SKALE-1850 add some changes to servers

BLSCrypto.h

@@ -30,11 +30,11 @@
 #define EXTERNC
 #endif
 
-EXTERNC void init_all();
-
-EXTERNC void init_daemon();
-
-EXTERNC  void init_enclave();
+//EXTERNC void init_all();
+//
+//EXTERNC void init_daemon();
+//
+//EXTERNC  void init_enclave();
 
 EXTERNC bool sign(const char* encryptedKeyHex, const char* hashHex, size_t t, size_t n,
         size_t signerIndex, char* _sig);

SGXRegistrationServer.cpp

@@ -35,16 +35,21 @@ void set_cert_created1(bool b){
 
 
 SGXRegistrationServer::SGXRegistrationServer(AbstractServerConnector &connector,
-                                 serverVersion_t type)
-    : AbstractRegServer(connector, type), is_cert_created(false) {}
+                                 serverVersion_t type, bool auto_sign)
+    : AbstractRegServer(connector, type), is_cert_created(false), cert_auto_sign(auto_sign) {}
 
 
-Json::Value SignSertificateImpl(const std::string& cert){
+Json::Value SignSertificateImpl(const std::string& cert, bool auto_sign = false){
   Json::Value result;
   result["status"] = 0;
   result["errorMessage"] = "";
   try{
-  std::cerr << " going to create csr" << std::endl;
+    //std::hash = cryptlite::sha256::hash_hex(cert);
+
+    std::cerr << " going to create csr" << std::endl;
+
+
+
   std::ofstream outfile ("cert/client.csr");
   outfile << cert << std::endl;
   outfile.close();
@@ -56,10 +61,21 @@ Json::Value SignSertificateImpl(const std::string& cert){
   std::thread thr(set_cert_created1, true);
   thr.detach();
 
-  std::string hash = cryptlite::sha256::hash_hex(cert);
+
 
  // std::thread timeout_thr (std::bind(&SGXRegistrationServer::set_cert_created, this, true));
 
+  if (auto_sign) {
+    std::string genCert = "cd cert && ./create_client_cert";
+
+        if (system(genCert.c_str()) == 0){
+          std::cerr << "CLIENT CERTIFICATE IS SUCCESSFULLY GENERATED" << std::endl;
+        }
+        else{
+          std::cerr << "CLIENT CERTIFICATE GENERATION FAILED" << std::endl;
+          exit(-1);
+        }
+  }
   } catch (RPCException &_e) {
     std::cerr << " err str " << _e.errString << std::endl;
     result["status"] = _e.status;
@@ -90,6 +106,9 @@ Json::Value GetSertificateImpl(const std::string& hash){
         cert = ss.str();
 
         infile.close();
+
+        system("cd cert && rm -rf client.crt");
+
         result["cert"] = cert;
         result["status"] = 0;
       }
@@ -108,7 +127,7 @@ Json::Value GetSertificateImpl(const std::string& hash){
 Json::Value SGXRegistrationServer::SignCertificate(const std::string& cert){
   std::cerr << "Enter SignCertificate " << std::endl;
   lock_guard<recursive_mutex> lock(m);
-  return SignSertificateImpl(cert);
+  return SignSertificateImpl(cert, cert_auto_sign);
 }
 
 Json::Value SGXRegistrationServer::GetCertificate(const std::string& hash){
@@ -123,7 +142,7 @@ void SGXRegistrationServer::set_cert_created(bool b){
 
 
 
-int init_registration_server() {
+int init_registration_server(bool sign_automatically) {
 
 //  std::string certPath = "cert/SGXCACertificate.crt";
 //  std::string keyPath = "cert/SGXCACertificate.key";
@@ -144,7 +163,7 @@ int init_registration_server() {
 
   hs2 = new HttpServer(1031);
   sr = new SGXRegistrationServer(*hs2,
-                                 JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
+                                 JSONRPC_SERVER_V2, sign_automatically); // hybrid server (json-rpc 1.0 & 2.0)
 
   if (!sr->StartListening()) {
     cerr << "Registration server could not start listening" << endl;

SGXRegistrationServer.h

@@ -15,10 +15,13 @@ using namespace std;
 class SGXRegistrationServer: public AbstractRegServer {
   std::recursive_mutex m;
   bool is_cert_created;
+  bool cert_auto_sign;
+
+  //std::string hash;
 
 public:
 
-  SGXRegistrationServer(AbstractServerConnector &connector, serverVersion_t type);
+  SGXRegistrationServer(AbstractServerConnector &connector, serverVersion_t type, bool auto_sign = false);
 
   void set_cert_created(bool b);
 
@@ -28,7 +31,7 @@ public:
 };
 
 
-extern int init_registration_server();
+extern int init_registration_server(bool sign_automatically = false);
 
 
 #endif // SGXD_SGXREGISTRATIONSERVER_H
\ No newline at end of file

SGXWalletServer.cpp

@@ -73,7 +73,7 @@ void debug_print(){
   levelDb->visitKeys(&v, 100000000);
 }
 
-int init_server() {
+int init_server(bool check_certs) {
   std::string rootCAPath = "cert/rootCA.pem";
   std::string keyCAPath = "cert/rootCA.key";
 
@@ -110,7 +110,7 @@ int init_server() {
     }
   }
 
-  hs = new HttpServer(1030, certPath, keyPath, rootCAPath, 10);
+  hs = new HttpServer(1030, certPath, keyPath, rootCAPath, check_certs, 10);
   s = new SGXWalletServer(*hs,
                       JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
 
@@ -121,6 +121,7 @@ int init_server() {
   return 0;
 }
 
+
 //int init_server() { //without ssl
 //
 //  hs = new HttpServer(1028);

SGXWalletServer.h

@@ -12,7 +12,7 @@
 #endif
 
 
-EXTERNC int init_server();
+EXTERNC int init_server(bool check_certs );
 
 
 

ServerInit.cpp

@@ -115,7 +115,7 @@ void init_enclave() {
 
 int sgxServerInited = 0;
 
-void init_all() {
+void init_all(bool check_cert, bool sign_automatically) {
 
 
 
@@ -124,8 +124,8 @@ void init_all() {
 
     sgxServerInited = 1;
 
-    init_server();
-    init_registration_server();
+    init_server(check_cert);
+    init_registration_server(sign_automatically);
     init_enclave();
     std::cerr << "enclave inited" << std::endl;
     init_daemon();

ServerInit.h

@@ -30,7 +30,7 @@
 #define EXTERNC
 #endif
 
-EXTERNC void init_all();
+EXTERNC void init_all(bool check_cert, bool sign_automatically);
 
 EXTERNC void init_daemon();
 

compile

-/usr/share/automake-1.15/compile
\ No newline at end of file
+/usr/share/automake-1.16/compile
\ No newline at end of file

depcomp

-/usr/share/automake-1.15/depcomp
\ No newline at end of file
+/usr/share/automake-1.16/depcomp
\ No newline at end of file

install-sh

-/usr/share/automake-1.15/install-sh
\ No newline at end of file
+/usr/share/automake-1.16/install-sh
\ No newline at end of file

missing

-/usr/share/automake-1.15/missing
\ No newline at end of file
+/usr/share/automake-1.16/missing
\ No newline at end of file

secure_enclave/Makefile.in

-# Makefile.in generated by automake 1.15.1 from Makefile.am.
+# Makefile.in generated by automake 1.16.1 from Makefile.am.
 # @configure_input@
 
-# Copyright (C) 1994-2017 Free Software Foundation, Inc.
+# Copyright (C) 1994-2018 Free Software Foundation, Inc.
 
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -137,7 +137,15 @@ am__v_at_0 = @
 am__v_at_1 = 
 DEFAULT_INCLUDES = -I.@am__isrc@
 depcomp = $(SHELL) $(top_srcdir)/depcomp
-am__depfiles_maybe = depfiles
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/BLSEnclave.Po ./$(DEPDIR)/DH_dkg.Po \
+	./$(DEPDIR)/DKGUtils.Po ./$(DEPDIR)/alt_bn128_g1.Po \
+	./$(DEPDIR)/alt_bn128_g2.Po ./$(DEPDIR)/alt_bn128_init.Po \
+	./$(DEPDIR)/curves.Po ./$(DEPDIR)/domain_parameters.Po \
+	./$(DEPDIR)/numbertheory.Po ./$(DEPDIR)/point.Po \
+	./$(DEPDIR)/secure_enclave.Po ./$(DEPDIR)/secure_enclave_t.Po \
+	./$(DEPDIR)/signature.Po ./$(DEPDIR)/signed_enclave_debug.Po \
+	./$(DEPDIR)/signed_enclave_rel.Po
 am__mv = mv -f
 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
@@ -365,8 +373,8 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
 	  *config.status*) \
 	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
 	  *) \
-	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
-	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
 	esac;
 $(top_srcdir)/build-aux/sgx_enclave.am $(am__empty):
 
@@ -431,21 +439,27 @@ mostlyclean-compile:
 distclean-compile:
 	-rm -f *.tab.c
 
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/curves.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domain_parameters.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numbertheory.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/point.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signature.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/curves.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domain_parameters.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numbertheory.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/point.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signature.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
 
 .c.o:
 @am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -569,7 +583,10 @@ cscopelist-am: $(am__tagged_files)
 distclean-tags:
 	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
 
-distdir: $(DISTFILES)
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
 	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
 	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
 	list='$(DISTFILES)'; \
@@ -642,7 +659,21 @@ clean: clean-am
 clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am
 
 distclean: distclean-am
-	-rm -rf ./$(DEPDIR)
+		-rm -f ./$(DEPDIR)/BLSEnclave.Po
+	-rm -f ./$(DEPDIR)/DH_dkg.Po
+	-rm -f ./$(DEPDIR)/DKGUtils.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_g2.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_init.Po
+	-rm -f ./$(DEPDIR)/curves.Po
+	-rm -f ./$(DEPDIR)/domain_parameters.Po
+	-rm -f ./$(DEPDIR)/numbertheory.Po
+	-rm -f ./$(DEPDIR)/point.Po
+	-rm -f ./$(DEPDIR)/secure_enclave.Po
+	-rm -f ./$(DEPDIR)/secure_enclave_t.Po
+	-rm -f ./$(DEPDIR)/signature.Po
+	-rm -f ./$(DEPDIR)/signed_enclave_debug.Po
+	-rm -f ./$(DEPDIR)/signed_enclave_rel.Po
 	-rm -f Makefile
 distclean-am: clean-am distclean-compile distclean-generic \
 	distclean-tags
@@ -688,7 +719,21 @@ install-ps-am:
 installcheck-am:
 
 maintainer-clean: maintainer-clean-am
-	-rm -rf ./$(DEPDIR)
+		-rm -f ./$(DEPDIR)/BLSEnclave.Po
+	-rm -f ./$(DEPDIR)/DH_dkg.Po
+	-rm -f ./$(DEPDIR)/DKGUtils.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_g2.Po
+	-rm -f ./$(DEPDIR)/alt_bn128_init.Po
+	-rm -f ./$(DEPDIR)/curves.Po
+	-rm -f ./$(DEPDIR)/domain_parameters.Po
+	-rm -f ./$(DEPDIR)/numbertheory.Po
+	-rm -f ./$(DEPDIR)/point.Po
+	-rm -f ./$(DEPDIR)/secure_enclave.Po
+	-rm -f ./$(DEPDIR)/secure_enclave_t.Po
+	-rm -f ./$(DEPDIR)/signature.Po
+	-rm -f ./$(DEPDIR)/signed_enclave_debug.Po
+	-rm -f ./$(DEPDIR)/signed_enclave_rel.Po
 	-rm -f Makefile
 maintainer-clean-am: distclean-am maintainer-clean-generic
 
@@ -708,19 +753,19 @@ uninstall-am: uninstall-libexecPROGRAMS
 
 .MAKE: install-am install-strip
 
-.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
-	clean-libexecPROGRAMS cscopelist-am ctags ctags-am distclean \
-	distclean-compile distclean-generic distclean-tags distdir dvi \
-	dvi-am html html-am info info-am install install-am \
-	install-data install-data-am install-dvi install-dvi-am \
-	install-exec install-exec-am install-html install-html-am \
-	install-info install-info-am install-libexecPROGRAMS \
-	install-man install-pdf install-pdf-am install-ps \
-	install-ps-am install-strip installcheck installcheck-am \
-	installdirs maintainer-clean maintainer-clean-generic \
-	mostlyclean mostlyclean-compile mostlyclean-generic pdf pdf-am \
-	ps ps-am tags tags-am uninstall uninstall-am \
-	uninstall-libexecPROGRAMS
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libexecPROGRAMS cscopelist-am ctags \
+	ctags-am distclean distclean-compile distclean-generic \
+	distclean-tags distdir dvi dvi-am html html-am info info-am \
+	install install-am install-data install-data-am install-dvi \
+	install-dvi-am install-exec install-exec-am install-html \
+	install-html-am install-info install-info-am \
+	install-libexecPROGRAMS install-man install-pdf install-pdf-am \
+	install-ps install-ps-am install-strip installcheck \
+	installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \
+	uninstall-am uninstall-libexecPROGRAMS
 
 .PRECIOUS: Makefile
 

sgxwallet.c

@@ -36,7 +36,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #include "BLSCrypto.h"
 #include "ServerInit.h"
 
-
+#include <stdbool.h>
 
 void usage() {
   fprintf(stderr, "usage: sgxwallet\n");
@@ -50,26 +50,40 @@ int updated;
 
 int main(int argc, char *argv[]) {
 
-
+  bool check_client_cert = true;
+  bool sign_automatically = false;
   int opt;
 
-  while ((opt = getopt(argc, argv, "h")) != -1) {
+  if (argc > 1 && strlen(argv[1])==1){
+    fprintf(stderr, "option is too short %s\n", argv[1]);
+    exit(1);
+  }
+
+  while ((opt = getopt(argc, argv, "csh")) != -1) {
     switch (opt) {
-    case 'h':
+//    case 'h':
+//      if (strlen(argv[1]) == 2 ) {
+//        fprintf(stderr, "-c  client certificate will not be checked\n");
+//        fprintf(stderr, "-s  client certificate will be signed automatically\n");
+//        exit(0);
+//      } else {
+//        fprintf(stderr, "unknown flag %s\n", argv[1]);
+//        exit(1);
+//      }
+
+    case 'c':
+      check_client_cert = false;
+      break;
+    case 's':
+      sign_automatically = true;
+      break;
+    case '?': // fprintf(stderr, "unknown flag\n");
+      exit(1);
     default:
-      usage();
+      break;
     }
   }
-
-  argc -= optind;
-  argv += optind;
-
-  if (argc != 0)
-    usage();
-
-  init_all();
-
-
+  init_all(check_client_cert, sign_automatically);
 
   while (true) {
       sleep(10);

testw.cpp

@@ -134,7 +134,7 @@ char* encryptTestKey() {
 TEST_CASE("BLS key encrypt", "[bls-key-encrypt]") {
 
 
-    init_all();
+    init_all(false, false);
     char* key = encryptTestKey();
     REQUIRE(key != nullptr);
 
@@ -145,7 +145,7 @@ TEST_CASE("BLS key encrypt/decrypt", "[bls-key-encrypt-decrypt]") {
     {
 
 
-        init_all();
+        init_all(false, false);
 
         int errStatus =  -1;
         char* errMsg = (char*) calloc(BUF_LEN, 1);
@@ -171,7 +171,7 @@ TEST_CASE("BLS key encrypt/decrypt", "[bls-key-encrypt-decrypt]") {
 
 TEST_CASE("BLS key import", "[bls-key-import]") {
     reset_db();
-    init_all();
+    init_all(false, false);
 
 
 
@@ -213,7 +213,8 @@ TEST_CASE("Server BLS sign test", "[bls-server-sign]") {
 
     reset_db();
 
-    init_all();
+    init_all(false, false);
+
 
     auto result = importBLSKeyShareImpl( TEST_BLS_KEY_SHARE, TEST_BLS_KEY_NAME, 2, 2, 1);
 
@@ -739,7 +740,7 @@ std::string ConvertDecToHex(std::string dec, int numBytes = 32){
 
 TEST_CASE("BLS_DKG test", "[bls_dkg]") {
   std::cerr<< "test started" << std::endl;
-  init_all();
+  init_all(false, false);
   cerr << "Server inited" << endl;
   HttpClient client("http://localhost:1028");
   StubClient c(client, JSONRPC_CLIENT_V2);
@@ -855,7 +856,7 @@ TEST_CASE("API test", "[api_test]") {
 
   //std::cerr << __GNUC__ << std::endl;
     cerr << "API test started" << endl;
-    init_all();
+    init_all(false, false);
     //HttpServer httpserver(1025);
     //SGXWalletServer s(httpserver,
     //                JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)