SKALE-3213-error-handling

b82888f2 · kladko · 393445b1 · b82888f2 · b82888f2 · b82888f2
Unverified Commit b82888f2 authored Sep 03, 2020 by kladko
5 changed files
--- a/BLSCrypto.cpp
+++ b/BLSCrypto.cpp
@@ -168,15 +168,11 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
    string *xStr = FqToString(&(hash_with_hint.first.X));
-    if (xStr == nullptr) {
+    CHECK_STATE(xStr);
-        cerr << "Null xStr" << endl;
-        BOOST_THROW_EXCEPTION(runtime_error("Null xStr"));
-    }
    string *yStr = FqToString(&(hash_with_hint.first.Y));
    if (yStr == nullptr) {
-        cerr << "Null yStr" << endl;
        delete xStr;
        BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
    }
@@ -222,10 +218,15 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
 }
 bool bls_sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t _n, char *_sig) {
+    CHECK_STATE(_encryptedKeyHex);
+    CHECK_STATE(_hashHex);
    return sign_aes(_encryptedKeyHex, _hashHex, _t, _n, _sig);
 }
 string encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key) {
+    CHECK_STATE(errStatus);
+    CHECK_STATE(err_string);
+    CHECK_STATE(_key);
    auto keyArray = make_shared<vector<char>>(BUF_LEN, 0);
    auto encryptedKey = make_shared<vector<uint8_t>>(BUF_LEN, 0);

--- a/BLSPrivateKeyShareSGX.cpp
+++ b/BLSPrivateKeyShareSGX.cpp
@@ -37,152 +37,152 @@
 #include "BLSPrivateKeyShareSGX.h"
-std::string *stringFromFq(libff::alt_bn128_Fq*_fq) {
+string *stringFromFq(libff::alt_bn128_Fq *_fq) {
-  mpz_t t;
-  mpz_init(t);
-  _fq->as_bigint().to_mpz(t);
+    CHECK_STATE(_fq);
-  SAFE_CHAR_BUF(arr,mpz_sizeinbase(t, 10) + 2);
+    mpz_t t;
+    mpz_init(t);
-  char *tmp = mpz_get_str(arr, 10, t);
+    _fq->as_bigint().to_mpz(t);
-  mpz_clear(t);
+    SAFE_CHAR_BUF(arr, mpz_sizeinbase(t, 10) + 2);
-  return new std::string(tmp);
+    char *tmp = mpz_get_str(arr, 10, t);
+    mpz_clear(t);
+    return new string(tmp);
 }
-std::string *stringFromG1(libff::alt_bn128_G1 *_g1) {
+string *stringFromG1(libff::alt_bn128_G1 *_g1) {
-  auto sX = stringFromFq(&_g1->X);
-  auto sY = stringFromFq(&_g1->Y);
+    CHECK_STATE(_g1);
-  auto sZ = stringFromFq(&_g1->Z);
+    auto sX = stringFromFq(&_g1->X);
+    auto sY = stringFromFq(&_g1->Y);
+    auto sZ = stringFromFq(&_g1->Z);
-  auto sG1 = new std::string(*sX + ":" +  *sY + ":" + *sZ);
+    auto sG1 = new string(*sX + ":" + *sY + ":" + *sZ);
-  delete(sX);
+    delete (sX);
-  delete(sY);
+    delete (sY);
-  delete(sZ);
+    delete (sZ);
-  return sG1;
+    return sG1;
 }
 BLSPrivateKeyShareSGX::BLSPrivateKeyShareSGX(
-    shared_ptr<string> _encryptedKeyHex, size_t _requiredSigners,
+        shared_ptr <string> _encryptedKeyHex, size_t _requiredSigners,
-    size_t _totalSigners) {
+        size_t _totalSigners) {
-  requiredSigners = _requiredSigners;
+    requiredSigners = _requiredSigners;
-  totalSigners = _totalSigners;
+    totalSigners = _totalSigners;
-  if (requiredSigners > totalSigners) {
+    if (requiredSigners > totalSigners) {
-    throw std::invalid_argument("requiredSigners > totalSigners");
+        throw invalid_argument("requiredSigners > totalSigners");
-  }
+    }
-  if (totalSigners == 0) {
+    if (totalSigners == 0) {
-    throw std::invalid_argument("totalSigners == 0");
+        throw invalid_argument("totalSigners == 0");
-  }
+    }
-  if (_encryptedKeyHex == nullptr) {
+    if (_encryptedKeyHex == nullptr) {
-    throw std::invalid_argument("Null key");
+        throw invalid_argument("Null key");
-  }
+    }
-  if (_encryptedKeyHex->size() > 2 * MAX_ENCRYPTED_KEY_LENGTH) {
+    if (_encryptedKeyHex->size() > 2 * MAX_ENCRYPTED_KEY_LENGTH) {
-    throw std::invalid_argument("Encrypted key size too long");
+        throw invalid_argument("Encrypted key size too long");
-  }
+    }
-  encryptedKeyHex = _encryptedKeyHex;
+    encryptedKeyHex = _encryptedKeyHex;
 }
-std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
+string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
-    std::shared_ptr<std::array<uint8_t, 32>> hash_byte_arr,
+        shared_ptr <array<uint8_t, 32>> hash_byte_arr,
-    size_t _signerIndex) {
+        size_t _signerIndex) {
-  shared_ptr<signatures::Bls> obj;
+    shared_ptr <signatures::Bls> obj;
-  if (hash_byte_arr == nullptr) {
+    CHECK_STATE(hash_byte_arr)
-    std::cerr << "Hash is null" << std::endl;
-    BOOST_THROW_EXCEPTION(runtime_error("Hash is null"));
-  }
-  obj = make_shared<signatures::Bls>(
+    obj = make_shared<signatures::Bls>(
-      signatures::Bls(requiredSigners, totalSigners));
+            signatures::Bls(requiredSigners, totalSigners));
-  std::pair<libff::alt_bn128_G1, std::string> hash_with_hint =
+    pair <libff::alt_bn128_G1, string> hash_with_hint =
-      obj->HashtoG1withHint(hash_byte_arr);
+            obj->HashtoG1withHint(hash_byte_arr);
-  int errStatus = 0;
+    int errStatus = 0;
-  string* xStr = stringFromFq(&(hash_with_hint.first.X));
+    string *xStr = stringFromFq(&(hash_with_hint.first.X));
-  if (xStr == nullptr) {
+    CHECK_STATE(xStr);
-    std::cerr << "Null xStr" << std::endl;
-    BOOST_THROW_EXCEPTION(runtime_error("Null xStr"));
-  }
-  string* yStr = stringFromFq(&(hash_with_hint.first.Y));
+    string *yStr = stringFromFq(&(hash_with_hint.first.Y));
-  if (yStr == nullptr) {
+    if (yStr == nullptr) {
-    std::cerr << "Null yStr" << std::endl;
+        delete xStr;
-    delete xStr;
+        BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
-    BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
+    }
-  }
-  vector<char> errMsg(BUF_LEN, 0);
+    vector<char> errMsg(BUF_LEN, 0);
-  SAFE_CHAR_BUF(xStrArg,BUF_LEN)
+    SAFE_CHAR_BUF(xStrArg, BUF_LEN)SAFE_CHAR_BUF(yStrArg, BUF_LEN)SAFE_CHAR_BUF(signature, BUF_LEN);
-  SAFE_CHAR_BUF(yStrArg,BUF_LEN)
-  SAFE_CHAR_BUF(signature,BUF_LEN);
-  strncpy(xStrArg, xStr->c_str(), BUF_LEN);
+    strncpy(xStrArg, xStr->c_str(), BUF_LEN);
-  strncpy(yStrArg, yStr->c_str(), BUF_LEN);
+    strncpy(yStrArg, yStr->c_str(), BUF_LEN);
-  delete xStr;
+    delete xStr;
-  delete yStr;
+    delete yStr;
-  size_t sz = 0;
+    size_t sz = 0;
-  SAFE_UINT8_BUF(encryptedKey,BUF_LEN);
+    SAFE_UINT8_BUF(encryptedKey, BUF_LEN);
-  bool result = hex2carray(encryptedKeyHex->c_str(), &sz, encryptedKey);
+    bool result = hex2carray(encryptedKeyHex->c_str(), &sz, encryptedKey);
-  if (!result) {
+    if (!result) {
-    spdlog::error("Invalid hex encrypted key");
+        spdlog::error("Invalid hex encrypted key");
-    BOOST_THROW_EXCEPTION(invalid_argument("Invalid hex encrypted key"));
+        BOOST_THROW_EXCEPTION(invalid_argument("Invalid hex encrypted key"));
-  }
+    }
-  sgx_status_t status =
+    sgx_status_t status =
-      trustedBlsSignMessageAES(eid, &errStatus, errMsg.data(), encryptedKey,
+            trustedBlsSignMessageAES(eid, &errStatus, errMsg.data(), encryptedKey,
-                       encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);
+                                     encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);
-  HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg.data() );
+    HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg.data());
-  int sigLen;
+    int sigLen;
-  if ((sigLen = strnlen(signature, 10)) < 10) {
+    if ((sigLen = strnlen(signature, 10)) < 10) {
-     BOOST_THROW_EXCEPTION(runtime_error("Signature is too short:" + to_string(sigLen)));
+        BOOST_THROW_EXCEPTION(runtime_error("Signature is too short:" + to_string(sigLen)));
-  }
+    }
-  std::string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" +
+    string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" +
-                     hash_with_hint.second;
+                       hash_with_hint.second;
-  std::string sig = signature;
+    string sig = signature;
-  sig.append(":");
+    sig.append(":");
-  sig.append(hint);
+    sig.append(hint);
-  return sig;
+    return sig;
 }
-std::shared_ptr<BLSSigShare> BLSPrivateKeyShareSGX::signWithHelperSGX(
+shared_ptr <BLSSigShare> BLSPrivateKeyShareSGX::signWithHelperSGX(
-    std::shared_ptr<std::array<uint8_t, 32>> hash_byte_arr,
+        shared_ptr <array<uint8_t, 32>> hash_byte_arr,
-    size_t _signerIndex) {
+        size_t _signerIndex) {
-  std::string signature = signWithHelperSGXstr(hash_byte_arr, _signerIndex);
+    CHECK_STATE(hash_byte_arr);
+    string signature = signWithHelperSGXstr(hash_byte_arr, _signerIndex);
-  auto sig = make_shared<string>(signature);
+    auto sig = make_shared<string>(signature);
-  std::shared_ptr<BLSSigShare> s = std::make_shared<BLSSigShare>(sig, _signerIndex, requiredSigners,
+    shared_ptr <BLSSigShare> s = make_shared<BLSSigShare>(sig, _signerIndex, requiredSigners,
-  totalSigners);
+                                                                    totalSigners);
-  return s;
+    return s;
 }
--- a/DKGCrypto.cpp
+++ b/DKGCrypto.cpp
@@ -44,6 +44,7 @@
 vector <string> splitString(const char *coeffs, const char symbol) {
+    CHECK_STATE(coeffs);
    string str(coeffs);
    string delim;
    delim.push_back(symbol);
@@ -132,7 +133,7 @@ string convertG2ToString(const libff::alt_bn128_G2 &elem, int base, const string
 }
 string gen_dkg_poly(int _t) {
-    vector<char> errMsg(1024, 0);
+    vector<char> errMsg(BUF_LEN, 0);
    int errStatus = 0;
    uint32_t enc_len = 0;
@@ -154,12 +155,13 @@ string gen_dkg_poly(int _t) {
 }
 vector <vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n) {
+    CHECK_STATE(encryptedPolyHex);
    vector<char> errMsg(BUF_LEN, 0);
    int errStatus = 0;
-    spdlog::debug("got encr poly size {}", char_traits<char>::length(encryptedPolyHex));
    vector<char> pubShares(10000, 0);
    uint64_t encLen = 0;
@@ -190,6 +192,9 @@ string
 getSecretShares(const string &_polyName, const char *_encryptedPolyHex, const vector <string> &_publicKeys,
                       int _t,
                       int _n) {
+    CHECK_STATE(_encryptedPolyHex);
    vector<char> hexEncrKey(BUF_LEN, 0);
    vector<char> errMsg1(BUF_LEN, 0);
    int errStatus = 0;
@@ -250,6 +255,11 @@ getSecretShares(const string &_polyName, const char *_encryptedPolyHex, const ve
 bool
 verifyShares(const char *publicShares, const char *encr_sshare, const char *encryptedKeyHex, int t, int n, int ind) {
+    CHECK_STATE(publicShares);
+    CHECK_STATE(encr_sshare);
+    CHECK_STATE(encryptedKeyHex);
    vector<char> errMsg(BUF_LEN, 0);
    int errStatus = 0;
    uint64_t decKeyLen = 0;
@@ -260,10 +270,6 @@ verifyShares(const char *publicShares, const char *encr_sshare, const char *encr
        throw SGXException(INVALID_HEX, "Invalid encryptedPolyHex");
    }
-    spdlog::debug("publicShares length is {}", char_traits<char>::length(publicShares));
    SAFE_CHAR_BUF(pshares,8193);
    strncpy(pshares, publicShares, strlen(publicShares));
@@ -280,6 +286,9 @@ verifyShares(const char *publicShares, const char *encr_sshare, const char *encr
 bool createBLSShare(const string &blsKeyName, const char *s_shares, const char *encryptedKeyHex) {
+    CHECK_STATE(s_shares);
+    CHECK_STATE(encryptedKeyHex);
    vector<char> errMsg(BUF_LEN,0);
    int errStatus = 0;
@@ -308,6 +317,9 @@ bool createBLSShare(const string &blsKeyName, const char *s_shares, const char *
 }
 vector <string> getBLSPubKey(const char *encryptedKeyHex) {
+    CHECK_STATE(encryptedKeyHex);
    vector<char> errMsg1(BUF_LEN, 0);
    int errStatus = 0;
@@ -382,7 +394,7 @@ vector <string> calculateAllBlsPublicKeys(const vector <string> &public_shares)
 }
 string decryptDHKey(const string &polyName, int ind) {
-    vector<char> errMsg1(1024, 0);
+    vector<char> errMsg1(BUF_LEN, 0);
    int errStatus = 0;
    string DH_key_name = polyName + "_" + to_string(ind) + ":";

--- a/ECDSACrypto.cpp
+++ b/ECDSACrypto.cpp
@@ -48,11 +48,11 @@ void fillRandomBuffer(vector<unsigned char> &_buffer) {
 }
 vector <string> genECDSAKey() {
-    vector<char> errMsg(1024, 0);
+    vector<char> errMsg(BUF_LEN, 0);
    int errStatus = 0;
-    vector <uint8_t> encr_pr_key(1024, 0);
+    vector <uint8_t> encr_pr_key(BUF_LEN, 0);
-    vector<char> pub_key_x(1024, 0);
+    vector<char> pub_key_x(BUF_LEN, 0);
-    vector<char> pub_key_y(1024, 0);
+    vector<char> pub_key_y(BUF_LEN, 0);
    uint32_t enc_len = 0;
@@ -114,6 +114,11 @@ string getECDSAPubKey(const std::string& _encryptedKeyHex) {
 bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatureR,
        const char *signatureS, int base) {
+    CHECK_STATE(hashHex)
+    CHECK_STATE(signatureR)
+    CHECK_STATE(signatureS)
    auto x = pubKeyStr.substr(0, 64);
    auto y = pubKeyStr.substr(64, 128);
@@ -157,13 +162,16 @@ bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatur
 }
 vector <string> ecdsaSignHash(const std::string& encryptedKeyHex, const char *hashHex, int base) {
+    CHECK_STATE(hashHex);
    vector <string> signatureVector(3);
-    vector<char> errMsg(1024, 0);
+    vector<char> errMsg(BUF_LEN, 0);
    int errStatus = 0;
-    vector<char> signatureR(1024, 0);
+    vector<char> signatureR(BUF_LEN, 0);
-    vector<char> signatureS(1024, 0);
+    vector<char> signatureS(BUF_LEN, 0);
-    vector<uint8_t> encryptedKey(1024, 0);
+    vector<uint8_t> encryptedKey(BUF_LEN, 0);
    uint8_t signatureV = 0;
    uint64_t decLen = 0;

--- a/SEKManager.cpp
+++ b/SEKManager.cpp
@@ -66,12 +66,6 @@ void create_test_key() {
    carray2Hex(encrypted_key, enc_len, hexEncrKey.data());
-    uint64_t test_len;
-    vector <uint8_t> test_encr_key(1024, 0);
-    if (!hex2carray(hexEncrKey.data(), &test_len, test_encr_key.data())) {
-        cerr << "wrong encrypted test key" << endl;
-    }
    LevelDB::getLevelDb()->writeDataUnique("TEST_KEY", hexEncrKey.data());
 }
@@ -80,8 +74,9 @@ shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {
    shared_ptr <string> test_key_ptr = LevelDB::getLevelDb()->readString("TEST_KEY");
    vector <uint8_t> encr_test_key(BUF_LEN, 0);
    uint64_t len;
    if (!hex2carray(test_key_ptr->c_str(), &len, encr_test_key.data())) {
-        spdlog::error("wrong test key");
+        spdlog::error("Corrupt test key is LevelDB");
        exit(-1);
    }
@@ -97,14 +92,16 @@ shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {
    HANDLE_TRUSTED_FUNCTION_ERROR(status, err_status, errMsg.data());
    status = trustedDecryptKeyAES(eid, &err_status, errMsg.data(), encr_test_key.data(), len, decr_key.data());
    HANDLE_TRUSTED_FUNCTION_ERROR(status, err_status, errMsg.data());
    string test_key = TEST_VALUE;
    if (test_key.compare(decr_key.data()) != 0) {
-        spdlog::error("Invalid SEK");
+        spdlog::error("Invalid storage key. You need to recover using backup key");
+        spdlog::error("Set the correct backup key into sgx_datasgxwallet_backup_key.txt");
+        spdlog::error("Then run sgxwallet using backup flag");
        exit(-1);
    }
@@ -119,7 +116,7 @@ void gen_SEK() {
    vector <uint8_t> encrypted_SEK(1024, 0);
    uint32_t enc_len = 0;
-    SAFE_CHAR_BUF(SEK,65);
+    SAFE_CHAR_BUF(SEK, 65);
    spdlog::info("Generating backup key. Will be stored in backup_key.txt ... ");
@@ -164,6 +161,9 @@ void gen_SEK() {
 }
 void setSEK(shared_ptr <string> hex_encrypted_SEK) {
+    CHECK_STATE(hex_encrypted_SEK);
    vector<char> errMsg(1024, 0);
    int err_status = 0;
@@ -187,7 +187,6 @@ void setSEK(shared_ptr <string> hex_encrypted_SEK) {
 void enter_SEK() {
    shared_ptr <string> test_key_ptr = LevelDB::getLevelDb()->readString("TEST_KEY");
    if (test_key_ptr == nullptr) {
        spdlog::error("Error: corrupt or empty LevelDB database");