Skip to content

S
sgxwallet
Unverified Commit 41429ab9 authored by svetaro's avatar svetaro
Browse files
Options

SKALE-1512-add-DKG-to-SGX Add secret shares calculation

parent 05a5f2df
Hide whitespace changes
Inline Side-by-side
Showing with 348 additions and 110 deletions
DKGCrypto.cpp
View file @ 41429ab9
......@@ -38,6 +38,8 @@ std::string gen_dkg_poly( int _t){
status = gen_dkg_secret (eid, &err_status, errMsg, encrypted_dkg_secret, &enc_len, _t);
std::cerr << "gen_dkg_secret, status " << err_status << " err msg " << errMsg << std::endl;
/* std::cerr << "encr raw poly: " << std::endl;
for ( int i = 0 ; i < 3050; i++)
printf(" %d ", encrypted_dkg_secret[i] );*/
......@@ -96,4 +98,39 @@ std::vector <std::vector<std::string>> get_verif_vect(const char* encryptedPolyH
free(encr_dkg_poly);
return pub_shares_vect;
}
std::string get_secret_shares( const char* encryptedPolyHex, const std::string& publicKeys, int n, int t){
char* errMsg1 = (char*) calloc(1024,1);
int err_status = 0;
uint64_t enc_len = 0;
uint8_t* encr_dkg_poly = (uint8_t*) calloc(DKG_MAX_SEALED_LEN, 1);
hex2carray2(encryptedPolyHex, &enc_len, encr_dkg_poly, 6100);
status = set_encrypted_dkg_poly(eid, &err_status, errMsg1, encr_dkg_poly);
std::string result;
for ( int i = 0; i < n; i++){
uint8_t encrypted_skey[BUF_LEN];
uint32_t dec_len;
char cur_share[193];
std::string pub_keyB = publicKeys.substr(64*i, 64*i + 128);
char pubKeyB[129];
strncpy(pubKeyB, pub_keyB.c_str(),129);
get_encr_sshare(eid, &err_status, errMsg1, encrypted_skey, &dec_len,
cur_share, pubKeyB, t, n, i + 1 );
result += cur_share;
//std::cerr << errMsg1 << std::endl << std::endl;
//std::cerr << "iteration " << i <<" result length is " << result.length() << std::endl ;
//std::cerr << "iteration " << i <<" share length is " << strlen(cur_share) << std::endl;
//std::cerr << "iteration " << i <<" share is " << cur_share << std::endl;
}
//result += '\0';
return result;
}
\ No newline at end of file
DKGCrypto.h
View file @ 41429ab9
......@@ -14,4 +14,6 @@ std::vector <std::vector<std::string>> get_verif_vect(const char* encryptedPolyH
std::vector<std::string> SplitString(const char* koefs, const char symbol);
std::string get_secret_shares( const char* encryptedPolyHex, const std::string& publicKeys, int n, int t);
#endif //SGXD_DKGCRYPTO_H
SGXWalletServer.cpp
View file @ 41429ab9
......@@ -37,10 +37,11 @@ SGXWalletServer::SGXWalletServer(AbstractServerConnector &connector,
HttpServer *hs = nullptr;
int init_server() {
hs = new HttpServer(1025);
s = new SGXWalletServer(*hs,
JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
if (!s->StartListening()) {
cerr << "Server could not start listening" << endl;
exit(-1);
......@@ -240,13 +241,12 @@ Json::Value getPublicECDSAKeyImpl(const std::string& keyName){
}
Json::Value generateDKGPolyImpl(const std::string& polyName, int t) {
std::cerr << " enter generateDKGPolyImpl" << std::endl;
Json::Value result;
result["status"] = 0;
result["errorMessage"] = "";
//result["encryptedPoly"] = "";
std::string encrPolyHex;
try {
......@@ -294,6 +294,28 @@ Json::Value getVerificationVectorImpl(const std::string& polyName, int n, int t)
return result;
}
Json::Value getSecretShareImpl(const std::string& polyName, const std::string& publicKeys, int n, int t){
Json::Value result;
result["status"] = 0;
result["errorMessage"] = "";
try {
std::shared_ptr<std::string> encr_poly_ptr = readFromDb(polyName, "DKGPoly:");
std::string s = get_secret_shares( encr_poly_ptr->c_str(), publicKeys, n, t);
//std::cerr << "result is " << s << std::endl;
result["SecretShare"] = s;
} catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
result["SecretShare"] = "";
}
return result;
}
Json::Value SGXWalletServer::generateDKGPoly(const std::string& polyName, int t){
return generateDKGPolyImpl(polyName, t);
}
......@@ -302,6 +324,11 @@ Json::Value SGXWalletServer::getVerificationVector(const std::string& polyName,
return getVerificationVectorImpl(polyName, n, t);
}
Json::Value SGXWalletServer::getSecretShare(const std::string& polyName, const std::string& publicKeys, int n, int t){
return getSecretShareImpl(polyName, publicKeys, n, t);
}
Json::Value SGXWalletServer::generateECDSAKey(const std::string &_keyName) {
return generateECDSAKeyImpl(_keyName);
}
......@@ -316,11 +343,11 @@ Json::Value SGXWalletServer::ecdsaSignMessageHash(int base, const std::string &_
return ecdsaSignMessageHashImpl(base,_keyName, messageHash);
}
Json::Value
SGXWalletServer::importBLSKeyShare(int index, const std::string &_keyShare, const std::string &_keyShareName, int n,
int t) {
return importBLSKeyShareImpl(index, _keyShare, _keyShareName, n, t);
}
Json::Value SGXWalletServer::blsSignMessageHash(const std::string &keyShareName, const std::string &messageHash,int n,
......@@ -328,7 +355,6 @@ Json::Value SGXWalletServer::blsSignMessageHash(const std::string &keyShareName,
return blsSignMessageHashImpl(keyShareName, messageHash, n,t, signerIndex);
}
Json::Value SGXWalletServer::importECDSAKey(const std::string &key, const std::string &keyName) {
return importECDSAKeyImpl(key, keyName);
}
......
SGXWalletServer.hpp
View file @ 41429ab9
......@@ -28,6 +28,7 @@ public:
virtual Json::Value generateDKGPoly(const std::string& polyName, int t);
virtual Json::Value getVerificationVector(const std::string& polyName, int n, int t);
virtual Json::Value getSecretShare(const std::string& polyName, const std::string& publicKeys, int n, int t);
};
......@@ -53,5 +54,6 @@ Json::Value getPublicECDSAKeyImpl(const std::string& keyName);
Json::Value generateDKGPolyImpl(const std::string& polyName, int t);
Json::Value getVerificationVectorImpl(const std::string& polyName, int n, int t);
Json::Value getSecretShareImpl(const std::string& polyName, const std::string& publicKeys, int n, int t);
#endif //SGXWALLET_SGXWALLETSERVER_HPP
\ No newline at end of file
abstractstubserver.h
View file @ 41429ab9
......@@ -19,7 +19,8 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
this->bindAndAddMethod(jsonrpc::Procedure("getPublicECDSAKey", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "keyName",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::getPublicECDSAKeyI);
this->bindAndAddMethod(jsonrpc::Procedure("ecdsaSignMessageHash", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "base",jsonrpc::JSON_INTEGER,"keyName",jsonrpc::JSON_STRING,"messageHash",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::ecdsaSignMessageHashI);
this->bindAndAddMethod(jsonrpc::Procedure("generateDKGPoly", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "polyName",jsonrpc::JSON_STRING,"t",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::generateDKGPolyI);
this->bindAndAddMethod(jsonrpc::Procedure("getVerificationVector", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "polyName",jsonrpc::JSON_STRING,"n",jsonrpc::JSON_INTEGER,"t",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::getVerificationVectorI);
this->bindAndAddMethod(jsonrpc::Procedure("getVerificationVector", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"polyName",jsonrpc::JSON_STRING, "n",jsonrpc::JSON_INTEGER,"t",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::getVerificationVectorI);
this->bindAndAddMethod(jsonrpc::Procedure("getSecretShare", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "polyName",jsonrpc::JSON_STRING,"publicKeys",jsonrpc::JSON_STRING,"n",jsonrpc::JSON_INTEGER,"t",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::getSecretShareI);
}
inline virtual void importBLSKeyShareI(const Json::Value &request, Json::Value &response)
......@@ -52,7 +53,11 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
}
inline virtual void getVerificationVectorI(const Json::Value &request, Json::Value &response)
{
response = this->getVerificationVector(request["polyName"].asString(), request["n"].asInt(),request["t"].asInt());
response = this->getVerificationVector(request["polyName"].asString(), request["n"].asInt(), request["t"].asInt());
}
inline virtual void getSecretShareI(const Json::Value &request, Json::Value &response)
{
response = this->getSecretShare(request["polyName"].asString(), request["publicKeys"].asString(), request["n"].asInt(),request["t"].asInt());
}
virtual Json::Value importBLSKeyShare(int index, const std::string& keyShare, const std::string& keyShareName, int n, int t) = 0;
virtual Json::Value blsSignMessageHash(const std::string& keyShareName, const std::string& messageHash, int n, int signerIndex, int t) = 0;
......@@ -62,6 +67,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
virtual Json::Value ecdsaSignMessageHash(int base, const std::string& keyName, const std::string& messageHash) = 0;
virtual Json::Value generateDKGPoly(const std::string& polyName, int t) = 0;
virtual Json::Value getVerificationVector(const std::string& polyName, int n, int t) = 0;
virtual Json::Value getSecretShare(const std::string& polyName, const std::string& publicKeys, int n, int t) = 0;
};
#endif //JSONRPC_CPP_STUB_ABSTRACTSTUBSERVER_H_
secure_enclave/.deps/secure_enclave.Po
View file @ 41429ab9
......@@ -27,7 +27,7 @@ secure_enclave.o: secure_enclave.c secure_enclave_t.h \
/home/kladko/sgxwallet/sgx-sdk-build/sgxsdk/include/tlibc/stdio.h \
/home/kladko/sgxwallet/sgx-sdk-build/sgxsdk/include/tlibc/stdarg.h \
/home/kladko/sgxwallet/sgx-sdk-build/sgxsdk/include/tlibc/stdbool.h \
domain_parameters.h point.h signature.h curves.h drive_key_dkg.h \
domain_parameters.h point.h signature.h curves.h DH_dkg.h \
../sgxwallet_common.h \
/home/kladko/sgxwallet/sgx-sdk-build/sgxsdk/include/tlibc/unistd.h \
/home/kladko/sgxwallet/sgx-sdk-build/sgxsdk/include/tlibc/sys/types.h \
......@@ -99,7 +99,7 @@ signature.h:
curves.h:
drive_key_dkg.h:
DH_dkg.h:
../sgxwallet_common.h:
......
secure_enclave/BLSEnclave.cpp
View file @ 41429ab9
......@@ -185,4 +185,66 @@ void carray2Hex(const unsigned char *d, int _len, char* _hexArray) {
}
int char2int(char _input) {
if (_input >= '0' && _input <= '9')
return _input - '0';
if (_input >= 'A' && _input <= 'F')
return _input - 'A' + 10;
if (_input >= 'a' && _input <= 'f')
return _input - 'a' + 10;
return -1;
}
bool hex2carray2(const char * _hex, uint64_t *_bin_len,
uint8_t* _bin, const int _max_length ) {
int len = strnlen(_hex, _max_length);//2 * BUF_LEN);
if (len == 0 && len % 2 == 1)
return false;
*_bin_len = len / 2;
for (int i = 0; i < len / 2; i++) {
int high = char2int((char)_hex[i * 2]);
int low = char2int((char)_hex[i * 2 + 1]);
if (high < 0 || low < 0) {
return false;
}
_bin[i] = (unsigned char) (high * 16 + low);
}
return true;
}
bool hex2carray(const char * _hex, uint64_t *_bin_len,
uint8_t* _bin ) {
int len = strnlen(_hex, 2 * BUF_LEN);
if (len == 0 && len % 2 == 1)
return false;
*_bin_len = len / 2;
for (int i = 0; i < len / 2; i++) {
int high = char2int((char)_hex[i * 2]);
int low = char2int((char)_hex[i * 2 + 1]);
if (high < 0 || low < 0) {
return false;
}
_bin[i] = (unsigned char) (high * 16 + low);
}
return true;
}
secure_enclave/BLSEnclave.h
View file @ 41429ab9
......@@ -13,6 +13,8 @@
#define EXTERNC
#endif
//#include <stdint.h>
EXTERNC void checkKey(int *err_status, char *err_string, const char* _keyString);
EXTERNC void check_key(int *err_status, char *err_string, const char* _keyString);
......@@ -21,14 +23,13 @@ EXTERNC void check_key(int *err_status, char *err_string, const char* _keyString
EXTERNC bool enclave_sign(const char *_keyString, const char* _hashXString, const char* _hashYString, char* _sig);
EXTERNC int char2int(char _input);
EXTERNC void carray2Hex(const unsigned char *d, int _len, char* _hexArray);
EXTERNC bool hex2carray(const char * _hex, uint64_t *_bin_len,
uint8_t* _bin );
EXTERNC bool hex2carray2(const char * _hex, uint64_t *_bin_len,
uint8_t* _bin, const int _max_length );
EXTERNC void init();
......
secure_enclave/drive_key_dkg.c secure_enclave/DH_dkg.c
View file @ 41429ab9
......@@ -10,38 +10,23 @@
#include "point.h"
#include "numbertheory.h"
#include <stdint.h>
#include "BLSEnclave.h"
#include <string.h>
//void gen_session_keys(mpz_t skey, char* pb_keyB){
void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
char* pb_keyB_x = (char*)malloc(64);
char* pb_keyB_x = (char*)malloc(65);
strncpy(pb_keyB_x, pb_keyB, 64);
char* pb_keyB_y = (char*)malloc(64);
char* pb_keyB_y = (char*)malloc(65);
strncpy(pb_keyB_y, pb_keyB + 64, 64);
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
/* unsigned char* rand_char = (unsigned char*)malloc(32);
sgx_read_rand( rand_char, 32);
mpz_t seed;
mpz_init(seed);
mpz_import(seed, 32, 1, sizeof(rand_char[0]), 0, 0, rand_char);
free(rand_char);
mpz_t skey_mpz;
mpz_init(skey_mpz);
mpz_mod(skey_mpz, seed, curve->p);
mpz_clear(seed);
char arr[mpz_sizeinbase (skey_mpz, 16) + 2];
char* sk = mpz_get_str(arr, 16, skey_mpz);
// memcpy(skey, arr, 32);
// strncpy(skey, arr, 1024);
mpz_set(skey, skey_mpz);*/
mpz_t skey;
mpz_init(skey);
mpz_set_str(skey, skey_str, 16);
......@@ -54,7 +39,12 @@ void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
char arr_x[mpz_sizeinbase (session_key->x, 16) + 2];
char* x = mpz_get_str(arr_x, 16, session_key->x);
strncpy(common_key, arr_x, 64);
//strncpy(common_key, arr_x, 64);
int n_zeroes = 64 - strlen(arr_x);
for ( int i = 0; i < n_zeroes; i++){
common_key[i] = '0';
}
strncpy(common_key + n_zeroes, arr_x, strlen(arr_x));
mpz_clear(skey);
point_clear(pub_keyB);
......@@ -64,7 +54,24 @@ void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
}
void xor_encrypt(char* key, char* message, char* cypher){
for (int i = 0; i < 32; i++){
cypher[i] = message[i] ^ key[i];
}
uint8_t cypher_bin[33];
//uint8_t key_bin[33];
uint8_t* key_bin = (uint8_t*)malloc(33);
uint64_t key_length;
hex2carray(key, &key_length, key_bin);
uint64_t msg_length;
uint8_t msg_bin[33];//[ECDSA_BIN_LEN];
hex2carray(message, &msg_length, msg_bin);
for (int i = 0; i < 32; i++){
cypher_bin[i] = msg_bin[i] ^ key_bin[i];
}
carray2Hex(cypher_bin, 32, cypher);
free(key_bin);
}
secure_enclave/DKGUtils.cpp
View file @ 41429ab9
......@@ -31,15 +31,15 @@ std::string stringFromFr(libff::alt_bn128_Fr& _el) {
}
template<class T>
std::string ConvertToString(T field_elem) {
std::string ConvertToString(T field_elem, int base = 10) {
mpz_t t;
mpz_init(t);
field_elem.as_bigint().to_mpz(t);
char arr[mpz_sizeinbase (t, 10) + 2];
char arr[mpz_sizeinbase (t, base) + 2];
char * tmp = mpz_get_str(arr, 10, t);
char * tmp = mpz_get_str(arr, base, t);
mpz_clear(t);
std::string output = tmp;
......@@ -69,7 +69,7 @@ std::vector<libff::alt_bn128_Fr> SplitStringToFr(const char* koefs, const char s
return tokens;
}
void gen_dkg_poly( char* secret/*[BUF_LEN]*/, unsigned _t ){
void gen_dkg_poly( char* secret, unsigned _t ){
libff::init_alt_bn128_params();
std::string result;
for (size_t i = 0; i < _t; ++i) {
......@@ -81,7 +81,7 @@ void gen_dkg_poly( char* secret/*[BUF_LEN]*/, unsigned _t ){
result += stringFromFr(cur_coef);
result += ":";
}
strncpy(secret, result.c_str(), result.length());
strncpy(secret, result.c_str(), result.length() + 1);
}
libff::alt_bn128_Fr PolynomialValue(const std::vector<libff::alt_bn128_Fr>& pol, libff::alt_bn128_Fr point, unsigned _t) {
......@@ -100,8 +100,8 @@ libff::alt_bn128_Fr PolynomialValue(const std::vector<libff::alt_bn128_Fr>& pol,
return value;
}
void calc_secret_shares(const char* decrypted_koefs, char * secret_shares,
unsigned _t, unsigned _n) {
void calc_secret_shares(const char* decrypted_koefs, char * secret_shares, // calculates secret shares in base 10 to a string secret_shares,
unsigned _t, unsigned _n) { // separated by ":"
// calculate for each node a list of secret values that will be used for verification
std::string result;
char symbol = ':';
......@@ -111,10 +111,26 @@ void calc_secret_shares(const char* decrypted_koefs, char * secret_shares,
result += ConvertToString(secret_share);//stringFromFr(secret_share);
result += ":";
}
strncpy(secret_shares, result.c_str(), result.length());
strncpy(secret_shares, result.c_str(), result.length() + 1);
//strncpy(secret_shares, decrypted_koefs, 3650);
}
void calc_secret_share(const char* decrypted_koefs, char * s_share,
unsigned _t, unsigned _n, unsigned ind) {
libff::init_alt_bn128_params();
char symbol = ':';
std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, symbol);
libff::alt_bn128_Fr secret_share = PolynomialValue(poly, libff::alt_bn128_Fr(ind), _t);
std::string cur_share = ConvertToString(secret_share, 16);//stringFromFr(secret_share);
int n_zeroes = 64 - cur_share.size();
cur_share.insert(0, n_zeroes, '0');
strncpy(s_share, cur_share.c_str(), cur_share.length() + 1);
}
void calc_public_shares(const char* decrypted_koefs, char * public_shares,
unsigned _t) {
libff::init_alt_bn128_params();
......
secure_enclave/DKGUtils.h
View file @ 41429ab9
......@@ -15,6 +15,10 @@ EXTERNC void gen_dkg_poly( char* secret, unsigned _t);
EXTERNC void calc_secret_shares(const char* decrypted_koefs, char * secret_shares,
unsigned _t, unsigned _n);
EXTERNC void calc_secret_share(const char* decrypted_koefs, char * s_share,
unsigned _t, unsigned _n, unsigned ind);
EXTERNC void calc_public_shares(const char* decrypted_koefs, char * public_shares,
unsigned _t);
......
secure_enclave/Makefile.am
View file @ 41429ab9
......@@ -85,7 +85,7 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h
secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
secure_enclave.c \
curves.c domain_parameters.c numbertheory.c point.c signature.c drive_key_dkg.c \
curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c \
DKGUtils.cpp BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
......
secure_enclave/Makefile.in
View file @ 41429ab9
......@@ -109,7 +109,7 @@ am__objects_1 =
am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \
secure_enclave.$(OBJEXT) curves.$(OBJEXT) \
domain_parameters.$(OBJEXT) numbertheory.$(OBJEXT) \
point.$(OBJEXT) signature.$(OBJEXT) drive_key_dkg.$(OBJEXT) \
point.$(OBJEXT) signature.$(OBJEXT) DH_dkg.$(OBJEXT) \
DKGUtils.$(OBJEXT) BLSEnclave.$(OBJEXT) \
alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \
alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1)
......@@ -138,14 +138,13 @@ am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__maybe_remake_depfiles = depfiles
am__depfiles_remade = ./$(DEPDIR)/BLSEnclave.Po \
am__depfiles_remade = ./$(DEPDIR)/BLSEnclave.Po ./$(DEPDIR)/DH_dkg.Po \
./$(DEPDIR)/DKGUtils.Po ./$(DEPDIR)/alt_bn128_g1.Po \
./$(DEPDIR)/alt_bn128_g2.Po ./$(DEPDIR)/alt_bn128_init.Po \
./$(DEPDIR)/curves.Po ./$(DEPDIR)/domain_parameters.Po \
./$(DEPDIR)/drive_key_dkg.Po ./$(DEPDIR)/numbertheory.Po \
./$(DEPDIR)/point.Po ./$(DEPDIR)/secure_enclave.Po \
./$(DEPDIR)/secure_enclave_t.Po ./$(DEPDIR)/signature.Po \
./$(DEPDIR)/signed_enclave_debug.Po \
./$(DEPDIR)/numbertheory.Po ./$(DEPDIR)/point.Po \
./$(DEPDIR)/secure_enclave.Po ./$(DEPDIR)/secure_enclave_t.Po \
./$(DEPDIR)/signature.Po ./$(DEPDIR)/signed_enclave_debug.Po \
./$(DEPDIR)/signed_enclave_rel.Po
am__mv = mv -f
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
......@@ -344,7 +343,7 @@ ENCLAVE_CONFIG = $(ENCLAVE).config.xml
ENCLAVE_KEY = $(ENCLAVE)_private.pem
secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
secure_enclave.c \
curves.c domain_parameters.c numbertheory.c point.c signature.c drive_key_dkg.c \
curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c \
DKGUtils.cpp BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
......@@ -439,13 +438,13 @@ distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/curves.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domain_parameters.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/drive_key_dkg.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numbertheory.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/point.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@ # am--include-marker
......@@ -659,13 +658,13 @@ clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am
distclean: distclean-am
-rm -f ./$(DEPDIR)/BLSEnclave.Po
-rm -f ./$(DEPDIR)/DH_dkg.Po
-rm -f ./$(DEPDIR)/DKGUtils.Po
-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
-rm -f ./$(DEPDIR)/alt_bn128_g2.Po
-rm -f ./$(DEPDIR)/alt_bn128_init.Po
-rm -f ./$(DEPDIR)/curves.Po
-rm -f ./$(DEPDIR)/domain_parameters.Po
-rm -f ./$(DEPDIR)/drive_key_dkg.Po
-rm -f ./$(DEPDIR)/numbertheory.Po
-rm -f ./$(DEPDIR)/point.Po
-rm -f ./$(DEPDIR)/secure_enclave.Po
......@@ -719,13 +718,13 @@ installcheck-am:
maintainer-clean: maintainer-clean-am
-rm -f ./$(DEPDIR)/BLSEnclave.Po
-rm -f ./$(DEPDIR)/DH_dkg.Po
-rm -f ./$(DEPDIR)/DKGUtils.Po
-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
-rm -f ./$(DEPDIR)/alt_bn128_g2.Po
-rm -f ./$(DEPDIR)/alt_bn128_init.Po
-rm -f ./$(DEPDIR)/curves.Po
-rm -f ./$(DEPDIR)/domain_parameters.Po
-rm -f ./$(DEPDIR)/drive_key_dkg.Po
-rm -f ./$(DEPDIR)/numbertheory.Po
-rm -f ./$(DEPDIR)/point.Po
-rm -f ./$(DEPDIR)/secure_enclave.Po
......
secure_enclave/secure_enclave.c
View file @ 41429ab9
......@@ -31,14 +31,6 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/*#include <openssl/ecdsa.h>
#include <openssl/ec.h>
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include "tSgxSSL_api.h"*/
#include "secure_enclave_t.h"
#include "sgx_tcrypto.h"
#include "sgx_tseal.h"
......@@ -54,13 +46,15 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "point.h"
#include "signature.h"
#include "curves.h"
#include "drive_key_dkg.h"
#include <string.h>
#include "DH_dkg.h"
#include <sgx_tcrypto.h>
#include "../sgxwallet_common.h"
uint8_t Decrypted_dkg_poly[DKG_BUFER_LENGTH] ;
void *(*gmp_realloc_func)(void *, size_t, size_t);
void *(*oc_realloc_func)(void *, size_t, size_t);
......@@ -557,50 +551,66 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint
}
void drive_key(int *err_status, char *err_string, uint8_t *encrypted_skey, uint32_t* dec_len, char* result_str, char* pub_keyB ){
void set_encrypted_dkg_poly(int *err_status, char *err_string, uint8_t* encrypted_poly){
/* //char* skey = (char*)malloc(1024);
char* pub_key = (char*)malloc(1024);
uint32_t decr_len;
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *)encrypted_poly, NULL, 0, Decrypted_dkg_poly, &decr_len);
mpz_t skey;
mpz_init(skey);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"sgx_unseal_data failed with status %d", status);
return;
}
gen_session_keys(skey, pub_key);
char arr_sk[mpz_sizeinbase (skey, 16) + 2];
char* sk = mpz_get_str(arr_sk, 16, skey);
snprintf(err_string, BUF_LEN,"skey is %s length %d", arr_sk, strlen(arr_sk));
}
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
sgx_status_t status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t*)arr_sk, sealedLen,(sgx_sealed_data_t*)encrypted_skey);
void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey, uint32_t* dec_len,
char* result_str, char* pub_keyB, uint8_t _t, uint8_t _n, uint8_t ind ){
if( status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"SGX seal data failed");
}*/
/* char arr_r[mpz_sizeinbase (sign->r, base) + 2];
char* r = mpz_get_str(arr_r, base, sign->r);
strncpy(sig_r, arr_r, 1024);
char skey[ECDSA_SKEY_LEN];
char *pub_key_x = (char *)calloc(1024, 1);
char *pub_key_y = (char *)calloc(1024, 1);
char arr_s[mpz_sizeinbase (sign->s, base) + 2];
char* s = mpz_get_str(arr_s, base, sign->s);
strncpy(sig_s, arr_s, 1024);*/
uint32_t enc_len;
char skey[ECDSA_SKEY_LEN];
generate_ecdsa_key(err_status, err_string, encrypted_skey, &enc_len, pub_key_x, pub_key_y);
snprintf(err_string, BUF_LEN,"pub_key_x is %s", pub_key_x);
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *)encrypted_skey, NULL, 0, skey, dec_len);
(const sgx_sealed_data_t *)encrypted_skey, NULL, 0, (uint8_t *)skey, &enc_len);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"sgx_unseal_data failed with status %d", status);
return;
}
char * common_key = malloc(64*2);
char * common_key = (char *)malloc(65);
gen_session_key(skey, pub_keyB, common_key);
//snprintf(err_string, BUF_LEN,"common key is %s", common_key);
char* s_share = (char *)malloc(65);
//char s_share[65];
calc_secret_share(Decrypted_dkg_poly, s_share, _t, _n, ind);
//snprintf(err_string, BUF_LEN,"secret share is %s", s_share);
char* cypher = (char *)malloc(65);
xor_encrypt(common_key, s_share, cypher);
//snprintf(err_string, BUF_LEN,"cypher is %s length is %d", cypher, strlen(cypher));
strncpy(result_str, cypher, strlen(cypher));
strncpy(result_str + strlen(cypher), pub_key_x, strlen(pub_key_x));
strncpy(result_str + strlen(pub_key_x) + strlen(pub_key_y), pub_key_y, strlen(pub_key_y));
//snprintf(err_string, BUF_LEN,"s_share is %s length is %d", result_str, strlen(result_str));
//mpz_clear(skey);
//free(skey);
free(common_key);
free(pub_key_x);
free(pub_key_y);
free(s_share);
free(cypher);
}
mpz_clear(skey);
//free(skey);
//free(pub_key);
}
secure_enclave/secure_enclave.config.xml
View file @ 41429ab9
......@@ -3,7 +3,8 @@
<ISVSVN>0</ISVSVN>
<StackMaxSize>0x100000</StackMaxSize>
<HeapMaxSize>0x1000000</HeapMaxSize>
<TCSNum>1</TCSNum>
<TCSNum>16</TCSNum>
<TCSMaxNum>16</TCSMaxNum>
<TCSPolicy>1</TCSPolicy>
<!-- Recommend changing 'DisableDebug' to 1 to make the enclave undebuggable for enclave release -->
<DisableDebug>0</DisableDebug>
......
secure_enclave/secure_enclave.edl
View file @ 41429ab9
......@@ -103,13 +103,20 @@ enclave {
[user_check] uint8_t* sig_v,
int base);
public void drive_key(
public void set_encrypted_dkg_poly( [user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 3050] uint8_t* encrypted_poly);
public void get_encr_sshare(
[user_check]int *err_status,
[out, count = 1024] char *err_string,
[out, count = 1024] uint8_t *encrypted_skey,
[user_check]uint32_t* enc_len,
[out, count = 1024] char* result_str,
[out, count = 1024] char* pub_keyB );
[user_check] uint32_t* dec_len,
[out, count = 193] char* result_str,
[in, count = 129] char* pub_keyB,
uint8_t _t,
uint8_t _n,
uint8_t ind);
};
......
sgxwallet_common.h
View file @ 41429ab9
......@@ -32,6 +32,7 @@
#define ECDSA_SKEY_LEN 65
#define ECDSA_SKEY_BASE 16
#define ECDSA_ENCR_LEN 625
#define ECDSA_BIN_LEN 33
#define UNKNOWN_ERROR -1
#define PLAINTEXT_KEY_TOO_LONG -2
......
spec.json
View file @ 41429ab9
......@@ -111,5 +111,19 @@
"Verification Vector": [{},{}]
}
},
{
"name": "getSecretShare",
"params": {
"polyName": "key1",
"publicKeys": "123",
"n": 3,
"t": 3
},
"returns": {
"status": 0,
"errorMessage": "12345",
"SecretShare": "123"
}
}
]
\ No newline at end of file
stubclient.h
View file @ 41429ab9
......@@ -106,6 +106,19 @@ class StubClient : public jsonrpc::Client
else
throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
}
Json::Value getSecretShare(const std::string& polyName, const std::string& publicKeys, int n, int t) throw (jsonrpc::JsonRpcException)
{
Json::Value p;
p["polyName"] = polyName;
p["publicKeys"] = publicKeys;
p["n"] = n;
p["t"] = t;
Json::Value result = this->CallMethod("getSecretShare",p);
if (result.isObject())
return result;
else
throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
}
};
#endif //JSONRPC_CPP_STUB_STUBCLIENT_H_
testw.cpp
View file @ 41429ab9
......@@ -493,25 +493,42 @@ TEST_CASE( "DKG public shares test", "[dkg-pub_shares]" ) {
sgx_destroy_enclave(eid);
}
TEST_CASE( "DKG drive key test", "[dkg-drive-key]" ) {
TEST_CASE( "DKG encrypted secret shares test", "[dkg-encr_sshares]" ) {
// init_all();
init_enclave();
uint8_t *encrypted_key = (uint8_t *) calloc(BUF_LEN, 1);
char *errMsg = (char *)calloc(1024, 1);
char *result = (char *)calloc(1024, 1);
char *pub_key = (char *)calloc(1024, 1);
char *result = (char *)calloc(130, 1);
int err_status = 0;
uint32_t enc_len = 0;
unsigned t = 3, n = 4;
status = drive_key(eid, &err_status, errMsg, encrypted_key, &enc_len, result,
pub_key);
uint8_t* encrypted_dkg_secret = (uint8_t*) calloc(DKG_MAX_SEALED_LEN, 1);
status = gen_dkg_secret (eid, &err_status, errMsg, encrypted_dkg_secret, &enc_len, 2);
REQUIRE(status == SGX_SUCCESS);
std::cerr << " poly generated" << std::endl;
status = set_encrypted_dkg_poly(eid, &err_status, errMsg, encrypted_dkg_secret);
REQUIRE(status == SGX_SUCCESS);
std::cerr << " poly set" << std::endl;
uint8_t *encr_pr_DHkey = (uint8_t *)calloc(1024, 1);
char *pub_key_x = (char *)calloc(1024, 1);
char *pub_key_y = (char *)calloc(1024, 1);
char *pub_keyB = "c0152c48bf640449236036075d65898fded1e242c00acb45519ad5f788ea7cbf9a5df1559e7fc87932eee5478b1b9023de19df654395574a690843988c3ff475";
status = get_encr_sshare(eid, &err_status, errMsg, encr_pr_DHkey, &enc_len, result,
pub_keyB, 2, 2, 1);
REQUIRE(status == SGX_SUCCESS);
printf(" drive_key completed with status: %d %s \n", err_status, errMsg);
printf(" get_encr_sshare completed with status: %d %s \n", err_status, errMsg);
std::cerr << "secret share is " << result << std::endl;
}
......@@ -653,8 +670,21 @@ TEST_CASE("API test", "[api_test]") {
//cout<<c.getPublicECDSAKey("test_key");
//cout << c.ecdsaSignMessageHash(16, "known_key1","0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db" );
// cout << c.blsSignMessageHash(TEST_BLS_KEY_NAME, "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db", 2,2,1 );
// cout << c.generateDKGPoly("polyy", 5);
cout << c.getVerificationVector("polyy", 5, 5);
// cout << c.generateDKGPoly("p2", 2);
//cout << c.getVerificationVector("polyy", 5, 5);
cout << c.getSecretShare("p2",
"669aa790e1c5f5199af82ab0b6f1965c382d23a2ebdda581454adba3fd082a30edab62b545f78f1e402ceef7340a0364a7046633d6151fe7e657d8b8a6352378b3e6fdfe2633256ae1662fcd23466d02ead907b5d4366136341cea5e46f5a7bb67d897d6e35f619810238aa143c416f61c640ed214eb9c67a34c4a31b7d25e6e",
2,2);
// cout << c.generateDKGPoly("p3", 3);
// cout << c.getSecretShare("p3",
// "669aa790e1c5f5199af82ab0b6f1965c382d23a2ebdda581454adba3fd082a30edab62b545f78f1e402ceef7340a0364a7046633d6151fe7e657d8b8a6352378b3e6fdfe2633256ae1662fcd23466d02ead907b5d4366136341cea5e46f5a7bb67d897d6e35f619810238aa143c416f61c640ed214eb9c67a34c4a31b7d25e6e9d43f1c88581f53af993da1654c9f91829c1fe5344c4452ef8d2d8675c6a051c19029f6e4f82b035fb3552058cf22c5bbafd9e6456d579634987281765d130b0",
// 3,3);
} catch (JsonRpcException &e) {
cerr << e.what() << endl;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment