Skip to content

S
sgxwallet
Unverified Commit 83599fbf authored by Stan Kladko's avatar Stan Kladko Committed by GitHub
Browse files
Options

Merge branch 'develop' into SKALE-3189-fix-build

parents 54bd23a9 06f17ec4
Hide whitespace changes
Inline Side-by-side
Showing with 278 additions and 190 deletions
Dockerfile
View file @ 83599fbf
FROM skalenetwork/sgxwallet_base:latest
COPY . /usr/src/sdk
RUN apt update && apt install -y curl
RUN apt update && apt install -y curl secure-delete
WORKDIR /usr/src/sdk
RUN touch /var/hwmode
RUN ./autoconf.bash
......
DockerfileBase
View file @ 83599fbf
FROM ubuntu:bionic
FROM ubuntu:xenial
COPY . /usr/src/sdk
......
DockerfileRelease
View file @ 83599fbf
......@@ -2,7 +2,7 @@ FROM skalenetwork/sgxwallet_base:latest
COPY . /usr/src/sdk
RUN cp -f secure_enclave/secure_enclave.config.xml.release secure_enclave/secure_enclave.config.xml
RUN apt update && apt install -y curl
RUN apt update && apt install -y curl secure-delete
WORKDIR /usr/src/sdk
#Test signing key generation
RUN cd scripts && ./generate_signing_key.bash
......
DockerfileSimulation
View file @ 83599fbf
FROM skalenetwork/sgxwallet_base:latest
RUN apt update && apt install -y curl
RUN apt update && apt install -y curl secure-delete
RUN ccache -sz
......
Makefile.am
View file @ 83599fbf
......@@ -102,7 +102,7 @@ sgxwallet_LDADD=-l$(SGX_URTS_LIB) -l$(SGX_UAE_SERVICE_LIB) -LlibBLS/deps/deps_in
-l:libbls.a -l:libleveldb.a \
-l:libff.a -lgmp -ldl -l:libsgx_capable.a -l:libsgx_tprotected_fs.a \
-ljsonrpccpp-stub -ljsonrpccpp-server -ljsonrpccpp-client -ljsonrpccpp-common -ljsoncpp -lmicrohttpd \
-lboost_system -lboost_thread -lgnutls -lgcrypt -lcurl -lssl -lcrypto -lz -lpthread
-lboost_system -lboost_thread -lgnutls -lgcrypt -lcurl -lssl -lcrypto -lz -lpthread -lstdc++fs
testw_SOURCES=testw.cpp $(COMMON_SRC)
......
SEKManager.cpp
View file @ 83599fbf
......@@ -37,213 +37,246 @@
#include "ServerDataChecker.h"
#include "third_party/spdlog/spdlog.h"
using namespace std;
#define BACKUP_PATH "./sgx_data/sgxwallet_backup_key.txt"
bool case_insensitive_match(string s1, string s2) {
//convert s1 and s2 into lower case strings
transform(s1.begin(), s1.end(), s1.begin(), ::tolower);
transform(s2.begin(), s2.end(), s2.begin(), ::tolower);
return s1.compare(s2);
//convert s1 and s2 into lower case strings
transform(s1.begin(), s1.end(), s1.begin(), ::tolower);
transform(s2.begin(), s2.end(), s2.begin(), ::tolower);
return s1.compare(s2);
}
void create_test_key() {
int errStatus = 0;
vector<char> errMsg(1024,0);
uint32_t enc_len;
int errStatus = 0;
vector<char> errMsg(1024, 0);
uint32_t enc_len;
uint8_t encrypted_key[BUF_LEN];
memset(encrypted_key, 0, BUF_LEN);
uint8_t encrypted_key[BUF_LEN];
memset(encrypted_key, 0, BUF_LEN);
std::string key = TEST_VALUE;
string key = TEST_VALUE;
status = trustedEncryptKeyAES(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key, &enc_len);
if ( status != SGX_SUCCESS ) {
std::cerr << "encrypt test key failed with status " << status << std::endl;
throw SGXException(status, errMsg.data()) ;
}
status = trustedEncryptKeyAES(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key, &enc_len);
if (status != SGX_SUCCESS) {
cerr << "encrypt test key failed with status " << status << endl;
throw SGXException(status, errMsg.data());
}
if ( errStatus != 0 ) {
std::cerr << "encrypt test key failed with status " << errStatus << std::endl;
throw SGXException(errStatus, errMsg.data()) ;
}
if (errStatus != 0) {
cerr << "encrypt test key failed with status " << errStatus << endl;
throw SGXException(errStatus, errMsg.data());
}
vector<char> hexEncrKey(2 * enc_len + 1, 0);
vector<char> hexEncrKey(2 * enc_len + 1, 0);
carray2Hex(encrypted_key, enc_len, hexEncrKey.data());
carray2Hex(encrypted_key, enc_len, hexEncrKey.data());
uint64_t test_len;
vector<uint8_t>test_encr_key(1024, 0);
if (!hex2carray(hexEncrKey.data(), &test_len, test_encr_key.data())) {
std::cerr << "wrong encrypted test key" << std::endl;
}
uint64_t test_len;
vector <uint8_t> test_encr_key(1024, 0);
if (!hex2carray(hexEncrKey.data(), &test_len, test_encr_key.data())) {
cerr << "wrong encrypted test key" << endl;
}
LevelDB::getLevelDb() -> writeDataUnique("TEST_KEY", hexEncrKey.data());
LevelDB::getLevelDb()->writeDataUnique("TEST_KEY", hexEncrKey.data());
}
bool check_SEK(const std::string& SEK) {
std::shared_ptr <std::string> test_key_ptr = LevelDB::getLevelDb() -> readString("TEST_KEY");
vector<uint8_t> encr_test_key(BUF_LEN, 0);
uint64_t len;
if (!hex2carray(test_key_ptr->c_str(), &len, encr_test_key.data())) {
spdlog::error("wrong test key" );
exit(-1);
}
vector<char> decr_key(1024,0);
vector<char> errMsg(1024,0);
int err_status = 0;
vector<uint8_t> encr_SEK(1024,0);
uint32_t l = len;
status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &l, SEK.c_str() );
if (status != SGX_SUCCESS) {
cerr << "RPCException thrown with status " << status << endl;
throw SGXException(status, errMsg.data());
}
if ( err_status != 0 ) {
cerr << "RPCException thrown with status " << err_status << endl;
throw SGXException(err_status, errMsg.data());
}
status = trustedDecryptKeyAES(eid, &err_status, errMsg.data(), encr_test_key.data(), len, decr_key.data());
if (status != SGX_SUCCESS || err_status != 0) {
spdlog::error("failed to decrypt test key" );
spdlog::error(errMsg.data());
exit(-1);
}
std::string test_key = TEST_VALUE;
if (test_key.compare(decr_key.data()) != 0) {
std::cerr << "decrypted key is " << decr_key.data() << std::endl;
spdlog::error("Invalid SEK" );
return false;
}
return true;
shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {
shared_ptr <string> test_key_ptr = LevelDB::getLevelDb()->readString("TEST_KEY");
vector <uint8_t> encr_test_key(BUF_LEN, 0);
uint64_t len;
if (!hex2carray(test_key_ptr->c_str(), &len, encr_test_key.data())) {
spdlog::error("wrong test key");
exit(-1);
}
vector<char> decr_key(1024, 0);
vector<char> errMsg(1024, 0);
int err_status = 0;
auto encrypted_SEK = make_shared < vector < uint8_t >> (1024, 0);
uint32_t l = len;
status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encrypted_SEK->data(), &l, SEK.c_str());
if (status != SGX_SUCCESS) {
spdlog::error("trustedSetSEK_backup failed with error code {}", status);
exit(-1);
}
if (err_status != 0) {
spdlog::error("trustedSetSEK_backup failed with error status {}", status);
exit(-1);
}
status = trustedDecryptKeyAES(eid, &err_status, errMsg.data(), encr_test_key.data(), len, decr_key.data());
if (status != SGX_SUCCESS || err_status != 0) {
spdlog::error("Failed to decrypt test key");
spdlog::error(errMsg.data());
exit(-1);
}
string test_key = TEST_VALUE;
if (test_key.compare(decr_key.data()) != 0) {
spdlog::error("Invalid SEK");
exit(-1);
}
encrypted_SEK->resize(l);
return encrypted_SEK;
}
void gen_SEK() {
vector<char> errMsg(1024,0);
int err_status = 0;
vector<uint8_t> encr_SEK(1024, 0);
uint32_t enc_len = 0;
vector<char> errMsg(1024, 0);
int err_status = 0;
vector <uint8_t> encrypted_SEK(1024, 0);
uint32_t enc_len = 0;
char SEK[65];
memset(SEK, 0, 65);
spdlog::info("Generating backup key. Will be stored in backup_key.txt ... ");
status = trustedGenerateSEK(eid, &err_status, errMsg.data(), encrypted_SEK.data(), &enc_len, SEK);
if (status != SGX_SUCCESS) {
throw SGXException(status, errMsg.data());
}
if (err_status != 0) {
throw SGXException(err_status, errMsg.data());
}
if (strnlen(SEK, 33) != 32) {
throw SGXException(-1, "strnlen(SEK,33) != 32");
}
vector<char> hexEncrKey(2 * enc_len + 1, 0);
char SEK[65];
memset(SEK, 0, 65);
carray2Hex(encrypted_SEK.data(), enc_len, hexEncrKey.data());
status = trustedGenerateSEK(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK);
if ( status != SGX_SUCCESS ) {
throw SGXException(status, errMsg.data()) ;
}
ofstream sek_file(BACKUP_PATH);
sek_file.clear();
if ( err_status != 0 ) {
throw SGXException(err_status, errMsg.data()) ;
}
sek_file << SEK;
vector<char> hexEncrKey(2 * enc_len + 1, 0);
carray2Hex(encr_SEK.data(), enc_len, hexEncrKey.data());
cout << "ATTENTION! YOUR BACKUP KEY HAS BEEN WRITTEN INTO sgx_data/backup_key.txt \n" <<
"PLEASE COPY IT TO THE SAFE PLACE AND THEN DELETE THE FILE MANUALLY BY RUNNING THE FOLLOWING COMMAND:\n" <<
"apt-get install secure-delete && srm -vz sgx_data/backup_key.txt" << endl;
std::ofstream sek_file("backup_key.txt");
sek_file.clear();
cout << "ATTENTION! YOUR BACKUP KEY WILL BE WRITTEN INTO backup_key.txt.\n" <<
"PLEASE COPY IT TO THE SAFE PLACE AND THEN DELETE THE FILE MANUALLY BY RUNNING THE FOLLOWING COMMAND:\n" <<
"`docker exec -it <SGX_CONTAINER_NAME> bash && apt-get install secure-delete && srm -vz backup_key.txt`" << endl;
sek_file << SEK;
if (!autoconfirm) {
string confirm_str = "I confirm";
string buffer;
do {
cout << " DO YOU CONFIRM THAT YOU COPIED THE KEY? (if you confirm type - I confirm)"
<< endl;
getline(cin, buffer);
} while (case_insensitive_match(confirm_str, buffer));
}
if (!autoconfirm) {
std::string confirm_str = "I confirm";
std::string buffer;
do {
std::cout << " DO YOU CONFIRM THAT YOU COPIED THE KEY? (if you confirm type - I confirm)"
<< std::endl;
std::getline(std::cin, buffer);
} while (case_insensitive_match(confirm_str, buffer));
}
LevelDB::getLevelDb()->writeDataUnique("SEK", hexEncrKey.data());
LevelDB::getLevelDb()->writeDataUnique("SEK", hexEncrKey.data());
create_test_key();
create_test_key();
}
void trustedSetSEK(std::shared_ptr<std::string> hex_encr_SEK) {
vector<char> errMsg(1024,0);
int err_status = 0;
void trustedSetSEK(shared_ptr <string> hex_encrypted_SEK) {
vector<char> errMsg(1024, 0);
int err_status = 0;
uint8_t encr_SEK[BUF_LEN];
memset(encr_SEK, 0, BUF_LEN);
uint8_t encrypted_SEK[BUF_LEN];
memset(encrypted_SEK, 0, BUF_LEN);
uint64_t len;
uint64_t len;
if (!hex2carray(hex_encr_SEK->c_str(), &len, encr_SEK)) {
throw SGXException(INVALID_HEX, "Invalid encrypted SEK Hex");
}
if (!hex2carray(hex_encrypted_SEK->c_str(), &len, encrypted_SEK)) {
throw SGXException(INVALID_HEX, "Invalid encrypted SEK Hex");
}
status = trustedSetSEK(eid, &err_status, errMsg.data(), encr_SEK );
if ( status != SGX_SUCCESS ) {
cerr << "RPCException thrown" << endl;
throw SGXException(status, errMsg.data()) ;
}
status = trustedSetSEK(eid, &err_status, errMsg.data(), encrypted_SEK);
if (status != SGX_SUCCESS) {
cerr << "RPCException thrown" << endl;
throw SGXException(status, errMsg.data());
}
if ( err_status != 0 ) {
cerr << "RPCException thrown" << endl;
throw SGXException(err_status, errMsg.data()) ;
}
if (err_status != 0) {
cerr << "RPCException thrown" << endl;
throw SGXException(err_status, errMsg.data());
}
}
#include "experimental/filesystem"
#include <boost/algorithm/string.hpp>
void enter_SEK() {
vector<char> errMsg(1024,0);
int err_status = 0;
vector<uint8_t> encr_SEK(BUF_LEN, 0);
uint32_t enc_len;
std::shared_ptr <std::string> test_key_ptr = LevelDB::getLevelDb() -> readString("TEST_KEY");
if (test_key_ptr == nullptr) {
spdlog::error("empty db" );
exit(-1);
}
std::string SEK;
std::cout << "ENTER BACKUP KEY" << std::endl;
std::cin >> SEK;
while (!checkHex(SEK, 16) || !check_SEK(SEK)) {
std::cout << "KEY IS INVALID.TRY ONCE MORE" << std::endl;
SEK = "";
std::cin >> SEK;
}
status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK.c_str());
if (status != SGX_SUCCESS) {
cerr << "RPCException thrown with status " << status << endl;
throw SGXException(status, errMsg.data());
}
if ( err_status != 0 ) {
cerr << "RPCException thrown" << endl;
throw SGXException(err_status, errMsg.data()) ;
}
vector<char> hexEncrKey(2 * enc_len + 1, 0);
carray2Hex(encr_SEK.data(), enc_len, hexEncrKey.data());
LevelDB::getLevelDb() -> deleteKey("SEK");
LevelDB::getLevelDb() -> writeDataUnique("SEK", hexEncrKey.data());
shared_ptr <string> test_key_ptr = LevelDB::getLevelDb()->readString("TEST_KEY");
if (test_key_ptr == nullptr) {
spdlog::error("Error: corrupt or empty LevelDB database");
exit(-1);
}
if (!experimental::filesystem::is_regular_file(BACKUP_PATH)) {
spdlog::error("File does not exist: " BACKUP_PATH);
exit(-1);
}
ifstream sek_file(BACKUP_PATH);
spdlog::info("Reading backup key from file ...");
string sek((istreambuf_iterator<char>(sek_file)),
istreambuf_iterator<char>());
boost::trim(sek);
spdlog::info("Setting backup key ...");
while (!checkHex(sek, 16)) {
spdlog::error("Invalid hex in key");
exit(-1);
}
auto encrypted_SEK = check_and_set_SEK(sek);
vector<char> hexEncrKey(BUF_LEN, 0);
carray2Hex(encrypted_SEK->data(), encrypted_SEK->size(), hexEncrKey.data());
spdlog::info("Got sealed storage encryption key.");
LevelDB::getLevelDb()->deleteKey("SEK");
spdlog::info("Storing sealed storage encryption key in LevelDB ...");
LevelDB::getLevelDb()->writeDataUnique("SEK", hexEncrKey.data());
spdlog::info("Stored storage encryption key in LevelDB.");
}
void initSEK() {
std::shared_ptr<std::string> encr_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
if (enterBackupKey) {
enter_SEK();
} else {
if (encr_SEK_ptr == nullptr) {
spdlog::warn("SEK was not created yet. Going to create SEK");
gen_SEK();
} else {
trustedSetSEK(encr_SEK_ptr);
}
}
shared_ptr <string> encrypted_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
if (enterBackupKey) {
enter_SEK();
} else {
if (encrypted_SEK_ptr == nullptr) {
spdlog::warn("SEK was not created yet. Going to create SEK");
gen_SEK();
} else {
trustedSetSEK(encrypted_SEK_ptr);
}
}
}
//a002e7ca685d46a32771d16fe2518e58
secure_enclave/Makefile.in
View file @ 83599fbf
......@@ -323,8 +323,7 @@ AM_CFLAGS = @SGX_ENCLAVE_CFLAGS@
AM_CPPFLAGS = @SGX_ENCLAVE_CPPFLAGS@ -Wall \
-Wno-implicit-function-declaration $(TGMP_CPPFLAGS) \
-I./third_party/SCIPR -I../third_party/SCIPR \
-I../sgx-sdk-build/sgxsdk/include/libcxx \
-I../intel-sgx-ssl/Linux/package/include
-I../sgx-sdk-build/sgxsdk/include/libcxx
AM_CXXFLAGS = @SGX_ENCLAVE_CXXFLAGS@ @SGX_ENCLAVE_CFLAGS@ -fno-builtin \
-fstack-protector-strong
AM_LDFLAGS = @SGX_ENCLAVE_LDFLAGS@ $(TGMP_LDFLAGS) -L./tgmp-build/lib \
......@@ -344,7 +343,7 @@ secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
secure_enclave_LDADD = @SGX_ENCLAVE_LDADD@
SGX_EXTRA_TLIBS = -lsgx_tgmp -lsgx_tservice -lsgx_urts -lsgx_tcxx ../intel-sgx-ssl/Linux/package/lib64/libsgx_tsgxssl_crypto.a
SGX_EXTRA_TLIBS = -lsgx_tgmp -lsgx_tservice -lsgx_urts -lsgx_tcxx
all: all-am
.SUFFIXES:
......
secure_enclave/secure_enclave.c
View file @ 83599fbf
......@@ -84,7 +84,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
goto clean;}
#define CHECK_STATUS(__ERRMESSAGE__) if (status != SGX_SUCCESS) { \
snprintf(errString, BUF_LEN, __ERRMESSAGE__); \
LOG_ERROR(__FUNCTION__); \
snprintf(errString, BUF_LEN, "failed with status %d : %s", status, __ERRMESSAGE__); \
LOG_ERROR(errString); \
*errStatus = status; \
goto clean; \
......@@ -112,7 +113,17 @@ void free_function(void *, size_t);
unsigned char *globalRandom;
#define CALL_ONCE \
static volatile bool called = false;\
if (called) { \
LOG_ERROR(__FUNCTION__); \
LOG_ERROR("This function shouldnt be called twice. Aborting!"); \
abort(); \
} else {called = true;};
void trustedEnclaveInit(uint32_t _logLevel) {
CALL_ONCE
LOG_INFO(__FUNCTION__);
globalLogLevel_ = _logLevel;
......@@ -130,7 +141,7 @@ void trustedEnclaveInit(uint32_t _logLevel) {
globalRandom = calloc(32,1);
auto ret = sgx_read_rand(globalRandom, 32);
int ret = sgx_read_rand(globalRandom, 32);
if(ret != SGX_SUCCESS)
{
......@@ -200,7 +211,6 @@ void *reallocate_function(void *ptr, size_t osize, size_t nsize) {
}
void get_global_random(unsigned char *_randBuff, uint64_t _size) {
char errString[BUF_LEN];
int status;
int *errStatus = &status;
......@@ -223,11 +233,13 @@ void get_global_random(unsigned char *_randBuff, uint64_t _size) {
void sealHexSEK(int *errStatus, char *errString,
uint8_t *encrypted_sek, uint32_t *enc_len, char *sek_hex) {
CALL_ONCE
LOG_INFO(__FUNCTION__);
INIT_ERROR_STATE
CHECK_STATE(encrypted_sek);
CHECK_STATE(sek_hex);
CHECK_STATE(strnlen(sek_hex, 33) == 32)
uint64_t plaintextLen = strlen(sek_hex + 1);
......@@ -262,15 +274,17 @@ void sealHexSEK(int *errStatus, char *errString,
SET_SUCCESS
clean:
;
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
void trustedGenerateSEK(int *errStatus, char *errString,
uint8_t *encrypted_sek, uint32_t *enc_len, char *sek_hex) {
CALL_ONCE
LOG_INFO(__FUNCTION__);
INIT_ERROR_STATE
CHECK_STATE(encrypted_sek);
CHECK_STATE(sek_hex);
......@@ -281,18 +295,19 @@ void trustedGenerateSEK(int *errStatus, char *errString,
sealHexSEK(errStatus, errString, encrypted_sek, enc_len, sek_hex);
if (errStatus != 0) {
if (*errStatus != 0) {
LOG_ERROR("sealHexSEK failed");
goto clean;
}
SET_SUCCESS
clean:
;
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
void trustedSetSEK(int *errStatus, char *errString, uint8_t *encrypted_sek) {
CALL_ONCE
LOG_INFO(__FUNCTION__);
INIT_ERROR_STATE
CHECK_STATE(encrypted_sek);
......@@ -319,12 +334,13 @@ void trustedSetSEK(int *errStatus, char *errString, uint8_t *encrypted_sek) {
SET_SUCCESS
clean:
;
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
void trustedSetSEK_backup(int *errStatus, char *errString,
uint8_t *encrypted_sek, uint32_t *enc_len, const char *sek_hex) {
CALL_ONCE
LOG_INFO(__FUNCTION__);
INIT_ERROR_STATE
......@@ -336,7 +352,7 @@ void trustedSetSEK_backup(int *errStatus, char *errString,
sealHexSEK(errStatus, errString, encrypted_sek, enc_len, (char *)sek_hex);
if (errStatus != 0) {
if (*errStatus != 0) {
LOG_ERROR("sealHexSEK failed");
goto clean;
}
......@@ -344,6 +360,7 @@ void trustedSetSEK_backup(int *errStatus, char *errString,
SET_SUCCESS
clean:
;
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
......@@ -414,6 +431,7 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
mpz_clear(seed);
mpz_clear(skey);
point_clear(Pkey);
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
......@@ -480,7 +498,16 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *errString,
mpz_clear(privateKeyMpz);
point_clear(pKey);
point_clear(pKey_test);
LOG_DEBUG("SGX call completed");
static uint64_t counter = 0;
if (counter % 1000 == 0) {
LOG_INFO(__FUNCTION__);
LOG_INFO("Thousand SGX calls completed");
}
counter++;
}
static uint64_t sigCounter = 0;
......@@ -564,6 +591,7 @@ void trustedEcdsaSignAES(int *errStatus, char *errString, uint8_t *encryptedPriv
mpz_clear(privateKeyMpz);
mpz_clear(msgMpz);
signature_free(sign);
LOG_DEBUG(__FUNCTION__ );
LOG_DEBUG("SGX call completed");
}
......@@ -647,6 +675,7 @@ void trustedEncryptKeyAES(int *errStatus, char *errString, const char *key,
SET_SUCCESS
clean:
;
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
......@@ -730,6 +759,7 @@ trustedGenDkgSecretAES(int *errStatus, char *errString, uint8_t *encrypted_dkg_s
SET_SUCCESS
clean:
;
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
......@@ -752,6 +782,7 @@ trustedDecryptDkgSecretAES(int *errStatus, char *errString, uint8_t *encrypted_d
clean:
;
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
......@@ -772,6 +803,7 @@ void trustedSetEncryptedDkgPolyAES(int *errStatus, char *errString, uint8_t *enc
SET_SUCCESS
clean:
;
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
......@@ -836,6 +868,7 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *errString, uint8_t
clean:
;
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
......@@ -912,6 +945,7 @@ void trustedDkgVerifyAES(int *errStatus, char *errString, const char *public_sha
clean:
mpz_clear(s);
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
......@@ -1013,6 +1047,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share
mpz_clear(bls_key);
mpz_clear(sum);
mpz_clear(q);
LOG_INFO(__FUNCTION__ );
LOG_INFO("SGX call completed");
}
......@@ -1039,7 +1074,12 @@ trustedGetBlsPubKeyAES(int *errStatus, char *errString, uint8_t *encryptedPrivat
CHECK_STATUS("could not calculate bls public key");
SET_SUCCESS
static uint64_t counter = 0;
clean:
;
LOG_DEBUG("SGX call completed");
if (counter % 1000 == 0) {
LOG_INFO(__FUNCTION__);
LOG_INFO("Thousand SGX calls completed");
}
counter++;
}
sgxwall.cpp
View file @ 83599fbf
......@@ -49,7 +49,7 @@ void SGXWallet::printUsage() {
cerr << " -v Verbose mode: turn on debug output\n";
cerr << " -vv Detailed verbose mode: turn on debug and trace outputs\n";
cerr << "\nBackup, restore, update flags:\n\n";
cerr << " -b Restore from back up or software update. You will need to type in the backup key. \n";
cerr << " -b filename Restore from back up or software update. You will need to put backup key into a file in sgx_data dir. \n";
cerr << " -y Do not ask user to acknowledge receipt of the backup key \n";
cerr << "\nHTTPS flags:\n\n";
cerr << " -n Launch sgxwallet using http. Default is to use https with a selg-signed server cert. \n";
......
testw.cpp
View file @ 83599fbf
......@@ -95,6 +95,19 @@ public:
}
};
class TestFixtureNoResetFromBackup {
public:
TestFixtureNoResetFromBackup() {
setFullOptions(L_INFO, false, true, true );
initAll(L_INFO, false, true);
}
~TestFixtureNoResetFromBackup() {
TestUtils::destroyEnclave();
}
};
class TestFixtureNoReset {
public:
TestFixtureNoReset() {
......@@ -107,7 +120,6 @@ public:
}
};
TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes-key-sig-gen]") {
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
......@@ -439,7 +451,7 @@ TEST_CASE_METHOD(TestFixture, "Delete Bls Key", "[delete-bls-key]") {
TEST_CASE_METHOD(TestFixture, "Backup Key", "[backup-key]") {
HttpClient client(RPC_ENDPOINT);
StubClient c(client, JSONRPC_CLIENT_V2);
std::ifstream sek_file("backup_key.txt");
std::ifstream sek_file("sgx_data/sgxwallet_backup_key.txt");
REQUIRE(sek_file.good());
std::string sek;
......@@ -721,3 +733,6 @@ TEST_CASE_METHOD(TestFixture, "First run", "[first-run]") {
TEST_CASE_METHOD(TestFixtureNoReset, "Second run", "[second-run]") {
}
TEST_CASE_METHOD(TestFixtureNoResetFromBackup, "Backup restore", "[backup-restore]") {
}
testw.py
View file @ 83599fbf
......@@ -29,7 +29,8 @@ username = getpass.getuser()
topDir = os.getcwd() + "/sgxwallet"
print("Top directory is:" + topDir)
testList = ["[first-run]",
"[second-run]",
"[second-run]",
"[backup-restore]",
"[cert-sign]",
"[get-server-status]",
"[get-server-version]",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment