Merge branch 'develop' of https://github.com/skalenetwork/sgxwallet into develop

 Conflicts:
	LevelDB.h

.github/workflows/dockerimage.yml

@@ -20,3 +20,4 @@ jobs:
         run: docker build . --file Dockerfile --tag  skalenetwork/sgxwallet:latest
       - name: push docker image
         run:  docker push skalenetwork/sgxwallet:latest
+

.github/workflows/dockerimagesim.yml

@@ -18,6 +18,10 @@ jobs:
       run: git submodule update --init --recursive
     - name: Build the Docker image
       run: docker build . --file DockerfileSimulation --tag  skalenetwork/sgxwalletsim:latest
+    - name: run docker image
+      run: docker run -v ${PWD}/sgx_data:/usr/src/sdk/sgx_data -d --network=host skalenetwork/sgxwalletsim:latest
+    - name: sleep and check
+      run: sleep 5; scripts/docker_test.py
     - name: push docker image
       run:  docker push skalenetwork/sgxwalletsim:latest
 

.gitignore

 # Created by .ignore support plugin (hsz.mobi)
 .idea/
+sgx-gmp/
 gmp-build
 tgmp-build
 install-sh
@@ -13,6 +14,10 @@ secure_enclave.edl
 am--include-marker
 *.o
 aclocal.m4
+missing
+compile
+depcomp
+ltmain.sh
 secure_enclave.signed.so
 sgxgmpmath
 sgxgmppi

.gitmodules

@@ -16,3 +16,6 @@
 [submodule "sgx-software-enable"]
 	path = sgx-software-enable
 	url = https://github.com/intel/sgx-software-enable
+[submodule "github-markdown-toc"]
+	path = github-markdown-toc
+	url = https://github.com/ekalinin/github-markdown-toc.git

BLSCrypto.cpp

@@ -51,6 +51,7 @@
 #include "RPCException.h"
 
 #include "spdlog/spdlog.h"
+#include "common.h"
 
 int char2int(char _input) {
   if (_input >= '0' && _input <= '9')
@@ -135,11 +136,11 @@ bool hex2carray2(const char * _hex, uint64_t  *_bin_len,
 bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t _n, size_t _signerIndex,
     char* _sig) {
 
-  //std::cerr << "ENTER SIGN" << std::endl;
+  //cerr << "ENTER SIGN" << endl;
 
-  auto keyStr = std::make_shared<std::string>(_encryptedKeyHex);
+  auto keyStr = make_shared<string>(_encryptedKeyHex);
 
-  auto hash = std::make_shared<std::array<uint8_t, 32>>();
+  auto hash = make_shared<array<uint8_t, 32>>();
 
   uint64_t binLen;
 
@@ -150,9 +151,9 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t
 
 
 
-  auto keyShare = std::make_shared<BLSPrivateKeyShareSGX>(keyStr, _t, _n);
+  auto keyShare = make_shared<BLSPrivateKeyShareSGX>(keyStr, _t, _n);
 
-  //std::cerr << "keyShare created" << std::endl;
+  //cerr << "keyShare created" << endl;
  // {
     auto sigShare = keyShare->signWithHelperSGX(hash, _signerIndex);
  // }
@@ -161,14 +162,14 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t
 
   strncpy(_sig, sigShareStr->c_str(), BUF_LEN);
 
-  //std::string sigShareStr = keyShare->signWithHelperSGXstr(hash, _signerIndex);
+  //string sigShareStr = keyShare->signWithHelperSGXstr(hash, _signerIndex);
   //strncpy(_sig, sigShareStr.c_str(), BUF_LEN);
 
- // std::string test_sig = "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855:9810286616503120081238481858289626967170509983220853777870754480048381194141:5";
- // auto sig_ptr = std::make_shared<std::string>(test_sig);
+ // string test_sig = "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855:9810286616503120081238481858289626967170509983220853777870754480048381194141:5";
+ // auto sig_ptr = make_shared<string>(test_sig);
  // strncpy(_sig, sig_ptr->c_str(), BUF_LEN);
 
-  //std::cerr<< "sig " << _sig <<std::endl;
+  //cerr<< "sig " << _sig <<endl;
 
   return true;
 
@@ -185,10 +186,12 @@ char *encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key)
 
     unsigned int encryptedLen = 0;
 
-    status = encrypt_key(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
+    //status = encrypt_key(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
+    status = encrypt_key_aes(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
 
     if (DEBUG_PRINT) {
-      spdlog::info("errStatus is {}",*errStatus, " errMsg is ", errMsg );
+      spdlog::info("errStatus is {}",*errStatus);
+      spdlog::info(" errMsg is ", errMsg );
     }
 
     if (status != SGX_SUCCESS) {
@@ -224,7 +227,8 @@ char *decryptBLSKeyShareFromHex(int *errStatus, char *errMsg, const char *_encry
 
     char *plaintextKey = (char *) calloc(BUF_LEN, 1);
 
-    status = decrypt_key(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
+    //status = decrypt_key(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
+     status = decrypt_key_aes(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
 
     if (status != SGX_SUCCESS) {
         return nullptr;

BLSPrivateKeyShareSGX.cpp

@@ -21,7 +21,7 @@
   @date 2019
 */
 
-using namespace std;
+
 
 #include "BLSSigShare.h"
 #include "BLSSignature.h"
@@ -33,6 +33,7 @@ using namespace std;
 
 #include "BLSCrypto.h"
 #include "ServerInit.h"
+#include "common.h"
 
 #include "BLSPrivateKeyShareSGX.h"
 

CMakeLists.txt

-cmake_minimum_required(VERSION 3.12)
-project(sgxd)
+cmake_minimum_required(VERSION 3.15)
+project(sgxwallet)
 
 set(CMAKE_CXX_STANDARD 14)
 
 include_directories(.)
-include_directories(libff/libff/algebra/curves/alt_bn128)
-include_directories(libff/libff/algebra/curves/bn128)
-include_directories(libff/libff/algebra/curves/edwards)
-include_directories(libff/libff/algebra/curves/mnt)
-include_directories(libff/libff/algebra/curves/mnt/mnt4)
-include_directories(libff/libff/algebra/curves/mnt/mnt6)
-include_directories(libff/libff/common/default_types)
 include_directories(secure_enclave)
+include_directories(sgx-software-enable)
+include_directories(tgmp-build)
+include_directories(tgmp-build/include)
 
-add_custom_target(sgxd COMMAND make all
-        WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-        SOURCES
-        libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp
-        libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.hpp
-        libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp
-        libff/libff/algebra/curves/alt_bn128/alt_bn128_init.hpp
-        libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.cpp
-        libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp
-        libff/libff/algebra/curves/bn128/bn128_g1.cpp
-        libff/libff/algebra/curves/bn128/bn128_g1.hpp
-        libff/libff/algebra/curves/bn128/bn128_g2.cpp
-        libff/libff/algebra/curves/bn128/bn128_g2.hpp
-        libff/libff/algebra/curves/bn128/bn128_gt.cpp
-        libff/libff/algebra/curves/bn128/bn128_gt.hpp
-        libff/libff/algebra/curves/bn128/bn128_init.cpp
-        libff/libff/algebra/curves/bn128/bn128_init.hpp
-        libff/libff/algebra/curves/bn128/bn128_pairing.cpp
-        libff/libff/algebra/curves/bn128/bn128_pairing.hpp
-        libff/libff/algebra/curves/bn128/bn128_pp.cpp
-        libff/libff/algebra/curves/bn128/bn128_pp.hpp
-        libff/libff/algebra/curves/bn128/bn_utils.hpp
-        libff/libff/algebra/curves/bn128/bn_utils.tcc
-        libff/libff/algebra/curves/edwards/edwards_g1.cpp
-        libff/libff/algebra/curves/edwards/edwards_g1.hpp
-        libff/libff/algebra/curves/edwards/edwards_g2.cpp
-        libff/libff/algebra/curves/edwards/edwards_g2.hpp
-        libff/libff/algebra/curves/edwards/edwards_init.cpp
-        libff/libff/algebra/curves/edwards/edwards_init.hpp
-        libff/libff/algebra/curves/edwards/edwards_pairing.cpp
-        libff/libff/algebra/curves/edwards/edwards_pairing.hpp
-        libff/libff/algebra/curves/edwards/edwards_pp.cpp
-        libff/libff/algebra/curves/edwards/edwards_pp.hpp
-        libff/libff/algebra/curves/mnt/mnt4/mnt4_g1.cpp
-        libff/libff/algebra/curves/mnt/mnt4/mnt4_g1.hpp
-        libff/libff/algebra/curves/mnt/mnt4/mnt4_g2.cpp
-        libff/libff/algebra/curves/mnt/mnt4/mnt4_g2.hpp
-        libff/libff/algebra/curves/mnt/mnt4/mnt4_init.cpp
-        libff/libff/algebra/curves/mnt/mnt4/mnt4_init.hpp
-        libff/libff/algebra/curves/mnt/mnt4/mnt4_pairing.cpp
-        libff/libff/algebra/curves/mnt/mnt4/mnt4_pairing.hpp
-        libff/libff/algebra/curves/mnt/mnt4/mnt4_pp.cpp
-        libff/libff/algebra/curves/mnt/mnt4/mnt4_pp.hpp
-        libff/libff/algebra/curves/mnt/mnt6/mnt6_g1.cpp
-        libff/libff/algebra/curves/mnt/mnt6/mnt6_g1.hpp
-        libff/libff/algebra/curves/mnt/mnt6/mnt6_g2.cpp
-        libff/libff/algebra/curves/mnt/mnt6/mnt6_g2.hpp
-        libff/libff/algebra/curves/mnt/mnt6/mnt6_init.cpp
-        libff/libff/algebra/curves/mnt/mnt6/mnt6_init.hpp
-        libff/libff/algebra/curves/mnt/mnt6/mnt6_pairing.cpp
-        libff/libff/algebra/curves/mnt/mnt6/mnt6_pairing.hpp
-        libff/libff/algebra/curves/mnt/mnt6/mnt6_pp.cpp
-        libff/libff/algebra/curves/mnt/mnt6/mnt6_pp.hpp
-        libff/libff/algebra/curves/mnt/mnt46_common.cpp
-        libff/libff/algebra/curves/mnt/mnt46_common.hpp
-        libff/libff/algebra/curves/tests/test_bilinearity.cpp
-        libff/libff/algebra/curves/tests/test_groups.cpp
-        libff/libff/algebra/curves/curve_utils.hpp
-        libff/libff/algebra/curves/curve_utils.tcc
-        libff/libff/algebra/curves/public_params.hpp
-        libff/libff/algebra/exponentiation/exponentiation.hpp
-        libff/libff/algebra/exponentiation/exponentiation.tcc
-        libff/libff/algebra/fields/tests/test_fields.cpp
-        libff/libff/algebra/fields/bigint.hpp
-        libff/libff/algebra/fields/bigint.tcc
-        libff/libff/algebra/fields/field_utils.hpp
-        libff/libff/algebra/fields/field_utils.tcc
-        libff/libff/algebra/fields/fp.hpp
-        libff/libff/algebra/fields/fp.tcc
-        libff/libff/algebra/fields/fp_aux.tcc
-        libff/libff/algebra/scalar_multiplication/multiexp.hpp
-        libff/libff/algebra/scalar_multiplication/multiexp.tcc
-        libff/libff/algebra/scalar_multiplication/multiexp_profile.cpp
-        libff/libff/algebra/scalar_multiplication/wnaf.hpp
-        libff/libff/algebra/scalar_multiplication/wnaf.tcc
-        libff/libff/common/default_types/ec_pp.hpp
-        libff/libff/common/double.cpp
-        libff/libff/common/double.hpp
-        libff/libff/common/profiling.cpp
-        libff/libff/common/profiling.hpp
-        libff/libff/common/rng.hpp
-        libff/libff/common/rng.tcc
-        libff/libff/common/template_utils.hpp
-        libff/libff/common/utils.cpp
-        libff/libff/common/utils.hpp
-        libff/libff/common/utils.tcc
+add_executable(sgxwallet
+        secure_enclave/AESUtils.c
+        secure_enclave/AESUtils.h
         secure_enclave/BLSEnclave.cpp
         secure_enclave/BLSEnclave.h
+        secure_enclave/curves.c
+        secure_enclave/curves.h
+        secure_enclave/DH_dkg.c
+        secure_enclave/DH_dkg.h
+        secure_enclave/DKGUtils.cpp
+        secure_enclave/DKGUtils.h
+        secure_enclave/domain_parameters.c
+        secure_enclave/domain_parameters.h
+        secure_enclave/enclave_common.h
+        secure_enclave/numbertheory.c
+        secure_enclave/numbertheory.h
+        secure_enclave/point.c
+        secure_enclave/point.h
         secure_enclave/secure_enclave.c
+        secure_enclave/secure_enclave.i
         secure_enclave/secure_enclave_t.c
         secure_enclave/secure_enclave_t.h
-        secure_enclave/DKGUtils.h
-        secure_enclave/DKGUtils.cpp
+        secure_enclave/signature.c
+        secure_enclave/signature.h
+        sgx-software-enable/sgx_capable.h
+        sgx-software-enable/sgx_enable.c
+        tgmp-build/include/sgx_tgmp.h
+        abstractCSRManagerServer.h
+        abstractregserver.h
+        abstractstubserver.h
+        BLSCrypto.cpp
+        BLSCrypto.h
+        BLSPrivateKeyShareSGX.cpp
+        BLSPrivateKeyShareSGX.h
+        catch.hpp
+        cert_util.cpp
+        common.h
         create_enclave.c
         create_enclave.h
+        CSRManagerServer.cpp
+        CSRManagerServer.h
+        DKGCrypto.cpp
+        DKGCrypto.h
+        ECDSACrypto.cpp
+        ECDSACrypto.h
+        LevelDB.cpp
+        LevelDB.h
         oc_alloc.c
+        RPCException.cpp
+        RPCException.h
         secure_enclave_u.c
         secure_enclave_u.h
+        SEKManager.cpp
+        SEKManager.h
+        ServerDataChecker.cpp
+        ServerDataChecker.h
+        ServerInit.cpp
+        ServerInit.h
         sgx_detect.h
         sgx_detect_linux.c
         sgx_stub.c
         sgx_stub.h
         sgx_tgmp.h
+        SGXRegistrationServer.cpp
+        SGXRegistrationServer.h
         sgxwallet.c
-        testw.cpp
-        )
+        sgxwallet.h
+        sgxwallet_common.h
+        SGXWalletServer.cpp
+        SGXWalletServer.h
+        SGXWalletServer.hpp
+        stubclient.cpp
+        stubclient.h
+        testw.cpp)

CSRManagerServer.cpp

@@ -12,6 +12,7 @@
 #include <jsonrpccpp/server/connectors/httpserver.h>
 
 #include "spdlog/spdlog.h"
+#include "common.h"
 
 
 CSRManagerServer *cs = nullptr;
@@ -22,20 +23,19 @@ CSRManagerServer::CSRManagerServer(AbstractServerConnector &connector,
     serverVersion_t type):abstractCSRManagerServer(connector, type){}
 
 
-Json::Value GetUnsignedCSRsImpl(){
-  spdlog::info("Enter GetUnsignedCSRsImpl");
+Json::Value getUnsignedCSRsImpl(){
+  spdlog::info("Enter getUnsignedCSRsImpl");
   Json::Value result;
   result["status"] = 0;
   result["errorMessage"] = "";
-  //result["hashes"] =;
 
   try{
-    std::vector<std::string> hashes_vect = csrDb->writeKeysToVector1(MAX_CSR_NUM);
-    for (int i = 0; i < hashes_vect.size(); i++){
+    vector<string> hashes_vect = LevelDB::getCsrDb()->writeKeysToVector1(MAX_CSR_NUM);
+    for (int i = 0; i < (int) hashes_vect.size(); i++){
       result["hashes"][i] = hashes_vect.at(i);
     }
   } catch (RPCException &_e) {
-    std::cerr << " err str " << _e.errString << std::endl;
+    cerr << " err str " << _e.errString << endl;
     result["status"] = _e.status;
     result["errorMessage"] = _e.errString;
 
@@ -44,7 +44,7 @@ Json::Value GetUnsignedCSRsImpl(){
   return result;
 }
 
-Json::Value SignByHashImpl(const std::string& hash, int status){
+Json::Value signByHashImpl(const string& hash, int status){
   Json::Value result;
   result["errorMessage"] = "";
 
@@ -53,46 +53,46 @@ Json::Value SignByHashImpl(const std::string& hash, int status){
       throw RPCException(-111, "Invalid csr status");
     }
 
-    std::string csr_db_key = "CSR:HASH:" + hash;
-    std::shared_ptr<std::string> csr_ptr = csrDb->readString(csr_db_key);
+    string csr_db_key = "CSR:HASH:" + hash;
+    shared_ptr<string> csr_ptr = LevelDB::getCsrDb()->readString(csr_db_key);
     if (csr_ptr == nullptr){
       throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "HASH DOES NOT EXIST IN DB");
     }
 
     if (status == 0) {
-      std::string csr_name = "sgx_data/cert/" + hash + ".csr";
-      std::ofstream outfile(csr_name);
-      outfile << *csr_ptr << std::endl;
+      string csr_name = "sgx_data/cert/" + hash + ".csr";
+      ofstream outfile(csr_name);
+      outfile << *csr_ptr << endl;
       outfile.close();
       if (access(csr_name.c_str(), F_OK) != 0) {
-        csrDb->deleteKey(csr_db_key);
+        LevelDB::getCsrDb()->deleteKey(csr_db_key);
         throw RPCException(FILE_NOT_FOUND, "Csr does not exist");
       }
 
-      std::string signClientCert = "cd sgx_data/cert && ./create_client_cert " + hash;
+      string signClientCert = "cd sgx_data/cert && ./create_client_cert " + hash;
 
       if (system(signClientCert.c_str()) == 0) {
         spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED");
       } else {
         spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
-        csrDb->deleteKey(csr_db_key);
-        std::string status_db_key = "CSR:HASH:" + hash + "STATUS:";
-        csrStatusDb->deleteKey(status_db_key);
-        csrStatusDb->writeDataUnique(status_db_key, "-1");
+        LevelDB::getCsrDb()->deleteKey(csr_db_key);
+        string status_db_key = "CSR:HASH:" + hash + "STATUS:";
+        LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
+        LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, "-1");
         throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
         //exit(-1);
       }
     }
 
-    csrDb->deleteKey(csr_db_key);
-    std::string status_db_key = "CSR:HASH:" + hash + "STATUS:";
-    csrStatusDb->deleteKey(status_db_key);
-    csrStatusDb->writeDataUnique(status_db_key, std::to_string(status));
+    LevelDB::getCsrDb()->deleteKey(csr_db_key);
+    string status_db_key = "CSR:HASH:" + hash + "STATUS:";
+    LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
+    LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(status));
 
     result["status"] = status;
 
   } catch (RPCException &_e) {
-    std::cerr << " err str " << _e.errString << std::endl;
+    cerr << " err str " << _e.errString << endl;
     result["status"] = _e.status;
     result["errorMessage"] = _e.errString;
   }
@@ -101,14 +101,14 @@ Json::Value SignByHashImpl(const std::string& hash, int status){
 }
 
 
-Json::Value CSRManagerServer::GetUnsignedCSRs(){
-  std::lock_guard<std::recursive_mutex> lock(m);
-  return GetUnsignedCSRsImpl();
+Json::Value CSRManagerServer::getUnsignedCSRs(){
+  lock_guard<recursive_mutex> lock(m);
+  return getUnsignedCSRsImpl();
 }
 
-Json::Value CSRManagerServer::SignByHash(const std::string& hash, int status){
-   std::lock_guard<std::recursive_mutex> lock(m);
-   return SignByHashImpl(hash, status);
+Json::Value CSRManagerServer::signByHash(const string& hash, int status){
+   lock_guard<recursive_mutex> lock(m);
+   return signByHashImpl(hash, status);
 }
 
 int init_csrmanager_server(){

CSRManagerServer.h

@@ -20,8 +20,8 @@ class CSRManagerServer : public abstractCSRManagerServer {
 
   CSRManagerServer(AbstractServerConnector &connector, serverVersion_t type);
 
-  virtual Json::Value GetUnsignedCSRs();
-  virtual Json::Value SignByHash(const std::string& hash, int status);
+  virtual Json::Value getUnsignedCSRs();
+  virtual Json::Value signByHash(const std::string& hash, int status);
 };
 
 extern int init_csrmanager_server();

DKGCrypto.h

@@ -39,7 +39,7 @@ bool VerifyShares(const char* publicShares, const char* encr_sshare, const char
 
 std::string decrypt_DHKey(const std::string& polyName, int ind);
 
-bool CreateBLSShare( const std::string& BLSKeyName, const char * s_shares, const char * encryptedKeyHex);
+bool CreateBLSShare( const std::string& blsKeyName, const char * s_shares, const char * encryptedKeyHex);
 
 std::vector<std::string> GetBLSPubKey(const char * encryptedKeyHex);
 

Dockerfile

 FROM skalenetwork/sgxwallet_base:latest
 WORKDIR /usr/src/sdk
 
+COPY *.cpp ./
+COPY *.h ./
+COPY *.txt ./
+COPY *.c ./
+COPY *.am ./
+COPY *.hpp ./
+COPY *.sh ./
+COPY *.gmp ./
+COPY *.ac ./
+COPY *.json ./
+COPY docker ./docker
+COPY build-aux ./build-aux
+COPY  cert ./cert
+COPY jsonrpc ./jsonrpc
+
+COPY leveldb ./leveldb
+COPY m4 ./m4
+COPY scripts ./scripts
+COPY secure_enclave ./secure_enclave
+COPY spdlog ./spdlog
 
 
 RUN autoreconf -vif
@@ -12,13 +32,8 @@ RUN autoconf
 RUN ./configure
 ### RUN cd libBLS; cmake -H. -Bbuild; cmake --build build -- -j$(nproc);
 RUN make
-RUN wget --progress=dot:mega -O - https://github.com/intel/dynamic-application-loader-host-interface/archive/072d233296c15d0dcd1fb4570694d0244729f87b.tar.gz | tar -xz && \
-    cd dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b && \
-    cmake . -DCMAKE_BUILD_TYPE=Release -DINIT_SYSTEM=SysVinit && \
-    make install && \
-    cd .. && rm -rf dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b
 
-RUN mkdir /sgx_data
+RUN mkdir /usr/src/sdk/sgx_data
 
 COPY docker/start.sh ./
 ENTRYPOINT ["/usr/src/sdk/start.sh"]

DockerfileBase

@@ -48,4 +48,10 @@ RUN git clone -b sgx_2.5 --depth 1 https://github.com/intel/linux-sgx && \
 COPY configure.gmp ./
 RUN cd scripts; ./build.py
 
+RUN wget --progress=dot:mega -O - https://github.com/intel/dynamic-application-loader-host-interface/archive/072d233296c15d0dcd1fb4570694d0244729f87b.tar.gz | tar -xz && \
+    cd dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b && \
+    cmake . -DCMAKE_BUILD_TYPE=Release -DINIT_SYSTEM=SysVinit && \
+    make install && \
+    cd .. && rm -rf dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b
+
 

DockerfileSimulation

 FROM skalenetwork/sgxwallet_base:latest
 WORKDIR /usr/src/sdk
 
+COPY *.cpp ./
+COPY *.h ./
+COPY *.txt ./
+COPY *.c ./
+COPY *.am ./
+COPY *.hpp ./
+COPY *.sh ./
+COPY *.gmp ./
+COPY *.ac ./
+COPY *.json ./
+COPY docker ./docker
+COPY build-aux ./build-aux
+COPY  cert ./cert
+COPY jsonrpc ./jsonrpc
+COPY leveldb ./leveldb
+COPY m4 ./m4
+COPY scripts ./scripts
+COPY secure_enclave ./secure_enclave
+COPY spdlog ./spdlog
+
 RUN autoreconf -vif
 RUN libtoolize --force
 RUN aclocal
@@ -10,13 +30,9 @@ RUN autoconf
 RUN ./configure --enable-sgx-simulation
 ### RUN cd libBLS; cmake -H. -Bbuild; cmake --build build -- -j$(nproc);
 RUN make
-RUN wget --progress=dot:mega -O - https://github.com/intel/dynamic-application-loader-host-interface/archive/072d233296c15d0dcd1fb4570694d0244729f87b.tar.gz | tar -xz && \
-    cd dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b && \
-    cmake . -DCMAKE_BUILD_TYPE=Release -DINIT_SYSTEM=SysVinit && \
-    make install && \
-    cd .. && rm -rf dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b
 
-RUN mkdir /sgx_data
+
+RUN mkdir /usr/src/sdk/sgx_data
 COPY docker/start.sh ./
 
 ENTRYPOINT ["/usr/src/sdk/start.sh"]

ECDSACrypto.cpp

@@ -51,14 +51,23 @@ std::vector<std::string> gen_ecdsa_key(){
   char *pub_key_y = (char *)calloc(1024, 1);
   uint32_t enc_len = 0;
 
-  status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
+  if ( !is_aes)
+     status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
+  else status = generate_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
+
   if ( err_status != 0 ){
     std::cerr << "RPCException thrown" << std::endl;
     throw RPCException(-666, errMsg) ;
   }
   std::vector<std::string> keys(3);
-  //std::cerr << "account key is " << errMsg << std::endl;
-  char *hexEncrKey = (char *) calloc(2*BUF_LEN, 1);
+  if (DEBUG_PRINT) {
+    std::cerr << "account key is " << errMsg << std::endl;
+    std::cerr << "enc_len is " << enc_len << std::endl;
+    std::cerr << "enc_key is "  << std::endl;
+//    for(int i = 0 ; i < 1024; i++)
+//      std::cerr << (int)encr_pr_key[i] << " " ;
+  }
+  char *hexEncrKey = (char *) calloc(BUF_LEN * 2, 1);
   carray2Hex(encr_pr_key, enc_len, hexEncrKey);
   keys.at(0) = hexEncrKey;
   keys.at(1) = std::string(pub_key_x) + std::string(pub_key_y);//concatPubKeyWith0x(pub_key_x, pub_key_y);//
@@ -69,6 +78,7 @@ std::vector<std::string> gen_ecdsa_key(){
   unsigned long seed = rand_gen();
   if (DEBUG_PRINT) {
     spdlog::info("seed is {}", seed);
+    std::cerr << "strlen is " << strlen(hexEncrKey) << std::endl;
   }
   gmp_randstate_t state;
   gmp_randinit_default(state);
@@ -105,26 +115,32 @@ std::string get_ecdsa_pubkey(const char* encryptedKeyHex){
   char *pub_key_y = (char *)calloc(1024, 1);
   uint64_t enc_len = 0;
 
-  uint8_t encr_pr_key[BUF_LEN];
+  //uint8_t encr_pr_key[BUF_LEN];
+  uint8_t* encr_pr_key = (uint8_t*)calloc(1024, 1);
   if (!hex2carray(encryptedKeyHex, &enc_len, encr_pr_key)){
     throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
   }
 
-  status = get_public_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
+  if ( !is_aes)
+   status = get_public_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
+  else status = get_public_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
   if (err_status != 0){
     throw RPCException(-666, errMsg) ;
   }
   std::string pubKey = std::string(pub_key_x) + std::string(pub_key_y);//concatPubKeyWith0x(pub_key_x, pub_key_y);//
 
   if (DEBUG_PRINT) {
+    spdlog::info("enc_len is {}", enc_len);
     spdlog::info("pubkey is {}", pubKey);
     spdlog::info("pubkey length is {}", pubKey.length());
     spdlog::info("err str is {}", errMsg);
+    spdlog::info("err status is {}", err_status);
   }
 
   free(errMsg);
   free(pub_key_x);
   free(pub_key_y);
+  free(encr_pr_key);
 
   return pubKey;
 }
@@ -134,12 +150,13 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
 
   char *errMsg = (char *)calloc(1024, 1);
   int err_status = 0;
-  char* signature_r = (char*)malloc(1024);
-  char* signature_s = (char*)malloc(1024);
+  char* signature_r = (char *)calloc(1024, 1);
+  char* signature_s = (char *)calloc(1024, 1);
   uint8_t signature_v = 0;
   uint64_t dec_len = 0;
 
-  uint8_t encr_key[BUF_LEN];
+  //uint8_t encr_key[BUF_LEN];
+  uint8_t* encr_key = (uint8_t*)calloc(1024, 1);
   if (!hex2carray(encryptedKeyHex, &dec_len, encr_key)){
       throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
   }
@@ -150,7 +167,9 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
     spdlog::info("encrypted len: {}", dec_len);
   }
 
-  status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
+  if (!is_aes)
+   status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
+  else status = ecdsa_sign_aes(eid, &err_status, errMsg, encr_key, dec_len, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
   if ( err_status != 0){
     throw RPCException(-666, errMsg ) ;
   }
@@ -176,6 +195,7 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
   free(errMsg);
   free(signature_r);
   free(signature_s);
+  free(encr_key);
 
   return signature_vect;
 }
\ No newline at end of file

LevelDB.cpp

@@ -37,24 +37,24 @@
 #include "ServerInit.h"
 
 #include "spdlog/spdlog.h"
+#include "common.h"
+
 
 using namespace leveldb;
 
 
+
 static WriteOptions writeOptions;
 static ReadOptions readOptions;
 
 
-LevelDB* levelDb = nullptr;
-LevelDB* csrDb = nullptr;
-LevelDB* csrStatusDb = nullptr;
 
 
-std::shared_ptr<std::string> LevelDB::readString(const std::string &_key) {
+std::shared_ptr<string> LevelDB::readString(const string &_key) {
 
     std::lock_guard<std::recursive_mutex> lock(mutex);
 
-    auto result = std::make_shared<std::string>();
+    auto result = std::make_shared<string>();
 
     if (db == nullptr) {
         throw RPCException(NULL_DATABASE, "Null db");
@@ -75,7 +75,7 @@ std::shared_ptr<std::string> LevelDB::readString(const std::string &_key) {
     return result;
 }
 
-void LevelDB::writeString(const std::string &_key, const std::string &_value) {
+void LevelDB::writeString(const string &_key, const string &_value) {
 
     std::lock_guard<std::recursive_mutex> lock(mutex);
 
@@ -90,11 +90,11 @@ void LevelDB::writeString(const std::string &_key, const std::string &_value) {
 }
 
 
-void LevelDB::deleteDHDKGKey (const std::string &_key) {
+void LevelDB::deleteDHDKGKey (const string &_key) {
 
     std::lock_guard<std::recursive_mutex> lock(mutex);
 
-    std::string full_key = "DKG_DH_KEY_" + _key;
+    string full_key = "DKG_DH_KEY_" + _key;
 
     auto status = db->Delete(writeOptions, Slice(_key));
 
@@ -106,11 +106,11 @@ void LevelDB::deleteDHDKGKey (const std::string &_key) {
     }
 }
 
-void LevelDB::deleteTempNEK(const std::string &_key){
+void LevelDB::deleteTempNEK(const string &_key){
 
     std::lock_guard<std::recursive_mutex> lock(mutex);
 
-    std::string prefix = _key.substr(0,8);
+    string prefix = _key.substr(0,8);
     if (prefix != "tmp_NEK:") {
       return;
     }
@@ -122,7 +122,7 @@ void LevelDB::deleteTempNEK(const std::string &_key){
     std::cerr << "key deleted " << _key << std::endl;
 }
 
-void LevelDB::deleteKey(const std::string &_key){
+void LevelDB::deleteKey(const string &_key){
 
     std::lock_guard<std::recursive_mutex> lock(mutex);
 
@@ -149,7 +149,7 @@ void LevelDB::writeByteArray(const char *_key, size_t _keyLen, const char *value
 }
 
 
-void LevelDB::writeByteArray(std::string &_key, const char *value,
+void LevelDB::writeByteArray(string &_key, const char *value,
                              size_t _valueLen) {
 
     std::lock_guard<std::recursive_mutex> lock(mutex);
@@ -188,13 +188,13 @@ uint64_t LevelDB::visitKeys(LevelDB::KeyVisitor *_visitor, uint64_t _maxKeysToVi
     return readCounter;
 }
 
-std::vector<std::string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){
+std::vector<string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){
   uint64_t readCounter = 0;
-  std::vector<std::string> keys;
+  std::vector<string> keys;
 
   leveldb::Iterator *it = db->NewIterator(readOptions);
   for (it->SeekToFirst(); it->Valid(); it->Next()) {
-    std::string cur_key(it->key().data(), it->key().size());
+    string cur_key(it->key().data(), it->key().size());
     keys.push_back(cur_key);
    // keys.push_back(it->key().data());
     readCounter++;
@@ -208,7 +208,7 @@ std::vector<std::string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){
   return keys;
 }
 
-void LevelDB::writeDataUnique(const std::string & Name, const std::string &value) {
+void LevelDB::writeDataUnique(const string & Name, const string &value) {
 
   auto key = Name;
 
@@ -226,7 +226,7 @@ void LevelDB::writeDataUnique(const std::string & Name, const std::string &value
 }
 
 
-LevelDB::LevelDB(std::string &filename) {
+LevelDB::LevelDB(string &filename) {
 
 
     leveldb::Options options;
@@ -243,9 +243,73 @@ LevelDB::LevelDB(std::string &filename) {
 }
 
 LevelDB::~LevelDB() {
-    if (db != nullptr)
-        delete db;
 }
 
+const std::shared_ptr<LevelDB> &LevelDB::getLevelDb() {
+    CHECK_STATE(levelDb)
+    return levelDb;
+}
+
+const std::shared_ptr<LevelDB> &LevelDB::getCsrDb() {
+    CHECK_STATE(csrDb)
+    return csrDb;
+}
+
+const std::shared_ptr<LevelDB> &LevelDB::getCsrStatusDb() {
+    CHECK_STATE(csrStatusDb)
+    return csrStatusDb;
+}
+
+
+std::shared_ptr<LevelDB> LevelDB::levelDb = nullptr;
+
+std::shared_ptr<LevelDB> LevelDB::csrDb = nullptr;
+
+std::shared_ptr<LevelDB> LevelDB::csrStatusDb = nullptr;
+
+string LevelDB::sgx_data_folder;
+
+bool LevelDB::isInited = false;
+
+void LevelDB::initDataFolderAndDBs() {
+
+    if (isInited)
+        return;
+
+    char cwd[PATH_MAX];
+    if (getcwd(cwd, sizeof(cwd)) == NULL) {
+        spdlog::error("could not get cwd");
+        exit(-1);
+    }
+
 
+    sgx_data_folder = string(cwd) + "/" + SGXDATA_FOLDER;
+
+    struct stat info;
+    if (stat(sgx_data_folder.c_str(), &info) !=0 ){
+        spdlog::info("going to create sgx_data folder");
+        std::string make_sgx_data_folder = "mkdir " + sgx_data_folder;
+        if (system(make_sgx_data_folder.c_str()) == 0){
+            spdlog::info("sgx_data folder was created");
+        }
+        else{
+            spdlog::error("creating sgx_data folder failed");
+            exit(-1);
+        }
+    }
 
+
+    auto dbName = sgx_data_folder +  WALLETDB_NAME;
+    levelDb = make_shared<LevelDB>(dbName);
+
+    auto csr_dbname = sgx_data_folder + "CSR_DB";
+    csrDb = make_shared<LevelDB>(csr_dbname);
+
+    auto csr_status_dbname = sgx_data_folder + "CSR_STATUS_DB";
+    csrStatusDb = make_shared<LevelDB>(csr_status_dbname);
+
+}
+
+const string &LevelDB::getSgxDataFolder() {
+    return sgx_data_folder;
+}

LevelDB.h

@@ -29,7 +29,7 @@
 #include <string>
 #include <mutex>
 #include <vector>
-
+#include "common.h"
 namespace leveldb {
     class DB;
     class Status;
@@ -38,38 +38,54 @@ namespace leveldb {
 
 class LevelDB {
 
-    std::recursive_mutex mutex;
+    recursive_mutex mutex;
+
+    shared_ptr<leveldb::DB> db;
+
+    static bool isInited;
+
+    static shared_ptr<LevelDB> levelDb;
+
+    static shared_ptr<LevelDB> csrDb;
+
+    static shared_ptr<LevelDB> csrStatusDb;
 
-    leveldb::DB* db;
+    static string sgx_data_folder;
 
-    extern LevelDB* levelDb;
 
-    extern LevelDB* csrDb;
+public:
+
+
+    static void initDataFolderAndDBs();
 
-    extern LevelDB* csrStatusDb;
+    static const shared_ptr<LevelDB> &getLevelDb();
+
+    static const shared_ptr<LevelDB> &getCsrDb();
+
+    static const shared_ptr<LevelDB> &getCsrStatusDb();
 
 public:
 
 
-    std::shared_ptr<std::string> readString(const std::string& _key);
+    shared_ptr<string> readString(const string& _key);
 
 
-    void writeString(const std::string &key1, const std::string &value1);
+    void writeString(const string &key1, const string &value1);
 
-    void writeDataUnique(const std::string & Name, const std::string &value);
+    void writeDataUnique(const string & Name, const string &value);
 
     void writeByteArray(const char *_key, size_t _keyLen, const char *value,
                         size_t _valueLen);
 
 
-    void writeByteArray(std::string& _key, const char *value,
+    void writeByteArray(string& _key, const char *value,
                         size_t _valueLen);
 
-    void deleteDHDKGKey (const std::string &_key);
+    void deleteDHDKGKey (const string &_key);
 
-    void deleteTempNEK (const std::string &_key);
+    void deleteTempNEK (const string &_key);
 
-    void deleteKey(const std::string &_key);
+    void deleteKey(const string &_key);
 
 public:
 
@@ -77,7 +93,7 @@ public:
     void throwExceptionOnError(leveldb::Status result);
 
 
-    LevelDB(std::string& filename);
+    LevelDB(string& filename);
 
 
 
@@ -85,15 +101,17 @@ public:
     class KeyVisitor {
     public:
         virtual void visitDBKey(const char* _data) = 0;
-        virtual void writeDBKeysToVector(const char* _data, std::vector<const char*> & keys_vect) {}
+        virtual void writeDBKeysToVector(const char* _data, vector<const char*> & keys_vect) {}
     };
 
     uint64_t visitKeys(KeyVisitor* _visitor, uint64_t _maxKeysToVisit);
 
-    std::vector<std::string> writeKeysToVector1(uint64_t _maxKeysToVisit);
+    vector<string> writeKeysToVector1(uint64_t _maxKeysToVisit);
 
     virtual ~LevelDB();
 
+    static const string &getSgxDataFolder();
+
 
 };
 

Makefile.am

@@ -67,7 +67,7 @@ COMMON_SRC = sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c
 COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h
 
 sgxwallet_SOURCES = sgxwallet.c SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp  BLSCrypto.cpp ECDSACrypto.cpp \
-DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp $(COMMON_SRC)
+DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp $(COMMON_SRC)
 
 
 nodist_sgxwallet_SOURCES = $(COMMON_ENCLAVE_SRC)
@@ -102,7 +102,7 @@ sgxwallet_LDADD=-l$(SGX_URTS_LIB) -LlibBLS/deps/deps_inst/x86_or_x64/lib -Llevel
 
 
 testw_SOURCES=testw.cpp stubclient.cpp SGXWalletServer.cpp  RPCException.cpp BLSCrypto.cpp ServerInit.cpp LevelDB.cpp \
- DKGCrypto.cpp BLSPrivateKeyShareSGX.cpp ECDSACrypto.cpp ServerDataChecker.cpp  SGXRegistrationServer.cpp CSRManagerServer.cpp $(COMMON_SRC)
+ DKGCrypto.cpp BLSPrivateKeyShareSGX.cpp ECDSACrypto.cpp ServerDataChecker.cpp  SEKManager.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp $(COMMON_SRC)
 nodist_testw_SOURCES=${nodist_sgxwallet_SOURCES}
 EXTRA_testw_DEPENDENCIES=${EXTRA_sgxwallet_DEPENDENCIES}
 testw_LDADD= ${sgxwallet_LDADD}

SEKManager.cpp

+/*
+    Copyright (C) 2019-Present SKALE Labs
+
+    This file is part of sgxwallet.
+
+    sgxwallet is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published
+    by the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    sgxwallet is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.
+
+    @file SEKManager.cpp
+    @author Stan Kladko
+    @date 2019
+*/
+
+#include "SEKManager.h"
+#include "RPCException.h"
+#include "BLSCrypto.h"
+#include "LevelDB.h"
+
+#include <iostream>
+
+#include "sgxwallet_common.h"
+#include "common.h"
+#include "sgxwallet.h"
+
+void generate_SEK(){
+
+  vector<char> errMsg(1024,0);
+  int err_status = 0;
+  vector<uint8_t> encr_SEK(1024, 0);
+  uint32_t enc_len = 0;
+
+  status = generate_SEK(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len);
+  if ( err_status != 0 ){
+    cerr << "RPCException thrown" << endl;
+    throw RPCException(-666, errMsg.data()) ;
+  }
+
+  vector<char> hexEncrKey(2*enc_len + 1, 0);
+
+  carray2Hex(encr_SEK.data(), enc_len, hexEncrKey.data());
+
+  cerr << "key is " << errMsg.data() << endl;
+
+  LevelDB::getLevelDb()->writeDataUnique("SEK", hexEncrKey.data());
+
+}

SEKManager.h

+/*
+    Copyright (C) 2019-Present SKALE Labs
+
+    This file is part of sgxwallet.
+
+    sgxwallet is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published
+    by the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    sgxwallet is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.
+
+    @file SEKManager.h
+    @author Stan Kladko
+    @date 2019
+*/
+
+#ifndef SGXD_SEKMANAGER_H
+#define SGXD_SEKMANAGER_H
+
+void generate_SEK();
+
+#endif //SGXD_SEKMANAGER_H

SGXRegistrationServer.cpp

@@ -44,9 +44,11 @@
 #include "LevelDB.h"
 
 #include "spdlog/spdlog.h"
+#include "common.h"
 
 int DEBUG_PRINT = 0;
 int is_sgx_https = 1;
+int is_aes = 0;
 
 SGXRegistrationServer *regs = nullptr;
 HttpServer *hs2 = nullptr;
@@ -63,30 +65,30 @@ SGXRegistrationServer::SGXRegistrationServer(AbstractServerConnector &connector,
     : AbstractRegServer(connector, type), is_cert_created(false), cert_auto_sign(auto_sign) {}
 
 
-Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){
+Json::Value signCertificateImpl(const string& csr, bool auto_sign = false){
   Json::Value result;
   result["status"] = 0;
   result["errorMessage"] = "";
   try{
-    spdlog::info("enter SignCertificateImpl");
+    spdlog::info("enter signCertificateImpl");
 
-    std::string status = "1";
-    std::string hash = cryptlite::sha256::hash_hex(csr);
+    string status = "1";
+    string hash = cryptlite::sha256::hash_hex(csr);
     if ( !auto_sign) {
-      std::string db_key = "CSR:HASH:" + hash;
-      csrDb->writeDataUnique(db_key, csr);
+      string db_key = "CSR:HASH:" + hash;
+      LevelDB::getCsrStatusDb()->writeDataUnique(db_key, csr);
     }
 
     if (auto_sign) {
-      std::string csr_name = "cert/" + hash + ".csr";
-      std::ofstream outfile(csr_name);
-      outfile << csr << std::endl;
+      string csr_name = "cert/" + hash + ".csr";
+      ofstream outfile(csr_name);
+      outfile << csr << endl;
       outfile.close();
       if (access(csr_name.c_str(), F_OK) != 0) {
         throw RPCException(FILE_NOT_FOUND, "Csr does not exist");
       }
 
-      std::string genCert = "cd cert && ./create_client_cert " + hash;
+      string genCert = "cd cert && ./create_client_cert " + hash;
 
       if (system(genCert.c_str()) == 0){
           spdlog::info("CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED");
@@ -94,8 +96,8 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){
       }
       else{
           spdlog::info("CLIENT CERTIFICATE GENERATION FAILED");
-          std::string status_db_key = "CSR:HASH:" + hash + "STATUS:";
-          csrStatusDb->writeDataUnique(status_db_key, std::to_string(FAIL_TO_CREATE_CERTIFICATE));
+          string status_db_key = "CSR:HASH:" + hash + "STATUS:";
+          LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(FAIL_TO_CREATE_CERTIFICATE));
           throw RPCException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
           //exit(-1);
       }
@@ -104,11 +106,11 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){
     result["result"] = true;
     result["hash"] = hash;
 
-    std::string db_key = "CSR:HASH:" + hash + "STATUS:";
-    csrStatusDb->writeDataUnique(db_key, status);
+    string db_key = "CSR:HASH:" + hash + "STATUS:";
+    LevelDB::getCsrStatusDb()->writeDataUnique(db_key, status);
 
   } catch (RPCException &_e) {
-    std::cerr << " err str " << _e.errString << std::endl;
+    cerr << " err str " << _e.errString << endl;
     result["status"] = _e.status;
     result["errorMessage"] = _e.errString;
     result["result"] = false;
@@ -117,26 +119,26 @@ Json::Value SignCertificateImpl(const std::string& csr, bool auto_sign = false){
   return result;
 }
 
-Json::Value GetSertificateImpl(const std::string& hash){
+Json::Value GetSertificateImpl(const string& hash){
   Json::Value result;
 
-  std::string cert;
+  string cert;
   try{
-    std::string db_key = "CSR:HASH:" + hash + "STATUS:";
-    std::shared_ptr<string> status_str_ptr = csrStatusDb->readString(db_key);
+    string db_key = "CSR:HASH:" + hash + "STATUS:";
+    shared_ptr<string> status_str_ptr = LevelDB::getCsrStatusDb()->readString(db_key);
     if (status_str_ptr == nullptr){
        throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist in csr db");
     }
-    int status = std::atoi(status_str_ptr->c_str());
+    int status = atoi(status_str_ptr->c_str());
 
     if ( status == 0){
-      std::string crt_name = "cert/" + hash + ".crt";
+      string crt_name = "cert/" + hash + ".crt";
       //if (access(crt_name.c_str(), F_OK) == 0){
-        std::ifstream infile(crt_name);
+        ifstream infile(crt_name);
         if (!infile.is_open()) {
-          std::string status_db_key = "CSR:HASH:" + hash + "STATUS:";
-          csrStatusDb->deleteKey(status_db_key);
-          csrStatusDb->writeDataUnique(status_db_key, std::to_string(FILE_NOT_FOUND));
+          string status_db_key = "CSR:HASH:" + hash + "STATUS:";
+          LevelDB::getCsrStatusDb()->deleteKey(status_db_key);
+          LevelDB::getCsrStatusDb()->writeDataUnique(status_db_key, to_string(FILE_NOT_FOUND));
           throw RPCException(FILE_NOT_FOUND, "Certificate does not exist");
         } else {
           ostringstream ss;
@@ -144,9 +146,9 @@ Json::Value GetSertificateImpl(const std::string& hash){
           cert = ss.str();
 
           infile.close();
-          std::string remove_crt = "cd cert && rm -rf " + hash + ".crt && rm -rf " + hash + ".csr";
+          string remove_crt = "cd cert && rm -rf " + hash + ".crt && rm -rf " + hash + ".csr";
           if(system(remove_crt.c_str()) == 0){
-              //std::cerr << "cert removed" << std::endl;
+              //cerr << "cert removed" << endl;
               spdlog::info(" cert removed ");
 
           }
@@ -161,7 +163,7 @@ Json::Value GetSertificateImpl(const std::string& hash){
     result["cert"] = cert;
 
   } catch (RPCException &_e) {
-    std::cerr << " err str " << _e.errString << std::endl;
+    cerr << " err str " << _e.errString << endl;
     result["status"] = _e.status;
     result["errorMessage"] = _e.errString;
   }
@@ -170,13 +172,13 @@ Json::Value GetSertificateImpl(const std::string& hash){
 }
 
 
-Json::Value SGXRegistrationServer::SignCertificate(const std::string& csr){
-  spdlog::info("Enter SignCertificate ");
+Json::Value SGXRegistrationServer::signCertificate(const string& csr){
+  spdlog::info("Enter signCertificate ");
   lock_guard<recursive_mutex> lock(m);
-  return SignCertificateImpl(csr, cert_auto_sign);
+  return signCertificateImpl(csr, cert_auto_sign);
 }
 
-Json::Value SGXRegistrationServer::GetCertificate(const std::string& hash){
+Json::Value SGXRegistrationServer::getCertificate(const string& hash){
   lock_guard<recursive_mutex> lock(m);
   return GetSertificateImpl(hash);
 }
@@ -190,19 +192,19 @@ void SGXRegistrationServer::set_cert_created(bool b){
 
 int init_registration_server(bool sign_automatically) {
 
-//  std::string certPath = "cert/SGXCACertificate.crt";
-//  std::string keyPath = "cert/SGXCACertificate.key";
+//  string certPath = "cert/SGXCACertificate.crt";
+//  string keyPath = "cert/SGXCACertificate.key";
 //
 //  if (access(certPath.c_str(), F_OK) != 0){
-//    std::cerr << "CERTIFICATE IS GOING TO BE CREATED" << std::endl;
+//    cerr << "CERTIFICATE IS GOING TO BE CREATED" << endl;
 //
-//    std::string genCert = "cd cert && ./self-signed-tls -c=US -s=California -l=San-Francisco -o=\"Skale Labs\" -u=\"Department of Software Engineering\" -n=\"SGXCACertificate\" -e=info@skalelabs.com";
+//    string genCert = "cd cert && ./self-signed-tls -c=US -s=California -l=San-Francisco -o=\"Skale Labs\" -u=\"Department of Software Engineering\" -n=\"SGXCACertificate\" -e=info@skalelabs.com";
 //
 //    if (system(genCert.c_str()) == 0){
-//      std::cerr << "CERTIFICATE IS SUCCESSFULLY GENERATED" << std::endl;
+//      cerr << "CERTIFICATE IS SUCCESSFULLY GENERATED" << endl;
 //    }
 //    else{
-//      std::cerr << "CERTIFICATE GENERATION FAILED" << std::endl;
+//      cerr << "CERTIFICATE GENERATION FAILED" << endl;
 //      exit(-1);
 //    }
 //  }

SGXRegistrationServer.h

@@ -44,8 +44,8 @@ public:
 
   void set_cert_created(bool b);
 
-  virtual Json::Value SignCertificate(const std::string& csr);
-  virtual Json::Value GetCertificate(const std::string& hash);
+  virtual Json::Value signCertificate(const std::string& csr);
+  virtual Json::Value getCertificate(const std::string& hash);
 
 };
 

SGXWalletServer.hpp

@@ -56,11 +56,12 @@ public:
     virtual Json::Value generateDKGPoly(const std::string& polyName, int t);
     virtual Json::Value getVerificationVector(const std::string& polyName, int t, int n);
     virtual Json::Value getSecretShare(const std::string& polyName, const Json::Value& publicKeys, int t, int n);
-    virtual Json::Value DKGVerification(const std::string& publicShares, const std::string& EthKeyName, const std::string& SecretShare, int t, int n, int index);
-    virtual Json::Value CreateBLSPrivateKey(const std::string & BLSKeyName, const std::string& EthKeyName, const std::string& polyName, const std::string & SecretShare, int t, int n);
-    virtual Json::Value GetBLSPublicKeyShare(const std::string & BLSKeyName);
-    virtual Json::Value ComplaintResponse(const std::string& polyName, int ind);
-    virtual Json::Value MultG2(const std::string & x);
+    virtual Json::Value dkgVerification(const std::string& publicShares, const std::string& ethKeyName, const std::string& SecretShare, int t, int n, int index);
+    virtual Json::Value createBLSPrivateKey(const std::string & blsKeyName, const std::string& ethKeyName, const std::string& polyName, const std::string & SecretShare, int t, int n);
+    virtual Json::Value getBLSPublicKeyShare(const std::string & blsKeyName);
+    virtual Json::Value complaintResponse(const std::string& polyName, int ind);
+    virtual Json::Value multG2(const std::string & x);
+    virtual Json::Value isPolyExists(const std::string& polyName);
     virtual Json::Value getServerStatus();
 
 };
@@ -83,11 +84,13 @@ Json::Value getPublicECDSAKeyImpl(const std::string& keyName);
 Json::Value generateDKGPolyImpl(const std::string& polyName, int t);
 Json::Value getVerificationVectorImpl(const std::string& polyName, int t, int n);
 Json::Value getSecretShareImpl(const std::string& polyName, const Json::Value& publicKeys, int t, int n);
-Json::Value DKGVerificationImpl(const std::string& publicShares, const std::string& EthKeyName, const std::string& SecretShare, int t, int n, int index);
-Json::Value CreateBLSPrivateKeyImpl(const std::string & BLSKeyName, const std::string& EthKeyName, const std::string& polyName, const std::string & SecretShare, int t, int n);
-Json::Value GetBLSPublicKeyShareImpl(const std::string & BLSKeyName);
-Json::Value ComplaintResponseImpl(const std::string& polyName, int ind);
-Json::Value MultG2Impl(const std::string & x);
+Json::Value dkgVerificationImpl(const std::string& publicShares, const std::string& ethKeyName, const std::string& SecretShare, int t, int n, int index);
+Json::Value createBLSPrivateKeyImpl(const std::string & blsKeyName, const std::string& ethKeyName, const std::string& polyName, const std::string & SecretShare, int t, int n);
+Json::Value getBLSPublicKeyShareImpl(const std::string & blsKeyName);
+Json::Value complaintResponseImpl(const std::string& polyName, int ind);
+Json::Value multG2Impl(const std::string & x);
+Json::Value isPolyExistsImpl(const std::string& polyName);
+
 Json::Value getServerStatusImpl();
 
 #endif //SGXWALLET_SGXWALLETSERVER_HPP
\ No newline at end of file

ServerDataChecker.cpp

@@ -28,14 +28,15 @@
 #include <iostream>
 
 #include "spdlog/spdlog.h"
+#include "common.h"
 
-std::vector<std::string> SplitString(const std::string& str, const std::string& delim = ":"){
-    std::vector<std::string> tokens;
+vector<string> SplitString(const string& str, const string& delim = ":"){
+    vector<string> tokens;
     size_t prev = 0, pos = 0;
     do {
         pos = str.find(delim, prev);
-        if (pos == std::string::npos) pos = str.length();
-        std::string token = str.substr(prev, pos-prev);
+        if (pos == string::npos) pos = str.length();
+        string token = str.substr(prev, pos-prev);
         if (!token.empty()) tokens.push_back(token);
         prev = pos + delim.length();
     } while (pos < str.length() && prev < str.length());
@@ -43,8 +44,8 @@ std::vector<std::string> SplitString(const std::string& str, const std::string&
     return tokens;
 }
 
-bool checkECDSAKeyName(const std::string& keyName) {
-  std::vector<std::string> parts = SplitString(keyName);
+bool checkECDSAKeyName(const string& keyName) {
+  vector<string> parts = SplitString(keyName);
   if (parts.size() != 2) {
     spdlog::info("ECDSAKeyName num parts != 2");
     return false;
@@ -69,7 +70,7 @@ bool checkECDSAKeyName(const std::string& keyName) {
   return true;
 }
 
-bool checkHex(const std::string& hex, const uint32_t sizeInBytes){
+bool checkHex(const string& hex, const uint32_t sizeInBytes){
   if ( hex.length() > sizeInBytes * 2 || hex.length() == 0){
     return false;
   }
@@ -86,8 +87,8 @@ bool checkHex(const std::string& hex, const uint32_t sizeInBytes){
   return true;
 }
 
-bool checkName (const std::string& Name, const std::string& prefix){
-    std::vector<std::string> parts = SplitString(Name);
+bool checkName (const string& Name, const string& prefix){
+    vector<string> parts = SplitString(Name);
     if ( parts.size() != 7) {
         spdlog::info("parts.size() != 7");
         return false;

ServerInit.cpp

@@ -52,44 +52,33 @@
 #include "BLSCrypto.h"
 #include "ServerInit.h"
 
+#include "SEKManager.h"
+
 #include <iostream>
 
 #include "spdlog/spdlog.h"
 
+#include <unistd.h>
+#include <stdio.h>
+#include <limits.h>
+
 #include <sys/types.h>
 #include <sys/stat.h>
+
 //#include <system>
 
 void init_daemon() {
 
     libff::init_alt_bn128_params();
 
-    std::string sgx_data_folder = SGXDATA_FOLDER;
-    struct stat info;
-    if (stat(sgx_data_folder.c_str(), &info) !=0 ){
-      spdlog::info("going to create sgx_data folder");
-      std::string make_sgx_data_folder = "mkdir " + sgx_data_folder;
-      if (system(make_sgx_data_folder.c_str()) == 0){
-        spdlog::info("sgx_data folder was created");
-      }
-      else{
-        spdlog::info("creating sgx_data folder failed");
-        exit(-1);
-      }
-    }
-
-    static std::string dbName = sgx_data_folder +  WALLETDB_NAME;
-    levelDb = new LevelDB(dbName);
 
-    static std::string csr_dbname = sgx_data_folder + "CSR_DB";
-    csrDb = new LevelDB(csr_dbname);
+    LevelDB::initDataFolderAndDBs();
 
-    static std::string csr_status_dbname = sgx_data_folder + "CSR_STATUS_DB";
-    csrStatusDb = new LevelDB(csr_status_dbname);
 
-    std::shared_ptr<std::string> encr_SEK_ptr = levelDb->readString("SEK");
+    std::shared_ptr<std::string> encr_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
     if (encr_SEK_ptr == nullptr){
       spdlog::info("SEK was not created yet");
+      generate_SEK();
     }
 }
 
@@ -100,9 +89,10 @@ void init_enclave() {
     eid = 0;
     updated = 0;
 
-    unsigned long support;
+
 
 #ifndef SGX_HW_SIM
+    unsigned long support;
     support = get_sgx_support();
     if (!SGX_OK(support)) {
         sgx_support_perror(support);
@@ -150,6 +140,8 @@ void init_all(bool check_cert, bool sign_automatically) {
     if (sgxServerInited == 1)
         return;
 
+    init_daemon();
+
     sgxServerInited = 1;
 
     if (is_sgx_https) {
@@ -162,5 +154,5 @@ void init_all(bool check_cert, bool sign_automatically) {
     }
     init_enclave();
     //std::cerr << "enclave inited" << std::endl;
-    init_daemon();
+
 }

ServerInit.h

@@ -31,7 +31,6 @@
 #endif
 
 
-
 EXTERNC void init_all(bool check_cert, bool sign_automatically);
 
 EXTERNC void init_daemon();

abstractCSRManagerServer.h

@@ -12,22 +12,22 @@ class abstractCSRManagerServer : public jsonrpc::AbstractServer<abstractCSRManag
 public:
     abstractCSRManagerServer(jsonrpc::AbstractServerConnector &conn, jsonrpc::serverVersion_t type = jsonrpc::JSONRPC_SERVER_V2) : jsonrpc::AbstractServer<abstractCSRManagerServer>(conn, type)
     {
-        this->bindAndAddMethod(jsonrpc::Procedure("GetUnsignedCSRs", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, NULL), &abstractCSRManagerServer::GetUnsignedCSRsI);
-        this->bindAndAddMethod(jsonrpc::Procedure("SignByHash", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"hash",jsonrpc::JSON_STRING, "status", jsonrpc::JSON_INTEGER, NULL), &abstractCSRManagerServer::SignByHashI);
+        this->bindAndAddMethod(jsonrpc::Procedure("getUnsignedCSRs", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, NULL), &abstractCSRManagerServer::getUnsignedCSRsI);
+        this->bindAndAddMethod(jsonrpc::Procedure("signByHash", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"hash",jsonrpc::JSON_STRING, "status", jsonrpc::JSON_INTEGER, NULL), &abstractCSRManagerServer::signByHashI);
     }
 
-    inline virtual void GetUnsignedCSRsI(const Json::Value &request, Json::Value &response)
+    inline virtual void getUnsignedCSRsI(const Json::Value &request, Json::Value &response)
     {
     (void)request;
-    response = this->GetUnsignedCSRs();
+    response = this->getUnsignedCSRs();
     }
-    inline virtual void SignByHashI(const Json::Value &request, Json::Value &response)
+    inline virtual void signByHashI(const Json::Value &request, Json::Value &response)
     {
-        response = this->SignByHash( request["hash"].asString(), request["status"].asInt());
+        response = this->signByHash( request["hash"].asString(), request["status"].asInt());
     }
 
-    virtual Json::Value GetUnsignedCSRs() = 0;
-    virtual Json::Value SignByHash(const std::string& hash, int status) = 0;
+    virtual Json::Value getUnsignedCSRs() = 0;
+    virtual Json::Value signByHash(const std::string& hash, int status) = 0;
 
 };
 

abstractregserver.h

@@ -32,23 +32,23 @@ class AbstractRegServer : public jsonrpc::AbstractServer<AbstractRegServer>
 public:
   AbstractRegServer(jsonrpc::AbstractServerConnector &conn, jsonrpc::serverVersion_t type = jsonrpc::JSONRPC_SERVER_V2) : jsonrpc::AbstractServer<AbstractRegServer>(conn, type)
   {
-    this->bindAndAddMethod(jsonrpc::Procedure("SignCertificate", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"certificate",jsonrpc::JSON_STRING, NULL), &AbstractRegServer::SignCertificateI);
-    this->bindAndAddMethod(jsonrpc::Procedure("GetCertificate", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"hash",jsonrpc::JSON_STRING, NULL), &AbstractRegServer::GetCertificateI);
+    this->bindAndAddMethod(jsonrpc::Procedure("signCertificate", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"certificate",jsonrpc::JSON_STRING, NULL), &AbstractRegServer::signCertificateI);
+    this->bindAndAddMethod(jsonrpc::Procedure("getCertificate", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"hash",jsonrpc::JSON_STRING, NULL), &AbstractRegServer::getCertificateI);
   }
 
-  inline virtual void SignCertificateI(const Json::Value &request, Json::Value &response)
+  inline virtual void signCertificateI(const Json::Value &request, Json::Value &response)
   {
-      std::cerr << "SignCertificateI in abstr server " << std::endl;
-      response = this->SignCertificate( request["certificate"].asString());
+      std::cerr << "signCertificateI in abstr server " << std::endl;
+      response = this->signCertificate( request["certificate"].asString());
   }
-  inline virtual void GetCertificateI(const Json::Value &request, Json::Value &response)
+  inline virtual void getCertificateI(const Json::Value &request, Json::Value &response)
   {
-    response = this->GetCertificate( request["hash"].asString());
+    response = this->getCertificate( request["hash"].asString());
   }
 
 
-  virtual Json::Value SignCertificate(const std::string& cert) = 0;
-  virtual Json::Value GetCertificate(const std::string& hash) = 0;
+  virtual Json::Value signCertificate(const std::string& cert) = 0;
+  virtual Json::Value getCertificate(const std::string& hash) = 0;
 
 };
 

cert_util.cpp

@@ -13,7 +13,7 @@ int print_hashes(){
   jsonrpc::HttpClient client("http://localhost:1028");
   StubClient c(client, jsonrpc::JSONRPC_CLIENT_V2);
   std::cout << "Client inited" << std::endl;
-  std::cout << c.GetUnsignedCSRs() << std::endl;
+  std::cout << c.getUnsignedCSRs() << std::endl;
   exit(0);
 }
 
@@ -21,7 +21,7 @@ void sign_by_hash(std::string & hash, int status){
   jsonrpc::HttpClient client("http://localhost:1028");
   StubClient c(client, jsonrpc::JSONRPC_CLIENT_V2);
   std::cout << "Client inited" << std::endl;
-  std::cout << c.SignByHash(hash, status) << std::endl;
+  std::cout << c.signByHash(hash, status) << std::endl;
   exit(0);
 }
 

common.h

+//
+// Created by kladko on 25.01.20.
+//
+
+#ifndef SGXWALLET_COMMON_H
+#define SGXWALLET_COMMON_H
+
+using namespace std;
+
+#include <stdlib.h>
+#include <iostream>
+#include <map>
+#include <memory>
+
+#define CHECK_ARGUMENT(_EXPRESSION_) \
+    if (!(_EXPRESSION_)) { \
+        auto __msg__ = string("Argument Check failed:") + #_EXPRESSION_ + "\n" + __CLASS_NAME__ + ":" + __FUNCTION__ +  \
+        + " " + string(__FILE__) + ":" + to_string(__LINE__); \
+        throw runtime_error(__msg__);}
+
+#define CHECK_STATE(_EXPRESSION_) \
+    if (!(_EXPRESSION_)) { \
+        auto __msg__ = string("State check failed::") + #_EXPRESSION_ +  " " + string(__FILE__) + ":" + to_string(__LINE__); \
+        throw runtime_error(__msg__);}
+
+#endif //SGXWALLET_COMMON_H

compile

-/usr/share/automake-1.16/compile
\ No newline at end of file

depcomp

-/usr/share/automake-1.16/depcomp
\ No newline at end of file

docker/start.sh

@@ -8,5 +8,5 @@ jhid -d
 pid=$!
 
 sleep 2
-/usr/src/sdk/sgxwallet $1
+cd /usr/src/sdk; ./sgxwallet $1 $2 $3 $4
 

github-markdown-toc @ 83fadb60

+Subproject commit 83fadb60a7f1607c1c46e868ed2a866bb70b4c76

install-sh

-/usr/share/automake-1.16/install-sh
\ No newline at end of file

missing

-/usr/share/automake-1.16/missing
\ No newline at end of file

docker-compose.yml → run_sgx/docker-compose.yml

@@ -10,7 +10,12 @@ services:
       - "/dev/isgx"
       - "/dev/mei0"
     volumes:
-      - ./sgx_data:/sgx_data
+      - ./sgx_data:/usr/src/sdk/sgx_data
+    logging:
+      driver: json-file
+      options:
+        max-size: "10m"
+        max-file: "4"
     restart: unless-stopped
     command: -s
 

docker-compose-sim.yml → run_sgx_sim/docker-compose.yml

@@ -7,7 +7,12 @@ services:
       - "1027:1027"
       - "1028:1028"
     volumes:
-      - ./sgx_data:/sgx_data
+      - ./sgx_data:/usr/src/sdk/sgx_data
+    logging:
+      driver: json-file
+      options:
+        max-size: "10m"
+        max-file: "4"
     restart: unless-stopped
-    command: -s
+    command: -s -d 
 

scripts/docker_test.py

+#!/usr/bin/env python
+
+#
+#    @file  docker_test.py
+#    @author Stan Kladko
+#    @date 2020
+#
+
+import sys
+import os
+import subprocess
+import socket
+
+assert os.path.isdir('sgx_data/sgxwallet.db')
+assert os.path.isdir('sgx_data/cert_data');
+assert os.path.isdir('sgx_data/CSR_DB');
+assert os.path.isdir('sgx_data/CSR_STATUS_DB');
+assert os.path.isfile('sgx_data/cert_data/SGXServerCert.crt')
+assert os.path.isfile('sgx_data/cert_data/SGXServerCert.key')
+assert os.path.isfile('sgx_data/cert_data/rootCA.pem')
+assert os.path.isfile('sgx_data/cert_data/rootCA.key')
+
+s1 = socket.socket()
+s2 = socket.socket()
+s3 = socket.socket()
+address = '127.0.0.1'
+s1.connect((address, 1026))
+s2.connect((address, 1027))
+s3.connect((address, 1028))
+
+s1.close()
+s2.close()
+s3.close()
+
+
+
+
+
+
+

secure_enclave/AESUtils.c

+//
+// Created by kladko on 1/22/20.
+//
+
+#include "sgx_trts.h"
+#include "sgx_tcrypto.h"
+#include "stdlib.h"
+#include <string.h>
+
+#include "AESUtils.h"
+
+int AES_encrypt(char *message, uint8_t *encr_message){
+
+    sgx_read_rand(encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE);
+    sgx_status_t status = sgx_rijndael128GCM_encrypt(&AES_key, (uint8_t*)message, strlen(message),
+                                                     encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE,
+                                                     encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
+                                                     NULL, 0,
+                                                     (sgx_aes_gcm_128bit_tag_t *) encr_message);
+
+
+    return status;
+}
+
+int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message){
+
+  uint64_t len = length - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE;
+
+  sgx_status_t status = sgx_rijndael128GCM_decrypt(&AES_key,
+                                                   encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE, len,
+                                                   message,
+                                                   encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
+                                                   NULL, 0,
+                                                   (sgx_aes_gcm_128bit_tag_t *)encr_message);
+
+
+  return status;
+}
\ No newline at end of file

secure_enclave/AESUtils.h

+//
+// Created by kladko on 1/22/20.
+//
+
+#ifndef SGXD_AESUTILS_H
+#define SGXD_AESUTILS_H
+
+sgx_aes_gcm_128bit_key_t AES_key;
+
+int AES_encrypt(char *message, uint8_t *encr_message);
+
+int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message);
+
+#endif //SGXD_AESUTILS_H

secure_enclave/Makefile.am

@@ -85,7 +85,7 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h
 
 secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
 	secure_enclave.c \
-	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c \
+	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c AESUtils.c \
     DKGUtils.cpp   BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
                 ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
                 ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)

secure_enclave/Makefile.in

@@ -110,7 +110,7 @@ am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \
 	secure_enclave.$(OBJEXT) curves.$(OBJEXT) \
 	domain_parameters.$(OBJEXT) numbertheory.$(OBJEXT) \
 	point.$(OBJEXT) signature.$(OBJEXT) DH_dkg.$(OBJEXT) \
-	DKGUtils.$(OBJEXT) BLSEnclave.$(OBJEXT) \
+	AESUtils.$(OBJEXT) DKGUtils.$(OBJEXT) BLSEnclave.$(OBJEXT) \
 	alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \
 	alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1)
 secure_enclave_OBJECTS = $(am_secure_enclave_OBJECTS)
@@ -138,7 +138,8 @@ am__v_at_1 =
 DEFAULT_INCLUDES = -I.@am__isrc@
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__maybe_remake_depfiles = depfiles
-am__depfiles_remade = ./$(DEPDIR)/BLSEnclave.Po ./$(DEPDIR)/DH_dkg.Po \
+am__depfiles_remade = ./$(DEPDIR)/AESUtils.Po \
+	./$(DEPDIR)/BLSEnclave.Po ./$(DEPDIR)/DH_dkg.Po \
 	./$(DEPDIR)/DKGUtils.Po ./$(DEPDIR)/alt_bn128_g1.Po \
 	./$(DEPDIR)/alt_bn128_g2.Po ./$(DEPDIR)/alt_bn128_init.Po \
 	./$(DEPDIR)/curves.Po ./$(DEPDIR)/domain_parameters.Po \
@@ -346,7 +347,7 @@ ENCLAVE_CONFIG = $(ENCLAVE).config.xml
 ENCLAVE_KEY = test_insecure_private_key.pem       #$(ENCLAVE)_private.pem
 secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
 	secure_enclave.c \
-	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c \
+	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c AESUtils.c \
     DKGUtils.cpp   BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
                 ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
                 ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
@@ -440,6 +441,7 @@ mostlyclean-compile:
 distclean-compile:
 	-rm -f *.tab.c
 
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/AESUtils.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker
@@ -660,7 +662,8 @@ clean: clean-am
 clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am
 
 distclean: distclean-am
-		-rm -f ./$(DEPDIR)/BLSEnclave.Po
+		-rm -f ./$(DEPDIR)/AESUtils.Po
+	-rm -f ./$(DEPDIR)/BLSEnclave.Po
 	-rm -f ./$(DEPDIR)/DH_dkg.Po
 	-rm -f ./$(DEPDIR)/DKGUtils.Po
 	-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
@@ -720,7 +723,8 @@ install-ps-am:
 installcheck-am:
 
 maintainer-clean: maintainer-clean-am
-		-rm -f ./$(DEPDIR)/BLSEnclave.Po
+		-rm -f ./$(DEPDIR)/AESUtils.Po
+	-rm -f ./$(DEPDIR)/BLSEnclave.Po
 	-rm -f ./$(DEPDIR)/DH_dkg.Po
 	-rm -f ./$(DEPDIR)/DKGUtils.Po
 	-rm -f ./$(DEPDIR)/alt_bn128_g1.Po

secure_enclave/enclave_common.h

+//
+// Created by kladko on 1/24/20.
+//
+
+#ifndef SGXD_ENCLAVE_COMMON_H
+#define SGXD_ENCLAVE_COMMON_H
+
+#define BUF_LEN 1024
+
+#define  MAX_KEY_LENGTH 128
+#define  MAX_COMPONENT_LENGTH 80
+#define  MAX_COMPONENT_HEX_LENGTH MAX_COMPONENT_LENGTH * 2
+#define  MAX_ENCRYPTED_KEY_LENGTH 1024
+#define  MAX_SIG_LEN 1024
+#define  MAX_ERR_LEN 1024
+#define SHA_256_LEN 32
+
+#define ADD_ENTROPY_SIZE 32
+
+#define  DKG_BUFER_LENGTH 2490//3060
+#define  DKG_MAX_SEALED_LEN 3050
+
+#define SECRET_SHARE_NUM_BYTES 96
+
+#define ECDSA_SKEY_LEN 65
+#define ECDSA_SKEY_BASE 16
+#define ECDSA_ENCR_LEN 93
+#define ECDSA_BIN_LEN 33
+
+#define UNKNOWN_ERROR -1
+#define PLAINTEXT_KEY_TOO_LONG -2
+#define UNPADDED_KEY -3
+#define NULL_KEY -4
+#define INCORRECT_STRING_CONVERSION -5
+#define ENCRYPTED_KEY_TOO_LONG -6
+#define SEAL_KEY_FAILED -7
+
+#endif //SGXD_ENCLAVE_COMMON_H

secure_enclave/secure_enclave.edl

+
+#define ECDSA_SKEY_LEN 65
+#define ECDSA_SKEY_BASE 16
+#define ECDSA_ENCR_LEN 93
+#define ECDSA_BIN_LEN 33
+
 enclave {
 
 	trusted {
 		include "sgx_tgmp.h"
 
+
 		public void tgmp_init();
 
 		public void e_mpz_add(
@@ -52,20 +59,20 @@ enclave {
 		    [out, count = 1024] char* key );
 
 		public void bls_sign_message (
-            		    [user_check] int *err_status,
-            		    [out, count = 1024] char* err_string,
-            		    [in, count = 1024] uint8_t* encrypted_key,
-            		    uint32_t enc_len,
-            		    [in, count = 1024] char* hashX ,
-            		    [in, count = 1024] char* hashY ,
-            		    [out, count = 1024] char* signature);
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] uint8_t* encrypted_key,
+                                uint32_t enc_len,
+                                [in, count = 1024] char* hashX ,
+                                [in, count = 1024] char* hashY ,
+                                [out, count = 1024] char* signature);
 
         public void gen_dkg_secret (
-                    	[user_check] int *err_status,
-                    	[out, count = 1024] char* err_string,
-                    	[out, count = 3050] uint8_t* encrypted_dkg_secret,
-                    	[user_check] uint32_t * enc_len,
-                    	size_t _t);
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [out, count = 3050] uint8_t* encrypted_dkg_secret,
+                                [user_check] uint32_t * enc_len,
+                                size_t _t);
 
         public void decrypt_dkg_secret (
                             	[user_check] int *err_status,
@@ -163,6 +170,72 @@ enclave {
                                 [out, count = 1024] char *err_string,
                                 [in, count = 1024] uint8_t *encrypted_SEK,
                                 [user_check] uint32_t *enc_len);
+
+
+         public void generate_ecdsa_key_aes (
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [out, count = ECDSA_ENCR_LEN] uint8_t* encrypted_key,
+                                [user_check] uint32_t *enc_len,
+                                [out, count = 1024] char * pub_key_x,
+                                [out, count = 1024] char * pub_key_y);
+
+         public void get_public_ecdsa_key_aes(
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] uint8_t* encrypted_key,
+                                uint32_t dec_len,
+                                [out, count = 1024] char * pub_key_x,
+                                [out, count = 1024] char * pub_key_y);
+
+         public void ecdsa_sign_aes(
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] uint8_t* encrypted_key,
+                                uint32_t enc_len,
+                                [in, count = 1024] unsigned char* hash,
+                                [out, count = 1024] char* sig_r,
+                                [out, count = 1024] char* sig_s,
+                                [user_check] uint8_t* sig_v,
+                                int base);
+
+         public void encrypt_key_aes (
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] char* key,
+                                [out, count = 1024] uint8_t* encrypted_key,
+                                [user_check] uint32_t *enc_len);
+
+        public void decrypt_key_aes (
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] uint8_t* encrypted_key,
+                                uint32_t enc_len,
+                                [out, count = 1024] char* key );
+
+
+        public void gen_dkg_secret_aes (
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [out, count = 3050] uint8_t* encrypted_dkg_secret,
+                                [user_check] uint32_t * enc_len,
+                                        size_t _t);
+
+        public void decrypt_dkg_secret_aes (
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 3050] uint8_t* encrypted_dkg_secret,
+                                [out, count = 2490] uint8_t* decrypted_dkg_secret,
+                                [user_check] uint32_t* dec_len);
+
+        public void set_encrypted_dkg_poly_aes( [user_check] int *err_status,
+                              [out, count = 1024] char* err_string,
+                              [in, count = 3050] uint8_t* encrypted_poly,
+                              [user_check] uint64_t* enc_len);
+
+
+
+
 	};
 
 

sgxwallet.c

@@ -62,7 +62,7 @@ int main(int argc, char *argv[]) {
     exit(1);
   }
 
-  while ((opt = getopt(argc, argv, "cshd0")) != -1) {
+  while ((opt = getopt(argc, argv, "cshd0a")) != -1) {
     switch (opt) {
     case 'h':
       if (strlen(argv[1]) == 2 ) {
@@ -87,6 +87,8 @@ int main(int argc, char *argv[]) {
     case '0':
       is_sgx_https = 0;
      break;
+    case 'a':
+      is_aes = 1;
     case '?': // fprintf(stderr, "unknown flag\n");
       exit(1);
     default:

sgxwallet_common.h

@@ -37,6 +37,7 @@
 
 extern int DEBUG_PRINT;
 extern int is_sgx_https;
+extern int is_aes;
 
 #define BUF_LEN 1024
 
@@ -57,7 +58,7 @@ extern int is_sgx_https;
 
 #define ECDSA_SKEY_LEN 65
 #define ECDSA_SKEY_BASE 16
-#define ECDSA_ENCR_LEN 625
+#define ECDSA_ENCR_LEN 93
 #define ECDSA_BIN_LEN 33
 
 #define UNKNOWN_ERROR -1

stubclient.cpp

-/*
-    Copyright (C) 2019-Present SKALE Labs
-
-    This file is part of sgxwallet.
-
-    sgxwallet is free software: you can redistribute it and/or modify
-    it under the terms of the GNU Affero General Public License as published
-    by the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    sgxwallet is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU Affero General Public License for more details.
-
-    You should have received a copy of the GNU Affero General Public License
-    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.
-
-    @file stubclient.cpp
-    @author Stan Kladko
-    @date 2019
-*/
+//
+// Created by kladko on 9/23/19.
+//
 
 #include <iostream>