Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
S
sgxwallet
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
董子豪
sgxwallet
Commits
4a103ecf
Unverified
Commit
4a103ecf
authored
Apr 17, 2020
by
kladko
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
SKALE-2454-add-logs-to-enclave
parent
2f267c40
Changes
8
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
253 additions
and
258 deletions
+253
-258
BLSCrypto.cpp
BLSCrypto.cpp
+1
-2
DKGCrypto.cpp
DKGCrypto.cpp
+35
-39
ECDSACrypto.cpp
ECDSACrypto.cpp
+13
-13
BLSEnclave.cpp
secure_enclave/BLSEnclave.cpp
+4
-4
BLSEnclave.h
secure_enclave/BLSEnclave.h
+2
-2
secure_enclave.c
secure_enclave/secure_enclave.c
+139
-139
secure_enclave.edl
secure_enclave/secure_enclave.edl
+33
-33
testw.cpp
testw.cpp
+26
-26
No files found.
BLSCrypto.cpp
View file @
4a103ecf
...
@@ -162,7 +162,7 @@ bool sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t
...
@@ -162,7 +162,7 @@ bool sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t
if
(
!
hex2carray
(
_hashHex
,
&
binLen
,
hash
->
data
()))
{
if
(
!
hex2carray
(
_hashHex
,
&
binLen
,
hash
->
data
()))
{
throw
SGXException
(
INVALID_HEX
,
"Invalid hash"
);
throw
SGXException
(
INVALID_HEX
,
"Invalid hash"
);
}
}
// assert(binLen == hash->size());
...
@@ -203,7 +203,6 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
...
@@ -203,7 +203,6 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
if
(
!
hex2carray
(
_hashHex
,
&
binLen
,
hash
->
data
()))
{
if
(
!
hex2carray
(
_hashHex
,
&
binLen
,
hash
->
data
()))
{
throw
SGXException
(
INVALID_HEX
,
"Invalid hash"
);
throw
SGXException
(
INVALID_HEX
,
"Invalid hash"
);
}
}
// assert(binLen == hash->size());
...
...
DKGCrypto.cpp
View file @
4a103ecf
...
@@ -77,21 +77,21 @@ string ConvertToString(T field_elem, int base = 10) {
...
@@ -77,21 +77,21 @@ string ConvertToString(T field_elem, int base = 10) {
string
gen_dkg_poly
(
int
_t
)
{
string
gen_dkg_poly
(
int
_t
)
{
vector
<
char
>
errMsg
(
1024
,
0
);
vector
<
char
>
errMsg
(
1024
,
0
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
vector
<
uint8_t
>
encrypted_dkg_secret
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encrypted_dkg_secret
(
BUF_LEN
,
0
);
uint32_t
enc_len
=
0
;
uint32_t
enc_len
=
0
;
if
(
!
encryptKeys
)
if
(
!
encryptKeys
)
status
=
trustedGenDkgSecret
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
(),
&
enc_len
,
_t
);
status
=
trustedGenDkgSecret
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
(),
&
enc_len
,
_t
);
else
else
status
=
trustedGenDkgSecret_aes
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
(),
&
enc_len
,
_t
);
status
=
trustedGenDkgSecret_aes
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
(),
&
enc_len
,
_t
);
if
(
err
_s
tatus
!=
0
)
{
if
(
err
S
tatus
!=
0
)
{
throw
SGXException
(
-
666
,
errMsg
.
data
());
throw
SGXException
(
-
666
,
errMsg
.
data
());
}
}
spdlog
::
debug
(
"trustedGenDkgSecret, status {}"
,
err
_s
tatus
,
" err msg "
,
errMsg
.
data
());
spdlog
::
debug
(
"trustedGenDkgSecret, status {}"
,
err
S
tatus
,
" err msg "
,
errMsg
.
data
());
spdlog
::
debug
(
"in DKGCrypto encr len is {}"
,
enc_len
);
spdlog
::
debug
(
"in DKGCrypto encr len is {}"
,
enc_len
);
uint64_t
length
=
DKG_MAX_SEALED_LEN
;
uint64_t
length
=
DKG_MAX_SEALED_LEN
;
...
@@ -99,11 +99,8 @@ string gen_dkg_poly(int _t) {
...
@@ -99,11 +99,8 @@ string gen_dkg_poly(int _t) {
length
=
enc_len
;
length
=
enc_len
;
}
}
//vector<char> hexEncrPoly(DKG_MAX_SEALED_LEN * 2 + 1, 0);//(4*BUF_LEN, 1);
vector
<
char
>
hexEncrPoly
(
2
*
length
+
1
,
0
);
vector
<
char
>
hexEncrPoly
(
2
*
length
+
1
,
0
);
assert
(
encrypted_dkg_secret
.
size
()
>=
length
);
CHECK_STATE
(
encrypted_dkg_secret
.
size
()
>=
length
);
//carray2Hex(encrypted_dkg_secret.data(), DKG_MAX_SEALED_LEN, hexEncrPoly.data());
carray2Hex
(
encrypted_dkg_secret
.
data
(),
length
,
hexEncrPoly
.
data
());
carray2Hex
(
encrypted_dkg_secret
.
data
(),
length
,
hexEncrPoly
.
data
());
string
result
(
hexEncrPoly
.
data
());
string
result
(
hexEncrPoly
.
data
());
...
@@ -138,10 +135,12 @@ vector<vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n
...
@@ -138,10 +135,12 @@ vector<vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n
uint32_t
len
=
0
;
uint32_t
len
=
0
;
if
(
!
encryptKeys
)
if
(
!
encryptKeys
)
status
=
trustedGetPublicShares
(
eid
,
&
errStatus
,
errMsg1
.
data
(),
encrDKGPoly
.
data
(),
len
,
pubShares
.
data
(),
t
,
n
);
status
=
trustedGetPublicShares
(
eid
,
&
errStatus
,
errMsg1
.
data
(),
encrDKGPoly
.
data
(),
len
,
pubShares
.
data
(),
t
,
n
);
else
{
else
{
status
=
trustedGetPublicShares_aes
(
eid
,
&
errStatus
,
errMsg1
.
data
(),
encrDKGPoly
.
data
(),
encLen
,
pubShares
.
data
(),
t
,
n
);
status
=
trustedGetPublicShares_aes
(
eid
,
&
errStatus
,
errMsg1
.
data
(),
encrDKGPoly
.
data
(),
encLen
,
pubShares
.
data
(),
t
,
n
);
}
}
if
(
errStatus
!=
0
)
{
if
(
errStatus
!=
0
)
{
throw
SGXException
(
-
666
,
errMsg1
.
data
());
throw
SGXException
(
-
666
,
errMsg1
.
data
());
...
@@ -164,8 +163,9 @@ vector<vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n
...
@@ -164,8 +163,9 @@ vector<vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n
return
pubSharesVect
;
return
pubSharesVect
;
}
}
string
trustedGetSecretShares
(
const
string
&
_polyName
,
const
char
*
_encryptedPolyHex
,
const
vector
<
string
>
&
_publicKeys
,
int
_t
,
string
trustedGetSecretShares
(
const
string
&
_polyName
,
const
char
*
_encryptedPolyHex
,
const
vector
<
string
>
&
_publicKeys
,
int
_n
)
{
int
_t
,
int
_n
)
{
vector
<
char
>
errMsg1
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg1
(
BUF_LEN
,
0
);
vector
<
char
>
hexEncrKey
(
BUF_LEN
,
0
);
vector
<
char
>
hexEncrKey
(
BUF_LEN
,
0
);
...
@@ -173,14 +173,13 @@ string trustedGetSecretShares(const string &_polyName, const char *_encryptedPol
...
@@ -173,14 +173,13 @@ string trustedGetSecretShares(const string &_polyName, const char *_encryptedPol
uint64_t
encLen
=
0
;
uint64_t
encLen
=
0
;
vector
<
uint8_t
>
encrDKGPoly
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encrDKGPoly
(
BUF_LEN
,
0
);
if
(
!
hex2carray2
(
_encryptedPolyHex
,
&
encLen
,
encrDKGPoly
.
data
(),
6100
))
{
if
(
!
hex2carray2
(
_encryptedPolyHex
,
&
encLen
,
encrDKGPoly
.
data
(),
6100
))
{
throw
SGXException
(
INVALID_HEX
,
"Invalid encryptedPolyHex"
);
throw
SGXException
(
INVALID_HEX
,
"Invalid encryptedPolyHex"
);
}
}
if
(
!
encryptKeys
)
if
(
!
encryptKeys
)
status
=
trustedSetEncryptedDkgPoly
(
eid
,
&
errStatus
,
errMsg1
.
data
(),
encrDKGPoly
.
data
());
status
=
trustedSetEncryptedDkgPoly
(
eid
,
&
errStatus
,
errMsg1
.
data
(),
encrDKGPoly
.
data
());
else
else
...
@@ -194,13 +193,13 @@ string trustedGetSecretShares(const string &_polyName, const char *_encryptedPol
...
@@ -194,13 +193,13 @@ string trustedGetSecretShares(const string &_polyName, const char *_encryptedPol
for
(
int
i
=
0
;
i
<
_n
;
i
++
)
{
for
(
int
i
=
0
;
i
<
_n
;
i
++
)
{
vector
<
uint8_t
>
encryptedSkey
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encryptedSkey
(
BUF_LEN
,
0
);
uint32_t
decLen
;
uint32_t
decLen
;
vector
<
char
>
currentShare
(
193
,
0
);
vector
<
char
>
currentShare
(
193
,
0
);
vector
<
char
>
sShareG2
(
320
,
0
);
vector
<
char
>
sShareG2
(
320
,
0
);
string
pub_keyB
=
_publicKeys
.
at
(
i
);
string
pub_keyB
=
_publicKeys
.
at
(
i
);
vector
<
char
>
pubKeyB
(
129
,
0
);
vector
<
char
>
pubKeyB
(
129
,
0
);
strncpy
(
pubKeyB
.
data
(),
pub_keyB
.
c_str
(),
128
);
strncpy
(
pubKeyB
.
data
(),
pub_keyB
.
c_str
(),
128
);
pubKeyB
.
at
(
128
)
=
0
;
pubKeyB
.
at
(
128
)
=
0
;
...
@@ -210,10 +209,10 @@ string trustedGetSecretShares(const string &_polyName, const char *_encryptedPol
...
@@ -210,10 +209,10 @@ string trustedGetSecretShares(const string &_polyName, const char *_encryptedPol
if
(
!
encryptKeys
)
if
(
!
encryptKeys
)
trustedGetEncryptedSecretShare
(
eid
,
&
errStatus
,
errMsg1
.
data
(),
encryptedSkey
.
data
(),
&
decLen
,
trustedGetEncryptedSecretShare
(
eid
,
&
errStatus
,
errMsg1
.
data
(),
encryptedSkey
.
data
(),
&
decLen
,
currentShare
.
data
(),
sShareG2
.
data
(),
pubKeyB
.
data
(),
_t
,
_n
,
i
+
1
);
currentShare
.
data
(),
sShareG2
.
data
(),
pubKeyB
.
data
(),
_t
,
_n
,
i
+
1
);
else
else
trustedGetEncryptedSecretShare_aes
(
eid
,
&
errStatus
,
errMsg1
.
data
(),
encryptedSkey
.
data
(),
&
decLen
,
trustedGetEncryptedSecretShare_aes
(
eid
,
&
errStatus
,
errMsg1
.
data
(),
encryptedSkey
.
data
(),
&
decLen
,
currentShare
.
data
(),
sShareG2
.
data
(),
pubKeyB
.
data
(),
_t
,
_n
,
i
+
1
);
currentShare
.
data
(),
sShareG2
.
data
(),
pubKeyB
.
data
(),
_t
,
_n
,
i
+
1
);
if
(
errStatus
!=
0
)
{
if
(
errStatus
!=
0
)
{
throw
SGXException
(
-
666
,
errMsg1
.
data
());
throw
SGXException
(
-
666
,
errMsg1
.
data
());
}
}
...
@@ -245,9 +244,8 @@ string trustedGetSecretShares(const string &_polyName, const char *_encryptedPol
...
@@ -245,9 +244,8 @@ string trustedGetSecretShares(const string &_polyName, const char *_encryptedPol
bool
bool
verifyShares
(
const
char
*
publicShares
,
const
char
*
encr_sshare
,
const
char
*
encryptedKeyHex
,
int
t
,
int
n
,
int
ind
)
{
verifyShares
(
const
char
*
publicShares
,
const
char
*
encr_sshare
,
const
char
*
encryptedKeyHex
,
int
t
,
int
n
,
int
ind
)
{
//char* errMsg1 = (char*) calloc(1024,1);
char
errMsg
[
BUF_LEN
];
char
errMsg1
[
BUF_LEN
];
int
errStatus
=
0
;
int
err_status
=
0
;
uint64_t
decKeyLen
;
uint64_t
decKeyLen
;
uint8_t
encr_key
[
BUF_LEN
];
uint8_t
encr_key
[
BUF_LEN
];
...
@@ -265,19 +263,17 @@ verifyShares(const char *publicShares, const char *encr_sshare, const char *encr
...
@@ -265,19 +263,17 @@ verifyShares(const char *publicShares, const char *encr_sshare, const char *encr
if
(
!
encryptKeys
)
if
(
!
encryptKeys
)
trustedDkgVerify
(
eid
,
&
err
_status
,
errMsg1
,
pshares
,
encr_sshare
,
encr_key
,
decKeyLen
,
t
,
ind
,
&
result
);
trustedDkgVerify
(
eid
,
&
err
Status
,
errMsg
,
pshares
,
encr_sshare
,
encr_key
,
decKeyLen
,
t
,
ind
,
&
result
);
else
else
trustedDkgVerify_aes
(
eid
,
&
err
_status
,
errMsg1
,
pshares
,
encr_sshare
,
encr_key
,
decKeyLen
,
t
,
ind
,
&
result
);
trustedDkgVerify_aes
(
eid
,
&
err
Status
,
errMsg
,
pshares
,
encr_sshare
,
encr_key
,
decKeyLen
,
t
,
ind
,
&
result
);
if
(
result
==
2
)
{
if
(
result
==
2
)
{
throw
SGXException
(
INVALID_HEX
,
"Invalid public shares"
);
throw
SGXException
(
INVALID_HEX
,
"Invalid public shares"
);
}
}
spdlog
::
debug
(
"errMsg1: {}"
,
errMsg
1
);
spdlog
::
debug
(
"errMsg1: {}"
,
errMsg
);
spdlog
::
debug
(
"result is: {}"
,
result
);
spdlog
::
debug
(
"result is: {}"
,
result
);
//free(errMsg1);
return
result
;
return
result
;
}
}
...
@@ -286,8 +282,8 @@ bool CreateBLSShare(const string &blsKeyName, const char *s_shares, const char *
...
@@ -286,8 +282,8 @@ bool CreateBLSShare(const string &blsKeyName, const char *s_shares, const char *
spdlog
::
debug
(
"ENTER CreateBLSShare"
);
spdlog
::
debug
(
"ENTER CreateBLSShare"
);
// char* errMsg1 = (char*) calloc(1024,1);
// char* errMsg1 = (char*) calloc(1024,1);
char
errMsg
1
[
BUF_LEN
];
char
errMsg
[
BUF_LEN
];
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
uint64_t
decKeyLen
;
uint64_t
decKeyLen
;
uint8_t
encr_bls_key
[
BUF_LEN
];
uint8_t
encr_bls_key
[
BUF_LEN
];
...
@@ -302,14 +298,14 @@ bool CreateBLSShare(const string &blsKeyName, const char *s_shares, const char *
...
@@ -302,14 +298,14 @@ bool CreateBLSShare(const string &blsKeyName, const char *s_shares, const char *
if
(
!
encryptKeys
)
if
(
!
encryptKeys
)
trustedCreateBlsKey
(
eid
,
&
err
_status
,
errMsg1
,
s_shares
,
encr_key
,
decKeyLen
,
encr_bls_key
,
&
enc_bls_len
);
trustedCreateBlsKey
(
eid
,
&
err
Status
,
errMsg
,
s_shares
,
encr_key
,
decKeyLen
,
encr_bls_key
,
&
enc_bls_len
);
else
else
trustedCreateBlsKey_aes
(
eid
,
&
err
_status
,
errMsg1
,
s_shares
,
encr_key
,
decKeyLen
,
encr_bls_key
,
&
enc_bls_len
);
trustedCreateBlsKey_aes
(
eid
,
&
err
Status
,
errMsg
,
s_shares
,
encr_key
,
decKeyLen
,
encr_bls_key
,
&
enc_bls_len
);
if
(
err
_s
tatus
!=
0
)
{
if
(
err
S
tatus
!=
0
)
{
spdlog
::
error
(
errMsg
1
);
spdlog
::
error
(
errMsg
);
spdlog
::
error
(
"status {}"
,
err
_s
tatus
);
spdlog
::
error
(
"status {}"
,
err
S
tatus
);
throw
SGXException
(
ERROR_IN_ENCLAVE
,
"Create BLS private key failed in enclave"
);
throw
SGXException
(
ERROR_IN_ENCLAVE
,
"Create BLS private key failed in enclave"
);
}
else
{
}
else
{
...
@@ -361,7 +357,7 @@ vector<string> GetBLSPubKey(const char *encryptedKeyHex) {
...
@@ -361,7 +357,7 @@ vector<string> GetBLSPubKey(const char *encryptedKeyHex) {
string
decryptDHKey
(
const
string
&
polyName
,
int
ind
)
{
string
decryptDHKey
(
const
string
&
polyName
,
int
ind
)
{
vector
<
char
>
errMsg1
(
1024
,
0
);
vector
<
char
>
errMsg1
(
1024
,
0
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
string
DH_key_name
=
polyName
+
"_"
+
to_string
(
ind
)
+
":"
;
string
DH_key_name
=
polyName
+
"_"
+
to_string
(
ind
)
+
":"
;
shared_ptr
<
string
>
hexEncrKeyPtr
=
SGXWalletServer
::
readFromDb
(
DH_key_name
,
"DKG_DH_KEY_"
);
shared_ptr
<
string
>
hexEncrKeyPtr
=
SGXWalletServer
::
readFromDb
(
DH_key_name
,
"DKG_DH_KEY_"
);
...
@@ -382,11 +378,11 @@ string decryptDHKey(const string &polyName, int ind) {
...
@@ -382,11 +378,11 @@ string decryptDHKey(const string &polyName, int ind) {
char
DHKey
[
ECDSA_SKEY_LEN
];
char
DHKey
[
ECDSA_SKEY_LEN
];
if
(
!
encryptKeys
)
if
(
!
encryptKeys
)
decrypt_key
(
eid
,
&
err
_s
tatus
,
errMsg1
.
data
(),
encryptedDHKey
,
dhEncLen
,
DHKey
);
decrypt_key
(
eid
,
&
err
S
tatus
,
errMsg1
.
data
(),
encryptedDHKey
,
dhEncLen
,
DHKey
);
else
else
decrypt_key_aes
(
eid
,
&
err
_s
tatus
,
errMsg1
.
data
(),
encryptedDHKey
,
dhEncLen
,
DHKey
);
decrypt_key_aes
(
eid
,
&
err
S
tatus
,
errMsg1
.
data
(),
encryptedDHKey
,
dhEncLen
,
DHKey
);
if
(
err
_s
tatus
!=
0
)
{
if
(
err
S
tatus
!=
0
)
{
throw
SGXException
(
/*ERROR_IN_ENCLAVE*/
err
_s
tatus
,
"decrypt key failed in enclave"
);
throw
SGXException
(
/*ERROR_IN_ENCLAVE*/
err
S
tatus
,
"decrypt key failed in enclave"
);
}
}
return
DHKey
;
return
DHKey
;
...
...
ECDSACrypto.cpp
View file @
4a103ecf
...
@@ -45,18 +45,18 @@ string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) {
...
@@ -45,18 +45,18 @@ string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) {
std
::
vector
<
std
::
string
>
genECDSAKey
()
{
std
::
vector
<
std
::
string
>
genECDSAKey
()
{
char
*
errMsg
=
(
char
*
)
calloc
(
1024
,
1
);
char
*
errMsg
=
(
char
*
)
calloc
(
1024
,
1
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
uint8_t
*
encr_pr_key
=
(
uint8_t
*
)
calloc
(
1024
,
1
);
uint8_t
*
encr_pr_key
=
(
uint8_t
*
)
calloc
(
1024
,
1
);
char
*
pub_key_x
=
(
char
*
)
calloc
(
1024
,
1
);
char
*
pub_key_x
=
(
char
*
)
calloc
(
1024
,
1
);
char
*
pub_key_y
=
(
char
*
)
calloc
(
1024
,
1
);
char
*
pub_key_y
=
(
char
*
)
calloc
(
1024
,
1
);
uint32_t
enc_len
=
0
;
uint32_t
enc_len
=
0
;
if
(
!
encryptKeys
)
if
(
!
encryptKeys
)
status
=
trustedGenerateEcdsaKey
(
eid
,
&
err
_s
tatus
,
errMsg
,
encr_pr_key
,
&
enc_len
,
pub_key_x
,
pub_key_y
);
status
=
trustedGenerateEcdsaKey
(
eid
,
&
err
S
tatus
,
errMsg
,
encr_pr_key
,
&
enc_len
,
pub_key_x
,
pub_key_y
);
else
else
status
=
trustedGenerateEcdsaKey_aes
(
eid
,
&
err
_s
tatus
,
errMsg
,
encr_pr_key
,
&
enc_len
,
pub_key_x
,
pub_key_y
);
status
=
trustedGenerateEcdsaKey_aes
(
eid
,
&
err
S
tatus
,
errMsg
,
encr_pr_key
,
&
enc_len
,
pub_key_x
,
pub_key_y
);
if
(
status
!=
SGX_SUCCESS
||
err
_s
tatus
!=
0
)
{
if
(
status
!=
SGX_SUCCESS
||
err
S
tatus
!=
0
)
{
spdlog
::
error
(
"RPCException thrown with status {}"
,
status
);
spdlog
::
error
(
"RPCException thrown with status {}"
,
status
);
throw
SGXException
(
status
,
errMsg
);
throw
SGXException
(
status
,
errMsg
);
}
}
...
@@ -106,7 +106,7 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
...
@@ -106,7 +106,7 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
vector
<
char
>
pubKeyY
(
BUF_LEN
,
0
);
vector
<
char
>
pubKeyY
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encrPrKey
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encrPrKey
(
BUF_LEN
,
0
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
uint64_t
enc_len
=
0
;
uint64_t
enc_len
=
0
;
if
(
!
hex2carray
(
_encryptedKeyHex
,
&
enc_len
,
encrPrKey
.
data
()))
{
if
(
!
hex2carray
(
_encryptedKeyHex
,
&
enc_len
,
encrPrKey
.
data
()))
{
...
@@ -114,11 +114,11 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
...
@@ -114,11 +114,11 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
}
}
if
(
!
encryptKeys
)
if
(
!
encryptKeys
)
status
=
trustedGetPublicEcdsaKey
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encrPrKey
.
data
(),
enc_len
,
pubKeyX
.
data
(),
status
=
trustedGetPublicEcdsaKey
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrPrKey
.
data
(),
enc_len
,
pubKeyX
.
data
(),
pubKeyY
.
data
());
pubKeyY
.
data
());
else
status
=
trustedGetPublicEcdsaKey_aes
(
eid
,
&
err
_s
tatus
,
else
status
=
trustedGetPublicEcdsaKey_aes
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrPrKey
.
data
(),
enc_len
,
pubKeyX
.
data
(),
pubKeyY
.
data
());
errMsg
.
data
(),
encrPrKey
.
data
(),
enc_len
,
pubKeyX
.
data
(),
pubKeyY
.
data
());
if
(
err
_s
tatus
!=
0
)
{
if
(
err
S
tatus
!=
0
)
{
throw
SGXException
(
-
666
,
errMsg
.
data
());
throw
SGXException
(
-
666
,
errMsg
.
data
());
}
}
string
pubKey
=
string
(
pubKeyX
.
data
())
+
string
(
pubKeyY
.
data
());
//concatPubKeyWith0x(pub_key_x, pub_key_y);//
string
pubKey
=
string
(
pubKeyX
.
data
())
+
string
(
pubKeyY
.
data
());
//concatPubKeyWith0x(pub_key_x, pub_key_y);//
...
@@ -127,7 +127,7 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
...
@@ -127,7 +127,7 @@ std::string getECDSAPubKey(const char *_encryptedKeyHex) {
spdlog
::
debug
(
"pubkey is {}"
,
pubKey
);
spdlog
::
debug
(
"pubkey is {}"
,
pubKey
);
spdlog
::
debug
(
"pubkey length is {}"
,
pubKey
.
length
());
spdlog
::
debug
(
"pubkey length is {}"
,
pubKey
.
length
());
spdlog
::
debug
(
"err str is {}"
,
errMsg
.
data
());
spdlog
::
debug
(
"err str is {}"
,
errMsg
.
data
());
spdlog
::
debug
(
"err status is {}"
,
err
_s
tatus
);
spdlog
::
debug
(
"err status is {}"
,
err
S
tatus
);
return
pubKey
;
return
pubKey
;
...
@@ -137,7 +137,7 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i
...
@@ -137,7 +137,7 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i
vector
<
string
>
signature_vect
(
3
);
vector
<
string
>
signature_vect
(
3
);
char
*
errMsg
=
(
char
*
)
calloc
(
1024
,
1
);
char
*
errMsg
=
(
char
*
)
calloc
(
1024
,
1
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
char
*
signature_r
=
(
char
*
)
calloc
(
1024
,
1
);
char
*
signature_r
=
(
char
*
)
calloc
(
1024
,
1
);
char
*
signature_s
=
(
char
*
)
calloc
(
1024
,
1
);
char
*
signature_s
=
(
char
*
)
calloc
(
1024
,
1
);
uint8_t
signature_v
=
0
;
uint8_t
signature_v
=
0
;
...
@@ -156,12 +156,12 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i
...
@@ -156,12 +156,12 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i
if
(
!
encryptKeys
)
if
(
!
encryptKeys
)
status
=
trustedEcdsaSign
(
eid
,
&
err
_s
tatus
,
errMsg
,
encr_key
,
ECDSA_ENCR_LEN
,
(
unsigned
char
*
)
hashHex
,
signature_r
,
status
=
trustedEcdsaSign
(
eid
,
&
err
S
tatus
,
errMsg
,
encr_key
,
ECDSA_ENCR_LEN
,
(
unsigned
char
*
)
hashHex
,
signature_r
,
signature_s
,
&
signature_v
,
base
);
signature_s
,
&
signature_v
,
base
);
else
else
status
=
trustedEcdsaSignAES
(
eid
,
&
err
_s
tatus
,
errMsg
,
encr_key
,
dec_len
,
(
unsigned
char
*
)
hashHex
,
signature_r
,
status
=
trustedEcdsaSignAES
(
eid
,
&
err
S
tatus
,
errMsg
,
encr_key
,
dec_len
,
(
unsigned
char
*
)
hashHex
,
signature_r
,
signature_s
,
&
signature_v
,
base
);
signature_s
,
&
signature_v
,
base
);
if
(
err
_s
tatus
!=
0
)
{
if
(
err
S
tatus
!=
0
)
{
throw
SGXException
(
-
666
,
errMsg
);
throw
SGXException
(
-
666
,
errMsg
);
}
}
...
...
secure_enclave/BLSEnclave.cpp
View file @
4a103ecf
...
@@ -102,7 +102,7 @@ void init() {
...
@@ -102,7 +102,7 @@ void init() {
libff
::
init_alt_bn128_params
();
libff
::
init_alt_bn128_params
();
}
}
void
checkKey
(
int
*
err
_s
tatus
,
char
*
err_string
,
const
char
*
_keyString
)
{
void
checkKey
(
int
*
err
S
tatus
,
char
*
err_string
,
const
char
*
_keyString
)
{
uint64_t
keyLen
=
strnlen
(
_keyString
,
MAX_KEY_LENGTH
);
uint64_t
keyLen
=
strnlen
(
_keyString
,
MAX_KEY_LENGTH
);
...
@@ -114,7 +114,7 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
...
@@ -114,7 +114,7 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
}
}
*
err
_s
tatus
=
-
2
;
*
err
S
tatus
=
-
2
;
if
(
_keyString
==
nullptr
)
{
if
(
_keyString
==
nullptr
)
{
...
@@ -122,7 +122,7 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
...
@@ -122,7 +122,7 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
return
;
return
;
}
}
*
err
_s
tatus
=
-
3
;
*
err
S
tatus
=
-
3
;
//check that key is padded with 0s
//check that key is padded with 0s
...
@@ -145,7 +145,7 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
...
@@ -145,7 +145,7 @@ void checkKey(int *err_status, char *err_string, const char *_keyString) {
// throw std::exception();
// throw std::exception();
// }
// }
*
err
_s
tatus
=
0
;
*
err
S
tatus
=
0
;
// return;
// return;
}
}
...
...
secure_enclave/BLSEnclave.h
View file @
4a103ecf
...
@@ -34,9 +34,9 @@
...
@@ -34,9 +34,9 @@
//#include <stdint.h>
//#include <stdint.h>
EXTERNC
void
checkKey
(
int
*
err
_s
tatus
,
char
*
err_string
,
const
char
*
_keyString
);
EXTERNC
void
checkKey
(
int
*
err
S
tatus
,
char
*
err_string
,
const
char
*
_keyString
);
EXTERNC
void
check_key
(
int
*
err
_s
tatus
,
char
*
err_string
,
const
char
*
_keyString
);
EXTERNC
void
check_key
(
int
*
err
S
tatus
,
char
*
err_string
,
const
char
*
_keyString
);
...
...
secure_enclave/secure_enclave.c
View file @
4a103ecf
...
@@ -126,7 +126,7 @@ void trustedEMpzDiv(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
...
@@ -126,7 +126,7 @@ void trustedEMpzDiv(mpz_t *c_un, mpz_t *a_un, mpz_t *b_un) {}
void
trustedEMpfDiv
(
mpf_t
*
c_un
,
mpf_t
*
a_un
,
mpf_t
*
b_un
)
{}
void
trustedEMpfDiv
(
mpf_t
*
c_un
,
mpf_t
*
a_un
,
mpf_t
*
b_un
)
{}
void
trustedGenerateEcdsaKey
(
int
*
err
_s
tatus
,
char
*
err_string
,
void
trustedGenerateEcdsaKey
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
,
char
*
pub_key_x
,
char
*
pub_key_y
)
{
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
,
char
*
pub_key_x
,
char
*
pub_key_y
)
{
domain_parameters
curve
=
domain_parameters_init
();
domain_parameters
curve
=
domain_parameters_init
();
...
@@ -189,7 +189,7 @@ void trustedGenerateEcdsaKey(int *err_status, char *err_string,
...
@@ -189,7 +189,7 @@ void trustedGenerateEcdsaKey(int *err_status, char *err_string,
(
sgx_sealed_data_t
*
)
encrypted_key
);
(
sgx_sealed_data_t
*
)
encrypted_key
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"seal ecsdsa private key failed"
);
snprintf
(
err_string
,
BUF_LEN
,
"seal ecsdsa private key failed"
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
...
@@ -201,7 +201,7 @@ void trustedGenerateEcdsaKey(int *err_status, char *err_string,
...
@@ -201,7 +201,7 @@ void trustedGenerateEcdsaKey(int *err_status, char *err_string,
}
}
void
trustedGetPublicEcdsaKey
(
int
*
err
_s
tatus
,
char
*
err_string
,
void
trustedGetPublicEcdsaKey
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
dec_len
,
char
*
pub_key_x
,
char
*
pub_key_y
)
{
uint8_t
*
encrypted_key
,
uint32_t
dec_len
,
char
*
pub_key_x
,
char
*
pub_key_y
)
{
//uint32_t dec_len = 0;
//uint32_t dec_len = 0;
...
@@ -216,7 +216,7 @@ void trustedGetPublicEcdsaKey(int *err_status, char *err_string,
...
@@ -216,7 +216,7 @@ void trustedGetPublicEcdsaKey(int *err_status, char *err_string,
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed with status %d"
,
status
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
...
@@ -227,7 +227,7 @@ void trustedGetPublicEcdsaKey(int *err_status, char *err_string,
...
@@ -227,7 +227,7 @@ void trustedGetPublicEcdsaKey(int *err_status, char *err_string,
// mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
// mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
if
(
mpz_set_str
(
skey_mpz
,
skey
,
ECDSA_SKEY_BASE
)
==
-
1
)
{
if
(
mpz_set_str
(
skey_mpz
,
skey
,
ECDSA_SKEY_BASE
)
==
-
1
)
{
snprintf
(
err_string
,
BUF_LEN
,
"wrong string to init private key"
);
snprintf
(
err_string
,
BUF_LEN
,
"wrong string to init private key"
);
*
err
_s
tatus
=
-
10
;
*
err
S
tatus
=
-
10
;
mpz_clear
(
skey_mpz
);
mpz_clear
(
skey_mpz
);
return
;
return
;
}
}
...
@@ -242,7 +242,7 @@ void trustedGetPublicEcdsaKey(int *err_status, char *err_string,
...
@@ -242,7 +242,7 @@ void trustedGetPublicEcdsaKey(int *err_status, char *err_string,
if
(
!
point_cmp
(
Pkey
,
Pkey_test
))
{
if
(
!
point_cmp
(
Pkey
,
Pkey_test
))
{
snprintf
(
err_string
,
BUF_LEN
,
"Points are not equal"
);
snprintf
(
err_string
,
BUF_LEN
,
"Points are not equal"
);
*
err
_s
tatus
=
-
11
;
*
err
S
tatus
=
-
11
;
return
;
return
;
}
}
...
@@ -273,7 +273,7 @@ void trustedGetPublicEcdsaKey(int *err_status, char *err_string,
...
@@ -273,7 +273,7 @@ void trustedGetPublicEcdsaKey(int *err_status, char *err_string,
point_clear
(
Pkey
);
point_clear
(
Pkey
);
}
}
void
trustedEcdsaSign
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
dec_len
,
void
trustedEcdsaSign
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
dec_len
,
unsigned
char
*
hash
,
char
*
sig_r
,
char
*
sig_s
,
uint8_t
*
sig_v
,
int
base
)
{
unsigned
char
*
hash
,
char
*
sig_r
,
char
*
sig_s
,
uint8_t
*
sig_v
,
int
base
)
{
char
*
arr_m
=
NULL
;
char
*
arr_m
=
NULL
;
...
@@ -298,7 +298,7 @@ void trustedEcdsaSign(int *err_status, char *err_string, uint8_t *encrypted_key,
...
@@ -298,7 +298,7 @@ void trustedEcdsaSign(int *err_status, char *err_string, uint8_t *encrypted_key,
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
secretKey
,
&
dec_len
);
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
secretKey
,
&
dec_len
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed - encrypted_key with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed - encrypted_key with status %d"
,
status
);
goto
clean
;
goto
clean
;
}
}
...
@@ -306,13 +306,13 @@ void trustedEcdsaSign(int *err_status, char *err_string, uint8_t *encrypted_key,
...
@@ -306,13 +306,13 @@ void trustedEcdsaSign(int *err_status, char *err_string, uint8_t *encrypted_key,
//snprintf(err_string, BUF_LEN, "pr key is %s length %d ", skey, strlen(skey));
//snprintf(err_string, BUF_LEN, "pr key is %s length %d ", skey, strlen(skey));
if
(
mpz_set_str
(
skey_mpz
,
secretKey
,
ECDSA_SKEY_BASE
)
==
-
1
)
{
if
(
mpz_set_str
(
skey_mpz
,
secretKey
,
ECDSA_SKEY_BASE
)
==
-
1
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid secret key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid secret key"
);
goto
clean
;
goto
clean
;
}
}
if
(
mpz_set_str
(
msg_mpz
,
hash
,
16
)
==
-
1
)
{
if
(
mpz_set_str
(
msg_mpz
,
hash
,
16
)
==
-
1
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid message hash"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid message hash"
);
goto
clean
;
goto
clean
;
}
}
...
@@ -323,7 +323,7 @@ void trustedEcdsaSign(int *err_status, char *err_string, uint8_t *encrypted_key,
...
@@ -323,7 +323,7 @@ void trustedEcdsaSign(int *err_status, char *err_string, uint8_t *encrypted_key,
signature_extract_public_key
(
publicKey
,
skey_mpz
,
curve
);
signature_extract_public_key
(
publicKey
,
skey_mpz
,
curve
);
if
(
!
signature_verify
(
msg_mpz
,
sign
,
publicKey
,
curve
))
{
if
(
!
signature_verify
(
msg_mpz
,
sign
,
publicKey
,
curve
))
{
*
err
_s
tatus
=
-
2
;
*
err
S
tatus
=
-
2
;
snprintf
(
err_string
,
BUF_LEN
,
"signature is not verified"
);
snprintf
(
err_string
,
BUF_LEN
,
"signature is not verified"
);
goto
clean
;
goto
clean
;
}
}
...
@@ -371,18 +371,18 @@ void trustedEcdsaSign(int *err_status, char *err_string, uint8_t *encrypted_key,
...
@@ -371,18 +371,18 @@ void trustedEcdsaSign(int *err_status, char *err_string, uint8_t *encrypted_key,
}
}
void
encrypt_key
(
int
*
err
_s
tatus
,
char
*
err_string
,
char
*
key
,
void
encrypt_key
(
int
*
err
S
tatus
,
char
*
err_string
,
char
*
key
,
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
)
{
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
)
{
//init();
//init();
*
err
_s
tatus
=
UNKNOWN_ERROR
;
*
err
S
tatus
=
UNKNOWN_ERROR
;
memset
(
err_string
,
0
,
BUF_LEN
);
memset
(
err_string
,
0
,
BUF_LEN
);
checkKey
(
err
_s
tatus
,
err_string
,
key
);
checkKey
(
err
S
tatus
,
err_string
,
key
);
if
(
*
err
_s
tatus
!=
0
)
{
if
(
*
err
S
tatus
!=
0
)
{
snprintf
(
err_string
+
strlen
(
err_string
),
BUF_LEN
,
"check_key failed"
);
snprintf
(
err_string
+
strlen
(
err_string
),
BUF_LEN
,
"check_key failed"
);
return
;
return
;
}
}
...
@@ -391,7 +391,7 @@ void encrypt_key(int *err_status, char *err_string, char *key,
...
@@ -391,7 +391,7 @@ void encrypt_key(int *err_status, char *err_string, char *key,
if
(
sealedLen
>
BUF_LEN
)
{
if
(
sealedLen
>
BUF_LEN
)
{
*
err
_s
tatus
=
ENCRYPTED_KEY_TOO_LONG
;
*
err
S
tatus
=
ENCRYPTED_KEY_TOO_LONG
;
snprintf
(
err_string
,
BUF_LEN
,
"sealedLen > MAX_ENCRYPTED_KEY_LENGTH"
);
snprintf
(
err_string
,
BUF_LEN
,
"sealedLen > MAX_ENCRYPTED_KEY_LENGTH"
);
return
;
return
;
}
}
...
@@ -402,7 +402,7 @@ void encrypt_key(int *err_status, char *err_string, char *key,
...
@@ -402,7 +402,7 @@ void encrypt_key(int *err_status, char *err_string, char *key,
sgx_status_t
status
=
sgx_seal_data
(
0
,
NULL
,
MAX_KEY_LENGTH
,
(
uint8_t
*
)
key
,
sealedLen
,
sgx_status_t
status
=
sgx_seal_data
(
0
,
NULL
,
MAX_KEY_LENGTH
,
(
uint8_t
*
)
key
,
sealedLen
,
(
sgx_sealed_data_t
*
)
encrypted_key
);
(
sgx_sealed_data_t
*
)
encrypted_key
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
SEAL_KEY_FAILED
;
*
err
S
tatus
=
SEAL_KEY_FAILED
;
snprintf
(
err_string
,
BUF_LEN
,
"SGX seal data failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"SGX seal data failed with status %d"
,
status
);
return
;
return
;
}
}
...
@@ -412,9 +412,9 @@ void encrypt_key(int *err_status, char *err_string, char *key,
...
@@ -412,9 +412,9 @@ void encrypt_key(int *err_status, char *err_string, char *key,
char
decryptedKey
[
BUF_LEN
];
char
decryptedKey
[
BUF_LEN
];
memset
(
decryptedKey
,
0
,
BUF_LEN
);
memset
(
decryptedKey
,
0
,
BUF_LEN
);
decrypt_key
(
err
_s
tatus
,
err_string
,
encrypted_key
,
sealedLen
,
decryptedKey
);
decrypt_key
(
err
S
tatus
,
err_string
,
encrypted_key
,
sealedLen
,
decryptedKey
);
if
(
*
err
_s
tatus
!=
0
)
{
if
(
*
err
S
tatus
!=
0
)
{
snprintf
(
err_string
+
strlen
(
err_string
),
BUF_LEN
,
":decrypt_key failed"
);
snprintf
(
err_string
+
strlen
(
err_string
),
BUF_LEN
,
":decrypt_key failed"
);
return
;
return
;
}
}
...
@@ -427,30 +427,30 @@ void encrypt_key(int *err_status, char *err_string, char *key,
...
@@ -427,30 +427,30 @@ void encrypt_key(int *err_status, char *err_string, char *key,
}
}
*
err
_s
tatus
=
-
8
;
*
err
S
tatus
=
-
8
;
if
(
strncmp
(
key
,
decryptedKey
,
MAX_KEY_LENGTH
)
!=
0
)
{
if
(
strncmp
(
key
,
decryptedKey
,
MAX_KEY_LENGTH
)
!=
0
)
{
snprintf
(
err_string
,
BUF_LEN
,
"Decrypted key does not match original key"
);
snprintf
(
err_string
,
BUF_LEN
,
"Decrypted key does not match original key"
);
return
;
return
;
}
}
*
err
_s
tatus
=
0
;
*
err
S
tatus
=
0
;
}
}
void
decrypt_key
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
void
decrypt_key
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
char
*
key
)
{
uint32_t
enc_len
,
char
*
key
)
{
init
();
init
();
uint32_t
decLen
;
uint32_t
decLen
;
*
err
_s
tatus
=
-
9
;
*
err
S
tatus
=
-
9
;
sgx_status_t
status
=
sgx_unseal_data
(
sgx_status_t
status
=
sgx_unseal_data
(
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
(
uint8_t
*
)
key
,
&
decLen
);
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
(
uint8_t
*
)
key
,
&
decLen
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed with status %d"
,
status
);
return
;
return
;
}
}
...
@@ -462,7 +462,7 @@ void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
...
@@ -462,7 +462,7 @@ void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
return
;
return
;
}
}
*
err
_s
tatus
=
-
10
;
*
err
S
tatus
=
-
10
;
uint64_t
keyLen
=
strnlen
(
key
,
MAX_KEY_LENGTH
);
uint64_t
keyLen
=
strnlen
(
key
,
MAX_KEY_LENGTH
);
...
@@ -484,13 +484,13 @@ void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
...
@@ -484,13 +484,13 @@ void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
//strncpy(key, "2f993bb09f16c402a27dae868c02791bca7fcf564f1c9e2ba50b142b843a4b60", BUF_LEN);
//strncpy(key, "2f993bb09f16c402a27dae868c02791bca7fcf564f1c9e2ba50b142b843a4b60", BUF_LEN);
*
err
_s
tatus
=
0
;
*
err
S
tatus
=
0
;
return
;
return
;
}
}
void
trustedBlsSignMessage
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
void
trustedBlsSignMessage
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
char
*
_hashX
,
uint32_t
enc_len
,
char
*
_hashX
,
char
*
_hashY
,
char
*
signature
)
{
char
*
_hashY
,
char
*
signature
)
{
...
@@ -502,9 +502,9 @@ void trustedBlsSignMessage(int *err_status, char *err_string, uint8_t *encrypted
...
@@ -502,9 +502,9 @@ void trustedBlsSignMessage(int *err_status, char *err_string, uint8_t *encrypted
init
();
init
();
decrypt_key
(
err
_s
tatus
,
err_string
,
encrypted_key
,
enc_len
,
key
);
decrypt_key
(
err
S
tatus
,
err_string
,
encrypted_key
,
enc_len
,
key
);
if
(
*
err
_s
tatus
!=
0
)
{
if
(
*
err
S
tatus
!=
0
)
{
strncpy
(
signature
,
err_string
,
BUF_LEN
);
strncpy
(
signature
,
err_string
,
BUF_LEN
);
return
;
return
;
}
}
...
@@ -514,19 +514,19 @@ void trustedBlsSignMessage(int *err_status, char *err_string, uint8_t *encrypted
...
@@ -514,19 +514,19 @@ void trustedBlsSignMessage(int *err_status, char *err_string, uint8_t *encrypted
strncpy
(
signature
,
sig
,
BUF_LEN
);
strncpy
(
signature
,
sig
,
BUF_LEN
);
if
(
strnlen
(
signature
,
BUF_LEN
)
<
10
)
{
if
(
strnlen
(
signature
,
BUF_LEN
)
<
10
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
return
;
return
;
}
}
free
(
sig
);
free
(
sig
);
}
}
void
trustedGenDkgSecret
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
*
enc_len
,
size_t
_t
)
{
void
trustedGenDkgSecret
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
*
enc_len
,
size_t
_t
)
{
char
dkg_secret
[
DKG_BUFER_LENGTH
];
//= (char*)malloc(DKG_BUFER_LENGTH);
char
dkg_secret
[
DKG_BUFER_LENGTH
];
//= (char*)malloc(DKG_BUFER_LENGTH);
if
(
gen_dkg_poly
(
dkg_secret
,
_t
)
!=
0
)
{
if
(
gen_dkg_poly
(
dkg_secret
,
_t
)
!=
0
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
return
;
return
;
}
}
...
@@ -540,7 +540,7 @@ void trustedGenDkgSecret(int *err_status, char *err_string, uint8_t *encrypted_d
...
@@ -540,7 +540,7 @@ void trustedGenDkgSecret(int *err_status, char *err_string, uint8_t *encrypted_d
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"SGX seal data failed"
);
snprintf
(
err_string
,
BUF_LEN
,
"SGX seal data failed"
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
...
@@ -548,7 +548,7 @@ void trustedGenDkgSecret(int *err_status, char *err_string, uint8_t *encrypted_d
...
@@ -548,7 +548,7 @@ void trustedGenDkgSecret(int *err_status, char *err_string, uint8_t *encrypted_d
//free(dkg_secret);
//free(dkg_secret);
}
}
void
trustedDecryptDkgSecret
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint8_t
*
decrypted_dkg_secret
,
void
trustedDecryptDkgSecret
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint8_t
*
decrypted_dkg_secret
,
uint32_t
*
dec_len
)
{
uint32_t
*
dec_len
)
{
//uint32_t dec_size = DKG_BUFER_LENGTH;//sgx_get_encrypt_txt_len( ( sgx_sealed_data_t *)encrypted_dkg_secret);
//uint32_t dec_size = DKG_BUFER_LENGTH;//sgx_get_encrypt_txt_len( ( sgx_sealed_data_t *)encrypted_dkg_secret);
...
@@ -558,14 +558,14 @@ void trustedDecryptDkgSecret(int *err_status, char *err_string, uint8_t *encrypt
...
@@ -558,14 +558,14 @@ void trustedDecryptDkgSecret(int *err_status, char *err_string, uint8_t *encrypt
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data - encrypted_dkg_secret failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data - encrypted_dkg_secret failed with status %d"
,
status
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
*
dec_len
=
decr_len
;
*
dec_len
=
decr_len
;
}
}
void
trustedGetSecretShares
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
*
dec_len
,
void
trustedGetSecretShares
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
*
dec_len
,
char
*
secret_shares
,
char
*
secret_shares
,
unsigned
_t
,
unsigned
_n
)
{
unsigned
_t
,
unsigned
_n
)
{
...
@@ -574,12 +574,12 @@ void trustedGetSecretShares(int *err_status, char *err_string, uint8_t *encrypte
...
@@ -574,12 +574,12 @@ void trustedGetSecretShares(int *err_status, char *err_string, uint8_t *encrypte
//char decrypted_dkg_secret[DKG_MAX_SEALED_LEN];
//char decrypted_dkg_secret[DKG_MAX_SEALED_LEN];
uint32_t
decr_len
;
uint32_t
decr_len
;
//uint32_t* decr_len_test = (char*)malloc(1);
//uint32_t* decr_len_test = (char*)malloc(1);
trustedDecryptDkgSecret
(
err
_s
tatus
,
err_string
,
encrypted_dkg_secret
,
(
uint8_t
*
)
decrypted_dkg_secret
,
&
decr_len
);
trustedDecryptDkgSecret
(
err
S
tatus
,
err_string
,
encrypted_dkg_secret
,
(
uint8_t
*
)
decrypted_dkg_secret
,
&
decr_len
);
//sgx_status_t status = sgx_unseal_data(
//sgx_status_t status = sgx_unseal_data(
// (const sgx_sealed_data_t *)encrypted_dkg_secret, NULL, 0, (uint8_t*)decrypted_dkg_secret, &decr_len);
// (const sgx_sealed_data_t *)encrypted_dkg_secret, NULL, 0, (uint8_t*)decrypted_dkg_secret, &decr_len);
if
(
*
err
_s
tatus
!=
0
)
{
if
(
*
err
S
tatus
!=
0
)
{
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data - encrypted_dkg_secret failed with status %d"
,
*
err
_s
tatus
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data - encrypted_dkg_secret failed with status %d"
,
*
err
S
tatus
);
return
;
return
;
}
}
...
@@ -590,22 +590,22 @@ void trustedGetSecretShares(int *err_status, char *err_string, uint8_t *encrypte
...
@@ -590,22 +590,22 @@ void trustedGetSecretShares(int *err_status, char *err_string, uint8_t *encrypte
//free(decrypted_dkg_secret);
//free(decrypted_dkg_secret);
}
}
void
trustedGetPublicShares
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
enc_len
,
void
trustedGetPublicShares
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
enc_len
,
char
*
public_shares
,
char
*
public_shares
,
unsigned
_t
,
unsigned
_n
)
{
unsigned
_t
,
unsigned
_n
)
{
//char decrypted_dkg_secret[DKG_MAX_SEALED_LEN * 2]; //= (char*)malloc(DKG_MAX_SEALED_LEN);
//char decrypted_dkg_secret[DKG_MAX_SEALED_LEN * 2]; //= (char*)malloc(DKG_MAX_SEALED_LEN);
char
*
decrypted_dkg_secret
=
(
char
*
)
malloc
(
DKG_MAX_SEALED_LEN
);
char
*
decrypted_dkg_secret
=
(
char
*
)
malloc
(
DKG_MAX_SEALED_LEN
);
uint32_t
decr_len
;
uint32_t
decr_len
;
trustedDecryptDkgSecret
(
err
_s
tatus
,
err_string
,
(
uint8_t
*
)
encrypted_dkg_secret
,
decrypted_dkg_secret
,
&
decr_len
);
trustedDecryptDkgSecret
(
err
S
tatus
,
err_string
,
(
uint8_t
*
)
encrypted_dkg_secret
,
decrypted_dkg_secret
,
&
decr_len
);
if
(
*
err
_s
tatus
!=
0
)
{
if
(
*
err
S
tatus
!=
0
)
{
snprintf
(
err_string
,
BUF_LEN
,
"trustedDecryptDkgSecret failed with status %d"
,
*
err
_s
tatus
);
snprintf
(
err_string
,
BUF_LEN
,
"trustedDecryptDkgSecret failed with status %d"
,
*
err
S
tatus
);
return
;
return
;
}
}
//strncpy(err_string, decrypted_dkg_secret, 1024);
//strncpy(err_string, decrypted_dkg_secret, 1024);
// strncpy(err_string, "before calc_public_shares ", 1024);
// strncpy(err_string, "before calc_public_shares ", 1024);
if
(
calc_public_shares
(
decrypted_dkg_secret
,
public_shares
,
_t
)
!=
0
)
{
if
(
calc_public_shares
(
decrypted_dkg_secret
,
public_shares
,
_t
)
!=
0
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"t does not match polynomial in db"
);
snprintf
(
err_string
,
BUF_LEN
,
"t does not match polynomial in db"
);
return
;
return
;
}
}
...
@@ -613,21 +613,21 @@ void trustedGetPublicShares(int *err_status, char *err_string, uint8_t *encrypte
...
@@ -613,21 +613,21 @@ void trustedGetPublicShares(int *err_status, char *err_string, uint8_t *encrypte
}
}
void
trustedSetEncryptedDkgPoly
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_poly
)
{
void
trustedSetEncryptedDkgPoly
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_poly
)
{
memset
(
decryptedDkgPoly
,
0
,
DKG_BUFER_LENGTH
);
memset
(
decryptedDkgPoly
,
0
,
DKG_BUFER_LENGTH
);
uint32_t
decr_len
;
uint32_t
decr_len
;
sgx_status_t
status
=
sgx_unseal_data
(
sgx_status_t
status
=
sgx_unseal_data
(
(
const
sgx_sealed_data_t
*
)
encrypted_poly
,
NULL
,
0
,
decryptedDkgPoly
,
&
decr_len
);
(
const
sgx_sealed_data_t
*
)
encrypted_poly
,
NULL
,
0
,
decryptedDkgPoly
,
&
decr_len
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data - encrypted_poly failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data - encrypted_poly failed with status %d"
,
status
);
return
;
return
;
}
}
}
}
void
trustedGetEncryptedSecretShare
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_skey
,
uint32_t
*
dec_len
,
void
trustedGetEncryptedSecretShare
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_skey
,
uint32_t
*
dec_len
,
char
*
result_str
,
char
*
s_shareG2
,
char
*
pub_keyB
,
uint8_t
_t
,
uint8_t
_n
,
uint8_t
ind
)
{
char
*
result_str
,
char
*
s_shareG2
,
char
*
pub_keyB
,
uint8_t
_t
,
uint8_t
_n
,
uint8_t
ind
)
{
char
skey
[
ECDSA_SKEY_LEN
];
char
skey
[
ECDSA_SKEY_LEN
];
...
@@ -640,8 +640,8 @@ void trustedGetEncryptedSecretShare(int *err_status, char *err_string, uint8_t *
...
@@ -640,8 +640,8 @@ void trustedGetEncryptedSecretShare(int *err_status, char *err_string, uint8_t *
uint32_t
enc_len
;
uint32_t
enc_len
;
trustedGenerateEcdsaKey
(
err
_s
tatus
,
err_string
,
encrypted_skey
,
&
enc_len
,
pub_key_x
,
pub_key_y
);
trustedGenerateEcdsaKey
(
err
S
tatus
,
err_string
,
encrypted_skey
,
&
enc_len
,
pub_key_x
,
pub_key_y
);
if
(
*
err
_s
tatus
!=
0
)
{
if
(
*
err
S
tatus
!=
0
)
{
return
;
return
;
}
}
// snprintf(err_string, BUF_LEN,"pub_key_x is %s", pub_key_x);
// snprintf(err_string, BUF_LEN,"pub_key_x is %s", pub_key_x);
...
@@ -653,7 +653,7 @@ void trustedGetEncryptedSecretShare(int *err_status, char *err_string, uint8_t *
...
@@ -653,7 +653,7 @@ void trustedGetEncryptedSecretShare(int *err_status, char *err_string, uint8_t *
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed - encrypted_skey with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed - encrypted_skey with status %d"
,
status
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
snprintf
(
err_string
,
BUF_LEN
,
"unsealed random skey is %s
\n
"
,
skey
);
snprintf
(
err_string
,
BUF_LEN
,
"unsealed random skey is %s
\n
"
,
skey
);
...
@@ -667,14 +667,14 @@ void trustedGetEncryptedSecretShare(int *err_status, char *err_string, uint8_t *
...
@@ -667,14 +667,14 @@ void trustedGetEncryptedSecretShare(int *err_status, char *err_string, uint8_t *
//char s_share[65];
//char s_share[65];
if
(
calc_secret_share
(
decryptedDkgPoly
,
s_share
,
_t
,
_n
,
ind
)
!=
0
)
{
if
(
calc_secret_share
(
decryptedDkgPoly
,
s_share
,
_t
,
_n
,
ind
)
!=
0
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"
\n
t does not match poly degree
\n
"
);
snprintf
(
err_string
,
BUF_LEN
,
"
\n
t does not match poly degree
\n
"
);
return
;
return
;
}
}
snprintf
(
err_string
+
88
,
BUF_LEN
,
"
\n
secret share is %s"
,
s_share
);
snprintf
(
err_string
+
88
,
BUF_LEN
,
"
\n
secret share is %s"
,
s_share
);
if
(
calc_secret_shareG2
(
s_share
,
s_shareG2
)
!=
0
)
{
if
(
calc_secret_shareG2
(
s_share
,
s_shareG2
)
!=
0
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid decr secret share
\n
"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid decr secret share
\n
"
);
return
;
return
;
}
}
...
@@ -682,7 +682,7 @@ void trustedGetEncryptedSecretShare(int *err_status, char *err_string, uint8_t *
...
@@ -682,7 +682,7 @@ void trustedGetEncryptedSecretShare(int *err_status, char *err_string, uint8_t *
char
*
cypher
[
ECDSA_SKEY_LEN
];
//= (char *)malloc(65);
char
*
cypher
[
ECDSA_SKEY_LEN
];
//= (char *)malloc(65);
xor_encrypt
(
common_key
,
s_share
,
cypher
);
xor_encrypt
(
common_key
,
s_share
,
cypher
);
if
(
cypher
==
NULL
)
{
if
(
cypher
==
NULL
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
return
;
return
;
}
}
...
@@ -703,7 +703,7 @@ void trustedGetEncryptedSecretShare(int *err_status, char *err_string, uint8_t *
...
@@ -703,7 +703,7 @@ void trustedGetEncryptedSecretShare(int *err_status, char *err_string, uint8_t *
//free(cypher);
//free(cypher);
}
}
void
trustedComplaintResponse
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encryptedDHKey
,
uint8_t
*
encrypted_dkg_secret
,
void
trustedComplaintResponse
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encryptedDHKey
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
*
dec_len
,
uint32_t
*
dec_len
,
char
*
DH_key
,
char
*
s_shareG2
,
uint8_t
_t
,
uint8_t
_n
,
uint8_t
ind1
)
{
char
*
DH_key
,
char
*
s_shareG2
,
uint8_t
_t
,
uint8_t
_n
,
uint8_t
ind1
)
{
...
@@ -718,9 +718,9 @@ void trustedComplaintResponse(int *err_status, char *err_string, uint8_t *encryp
...
@@ -718,9 +718,9 @@ void trustedComplaintResponse(int *err_status, char *err_string, uint8_t *encryp
char
decrypted_dkg_secret
[
DKG_BUFER_LENGTH
];
//= (char*)malloc(DKG_BUFER_LENGTH);
char
decrypted_dkg_secret
[
DKG_BUFER_LENGTH
];
//= (char*)malloc(DKG_BUFER_LENGTH);
uint32_t
decr_len
;
uint32_t
decr_len
;
trustedDecryptDkgSecret
(
err
_s
tatus
,
err_string
,
encrypted_dkg_secret
,
(
uint8_t
*
)
decrypted_dkg_secret
,
&
decr_len
);
trustedDecryptDkgSecret
(
err
S
tatus
,
err_string
,
encrypted_dkg_secret
,
(
uint8_t
*
)
decrypted_dkg_secret
,
&
decr_len
);
if
(
*
err
_s
tatus
!=
0
)
{
if
(
*
err
S
tatus
!=
0
)
{
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data - encrypted_dkg_secret failed with status %d"
,
*
err
_s
tatus
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data - encrypted_dkg_secret failed with status %d"
,
*
err
S
tatus
);
return
;
return
;
}
}
...
@@ -733,7 +733,7 @@ void trustedComplaintResponse(int *err_status, char *err_string, uint8_t *encryp
...
@@ -733,7 +733,7 @@ void trustedComplaintResponse(int *err_status, char *err_string, uint8_t *encryp
// free(decrypted_dkg_secret);
// free(decrypted_dkg_secret);
}
}
void
trustedDkgVerify
(
int
*
err
_s
tatus
,
char
*
err_string
,
const
char
*
public_shares
,
const
char
*
s_share
,
void
trustedDkgVerify
(
int
*
err
S
tatus
,
char
*
err_string
,
const
char
*
public_shares
,
const
char
*
s_share
,
uint8_t
*
encrypted_key
,
uint64_t
key_len
,
unsigned
_t
,
int
_ind
,
int
*
result
)
{
uint8_t
*
encrypted_key
,
uint64_t
key_len
,
unsigned
_t
,
int
_ind
,
int
*
result
)
{
//uint32_t dec_len = 625;
//uint32_t dec_len = 625;
...
@@ -741,7 +741,7 @@ void trustedDkgVerify(int *err_status, char *err_string, const char *public_shar
...
@@ -741,7 +741,7 @@ void trustedDkgVerify(int *err_status, char *err_string, const char *public_shar
sgx_status_t
status
=
sgx_unseal_data
(
sgx_status_t
status
=
sgx_unseal_data
(
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
(
uint8_t
*
)
skey
,
&
key_len
);
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
(
uint8_t
*
)
skey
,
&
key_len
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_key failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_key failed with status %d"
,
status
);
return
;
return
;
}
}
...
@@ -755,14 +755,14 @@ void trustedDkgVerify(int *err_status, char *err_string, const char *public_shar
...
@@ -755,14 +755,14 @@ void trustedDkgVerify(int *err_status, char *err_string, const char *public_shar
session_key_recover
(
skey
,
s_share
,
common_key
);
session_key_recover
(
skey
,
s_share
,
common_key
);
common_key
[
ECDSA_SKEY_LEN
-
1
]
=
0
;
common_key
[
ECDSA_SKEY_LEN
-
1
]
=
0
;
if
(
common_key
==
NULL
)
{
if
(
common_key
==
NULL
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
return
;
return
;
}
}
xor_decrypt
(
common_key
,
encr_sshare
,
decr_sshare
);
xor_decrypt
(
common_key
,
encr_sshare
,
decr_sshare
);
if
(
decr_sshare
==
NULL
)
{
if
(
decr_sshare
==
NULL
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
return
;
return
;
}
}
...
@@ -779,7 +779,7 @@ void trustedDkgVerify(int *err_status, char *err_string, const char *public_shar
...
@@ -779,7 +779,7 @@ void trustedDkgVerify(int *err_status, char *err_string, const char *public_shar
mpz_t
s
;
mpz_t
s
;
mpz_init
(
s
);
mpz_init
(
s
);
if
(
mpz_set_str
(
s
,
decr_sshare
,
16
)
==
-
1
)
{
if
(
mpz_set_str
(
s
,
decr_sshare
,
16
)
==
-
1
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid decr secret share"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid decr secret share"
);
mpz_clear
(
s
);
mpz_clear
(
s
);
return
;
return
;
...
@@ -791,14 +791,14 @@ void trustedDkgVerify(int *err_status, char *err_string, const char *public_shar
...
@@ -791,14 +791,14 @@ void trustedDkgVerify(int *err_status, char *err_string, const char *public_shar
}
}
void
trustedCreateBlsKey
(
int
*
err
_s
tatus
,
char
*
err_string
,
const
char
*
s_shares
,
void
trustedCreateBlsKey
(
int
*
err
S
tatus
,
char
*
err_string
,
const
char
*
s_shares
,
uint8_t
*
encrypted_key
,
uint64_t
key_len
,
uint8_t
*
encr_bls_key
,
uint32_t
*
enc_bls_key_len
)
{
uint8_t
*
encrypted_key
,
uint64_t
key_len
,
uint8_t
*
encr_bls_key
,
uint32_t
*
enc_bls_key_len
)
{
char
skey
[
ECDSA_SKEY_LEN
];
char
skey
[
ECDSA_SKEY_LEN
];
sgx_status_t
status
=
sgx_unseal_data
(
sgx_status_t
status
=
sgx_unseal_data
(
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
(
uint8_t
*
)
skey
,
&
key_len
);
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
(
uint8_t
*
)
skey
,
&
key_len
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_key failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_key failed with status %d"
,
status
);
return
;
return
;
}
}
...
@@ -827,7 +827,7 @@ void trustedCreateBlsKey(int *err_status, char *err_string, const char *s_shares
...
@@ -827,7 +827,7 @@ void trustedCreateBlsKey(int *err_status, char *err_string, const char *s_shares
common_key
[
64
]
=
0
;
common_key
[
64
]
=
0
;
if
(
common_key
==
NULL
)
{
if
(
common_key
==
NULL
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
mpz_clear
(
sum
);
mpz_clear
(
sum
);
return
;
return
;
...
@@ -840,7 +840,7 @@ void trustedCreateBlsKey(int *err_status, char *err_string, const char *s_shares
...
@@ -840,7 +840,7 @@ void trustedCreateBlsKey(int *err_status, char *err_string, const char *s_shares
char
decr_sshare
[
65
];
char
decr_sshare
[
65
];
xor_decrypt
(
common_key
,
encr_sshare
,
decr_sshare
);
xor_decrypt
(
common_key
,
encr_sshare
,
decr_sshare
);
if
(
decr_sshare
==
NULL
)
{
if
(
decr_sshare
==
NULL
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
mpz_clear
(
sum
);
mpz_clear
(
sum
);
return
;
return
;
...
@@ -854,7 +854,7 @@ void trustedCreateBlsKey(int *err_status, char *err_string, const char *s_shares
...
@@ -854,7 +854,7 @@ void trustedCreateBlsKey(int *err_status, char *err_string, const char *s_shares
mpz_t
decr_secret_share
;
mpz_t
decr_secret_share
;
mpz_init
(
decr_secret_share
);
mpz_init
(
decr_secret_share
);
if
(
mpz_set_str
(
decr_secret_share
,
decr_sshare
,
16
)
==
-
1
)
{
if
(
mpz_set_str
(
decr_secret_share
,
decr_sshare
,
16
)
==
-
1
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid decrypted secret share"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid decrypted secret share"
);
mpz_clear
(
decr_secret_share
);
mpz_clear
(
decr_secret_share
);
return
;
return
;
...
@@ -882,7 +882,7 @@ void trustedCreateBlsKey(int *err_status, char *err_string, const char *s_shares
...
@@ -882,7 +882,7 @@ void trustedCreateBlsKey(int *err_status, char *err_string, const char *s_shares
status
=
sgx_seal_data
(
0
,
NULL
,
ECDSA_SKEY_LEN
,
(
uint8_t
*
)
key_share
,
sealedLen
,
status
=
sgx_seal_data
(
0
,
NULL
,
ECDSA_SKEY_LEN
,
(
uint8_t
*
)
key_share
,
sealedLen
,
(
sgx_sealed_data_t
*
)
encr_bls_key
);
(
sgx_sealed_data_t
*
)
encr_bls_key
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"seal bls private key failed with status %d "
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"seal bls private key failed with status %d "
,
status
);
mpz_clear
(
bls_key
);
mpz_clear
(
bls_key
);
mpz_clear
(
sum
);
mpz_clear
(
sum
);
...
@@ -905,7 +905,7 @@ void trustedCreateBlsKey(int *err_status, char *err_string, const char *s_shares
...
@@ -905,7 +905,7 @@ void trustedCreateBlsKey(int *err_status, char *err_string, const char *s_shares
mpz_clear
(
q
);
mpz_clear
(
q
);
}
}
void
trustedGetBlsPubKey
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint64_t
key_len
,
char
*
bls_pub_key
)
{
void
trustedGetBlsPubKey
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint64_t
key_len
,
char
*
bls_pub_key
)
{
char
skey_hex
[
ECDSA_SKEY_LEN
];
char
skey_hex
[
ECDSA_SKEY_LEN
];
...
@@ -914,19 +914,19 @@ void trustedGetBlsPubKey(int *err_status, char *err_string, uint8_t *encrypted_k
...
@@ -914,19 +914,19 @@ void trustedGetBlsPubKey(int *err_status, char *err_string, uint8_t *encrypted_k
sgx_status_t
status
=
sgx_unseal_data
(
sgx_status_t
status
=
sgx_unseal_data
(
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
(
uint8_t
*
)
skey_hex
,
&
len
);
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
(
uint8_t
*
)
skey_hex
,
&
len
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed with status %d"
,
status
);
return
;
return
;
}
}
if
(
calc_bls_public_key
(
skey_hex
,
bls_pub_key
)
!=
0
)
{
if
(
calc_bls_public_key
(
skey_hex
,
bls_pub_key
)
!=
0
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"could not calculate bls public key"
);
snprintf
(
err_string
,
BUF_LEN
,
"could not calculate bls public key"
);
return
;
return
;
}
}
}
}
void
trustedGenerateSEK
(
int
*
err
_s
tatus
,
char
*
err_string
,
void
trustedGenerateSEK
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_SEK
,
uint32_t
*
enc_len
,
char
*
SEK_hex
)
{
uint8_t
*
encrypted_SEK
,
uint32_t
*
enc_len
,
char
*
SEK_hex
)
{
uint8_t
SEK_raw
[
SGX_AESGCM_KEY_SIZE
];
uint8_t
SEK_raw
[
SGX_AESGCM_KEY_SIZE
];
//unsigned char* rand_char = (unsigned char*)malloc(16);
//unsigned char* rand_char = (unsigned char*)malloc(16);
...
@@ -946,7 +946,7 @@ void trustedGenerateSEK(int *err_status, char *err_string,
...
@@ -946,7 +946,7 @@ void trustedGenerateSEK(int *err_status, char *err_string,
(
sgx_sealed_data_t
*
)
encrypted_SEK
);
(
sgx_sealed_data_t
*
)
encrypted_SEK
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"seal SEK failed"
);
snprintf
(
err_string
,
BUF_LEN
,
"seal SEK failed"
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
...
@@ -956,7 +956,7 @@ void trustedGenerateSEK(int *err_status, char *err_string,
...
@@ -956,7 +956,7 @@ void trustedGenerateSEK(int *err_status, char *err_string,
//free(rand_char);
//free(rand_char);
}
}
void
trustedSetSEK
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_SEK
,
uint64_t
encr_len
)
{
void
trustedSetSEK
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_SEK
,
uint64_t
encr_len
)
{
//memset(AES_key, 0, SGX_AESGCM_KEY_SIZE);
//memset(AES_key, 0, SGX_AESGCM_KEY_SIZE);
...
@@ -966,7 +966,7 @@ void trustedSetSEK(int *err_status, char *err_string, uint8_t *encrypted_SEK, ui
...
@@ -966,7 +966,7 @@ void trustedSetSEK(int *err_status, char *err_string, uint8_t *encrypted_SEK, ui
sgx_status_t
status
=
sgx_unseal_data
(
sgx_status_t
status
=
sgx_unseal_data
(
(
const
sgx_sealed_data_t
*
)
encrypted_SEK
,
NULL
,
0
,
aes_key_hex
,
&
encr_len
);
(
const
sgx_sealed_data_t
*
)
encrypted_SEK
,
NULL
,
0
,
aes_key_hex
,
&
encr_len
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
snprintf
(
err_string
,
BUF_LEN
,
"sgx unseal SEK failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx unseal SEK failed with status %d"
,
status
);
return
;
return
;
}
}
...
@@ -976,7 +976,7 @@ void trustedSetSEK(int *err_status, char *err_string, uint8_t *encrypted_SEK, ui
...
@@ -976,7 +976,7 @@ void trustedSetSEK(int *err_status, char *err_string, uint8_t *encrypted_SEK, ui
}
}
void
trustedSetSEK_backup
(
int
*
err
_s
tatus
,
char
*
err_string
,
void
trustedSetSEK_backup
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_SEK
,
uint32_t
*
enc_len
,
const
char
*
SEK_hex
)
{
uint8_t
*
encrypted_SEK
,
uint32_t
*
enc_len
,
const
char
*
SEK_hex
)
{
uint64_t
len
;
uint64_t
len
;
...
@@ -988,7 +988,7 @@ void trustedSetSEK_backup(int *err_status, char *err_string,
...
@@ -988,7 +988,7 @@ void trustedSetSEK_backup(int *err_status, char *err_string,
(
sgx_sealed_data_t
*
)
encrypted_SEK
);
(
sgx_sealed_data_t
*
)
encrypted_SEK
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"seal SEK failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"seal SEK failed with status %d"
,
status
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
...
@@ -997,7 +997,7 @@ void trustedSetSEK_backup(int *err_status, char *err_string,
...
@@ -997,7 +997,7 @@ void trustedSetSEK_backup(int *err_status, char *err_string,
*
enc_len
=
sealedLen
;
*
enc_len
=
sealedLen
;
}
}
void
trustedGenerateEcdsaKey_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
void
trustedGenerateEcdsaKey_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
,
char
*
pub_key_x
,
char
*
pub_key_y
)
{
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
,
char
*
pub_key_x
,
char
*
pub_key_y
)
{
domain_parameters
curve
=
domain_parameters_init
();
domain_parameters
curve
=
domain_parameters_init
();
...
@@ -1051,7 +1051,7 @@ void trustedGenerateEcdsaKey_aes(int *err_status, char *err_string,
...
@@ -1051,7 +1051,7 @@ void trustedGenerateEcdsaKey_aes(int *err_status, char *err_string,
if
(
stat
!=
0
)
{
if
(
stat
!=
0
)
{
snprintf
(
err_string
,
BUF_LEN
,
"ecdsa private key encryption failed"
);
snprintf
(
err_string
,
BUF_LEN
,
"ecdsa private key encryption failed"
);
*
err
_s
tatus
=
stat
;
*
err
S
tatus
=
stat
;
return
;
return
;
}
}
...
@@ -1060,7 +1060,7 @@ void trustedGenerateEcdsaKey_aes(int *err_status, char *err_string,
...
@@ -1060,7 +1060,7 @@ void trustedGenerateEcdsaKey_aes(int *err_status, char *err_string,
stat
=
AES_decrypt
(
encrypted_key
,
*
enc_len
,
skey_str
);
stat
=
AES_decrypt
(
encrypted_key
,
*
enc_len
,
skey_str
);
if
(
stat
!=
0
)
{
if
(
stat
!=
0
)
{
snprintf
(
err_string
+
19
+
strlen
(
skey_str
),
BUF_LEN
,
"ecdsa private key decr failed with status %d"
,
stat
);
snprintf
(
err_string
+
19
+
strlen
(
skey_str
),
BUF_LEN
,
"ecdsa private key decr failed with status %d"
,
stat
);
//*err
_s
tatus = stat;
//*err
S
tatus = stat;
return
;
return
;
}
}
...
@@ -1069,7 +1069,7 @@ void trustedGenerateEcdsaKey_aes(int *err_status, char *err_string,
...
@@ -1069,7 +1069,7 @@ void trustedGenerateEcdsaKey_aes(int *err_status, char *err_string,
point_clear
(
Pkey
);
point_clear
(
Pkey
);
}
}
void
trustedGetPublicEcdsaKey_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
void
trustedGetPublicEcdsaKey_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
char
*
pub_key_x
,
char
*
pub_key_y
)
{
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
char
*
pub_key_x
,
char
*
pub_key_y
)
{
domain_parameters
curve
=
domain_parameters_init
();
domain_parameters
curve
=
domain_parameters_init
();
...
@@ -1081,7 +1081,7 @@ void trustedGetPublicEcdsaKey_aes(int *err_status, char *err_string,
...
@@ -1081,7 +1081,7 @@ void trustedGetPublicEcdsaKey_aes(int *err_status, char *err_string,
if
(
status
!=
0
)
{
if
(
status
!=
0
)
{
snprintf
(
err_string
,
BUF_LEN
,
"AES_decrypt failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"AES_decrypt failed with status %d"
,
status
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
...
@@ -1094,7 +1094,7 @@ void trustedGetPublicEcdsaKey_aes(int *err_status, char *err_string,
...
@@ -1094,7 +1094,7 @@ void trustedGetPublicEcdsaKey_aes(int *err_status, char *err_string,
// mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
// mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
if
(
mpz_set_str
(
skey_mpz
,
skey
,
ECDSA_SKEY_BASE
)
==
-
1
)
{
if
(
mpz_set_str
(
skey_mpz
,
skey
,
ECDSA_SKEY_BASE
)
==
-
1
)
{
snprintf
(
err_string
,
BUF_LEN
,
"wrong string to init private key - %s"
,
skey
);
snprintf
(
err_string
,
BUF_LEN
,
"wrong string to init private key - %s"
,
skey
);
*
err
_s
tatus
=
-
10
;
*
err
S
tatus
=
-
10
;
mpz_clear
(
skey_mpz
);
mpz_clear
(
skey_mpz
);
return
;
return
;
}
}
...
@@ -1109,7 +1109,7 @@ void trustedGetPublicEcdsaKey_aes(int *err_status, char *err_string,
...
@@ -1109,7 +1109,7 @@ void trustedGetPublicEcdsaKey_aes(int *err_status, char *err_string,
if
(
!
point_cmp
(
Pkey
,
Pkey_test
))
{
if
(
!
point_cmp
(
Pkey
,
Pkey_test
))
{
snprintf
(
err_string
,
BUF_LEN
,
"Points are not equal"
);
snprintf
(
err_string
,
BUF_LEN
,
"Points are not equal"
);
*
err
_s
tatus
=
-
11
;
*
err
S
tatus
=
-
11
;
return
;
return
;
}
}
...
@@ -1140,7 +1140,7 @@ void trustedGetPublicEcdsaKey_aes(int *err_status, char *err_string,
...
@@ -1140,7 +1140,7 @@ void trustedGetPublicEcdsaKey_aes(int *err_status, char *err_string,
point_clear
(
Pkey
);
point_clear
(
Pkey
);
}
}
void
trustedEcdsaSignAES
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
void
trustedEcdsaSignAES
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
unsigned
char
*
hash
,
char
*
sig_r
,
char
*
sig_s
,
uint8_t
*
sig_v
,
int
base
)
{
unsigned
char
*
hash
,
char
*
sig_r
,
char
*
sig_s
,
uint8_t
*
sig_v
,
int
base
)
{
domain_parameters
curve
=
domain_parameters_init
();
domain_parameters
curve
=
domain_parameters_init
();
...
@@ -1151,7 +1151,7 @@ void trustedEcdsaSignAES(int *err_status, char *err_string, uint8_t *encrypted_k
...
@@ -1151,7 +1151,7 @@ void trustedEcdsaSignAES(int *err_status, char *err_string, uint8_t *encrypted_k
int
status
=
AES_decrypt
(
encrypted_key
,
enc_len
,
skey
);
int
status
=
AES_decrypt
(
encrypted_key
,
enc_len
,
skey
);
if
(
status
!=
0
)
{
if
(
status
!=
0
)
{
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt failed with status %d"
,
status
);
return
;
return
;
}
}
...
@@ -1162,7 +1162,7 @@ void trustedEcdsaSignAES(int *err_status, char *err_string, uint8_t *encrypted_k
...
@@ -1162,7 +1162,7 @@ void trustedEcdsaSignAES(int *err_status, char *err_string, uint8_t *encrypted_k
mpz_t
skey_mpz
;
mpz_t
skey_mpz
;
mpz_init
(
skey_mpz
);
mpz_init
(
skey_mpz
);
if
(
mpz_set_str
(
skey_mpz
,
skey
,
ECDSA_SKEY_BASE
)
==
-
1
)
{
if
(
mpz_set_str
(
skey_mpz
,
skey
,
ECDSA_SKEY_BASE
)
==
-
1
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid secret key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid secret key"
);
mpz_clear
(
skey_mpz
);
mpz_clear
(
skey_mpz
);
return
;
return
;
...
@@ -1172,7 +1172,7 @@ void trustedEcdsaSignAES(int *err_status, char *err_string, uint8_t *encrypted_k
...
@@ -1172,7 +1172,7 @@ void trustedEcdsaSignAES(int *err_status, char *err_string, uint8_t *encrypted_k
mpz_t
msg_mpz
;
mpz_t
msg_mpz
;
mpz_init
(
msg_mpz
);
mpz_init
(
msg_mpz
);
if
(
mpz_set_str
(
msg_mpz
,
hash
,
16
)
==
-
1
)
{
if
(
mpz_set_str
(
msg_mpz
,
hash
,
16
)
==
-
1
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid message hash"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid message hash"
);
mpz_clear
(
msg_mpz
);
mpz_clear
(
msg_mpz
);
return
;
return
;
...
@@ -1187,7 +1187,7 @@ void trustedEcdsaSignAES(int *err_status, char *err_string, uint8_t *encrypted_k
...
@@ -1187,7 +1187,7 @@ void trustedEcdsaSignAES(int *err_status, char *err_string, uint8_t *encrypted_k
signature_extract_public_key
(
Pkey
,
skey_mpz
,
curve
);
signature_extract_public_key
(
Pkey
,
skey_mpz
,
curve
);
if
(
!
signature_verify
(
msg_mpz
,
sign
,
Pkey
,
curve
))
{
if
(
!
signature_verify
(
msg_mpz
,
sign
,
Pkey
,
curve
))
{
*
err
_s
tatus
=
-
2
;
*
err
S
tatus
=
-
2
;
snprintf
(
err_string
,
BUF_LEN
,
"signature is not verified! "
);
snprintf
(
err_string
,
BUF_LEN
,
"signature is not verified! "
);
return
;
return
;
}
}
...
@@ -1218,18 +1218,18 @@ void trustedEcdsaSignAES(int *err_status, char *err_string, uint8_t *encrypted_k
...
@@ -1218,18 +1218,18 @@ void trustedEcdsaSignAES(int *err_status, char *err_string, uint8_t *encrypted_k
}
}
void
encrypt_key_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
const
char
*
key
,
void
encrypt_key_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
const
char
*
key
,
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
)
{
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
)
{
//init();
//init();
*
err
_s
tatus
=
UNKNOWN_ERROR
;
*
err
S
tatus
=
UNKNOWN_ERROR
;
memset
(
err_string
,
0
,
BUF_LEN
);
memset
(
err_string
,
0
,
BUF_LEN
);
// checkKey(err
_s
tatus, err_string, key);
// checkKey(err
S
tatus, err_string, key);
//
//
// if (*err
_s
tatus != 0) {
// if (*err
S
tatus != 0) {
// snprintf(err_string + strlen(err_string), BUF_LEN, "check_key failed");
// snprintf(err_string + strlen(err_string), BUF_LEN, "check_key failed");
// return;
// return;
// }
// }
...
@@ -1238,7 +1238,7 @@ void encrypt_key_aes(int *err_status, char *err_string, const char *key,
...
@@ -1238,7 +1238,7 @@ void encrypt_key_aes(int *err_status, char *err_string, const char *key,
int
stat
=
AES_encrypt
(
key
,
encrypted_key
);
int
stat
=
AES_encrypt
(
key
,
encrypted_key
);
if
(
stat
!=
0
)
{
if
(
stat
!=
0
)
{
*
err
_s
tatus
=
stat
;
*
err
S
tatus
=
stat
;
snprintf
(
err_string
,
BUF_LEN
,
"AES encrypt failed with status %d"
,
stat
);
snprintf
(
err_string
,
BUF_LEN
,
"AES encrypt failed with status %d"
,
stat
);
return
;
return
;
}
}
...
@@ -1251,7 +1251,7 @@ void encrypt_key_aes(int *err_status, char *err_string, const char *key,
...
@@ -1251,7 +1251,7 @@ void encrypt_key_aes(int *err_status, char *err_string, const char *key,
stat
=
AES_decrypt
(
encrypted_key
,
*
enc_len
,
decryptedKey
);
stat
=
AES_decrypt
(
encrypted_key
,
*
enc_len
,
decryptedKey
);
if
(
stat
!=
0
)
{
if
(
stat
!=
0
)
{
*
err
_s
tatus
=
stat
;
*
err
S
tatus
=
stat
;
snprintf
(
err_string
,
BUF_LEN
,
":decrypt_key failed with status %d"
,
stat
);
snprintf
(
err_string
,
BUF_LEN
,
":decrypt_key failed with status %d"
,
stat
);
return
;
return
;
}
}
...
@@ -1264,29 +1264,29 @@ void encrypt_key_aes(int *err_status, char *err_string, const char *key,
...
@@ -1264,29 +1264,29 @@ void encrypt_key_aes(int *err_status, char *err_string, const char *key,
}
}
*
err
_s
tatus
=
-
8
;
*
err
S
tatus
=
-
8
;
if
(
strncmp
(
key
,
decryptedKey
,
MAX_KEY_LENGTH
)
!=
0
)
{
if
(
strncmp
(
key
,
decryptedKey
,
MAX_KEY_LENGTH
)
!=
0
)
{
snprintf
(
err_string
,
BUF_LEN
,
"Decrypted key does not match original key"
);
snprintf
(
err_string
,
BUF_LEN
,
"Decrypted key does not match original key"
);
return
;
return
;
}
}
*
err
_s
tatus
=
0
;
*
err
S
tatus
=
0
;
}
}
void
decrypt_key_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
void
decrypt_key_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
char
*
key
)
{
uint32_t
enc_len
,
char
*
key
)
{
init
();
init
();
uint32_t
decLen
;
uint32_t
decLen
;
*
err
_s
tatus
=
-
9
;
*
err
S
tatus
=
-
9
;
int
status
=
AES_decrypt
(
encrypted_key
,
enc_len
,
key
);
int
status
=
AES_decrypt
(
encrypted_key
,
enc_len
,
key
);
if
(
status
!=
0
)
{
if
(
status
!=
0
)
{
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt failed with status %d"
,
status
);
return
;
return
;
}
}
...
@@ -1294,12 +1294,12 @@ void decrypt_key_aes(int *err_status, char *err_string, uint8_t *encrypted_key,
...
@@ -1294,12 +1294,12 @@ void decrypt_key_aes(int *err_status, char *err_string, uint8_t *encrypted_key,
//snprintf(err_string, BUF_LEN, "decr key is %s", key);
//snprintf(err_string, BUF_LEN, "decr key is %s", key);
if
(
decLen
>
MAX_KEY_LENGTH
)
{
if
(
decLen
>
MAX_KEY_LENGTH
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"wrong decLen"
);
//"decLen != MAX_KEY_LENGTH");
snprintf
(
err_string
,
BUF_LEN
,
"wrong decLen"
);
//"decLen != MAX_KEY_LENGTH");
return
;
return
;
}
}
*
err
_s
tatus
=
-
10
;
*
err
S
tatus
=
-
10
;
uint64_t
keyLen
=
strnlen
(
key
,
MAX_KEY_LENGTH
);
uint64_t
keyLen
=
strnlen
(
key
,
MAX_KEY_LENGTH
);
...
@@ -1310,12 +1310,12 @@ void decrypt_key_aes(int *err_status, char *err_string, uint8_t *encrypted_key,
...
@@ -1310,12 +1310,12 @@ void decrypt_key_aes(int *err_status, char *err_string, uint8_t *encrypted_key,
return
;
return
;
}
}
*
err
_s
tatus
=
0
;
*
err
S
tatus
=
0
;
memcpy
(
err_string
,
AES_key
,
1024
);
memcpy
(
err_string
,
AES_key
,
1024
);
}
}
void
trustedBlsSignMessage_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
void
trustedBlsSignMessage_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
char
*
_hashX
,
uint32_t
enc_len
,
char
*
_hashX
,
char
*
_hashY
,
char
*
signature
)
{
char
*
_hashY
,
char
*
signature
)
{
...
@@ -1331,7 +1331,7 @@ void trustedBlsSignMessage_aes(int *err_status, char *err_string, uint8_t *encry
...
@@ -1331,7 +1331,7 @@ void trustedBlsSignMessage_aes(int *err_status, char *err_string, uint8_t *encry
int
stat
=
AES_decrypt
(
encrypted_key
,
enc_len
,
key
);
int
stat
=
AES_decrypt
(
encrypted_key
,
enc_len
,
key
);
if
(
stat
!=
0
)
{
if
(
stat
!=
0
)
{
*
err
_s
tatus
=
stat
;
*
err
S
tatus
=
stat
;
strncpy
(
signature
,
err_string
,
BUF_LEN
);
strncpy
(
signature
,
err_string
,
BUF_LEN
);
return
;
return
;
}
}
...
@@ -1341,20 +1341,20 @@ void trustedBlsSignMessage_aes(int *err_status, char *err_string, uint8_t *encry
...
@@ -1341,20 +1341,20 @@ void trustedBlsSignMessage_aes(int *err_status, char *err_string, uint8_t *encry
strncpy
(
signature
,
sig
,
BUF_LEN
);
strncpy
(
signature
,
sig
,
BUF_LEN
);
if
(
strnlen
(
signature
,
BUF_LEN
)
<
10
)
{
if
(
strnlen
(
signature
,
BUF_LEN
)
<
10
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
return
;
return
;
}
}
//free(sig);
//free(sig);
}
}
void
void
trustedGenDkgSecret_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
*
enc_len
,
size_t
_t
)
{
trustedGenDkgSecret_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
*
enc_len
,
size_t
_t
)
{
char
dkg_secret
[
DKG_BUFER_LENGTH
];
// = (char*)calloc(DKG_BUFER_LENGTH, 1);
char
dkg_secret
[
DKG_BUFER_LENGTH
];
// = (char*)calloc(DKG_BUFER_LENGTH, 1);
memset
(
dkg_secret
,
0
,
DKG_BUFER_LENGTH
);
memset
(
dkg_secret
,
0
,
DKG_BUFER_LENGTH
);
if
(
gen_dkg_poly
(
dkg_secret
,
_t
)
!=
0
)
{
if
(
gen_dkg_poly
(
dkg_secret
,
_t
)
!=
0
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
return
;
return
;
}
}
...
@@ -1364,7 +1364,7 @@ trustedGenDkgSecret_aes(int *err_status, char *err_string, uint8_t *encrypted_dk
...
@@ -1364,7 +1364,7 @@ trustedGenDkgSecret_aes(int *err_status, char *err_string, uint8_t *encrypted_dk
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"SGX AES encrypt DKG poly failed"
);
snprintf
(
err_string
,
BUF_LEN
,
"SGX AES encrypt DKG poly failed"
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
...
@@ -1377,7 +1377,7 @@ trustedGenDkgSecret_aes(int *err_status, char *err_string, uint8_t *encrypted_dk
...
@@ -1377,7 +1377,7 @@ trustedGenDkgSecret_aes(int *err_status, char *err_string, uint8_t *encrypted_dk
status
=
AES_decrypt
(
encrypted_dkg_secret
,
*
enc_len
,
decr_dkg_secret
);
status
=
AES_decrypt
(
encrypted_dkg_secret
,
*
enc_len
,
decr_dkg_secret
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt dkg poly failed"
);
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt dkg poly failed"
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
...
@@ -1385,38 +1385,38 @@ trustedGenDkgSecret_aes(int *err_status, char *err_string, uint8_t *encrypted_dk
...
@@ -1385,38 +1385,38 @@ trustedGenDkgSecret_aes(int *err_status, char *err_string, uint8_t *encrypted_dk
snprintf
(
err_string
,
BUF_LEN
,
"poly is %s "
,
dkg_secret
);
snprintf
(
err_string
,
BUF_LEN
,
"poly is %s "
,
dkg_secret
);
snprintf
(
err_string
+
strlen
(
dkg_secret
)
+
8
,
BUF_LEN
-
strlen
(
dkg_secret
)
-
8
,
snprintf
(
err_string
+
strlen
(
dkg_secret
)
+
8
,
BUF_LEN
-
strlen
(
dkg_secret
)
-
8
,
"encrypted poly is not equal to decrypted poly"
);
"encrypted poly is not equal to decrypted poly"
);
*
err
_s
tatus
=
-
333
;
*
err
S
tatus
=
-
333
;
}
}
// free(dkg_secret);
// free(dkg_secret);
}
}
void
void
trustedDecryptDkgSecret_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint8_t
*
decrypted_dkg_secret
,
trustedDecryptDkgSecret_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint8_t
*
decrypted_dkg_secret
,
uint32_t
*
dec_len
)
{
uint32_t
*
dec_len
)
{
int
status
=
AES_decrypt
(
encrypted_dkg_secret
,
dec_len
,
decrypted_dkg_secret
);
int
status
=
AES_decrypt
(
encrypted_dkg_secret
,
dec_len
,
decrypted_dkg_secret
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt data - encrypted_dkg_secret failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt data - encrypted_dkg_secret failed with status %d"
,
status
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
//*dec_len = decr_len;
//*dec_len = decr_len;
}
}
void
trustedSetEncryptedDkgPoly_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_poly
,
uint64_t
*
enc_len
)
{
void
trustedSetEncryptedDkgPoly_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_poly
,
uint64_t
*
enc_len
)
{
memset
(
decryptedDkgPoly
,
0
,
DKG_BUFER_LENGTH
);
memset
(
decryptedDkgPoly
,
0
,
DKG_BUFER_LENGTH
);
int
status
=
AES_decrypt
(
encrypted_poly
,
*
enc_len
,
decryptedDkgPoly
);
int
status
=
AES_decrypt
(
encrypted_poly
,
*
enc_len
,
decryptedDkgPoly
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data - encrypted_poly failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data - encrypted_poly failed with status %d"
,
status
);
return
;
return
;
}
}
}
}
void
trustedGetEncryptedSecretShare_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_skey
,
uint32_t
*
dec_len
,
void
trustedGetEncryptedSecretShare_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_skey
,
uint32_t
*
dec_len
,
char
*
result_str
,
char
*
s_shareG2
,
char
*
pub_keyB
,
uint8_t
_t
,
uint8_t
_n
,
uint8_t
ind
)
{
char
*
result_str
,
char
*
s_shareG2
,
char
*
pub_keyB
,
uint8_t
_t
,
uint8_t
_n
,
uint8_t
ind
)
{
char
skey
[
ECDSA_SKEY_LEN
];
char
skey
[
ECDSA_SKEY_LEN
];
...
@@ -1430,8 +1430,8 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
...
@@ -1430,8 +1430,8 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
uint32_t
enc_len
;
uint32_t
enc_len
;
trustedGenerateEcdsaKey_aes
(
err
_s
tatus
,
err_string
,
encrypted_skey
,
&
enc_len
,
pub_key_x
,
pub_key_y
);
trustedGenerateEcdsaKey_aes
(
err
S
tatus
,
err_string
,
encrypted_skey
,
&
enc_len
,
pub_key_x
,
pub_key_y
);
if
(
*
err
_s
tatus
!=
0
)
{
if
(
*
err
S
tatus
!=
0
)
{
return
;
return
;
}
}
// snprintf(err_string, BUF_LEN,"pub_key_x is %s", pub_key_x);
// snprintf(err_string, BUF_LEN,"pub_key_x is %s", pub_key_x);
...
@@ -1441,7 +1441,7 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
...
@@ -1441,7 +1441,7 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"AES_decrypt failed (in trustedGetEncryptedSecretShare_aes) with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"AES_decrypt failed (in trustedGetEncryptedSecretShare_aes) with status %d"
,
status
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
snprintf
(
err_string
,
BUF_LEN
,
"unsealed random skey is %s
\n
"
,
skey
);
snprintf
(
err_string
,
BUF_LEN
,
"unsealed random skey is %s
\n
"
,
skey
);
...
@@ -1457,7 +1457,7 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
...
@@ -1457,7 +1457,7 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
//char s_share[65];
//char s_share[65];
if
(
calc_secret_share
(
decryptedDkgPoly
,
s_share
,
_t
,
_n
,
ind
)
!=
0
)
{
if
(
calc_secret_share
(
decryptedDkgPoly
,
s_share
,
_t
,
_n
,
ind
)
!=
0
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
// snprintf(err_string, BUF_LEN,"t does not match poly degree");
// snprintf(err_string, BUF_LEN,"t does not match poly degree");
snprintf
(
err_string
,
BUF_LEN
,
decryptedDkgPoly
);
snprintf
(
err_string
,
BUF_LEN
,
decryptedDkgPoly
);
return
;
return
;
...
@@ -1465,7 +1465,7 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
...
@@ -1465,7 +1465,7 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
snprintf
(
err_string
+
88
,
BUF_LEN
,
"
\n
secret share is %s"
,
s_share
);
snprintf
(
err_string
+
88
,
BUF_LEN
,
"
\n
secret share is %s"
,
s_share
);
if
(
calc_secret_shareG2
(
s_share
,
s_shareG2
)
!=
0
)
{
if
(
calc_secret_shareG2
(
s_share
,
s_shareG2
)
!=
0
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid decr secret share"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid decr secret share"
);
return
;
return
;
}
}
...
@@ -1473,7 +1473,7 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
...
@@ -1473,7 +1473,7 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
char
*
cypher
[
ECDSA_SKEY_LEN
];
//= (char *)malloc(65);
char
*
cypher
[
ECDSA_SKEY_LEN
];
//= (char *)malloc(65);
xor_encrypt
(
common_key
,
s_share
,
cypher
);
xor_encrypt
(
common_key
,
s_share
,
cypher
);
if
(
cypher
==
NULL
)
{
if
(
cypher
==
NULL
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
return
;
return
;
}
}
...
@@ -1495,7 +1495,7 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
...
@@ -1495,7 +1495,7 @@ void trustedGetEncryptedSecretShare_aes(int *err_status, char *err_string, uint8
}
}
void
trustedGetPublicShares_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
enc_len
,
void
trustedGetPublicShares_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_dkg_secret
,
uint32_t
enc_len
,
char
*
public_shares
,
char
*
public_shares
,
unsigned
_t
,
unsigned
_n
)
{
unsigned
_t
,
unsigned
_n
)
{
...
@@ -1508,14 +1508,14 @@ void trustedGetPublicShares_aes(int *err_status, char *err_string, uint8_t *encr
...
@@ -1508,14 +1508,14 @@ void trustedGetPublicShares_aes(int *err_status, char *err_string, uint8_t *encr
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt data - encrypted_dkg_secret failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt data - encrypted_dkg_secret failed with status %d"
,
status
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
//strncpy(err_string, decrypted_dkg_secret, 1024);
//strncpy(err_string, decrypted_dkg_secret, 1024);
// strncpy(err_string, "before calc_public_shares ", 1024);
// strncpy(err_string, "before calc_public_shares ", 1024);
if
(
calc_public_shares
(
decrypted_dkg_secret
,
public_shares
,
_t
)
!=
0
)
{
if
(
calc_public_shares
(
decrypted_dkg_secret
,
public_shares
,
_t
)
!=
0
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"t does not match polynomial in db"
);
snprintf
(
err_string
,
BUF_LEN
,
"t does not match polynomial in db"
);
return
;
return
;
}
}
...
@@ -1523,7 +1523,7 @@ void trustedGetPublicShares_aes(int *err_status, char *err_string, uint8_t *encr
...
@@ -1523,7 +1523,7 @@ void trustedGetPublicShares_aes(int *err_status, char *err_string, uint8_t *encr
//free(decrypted_dkg_secret);
//free(decrypted_dkg_secret);
}
}
void
trustedDkgVerify_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
const
char
*
public_shares
,
const
char
*
s_share
,
void
trustedDkgVerify_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
const
char
*
public_shares
,
const
char
*
s_share
,
uint8_t
*
encrypted_key
,
uint64_t
enc_len
,
unsigned
_t
,
int
_ind
,
int
*
result
)
{
uint8_t
*
encrypted_key
,
uint64_t
enc_len
,
unsigned
_t
,
int
_ind
,
int
*
result
)
{
//uint32_t dec_len = 625;
//uint32_t dec_len = 625;
...
@@ -1534,7 +1534,7 @@ void trustedDkgVerify_aes(int *err_status, char *err_string, const char *public_
...
@@ -1534,7 +1534,7 @@ void trustedDkgVerify_aes(int *err_status, char *err_string, const char *public_
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"AES_decrypt failed (in trustedDkgVerify_aes) with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"AES_decrypt failed (in trustedDkgVerify_aes) with status %d"
,
status
);
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
return
;
return
;
}
}
...
@@ -1549,7 +1549,7 @@ void trustedDkgVerify_aes(int *err_status, char *err_string, const char *public_
...
@@ -1549,7 +1549,7 @@ void trustedDkgVerify_aes(int *err_status, char *err_string, const char *public_
session_key_recover
(
skey
,
s_share
,
common_key
);
session_key_recover
(
skey
,
s_share
,
common_key
);
//common_key[ECDSA_SKEY_LEN - 1] = 0;
//common_key[ECDSA_SKEY_LEN - 1] = 0;
if
(
common_key
==
NULL
||
strlen
(
common_key
)
==
0
)
{
if
(
common_key
==
NULL
||
strlen
(
common_key
)
==
0
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
return
;
return
;
}
}
...
@@ -1558,7 +1558,7 @@ void trustedDkgVerify_aes(int *err_status, char *err_string, const char *public_
...
@@ -1558,7 +1558,7 @@ void trustedDkgVerify_aes(int *err_status, char *err_string, const char *public_
memset
(
decr_sshare
,
0
,
ECDSA_SKEY_LEN
);
memset
(
decr_sshare
,
0
,
ECDSA_SKEY_LEN
);
xor_decrypt
(
common_key
,
encr_sshare
,
decr_sshare
);
xor_decrypt
(
common_key
,
encr_sshare
,
decr_sshare
);
if
(
decr_sshare
==
NULL
)
{
if
(
decr_sshare
==
NULL
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
return
;
return
;
}
}
...
@@ -1575,7 +1575,7 @@ void trustedDkgVerify_aes(int *err_status, char *err_string, const char *public_
...
@@ -1575,7 +1575,7 @@ void trustedDkgVerify_aes(int *err_status, char *err_string, const char *public_
mpz_t
s
;
mpz_t
s
;
mpz_init
(
s
);
mpz_init
(
s
);
if
(
mpz_set_str
(
s
,
decr_sshare
,
16
)
==
-
1
)
{
if
(
mpz_set_str
(
s
,
decr_sshare
,
16
)
==
-
1
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid decr secret share"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid decr secret share"
);
mpz_clear
(
s
);
mpz_clear
(
s
);
return
;
return
;
...
@@ -1587,13 +1587,13 @@ void trustedDkgVerify_aes(int *err_status, char *err_string, const char *public_
...
@@ -1587,13 +1587,13 @@ void trustedDkgVerify_aes(int *err_status, char *err_string, const char *public_
}
}
void
trustedCreateBlsKey_aes
(
int
*
err
_s
tatus
,
char
*
err_string
,
const
char
*
s_shares
,
void
trustedCreateBlsKey_aes
(
int
*
err
S
tatus
,
char
*
err_string
,
const
char
*
s_shares
,
uint8_t
*
encrypted_key
,
uint64_t
key_len
,
uint8_t
*
encr_bls_key
,
uint32_t
*
enc_bls_key_len
)
{
uint8_t
*
encrypted_key
,
uint64_t
key_len
,
uint8_t
*
encr_bls_key
,
uint32_t
*
enc_bls_key_len
)
{
char
skey
[
ECDSA_SKEY_LEN
];
char
skey
[
ECDSA_SKEY_LEN
];
int
status
=
AES_decrypt
(
encrypted_key
,
key_len
,
skey
);
int
status
=
AES_decrypt
(
encrypted_key
,
key_len
,
skey
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
status
;
*
err
S
tatus
=
status
;
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"aes decrypt failed with status %d"
,
status
);
return
;
return
;
}
}
...
@@ -1623,7 +1623,7 @@ void trustedCreateBlsKey_aes(int *err_status, char *err_string, const char *s_sh
...
@@ -1623,7 +1623,7 @@ void trustedCreateBlsKey_aes(int *err_status, char *err_string, const char *s_sh
common_key
[
64
]
=
0
;
common_key
[
64
]
=
0
;
if
(
common_key
==
NULL
)
{
if
(
common_key
==
NULL
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
mpz_clear
(
sum
);
mpz_clear
(
sum
);
return
;
return
;
...
@@ -1636,7 +1636,7 @@ void trustedCreateBlsKey_aes(int *err_status, char *err_string, const char *s_sh
...
@@ -1636,7 +1636,7 @@ void trustedCreateBlsKey_aes(int *err_status, char *err_string, const char *s_sh
char
decr_sshare
[
65
];
char
decr_sshare
[
65
];
xor_decrypt
(
common_key
,
encr_sshare
,
decr_sshare
);
xor_decrypt
(
common_key
,
encr_sshare
,
decr_sshare
);
if
(
decr_sshare
==
NULL
)
{
if
(
decr_sshare
==
NULL
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
snprintf
(
err_string
,
BUF_LEN
,
"invalid common_key"
);
mpz_clear
(
sum
);
mpz_clear
(
sum
);
return
;
return
;
...
@@ -1650,7 +1650,7 @@ void trustedCreateBlsKey_aes(int *err_status, char *err_string, const char *s_sh
...
@@ -1650,7 +1650,7 @@ void trustedCreateBlsKey_aes(int *err_status, char *err_string, const char *s_sh
mpz_t
decr_secret_share
;
mpz_t
decr_secret_share
;
mpz_init
(
decr_secret_share
);
mpz_init
(
decr_secret_share
);
if
(
mpz_set_str
(
decr_secret_share
,
decr_sshare
,
16
)
==
-
1
)
{
if
(
mpz_set_str
(
decr_secret_share
,
decr_sshare
,
16
)
==
-
1
)
{
*
err
_s
tatus
=
111
;
*
err
S
tatus
=
111
;
//snprintf(err_string, BUF_LEN ,"invalid decrypted secret share");
//snprintf(err_string, BUF_LEN ,"invalid decrypted secret share");
snprintf
(
err_string
,
BUF_LEN
,
decr_sshare
);
snprintf
(
err_string
,
BUF_LEN
,
decr_sshare
);
mpz_clear
(
decr_secret_share
);
mpz_clear
(
decr_secret_share
);
...
@@ -1679,7 +1679,7 @@ void trustedCreateBlsKey_aes(int *err_status, char *err_string, const char *s_sh
...
@@ -1679,7 +1679,7 @@ void trustedCreateBlsKey_aes(int *err_status, char *err_string, const char *s_sh
status
=
AES_encrypt
(
key_share
,
encr_bls_key
);
status
=
AES_encrypt
(
key_share
,
encr_bls_key
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"aes encrypt bls private key failed with status %d "
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"aes encrypt bls private key failed with status %d "
,
status
);
mpz_clear
(
bls_key
);
mpz_clear
(
bls_key
);
mpz_clear
(
sum
);
mpz_clear
(
sum
);
...
@@ -1694,7 +1694,7 @@ void trustedCreateBlsKey_aes(int *err_status, char *err_string, const char *s_sh
...
@@ -1694,7 +1694,7 @@ void trustedCreateBlsKey_aes(int *err_status, char *err_string, const char *s_sh
}
}
void
void
trustedGetBlsPubKeyAES
(
int
*
err
_s
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint64_t
key_len
,
char
*
bls_pub_key
)
{
trustedGetBlsPubKeyAES
(
int
*
err
S
tatus
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint64_t
key_len
,
char
*
bls_pub_key
)
{
char
skey_hex
[
ECDSA_SKEY_LEN
];
char
skey_hex
[
ECDSA_SKEY_LEN
];
...
@@ -1702,7 +1702,7 @@ trustedGetBlsPubKeyAES(int *err_status, char *err_string, uint8_t *encrypted_key
...
@@ -1702,7 +1702,7 @@ trustedGetBlsPubKeyAES(int *err_status, char *err_string, uint8_t *encrypted_key
int
status
=
AES_decrypt
(
encrypted_key
,
key_len
,
skey_hex
);
int
status
=
AES_decrypt
(
encrypted_key
,
key_len
,
skey_hex
);
if
(
status
!=
SGX_SUCCESS
)
{
if
(
status
!=
SGX_SUCCESS
)
{
*
err
_s
tatus
=
1
;
*
err
S
tatus
=
1
;
snprintf
(
err_string
,
BUF_LEN
,
"aes_decrypt failed with status %d"
,
status
);
snprintf
(
err_string
,
BUF_LEN
,
"aes_decrypt failed with status %d"
,
status
);
return
;
return
;
}
}
...
@@ -1710,7 +1710,7 @@ trustedGetBlsPubKeyAES(int *err_status, char *err_string, uint8_t *encrypted_key
...
@@ -1710,7 +1710,7 @@ trustedGetBlsPubKeyAES(int *err_status, char *err_string, uint8_t *encrypted_key
skey_hex
[
ECDSA_SKEY_LEN
-
1
]
=
0
;
skey_hex
[
ECDSA_SKEY_LEN
-
1
]
=
0
;
if
(
calc_bls_public_key
(
skey_hex
,
bls_pub_key
)
!=
0
)
{
if
(
calc_bls_public_key
(
skey_hex
,
bls_pub_key
)
!=
0
)
{
*
err
_s
tatus
=
-
1
;
*
err
S
tatus
=
-
1
;
snprintf
(
err_string
,
BUF_LEN
,
"could not calculate bls public key"
);
snprintf
(
err_string
,
BUF_LEN
,
"could not calculate bls public key"
);
return
;
return
;
}
}
...
...
secure_enclave/secure_enclave.edl
View file @
4a103ecf
...
@@ -29,7 +29,7 @@ enclave {
...
@@ -29,7 +29,7 @@ enclave {
);
);
public void trustedGenerateEcdsaKey (
public void trustedGenerateEcdsaKey (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len,
[user_check] uint32_t *enc_len,
...
@@ -37,7 +37,7 @@ enclave {
...
@@ -37,7 +37,7 @@ enclave {
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void trustedGetPublicEcdsaKey (
public void trustedGetPublicEcdsaKey (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t dec_len,
uint32_t dec_len,
...
@@ -45,21 +45,21 @@ enclave {
...
@@ -45,21 +45,21 @@ enclave {
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void encrypt_key (
public void encrypt_key (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] char* key,
[in, count = SMALL_BUF_SIZE] char* key,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len);
[user_check] uint32_t *enc_len);
public void decrypt_key (
public void decrypt_key (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
uint32_t enc_len,
[out, count = SMALL_BUF_SIZE] char* key );
[out, count = SMALL_BUF_SIZE] char* key );
public void trustedBlsSignMessage (
public void trustedBlsSignMessage (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
uint32_t enc_len,
...
@@ -68,21 +68,21 @@ enclave {
...
@@ -68,21 +68,21 @@ enclave {
[out, count = SMALL_BUF_SIZE] char* signature);
[out, count = SMALL_BUF_SIZE] char* signature);
public void trustedGenDkgSecret (
public void trustedGenDkgSecret (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = 3050] uint8_t* encrypted_dkg_secret,
[out, count = 3050] uint8_t* encrypted_dkg_secret,
[user_check] uint32_t * enc_len,
[user_check] uint32_t * enc_len,
size_t _t);
size_t _t);
public void trustedDecryptDkgSecret (
public void trustedDecryptDkgSecret (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[out, count = 2490] uint8_t* decrypted_dkg_secret,
[out, count = 2490] uint8_t* decrypted_dkg_secret,
[user_check] uint32_t* dec_len);
[user_check] uint32_t* dec_len);
public void trustedGetSecretShares (
public void trustedGetSecretShares (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[user_check] uint32_t* dec_len,
[user_check] uint32_t* dec_len,
...
@@ -91,7 +91,7 @@ enclave {
...
@@ -91,7 +91,7 @@ enclave {
unsigned _n);
unsigned _n);
public void trustedGetPublicShares (
public void trustedGetPublicShares (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
uint32_t enc_len,
uint32_t enc_len,
...
@@ -100,7 +100,7 @@ enclave {
...
@@ -100,7 +100,7 @@ enclave {
unsigned _n);
unsigned _n);
public void trustedEcdsaSign(
public void trustedEcdsaSign(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
uint32_t enc_len,
...
@@ -110,12 +110,12 @@ enclave {
...
@@ -110,12 +110,12 @@ enclave {
[user_check] uint8_t* sig_v,
[user_check] uint8_t* sig_v,
int base);
int base);
public void trustedSetEncryptedDkgPoly( [user_check] int *err
_s
tatus,
public void trustedSetEncryptedDkgPoly( [user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_poly);
[in, count = 3050] uint8_t* encrypted_poly);
public void trustedGetEncryptedSecretShare(
public void trustedGetEncryptedSecretShare(
[user_check]int *err
_s
tatus,
[user_check]int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_skey,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_skey,
[user_check] uint32_t* dec_len,
[user_check] uint32_t* dec_len,
...
@@ -127,7 +127,7 @@ enclave {
...
@@ -127,7 +127,7 @@ enclave {
uint8_t ind);
uint8_t ind);
public void trustedDkgVerify(
public void trustedDkgVerify(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 8193] const char* public_shares,
[in, count = 8193] const char* public_shares,
[in, count = 193] const char* s_share,
[in, count = 193] const char* s_share,
...
@@ -138,7 +138,7 @@ enclave {
...
@@ -138,7 +138,7 @@ enclave {
[user_check] int* result);
[user_check] int* result);
public void trustedCreateBlsKey(
public void trustedCreateBlsKey(
[user_check]int *err
_s
tatus,
[user_check]int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 6145] const char* s_shares,
[in, count = 6145] const char* s_shares,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
...
@@ -147,14 +147,14 @@ enclave {
...
@@ -147,14 +147,14 @@ enclave {
[user_check] uint32_t *enc_bls_key_len);
[user_check] uint32_t *enc_bls_key_len);
public void trustedGetBlsPubKey(
public void trustedGetBlsPubKey(
[user_check]int *err
_s
tatus,
[user_check]int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
uint64_t key_len,
[out, count = 320] char* bls_pub_key);
[out, count = 320] char* bls_pub_key);
public void trustedComplaintResponse(
public void trustedComplaintResponse(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t *encryptedDHKey,
[in, count = SMALL_BUF_SIZE] uint8_t *encryptedDHKey,
[in, count = 3050] uint8_t *encrypted_dkg_secret,
[in, count = 3050] uint8_t *encrypted_dkg_secret,
...
@@ -166,27 +166,27 @@ enclave {
...
@@ -166,27 +166,27 @@ enclave {
uint8_t ind1);
uint8_t ind1);
public void trustedGenerateSEK(
public void trustedGenerateSEK(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_SEK,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_SEK,
[user_check] uint32_t *enc_len,
[user_check] uint32_t *enc_len,
[out, count = 65] char* hex_SEK);
[out, count = 65] char* hex_SEK);
public void trustedSetSEK(
public void trustedSetSEK(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] char *err_string,
[in, count = SMALL_BUF_SIZE] uint8_t *encrypted_SEK,
[in, count = SMALL_BUF_SIZE] uint8_t *encrypted_SEK,
uint64_t encr_len);
uint64_t encr_len);
public void trustedSetSEK_backup(
public void trustedSetSEK_backup(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_SEK,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_SEK,
[user_check] uint32_t *enc_len,
[user_check] uint32_t *enc_len,
[in, count = 65] const char* SEK_hex);
[in, count = 65] const char* SEK_hex);
public void trustedGenerateEcdsaKey_aes (
public void trustedGenerateEcdsaKey_aes (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = ECDSA_ENCR_LEN] uint8_t* encrypted_key,
[out, count = ECDSA_ENCR_LEN] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len,
[user_check] uint32_t *enc_len,
...
@@ -194,7 +194,7 @@ enclave {
...
@@ -194,7 +194,7 @@ enclave {
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void trustedGetPublicEcdsaKey_aes(
public void trustedGetPublicEcdsaKey_aes(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t dec_len,
uint32_t dec_len,
...
@@ -202,7 +202,7 @@ enclave {
...
@@ -202,7 +202,7 @@ enclave {
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void trustedEcdsaSignAES(
public void trustedEcdsaSignAES(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
uint32_t enc_len,
...
@@ -213,14 +213,14 @@ enclave {
...
@@ -213,14 +213,14 @@ enclave {
int base);
int base);
public void encrypt_key_aes (
public void encrypt_key_aes (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] const char* key,
[in, count = SMALL_BUF_SIZE] const char* key,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len);
[user_check] uint32_t *enc_len);
public void decrypt_key_aes (
public void decrypt_key_aes (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
uint32_t enc_len,
...
@@ -228,27 +228,27 @@ enclave {
...
@@ -228,27 +228,27 @@ enclave {
public void trustedGenDkgSecret_aes (
public void trustedGenDkgSecret_aes (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = 3050] uint8_t* encrypted_dkg_secret,
[out, count = 3050] uint8_t* encrypted_dkg_secret,
[user_check] uint32_t * enc_len,
[user_check] uint32_t * enc_len,
size_t _t);
size_t _t);
public void trustedDecryptDkgSecret_aes (
public void trustedDecryptDkgSecret_aes (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[out, count = 2490] uint8_t* decrypted_dkg_secret,
[out, count = 2490] uint8_t* decrypted_dkg_secret,
[user_check] uint32_t* dec_len);
[user_check] uint32_t* dec_len);
public void trustedSetEncryptedDkgPoly_aes(
public void trustedSetEncryptedDkgPoly_aes(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_poly,
[in, count = 3050] uint8_t* encrypted_poly,
[user_check] uint64_t* enc_len);
[user_check] uint64_t* enc_len);
public void trustedGetEncryptedSecretShare_aes(
public void trustedGetEncryptedSecretShare_aes(
[user_check]int *err
_s
tatus,
[user_check]int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_skey,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_skey,
[user_check] uint32_t* dec_len,
[user_check] uint32_t* dec_len,
...
@@ -260,7 +260,7 @@ enclave {
...
@@ -260,7 +260,7 @@ enclave {
uint8_t ind);
uint8_t ind);
public void trustedGetPublicShares_aes(
public void trustedGetPublicShares_aes(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
uint32_t enc_len,
uint32_t enc_len,
...
@@ -269,7 +269,7 @@ enclave {
...
@@ -269,7 +269,7 @@ enclave {
unsigned _n);
unsigned _n);
public void trustedDkgVerify_aes(
public void trustedDkgVerify_aes(
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 8193] const char* public_shares,
[in, count = 8193] const char* public_shares,
[in, count = 193] const char* s_share,
[in, count = 193] const char* s_share,
...
@@ -281,7 +281,7 @@ enclave {
...
@@ -281,7 +281,7 @@ enclave {
public void trustedCreateBlsKey_aes(
public void trustedCreateBlsKey_aes(
[user_check]int *err
_s
tatus,
[user_check]int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 6145] const char* s_shares,
[in, count = 6145] const char* s_shares,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
...
@@ -290,7 +290,7 @@ enclave {
...
@@ -290,7 +290,7 @@ enclave {
[user_check] uint32_t *enc_bls_key_len);
[user_check] uint32_t *enc_bls_key_len);
public void trustedBlsSignMessage_aes (
public void trustedBlsSignMessage_aes (
[user_check] int *err
_s
tatus,
[user_check] int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
uint32_t enc_len,
...
@@ -299,7 +299,7 @@ enclave {
...
@@ -299,7 +299,7 @@ enclave {
[out, count = SMALL_BUF_SIZE] char* signature);
[out, count = SMALL_BUF_SIZE] char* signature);
public void trustedGetBlsPubKeyAES(
public void trustedGetBlsPubKeyAES(
[user_check]int *err
_s
tatus,
[user_check]int *err
S
tatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
uint64_t key_len,
...
...
testw.cpp
View file @
4a103ecf
...
@@ -182,24 +182,24 @@ TEST_CASE("DKG gen test", "[dkg-gen]") {
...
@@ -182,24 +182,24 @@ TEST_CASE("DKG gen test", "[dkg-gen]") {
vector
<
uint8_t
>
encryptedDKGSecret
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encryptedDKGSecret
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
uint32_t
enc_len
=
0
;
uint32_t
enc_len
=
0
;
status
=
trustedGenDkgSecret
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encryptedDKGSecret
.
data
(),
&
enc_len
,
32
);
status
=
trustedGenDkgSecret
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encryptedDKGSecret
.
data
(),
&
enc_len
,
32
);
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
// printf("trustedGenDkgSecret completed with status: %d %s \n", err
_s
tatus, errMsg.data());
// printf("trustedGenDkgSecret completed with status: %d %s \n", err
S
tatus, errMsg.data());
// printf("\n Length: %d \n", enc_len);
// printf("\n Length: %d \n", enc_len);
vector
<
char
>
secret
(
BUF_LEN
,
0
);
vector
<
char
>
secret
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg1
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg1
(
BUF_LEN
,
0
);
uint32_t
dec_len
;
uint32_t
dec_len
;
status
=
trustedDecryptDkgSecret
(
eid
,
&
err
_s
tatus
,
errMsg1
.
data
(),
encryptedDKGSecret
.
data
(),
status
=
trustedDecryptDkgSecret
(
eid
,
&
err
S
tatus
,
errMsg1
.
data
(),
encryptedDKGSecret
.
data
(),
(
uint8_t
*
)
secret
.
data
(),
&
dec_len
);
(
uint8_t
*
)
secret
.
data
(),
&
dec_len
);
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
// printf("\ntrustedDecryptDkgSecret completed with status: %d %s \n", err
_s
tatus, errMsg1.data());
// printf("\ntrustedDecryptDkgSecret completed with status: %d %s \n", err
S
tatus, errMsg1.data());
// printf("decrypted secret %s \n\n", secret.data());
// printf("decrypted secret %s \n\n", secret.data());
// printf("secret length %d \n", (int) strlen(secret.data()));
// printf("secret length %d \n", (int) strlen(secret.data()));
// printf("decr length %d \n", dec_len);
// printf("decr length %d \n", dec_len);
...
@@ -272,14 +272,14 @@ TEST_CASE("DKG public shares test", "[dkg-pub-shares]") {
...
@@ -272,14 +272,14 @@ TEST_CASE("DKG public shares test", "[dkg-pub-shares]") {
vector
<
uint8_t
>
encrypted_dkg_secret
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encrypted_dkg_secret
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
uint32_t
enc_len
=
0
;
uint32_t
enc_len
=
0
;
unsigned
t
=
32
,
n
=
32
;
unsigned
t
=
32
,
n
=
32
;
status
=
trustedGenDkgSecret
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
(),
&
enc_len
,
n
);
status
=
trustedGenDkgSecret
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
(),
&
enc_len
,
n
);
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
//printf("gen_dkg_public completed with status: %d %s \n", err
_s
tatus, errMsg);
//printf("gen_dkg_public completed with status: %d %s \n", err
S
tatus, errMsg);
vector
<
char
>
errMsg1
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg1
(
BUF_LEN
,
0
);
...
@@ -287,10 +287,10 @@ TEST_CASE("DKG public shares test", "[dkg-pub-shares]") {
...
@@ -287,10 +287,10 @@ TEST_CASE("DKG public shares test", "[dkg-pub-shares]") {
char
colon
=
':'
;
char
colon
=
':'
;
vector
<
char
>
public_shares
(
10000
,
0
);
vector
<
char
>
public_shares
(
10000
,
0
);
status
=
trustedGetPublicShares
(
eid
,
&
err
_s
tatus
,
errMsg1
.
data
(),
status
=
trustedGetPublicShares
(
eid
,
&
err
S
tatus
,
errMsg1
.
data
(),
encrypted_dkg_secret
.
data
(),
enc_len
,
public_shares
.
data
(),
t
,
n
);
encrypted_dkg_secret
.
data
(),
enc_len
,
public_shares
.
data
(),
t
,
n
);
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
// printf("\ntrustedGetPublicShares status: %d error %s \n\n", err
_s
tatus, errMsg1.data());
// printf("\ntrustedGetPublicShares status: %d error %s \n\n", err
S
tatus, errMsg1.data());
// printf(" LEN: %d \n", (int) strlen(public_shares.data()));
// printf(" LEN: %d \n", (int) strlen(public_shares.data()));
// printf(" result: %s \n", public_shares.data());
// printf(" result: %s \n", public_shares.data());
...
@@ -306,10 +306,10 @@ TEST_CASE("DKG public shares test", "[dkg-pub-shares]") {
...
@@ -306,10 +306,10 @@ TEST_CASE("DKG public shares test", "[dkg-pub-shares]") {
vector
<
char
>
secret
(
BUF_LEN
,
0
);
vector
<
char
>
secret
(
BUF_LEN
,
0
);
status
=
trustedDecryptDkgSecret
(
eid
,
&
err
_s
tatus
,
errMsg1
.
data
(),
encrypted_dkg_secret
.
data
(),
status
=
trustedDecryptDkgSecret
(
eid
,
&
err
S
tatus
,
errMsg1
.
data
(),
encrypted_dkg_secret
.
data
(),
(
uint8_t
*
)
secret
.
data
(),
&
enc_len
);
(
uint8_t
*
)
secret
.
data
(),
&
enc_len
);
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
//printf("\ntrustedDecryptDkgSecret completed with status: %d %s \n", err
_s
tatus, errMsg1.data());
//printf("\ntrustedDecryptDkgSecret completed with status: %d %s \n", err
S
tatus, errMsg1.data());
signatures
::
Dkg
dkg_obj
(
t
,
n
);
signatures
::
Dkg
dkg_obj
(
t
,
n
);
...
@@ -345,15 +345,15 @@ TEST_CASE("DKG encrypted secret shares test", "[dkg-encr-sshares]") {
...
@@ -345,15 +345,15 @@ TEST_CASE("DKG encrypted secret shares test", "[dkg-encr-sshares]") {
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
vector
<
char
>
result
(
BUF_LEN
,
0
);
vector
<
char
>
result
(
BUF_LEN
,
0
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
uint32_t
enc_len
=
0
;
uint32_t
enc_len
=
0
;
vector
<
uint8_t
>
encrypted_dkg_secret
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encrypted_dkg_secret
(
BUF_LEN
,
0
);
status
=
trustedGenDkgSecret
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
(),
&
enc_len
,
2
);
status
=
trustedGenDkgSecret
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
(),
&
enc_len
,
2
);
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
// cerr << " poly generated" << endl;
// cerr << " poly generated" << endl;
status
=
trustedSetEncryptedDkgPoly
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
());
status
=
trustedSetEncryptedDkgPoly
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
());
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
// cerr << " poly set" << endl;
// cerr << " poly set" << endl;
...
@@ -362,7 +362,7 @@ TEST_CASE("DKG encrypted secret shares test", "[dkg-encr-sshares]") {
...
@@ -362,7 +362,7 @@ TEST_CASE("DKG encrypted secret shares test", "[dkg-encr-sshares]") {
string
pub_keyB
=
"c0152c48bf640449236036075d65898fded1e242c00acb45519ad5f788ea7cbf9a5df1559e7fc87932eee5478b1b9023de19df654395574a690843988c3ff475"
;
string
pub_keyB
=
"c0152c48bf640449236036075d65898fded1e242c00acb45519ad5f788ea7cbf9a5df1559e7fc87932eee5478b1b9023de19df654395574a690843988c3ff475"
;
vector
<
char
>
s_shareG2
(
BUF_LEN
,
0
);
vector
<
char
>
s_shareG2
(
BUF_LEN
,
0
);
status
=
trustedGetEncryptedSecretShare
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encrPRDHKey
.
data
(),
&
enc_len
,
result
.
data
(),
status
=
trustedGetEncryptedSecretShare
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrPRDHKey
.
data
(),
&
enc_len
,
result
.
data
(),
s_shareG2
.
data
(),
s_shareG2
.
data
(),
(
char
*
)
pub_keyB
.
data
(),
2
,
2
,
1
);
(
char
*
)
pub_keyB
.
data
(),
2
,
2
,
1
);
...
@@ -382,16 +382,16 @@ TEST_CASE("DKG verification test", "[dkg-verify]") {
...
@@ -382,16 +382,16 @@ TEST_CASE("DKG verification test", "[dkg-verify]") {
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
vector
<
char
>
result
(
BUF_LEN
,
0
);
vector
<
char
>
result
(
BUF_LEN
,
0
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
uint32_t
enc_len
=
0
;
uint32_t
enc_len
=
0
;
vector
<
uint8_t
>
encrypted_dkg_secret
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encrypted_dkg_secret
(
BUF_LEN
,
0
);
status
=
trustedGenDkgSecret
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
(),
&
enc_len
,
2
);
status
=
trustedGenDkgSecret
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
(),
&
enc_len
,
2
);
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
// cerr << " poly generated" << endl;
// cerr << " poly generated" << endl;
status
=
trustedSetEncryptedDkgPoly
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
());
status
=
trustedSetEncryptedDkgPoly
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrypted_dkg_secret
.
data
());
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
// cerr << " poly set" << endl;
// cerr << " poly set" << endl;
...
@@ -401,11 +401,11 @@ TEST_CASE("DKG verification test", "[dkg-verify]") {
...
@@ -401,11 +401,11 @@ TEST_CASE("DKG verification test", "[dkg-verify]") {
vector
<
char
>
s_shareG2
(
BUF_LEN
,
0
);
vector
<
char
>
s_shareG2
(
BUF_LEN
,
0
);
status
=
trustedGetEncryptedSecretShare
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encrPrDHKey
.
data
(),
&
enc_len
,
result
.
data
(),
status
=
trustedGetEncryptedSecretShare
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encrPrDHKey
.
data
(),
&
enc_len
,
result
.
data
(),
s_shareG2
.
data
(),
s_shareG2
.
data
(),
(
char
*
)
pub_keyB
.
data
(),
2
,
2
,
1
);
(
char
*
)
pub_keyB
.
data
(),
2
,
2
,
1
);
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
// printf(" trustedGetEncryptedSecretShare completed with status: %d %s \n", err
_s
tatus, errMsg.data());
// printf(" trustedGetEncryptedSecretShare completed with status: %d %s \n", err
S
tatus, errMsg.data());
// cerr << "secret share is " << result.data() << endl;
// cerr << "secret share is " << result.data() << endl;
...
@@ -421,7 +421,7 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa]") {
...
@@ -421,7 +421,7 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa]") {
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
vector
<
uint8_t
>
encr_pr_key
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encr_pr_key
(
BUF_LEN
,
0
);
vector
<
char
>
pub_key_x
(
BUF_LEN
,
0
);
vector
<
char
>
pub_key_x
(
BUF_LEN
,
0
);
vector
<
char
>
pub_key_y
(
BUF_LEN
,
0
);
vector
<
char
>
pub_key_y
(
BUF_LEN
,
0
);
...
@@ -430,7 +430,7 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa]") {
...
@@ -430,7 +430,7 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa]") {
//printf("before %p\n", pub_key_x);
//printf("before %p\n", pub_key_x);
status
=
trustedGenerateEcdsaKey
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encr_pr_key
.
data
(),
&
enc_len
,
pub_key_x
.
data
(),
status
=
trustedGenerateEcdsaKey
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encr_pr_key
.
data
(),
&
enc_len
,
pub_key_x
.
data
(),
pub_key_y
.
data
());
pub_key_y
.
data
());
// printf("\nerrMsg %s\n", errMsg.data());
// printf("\nerrMsg %s\n", errMsg.data());
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
...
@@ -444,7 +444,7 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa]") {
...
@@ -444,7 +444,7 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa]") {
vector
<
char
>
signature_s
(
BUF_LEN
,
0
);
vector
<
char
>
signature_s
(
BUF_LEN
,
0
);
uint8_t
signature_v
=
0
;
uint8_t
signature_v
=
0
;
status
=
trustedEcdsaSign
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encr_pr_key
.
data
(),
enc_len
,
(
unsigned
char
*
)
hex
.
data
(),
status
=
trustedEcdsaSign
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encr_pr_key
.
data
(),
enc_len
,
(
unsigned
char
*
)
hex
.
data
(),
signature_r
.
data
(),
signature_r
.
data
(),
signature_s
.
data
(),
&
signature_v
,
16
);
signature_s
.
data
(),
&
signature_v
,
16
);
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
...
@@ -464,13 +464,13 @@ TEST_CASE("Test test", "[test]") {
...
@@ -464,13 +464,13 @@ TEST_CASE("Test test", "[test]") {
initAll
(
false
,
true
);
initAll
(
false
,
true
);
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
vector
<
char
>
errMsg
(
BUF_LEN
,
0
);
int
err
_s
tatus
=
0
;
int
err
S
tatus
=
0
;
vector
<
uint8_t
>
encr_pr_key
(
BUF_LEN
,
0
);
vector
<
uint8_t
>
encr_pr_key
(
BUF_LEN
,
0
);
vector
<
char
>
pub_key_x
(
BUF_LEN
,
0
);
vector
<
char
>
pub_key_x
(
BUF_LEN
,
0
);
vector
<
char
>
pub_key_y
(
BUF_LEN
,
0
);
vector
<
char
>
pub_key_y
(
BUF_LEN
,
0
);
uint32_t
enc_len
=
0
;
uint32_t
enc_len
=
0
;
status
=
trustedGenerateEcdsaKey
(
eid
,
&
err
_s
tatus
,
errMsg
.
data
(),
encr_pr_key
.
data
(),
&
enc_len
,
pub_key_x
.
data
(),
status
=
trustedGenerateEcdsaKey
(
eid
,
&
err
S
tatus
,
errMsg
.
data
(),
encr_pr_key
.
data
(),
&
enc_len
,
pub_key_x
.
data
(),
pub_key_y
.
data
());
pub_key_y
.
data
());
REQUIRE
(
status
==
SGX_SUCCESS
);
REQUIRE
(
status
==
SGX_SUCCESS
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment