SKLAE-2002 add test for aes/not-aes encryption/decryption

.github/workflows/dockerimagesim.yml

@@ -47,14 +47,10 @@ jobs:
       id: create_release
       uses: actions/create-release@latest
       env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       with:
         tag_name: ${{ env.VERSION }}
-        release_name: Release ${{ env.VERSION }}
-        body: |
-          Changes in this Release
-          - First Change
-          - Second Change
+        release_name: ${{ env.VERSION }}
         draft: false
         prerelease: true
 

secure_enclave/secure_enclave.c

@@ -159,13 +159,6 @@ void trustedGenerateEcdsaKey(int *errStatus, char *errString,
     mpz_mod(skey, seed, curve->p);
     mpz_clear(seed);
 
-    //mpz_set_str(skey, "e7af72d241d4dd77bc080ce9234d742f6b22e35b3a660e8c197517b909f63ca8", 16);
-    //mpz_set_str(skey, "4160780231445160889237664391382223604576", 10);
-    //mpz_set_str(skey, "4160780231445160889237664391382223604184857153814275770598791864649971919844", 10);
-    //mpz_set_str(skey, "1", 10);
-    //mpz_set_str(skey, "ebb2c082fd7727890a28ac82f6bdf97bad8de9f5d7c9028692de1a255cad3e0f", 16);
-    // mpz_set_str(skey, "D30519BCAE8D180DBFCC94FE0B8383DC310185B0BE97B4365083EBCECCD75759", 16);
-
     //Public key
     point Pkey = point_init();
 
@@ -309,7 +302,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
     domain_parameters_load_curve(curve, secp256k1);
     point publicKey = point_init();
 
-
     if (!hash) {
         *errStatus = 1;
         char* msg = "NULL message hash";
@@ -341,7 +333,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
         LOG_ERROR(errString);
         goto clean;
     }
-    
 
     sgx_status_t status = sgx_unseal_data(
             (const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, privateKey, &dec_len);
@@ -362,9 +353,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
         goto clean;
     }
 
-
-
-
     signature_sign(sign, msgMpz, privateKeyMpz, curve);
 
     signature_extract_public_key(publicKey, privateKeyMpz, curve);

testw.cpp

@@ -332,8 +332,6 @@ TEST_CASE_METHOD(TestFixture, "ECDSA keygen and signature test", "[ecdsa-key-sig
 
     uint32_t encLen = 0;
 
-    //printf("before %p\n", pubKeyX);
-
     status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen, pubKeyX.data(),
                                      pubKeyY.data());
 
@@ -955,8 +953,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
 
     string hash = SAMPLE_HASH;
 
-    auto hash_arr = make_shared < array < uint8_t,
-    32 >> ();
+    auto hash_arr = make_shared < array < uint8_t, 32 >> ();
 
     uint64_t binLen;
 
@@ -1038,3 +1035,69 @@ TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypt
         thread.join();
     }
 }
+
+TEST_CASE_METHOD(TestFixture, "AES == NOT AES", "[aes-not-aes]") {
+    domain_parameters curve = domain_parameters_init();
+    domain_parameters_load_curve(curve, secp256k1);
+
+    gmp_randstate_t state;
+    gmp_randinit_default(state);
+
+    mpz_t rand;
+    mpz_init(rand);
+    mpz_urandomb(rand, state, 256);
+
+    mpz_t seed;
+    mpz_init(seed);
+    mpz_mod(seed, rand, curve->p);
+
+    mpz_t skey;
+    mpz_init(skey);
+    mpz_mod(skey, seed, curve->p);
+    mpz_clear(seed);
+
+    char skey_str[mpz_sizeinbase(skey, ECDSA_SKEY_BASE) + 2];
+    char *s = mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey);
+    gmp_randclear(state);
+
+    int errStatus = 0;
+    vector<char> errMsg(BUF_LEN, 0);
+    vector <uint8_t> encrPrivKey(BUF_LEN, 0);
+    uint32_t enc_len = 0;
+    trustedEncryptKey(eid, &errStatus, errMsg.data(), skey_str, encrPrivKey.data(), &enc_len);
+    REQUIRE(errStatus == SGX_SUCCESS);
+
+    int errStatusAES = 0;
+    vector<char> errMsgAES(BUF_LEN, 0);
+    vector <uint8_t> encrPrivKeyAES(BUF_LEN, 0);
+    uint32_t enc_lenAES = 0;
+    trustedEncryptKeyAES(eid, &errStatusAES, errMsgAES.data(), skey_str, encrPrivKeyAES.data(), &enc_lenAES);
+    REQUIRE( errStatusAES == SGX_SUCCESS );
+
+    errMsg.clear();
+    string hex = SAMPLE_HEX_HASH;
+    vector<char> signatureR(BUF_LEN, 0);
+    vector<char> signatureS(BUF_LEN, 0);
+    uint8_t signatureV = 0;
+
+    uint32_t dec_len = 0;
+    status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encrPrivKey.data(), dec_len, (unsigned char *) hex.data(),
+                              signatureR.data(),
+                              signatureS.data(), &signatureV, 16);
+    REQUIRE( status == SGX_SUCCESS );
+
+    errMsgAES.clear();
+    vector<char> signatureRAES(BUF_LEN, 0);
+    vector<char> signatureSAES(BUF_LEN, 0);
+    uint8_t signatureVAES = 0;
+
+    uint32_t dec_lenAES = 0;
+    status = trustedEcdsaSignAES(eid, &errStatusAES, errMsgAES.data(), encrPrivKeyAES.data(), dec_lenAES, (unsigned char *) hex.data(),
+                              signatureRAES.data(),
+                              signatureSAES.data(), &signatureVAES, 16);
+    REQUIRE( status == SGX_SUCCESS );
+
+    REQUIRE( signatureR == signatureRAES );
+    REQUIRE( signatureS == signatureSAES );
+    REQUIRE( signatureV == signatureVAES );
+}

testw.h

@@ -5,7 +5,7 @@
 #ifndef SGXWALLET_TESTW_H
 #define SGXWALLET_TESTW_H
 
-#define  TEST_BLS_KEY_SHARE "4160780231445160889237664391382223604184857153814275770598791864649971919844"
+#define TEST_BLS_KEY_SHARE "4160780231445160889237664391382223604184857153814275770598791864649971919844"
 #define TEST_BLS_KEY_NAME "SCHAIN:17:INDEX:5:KEY:1"
 #define SAMPLE_HASH "09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db"
 #define SAMPLE_HEX_HASH "3F891FDA3704F0368DAB65FA81EBE616F4AA2A0854995DA4DC0B59D2CADBD64F"