Skip to content

S
sgxwallet
Unverified Commit b46efc78 authored by kladko's avatar kladko
Browse files
Options

SKALE-3067-cleanup-sgx

parent a81f0eb3
Hide whitespace changes
Inline Side-by-side
Showing with 29 additions and 8 deletions
secure_enclave/AESUtils.c
View file @ b46efc78
...@@ -29,8 +29,29 @@ ...@@ -29,8 +29,29 @@
#include "AESUtils.h" #include "AESUtils.h"
int AES_encrypt(char *message, uint8_t *encr_message) { int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrLen) {
if (!message) {
LOG_ERROR("Null message in AES_encrypt");
return -1;
}
if (!encr_message) {
LOG_ERROR("Null encr message in AES_encrypt");
return -2;
}
auto len = strlen(message);
if (len + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE > encrLen ) {
LOG_ERROR("Output buffer too small");
return -3;
}
sgx_read_rand(encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE); sgx_read_rand(encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE);
auto msgLen = strlen(message);
sgx_status_t status = sgx_rijndael128GCM_encrypt(&AES_key, (uint8_t*)message, strlen(message), sgx_status_t status = sgx_rijndael128GCM_encrypt(&AES_key, (uint8_t*)message, strlen(message),
encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE, encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE,
encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE, encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
......
secure_enclave/AESUtils.h
View file @ b46efc78
...@@ -26,7 +26,7 @@ ...@@ -26,7 +26,7 @@
sgx_aes_gcm_128bit_key_t AES_key; sgx_aes_gcm_128bit_key_t AES_key;
int AES_encrypt(char *message, uint8_t *encr_message); int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrLen);
int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t msgLen) ; int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t msgLen) ;
......
secure_enclave/secure_enclave.c
View file @ b46efc78
...@@ -983,7 +983,7 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString, ...@@ -983,7 +983,7 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
skey_str[ECDSA_SKEY_LEN - 1] = 0; skey_str[ECDSA_SKEY_LEN - 1] = 0;
snprintf(errString, BUF_LEN, "skey len is %d\n", strlen(skey_str)); snprintf(errString, BUF_LEN, "skey len is %d\n", strlen(skey_str));
int stat = AES_encrypt(skey_str, encryptedPrivateKey); int stat = AES_encrypt(skey_str, encryptedPrivateKey, BUF_LEN);
if (stat != 0) { if (stat != 0) {
snprintf(errString, BUF_LEN, "ecdsa private key encryption failed"); snprintf(errString, BUF_LEN, "ecdsa private key encryption failed");
...@@ -1203,7 +1203,7 @@ void trustedEncryptKeyAES(int *errStatus, char *errString, const char *key, ...@@ -1203,7 +1203,7 @@ void trustedEncryptKeyAES(int *errStatus, char *errString, const char *key,
memset(encryptedPrivateKey, 0, BUF_LEN); memset(encryptedPrivateKey, 0, BUF_LEN);
int stat = AES_encrypt(key, encryptedPrivateKey); int stat = AES_encrypt(key, encryptedPrivateKey, BUF_LEN);
if (stat != 0) { if (stat != 0) {
*errStatus = stat; *errStatus = stat;
snprintf(errString, BUF_LEN, "AES encrypt failed with status %d", stat); snprintf(errString, BUF_LEN, "AES encrypt failed with status %d", stat);
...@@ -1307,7 +1307,7 @@ trustedGenDkgSecretAES(int *errStatus, char *errString, uint8_t *encrypted_dkg_s ...@@ -1307,7 +1307,7 @@ trustedGenDkgSecretAES(int *errStatus, char *errString, uint8_t *encrypted_dkg_s
return; return;
} }
int status = AES_encrypt(dkg_secret, encrypted_dkg_secret); int status = AES_encrypt(dkg_secret, encrypted_dkg_secret, 3 * BUF_LEN);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
snprintf(errString, BUF_LEN, "SGX AES encrypt DKG poly failed"); snprintf(errString, BUF_LEN, "SGX AES encrypt DKG poly failed");
...@@ -1602,7 +1602,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share ...@@ -1602,7 +1602,7 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share
strncpy(key_share + n_zeroes, arr_skey_str, 65 - n_zeroes); strncpy(key_share + n_zeroes, arr_skey_str, 65 - n_zeroes);
key_share[BLS_KEY_LENGTH - 1] = 0; key_share[BLS_KEY_LENGTH - 1] = 0;
status = AES_encrypt(key_share, encr_bls_key); status = AES_encrypt(key_share, encr_bls_key, BUF_LEN);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
*errStatus = -1; *errStatus = -1;
......
secure_enclave/secure_enclave.edl
View file @ b46efc78
...@@ -169,7 +169,7 @@ enclave { ...@@ -169,7 +169,7 @@ enclave {
public void trustedGenerateEcdsaKeyAES ( public void trustedGenerateEcdsaKeyAES (
[out] int *errStatus, [out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string, [out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = ECDSA_ENCR_LEN] uint8_t* encrypted_key, [out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[out] uint32_t *enc_len, [out] uint32_t *enc_len,
[out, count = SMALL_BUF_SIZE] char * pub_key_x, [out, count = SMALL_BUF_SIZE] char * pub_key_x,
[out, count = SMALL_BUF_SIZE] char * pub_key_y); [out, count = SMALL_BUF_SIZE] char * pub_key_y);
...@@ -210,7 +210,7 @@ enclave { ...@@ -210,7 +210,7 @@ enclave {
public void trustedGenDkgSecretAES ( public void trustedGenDkgSecretAES (
[out] int *errStatus, [out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string, [out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = 3050] uint8_t* encrypted_dkg_secret, [out, count = 3072] uint8_t* encrypted_dkg_secret,
[out] uint32_t * enc_len, size_t _t); [out] uint32_t * enc_len, size_t _t);
public void trustedDecryptDkgSecretAES ( public void trustedDecryptDkgSecretAES (
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment