Skip to content

S
sgxwallet
Unverified Commit 553187f1 authored by Stan Kladko's avatar Stan Kladko Committed by GitHub
Browse files
Options

Merge pull request #219 from skalenetwork/enhancement/SKALE-3536 

bug/SKALE-3536-sgx-wallet-sim-crash SGX_ERROR_OUT_OF_TCS
parents 31b7dc02 f5305419
Hide whitespace changes
Inline Side-by-side
Showing with 56 additions and 46 deletions
SEKManager.cpp
View file @ 553187f1
......@@ -205,11 +205,17 @@ void gen_SEK() {
}
void reinitEnclave() {
// unfortunately process needs to be restarted to reinit enclave
// exiting with error code 3 (SGX_OUT_OF_MEMORY), so docker container can restart the
// wallet
exit(3);
static std::atomic<int> isSgxWalletExiting(0);
void safeExit() {
// this is to make sure exit is only called once if called from multiple threads
auto previousValue = isSgxWalletExiting.exchange(1);
if (previousValue != 1)
exit(3);
}
void setSEK(shared_ptr <string> hex_encrypted_SEK) {
......
SEKManager.h
View file @ 553187f1
......@@ -47,7 +47,8 @@ EXTERNC void initSEK();
EXTERNC void setSEK();
EXTERNC void reinitEnclave();
EXTERNC void safeExit();
......
SGXWalletServer.cpp
View file @ 553187f1
......@@ -111,6 +111,14 @@ void SGXWalletServer::printDB() {
LevelDB::getLevelDb()->visitKeys(&v, 100000000);
}
#ifdef SGX_HW_SIM
#define NUM_THREADS 16
#else
#define NUM_THREADS 64
#endif
int SGXWalletServer::initHttpsServer(bool _checkCerts) {
spdlog::info("Entering {}", __FUNCTION__);
string rootCAPath = string(SGXDATA_FOLDER) + "cert_data/rootCA.pem";
......@@ -147,14 +155,8 @@ int SGXWalletServer::initHttpsServer(bool _checkCerts) {
}
int numThreads = 64;
#if SGX_MODE == SIM
numThreads = 16;
#endif
httpServer = make_shared<HttpServer>(BASE_PORT, certPath, keyPath, rootCAPath, _checkCerts, numThreads);
httpServer = make_shared<HttpServer>(BASE_PORT, certPath, keyPath, rootCAPath, _checkCerts,
NUM_THREADS);
server = make_shared<SGXWalletServer>(*httpServer,
JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
......@@ -169,7 +171,8 @@ int SGXWalletServer::initHttpsServer(bool _checkCerts) {
int SGXWalletServer::initHttpServer() { //without ssl
spdlog::info("Entering {}", __FUNCTION__);
httpServer = make_shared<HttpServer>(BASE_PORT + 3);
httpServer = make_shared<HttpServer>(BASE_PORT + 3, "", "", "", false,
NUM_THREADS);
server = make_shared<SGXWalletServer>(*httpServer,
JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
if (!server->StartListening()) {
......@@ -275,25 +278,25 @@ Json::Value SGXWalletServer::importECDSAKeyImpl(const string &_keyShare,
result["encryptedKey"] = "";
try {
if (!checkECDSAKeyName(_keyShareName)) {
throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
}
if (!checkECDSAKeyName(_keyShareName)) {
throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
}
string hashTmp = _keyShare;
if (hashTmp[0] == '0' && (hashTmp[1] == 'x' || hashTmp[1] == 'X')) {
hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 2);
}
string hashTmp = _keyShare;
if (hashTmp[0] == '0' && (hashTmp[1] == 'x' || hashTmp[1] == 'X')) {
hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 2);
}
if (!checkHex(hashTmp)) {
throw SGXException(INVALID_HEX, "Invalid ECDSA key share, please use hex");
}
if (!checkHex(hashTmp)) {
throw SGXException(INVALID_HEX, "Invalid ECDSA key share, please use hex");
}
string encryptedKey = encryptECDSAKey(hashTmp);
string encryptedKey = encryptECDSAKey(hashTmp);
writeDataToDB(_keyShareName, encryptedKey);
writeDataToDB(_keyShareName, encryptedKey);
result["encryptedKey"] = encryptedKey;
result["publicKey"] = getECDSAPubKey(encryptedKey);
result["encryptedKey"] = encryptedKey;
result["publicKey"] = getECDSAPubKey(encryptedKey);
} HANDLE_SGX_EXCEPTION(result)
RETURN_SUCCESS(result);
......@@ -580,7 +583,7 @@ Json::Value SGXWalletServer::getBLSPublicKeyShareImpl(const string &_blsKeyName)
RETURN_SUCCESS(result);
}
Json::Value SGXWalletServer::calculateAllBLSPublicKeysImpl(const Json::Value& publicShares, int t, int n) {
Json::Value SGXWalletServer::calculateAllBLSPublicKeysImpl(const Json::Value &publicShares, int t, int n) {
spdlog::info("Entering {}", __FUNCTION__);
INIT_RESULT(result)
......@@ -607,14 +610,14 @@ Json::Value SGXWalletServer::calculateAllBLSPublicKeysImpl(const Json::Value& pu
}
}
vector<string> public_shares(n);
vector <string> public_shares(n);
for (int i = 0; i < n; ++i) {
public_shares[i] = publicShares[i].asString();
}
vector<string> public_keys = calculateAllBlsPublicKeys(public_shares);
vector <string> public_keys = calculateAllBlsPublicKeys(public_shares);
if (public_keys.size() != (uint64_t)n) {
if (public_keys.size() != (uint64_t) n) {
throw SGXException(UNKNOWN_ERROR, "");
}
......@@ -654,12 +657,12 @@ Json::Value SGXWalletServer::complaintResponseImpl(const string &_polyName, int
}
}
for (int i = 0; i < _n; i++) {
string name = _polyName + "_" + to_string(i) + ":";
LevelDB::getLevelDb()->deleteDHDKGKey(name);
string shareG2_name = "shareG2_" + _polyName + "_" + to_string(i) + ":";
LevelDB::getLevelDb()->deleteKey(shareG2_name);
}
for (int i = 0; i < _n; i++) {
string name = _polyName + "_" + to_string(i) + ":";
LevelDB::getLevelDb()->deleteDHDKGKey(name);
string shareG2_name = "shareG2_" + _polyName + "_" + to_string(i) + ":";
LevelDB::getLevelDb()->deleteKey(shareG2_name);
}
LevelDB::getLevelDb()->deleteKey(_polyName);
string encryptedSecretShareName = "encryptedSecretShare:" + _polyName;
......@@ -762,11 +765,11 @@ Json::Value SGXWalletServer::getBLSPublicKeyShare(const string &blsKeyName) {
return getBLSPublicKeyShareImpl(blsKeyName);
}
Json::Value SGXWalletServer::calculateAllBLSPublicKeys(const Json::Value& publicShares, int t, int n) {
Json::Value SGXWalletServer::calculateAllBLSPublicKeys(const Json::Value &publicShares, int t, int n) {
return calculateAllBLSPublicKeysImpl(publicShares, t, n);
}
Json::Value SGXWalletServer::importECDSAKey(const std::string& keyShare, const std::string& keyShareName) {
Json::Value SGXWalletServer::importECDSAKey(const std::string &keyShare, const std::string &keyShareName) {
return importECDSAKeyImpl(keyShare, keyShareName);
}
......@@ -787,7 +790,8 @@ SGXWalletServer::importBLSKeyShare(const string &_keyShare, const string &_keySh
return importBLSKeyShareImpl(_keyShare, _keyShareName);
}
Json::Value SGXWalletServer::blsSignMessageHash(const string &_keyShareName, const string &_messageHash, int _t, int _n) {
Json::Value
SGXWalletServer::blsSignMessageHash(const string &_keyShareName, const string &_messageHash, int _t, int _n) {
return blsSignMessageHashImpl(_keyShareName, _messageHash, _t, _n);
}
......
sgxwallet_common.h
View file @ 553187f1
......@@ -121,8 +121,8 @@ READ_LOCK(sgxInitMutex);
} \
if (status != SGX_SUCCESS || errStatus == 3) { \
spdlog::error(__FUNCTION__); \
spdlog::error("Restarting sgx on status errStatus... {} {}", status, errStatus); \
reinitEnclave(); \
spdlog::error("Exiting sgx on status errStatus... {} {}", status, errStatus); \
safeExit(); \
} \
} while ((status != SGX_SUCCESS || errStatus == 3) && __ATTEMPTS__ < 2);
......@@ -133,10 +133,9 @@ reinitEnclave(); \
if (status != SGX_SUCCESS || *errStatus == 3) { \
spdlog::error(__FUNCTION__);\
spdlog::error("Restarting sgx on status errStatus... {} {}", status, *errStatus); \
reinitEnclave(); \
safeExit(); \
} \
} while ((status != SGX_SUCCESS || *errStatus == 3) && __ATTEMPTS__ < 2);
#endif //SGXWALLET_SGXWALLET_COMMON_H
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment