Skip to content

S
sgxwallet
Unverified Commit 89a991a7 authored by Oleh Nikolaiev's avatar Oleh Nikolaiev Committed by GitHub
Browse files
Options

Merge pull request #151 from skalenetwork/enhancement/SKALE-3007-sgx-parameters-validation 

Enhancement/skale 3007 sgx parameters validation
parents 8e5e8758 50a42a1e
Hide whitespace changes
Inline Side-by-side
Showing with 53 additions and 56 deletions
BLSCrypto.cpp
View file @ 89a991a7
......@@ -155,8 +155,7 @@ bool sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t
return true;
}
bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t _n, size_t _signerIndex,
char *_sig) {
bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t _n, char *_sig) {
auto hash = make_shared<array<uint8_t, 32>>();
uint64_t binLen;
......@@ -240,9 +239,8 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
return true;
}
bool bls_sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t _n, size_t _signerIndex,
char *_sig) {
return sign_aes(_encryptedKeyHex, _hashHex, _t, _n, _signerIndex, _sig);
bool bls_sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t _n, char *_sig) {
return sign_aes(_encryptedKeyHex, _hashHex, _t, _n, _sig);
}
std::string encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key) {
......
BLSCrypto.h
View file @ 89a991a7
......@@ -34,8 +34,7 @@
#include "stdint.h"
#include <string>
EXTERNC bool bls_sign(const char* encryptedKeyHex, const char* hashHex, size_t t, size_t n,
size_t signerIndex, char* _sig);
EXTERNC bool bls_sign(const char* encryptedKeyHex, const char* hashHex, size_t t, size_t n, char* _sig);
EXTERNC int char2int(char _input);
......
SGXWalletServer.cpp
View file @ 89a991a7
......@@ -169,7 +169,7 @@ int SGXWalletServer::initHttpServer() { //without ssl
}
Json::Value
SGXWalletServer::importBLSKeyShareImpl(const string &_keyShare, const string &_keyShareName, int t, int n, int _index) {
SGXWalletServer::importBLSKeyShareImpl(const string &_keyShare, const string &_keyShareName) {
spdlog::info("Entering {}", __FUNCTION__);
INIT_RESULT(result);
......@@ -178,6 +178,10 @@ SGXWalletServer::importBLSKeyShareImpl(const string &_keyShare, const string &_k
string encryptedKeyShareHex;
try {
if (!checkName(_keyShareName, "BLS_KEY")) {
throw SGXException(INVALID_BLS_NAME, "Invalid BLS key name");
}
encryptedKeyShareHex = encryptBLSKeyShare2Hex(&errStatus, (char *) errMsg.data(), _keyShare.c_str());
if (errStatus != 0) {
......@@ -190,15 +194,14 @@ SGXWalletServer::importBLSKeyShareImpl(const string &_keyShare, const string &_k
result["encryptedKeyShare"] = encryptedKeyShareHex;
writeKeyShare(_keyShareName, encryptedKeyShareHex, _index, n, t);
writeKeyShare(_keyShareName, encryptedKeyShareHex);
} HANDLE_SGX_EXCEPTION(result)
RETURN_SUCCESS(result);
}
Json::Value
SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const string &_messageHash, int t, int n,
int _signerIndex) {
SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const string &_messageHash, int t, int n) {
spdlog::trace("Entering {}", __FUNCTION__);
INIT_RESULT(result)
......@@ -214,6 +217,11 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin
if (!checkName(_keyShareName, "BLS_KEY")) {
throw SGXException(INVALID_POLY_NAME, "Invalid BLSKey name");
}
if (!check_n_t(t, n)) {
throw SGXException(INVALID_DKG_PARAMS, "Invalid t/n parameters");
}
string hashTmp = _messageHash;
if (hashTmp[0] == '0' && (hashTmp[1] == 'x' || hashTmp[1] == 'X')) {
hashTmp.erase(hashTmp.begin(), hashTmp.begin() + 2);
......@@ -227,7 +235,7 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin
}
value = readFromDb(_keyShareName);
if (!bls_sign(value->c_str(), _messageHash.c_str(), t, n, _signerIndex, signature.data())) {
if (!bls_sign(value->c_str(), _messageHash.c_str(), t, n, signature.data())) {
throw SGXException(-1, "Could not sign data ");
}
} HANDLE_SGX_EXCEPTION(result)
......@@ -461,7 +469,7 @@ Json::Value SGXWalletServer::dkgVerificationImpl(const string &_publicShares, co
if (!checkECDSAKeyName(_ethKeyName)) {
throw SGXException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
}
if (!check_n_t(_t, _n) || _index > _n || _index < 0) {
if (!check_n_t(_t, _n) || _index >= _n || _index < 0) {
throw SGXException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
}
if (!checkHex(_secretShare, SECRET_SHARE_NUM_BYTES)) {
......@@ -554,6 +562,7 @@ Json::Value SGXWalletServer::complaintResponseImpl(const string &_polyName, int
if (!checkName(_polyName, "POLY")) {
throw SGXException(INVALID_POLY_NAME, "Invalid polynomial name");
}
string shareG2_name = "shareG2_" + _polyName + "_" + to_string(_ind) + ":";
shared_ptr <string> shareG2_ptr = readFromDb(shareG2_name);
......@@ -676,14 +685,12 @@ Json::Value SGXWalletServer::ecdsaSignMessageHash(int _base, const string &_keyS
}
Json::Value
SGXWalletServer::importBLSKeyShare(const string &_keyShare, const string &_keyShareName, int _t, int _n,
int index) {
return importBLSKeyShareImpl(_keyShare, _keyShareName, _t, _n, index);
SGXWalletServer::importBLSKeyShare(const string &_keyShare, const string &_keyShareName) {
return importBLSKeyShareImpl(_keyShare, _keyShareName);
}
Json::Value SGXWalletServer::blsSignMessageHash(const string &_keyShareName, const string &_messageHash, int _t, int _n,
int _signerIndex) {
return blsSignMessageHashImpl(_keyShareName, _messageHash, _t, _n, _signerIndex);
Json::Value SGXWalletServer::blsSignMessageHash(const string &_keyShareName, const string &_messageHash, int _t, int _n) {
return blsSignMessageHashImpl(_keyShareName, _messageHash, _t, _n);
}
Json::Value SGXWalletServer::importECDSAKey(const string &_key, const string &_keyName) {
......@@ -724,7 +731,7 @@ shared_ptr <string> SGXWalletServer::readFromDb(const string &name, const string
return dataStr;
}
void SGXWalletServer::writeKeyShare(const string &_keyShareName, const string &_value, int _index, int _n, int _t) {
void SGXWalletServer::writeKeyShare(const string &_keyShareName, const string &_value) {
if (LevelDB::getLevelDb()->readString(_keyShareName) != nullptr) {
throw SGXException(KEY_SHARE_ALREADY_EXISTS, "Key share with this name already exists");
}
......@@ -732,10 +739,10 @@ void SGXWalletServer::writeKeyShare(const string &_keyShareName, const string &_
LevelDB::getLevelDb()->writeString(_keyShareName, _value);
}
void SGXWalletServer::writeDataToDB(const string &Name, const string &value) {
if (LevelDB::getLevelDb()->readString(Name) != nullptr) {
void SGXWalletServer::writeDataToDB(const string &name, const string &value) {
if (LevelDB::getLevelDb()->readString(name) != nullptr) {
throw SGXException(KEY_NAME_ALREADY_EXISTS, "Name already exists");
}
LevelDB::getLevelDb()->writeString(Name, value);
LevelDB::getLevelDb()->writeString(name, value);
}
SGXWalletServer.hpp
View file @ 89a991a7
......@@ -46,11 +46,10 @@ public:
SGXWalletServer(AbstractServerConnector &_connector, serverVersion_t _type);
virtual Json::Value
importBLSKeyShare(const string &_keyShare, const string &_keyShareName, int _t, int _n, int index);
importBLSKeyShare(const string &_keyShare, const string &_keyShareName);
virtual Json::Value
blsSignMessageHash(const string &_keyShareName, const string &_messageHash, int _t, int _n,
int _signerIndex);
blsSignMessageHash(const string &_keyShareName, const string &_messageHash, int _t, int _n);
virtual Json::Value importECDSAKey(const string &_key, const string &_keyName);
......@@ -95,14 +94,13 @@ public:
static void writeDataToDB(const string &Name, const string &value);
static void writeKeyShare(const string &_keyShareName, const string &_value, int _index, int _n, int _t);
static void writeKeyShare(const string &_keyShareName, const string &_value);
static Json::Value
importBLSKeyShareImpl(const string &_keyShare, const string &_keyShareName, int t, int n, int _index);
importBLSKeyShareImpl(const string &_keyShare, const string &_keyShareName);
static Json::Value
blsSignMessageHashImpl(const string &_keyShareName, const string &_messageHash, int t, int n,
int _signerIndex);
blsSignMessageHashImpl(const string &_keyShareName, const string &_messageHash, int t, int n);
static Json::Value importECDSAKeyImpl(const string &_key, const string &_keyName);
......
TestUtils.cpp
View file @ 89a991a7
......@@ -239,7 +239,7 @@ void TestUtils::sendRPCRequest() {
CHECK_STATE(pubBLSKeys[i]["status"] == 0);
string hash = SAMPLE_HASH;
blsSigShares[i] = c.blsSignMessageHash(blsName, hash, t, n, i + 1);
blsSigShares[i] = c.blsSignMessageHash(blsName, hash, t, n);
CHECK_STATE(blsSigShares[i]["status"] == 0);
shared_ptr <string> sig_share_ptr = make_shared<string>(blsSigShares[i]["signatureShare"].asString());
......@@ -376,7 +376,7 @@ void TestUtils::doDKG(StubClient &c, int n, int t,
for (int i = 0; i < t; i++) {
string blsName = "BLS_KEY" + polyNames[i].substr(4);
blsSigShares[i] = c.blsSignMessageHash(blsName, hash, t, n, i + 1);
blsSigShares[i] = c.blsSignMessageHash(blsName, hash, t, n);
CHECK_STATE(blsSigShares[i]["status"] == 0);
shared_ptr<string> sig_share_ptr = make_shared<string>(blsSigShares[i]["signatureShare"].asString());
BLSSigShare sig(sig_share_ptr, i + 1, t, n);
......
abstractstubserver.h
View file @ 89a991a7
......@@ -36,8 +36,8 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
public:
AbstractStubServer(jsonrpc::AbstractServerConnector &conn, jsonrpc::serverVersion_t type = jsonrpc::JSONRPC_SERVER_V2) : jsonrpc::AbstractServer<AbstractStubServer>(conn, type)
{
this->bindAndAddMethod(jsonrpc::Procedure("importBLSKeyShare", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"keyShare",jsonrpc::JSON_STRING,"keyShareName",jsonrpc::JSON_STRING,"t",jsonrpc::JSON_INTEGER,"n",jsonrpc::JSON_INTEGER, "index",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::importBLSKeyShareI);
this->bindAndAddMethod(jsonrpc::Procedure("blsSignMessageHash", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "keyShareName",jsonrpc::JSON_STRING,"messageHash",jsonrpc::JSON_STRING,"t",jsonrpc::JSON_INTEGER, "n",jsonrpc::JSON_INTEGER, "signerIndex",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::blsSignMessageHashI);
this->bindAndAddMethod(jsonrpc::Procedure("importBLSKeyShare", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,"keyShare",jsonrpc::JSON_STRING,"keyShareName",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::importBLSKeyShareI);
this->bindAndAddMethod(jsonrpc::Procedure("blsSignMessageHash", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "keyShareName",jsonrpc::JSON_STRING,"messageHash",jsonrpc::JSON_STRING,"t",jsonrpc::JSON_INTEGER, "n",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::blsSignMessageHashI);
this->bindAndAddMethod(jsonrpc::Procedure("importECDSAKey", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "key",jsonrpc::JSON_STRING,"keyName",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::importECDSAKeyI);
this->bindAndAddMethod(jsonrpc::Procedure("generateECDSAKey", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, NULL), &AbstractStubServer::generateECDSAKeyI);
......@@ -62,11 +62,11 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
inline virtual void importBLSKeyShareI(const Json::Value &request, Json::Value &response)
{
response = this->importBLSKeyShare( request["keyShare"].asString(), request["keyShareName"].asString(), request["t"].asInt(), request["n"].asInt(), request["index"].asInt());
response = this->importBLSKeyShare( request["keyShare"].asString(), request["keyShareName"].asString());
}
inline virtual void blsSignMessageHashI(const Json::Value &request, Json::Value &response)
{
response = this->blsSignMessageHash(request["keyShareName"].asString(), request["messageHash"].asString(), request["t"].asInt(), request["n"].asInt(), request["signerIndex"].asInt());
response = this->blsSignMessageHash(request["keyShareName"].asString(), request["messageHash"].asString(), request["t"].asInt(), request["n"].asInt());
}
inline virtual void importECDSAKeyI(const Json::Value &request, Json::Value &response)
......@@ -145,8 +145,8 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
response = this->deleteBlsKey(request["blsKeyName"].asString());
}
virtual Json::Value importBLSKeyShare(const std::string& keyShare, const std::string& keyShareName, int t, int n, int index) = 0;
virtual Json::Value blsSignMessageHash(const std::string& keyShareName, const std::string& messageHash, int t, int n, int signerIndex ) = 0;
virtual Json::Value importBLSKeyShare(const std::string& keyShare, const std::string& keyShareName) = 0;
virtual Json::Value blsSignMessageHash(const std::string& keyShareName, const std::string& messageHash, int t, int n ) = 0;
virtual Json::Value importECDSAKey(const std::string& key, const std::string& keyName) = 0;
virtual Json::Value generateECDSAKey() = 0;
virtual Json::Value renameECDSAKey(const std::string& KeyName, const std::string& tempKeyName) = 0;
......
sgxwallet_common.h
View file @ 89a991a7
......@@ -91,7 +91,6 @@ extern bool autoconfirm;
#define INVALID_ECSDA_SIGNATURE -22
#define KEY_NAME_ALREADY_EXISTS -23 \
#define ERROR_IN_ENCLAVE -33
#define FILE_NOT_FOUND -44
......
stubclient.h
View file @ 89a991a7
......@@ -12,14 +12,11 @@ class StubClient : public jsonrpc::Client
public:
StubClient(jsonrpc::IClientConnector &conn, jsonrpc::clientVersion_t type = jsonrpc::JSONRPC_CLIENT_V2) : jsonrpc::Client(conn, type) {}
Json::Value importBLSKeyShare(const std::string& keyShare, const std::string& keyShareName, int t, int n, int index)
Json::Value importBLSKeyShare(const std::string& keyShare, const std::string& keyShareName)
{
Json::Value p;
p["index"] = index;
p["keyShare"] = keyShare;
p["keyShareName"] = keyShareName;
p["n"] = n;
p["t"] = t;
Json::Value result = this->CallMethod("importBLSKeyShare",p);
if (result.isObject())
return result;
......@@ -27,13 +24,12 @@ class StubClient : public jsonrpc::Client
throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
}
Json::Value blsSignMessageHash(const std::string& keyShareName, const std::string& messageHash, int t, int n, int signerIndex)
Json::Value blsSignMessageHash(const std::string& keyShareName, const std::string& messageHash, int t, int n)
{
Json::Value p;
p["keyShareName"] = keyShareName;
p["messageHash"] = messageHash;
p["n"] = n;
p["signerIndex"] = signerIndex;
p["t"] = t;
Json::Value result = this->CallMethod("blsSignMessageHash",p);
if (result.isObject())
......
testw.cpp
View file @ 89a991a7
......@@ -82,27 +82,27 @@ public:
}
};
class TestFixtureNoReset {
class TestFixtureHTTPS {
public:
TestFixtureNoReset() {
setOptions(L_INFO, false, true);
TestFixtureHTTPS() {
TestUtils::resetDB();
setOptions(L_INFO, true, true);
initAll(L_INFO, false, true);
}
~TestFixtureNoReset() {
~TestFixtureHTTPS() {
TestUtils::destroyEnclave();
}
};
class TestFixtureHTTPS {
class TestFixtureNoReset {
public:
TestFixtureHTTPS() {
TestUtils::resetDB();
setOptions(L_INFO, true, true);
TestFixtureNoReset() {
setOptions(L_INFO, false, true);
initAll(L_INFO, false, true);
}
~TestFixtureHTTPS() {
~TestFixtureNoReset() {
TestUtils::destroyEnclave();
}
};
......@@ -432,7 +432,7 @@ TEST_CASE_METHOD(TestFixture, "Delete Bls Key", "[delete-bls-key]") {
libff::alt_bn128_Fr key = libff::alt_bn128_Fr("6507625568967977077291849236396320012317305261598035438182864059942098934847");
std::string key_str = TestUtils::stringFromFr(key);
PRINT_SRC_LINE
c.importBLSKeyShare(key_str, name, 1, 2, 1);
c.importBLSKeyShare(key_str, name);
PRINT_SRC_LINE
REQUIRE(c.deleteBlsKey(name)["deleted"] == true);
}
......@@ -658,7 +658,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
REQUIRE(pubBLSKeys[i]["status"] == 0);
string hash = SAMPLE_HASH;
blsSigShares[i] = c.blsSignMessageHash(blsName, hash, t, n, i + 1);
blsSigShares[i] = c.blsSignMessageHash(blsName, hash, t, n);
REQUIRE(blsSigShares[i]["status"] == 0);
shared_ptr<string> sig_share_ptr = make_shared<string>(blsSigShares[i]["signatureShare"].asString());
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment