SKALE-1880-fix-ecdsa

7acee1a7 · kladko · 9624a6e9 · 7acee1a7 · 7acee1a7 · 7acee1a7
Unverified Commit 7acee1a7 authored May 20, 2020 by kladko
9 changed files
--- a/ECDSACrypto.cpp
+++ b/ECDSACrypto.cpp
@@ -39,7 +39,10 @@



+#include "secure_enclave/Verify.h"
+
 #include "BLSCrypto.h"
+
 #include "ECDSACrypto.h"


@@ -153,16 +156,23 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i
    }


-    spdlog::debug("encryptedKeyHex: {}", encryptedKeyHex);
-    spdlog::debug("HASH: {}", hashHex);
-    spdlog::debug("encrypted len: {}", dec_len);
-

    if (!encryptKeys) {
        status = trustedEcdsaSign(eid, &errStatus, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char *) hashHex, signature_r,
                             signature_s, &signature_v, base);
+
+        domain_parameters curve = domain_parameters_init();
+        domain_parameters_load_curve(curve, secp256k1);
+
+        point publicKey = point_init();
+
+
        mpz_t msgMpz;
        mpz_init(msgMpz);
+
+
+
+
        if (mpz_set_str(msgMpz, hashHex, 16) == -1) {
            spdlog::error("invalid message hash {}", hashHex);
            goto clean;
@@ -173,7 +183,8 @@ vector<string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, i

        mpz_clear(msgMpz);

-
+        domain_parameters_clear(curve);
+        point_clear(publicKey);

    }
    else

--- a/Makefile.am
+++ b/Makefile.am
@@ -10,7 +10,7 @@ include $(top_srcdir)/build-aux/sgx_app.am
 ##
 ## And a pattern rule for building prexoxy functions from EDL files:
 ##
-##   %_u.h %_u.c: %.edl
+##   %_u.h %_u.c: %.edl34
 ##
 ## And sets these Makefile variables:
 ##
@@ -67,9 +67,12 @@ bin_PROGRAMS =  sgxwallet testw cert_util
 ## have to be explicitly listed.

 COMMON_SRC = InvalidStateException.cpp  Exception.cpp InvalidArgumentException.cpp Log.cpp  \
-             SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp  BLSCrypto.cpp ECDSACrypto.cpp \
+             SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp  BLSCrypto.cpp \
+             secure_enclave/DomainParameters.c ECDSACrypto.cpp \
             DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp \
-             sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c
+             sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c \
+             secure_enclave/NumberTheory.c secure_enclave/Signature.c \
+             secure_enclave/Curves.c secure_enclave/Point.c
 COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h

 sgxwallet_SOURCES = sgxwallet.c  $(COMMON_SRC)

--- a/common.h
+++ b/common.h
@@ -35,10 +35,7 @@ using namespace std;

 #define USER_SPACE
 #include <gmp.h>
-#include "secure_enclave/Point.h"
-#include "secure_enclave/DomainParameters.h"
-#include "secure_enclave/NumberTheory.h"
-#include "secure_enclave/Signature.h"
+#include "secure_enclave/Verify.h"
 #include "InvalidStateException.h"



--- a/secure_enclave/Curves.h
+++ b/secure_enclave/Curves.h
@@ -25,6 +25,12 @@
 #ifndef SGXWALLET_CURVES_H
 #define SGXWALLET_CURVES_H

+#ifdef __cplusplus
+#define EXTERNC extern "C"
+#else
+#define EXTERNC
+#endif
+

 /*Curves that can be loaded using domain_parameters_load_curve()*/
 typedef enum {	secp112r1 = 0,
@@ -47,7 +53,7 @@ typedef enum {	secp112r1 = 0,
 #define NUMBER_OF_CURVES (secp521r1+1)

 /*Load a curve depending on it's curve number, defined by the enum*/
-void domain_parameters_load_curve(domain_parameters out, curve_list curve);
+EXTERNC void domain_parameters_load_curve(domain_parameters out, curve_list curve);

 /* REMARK:
 For some weird reason secp112r2 and secp128r2 doesn't want to be stable. Actually they work once in a while. However running the benchmark command gives -1 as operation time, sometimes and only sometimes!

--- a/secure_enclave/DomainParameters.h
+++ b/secure_enclave/DomainParameters.h
@@ -23,6 +23,11 @@
 #ifndef SGXWALLET_DOMAINPARAMETERS_H
 #define SGXWALLET_DOMAINPARAMETERS_H

+#ifdef __cplusplus
+#define EXTERNC extern "C"
+#else
+#define EXTERNC
+#endif

 /*Type that represents a point*/
 typedef struct point_s* point;
@@ -48,13 +53,13 @@ struct domain_parameters_s
 };

 /*Initialize a curve*/
-domain_parameters domain_parameters_init();
+EXTERNC domain_parameters domain_parameters_init();

 /*Sets the name of a curve*/
-void domain_parameters_set_name(domain_parameters curve, char* name);
+EXTERNC void domain_parameters_set_name(domain_parameters curve, char* name);

 /*Set domain parameters from decimal unsigned long ints*/
-void domain_parameters_set_ui(domain_parameters curve,
+EXTERNC void domain_parameters_set_ui(domain_parameters curve,
 								char* name,
 								unsigned long int p,
 								unsigned long int a,
@@ -65,9 +70,9 @@ void domain_parameters_set_ui(domain_parameters curve,
 								unsigned long int h);

 /*Set domain parameters from hexadecimal string*/
-void domain_parameters_set_hex(domain_parameters curve, char* name, char* p, char* a, char* b, char* Gx, char* Gy, char* n, char* h);
+EXTERNC void domain_parameters_set_hex(domain_parameters curve, char* name, char* p, char* a, char* b, char* Gx, char* Gy, char* n, char* h);

 /*Release memory*/
-void domain_parameters_clear(domain_parameters curve);
+EXTERNC void domain_parameters_clear(domain_parameters curve);

 #endif
\ No newline at end of file
--- a/secure_enclave/Point.h
+++ b/secure_enclave/Point.h
@@ -26,56 +26,58 @@
 #define SGXWALLET_POINT_H


+
+
 #include "DomainParameters.h"

 /*Initialize a point*/
-point point_init();
+EXTERNC point point_init();

 /*Release point*/
-void point_clear(point p);
+EXTERNC void point_clear(point p);

 /*Set point to be a infinity*/
-void point_at_infinity(point p);
+EXTERNC void point_at_infinity(point p);

 /*Set R to the additive inverse of P, in the curve curve*/
-void point_inverse(point R, point P, domain_parameters curve);
+EXTERNC void point_inverse(point R, point P, domain_parameters curve);

 /*Print point to standart output stream*/
-void point_print(point p);
+EXTERNC void point_print(point p);

 /*Set point from hexadecimal strings*/
-void point_set_hex(point p, char *x, char *y);
+EXTERNC void point_set_hex(point p, char *x, char *y);

 /*Set point from decimal unsigned long ints*/
-void point_set_ui(point p, unsigned long int x, unsigned long int y);
+EXTERNC void point_set_ui(point p, unsigned long int x, unsigned long int y);

 /*Addition of point P + Q = result*/
-void point_addition(point result, point P, point Q, domain_parameters curve);
+EXTERNC void point_addition(point result, point P, point Q, domain_parameters curve);

 /*Set point R = 2P*/
-void point_doubling(point R, point P, domain_parameters curve);
+EXTERNC void point_doubling(point R, point P, domain_parameters curve);

 /*Perform scalar multiplication to P, with the factor multiplier, over the curve curve*/
-void point_multiplication(point R, mpz_t multiplier, point P, domain_parameters curve);
+EXTERNC void point_multiplication(point R, mpz_t multiplier, point P, domain_parameters curve);

 /*Set point from strings of a base from 2-62*/
-void point_set_str(point p, char *x, char *y, int base);
+EXTERNC void point_set_str(point p, char *x, char *y, int base);

 /*Compare two points return 1 if not the same, returns 0 if they are the same*/
-bool point_cmp(point P, point Q);
+EXTERNC bool point_cmp(point P, point Q);

 /*Decompress a point from hexadecimal representation
 *This function is implemented as specified in SEC 1: Elliptic Curve Cryptography, section 2.3.4.*/
-void point_decompress(point P, char* zPoint, domain_parameters curve);
+EXTERNC void point_decompress(point P, char* zPoint, domain_parameters curve);

 /*Compress a point to hexadecimal string
 *This function is implemented as specified in SEC 1: Elliptic Curve Cryptography, section 2.3.3.*/
-char* point_compress(point P);
+EXTERNC char* point_compress(point P);

 /*Make R a copy of P*/
-void point_copy(point R, point P);
+EXTERNC void point_copy(point R, point P);

 /*Set a point from another point*/
-void point_set(point R, point P);
+EXTERNC void point_set(point R, point P);

 #endif
\ No newline at end of file
--- a/secure_enclave/Signature.h
+++ b/secure_enclave/Signature.h
@@ -24,6 +24,12 @@
 #ifndef SGXWALLET_SIGNATURE_H
 #define SGXWALLET_SIGNATURE_H

+#ifdef __cplusplus
+#define EXTERNC extern "C"
+#else
+#define EXTERNC
+#endif
+
 /*Type for representing a signature*/
 struct signature_s
 {
@@ -35,34 +41,34 @@ struct signature_s
 typedef struct signature_s* signature;

 /*Initialize a signature*/
-signature signature_init();
+EXTERNC signature signature_init();

 /*Set signature from strings of a base from 2-62*/
-void signature_set_str(signature sig, char *r, char *s, int base);
+EXTERNC void signature_set_str(signature sig, char *r, char *s, int base);

 /*Set signature from hexadecimal strings*/
-void signature_set_hex(signature sig, char *r, char *s);
+EXTERNC void signature_set_hex(signature sig, char *r, char *s);

 /*Set signature from decimal unsigned long ints*/
-void signature_set_ui(signature sig, unsigned long int r, unsigned long int s);
+EXTERNC void signature_set_ui(signature sig, unsigned long int r, unsigned long int s);

 /*Print signature to standart output stream*/
-void signature_print(signature sig);
+EXTERNC void signature_print(signature sig);

 /*Make R a copy of P*/
-void signature_copy(signature R, signature sig);
+EXTERNC void signature_copy(signature R, signature sig);

 /*Compare two signatures return 1 if not the same, returns 0 if they are the same*/
-bool signature_cmp(signature sig1, signature sig2);
+EXTERNC bool signature_cmp(signature sig1, signature sig2);

 /*Release signature*/
-void signature_free(signature sig);
+EXTERNC void signature_free(signature sig);

 /*Generates a public key for a private key*/
-void signature_extract_public_key(point public_key, mpz_t private_key, domain_parameters curve);
+EXTERNC void signature_extract_public_key(point public_key, mpz_t private_key, domain_parameters curve);

 /*Generate signature for a message*/
-void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve);
+EXTERNC void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve);

 /*Verify the integrity of a message using it's signature*/
 static inline bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve) {

--- a/secure_enclave/Verify.h
+++ b/secure_enclave/Verify.h
+/*
+    Copyright (C) 2019-Present SKALE Labs
+
+    This file is part of sgxwallet.
+
+    sgxwallet is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published
+    by the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    sgxwallet is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.
+
+    @file Verify.h
+    @author Stan Kladko
+    @date 2020
+*/
+#ifndef SGXWALLET_VERIFY_H
+#define SGXWALLET_VERIFY_H
+#include "secure_enclave/Point.h"
+#include "secure_enclave/DomainParameters.h"
+#include "secure_enclave/NumberTheory.h"
+#include "secure_enclave/Signature.h"
+#include "secure_enclave/Curves.h"
+#endif //SGXWALLET_VERIFY_H
--- a/secure_enclave/secure_enclave.c
+++ b/secure_enclave/secure_enclave.c
@@ -307,7 +307,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate

    domain_parameters curve = domain_parameters_init();
    domain_parameters_load_curve(curve, secp256k1);
-
    point publicKey = point_init();