Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
S
sgxwallet
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
董子豪
sgxwallet
Commits
6d82dafc
Unverified
Commit
6d82dafc
authored
Sep 09, 2019
by
kladkogex
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixed problem
parent
f51ca696
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
240 additions
and
255 deletions
+240
-255
BLSUtils.cpp
secure_enclave/BLSUtils.cpp
+56
-75
BLSUtils.h
secure_enclave/BLSUtils.h
+1
-1
secure_enclave.c
secure_enclave/secure_enclave.c
+183
-163
sgxwallet_common.h
sgxwallet_common.h
+0
-16
No files found.
secure_enclave/BLSUtils.cpp
View file @
6d82dafc
...
...
@@ -3,7 +3,6 @@
//
#define GMP_WITH_SGX
#include <string.h>
#include <cstdint>
#include "../sgxwallet_common.h"
...
...
@@ -15,135 +14,117 @@
std
::
string
*
stringFromKey
(
libff
::
alt_bn128_Fr
*
_key
)
{
mpz_t
t
;
mpz_init
(
t
);
mpz_t
t
;
mpz_init
(
t
);
_key
->
as_bigint
().
to_mpz
(
t
);
_key
->
as_bigint
().
to_mpz
(
t
);
char
arr
[
mpz_sizeinbase
(
t
,
10
)
+
2
];
char
arr
[
mpz_sizeinbase
(
t
,
10
)
+
2
];
char
*
tmp
=
mpz_get_str
(
arr
,
10
,
t
);
mpz_clear
(
t
);
char
*
tmp
=
mpz_get_str
(
arr
,
10
,
t
);
mpz_clear
(
t
);
return
new
std
::
string
(
tmp
);
return
new
std
::
string
(
tmp
);
}
std
::
string
*
stringFromFq
(
libff
::
alt_bn128_Fq
*
_fq
)
{
std
::
string
*
stringFromFq
(
libff
::
alt_bn128_Fq
*
_fq
)
{
mpz_t
t
;
mpz_init
(
t
);
mpz_t
t
;
mpz_init
(
t
);
_fq
->
as_bigint
().
to_mpz
(
t
);
_fq
->
as_bigint
().
to_mpz
(
t
);
char
arr
[
mpz_sizeinbase
(
t
,
10
)
+
2
];
char
arr
[
mpz_sizeinbase
(
t
,
10
)
+
2
];
char
*
tmp
=
mpz_get_str
(
arr
,
10
,
t
);
mpz_clear
(
t
);
char
*
tmp
=
mpz_get_str
(
arr
,
10
,
t
);
mpz_clear
(
t
);
return
new
std
::
string
(
tmp
);
return
new
std
::
string
(
tmp
);
}
std
::
string
*
stringFromG1
(
libff
::
alt_bn128_G1
*
_g1
)
{
_g1
->
to_affine_coordinates
();
_g1
->
to_affine_coordinates
();
auto
sX
=
stringFromFq
(
&
_g1
->
X
);
auto
sY
=
stringFromFq
(
&
_g1
->
Y
);
auto
sX
=
stringFromFq
(
&
_g1
->
X
);
auto
sY
=
stringFromFq
(
&
_g1
->
Y
);
auto
sG1
=
new
std
::
string
(
*
sX
+
":"
+
*
sY
);
auto
sG1
=
new
std
::
string
(
*
sX
+
":"
+
*
sY
);
delete
(
sX
);
delete
(
sY
);
delete
(
sX
);
delete
(
sY
);
return
sG1
;
return
sG1
;
}
libff
::
alt_bn128_Fr
*
keyFromString
(
const
char
*
_keyString
)
{
return
new
libff
::
alt_bn128_Fr
(
_keyString
);
}
void
check_key
(
int
*
err_status
,
char
*
err_string
,
const
char
*
_keyString
)
{
*
err_status
=
UNKNOWN_ERROR
;
uint64_t
keyLen
=
strnlen
(
_keyString
,
MAX_KEY_LENGTH
);
// check that key is zero terminated string
libff
::
alt_bn128_Fr
*
keyFromString
(
const
char
*
_keyString
)
{
if
(
keyLen
==
MAX_KEY_LENGTH
)
{
*
err_status
=
PLAINTEXT_KEY_TOO_LONG
;
snprintf
(
err_string
,
MAX_ERR_LEN
,
"Plaintext key too long"
);
return
;
}
return
new
libff
::
alt_bn128_Fr
(
_keyString
);
}
bool
check_key
(
const
char
*
_keyString
)
{
libff
::
init_alt_bn128_params
();
if
(
_keyString
==
nullptr
)
return
false
;
if
(
_keyString
==
nullptr
)
{
*
err_status
=
NULL_KEY
;
snprintf
(
err_string
,
BUF_LEN
,
"Null key string"
);
return
;
}
std
::
string
ks
(
_keyString
);
for
(
int
i
=
keyLen
;
i
<
MAX_KEY_LENGTH
;
i
++
)
{
if
(
_keyString
[
i
]
!=
0
)
{
*
err_status
=
UNPADDED_KEY
;
snprintf
(
err_string
,
BUF_LEN
,
"Unpadded key passed to wrap"
);
return
;
}
}
// std::string keyString =
// "4160780231445160889237664391382223604184857153814275770598791864649971919844";
auto
key
=
keyFromString
(
ks
.
c_str
());
std
::
string
ks
(
_keyString
);
auto
s1
=
stringFromKey
(
key
);
// std::string keyString =
// "4160780231445160889237664391382223604184857153814275770598791864649971919844"
;
if
(
s1
->
compare
(
ks
)
!=
0
)
return
false
;
auto
key
=
keyFromString
(
ks
.
c_str
());
if
(
s1
->
size
()
<
10
)
return
false
;
auto
s1
=
stringFromKey
(
key
);
if
(
s1
->
size
()
>=
100
)
return
false
;
if
(
s1
->
compare
(
ks
)
!=
0
)
{
*
err_status
=
INCORRECT_STRING_CONVERSION
;
snprintf
(
err_string
,
BUF_LEN
,
"Incorrect string conversion"
);
return
;
}
return
true
;
}
*
err_status
=
0
;
}
bool
sign
(
const
char
*
_keyString
,
const
char
*
_hashXString
,
const
char
*
_hashYString
,
char
sig
[
BUF_LEN
])
{
bool
sign
(
const
char
*
_keyString
,
const
char
*
_hashXString
,
const
char
*
_hashYString
,
char
sig
[
BUF_LEN
])
{
auto
key
=
keyFromString
(
_keyString
);
auto
key
=
keyFromString
(
_keyString
);
libff
::
alt_bn128_Fq
hashX
(
_hashXString
);
libff
::
alt_bn128_Fq
hashY
(
_hashYString
);
libff
::
alt_bn128_Fq
hashZ
=
1
;
libff
::
alt_bn128_Fq
hashX
(
_hashXString
);
libff
::
alt_bn128_Fq
hashY
(
_hashYString
);
libff
::
alt_bn128_Fq
hashZ
=
1
;
libff
::
alt_bn128_G1
hash
(
hashX
,
hashY
,
hashZ
);
libff
::
alt_bn128_G1
hash
(
hashX
,
hashY
,
hashZ
);
libff
::
alt_bn128_G1
sign
=
key
->
as_bigint
()
*
hash
;
// sign
libff
::
alt_bn128_G1
sign
=
key
->
as_bigint
()
*
hash
;
// sign
sign
.
to_affine_coordinates
();
sign
.
to_affine_coordinates
(
);
auto
r
=
stringFromG1
(
&
sign
);
auto
r
=
stringFromG1
(
&
sign
);
memset
(
sig
,
0
,
BUF_LEN
);
memset
(
sig
,
0
,
BUF_LEN
);
strncpy
(
sig
,
r
->
c_str
()
,
BUF_LEN
);
strncpy
(
sig
,
r
->
c_str
(),
BUF_LEN
)
;
delete
r
;
delete
r
;
return
true
;
return
true
;
}
...
...
secure_enclave/BLSUtils.h
View file @
6d82dafc
...
...
@@ -13,7 +13,7 @@
#define EXTERNC
#endif
EXTERNC
void
check_key
(
int
*
err_status
,
char
*
err_string
,
const
char
*
_keyString
);
EXTERNC
bool
check_key
(
const
char
*
_keyString
);
EXTERNC
bool
sign
(
const
char
*
_keyString
,
const
char
*
_hashXString
,
const
char
*
_hashYString
,
char
*
_sig
);
...
...
secure_enclave/secure_enclave.c
View file @
6d82dafc
...
...
@@ -50,62 +50,57 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "../sgxwallet_common.h"
void
*
(
*
gmp_realloc_func
)(
void
*
,
size_t
,
size_t
);
void
*
(
*
oc_realloc_func
)(
void
*
,
size_t
,
size_t
);
void
(
*
gmp_free_func
)(
void
*
,
size_t
);
void
(
*
oc_free_func
)(
void
*
,
size_t
);
void
*
reallocate_function
(
void
*
,
size_t
,
size_t
);
void
free_function
(
void
*
,
size_t
);
void
tgmp_init
()
{
oc_realloc_func
=
&
reallocate_function
;
oc_free_func
=
&
free_function
;
oc_realloc_func
=
&
reallocate_function
;
oc_free_func
=
&
free_function
;
mp_get_memory_functions
(
NULL
,
&
gmp_realloc_func
,
&
gmp_free_func
);
mp_set_memory_functions
(
NULL
,
oc_realloc_func
,
oc_free_func
);
mp_get_memory_functions
(
NULL
,
&
gmp_realloc_func
,
&
gmp_free_func
);
mp_set_memory_functions
(
NULL
,
oc_realloc_func
,
oc_free_func
);
}
void
free_function
(
void
*
ptr
,
size_t
sz
)
{
if
(
sgx_is_within_enclave
(
ptr
,
sz
))
gmp_free_func
(
ptr
,
sz
);
else
{
sgx_status_t
status
;
status
=
oc_free
(
ptr
,
sz
);
if
(
status
!=
SGX_SUCCESS
)
abort
();
}
if
(
sgx_is_within_enclave
(
ptr
,
sz
))
gmp_free_func
(
ptr
,
sz
);
else
{
sgx_status_t
status
;
status
=
oc_free
(
ptr
,
sz
);
if
(
status
!=
SGX_SUCCESS
)
abort
();
}
}
void
*
reallocate_function
(
void
*
ptr
,
size_t
osize
,
size_t
nsize
)
{
uint64_t
nptr
;
sgx_status_t
status
;
uint64_t
nptr
;
sgx_status_t
status
;
if
(
sgx_is_within_enclave
(
ptr
,
osize
))
{
return
gmp_realloc_func
(
ptr
,
osize
,
nsize
);
}
if
(
sgx_is_within_enclave
(
ptr
,
osize
))
{
return
gmp_realloc_func
(
ptr
,
osize
,
nsize
);
}
status
=
oc_realloc
(
&
nptr
,
ptr
,
osize
,
nsize
);
if
(
status
!=
SGX_SUCCESS
)
abort
();
status
=
oc_realloc
(
&
nptr
,
ptr
,
osize
,
nsize
);
if
(
status
!=
SGX_SUCCESS
)
abort
();
/*
* If the entire range of allocated memory is not outside the enclave
* then something truly terrible has happened. In theory, we could
* free() and try again, but would you trust the OS at this point?
*/
/*
* If the entire range of allocated memory is not outside the enclave
* then something truly terrible has happened. In theory, we could
* free() and try again, but would you trust the OS at this point?
*/
if
(
!
sgx_is_outside_enclave
((
void
*
)
ptr
,
nsize
))
abort
();
if
(
!
sgx_is_outside_enclave
((
void
*
)
ptr
,
nsize
))
abort
();
return
(
void
*
)
nptr
;
return
(
void
*
)
nptr
;
}
void
e_mpz_add
(
mpz_t
*
c_un
,
mpz_t
*
a_un
,
mpz_t
*
b_un
)
{}
...
...
@@ -118,208 +113,233 @@ void e_mpf_div(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {}
void
generate_ecdsa_key
(
int
*
err_status
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
)
{
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
)
{
}
void
encrypt_key
(
int
*
err_status
,
char
*
err_string
,
char
*
key
,
uint8_t
*
encrypted_key
,
uint32_t
*
enc_len
)
{
*
err_status
=
UNKNOWN_ERROR
;
*
err_status
=
-
1
;
check_key
(
err_status
,
err_string
,
key
);
uint64_t
keyLen
=
strnlen
(
key
,
MAX_KEY_LENGTH
);
if
(
*
err_status
!=
0
)
{
snprintf
(
err_string
+
strlen
(
err_string
),
BUF_LEN
,
":check_key failed"
);
return
;
}
// check that key is zero terminated string
if
(
keyLen
==
MAX_KEY_LENGTH
)
{
snprintf
(
err_string
,
MAX_ERR_LEN
,
"keyLen != MAX_KEY_LENGTH"
);
return
;
}
uint32_t
sealedLen
=
sgx_calc_sealed_data_size
(
0
,
MAX_KEY_LENGTH
)
;
*
err_status
=
-
2
;
if
(
sealedLen
>
BUF_LEN
)
{
snprintf
(
err_string
,
BUF_LEN
,
"sealedLen > BUF_LEN"
);
return
;
// check that key is padded with 0s
for
(
int
i
=
keyLen
;
i
<
MAX_KEY_LENGTH
;
i
++
)
{
if
(
key
[
i
]
!=
0
)
{
snprintf
(
err_string
,
BUF_LEN
,
"Unpadded key"
);
return
;
}
}
sgx_status_t
status
;
*
err_status
=
-
3
;
sgx_seal_data
(
0
,
NULL
,
MAX_KEY_LENGTH
,
(
uint8_t
*
)
key
,
sealedLen
,
(
sgx_sealed_data_t
*
)
encrypted_key
);
if
(
!
check_key
(
key
))
{
snprintf
(
err_string
,
BUF_LEN
,
"check_key failed"
);
return
;
}
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"SGX seal data failed with status %d"
,
status
);
err_status
=
SGX_SEAL_DATA_FAILED
;
return
;
}
uint32_t
sealedLen
=
sgx_calc_sealed_data_size
(
0
,
MAX_KEY_LENGTH
);
*
enc_len
=
sealedLen
;
*
err_status
=
-
4
;
char
decryptedKey
[
BUF_LEN
];
if
(
sealedLen
>
BUF_LEN
)
{
snprintf
(
err_string
,
BUF_LEN
,
"sealedLen > MAX_ENCRYPTED_KEY_LENGTH"
);
return
;
}
*
err_status
=
-
5
;
decrypt_key
(
err_status
,
err_string
,
encrypted_key
,
sealedLen
,
decryptedKey
);
memset
(
encrypted_key
,
0
,
BUF_LEN
);
if
(
*
err_status
!=
0
)
{
snprintf
(
err_string
+
strlen
(
err_string
),
BUF_LEN
,
":decrypt_key failed"
);
return
;
}
if
(
sgx_seal_data
(
0
,
NULL
,
MAX_KEY_LENGTH
,
(
uint8_t
*
)
key
,
sealedLen
,
(
sgx_sealed_data_t
*
)
encrypted_key
)
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"SGX seal data failed"
);
return
;
}
uint64_t
decryptedKeyLen
=
strnlen
(
decryptedKey
,
MAX_KEY_LENGTH
)
;
*
enc_len
=
sealedLen
;
if
(
decryptedKeyLen
==
MAX_KEY_LENGTH
)
{
*
err_status
=
STRING_NOT_NULL_TERMINATED
;
snprintf
(
err_string
,
MAX_ERR_LEN
,
"Key2 is not null terminated"
);
return
;
}
if
(
strncmp
(
key
,
decryptedKey
,
MAX_KEY_LENGTH
)
!=
0
)
{
*
err_status
=
ENCRYPTION_DECRYPTION_MISMATCH
;
snprintf
(
err_string
,
MAX_ERR_LEN
,
"Decrypted key does not match original"
);
return
;
}
char
key2
[
BUF_LEN
];
*
err_status
=
0
;
}
memset
(
key2
,
0
,
BUF_LEN
);
void
decrypt_key
(
int
*
err_status
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
char
*
key
)
{
decrypt_key
(
err_status
,
err_string
,
encrypted_key
,
sealedLen
,
key2
);
uint32_t
decLen
;
if
(
*
err_status
!=
0
)
{
snprintf
(
err_string
+
strlen
(
err_string
),
BUF_LEN
,
":decrypt_key failed"
);
return
;
}
*
err_status
=
-
9
;
memset
(
key
,
0
,
BUF_LEN
);
sgx_status_t
status
=
sgx_unseal_data
(
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
(
uint8_t
*
)
key
,
&
decLen
);
uint64_t
key2Len
=
strnlen
(
key2
,
MAX_KEY_LENGTH
);
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed with status %d"
,
status
);
return
;
}
if
(
key2Len
==
MAX_KEY_LENGTH
)
{
snprintf
(
err_string
,
MAX_ERR_LEN
,
"Key2 is not null terminated"
);
return
;
}
if
(
decLen
!=
MAX_KEY_LENGTH
)
{
snprintf
(
err_string
,
BUF_LEN
,
"decLen != MAX_KEY_LENGTH"
);
return
;
}
*
err_status
=
-
8
;
if
(
strncmp
(
key
,
key2
,
MAX_KEY_LENGTH
)
!=
0
)
return
;
*
err_status
=
-
10
;
*
err_status
=
0
;
}
void
decrypt_key
(
int
*
err_status
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
char
*
key
)
{
uint64_t
keyLen
=
strnlen
(
key
,
MAX_KEY_LENGTH
)
;
uint32_t
decLen
;
*
err_status
=
-
9
;
if
(
keyLen
==
MAX_KEY_LENGTH
)
{
snprintf
(
err_string
,
BUF_LEN
,
"Key is not null terminated"
);
return
;
}
sgx_status_t
status
=
sgx_unseal_data
(
(
const
sgx_sealed_data_t
*
)
encrypted_key
,
NULL
,
0
,
(
uint8_t
*
)
key
,
&
decLen
);
// check that key is padded with 0s
if
(
status
!=
SGX_SUCCESS
)
{
snprintf
(
err_string
,
BUF_LEN
,
"sgx_unseal_data failed with status %d"
,
status
);
return
;
}
for
(
int
i
=
keyLen
;
i
<
MAX_KEY_LENGTH
;
i
++
)
{
if
(
key
[
i
]
!=
0
)
{
snprintf
(
err_string
,
BUF_LEN
,
"Unpadded key"
);
return
;
}
}
*
err_status
=
0
;
if
(
decLen
!=
MAX_KEY_LENGTH
)
{
snprintf
(
err_string
,
BUF_LEN
,
"decLen != MAX_KEY_LENGTH"
);
return
;
}
}
*
err_status
=
-
10
;
void
bls_sign_message
(
int
*
err_status
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
char
*
_hashX
,
char
*
_hashY
,
char
*
signature
)
{
uint64_t
keyLen
=
strnlen
(
key
,
MAX_KEY_LENGTH
);
char
key
[
BUF_LEN
];
char
sig
[
BUF_LEN
];
if
(
keyLen
==
MAX_KEY_LENGTH
)
{
snprintf
(
err_string
,
BUF_LEN
,
"Key is not null terminated"
);
return
;
}
decrypt_key
(
err_status
,
err_string
,
encrypted_key
,
enc_len
,
key
);
// check that key is padded with 0s
if
(
err_status
!=
0
)
{
return
;
for
(
int
i
=
keyLen
;
i
<
MAX_KEY_LENGTH
;
i
++
)
{
if
(
key
[
i
]
!=
0
)
{
snprintf
(
err_string
,
BUF_LEN
,
"Unpadded key"
);
return
;
}
}
*
err_status
=
0
;
return
;
sign
(
key
,
_hashX
,
_hashY
,
sig
);
}
strncpy
(
signature
,
sig
,
BUF_LEN
);
}
void
bls_sign_message
(
int
*
err_status
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
char
*
_hashX
,
char
*
_hashY
,
char
*
signature
)
{
void
ecdsa_sign_message
(
int
*
err_status
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
uint8_t
*
message
,
char
*
signature
)
{
*
err_status
=
-
1
;
char
key
[
BUF_LEN
];
char
sig
[
BUF_LEN
];
char
key
[
BUF_LEN
]
;
decrypt_key
(
err_status
,
err_string
,
encrypted_key
,
enc_len
,
key
)
;
decrypt_key
(
err_status
,
err_string
,
encrypted_key
,
enc_len
,
key
);
if
(
err_status
!=
0
)
{
return
;
}
if
(
err_status
!=
0
)
{
return
;
}
sign
(
key
,
_hashX
,
_hashY
,
sig
);
strncpy
(
signature
,
sig
,
BUF_LEN
);
//strncpy(signature, ecdsaSig, MAX_SIG_LEN);
}
void
ecdsa_sign_message
(
int
*
err_status
,
char
*
err_string
,
uint8_t
*
encrypted_key
,
uint32_t
enc_len
,
uint8_t
*
message
,
char
*
signature
)
{
*
err_status
=
-
1
;
char
key
[
BUF_LEN
];
decrypt_key
(
err_status
,
err_string
,
encrypted_key
,
enc_len
,
key
);
unsigned
char
entropy_buf
[
ADD_ENTROPY_SIZE
]
=
{
0
};
if
(
err_status
!=
0
)
{
return
;
}
RAND_add
(
entropy_buf
,
sizeof
(
entropy_buf
),
ADD_ENTROPY_SIZE
);
RAND_seed
(
entropy_buf
,
sizeof
(
entropy_buf
));
// Initialize SGXSSL crypto
OPENSSL_init_crypto
(
0
,
NULL
);
RAND_add
(
entropy_buf
,
sizeof
(
entropy_buf
),
ADD_ENTROPY_SIZE
);
RAND_seed
(
entropy_buf
,
sizeof
(
entropy_buf
));
//strncpy(signature, ecdsaSig, MAX_SIG_LEN);
EC_KEY
*
ec
=
NULL
;
int
eccgroup
;
eccgroup
=
OBJ_txt2nid
(
"secp384r1"
);
ec
=
EC_KEY_new_by_curve_name
(
eccgroup
);
if
(
ec
==
NULL
)
{
return
;
}
EC_KEY_set_asn1_flag
(
ec
,
OPENSSL_EC_NAMED_CURVE
);
int
ret
=
EC_KEY_generate_key
(
ec
);
if
(
!
ret
)
{
return
;
}
EVP_PKEY
*
ec_pkey
=
EVP_PKEY_new
();
if
(
ec_pkey
==
NULL
)
{
return
;
}
EVP_PKEY_assign_EC_KEY
(
ec_pkey
,
ec
);
// DONE
char
buffer
[
100
];
unsigned
char
sig
;
unsigned
int
siglen
;
int
i
;
for
(
i
=
0
;
i
<
1000
;
i
++
)
{
// Add context
EVP_MD_CTX
*
context
=
EVP_MD_CTX_new
();
// Init, update, final
EVP_SignInit_ex
(
context
,
EVP_sha1
(),
NULL
);
EVP_SignUpdate
(
context
,
&
buffer
,
100
);
EVP_SignFinal
(
context
,
&
sig
,
&
siglen
,
ec_pkey
);
}
unsigned
char
entropy_buf
[
ADD_ENTROPY_SIZE
]
=
{
0
};
RAND_add
(
entropy_buf
,
sizeof
(
entropy_buf
),
ADD_ENTROPY_SIZE
);
RAND_seed
(
entropy_buf
,
sizeof
(
entropy_buf
));
// Initialize SGXSSL crypto
OPENSSL_init_crypto
(
0
,
NULL
);
*
err_status
=
0
;
RAND_add
(
entropy_buf
,
sizeof
(
entropy_buf
),
ADD_ENTROPY_SIZE
);
RAND_seed
(
entropy_buf
,
sizeof
(
entropy_buf
));
EC_KEY
*
ec
=
NULL
;
int
eccgroup
;
eccgroup
=
OBJ_txt2nid
(
"secp384r1"
);
ec
=
EC_KEY_new_by_curve_name
(
eccgroup
);
if
(
ec
==
NULL
)
{
return
;
}
EC_KEY_set_asn1_flag
(
ec
,
OPENSSL_EC_NAMED_CURVE
);
int
ret
=
EC_KEY_generate_key
(
ec
);
if
(
!
ret
)
{
return
;
}
EVP_PKEY
*
ec_pkey
=
EVP_PKEY_new
();
if
(
ec_pkey
==
NULL
)
{
return
;
}
EVP_PKEY_assign_EC_KEY
(
ec_pkey
,
ec
);
// DONE
char
buffer
[
100
];
unsigned
char
sig
;
unsigned
int
siglen
;
int
i
;
for
(
i
=
0
;
i
<
1000
;
i
++
)
{
// Add context
EVP_MD_CTX
*
context
=
EVP_MD_CTX_new
();
// Init, update, final
EVP_SignInit_ex
(
context
,
EVP_sha1
(),
NULL
);
EVP_SignUpdate
(
context
,
&
buffer
,
100
);
EVP_SignFinal
(
context
,
&
sig
,
&
siglen
,
ec_pkey
);
}
*
err_status
=
0
;
}
sgxwallet_common.h
View file @
6d82dafc
...
...
@@ -27,21 +27,5 @@
#define ADD_ENTROPY_SIZE 32
#define UNKNOWN_ERROR -1
#define PLAINTEXT_KEY_TOO_LONG -2
#define UNPADDED_KEY -3
#define NULL_KEY -4
#define INCORRECT_STRING_CONVERSION -5
#define SEALED_LEN_TOO_LARGE -6
#define SGX_SEAL_DATA_FAILED -7
#define STRING_NOT_NULL_TERMINATED -8
#define ENCRYPTION_DECRYPTION_MISMATCH -9
#endif //SGXWALLET_SGXWALLET_COMMON_H
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
