SKLAE-2002 add test for aes/not-aes encryption/decryption

799b930a · Oleh Nikolaiev · 9b190d93 · 799b930a · 799b930a · 799b930a
Unverified Commit 799b930a authored Jun 01, 2020 by Oleh Nikolaiev
Show whitespace changes
Inline Side-by-side

Showing with 69 additions and 22 deletions

dockerimagesim.yml .github/workflows/dockerimagesim.yml +2 -6

secure_enclave.c secure_enclave/secure_enclave.c +0 -12

testw.cpp testw.cpp +67 -4

No files found.
--- a/.github/workflows/dockerimagesim.yml
+++ b/.github/workflows/dockerimagesim.yml
@@ -47,14 +47,10 @@ jobs:
      id: create_release
      uses: actions/create-release@latest
      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      with:
        tag_name: ${{ env.VERSION }}
-        release_name: Release ${{ env.VERSION }}
-        body: |
-          Changes in this Release
-          - First Change
-          - Second Change
+        release_name: ${{ env.VERSION }}
        draft: false
        prerelease: true


--- a/secure_enclave/secure_enclave.c
+++ b/secure_enclave/secure_enclave.c
@@ -159,13 +159,6 @@ void trustedGenerateEcdsaKey(int *errStatus, char *errString,
    mpz_mod(skey, seed, curve->p);
    mpz_clear(seed);

-    //mpz_set_str(skey, "e7af72d241d4dd77bc080ce9234d742f6b22e35b3a660e8c197517b909f63ca8", 16);
-    //mpz_set_str(skey, "4160780231445160889237664391382223604576", 10);
-    //mpz_set_str(skey, "4160780231445160889237664391382223604184857153814275770598791864649971919844", 10);
-    //mpz_set_str(skey, "1", 10);
-    //mpz_set_str(skey, "ebb2c082fd7727890a28ac82f6bdf97bad8de9f5d7c9028692de1a255cad3e0f", 16);
-    // mpz_set_str(skey, "D30519BCAE8D180DBFCC94FE0B8383DC310185B0BE97B4365083EBCECCD75759", 16);
-
    //Public key
    point Pkey = point_init();

@@ -309,7 +302,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
    domain_parameters_load_curve(curve, secp256k1);
    point publicKey = point_init();

-
    if (!hash) {
        *errStatus = 1;
        char* msg = "NULL message hash";
@@ -342,7 +334,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
        goto clean;
    }

-
    sgx_status_t status = sgx_unseal_data(
            (const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, privateKey, &dec_len);

@@ -362,9 +353,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
        goto clean;
    }

-
-
-
    signature_sign(sign, msgMpz, privateKeyMpz, curve);

    signature_extract_public_key(publicKey, privateKeyMpz, curve);

--- a/testw.cpp
+++ b/testw.cpp
@@ -332,8 +332,6 @@ TEST_CASE_METHOD(TestFixture, "ECDSA keygen and signature test", "[ecdsa-key-sig

    uint32_t encLen = 0;

-    //printf("before %p\n", pubKeyX);
-
    status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen, pubKeyX.data(),
                                     pubKeyY.data());

@@ -955,8 +953,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {

    string hash = SAMPLE_HASH;

-    auto hash_arr = make_shared < array < uint8_t,
-    32 >> ();
+    auto hash_arr = make_shared < array < uint8_t, 32 >> ();

    uint64_t binLen;

@@ -1038,3 +1035,69 @@ TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypt
        thread.join();
    }
 }
+
+TEST_CASE_METHOD(TestFixture, "AES == NOT AES", "[aes-not-aes]") {
+    domain_parameters curve = domain_parameters_init();
+    domain_parameters_load_curve(curve, secp256k1);
+
+    gmp_randstate_t state;
+    gmp_randinit_default(state);
+
+    mpz_t rand;
+    mpz_init(rand);
+    mpz_urandomb(rand, state, 256);
+
+    mpz_t seed;
+    mpz_init(seed);
+    mpz_mod(seed, rand, curve->p);
+
+    mpz_t skey;
+    mpz_init(skey);
+    mpz_mod(skey, seed, curve->p);
+    mpz_clear(seed);
+
+    char skey_str[mpz_sizeinbase(skey, ECDSA_SKEY_BASE) + 2];
+    char *s = mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey);
+    gmp_randclear(state);
+
+    int errStatus = 0;
+    vector<char> errMsg(BUF_LEN, 0);
+    vector <uint8_t> encrPrivKey(BUF_LEN, 0);
+    uint32_t enc_len = 0;
+    trustedEncryptKey(eid, &errStatus, errMsg.data(), skey_str, encrPrivKey.data(), &enc_len);
+    REQUIRE(errStatus == SGX_SUCCESS);
+
+    int errStatusAES = 0;
+    vector<char> errMsgAES(BUF_LEN, 0);
+    vector <uint8_t> encrPrivKeyAES(BUF_LEN, 0);
+    uint32_t enc_lenAES = 0;
+    trustedEncryptKeyAES(eid, &errStatusAES, errMsgAES.data(), skey_str, encrPrivKeyAES.data(), &enc_lenAES);
+    REQUIRE( errStatusAES == SGX_SUCCESS );
+
+    errMsg.clear();
+    string hex = SAMPLE_HEX_HASH;
+    vector<char> signatureR(BUF_LEN, 0);
+    vector<char> signatureS(BUF_LEN, 0);
+    uint8_t signatureV = 0;
+
+    uint32_t dec_len = 0;
+    status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encrPrivKey.data(), dec_len, (unsigned char *) hex.data(),
+                              signatureR.data(),
+                              signatureS.data(), &signatureV, 16);
+    REQUIRE( status == SGX_SUCCESS );
+
+    errMsgAES.clear();
+    vector<char> signatureRAES(BUF_LEN, 0);
+    vector<char> signatureSAES(BUF_LEN, 0);
+    uint8_t signatureVAES = 0;
+
+    uint32_t dec_lenAES = 0;
+    status = trustedEcdsaSignAES(eid, &errStatusAES, errMsgAES.data(), encrPrivKeyAES.data(), dec_lenAES, (unsigned char *) hex.data(),
+                              signatureRAES.data(),
+                              signatureSAES.data(), &signatureVAES, 16);
+    REQUIRE( status == SGX_SUCCESS );
+
+    REQUIRE( signatureR == signatureRAES );
+    REQUIRE( signatureS == signatureSAES );
+    REQUIRE( signatureV == signatureVAES );
+}