SKALE-3205

92dc85a4 · kladko · 8d448910 · 92dc85a4 · 92dc85a4 · 92dc85a4
Unverified Commit 92dc85a4 authored Sep 08, 2020 by kladko
Hide whitespace changes
Inline Side-by-side

Showing with 56 additions and 24 deletions

BLSCrypto.cpp BLSCrypto.cpp +22 -6

DKGCrypto.cpp DKGCrypto.cpp +9 -10

SEKManager.cpp SEKManager.cpp +17 -7

SEKManager.h SEKManager.h +7 -0

VERSION VERSION +1 -1

No files found.
--- a/BLSCrypto.cpp
+++ b/BLSCrypto.cpp
@@ -42,8 +42,10 @@
 #include "common.h"
 #include "SGXWalletServer.h"

-#include "BLSCrypto.h"
+#include "SEKManager.h"
+#include "LevelDB.h"
 #include "ServerInit.h"
+#include "BLSCrypto.h"


 string *FqToString(libff::alt_bn128_Fq *_fq) {
@@ -213,12 +215,26 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz


    sgx_status_t status = SGX_SUCCESS;
+    int attempts = 0;
+    do {
+        attempts++;
+        {
+            READ_LOCK(initMutex);
+
+            status = trustedBlsSignMessageAES(eid, &errStatus, errMsg.data(), encryptedKey,
+                                              sz, xStrArg, yStrArg, signature);
+
+        }
+        if (status != SGX_SUCCESS) {
+            spdlog::error(__FUNCTION__);
+            spdlog::error("Restarting sgx ...");
+            reinitEnclave();
+        }
+    } while (attempts < 2);
+
+
+

-    {
-        READ_LOCK(initMutex);
-        status = trustedBlsSignMessageAES(eid, &errStatus, errMsg.data(), encryptedKey,
-                                          sz, xStrArg, yStrArg, signature);
-    }
    HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg.data());

    string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" + hash_with_hint.second;

--- a/DKGCrypto.cpp
+++ b/DKGCrypto.cpp
@@ -209,10 +209,11 @@ getSecretShares(const string &_polyName, const char *_encryptedPolyHex, const ve
    }

    sgx_status_t status = SGX_SUCCESS;
-    {
-        READ_LOCK(initMutex);
-        status = trustedSetEncryptedDkgPolyAES(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), encLen);
-    }
+
+    READ_LOCK(initMutex);
+
+    status = trustedSetEncryptedDkgPolyAES(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), encLen);
+
    HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg1.data());

    string result;
@@ -232,12 +233,10 @@ getSecretShares(const string &_polyName, const char *_encryptedPolyHex, const ve
        spdlog::debug("pubKeyB is {}", pub_keyB);

        sgx_status_t status = SGX_SUCCESS;
-        {
-            READ_LOCK(initMutex);
-            status = trustedGetEncryptedSecretShareAES(eid, &errStatus, errMsg1.data(), encryptedSkey.data(), &decLen,
-                                                       currentShare.data(), sShareG2.data(), pubKeyB.data(), _t, _n,
-                                                       i + 1);
-        }
+        status = trustedGetEncryptedSecretShareAES(eid, &errStatus, errMsg1.data(), encryptedSkey.data(), &decLen,
+                                                   currentShare.data(), sShareG2.data(), pubKeyB.data(), _t, _n,
+                                                   i + 1);
+
        HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg1.data());

        spdlog::debug("cur_share is {}", currentShare.data());

--- a/SEKManager.cpp
+++ b/SEKManager.cpp
@@ -21,21 +21,25 @@
    @date 2020
 */

-#include "SEKManager.h"
-#include "SGXException.h"
-#include "BLSCrypto.h"
-#include "LevelDB.h"

 #include <fstream>
 #include <iostream>
 #include <algorithm>

+#include "third_party/spdlog/spdlog.h"
+
+
 #include "sgxwallet_common.h"
 #include "common.h"
 #include "sgxwallet.h"

+#include "SGXException.h"
+#include "BLSCrypto.h"
+#include "LevelDB.h"
+
 #include "ServerDataChecker.h"
-#include "third_party/spdlog/spdlog.h"
+#include "ServerInit.h"
+#include "SEKManager.h"

 using namespace std;

@@ -152,7 +156,7 @@ void gen_SEK() {

    sgx_status_t status = SGX_SUCCESS;
    {
-        READ_LOCK(initMutex);
+
        status = trustedGenerateSEK(eid, &err_status, errMsg.data(), encrypted_SEK.data(), &enc_len, SEK);
    }

@@ -205,6 +209,13 @@ void gen_SEK() {

 }

+void  reinitEnclave() {
+    WRITE_LOCK(initMutex);
+    initEnclave();
+    shared_ptr <string> encrypted_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
+    setSEK(encrypted_SEK_ptr);
+}
+
 void setSEK(shared_ptr <string> hex_encrypted_SEK) {

    CHECK_STATE(hex_encrypted_SEK);
@@ -223,7 +234,6 @@ void setSEK(shared_ptr <string> hex_encrypted_SEK) {

    sgx_status_t status = SGX_SUCCESS;
    {
-        READ_LOCK(initMutex);
        status = trustedSetSEK(eid, &err_status, errMsg.data(), encrypted_SEK);
    }


--- a/SEKManager.h
+++ b/SEKManager.h
@@ -45,4 +45,11 @@ EXTERNC void enter_SEK();

 EXTERNC void initSEK();

+EXTERNC void setSEK();
+
+EXTERNC void reinitEnclave();
+
+
+
+
 #endif //SGXD_SEKMANAGER_H
--- a/VERSION
+++ b/VERSION
-1.58.1
\ No newline at end of file
+1.58.2
\ No newline at end of file