Merge branch 'develop' into feature/SKALE-3951-add-zeromq

b02835f1 · Oleh Nikolaiev · GitHub · b8801ae8 · 152e6db8 · b02835f1
Unverified Commit b02835f1 authored Jul 07, 2021 by Oleh Nikolaiev Committed by GitHub Jul 07, 2021
Showing with 23 additions and 50 deletions

SEKManager.cpp SEKManager.cpp +1 -11

SGXRegistrationServer.cpp SGXRegistrationServer.cpp +14 -20

SGXRegistrationServer.h SGXRegistrationServer.h +1 -1

build_deps.py scripts/build_deps.py +7 -18

No files found.
--- a/SEKManager.cpp
+++ b/SEKManager.cpp
@@ -28,7 +28,6 @@
 #include "third_party/spdlog/spdlog.h"
 #include "sgxwallet_common.h"
 #include "common.h"
 #include "sgxwallet.h"
@@ -76,7 +75,6 @@ void create_test_key() {
    LevelDB::getLevelDb()->writeDataUnique("TEST_KEY", hexEncrKey.data());
 }
 void validate_SEK() {
    shared_ptr <string> test_key_ptr = LevelDB::getLevelDb()->readString("TEST_KEY");
@@ -112,7 +110,6 @@ void validate_SEK() {
    }
 }
 shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {
    vector<char> decr_key(BUF_LEN, 0);
@@ -131,7 +128,6 @@ shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {
                             SEK.c_str());
    }
    HANDLE_TRUSTED_FUNCTION_ERROR(status, err_status, errMsg.data());
    encrypted_SEK->resize(l);
@@ -151,7 +147,6 @@ void gen_SEK() {
    spdlog::info("Generating backup key. Will be stored in backup_key.txt ... ");
    sgx_status_t status = SGX_SUCCESS;
    {
@@ -160,7 +155,6 @@ void gen_SEK() {
    HANDLE_TRUSTED_FUNCTION_ERROR(status, err_status, errMsg.data());
    if (strnlen(SEK, 33) != 32) {
        throw SGXException(-1, "strnlen(SEK,33) != 32");
    }
@@ -174,24 +168,21 @@ void gen_SEK() {
    sek_file << SEK;
    cout << "ATTENTION! YOUR BACKUP KEY HAS BEEN WRITTEN INTO sgx_data/backup_key.txt \n" <<
         "PLEASE COPY IT TO THE SAFE PLACE AND THEN DELETE THE FILE MANUALLY BY RUNNING THE FOLLOWING COMMAND:\n" <<
         "apt-get install secure-delete && srm -vz sgx_data/backup_key.txt" << endl;
    if (!autoconfirm) {
-        sleep(10);
        string confirm_str = "I confirm";
        string buffer;
        do {
            cout << " DO YOU CONFIRM THAT YOU COPIED THE KEY? (if you confirm type - I confirm)"
                 << endl;
+            sleep(10);
            getline(cin, buffer);
        } while (case_insensitive_match(confirm_str, buffer));
    }
    LevelDB::getLevelDb()->writeDataUnique("SEK", hexEncrKey.data());
    create_test_key();
@@ -242,7 +233,6 @@ void enter_SEK() {
        throw SGXException(CORRUPT_DATABASE, "Could not find TEST_KEY in database.");
    }
    if (!experimental::filesystem::is_regular_file(BACKUP_PATH)) {
        spdlog::error("File does not exist: " BACKUP_PATH);
        throw SGXException(FILE_NOT_FOUND, "File does not exist: " BACKUP_PATH);

--- a/SGXRegistrationServer.cpp
+++ b/SGXRegistrationServer.cpp
@@ -59,14 +59,16 @@ SGXRegistrationServer::SGXRegistrationServer(AbstractServerConnector &connector,
        : AbstractRegServer(connector, type), autoSign(_autoSign) {}
-Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
+Json::Value SGXRegistrationServer::SignCertificate(const string &csr) {
    spdlog::info(__FUNCTION__);
    INIT_RESULT(result)
    result["result"] = false;
    try {
-        string hash = cryptlite::sha256::hash_hex(_csr);
+        std::lock_guard<std::mutex> lock(m);
+        string hash = cryptlite::sha256::hash_hex(csr);
        if (system("ls " CERT_DIR "/" CERT_CREATE_COMMAND) != 0) {
            spdlog::error("cert/create_client_cert does not exist");
@@ -76,7 +78,7 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
        string csr_name = string(CERT_DIR) + "/" + hash + ".csr";
        ofstream outfile(csr_name);
        outfile.exceptions(std::ifstream::failbit | std::ifstream::badbit);
-        outfile << _csr << endl;
+        outfile << csr << endl;
        outfile.close();
        if (system(("ls " + csr_name).c_str()) != 0) {
@@ -85,27 +87,27 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
        }
        if (system(("openssl req -in " + csr_name).c_str()) != 0) {
-            spdlog::error("Incorrect CSR format: {}", _csr);
+            spdlog::error("Incorrect CSR format: {}", csr);
            throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "Incorrect CSR format ");
        }
-        if (_autoSign) {
+        if (autoSign) {
            string genCert = string("cd ") + CERT_DIR + "&& ./"
                    + CERT_CREATE_COMMAND + " " + hash ;
            if (system(genCert.c_str()) == 0) {
                spdlog::info("Client cert " + hash + " generated");
-                string db_key = "CSR:HASH:" + hash + "STATUS:";
-                string status = "0";
-                LevelDB::getCsrStatusDb()->writeDataUnique(db_key, status);
            } else {
                spdlog::error("Client cert generation failed: {} ", genCert);
                throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
            }
        } else {
            string db_key = "CSR:HASH:" + hash;
-            LevelDB::getCsrStatusDb()->writeDataUnique(db_key, _csr);
+            LevelDB::getCsrStatusDb()->writeDataUnique(db_key, csr);
        }
+        string db_key = "CSR:HASH:" + hash + "STATUS:";
+        string status = "0";
+        LevelDB::getCsrStatusDb()->writeDataUnique(db_key, status);
        result["result"] = true;
        result["hash"] = hash;
@@ -115,7 +117,9 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
    RETURN_SUCCESS(result)
 }
-Json::Value getCertificateImpl(const string &hash) {
+Json::Value SGXRegistrationServer::GetCertificate(const string &hash) {
+    spdlog::info(__FUNCTION__);
    Json::Value result;
    string cert;
@@ -150,16 +154,6 @@ Json::Value getCertificateImpl(const string &hash) {
    RETURN_SUCCESS(result)
 }
-Json::Value SGXRegistrationServer::SignCertificate(const string &csr) {
-    spdlog::info(__FUNCTION__);
-    return signCertificateImpl(csr, autoSign);
-}
-Json::Value SGXRegistrationServer::GetCertificate(const string &hash) {
-    spdlog::info(__FUNCTION__);
-    return getCertificateImpl(hash);
-}
 void SGXRegistrationServer::initRegistrationServer(bool _autoSign) {
    httpServer = make_shared<HttpServer>(BASE_PORT + 1);
    server = make_shared<SGXRegistrationServer>(*httpServer,

--- a/SGXRegistrationServer.h
+++ b/SGXRegistrationServer.h
@@ -39,7 +39,7 @@ using namespace jsonrpc;
 using namespace std;
 class SGXRegistrationServer : public AbstractRegServer {
-    recursive_mutex m;
+    mutex m;
    bool autoSign;
    static shared_ptr <HttpServer> httpServer;

--- a/scripts/build_deps.py
+++ b/scripts/build_deps.py
@@ -36,8 +36,6 @@ GMP_DIR = topDir + "/sgx-gmp"
 SGX_SDK_DIR_SSL = topDir + "/sgx-sdk-build/sgxsdk"
 ZMQ_DIR = topDir + "/libzmq"
 ZMQ_BUILD_DIR = ZMQ_DIR + "/build"
-CZMQ_DIR = topDir + "/cppzmq"
-CZMQ_BUILD_DIR = CZMQ_DIR + "/build"
 LEVELDB_DIR = topDir + "/leveldb"
 LEVELDB_BUILD_DIR = LEVELDB_DIR + "/build"
@@ -64,15 +62,8 @@ subprocess.call(["rm", "-rf",  GMP_BUILD_DIR])
 subprocess.call(["rm", "-rf", TGMP_BUILD_DIR])
 subprocess.call(["rm", "-rf", SDK_DIR])
 assert subprocess.call(["cp", "configure.gmp", GMP_DIR + "/configure"]) == 0
 print("Build LibBLS");
 os.chdir(BLS_DIR + "/deps")
 assert subprocess.call(["bash", "-c", "./build.sh"]) == 0
@@ -81,7 +72,6 @@ assert subprocess.call(["bash", "-c", "cmake -H. -Bbuild -DBUILD_TESTS=OFF"]) ==
 os.chdir(BLS_DIR + "/build")
 assert subprocess.call(["bash", "-c", "make"]) == 0
 print("Build ZMQ");
 os.chdir(ZMQ_DIR)
@@ -89,7 +79,6 @@ assert subprocess.call(["bash", "-c", "mkdir -p build"]) == 0
 os.chdir(ZMQ_BUILD_DIR)
 assert subprocess.call(["bash", "-c", "cmake -DDZMQ_EXPERIMENTAL=1 -DCMAKE_BUILD_TYPE=Release .. && cmake --build ."]) == 0
 print("Build LevelDB");
 os.chdir(LEVELDB_DIR)