SKALE-4096 add more logs

416359cc · Oleh Nikolaiev · 25ea58db · 416359cc · 416359cc · 416359cc
Unverified Commit 416359cc authored 3 years ago by Oleh Nikolaiev
6 changed files
--- a/ECDSACrypto.cpp
+++ b/ECDSACrypto.cpp
@@ -240,9 +240,7 @@ string encryptECDSAKey(const string& _key) {
    status = trustedEncryptKey(eid, &errStatus, errString.data(), key.data(),
                               encryptedKey.data(), &enc_len);

-    if (status != 0) {
-        throw SGXException(status, string("Could not encrypt ECDSA key: " + string(errString.begin(), errString.end())).c_str());
-    }
+    HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errString.data());

    vector<char> hexEncrKey = carray2Hex(encryptedKey.data(), enc_len);


--- a/secure_enclave/AESUtils.c
+++ b/secure_enclave/AESUtils.c
@@ -114,8 +114,6 @@ int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t
      return -1;
  }

-
-
  uint64_t len = length - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE;

  if (msgLen < len) {

--- a/secure_enclave/DKGUtils.cpp
+++ b/secure_enclave/DKGUtils.cpp
@@ -107,7 +107,6 @@ string ConvertToString(const T &field_elem, int base = 10) {
    clean:
    mpz_clear(t);
    return ret;
-
 }

 string ConvertG2ToString(const libff::alt_bn128_G2 &elem, int base = 10, const string &delim = ":") {
@@ -299,8 +298,8 @@ int calc_secret_share(const char *decrypted_coeffs, char *s_share,

        strncpy(s_share, cur_share.c_str(), cur_share.length() + 1);
        result = 0;
-        return result;

+        return result;
    } catch (exception &e) {
        LOG_ERROR(e.what());
        return result;
@@ -326,7 +325,6 @@ int calc_secret_shareG2(const char *s_share, char *s_shareG2) {

    try {

-
        if (mpz_set_str(share, s_share, 16) == -1) {
            goto clean;
        }

--- a/secure_enclave/EnclaveCommon.cpp
+++ b/secure_enclave/EnclaveCommon.cpp
@@ -103,7 +103,6 @@ string *stringFromG1(libff::alt_bn128_G1 *_g1) {
    string *sY = nullptr;
    string *ret = nullptr;

-
    try {
        _g1->to_affine_coordinates();

@@ -135,7 +134,6 @@ string *stringFromG1(libff::alt_bn128_G1 *_g1) {
    SAFE_DELETE(sY);

    return ret;
-
 }

 libff::alt_bn128_Fr *keyFromString(const char *_keyStringHex) {
@@ -264,7 +262,6 @@ bool enclave_sign(const char *_keyString, const char *_hashXString, const char *
    SAFE_DELETE(key);
    SAFE_DELETE(r);
    return ret;
-
 }

 void carray2Hex(const unsigned char *d, int _len, char *_hexArray) {

--- a/secure_enclave/secure_enclave.c
+++ b/secure_enclave/secure_enclave.c
@@ -167,11 +167,6 @@ void trustedEnclaveInit(uint64_t _logLevel) {
    LOG_INFO("SECURITY WARNING: sgxwallet is running in INSECURE SIMULATION MODE! NEVER USE IN PRODUCTION!");
 #endif

-
-
-
-
-
 }

 void free_function(void *ptr, size_t sz) {
@@ -243,7 +238,6 @@ void sealHexSEK(int *errStatus, char *errString,
    CHECK_STATE(encrypted_sek);
    CHECK_STATE(sek_hex);
    CHECK_STATE(strnlen(sek_hex, 33) == 32)
-    

    uint64_t plaintextLen = strlen(sek_hex) + 1;
    
@@ -262,7 +256,6 @@ void sealHexSEK(int *errStatus, char *errString,

    CHECK_STATE(encrypt_text_length = plaintextLen);

-
    SAFE_CHAR_BUF(unsealedKey, BUF_LEN);
    uint32_t decLen = BUF_LEN;

@@ -287,7 +280,6 @@ void trustedGenerateSEK(int *errStatus, char *errString,
    LOG_INFO(__FUNCTION__);
    INIT_ERROR_STATE

-
    CHECK_STATE(encrypted_sek);
    CHECK_STATE(sek_hex);

@@ -296,11 +288,11 @@ void trustedGenerateSEK(int *errStatus, char *errString,
    carray2Hex((uint8_t*) SEK_raw, SGX_AESGCM_KEY_SIZE, sek_hex);
    memcpy(AES_key[512], SEK_raw, SGX_AESGCM_KEY_SIZE);

-
    sealHexSEK(errStatus, errString, encrypted_sek, enc_len, sek_hex);

    if (*errStatus != 0) {
        LOG_ERROR("sealHexSEK failed");
+        LOG_ERROR(errString);
        goto clean;
    }

@@ -333,7 +325,6 @@ void trustedSetSEK(int *errStatus, char *errString, uint8_t *encrypted_sek) {

    uint64_t len;

-
    hex2carray(aes_key_hex, &len, (uint8_t *) (AES_key[512]));

    SET_SUCCESS
@@ -354,11 +345,11 @@ void trustedSetSEKBackup(int *errStatus, char *errString,
    uint64_t len;
    hex2carray(sek_hex, &len, (uint8_t *) (AES_key[512]));

-
    sealHexSEK(errStatus, errString, encrypted_sek, enc_len, (char *)sek_hex);

    if (*errStatus != 0) {
        LOG_ERROR("sealHexSEK failed");
+        LOG_ERROR(errString);
        goto clean;
    }

@@ -537,7 +528,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
    uint8_t type = 0;
    uint8_t exportable = 0;

-
    int status = AES_decrypt(encryptedPrivateKey, enc_len, skey, BUF_LEN,
                             &type, &exportable);

@@ -572,6 +562,7 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
        if (!signature_verify(msgMpz, sign, Pkey, curve)) {
            *errStatus = -2;
            snprintf(errString, BUF_LEN, "signature is not verified! ");
+            LOG_ERROR(errString);
            point_clear(Pkey);
            goto clean;
        }
@@ -766,8 +757,6 @@ trustedGenDkgSecret(int *errStatus, char *errString, uint8_t *encrypted_dkg_secr

    CHECK_STATUS("SGX AES encrypt DKG poly failed");

-
-
    SAFE_CHAR_BUF(decr_dkg_secret, DKG_BUFER_LENGTH);

    uint8_t type = 0;
@@ -850,7 +839,6 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *errString,
                                       char *result_str, char *s_shareG2, char *pub_keyB, uint8_t _t, uint8_t _n,
                                       uint8_t ind) {

-
    LOG_INFO(__FUNCTION__);
    INIT_ERROR_STATE

@@ -868,7 +856,6 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *errString,

    CHECK_STATUS2("trustedSetEncryptedDkgPoly failed with status %d ");

-
    SAFE_CHAR_BUF(skey, BUF_LEN);

    SAFE_CHAR_BUF(pub_key_x, BUF_LEN);SAFE_CHAR_BUF(pub_key_y, BUF_LEN);
@@ -942,7 +929,6 @@ void trustedGetEncryptedSecretShareV2(int *errStatus, char *errString,

    CHECK_STATUS2("trustedSetEncryptedDkgPoly failed with status %d ");

-
    SAFE_CHAR_BUF(skey, BUF_LEN);

    SAFE_CHAR_BUF(pub_key_x, BUF_LEN);
@@ -974,7 +960,6 @@ void trustedGetEncryptedSecretShareV2(int *errStatus, char *errString,
    status = calc_secret_share(getThreadLocalDecryptedDkgPoly(), s_share, _t, _n, ind);
    CHECK_STATUS("calc secret share failed")

-
    status = calc_secret_shareG2(s_share, s_shareG2);
    CHECK_STATUS("invalid decr secret share");

@@ -1215,7 +1200,6 @@ void trustedCreateBlsKey(int *errStatus, char *errString, const char *s_shares,
        mpz_clear(decr_secret_share);
    }

-
    mpz_mod(bls_key, sum, q);

    SAFE_CHAR_BUF(key_share, BLS_KEY_LENGTH);
@@ -1272,7 +1256,6 @@ void trustedCreateBlsKeyV2(int *errStatus, char *errString, const char *s_shares
    uint8_t type = 0;
    uint8_t exportable = 0;

-
    int status = AES_decrypt(encryptedPrivateKey, key_len, skey, BUF_LEN,
                             &type, &exportable);
    CHECK_STATUS2("aes decrypt failed with status %d");
@@ -1326,7 +1309,6 @@ void trustedCreateBlsKeyV2(int *errStatus, char *errString, const char *s_shares
        mpz_clear(decr_secret_share);
    }

-
    mpz_mod(bls_key, sum, q);

    SAFE_CHAR_BUF(key_share, BLS_KEY_LENGTH);
@@ -1385,6 +1367,4 @@ trustedGetBlsPubKey(int *errStatus, char *errString, uint8_t *encryptedPrivateKe

    clean:
    ;
-
-
 }
--- a/secure_enclave/secure_enclave.edl
+++ b/secure_enclave/secure_enclave.edl
@@ -13,7 +13,6 @@ enclave {

 		public void trustedEnclaveInit(uint64_t _logLevel);

-
        public void trustedGenerateSEK(
                                [out] int *errStatus,
                                [out, count = SMALL_BUF_SIZE] char *err_string,