Revert "SKALE-3039"

This reverts commit 85590b1e.

Revert "SKALE-3039"
This reverts commit 85590b1e.
4b8f7281 · kladko · 85590b1e · 4b8f7281 · 4b8f7281 · 4b8f7281
Unverified Commit 4b8f7281 authored Sep 10, 2020 by kladko
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 8 deletions

AESUtils.c secure_enclave/AESUtils.c +4 -3

AESUtils.h secure_enclave/AESUtils.h +1 -2

secure_enclave.c secure_enclave/secure_enclave.c +3 -3

No files found.
--- a/secure_enclave/AESUtils.c
+++ b/secure_enclave/AESUtils.c
@@ -30,7 +30,8 @@

 #include "AESUtils.h"

-uint8_t AES_key[2* BUF_LEN];
+sgx_aes_gcm_128bit_key_t AES_key;
+sgx_aes_gcm_128bit_key_t AES_DH_key;


 #define SAFE_CHAR_BUF(__X__, __Y__)  ;char __X__ [ __Y__ ]; memset(__X__, 0, __Y__);
@@ -74,7 +75,7 @@ int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrBufLen, unsig

    sgx_read_rand(encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE);

-    sgx_status_t status = sgx_rijndael128GCM_encrypt(AES_key + BUF_LEN, (uint8_t*)message, len,
+    sgx_status_t status = sgx_rijndael128GCM_encrypt(&AES_key, (uint8_t*)message, len,
                                                     encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE,
                                                     encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
                                                     NULL, 0,
@@ -123,7 +124,7 @@ int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t
        return -2;
  }

-  sgx_status_t status = sgx_rijndael128GCM_decrypt(AES_key + BUF_LEN,
+  sgx_status_t status = sgx_rijndael128GCM_decrypt(&AES_key,
                                                   encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE, len,
                                                   (unsigned char*) message,
                                                   encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,

--- a/secure_enclave/AESUtils.h
+++ b/secure_enclave/AESUtils.h
@@ -24,8 +24,7 @@
 #ifndef SGXD_AESUTILS_H
 #define SGXD_AESUTILS_H

-#define BUF_LEN 1024
-extern uint8_t AES_key[2* BUF_LEN] ;
+extern sgx_aes_gcm_128bit_key_t AES_key;

 int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrLen,
                unsigned char type, unsigned char exportable, uint64_t* resultLen);

--- a/secure_enclave/secure_enclave.c
+++ b/secure_enclave/secure_enclave.c
@@ -291,7 +291,7 @@ void trustedGenerateSEK(int *errStatus, char *errString,
    RANDOM_CHAR_BUF(SEK_raw, SGX_AESGCM_KEY_SIZE);

    carray2Hex((uint8_t*) SEK_raw, SGX_AESGCM_KEY_SIZE, sek_hex);
-    memcpy(AES_key + BUF_LEN, SEK_raw, SGX_AESGCM_KEY_SIZE);
+    memcpy(AES_key, SEK_raw, SGX_AESGCM_KEY_SIZE);


    sealHexSEK(errStatus, errString, encrypted_sek, enc_len, sek_hex);
@@ -331,7 +331,7 @@ void trustedSetSEK(int *errStatus, char *errString, uint8_t *encrypted_sek) {
    uint64_t len;


-    hex2carray(aes_key_hex, &len, (uint8_t *) AES_key + BUF_LEN);
+    hex2carray(aes_key_hex, &len, (uint8_t *) AES_key);

    SET_SUCCESS
    clean:
@@ -349,7 +349,7 @@ void trustedSetSEK_backup(int *errStatus, char *errString,
    CHECK_STATE(sek_hex);

    uint64_t len;
-    hex2carray(sek_hex, &len, (uint8_t *) AES_key + BUF_LEN);
+    hex2carray(sek_hex, &len, (uint8_t *) AES_key);


    sealHexSEK(errStatus, errString, encrypted_sek, enc_len, (char *)sek_hex);