SKALE-4411 add new function to http server

SGXWalletServer.cpp

@@ -985,20 +985,20 @@ SGXWalletServer::createBLSPrivateKeyV2Impl(const string &_blsKeyName, const stri
     RETURN_SUCCESS(result);
 }
 
-Json::Value SGXWalletServer::getDecryptionShareImpl(const std::string& teKeyName, const std::string& publicDecryptionValue) {
+Json::Value SGXWalletServer::getDecryptionShareImpl(const std::string& blsKeyName, const std::string& publicDecryptionValue) {
     spdlog::info("Entering {}", __FUNCTION__);
     INIT_RESULT(result)
 
     try {
-        if (!checkName(teKeyName, "BLS_KEY")) {
+        if (!checkName(blsKeyName, "BLS_KEY")) {
             throw SGXException(BLS_SIGN_INVALID_KS_NAME, string(__FUNCTION__) + ":Invalid BLSKey name");
         }
 
-        shared_ptr<string> encryptedKeyHex_ptr = readFromDb(teKeyName);
+        shared_ptr<string> encryptedKeyHex_ptr = readFromDb(blsKeyName);
 
         vector<string> decryptionValueVector = calculateDecryptionShare(encryptedKeyHex_ptr->c_str(), publicDecryptionValue);
         for (uint8_t i = 0; i < 4; ++i) {
-            result["decryptionValue"][i] = decryptionValueVector.at(i);
+            result["decryptionShare"][i] = decryptionValueVector.at(i);
         }
     } HANDLE_SGX_EXCEPTION(result)
 
@@ -1105,8 +1105,8 @@ SGXWalletServer::createBLSPrivateKeyV2(const string &blsKeyName, const string &e
     return createBLSPrivateKeyV2Impl(blsKeyName, ethKeyName, polyName, SecretShare, t, n);
 }
 
-Json::Value SGXWalletServer::getDecryptionShare(const std::string& teKeyName, const std::string& publicDecryptionValue) {
-    return getDecryptionShareImpl(teKeyName, publicDecryptionValue);
+Json::Value SGXWalletServer::getDecryptionShare(const std::string& blsKeyName, const std::string& publicDecryptionValue) {
+    return getDecryptionShareImpl(blsKeyName, publicDecryptionValue);
 }
 
 shared_ptr <string> SGXWalletServer::readFromDb(const string &name, const string &prefix) {

SGXWalletServer.hpp

@@ -176,7 +176,7 @@ public:
 
     static Json::Value createBLSPrivateKeyV2Impl(const std::string& blsKeyName, const std::string& ethKeyName, const std::string& polyName, const std::string & SecretShare, int t, int n);
 
-    static Json::Value getDecryptionShareImpl(const std::string& teKeyName, const std::string& publicDecryptionValue);
+    static Json::Value getDecryptionShareImpl(const std::string& KeyName, const std::string& publicDecryptionValue);
 
     static void printDB();
 

TECrypto.cpp

@@ -34,12 +34,11 @@
 #include "common.h"
 #include "SGXWalletServer.h"
 
-#include "SEKManager.h"
-#include "LevelDB.h"
-#include "ServerInit.h"
 #include "TECrypto.h"
 #include "CryptoTools.h"
 
+#include <bls/BLSutils.h>
+
 vector<string> calculateDecryptionShare(const string& encryptedKeyShare,
                                         const string& publicDecryptionValue) {
     size_t sz = 0;
@@ -51,4 +50,21 @@ vector<string> calculateDecryptionShare(const string& encryptedKeyShare,
     if (!result) {
         BOOST_THROW_EXCEPTION(invalid_argument("Invalid hex encrypted key"));
     }
+
+    SAFE_CHAR_BUF(decryptionShare, BUF_LEN)
+
+    vector<char> errMsg(BUF_LEN, 0);
+
+    int errStatus = 0;
+
+    sgx_status_t status = SGX_SUCCESS;
+
+    status = trustedGetDecryptionShare(eid, &errStatus, errMsg.data(), encryptedKey,
+                                    publicDecryptionValue.data(), sz, decryptionShare);
+
+    HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg.data());
+
+    auto splitted_share = BLSutils::SplitString(std::make_shared<std::string>(decryptionShare), ":");
+
+    return *splitted_share;
 }
\ No newline at end of file

abstractstubserver.h

@@ -63,7 +63,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
           this->bindAndAddMethod(jsonrpc::Procedure("dkgVerificationV2", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "publicShares",jsonrpc::JSON_STRING, "ethKeyName",jsonrpc::JSON_STRING, "secretShare",jsonrpc::JSON_STRING,"t",jsonrpc::JSON_INTEGER, "n",jsonrpc::JSON_INTEGER, "index",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::dkgVerificationV2I);
           this->bindAndAddMethod(jsonrpc::Procedure("createBLSPrivateKeyV2", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "blsKeyName",jsonrpc::JSON_STRING, "ethKeyName",jsonrpc::JSON_STRING, "polyName", jsonrpc::JSON_STRING, "secretShare",jsonrpc::JSON_STRING,"t", jsonrpc::JSON_INTEGER,"n",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::createBLSPrivateKeyV2I);
 
-          this->bindAndAddMethod(jsonrpc::Procedure("getDecryptionShare", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "teKeyName",jsonrpc::JSON_STRING,"publicDecryptionValue",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::getDecryptionShareI);
+          this->bindAndAddMethod(jsonrpc::Procedure("getDecryptionShare", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "blsKeyName",jsonrpc::JSON_STRING,"publicDecryptionValue",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::getDecryptionShareI);
         }
 
         inline virtual void importBLSKeyShareI(const Json::Value &request, Json::Value &response)
@@ -165,7 +165,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
 
         inline virtual void getDecryptionShareI(const Json::Value &request, Json::Value &response)
         {
-            response = this->getDecryptionShare(request["teKeyName"].asString(), request["publicDecryptionValue"].asString());
+            response = this->getDecryptionShare(request["blsKeyName"].asString(), request["publicDecryptionValue"].asString());
         }
 
         virtual Json::Value importBLSKeyShare(const std::string& keyShare, const std::string& keyShareName) = 0;
@@ -194,7 +194,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
         virtual Json::Value dkgVerificationV2( const std::string& publicShares, const std::string& ethKeyName, const std::string& SecretShare, int t, int n, int index) = 0;
         virtual Json::Value createBLSPrivateKeyV2(const std::string& blsKeyName, const std::string& ethKeyName, const std::string& polyName, const std::string & SecretShare, int t, int n) = 0;
         
-        virtual Json::Value getDecryptionShare(const std::string& teKeyName, const std::string& publicDecryptionValue) = 0;
+        virtual Json::Value getDecryptionShare(const std::string& KeyName, const std::string& publicDecryptionValue) = 0;
 };
 
 #endif //JSONRPC_CPP_STUB_ABSTRACTSTUBSERVER_H_

secure_enclave/Makefile.am

@@ -84,7 +84,7 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h
 secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
 	secure_enclave.c \
 	Curves.c  NumberTheory.c Point.c Signature.c DHDkg.c AESUtils.c \
-    DKGUtils.cpp   EnclaveCommon.cpp  DomainParameters.cpp ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
+    DKGUtils.cpp  TEUtils.cpp EnclaveCommon.cpp  DomainParameters.cpp ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
                 ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
                 ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
 

secure_enclave/Makefile.in

-# Makefile.in generated by automake 1.15.1 from Makefile.am.
+# Makefile.in generated by automake 1.16.1 from Makefile.am.
 # @configure_input@
 
-# Copyright (C) 1994-2017 Free Software Foundation, Inc.
+# Copyright (C) 1994-2018 Free Software Foundation, Inc.
 
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -110,9 +110,10 @@ am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \
 	secure_enclave.$(OBJEXT) Curves.$(OBJEXT) \
 	NumberTheory.$(OBJEXT) Point.$(OBJEXT) Signature.$(OBJEXT) \
 	DHDkg.$(OBJEXT) AESUtils.$(OBJEXT) DKGUtils.$(OBJEXT) \
-	EnclaveCommon.$(OBJEXT) DomainParameters.$(OBJEXT) \
-	alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \
-	alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1)
+	TEUtils.$(OBJEXT) EnclaveCommon.$(OBJEXT) \
+	DomainParameters.$(OBJEXT) alt_bn128_init.$(OBJEXT) \
+	alt_bn128_g2.$(OBJEXT) alt_bn128_g1.$(OBJEXT) $(am__objects_1) \
+	$(am__objects_1)
 secure_enclave_OBJECTS = $(am_secure_enclave_OBJECTS)
 secure_enclave_DEPENDENCIES =
 @ENCLAVE_RELEASE_SIGN_FALSE@nodist_signed_enclave_debug_OBJECTS =  \
@@ -137,7 +138,17 @@ am__v_at_0 = @
 am__v_at_1 = 
 DEFAULT_INCLUDES = -I.@am__isrc@
 depcomp = $(SHELL) $(top_srcdir)/depcomp
-am__depfiles_maybe = depfiles
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/AESUtils.Po ./$(DEPDIR)/Curves.Po \
+	./$(DEPDIR)/DHDkg.Po ./$(DEPDIR)/DKGUtils.Po \
+	./$(DEPDIR)/DomainParameters.Po ./$(DEPDIR)/EnclaveCommon.Po \
+	./$(DEPDIR)/NumberTheory.Po ./$(DEPDIR)/Point.Po \
+	./$(DEPDIR)/Signature.Po ./$(DEPDIR)/TEUtils.Po \
+	./$(DEPDIR)/alt_bn128_g1.Po ./$(DEPDIR)/alt_bn128_g2.Po \
+	./$(DEPDIR)/alt_bn128_init.Po ./$(DEPDIR)/secure_enclave.Po \
+	./$(DEPDIR)/secure_enclave_t.Po \
+	./$(DEPDIR)/signed_enclave_debug.Po \
+	./$(DEPDIR)/signed_enclave_rel.Po
 am__mv = mv -f
 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
@@ -338,7 +349,7 @@ ENCLAVE_KEY = test_insecure_private_key.pem       #$(ENCLAVE)_private.pem
 secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
 	secure_enclave.c \
 	Curves.c  NumberTheory.c Point.c Signature.c DHDkg.c AESUtils.c \
-    DKGUtils.cpp   EnclaveCommon.cpp  DomainParameters.cpp ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
+    DKGUtils.cpp  TEUtils.cpp EnclaveCommon.cpp  DomainParameters.cpp ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
                 ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
                 ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
 
@@ -365,8 +376,8 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
 	  *config.status*) \
 	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
 	  *) \
-	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
-	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
 	esac;
 $(top_srcdir)/build-aux/sgx_enclave.am $(am__empty):
 
@@ -431,22 +442,29 @@ mostlyclean-compile:
 distclean-compile:
 	-rm -f *.tab.c
 
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/AESUtils.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Curves.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DHDkg.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DomainParameters.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/EnclaveCommon.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/NumberTheory.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Point.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Signature.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/AESUtils.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Curves.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DHDkg.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DomainParameters.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/EnclaveCommon.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/NumberTheory.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Point.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Signature.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/TEUtils.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
 
 .c.o:
 @am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -570,7 +588,10 @@ cscopelist-am: $(am__tagged_files)
 distclean-tags:
 	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
 
-distdir: $(DISTFILES)
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
 	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
 	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
 	list='$(DISTFILES)'; \
@@ -643,7 +664,23 @@ clean: clean-am
 clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am
 
 distclean: distclean-am
-	-rm -rf ./$(DEPDIR)
+		-rm -f ./$(DEPDIR)/AESUtils.Po
+	-rm -f ./$(DEPDIR)/Curves.Po
+	-rm -f ./$(DEPDIR)/DHDkg.Po
+	-rm -f ./$(DEPDIR)/DKGUtils.Po
+	-rm -f ./$(DEPDIR)/DomainParameters.Po
+	-rm -f ./$(DEPDIR)/EnclaveCommon.Po
+	-rm -f ./$(DEPDIR)/NumberTheory.Po
+	-rm -f ./$(DEPDIR)/Point.Po
+	-rm -f ./$(DEPDIR)/Signature.Po
+	-rm -f ./$(DEPDIR)/TEUtils.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_g2.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_init.Po
+	-rm -f ./$(DEPDIR)/secure_enclave.Po
+	-rm -f ./$(DEPDIR)/secure_enclave_t.Po
+	-rm -f ./$(DEPDIR)/signed_enclave_debug.Po
+	-rm -f ./$(DEPDIR)/signed_enclave_rel.Po
 	-rm -f Makefile
 distclean-am: clean-am distclean-compile distclean-generic \
 	distclean-tags
@@ -689,7 +726,23 @@ install-ps-am:
 installcheck-am:
 
 maintainer-clean: maintainer-clean-am
-	-rm -rf ./$(DEPDIR)
+		-rm -f ./$(DEPDIR)/AESUtils.Po
+	-rm -f ./$(DEPDIR)/Curves.Po
+	-rm -f ./$(DEPDIR)/DHDkg.Po
+	-rm -f ./$(DEPDIR)/DKGUtils.Po
+	-rm -f ./$(DEPDIR)/DomainParameters.Po
+	-rm -f ./$(DEPDIR)/EnclaveCommon.Po
+	-rm -f ./$(DEPDIR)/NumberTheory.Po
+	-rm -f ./$(DEPDIR)/Point.Po
+	-rm -f ./$(DEPDIR)/Signature.Po
+	-rm -f ./$(DEPDIR)/TEUtils.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_g2.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_init.Po
+	-rm -f ./$(DEPDIR)/secure_enclave.Po
+	-rm -f ./$(DEPDIR)/secure_enclave_t.Po
+	-rm -f ./$(DEPDIR)/signed_enclave_debug.Po
+	-rm -f ./$(DEPDIR)/signed_enclave_rel.Po
 	-rm -f Makefile
 maintainer-clean-am: distclean-am maintainer-clean-generic
 
@@ -709,19 +762,19 @@ uninstall-am: uninstall-libexecPROGRAMS
 
 .MAKE: install-am install-strip
 
-.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
-	clean-libexecPROGRAMS cscopelist-am ctags ctags-am distclean \
-	distclean-compile distclean-generic distclean-tags distdir dvi \
-	dvi-am html html-am info info-am install install-am \
-	install-data install-data-am install-dvi install-dvi-am \
-	install-exec install-exec-am install-html install-html-am \
-	install-info install-info-am install-libexecPROGRAMS \
-	install-man install-pdf install-pdf-am install-ps \
-	install-ps-am install-strip installcheck installcheck-am \
-	installdirs maintainer-clean maintainer-clean-generic \
-	mostlyclean mostlyclean-compile mostlyclean-generic pdf pdf-am \
-	ps ps-am tags tags-am uninstall uninstall-am \
-	uninstall-libexecPROGRAMS
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libexecPROGRAMS cscopelist-am ctags \
+	ctags-am distclean distclean-compile distclean-generic \
+	distclean-tags distdir dvi dvi-am html html-am info info-am \
+	install install-am install-data install-data-am install-dvi \
+	install-dvi-am install-exec install-exec-am install-html \
+	install-html-am install-info install-info-am \
+	install-libexecPROGRAMS install-man install-pdf install-pdf-am \
+	install-ps install-ps-am install-strip installcheck \
+	installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \
+	uninstall-am uninstall-libexecPROGRAMS
 
 .PRECIOUS: Makefile
 

secure_enclave/TEUtils.cpp

@@ -37,6 +37,175 @@
 #include <../tgmp-build/include/sgx_tgmp.h>
 #endif
 
-EXTERNC int getDecryptionShare( char* secret, unsigned _t);
+#include <cstdio>
+#include <stdio.h>
+#include <string>
+#include <vector>
+
+#include <../SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp>
+#include <../SCIPR/libff/algebra/fields/fp.hpp>
+
+#include <../SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_g2.hpp>
+
+#include "EnclaveConstants.h"
+#include "EnclaveCommon.h"
+#include "TEUtils.h"
+
+template<class T>
+std::string fieldElementToString(const T &field_elem, int base = 10) {
+
+    std::string ret;
+
+    mpz_t t;
+    mpz_init(t);
+
+    try {
+
+        field_elem.as_bigint().to_mpz(t);
+
+        SAFE_CHAR_BUF(arr, BUF_LEN);
+
+        char *tmp = mpz_get_str(arr, base, t);
+
+        ret = std::string(tmp);
+
+        goto clean;
+
+    } catch (std::exception &e) {
+        LOG_ERROR(e.what());
+        goto clean;
+    } catch (...) {
+        LOG_ERROR("Unknown throwable");
+        goto clean;
+    }
+
+    clean:
+    mpz_clear(t);
+    return ret;
+}
+
+std::string ConvertG2ElementToString(const libff::alt_bn128_G2 &elem, int base = 10, const std::string &delim = ":") {
+
+    std::string result = "";
+
+    try {
+
+        result += fieldElementToString(elem.X.c0);
+        result += delim;
+        result += fieldElementToString(elem.X.c1);
+        result += delim;
+        result += fieldElementToString(elem.Y.c0);
+        result += delim;
+        result += fieldElementToString(elem.Y.c1);
+
+        return result;
+
+    } catch (std::exception &e) {
+        LOG_ERROR(e.what());
+        return result;
+    } catch (...) {
+        LOG_ERROR("Unknown throwable");
+        return result;
+    }
+
+    return result;
+}
+
+std::vector <libff::alt_bn128_Fq> SplitStringToFq(const char *coeffs, const char symbol) {
+    std::vector <libff::alt_bn128_Fq > result;
+    std::string str(coeffs);
+    std::string delim;
+
+    CHECK_ARG_CLEAN(coeffs);
+
+    try {
+
+        delim.push_back(symbol);
+
+        size_t prev = 0, pos = 0;
+        do {
+            pos = str.find(delim, prev);
+            if (pos == std::string::npos) pos = str.length();
+            std::string token = str.substr(prev, pos - prev);
+            if (!token.empty()) {
+                libff::alt_bn128_Fq coeff(token.c_str());
+                result.push_back(coeff);
+            }
+            prev = pos + delim.length();
+        } while (pos < str.length() && prev < str.length());
+
+        return result;
+
+    } catch (std::exception &e) {
+        LOG_ERROR(e.what());
+        return result;
+    } catch (...) {
+        LOG_ERROR("Unknown throwable");
+        return result;
+    }
+
+    clean:
+    return result;
+}
+
+EXTERNC int getDecryptionShare(char* skey_hex, char* decryptionValue, char* decryption_share) {
+    mpz_t skey;
+    mpz_init(skey);
+
+    int ret = 1;
+
+    CHECK_ARG_CLEAN(skey_hex);
+    CHECK_ARG_CLEAN(decryptionValue);
+    CHECK_ARG_CLEAN(decryption_share);
+
+    try {
+        if (mpz_set_str(skey, skey_hex, 16) == -1) {
+            mpz_clear(skey);
+            return 1;
+        }
+
+        char skey_dec[mpz_sizeinbase(skey, 10) + 2];
+        mpz_get_str(skey_dec, 10, skey);
+
+        libff::alt_bn128_Fr bls_skey(skey_dec);
+
+        auto splitted_decryption_value = SplitStringToFq(decryptionValue, ':');
+
+        libff::alt_bn128_G2 decryption_value;
+        decryption_value.Z = libff::alt_bn128_Fq2::one();
+
+        decryption_value.X.c0 = splitted_decryption_value[0];
+        decryption_value.X.c1 = splitted_decryption_value[1];
+        decryption_value.Y.c0 = splitted_decryption_value[2];
+        decryption_value.Y.c1 = splitted_decryption_value[3];
+
+        if ( !decryption_value.is_well_formed() ) {
+            mpz_clear(skey);
+            return 1;
+        }
+
+        libff::alt_bn128_G2 decryption_share_point = bls_skey * decryption_value;
+        decryption_share_point.to_affine_coordinates();
+
+        std::string result = ConvertG2ElementToString(decryption_share_point);
+
+        strncpy(decryption_share, result.c_str(), result.length());
+
+        mpz_clear(skey);
+
+        return 0;
+
+    } catch (std::exception &e) {
+        LOG_ERROR(e.what());
+        return 1;
+    } catch (...) {
+        LOG_ERROR("Unknown throwable");
+        return 1;
+    }
+
+    clean:
+    mpz_clear(skey);
+    return ret;
+}
 
 #endif

secure_enclave/TEUtils.h

@@ -37,6 +37,6 @@
 #include <../tgmp-build/include/sgx_tgmp.h>
 #endif
 
-EXTERNC int getDecryptionShare(char* secret, unsigned _t);
+EXTERNC int getDecryptionShare(char* secret, char* decryptionValue, char* decryption_share);
 
 #endif

secure_enclave/secure_enclave.c

@@ -54,6 +54,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #include "Curves.h"
 #include "DHDkg.h"
 #include "AESUtils.h"
+#include "TEUtils.h"
 
 #include "EnclaveConstants.h"
 #include "EnclaveCommon.h"
@@ -1368,3 +1369,35 @@ trustedGetBlsPubKey(int *errStatus, char *errString, uint8_t *encryptedPrivateKe
     clean:
     ;
 }
+
+void trustedGetDecryptionShare( int *errStatus, char* errString, uint8_t* encryptedPrivateKey,
+                                const char* public_decryption_value, uint64_t key_len,
+                                char* decryption_share ) {
+    LOG_DEBUG(__FUNCTION__);
+
+    INIT_ERROR_STATE
+
+    CHECK_STATE(decryption_share);
+    CHECK_STATE(encryptedPrivateKey);
+
+    SAFE_CHAR_BUF(skey_hex, BUF_LEN);
+
+    uint8_t type = 0;
+    uint8_t exportable = 0;
+
+    int status = AES_decrypt(encryptedPrivateKey, key_len, skey_hex, BUF_LEN,
+                             &type, &exportable);
+
+    CHECK_STATUS2("AES decrypt failed %d");
+
+    skey_hex[ECDSA_SKEY_LEN - 1] = 0;
+
+    status = getDecryptionShare(skey_hex, public_decryption_value, decryption_share);
+
+    CHECK_STATUS("could not calculate decryption share");
+
+    SET_SUCCESS
+
+    clean:
+    ;
+}

secure_enclave/secure_enclave.edl

@@ -178,6 +178,14 @@ enclave {
                                 [in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
                                 uint64_t key_len,
                                 [out, count = 320] char* bls_pub_key);
+        
+        public void trustedGetDecryptionShare(
+                                [out]int *errStatus,
+                                [out, count = SMALL_BUF_SIZE] char* err_string,
+                                [in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
+                                [in, count = 320] const char* public_decryption_value,
+                                uint64_t key_len,
+                                [out, count = 320] char* decrption_share);
 	};
 
 	untrusted {

stubclient.h

@@ -214,6 +214,19 @@ class StubClient : public jsonrpc::Client
                 throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
         }
 
+        Json::Value getDecryptionShare(const std::string& blsKeyName, const std::string& publicDecryptionValue) 
+        {
+            Json::Value p;
+            p["blsKeyName"] = blsKeyName;
+            p["publicDecryptionValue"] = publicDecryptionValue;
+
+            Json::Value result = this->CallMethod("getDecryptionShare",p);
+            if (result.isObject())
+                return result;
+            else
+                throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
+        }
+
         Json::Value calculateAllBLSPublicKeys(const Json::Value& publicShares, int t, int n)
         {
             Json::Value p;

testw.cpp

@@ -1183,6 +1183,38 @@ TEST_CASE_METHOD(TestFixtureNoReset, "Second run", "[second-run]") {
     }
 }
 
+TEST_CASE_METHOD(TestFixture, "Test decryption share for threshold encryption", "[te-decryption-share]") {
+    // auto client = make_shared<ZMQClient>(ZMQ_IP, ZMQ_PORT, true, "./sgx_data/cert_data/rootCA.pem",
+    //                                      "./sgx_data/cert_data/rootCA.key");
+
+    HttpClient client(RPC_ENDPOINT);
+    StubClient c(client, JSONRPC_CLIENT_V2);
+
+    std::string key_str = "0xe632f7fde2c90a073ec43eaa90dca7b82476bf28815450a11191484934b9c3f";
+    std::string name = "BLS_KEY:SCHAIN_ID:123456789:NODE_ID:0:DKG_ID:0";
+    auto response = c.importBLSKeyShare(key_str, name);
+
+    // the same key writtn in decimal
+    libff::alt_bn128_Fr key = libff::alt_bn128_Fr(
+            "6507625568967977077291849236396320012317305261598035438182864059942098934847");
+
+    libff::alt_bn128_G2 decryption_value = libff::alt_bn128_G2::random_element();
+    decryption_value.to_affine_coordinates();
+
+    auto decrytion_value_str = convertG2ToString( decryption_value, ':' );
+    auto decryption_share = c.getDecryptionShare( name, decrytion_value_str )["decryptionShare"];
+
+    libff::alt_bn128_G2 share;
+    share.Z = libff::alt_bn128_Fq2::one();
+
+    share.X.c0 = libff::alt_bn128_Fq( decryption_share[0].asCString() );
+    share.X.c1 = libff::alt_bn128_Fq( decryption_share[1].asCString() );
+    share.Y.c0 = libff::alt_bn128_Fq( decryption_share[2].asCString() );
+    share.Y.c1 = libff::alt_bn128_Fq( decryption_share[3].asCString() );
+
+    REQUIRE( share == key * decryption_value );
+}
+
 TEST_CASE_METHOD(TestFixtureZMQSign, "ZMQ-ecdsa", "[zmq-ecdsa]") {
 
     HttpClient htp(RPC_ENDPOINT);

testw.py

@@ -62,7 +62,8 @@ testList = [ "[zmq-ecdsa]",
              "[dkg-aes-pub-shares]",
              "[aes-encrypt-decrypt]",
              "[aes-dkg-v2]",
-             "[aes-dkg-v2-zmq]"
+             "[aes-dkg-v2-zmq]",
+             "[te-decryption-share]"
             ]