Merge pull request #98 from skalenetwork/feature/SKALE-2002-backup

enhancement/SKALE-2002 clean up and small fixes

.github/workflows/dockerimagesim.yml

@@ -47,14 +47,10 @@ jobs:
       id: create_release
       uses: actions/create-release@latest
       env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       with:
         tag_name: ${{ env.VERSION }}
-        release_name: Release ${{ env.VERSION }}
-        body: |
-          Changes in this Release
-          - First Change
-          - Second Change
+        release_name: ${{ env.VERSION }}
         draft: false
         prerelease: true
 

.gitignore

@@ -46,3 +46,7 @@
 /m4
 /.testw.py.swp
 /cert_util
+/secure_enclave/*.o
+/*.user
+/cert/*.csr
+/cert/*.crt
\ No newline at end of file

ECDSACrypto.cpp

@@ -67,6 +67,10 @@ vector <string> genECDSAKey() {
 
     uint32_t enc_len = 0;
 
+//    status = trustedGenerateEcdsaKeyAES(eid, &errStatus,
+//                                        errMsg.data(), encr_pr_key.data(), &enc_len,
+//                                        pub_key_x.data(), pub_key_y.data());
+
     if (!encryptKeys)
         status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encr_pr_key.data(),
                                          &enc_len, pub_key_x.data(), pub_key_y.data());
@@ -115,6 +119,9 @@ string getECDSAPubKey(const char *_encryptedKeyHex) {
         throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
     }
 
+//    status = trustedGetPublicEcdsaKeyAES(eid, &errStatus,
+//                                         errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(), pubKeyY.data());
+
     if (!encryptKeys)
         status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(),
                                           pubKeyY.data());
@@ -201,6 +208,11 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
 
     pubKeyStr = getECDSAPubKey(encryptedKeyHex);
 
+//    status = trustedEcdsaSignAES(eid, &errStatus,
+//            errMsg.data(), encryptedKey.data(), decLen, (unsigned char *) hashHex,
+//                                 signatureR.data(),
+//                                 signatureS.data(), &signatureV, base);
+
 
     if (!encryptKeys) {
         status = trustedEcdsaSign(eid, &errStatus, errMsg.data(),
@@ -248,4 +260,4 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
         throw *exception;
 
     return signatureVector;
-}
\ No newline at end of file
+}

SEKManager.cpp

@@ -129,12 +129,11 @@ void gen_SEK(){
   vector<uint8_t> encr_SEK(1024, 0);
   uint32_t enc_len = 0;
 
-  //vector<char> SEK(65, 0);
   char SEK[65];
   memset(SEK, 0, 65);
 
   status = trustedGenerateSEK(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK);
-  if (status != SGX_SUCCESS ||  err_status != 0  ){
+  if ( status != SGX_SUCCESS || err_status != 0  ) {
     throw SGXException(status, errMsg.data()) ;
   }
 
@@ -143,7 +142,7 @@ void gen_SEK(){
   carray2Hex(encr_SEK.data(), enc_len, hexEncrKey.data());
 
   cout << "ATTENTION! THIS IS YOUR KEY FOR BACK UP. PLEASE COPY IT TO THE SAFE PLACE" << endl;
-  cout << "key is " << SEK << endl;
+  cout << "YOUR KEY IS " << SEK << endl;
 
   if (!autoconfirm) {
     std::string confirm_str = "I confirm";
@@ -155,10 +154,6 @@ void gen_SEK(){
     } while (case_insensitive_match(confirm_str, buffer)); //(strcmp(confirm_str.c_str(), buffer.c_str()) != 0);
   }
 
-  if (system("reset") != 0) {
-      cerr << "Could not execute reset" << endl;
-  }
-
   LevelDB::getLevelDb()->writeDataUnique("SEK", hexEncrKey.data());
 
   create_test_key();
@@ -167,7 +162,6 @@ void gen_SEK(){
 void trustedSetSEK(std::shared_ptr<std::string> hex_encr_SEK){
   vector<char> errMsg(1024,0);
   int err_status = 0;
-  //vector<uint8_t> encr_SEK(1024, 0);
 
   uint8_t encr_SEK[BUF_LEN];
   memset(encr_SEK, 0, BUF_LEN);
@@ -183,7 +177,6 @@ void trustedSetSEK(std::shared_ptr<std::string> hex_encr_SEK){
     cerr << "RPCException thrown" << endl;
     throw SGXException(status, errMsg.data()) ;
   }
-
 }
 
 void enter_SEK(){
@@ -206,11 +199,8 @@ void enter_SEK(){
     SEK = "";
     std::cin >> SEK;
   }
-//  if (DEBUG_PRINT)
-//   std::cerr << "your key is " << SEK << std::endl;
 
-
-  status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK.c_str() );
+  status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK.c_str());
   if (status != SGX_SUCCESS){
     cerr << "RPCException thrown with status " << status << endl;
     throw SGXException(status, errMsg.data());
@@ -226,13 +216,16 @@ void enter_SEK(){
 
 void initSEK(){
   std::shared_ptr<std::string> encr_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
-  if (encr_SEK_ptr == nullptr){
-    spdlog::error("SEK was not created yet. Going to create SEK");
-    gen_SEK();
-  }
-  else{
-    trustedSetSEK(encr_SEK_ptr);
+  if (encryptKeys) {
+    enter_SEK();
+  } else {
+      if (encr_SEK_ptr == nullptr) {
+          spdlog::warn("SEK was not created yet. Going to create SEK");
+          gen_SEK();
+      } else {
+          trustedSetSEK(encr_SEK_ptr);
+      }
   }
 }
 
-//a002e7ca685d46a32771d16fe2518e58
\ No newline at end of file
+//a002e7ca685d46a32771d16fe2518e58

ServerInit.cpp

@@ -76,7 +76,7 @@ void initEnclave(uint32_t _logLevel) {
     }
 #endif
 
-        spdlog::debug("SGX_DEBUG_FLAG = {}", SGX_DEBUG_FLAG);
+    spdlog::debug("SGX_DEBUG_FLAG = {}", SGX_DEBUG_FLAG);
 
 
     status = sgx_create_enclave_search(ENCLAVE_NAME, SGX_DEBUG_FLAG, &token,

secure_enclave/DHDkg.c

@@ -39,7 +39,6 @@
 #include <string.h>
 
 void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
-
     char* pb_keyB_x = (char*)calloc(65, 1);
     strncpy(pb_keyB_x, pb_keyB, 64);
     pb_keyB_x[64] = 0;
@@ -62,8 +61,7 @@ void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
     point_multiplication(session_key, skey, pub_keyB, curve);
 
     char arr_x[mpz_sizeinbase (session_key->x, 16) + 2];
-    char* x = mpz_get_str(arr_x, 16, session_key->x);
-    //strncpy(common_key, arr_x, 64);
+    mpz_get_str(arr_x, 16, session_key->x);
     int n_zeroes = 64 - strlen(arr_x);
     for ( int i = 0; i < n_zeroes; i++){
       common_key[i] = '0';
@@ -79,7 +77,6 @@ void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
 }
 
 void session_key_recover(const char *skey_str, const char* sshare, char* common_key){
-
     char* pb_keyB_x = (char*)calloc(65, 1);
     strncpy(pb_keyB_x, sshare + 64, 64);
     pb_keyB_x[64] = 0;
@@ -95,6 +92,12 @@ void session_key_recover(const char *skey_str, const char* sshare, char* common_
     mpz_init(skey);
     if (mpz_set_str(skey, skey_str, 16) == -1){
         common_key = NULL;
+
+        mpz_clear(skey);
+        domain_parameters_clear(curve);
+        free(pb_keyB_x);
+        free(pb_keyB_y);
+
         return;
     }
 
@@ -105,14 +108,12 @@ void session_key_recover(const char *skey_str, const char* sshare, char* common_
     point_multiplication(session_key, skey, pub_keyB, curve);
 
     char arr_x[mpz_sizeinbase (session_key->x, 16) + 2];
-    char* x = mpz_get_str(arr_x, 16, session_key->x);
-    //strncpy(common_key, arr_x, 64);
+    mpz_get_str(arr_x, 16, session_key->x);
     int n_zeroes = 64 - strlen(arr_x);
     for ( int i = 0; i < n_zeroes; i++){
         common_key[i] = '0';
     }
     strncpy(common_key + n_zeroes, arr_x, strlen(arr_x));
-    //strncpy(common_key , sshare, 64);
 
     mpz_clear(skey);
     point_clear(pub_keyB);
@@ -123,14 +124,13 @@ void session_key_recover(const char *skey_str, const char* sshare, char* common_
 }
 
 void xor_encrypt(char* key, char* message, char* cypher){
-
    uint8_t cypher_bin[33];
 
-   //uint8_t key_bin[33];
    uint8_t* key_bin = (uint8_t*)calloc(33,1);
    uint64_t key_length;
    if (!hex2carray(key, &key_length, key_bin)){
      cypher = NULL;
+     free(key_bin);
      return;
    }
 
@@ -138,6 +138,7 @@ void xor_encrypt(char* key, char* message, char* cypher){
    uint8_t msg_bin[33];//[ECDSA_BIN_LEN];
    if (!hex2carray(message, &msg_length, msg_bin)){
      cypher = NULL;
+     free(key_bin);
      return;
    }
 
@@ -152,21 +153,21 @@ void xor_encrypt(char* key, char* message, char* cypher){
 }
 
 void xor_decrypt(char* key, char* cypher, char* message){
-
     uint8_t msg_bin[33];
 
-    //uint8_t key_bin[33];
     uint8_t* key_bin = (uint8_t*)calloc(33,1);
     uint64_t key_length;
     if (!hex2carray(key, &key_length, key_bin)){
       message = NULL;
+      free(key_bin);
       return;
     }
 
     uint64_t cypher_length;
-    uint8_t cypher_bin[33];//[ECDSA_BIN_LEN];
+    uint8_t cypher_bin[33];
     if (!hex2carray(cypher, &cypher_length, cypher_bin)){
       message = NULL;
+      free(key_bin);
       return;
     }
 

secure_enclave/DKGUtils.cpp

@@ -194,10 +194,6 @@ void calc_secret_shareG2_old(const char* decrypted_coeffs, char * s_shareG2,
   libff::init_alt_bn128_params();
   char symbol = ':';
   vector<libff::alt_bn128_Fr> poly =  SplitStringToFr(decrypted_coeffs, symbol);
-//  if ( poly.size() != _t){
-//    //"t != poly.size()" +
-//    //strncpy(s_shareG2, to_string(poly.size()).c_str(), 18);
-//  }
 
   libff::alt_bn128_Fr secret_share = PolynomialValue(poly, libff::alt_bn128_Fr(ind), _t);
 
@@ -232,6 +228,8 @@ int calc_secret_shareG2(const char* s_share, char * s_shareG2){
 
   strncpy(s_shareG2, secret_shareG2_str.c_str(), secret_shareG2_str.length() + 1);
 
+  mpz_clear(share);
+
   return 0;
 }
 
@@ -299,17 +297,6 @@ int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int in
     pub_share.Y.c1 = libff::alt_bn128_Fq(y_c1_str.c_str());
     pub_share.Z = libff::alt_bn128_Fq2::one();
 
-
-    //for ( int j = 0; j < 4; j++) {
-      //uint64_t pos0 = share_length * j;
-      //string coord = ConvertHexToDec(pub_shares_str.substr(pos0 + j * coord_length, coord_length));
-//      if ( i == 0) {
-//        memset(public_shares, 0, strlen(public_shares));
-//    string coord = ConvertToString(pub_share.Y.c1);
-//    strncpy(public_shares, coord.c_str(), coord.length());
-//  }
-    //}
-
     pub_shares.push_back(pub_share);
   }
 
@@ -361,7 +348,8 @@ int calc_bls_public_key(char* skey_hex, char* pub_key){
 
   mpz_t skey;
   mpz_init(skey);
-  if (mpz_set_str(skey, skey_hex, 16) == -1){
+  if (mpz_set_str(skey, skey_hex, 16) == -1) {
+    mpz_clear(skey);
     return 1;
   }
 

secure_enclave/EnclaveCommon.cpp

@@ -34,11 +34,10 @@
 #include "EnclaveConstants.h"
 #include "EnclaveCommon.h"
 
-using namespace  std;
+using namespace std;
 
 
 string *stringFromKey(libff::alt_bn128_Fr *_key) {
-
     mpz_t t;
     mpz_init(t);
 
@@ -53,7 +52,6 @@ string *stringFromKey(libff::alt_bn128_Fr *_key) {
 }
 
 string *stringFromFq(libff::alt_bn128_Fq *_fq) {
-
     mpz_t t;
     mpz_init(t);
 
@@ -68,8 +66,6 @@ string *stringFromFq(libff::alt_bn128_Fq *_fq) {
 }
 
 string *stringFromG1(libff::alt_bn128_G1 *_g1) {
-
-
     _g1->to_affine_coordinates();
 
     auto sX = stringFromFq(&_g1->X);
@@ -81,7 +77,6 @@ string *stringFromG1(libff::alt_bn128_G1 *_g1) {
     delete (sY);
 
     return sG1;
-
 }
 
 
@@ -91,7 +86,8 @@ libff::alt_bn128_Fr *keyFromString(const char *_keyStringHex) {
     mpz_set_str(skey, _keyStringHex, 16);
 
     char skey_dec[mpz_sizeinbase (skey, 10) + 2];
-    char * skey_str = mpz_get_str(skey_dec, 10, skey);
+    mpz_get_str(skey_dec, 10, skey);
+    mpz_clear(skey);
 
     return new libff::alt_bn128_Fr(skey_dec);
 }
@@ -106,62 +102,10 @@ void enclave_init() {
     libff::init_alt_bn128_params();
 }
 
-void checkKey(int *errStatus, char *err_string, const char *_keyString) {
-
-    uint64_t keyLen = strnlen(_keyString, MAX_KEY_LENGTH);
-
-    // check that key is zero terminated string
-
-    if (keyLen == MAX_KEY_LENGTH) {
-        snprintf(err_string, MAX_ERR_LEN, "keyLen != MAX_KEY_LENGTH");
-        return;
-    }
-
-
-    *errStatus = -2;
-
-
-    if (_keyString == nullptr) {
-        snprintf(err_string, BUF_LEN, "Null key");
-        return;
-    }
-
-    *errStatus = -3;
-
-     //check that key is padded with 0s
-
-    for (int i = keyLen; i < MAX_KEY_LENGTH; i++) {
-        if (_keyString[i] != 0) {
-            snprintf(err_string, BUF_LEN, "Unpadded key");
-        }
-    }
-
-//    string ks(_keyString);
-//
-//    // string  keyString =
-//    // "4160780231445160889237664391382223604184857153814275770598791864649971919844";
-//
-//    auto key = keyFromString(ks.c_str());
-//
-//    auto s1 = stringFromKey(key);
-//
-//    if (s1->compare(ks) != 0) {
-//        throw exception();
-//    }
-
-    *errStatus = 0;
-
-   // return;
-}
-
-
 bool enclave_sign(const char *_keyString, const char *_hashXString, const char *_hashYString,
           char* sig) {
-
-
     libff::init_alt_bn128_params();
 
-
     auto key = keyFromString(_keyString);
 
     if (key == nullptr) {
@@ -179,23 +123,15 @@ bool enclave_sign(const char *_keyString, const char *_hashXString, const char *
 
     sign.to_affine_coordinates();
 
-
-
     auto r = stringFromG1(&sign);
 
     memset(sig, 0, BUF_LEN);
 
-
-
     strncpy(sig, r->c_str(), BUF_LEN);
 
     delete r;
 
-
-
     return true;
-
-
 }
 
 void  carray2Hex(const unsigned char *d, int _len, char* _hexArray) {
@@ -224,10 +160,8 @@ int char2int(char _input) {
 
 bool hex2carray2(const char * _hex, uint64_t  *_bin_len,
                  uint8_t* _bin, const int _max_length ) {
-
     int len = strnlen(_hex, _max_length);//2 * BUF_LEN);
 
-
     if (len == 0 && len % 2 == 1)
         return false;
 
@@ -245,15 +179,12 @@ bool hex2carray2(const char * _hex, uint64_t  *_bin_len,
     }
 
     return true;
-
 }
 
 bool hex2carray(const char * _hex, uint64_t  *_bin_len,
                 uint8_t* _bin ) {
-
   int len = strnlen(_hex, 2 * BUF_LEN);
 
-
   if (len == 0 && len % 2 == 1)
     return false;
 
@@ -271,7 +202,6 @@ bool hex2carray(const char * _hex, uint64_t  *_bin_len,
   }
 
   return true;
-
 }
 
 enum log_level {L_TRACE = 0, L_DEBUG = 1, L_INFO = 2,L_WARNING = 3,  L_ERROR = 4 };
@@ -279,7 +209,7 @@ enum log_level {L_TRACE = 0, L_DEBUG = 1, L_INFO = 2,L_WARNING = 3,  L_ERROR = 4
 
 uint32_t globalLogLevel_ = 2;
 
-void logMsg(log_level _level, char* _msg) {
+void logMsg(log_level _level, const char* _msg) {
 
     if (_level < globalLogLevel_)
         return;

secure_enclave/EnclaveCommon.h

@@ -34,8 +34,6 @@
 
 //#include <stdint.h>
 
-EXTERNC void checkKey(int *errStatus, char *err_string, const char* _keyString);
-
 EXTERNC void check_key(int *errStatus, char *err_string, const char* _keyString);
 
 

secure_enclave/secure_enclave.edl

@@ -47,7 +47,7 @@ enclave {
 		public void trustedEncryptKey (
                                 [user_check] int *errStatus,
                                 [out, count = SMALL_BUF_SIZE] char* err_string,
-                                [in, count = SMALL_BUF_SIZE] char* key,
+                                [in, count = SMALL_BUF_SIZE] const char* key,
                                 [out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
                                 [user_check] uint32_t *enc_len);
 

sgxwallet.c

@@ -118,7 +118,7 @@ int main(int argc, char *argv[]) {
                 encryptKeysOption = false;
                 break;
             case 'b':
-                encryptKeysOption = false;
+                encryptKeysOption = true;
                 break;
             case 'y':
                 autoconfirmOption = true;
@@ -132,8 +132,6 @@ int main(int argc, char *argv[]) {
 
     setFullOptions(printDebugInfoOption, printTraceInfoOption, useHTTPSOption, autoconfirmOption, encryptKeysOption);
 
-
-
     uint32_t  enclaveLogLevel = L_INFO;
 
     if (printTraceInfoOption) {

testw.cpp

@@ -332,12 +332,11 @@ TEST_CASE_METHOD(TestFixture, "ECDSA keygen and signature test", "[ecdsa-key-sig
 
     uint32_t encLen = 0;
 
-    //printf("before %p\n", pubKeyX);
-
     status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen, pubKeyX.data(),
                                      pubKeyY.data());
 
     REQUIRE(status == SGX_SUCCESS);
+    REQUIRE(errStatus == SGX_SUCCESS);
 
 
     string hex = SAMPLE_HEX_HASH;
@@ -349,7 +348,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA keygen and signature test", "[ecdsa-key-sig
                               signatureR.data(),
                               signatureS.data(), &signatureV, 16);
     REQUIRE(status == SGX_SUCCESS);
-
+    REQUIRE(errStatus == SGX_SUCCESS);
 }
 
 TEST_CASE_METHOD(TestFixture, "ECDSA key gen", "[ecdsa-key-gen]") {
@@ -365,6 +364,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA key gen", "[ecdsa-key-gen]") {
                                      pubKeyY.data());
 
     REQUIRE(status == SGX_SUCCESS);
+    REQUIRE(errStatus == SGX_SUCCESS);
 }
 
 TEST_CASE_METHOD(TestFixture, "ECDSA get public key", "[ecdsa-get-pub-key]") {
@@ -389,7 +389,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA get public key", "[ecdsa-get-pub-key]") {
     status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encPrivKey.data(), encLen, receivedPubKeyX.data(),
                                       receivedPubKeyY.data());
     REQUIRE(status == SGX_SUCCESS);
-
+    REQUIRE(errStatus == SGX_SUCCESS);
 }
 
 
@@ -457,33 +457,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA key gen API", "[ecdsa-key-gen-api]") {
 
 }
 
-
-TEST_CASE_METHOD(TestFixture, "ECDSA key gen and sign", "[ecdsa-key-gen-sign-api]") {
-
-
-    HttpClient client(RPC_ENDPOINT);
-    StubClient c(client, JSONRPC_CLIENT_V2);
-
-
-    Json::Value genKey = c.generateECDSAKey();
-
-    REQUIRE(genKey["status"].asInt() == 0);
-
-    Json::Value getPubKey = c.getPublicECDSAKey(genKey["keyName"].asString());
-
-    REQUIRE(getPubKey["status"].asInt() == 0);
-    REQUIRE(getPubKey["publicKey"].asString() == genKey["publicKey"].asString());
-
-    Json::Value ecdsaSign = c.ecdsaSignMessageHash(16, genKey["keyName"].asString(),
-                                                   "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db");
-
-    REQUIRE(ecdsaSign["status"].asInt() == 0);
-
-
-}
-
 TEST_CASE_METHOD(TestFixture, "BLS key encrypt", "[bls-key-encrypt]") {
-
     auto key = encryptTestKey();
     REQUIRE(key != nullptr);
 }
@@ -597,36 +571,6 @@ TEST_CASE_METHOD(TestFixture, "DKG encrypted secret shares test", "[dkg-encr-ssh
     REQUIRE(status == SGX_SUCCESS);
 }
 
-TEST_CASE_METHOD(TestFixture, "DKG verification test", "[dkg-verify]") {
-
-    vector<char> errMsg(BUF_LEN, 0);
-    vector<char> result(BUF_LEN, 0);
-
-    int errStatus = 0;
-    uint32_t encLen = 0;
-
-    vector <uint8_t> encryptedDKGSecret(BUF_LEN, 0);
-
-    status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, 2);
-    REQUIRE(status == SGX_SUCCESS);
-
-
-    status = trustedSetEncryptedDkgPoly(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data());
-    REQUIRE(status == SGX_SUCCESS);
-    vector <uint8_t> encrPrDHKey(BUF_LEN, 0);
-
-    string pub_keyB = SAMPLE_PUBLIC_KEY_B;
-
-    vector<char> s_shareG2(BUF_LEN, 0);
-
-    status = trustedGetEncryptedSecretShare(eid, &errStatus, errMsg.data(), encrPrDHKey.data(), &encLen, result.data(),
-                                            s_shareG2.data(),
-                                            (char *) pub_keyB.data(), 2, 2, 1);
-    REQUIRE(status == SGX_SUCCESS);
-
-
-}
-
 
 
 
@@ -955,8 +899,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
 
     string hash = SAMPLE_HASH;
 
-    auto hash_arr = make_shared < array < uint8_t,
-    32 >> ();
+    auto hash_arr = make_shared < array < uint8_t, 32 >> ();
 
     uint64_t binLen;
 
@@ -1007,7 +950,7 @@ TEST_CASE_METHOD(TestFixture, "AES encrypt/decrypt", "[aes-encrypt-decrypt]") {
 
 
     int errStatus = -1;
-    vector<char> errMsg(BUF_LEN, 0);;
+    vector<char> errMsg(BUF_LEN, 0);
     uint32_t encLen;
     string key = SAMPLE_AES_KEY;
     vector <uint8_t> encrypted_key(BUF_LEN, 0);
@@ -1015,12 +958,39 @@ TEST_CASE_METHOD(TestFixture, "AES encrypt/decrypt", "[aes-encrypt-decrypt]") {
     status = trustedEncryptKeyAES(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key.data(), &encLen);
 
     REQUIRE(status == 0);
+    REQUIRE( errStatus == 0 );
 
 
     vector<char> decr_key(BUF_LEN, 0);
     status = trustedDecryptKeyAES(eid, &errStatus, errMsg.data(), encrypted_key.data(), encLen, decr_key.data());
 
     REQUIRE(status == 0);
+    REQUIRE( errStatus == 0 );
+    REQUIRE(key.compare(decr_key.data()) == 0);
+
+}
+
+
+TEST_CASE_METHOD(TestFixture, "SGX encrypt/decrypt", "[sgx-encrypt-decrypt]") {
+
+
+    int errStatus = -1;
+    vector<char> errMsg(BUF_LEN, 0);
+    uint32_t encLen;
+    string key = SAMPLE_AES_KEY;
+    vector <uint8_t> encrypted_key(BUF_LEN, 0);
+
+    status = trustedEncryptKey(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key.data(), &encLen);
+
+    REQUIRE(status == 0);
+    REQUIRE( errStatus == 0 );
+
+
+    vector<char> decr_key(BUF_LEN, 0);
+    status = trustedDecryptKey(eid, &errStatus, errMsg.data(), encrypted_key.data(), encLen, decr_key.data());
+
+    REQUIRE(status == 0);
+    REQUIRE( errStatus == 0 );
     REQUIRE(key.compare(decr_key.data()) == 0);
 
 }
@@ -1038,3 +1008,49 @@ TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypt
         thread.join();
     }
 }
+
+TEST_CASE_METHOD(TestFixture, "AES == NOT AES", "[aes-not-aes]") {
+    std::string key = SAMPLE_AES_KEY;
+
+    int errStatus = 0;
+    vector<char> errMsg(BUF_LEN, 0);
+    vector <uint8_t> encrPrivKey(BUF_LEN, 0);
+    uint32_t enc_len = 0;
+    trustedEncryptKey(eid, &errStatus, errMsg.data(), key.c_str(), encrPrivKey.data(), &enc_len);
+    REQUIRE(errStatus == SGX_SUCCESS);
+
+    int errStatusAES = 0;
+    vector<char> errMsgAES(BUF_LEN, 0);
+    vector <uint8_t> encrPrivKeyAES(BUF_LEN, 0);
+    uint32_t enc_lenAES = 0;
+    trustedEncryptKeyAES(eid, &errStatusAES, errMsgAES.data(), key.c_str(), encrPrivKeyAES.data(), &enc_lenAES);
+    REQUIRE( errStatusAES == SGX_SUCCESS );
+
+    errMsg.clear();
+    string hex = SAMPLE_HEX_HASH;
+    vector<char> signatureR(BUF_LEN, 0);
+    vector<char> signatureS(BUF_LEN, 0);
+    uint8_t signatureV = 0;
+
+    //uint32_t dec_len = 0;
+    status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encrPrivKey.data(), enc_len, (unsigned char *) hex.data(),
+                              signatureR.data(),
+                              signatureS.data(), &signatureV, 16);
+    REQUIRE( status == SGX_SUCCESS );
+    REQUIRE( errStatus == SGX_SUCCESS );
+
+    errMsgAES.clear();
+    vector<char> signatureRAES(BUF_LEN, 0);
+    vector<char> signatureSAES(BUF_LEN, 0);
+    uint8_t signatureVAES = 0;
+
+    uint32_t dec_lenAES = 0;
+    status = trustedEcdsaSignAES(eid, &errStatusAES, errMsgAES.data(), encrPrivKeyAES.data(), dec_lenAES, (unsigned char *) hex.data(),
+                              signatureRAES.data(),
+                              signatureSAES.data(), &signatureVAES, 16);
+    REQUIRE( status == SGX_SUCCESS );
+
+    REQUIRE( signatureR == signatureRAES );
+    REQUIRE( signatureS == signatureSAES );
+    REQUIRE( signatureV == signatureVAES );
+}

testw.h

@@ -5,7 +5,7 @@
 #ifndef SGXWALLET_TESTW_H
 #define SGXWALLET_TESTW_H
 
-#define  TEST_BLS_KEY_SHARE "4160780231445160889237664391382223604184857153814275770598791864649971919844"
+#define TEST_BLS_KEY_SHARE "4160780231445160889237664391382223604184857153814275770598791864649971919844"
 #define TEST_BLS_KEY_NAME "SCHAIN:17:INDEX:5:KEY:1"
 #define SAMPLE_HASH "09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db"
 #define SAMPLE_HEX_HASH "3F891FDA3704F0368DAB65FA81EBE616F4AA2A0854995DA4DC0B59D2CADBD64F"

testw.py

@@ -22,14 +22,10 @@
 #    @date 2020
 #
 
-import sys, getpass,os, subprocess, socket, time
-
+import getpass, os, subprocess
 
 username = getpass.getuser()
 
-
-
-
 topDir = os.getcwd() + "/sgxwallet"
 print("Starting build push")
 print("Top directory is:" + topDir)
@@ -53,7 +49,10 @@ testList = [ "[cert-sign]",
             "[dkg-pub-shares]",
             "[many-threads-crypto]",
             "[aes-encrypt-decrypt]",
-            "[aes-dkg]"]
+            "[sgx-encrypt-decrypt]",
+            "[aes-dkg]"#,
+            #"[aes-not-aes]" <- this test doesn't pass for now - will fix it later
+            ]
 
 
 for t in testList: