Unverified Commit 3f465b67 authored by kladko's avatar kladko

Merge branch 'develop' of https://github.com/skalenetwork/sgxwallet into develop

 Conflicts:
	LevelDB.h
parents 43ccd5ad 82824ef2
...@@ -20,3 +20,4 @@ jobs: ...@@ -20,3 +20,4 @@ jobs:
run: docker build . --file Dockerfile --tag skalenetwork/sgxwallet:latest run: docker build . --file Dockerfile --tag skalenetwork/sgxwallet:latest
- name: push docker image - name: push docker image
run: docker push skalenetwork/sgxwallet:latest run: docker push skalenetwork/sgxwallet:latest
...@@ -18,6 +18,10 @@ jobs: ...@@ -18,6 +18,10 @@ jobs:
run: git submodule update --init --recursive run: git submodule update --init --recursive
- name: Build the Docker image - name: Build the Docker image
run: docker build . --file DockerfileSimulation --tag skalenetwork/sgxwalletsim:latest run: docker build . --file DockerfileSimulation --tag skalenetwork/sgxwalletsim:latest
- name: run docker image
run: docker run -v ${PWD}/sgx_data:/usr/src/sdk/sgx_data -d --network=host skalenetwork/sgxwalletsim:latest
- name: sleep and check
run: sleep 5; scripts/docker_test.py
- name: push docker image - name: push docker image
run: docker push skalenetwork/sgxwalletsim:latest run: docker push skalenetwork/sgxwalletsim:latest
# Created by .ignore support plugin (hsz.mobi) # Created by .ignore support plugin (hsz.mobi)
.idea/ .idea/
sgx-gmp/
gmp-build gmp-build
tgmp-build tgmp-build
install-sh install-sh
...@@ -13,6 +14,10 @@ secure_enclave.edl ...@@ -13,6 +14,10 @@ secure_enclave.edl
am--include-marker am--include-marker
*.o *.o
aclocal.m4 aclocal.m4
missing
compile
depcomp
ltmain.sh
secure_enclave.signed.so secure_enclave.signed.so
sgxgmpmath sgxgmpmath
sgxgmppi sgxgmppi
......
...@@ -16,3 +16,6 @@ ...@@ -16,3 +16,6 @@
[submodule "sgx-software-enable"] [submodule "sgx-software-enable"]
path = sgx-software-enable path = sgx-software-enable
url = https://github.com/intel/sgx-software-enable url = https://github.com/intel/sgx-software-enable
[submodule "github-markdown-toc"]
path = github-markdown-toc
url = https://github.com/ekalinin/github-markdown-toc.git
...@@ -51,6 +51,7 @@ ...@@ -51,6 +51,7 @@
#include "RPCException.h" #include "RPCException.h"
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h"
int char2int(char _input) { int char2int(char _input) {
if (_input >= '0' && _input <= '9') if (_input >= '0' && _input <= '9')
...@@ -135,11 +136,11 @@ bool hex2carray2(const char * _hex, uint64_t *_bin_len, ...@@ -135,11 +136,11 @@ bool hex2carray2(const char * _hex, uint64_t *_bin_len,
bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t _n, size_t _signerIndex, bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t _n, size_t _signerIndex,
char* _sig) { char* _sig) {
//std::cerr << "ENTER SIGN" << std::endl; //cerr << "ENTER SIGN" << endl;
auto keyStr = std::make_shared<std::string>(_encryptedKeyHex); auto keyStr = make_shared<string>(_encryptedKeyHex);
auto hash = std::make_shared<std::array<uint8_t, 32>>(); auto hash = make_shared<array<uint8_t, 32>>();
uint64_t binLen; uint64_t binLen;
...@@ -150,9 +151,9 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t ...@@ -150,9 +151,9 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t
auto keyShare = std::make_shared<BLSPrivateKeyShareSGX>(keyStr, _t, _n); auto keyShare = make_shared<BLSPrivateKeyShareSGX>(keyStr, _t, _n);
//std::cerr << "keyShare created" << std::endl; //cerr << "keyShare created" << endl;
// { // {
auto sigShare = keyShare->signWithHelperSGX(hash, _signerIndex); auto sigShare = keyShare->signWithHelperSGX(hash, _signerIndex);
// } // }
...@@ -161,14 +162,14 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t ...@@ -161,14 +162,14 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t
strncpy(_sig, sigShareStr->c_str(), BUF_LEN); strncpy(_sig, sigShareStr->c_str(), BUF_LEN);
//std::string sigShareStr = keyShare->signWithHelperSGXstr(hash, _signerIndex); //string sigShareStr = keyShare->signWithHelperSGXstr(hash, _signerIndex);
//strncpy(_sig, sigShareStr.c_str(), BUF_LEN); //strncpy(_sig, sigShareStr.c_str(), BUF_LEN);
// std::string test_sig = "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855:9810286616503120081238481858289626967170509983220853777870754480048381194141:5"; // string test_sig = "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855:9810286616503120081238481858289626967170509983220853777870754480048381194141:5";
// auto sig_ptr = std::make_shared<std::string>(test_sig); // auto sig_ptr = make_shared<string>(test_sig);
// strncpy(_sig, sig_ptr->c_str(), BUF_LEN); // strncpy(_sig, sig_ptr->c_str(), BUF_LEN);
//std::cerr<< "sig " << _sig <<std::endl; //cerr<< "sig " << _sig <<endl;
return true; return true;
...@@ -185,10 +186,12 @@ char *encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key) ...@@ -185,10 +186,12 @@ char *encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key)
unsigned int encryptedLen = 0; unsigned int encryptedLen = 0;
status = encrypt_key(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen); //status = encrypt_key(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
status = encrypt_key_aes(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
if (DEBUG_PRINT) { if (DEBUG_PRINT) {
spdlog::info("errStatus is {}",*errStatus, " errMsg is ", errMsg ); spdlog::info("errStatus is {}",*errStatus);
spdlog::info(" errMsg is ", errMsg );
} }
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
...@@ -224,7 +227,8 @@ char *decryptBLSKeyShareFromHex(int *errStatus, char *errMsg, const char *_encry ...@@ -224,7 +227,8 @@ char *decryptBLSKeyShareFromHex(int *errStatus, char *errMsg, const char *_encry
char *plaintextKey = (char *) calloc(BUF_LEN, 1); char *plaintextKey = (char *) calloc(BUF_LEN, 1);
status = decrypt_key(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey); //status = decrypt_key(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
status = decrypt_key_aes(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
return nullptr; return nullptr;
......
...@@ -21,7 +21,7 @@ ...@@ -21,7 +21,7 @@
@date 2019 @date 2019
*/ */
using namespace std;
#include "BLSSigShare.h" #include "BLSSigShare.h"
#include "BLSSignature.h" #include "BLSSignature.h"
...@@ -33,6 +33,7 @@ using namespace std; ...@@ -33,6 +33,7 @@ using namespace std;
#include "BLSCrypto.h" #include "BLSCrypto.h"
#include "ServerInit.h" #include "ServerInit.h"
#include "common.h"
#include "BLSPrivateKeyShareSGX.h" #include "BLSPrivateKeyShareSGX.h"
......
cmake_minimum_required(VERSION 3.12) cmake_minimum_required(VERSION 3.15)
project(sgxd) project(sgxwallet)
set(CMAKE_CXX_STANDARD 14) set(CMAKE_CXX_STANDARD 14)
include_directories(.) include_directories(.)
include_directories(libff/libff/algebra/curves/alt_bn128)
include_directories(libff/libff/algebra/curves/bn128)
include_directories(libff/libff/algebra/curves/edwards)
include_directories(libff/libff/algebra/curves/mnt)
include_directories(libff/libff/algebra/curves/mnt/mnt4)
include_directories(libff/libff/algebra/curves/mnt/mnt6)
include_directories(libff/libff/common/default_types)
include_directories(secure_enclave) include_directories(secure_enclave)
include_directories(sgx-software-enable)
include_directories(tgmp-build)
include_directories(tgmp-build/include)
add_custom_target(sgxd COMMAND make all add_executable(sgxwallet
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} secure_enclave/AESUtils.c
SOURCES secure_enclave/AESUtils.h
libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp
libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.hpp
libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp
libff/libff/algebra/curves/alt_bn128/alt_bn128_init.hpp
libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.cpp
libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp
libff/libff/algebra/curves/bn128/bn128_g1.cpp
libff/libff/algebra/curves/bn128/bn128_g1.hpp
libff/libff/algebra/curves/bn128/bn128_g2.cpp
libff/libff/algebra/curves/bn128/bn128_g2.hpp
libff/libff/algebra/curves/bn128/bn128_gt.cpp
libff/libff/algebra/curves/bn128/bn128_gt.hpp
libff/libff/algebra/curves/bn128/bn128_init.cpp
libff/libff/algebra/curves/bn128/bn128_init.hpp
libff/libff/algebra/curves/bn128/bn128_pairing.cpp
libff/libff/algebra/curves/bn128/bn128_pairing.hpp
libff/libff/algebra/curves/bn128/bn128_pp.cpp
libff/libff/algebra/curves/bn128/bn128_pp.hpp
libff/libff/algebra/curves/bn128/bn_utils.hpp
libff/libff/algebra/curves/bn128/bn_utils.tcc
libff/libff/algebra/curves/edwards/edwards_g1.cpp
libff/libff/algebra/curves/edwards/edwards_g1.hpp
libff/libff/algebra/curves/edwards/edwards_g2.cpp
libff/libff/algebra/curves/edwards/edwards_g2.hpp
libff/libff/algebra/curves/edwards/edwards_init.cpp
libff/libff/algebra/curves/edwards/edwards_init.hpp
libff/libff/algebra/curves/edwards/edwards_pairing.cpp
libff/libff/algebra/curves/edwards/edwards_pairing.hpp
libff/libff/algebra/curves/edwards/edwards_pp.cpp
libff/libff/algebra/curves/edwards/edwards_pp.hpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_g1.cpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_g1.hpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_g2.cpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_g2.hpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_init.cpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_init.hpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_pairing.cpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_pairing.hpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_pp.cpp
libff/libff/algebra/curves/mnt/mnt4/mnt4_pp.hpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_g1.cpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_g1.hpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_g2.cpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_g2.hpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_init.cpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_init.hpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_pairing.cpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_pairing.hpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_pp.cpp
libff/libff/algebra/curves/mnt/mnt6/mnt6_pp.hpp
libff/libff/algebra/curves/mnt/mnt46_common.cpp
libff/libff/algebra/curves/mnt/mnt46_common.hpp
libff/libff/algebra/curves/tests/test_bilinearity.cpp
libff/libff/algebra/curves/tests/test_groups.cpp
libff/libff/algebra/curves/curve_utils.hpp
libff/libff/algebra/curves/curve_utils.tcc
libff/libff/algebra/curves/public_params.hpp
libff/libff/algebra/exponentiation/exponentiation.hpp
libff/libff/algebra/exponentiation/exponentiation.tcc
libff/libff/algebra/fields/tests/test_fields.cpp
libff/libff/algebra/fields/bigint.hpp
libff/libff/algebra/fields/bigint.tcc
libff/libff/algebra/fields/field_utils.hpp
libff/libff/algebra/fields/field_utils.tcc
libff/libff/algebra/fields/fp.hpp
libff/libff/algebra/fields/fp.tcc
libff/libff/algebra/fields/fp_aux.tcc
libff/libff/algebra/scalar_multiplication/multiexp.hpp
libff/libff/algebra/scalar_multiplication/multiexp.tcc
libff/libff/algebra/scalar_multiplication/multiexp_profile.cpp
libff/libff/algebra/scalar_multiplication/wnaf.hpp
libff/libff/algebra/scalar_multiplication/wnaf.tcc
libff/libff/common/default_types/ec_pp.hpp
libff/libff/common/double.cpp
libff/libff/common/double.hpp
libff/libff/common/profiling.cpp
libff/libff/common/profiling.hpp
libff/libff/common/rng.hpp
libff/libff/common/rng.tcc
libff/libff/common/template_utils.hpp
libff/libff/common/utils.cpp
libff/libff/common/utils.hpp
libff/libff/common/utils.tcc
secure_enclave/BLSEnclave.cpp secure_enclave/BLSEnclave.cpp
secure_enclave/BLSEnclave.h secure_enclave/BLSEnclave.h
secure_enclave/curves.c
secure_enclave/curves.h
secure_enclave/DH_dkg.c
secure_enclave/DH_dkg.h
secure_enclave/DKGUtils.cpp
secure_enclave/DKGUtils.h
secure_enclave/domain_parameters.c
secure_enclave/domain_parameters.h
secure_enclave/enclave_common.h
secure_enclave/numbertheory.c
secure_enclave/numbertheory.h
secure_enclave/point.c
secure_enclave/point.h
secure_enclave/secure_enclave.c secure_enclave/secure_enclave.c
secure_enclave/secure_enclave.i
secure_enclave/secure_enclave_t.c secure_enclave/secure_enclave_t.c
secure_enclave/secure_enclave_t.h secure_enclave/secure_enclave_t.h
secure_enclave/DKGUtils.h secure_enclave/signature.c
secure_enclave/DKGUtils.cpp secure_enclave/signature.h
sgx-software-enable/sgx_capable.h
sgx-software-enable/sgx_enable.c
tgmp-build/include/sgx_tgmp.h
abstractCSRManagerServer.h
abstractregserver.h
abstractstubserver.h
BLSCrypto.cpp
BLSCrypto.h
BLSPrivateKeyShareSGX.cpp
BLSPrivateKeyShareSGX.h
catch.hpp
cert_util.cpp
common.h
create_enclave.c create_enclave.c
create_enclave.h create_enclave.h
CSRManagerServer.cpp
CSRManagerServer.h
DKGCrypto.cpp
DKGCrypto.h
ECDSACrypto.cpp
ECDSACrypto.h
LevelDB.cpp
LevelDB.h
oc_alloc.c oc_alloc.c
RPCException.cpp
RPCException.h
secure_enclave_u.c secure_enclave_u.c
secure_enclave_u.h secure_enclave_u.h
SEKManager.cpp
SEKManager.h
ServerDataChecker.cpp
ServerDataChecker.h
ServerInit.cpp
ServerInit.h
sgx_detect.h sgx_detect.h
sgx_detect_linux.c sgx_detect_linux.c
sgx_stub.c sgx_stub.c
sgx_stub.h sgx_stub.h
sgx_tgmp.h sgx_tgmp.h
SGXRegistrationServer.cpp
SGXRegistrationServer.h
sgxwallet.c sgxwallet.c
testw.cpp sgxwallet.h
) sgxwallet_common.h
SGXWalletServer.cpp
SGXWalletServer.h
SGXWalletServer.hpp
stubclient.cpp
stubclient.h
testw.cpp)
...@@ -12,6 +12,7 @@ ...@@ -12,6 +12,7 @@
#include <jsonrpccpp/server/connectors/httpserver.h> #include <jsonrpccpp/server/connectors/httpserver.h>
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h"
CSRManagerServer *cs = nullptr; CSRManagerServer *cs = nullptr;
...@@ -22,20 +23,19 @@ CSRManagerServer::CSRManagerServer(AbstractServerConnector &connector, ...@@ -22,20 +23,19 @@ CSRManagerServer::CSRManagerServer(AbstractServerConnector &connector,
serverVersion_t type):abstractCSRManagerServer(connector, type){} serverVersion_t type):abstractCSRManagerServer(connector, type){}
Json::Value GetUnsignedCSRsImpl(){ Json::Value getUnsignedCSRsImpl(){
spdlog::info("Enter GetUnsignedCSRsImpl"); spdlog::info("Enter getUnsignedCSRsImpl");
Json::Value result; Json::Value result;
result["status"] = 0; result["status"] = 0;
result["errorMessage"] = ""; result["errorMessage"] = "";
//result["hashes"] =;
try{ try{
std::vector<std::string> hashes_vect = csrDb->writeKeysToVector1(MAX_CSR_NUM); vector<string> hashes_vect = LevelDB::getCsrDb()->writeKeysToVector1(MAX_CSR_NUM);
for (int i = 0; i < hashes_vect.size(); i++){ for (int i = 0; i < (int) hashes_vect.size(); i++){
result["hashes"][i] = hashes_vect.at(i); result["hashes"][i] = hashes_vect.at(i);
} }
} catch (RPCException &_e) { } catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl; cerr << " err str " << _e.errString << endl;
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
...@@ -44,7 +44,7 @@ Json::Value GetUnsignedCSRsImpl(){ ...@@ -44,7 +44,7 @@ Json::Value GetUnsignedCSRsImpl(){
return result; return result;
} }
Json::Value SignByHashImpl(const std::string& hash, int status){ Json::Value signByHashImpl(const string& hash, int status){
Json::Value result; Json::Value result;
result["errorMessage"] = ""; result["errorMessage"] = "";
...@@ -53,46 +53,46 @@ Json::Value SignByHashImpl(const std::string& hash, int status){ ...@@ -53,46 +53,46 @@ Json::Value SignByHashImpl(const std::string& hash, int status){
throw RPCException(-111, "Invalid csr status"); throw RPCException(-111, "Invalid csr status");
} }
std::string csr_db_key = "CSR:HASH:" + hash; string csr_db_key = "CSR:HASH:" + hash;
std::shared_ptr<std::string> csr_ptr = csrDb->readString(csr_db_key); shared_ptr<string> csr_ptr = LevelDB::getCsrDb()->readString(csr_db_key);
if (csr_ptr == nullptr){ if (csr_ptr == nullptr){
throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "HASH DOES NOT EXIST IN DB"); throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "HASH DOES NOT EXIST IN DB");
} }
if (status == 0) { if (status == 0) {
std::string csr_name = "sgx_data/cert/" + hash + ".csr"; string csr_name = "sgx_data/cert/" + hash + ".csr";
std::ofstream outfile(csr_name); ofstream outfile(csr_name);
outfile << *csr_ptr << std::endl; outfile << *csr_ptr << endl;
outfile.close(); outfile.close();
if (access(csr_name.c_str(), F_OK) != 0) { if (access(csr_name.c_str(), F_OK) != 0) {
csrDb->deleteKey(csr_db_key); LevelDB::getCsrDb()->deleteKey(csr_db_key);
throw RPCException(FILE_NOT_FOUND, "Csr does not exist"); throw RPCException(FILE_NOT_FOUND, "Csr does not exist");
} }
std::string signClientCert = "cd sgx_data/cert && ./create_client_cert " + hash; string signClientCert = "cd sgx_data/cert && ./create_client_cert " + hash;
if (system(signClientCert.c_str()) == 0) { if (system(signClientCert.c_str()) == 0) {
spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED"); spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED");
} else { } else {
spdlog::info("CLIENT CERTIFICATE GENERATION FAILED"); spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
csrDb->deleteKey(csr_db_key); LevelDB::getCsrDb()->deleteKey(csr_db_key);
std::string status_db_key = "CSR:HASH:" + hash + "STATUS:"; string status_db_key = "CSR:HASH:" + hash + "STATUS:";
csrStatusDb->deleteKey(status_db_key); LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
csrStatusDb->writeDataUnique(status_db_key, "-1"); LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, "-1");
throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED"); throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
//exit(-1); //exit(-1);
} }
} }
csrDb->deleteKey(csr_db_key); LevelDB::getCsrDb()->deleteKey(csr_db_key);
std::string status_db_key = "CSR:HASH:" + hash + "STATUS:"; string status_db_key = "CSR:HASH:" + hash + "STATUS:";
csrStatusDb->deleteKey(status_db_key); LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
csrStatusDb->writeDataUnique(status_db_key, std::to_string(status)); LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(status));
result["status"] = status; result["status"] = status;
} catch (RPCException &_e) { } catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl; cerr << " err str " << _e.errString << endl;
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
} }
...@@ -101,14 +101,14 @@ Json::Value SignByHashImpl(const std::string& hash, int status){ ...@@ -101,14 +101,14 @@ Json::Value SignByHashImpl(const std::string& hash, int status){
} }
Json::Value CSRManagerServer::GetUnsignedCSRs(){ Json::Value CSRManagerServer::getUnsignedCSRs(){
std::lock_guard<std::recursive_mutex> lock(m); lock_guard<recursive_mutex> lock(m);
return GetUnsignedCSRsImpl(); return getUnsignedCSRsImpl();
} }
Json::Value CSRManagerServer::SignByHash(const std::string& hash, int status){ Json::Value CSRManagerServer::signByHash(const string& hash, int status){
std::lock_guard<std::recursive_mutex> lock(m); lock_guard<recursive_mutex> lock(m);
return SignByHashImpl(hash, status); return signByHashImpl(hash, status);
} }
int init_csrmanager_server(){ int init_csrmanager_server(){
......
...@@ -20,8 +20,8 @@ class CSRManagerServer : public abstractCSRManagerServer { ...@@ -20,8 +20,8 @@ class CSRManagerServer : public abstractCSRManagerServer {
CSRManagerServer(AbstractServerConnector &connector, serverVersion_t type); CSRManagerServer(AbstractServerConnector &connector, serverVersion_t type);
virtual Json::Value GetUnsignedCSRs(); virtual Json::Value getUnsignedCSRs();
virtual Json::Value SignByHash(const std::string& hash, int status); virtual Json::Value signByHash(const std::string& hash, int status);
}; };
extern int init_csrmanager_server(); extern int init_csrmanager_server();
......
This diff is collapsed.
...@@ -39,7 +39,7 @@ bool VerifyShares(const char* publicShares, const char* encr_sshare, const char ...@@ -39,7 +39,7 @@ bool VerifyShares(const char* publicShares, const char* encr_sshare, const char
std::string decrypt_DHKey(const std::string& polyName, int ind); std::string decrypt_DHKey(const std::string& polyName, int ind);
bool CreateBLSShare( const std::string& BLSKeyName, const char * s_shares, const char * encryptedKeyHex); bool CreateBLSShare( const std::string& blsKeyName, const char * s_shares, const char * encryptedKeyHex);
std::vector<std::string> GetBLSPubKey(const char * encryptedKeyHex); std::vector<std::string> GetBLSPubKey(const char * encryptedKeyHex);
......
FROM skalenetwork/sgxwallet_base:latest FROM skalenetwork/sgxwallet_base:latest
WORKDIR /usr/src/sdk WORKDIR /usr/src/sdk
COPY *.cpp ./
COPY *.h ./
COPY *.txt ./
COPY *.c ./
COPY *.am ./
COPY *.hpp ./
COPY *.sh ./
COPY *.gmp ./
COPY *.ac ./
COPY *.json ./
COPY docker ./docker
COPY build-aux ./build-aux
COPY cert ./cert
COPY jsonrpc ./jsonrpc
COPY leveldb ./leveldb
COPY m4 ./m4
COPY scripts ./scripts
COPY secure_enclave ./secure_enclave
COPY spdlog ./spdlog
RUN autoreconf -vif RUN autoreconf -vif
...@@ -12,13 +32,8 @@ RUN autoconf ...@@ -12,13 +32,8 @@ RUN autoconf
RUN ./configure RUN ./configure
### RUN cd libBLS; cmake -H. -Bbuild; cmake --build build -- -j$(nproc); ### RUN cd libBLS; cmake -H. -Bbuild; cmake --build build -- -j$(nproc);
RUN make RUN make
RUN wget --progress=dot:mega -O - https://github.com/intel/dynamic-application-loader-host-interface/archive/072d233296c15d0dcd1fb4570694d0244729f87b.tar.gz | tar -xz && \
cd dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b && \
cmake . -DCMAKE_BUILD_TYPE=Release -DINIT_SYSTEM=SysVinit && \
make install && \
cd .. && rm -rf dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b
RUN mkdir /sgx_data RUN mkdir /usr/src/sdk/sgx_data
COPY docker/start.sh ./ COPY docker/start.sh ./
ENTRYPOINT ["/usr/src/sdk/start.sh"] ENTRYPOINT ["/usr/src/sdk/start.sh"]
...@@ -48,4 +48,10 @@ RUN git clone -b sgx_2.5 --depth 1 https://github.com/intel/linux-sgx && \ ...@@ -48,4 +48,10 @@ RUN git clone -b sgx_2.5 --depth 1 https://github.com/intel/linux-sgx && \
COPY configure.gmp ./ COPY configure.gmp ./
RUN cd scripts; ./build.py RUN cd scripts; ./build.py
RUN wget --progress=dot:mega -O - https://github.com/intel/dynamic-application-loader-host-interface/archive/072d233296c15d0dcd1fb4570694d0244729f87b.tar.gz | tar -xz && \
cd dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b && \
cmake . -DCMAKE_BUILD_TYPE=Release -DINIT_SYSTEM=SysVinit && \
make install && \
cd .. && rm -rf dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b
FROM skalenetwork/sgxwallet_base:latest FROM skalenetwork/sgxwallet_base:latest
WORKDIR /usr/src/sdk WORKDIR /usr/src/sdk
COPY *.cpp ./
COPY *.h ./
COPY *.txt ./
COPY *.c ./
COPY *.am ./
COPY *.hpp ./
COPY *.sh ./
COPY *.gmp ./
COPY *.ac ./
COPY *.json ./
COPY docker ./docker
COPY build-aux ./build-aux
COPY cert ./cert
COPY jsonrpc ./jsonrpc
COPY leveldb ./leveldb
COPY m4 ./m4
COPY scripts ./scripts
COPY secure_enclave ./secure_enclave
COPY spdlog ./spdlog
RUN autoreconf -vif RUN autoreconf -vif
RUN libtoolize --force RUN libtoolize --force
RUN aclocal RUN aclocal
...@@ -10,13 +30,9 @@ RUN autoconf ...@@ -10,13 +30,9 @@ RUN autoconf
RUN ./configure --enable-sgx-simulation RUN ./configure --enable-sgx-simulation
### RUN cd libBLS; cmake -H. -Bbuild; cmake --build build -- -j$(nproc); ### RUN cd libBLS; cmake -H. -Bbuild; cmake --build build -- -j$(nproc);
RUN make RUN make
RUN wget --progress=dot:mega -O - https://github.com/intel/dynamic-application-loader-host-interface/archive/072d233296c15d0dcd1fb4570694d0244729f87b.tar.gz | tar -xz && \
cd dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b && \
cmake . -DCMAKE_BUILD_TYPE=Release -DINIT_SYSTEM=SysVinit && \
make install && \
cd .. && rm -rf dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b
RUN mkdir /sgx_data
RUN mkdir /usr/src/sdk/sgx_data
COPY docker/start.sh ./ COPY docker/start.sh ./
ENTRYPOINT ["/usr/src/sdk/start.sh"] ENTRYPOINT ["/usr/src/sdk/start.sh"]
...@@ -51,14 +51,23 @@ std::vector<std::string> gen_ecdsa_key(){ ...@@ -51,14 +51,23 @@ std::vector<std::string> gen_ecdsa_key(){
char *pub_key_y = (char *)calloc(1024, 1); char *pub_key_y = (char *)calloc(1024, 1);
uint32_t enc_len = 0; uint32_t enc_len = 0;
status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y ); if ( !is_aes)
status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
else status = generate_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
if ( err_status != 0 ){ if ( err_status != 0 ){
std::cerr << "RPCException thrown" << std::endl; std::cerr << "RPCException thrown" << std::endl;
throw RPCException(-666, errMsg) ; throw RPCException(-666, errMsg) ;
} }
std::vector<std::string> keys(3); std::vector<std::string> keys(3);
//std::cerr << "account key is " << errMsg << std::endl; if (DEBUG_PRINT) {
char *hexEncrKey = (char *) calloc(2*BUF_LEN, 1); std::cerr << "account key is " << errMsg << std::endl;
std::cerr << "enc_len is " << enc_len << std::endl;
std::cerr << "enc_key is " << std::endl;
// for(int i = 0 ; i < 1024; i++)
// std::cerr << (int)encr_pr_key[i] << " " ;
}
char *hexEncrKey = (char *) calloc(BUF_LEN * 2, 1);
carray2Hex(encr_pr_key, enc_len, hexEncrKey); carray2Hex(encr_pr_key, enc_len, hexEncrKey);
keys.at(0) = hexEncrKey; keys.at(0) = hexEncrKey;
keys.at(1) = std::string(pub_key_x) + std::string(pub_key_y);//concatPubKeyWith0x(pub_key_x, pub_key_y);// keys.at(1) = std::string(pub_key_x) + std::string(pub_key_y);//concatPubKeyWith0x(pub_key_x, pub_key_y);//
...@@ -69,6 +78,7 @@ std::vector<std::string> gen_ecdsa_key(){ ...@@ -69,6 +78,7 @@ std::vector<std::string> gen_ecdsa_key(){
unsigned long seed = rand_gen(); unsigned long seed = rand_gen();
if (DEBUG_PRINT) { if (DEBUG_PRINT) {
spdlog::info("seed is {}", seed); spdlog::info("seed is {}", seed);
std::cerr << "strlen is " << strlen(hexEncrKey) << std::endl;
} }
gmp_randstate_t state; gmp_randstate_t state;
gmp_randinit_default(state); gmp_randinit_default(state);
...@@ -105,26 +115,32 @@ std::string get_ecdsa_pubkey(const char* encryptedKeyHex){ ...@@ -105,26 +115,32 @@ std::string get_ecdsa_pubkey(const char* encryptedKeyHex){
char *pub_key_y = (char *)calloc(1024, 1); char *pub_key_y = (char *)calloc(1024, 1);
uint64_t enc_len = 0; uint64_t enc_len = 0;
uint8_t encr_pr_key[BUF_LEN]; //uint8_t encr_pr_key[BUF_LEN];
uint8_t* encr_pr_key = (uint8_t*)calloc(1024, 1);
if (!hex2carray(encryptedKeyHex, &enc_len, encr_pr_key)){ if (!hex2carray(encryptedKeyHex, &enc_len, encr_pr_key)){
throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex"); throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
} }
status = get_public_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y ); if ( !is_aes)
status = get_public_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
else status = get_public_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
if (err_status != 0){ if (err_status != 0){
throw RPCException(-666, errMsg) ; throw RPCException(-666, errMsg) ;
} }
std::string pubKey = std::string(pub_key_x) + std::string(pub_key_y);//concatPubKeyWith0x(pub_key_x, pub_key_y);// std::string pubKey = std::string(pub_key_x) + std::string(pub_key_y);//concatPubKeyWith0x(pub_key_x, pub_key_y);//
if (DEBUG_PRINT) { if (DEBUG_PRINT) {
spdlog::info("enc_len is {}", enc_len);
spdlog::info("pubkey is {}", pubKey); spdlog::info("pubkey is {}", pubKey);
spdlog::info("pubkey length is {}", pubKey.length()); spdlog::info("pubkey length is {}", pubKey.length());
spdlog::info("err str is {}", errMsg); spdlog::info("err str is {}", errMsg);
spdlog::info("err status is {}", err_status);
} }
free(errMsg); free(errMsg);
free(pub_key_x); free(pub_key_x);
free(pub_key_y); free(pub_key_y);
free(encr_pr_key);
return pubKey; return pubKey;
} }
...@@ -134,12 +150,13 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char ...@@ -134,12 +150,13 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
char *errMsg = (char *)calloc(1024, 1); char *errMsg = (char *)calloc(1024, 1);
int err_status = 0; int err_status = 0;
char* signature_r = (char*)malloc(1024); char* signature_r = (char *)calloc(1024, 1);
char* signature_s = (char*)malloc(1024); char* signature_s = (char *)calloc(1024, 1);
uint8_t signature_v = 0; uint8_t signature_v = 0;
uint64_t dec_len = 0; uint64_t dec_len = 0;
uint8_t encr_key[BUF_LEN]; //uint8_t encr_key[BUF_LEN];
uint8_t* encr_key = (uint8_t*)calloc(1024, 1);
if (!hex2carray(encryptedKeyHex, &dec_len, encr_key)){ if (!hex2carray(encryptedKeyHex, &dec_len, encr_key)){
throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex"); throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
} }
...@@ -150,7 +167,9 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char ...@@ -150,7 +167,9 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
spdlog::info("encrypted len: {}", dec_len); spdlog::info("encrypted len: {}", dec_len);
} }
status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base ); if (!is_aes)
status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
else status = ecdsa_sign_aes(eid, &err_status, errMsg, encr_key, dec_len, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
if ( err_status != 0){ if ( err_status != 0){
throw RPCException(-666, errMsg ) ; throw RPCException(-666, errMsg ) ;
} }
...@@ -176,6 +195,7 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char ...@@ -176,6 +195,7 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
free(errMsg); free(errMsg);
free(signature_r); free(signature_r);
free(signature_s); free(signature_s);
free(encr_key);
return signature_vect; return signature_vect;
} }
\ No newline at end of file
...@@ -37,24 +37,24 @@ ...@@ -37,24 +37,24 @@
#include "ServerInit.h" #include "ServerInit.h"
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h"
using namespace leveldb; using namespace leveldb;
static WriteOptions writeOptions; static WriteOptions writeOptions;
static ReadOptions readOptions; static ReadOptions readOptions;
LevelDB* levelDb = nullptr;
LevelDB* csrDb = nullptr;
LevelDB* csrStatusDb = nullptr;
std::shared_ptr<std::string> LevelDB::readString(const std::string &_key) { std::shared_ptr<string> LevelDB::readString(const string &_key) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
auto result = std::make_shared<std::string>(); auto result = std::make_shared<string>();
if (db == nullptr) { if (db == nullptr) {
throw RPCException(NULL_DATABASE, "Null db"); throw RPCException(NULL_DATABASE, "Null db");
...@@ -75,7 +75,7 @@ std::shared_ptr<std::string> LevelDB::readString(const std::string &_key) { ...@@ -75,7 +75,7 @@ std::shared_ptr<std::string> LevelDB::readString(const std::string &_key) {
return result; return result;
} }
void LevelDB::writeString(const std::string &_key, const std::string &_value) { void LevelDB::writeString(const string &_key, const string &_value) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
...@@ -90,11 +90,11 @@ void LevelDB::writeString(const std::string &_key, const std::string &_value) { ...@@ -90,11 +90,11 @@ void LevelDB::writeString(const std::string &_key, const std::string &_value) {
} }
void LevelDB::deleteDHDKGKey (const std::string &_key) { void LevelDB::deleteDHDKGKey (const string &_key) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
std::string full_key = "DKG_DH_KEY_" + _key; string full_key = "DKG_DH_KEY_" + _key;
auto status = db->Delete(writeOptions, Slice(_key)); auto status = db->Delete(writeOptions, Slice(_key));
...@@ -106,11 +106,11 @@ void LevelDB::deleteDHDKGKey (const std::string &_key) { ...@@ -106,11 +106,11 @@ void LevelDB::deleteDHDKGKey (const std::string &_key) {
} }
} }
void LevelDB::deleteTempNEK(const std::string &_key){ void LevelDB::deleteTempNEK(const string &_key){
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
std::string prefix = _key.substr(0,8); string prefix = _key.substr(0,8);
if (prefix != "tmp_NEK:") { if (prefix != "tmp_NEK:") {
return; return;
} }
...@@ -122,7 +122,7 @@ void LevelDB::deleteTempNEK(const std::string &_key){ ...@@ -122,7 +122,7 @@ void LevelDB::deleteTempNEK(const std::string &_key){
std::cerr << "key deleted " << _key << std::endl; std::cerr << "key deleted " << _key << std::endl;
} }
void LevelDB::deleteKey(const std::string &_key){ void LevelDB::deleteKey(const string &_key){
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
...@@ -149,7 +149,7 @@ void LevelDB::writeByteArray(const char *_key, size_t _keyLen, const char *value ...@@ -149,7 +149,7 @@ void LevelDB::writeByteArray(const char *_key, size_t _keyLen, const char *value
} }
void LevelDB::writeByteArray(std::string &_key, const char *value, void LevelDB::writeByteArray(string &_key, const char *value,
size_t _valueLen) { size_t _valueLen) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
...@@ -188,13 +188,13 @@ uint64_t LevelDB::visitKeys(LevelDB::KeyVisitor *_visitor, uint64_t _maxKeysToVi ...@@ -188,13 +188,13 @@ uint64_t LevelDB::visitKeys(LevelDB::KeyVisitor *_visitor, uint64_t _maxKeysToVi
return readCounter; return readCounter;
} }
std::vector<std::string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){ std::vector<string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){
uint64_t readCounter = 0; uint64_t readCounter = 0;
std::vector<std::string> keys; std::vector<string> keys;
leveldb::Iterator *it = db->NewIterator(readOptions); leveldb::Iterator *it = db->NewIterator(readOptions);
for (it->SeekToFirst(); it->Valid(); it->Next()) { for (it->SeekToFirst(); it->Valid(); it->Next()) {
std::string cur_key(it->key().data(), it->key().size()); string cur_key(it->key().data(), it->key().size());
keys.push_back(cur_key); keys.push_back(cur_key);
// keys.push_back(it->key().data()); // keys.push_back(it->key().data());
readCounter++; readCounter++;
...@@ -208,7 +208,7 @@ std::vector<std::string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){ ...@@ -208,7 +208,7 @@ std::vector<std::string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){
return keys; return keys;
} }
void LevelDB::writeDataUnique(const std::string & Name, const std::string &value) { void LevelDB::writeDataUnique(const string & Name, const string &value) {
auto key = Name; auto key = Name;
...@@ -226,7 +226,7 @@ void LevelDB::writeDataUnique(const std::string & Name, const std::string &value ...@@ -226,7 +226,7 @@ void LevelDB::writeDataUnique(const std::string & Name, const std::string &value
} }
LevelDB::LevelDB(std::string &filename) { LevelDB::LevelDB(string &filename) {
leveldb::Options options; leveldb::Options options;
...@@ -243,9 +243,73 @@ LevelDB::LevelDB(std::string &filename) { ...@@ -243,9 +243,73 @@ LevelDB::LevelDB(std::string &filename) {
} }
LevelDB::~LevelDB() { LevelDB::~LevelDB() {
if (db != nullptr)
delete db;
} }
const std::shared_ptr<LevelDB> &LevelDB::getLevelDb() {
CHECK_STATE(levelDb)
return levelDb;
}
const std::shared_ptr<LevelDB> &LevelDB::getCsrDb() {
CHECK_STATE(csrDb)
return csrDb;
}
const std::shared_ptr<LevelDB> &LevelDB::getCsrStatusDb() {
CHECK_STATE(csrStatusDb)
return csrStatusDb;
}
std::shared_ptr<LevelDB> LevelDB::levelDb = nullptr;
std::shared_ptr<LevelDB> LevelDB::csrDb = nullptr;
std::shared_ptr<LevelDB> LevelDB::csrStatusDb = nullptr;
string LevelDB::sgx_data_folder;
bool LevelDB::isInited = false;
void LevelDB::initDataFolderAndDBs() {
if (isInited)
return;
char cwd[PATH_MAX];
if (getcwd(cwd, sizeof(cwd)) == NULL) {
spdlog::error("could not get cwd");
exit(-1);
}
sgx_data_folder = string(cwd) + "/" + SGXDATA_FOLDER;
struct stat info;
if (stat(sgx_data_folder.c_str(), &info) !=0 ){
spdlog::info("going to create sgx_data folder");
std::string make_sgx_data_folder = "mkdir " + sgx_data_folder;
if (system(make_sgx_data_folder.c_str()) == 0){
spdlog::info("sgx_data folder was created");
}
else{
spdlog::error("creating sgx_data folder failed");
exit(-1);
}
}
auto dbName = sgx_data_folder + WALLETDB_NAME;
levelDb = make_shared<LevelDB>(dbName);
auto csr_dbname = sgx_data_folder + "CSR_DB";
csrDb = make_shared<LevelDB>(csr_dbname);
auto csr_status_dbname = sgx_data_folder + "CSR_STATUS_DB";
csrStatusDb = make_shared<LevelDB>(csr_status_dbname);
}
const string &LevelDB::getSgxDataFolder() {
return sgx_data_folder;
}
...@@ -29,7 +29,7 @@ ...@@ -29,7 +29,7 @@
#include <string> #include <string>
#include <mutex> #include <mutex>
#include <vector> #include <vector>
#include "common.h"
namespace leveldb { namespace leveldb {
class DB; class DB;
class Status; class Status;
...@@ -38,38 +38,54 @@ namespace leveldb { ...@@ -38,38 +38,54 @@ namespace leveldb {
class LevelDB { class LevelDB {
std::recursive_mutex mutex; recursive_mutex mutex;
shared_ptr<leveldb::DB> db;
static bool isInited;
static shared_ptr<LevelDB> levelDb;
static shared_ptr<LevelDB> csrDb;
static shared_ptr<LevelDB> csrStatusDb;
leveldb::DB* db; static string sgx_data_folder;
extern LevelDB* levelDb;
extern LevelDB* csrDb; public:
static void initDataFolderAndDBs();
extern LevelDB* csrStatusDb; static const shared_ptr<LevelDB> &getLevelDb();
static const shared_ptr<LevelDB> &getCsrDb();
static const shared_ptr<LevelDB> &getCsrStatusDb();
public: public:
std::shared_ptr<std::string> readString(const std::string& _key); shared_ptr<string> readString(const string& _key);
void writeString(const std::string &key1, const std::string &value1); void writeString(const string &key1, const string &value1);
void writeDataUnique(const std::string & Name, const std::string &value); void writeDataUnique(const string & Name, const string &value);
void writeByteArray(const char *_key, size_t _keyLen, const char *value, void writeByteArray(const char *_key, size_t _keyLen, const char *value,
size_t _valueLen); size_t _valueLen);
void writeByteArray(std::string& _key, const char *value, void writeByteArray(string& _key, const char *value,
size_t _valueLen); size_t _valueLen);
void deleteDHDKGKey (const std::string &_key); void deleteDHDKGKey (const string &_key);
void deleteTempNEK (const std::string &_key); void deleteTempNEK (const string &_key);
void deleteKey(const std::string &_key); void deleteKey(const string &_key);
public: public:
...@@ -77,7 +93,7 @@ public: ...@@ -77,7 +93,7 @@ public:
void throwExceptionOnError(leveldb::Status result); void throwExceptionOnError(leveldb::Status result);
LevelDB(std::string& filename); LevelDB(string& filename);
...@@ -85,15 +101,17 @@ public: ...@@ -85,15 +101,17 @@ public:
class KeyVisitor { class KeyVisitor {
public: public:
virtual void visitDBKey(const char* _data) = 0; virtual void visitDBKey(const char* _data) = 0;
virtual void writeDBKeysToVector(const char* _data, std::vector<const char*> & keys_vect) {} virtual void writeDBKeysToVector(const char* _data, vector<const char*> & keys_vect) {}
}; };
uint64_t visitKeys(KeyVisitor* _visitor, uint64_t _maxKeysToVisit); uint64_t visitKeys(KeyVisitor* _visitor, uint64_t _maxKeysToVisit);
std::vector<std::string> writeKeysToVector1(uint64_t _maxKeysToVisit); vector<string> writeKeysToVector1(uint64_t _maxKeysToVisit);
virtual ~LevelDB(); virtual ~LevelDB();
static const string &getSgxDataFolder();
}; };
......
...@@ -67,7 +67,7 @@ COMMON_SRC = sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c ...@@ -67,7 +67,7 @@ COMMON_SRC = sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c
COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h
sgxwallet_SOURCES = sgxwallet.c SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp BLSCrypto.cpp ECDSACrypto.cpp \ sgxwallet_SOURCES = sgxwallet.c SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp BLSCrypto.cpp ECDSACrypto.cpp \
DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp $(COMMON_SRC) DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp $(COMMON_SRC)
nodist_sgxwallet_SOURCES = $(COMMON_ENCLAVE_SRC) nodist_sgxwallet_SOURCES = $(COMMON_ENCLAVE_SRC)
...@@ -102,7 +102,7 @@ sgxwallet_LDADD=-l$(SGX_URTS_LIB) -LlibBLS/deps/deps_inst/x86_or_x64/lib -Llevel ...@@ -102,7 +102,7 @@ sgxwallet_LDADD=-l$(SGX_URTS_LIB) -LlibBLS/deps/deps_inst/x86_or_x64/lib -Llevel
testw_SOURCES=testw.cpp stubclient.cpp SGXWalletServer.cpp RPCException.cpp BLSCrypto.cpp ServerInit.cpp LevelDB.cpp \ testw_SOURCES=testw.cpp stubclient.cpp SGXWalletServer.cpp RPCException.cpp BLSCrypto.cpp ServerInit.cpp LevelDB.cpp \
DKGCrypto.cpp BLSPrivateKeyShareSGX.cpp ECDSACrypto.cpp ServerDataChecker.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp $(COMMON_SRC) DKGCrypto.cpp BLSPrivateKeyShareSGX.cpp ECDSACrypto.cpp ServerDataChecker.cpp SEKManager.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp $(COMMON_SRC)
nodist_testw_SOURCES=${nodist_sgxwallet_SOURCES} nodist_testw_SOURCES=${nodist_sgxwallet_SOURCES}
EXTRA_testw_DEPENDENCIES=${EXTRA_sgxwallet_DEPENDENCIES} EXTRA_testw_DEPENDENCIES=${EXTRA_sgxwallet_DEPENDENCIES}
testw_LDADD= ${sgxwallet_LDADD} testw_LDADD= ${sgxwallet_LDADD}
......
This diff is collapsed.
/*
Copyright (C) 2019-Present SKALE Labs
This file is part of sgxwallet.
sgxwallet is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
sgxwallet is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with sgxwallet. If not, see <https://www.gnu.org/licenses/>.
@file SEKManager.cpp
@author Stan Kladko
@date 2019
*/
#include "SEKManager.h"
#include "RPCException.h"
#include "BLSCrypto.h"
#include "LevelDB.h"
#include <iostream>
#include "sgxwallet_common.h"
#include "common.h"
#include "sgxwallet.h"
void generate_SEK(){
vector<char> errMsg(1024,0);
int err_status = 0;
vector<uint8_t> encr_SEK(1024, 0);
uint32_t enc_len = 0;
status = generate_SEK(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len);
if ( err_status != 0 ){
cerr << "RPCException thrown" << endl;
throw RPCException(-666, errMsg.data()) ;
}
vector<char> hexEncrKey(2*enc_len + 1, 0);
carray2Hex(encr_SEK.data(), enc_len, hexEncrKey.data());
cerr << "key is " << errMsg.data() << endl;
LevelDB::getLevelDb()->writeDataUnique("SEK", hexEncrKey.data());
}
/*
Copyright (C) 2019-Present SKALE Labs
This file is part of sgxwallet.
sgxwallet is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
sgxwallet is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with sgxwallet. If not, see <https://www.gnu.org/licenses/>.
@file SEKManager.h
@author Stan Kladko
@date 2019
*/
#ifndef SGXD_SEKMANAGER_H
#define SGXD_SEKMANAGER_H
void generate_SEK();
#endif //SGXD_SEKMANAGER_H
...@@ -44,9 +44,11 @@ ...@@ -44,9 +44,11 @@
#include "LevelDB.h" #include "LevelDB.h"
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h"
int DEBUG_PRINT = 0; int DEBUG_PRINT = 0;
int is_sgx_https = 1; int is_sgx_https = 1;
int is_aes = 0;
SGXRegistrationServer *regs = nullptr; SGXRegistrationServer *regs = nullptr;
HttpServer *hs2 = nullptr; HttpServer *hs2 = nullptr;
...@@ -63,30 +65,30 @@ SGXRegistrationServer::SGXRegistrationServer(AbstractServerConnector &connector, ...@@ -63,30 +65,30 @@ SGXRegistrationServer::SGXRegistrationServer(AbstractServerConnector &connector,
: AbstractRegServer(connector, type), is_cert_created(false), cert_auto_sign(auto_sign) {} : AbstractRegServer(connector, type), is_cert_created(false), cert_auto_sign(auto_sign) {}
Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){ Json::Value signCertificateImpl(const string& csr, bool auto_sign = false){
Json::Value result; Json::Value result;
result["status"] = 0; result["status"] = 0;
result["errorMessage"] = ""; result["errorMessage"] = "";
try{ try{
spdlog::info("enter SignCertificateImpl"); spdlog::info("enter signCertificateImpl");
std::string status = "1"; string status = "1";
std::string hash = cryptlite::sha256::hash_hex(csr); string hash = cryptlite::sha256::hash_hex(csr);
if ( !auto_sign) { if ( !auto_sign) {
std::string db_key = "CSR:HASH:" + hash; string db_key = "CSR:HASH:" + hash;
csrDb->writeDataUnique(db_key, csr); LevelDB::getCsrStatusDb()->writeDataUnique(db_key, csr);
} }
if (auto_sign) { if (auto_sign) {
std::string csr_name = "cert/" + hash + ".csr"; string csr_name = "cert/" + hash + ".csr";
std::ofstream outfile(csr_name); ofstream outfile(csr_name);
outfile << csr << std::endl; outfile << csr << endl;
outfile.close(); outfile.close();
if (access(csr_name.c_str(), F_OK) != 0) { if (access(csr_name.c_str(), F_OK) != 0) {
throw RPCException(FILE_NOT_FOUND, "Csr does not exist"); throw RPCException(FILE_NOT_FOUND, "Csr does not exist");
} }
std::string genCert = "cd cert && ./create_client_cert " + hash; string genCert = "cd cert && ./create_client_cert " + hash;
if (system(genCert.c_str()) == 0){ if (system(genCert.c_str()) == 0){
spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED"); spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED");
...@@ -94,8 +96,8 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){ ...@@ -94,8 +96,8 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){
} }
else{ else{
spdlog::info("CLIENT CERTIFICATE GENERATION FAILED"); spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
std::string status_db_key = "CSR:HASH:" + hash + "STATUS:"; string status_db_key = "CSR:HASH:" + hash + "STATUS:";
csrStatusDb->writeDataUnique(status_db_key, std::to_string(FAIL_TO_CREATE_CERTIFICATE)); LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(FAIL_TO_CREATE_CERTIFICATE));
throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED"); throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
//exit(-1); //exit(-1);
} }
...@@ -104,11 +106,11 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){ ...@@ -104,11 +106,11 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){
result["result"] = true; result["result"] = true;
result["hash"] = hash; result["hash"] = hash;
std::string db_key = "CSR:HASH:" + hash + "STATUS:"; string db_key = "CSR:HASH:" + hash + "STATUS:";
csrStatusDb->writeDataUnique(db_key, status); LevelDB::getCsrStatusDb()->writeDataUnique(db_key, status);
} catch (RPCException &_e) { } catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl; cerr << " err str " << _e.errString << endl;
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
result["result"] = false; result["result"] = false;
...@@ -117,26 +119,26 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){ ...@@ -117,26 +119,26 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){
return result; return result;
} }
Json::Value GetSertificateImpl(const std::string& hash){ Json::Value GetSertificateImpl(const string& hash){
Json::Value result; Json::Value result;
std::string cert; string cert;
try{ try{
std::string db_key = "CSR:HASH:" + hash + "STATUS:"; string db_key = "CSR:HASH:" + hash + "STATUS:";
std::shared_ptr<string> status_str_ptr = csrStatusDb->readString(db_key); shared_ptr<string> status_str_ptr = LevelDB::getCsrStatusDb()->readString(db_key);
if (status_str_ptr == nullptr){ if (status_str_ptr == nullptr){
throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist in csr db"); throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist in csr db");
} }
int status = std::atoi(status_str_ptr->c_str()); int status = atoi(status_str_ptr->c_str());
if ( status == 0){ if ( status == 0){
std::string crt_name = "cert/" + hash + ".crt"; string crt_name = "cert/" + hash + ".crt";
//if (access(crt_name.c_str(), F_OK) == 0){ //if (access(crt_name.c_str(), F_OK) == 0){
std::ifstream infile(crt_name); ifstream infile(crt_name);
if (!infile.is_open()) { if (!infile.is_open()) {
std::string status_db_key = "CSR:HASH:" + hash + "STATUS:"; string status_db_key = "CSR:HASH:" + hash + "STATUS:";
csrStatusDb->deleteKey(status_db_key); LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
csrStatusDb->writeDataUnique(status_db_key, std::to_string(FILE_NOT_FOUND)); LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(FILE_NOT_FOUND));
throw RPCException(FILE_NOT_FOUND, "Certificate does not exist"); throw RPCException(FILE_NOT_FOUND, "Certificate does not exist");
} else { } else {
ostringstream ss; ostringstream ss;
...@@ -144,9 +146,9 @@ Json::Value GetSertificateImpl(const std::string& hash){ ...@@ -144,9 +146,9 @@ Json::Value GetSertificateImpl(const std::string& hash){
cert = ss.str(); cert = ss.str();
infile.close(); infile.close();
std::string remove_crt = "cd cert && rm -rf " + hash + ".crt && rm -rf " + hash + ".csr"; string remove_crt = "cd cert && rm -rf " + hash + ".crt && rm -rf " + hash + ".csr";
if(system(remove_crt.c_str()) == 0){ if(system(remove_crt.c_str()) == 0){
//std::cerr << "cert removed" << std::endl; //cerr << "cert removed" << endl;
spdlog::info(" cert removed "); spdlog::info(" cert removed ");
} }
...@@ -161,7 +163,7 @@ Json::Value GetSertificateImpl(const std::string& hash){ ...@@ -161,7 +163,7 @@ Json::Value GetSertificateImpl(const std::string& hash){
result["cert"] = cert; result["cert"] = cert;
} catch (RPCException &_e) { } catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl; cerr << " err str " << _e.errString << endl;
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
} }
...@@ -170,13 +172,13 @@ Json::Value GetSertificateImpl(const std::string& hash){ ...@@ -170,13 +172,13 @@ Json::Value GetSertificateImpl(const std::string& hash){
} }
Json::Value SGXRegistrationServer::SignCertificate(const std::string& csr){ Json::Value SGXRegistrationServer::signCertificate(const string& csr){
spdlog::info("Enter SignCertificate "); spdlog::info("Enter signCertificate ");
lock_guard<recursive_mutex> lock(m); lock_guard<recursive_mutex> lock(m);
return SignCertificateImpl(csr, cert_auto_sign); return signCertificateImpl(csr, cert_auto_sign);
} }
Json::Value SGXRegistrationServer::GetCertificate(const std::string& hash){ Json::Value SGXRegistrationServer::getCertificate(const string& hash){
lock_guard<recursive_mutex> lock(m); lock_guard<recursive_mutex> lock(m);
return GetSertificateImpl(hash); return GetSertificateImpl(hash);
} }
...@@ -190,19 +192,19 @@ void SGXRegistrationServer::set_cert_created(bool b){ ...@@ -190,19 +192,19 @@ void SGXRegistrationServer::set_cert_created(bool b){
int init_registration_server(bool sign_automatically) { int init_registration_server(bool sign_automatically) {
// std::string certPath = "cert/SGXCACertificate.crt"; // string certPath = "cert/SGXCACertificate.crt";
// std::string keyPath = "cert/SGXCACertificate.key"; // string keyPath = "cert/SGXCACertificate.key";
// //
// if (access(certPath.c_str(), F_OK) != 0){ // if (access(certPath.c_str(), F_OK) != 0){
// std::cerr << "CERTIFICATE IS GOING TO BE CREATED" << std::endl; // cerr << "CERTIFICATE IS GOING TO BE CREATED" << endl;
// //
// std::string genCert = "cd cert && ./self-signed-tls -c=US -s=California -l=San-Francisco -o=\"Skale Labs\" -u=\"Department of Software Engineering\" -n=\"SGXCACertificate\" -e=info@skalelabs.com"; // string genCert = "cd cert && ./self-signed-tls -c=US -s=California -l=San-Francisco -o=\"Skale Labs\" -u=\"Department of Software Engineering\" -n=\"SGXCACertificate\" -e=info@skalelabs.com";
// //
// if (system(genCert.c_str()) == 0){ // if (system(genCert.c_str()) == 0){
// std::cerr << "CERTIFICATE IS SUCCESSFULLY GENERATED" << std::endl; // cerr << "CERTIFICATE IS SUCCESSFULLY GENERATED" << endl;
// } // }
// else{ // else{
// std::cerr << "CERTIFICATE GENERATION FAILED" << std::endl; // cerr << "CERTIFICATE GENERATION FAILED" << endl;
// exit(-1); // exit(-1);
// } // }
// } // }
......
...@@ -44,8 +44,8 @@ public: ...@@ -44,8 +44,8 @@ public:
void set_cert_created(bool b); void set_cert_created(bool b);
virtual Json::Value SignCertificate(const std::string& csr); virtual Json::Value signCertificate(const std::string& csr);
virtual Json::Value GetCertificate(const std::string& hash); virtual Json::Value getCertificate(const std::string& hash);
}; };
......
This diff is collapsed.
...@@ -56,11 +56,12 @@ public: ...@@ -56,11 +56,12 @@ public:
virtual Json::Value generateDKGPoly(const std::string& polyName, int t); virtual Json::Value generateDKGPoly(const std::string& polyName, int t);
virtual Json::Value getVerificationVector(const std::string& polyName, int t, int n); virtual Json::Value getVerificationVector(const std::string& polyName, int t, int n);
virtual Json::Value getSecretShare(const std::string& polyName, const Json::Value& publicKeys, int t, int n); virtual Json::Value getSecretShare(const std::string& polyName, const Json::Value& publicKeys, int t, int n);
virtual Json::Value DKGVerification(const std::string& publicShares, const std::string& EthKeyName, const std::string& SecretShare, int t, int n, int index); virtual Json::Value dkgVerification(const std::string& publicShares, const std::string& ethKeyName, const std::string& SecretShare, int t, int n, int index);
virtual Json::Value CreateBLSPrivateKey(const std::string & BLSKeyName, const std::string& EthKeyName, const std::string& polyName, const std::string & SecretShare, int t, int n); virtual Json::Value createBLSPrivateKey(const std::string & blsKeyName, const std::string& ethKeyName, const std::string& polyName, const std::string & SecretShare, int t, int n);
virtual Json::Value GetBLSPublicKeyShare(const std::string & BLSKeyName); virtual Json::Value getBLSPublicKeyShare(const std::string & blsKeyName);
virtual Json::Value ComplaintResponse(const std::string& polyName, int ind); virtual Json::Value complaintResponse(const std::string& polyName, int ind);
virtual Json::Value MultG2(const std::string & x); virtual Json::Value multG2(const std::string & x);
virtual Json::Value isPolyExists(const std::string& polyName);
virtual Json::Value getServerStatus(); virtual Json::Value getServerStatus();
}; };
...@@ -83,11 +84,13 @@ Json::Value getPublicECDSAKeyImpl(const std::string& keyName); ...@@ -83,11 +84,13 @@ Json::Value getPublicECDSAKeyImpl(const std::string& keyName);
Json::Value generateDKGPolyImpl(const std::string& polyName, int t); Json::Value generateDKGPolyImpl(const std::string& polyName, int t);
Json::Value getVerificationVectorImpl(const std::string& polyName, int t, int n); Json::Value getVerificationVectorImpl(const std::string& polyName, int t, int n);
Json::Value getSecretShareImpl(const std::string& polyName, const Json::Value& publicKeys, int t, int n); Json::Value getSecretShareImpl(const std::string& polyName, const Json::Value& publicKeys, int t, int n);
Json::Value DKGVerificationImpl(const std::string& publicShares, const std::string& EthKeyName, const std::string& SecretShare, int t, int n, int index); Json::Value dkgVerificationImpl(const std::string& publicShares, const std::string& ethKeyName, const std::string& SecretShare, int t, int n, int index);
Json::Value CreateBLSPrivateKeyImpl(const std::string & BLSKeyName, const std::string& EthKeyName, const std::string& polyName, const std::string & SecretShare, int t, int n); Json::Value createBLSPrivateKeyImpl(const std::string & blsKeyName, const std::string& ethKeyName, const std::string& polyName, const std::string & SecretShare, int t, int n);
Json::Value GetBLSPublicKeyShareImpl(const std::string & BLSKeyName); Json::Value getBLSPublicKeyShareImpl(const std::string & blsKeyName);
Json::Value ComplaintResponseImpl(const std::string& polyName, int ind); Json::Value complaintResponseImpl(const std::string& polyName, int ind);
Json::Value MultG2Impl(const std::string & x); Json::Value multG2Impl(const std::string & x);
Json::Value isPolyExistsImpl(const std::string& polyName);
Json::Value getServerStatusImpl(); Json::Value getServerStatusImpl();
#endif //SGXWALLET_SGXWALLETSERVER_HPP #endif //SGXWALLET_SGXWALLETSERVER_HPP
\ No newline at end of file
...@@ -28,14 +28,15 @@ ...@@ -28,14 +28,15 @@
#include <iostream> #include <iostream>
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h"
std::vector<std::string> SplitString(const std::string& str, const std::string& delim = ":"){ vector<string> SplitString(const string& str, const string& delim = ":"){
std::vector<std::string> tokens; vector<string> tokens;
size_t prev = 0, pos = 0; size_t prev = 0, pos = 0;
do { do {
pos = str.find(delim, prev); pos = str.find(delim, prev);
if (pos == std::string::npos) pos = str.length(); if (pos == string::npos) pos = str.length();
std::string token = str.substr(prev, pos-prev); string token = str.substr(prev, pos-prev);
if (!token.empty()) tokens.push_back(token); if (!token.empty()) tokens.push_back(token);
prev = pos + delim.length(); prev = pos + delim.length();
} while (pos < str.length() && prev < str.length()); } while (pos < str.length() && prev < str.length());
...@@ -43,8 +44,8 @@ std::vector<std::string> SplitString(const std::string& str, const std::string& ...@@ -43,8 +44,8 @@ std::vector<std::string> SplitString(const std::string& str, const std::string&
return tokens; return tokens;
} }
bool checkECDSAKeyName(const std::string& keyName) { bool checkECDSAKeyName(const string& keyName) {
std::vector<std::string> parts = SplitString(keyName); vector<string> parts = SplitString(keyName);
if (parts.size() != 2) { if (parts.size() != 2) {
spdlog::info("ECDSAKeyName num parts != 2"); spdlog::info("ECDSAKeyName num parts != 2");
return false; return false;
...@@ -69,7 +70,7 @@ bool checkECDSAKeyName(const std::string& keyName) { ...@@ -69,7 +70,7 @@ bool checkECDSAKeyName(const std::string& keyName) {
return true; return true;
} }
bool checkHex(const std::string& hex, const uint32_t sizeInBytes){ bool checkHex(const string& hex, const uint32_t sizeInBytes){
if ( hex.length() > sizeInBytes * 2 || hex.length() == 0){ if ( hex.length() > sizeInBytes * 2 || hex.length() == 0){
return false; return false;
} }
...@@ -86,8 +87,8 @@ bool checkHex(const std::string& hex, const uint32_t sizeInBytes){ ...@@ -86,8 +87,8 @@ bool checkHex(const std::string& hex, const uint32_t sizeInBytes){
return true; return true;
} }
bool checkName (const std::string& Name, const std::string& prefix){ bool checkName (const string& Name, const string& prefix){
std::vector<std::string> parts = SplitString(Name); vector<string> parts = SplitString(Name);
if ( parts.size() != 7) { if ( parts.size() != 7) {
spdlog::info("parts.size() != 7"); spdlog::info("parts.size() != 7");
return false; return false;
......
...@@ -52,44 +52,33 @@ ...@@ -52,44 +52,33 @@
#include "BLSCrypto.h" #include "BLSCrypto.h"
#include "ServerInit.h" #include "ServerInit.h"
#include "SEKManager.h"
#include <iostream> #include <iostream>
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include <unistd.h>
#include <stdio.h>
#include <limits.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/stat.h> #include <sys/stat.h>
//#include <system> //#include <system>
void init_daemon() { void init_daemon() {
libff::init_alt_bn128_params(); libff::init_alt_bn128_params();
std::string sgx_data_folder = SGXDATA_FOLDER;
struct stat info;
if (stat(sgx_data_folder.c_str(), &info) !=0 ){
spdlog::info("going to create sgx_data folder");
std::string make_sgx_data_folder = "mkdir " + sgx_data_folder;
if (system(make_sgx_data_folder.c_str()) == 0){
spdlog::info("sgx_data folder was created");
}
else{
spdlog::info("creating sgx_data folder failed");
exit(-1);
}
}
static std::string dbName = sgx_data_folder + WALLETDB_NAME;
levelDb = new LevelDB(dbName);
static std::string csr_dbname = sgx_data_folder + "CSR_DB"; LevelDB::initDataFolderAndDBs();
csrDb = new LevelDB(csr_dbname);
static std::string csr_status_dbname = sgx_data_folder + "CSR_STATUS_DB";
csrStatusDb = new LevelDB(csr_status_dbname);
std::shared_ptr<std::string> encr_SEK_ptr = levelDb->readString("SEK"); std::shared_ptr<std::string> encr_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
if (encr_SEK_ptr == nullptr){ if (encr_SEK_ptr == nullptr){
spdlog::info("SEK was not created yet"); spdlog::info("SEK was not created yet");
generate_SEK();
} }
} }
...@@ -100,9 +89,10 @@ void init_enclave() { ...@@ -100,9 +89,10 @@ void init_enclave() {
eid = 0; eid = 0;
updated = 0; updated = 0;
unsigned long support;
#ifndef SGX_HW_SIM #ifndef SGX_HW_SIM
unsigned long support;
support = get_sgx_support(); support = get_sgx_support();
if (!SGX_OK(support)) { if (!SGX_OK(support)) {
sgx_support_perror(support); sgx_support_perror(support);
...@@ -150,6 +140,8 @@ void init_all(bool check_cert, bool sign_automatically) { ...@@ -150,6 +140,8 @@ void init_all(bool check_cert, bool sign_automatically) {
if (sgxServerInited == 1) if (sgxServerInited == 1)
return; return;
init_daemon();
sgxServerInited = 1; sgxServerInited = 1;
if (is_sgx_https) { if (is_sgx_https) {
...@@ -162,5 +154,5 @@ void init_all(bool check_cert, bool sign_automatically) { ...@@ -162,5 +154,5 @@ void init_all(bool check_cert, bool sign_automatically) {
} }
init_enclave(); init_enclave();
//std::cerr << "enclave inited" << std::endl; //std::cerr << "enclave inited" << std::endl;
init_daemon();
} }
...@@ -31,7 +31,6 @@ ...@@ -31,7 +31,6 @@
#endif #endif
EXTERNC void init_all(bool check_cert, bool sign_automatically); EXTERNC void init_all(bool check_cert, bool sign_automatically);
EXTERNC void init_daemon(); EXTERNC void init_daemon();
......
...@@ -12,22 +12,22 @@ class abstractCSRManagerServer : public jsonrpc::AbstractServer<abstractCSRManag ...@@ -12,22 +12,22 @@ class abstractCSRManagerServer : public jsonrpc::AbstractServer<abstractCSRManag
public: public:
abstractCSRManagerServer(jsonrpc::AbstractServerConnector &conn, jsonrpc::serverVersion_t type = jsonrpc::JSONRPC_SERVER_V2) : jsonrpc::AbstractServer<abstractCSRManagerServer>(conn, type) abstractCSRManagerServer(jsonrpc::AbstractServerConnector &conn, jsonrpc::serverVersion_t type = jsonrpc::JSONRPC_SERVER_V2) : jsonrpc::AbstractServer<abstractCSRManagerServer>(conn, type)
{ {
this->bindAndAddMethod(jsonrpc::Procedure("GetUnsignedCSRs", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, NULL), &abstractCSRManagerServer::GetUnsignedCSRsI); this->bindAndAddMethod(jsonrpc::Procedure("getUnsignedCSRs", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, NULL), &abstractCSRManagerServer::getUnsignedCSRsI);
this->bindAndAddMethod(jsonrpc::Procedure("SignByHash", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"hash",jsonrpc::JSON_STRING, "status", jsonrpc::JSON_INTEGER, NULL), &abstractCSRManagerServer::SignByHashI); this->bindAndAddMethod(jsonrpc::Procedure("signByHash", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"hash",jsonrpc::JSON_STRING, "status", jsonrpc::JSON_INTEGER, NULL), &abstractCSRManagerServer::signByHashI);
} }
inline virtual void GetUnsignedCSRsI(const Json::Value &request, Json::Value &response) inline virtual void getUnsignedCSRsI(const Json::Value &request, Json::Value &response)
{ {
(void)request; (void)request;
response = this->GetUnsignedCSRs(); response = this->getUnsignedCSRs();
} }
inline virtual void SignByHashI(const Json::Value &request, Json::Value &response) inline virtual void signByHashI(const Json::Value &request, Json::Value &response)
{ {
response = this->SignByHash( request["hash"].asString(), request["status"].asInt()); response = this->signByHash( request["hash"].asString(), request["status"].asInt());
} }
virtual Json::Value GetUnsignedCSRs() = 0; virtual Json::Value getUnsignedCSRs() = 0;
virtual Json::Value SignByHash(const std::string& hash, int status) = 0; virtual Json::Value signByHash(const std::string& hash, int status) = 0;
}; };
......
...@@ -32,23 +32,23 @@ class AbstractRegServer : public jsonrpc::AbstractServer<AbstractRegServer> ...@@ -32,23 +32,23 @@ class AbstractRegServer : public jsonrpc::AbstractServer<AbstractRegServer>
public: public:
AbstractRegServer(jsonrpc::AbstractServerConnector &conn, jsonrpc::serverVersion_t type = jsonrpc::JSONRPC_SERVER_V2) : jsonrpc::AbstractServer<AbstractRegServer>(conn, type) AbstractRegServer(jsonrpc::AbstractServerConnector &conn, jsonrpc::serverVersion_t type = jsonrpc::JSONRPC_SERVER_V2) : jsonrpc::AbstractServer<AbstractRegServer>(conn, type)
{ {
this->bindAndAddMethod(jsonrpc::Procedure("SignCertificate", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"certificate",jsonrpc::JSON_STRING, NULL), &AbstractRegServer::SignCertificateI); this->bindAndAddMethod(jsonrpc::Procedure("signCertificate", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"certificate",jsonrpc::JSON_STRING, NULL), &AbstractRegServer::signCertificateI);
this->bindAndAddMethod(jsonrpc::Procedure("GetCertificate", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"hash",jsonrpc::JSON_STRING, NULL), &AbstractRegServer::GetCertificateI); this->bindAndAddMethod(jsonrpc::Procedure("getCertificate", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"hash",jsonrpc::JSON_STRING, NULL), &AbstractRegServer::getCertificateI);
} }
inline virtual void SignCertificateI(const Json::Value &request, Json::Value &response) inline virtual void signCertificateI(const Json::Value &request, Json::Value &response)
{ {
std::cerr << "SignCertificateI in abstr server " << std::endl; std::cerr << "signCertificateI in abstr server " << std::endl;
response = this->SignCertificate( request["certificate"].asString()); response = this->signCertificate( request["certificate"].asString());
} }
inline virtual void GetCertificateI(const Json::Value &request, Json::Value &response) inline virtual void getCertificateI(const Json::Value &request, Json::Value &response)
{ {
response = this->GetCertificate( request["hash"].asString()); response = this->getCertificate( request["hash"].asString());
} }
virtual Json::Value SignCertificate(const std::string& cert) = 0; virtual Json::Value signCertificate(const std::string& cert) = 0;
virtual Json::Value GetCertificate(const std::string& hash) = 0; virtual Json::Value getCertificate(const std::string& hash) = 0;
}; };
......
This diff is collapsed.
This diff is collapsed.
...@@ -13,7 +13,7 @@ int print_hashes(){ ...@@ -13,7 +13,7 @@ int print_hashes(){
jsonrpc::HttpClient client("http://localhost:1028"); jsonrpc::HttpClient client("http://localhost:1028");
StubClient c(client, jsonrpc::JSONRPC_CLIENT_V2); StubClient c(client, jsonrpc::JSONRPC_CLIENT_V2);
std::cout << "Client inited" << std::endl; std::cout << "Client inited" << std::endl;
std::cout << c.GetUnsignedCSRs() << std::endl; std::cout << c.getUnsignedCSRs() << std::endl;
exit(0); exit(0);
} }
...@@ -21,7 +21,7 @@ void sign_by_hash(std::string & hash, int status){ ...@@ -21,7 +21,7 @@ void sign_by_hash(std::string & hash, int status){
jsonrpc::HttpClient client("http://localhost:1028"); jsonrpc::HttpClient client("http://localhost:1028");
StubClient c(client, jsonrpc::JSONRPC_CLIENT_V2); StubClient c(client, jsonrpc::JSONRPC_CLIENT_V2);
std::cout << "Client inited" << std::endl; std::cout << "Client inited" << std::endl;
std::cout << c.SignByHash(hash, status) << std::endl; std::cout << c.signByHash(hash, status) << std::endl;
exit(0); exit(0);
} }
......
//
// Created by kladko on 25.01.20.
//
#ifndef SGXWALLET_COMMON_H
#define SGXWALLET_COMMON_H
using namespace std;
#include <stdlib.h>
#include <iostream>
#include <map>
#include <memory>
#define CHECK_ARGUMENT(_EXPRESSION_) \
if (!(_EXPRESSION_)) { \
auto __msg__ = string("Argument Check failed:") + #_EXPRESSION_ + "\n" + __CLASS_NAME__ + ":" + __FUNCTION__ + \
+ " " + string(__FILE__) + ":" + to_string(__LINE__); \
throw runtime_error(__msg__);}
#define CHECK_STATE(_EXPRESSION_) \
if (!(_EXPRESSION_)) { \
auto __msg__ = string("State check failed::") + #_EXPRESSION_ + " " + string(__FILE__) + ":" + to_string(__LINE__); \
throw runtime_error(__msg__);}
#endif //SGXWALLET_COMMON_H
/usr/share/automake-1.16/compile
\ No newline at end of file
/usr/share/automake-1.16/depcomp
\ No newline at end of file
...@@ -8,5 +8,5 @@ jhid -d ...@@ -8,5 +8,5 @@ jhid -d
pid=$! pid=$!
sleep 2 sleep 2
/usr/src/sdk/sgxwallet $1 cd /usr/src/sdk; ./sgxwallet $1 $2 $3 $4
Subproject commit 83fadb60a7f1607c1c46e868ed2a866bb70b4c76
/usr/share/automake-1.16/install-sh
\ No newline at end of file
/usr/share/automake-1.16/missing
\ No newline at end of file
...@@ -10,7 +10,12 @@ services: ...@@ -10,7 +10,12 @@ services:
- "/dev/isgx" - "/dev/isgx"
- "/dev/mei0" - "/dev/mei0"
volumes: volumes:
- ./sgx_data:/sgx_data - ./sgx_data:/usr/src/sdk/sgx_data
logging:
driver: json-file
options:
max-size: "10m"
max-file: "4"
restart: unless-stopped restart: unless-stopped
command: -s command: -s
......
...@@ -7,7 +7,12 @@ services: ...@@ -7,7 +7,12 @@ services:
- "1027:1027" - "1027:1027"
- "1028:1028" - "1028:1028"
volumes: volumes:
- ./sgx_data:/sgx_data - ./sgx_data:/usr/src/sdk/sgx_data
logging:
driver: json-file
options:
max-size: "10m"
max-file: "4"
restart: unless-stopped restart: unless-stopped
command: -s command: -s -d
#!/usr/bin/env python
#
# @file docker_test.py
# @author Stan Kladko
# @date 2020
#
import sys
import os
import subprocess
import socket
assert os.path.isdir('sgx_data/sgxwallet.db')
assert os.path.isdir('sgx_data/cert_data');
assert os.path.isdir('sgx_data/CSR_DB');
assert os.path.isdir('sgx_data/CSR_STATUS_DB');
assert os.path.isfile('sgx_data/cert_data/SGXServerCert.crt')
assert os.path.isfile('sgx_data/cert_data/SGXServerCert.key')
assert os.path.isfile('sgx_data/cert_data/rootCA.pem')
assert os.path.isfile('sgx_data/cert_data/rootCA.key')
s1 = socket.socket()
s2 = socket.socket()
s3 = socket.socket()
address = '127.0.0.1'
s1.connect((address, 1026))
s2.connect((address, 1027))
s3.connect((address, 1028))
s1.close()
s2.close()
s3.close()
//
// Created by kladko on 1/22/20.
//
#include "sgx_trts.h"
#include "sgx_tcrypto.h"
#include "stdlib.h"
#include <string.h>
#include "AESUtils.h"
int AES_encrypt(char *message, uint8_t *encr_message){
sgx_read_rand(encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE);
sgx_status_t status = sgx_rijndael128GCM_encrypt(&AES_key, (uint8_t*)message, strlen(message),
encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE,
encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
NULL, 0,
(sgx_aes_gcm_128bit_tag_t *) encr_message);
return status;
}
int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message){
uint64_t len = length - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE;
sgx_status_t status = sgx_rijndael128GCM_decrypt(&AES_key,
encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE, len,
message,
encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
NULL, 0,
(sgx_aes_gcm_128bit_tag_t *)encr_message);
return status;
}
\ No newline at end of file
//
// Created by kladko on 1/22/20.
//
#ifndef SGXD_AESUTILS_H
#define SGXD_AESUTILS_H
sgx_aes_gcm_128bit_key_t AES_key;
int AES_encrypt(char *message, uint8_t *encr_message);
int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message);
#endif //SGXD_AESUTILS_H
...@@ -85,7 +85,7 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h ...@@ -85,7 +85,7 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h
secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \ secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
secure_enclave.c \ secure_enclave.c \
curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c \ curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c AESUtils.c \
DKGUtils.cpp BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \ DKGUtils.cpp BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \ ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG) ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
......
...@@ -110,7 +110,7 @@ am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \ ...@@ -110,7 +110,7 @@ am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \
secure_enclave.$(OBJEXT) curves.$(OBJEXT) \ secure_enclave.$(OBJEXT) curves.$(OBJEXT) \
domain_parameters.$(OBJEXT) numbertheory.$(OBJEXT) \ domain_parameters.$(OBJEXT) numbertheory.$(OBJEXT) \
point.$(OBJEXT) signature.$(OBJEXT) DH_dkg.$(OBJEXT) \ point.$(OBJEXT) signature.$(OBJEXT) DH_dkg.$(OBJEXT) \
DKGUtils.$(OBJEXT) BLSEnclave.$(OBJEXT) \ AESUtils.$(OBJEXT) DKGUtils.$(OBJEXT) BLSEnclave.$(OBJEXT) \
alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \ alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \
alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1) alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1)
secure_enclave_OBJECTS = $(am_secure_enclave_OBJECTS) secure_enclave_OBJECTS = $(am_secure_enclave_OBJECTS)
...@@ -138,7 +138,8 @@ am__v_at_1 = ...@@ -138,7 +138,8 @@ am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp depcomp = $(SHELL) $(top_srcdir)/depcomp
am__maybe_remake_depfiles = depfiles am__maybe_remake_depfiles = depfiles
am__depfiles_remade = ./$(DEPDIR)/BLSEnclave.Po ./$(DEPDIR)/DH_dkg.Po \ am__depfiles_remade = ./$(DEPDIR)/AESUtils.Po \
./$(DEPDIR)/BLSEnclave.Po ./$(DEPDIR)/DH_dkg.Po \
./$(DEPDIR)/DKGUtils.Po ./$(DEPDIR)/alt_bn128_g1.Po \ ./$(DEPDIR)/DKGUtils.Po ./$(DEPDIR)/alt_bn128_g1.Po \
./$(DEPDIR)/alt_bn128_g2.Po ./$(DEPDIR)/alt_bn128_init.Po \ ./$(DEPDIR)/alt_bn128_g2.Po ./$(DEPDIR)/alt_bn128_init.Po \
./$(DEPDIR)/curves.Po ./$(DEPDIR)/domain_parameters.Po \ ./$(DEPDIR)/curves.Po ./$(DEPDIR)/domain_parameters.Po \
...@@ -346,7 +347,7 @@ ENCLAVE_CONFIG = $(ENCLAVE).config.xml ...@@ -346,7 +347,7 @@ ENCLAVE_CONFIG = $(ENCLAVE).config.xml
ENCLAVE_KEY = test_insecure_private_key.pem #$(ENCLAVE)_private.pem ENCLAVE_KEY = test_insecure_private_key.pem #$(ENCLAVE)_private.pem
secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \ secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
secure_enclave.c \ secure_enclave.c \
curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c \ curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c AESUtils.c \
DKGUtils.cpp BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \ DKGUtils.cpp BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \ ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG) ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
...@@ -440,6 +441,7 @@ mostlyclean-compile: ...@@ -440,6 +441,7 @@ mostlyclean-compile:
distclean-compile: distclean-compile:
-rm -f *.tab.c -rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/AESUtils.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker
...@@ -660,7 +662,8 @@ clean: clean-am ...@@ -660,7 +662,8 @@ clean: clean-am
clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am
distclean: distclean-am distclean: distclean-am
-rm -f ./$(DEPDIR)/BLSEnclave.Po -rm -f ./$(DEPDIR)/AESUtils.Po
-rm -f ./$(DEPDIR)/BLSEnclave.Po
-rm -f ./$(DEPDIR)/DH_dkg.Po -rm -f ./$(DEPDIR)/DH_dkg.Po
-rm -f ./$(DEPDIR)/DKGUtils.Po -rm -f ./$(DEPDIR)/DKGUtils.Po
-rm -f ./$(DEPDIR)/alt_bn128_g1.Po -rm -f ./$(DEPDIR)/alt_bn128_g1.Po
...@@ -720,7 +723,8 @@ install-ps-am: ...@@ -720,7 +723,8 @@ install-ps-am:
installcheck-am: installcheck-am:
maintainer-clean: maintainer-clean-am maintainer-clean: maintainer-clean-am
-rm -f ./$(DEPDIR)/BLSEnclave.Po -rm -f ./$(DEPDIR)/AESUtils.Po
-rm -f ./$(DEPDIR)/BLSEnclave.Po
-rm -f ./$(DEPDIR)/DH_dkg.Po -rm -f ./$(DEPDIR)/DH_dkg.Po
-rm -f ./$(DEPDIR)/DKGUtils.Po -rm -f ./$(DEPDIR)/DKGUtils.Po
-rm -f ./$(DEPDIR)/alt_bn128_g1.Po -rm -f ./$(DEPDIR)/alt_bn128_g1.Po
......
//
// Created by kladko on 1/24/20.
//
#ifndef SGXD_ENCLAVE_COMMON_H
#define SGXD_ENCLAVE_COMMON_H
#define BUF_LEN 1024
#define MAX_KEY_LENGTH 128
#define MAX_COMPONENT_LENGTH 80
#define MAX_COMPONENT_HEX_LENGTH MAX_COMPONENT_LENGTH * 2
#define MAX_ENCRYPTED_KEY_LENGTH 1024
#define MAX_SIG_LEN 1024
#define MAX_ERR_LEN 1024
#define SHA_256_LEN 32
#define ADD_ENTROPY_SIZE 32
#define DKG_BUFER_LENGTH 2490//3060
#define DKG_MAX_SEALED_LEN 3050
#define SECRET_SHARE_NUM_BYTES 96
#define ECDSA_SKEY_LEN 65
#define ECDSA_SKEY_BASE 16
#define ECDSA_ENCR_LEN 93
#define ECDSA_BIN_LEN 33
#define UNKNOWN_ERROR -1
#define PLAINTEXT_KEY_TOO_LONG -2
#define UNPADDED_KEY -3
#define NULL_KEY -4
#define INCORRECT_STRING_CONVERSION -5
#define ENCRYPTED_KEY_TOO_LONG -6
#define SEAL_KEY_FAILED -7
#endif //SGXD_ENCLAVE_COMMON_H
This diff is collapsed.
#define ECDSA_SKEY_LEN 65
#define ECDSA_SKEY_BASE 16
#define ECDSA_ENCR_LEN 93
#define ECDSA_BIN_LEN 33
enclave { enclave {
trusted { trusted {
include "sgx_tgmp.h" include "sgx_tgmp.h"
public void tgmp_init(); public void tgmp_init();
public void e_mpz_add( public void e_mpz_add(
...@@ -52,20 +59,20 @@ enclave { ...@@ -52,20 +59,20 @@ enclave {
[out, count = 1024] char* key ); [out, count = 1024] char* key );
public void bls_sign_message ( public void bls_sign_message (
[user_check] int *err_status, [user_check] int *err_status,
[out, count = 1024] char* err_string, [out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key, [in, count = 1024] uint8_t* encrypted_key,
uint32_t enc_len, uint32_t enc_len,
[in, count = 1024] char* hashX , [in, count = 1024] char* hashX ,
[in, count = 1024] char* hashY , [in, count = 1024] char* hashY ,
[out, count = 1024] char* signature); [out, count = 1024] char* signature);
public void gen_dkg_secret ( public void gen_dkg_secret (
[user_check] int *err_status, [user_check] int *err_status,
[out, count = 1024] char* err_string, [out, count = 1024] char* err_string,
[out, count = 3050] uint8_t* encrypted_dkg_secret, [out, count = 3050] uint8_t* encrypted_dkg_secret,
[user_check] uint32_t * enc_len, [user_check] uint32_t * enc_len,
size_t _t); size_t _t);
public void decrypt_dkg_secret ( public void decrypt_dkg_secret (
[user_check] int *err_status, [user_check] int *err_status,
...@@ -163,6 +170,72 @@ enclave { ...@@ -163,6 +170,72 @@ enclave {
[out, count = 1024] char *err_string, [out, count = 1024] char *err_string,
[in, count = 1024] uint8_t *encrypted_SEK, [in, count = 1024] uint8_t *encrypted_SEK,
[user_check] uint32_t *enc_len); [user_check] uint32_t *enc_len);
public void generate_ecdsa_key_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[out, count = ECDSA_ENCR_LEN] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len,
[out, count = 1024] char * pub_key_x,
[out, count = 1024] char * pub_key_y);
public void get_public_ecdsa_key_aes(
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
uint32_t dec_len,
[out, count = 1024] char * pub_key_x,
[out, count = 1024] char * pub_key_y);
public void ecdsa_sign_aes(
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
uint32_t enc_len,
[in, count = 1024] unsigned char* hash,
[out, count = 1024] char* sig_r,
[out, count = 1024] char* sig_s,
[user_check] uint8_t* sig_v,
int base);
public void encrypt_key_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] char* key,
[out, count = 1024] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len);
public void decrypt_key_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
uint32_t enc_len,
[out, count = 1024] char* key );
public void gen_dkg_secret_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[out, count = 3050] uint8_t* encrypted_dkg_secret,
[user_check] uint32_t * enc_len,
size_t _t);
public void decrypt_dkg_secret_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[out, count = 2490] uint8_t* decrypted_dkg_secret,
[user_check] uint32_t* dec_len);
public void set_encrypted_dkg_poly_aes( [user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 3050] uint8_t* encrypted_poly,
[user_check] uint64_t* enc_len);
}; };
......
File added
...@@ -62,7 +62,7 @@ int main(int argc, char *argv[]) { ...@@ -62,7 +62,7 @@ int main(int argc, char *argv[]) {
exit(1); exit(1);
} }
while ((opt = getopt(argc, argv, "cshd0")) != -1) { while ((opt = getopt(argc, argv, "cshd0a")) != -1) {
switch (opt) { switch (opt) {
case 'h': case 'h':
if (strlen(argv[1]) == 2 ) { if (strlen(argv[1]) == 2 ) {
...@@ -87,6 +87,8 @@ int main(int argc, char *argv[]) { ...@@ -87,6 +87,8 @@ int main(int argc, char *argv[]) {
case '0': case '0':
is_sgx_https = 0; is_sgx_https = 0;
break; break;
case 'a':
is_aes = 1;
case '?': // fprintf(stderr, "unknown flag\n"); case '?': // fprintf(stderr, "unknown flag\n");
exit(1); exit(1);
default: default:
......
...@@ -37,6 +37,7 @@ ...@@ -37,6 +37,7 @@
extern int DEBUG_PRINT; extern int DEBUG_PRINT;
extern int is_sgx_https; extern int is_sgx_https;
extern int is_aes;
#define BUF_LEN 1024 #define BUF_LEN 1024
...@@ -57,7 +58,7 @@ extern int is_sgx_https; ...@@ -57,7 +58,7 @@ extern int is_sgx_https;
#define ECDSA_SKEY_LEN 65 #define ECDSA_SKEY_LEN 65
#define ECDSA_SKEY_BASE 16 #define ECDSA_SKEY_BASE 16
#define ECDSA_ENCR_LEN 625 #define ECDSA_ENCR_LEN 93
#define ECDSA_BIN_LEN 33 #define ECDSA_BIN_LEN 33
#define UNKNOWN_ERROR -1 #define UNKNOWN_ERROR -1
......
This diff is collapsed.
/* //
Copyright (C) 2019-Present SKALE Labs // Created by kladko on 9/23/19.
//
This file is part of sgxwallet.
sgxwallet is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
sgxwallet is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with sgxwallet. If not, see <https://www.gnu.org/licenses/>.
@file stubclient.cpp
@author Stan Kladko
@date 2019
*/
#include <iostream> #include <iostream>
......
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment