Skip to content

S
sgxwallet
Unverified Commit 92dc85a4 authored by kladko's avatar kladko
Browse files
Options

SKALE-3205

parent 8d448910
Hide whitespace changes
Inline Side-by-side
Showing with 56 additions and 24 deletions
BLSCrypto.cpp
View file @ 92dc85a4
...@@ -42,8 +42,10 @@ ...@@ -42,8 +42,10 @@
#include "common.h" #include "common.h"
#include "SGXWalletServer.h" #include "SGXWalletServer.h"
#include "BLSCrypto.h" #include "SEKManager.h"
#include "LevelDB.h"
#include "ServerInit.h" #include "ServerInit.h"
#include "BLSCrypto.h"
string *FqToString(libff::alt_bn128_Fq *_fq) { string *FqToString(libff::alt_bn128_Fq *_fq) {
...@@ -213,12 +215,26 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz ...@@ -213,12 +215,26 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
sgx_status_t status = SGX_SUCCESS; sgx_status_t status = SGX_SUCCESS;
int attempts = 0;
do {
attempts++;
{
READ_LOCK(initMutex);
status = trustedBlsSignMessageAES(eid, &errStatus, errMsg.data(), encryptedKey,
sz, xStrArg, yStrArg, signature);
}
if (status != SGX_SUCCESS) {
spdlog::error(__FUNCTION__);
spdlog::error("Restarting sgx ...");
reinitEnclave();
}
} while (attempts < 2);
{
READ_LOCK(initMutex);
status = trustedBlsSignMessageAES(eid, &errStatus, errMsg.data(), encryptedKey,
sz, xStrArg, yStrArg, signature);
}
HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg.data()); HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg.data());
string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" + hash_with_hint.second; string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" + hash_with_hint.second;
......
DKGCrypto.cpp
View file @ 92dc85a4
...@@ -209,10 +209,11 @@ getSecretShares(const string &_polyName, const char *_encryptedPolyHex, const ve ...@@ -209,10 +209,11 @@ getSecretShares(const string &_polyName, const char *_encryptedPolyHex, const ve
} }
sgx_status_t status = SGX_SUCCESS; sgx_status_t status = SGX_SUCCESS;
{
READ_LOCK(initMutex); READ_LOCK(initMutex);
status = trustedSetEncryptedDkgPolyAES(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), encLen);
} status = trustedSetEncryptedDkgPolyAES(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), encLen);
HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg1.data()); HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg1.data());
string result; string result;
...@@ -232,12 +233,10 @@ getSecretShares(const string &_polyName, const char *_encryptedPolyHex, const ve ...@@ -232,12 +233,10 @@ getSecretShares(const string &_polyName, const char *_encryptedPolyHex, const ve
spdlog::debug("pubKeyB is {}", pub_keyB); spdlog::debug("pubKeyB is {}", pub_keyB);
sgx_status_t status = SGX_SUCCESS; sgx_status_t status = SGX_SUCCESS;
{ status = trustedGetEncryptedSecretShareAES(eid, &errStatus, errMsg1.data(), encryptedSkey.data(), &decLen,
READ_LOCK(initMutex); currentShare.data(), sShareG2.data(), pubKeyB.data(), _t, _n,
status = trustedGetEncryptedSecretShareAES(eid, &errStatus, errMsg1.data(), encryptedSkey.data(), &decLen, i + 1);
currentShare.data(), sShareG2.data(), pubKeyB.data(), _t, _n,
i + 1);
}
HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg1.data()); HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg1.data());
spdlog::debug("cur_share is {}", currentShare.data()); spdlog::debug("cur_share is {}", currentShare.data());
......
SEKManager.cpp
View file @ 92dc85a4
...@@ -21,21 +21,25 @@ ...@@ -21,21 +21,25 @@
@date 2020 @date 2020
*/ */
#include "SEKManager.h"
#include "SGXException.h"
#include "BLSCrypto.h"
#include "LevelDB.h"
#include <fstream> #include <fstream>
#include <iostream> #include <iostream>
#include <algorithm> #include <algorithm>
#include "third_party/spdlog/spdlog.h"
#include "sgxwallet_common.h" #include "sgxwallet_common.h"
#include "common.h" #include "common.h"
#include "sgxwallet.h" #include "sgxwallet.h"
#include "SGXException.h"
#include "BLSCrypto.h"
#include "LevelDB.h"
#include "ServerDataChecker.h" #include "ServerDataChecker.h"
#include "third_party/spdlog/spdlog.h" #include "ServerInit.h"
#include "SEKManager.h"
using namespace std; using namespace std;
...@@ -152,7 +156,7 @@ void gen_SEK() { ...@@ -152,7 +156,7 @@ void gen_SEK() {
sgx_status_t status = SGX_SUCCESS; sgx_status_t status = SGX_SUCCESS;
{ {
READ_LOCK(initMutex);
status = trustedGenerateSEK(eid, &err_status, errMsg.data(), encrypted_SEK.data(), &enc_len, SEK); status = trustedGenerateSEK(eid, &err_status, errMsg.data(), encrypted_SEK.data(), &enc_len, SEK);
} }
...@@ -205,6 +209,13 @@ void gen_SEK() { ...@@ -205,6 +209,13 @@ void gen_SEK() {
} }
void reinitEnclave() {
WRITE_LOCK(initMutex);
initEnclave();
shared_ptr <string> encrypted_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
setSEK(encrypted_SEK_ptr);
}
void setSEK(shared_ptr <string> hex_encrypted_SEK) { void setSEK(shared_ptr <string> hex_encrypted_SEK) {
CHECK_STATE(hex_encrypted_SEK); CHECK_STATE(hex_encrypted_SEK);
...@@ -223,7 +234,6 @@ void setSEK(shared_ptr <string> hex_encrypted_SEK) { ...@@ -223,7 +234,6 @@ void setSEK(shared_ptr <string> hex_encrypted_SEK) {
sgx_status_t status = SGX_SUCCESS; sgx_status_t status = SGX_SUCCESS;
{ {
READ_LOCK(initMutex);
status = trustedSetSEK(eid, &err_status, errMsg.data(), encrypted_SEK); status = trustedSetSEK(eid, &err_status, errMsg.data(), encrypted_SEK);
} }
......
SEKManager.h
View file @ 92dc85a4
...@@ -45,4 +45,11 @@ EXTERNC void enter_SEK(); ...@@ -45,4 +45,11 @@ EXTERNC void enter_SEK();
EXTERNC void initSEK(); EXTERNC void initSEK();
EXTERNC void setSEK();
EXTERNC void reinitEnclave();
#endif //SGXD_SEKMANAGER_H #endif //SGXD_SEKMANAGER_H
VERSION
View file @ 92dc85a4
1.58.1 1.58.2
\ No newline at end of file \ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment