SKALE-3213-error-handling

b82888f2 · kladko · 393445b1 · b82888f2 · b82888f2 · b82888f2
Unverified Commit b82888f2 authored Sep 03, 2020 by kladko
5 changed files
--- a/BLSCrypto.cpp
+++ b/BLSCrypto.cpp
@@ -168,15 +168,11 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz

    string *xStr = FqToString(&(hash_with_hint.first.X));

-    if (xStr == nullptr) {
-        cerr << "Null xStr" << endl;
-        BOOST_THROW_EXCEPTION(runtime_error("Null xStr"));
-    }
+    CHECK_STATE(xStr);

    string *yStr = FqToString(&(hash_with_hint.first.Y));

    if (yStr == nullptr) {
-        cerr << "Null yStr" << endl;
        delete xStr;
        BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
    }
@@ -222,10 +218,15 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
 }

 bool bls_sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t _n, char *_sig) {
+    CHECK_STATE(_encryptedKeyHex);
+    CHECK_STATE(_hashHex);
    return sign_aes(_encryptedKeyHex, _hashHex, _t, _n, _sig);
 }

 string encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key) {
+    CHECK_STATE(errStatus);
+    CHECK_STATE(err_string);
+    CHECK_STATE(_key);
    auto keyArray = make_shared<vector<char>>(BUF_LEN, 0);
    auto encryptedKey = make_shared<vector<uint8_t>>(BUF_LEN, 0);


--- a/BLSPrivateKeyShareSGX.cpp
+++ b/BLSPrivateKeyShareSGX.cpp
@@ -37,89 +37,88 @@

 #include "BLSPrivateKeyShareSGX.h"

-std::string *stringFromFq(libff::alt_bn128_Fq*_fq) {
+string *stringFromFq(libff::alt_bn128_Fq *_fq) {
+
+    CHECK_STATE(_fq);
+
    mpz_t t;
    mpz_init(t);

    _fq->as_bigint().to_mpz(t);

-  SAFE_CHAR_BUF(arr,mpz_sizeinbase(t, 10) + 2);
+    SAFE_CHAR_BUF(arr, mpz_sizeinbase(t, 10) + 2);

    char *tmp = mpz_get_str(arr, 10, t);

    mpz_clear(t);

-  return new std::string(tmp);
+    return new string(tmp);
 }

-std::string *stringFromG1(libff::alt_bn128_G1 *_g1) {
+string *stringFromG1(libff::alt_bn128_G1 *_g1) {
+
+    CHECK_STATE(_g1);
+
    auto sX = stringFromFq(&_g1->X);
    auto sY = stringFromFq(&_g1->Y);
    auto sZ = stringFromFq(&_g1->Z);

-  auto sG1 = new std::string(*sX + ":" +  *sY + ":" + *sZ);
+    auto sG1 = new string(*sX + ":" + *sY + ":" + *sZ);

-  delete(sX);
-  delete(sY);
-  delete(sZ);
+    delete (sX);
+    delete (sY);
+    delete (sZ);

    return sG1;
 }

 BLSPrivateKeyShareSGX::BLSPrivateKeyShareSGX(
-    shared_ptr<string> _encryptedKeyHex, size_t _requiredSigners,
+        shared_ptr <string> _encryptedKeyHex, size_t _requiredSigners,
        size_t _totalSigners) {
    requiredSigners = _requiredSigners;
    totalSigners = _totalSigners;

    if (requiredSigners > totalSigners) {
-    throw std::invalid_argument("requiredSigners > totalSigners");
+        throw invalid_argument("requiredSigners > totalSigners");
    }

    if (totalSigners == 0) {
-    throw std::invalid_argument("totalSigners == 0");
+        throw invalid_argument("totalSigners == 0");
    }

    if (_encryptedKeyHex == nullptr) {
-    throw std::invalid_argument("Null key");
+        throw invalid_argument("Null key");
    }

    if (_encryptedKeyHex->size() > 2 * MAX_ENCRYPTED_KEY_LENGTH) {
-    throw std::invalid_argument("Encrypted key size too long");
+        throw invalid_argument("Encrypted key size too long");
    }

    encryptedKeyHex = _encryptedKeyHex;
 }

-std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
-    std::shared_ptr<std::array<uint8_t, 32>> hash_byte_arr,
+string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
+        shared_ptr <array<uint8_t, 32>> hash_byte_arr,
        size_t _signerIndex) {
-  shared_ptr<signatures::Bls> obj;
+    shared_ptr <signatures::Bls> obj;

-  if (hash_byte_arr == nullptr) {
-    std::cerr << "Hash is null" << std::endl;
-    BOOST_THROW_EXCEPTION(runtime_error("Hash is null"));
-  }
+    CHECK_STATE(hash_byte_arr)

    obj = make_shared<signatures::Bls>(
            signatures::Bls(requiredSigners, totalSigners));

-  std::pair<libff::alt_bn128_G1, std::string> hash_with_hint =
+    pair <libff::alt_bn128_G1, string> hash_with_hint =
            obj->HashtoG1withHint(hash_byte_arr);

    int errStatus = 0;

-  string* xStr = stringFromFq(&(hash_with_hint.first.X));
+    string *xStr = stringFromFq(&(hash_with_hint.first.X));

-  if (xStr == nullptr) {
-    std::cerr << "Null xStr" << std::endl;
-    BOOST_THROW_EXCEPTION(runtime_error("Null xStr"));
-  }
+    CHECK_STATE(xStr);

-  string* yStr = stringFromFq(&(hash_with_hint.first.Y));
+    string *yStr = stringFromFq(&(hash_with_hint.first.Y));

    if (yStr == nullptr) {
-    std::cerr << "Null yStr" << std::endl;
        delete xStr;
        BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
    }
@@ -128,9 +127,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
    vector<char> errMsg(BUF_LEN, 0);


-  SAFE_CHAR_BUF(xStrArg,BUF_LEN)
-  SAFE_CHAR_BUF(yStrArg,BUF_LEN)
-  SAFE_CHAR_BUF(signature,BUF_LEN);
+    SAFE_CHAR_BUF(xStrArg, BUF_LEN)SAFE_CHAR_BUF(yStrArg, BUF_LEN)SAFE_CHAR_BUF(signature, BUF_LEN);


    strncpy(xStrArg, xStr->c_str(), BUF_LEN);
@@ -141,7 +138,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(

    size_t sz = 0;

-  SAFE_UINT8_BUF(encryptedKey,BUF_LEN);
+    SAFE_UINT8_BUF(encryptedKey, BUF_LEN);

    bool result = hex2carray(encryptedKeyHex->c_str(), &sz, encryptedKey);

@@ -154,7 +151,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
            trustedBlsSignMessageAES(eid, &errStatus, errMsg.data(), encryptedKey,
                                     encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);

-  HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg.data() );
+    HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg.data());


    int sigLen;
@@ -163,10 +160,10 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
        BOOST_THROW_EXCEPTION(runtime_error("Signature is too short:" + to_string(sigLen)));
    }

-  std::string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" +
+    string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" +
                       hash_with_hint.second;

-  std::string sig = signature;
+    string sig = signature;

    sig.append(":");
    sig.append(hint);
@@ -174,14 +171,17 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
    return sig;
 }

-std::shared_ptr<BLSSigShare> BLSPrivateKeyShareSGX::signWithHelperSGX(
-    std::shared_ptr<std::array<uint8_t, 32>> hash_byte_arr,
+shared_ptr <BLSSigShare> BLSPrivateKeyShareSGX::signWithHelperSGX(
+        shared_ptr <array<uint8_t, 32>> hash_byte_arr,
        size_t _signerIndex) {
-  std::string signature = signWithHelperSGXstr(hash_byte_arr, _signerIndex);
+
+    CHECK_STATE(hash_byte_arr);
+
+    string signature = signWithHelperSGXstr(hash_byte_arr, _signerIndex);

    auto sig = make_shared<string>(signature);

-  std::shared_ptr<BLSSigShare> s = std::make_shared<BLSSigShare>(sig, _signerIndex, requiredSigners,
+    shared_ptr <BLSSigShare> s = make_shared<BLSSigShare>(sig, _signerIndex, requiredSigners,
                                                                    totalSigners);

    return s;

--- a/DKGCrypto.cpp
+++ b/DKGCrypto.cpp
@@ -44,6 +44,7 @@


 vector <string> splitString(const char *coeffs, const char symbol) {
+    CHECK_STATE(coeffs);
    string str(coeffs);
    string delim;
    delim.push_back(symbol);
@@ -132,7 +133,7 @@ string convertG2ToString(const libff::alt_bn128_G2 &elem, int base, const string
 }

 string gen_dkg_poly(int _t) {
-    vector<char> errMsg(1024, 0);
+    vector<char> errMsg(BUF_LEN, 0);
    int errStatus = 0;
    uint32_t enc_len = 0;

@@ -154,12 +155,13 @@ string gen_dkg_poly(int _t) {
 }

 vector <vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n) {
+
+    CHECK_STATE(encryptedPolyHex);
+
    vector<char> errMsg(BUF_LEN, 0);

    int errStatus = 0;

-    spdlog::debug("got encr poly size {}", char_traits<char>::length(encryptedPolyHex));
-
    vector<char> pubShares(10000, 0);

    uint64_t encLen = 0;
@@ -190,6 +192,9 @@ string
 getSecretShares(const string &_polyName, const char *_encryptedPolyHex, const vector <string> &_publicKeys,
                       int _t,
                       int _n) {
+
+    CHECK_STATE(_encryptedPolyHex);
+
    vector<char> hexEncrKey(BUF_LEN, 0);
    vector<char> errMsg1(BUF_LEN, 0);
    int errStatus = 0;
@@ -250,6 +255,11 @@ getSecretShares(const string &_polyName, const char *_encryptedPolyHex, const ve

 bool
 verifyShares(const char *publicShares, const char *encr_sshare, const char *encryptedKeyHex, int t, int n, int ind) {
+
+    CHECK_STATE(publicShares);
+    CHECK_STATE(encr_sshare);
+    CHECK_STATE(encryptedKeyHex);
+
    vector<char> errMsg(BUF_LEN, 0);
    int errStatus = 0;
    uint64_t decKeyLen = 0;
@@ -260,10 +270,6 @@ verifyShares(const char *publicShares, const char *encr_sshare, const char *encr
        throw SGXException(INVALID_HEX, "Invalid encryptedPolyHex");
    }

-
-
-    spdlog::debug("publicShares length is {}", char_traits<char>::length(publicShares));
-
    SAFE_CHAR_BUF(pshares,8193);
    strncpy(pshares, publicShares, strlen(publicShares));

@@ -280,6 +286,9 @@ verifyShares(const char *publicShares, const char *encr_sshare, const char *encr

 bool createBLSShare(const string &blsKeyName, const char *s_shares, const char *encryptedKeyHex) {

+    CHECK_STATE(s_shares);
+    CHECK_STATE(encryptedKeyHex);
+
    vector<char> errMsg(BUF_LEN,0);
    int errStatus = 0;

@@ -308,6 +317,9 @@ bool createBLSShare(const string &blsKeyName, const char *s_shares, const char *
 }

 vector <string> getBLSPubKey(const char *encryptedKeyHex) {
+
+    CHECK_STATE(encryptedKeyHex);
+
    vector<char> errMsg1(BUF_LEN, 0);
    int errStatus = 0;

@@ -382,7 +394,7 @@ vector <string> calculateAllBlsPublicKeys(const vector <string> &public_shares)
 }

 string decryptDHKey(const string &polyName, int ind) {
-    vector<char> errMsg1(1024, 0);
+    vector<char> errMsg1(BUF_LEN, 0);
    int errStatus = 0;

    string DH_key_name = polyName + "_" + to_string(ind) + ":";

--- a/ECDSACrypto.cpp
+++ b/ECDSACrypto.cpp
@@ -48,11 +48,11 @@ void fillRandomBuffer(vector<unsigned char> &_buffer) {
 }

 vector <string> genECDSAKey() {
-    vector<char> errMsg(1024, 0);
+    vector<char> errMsg(BUF_LEN, 0);
    int errStatus = 0;
-    vector <uint8_t> encr_pr_key(1024, 0);
-    vector<char> pub_key_x(1024, 0);
-    vector<char> pub_key_y(1024, 0);
+    vector <uint8_t> encr_pr_key(BUF_LEN, 0);
+    vector<char> pub_key_x(BUF_LEN, 0);
+    vector<char> pub_key_y(BUF_LEN, 0);

    uint32_t enc_len = 0;

@@ -114,6 +114,11 @@ string getECDSAPubKey(const std::string& _encryptedKeyHex) {

 bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatureR,
        const char *signatureS, int base) {
+
+    CHECK_STATE(hashHex)
+    CHECK_STATE(signatureR)
+    CHECK_STATE(signatureS)
+
    auto x = pubKeyStr.substr(0, 64);
    auto y = pubKeyStr.substr(64, 128);

@@ -157,13 +162,16 @@ bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatur
 }

 vector <string> ecdsaSignHash(const std::string& encryptedKeyHex, const char *hashHex, int base) {
+
+    CHECK_STATE(hashHex);
+
    vector <string> signatureVector(3);

-    vector<char> errMsg(1024, 0);
+    vector<char> errMsg(BUF_LEN, 0);
    int errStatus = 0;
-    vector<char> signatureR(1024, 0);
-    vector<char> signatureS(1024, 0);
-    vector<uint8_t> encryptedKey(1024, 0);
+    vector<char> signatureR(BUF_LEN, 0);
+    vector<char> signatureS(BUF_LEN, 0);
+    vector<uint8_t> encryptedKey(BUF_LEN, 0);
    uint8_t signatureV = 0;
    uint64_t decLen = 0;


--- a/SEKManager.cpp
+++ b/SEKManager.cpp
@@ -66,12 +66,6 @@ void create_test_key() {

    carray2Hex(encrypted_key, enc_len, hexEncrKey.data());

-    uint64_t test_len;
-    vector <uint8_t> test_encr_key(1024, 0);
-    if (!hex2carray(hexEncrKey.data(), &test_len, test_encr_key.data())) {
-        cerr << "wrong encrypted test key" << endl;
-    }
-
    LevelDB::getLevelDb()->writeDataUnique("TEST_KEY", hexEncrKey.data());
 }

@@ -80,8 +74,9 @@ shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {
    shared_ptr <string> test_key_ptr = LevelDB::getLevelDb()->readString("TEST_KEY");
    vector <uint8_t> encr_test_key(BUF_LEN, 0);
    uint64_t len;
+
    if (!hex2carray(test_key_ptr->c_str(), &len, encr_test_key.data())) {
-        spdlog::error("wrong test key");
+        spdlog::error("Corrupt test key is LevelDB");
        exit(-1);
    }

@@ -97,14 +92,16 @@ shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {

    HANDLE_TRUSTED_FUNCTION_ERROR(status, err_status, errMsg.data());

-
    status = trustedDecryptKeyAES(eid, &err_status, errMsg.data(), encr_test_key.data(), len, decr_key.data());

    HANDLE_TRUSTED_FUNCTION_ERROR(status, err_status, errMsg.data());

    string test_key = TEST_VALUE;
+
    if (test_key.compare(decr_key.data()) != 0) {
-        spdlog::error("Invalid SEK");
+        spdlog::error("Invalid storage key. You need to recover using backup key");
+        spdlog::error("Set the correct backup key into sgx_datasgxwallet_backup_key.txt");
+        spdlog::error("Then run sgxwallet using backup flag");
        exit(-1);
    }

@@ -119,7 +116,7 @@ void gen_SEK() {
    vector <uint8_t> encrypted_SEK(1024, 0);
    uint32_t enc_len = 0;

-    SAFE_CHAR_BUF(SEK,65);
+    SAFE_CHAR_BUF(SEK, 65);

    spdlog::info("Generating backup key. Will be stored in backup_key.txt ... ");

@@ -164,6 +161,9 @@ void gen_SEK() {
 }

 void setSEK(shared_ptr <string> hex_encrypted_SEK) {
+
+    CHECK_STATE(hex_encrypted_SEK);
+
    vector<char> errMsg(1024, 0);
    int err_status = 0;

@@ -187,7 +187,6 @@ void setSEK(shared_ptr <string> hex_encrypted_SEK) {

 void enter_SEK() {

-
    shared_ptr <string> test_key_ptr = LevelDB::getLevelDb()->readString("TEST_KEY");
    if (test_key_ptr == nullptr) {
        spdlog::error("Error: corrupt or empty LevelDB database");