Merge branch 'develop' into enhancement/SKALE-2844-update-docs

DKGCrypto.cpp

@@ -351,7 +351,6 @@ string decryptDHKey(const string &polyName, int ind) {
 
 vector<string> mult_G2(const string &x) {
     vector<string> result(4);
-    libff::init_alt_bn128_params();
     libff::alt_bn128_Fr el(x.c_str());
     libff::alt_bn128_G2 elG2 = el * libff::alt_bn128_G2::one();
     elG2.to_affine_coordinates();

DockerfileBase

@@ -37,5 +37,5 @@ RUN    apt update && \
        cd .. && rm -rf dynamic-application-loader-host-interface-072d233296c15d0dcd1fb4570694d0244729f87b && \
        cd /usr/src/sdk && \
        ./autoconf.bash && \
-       ./configure  && \
+        ./configure  && \
        bash -c "make -j$(nproc)"

README.md

@@ -27,6 +27,14 @@ The sgxwallet server is still in active development and therefore should be rega
 
 ## Running sgxwallet
 
+### Clone this repo
+
+As you probably suspect, the first thing to do is to clone this repository and all it is sub-repositories. 
+
+```bash
+git clone https://github.com/skalenetwork/sgxwallet.git --recurse-submodules
+```
+
 ### Try in simulation mode
 
 The easiest way to try the sgxwallet server is to run a docker container in insecure simulation mode that emulates an SGX processor. Once you are familiar with the server, you can enable sgx on your machine and run it in secure production mode.
@@ -55,12 +63,12 @@ Never run a production sgxserver in simulation mode.
 If you are a SKALE validator and want to run sgxwallet for testnet or mainnet usage, you need
  a SGX-capable server.  
 Please refer to Admin guide for details on how to setup sgxwallet in a secure hardware mode 
- [docs/admin_guide.md](docs/admin_guide.md).
+ [docs/admin-guide.md](docs/admin-guide.md).
 
 ## Developer guide
 
 If you are a SKALE developer and want to build sgxwallet from source, please refer to Developer
-guide [docs/developer_guide.md](docs/developer_guide.md).
+guide [docs/developer-guide.md](docs/developer-guide.md).
 
 ## Contributing
 

ServerInit.cpp

@@ -31,6 +31,7 @@
 #include <sys/stat.h>
 
 #include "libff/algebra/curves/alt_bn128/alt_bn128_init.hpp"
+#include <libff/common/profiling.hpp>
 #include "bls.h"
 #include "leveldb/db.h"
 #include <jsonrpccpp/server/connectors/httpserver.h>
@@ -56,7 +57,12 @@
 #include "SGXWalletServer.hpp"
 
 void initUserSpace() {
+
+    libff::inhibit_profiling_counters = true;
+    libff::inhibit_profiling_info = true;
+
     libff::init_alt_bn128_params();
+
     LevelDB::initDataFolderAndDBs();
 }
 

docs/developer-guide.md

@@ -3,12 +3,12 @@
 ## Build from source code
 
 -   [Install prerequisites](prerequisites.md)
--   [Enable SGX](enabling-sgx.md)
--   [Build SGX](building.md)
--   [Example Usage](examples.md)
+-   [Enable SGX mode on your machine](enabling-sgx.md)
+-   [Build sgxwallet ](building.md)
+-   [Sgxwallet example usage](examples.md)
 -   [Contributing source code](../.github/CONTRIBUTING.md)
--   [Security Bug Reporting](../SECURITY.md)
+-   [Security bug reporting](../SECURITY.md)
 
 ## Community
 
--   [SKALE Discord](http://skale.chat)
+-   [SKALE discord](http://skale.chat)

secure_enclave/EnclaveCommon.cpp

@@ -101,7 +101,7 @@ void enclave_init() {
 
 bool enclave_sign(const char *_keyString, const char *_hashXString, const char *_hashYString,
           char* sig) {
-    libff::init_alt_bn128_params();
+
 
     auto key = keyFromString(_keyString);
 
@@ -217,20 +217,20 @@ void logMsg(log_level _level, const char* _msg) {
 }
 
 
-EXTERNC void LOG_INFO(char* _msg) {
+EXTERNC void LOG_INFO(const char* _msg) {
     logMsg(L_INFO, _msg);
 };
-EXTERNC void LOG_WARN(char* _msg) {
+EXTERNC void LOG_WARN(const char* _msg) {
     logMsg(L_WARNING, _msg);
 };
 
-EXTERNC void LOG_ERROR(char* _msg) {
+EXTERNC void LOG_ERROR(const char* _msg) {
     logMsg(L_ERROR, _msg);
 };
-EXTERNC void LOG_DEBUG(char* _msg) {
+EXTERNC void LOG_DEBUG(const char* _msg) {
     logMsg(L_DEBUG, _msg);
 };
-EXTERNC void LOG_TRACE(char* _msg) {
+EXTERNC void LOG_TRACE(const char* _msg) {
     logMsg(L_TRACE, _msg);
 };
 

secure_enclave/EnclaveCommon.h

@@ -43,12 +43,19 @@ EXTERNC bool hex2carray2(const char * _hex, uint64_t  *_bin_len,
                          uint8_t* _bin, const int _max_length );
 EXTERNC void enclave_init();
 
-EXTERNC void LOG_INFO(char* msg);
-EXTERNC void LOG_WARN(char* _msg);
-EXTERNC void LOG_ERROR(char* _msg);
-EXTERNC void LOG_DEBUG(char* _msg);
-EXTERNC void LOG_TRACE(char* _msg);
+
+
+void get_global_random(unsigned char* _randBuff, uint64_t size);
+
+EXTERNC void LOG_INFO(const char* msg);
+EXTERNC void LOG_WARN(const char* _msg);
+EXTERNC void LOG_ERROR(const char* _msg);
+EXTERNC void LOG_DEBUG(const char* _msg);
+EXTERNC void LOG_TRACE(const char* _msg);
 
 extern uint32_t globalLogLevel_;
 
+extern unsigned char* globalRandom;
+
+
 #endif //SGXWALLET_ENCLAVECOMMON_H

secure_enclave/Signature.c

@@ -92,86 +92,111 @@ void signature_extract_public_key(point public_key, mpz_t private_key, domain_pa
 void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve) {
     //message must not have a bit length longer than that of n
     //see: Guide to Elliptic Curve Cryptography, section 4.4.1.
-    assert(mpz_sizeinbase(message, 2) <= mpz_sizeinbase(curve->n, 2));
 
-    point Q = point_init();
+    for (int i = 0; i < 1; i++ ) {
 
-    //Initializing variables
-    mpz_t k, x, r, t1, t2, t3, t4, t5,  s, n_div_2, rem, neg, seed;
-    mpz_init(k); mpz_init(x); mpz_init(r); mpz_init(t1); mpz_init(t2); mpz_init(t3); mpz_init(s);
-    mpz_init(t4); mpz_init(t5); mpz_init(n_div_2); mpz_init(rem); mpz_init(neg); mpz_init(seed);
+        assert(mpz_sizeinbase(message, 2) <= mpz_sizeinbase(curve->n, 2));
 
-    unsigned char *rand_char = (unsigned char *) calloc(32,1);
+        point Q = point_init();
 
-    sgx_read_rand(rand_char, 32);
+        //Initializing variables
+        mpz_t k, x, r, t1, t2, t3, t4, t5, s, n_div_2, rem, neg, seed;
+        mpz_init(k);
+        mpz_init(x);
+        mpz_init(r);
+        mpz_init(t1);
+        mpz_init(t2);
+        mpz_init(t3);
+        mpz_init(s);
+        mpz_init(t4);
+        mpz_init(t5);
+        mpz_init(n_div_2);
+        mpz_init(rem);
+        mpz_init(neg);
+        mpz_init(seed);
 
-    gmp_randstate_t r_state;
+        unsigned char *rand_char = (unsigned char *) calloc(32, 1);
 
-    signature_sign_start:
+        get_global_random(rand_char, 32);
 
-    //Set k
-    sgx_read_rand(rand_char, 32);
-;
-    mpz_import(seed, 32, 1, sizeof(rand_char[0]), 0, 0, rand_char);
+        gmp_randstate_t r_state;
 
-    mpz_mod(k, seed, curve->p);
+        signature_sign_start:
 
-    //mpz_set_str(k, "49a0d7b786ec9cde0d0721d72804befd06571c974b191efb42ecf322ba9ddd9a", 16);
-    //  mpz_set_str(k, "DC87789C4C1A09C97FF4DE72C0D0351F261F10A2B9009C80AEE70DDEC77201A0", 16);
-    //mpz_set_str(k,"29932781130098090011281004827843485745127563886526054275935615017309884975795",10);
 
-    //Calculate x
-    point_multiplication(Q, k, curve->G, curve);
-    mpz_set(x, Q->x);
+        get_global_random(rand_char, 32);
 
-    //Calculate r
-    mpz_mod(r, x, curve->n);
-    if (!mpz_sgn(r))    //Start over if r=0, note haven't been tested memory might die :)
-        goto signature_sign_start;
+        mpz_import(seed, 32, 1, sizeof(rand_char[0]), 0, 0, rand_char);
 
+        mpz_mod(k, seed, curve->p);
 
-    //Calculate s
-    //s = k¯¹(e+d*r) mod n = (k¯¹ mod n) * ((e+d*r) mod n) mod n
-    //number_theory_inverse(t1, k, curve->n);//t1 = k¯¹ mod n
-    mpz_invert(t1, k, curve->n);
-    mpz_mul(t2, private_key, r);    //t2 = d*r
-    mpz_add(t3, message, t2);    //t3 = e+t2
-    mpz_mod(t4, t3, curve->n);    //t2 = t3 mod n
-    mpz_mul(t5, t4, t1);        //t3 = t2 * t1
-    mpz_mod(s, t5, curve->n);    //s = t3 mod n
+        //mpz_set_str(k, "49a0d7b786ec9cde0d0721d72804befd06571c974b191efb42ecf322ba9ddd9a", 16);
+        //  mpz_set_str(k, "DC87789C4C1A09C97FF4DE72C0D0351F261F10A2B9009C80AEE70DDEC77201A0", 16);
+        //mpz_set_str(k,"29932781130098090011281004827843485745127563886526054275935615017309884975795",10);
 
-    //Calculate v
+        //Calculate x
+        point_multiplication(Q, k, curve->G, curve);
+        mpz_set(x, Q->x);
 
-    mpz_mod_ui(rem, Q->y, 2);
-    mpz_t s_mul_2;
-    mpz_init(s_mul_2);
-    mpz_mul_ui(s_mul_2, s, 2);
+        //Calculate r
+        mpz_mod(r, x, curve->n);
+        if (!mpz_sgn(r))    //Start over if r=0, note haven't been tested memory might die :)
+            goto signature_sign_start;
 
-    unsigned b = 0;
-    if (mpz_cmp(s_mul_2, curve->n) > 0) {
-        b = 1;
-    }
-    sig->v = mpz_get_ui(rem) ^ b;
 
-    mpz_cdiv_q_ui(n_div_2, curve->n, 2);
+        //Calculate s
+        //s = k¯¹(e+d*r) mod n = (k¯¹ mod n) * ((e+d*r) mod n) mod n
+        //number_theory_inverse(t1, k, curve->n);//t1 = k¯¹ mod n
+        mpz_invert(t1, k, curve->n);
+        mpz_mul(t2, private_key, r);    //t2 = d*r
+        mpz_add(t3, message, t2);    //t3 = e+t2
+        mpz_mod(t4, t3, curve->n);    //t2 = t3 mod n
+        mpz_mul(t5, t4, t1);        //t3 = t2 * t1
+        mpz_mod(s, t5, curve->n);    //s = t3 mod n
 
-    if (mpz_cmp(s, n_div_2) > 0) {
-        mpz_sub(neg, curve->n, s);
-        mpz_set(s, neg);
-    }
+        //Calculate v
 
-    //Set signature
-    mpz_set(sig->r, r);
-    mpz_set(sig->s, s);
+        mpz_mod_ui(rem, Q->y, 2);
+        mpz_t s_mul_2;
+        mpz_init(s_mul_2);
+        mpz_mul_ui(s_mul_2, s, 2);
 
-    clean:
+        unsigned b = 0;
+        if (mpz_cmp(s_mul_2, curve->n) > 0) {
+            b = 1;
+        }
+        sig->v = mpz_get_ui(rem) ^ b;
+
+        mpz_cdiv_q_ui(n_div_2, curve->n, 2);
+
+        if (mpz_cmp(s, n_div_2) > 0) {
+            mpz_sub(neg, curve->n, s);
+            mpz_set(s, neg);
+        }
 
-    free(rand_char);
-    point_clear(Q);
+        //Set signature
+        mpz_set(sig->r, r);
+        mpz_set(sig->s, s);
 
-    mpz_clear(k); mpz_clear(r); mpz_clear(s); mpz_clear(x); mpz_clear(rem); mpz_clear(neg);
-    mpz_clear(t1); mpz_clear(t2); mpz_clear(t3); mpz_clear(seed); mpz_clear(n_div_2);
-    mpz_clear(s_mul_2);
+        clean:
+
+        free(rand_char);
+        point_clear(Q);
+
+        mpz_clear(k);
+        mpz_clear(r);
+        mpz_clear(s);
+        mpz_clear(x);
+        mpz_clear(rem);
+        mpz_clear(neg);
+        mpz_clear(t1);
+        mpz_clear(t2);
+        mpz_clear(t3);
+        mpz_clear(seed);
+        mpz_clear(n_div_2);
+        mpz_clear(s_mul_2);
+
+    }
 
 }
 

testw.cpp

@@ -71,7 +71,7 @@ public:
     TestFixture() {
         TestUtils::resetDB();
         setOptions(false, false, false, true);
-        initAll(0, false, true);
+        initAll(2, false, true);
     }
 
     ~TestFixture() {
@@ -111,9 +111,15 @@ TEST_CASE_METHOD(TestFixture, "ECDSA keygen and signature test", "[ecdsa-key-sig
     vector<char> signatureS(BUF_LEN, 0);
     uint8_t signatureV = 0;
 
-    status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encrPrivKey.data(), encLen, (unsigned char *) hex.data(),
-                              signatureR.data(),
-                              signatureS.data(), &signatureV, 16);
+
+
+
+        status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encrPrivKey.data(), encLen,
+                                  (unsigned char *) hex.data(),
+                                  signatureR.data(),
+                                  signatureS.data(), &signatureV, 16);
+
+
     REQUIRE(status == SGX_SUCCESS);
     REQUIRE(errStatus == SGX_SUCCESS);
 }
@@ -138,10 +144,13 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes
     vector<char> signatureS(BUF_LEN, 0);
     uint8_t signatureV = 0;
 
-    status = trustedEcdsaSignAES(eid, &errStatus, errMsg.data(), encrPrivKey.data(), encLen,
-                                 (unsigned char *) hex.data(),
-                                 signatureR.data(),
-                                 signatureS.data(), &signatureV, 16);
+
+    for (int i=0; i < 50; i++) {
+        status = trustedEcdsaSignAES(eid, &errStatus, errMsg.data(), encrPrivKey.data(), encLen,
+                                     (unsigned char *) hex.data(),
+                                     signatureR.data(),
+                                     signatureS.data(), &signatureV, 16);
+    }
     REQUIRE(status == SGX_SUCCESS);
     REQUIRE(errStatus == SGX_SUCCESS);
 }