Skip to content

S
sgxwallet
Unverified Commit 4ac654ed authored by Oleh Nikolaiev's avatar Oleh Nikolaiev
Browse files
Options

SKALE-2002 remove unused variables and fix potential memory leaks

parent 07538aef
Hide whitespace changes
Inline Side-by-side
Showing with 12 additions and 36 deletions
secure_enclave/secure_enclave.c
View file @ 4ac654ed
...@@ -167,10 +167,8 @@ void trustedGenerateEcdsaKey(int *errStatus, char *errString, ...@@ -167,10 +167,8 @@ void trustedGenerateEcdsaKey(int *errStatus, char *errString,
uint8_t base = 16; uint8_t base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2; int len = mpz_sizeinbase(Pkey->x, base) + 2;
//snprintf(errString, BUF_LEN, "len = %d\n", len);
char arr_x[len]; char arr_x[len];
mpz_get_str(arr_x, base, Pkey->x); mpz_get_str(arr_x, base, Pkey->x);
//snprintf(errString, BUF_LEN, "arr=%p px=%p\n", arr_x, px);
int n_zeroes = 64 - strlen(arr_x); int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) { for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0'; pub_key_x[i] = '0';
...@@ -226,11 +224,8 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *errString, ...@@ -226,11 +224,8 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *errString,
return; return;
} }
//strncpy(errString, skey, 1024);
mpz_t privateKeyMpz; mpz_t privateKeyMpz;
mpz_init(privateKeyMpz); mpz_init(privateKeyMpz);
// mpz_import(privateKeyMpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
if (mpz_set_str(privateKeyMpz, skey, ECDSA_SKEY_BASE) == -1) { if (mpz_set_str(privateKeyMpz, skey, ECDSA_SKEY_BASE) == -1) {
snprintf(errString, BUF_LEN, "wrong string to init private key"); snprintf(errString, BUF_LEN, "wrong string to init private key");
*errStatus = -10; *errStatus = -10;
...@@ -255,10 +250,8 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *errString, ...@@ -255,10 +250,8 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *errString,
int base = 16; int base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2; int len = mpz_sizeinbase(Pkey->x, base) + 2;
//snprintf(errString, BUF_LEN, "len = %d\n", len);
char arr_x[len]; char arr_x[len];
char *px = mpz_get_str(arr_x, base, Pkey->x); mpz_get_str(arr_x, base, Pkey->x);
//snprintf(errString, BUF_LEN, "arr=%p px=%p\n", arr_x, px);
int n_zeroes = 64 - strlen(arr_x); int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) { for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0'; pub_key_x[i] = '0';
...@@ -267,7 +260,7 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *errString, ...@@ -267,7 +260,7 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *errString,
strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes); strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes);
char arr_y[mpz_sizeinbase(Pkey->y, base) + 2]; char arr_y[mpz_sizeinbase(Pkey->y, base) + 2];
char *py = mpz_get_str(arr_y, base, Pkey->y); mpz_get_str(arr_y, base, Pkey->y);
n_zeroes = 64 - strlen(arr_y); n_zeroes = 64 - strlen(arr_y);
for (int i = 0; i < n_zeroes; i++) { for (int i = 0; i < n_zeroes; i++) {
pub_key_y[i] = '0'; pub_key_y[i] = '0';
...@@ -283,7 +276,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate ...@@ -283,7 +276,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
unsigned char *hash, char *sigR, char *sigS, uint8_t *sig_v, int base) { unsigned char *hash, char *sigR, char *sigS, uint8_t *sig_v, int base) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
char* arrM = NULL;
char* arrR = NULL; char* arrR = NULL;
char* arrS = NULL; char* arrS = NULL;
...@@ -393,7 +385,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate ...@@ -393,7 +385,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
void trustedEncryptKey(int *errStatus, char *errString, const char *key, void trustedEncryptKey(int *errStatus, char *errString, const char *key,
uint8_t *encryptedPrivateKey, uint32_t *enc_len) { uint8_t *encryptedPrivateKey, uint32_t *enc_len) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
*errStatus = UNKNOWN_ERROR; *errStatus = UNKNOWN_ERROR;
...@@ -504,6 +495,7 @@ void trustedBlsSignMessage(int *errStatus, char *errString, uint8_t *encryptedPr ...@@ -504,6 +495,7 @@ void trustedBlsSignMessage(int *errStatus, char *errString, uint8_t *encryptedPr
if (strnlen(signature, BUF_LEN) < 10) { if (strnlen(signature, BUF_LEN) < 10) {
*errStatus = -1; *errStatus = -1;
free(sig);
return; return;
} }
...@@ -590,6 +582,7 @@ void trustedGetPublicShares(int *errStatus, char *errString, uint8_t *encrypted_ ...@@ -590,6 +582,7 @@ void trustedGetPublicShares(int *errStatus, char *errString, uint8_t *encrypted_
if (calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0) { if (calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0) {
*errStatus = -1; *errStatus = -1;
snprintf(errString, BUF_LEN, "t does not match polynomial in db"); snprintf(errString, BUF_LEN, "t does not match polynomial in db");
free(decrypted_dkg_secret);
return; return;
} }
free(decrypted_dkg_secret); free(decrypted_dkg_secret);
...@@ -664,7 +657,6 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *errString, uint8_t *en ...@@ -664,7 +657,6 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *errString, uint8_t *en
return; return;
} }
strncpy(result_str, cypher, strlen(cypher)); strncpy(result_str, cypher, strlen(cypher));
strncpy(result_str + strlen(cypher), pub_key_x, strlen(pub_key_x)); strncpy(result_str + strlen(cypher), pub_key_x, strlen(pub_key_x));
strncpy(result_str + strlen(pub_key_x) + strlen(pub_key_y), pub_key_y, strlen(pub_key_y)); strncpy(result_str + strlen(pub_key_x) + strlen(pub_key_y), pub_key_y, strlen(pub_key_y));
...@@ -675,8 +667,6 @@ void trustedComplaintResponse(int *errStatus, char *errString, uint8_t *encrypte ...@@ -675,8 +667,6 @@ void trustedComplaintResponse(int *errStatus, char *errString, uint8_t *encrypte
char *DH_key, char *s_shareG2, uint8_t _t, uint8_t _n, uint8_t ind1) { char *DH_key, char *s_shareG2, uint8_t _t, uint8_t _n, uint8_t ind1) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
uint32_t enc_len;
char decrypted_dkg_secret[DKG_BUFER_LENGTH]; char decrypted_dkg_secret[DKG_BUFER_LENGTH];
uint32_t decr_len; uint32_t decr_len;
trustedDecryptDkgSecret(errStatus, errString, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len); trustedDecryptDkgSecret(errStatus, errString, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len);
...@@ -722,10 +712,6 @@ void trustedDkgVerify(int *errStatus, char *errString, const char *public_shares ...@@ -722,10 +712,6 @@ void trustedDkgVerify(int *errStatus, char *errString, const char *public_shares
return; return;
} }
LOG_DEBUG (__FUNCTION__);
mpz_t s; mpz_t s;
mpz_init(s); mpz_init(s);
if (mpz_set_str(s, decr_sshare, 16) == -1) { if (mpz_set_str(s, decr_sshare, 16) == -1) {
...@@ -796,6 +782,7 @@ void trustedCreateBlsKey(int *errStatus, char *errString, const char *s_shares, ...@@ -796,6 +782,7 @@ void trustedCreateBlsKey(int *errStatus, char *errString, const char *s_shares,
*errStatus = 1; *errStatus = 1;
snprintf(errString, BUF_LEN, "invalid decrypted secret share"); snprintf(errString, BUF_LEN, "invalid decrypted secret share");
mpz_clear(decr_secret_share); mpz_clear(decr_secret_share);
mpz_clear(sum);
return; return;
} }
...@@ -813,11 +800,10 @@ void trustedCreateBlsKey(int *errStatus, char *errString, const char *s_shares, ...@@ -813,11 +800,10 @@ void trustedCreateBlsKey(int *errStatus, char *errString, const char *s_shares,
mpz_mod(bls_key, sum, q); mpz_mod(bls_key, sum, q);
char key_share[mpz_sizeinbase(bls_key, 16) + 2]; char key_share[mpz_sizeinbase(bls_key, 16) + 2];
char *key = mpz_get_str(key_share, 16, bls_key); mpz_get_str(key_share, 16, bls_key);
snprintf(errString, BUF_LEN, " bls private key is %s", key_share); snprintf(errString, BUF_LEN, " bls private key is %s", key_share);
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN); uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t *) key_share, sealedLen, status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t *) key_share, sealedLen,
(sgx_sealed_data_t *) encr_bls_key); (sgx_sealed_data_t *) encr_bls_key);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
...@@ -865,7 +851,6 @@ void trustedGenerateSEK(int *errStatus, char *errString, ...@@ -865,7 +851,6 @@ void trustedGenerateSEK(int *errStatus, char *errString,
sgx_read_rand(SEK_raw, SGX_AESGCM_KEY_SIZE); sgx_read_rand(SEK_raw, SGX_AESGCM_KEY_SIZE);
uint32_t hex_aes_key_length = SGX_AESGCM_KEY_SIZE * 2; uint32_t hex_aes_key_length = SGX_AESGCM_KEY_SIZE * 2;
uint8_t SEK[hex_aes_key_length];
carray2Hex(SEK_raw, SGX_AESGCM_KEY_SIZE, SEK_hex); carray2Hex(SEK_raw, SGX_AESGCM_KEY_SIZE, SEK_hex);
uint32_t sealedLen = sgx_calc_sealed_data_size(0, hex_aes_key_length + 1); uint32_t sealedLen = sgx_calc_sealed_data_size(0, hex_aes_key_length + 1);
...@@ -952,10 +937,8 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString, ...@@ -952,10 +937,8 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
uint8_t base = 16; uint8_t base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2; int len = mpz_sizeinbase(Pkey->x, base) + 2;
//snprintf(errString, BUF_LEN, "len = %d\n", len);
char arr_x[len]; char arr_x[len];
char *px = mpz_get_str(arr_x, base, Pkey->x); mpz_get_str(arr_x, base, Pkey->x);
//snprintf(errString, BUF_LEN, "arr=%p px=%p\n", arr_x, px);
int n_zeroes = 64 - strlen(arr_x); int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) { for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0'; pub_key_x[i] = '0';
...@@ -964,14 +947,14 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString, ...@@ -964,14 +947,14 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes); strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes);
char arr_y[mpz_sizeinbase(Pkey->y, base) + 2]; char arr_y[mpz_sizeinbase(Pkey->y, base) + 2];
char *py = mpz_get_str(arr_y, base, Pkey->y); mpz_get_str(arr_y, base, Pkey->y);
n_zeroes = 64 - strlen(arr_y); n_zeroes = 64 - strlen(arr_y);
for (int i = 0; i < n_zeroes; i++) { for (int i = 0; i < n_zeroes; i++) {
pub_key_y[i] = '0'; pub_key_y[i] = '0';
} }
strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes); strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes);
char skey_str[mpz_sizeinbase(skey, ECDSA_SKEY_BASE) + 2]; char skey_str[mpz_sizeinbase(skey, ECDSA_SKEY_BASE) + 2];
char *s = mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey); mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey);
snprintf(errString, BUF_LEN, "skey is %s len %d\n", skey_str, strlen(skey_str)); snprintf(errString, BUF_LEN, "skey is %s len %d\n", skey_str, strlen(skey_str));
int stat = AES_encrypt(skey_str, encryptedPrivateKey); int stat = AES_encrypt(skey_str, encryptedPrivateKey);
...@@ -987,7 +970,7 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString, ...@@ -987,7 +970,7 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
stat = AES_decrypt(encryptedPrivateKey, *enc_len, skey_str); stat = AES_decrypt(encryptedPrivateKey, *enc_len, skey_str);
if (stat != 0) { if (stat != 0) {
snprintf(errString + 19 + strlen(skey_str), BUF_LEN, "ecdsa private key decr failed with status %d", stat); snprintf(errString + 19 + strlen(skey_str), BUF_LEN, "ecdsa private key decr failed with status %d", stat);
//*errStatus = stat; errStatus = stat;
return; return;
} }
...@@ -1571,10 +1554,9 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share ...@@ -1571,10 +1554,9 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share
mpz_mod(bls_key, sum, q); mpz_mod(bls_key, sum, q);
char key_share[mpz_sizeinbase(bls_key, 16) + 2]; char key_share[mpz_sizeinbase(bls_key, 16) + 2];
char *key = mpz_get_str(key_share, 16, bls_key); mpz_get_str(key_share, 16, bls_key);
snprintf(errString, BUF_LEN, " bls private key is %s", key_share); snprintf(errString, BUF_LEN, " bls private key is %s", key_share);
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN); //uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
status = AES_encrypt(key_share, encr_bls_key); status = AES_encrypt(key_share, encr_bls_key);
...@@ -1595,13 +1577,10 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share ...@@ -1595,13 +1577,10 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share
void void
trustedGetBlsPubKeyAES(int *errStatus, char *errString, uint8_t *encryptedPrivateKey, uint64_t key_len, char *bls_pub_key) { trustedGetBlsPubKeyAES(int *errStatus, char *errString, uint8_t *encryptedPrivateKey, uint64_t key_len, char *bls_pub_key) {
LOG_DEBUG (__FUNCTION__); LOG_DEBUG (__FUNCTION__);
char skey_hex[ECDSA_SKEY_LEN]; char skey_hex[ECDSA_SKEY_LEN];
uint32_t len = key_len;
int status = AES_decrypt(encryptedPrivateKey, key_len, skey_hex); int status = AES_decrypt(encryptedPrivateKey, key_len, skey_hex);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = 1; *errStatus = 1;
...@@ -1617,6 +1596,3 @@ trustedGetBlsPubKeyAES(int *errStatus, char *errString, uint8_t *encryptedPrivat ...@@ -1617,6 +1596,3 @@ trustedGetBlsPubKeyAES(int *errStatus, char *errString, uint8_t *encryptedPrivat
return; return;
} }
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment