SKALE-2977 clean up

parent 8f08f2af
...@@ -181,6 +181,7 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz ...@@ -181,6 +181,7 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
if (yStr == nullptr) { if (yStr == nullptr) {
std::cerr << "Null yStr" << std::endl; std::cerr << "Null yStr" << std::endl;
delete xStr;
BOOST_THROW_EXCEPTION(runtime_error("Null yStr")); BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
} }
...@@ -205,6 +206,8 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz ...@@ -205,6 +206,8 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
if (!result) { if (!result) {
cerr << "Invalid hex encrypted key" << endl; cerr << "Invalid hex encrypted key" << endl;
delete xStr;
delete yStr;
BOOST_THROW_EXCEPTION(std::invalid_argument("Invalid hex encrypted key")); BOOST_THROW_EXCEPTION(std::invalid_argument("Invalid hex encrypted key"));
} }
...@@ -216,11 +219,15 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz ...@@ -216,11 +219,15 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
cerr << "SGX enclave call to trustedBlsSignMessage failed with status:" << status << std::endl; cerr << "SGX enclave call to trustedBlsSignMessage failed with status:" << status << std::endl;
delete xStr;
delete yStr;
BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed")); BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
} }
if (errStatus != 0) { if (errStatus != 0) {
cerr << "SGX enclave call to trustedBlsSignMessage failed with errStatus:" << errStatus << std::endl; cerr << "SGX enclave call to trustedBlsSignMessage failed with errStatus:" << errStatus << std::endl;
delete xStr;
delete yStr;
BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed")); BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
} }
......
...@@ -117,6 +117,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr( ...@@ -117,6 +117,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
if (yStr == nullptr) { if (yStr == nullptr) {
std::cerr << "Null yStr" << std::endl; std::cerr << "Null yStr" << std::endl;
delete xStr;
BOOST_THROW_EXCEPTION(runtime_error("Null yStr")); BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
} }
...@@ -141,6 +142,8 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr( ...@@ -141,6 +142,8 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
if (!result) { if (!result) {
cerr << "Invalid hex encrypted key" << endl; cerr << "Invalid hex encrypted key" << endl;
delete xStr;
delete yStr;
BOOST_THROW_EXCEPTION(std::invalid_argument("Invalid hex encrypted key")); BOOST_THROW_EXCEPTION(std::invalid_argument("Invalid hex encrypted key"));
} }
...@@ -154,17 +157,22 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr( ...@@ -154,17 +157,22 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
gmp_printf("SGX enclave call to trustedBlsSignMessage failed: 0x%04x\n", status); gmp_printf("SGX enclave call to trustedBlsSignMessage failed: 0x%04x\n", status);
delete xStr;
delete yStr;
BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed")); BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
} }
if (errStatus != 0) { if (errStatus != 0) {
delete xStr;
delete yStr;
BOOST_THROW_EXCEPTION(runtime_error("Enclave trustedBlsSignMessage failed:" + to_string(errStatus) + ":" + errMsg )); BOOST_THROW_EXCEPTION(runtime_error("Enclave trustedBlsSignMessage failed:" + to_string(errStatus) + ":" + errMsg ));
return nullptr;
} }
int sigLen; int sigLen;
if ((sigLen = strnlen(signature, 10)) < 10) { if ((sigLen = strnlen(signature, 10)) < 10) {
delete xStr;
delete yStr;
BOOST_THROW_EXCEPTION(runtime_error("Signature is too short:" + to_string(sigLen))); BOOST_THROW_EXCEPTION(runtime_error("Signature is too short:" + to_string(sigLen)));
} }
......
...@@ -122,44 +122,41 @@ string getECDSAPubKey(const char *_encryptedKeyHex) { ...@@ -122,44 +122,41 @@ string getECDSAPubKey(const char *_encryptedKeyHex) {
bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatureR, bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatureR,
const char *signatureS, int base) { const char *signatureS, int base) {
bool result = false;
signature sig = signature_init();
auto x = pubKeyStr.substr(0, 64); auto x = pubKeyStr.substr(0, 64);
auto y = pubKeyStr.substr(64, 128); auto y = pubKeyStr.substr(64, 128);
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
point publicKey = point_init();
mpz_t msgMpz; mpz_t msgMpz;
mpz_init(msgMpz); mpz_init(msgMpz);
if (mpz_set_str(msgMpz, hashHex, 16) == -1) { if (mpz_set_str(msgMpz, hashHex, 16) == -1) {
spdlog::error("invalid message hash {}", hashHex); spdlog::error("invalid message hash {}", hashHex);
goto clean; mpz_clear(msgMpz);
return false;
} }
signature sig = signature_init();
if (signature_set_str(sig, signatureR, signatureS, base) != 0) { if (signature_set_str(sig, signatureR, signatureS, base) != 0) {
spdlog::error("Failed to set str signature"); spdlog::error("Failed to set str signature");
goto clean; mpz_clear(msgMpz);
signature_free(sig);
return false;
} }
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
point publicKey = point_init();
point_set_hex(publicKey, x.c_str(), y.c_str()); point_set_hex(publicKey, x.c_str(), y.c_str());
if (!signature_verify(msgMpz, sig, publicKey, curve)) { if (!signature_verify(msgMpz, sig, publicKey, curve)) {
spdlog::error("ECDSA sig not verified"); spdlog::error("ECDSA sig not verified");
goto clean; mpz_clear(msgMpz);
signature_free(sig);
domain_parameters_clear(curve);
point_clear(publicKey);
return false;
} }
result = true; return true;
clean:
mpz_clear(msgMpz);
domain_parameters_clear(curve);
point_clear(publicKey);
signature_free(sig);
return result;
} }
vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, int base) { vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, int base) {
...@@ -178,8 +175,7 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, ...@@ -178,8 +175,7 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
shared_ptr<SGXException> exception = NULL; shared_ptr<SGXException> exception = NULL;
if (!hex2carray(encryptedKeyHex, &decLen, encryptedKey.data())) { if (!hex2carray(encryptedKeyHex, &decLen, encryptedKey.data())) {
exception = make_shared<SGXException>(INVALID_HEX, "Invalid encryptedKeyHex"); throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
goto clean;
} }
status = trustedEcdsaSignAES(eid, &errStatus, status = trustedEcdsaSignAES(eid, &errStatus,
...@@ -188,14 +184,12 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, ...@@ -188,14 +184,12 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
signatureS.data(), &signatureV, base); signatureS.data(), &signatureV, base);
if (errStatus != 0) { if (errStatus != 0) {
exception = make_shared<SGXException>(666, errMsg.data()); throw SGXException(666, errMsg.data());
goto clean;
} }
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
spdlog::error("failed to sign {}", status); spdlog::error("failed to sign {}", status);
exception = make_shared<SGXException>(666, "failed to sign"); throw SGXException(666, "failed to sign");
goto clean;
} }
signatureVector.at(0) = to_string(signatureV); signatureVector.at(0) = to_string(signatureV);
if (base == 16) { if (base == 16) {
...@@ -211,14 +205,8 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, ...@@ -211,14 +205,8 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
pubKeyStr = getECDSAPubKey(encryptedKeyHex); pubKeyStr = getECDSAPubKey(encryptedKeyHex);
if (!verifyECDSASig(pubKeyStr, hashHex, signatureR.data(), signatureS.data(), base)) { if (!verifyECDSASig(pubKeyStr, hashHex, signatureR.data(), signatureS.data(), base)) {
exception = make_shared<SGXException>(667, "ECDSA did not verify"); throw SGXException(667, "ECDSA did not verify");
goto clean;
} }
clean:
if (exception)
throw *exception;
return signatureVector; return signatureVector;
} }
...@@ -67,7 +67,7 @@ bin_PROGRAMS = sgxwallet testw cert_util ...@@ -67,7 +67,7 @@ bin_PROGRAMS = sgxwallet testw cert_util
## have to be explicitly listed. ## have to be explicitly listed.
COMMON_SRC = InvalidStateException.cpp Exception.cpp InvalidArgumentException.cpp Log.cpp \ COMMON_SRC = InvalidStateException.cpp Exception.cpp InvalidArgumentException.cpp Log.cpp \
SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp BLSCrypto.cpp \ SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp BLSCrypto.cpp \
ECDSACrypto.cpp \ ECDSACrypto.cpp \
DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp \ DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp \
third_party/intel/sgx_stub.c third_party/intel/sgx_detect_linux.c third_party/intel/create_enclave.c third_party/intel/oc_alloc.c \ third_party/intel/sgx_stub.c third_party/intel/sgx_detect_linux.c third_party/intel/create_enclave.c third_party/intel/oc_alloc.c \
...@@ -113,7 +113,7 @@ nodist_testw_SOURCES=${nodist_sgxwallet_SOURCES} ...@@ -113,7 +113,7 @@ nodist_testw_SOURCES=${nodist_sgxwallet_SOURCES}
EXTRA_testw_DEPENDENCIES=${EXTRA_sgxwallet_DEPENDENCIES} EXTRA_testw_DEPENDENCIES=${EXTRA_sgxwallet_DEPENDENCIES}
testw_LDADD= ${sgxwallet_LDADD} testw_LDADD= ${sgxwallet_LDADD}
cert_util_SOURCES= InvalidStateException.cpp Exception.cpp InvalidArgumentException.cpp Log.cpp cert_util.cpp stubclient.cpp RPCException.cpp LevelDB.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp cert_util_SOURCES= InvalidStateException.cpp Exception.cpp InvalidArgumentException.cpp Log.cpp cert_util.cpp stubclient.cpp LevelDB.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp
cert_util_LDADD=-LlibBLS/deps/deps_inst/x86_or_x64/lib -Lleveldb/build -LlibBLS/build \ cert_util_LDADD=-LlibBLS/deps/deps_inst/x86_or_x64/lib -Lleveldb/build -LlibBLS/build \
-LlibBLS/build/libff/libff \ -LlibBLS/build/libff/libff \
-l:libbls.a -l:libleveldb.a \ -l:libbls.a -l:libleveldb.a \
......
/*
Copyright (C) 2019-Present SKALE Labs
This file is part of sgxwallet.
sgxwallet is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
sgxwallet is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with sgxwallet. If not, see <https://www.gnu.org/licenses/>.
@file RPCException.cpp
@author Stan Kladko
@date 2019
*/
#include "SGXException.h"
...@@ -24,7 +24,6 @@ ...@@ -24,7 +24,6 @@
#ifndef SGXD_RPCEXCEPTION_H #ifndef SGXD_RPCEXCEPTION_H
#define SGXD_RPCEXCEPTION_H #define SGXD_RPCEXCEPTION_H
#include <string> #include <string>
#include <exception> #include <exception>
...@@ -39,5 +38,4 @@ public: ...@@ -39,5 +38,4 @@ public:
}; };
#endif //SGXD_RPCEXCEPTION_H #endif //SGXD_RPCEXCEPTION_H
...@@ -35,15 +35,12 @@ ...@@ -35,15 +35,12 @@
#define RPC_ENDPOINT "http://localhost:1029" #define RPC_ENDPOINT "http://localhost:1029"
#define SAMPLE_PUBLIC_KEY_B "c0152c48bf640449236036075d65898fded1e242c00acb45519ad5f788ea7cbf9a5df1559e7fc87932eee5478b1b9023de19df654395574a690843988c3ff475" #define SAMPLE_PUBLIC_KEY_B "c0152c48bf640449236036075d65898fded1e242c00acb45519ad5f788ea7cbf9a5df1559e7fc87932eee5478b1b9023de19df654395574a690843988c3ff475"
#define SAMPLE_DKG_PUB_KEY_1 "505f55a38f9c064da744f217d1cb993a17705e9839801958cda7c884e08ab4dad7fd8d22953d3ac7f0913de24fd67d7ed36741141b8a3da152d7ba954b0f14e2" #define SAMPLE_DKG_PUB_KEY_1 "505f55a38f9c064da744f217d1cb993a17705e9839801958cda7c884e08ab4dad7fd8d22953d3ac7f0913de24fd67d7ed36741141b8a3da152d7ba954b0f14e2"
#define SAMPLE_DKG_PUB_KEY_2 "378b3e6fdfe2633256ae1662fcd23466d02ead907b5d4366136341cea5e46f5a7bb67d897d6e35f619810238aa143c416f61c640ed214eb9c67a34c4a31b7d25" #define SAMPLE_DKG_PUB_KEY_2 "378b3e6fdfe2633256ae1662fcd23466d02ead907b5d4366136341cea5e46f5a7bb67d897d6e35f619810238aa143c416f61c640ed214eb9c67a34c4a31b7d25"
//openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr^ //openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr^
#define SAMPLE_CSR_FILE_NAME "samples/yourdomain.csr" #define SAMPLE_CSR_FILE_NAME "samples/yourdomain.csr"
#define ECDSA_KEY_NAME_SIZE 68 #define ECDSA_KEY_NAME_SIZE 68
#endif //SGXWALLET_TESTW_H #endif //SGXWALLET_TESTW_H
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment