Skip to content

S
sgxwallet
Unverified Commit 416359cc authored by Oleh Nikolaiev's avatar Oleh Nikolaiev
Browse files
Options

SKALE-4096 add more logs

parent 25ea58db
Show whitespace changes
Inline Side-by-side
Showing with 5 additions and 35 deletions
ECDSACrypto.cpp
View file @ 416359cc
...@@ -240,9 +240,7 @@ string encryptECDSAKey(const string& _key) { ...@@ -240,9 +240,7 @@ string encryptECDSAKey(const string& _key) {
status = trustedEncryptKey(eid, &errStatus, errString.data(), key.data(), status = trustedEncryptKey(eid, &errStatus, errString.data(), key.data(),
encryptedKey.data(), &enc_len); encryptedKey.data(), &enc_len);
if (status != 0) { HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errString.data());
throw SGXException(status, string("Could not encrypt ECDSA key: " + string(errString.begin(), errString.end())).c_str());
}
vector<char> hexEncrKey = carray2Hex(encryptedKey.data(), enc_len); vector<char> hexEncrKey = carray2Hex(encryptedKey.data(), enc_len);
......
secure_enclave/AESUtils.c
View file @ 416359cc
...@@ -114,8 +114,6 @@ int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t ...@@ -114,8 +114,6 @@ int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t
return -1; return -1;
} }
uint64_t len = length - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE; uint64_t len = length - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE;
if (msgLen < len) { if (msgLen < len) {
......
secure_enclave/DKGUtils.cpp
View file @ 416359cc
...@@ -107,7 +107,6 @@ string ConvertToString(const T &field_elem, int base = 10) { ...@@ -107,7 +107,6 @@ string ConvertToString(const T &field_elem, int base = 10) {
clean: clean:
mpz_clear(t); mpz_clear(t);
return ret; return ret;
} }
string ConvertG2ToString(const libff::alt_bn128_G2 &elem, int base = 10, const string &delim = ":") { string ConvertG2ToString(const libff::alt_bn128_G2 &elem, int base = 10, const string &delim = ":") {
...@@ -299,8 +298,8 @@ int calc_secret_share(const char *decrypted_coeffs, char *s_share, ...@@ -299,8 +298,8 @@ int calc_secret_share(const char *decrypted_coeffs, char *s_share,
strncpy(s_share, cur_share.c_str(), cur_share.length() + 1); strncpy(s_share, cur_share.c_str(), cur_share.length() + 1);
result = 0; result = 0;
return result;
return result;
} catch (exception &e) { } catch (exception &e) {
LOG_ERROR(e.what()); LOG_ERROR(e.what());
return result; return result;
...@@ -326,7 +325,6 @@ int calc_secret_shareG2(const char *s_share, char *s_shareG2) { ...@@ -326,7 +325,6 @@ int calc_secret_shareG2(const char *s_share, char *s_shareG2) {
try { try {
if (mpz_set_str(share, s_share, 16) == -1) { if (mpz_set_str(share, s_share, 16) == -1) {
goto clean; goto clean;
} }
......
secure_enclave/EnclaveCommon.cpp
View file @ 416359cc
...@@ -103,7 +103,6 @@ string *stringFromG1(libff::alt_bn128_G1 *_g1) { ...@@ -103,7 +103,6 @@ string *stringFromG1(libff::alt_bn128_G1 *_g1) {
string *sY = nullptr; string *sY = nullptr;
string *ret = nullptr; string *ret = nullptr;
try { try {
_g1->to_affine_coordinates(); _g1->to_affine_coordinates();
...@@ -135,7 +134,6 @@ string *stringFromG1(libff::alt_bn128_G1 *_g1) { ...@@ -135,7 +134,6 @@ string *stringFromG1(libff::alt_bn128_G1 *_g1) {
SAFE_DELETE(sY); SAFE_DELETE(sY);
return ret; return ret;
} }
libff::alt_bn128_Fr *keyFromString(const char *_keyStringHex) { libff::alt_bn128_Fr *keyFromString(const char *_keyStringHex) {
...@@ -264,7 +262,6 @@ bool enclave_sign(const char *_keyString, const char *_hashXString, const char * ...@@ -264,7 +262,6 @@ bool enclave_sign(const char *_keyString, const char *_hashXString, const char *
SAFE_DELETE(key); SAFE_DELETE(key);
SAFE_DELETE(r); SAFE_DELETE(r);
return ret; return ret;
} }
void carray2Hex(const unsigned char *d, int _len, char *_hexArray) { void carray2Hex(const unsigned char *d, int _len, char *_hexArray) {
......
secure_enclave/secure_enclave.c
View file @ 416359cc
...@@ -167,11 +167,6 @@ void trustedEnclaveInit(uint64_t _logLevel) { ...@@ -167,11 +167,6 @@ void trustedEnclaveInit(uint64_t _logLevel) {
LOG_INFO("SECURITY WARNING: sgxwallet is running in INSECURE SIMULATION MODE! NEVER USE IN PRODUCTION!"); LOG_INFO("SECURITY WARNING: sgxwallet is running in INSECURE SIMULATION MODE! NEVER USE IN PRODUCTION!");
#endif #endif
} }
void free_function(void *ptr, size_t sz) { void free_function(void *ptr, size_t sz) {
...@@ -244,7 +239,6 @@ void sealHexSEK(int *errStatus, char *errString, ...@@ -244,7 +239,6 @@ void sealHexSEK(int *errStatus, char *errString,
CHECK_STATE(sek_hex); CHECK_STATE(sek_hex);
CHECK_STATE(strnlen(sek_hex, 33) == 32) CHECK_STATE(strnlen(sek_hex, 33) == 32)
uint64_t plaintextLen = strlen(sek_hex) + 1; uint64_t plaintextLen = strlen(sek_hex) + 1;
uint64_t sealedLen = sgx_calc_sealed_data_size(0, plaintextLen); uint64_t sealedLen = sgx_calc_sealed_data_size(0, plaintextLen);
...@@ -262,7 +256,6 @@ void sealHexSEK(int *errStatus, char *errString, ...@@ -262,7 +256,6 @@ void sealHexSEK(int *errStatus, char *errString,
CHECK_STATE(encrypt_text_length = plaintextLen); CHECK_STATE(encrypt_text_length = plaintextLen);
SAFE_CHAR_BUF(unsealedKey, BUF_LEN); SAFE_CHAR_BUF(unsealedKey, BUF_LEN);
uint32_t decLen = BUF_LEN; uint32_t decLen = BUF_LEN;
...@@ -287,7 +280,6 @@ void trustedGenerateSEK(int *errStatus, char *errString, ...@@ -287,7 +280,6 @@ void trustedGenerateSEK(int *errStatus, char *errString,
LOG_INFO(__FUNCTION__); LOG_INFO(__FUNCTION__);
INIT_ERROR_STATE INIT_ERROR_STATE
CHECK_STATE(encrypted_sek); CHECK_STATE(encrypted_sek);
CHECK_STATE(sek_hex); CHECK_STATE(sek_hex);
...@@ -296,11 +288,11 @@ void trustedGenerateSEK(int *errStatus, char *errString, ...@@ -296,11 +288,11 @@ void trustedGenerateSEK(int *errStatus, char *errString,
carray2Hex((uint8_t*) SEK_raw, SGX_AESGCM_KEY_SIZE, sek_hex); carray2Hex((uint8_t*) SEK_raw, SGX_AESGCM_KEY_SIZE, sek_hex);
memcpy(AES_key[512], SEK_raw, SGX_AESGCM_KEY_SIZE); memcpy(AES_key[512], SEK_raw, SGX_AESGCM_KEY_SIZE);
sealHexSEK(errStatus, errString, encrypted_sek, enc_len, sek_hex); sealHexSEK(errStatus, errString, encrypted_sek, enc_len, sek_hex);
if (*errStatus != 0) { if (*errStatus != 0) {
LOG_ERROR("sealHexSEK failed"); LOG_ERROR("sealHexSEK failed");
LOG_ERROR(errString);
goto clean; goto clean;
} }
...@@ -333,7 +325,6 @@ void trustedSetSEK(int *errStatus, char *errString, uint8_t *encrypted_sek) { ...@@ -333,7 +325,6 @@ void trustedSetSEK(int *errStatus, char *errString, uint8_t *encrypted_sek) {
uint64_t len; uint64_t len;
hex2carray(aes_key_hex, &len, (uint8_t *) (AES_key[512])); hex2carray(aes_key_hex, &len, (uint8_t *) (AES_key[512]));
SET_SUCCESS SET_SUCCESS
...@@ -354,11 +345,11 @@ void trustedSetSEKBackup(int *errStatus, char *errString, ...@@ -354,11 +345,11 @@ void trustedSetSEKBackup(int *errStatus, char *errString,
uint64_t len; uint64_t len;
hex2carray(sek_hex, &len, (uint8_t *) (AES_key[512])); hex2carray(sek_hex, &len, (uint8_t *) (AES_key[512]));
sealHexSEK(errStatus, errString, encrypted_sek, enc_len, (char *)sek_hex); sealHexSEK(errStatus, errString, encrypted_sek, enc_len, (char *)sek_hex);
if (*errStatus != 0) { if (*errStatus != 0) {
LOG_ERROR("sealHexSEK failed"); LOG_ERROR("sealHexSEK failed");
LOG_ERROR(errString);
goto clean; goto clean;
} }
...@@ -537,7 +528,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate ...@@ -537,7 +528,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
uint8_t type = 0; uint8_t type = 0;
uint8_t exportable = 0; uint8_t exportable = 0;
int status = AES_decrypt(encryptedPrivateKey, enc_len, skey, BUF_LEN, int status = AES_decrypt(encryptedPrivateKey, enc_len, skey, BUF_LEN,
&type, &exportable); &type, &exportable);
...@@ -572,6 +562,7 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate ...@@ -572,6 +562,7 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
if (!signature_verify(msgMpz, sign, Pkey, curve)) { if (!signature_verify(msgMpz, sign, Pkey, curve)) {
*errStatus = -2; *errStatus = -2;
snprintf(errString, BUF_LEN, "signature is not verified! "); snprintf(errString, BUF_LEN, "signature is not verified! ");
LOG_ERROR(errString);
point_clear(Pkey); point_clear(Pkey);
goto clean; goto clean;
} }
...@@ -766,8 +757,6 @@ trustedGenDkgSecret(int *errStatus, char *errString, uint8_t *encrypted_dkg_secr ...@@ -766,8 +757,6 @@ trustedGenDkgSecret(int *errStatus, char *errString, uint8_t *encrypted_dkg_secr
CHECK_STATUS("SGX AES encrypt DKG poly failed"); CHECK_STATUS("SGX AES encrypt DKG poly failed");
SAFE_CHAR_BUF(decr_dkg_secret, DKG_BUFER_LENGTH); SAFE_CHAR_BUF(decr_dkg_secret, DKG_BUFER_LENGTH);
uint8_t type = 0; uint8_t type = 0;
...@@ -850,7 +839,6 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *errString, ...@@ -850,7 +839,6 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *errString,
char *result_str, char *s_shareG2, char *pub_keyB, uint8_t _t, uint8_t _n, char *result_str, char *s_shareG2, char *pub_keyB, uint8_t _t, uint8_t _n,
uint8_t ind) { uint8_t ind) {
LOG_INFO(__FUNCTION__); LOG_INFO(__FUNCTION__);
INIT_ERROR_STATE INIT_ERROR_STATE
...@@ -868,7 +856,6 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *errString, ...@@ -868,7 +856,6 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *errString,
CHECK_STATUS2("trustedSetEncryptedDkgPoly failed with status %d "); CHECK_STATUS2("trustedSetEncryptedDkgPoly failed with status %d ");
SAFE_CHAR_BUF(skey, BUF_LEN); SAFE_CHAR_BUF(skey, BUF_LEN);
SAFE_CHAR_BUF(pub_key_x, BUF_LEN);SAFE_CHAR_BUF(pub_key_y, BUF_LEN); SAFE_CHAR_BUF(pub_key_x, BUF_LEN);SAFE_CHAR_BUF(pub_key_y, BUF_LEN);
...@@ -942,7 +929,6 @@ void trustedGetEncryptedSecretShareV2(int *errStatus, char *errString, ...@@ -942,7 +929,6 @@ void trustedGetEncryptedSecretShareV2(int *errStatus, char *errString,
CHECK_STATUS2("trustedSetEncryptedDkgPoly failed with status %d "); CHECK_STATUS2("trustedSetEncryptedDkgPoly failed with status %d ");
SAFE_CHAR_BUF(skey, BUF_LEN); SAFE_CHAR_BUF(skey, BUF_LEN);
SAFE_CHAR_BUF(pub_key_x, BUF_LEN); SAFE_CHAR_BUF(pub_key_x, BUF_LEN);
...@@ -974,7 +960,6 @@ void trustedGetEncryptedSecretShareV2(int *errStatus, char *errString, ...@@ -974,7 +960,6 @@ void trustedGetEncryptedSecretShareV2(int *errStatus, char *errString,
status = calc_secret_share(getThreadLocalDecryptedDkgPoly(), s_share, _t, _n, ind); status = calc_secret_share(getThreadLocalDecryptedDkgPoly(), s_share, _t, _n, ind);
CHECK_STATUS("calc secret share failed") CHECK_STATUS("calc secret share failed")
status = calc_secret_shareG2(s_share, s_shareG2); status = calc_secret_shareG2(s_share, s_shareG2);
CHECK_STATUS("invalid decr secret share"); CHECK_STATUS("invalid decr secret share");
...@@ -1215,7 +1200,6 @@ void trustedCreateBlsKey(int *errStatus, char *errString, const char *s_shares, ...@@ -1215,7 +1200,6 @@ void trustedCreateBlsKey(int *errStatus, char *errString, const char *s_shares,
mpz_clear(decr_secret_share); mpz_clear(decr_secret_share);
} }
mpz_mod(bls_key, sum, q); mpz_mod(bls_key, sum, q);
SAFE_CHAR_BUF(key_share, BLS_KEY_LENGTH); SAFE_CHAR_BUF(key_share, BLS_KEY_LENGTH);
...@@ -1272,7 +1256,6 @@ void trustedCreateBlsKeyV2(int *errStatus, char *errString, const char *s_shares ...@@ -1272,7 +1256,6 @@ void trustedCreateBlsKeyV2(int *errStatus, char *errString, const char *s_shares
uint8_t type = 0; uint8_t type = 0;
uint8_t exportable = 0; uint8_t exportable = 0;
int status = AES_decrypt(encryptedPrivateKey, key_len, skey, BUF_LEN, int status = AES_decrypt(encryptedPrivateKey, key_len, skey, BUF_LEN,
&type, &exportable); &type, &exportable);
CHECK_STATUS2("aes decrypt failed with status %d"); CHECK_STATUS2("aes decrypt failed with status %d");
...@@ -1326,7 +1309,6 @@ void trustedCreateBlsKeyV2(int *errStatus, char *errString, const char *s_shares ...@@ -1326,7 +1309,6 @@ void trustedCreateBlsKeyV2(int *errStatus, char *errString, const char *s_shares
mpz_clear(decr_secret_share); mpz_clear(decr_secret_share);
} }
mpz_mod(bls_key, sum, q); mpz_mod(bls_key, sum, q);
SAFE_CHAR_BUF(key_share, BLS_KEY_LENGTH); SAFE_CHAR_BUF(key_share, BLS_KEY_LENGTH);
...@@ -1385,6 +1367,4 @@ trustedGetBlsPubKey(int *errStatus, char *errString, uint8_t *encryptedPrivateKe ...@@ -1385,6 +1367,4 @@ trustedGetBlsPubKey(int *errStatus, char *errString, uint8_t *encryptedPrivateKe
clean: clean:
; ;
} }
secure_enclave/secure_enclave.edl
View file @ 416359cc
...@@ -13,7 +13,6 @@ enclave { ...@@ -13,7 +13,6 @@ enclave {
public void trustedEnclaveInit(uint64_t _logLevel); public void trustedEnclaveInit(uint64_t _logLevel);
public void trustedGenerateSEK( public void trustedGenerateSEK(
[out] int *errStatus, [out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char *err_string, [out, count = SMALL_BUF_SIZE] char *err_string,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment