Merge pull request #196 from skalenetwork/feature/SKALE-3434-import-ecdsa

SKALE-3434 add import ECDSA key

Merge pull request #196 from skalenetwork/feature/SKALE-3434-import-ecdsa
SKALE-3434 add import ECDSA key
6d2d0c93 · Oleh Nikolaiev · GitHub · 346d28b4 · 1a6c43df · 6d2d0c93
Unverified Commit 6d2d0c93 authored Oct 27, 2020 by Oleh Nikolaiev Committed by GitHub Oct 27, 2020
8 changed files
--- a/ECDSACrypto.cpp
+++ b/ECDSACrypto.cpp
@@ -228,3 +228,31 @@ vector <string> ecdsaSignHash(const std::string& encryptedKeyHex, const char *ha

    return signatureVector;
 }
+
+string encryptECDSAKey(const string& _key) {
+    vector<char> key(BUF_LEN, 0);
+    for (size_t i = 0; i < _key.size(); ++i) {
+        key[i] = _key[i];
+    }
+
+    vector<uint8_t> encryptedKey(BUF_LEN, 0);
+
+    int errStatus = 0;
+    vector<char> errString(BUF_LEN, 0);
+    uint64_t enc_len = 0;
+
+    sgx_status_t status = SGX_SUCCESS;
+    std::cout << "HERE" << std::endl;
+    RESTART_BEGIN
+        status = trustedEncryptKey(eid, &errStatus, errString.data(), key.data(),
+                                   encryptedKey.data(), &enc_len);
+    RESTART_END
+
+    if (status != 0) {
+        throw SGXException(status, string("Could not encrypt ECDSA key: " + string(errString.begin(), errString.end())).c_str());
+    }
+
+    vector<char> hexEncrKey = carray2Hex(encryptedKey.data(), enc_len);
+
+    return string(hexEncrKey.begin(), hexEncrKey.end());
+}
--- a/ECDSACrypto.h
+++ b/ECDSACrypto.h
@@ -35,5 +35,7 @@ string getECDSAPubKey(const std::string& _encryptedKeyHex);

 vector<string> ecdsaSignHash(const std::string& encryptedKeyHex, const char* hashHex, int base);

+string encryptECDSAKey(const string& key);
+

 #endif //SGXD_ECDSACRYPTO_H
--- a/SGXWalletServer.cpp
+++ b/SGXWalletServer.cpp
@@ -268,6 +268,37 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin

 }

+Json::Value SGXWalletServer::importECDSAKeyImpl(const string &_keyShare,
+                                                const string &_keyShareName) {
+    spdlog::info("Entering {}", __FUNCTION__);
+    INIT_RESULT(result)
+    result["encryptedKey"] = "";
+
+    try {
+      if (!checkECDSAKeyName(_keyShareName)) {
+          throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
+      }
+
+      string hashTmp = _keyShare;
+      if (hashTmp[0] == '0' && (hashTmp[1] == 'x' || hashTmp[1] == 'X')) {
+          hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 2);
+      }
+
+      if (!checkHex(hashTmp)) {
+          throw SGXException(INVALID_HEX, "Invalid ECDSA key share, please use hex");
+      }
+
+      string encryptedKey = encryptECDSAKey(hashTmp);
+
+      writeDataToDB(_keyShareName, encryptedKey);
+
+      result["encryptedKey"] = encryptedKey;
+      result["publicKey"] = getECDSAPubKey(encryptedKey);
+    } HANDLE_SGX_EXCEPTION(result)
+
+    RETURN_SUCCESS(result);
+}
+
 Json::Value SGXWalletServer::generateECDSAKeyImpl() {
    spdlog::info("Entering {}", __FUNCTION__);
    INIT_RESULT(result)
@@ -735,6 +766,10 @@ Json::Value SGXWalletServer::calculateAllBLSPublicKeys(const Json::Value& public
    return calculateAllBLSPublicKeysImpl(publicShares, t, n);
 }

+Json::Value SGXWalletServer::importECDSAKey(const std::string& keyShare, const std::string& keyShareName) {
+    return importECDSAKeyImpl(keyShare, keyShareName);
+}
+
 Json::Value SGXWalletServer::generateECDSAKey() {
    return generateECDSAKeyImpl();
 }

--- a/SGXWalletServer.hpp
+++ b/SGXWalletServer.hpp
@@ -51,6 +51,9 @@ public:
    virtual Json::Value
    blsSignMessageHash(const string &_keyShareName, const string &_messageHash, int _t, int _n);

+    virtual Json::Value importECDSAKey(const std::string& keyShare,
+                                       const std::string& keyShareName);
+
    virtual Json::Value generateECDSAKey();

    virtual Json::Value
@@ -102,6 +105,8 @@ public:
    static Json::Value
    blsSignMessageHashImpl(const string &_keyShareName, const string &_messageHash, int t, int n);

+    static Json::Value importECDSAKeyImpl(const string &_keyShare, const string &_keyShareName);
+
    static Json::Value generateECDSAKeyImpl();

    static Json::Value ecdsaSignMessageHashImpl(int _base, const string &keyName, const string &_messageHash);

--- a/abstractstubserver.h
+++ b/abstractstubserver.h
@@ -39,6 +39,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
          this->bindAndAddMethod(jsonrpc::Procedure("importBLSKeyShare", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"keyShare",jsonrpc::JSON_STRING,"keyShareName",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::importBLSKeyShareI);
          this->bindAndAddMethod(jsonrpc::Procedure("blsSignMessageHash", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "keyShareName",jsonrpc::JSON_STRING,"messageHash",jsonrpc::JSON_STRING,"t",jsonrpc::JSON_INTEGER, "n",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::blsSignMessageHashI);

+          this->bindAndAddMethod(jsonrpc::Procedure("importECDSAKey", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"key",jsonrpc::JSON_STRING,"keyName",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::importECDSAKeyI);
          this->bindAndAddMethod(jsonrpc::Procedure("generateECDSAKey", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,  NULL), &AbstractStubServer::generateECDSAKeyI);
          this->bindAndAddMethod(jsonrpc::Procedure("getPublicECDSAKey", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "keyName",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::getPublicECDSAKeyI);
          this->bindAndAddMethod(jsonrpc::Procedure("ecdsaSignMessageHash", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "base",jsonrpc::JSON_INTEGER,"keyName",jsonrpc::JSON_STRING,"messageHash",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::ecdsaSignMessageHashI);
@@ -68,6 +69,10 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
            response = this->blsSignMessageHash(request["keyShareName"].asString(), request["messageHash"].asString(), request["t"].asInt(), request["n"].asInt());
        }

+        inline virtual void importECDSAKeyI(const Json::Value &request, Json::Value &response)
+        {
+            response = this->importECDSAKey( request["key"].asString(), request["keyName"].asString());
+        }
        inline virtual void generateECDSAKeyI(const Json::Value &request, Json::Value &response)
        {
          (void)request;
@@ -141,6 +146,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>

        virtual Json::Value importBLSKeyShare(const std::string& keyShare, const std::string& keyShareName) = 0;
        virtual Json::Value blsSignMessageHash(const std::string& keyShareName, const std::string& messageHash, int t, int n ) = 0;
+        virtual Json::Value importECDSAKey(const std::string& keyShare, const std::string& keyShareName) = 0;
        virtual Json::Value generateECDSAKey() = 0;
        virtual Json::Value getPublicECDSAKey(const std::string& keyName) = 0;
        virtual Json::Value ecdsaSignMessageHash(int base, const std::string& keyName, const std::string& messageHash) = 0;

--- a/stubclient.h
+++ b/stubclient.h
@@ -39,6 +39,18 @@ class StubClient : public jsonrpc::Client
                throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
        }

+        Json::Value importECDSAKey(const std::string& keyShare, const std::string& keyShareName)
+        {
+            Json::Value p;
+            p["key"] = keyShare;
+            p["keyName"] = keyShareName;
+            Json::Value result = this->CallMethod("importECDSAKey",p);
+            if (result.isObject())
+                return result;
+            else
+                throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
+        }
+
        Json::Value generateECDSAKey() 
        {
          Json::Value p;

--- a/testw.cpp
+++ b/testw.cpp
@@ -457,6 +457,21 @@ TEST_CASE_METHOD(TestFixture, "Delete Bls Key", "[delete-bls-key]") {
    REQUIRE(c.deleteBlsKey(name)["deleted"] == true);
 }

+TEST_CASE_METHOD(TestFixture, "Import ECDSA Key", "[import-ecdsa-key]") {
+    HttpClient client(RPC_ENDPOINT);
+    StubClient c(client, JSONRPC_CLIENT_V2);
+
+    std::string name = "NEK:abcdef";
+    auto response = c.importECDSAKey("6507625568967977077291849236396320012317305261598035438182864059942098934847", name);
+    REQUIRE(response["status"] != 0);
+
+    string key_str = "0xe632f7fde2c90a073ec43eaa90dca7b82476bf28815450a11191484934b9c3f";
+    response = c.importECDSAKey(key_str, name);
+    REQUIRE(response["status"] == 0);
+
+    REQUIRE(c.ecdsaSignMessageHash(16, name, SAMPLE_HASH)["status"] == 0);
+}
+
 TEST_CASE_METHOD(TestFixture, "Backup Key", "[backup-key]") {
    HttpClient client(RPC_ENDPOINT);
    StubClient c(client, JSONRPC_CLIENT_V2);

--- a/testw.py
+++ b/testw.py
@@ -36,6 +36,7 @@ testList = ["[first-run]",
            "[get-server-version]",
            "[backup-key]",
            "[delete-bls-key]",
+            "[import-ecdsa-key]",
            "[ecdsa-aes-key-gen]",
            "[ecdsa-aes-key-sig-gen]",
            "[ecdsa-aes-get-pub-key]",