Skip to content

S
sgxwallet
Unverified Commit 8b9dcb3b authored by kladko's avatar kladko
Browse files
Options

SKALE-3205

parent eaa8c60a
Hide whitespace changes
Inline Side-by-side
Showing with 42 additions and 61 deletions
secure_enclave/AESUtils.c
View file @ 8b9dcb3b
......@@ -37,7 +37,7 @@ sgx_aes_gcm_128bit_key_t AES_DH_key;
#define SAFE_CHAR_BUF(__X__, __Y__) ;char __X__ [ __Y__ ]; memset(__X__, 0, __Y__);
int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrBufLen, unsigned char type,
unsigned char decryptable, uint64_t* resultLen) {
unsigned char exportable, uint64_t* resultLen) {
......@@ -66,7 +66,7 @@ int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrBufLen, unsig
SAFE_CHAR_BUF(fullMessage, len + 2);
fullMessage[0] = type;
fullMessage[1] = decryptable;
fullMessage[1] = exportable;
strncpy(fullMessage + 2, message, len );
......@@ -87,7 +87,7 @@ int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrBufLen, unsig
}
int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t msgLen,
uint8_t *type, uint8_t* decryptable){
uint8_t *type, uint8_t* exportable){
if (!message) {
LOG_ERROR("Null message in AES_encrypt");
......@@ -105,7 +105,7 @@ int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t
}
if (!encr_message) {
LOG_ERROR("Null decryptable in AES_encrypt");
LOG_ERROR("Null exportable in AES_encrypt");
return -4;
}
......@@ -132,27 +132,10 @@ int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t
(sgx_aes_gcm_128bit_tag_t *)encr_message);
*type = message[0];
*decryptable = message[1];
*exportable = message[1];
for (int i = 2; i < strlen(message) + 1; i++) {
message[i - 2 ] = message[i];
}
return status;
}
void derive_DH_Key() {
memcpy(AES_DH_key, AES_key, SGX_AESGCM_KEY_SIZE );
/*AES_DH_key[1] = 1;AES_DH_key[2] = 2;*/
}
secure_enclave/AESUtils.h
View file @ 8b9dcb3b
......@@ -25,22 +25,20 @@
#define SGXD_AESUTILS_H
extern sgx_aes_gcm_128bit_key_t AES_key;
extern sgx_aes_gcm_128bit_key_t AES_DH_key;
int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrLen,
unsigned char type, unsigned char decryptable, uint64_t* resultLen);
unsigned char type, unsigned char exportable, uint64_t* resultLen);
int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t msgLen,
uint8_t *type, uint8_t* decryptable) ;
uint8_t *type, uint8_t* exportable) ;
void derive_DH_Key();
#define ECDSA '1'
#define BLS '2'
#define DKG '3'
#define DECRYPTABLE '1'
#define NON_DECRYPTABLE '2'
#define EXPORTABLE '1'
#define NON_EXPORTABLE '2'
......
secure_enclave/secure_enclave.c
View file @ 8b9dcb3b
......@@ -421,13 +421,13 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
snprintf(errString, BUF_LEN, "skey len is %d\n", (int) strlen(skey_str));
int status = AES_encrypt((char *) skey_str, encryptedPrivateKey, BUF_LEN,
ECDSA, NON_DECRYPTABLE, enc_len);
ECDSA, NON_EXPORTABLE, enc_len);
CHECK_STATUS("ecdsa private key encryption failed");
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
status = AES_decrypt(encryptedPrivateKey, *enc_len, skey_str, BUF_LEN, &type, &decryptable);
status = AES_decrypt(encryptedPrivateKey, *enc_len, skey_str, BUF_LEN, &type, &exportable);
CHECK_STATUS2("ecdsa private key decr failed with status %d");
......@@ -458,10 +458,10 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *errString,
CHECK_STATE(pub_key_y);
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
int status = AES_decrypt(encryptedPrivateKey, enc_len, skey, BUF_LEN,
&type, &decryptable);
&type, &exportable);
CHECK_STATUS2("AES_decrypt failed with status %d");
skey[enc_len - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE] = '\0';
......@@ -541,11 +541,11 @@ void trustedEcdsaSignAES(int *errStatus, char *errString, uint8_t *encryptedPriv
signature sign = signature_init();
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
int status = AES_decrypt(encryptedPrivateKey, enc_len, skey, BUF_LEN,
&type, &decryptable);
&type, &exportable);
CHECK_STATUS2("aes decrypt failed with status %d");
......@@ -622,12 +622,12 @@ void trustedDecryptKeyAES(int *errStatus, char *errString, uint8_t *encryptedPri
*errStatus = -9;
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
int status = AES_decrypt(encryptedPrivateKey, enc_len, key, 3072,
&type, &decryptable);
&type, &exportable);
if (decryptable != DECRYPTABLE) {
if (exportable != EXPORTABLE) {
*errStatus = -11;
snprintf(errString, BUF_LEN, "Key is not exportable");
}
......@@ -668,17 +668,17 @@ void trustedEncryptKeyAES(int *errStatus, char *errString, const char *key,
*errStatus = UNKNOWN_ERROR;
int status = AES_encrypt((char *)key, encryptedPrivateKey, BUF_LEN,
DKG, DECRYPTABLE, enc_len);
DKG, EXPORTABLE, enc_len);
CHECK_STATUS2("AES encrypt failed with status %d");
SAFE_CHAR_BUF(decryptedKey, BUF_LEN);
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
status = AES_decrypt(encryptedPrivateKey, *enc_len, decryptedKey, BUF_LEN,
&type, &decryptable);
&type, &exportable);
CHECK_STATUS2("trustedDecryptKey failed with status %d");
......@@ -722,9 +722,9 @@ void trustedBlsSignMessageAES(int *errStatus, char *errString, uint8_t *encrypte
SAFE_CHAR_BUF(key, BUF_LEN);SAFE_CHAR_BUF(sig, BUF_LEN);
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
int status = AES_decrypt(encryptedPrivateKey, enc_len, key, BUF_LEN, &type, &decryptable);
int status = AES_decrypt(encryptedPrivateKey, enc_len, key, BUF_LEN, &type, &exportable);
CHECK_STATUS("AES decrypt failed")
......@@ -767,7 +767,7 @@ trustedGenDkgSecretAES(int *errStatus, char *errString, uint8_t *encrypted_dkg_s
CHECK_STATUS("gen_dkg_poly failed")
status = AES_encrypt(dkg_secret, encrypted_dkg_secret, 3 * BUF_LEN,
DKG, DECRYPTABLE, enc_len);
DKG, EXPORTABLE, enc_len);
CHECK_STATUS("SGX AES encrypt DKG poly failed");
......@@ -776,10 +776,10 @@ trustedGenDkgSecretAES(int *errStatus, char *errString, uint8_t *encrypted_dkg_s
SAFE_CHAR_BUF(decr_dkg_secret, DKG_BUFER_LENGTH);
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
status = AES_decrypt(encrypted_dkg_secret, *enc_len, decr_dkg_secret,
DKG_BUFER_LENGTH, &type, &decryptable);
DKG_BUFER_LENGTH, &type, &exportable);
CHECK_STATUS("aes decrypt dkg poly failed");
......@@ -809,10 +809,10 @@ trustedDecryptDkgSecretAES(int *errStatus, char *errString, uint8_t *encrypted_d
CHECK_STATE(decrypted_dkg_secret);
uint8_t type;
uint8_t decryptable;
uint8_t exportable;
int status = AES_decrypt(encrypted_dkg_secret, enc_len, (char *) decrypted_dkg_secret,
3072, &type, &decryptable);
3072, &type, &exportable);
CHECK_STATUS2("aes decrypt data - encrypted_dkg_secret failed with status %d")
......@@ -834,10 +834,10 @@ void trustedSetEncryptedDkgPolyAES(int *errStatus, char *errString, uint8_t *enc
memset(getThreadLocalDecryptedDkgPoly(), 0, DKG_BUFER_LENGTH);
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
int status = AES_decrypt(encrypted_poly, enc_len, (char *) getThreadLocalDecryptedDkgPoly(),
DKG_BUFER_LENGTH, &type, &decryptable);
DKG_BUFER_LENGTH, &type, &exportable);
CHECK_STATUS2("sgx_unseal_data - encrypted_poly failed with status %d")
......@@ -874,9 +874,9 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *errString, uint8_t
CHECK_STATUS("trustedGenerateEcdsaKeyAES failed");
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
status = AES_decrypt(encrypted_skey, enc_len, skey, BUF_LEN, &type, &decryptable);
status = AES_decrypt(encrypted_skey, enc_len, skey, BUF_LEN, &type, &exportable);
skey[ECDSA_SKEY_LEN - 1] = 0;
......@@ -930,10 +930,10 @@ void trustedGetPublicSharesAES(int *errStatus, char *errString, uint8_t *encrypt
SAFE_CHAR_BUF(decrypted_dkg_secret, DKG_MAX_SEALED_LEN);
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
int status = AES_decrypt(encrypted_dkg_secret, enc_len, decrypted_dkg_secret,
DKG_MAX_SEALED_LEN, &type, &decryptable);
DKG_MAX_SEALED_LEN, &type, &exportable);
CHECK_STATUS2("aes decrypt data - encrypted_dkg_secret failed with status %d");
......@@ -963,10 +963,10 @@ void trustedDkgVerifyAES(int *errStatus, char *errString, const char *public_sha
mpz_init(s);
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
int status = AES_decrypt(encryptedPrivateKey, enc_len, skey, BUF_LEN,
&type, &decryptable);
&type, &exportable);
CHECK_STATUS2("AES_decrypt failed (in trustedDkgVerifyAES) with status %d");
......@@ -1026,11 +1026,11 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share
mpz_init(bls_key);
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
int status = AES_decrypt(encryptedPrivateKey, key_len, skey, BUF_LEN,
&type, &decryptable);
&type, &exportable);
CHECK_STATUS2("aes decrypt failed with status %d");
skey[ECDSA_SKEY_LEN - 1] = 0;
......@@ -1090,7 +1090,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share
strncpy(key_share + n_zeroes, arr_skey_str, 65 - n_zeroes);
key_share[BLS_KEY_LENGTH - 1] = 0;
status = AES_encrypt(key_share, encr_bls_key, BUF_LEN, BLS, DECRYPTABLE, enc_bls_key_len);
status = AES_encrypt(key_share, encr_bls_key, BUF_LEN, BLS, NON_EXPORTABLE, enc_bls_key_len);
CHECK_STATUS2("aes encrypt bls private key failed with status %d ");
......@@ -1117,12 +1117,12 @@ trustedGetBlsPubKeyAES(int *errStatus, char *errString, uint8_t *encryptedPrivat
SAFE_CHAR_BUF(skey_hex, BUF_LEN);
uint8_t type = 0;
uint8_t decryptable = 0;
uint8_t exportable = 0;
int status = AES_decrypt(encryptedPrivateKey, key_len, skey_hex, BUF_LEN,
&type, &decryptable);
&type, &exportable);
CHECK_STATUS2("AES decrypt failed %d");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment