make_shared<BLSPrivateKeyShareSGX>(keyStr, _t, _n);
//std::cerr << "keyShare created" << std::endl; //cerr << "keyShare created" << endl;
// { // {
auto sigShare = keyShare->signWithHelperSGX(hash, _signerIndex); auto sigShare = keyShare->signWithHelperSGX(hash, _signerIndex);
// } // }
...@@ -161,14 +162,14 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t ...@@ -161,14 +162,14 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t
strncpy(_sig, sigShareStr->c_str(), BUF_LEN); strncpy(_sig, sigShareStr->c_str(), BUF_LEN);
//std::string sigShareStr = keyShare->signWithHelperSGXstr(hash, _signerIndex); //string sigShareStr = keyShare->signWithHelperSGXstr(hash, _signerIndex);
//strncpy(_sig, sigShareStr.c_str(), BUF_LEN); //strncpy(_sig, sigShareStr.c_str(), BUF_LEN);
// std::string test_sig = "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855:9810286616503120081238481858289626967170509983220853777870754480048381194141:5"; // string test_sig = "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855:9810286616503120081238481858289626967170509983220853777870754480048381194141:5";
// auto sig_ptr = std::make_shared<std::string>(test_sig); // auto sig_ptr = make_shared<string>(test_sig);
// strncpy(_sig, sig_ptr->c_str(), BUF_LEN); // strncpy(_sig, sig_ptr->c_str(), BUF_LEN);
//std::cerr<< "sig " << _sig <<std::endl; //cerr<< "sig " << _sig <<endl;
return true; return true;
......
BLSPrivateKeyShareSGX.cpp
View file @ 31b40357
...@@ -21,7 +21,7 @@ ...@@ -21,7 +21,7 @@
@date 2019 @date 2019
*/ */
using namespace std;
#include "BLSSigShare.h" #include "BLSSigShare.h"
#include "BLSSignature.h" #include "BLSSignature.h"
...@@ -33,6 +33,7 @@ using namespace std; ...@@ -33,6 +33,7 @@ using namespace std;
#include "BLSCrypto.h" #include "BLSCrypto.h"
#include "ServerInit.h" #include "ServerInit.h"
#include "common.h"
#include "BLSPrivateKeyShareSGX.h" #include "BLSPrivateKeyShareSGX.h"
......
CMakeLists.txt
View file @ 31b40357
cmake_minimum_required(VERSION 3.12) cmake_minimum_required(VERSION 3.15)
project(sgxd) project(sgxwallet)
set(CMAKE_CXX_STANDARD 14) set(CMAKE_CXX_STANDARD 14)
include_directories(.) include_directories(.)
include_directories(libff/libff/algebra/curves/alt_bn128)
include_directories(libff/libff/algebra/curves/bn128)
include_directories(libff/libff/algebra/curves/edwards)
include_directories(libff/libff/algebra/curves/mnt)
include_directories(libff/libff/algebra/curves/mnt/mnt4)
include_directories(libff/libff/algebra/curves/mnt/mnt6)
include_directories(libff/libff/common/default_types)
include_directories(secure_enclave) include_directories(secure_enclave)
include_directories(sgx-software-enable)
include_directories(tgmp-build)
include_directories(tgmp-build/include)
add_custom_target(sgxd COMMAND make all add_executable(sgxwallet
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} secure_enclave/AESUtils.c
SOURCES secure_enclave/AESUtils.h
libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp
libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.hpp
libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp
libff/libff/algebra/curves/alt_bn128/alt_bn128_init.hpp
libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.cpp
libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp
libff/libff/algebra/curves/bn128/bn128_g1.cpp
libff/libff/algebra/curves/bn128/bn128_g1.hpp
libff/libff/algebra/curves/bn128/bn128_g2.cpp
libff/libff/algebra/curves/bn128/bn128_g2.hpp
libff/libff/algebra/curves/bn128/bn128_gt.cpp
libff/libff/algebra/curves/bn128/bn128_gt.hpp
libff/libff/algebra/curves/bn128/bn128_init.cpp
libff/libff/algebra/curves/bn128/bn128_init.hpp
libff/libff/algebra/curves/bn128/bn128_pairing.cpp
libff/libff/algebra/curves/bn128/bn128_pairing.hpp
libff/libff/algebra/curves/bn128/bn128_pp.cpp
libff/libff/algebra/curves/bn128/bn128_pp.hpp
libff/libff/algebra/curves/bn128/bn_utils.hpp
libff/libff/algebra/curves/bn128/bn_utils.tcc
libff/libff/algebra/curves/edwards/edwards_g1.cpp
libff/libff/algebra/curves/edwards/edwards_g1.hpp
libff/libff/algebra/curves/edwards/edwards_g2.cpp
libff/libff/algebra/curves/edwards/edwards_g2.hpp
libff/libff/algebra/curves/edwards/edwards_init.cpp
libff/libff/algebra/curves/edwards/edwards_init.hpp
libff/libff/algebra/curves/edwards/edwards_pairing.cpp
libff/libff/algebra/curves/edwards/edwards_pairing.hpp
libff/libff/algebra/curves/edwards/edwards_pp.cpp
libff/libff/algebra/curves/edwards/edwards_pp.hpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_g1.cpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_g1.hpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_g2.cpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_g2.hpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_init.cpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_init.hpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_pairing.cpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_pairing.hpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_pp.cpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_pp.hpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_g1.cpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_g1.hpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_g2.cpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_g2.hpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_init.cpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_init.hpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_pairing.cpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_pairing.hpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_pp.cpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_pp.hpp
libff/libff/algebra/curves/mnt/mnt46_common.cpp
libff/libff/algebra/curves/mnt/mnt46_common.hpp
libff/libff/algebra/curves/tests/test_bilinearity.cpp
libff/libff/algebra/curves/tests/test_groups.cpp
libff/libff/algebra/curves/curve_utils.hpp
libff/libff/algebra/curves/curve_utils.tcc
libff/libff/algebra/curves/public_params.hpp
libff/libff/algebra/exponentiation/exponentiation.hpp
libff/libff/algebra/exponentiation/exponentiation.tcc
libff/libff/algebra/fields/tests/test_fields.cpp
libff/libff/algebra/fields/bigint.hpp
libff/libff/algebra/fields/bigint.tcc
libff/libff/algebra/fields/field_utils.hpp
libff/libff/algebra/fields/field_utils.tcc
libff/libff/algebra/fields/fp.hpp
libff/libff/algebra/fields/fp.tcc
libff/libff/algebra/fields/fp_aux.tcc
libff/libff/algebra/scalar_multiplication/multiexp.hpp
libff/libff/algebra/scalar_multiplication/multiexp.tcc
libff/libff/algebra/scalar_multiplication/multiexp_profile.cpp
libff/libff/algebra/scalar_multiplication/wnaf.hpp
libff/libff/algebra/scalar_multiplication/wnaf.tcc
libff/libff/common/default_types/ec_pp.hpp
libff/libff/common/double.cpp
libff/libff/common/double.hpp
libff/libff/common/profiling.cpp
libff/libff/common/profiling.hpp
libff/libff/common/rng.hpp
libff/libff/common/rng.tcc
libff/libff/common/template_utils.hpp
libff/libff/common/utils.cpp
libff/libff/common/utils.hpp
libff/libff/common/utils.tcc
secure_enclave/BLSEnclave.cpp secure_enclave/BLSEnclave.cpp
secure_enclave/BLSEnclave.h secure_enclave/BLSEnclave.h
secure_enclave/curves.c
secure_enclave/curves.h
secure_enclave/DH_dkg.c
secure_enclave/DH_dkg.h
secure_enclave/DKGUtils.cpp
secure_enclave/DKGUtils.h
secure_enclave/domain_parameters.c
secure_enclave/domain_parameters.h
secure_enclave/enclave_common.h
secure_enclave/numbertheory.c
secure_enclave/numbertheory.h
secure_enclave/point.c
secure_enclave/point.h
secure_enclave/secure_enclave.c secure_enclave/secure_enclave.c
secure_enclave/secure_enclave.i
secure_enclave/secure_enclave_t.c secure_enclave/secure_enclave_t.c
secure_enclave/secure_enclave_t.h secure_enclave/secure_enclave_t.h
secure_enclave/DKGUtils.h secure_enclave/signature.c
secure_enclave/DKGUtils.cpp secure_enclave/signature.h
sgx-software-enable/sgx_capable.h
sgx-software-enable/sgx_enable.c
tgmp-build/include/sgx_tgmp.h
abstractCSRManagerServer.h
abstractregserver.h
abstractstubserver.h
BLSCrypto.cpp
BLSCrypto.h
BLSPrivateKeyShareSGX.cpp
BLSPrivateKeyShareSGX.h
catch.hpp
cert_util.cpp
common.h
create_enclave.c create_enclave.c
create_enclave.h create_enclave.h
CSRManagerServer.cpp
CSRManagerServer.h
DKGCrypto.cpp
DKGCrypto.h
ECDSACrypto.cpp
ECDSACrypto.h
LevelDB.cpp
LevelDB.h
oc_alloc.c oc_alloc.c
RPCException.cpp
RPCException.h
secure_enclave_u.c secure_enclave_u.c
secure_enclave_u.h secure_enclave_u.h
SEKManager.cpp
SEKManager.h
ServerDataChecker.cpp
ServerDataChecker.h
ServerInit.cpp
ServerInit.h
sgx_detect.h sgx_detect.h
sgx_detect_linux.c sgx_detect_linux.c
sgx_stub.c sgx_stub.c
sgx_stub.h sgx_stub.h
sgx_tgmp.h sgx_tgmp.h
SGXRegistrationServer.cpp
SGXRegistrationServer.h
sgxwallet.c sgxwallet.c
testw.cpp sgxwallet.h
) sgxwallet_common.h
SGXWalletServer.cpp
SGXWalletServer.h
SGXWalletServer.hpp
stubclient.cpp
stubclient.h
testw.cpp)
CSRManagerServer.cpp
View file @ 31b40357
...@@ -12,6 +12,7 @@ ...@@ -12,6 +12,7 @@
#include <jsonrpccpp/server/connectors/httpserver.h> #include <jsonrpccpp/server/connectors/httpserver.h>
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h"
CSRManagerServer *cs = nullptr; CSRManagerServer *cs = nullptr;
...@@ -27,15 +28,14 @@ Json::Value GetUnsignedCSRsImpl(){ ...@@ -27,15 +28,14 @@ Json::Value GetUnsignedCSRsImpl(){
Json::Value result; Json::Value result;
result["status"] = 0; result["status"] = 0;
result["errorMessage"] = ""; result["errorMessage"] = "";
//result["hashes"] =;
try{ try{
std::vector<std::string> hashes_vect = csrDb->writeKeysToVector1(MAX_CSR_NUM); vector<string> hashes_vect = LevelDB::getCsrDb()->writeKeysToVector1(MAX_CSR_NUM);
for (int i = 0; i < hashes_vect.size(); i++){ for (int i = 0; i < (int) hashes_vect.size(); i++){
result["hashes"][i] = hashes_vect.at(i); result["hashes"][i] = hashes_vect.at(i);
} }
} catch (RPCException &_e) { } catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl; cerr << " err str " << _e.errString << endl;
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
...@@ -44,7 +44,7 @@ Json::Value GetUnsignedCSRsImpl(){ ...@@ -44,7 +44,7 @@ Json::Value GetUnsignedCSRsImpl(){
return result; return result;
} }
Json::Value SignByHashImpl(const std::string& hash, int status){ Json::Value SignByHashImpl(const string& hash, int status){
Json::Value result; Json::Value result;
result["errorMessage"] = ""; result["errorMessage"] = "";
...@@ -53,46 +53,46 @@ Json::Value SignByHashImpl(const std::string& hash, int status){ ...@@ -53,46 +53,46 @@ Json::Value SignByHashImpl(const std::string& hash, int status){
throw RPCException(-111, "Invalid csr status"); throw RPCException(-111, "Invalid csr status");
} }
std::string csr_db_key = "CSR:HASH:" + hash; string csr_db_key = "CSR:HASH:" + hash;
std::shared_ptr<std::string> csr_ptr = csrDb->readString(csr_db_key); shared_ptr<string> csr_ptr = LevelDB::getCsrDb()->readString(csr_db_key);
if (csr_ptr == nullptr){ if (csr_ptr == nullptr){
throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "HASH DOES NOT EXIST IN DB"); throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "HASH DOES NOT EXIST IN DB");
} }
if (status == 0) { if (status == 0) {
std::string csr_name = "sgx_data/cert/" + hash + ".csr"; string csr_name = "sgx_data/cert/" + hash + ".csr";
std::ofstream outfile(csr_name); ofstream outfile(csr_name);
outfile << *csr_ptr << std::endl; outfile << *csr_ptr << endl;
outfile.close(); outfile.close();
if (access(csr_name.c_str(), F_OK) != 0) { if (access(csr_name.c_str(), F_OK) != 0) {
csrDb->deleteKey(csr_db_key); LevelDB::getCsrDb()->deleteKey(csr_db_key);
throw RPCException(FILE_NOT_FOUND, "Csr does not exist"); throw RPCException(FILE_NOT_FOUND, "Csr does not exist");
} }
std::string signClientCert = "cd sgx_data/cert && ./create_client_cert " + hash; string signClientCert = "cd sgx_data/cert && ./create_client_cert " + hash;
if (system(signClientCert.c_str()) == 0) { if (system(signClientCert.c_str()) == 0) {
spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED"); spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED");
} else { } else {
spdlog::info("CLIENT CERTIFICATE GENERATION FAILED"); spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
csrDb->deleteKey(csr_db_key); LevelDB::getCsrDb()->deleteKey(csr_db_key);
std::string status_db_key = "CSR:HASH:" + hash + "STATUS:"; string status_db_key = "CSR:HASH:" + hash + "STATUS:";
csrStatusDb->deleteKey(status_db_key); LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
csrStatusDb->writeDataUnique(status_db_key, "-1"); LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, "-1");
throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED"); throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
//exit(-1); //exit(-1);
} }
} }
csrDb->deleteKey(csr_db_key); LevelDB::getCsrDb()->deleteKey(csr_db_key);
std::string status_db_key = "CSR:HASH:" + hash + "STATUS:"; string status_db_key = "CSR:HASH:" + hash + "STATUS:";
csrStatusDb->deleteKey(status_db_key); LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
csrStatusDb->writeDataUnique(status_db_key, std::to_string(status)); LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(status));
result["status"] = status; result["status"] = status;
} catch (RPCException &_e) { } catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl; cerr << " err str " << _e.errString << endl;
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
} }
...@@ -102,12 +102,12 @@ Json::Value SignByHashImpl(const std::string& hash, int status){ ...@@ -102,12 +102,12 @@ Json::Value SignByHashImpl(const std::string& hash, int status){
Json::Value CSRManagerServer::GetUnsignedCSRs(){ Json::Value CSRManagerServer::GetUnsignedCSRs(){
std::lock_guard<std::recursive_mutex> lock(m); lock_guard<recursive_mutex> lock(m);
return GetUnsignedCSRsImpl(); return GetUnsignedCSRsImpl();
} }
Json::Value CSRManagerServer::SignByHash(const std::string& hash, int status){ Json::Value CSRManagerServer::SignByHash(const string& hash, int status){
std::lock_guard<std::recursive_mutex> lock(m); lock_guard<recursive_mutex> lock(m);
return SignByHashImpl(hash, status); return SignByHashImpl(hash, status);
} }
......
DKGCrypto.cpp
View file @ 31b40357
This diff is collapsed.
Dockerfile
View file @ 31b40357
...@@ -8,7 +8,6 @@ COPY *.c ./ ...@@ -8,7 +8,6 @@ COPY *.c ./
COPY *.am ./ COPY *.am ./
COPY *.hpp ./ COPY *.hpp ./
COPY *.sh ./ COPY *.sh ./
COPY *.m4 ./
COPY *.gmp ./ COPY *.gmp ./
COPY *.ac ./ COPY *.ac ./
COPY *.json ./ COPY *.json ./
......
DockerfileSimulation
View file @ 31b40357
...@@ -8,7 +8,6 @@ COPY *.c ./ ...@@ -8,7 +8,6 @@ COPY *.c ./
COPY *.am ./ COPY *.am ./
COPY *.hpp ./ COPY *.hpp ./
COPY *.sh ./ COPY *.sh ./
COPY *.m4 ./
COPY *.gmp ./ COPY *.gmp ./
COPY *.ac ./ COPY *.ac ./
COPY *.json ./ COPY *.json ./
......
LevelDB.cpp
View file @ 31b40357
...@@ -37,24 +37,24 @@ ...@@ -37,24 +37,24 @@
#include "ServerInit.h" #include "ServerInit.h"
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h"
using namespace leveldb; using namespace leveldb;
static WriteOptions writeOptions; static WriteOptions writeOptions;
static ReadOptions readOptions; static ReadOptions readOptions;
LevelDB* levelDb = nullptr;
LevelDB* csrDb = nullptr;
LevelDB* csrStatusDb = nullptr;
std::shared_ptr<std::string> LevelDB::readString(const std::string &_key) { std::shared_ptr<string> LevelDB::readString(const string &_key) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
auto result = std::make_shared<std::string>(); auto result = std::make_shared<string>();
if (db == nullptr) { if (db == nullptr) {
throw RPCException(NULL_DATABASE, "Null db"); throw RPCException(NULL_DATABASE, "Null db");
...@@ -75,7 +75,7 @@ std::shared_ptr<std::string> LevelDB::readString(const std::string &_key) { ...@@ -75,7 +75,7 @@ std::shared_ptr<std::string> LevelDB::readString(const std::string &_key) {
return result; return result;
} }
void LevelDB::writeString(const std::string &_key, const std::string &_value) { void LevelDB::writeString(const string &_key, const string &_value) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
...@@ -90,11 +90,11 @@ void LevelDB::writeString(const std::string &_key, const std::string &_value) { ...@@ -90,11 +90,11 @@ void LevelDB::writeString(const std::string &_key, const std::string &_value) {
} }
void LevelDB::deleteDHDKGKey (const std::string &_key) { void LevelDB::deleteDHDKGKey (const string &_key) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
std::string full_key = "DKG_DH_KEY_" + _key; string full_key = "DKG_DH_KEY_" + _key;
auto status = db->Delete(writeOptions, Slice(_key)); auto status = db->Delete(writeOptions, Slice(_key));
...@@ -106,11 +106,11 @@ void LevelDB::deleteDHDKGKey (const std::string &_key) { ...@@ -106,11 +106,11 @@ void LevelDB::deleteDHDKGKey (const std::string &_key) {
} }
} }
void LevelDB::deleteTempNEK(const std::string &_key){ void LevelDB::deleteTempNEK(const string &_key){
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
std::string prefix = _key.substr(0,8); string prefix = _key.substr(0,8);
if (prefix != "tmp_NEK:") { if (prefix != "tmp_NEK:") {
return; return;
} }
...@@ -122,7 +122,7 @@ void LevelDB::deleteTempNEK(const std::string &_key){ ...@@ -122,7 +122,7 @@ void LevelDB::deleteTempNEK(const std::string &_key){
std::cerr << "key deleted " << _key << std::endl; std::cerr << "key deleted " << _key << std::endl;
} }
void LevelDB::deleteKey(const std::string &_key){ void LevelDB::deleteKey(const string &_key){
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
...@@ -149,7 +149,7 @@ void LevelDB::writeByteArray(const char *_key, size_t _keyLen, const char *value ...@@ -149,7 +149,7 @@ void LevelDB::writeByteArray(const char *_key, size_t _keyLen, const char *value
} }
void LevelDB::writeByteArray(std::string &_key, const char *value, void LevelDB::writeByteArray(string &_key, const char *value,
size_t _valueLen) { size_t _valueLen) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
...@@ -188,13 +188,13 @@ uint64_t LevelDB::visitKeys(LevelDB::KeyVisitor *_visitor, uint64_t _maxKeysToVi ...@@ -188,13 +188,13 @@ uint64_t LevelDB::visitKeys(LevelDB::KeyVisitor *_visitor, uint64_t _maxKeysToVi
return readCounter; return readCounter;
} }
std::vector<std::string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){ std::vector<string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){
uint64_t readCounter = 0; uint64_t readCounter = 0;
std::vector<std::string> keys; std::vector<string> keys;
leveldb::Iterator *it = db->NewIterator(readOptions); leveldb::Iterator *it = db->NewIterator(readOptions);
for (it->SeekToFirst(); it->Valid(); it->Next()) { for (it->SeekToFirst(); it->Valid(); it->Next()) {
std::string cur_key(it->key().data(), it->key().size()); string cur_key(it->key().data(), it->key().size());
keys.push_back(cur_key); keys.push_back(cur_key);
// keys.push_back(it->key().data()); // keys.push_back(it->key().data());
readCounter++; readCounter++;
...@@ -208,7 +208,7 @@ std::vector<std::string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){ ...@@ -208,7 +208,7 @@ std::vector<std::string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){
return keys; return keys;
} }
void LevelDB::writeDataUnique(const std::string & Name, const std::string &value) { void LevelDB::writeDataUnique(const string & Name, const string &value) {
auto key = Name; auto key = Name;
...@@ -226,7 +226,7 @@ void LevelDB::writeDataUnique(const std::string & Name, const std::string &value ...@@ -226,7 +226,7 @@ void LevelDB::writeDataUnique(const std::string & Name, const std::string &value
} }
LevelDB::LevelDB(std::string &filename) { LevelDB::LevelDB(string &filename) {
leveldb::Options options; leveldb::Options options;
...@@ -243,9 +243,73 @@ LevelDB::LevelDB(std::string &filename) { ...@@ -243,9 +243,73 @@ LevelDB::LevelDB(std::string &filename) {
} }
LevelDB::~LevelDB() { LevelDB::~LevelDB() {
if (db != nullptr)
delete db;
} }
const std::shared_ptr<LevelDB> &LevelDB::getLevelDb() {
CHECK_STATE(levelDb)
return levelDb;
}
const std::shared_ptr<LevelDB> &LevelDB::getCsrDb() {
CHECK_STATE(csrDb)
return csrDb;
}
const std::shared_ptr<LevelDB> &LevelDB::getCsrStatusDb() {
CHECK_STATE(csrStatusDb)
return csrStatusDb;
}
std::shared_ptr<LevelDB> LevelDB::levelDb = nullptr;
std::shared_ptr<LevelDB> LevelDB::csrDb = nullptr;
std::shared_ptr<LevelDB> LevelDB::csrStatusDb = nullptr;
string LevelDB::sgx_data_folder;
bool LevelDB::isInited = false;
void LevelDB::initDataFolderAndDBs() {
if (isInited)
return;
char cwd[PATH_MAX];
if (getcwd(cwd, sizeof(cwd)) == NULL) {
spdlog::error("could not get cwd");
exit(-1);
}
sgx_data_folder = string(cwd) + "/" + SGXDATA_FOLDER;
struct stat info;
if (stat(sgx_data_folder.c_str(), &info) !=0 ){
spdlog::info("going to create sgx_data folder");
std::string make_sgx_data_folder = "mkdir " + sgx_data_folder;
if (system(make_sgx_data_folder.c_str()) == 0){
spdlog::info("sgx_data folder was created");
}
else{
spdlog::error("creating sgx_data folder failed");
exit(-1);
}
}
auto dbName = sgx_data_folder + WALLETDB_NAME;
levelDb = make_shared<LevelDB>(dbName);
auto csr_dbname = sgx_data_folder + "CSR_DB";
csrDb = make_shared<LevelDB>(csr_dbname);
auto csr_status_dbname = sgx_data_folder + "CSR_STATUS_DB";
csrStatusDb = make_shared<LevelDB>(csr_status_dbname);
}
const string &LevelDB::getSgxDataFolder() {
return sgx_data_folder;
}
LevelDB.h
View file @ 31b40357
...@@ -29,7 +29,7 @@ ...@@ -29,7 +29,7 @@
#include <string> #include <string>
#include <mutex> #include <mutex>
#include <vector> #include <vector>
#include "common.h"
namespace leveldb { namespace leveldb {
class DB; class DB;
class Status; class Status;
...@@ -38,32 +38,54 @@ namespace leveldb { ...@@ -38,32 +38,54 @@ namespace leveldb {
class LevelDB { class LevelDB {
std::recursive_mutex mutex; recursive_mutex mutex;
shared_ptr<leveldb::DB> db;
static bool isInited;
static shared_ptr<LevelDB> levelDb;
static shared_ptr<LevelDB> csrDb;
static shared_ptr<LevelDB> csrStatusDb;
static string sgx_data_folder;
leveldb::DB* db; public:
static void initDataFolderAndDBs();
static const shared_ptr<LevelDB> &getLevelDb();
static const shared_ptr<LevelDB> &getCsrDb();
static const shared_ptr<LevelDB> &getCsrStatusDb();
public: public:
std::shared_ptr<std::string> readString(const std::string& _key); shared_ptr<string> readString(const string& _key);
void writeString(const std::string &key1, const std::string &value1); void writeString(const string &key1, const string &value1);
void writeDataUnique(const std::string & Name, const std::string &value); void writeDataUnique(const string & Name, const string &value);
void writeByteArray(const char *_key, size_t _keyLen, const char *value, void writeByteArray(const char *_key, size_t _keyLen, const char *value,
size_t _valueLen); size_t _valueLen);
void writeByteArray(std::string& _key, const char *value, void writeByteArray(string& _key, const char *value,
size_t _valueLen); size_t _valueLen);
void deleteDHDKGKey (const std::string &_key); void deleteDHDKGKey (const string &_key);
void deleteTempNEK (const std::string &_key); void deleteTempNEK (const string &_key);
void deleteKey(const std::string &_key); void deleteKey(const string &_key);
public: public:
...@@ -71,7 +93,7 @@ public: ...@@ -71,7 +93,7 @@ public:
void throwExceptionOnError(leveldb::Status result); void throwExceptionOnError(leveldb::Status result);
LevelDB(std::string& filename); LevelDB(string& filename);
...@@ -79,23 +101,21 @@ public: ...@@ -79,23 +101,21 @@ public:
class KeyVisitor { class KeyVisitor {
public: public:
virtual void visitDBKey(const char* _data) = 0; virtual void visitDBKey(const char* _data) = 0;
virtual void writeDBKeysToVector(const char* _data, std::vector<const char*> & keys_vect) {} virtual void writeDBKeysToVector(const char* _data, vector<const char*> & keys_vect) {}
}; };
uint64_t visitKeys(KeyVisitor* _visitor, uint64_t _maxKeysToVisit); uint64_t visitKeys(KeyVisitor* _visitor, uint64_t _maxKeysToVisit);
std::vector<std::string> writeKeysToVector1(uint64_t _maxKeysToVisit); vector<string> writeKeysToVector1(uint64_t _maxKeysToVisit);
virtual ~LevelDB(); virtual ~LevelDB();
static const string &getSgxDataFolder();
};
};
extern LevelDB* levelDb;
extern LevelDB* csrDb;
extern LevelDB* csrStatusDb;
#endif #endif
\ No newline at end of file
README.md
View file @ 31b40357
...@@ -80,6 +80,7 @@ sudo docker-compose up ...@@ -80,6 +80,7 @@ sudo docker-compose up
Voila! You should see the "SGX Server started" message. Voila! You should see the "SGX Server started" message.
## Start, stop and upgrade sgxwallet ## Start, stop and upgrade sgxwallet
As any docker-compose application sgxwallet is super easy to use. As any docker-compose application sgxwallet is super easy to use.
...@@ -165,6 +166,7 @@ Reboot you machine after driver install. Do `ls /dev/isgx` to check that `isgx` ...@@ -165,6 +166,7 @@ Reboot you machine after driver install. Do `ls /dev/isgx` to check that `isgx`
If you do not see the `isgx` device, you need to troubleshoot your driver installation. If you do not see the `isgx` device, you need to troubleshoot your driver installation.
## Run sgxwallet in secure SGX mode ## Run sgxwallet in secure SGX mode
Run the latest sgxwallet docker container image in SGX mode Run the latest sgxwallet docker container image in SGX mode
...@@ -176,6 +178,10 @@ sudo docker-compose up -d ...@@ -176,6 +178,10 @@ sudo docker-compose up -d
You should see "SGX Server started message". You should see "SGX Server started message".
Note: on some machines, the SGX device is not `/dev/mei0` but a different device, such
as "/dev/bs0". In this case please edit `docker-compose.yml` on your machine to specify the correct
device to use.
# Development # Development
## Install Prerequisites ## Install Prerequisites
...@@ -229,6 +235,7 @@ Note: to run in simulation mode, add --enable-sgx-simulation flag when you run c ...@@ -229,6 +235,7 @@ Note: to run in simulation mode, add --enable-sgx-simulation flag when you run c
Type: Type:
```bash ```bash
source sgx-sdk-build/sgxsdk/environment;
./sgxwallet ./sgxwallet
``` ```
......
SEKManager.cpp
View file @ 31b40357
...@@ -29,29 +29,28 @@ ...@@ -29,29 +29,28 @@
#include <iostream> #include <iostream>
#include "sgxwallet_common.h" #include "sgxwallet_common.h"
#include "common.h"
#include "sgxwallet.h" #include "sgxwallet.h"
void generate_SEK(){ void generate_SEK(){
char *errMsg = (char *)calloc(1024, 1); vector<char> errMsg(1024,0);
int err_status = 0; int err_status = 0;
uint8_t* encr_SEK = (uint8_t *)calloc(1024, 1); vector<uint8_t> encr_SEK(1024, 0);
uint32_t enc_len = 0; uint32_t enc_len = 0;
status = generate_SEK(eid, &err_status, errMsg, encr_SEK, &enc_len); status = generate_SEK(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len);
if ( err_status != 0 ){ if ( err_status != 0 ){
std::cerr << "RPCException thrown" << std::endl; cerr << "RPCException thrown" << endl;
throw RPCException(-666, errMsg) ; throw RPCException(-666, errMsg.data()) ;
} }
char *hexEncrKey = (char *) calloc(2*enc_len + 1, 1); vector<char> hexEncrKey(2*enc_len + 1, 0);
carray2Hex(encr_SEK, enc_len, hexEncrKey);
std::cerr << "key is " << errMsg << std::endl; carray2Hex(encr_SEK.data(), enc_len, hexEncrKey.data());
levelDb->writeDataUnique("SEK", hexEncrKey); cerr << "key is " << errMsg.data() << endl;
LevelDB::getLevelDb()->writeDataUnique("SEK", hexEncrKey.data());
free(errMsg);
free(encr_SEK);
free(hexEncrKey);
} }
SGXRegistrationServer.cpp
View file @ 31b40357
...@@ -44,6 +44,7 @@ ...@@ -44,6 +44,7 @@
#include "LevelDB.h" #include "LevelDB.h"
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h"
int DEBUG_PRINT = 0; int DEBUG_PRINT = 0;
int is_sgx_https = 1; int is_sgx_https = 1;
...@@ -64,30 +65,30 @@ SGXRegistrationServer::SGXRegistrationServer(AbstractServerConnector &connector, ...@@ -64,30 +65,30 @@ SGXRegistrationServer::SGXRegistrationServer(AbstractServerConnector &connector,
: AbstractRegServer(connector, type), is_cert_created(false), cert_auto_sign(auto_sign) {} : AbstractRegServer(connector, type), is_cert_created(false), cert_auto_sign(auto_sign) {}
Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){ Json::Value SignCertificateImpl(const string& csr, bool auto_sign = false){
Json::Value result; Json::Value result;
result["status"] = 0; result["status"] = 0;
result["errorMessage"] = ""; result["errorMessage"] = "";
try{ try{
spdlog::info("enter SignCertificateImpl"); spdlog::info("enter SignCertificateImpl");
std::string status = "1"; string status = "1";
std::string hash = cryptlite::sha256::hash_hex(csr); string hash = cryptlite::sha256::hash_hex(csr);
if ( !auto_sign) { if ( !auto_sign) {
std::string db_key = "CSR:HASH:" + hash; string db_key = "CSR:HASH:" + hash;
csrDb->writeDataUnique(db_key, csr); LevelDB::getCsrStatusDb()->writeDataUnique(db_key, csr);
} }
if (auto_sign) { if (auto_sign) {
std::string csr_name = "cert/" + hash + ".csr"; string csr_name = "cert/" + hash + ".csr";
std::ofstream outfile(csr_name); ofstream outfile(csr_name);
outfile << csr << std::endl; outfile << csr << endl;
outfile.close(); outfile.close();
if (access(csr_name.c_str(), F_OK) != 0) { if (access(csr_name.c_str(), F_OK) != 0) {
throw RPCException(FILE_NOT_FOUND, "Csr does not exist"); throw RPCException(FILE_NOT_FOUND, "Csr does not exist");
} }
std::string genCert = "cd cert && ./create_client_cert " + hash; string genCert = "cd cert && ./create_client_cert " + hash;
if (system(genCert.c_str()) == 0){ if (system(genCert.c_str()) == 0){
spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED"); spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED");
...@@ -95,8 +96,8 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){ ...@@ -95,8 +96,8 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){
} }
else{ else{
spdlog::info("CLIENT CERTIFICATE GENERATION FAILED"); spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
std::string status_db_key = "CSR:HASH:" + hash + "STATUS:"; string status_db_key = "CSR:HASH:" + hash + "STATUS:";
csrStatusDb->writeDataUnique(status_db_key, std::to_string(FAIL_TO_CREATE_CERTIFICATE)); LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(FAIL_TO_CREATE_CERTIFICATE));
throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED"); throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
//exit(-1); //exit(-1);
} }
...@@ -105,11 +106,11 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){ ...@@ -105,11 +106,11 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){
result["result"] = true; result["result"] = true;
result["hash"] = hash; result["hash"] = hash;
std::string db_key = "CSR:HASH:" + hash + "STATUS:"; string db_key = "CSR:HASH:" + hash + "STATUS:";
csrStatusDb->writeDataUnique(db_key, status); LevelDB::getCsrStatusDb()->writeDataUnique(db_key, status);
} catch (RPCException &_e) { } catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl; cerr << " err str " << _e.errString << endl;
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
result["result"] = false; result["result"] = false;
...@@ -118,26 +119,26 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){ ...@@ -118,26 +119,26 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){
return result; return result;
} }
Json::Value GetSertificateImpl(const std::string& hash){ Json::Value GetSertificateImpl(const string& hash){
Json::Value result; Json::Value result;
std::string cert; string cert;
try{ try{
std::string db_key = "CSR:HASH:" + hash + "STATUS:"; string db_key = "CSR:HASH:" + hash + "STATUS:";
std::shared_ptr<string> status_str_ptr = csrStatusDb->readString(db_key); shared_ptr<string> status_str_ptr = LevelDB::getCsrStatusDb()->readString(db_key);
if (status_str_ptr == nullptr){ if (status_str_ptr == nullptr){
throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist in csr db"); throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist in csr db");
} }
int status = std::atoi(status_str_ptr->c_str()); int status = atoi(status_str_ptr->c_str());
if ( status == 0){ if ( status == 0){
std::string crt_name = "cert/" + hash + ".crt"; string crt_name = "cert/" + hash + ".crt";
//if (access(crt_name.c_str(), F_OK) == 0){ //if (access(crt_name.c_str(), F_OK) == 0){
std::ifstream infile(crt_name); ifstream infile(crt_name);
if (!infile.is_open()) { if (!infile.is_open()) {
std::string status_db_key = "CSR:HASH:" + hash + "STATUS:"; string status_db_key = "CSR:HASH:" + hash + "STATUS:";
csrStatusDb->deleteKey(status_db_key); LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
csrStatusDb->writeDataUnique(status_db_key, std::to_string(FILE_NOT_FOUND)); LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(FILE_NOT_FOUND));
throw RPCException(FILE_NOT_FOUND, "Certificate does not exist"); throw RPCException(FILE_NOT_FOUND, "Certificate does not exist");
} else { } else {
ostringstream ss; ostringstream ss;
...@@ -145,9 +146,9 @@ Json::Value GetSertificateImpl(const std::string& hash){ ...@@ -145,9 +146,9 @@ Json::Value GetSertificateImpl(const std::string& hash){
cert = ss.str(); cert = ss.str();
infile.close(); infile.close();
std::string remove_crt = "cd cert && rm -rf " + hash + ".crt && rm -rf " + hash + ".csr"; string remove_crt = "cd cert && rm -rf " + hash + ".crt && rm -rf " + hash + ".csr";
if(system(remove_crt.c_str()) == 0){ if(system(remove_crt.c_str()) == 0){
//std::cerr << "cert removed" << std::endl; //cerr << "cert removed" << endl;
spdlog::info(" cert removed "); spdlog::info(" cert removed ");
} }
...@@ -162,7 +163,7 @@ Json::Value GetSertificateImpl(const std::string& hash){ ...@@ -162,7 +163,7 @@ Json::Value GetSertificateImpl(const std::string& hash){
result["cert"] = cert; result["cert"] = cert;
} catch (RPCException &_e) { } catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl; cerr << " err str " << _e.errString << endl;
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
} }
...@@ -171,13 +172,13 @@ Json::Value GetSertificateImpl(const std::string& hash){ ...@@ -171,13 +172,13 @@ Json::Value GetSertificateImpl(const std::string& hash){
} }
Json::Value SGXRegistrationServer::SignCertificate(const std::string& csr){ Json::Value SGXRegistrationServer::SignCertificate(const string& csr){
spdlog::info("Enter SignCertificate "); spdlog::info("Enter SignCertificate ");
lock_guard<recursive_mutex> lock(m); lock_guard<recursive_mutex> lock(m);
return SignCertificateImpl(csr, cert_auto_sign); return SignCertificateImpl(csr, cert_auto_sign);
} }
Json::Value SGXRegistrationServer::GetCertificate(const std::string& hash){ Json::Value SGXRegistrationServer::GetCertificate(const string& hash){
lock_guard<recursive_mutex> lock(m); lock_guard<recursive_mutex> lock(m);
return GetSertificateImpl(hash); return GetSertificateImpl(hash);
} }
...@@ -191,19 +192,19 @@ void SGXRegistrationServer::set_cert_created(bool b){ ...@@ -191,19 +192,19 @@ void SGXRegistrationServer::set_cert_created(bool b){
int init_registration_server(bool sign_automatically) { int init_registration_server(bool sign_automatically) {
// std::string certPath = "cert/SGXCACertificate.crt"; // string certPath = "cert/SGXCACertificate.crt";
// std::string keyPath = "cert/SGXCACertificate.key"; // string keyPath = "cert/SGXCACertificate.key";
// //
// if (access(certPath.c_str(), F_OK) != 0){ // if (access(certPath.c_str(), F_OK) != 0){
// std::cerr << "CERTIFICATE IS GOING TO BE CREATED" << std::endl; // cerr << "CERTIFICATE IS GOING TO BE CREATED" << endl;
// //
// std::string genCert = "cd cert && ./self-signed-tls -c=US -s=California -l=San-Francisco -o=\"Skale Labs\" -u=\"Department of Software Engineering\" -n=\"SGXCACertificate\" -e=info@skalelabs.com"; // string genCert = "cd cert && ./self-signed-tls -c=US -s=California -l=San-Francisco -o=\"Skale Labs\" -u=\"Department of Software Engineering\" -n=\"SGXCACertificate\" -e=info@skalelabs.com";
// //
// if (system(genCert.c_str()) == 0){ // if (system(genCert.c_str()) == 0){
// std::cerr << "CERTIFICATE IS SUCCESSFULLY GENERATED" << std::endl; // cerr << "CERTIFICATE IS SUCCESSFULLY GENERATED" << endl;
// } // }
// else{ // else{
// std::cerr << "CERTIFICATE GENERATION FAILED" << std::endl; // cerr << "CERTIFICATE GENERATION FAILED" << endl;
// exit(-1); // exit(-1);
// } // }
// } // }
......
SGXWalletServer.cpp
View file @ 31b40357
This diff is collapsed.
ServerDataChecker.cpp
View file @ 31b40357
...@@ -28,14 +28,15 @@ ...@@ -28,14 +28,15 @@
#include <iostream> #include <iostream>
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h"
std::vector<std::string> SplitString(const std::string& str, const std::string& delim = ":"){ vector<string> SplitString(const string& str, const string& delim = ":"){
std::vector<std::string> tokens; vector<string> tokens;
size_t prev = 0, pos = 0; size_t prev = 0, pos = 0;
do { do {
pos = str.find(delim, prev); pos = str.find(delim, prev);
if (pos == std::string::npos) pos = str.length(); if (pos == string::npos) pos = str.length();
std::string token = str.substr(prev, pos-prev); string token = str.substr(prev, pos-prev);
if (!token.empty()) tokens.push_back(token); if (!token.empty()) tokens.push_back(token);
prev = pos + delim.length(); prev = pos + delim.length();
} while (pos < str.length() && prev < str.length()); } while (pos < str.length() && prev < str.length());
...@@ -43,8 +44,8 @@ std::vector<std::string> SplitString(const std::string& str, const std::string& ...@@ -43,8 +44,8 @@ std::vector<std::string> SplitString(const std::string& str, const std::string&
return tokens; return tokens;
} }
bool checkECDSAKeyName(const std::string& keyName) { bool checkECDSAKeyName(const string& keyName) {
std::vector<std::string> parts = SplitString(keyName); vector<string> parts = SplitString(keyName);
if (parts.size() != 2) { if (parts.size() != 2) {
spdlog::info("ECDSAKeyName num parts != 2"); spdlog::info("ECDSAKeyName num parts != 2");
return false; return false;
...@@ -69,7 +70,7 @@ bool checkECDSAKeyName(const std::string& keyName) { ...@@ -69,7 +70,7 @@ bool checkECDSAKeyName(const std::string& keyName) {
return true; return true;
} }
bool checkHex(const std::string& hex, const uint32_t sizeInBytes){ bool checkHex(const string& hex, const uint32_t sizeInBytes){
if ( hex.length() > sizeInBytes * 2 || hex.length() == 0){ if ( hex.length() > sizeInBytes * 2 || hex.length() == 0){
return false; return false;
} }
...@@ -86,8 +87,8 @@ bool checkHex(const std::string& hex, const uint32_t sizeInBytes){ ...@@ -86,8 +87,8 @@ bool checkHex(const std::string& hex, const uint32_t sizeInBytes){
return true; return true;
} }
bool checkName (const std::string& Name, const std::string& prefix){ bool checkName (const string& Name, const string& prefix){
std::vector<std::string> parts = SplitString(Name); vector<string> parts = SplitString(Name);
if ( parts.size() != 7) { if ( parts.size() != 7) {
spdlog::info("parts.size() != 7"); spdlog::info("parts.size() != 7");
return false; return false;
......
ServerInit.cpp
View file @ 31b40357
...@@ -72,37 +72,10 @@ void init_daemon() { ...@@ -72,37 +72,10 @@ void init_daemon() {
libff::init_alt_bn128_params(); libff::init_alt_bn128_params();
char cwd[PATH_MAX]; LevelDB::initDataFolderAndDBs();
if (getcwd(cwd, sizeof(cwd)) == NULL) {
spdlog::error("could not get cwd");
exit(-1);
}
std::string sgx_data_folder = string(cwd) + "/" + SGXDATA_FOLDER;
struct stat info;
if (stat(sgx_data_folder.c_str(), &info) !=0 ){
spdlog::info("going to create sgx_data folder");
std::string make_sgx_data_folder = "mkdir " + sgx_data_folder;
if (system(make_sgx_data_folder.c_str()) == 0){
spdlog::info("sgx_data folder was created");
}
else{
spdlog::error("creating sgx_data folder failed");
exit(-1);
}
}
static std::string dbName = sgx_data_folder + WALLETDB_NAME;
levelDb = new LevelDB(dbName);
static std::string csr_dbname = sgx_data_folder + "CSR_DB";
csrDb = new LevelDB(csr_dbname);
static std::string csr_status_dbname = sgx_data_folder + "CSR_STATUS_DB";
csrStatusDb = new LevelDB(csr_status_dbname);
std::shared_ptr<std::string> encr_SEK_ptr = levelDb->readString("SEK"); std::shared_ptr<std::string> encr_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
if (encr_SEK_ptr == nullptr){ if (encr_SEK_ptr == nullptr){
spdlog::info("SEK was not created yet"); spdlog::info("SEK was not created yet");
generate_SEK(); generate_SEK();
...@@ -116,9 +89,10 @@ void init_enclave() { ...@@ -116,9 +89,10 @@ void init_enclave() {
eid = 0; eid = 0;
updated = 0; updated = 0;
unsigned long support;
#ifndef SGX_HW_SIM #ifndef SGX_HW_SIM
unsigned long support;
support = get_sgx_support(); support = get_sgx_support();
if (!SGX_OK(support)) { if (!SGX_OK(support)) {
sgx_support_perror(support); sgx_support_perror(support);
...@@ -170,8 +144,6 @@ void init_all(bool check_cert, bool sign_automatically) { ...@@ -170,8 +144,6 @@ void init_all(bool check_cert, bool sign_automatically) {
sgxServerInited = 1; sgxServerInited = 1;
init_daemon();
if (is_sgx_https) { if (is_sgx_https) {
init_https_server(check_cert); init_https_server(check_cert);
init_registration_server(sign_automatically); init_registration_server(sign_automatically);
......
ServerInit.h
View file @ 31b40357
...@@ -31,7 +31,6 @@ ...@@ -31,7 +31,6 @@
#endif #endif
EXTERNC void init_all(bool check_cert, bool sign_automatically); EXTERNC void init_all(bool check_cert, bool sign_automatically);
EXTERNC void init_daemon(); EXTERNC void init_daemon();
......
aclocal.m4 deleted 100644 → 0
View file @ b099b4fb
This diff is collapsed.
common.h 0 → 100644
View file @ 31b40357
//
// Created by kladko on 25.01.20.
//
#ifndef SGXWALLET_COMMON_H
#define SGXWALLET_COMMON_H
using namespace std;
#include <stdlib.h>
#include <iostream>
#include <map>
#include <memory>
#define CHECK_ARGUMENT(_EXPRESSION_) \
if (!(_EXPRESSION_)) { \
auto __msg__ = string("Argument Check failed:") + #_EXPRESSION_ + "\n" + __CLASS_NAME__ + ":" + __FUNCTION__ + \
+ " " + string(__FILE__) + ":" + to_string(__LINE__); \
throw runtime_error(__msg__);}
#define CHECK_STATE(_EXPRESSION_) \
if (!(_EXPRESSION_)) { \
auto __msg__ = string("State check failed::") + #_EXPRESSION_ + " " + string(__FILE__) + ":" + to_string(__LINE__); \
throw runtime_error(__msg__);}
#endif //SGXWALLET_COMMON_H
compile deleted 120000 → 0
View file @ b099b4fb
/usr/share/automake-1.16/compile
\ No newline at end of file
depcomp deleted 120000 → 0
View file @ b099b4fb
/usr/share/automake-1.16/depcomp
\ No newline at end of file
install-sh deleted 120000 → 0
View file @ b099b4fb
/usr/share/automake-1.16/install-sh
\ No newline at end of file
missing deleted 120000 → 0
View file @ b099b4fb
/usr/share/automake-1.16/missing
\ No newline at end of file
run_sgx_sim/docker-compose.yml
View file @ 31b40357
...@@ -9,5 +9,5 @@ services: ...@@ -9,5 +9,5 @@ services:
volumes: volumes:
- ./sgx_data:/usr/src/sdk/sgx_data - ./sgx_data:/usr/src/sdk/sgx_data
restart: unless-stopped restart: unless-stopped
command: -s command: -s -d
scripts/docker_test.py 0 → 100755
View file @ 31b40357
#!/usr/bin/env python
#
# @file docker_test.py
# @author Stan Kladko
# @date 2020
#
import sys
import os
import subprocess
import socket
assert os.path.isdir('sgx_data/sgxwallet.db')
assert os.path.isdir('sgx_data/cert_data');
assert os.path.isdir('sgx_data/CSR_DB');
assert os.path.isdir('sgx_data/CSR_STATUS_DB');
assert os.path.isfile('sgx_data/cert_data/SGXServerCert.crt')
assert os.path.isfile('sgx_data/cert_data/SGXServerCert.key')
assert os.path.isfile('sgx_data/cert_data/rootCA.pem')
assert os.path.isfile('sgx_data/cert_data/rootCA.key')
s1 = socket.socket()
s2 = socket.socket()
s3 = socket.socket()
address = '127.0.0.1'
s1.connect((address, 1026))
s2.connect((address, 1027))
s3.connect((address, 1028))
s1.close()
s2.close()
s3.close()
secure_enclave/Makefile.in
View file @ 31b40357
# Makefile.in generated by automake 1.16.1 from Makefile.am. # Makefile.in generated by automake 1.15.1 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc. # Copyright (C) 1994-2017 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
...@@ -137,16 +137,7 @@ am__v_at_0 = @ ...@@ -137,16 +137,7 @@ am__v_at_0 = @
am__v_at_1 = am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp depcomp = $(SHELL) $(top_srcdir)/depcomp
am__maybe_remake_depfiles = depfiles am__depfiles_maybe = depfiles
am__depfiles_remade = ./$(DEPDIR)/AESUtils.Po \
./$(DEPDIR)/BLSEnclave.Po ./$(DEPDIR)/DH_dkg.Po \
./$(DEPDIR)/DKGUtils.Po ./$(DEPDIR)/alt_bn128_g1.Po \
./$(DEPDIR)/alt_bn128_g2.Po ./$(DEPDIR)/alt_bn128_init.Po \
./$(DEPDIR)/curves.Po ./$(DEPDIR)/domain_parameters.Po \
./$(DEPDIR)/numbertheory.Po ./$(DEPDIR)/point.Po \
./$(DEPDIR)/secure_enclave.Po ./$(DEPDIR)/secure_enclave_t.Po \
./$(DEPDIR)/signature.Po ./$(DEPDIR)/signed_enclave_debug.Po \
./$(DEPDIR)/signed_enclave_rel.Po
am__mv = mv -f am__mv = mv -f
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
...@@ -375,8 +366,8 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status ...@@ -375,8 +366,8 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
*config.status*) \ *config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \ *) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
esac; esac;
$(top_srcdir)/build-aux/sgx_enclave.am $(am__empty): $(top_srcdir)/build-aux/sgx_enclave.am $(am__empty):
...@@ -441,28 +432,22 @@ mostlyclean-compile: ...@@ -441,28 +432,22 @@ mostlyclean-compile:
distclean-compile: distclean-compile:
-rm -f *.tab.c -rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/AESUtils.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/AESUtils.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/curves.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/curves.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domain_parameters.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domain_parameters.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numbertheory.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numbertheory.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/point.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/point.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signature.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signature.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@
$(am__depfiles_remade):
@$(MKDIR_P) $(@D)
@echo '# dummy' >$@-t && $(am__mv) $@-t $@
am--depfiles: $(am__depfiles_remade)
.c.o: .c.o:
@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
...@@ -586,10 +571,7 @@ cscopelist-am: $(am__tagged_files) ...@@ -586,10 +571,7 @@ cscopelist-am: $(am__tagged_files)
distclean-tags: distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(BUILT_SOURCES) distdir: $(DISTFILES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
distdir-am: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
list='$(DISTFILES)'; \ list='$(DISTFILES)'; \
...@@ -662,22 +644,7 @@ clean: clean-am ...@@ -662,22 +644,7 @@ clean: clean-am
clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am
distclean: distclean-am distclean: distclean-am
-rm -f ./$(DEPDIR)/AESUtils.Po -rm -rf ./$(DEPDIR)
-rm -f ./$(DEPDIR)/BLSEnclave.Po
-rm -f ./$(DEPDIR)/DH_dkg.Po
-rm -f ./$(DEPDIR)/DKGUtils.Po
-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
-rm -f ./$(DEPDIR)/alt_bn128_g2.Po
-rm -f ./$(DEPDIR)/alt_bn128_init.Po
-rm -f ./$(DEPDIR)/curves.Po
-rm -f ./$(DEPDIR)/domain_parameters.Po
-rm -f ./$(DEPDIR)/numbertheory.Po
-rm -f ./$(DEPDIR)/point.Po
-rm -f ./$(DEPDIR)/secure_enclave.Po
-rm -f ./$(DEPDIR)/secure_enclave_t.Po
-rm -f ./$(DEPDIR)/signature.Po
-rm -f ./$(DEPDIR)/signed_enclave_debug.Po
-rm -f ./$(DEPDIR)/signed_enclave_rel.Po
-rm -f Makefile -rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \ distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags distclean-tags
...@@ -723,22 +690,7 @@ install-ps-am: ...@@ -723,22 +690,7 @@ install-ps-am:
installcheck-am: installcheck-am:
maintainer-clean: maintainer-clean-am maintainer-clean: maintainer-clean-am
-rm -f ./$(DEPDIR)/AESUtils.Po -rm -rf ./$(DEPDIR)
-rm -f ./$(DEPDIR)/BLSEnclave.Po
-rm -f ./$(DEPDIR)/DH_dkg.Po
-rm -f ./$(DEPDIR)/DKGUtils.Po
-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
-rm -f ./$(DEPDIR)/alt_bn128_g2.Po
-rm -f ./$(DEPDIR)/alt_bn128_init.Po
-rm -f ./$(DEPDIR)/curves.Po
-rm -f ./$(DEPDIR)/domain_parameters.Po
-rm -f ./$(DEPDIR)/numbertheory.Po
-rm -f ./$(DEPDIR)/point.Po
-rm -f ./$(DEPDIR)/secure_enclave.Po
-rm -f ./$(DEPDIR)/secure_enclave_t.Po
-rm -f ./$(DEPDIR)/signature.Po
-rm -f ./$(DEPDIR)/signed_enclave_debug.Po
-rm -f ./$(DEPDIR)/signed_enclave_rel.Po
-rm -f Makefile -rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic maintainer-clean-am: distclean-am maintainer-clean-generic
...@@ -758,19 +710,19 @@ uninstall-am: uninstall-libexecPROGRAMS ...@@ -758,19 +710,19 @@ uninstall-am: uninstall-libexecPROGRAMS
.MAKE: install-am install-strip .MAKE: install-am install-strip
.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \ .PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
clean-generic clean-libexecPROGRAMS cscopelist-am ctags \ clean-libexecPROGRAMS cscopelist-am ctags ctags-am distclean \
ctags-am distclean distclean-compile distclean-generic \ distclean-compile distclean-generic distclean-tags distdir dvi \
distclean-tags distdir dvi dvi-am html html-am info info-am \ dvi-am html html-am info info-am install install-am \
install install-am install-data install-data-am install-dvi \ install-data install-data-am install-dvi install-dvi-am \
install-dvi-am install-exec install-exec-am install-html \ install-exec install-exec-am install-html install-html-am \
install-html-am install-info install-info-am \ install-info install-info-am install-libexecPROGRAMS \
install-libexecPROGRAMS install-man install-pdf install-pdf-am \ install-man install-pdf install-pdf-am install-ps \
install-ps install-ps-am install-strip installcheck \ install-ps-am install-strip installcheck installcheck-am \
installcheck-am installdirs maintainer-clean \ installdirs maintainer-clean maintainer-clean-generic \
maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean mostlyclean-compile mostlyclean-generic pdf pdf-am \
mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \ ps ps-am tags tags-am uninstall uninstall-am \
uninstall-am uninstall-libexecPROGRAMS uninstall-libexecPROGRAMS
.PRECIOUS: Makefile .PRECIOUS: Makefile
......
testw.cpp
View file @ 31b40357
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment