SKALE-1850 merge with latest develop fix

BLSCrypto.cpp

@@ -135,6 +135,7 @@ bool hex2carray2(const char * _hex, uint64_t  *_bin_len,
 bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t _n, size_t _signerIndex,
     char* _sig) {
 
+  std::cerr << "ENTER SIGN" << std::endl;
 
   auto keyStr = std::make_shared<std::string>(_encryptedKeyHex);
 
@@ -147,8 +148,11 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t
   }
  // assert(binLen == hash->size());
 
+
+
   auto keyShare = std::make_shared<BLSPrivateKeyShareSGX>(keyStr, _t, _n);
 
+  std::cerr << "keyShare created" << std::endl;
  // {
     auto sigShare = keyShare->signWithHelperSGX(hash, _signerIndex);
  // }

BLSPrivateKeyShareSGX.cpp

@@ -79,6 +79,8 @@ BLSPrivateKeyShareSGX::BLSPrivateKeyShareSGX(
   requiredSigners = _requiredSigners;
   totalSigners = _totalSigners;
 
+  std::cerr <<   "ENTER BLSPrivateKeyShareSGX CONSTRUCTOR" << std::endl;
+
   if (requiredSigners > totalSigners) {
 
     throw std::invalid_argument("requiredSigners > totalSigners");
@@ -104,10 +106,11 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
     size_t _signerIndex) {
   shared_ptr<signatures::Bls> obj;
 
-  if (_signerIndex == 0) {
-    BOOST_THROW_EXCEPTION(runtime_error("Zero signer index"));
-  }
+//  if (_signerIndex == 0) {
+//    BOOST_THROW_EXCEPTION(runtime_error("Zero signer index"));
+//  }
   if (hash_byte_arr == nullptr) {
+    std::cerr <<   "Hash is null" << std::endl;
     BOOST_THROW_EXCEPTION(runtime_error("Hash is null"));
   }
 
@@ -123,12 +126,14 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
   string* xStr = stringFromFq(&(hash_with_hint.first.X));
 
   if (xStr == nullptr) {
+    std::cerr <<   "Null xStr" << std::endl;
     BOOST_THROW_EXCEPTION(runtime_error("Null xStr"));
   }
 
   string* yStr = stringFromFq(&(hash_with_hint.first.Y));
 
-  if (xStr == nullptr) {
+  if (yStr == nullptr) {
+    std::cerr <<   "Null yStr" << std::endl;
     BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
   }
 
@@ -154,6 +159,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
   bool result = hex2carray(encryptedKeyHex->c_str(), &sz, encryptedKey);
 
   if (!result) {
+    cerr <<   "Invalid hex encrypted key" << endl;
     BOOST_THROW_EXCEPTION(std::invalid_argument("Invalid hex encrypted key"));
   }
 
@@ -198,6 +204,8 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
   sig.append(":");
   sig.append(hint);
 
+
+
   return sig;
 }
 

DKGCrypto.cpp

@@ -222,10 +222,11 @@ bool VerifyShares(const char* publicShares, const char* encr_sshare, const char
     int result ;
     //std::cerr << "encr_sshare length is " << strlen(encr_sshare) << std::endl;
     //std::cerr << "public shares " << publicShares << std::endl;
-
-    char pshares[4097];
+    std::cerr << "publicShares length is " << strlen(publicShares) << std::endl;
+    char pshares[8193];
     strncpy(pshares, publicShares, strlen(publicShares) + 1);
-   // std::cerr << "pshares " << pshares << std::endl;
+    //std::cerr << "pshares " << pshares << std::endl;
+
 
     dkg_verification(eid, &err_status, errMsg1, pshares, encr_sshare, encr_key, dec_key_len, t, ind, &result);
 
@@ -252,11 +253,13 @@ bool CreateBLSShare( const std::string& BLSKeyName, const char * s_shares, const
   
   uint32_t enc_bls_len = 0;
 
+  std::cerr << "BEFORE create_bls_key IN ENCLAVE " << std::endl;
   create_bls_key(eid, &err_status, errMsg1, s_shares, encr_key, dec_key_len, encr_bls_key, &enc_bls_len);
 
   std::cerr << "AFTER create_bls_key IN ENCLAVE er msg is  " << errMsg1 << std::endl;
   if ( err_status != 0){
      std::cerr << "ERROR IN ENCLAVE" << std::endl;
+     throw RPCException(ERROR_IN_ENCLAVE, "Something failed in enclave");
      return false;
   }
   else {
@@ -339,27 +342,7 @@ std::vector<std::string> mult_G2(const std::string& x){
     return result;
 }
 
-bool TestCreateBLSShare( const char * s_shares) {
-
-  char *errMsg1 = (char *)calloc(1024, 1);
-  int err_status = 0;
 
-  uint32_t enc_bls_len = 0;
-  uint8_t encr_key[BUF_LEN];
-  memset(encr_key, 1, BUF_LEN);
-  uint64_t dec_key_len ;
-  uint8_t encr_bls_key[BUF_LEN];
-
-  std::cerr << "Enter TestCreateBLSShare" << std::endl;
-  create_bls_key(eid, &err_status, errMsg1, s_shares, encr_key, dec_key_len,
-                 encr_bls_key, &enc_bls_len);
-
-  std::cerr << "err msg is " << errMsg1 << std::endl;
-
-  if ( err_status != 0 ){
-    std::cerr << "something went wrong in enclave " << "status is" << err_status << std::endl;
-  }
-}
 
 
 

Dockerfile

+FROM ubuntu:bionic
+
+WORKDIR /usr/src/sdk
+
+RUN apt-get update && apt-get install -yq --no-install-recommends git ca-certificates build-essential ocaml ocamlbuild automake autoconf libtool wget python libssl-dev libssl-dev libcurl4-openssl-dev protobuf-compiler git libprotobuf-dev alien cmake debhelper uuid-dev libxml2-dev
+RUN apt install -y libprotobuf10 cmake flex bison  libprocps-dev ccache autoconf texinfo libssl-dev libboost-all-dev libjsonrpccpp-dev libjsonrpccpp-tools
+
+
+COPY install-psw.patch ./
+
+RUN git clone -b sgx_2.5 --depth 1 https://github.com/intel/linux-sgx && \
+    cd linux-sgx && \
+    patch -p1 -i ../install-psw.patch && \
+    ./download_prebuilt.sh 2> /dev/null && \
+    make -s -j$(nproc) sdk_install_pkg psw_install_pkg && \
+    ./linux/installer/bin/sgx_linux_x64_sdk_2.5.100.49891.bin --prefix=/opt/intel && \
+    ./linux/installer/bin/sgx_linux_x64_psw_2.5.100.49891.bin && \
+    cd .. && rm -rf linux-sgx/
+
+
+
+# For debug purposes
+# COPY jhi.conf /etc/jhi/jhi.conf
+
+
+RUN git clone --recurse-submodules https://76b7983ebf14269178b99eff5b2be4b4b56fe7a5:@github.com/skalenetwork/sgxwallet.git
+WORKDIR  sgxwallet
+RUN cd scripts; ./build.py 
+RUN autoreconf -vif 
+RUN automake
+RUN ./configure
+RUN make

LevelDB.cpp

@@ -154,7 +154,7 @@ void LevelDB::writeByteArray(std::string &_key, const char *value,
 }
 
 void LevelDB::throwExceptionOnError(Status _status) {
-    std::cerr << " DB exception " << std::endl;
+
     if (_status.IsNotFound())
         return;
 

Makefile.am

@@ -66,7 +66,7 @@ bin_PROGRAMS =  sgxwallet testw
 COMMON_SRC = sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c
 COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h
 
-sgxwallet_SOURCES = sgxwallet.c SGXWalletServer.cpp RPCException.cpp  BLSCrypto.cpp ECDSACrypto.cpp \
+sgxwallet_SOURCES = sgxwallet.c SGXWalletServer.cpp SGXRegistrationServer.cpp RPCException.cpp  BLSCrypto.cpp ECDSACrypto.cpp \
 DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp $(COMMON_SRC)
 
 
@@ -95,20 +95,10 @@ sgxwallet_LDADD=-l$(SGX_URTS_LIB) -Lleveldb/build -LlibBLS/build  -LlibBLS/build
    -l:libff.a -lgmp -ldl -l:libsgx_capable.a -l:libsgx_tprotected_fs.a   -ljsonrpccpp-stub -lpthread -ljsonrpccpp-common \
    -ljsonrpccpp-server -ljsonrpccpp-client -ljsoncpp -lcurl intel-sgx-ssl/Linux/package/lib64/libsgx_usgxssl.a \
    intel-sgx-ssl/Linux/package/lib64/libsgx_tsgxssl_crypto.a
-   #-lboost_system -lboost_filesystem
-
-# -lboost_filesystem
-# -llibboost_filesystem.a
-
-# find /usr -name *libboost_filesystem*so*
-
-# -llibboost_filesystem.so
-### libboost_filesystem.so.67.1
-
 
 
 testw_SOURCES=testw.cpp stubclient.cpp SGXWalletServer.cpp  RPCException.cpp BLSCrypto.cpp ServerInit.cpp LevelDB.cpp \
- DKGCrypto.cpp BLSPrivateKeyShareSGX.cpp ECDSACrypto.cpp ServerDataChecker.cpp $(COMMON_SRC)
+ DKGCrypto.cpp BLSPrivateKeyShareSGX.cpp ECDSACrypto.cpp ServerDataChecker.cpp  SGXRegistrationServer.cpp $(COMMON_SRC)
 nodist_testw_SOURCES=${nodist_sgxwallet_SOURCES}
 EXTRA_testw_DEPENDENCIES=${EXTRA_sgxwallet_DEPENDENCIES}
 testw_LDADD= ${sgxwallet_LDADD}

SGXRegistrationServer.cpp

+//
+// Created by kladko on 12/9/19.
+//
+
+#include <iostream>
+#include <fstream>
+#include <sstream>
+
+
+#include <jsonrpccpp/server/connectors/httpserver.h>
+
+#include <stdio.h>
+
+#include "sgxwallet_common.h"
+
+#include "RPCException.h"
+#include "LevelDB.h"
+
+#include <thread>
+#include <time.h>
+
+#include <functional>
+
+#include "SGXRegistrationServer.h"
+
+SGXRegistrationServer *sr = nullptr;
+HttpServer *hs2 = nullptr;
+
+bool cert_created = false;
+
+void set_cert_created1(bool b){
+  sleep(10);
+  cert_created = b;
+}
+
+
+SGXRegistrationServer::SGXRegistrationServer(AbstractServerConnector &connector,
+                                 serverVersion_t type)
+    : AbstractRegServer(connector, type), is_cert_created(false) {}
+
+
+Json::Value SignSertificateImpl(const std::string& cert){
+  Json::Value result;
+  result["status"] = 0;
+  result["errorMessage"] = "";
+  try{
+
+  std::ofstream outfile ("cert/test.csr");
+  outfile << cert << std::endl;
+  outfile.close();
+  result["result"] = true;
+  std::thread thr(set_cert_created1, true);
+  thr.detach();
+
+
+ // std::thread timeout_thr (std::bind(&SGXRegistrationServer::set_cert_created, this, true));
+
+  } catch (RPCException &_e) {
+    std::cerr << " err str " << _e.errString << std::endl;
+    result["status"] = _e.status;
+    result["errorMessage"] = _e.errString;
+    result["result"] = false;
+  }
+
+  return result;
+}
+
+Json::Value GetSertificateImpl(const std::string& hash){
+  Json::Value result;
+  result["status"] = 0;
+  result["errorMessage"] = "";
+  std::string cert;
+  try{
+    if (!cert_created){
+      result["status"] = 1;
+      result["cert"] = "";
+    }
+    else {
+      std::ifstream infile("cert/test_cert.crt");
+      if (!infile.is_open()) {
+        throw RPCException(FILE_NOT_FOUND, "Certificate does not exist");
+      } else {
+        ostringstream ss;
+        ss << infile.rdbuf();
+        cert = ss.str();
+
+        infile.close();
+        result["cert"] = cert;
+        result["status"] = 0;
+      }
+    }
+  } catch (RPCException &_e) {
+    std::cerr << " err str " << _e.errString << std::endl;
+    result["status"] = _e.status;
+    result["errorMessage"] = _e.errString;
+    result["status"] = 1;
+  }
+
+  return result;
+}
+
+
+Json::Value SGXRegistrationServer::SignCertificate(const std::string& cert){
+  lock_guard<recursive_mutex> lock(m);
+  return SignSertificateImpl(cert);
+}
+
+Json::Value SGXRegistrationServer::GetCertificate(const std::string& hash){
+  lock_guard<recursive_mutex> lock(m);
+  return GetSertificateImpl(hash);
+}
+
+void SGXRegistrationServer::set_cert_created(bool b){
+  sleep(100);
+  is_cert_created = b;
+}
+
+
+
+int init_registration_server() {
+
+  std::string certPath = "cert/SGXCACertificate.crt";
+  std::string keyPath = "cert/SGXCACertificate.key";
+
+  if (access(certPath.c_str(), F_OK) != 0){
+    std::cerr << "CERTIFICATE IS GOING TO BE CREATED" << std::endl;
+
+    std::string genCert = "cd cert && ./self-signed-tls -c=US -s=California -l=San-Francisco -o=\"Skale Labs\" -u=\"Department of Software Engineering\" -n=\"SGXCACertificate\" -e=info@skalelabs.com";
+
+    if (system(genCert.c_str()) == 0){
+      std::cerr << "CERTIFICATE IS SUCCESSFULLY GENERATED" << std::endl;
+    }
+    else{
+      std::cerr << "CERTIFICATE GENERATION FAILED" << std::endl;
+      exit(-1);
+    }
+  }
+
+  hs2 = new HttpServer(1027);
+  sr = new SGXRegistrationServer(*hs2,
+                                 JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
+
+  if (!sr->StartListening()) {
+    cerr << "Registration server could not start listening" << endl;
+    exit(-1);
+  }
+  return 0;
+}
\ No newline at end of file

SGXRegistrationServer.h

+//
+// Created by kladko on 12/9/19.
+//
+
+#ifndef SGXD_SGXREGISTRATIONSERVER_H
+#define SGXD_SGXREGISTRATIONSERVER_H
+
+
+#include "abstractregserver.h"
+#include <mutex>
+
+using namespace jsonrpc;
+using namespace std;
+
+class SGXRegistrationServer: public AbstractRegServer {
+  std::recursive_mutex m;
+  bool is_cert_created;
+
+public:
+
+  SGXRegistrationServer(AbstractServerConnector &connector, serverVersion_t type);
+
+  void set_cert_created(bool b);
+
+  virtual Json::Value SignCertificate(const std::string& cert);
+  virtual Json::Value GetCertificate(const std::string& hash);
+
+};
+
+
+extern int init_registration_server();
+
+
+#endif // SGXD_SGXREGISTRATIONSERVER_H
\ No newline at end of file

SGXWalletServer.cpp

@@ -105,7 +105,7 @@ int init_server() {
 
 //int init_server() { //without ssl
 //
-//  hs = new HttpServer(1027, "", "", 1);
+//  hs = new HttpServer(1028);
 //  s = new SGXWalletServer(*hs,
 //                          JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
 //  if (!s->StartListening()) {
@@ -600,7 +600,7 @@ Json::Value GetBLSPublicKeyShareImpl(const std::string & BLSKeyName){
         result["errorMessage"] = _e.errString;
     }
 
-    debug_print();
+    //debug_print();
 
     return result;
 }

ServerInit.cpp

@@ -47,6 +47,8 @@
 
 #include "SGXWalletServer.h"
 
+#include "SGXRegistrationServer.h"
+
 #include "BLSCrypto.h"
 #include "ServerInit.h"
 
@@ -123,6 +125,7 @@ void init_all() {
     sgxServerInited = 1;
 
     init_server();
+    init_registration_server();
     init_enclave();
     std::cerr << "enclave inited" << std::endl;
     init_daemon();

abstractregserver.h

+//
+// Created by kladko on 12/9/19.
+//
+
+#ifndef SGXD_ABSTRACTREGSERVER_H
+#define SGXD_ABSTRACTREGSERVER_H
+
+#include <jsonrpccpp/server.h>
+
+class AbstractRegServer : public jsonrpc::AbstractServer<AbstractRegServer>
+{
+public:
+  AbstractRegServer(jsonrpc::AbstractServerConnector &conn, jsonrpc::serverVersion_t type = jsonrpc::JSONRPC_SERVER_V2) : jsonrpc::AbstractServer<AbstractRegServer>(conn, type)
+  {
+    this->bindAndAddMethod(jsonrpc::Procedure("SignCertificate", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"certificate",jsonrpc::JSON_STRING, NULL), &AbstractRegServer::SignCertificateI);
+    this->bindAndAddMethod(jsonrpc::Procedure("GetCertificate", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"hash",jsonrpc::JSON_STRING, NULL), &AbstractRegServer::GetCertificateI);
+  }
+
+  inline virtual void SignCertificateI(const Json::Value &request, Json::Value &response)
+  {
+    response = this->SignCertificate( request["certificate"].asString());
+  }
+  inline virtual void GetCertificateI(const Json::Value &request, Json::Value &response)
+  {
+    response = this->GetCertificate( request["hash"].asString());
+  }
+
+
+  virtual Json::Value SignCertificate(const std::string& cert) = 0;
+  virtual Json::Value GetCertificate(const std::string& hash) = 0;
+
+};
+
+#endif // SGXD_ABSTRACTREGSERVER_H
\ No newline at end of file

entrypoint.sh

+#!/bin/bash
+
+source /opt/intel/sgxsdk/environment
+export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/opt/intel/sgxpsw/aesm/
+
+jhid -d
+/opt/intel/sgxpsw/aesm/aesm_service &
+pid=$!
+
+sgxwallet
+

install-psw.patch

+diff --git a/linux/installer/bin/install-sgx-psw.bin.tmpl b/linux/installer/bin/install-sgx-psw.bin.tmpl
+index 3510e97c..751831ab 100755
+--- a/linux/installer/bin/install-sgx-psw.bin.tmpl
++++ b/linux/installer/bin/install-sgx-psw.bin.tmpl
+@@ -30,34 +30,10 @@
+ #
+ #
+ 
+-grep 'sgx\.ko$\|intel_sgx\.ko$' /lib/modules/$(uname -r)/modules.builtin &> /dev/null
+-if [[ $? != "0" ]]; then
+-    /sbin/modinfo isgx &> /dev/null
+-    if [[ $? != "0" ]]; then
+-        /sbin/modinfo intel_sgx &> /dev/null
+-        if [[ $? != "0" ]]; then
+-            lsmod | grep 'isgx\|intel_sgx' &> /dev/null
+-            if [[ $? = "0" ]]; then
+-                echo "Warning: You did not follow the document to install the driver package."
+-                echo
+-            elif [[ ! -e /dev/isgx ]] && [[ ! -e /dev/sgx ]]; then
+-                echo -e "\033[31;49;1mWarning: You may need to activate the SGX module if SGX is enabled in the kernel (e.g., sudo modprobe sgx) or download and install the SGX driver if the kernel doesn't have SGX support.\033[39;49;0m"
+-                echo
+-            fi
+-        fi
+-    fi
+-fi
+-
+ set -e
+ 
+ PKG_NAME="Intel SGX PSW Package"
+ 
+-if test $(id -u) -ne 0; then
+-    echo "Root privilege is required to install $PKG_NAME."
+-    exit 4
+-fi
+-
+-
+ PKG_ARCH=@arch@
+ ARCH=$(uname -m)
+ 
+diff --git a/linux/installer/common/libsgx-enclave-common/install.sh b/linux/installer/common/libsgx-enclave-common/install.sh
+index 296879af..851d520b 100755
+--- a/linux/installer/common/libsgx-enclave-common/install.sh
++++ b/linux/installer/common/libsgx-enclave-common/install.sh
+@@ -33,11 +33,6 @@
+ 
+ set -e 
+ 
+-if test $(id -u) -ne 0; then
+-    echo "Root privilege is required."
+-    exit 1
+-fi
+-
+ SCRIPT_DIR=$(dirname "$0")
+ source ${SCRIPT_DIR}/installConfig
+ 
+@@ -95,7 +90,7 @@ elif [ -d /etc/init/ ]; then
+ else
+     echo " failed."
+     echo "Unsupported platform - neither systemctl nor initctl is found."
+-    exit 5
++    retval=0
+ fi
+ 
+ if test $retval -ne 0; then
+diff --git a/linux/installer/common/psw/install.sh b/linux/installer/common/psw/install.sh
+index 59f3ed61..8ba940a3 100755
+--- a/linux/installer/common/psw/install.sh
++++ b/linux/installer/common/psw/install.sh
+@@ -96,7 +96,7 @@ elif [ -d /etc/init/ ]; then
+ else
+     echo " failed."
+     echo "Unsupported platform - neither systemctl nor initctl is found."
+-    exit 5
++    retval=0
+ fi
+ 
+ if test $retval -ne 0; then

jhi.conf

+# 
+# jhi.conf
+#
+#
+#
+#   Transport type
+#
+# How to connect to DAL firmware
+#
+# AUTO   - Choose between MEI and KERNEL automatically
+# MEI    - The most common. Use /dev/mei directly.
+# SOCKET - Connect through an IP socket (for development purposes)
+# KERNEL - Connect through the DAL kernel module (mei_dal). Uses /dev/dal{0,1,2}
+#
+# AUTO is the default.
+#
+# Uncomment one of the following:
+#
+transport AUTO
+#transport MEI
+#transport SOCKET
+#transport KERNEL
+#
+#
+#
+#   Firmware emulation IP address
+#
+# 127.0.0.1 is the default
+#
+# When using SOCKET, connect to this IP address:
+#
+#socket_ip_address 127.0.0.1
+socket_ip_address 192.168.56.1
+#
+#
+#
+#   Log level
+#
+# OFF     - No prints
+# RELEASE - Recommended for general use
+# DEBUG   - When something goes wrong enable this to see why
+#
+#log_level OFF
+#log_level RELEASE
+log_level DEBUG
+#
+#
+#
+#   Daemon socket path
+#
+# Location for the Unix domain socket the daemon creates for user
+# applications to connect to.
+#
+# /tmp/jhi_socket is the default
+#
+socket_path /var/run/jhi_socket
+#socket_path /tmp/jhi_socket
+#
+#
+#   Applets location on the filesystem
+#
+#   applets_dir can be read only.
+#   app_repo_dir needs to be writeable by the daemon.
+#
+#applets_dir /var/lib/intel/dal/applets
+#app_repo_dir /var/lib/intel/dal/applet_repository
+#

scripts/build.py

@@ -65,11 +65,12 @@ LEVELDB_BUILD_DIR = LEVELDB_DIR + "/build"
 GMP_BUILD_DIR = topDir + "/gmp-build"
 TGMP_BUILD_DIR = topDir + "/tgmp-build"
 SDK_DIR = topDir + "/sgx-sdk-build"
-BLS_DIR = topDir + "/libBLS"
-JSON_LIBS_DIR = topDir + "/jsonrpc"
-AUTOMAKE_DIR = "/usr/share/automake-1.15"
-if not os.path.isdir(AUTOMAKE_DIR):
-    raise Exception("Could not find " + AUTOMAKE_DIR)
+
+
+BLS_DIR = topDir +  "/libBLS"
+BLS_BUILD_DIR = BLS_DIR + "/build"
+
+
 
 #subprocess.call(["git", "submodule",  "update", "--init"])
 
@@ -85,6 +86,10 @@ subprocess.call(["ln", "-s", AUTOMAKE_DIR + "/depcomp", "depcomp"])
 subprocess.call(["ln", "-s", AUTOMAKE_DIR + "/missing", "missing"])
 subprocess.call(["ln", "-s", AUTOMAKE_DIR + "/compile", "compile"])
 
+subprocess.call(["rm", "-rf",  GMP_BUILD_DIR])
+subprocess.call(["rm", "-rf", TGMP_BUILD_DIR])
+subprocess.call(["rm", "-rf", SDK_DIR])
+
 assert subprocess.call(["cp", "configure.gmp", GMP_DIR + "/configure"]) == 0
 os.chdir(LEVELDB_DIR)
 assert subprocess.call(["bash", "-c", "mkdir -p build"]) == 0
@@ -123,8 +128,8 @@ os.chdir(SSL_SOURCE_DIR)
 assert subprocess.call(["wget", "https://www.openssl.org/source/openssl-1.1.1b.tar.gz"]) == 0
 print "===>>> Making SSL  project"
 os.chdir(SSL_MAKE_DIR)
-#assert subprocess.call(["make",   "SGX_SDK=" + SGX_SDK_DIR_SSL, "all", "test"]) == 0
-assert subprocess.call(["make",   "SGX_SDK=" + SGX_SDK_DIR_SSL, "all" ]) == 0
+assert subprocess.call(["make",   "SGX_SDK=" + SGX_SDK_DIR_SSL, "all", "test"]) == 0
+#assert subprocess.call(["make",   "SGX_SDK=" + SGX_SDK_DIR_SSL, "all" ]) == 0
 
 os.chdir(topDir)
 print("Build successfull.")

secure_enclave/secure_enclave.c

@@ -739,12 +739,11 @@ void create_bls_key(int *err_status, char* err_string, const char* s_shares,
   sgx_status_t status = sgx_unseal_data(
       (const sgx_sealed_data_t *)encrypted_key, NULL, 0, (uint8_t*)skey, &key_len);
   if (status != SGX_SUCCESS) {
+    *err_status = 1;
     snprintf(err_string, BUF_LEN,"sgx_unseal_key failed with status %d", status);
     return;
   }
 
-  //char * skey = "a15c19da241e5b1db20d8dd8ca4b5eeaee01c709b49ec57aa78c2133d3c1b3c9";
-
   int num_shares = strlen(s_shares)/192;
 
   mpz_t sum;
@@ -786,11 +785,11 @@ void create_bls_key(int *err_status, char* err_string, const char* s_shares,
         return;
     }
     //decr_sshare[64] = 0;
-    snprintf(err_string + 158 * i, BUF_LEN,"decr sshare is %s", decr_sshare);
-    snprintf(err_string + 158 * i + 79, BUF_LEN," common_key is %s", common_key);
 
-    //snprintf(err_string + 89*i, BUF_LEN,"share is %s length is %d ", decr_sshare, strlen(decr_sshare));
-    //snprintf(err_string + 65*i, BUF_LEN,"%s ", decr_sshare);
+    //snprintf(err_string + 158 * i, BUF_LEN,"decr sshare is %s", decr_sshare);
+    //snprintf(err_string + 158 * i + 79, BUF_LEN," common_key is %s", common_key);
+
+
 
 
     mpz_t decr_secret_share;
@@ -816,7 +815,7 @@ void create_bls_key(int *err_status, char* err_string, const char* s_shares,
 
    char key_share[mpz_sizeinbase(bls_key, 16) + 2];
    char *key = mpz_get_str(key_share, 16, bls_key);
-   snprintf(err_string + 158 * num_shares , BUF_LEN," bls private key is %s", key_share);
+   snprintf(err_string, BUF_LEN," bls private key is %s", key_share);
    uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
 
 

secure_enclave/secure_enclave.edl

@@ -122,7 +122,7 @@ enclave {
          public void dkg_verification(
                                 [user_check] int *err_status,
                                 [out, count = 1024] char* err_string,
-                                [in, count = 4097] const char* public_shares,
+                                [in, count = 8193] const char* public_shares,
                                 [in, count = 193] const char* s_share,
                                 [in, count = 1024] uint8_t* encrypted_key,
                                 uint64_t key_len,

sgxwallet_common.h

@@ -55,9 +55,13 @@
 #define INVALID_ECDSA_KEY_NAME -20
 #define INVALID_HEX -21
 
+#define ERROR_IN_ENCLAVE -33
+
+#define FILE_NOT_FOUND -44
+
 #define SGX_ENCLAVE_ERROR -666;
 
-#define WALLETDB_NAME  "sgxwallet.db"//"test_sgxwallet1.db"//
+#define WALLETDB_NAME  "sgxwallet.db"//"test_sgxwallet.db"//
 #define ENCLAVE_NAME "secure_enclave.signed.so"
 
 

testw.cpp

@@ -237,29 +237,29 @@ TEST_CASE("Server BLS sign test", "[bls-server-sign]") {
 
 }
 
-TEST_CASE("KeysDB test", "[keys-db]") {
-
-
-
-    reset_db();
-    init_all();
-
-
-    string key = TEST_BLS_KEY_SHARE;
-    string value = TEST_BLS_KEY_SHARE;
-
-
-
-    REQUIRE_THROWS(readKeyShare(key));
-
-
-    writeKeyShare(key, value, 1, 2, 1);
-
-    REQUIRE(readKeyShare(key) != nullptr);
-
-
-// put your test here
-}
+//TEST_CASE("KeysDB test", "[keys-db]") {
+//
+//
+//
+//    reset_db();
+//    init_all();
+//
+//
+//    string key = TEST_BLS_KEY_SHARE;
+//    string value = TEST_BLS_KEY_SHARE;
+//
+//
+//
+//    REQUIRE_THROWS(readKeyShare(key));
+//
+//
+//    writeKeyShare(key, value, 1, 2, 1);
+//
+//    REQUIRE(readKeyShare(key) != nullptr);
+//
+//
+//// put your test here
+//}
 
 
 
@@ -741,17 +741,14 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") {
   std::cerr<< "test started" << std::endl;
   init_all();
   cerr << "Server inited" << endl;
-  HttpClient client("http://localhost:1027");
+  HttpClient client("http://localhost:1028");
   StubClient c(client, JSONRPC_CLIENT_V2);
   cerr << "Client inited" << endl;
 
   reset_db();
 
 
-
-
-
-  int n = 2, t = 2;
+  int n = 32, t = 32;
   Json::Value EthKeys[n];
   Json::Value VerifVects[n];
   Json::Value pubEthKeys;
@@ -851,7 +848,6 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") {
   std::cout << "try to get bls public key" << std::endl;
   std::cout << c.GetBLSPublicKeyShare("BLS_KEY:SCHAIN_ID:1:NODE_ID:1:DKG_ID:0");
 
-  exit(0);
 
 }
 
@@ -957,13 +953,4 @@ TEST_CASE("API test", "[api_test]") {
   sgx_destroy_enclave(eid);
 }
 
-//decr sshare is 0570d18552dc248c5f806cbfeb96cdc40234d51233b3ba80a9c7b790ae4eed13
-//common_key is e6d91ec58664d25dd80071520793ab307bf408158543a9710445bd663041a760decr
-//sshare is d56909d4b29a0f1d306be98c019bed02e9c6b9b56bfe9e933314815983401b40
-//common_key is 0e4506de4faa7a241fccbcc9339cce03737415ba38349ccfa7aec916d37cee07
-//
-//
-//decr sshare is 1f63caaf684e632338cd7c17569fb65d820004266acd36f0b6d2cbd05648b071
-//common_key is e969840c044a3e7252e4677225f2513722d545ff1612f35d0cd66cda65185356decr
-//sshare is 20d254d489bb31fc5b470c641ba280ea35e7da3a86c11ccdb74d3f9898daaa93
-//common_key is 18dffe11f73f6d53e8f53ce1fe0ab8192f7a9180d50fb7e34a01776652e73471
+