Merge pull request #108 from skalenetwork/bug/SKALE-2678-SGX-BLS

Bug/skale 2678 sgx bls

Merge pull request #108 from skalenetwork/bug/SKALE-2678-SGX-BLS
Bug/skale 2678 sgx bls
5b71e0f4 · Stan Kladko · GitHub · baaf17c7 · 8f22f909 · 5b71e0f4
Unverified Commit 5b71e0f4 authored Jun 16, 2020 by Stan Kladko Committed by GitHub Jun 16, 2020
9 changed files
--- a/Makefile.am
+++ b/Makefile.am
@@ -71,10 +71,10 @@ COMMON_SRC = InvalidStateException.cpp  Exception.cpp InvalidArgumentException.c
             ECDSACrypto.cpp \
             DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp \
             sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c \
-             ECDSAImpl.c
+             ECDSAImpl.c TestUtils.cpp sgxwallet.c
 COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h
-sgxwallet_SOURCES = sgxwallet.c  $(COMMON_SRC)
+sgxwallet_SOURCES = sgxwall.cpp $(COMMON_SRC)
 nodist_sgxwallet_SOURCES = $(COMMON_ENCLAVE_SRC)

--- a/ServerInit.cpp
+++ b/ServerInit.cpp
@@ -100,11 +100,12 @@ void initEnclave(uint32_t _logLevel) {
 }
 void initAll(uint32_t  _logLevel, bool _checkCert, bool _autoSign) {
-    static int sgxServerInited;
+    static atomic<int> sgxServerInited(0);
    cout << "Running sgxwallet version:" << SGXWalletServer::getVersion() << endl;
-    CHECK_STATE(sgxServerInited == 0)
+    CHECK_STATE(sgxServerInited != 1)
    sgxServerInited = 1;
    initEnclave(_logLevel);
    initUserSpace();

--- a/TestUtils.cpp
+++ b/TestUtils.cpp
--- a/TestUtils.h
+++ b/TestUtils.h
+//
+// Created by kladko on 06.05.20.
+//
+#ifndef SGXWALLET_TESTUTILS_H
+#define SGXWALLET_TESTUTILS_H
+#include <libff/algebra/fields/fp.hpp>
+#include <dkg/dkg.h>
+#include <jsonrpccpp/server/connectors/httpserver.h>
+#include <libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp>
+#include <libff/algebra/exponentiation/exponentiation.hpp>
+#include <libff/algebra/fields/fp.hpp>
+#include <dkg/dkg.h>
+#include "sgxwallet_common.h"
+#include "create_enclave.h"
+#include "secure_enclave_u.h"
+#include "sgx_detect.h"
+#include <gmp.h>
+#include <sgx_urts.h>
+#include <stdio.h>
+#include <jsonrpccpp/client/connectors/httpclient.h>
+#include <sgx_tcrypto.h>
+#include "stubclient.h"
+#include <jsonrpccpp/server/connectors/httpserver.h>
+#include "abstractstubserver.h"
+using namespace std;
+using namespace jsonrpc;
+class TestUtils {
+public:
+    static default_random_engine randGen;
+    static string stringFromFr(libff::alt_bn128_Fr &el);
+    static string convertDecToHex(string dec, int numBytes = 32);
+    static void genTestKeys();
+    static void resetDB();
+    static shared_ptr<string> encryptTestKey();
+    static vector <libff::alt_bn128_Fr> splitStringToFr(const char *coeffs, const char symbol);
+    static vector <string> splitStringTest(const char *coeffs, const char symbol);
+    static libff::alt_bn128_G2 vectStringToG2(const vector <string> &G2_str_vect);
+    static void sendRPCRequest();
+    static void destroyEnclave();
+    static void doDKG(StubClient &c, int n, int t,
+                                 vector<string>& _ecdsaKeyNames, vector<string>& _blsKeyNames,
+                                 int schainID, int dkgID);
+};
+#endif //SGXWALLET_TESTW_H
--- a/sgxwall.cpp
+++ b/sgxwall.cpp
+/*
+Modifications Copyright (C) 2019 SKALE Labs
+Copyright 2018 Intel Corporation
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+1. Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+notice, this list of conditions and the following disclaimer in the
+documentation and/or other materials provided with the distribution.
+3. Neither the name of the copyright holder nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+#include <stdbool.h>
+#include "BLSCrypto.h"
+#include "ServerInit.h"
+#include "SEKManager.h"
+#include "SGXWalletServer.h"
+#include <fstream>
+#include "TestUtils.h"
+#include "testw.h"
+#include "sgxwall.h"
+#include "sgxwallet.h"
+void SGXWallet::usage() {
+    cerr << "usage: sgxwallet\n";
+    exit(1);
+}
+void SGXWallet::printUsage() {
+    cerr << "Available flags:\n";
+    cerr << "-c  do not verify client certificate\n";
+    cerr << "-s  sign client certificate without human confirmation \n";
+    cerr << "-d  turn on debug output\n";
+    cerr << "-v  verbose mode: turn on debug output\n";
+    cerr << "-vv  detailed verbose mode: turn on debug and trace outputs\n";
+    cerr << "-n  launch SGXWalletServer using http (not https)\n";
+    cerr << "-b  Restore from back up (you will need to enter backup key) \n";
+    cerr << "-y  Do not ask user to acknowledge receipt of backup key \n";
+}
+enum log_level {L_TRACE = 0, L_DEBUG = 1, L_INFO = 2,L_WARNING = 3,  L_ERROR = 4 };
+void SGXWallet::serializeKeys(vector<string>& _ecdsaKeyNames, vector<string>& _blsKeyNames, string _fileName) {
+    Json::Value top(Json::objectValue);
+    Json::Value ecdsaKeysJson(Json::objectValue);
+    Json::Value blsKeysJson(Json::objectValue);
+    for (uint i = 0; i < _ecdsaKeyNames.size(); i++) {
+        auto key = to_string(i + 1);
+        ecdsaKeysJson[key] = _ecdsaKeyNames[i];
+        blsKeysJson[key] = _blsKeyNames[i];
+    }
+    top["ecdsaKeyNames"] = ecdsaKeysJson;
+    top["blsKeyNames"] = blsKeysJson;
+    ofstream fs;
+    fs.open(_fileName);
+    fs << top;
+    fs.close();
+}
+int main(int argc, char *argv[]) {
+    bool encryptKeysOption  = false;
+    bool useHTTPSOption = true;
+    bool printDebugInfoOption = false;
+    bool printTraceInfoOption = false;
+    bool autoconfirmOption = false;
+    bool checkClientCertOption = true;
+    bool autoSignClientCertOption = false;
+    bool generateTestKeys = false;
+    int opt;
+    if (argc > 1 && strlen(argv[1]) == 1) {
+        SGXWallet::printUsage();
+        exit(1);
+    }
+    while ((opt = getopt(argc, argv, "cshd0abyvVnT")) != -1) {
+        switch (opt) {
+            case 'h':
+                SGXWallet::printUsage();
+                exit(0);
+            case 'c':
+                checkClientCertOption = false;
+                break;
+            case 's':
+                autoSignClientCertOption = true;
+                break;
+            case 'd':
+                printDebugInfoOption = true;
+                break;
+            case 'v':
+                printDebugInfoOption = true;
+                break;
+            case 'V':
+                printDebugInfoOption = true;
+                printTraceInfoOption = true;
+                break;
+            case '0':
+                useHTTPSOption = false;
+                break;
+            case 'n':
+                useHTTPSOption = false;
+                break;                
+            case 'a':
+                encryptKeysOption = false;
+                break;
+            case 'b':
+                encryptKeysOption = true;
+                break;
+            case 'y':
+                autoconfirmOption = true;
+                break;
+            case 'T':
+                generateTestKeys = true;
+                break;
+            default:
+                SGXWallet::printUsage();
+                exit(1);
+                break;
+        }
+    }
+    setFullOptions(printDebugInfoOption, printTraceInfoOption, useHTTPSOption, autoconfirmOption, encryptKeysOption);
+    uint32_t enclaveLogLevel = L_INFO;
+    if (printTraceInfoOption) {
+        enclaveLogLevel = L_TRACE;
+    } else if (printDebugInfoOption) {
+        enclaveLogLevel = L_DEBUG;
+    }
+    initAll(enclaveLogLevel, checkClientCertOption, autoSignClientCertOption);
+    if (generateTestKeys) {
+        cerr << "Generating test keys ..." << endl;
+        HttpClient client(RPC_ENDPOINT);
+        StubClient c(client, JSONRPC_CLIENT_V2);
+        vector<string> ecdsaKeyNames;
+        vector<string> blsKeyNames;
+        int schainID = 1;
+        int dkgID = 1;
+        TestUtils::doDKG(c, 4, 1, ecdsaKeyNames, blsKeyNames, schainID, dkgID);
+        SGXWallet::serializeKeys(ecdsaKeyNames, blsKeyNames, "sgx_data/4node.json");
+        schainID = 2;
+        dkgID = 2;
+        TestUtils::doDKG(c, 16, 5, ecdsaKeyNames, blsKeyNames, schainID, dkgID);
+        SGXWallet::serializeKeys(ecdsaKeyNames, blsKeyNames, "sgx_data/16node.json");
+        cerr << "Successfully completed generating test keys into sgx_data" << endl;
+    }
+    while (true) {
+        sleep(10);
+    }
+    return 0;
+}
--- a/sgxwall.h
+++ b/sgxwall.h
+/*
+Modifications Copyright (C) 2019 SKALE Labs
+Copyright 2018 Intel Corporation
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+1. Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+notice, this list of conditions and the following disclaimer in the
+documentation and/or other materials provided with the distribution.
+3. Neither the name of the copyright holder nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+class SGXWallet {
+public:
+    static void usage();
+    static void printUsage();
+    static void serializeKeys(
+            vector<string>& _ecdsaKeyNames, vector<string>& _blsKeyNames, string _fileName);
+};
\ No newline at end of file
--- a/sgxwallet.c
+++ b/sgxwallet.c
@@ -33,114 +33,9 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
-#include <stdbool.h>
-#include "BLSCrypto.h"
-#include "ServerInit.h"
-#include "SEKManager.h"
-#include "SGXWalletServer.h"
 #include "sgxwallet.h"
-void usage() {
-    fprintf(stderr, "usage: sgxwallet\n");
-    exit(1);
-}
 sgx_launch_token_t token = {0};
 sgx_enclave_id_t eid;
 sgx_status_t status;
 int updated;
\ No newline at end of file
-void printUsage() {
-    fprintf(stderr, "Available flags:\n");
-    fprintf(stderr, "-c  do not verify client certificate\n");
-    fprintf(stderr, "-s  sign client certificate without human confirmation \n");
-    fprintf(stderr, "-d  turn on debug output\n");
-    fprintf(stderr, "-v  verbose mode: turn on debug output\n");
-    fprintf(stderr, "-vv  detailed verbose mode: turn on debug and trace outputs\n");
-    fprintf(stderr, "-n  launch SGXWalletServer using http (not https)\n");
-    fprintf(stderr, "-b  Restore from back up (you will need to enter backup key) \n");
-    fprintf(stderr, "-y  Do not ask user to acknowledge receipt of backup key \n");
-}
-enum log_level {L_TRACE = 0, L_DEBUG = 1, L_INFO = 2,L_WARNING = 3,  L_ERROR = 4 };
-int main(int argc, char *argv[]) {
-    bool encryptKeysOption  = false;
-    bool useHTTPSOption = true;
-    bool printDebugInfoOption = false;
-    bool printTraceInfoOption = false;
-    bool autoconfirmOption = false;
-    bool checkClientCertOption = true;
-    bool autoSignClientCertOption = false;
-    int opt;
-    if (argc > 1 && strlen(argv[1]) == 1) {
-        printUsage();
-        exit(1);
-    }
-    while ((opt = getopt(argc, argv, "cshd0abyvVn")) != -1) {
-        switch (opt) {
-            case 'h':
-                printUsage();
-                exit(0);
-            case 'c':
-                checkClientCertOption = false;
-                break;
-            case 's':
-                autoSignClientCertOption = true;
-                break;
-            case 'd':
-                printDebugInfoOption = true;
-                break;
-            case 'v':
-                printDebugInfoOption = true;
-                break;
-            case 'V':
-                printDebugInfoOption = true;
-                printTraceInfoOption = true;
-                break;
-            case '0':
-                useHTTPSOption = false;
-                break;
-            case 'n':
-                useHTTPSOption = false;
-                break;                
-            case 'a':
-                encryptKeysOption = false;
-                break;
-            case 'b':
-                encryptKeysOption = true;
-                break;
-            case 'y':
-                autoconfirmOption = true;
-                break;
-            default:
-                printUsage();
-                exit(1);
-                break;
-        }
-    }
-    setFullOptions(printDebugInfoOption, printTraceInfoOption, useHTTPSOption, autoconfirmOption, encryptKeysOption);
-    uint32_t enclaveLogLevel = L_INFO;
-    if (printTraceInfoOption) {
-        enclaveLogLevel = L_TRACE;
-    } else if (printDebugInfoOption) {
-        enclaveLogLevel = L_DEBUG;
-    }
-    initAll(enclaveLogLevel, checkClientCertOption, autoSignClientCertOption);
-    while (true) {
-        sleep(10);
-    }
-    return 0;
-}
--- a/testw.cpp
+++ b/testw.cpp
--- a/testw.h
+++ b/testw.h
@@ -24,5 +24,7 @@
 //openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr^
 #define SAMPLE_CSR_FILE_NAME "samples/yourdomain.csr"
+#define ECDSA_KEY_NAME_SIZE 68
 #endif //SGXWALLET_TESTW_H