SKALE-2977 clean up

3f8c8844 · Oleh Nikolaiev · 8f08f2af · 3f8c8844 · 3f8c8844 · 3f8c8844
Unverified Commit 3f8c8844 authored Jul 28, 2020 by Oleh Nikolaiev
7 changed files
--- a/BLSCrypto.cpp
+++ b/BLSCrypto.cpp
@@ -181,6 +181,7 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz

    if (yStr == nullptr) {
        std::cerr << "Null yStr" << std::endl;
+        delete xStr;
        BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
    }

@@ -205,6 +206,8 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz

    if (!result) {
        cerr << "Invalid hex encrypted key" << endl;
+        delete xStr;
+        delete yStr;
        BOOST_THROW_EXCEPTION(std::invalid_argument("Invalid hex encrypted key"));
    }

@@ -216,11 +219,15 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz

    if (status != SGX_SUCCESS) {
        cerr << "SGX enclave call to trustedBlsSignMessage failed with status:" << status << std::endl;
+        delete xStr;
+        delete yStr;
        BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
    }

    if (errStatus != 0) {
        cerr << "SGX enclave call to trustedBlsSignMessage failed with errStatus:" << errStatus << std::endl;
+        delete xStr;
+        delete yStr;
        BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
    }


--- a/BLSPrivateKeyShareSGX.cpp
+++ b/BLSPrivateKeyShareSGX.cpp
@@ -117,6 +117,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(

  if (yStr == nullptr) {
    std::cerr << "Null yStr" << std::endl;
+    delete xStr;
    BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
  }

@@ -141,6 +142,8 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(

  if (!result) {
    cerr << "Invalid hex encrypted key" << endl;
+    delete xStr;
+    delete yStr;
    BOOST_THROW_EXCEPTION(std::invalid_argument("Invalid hex encrypted key"));
  }

@@ -154,17 +157,22 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(

  if (status != SGX_SUCCESS) {
    gmp_printf("SGX enclave call to trustedBlsSignMessage failed: 0x%04x\n", status);
+    delete xStr;
+    delete yStr;
    BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call  to trustedBlsSignMessage failed"));
  }

  if (errStatus != 0) {
+    delete xStr;
+    delete yStr;
    BOOST_THROW_EXCEPTION(runtime_error("Enclave trustedBlsSignMessage failed:" + to_string(errStatus) + ":" + errMsg ));
-    return nullptr;
  }

  int sigLen;

  if ((sigLen = strnlen(signature, 10)) < 10) {
+     delete xStr;
+     delete yStr;
     BOOST_THROW_EXCEPTION(runtime_error("Signature is too short:" + to_string(sigLen)));
  }


--- a/ECDSACrypto.cpp
+++ b/ECDSACrypto.cpp
@@ -122,44 +122,41 @@ string getECDSAPubKey(const char *_encryptedKeyHex) {

 bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatureR,
        const char *signatureS, int base) {
-    bool result = false;
-
-    signature sig = signature_init();
-
    auto x = pubKeyStr.substr(0, 64);
    auto y = pubKeyStr.substr(64, 128);
-    domain_parameters curve = domain_parameters_init();
-    domain_parameters_load_curve(curve, secp256k1);
-    point publicKey = point_init();

    mpz_t msgMpz;
    mpz_init(msgMpz);
    if (mpz_set_str(msgMpz, hashHex, 16) == -1) {
        spdlog::error("invalid message hash {}", hashHex);
-        goto clean;
+        mpz_clear(msgMpz);
+        return false;
    }

+    signature sig = signature_init();
    if (signature_set_str(sig, signatureR, signatureS, base) != 0) {
        spdlog::error("Failed to set str signature");
-        goto clean;
+        mpz_clear(msgMpz);
+        signature_free(sig);
+        return false;
    }

+    domain_parameters curve = domain_parameters_init();
+    domain_parameters_load_curve(curve, secp256k1);
+
+    point publicKey = point_init();
+
    point_set_hex(publicKey, x.c_str(), y.c_str());
    if (!signature_verify(msgMpz, sig, publicKey, curve)) {
        spdlog::error("ECDSA sig not verified");
-        goto clean;
+        mpz_clear(msgMpz);
+        signature_free(sig);
+        domain_parameters_clear(curve);
+        point_clear(publicKey);
+        return false;
    }

-    result = true;
-
-    clean:
-
-    mpz_clear(msgMpz);
-    domain_parameters_clear(curve);
-    point_clear(publicKey);
-    signature_free(sig);
-
-    return result;
+    return true;
 }

 vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, int base) {
@@ -178,8 +175,7 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
    shared_ptr<SGXException> exception = NULL;

    if (!hex2carray(encryptedKeyHex, &decLen, encryptedKey.data())) {
-        exception = make_shared<SGXException>(INVALID_HEX, "Invalid encryptedKeyHex");
-        goto clean;
+        throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
    }

    status = trustedEcdsaSignAES(eid, &errStatus,
@@ -188,14 +184,12 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
                                 signatureS.data(), &signatureV, base);

    if (errStatus != 0) {
-        exception = make_shared<SGXException>(666, errMsg.data());
-        goto clean;
+        throw SGXException(666, errMsg.data());
    }

    if (status != SGX_SUCCESS) {
        spdlog::error("failed to sign {}", status);
-        exception = make_shared<SGXException>(666, "failed to sign");
-        goto clean;
+        throw SGXException(666, "failed to sign");
    }
    signatureVector.at(0) = to_string(signatureV);
    if (base == 16) {
@@ -211,14 +205,8 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
    pubKeyStr = getECDSAPubKey(encryptedKeyHex);

    if (!verifyECDSASig(pubKeyStr, hashHex, signatureR.data(), signatureS.data(), base)) {
-        exception = make_shared<SGXException>(667, "ECDSA did not verify");
-        goto clean;
+        throw SGXException(667, "ECDSA did not verify");
    }

-    clean:
-
-    if (exception)
-        throw *exception;
-
    return signatureVector;
 }
--- a/Makefile.am
+++ b/Makefile.am
@@ -67,7 +67,7 @@ bin_PROGRAMS =  sgxwallet testw cert_util
 ## have to be explicitly listed.

 COMMON_SRC = InvalidStateException.cpp  Exception.cpp InvalidArgumentException.cpp Log.cpp  \
-             SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp  BLSCrypto.cpp \
+             SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp BLSCrypto.cpp \
             ECDSACrypto.cpp \
             DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp \
             third_party/intel/sgx_stub.c third_party/intel/sgx_detect_linux.c third_party/intel/create_enclave.c third_party/intel/oc_alloc.c \
@@ -113,7 +113,7 @@ nodist_testw_SOURCES=${nodist_sgxwallet_SOURCES}
 EXTRA_testw_DEPENDENCIES=${EXTRA_sgxwallet_DEPENDENCIES}
 testw_LDADD= ${sgxwallet_LDADD}

-cert_util_SOURCES= InvalidStateException.cpp  Exception.cpp InvalidArgumentException.cpp Log.cpp cert_util.cpp stubclient.cpp RPCException.cpp LevelDB.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp
+cert_util_SOURCES= InvalidStateException.cpp  Exception.cpp InvalidArgumentException.cpp Log.cpp cert_util.cpp stubclient.cpp LevelDB.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp
 cert_util_LDADD=-LlibBLS/deps/deps_inst/x86_or_x64/lib -Lleveldb/build -LlibBLS/build \
                   -LlibBLS/build/libff/libff \
                   -l:libbls.a -l:libleveldb.a \

--- a/RPCException.cpp
+++ b/RPCException.cpp
-/*
-    Copyright (C) 2019-Present SKALE Labs
-
-    This file is part of sgxwallet.
-
-    sgxwallet is free software: you can redistribute it and/or modify
-    it under the terms of the GNU Affero General Public License as published
-    by the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    sgxwallet is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU Affero General Public License for more details.
-
-    You should have received a copy of the GNU Affero General Public License
-    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.
-
-    @file RPCException.cpp
-    @author Stan Kladko
-    @date 2019
-*/
-
-#include "SGXException.h"
--- a/SGXException.h
+++ b/SGXException.h
@@ -24,7 +24,6 @@
 #ifndef SGXD_RPCEXCEPTION_H
 #define SGXD_RPCEXCEPTION_H

-
 #include <string>
 #include <exception>

@@ -39,5 +38,4 @@ public:

 };

-
 #endif //SGXD_RPCEXCEPTION_H
--- a/testw.h
+++ b/testw.h
@@ -35,15 +35,12 @@
 #define RPC_ENDPOINT  "http://localhost:1029"
 #define SAMPLE_PUBLIC_KEY_B "c0152c48bf640449236036075d65898fded1e242c00acb45519ad5f788ea7cbf9a5df1559e7fc87932eee5478b1b9023de19df654395574a690843988c3ff475"

-
 #define SAMPLE_DKG_PUB_KEY_1 "505f55a38f9c064da744f217d1cb993a17705e9839801958cda7c884e08ab4dad7fd8d22953d3ac7f0913de24fd67d7ed36741141b8a3da152d7ba954b0f14e2"
 #define SAMPLE_DKG_PUB_KEY_2 "378b3e6fdfe2633256ae1662fcd23466d02ead907b5d4366136341cea5e46f5a7bb67d897d6e35f619810238aa143c416f61c640ed214eb9c67a34c4a31b7d25"

-
 //openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr^
 #define SAMPLE_CSR_FILE_NAME "samples/yourdomain.csr"

 #define ECDSA_KEY_NAME_SIZE 68

-
 #endif //SGXWALLET_TESTW_H