Skip to content

S
sgxwallet
Unverified Commit b46efc78 authored by kladko's avatar kladko
Browse files
Options

SKALE-3067-cleanup-sgx

parent a81f0eb3
Hide whitespace changes
Inline Side-by-side
Showing with 29 additions and 8 deletions
secure_enclave/AESUtils.c
View file @ b46efc78
......@@ -29,8 +29,29 @@
#include "AESUtils.h"
int AES_encrypt(char *message, uint8_t *encr_message) {
int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrLen) {
if (!message) {
LOG_ERROR("Null message in AES_encrypt");
return -1;
}
if (!encr_message) {
LOG_ERROR("Null encr message in AES_encrypt");
return -2;
}
auto len = strlen(message);
if (len + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE > encrLen ) {
LOG_ERROR("Output buffer too small");
return -3;
}
sgx_read_rand(encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE);
auto msgLen = strlen(message);
sgx_status_t status = sgx_rijndael128GCM_encrypt(&AES_key, (uint8_t*)message, strlen(message),
encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE,
encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
......
secure_enclave/AESUtils.h
View file @ b46efc78
......@@ -26,7 +26,7 @@
sgx_aes_gcm_128bit_key_t AES_key;
int AES_encrypt(char *message, uint8_t *encr_message);
int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrLen);
int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t msgLen) ;
......
secure_enclave/secure_enclave.c
View file @ b46efc78
......@@ -983,7 +983,7 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
skey_str[ECDSA_SKEY_LEN - 1] = 0;
snprintf(errString, BUF_LEN, "skey len is %d\n", strlen(skey_str));
int stat = AES_encrypt(skey_str, encryptedPrivateKey);
int stat = AES_encrypt(skey_str, encryptedPrivateKey, BUF_LEN);
if (stat != 0) {
snprintf(errString, BUF_LEN, "ecdsa private key encryption failed");
......@@ -1203,7 +1203,7 @@ void trustedEncryptKeyAES(int *errStatus, char *errString, const char *key,
memset(encryptedPrivateKey, 0, BUF_LEN);
int stat = AES_encrypt(key, encryptedPrivateKey);
int stat = AES_encrypt(key, encryptedPrivateKey, BUF_LEN);
if (stat != 0) {
*errStatus = stat;
snprintf(errString, BUF_LEN, "AES encrypt failed with status %d", stat);
......@@ -1307,7 +1307,7 @@ trustedGenDkgSecretAES(int *errStatus, char *errString, uint8_t *encrypted_dkg_s
return;
}
int status = AES_encrypt(dkg_secret, encrypted_dkg_secret);
int status = AES_encrypt(dkg_secret, encrypted_dkg_secret, 3 * BUF_LEN);
if (status != SGX_SUCCESS) {
snprintf(errString, BUF_LEN, "SGX AES encrypt DKG poly failed");
......@@ -1602,7 +1602,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share
strncpy(key_share + n_zeroes, arr_skey_str, 65 - n_zeroes);
key_share[BLS_KEY_LENGTH - 1] = 0;
status = AES_encrypt(key_share, encr_bls_key);
status = AES_encrypt(key_share, encr_bls_key, BUF_LEN);
if (status != SGX_SUCCESS) {
*errStatus = -1;
......
secure_enclave/secure_enclave.edl
View file @ b46efc78
......@@ -169,7 +169,7 @@ enclave {
public void trustedGenerateEcdsaKeyAES (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = ECDSA_ENCR_LEN] uint8_t* encrypted_key,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[out] uint32_t *enc_len,
[out, count = SMALL_BUF_SIZE] char * pub_key_x,
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
......@@ -210,7 +210,7 @@ enclave {
public void trustedGenDkgSecretAES (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = 3050] uint8_t* encrypted_dkg_secret,
[out, count = 3072] uint8_t* encrypted_dkg_secret,
[out] uint32_t * enc_len, size_t _t);
public void trustedDecryptDkgSecretAES (
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment