Skip to content

S
sgxwallet
Unverified Commit b95ab32d authored by Stan Kladko's avatar Stan Kladko Committed by GitHub
Browse files
Options

Merge pull request #140 from skalenetwork/SKALE-3067-cleanip2 

Skale 3067 cleanip2
parents 0637814a b000e648
Show whitespace changes
Inline Side-by-side
Showing with 38 additions and 1232 deletions
BLSPrivateKeyShareSGX.cpp
View file @ b95ab32d
...@@ -151,7 +151,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr( ...@@ -151,7 +151,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
cerr << "Key is " + *encryptedKeyHex << endl; cerr << "Key is " + *encryptedKeyHex << endl;
sgx_status_t status = sgx_status_t status =
trustedBlsSignMessage(eid, &errStatus, errMsg, encryptedKey, trustedBlsSignMessageAES(eid, &errStatus, errMsg, encryptedKey,
encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature); encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);
printf("sig is: %s\n", signature); printf("sig is: %s\n", signature);
......
Log.h
View file @ b95ab32d
...@@ -79,7 +79,7 @@ public: ...@@ -79,7 +79,7 @@ public:
#define HANDLE_SGX_EXCEPTION(__RESULT__) \ #define HANDLE_SGX_EXCEPTION(__RESULT__) \
catch (SGXException& _e) { \ catch (SGXException& _e) { \
__RESULT__["status"] = _e.status; \ if (_e.status != 0) {__RESULT__["status"] = _e.status;} else { __RESULT__["status"] = UNKNOWN_ERROR;}; \
__RESULT__["errorMessage"] = _e.errString; \ __RESULT__["errorMessage"] = _e.errString; \
return __RESULT__; \ return __RESULT__; \
} catch (exception& _e) { \ } catch (exception& _e) { \
......
secure_enclave/secure_enclave.c
View file @ b95ab32d
...@@ -176,856 +176,12 @@ void get_global_random(unsigned char *_randBuff, uint64_t _size) { ...@@ -176,856 +176,12 @@ void get_global_random(unsigned char *_randBuff, uint64_t _size) {
} }
void trustedGenerateEcdsaKey(int *errStatus, char *errString,
uint8_t *encryptedPrivateKey, uint32_t *enc_len, char *pub_key_x, char *pub_key_y) {
LOG_DEBUG(__FUNCTION__);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
CHECK_STATE(encryptedPrivateKey);
CHECK_STATE(pub_key_x);
CHECK_STATE(pub_key_y);
SAFE_CHAR_BUF(rand_char, 32);
get_global_random(rand_char, 32);
mpz_t seed;
mpz_init(seed);
mpz_import(seed, 32, 1, sizeof(rand_char[0]), 0, 0, rand_char);
mpz_t skey;
mpz_init(skey);
mpz_mod(skey, seed, curve->p);
//Public key
point Pkey = point_init();
signature_extract_public_key(Pkey, skey, curve);
SAFE_CHAR_BUF(arr_x, BUF_LEN);
mpz_get_str(arr_x, ECDSA_SKEY_BASE, Pkey->x);
int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0';
}
strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes);
SAFE_CHAR_BUF(arr_y, BUF_LEN);
mpz_get_str(arr_y, ECDSA_SKEY_BASE, Pkey->y);
n_zeroes = 64 - strlen(arr_y);
for (int i = 0; i < n_zeroes; i++) {
pub_key_y[i] = '0';
}
strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes);
SAFE_CHAR_BUF(skey_str, BUF_LEN);
mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey);
snprintf(errString, BUF_LEN, "skey len is %d\n", strlen(skey_str));
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
sgx_status_t status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t *) skey_str, sealedLen,
(sgx_sealed_data_t *) encryptedPrivateKey);
if (status != SGX_SUCCESS) {
snprintf(errString, BUF_LEN, "seal ecsdsa private key failed");
*errStatus = status;
goto clean;
}
*enc_len = sealedLen;
*errStatus = 0;
clean:
mpz_clear(seed);
mpz_clear(skey);
point_clear(Pkey);
}
void trustedGetPublicEcdsaKey(int *errStatus, char *errString,
uint8_t *encryptedPrivateKey, uint32_t dec_len, char *pub_key_x, char *pub_key_y) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(encryptedPrivateKey);
CHECK_STATE(errString);
CHECK_STATE(pub_key_x);
CHECK_STATE(pub_key_y);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
mpz_t privateKeyMpz;
mpz_init(privateKeyMpz);
point Pkey = point_init();
point Pkey_test = point_init();
SAFE_CHAR_BUF(skey, ECDSA_SKEY_LEN);
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) skey, &dec_len);
if (status != SGX_SUCCESS) {
snprintf(errString, BUF_LEN, "sgx_unseal_data failed with status %d", status);
*errStatus = status;
LOG_ERROR(errString);
return;
}
if (mpz_set_str(privateKeyMpz, skey, ECDSA_SKEY_BASE) == -1) {
snprintf(errString, BUF_LEN, "wrong string to init private key");
LOG_ERROR(errString);
*errStatus = -10;
goto clean;
}
//Public key
signature_extract_public_key(Pkey, privateKeyMpz, curve);
point_multiplication(Pkey_test, privateKeyMpz, curve->G, curve);
if (!point_cmp(Pkey, Pkey_test)) {
snprintf(errString, BUF_LEN, "Points are not equal");
LOG_ERROR(errString);
*errStatus = -11;
goto clean;
}
int len = mpz_sizeinbase(Pkey->x, ECDSA_SKEY_BASE) + 2;
SAFE_CHAR_BUF(arr_x, BUF_LEN);
mpz_get_str(arr_x, ECDSA_SKEY_BASE, Pkey->x);
int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0';
}
strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes);
SAFE_CHAR_BUF(arr_y, BUF_LEN);
mpz_get_str(arr_y, ECDSA_SKEY_BASE, Pkey->y);
n_zeroes = 64 - strlen(arr_y);
for (int i = 0; i < n_zeroes; i++) {
pub_key_y[i] = '0';
}
strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes);
*errStatus = 0;
clean:
mpz_clear(privateKeyMpz);
point_clear(Pkey);
point_clear(Pkey_test);
}
void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivateKey, uint32_t dec_len,
unsigned char *hash, char *sigR, char *sigS, uint8_t *sig_v, int base) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(encryptedPrivateKey);
CHECK_STATE(hash);
CHECK_STATE(sigR);
CHECK_STATE(sigS);
CHECK_STATE(base > 0);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
SAFE_CHAR_BUF(privateKey, ECDSA_SKEY_LEN);
signature sign = signature_init();
point publicKey = point_init();
if (strnlen(hash, 64) > 64) {
*errStatus = 2;
char *msg = "Hash too long";
LOG_ERROR(msg);
snprintf(errString, BUF_LEN, msg);
goto clean;
}
mpz_t msgMpz;
mpz_init(msgMpz);
if (mpz_set_str(msgMpz, hash, 16) == -1) {
*errStatus = 1;
snprintf(errString, BUF_LEN, "invalid message hash %s", hash);
LOG_ERROR(errString);
goto clean;
}
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) privateKey, &dec_len);
if (status != SGX_SUCCESS) {
*errStatus = status;
snprintf(errString, BUF_LEN,
"sgx_unseal_data failed for encryptedPrivateKey:status %d", status);
LOG_ERROR(errString);
goto clean;
}
mpz_t privateKeyMpz;
mpz_init(privateKeyMpz);
if (mpz_set_str(privateKeyMpz, privateKey, ECDSA_SKEY_BASE) == -1) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "mpz_set_str(privateKeyMpz ...) failed");
LOG_ERROR(errString);
goto clean;
}
signature_sign(sign, msgMpz, privateKeyMpz, curve);
signature_extract_public_key(publicKey, privateKeyMpz, curve);
if (!signature_verify(msgMpz, sign, publicKey, curve)) {
*errStatus = 2;
snprintf(errString, BUF_LEN, "ECDSA signature is not verified");
LOG_ERROR(errString);
goto clean;
}
SAFE_CHAR_BUF(arrR, BUF_LEN);
mpz_get_str(arrR, base, sign->r);
strncpy(sigR, arrR, BUF_LEN);
SAFE_CHAR_BUF(arrS, BUF_LEN);
mpz_get_str(arrS, base, sign->s);
strncpy(sigS, arrS, BUF_LEN);
*sig_v = sign->v;
*errStatus = 0;
clean:
mpz_clear(privateKeyMpz);
mpz_clear(msgMpz);
point_clear(publicKey);
signature_free(sign);
return;
}
void trustedEncryptKey(int *errStatus, char *errString, const char *key,
uint8_t *encryptedPrivateKey, uint32_t *enc_len) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(key);
CHECK_STATE(encryptedPrivateKey);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
if (sealedLen > BUF_LEN) {
*errStatus = ENCRYPTED_KEY_TOO_LONG;
snprintf(errString, BUF_LEN, "sealedLen > MAX_ENCRYPTED_KEY_LENGTH");
LOG_ERROR(errString);
goto clean;
}
memset(encryptedPrivateKey, 0, BUF_LEN);
sgx_status_t status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t *) key, sealedLen,
(sgx_sealed_data_t *) encryptedPrivateKey);
if (status != SGX_SUCCESS) {
*errStatus = SEAL_KEY_FAILED;
snprintf(errString, BUF_LEN, "SGX seal data failed with status %d", status);
return;
}
*enc_len = sealedLen;
SAFE_CHAR_BUF(decryptedKey, BUF_LEN);
trustedDecryptKey(errStatus, errString, encryptedPrivateKey, sealedLen, decryptedKey);
if (*errStatus != 0) {
snprintf(errString + strlen(errString), BUF_LEN, ":trustedDecryptKey failed");
LOG_ERROR(errString);
goto clean;
}
uint64_t decryptedKeyLen = strnlen(decryptedKey, MAX_KEY_LENGTH);
if (decryptedKeyLen == MAX_KEY_LENGTH) {
snprintf(errString, BUF_LEN, "Decrypted key is not null terminated");
LOG_ERROR(errString);
goto clean;
}
*errStatus = -8;
if (strncmp(key, decryptedKey, MAX_KEY_LENGTH) != 0) {
snprintf(errString, BUF_LEN, "Decrypted key does not match original key");
LOG_ERROR(errString);
goto clean;
}
*errStatus = 0;
clean:
;
}
void trustedDecryptKey(int *errStatus, char *errString, uint8_t *encryptedPrivateKey,
uint32_t enc_len, char *key) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(key);
uint32_t decLen;
*errString = 0;
*errStatus = UNKNOWN_ERROR;
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) key, &decLen);
if (status != SGX_SUCCESS) {
*errStatus = status;
snprintf(errString, BUF_LEN, "sgx_unseal_data failed with status %d", status);
LOG_ERROR(errString);
goto clean;
}
if (decLen > MAX_KEY_LENGTH) {
snprintf(errString, BUF_LEN, "wrong decLen");
LOG_ERROR(errString);
goto clean;
}
*errStatus = -10;
uint64_t keyLen = strnlen(key, MAX_KEY_LENGTH);
if (keyLen == MAX_KEY_LENGTH) {
snprintf(errString, BUF_LEN, "Key is not null terminated");
LOG_ERROR(errString);
goto clean;
}
*errStatus = 0;
clean:
;
}
void trustedBlsSignMessage(int *errStatus, char *errString, uint8_t *encryptedPrivateKey,
uint32_t enc_len, char *_hashX,
char *_hashY, char *signature) {
LOG_DEBUG(__FUNCTION__);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
CHECK_STATE(encryptedPrivateKey);
CHECK_STATE(_hashX);
CHECK_STATE(_hashY);
CHECK_STATE(signature);
SAFE_CHAR_BUF(key, BUF_LEN);SAFE_CHAR_BUF(sig, BUF_LEN);
trustedDecryptKey(errStatus, errString, encryptedPrivateKey, enc_len, key);
if (*errStatus != 0) {
strncpy(signature, errString, BUF_LEN);
LOG_ERROR(errString);
goto clean;
}
enclave_sign(key, _hashX, _hashY, sig);
strncpy(signature, sig, BUF_LEN);
if (strnlen(signature, BUF_LEN) < 10) {
*errStatus = -1;
strncpy(errString, "signature too short", BUF_LEN);
LOG_ERROR(errString);
goto clean;
}
*errStatus = 0;
clean:
;
}
void trustedGenDkgSecret(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint32_t *enc_len, size_t _t) {
LOG_DEBUG(__FUNCTION__);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
CHECK_STATE(encrypted_dkg_secret);
SAFE_CHAR_BUF(dkg_secret, DKG_BUFER_LENGTH);
if (gen_dkg_poly(dkg_secret, _t) != 0) {
*errStatus = -1;
strncpy(errString, "Couldnt generate poly", BUF_LEN);
LOG_ERROR(errString);
goto clean;
}
uint32_t sealedLen = sgx_calc_sealed_data_size(0, DKG_BUFER_LENGTH);
sgx_status_t status = sgx_seal_data(0, NULL, DKG_BUFER_LENGTH, (uint8_t *) dkg_secret, sealedLen,
(sgx_sealed_data_t *) encrypted_dkg_secret);
if (status != SGX_SUCCESS) {
snprintf(errString, BUF_LEN, "SGX seal data failed");
LOG_ERROR(errString);
*errStatus = status;
goto clean;
}
*enc_len = sealedLen;
*errStatus = 0;
clean:
;
}
void
trustedDecryptDkgSecret(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint8_t *decrypted_dkg_secret,
uint32_t *dec_len) {
LOG_DEBUG(__FUNCTION__);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
CHECK_STATE(encrypted_dkg_secret);
uint32_t decr_len;
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_dkg_secret, NULL, 0, decrypted_dkg_secret, &decr_len);
if (status != SGX_SUCCESS) {
snprintf(errString, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", status);
LOG_ERROR(errString);
*errStatus = status;
goto clean;
}
*dec_len = decr_len;
*errStatus = 0;
clean:
;
}
void trustedGetSecretShares(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint32_t *dec_len,
char *secret_shares,
unsigned _t, unsigned _n) {
CHECK_STATE(encrypted_dkg_secret);
CHECK_STATE(secret_shares);
CHECK_STATE(_t <= _n);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
LOG_DEBUG(__FUNCTION__);
SAFE_CHAR_BUF(decrypted_dkg_secret, DKG_BUFER_LENGTH);
uint32_t decr_len;
trustedDecryptDkgSecret(errStatus, errString, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, &decr_len);
if (*errStatus != 0) {
snprintf(errString, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", *errStatus);
LOG_ERROR(errString);
goto clean;
}
*dec_len = decr_len;
calc_secret_shares(decrypted_dkg_secret, secret_shares, _t, _n);
*errStatus = 0;
clean:
;
}
void trustedGetPublicShares(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret, uint32_t enc_len,
char *public_shares,
unsigned _t, unsigned _n) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(encrypted_dkg_secret);
CHECK_STATE(public_shares);
CHECK_STATE(_t <= _n);
CHECK_STATE(_n > 0);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
SAFE_CHAR_BUF(decrypted_dkg_secret, DKG_MAX_SEALED_LEN);
uint32_t decr_len;
trustedDecryptDkgSecret(errStatus, errString, (uint8_t *) encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret,
&decr_len);
if (*errStatus != 0) {
snprintf(errString, BUF_LEN, "trustedDecryptDkgSecret failed with status %d", *errStatus);
LOG_ERROR(errString);
goto clean;
}
if (calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "t does not match polynomial in db");
LOG_ERROR(errString);
goto clean;
}
*errStatus = 0;
clean:
;
}
void trustedSetEncryptedDkgPoly(int *errStatus, char *errString, uint8_t *encrypted_poly) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(encrypted_poly);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
memset(getThreadLocalDecryptedDkgPoly(), 0, DKG_BUFER_LENGTH);
uint32_t decr_len;
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_poly, NULL, 0,
getThreadLocalDecryptedDkgPoly(), &decr_len);
if (status != SGX_SUCCESS) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "sgx_unseal_data - encrypted_poly failed with status %d", status);
LOG_ERROR(errString);
goto clean;
}
*errStatus = 0;
clean:
;
}
void trustedGetEncryptedSecretShare(int *errStatus, char *errString, uint8_t *encrypted_skey, uint32_t *dec_len,
char *result_str, char *s_shareG2, char *pub_keyB, uint8_t _t, uint8_t _n,
uint8_t ind) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(encrypted_skey)
CHECK_STATE(result_str);
CHECK_STATE(s_shareG2);
CHECK_STATE(pub_keyB);
CHECK_STATE(_t <= _n);
CHECK_STATE(_n > 0);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
SAFE_CHAR_BUF(skey, ECDSA_SKEY_LEN);SAFE_CHAR_BUF(pub_key_x, BUF_LEN);SAFE_CHAR_BUF(pub_key_y, BUF_LEN);
uint32_t enc_len;
trustedGenerateEcdsaKey(errStatus, errString, encrypted_skey, &enc_len, pub_key_x, pub_key_y);
if (*errStatus != 0) {
snprintf(errString, BUF_LEN, "sgx_unseal_data - encrypted_poly failed with status %d", errStatus);
LOG_ERROR(errString);
goto clean;
}
*dec_len = enc_len;
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encrypted_skey, NULL, 0, (uint8_t *) skey, &enc_len);
if (status != SGX_SUCCESS) {
snprintf(errString, BUF_LEN, "sgx_unseal_data failed - encrypted_skey with status %d", status);
LOG_ERROR(errString);
*errStatus = status;
goto clean;
}
SAFE_CHAR_BUF(common_key, ECDSA_SKEY_LEN);
gen_session_key(skey, pub_keyB, common_key);SAFE_CHAR_BUF(s_share, ECDSA_SKEY_LEN);
if (calc_secret_share(getThreadLocalDecryptedDkgPoly(), s_share, _t, _n, ind) != 0) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "\nt does not match poly degree\n");
LOG_ERROR(errString);
goto clean;
}
if (calc_secret_shareG2(s_share, s_shareG2) != 0) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "invalid decr secret share\n");
LOG_ERROR(errString);
goto clean;
}
SAFE_CHAR_BUF(cypher, ECDSA_SKEY_LEN);
xor_encrypt(common_key, s_share, cypher);
strncpy(result_str, cypher, strlen(cypher));
strncpy(result_str + strlen(cypher), pub_key_x, strlen(pub_key_x));
strncpy(result_str + strlen(pub_key_x) + strlen(pub_key_y), pub_key_y, strlen(pub_key_y));
*errStatus = 0;
clean:
;
}
void trustedComplaintResponse(int *errStatus, char *errString, uint8_t *encrypted_dkg_secret,
uint32_t *dec_len, char *s_shareG2, uint8_t _t, uint8_t _n, uint8_t ind1) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(encrypted_dkg_secret);
CHECK_STATE(s_shareG2);
CHECK_STATE(_t <= _n);
CHECK_STATE(_n > 0);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
SAFE_CHAR_BUF(decrypted_dkg_secret, DKG_BUFER_LENGTH);
trustedDecryptDkgSecret(errStatus, errString, encrypted_dkg_secret, (uint8_t *) decrypted_dkg_secret, dec_len);
if (*errStatus != 0) {
snprintf(errString, BUF_LEN, "sgx_unseal_data - encrypted_dkg_secret failed with status %d", *errStatus);
LOG_ERROR(errString);
goto clean;
}
calc_secret_shareG2_old(decrypted_dkg_secret, s_shareG2, _t, ind1);
*errStatus = 0;
clean:
;
}
void trustedDkgVerify(int *errStatus, char *errString, const char *public_shares, const char *s_share,
uint8_t *encryptedPrivateKey, uint64_t key_len, unsigned _t, int _ind, int *result) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(public_shares);
CHECK_STATE(s_share);
CHECK_STATE(encryptedPrivateKey);
CHECK_STATE(_t);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
mpz_t s;
mpz_init(s);
SAFE_CHAR_BUF(skey, ECDSA_SKEY_LEN);
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) skey, &key_len);
if (status != SGX_SUCCESS) {
*errStatus = status;
snprintf(errString, BUF_LEN, "sgx_unseal_key failed with status %d", status);
LOG_ERROR(errString);
goto clean;
}
SAFE_CHAR_BUF(encr_sshare, ECDSA_SKEY_LEN);
strncpy(encr_sshare, s_share, ECDSA_SKEY_LEN - 1);
encr_sshare[64] = 0;
SAFE_CHAR_BUF(common_key, ECDSA_SKEY_LEN);
SAFE_CHAR_BUF(decr_sshare, ECDSA_SKEY_LEN);
session_key_recover(skey, s_share, common_key);
common_key[ECDSA_SKEY_LEN - 1] = 0;
xor_decrypt(common_key, encr_sshare, decr_sshare);
if (mpz_set_str(s, decr_sshare, 16) == -1) {
*errStatus = 1;
snprintf(errString, BUF_LEN, "invalid decr secret share");
LOG_ERROR(errString);
goto clean;
}
*result = Verification(public_shares, s, _t, _ind);
*errStatus = 0;
clean:
mpz_clear(s);
}
void trustedCreateBlsKey(int *errStatus, char *errString, const char *s_shares,
uint8_t *encryptedPrivateKey, uint64_t key_len, uint8_t *encr_bls_key,
uint32_t *enc_bls_key_len) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(encryptedPrivateKey);
CHECK_STATE(s_shares);
CHECK_STATE(encr_bls_key);
CHECK_STATE(s_shares);
CHECK_STATE(encryptedPrivateKey);
CHECK_STATE(encr_bls_key);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
SAFE_CHAR_BUF(skey, ECDSA_SKEY_LEN);
mpz_t sum;
mpz_init(sum);
mpz_set_ui(sum, 0);
mpz_t q;
mpz_init(q);
mpz_set_str(q, "21888242871839275222246405745257275088548364400416034343698204186575808495617", 10);
mpz_set_str(q, "21888242871839275222246405745257275088548364400416034343698204186575808495617", 10);
mpz_t bls_key;
mpz_init(bls_key);
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) skey, &key_len);
if (status != SGX_SUCCESS) {
*errStatus = 1;
snprintf(errString, BUF_LEN, "sgx_unseal_key failed with status %d", status);
LOG_ERROR(errString);
goto clean;
}
int num_shares = strlen(s_shares) / 192;
for (int i = 0; i < num_shares; i++) {
SAFE_CHAR_BUF(encr_sshare, 65);
strncpy(encr_sshare, s_shares + 192 * i, 64);
encr_sshare[64] = 0;
SAFE_CHAR_BUF(s_share, 193);
strncpy(s_share, s_shares + 192 * i, 192);
s_share[192] = 0;
SAFE_CHAR_BUF(common_key, 65);
session_key_recover(skey, s_share, common_key);
common_key[64] = 0;
SAFE_CHAR_BUF(decr_sshare, 65);
xor_decrypt(common_key, encr_sshare, decr_sshare);
mpz_t decr_secret_share;
mpz_init(decr_secret_share);
if (mpz_set_str(decr_secret_share, decr_sshare, 16) == -1) {
*errStatus = 1;
snprintf(errString, BUF_LEN, "invalid decrypted secret share");
LOG_ERROR(errString);
mpz_clear(decr_secret_share);
goto clean;
}
mpz_addmul_ui(sum, decr_secret_share, 1);
mpz_clear(decr_secret_share);
}
mpz_mod(bls_key, sum, q);
SAFE_CHAR_BUF(key_share, BUF_LEN);
mpz_get_str(key_share, 16, bls_key);
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t *) key_share, sealedLen,
(sgx_sealed_data_t *) encr_bls_key);
if (status != SGX_SUCCESS) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "seal bls private key failed with status %d ", status);
LOG_ERROR(errString);
goto clean;
}
*enc_bls_key_len = sealedLen;
*errStatus = 0;
clean:
mpz_clear(bls_key);
mpz_clear(sum);
mpz_clear(q);
}
void trustedGetBlsPubKey(int *errStatus, char *errString, uint8_t *encryptedPrivateKey, uint64_t key_len,
char *bls_pub_key) {
LOG_DEBUG(__FUNCTION__);
CHECK_STATE(encryptedPrivateKey);
CHECK_STATE(bls_pub_key);
CHECK_STATE(encryptedPrivateKey);
CHECK_STATE(bls_pub_key);
*errString = 0;
*errStatus = UNKNOWN_ERROR;
SAFE_CHAR_BUF(skey_hex, ECDSA_SKEY_LEN);
uint32_t len = key_len;
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *) encryptedPrivateKey, NULL, 0, (uint8_t *) skey_hex, &len);
if (status != SGX_SUCCESS) {
*errStatus = 1;
snprintf(errString, BUF_LEN, "sgx_unseal_data failed with status %d", status);
LOG_ERROR(errString);
goto clean;
}
if (calc_bls_public_key(skey_hex, bls_pub_key) != 0) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "could not calculate bls public key");
LOG_ERROR(errString);
goto clean;
}
*errStatus = 0;
clean:
;
}
void trustedGenerateSEK(int *errStatus, char *errString, void trustedGenerateSEK(int *errStatus, char *errString,
uint8_t *encrypted_SEK, uint32_t *enc_len, char *SEK_hex) { uint8_t *encrypted_SEK, uint32_t *enc_len, char *SEK_hex) {
......
secure_enclave/secure_enclave.edl
View file @ b95ab32d
...@@ -11,141 +11,6 @@ enclave { ...@@ -11,141 +11,6 @@ enclave {
public void trustedEnclaveInit(uint32_t _logLevel); public void trustedEnclaveInit(uint32_t _logLevel);
public void trustedGenerateEcdsaKey (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[out] uint32_t *enc_len,
[out, count = SMALL_BUF_SIZE] char * pub_key_x,
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void trustedGetPublicEcdsaKey (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t dec_len,
[out, count = SMALL_BUF_SIZE] char * pub_key_x,
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void trustedEncryptKey (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] const char* key,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[out] uint32_t *enc_len);
public void trustedDecryptKey (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[out, count = SMALL_BUF_SIZE] char* key );
public void trustedBlsSignMessage (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[in, string] char* hashX ,
[in, string] char* hashY ,
[out, count = SMALL_BUF_SIZE] char* signature);
public void trustedGenDkgSecret (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = 3050] uint8_t* encrypted_dkg_secret,
[out] uint32_t * enc_len,
size_t _t);
public void trustedDecryptDkgSecret (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[out, count = 2490] uint8_t* decrypted_dkg_secret,
[out] uint32_t* dec_len);
public void trustedGetSecretShares (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[out] uint32_t* dec_len,
[out, count = 2490] char* secret_shares,
unsigned _t,
unsigned _n);
public void trustedGetPublicShares (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
uint32_t enc_len,
[out, count = 10000] char* public_shares,
unsigned _t,
unsigned _n);
public void trustedEcdsaSign(
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[in, string] unsigned char* hash,
[out, count = SMALL_BUF_SIZE] char* sig_r,
[out, count = SMALL_BUF_SIZE] char* sig_s,
[out] uint8_t* sig_v,
int base);
public void trustedSetEncryptedDkgPoly( [out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_poly);
public void trustedGetEncryptedSecretShare(
[out]int *errStatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_skey,
[out] uint32_t* dec_len,
[out, count = 193] char* result_str,
[out, count = 320] char* s_shareG2,
[in, string] char* pub_keyB,
uint8_t _t,
uint8_t _n,
uint8_t ind);
public void trustedDkgVerify(
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, string] const char* public_shares,
[in, string] const char* s_share,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
unsigned _t,
int _ind,
[out] int* result);
public void trustedCreateBlsKey(
[out]int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, string] const char* s_shares,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
[out, count = SMALL_BUF_SIZE] uint8_t * encr_bls_key,
[out] uint32_t *enc_bls_key_len);
public void trustedGetBlsPubKey(
[out]int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
[out, count = 320] char* bls_pub_key);
public void trustedComplaintResponse(
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t *encrypted_dkg_secret,
[out] uint32_t* dec_len,
[out, count = 320] char* s_shareG2,
uint8_t _t,
uint8_t _n,
uint8_t ind1);
public void trustedGenerateSEK( public void trustedGenerateSEK(
[out] int *errStatus, [out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char *err_string, [out, count = SMALL_BUF_SIZE] char *err_string,
......
testw.cpp
View file @ b95ab32d
...@@ -63,6 +63,9 @@ ...@@ -63,6 +63,9 @@
#include "TestUtils.h" #include "TestUtils.h"
#include "testw.h" #include "testw.h"
#define PRINT_SRC_LINE cerr << "Executing line " << to_string(__LINE__) << endl;
using namespace jsonrpc; using namespace jsonrpc;
using namespace std; using namespace std;
...@@ -92,37 +95,6 @@ public: ...@@ -92,37 +95,6 @@ public:
} }
}; };
TEST_CASE_METHOD(TestFixture, "ECDSA keygen and signature test", "[ecdsa-key-sig-gen]") {
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
vector<uint8_t> encrPrivKey(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0;
auto status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen, pubKeyX.data(),
pubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
string hex = SAMPLE_HEX_HASH;
vector<char> signatureR(BUF_LEN, 0);
vector<char> signatureS(BUF_LEN, 0);
uint8_t signatureV = 0;
for (int i = 0; i < 50; i++) {
status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encrPrivKey.data(), encLen,
(unsigned char *) hex.data(),
signatureR.data(),
signatureS.data(), &signatureV, 16);
}
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes-key-sig-gen]") { TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes-key-sig-gen]") {
vector<char> errMsg(BUF_LEN, 0); vector<char> errMsg(BUF_LEN, 0);
...@@ -132,6 +104,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes ...@@ -132,6 +104,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes
vector<char> pubKeyY(BUF_LEN, 0); vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0; uint32_t encLen = 0;
PRINT_SRC_LINE
auto status = trustedGenerateEcdsaKeyAES(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen, auto status = trustedGenerateEcdsaKeyAES(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen,
pubKeyX.data(), pubKeyX.data(),
pubKeyY.data()); pubKeyY.data());
...@@ -145,6 +118,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes ...@@ -145,6 +118,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes
for (int i=0; i < 50; i++) { for (int i=0; i < 50; i++) {
PRINT_SRC_LINE
status = trustedEcdsaSignAES(eid, &errStatus, errMsg.data(), encrPrivKey.data(), encLen, status = trustedEcdsaSignAES(eid, &errStatus, errMsg.data(), encrPrivKey.data(), encLen,
hex.data(), hex.data(),
signatureR.data(), signatureR.data(),
...@@ -154,19 +128,6 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes ...@@ -154,19 +128,6 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes
REQUIRE(errStatus == SGX_SUCCESS); REQUIRE(errStatus == SGX_SUCCESS);
} }
TEST_CASE_METHOD(TestFixture, "ECDSA key gen", "[ecdsa-key-gen]") {
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
vector<uint8_t> encrPrivKey(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0;
auto status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen, pubKeyX.data(),
pubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "ECDSA AES key gen", "[ecdsa-aes-key-gen]") { TEST_CASE_METHOD(TestFixture, "ECDSA AES key gen", "[ecdsa-aes-key-gen]") {
vector<char> errMsg(BUF_LEN, 0); vector<char> errMsg(BUF_LEN, 0);
...@@ -175,6 +136,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES key gen", "[ecdsa-aes-key-gen]") { ...@@ -175,6 +136,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES key gen", "[ecdsa-aes-key-gen]") {
vector<char> pubKeyX(BUF_LEN, 0); vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0); vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0; uint32_t encLen = 0;
PRINT_SRC_LINE
auto status = trustedGenerateEcdsaKeyAES(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen, auto status = trustedGenerateEcdsaKeyAES(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen,
pubKeyX.data(), pubKeyX.data(),
pubKeyY.data()); pubKeyY.data());
...@@ -183,28 +145,6 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES key gen", "[ecdsa-aes-key-gen]") { ...@@ -183,28 +145,6 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES key gen", "[ecdsa-aes-key-gen]") {
REQUIRE(errStatus == SGX_SUCCESS); REQUIRE(errStatus == SGX_SUCCESS);
} }
TEST_CASE_METHOD(TestFixture, "ECDSA get public key", "[ecdsa-get-pub-key]") {
int errStatus = 0;
vector<char> errMsg(BUF_LEN, 0);
vector<uint8_t> encPrivKey(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0;
auto status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encPrivKey.data(), &encLen, pubKeyX.data(),
pubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<char> receivedPubKeyX(BUF_LEN, 0);
vector<char> receivedPubKeyY(BUF_LEN, 0);
status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encPrivKey.data(), encLen, receivedPubKeyX.data(),
receivedPubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "ECDSA AES get public key", "[ecdsa-aes-get-pub-key]") { TEST_CASE_METHOD(TestFixture, "ECDSA AES get public key", "[ecdsa-aes-get-pub-key]") {
int errStatus = 0; int errStatus = 0;
...@@ -214,6 +154,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES get public key", "[ecdsa-aes-get-pub-ke ...@@ -214,6 +154,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES get public key", "[ecdsa-aes-get-pub-ke
vector<char> pubKeyY(BUF_LEN, 0); vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0; uint32_t encLen = 0;
PRINT_SRC_LINE
auto status = trustedGenerateEcdsaKeyAES(eid, &errStatus, errMsg.data(), encPrivKey.data(), &encLen, pubKeyX.data(), auto status = trustedGenerateEcdsaKeyAES(eid, &errStatus, errMsg.data(), encPrivKey.data(), &encLen, pubKeyX.data(),
pubKeyY.data()); pubKeyY.data());
...@@ -223,6 +164,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES get public key", "[ecdsa-aes-get-pub-ke ...@@ -223,6 +164,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES get public key", "[ecdsa-aes-get-pub-ke
vector<char> receivedPubKeyX(BUF_LEN, 0); vector<char> receivedPubKeyX(BUF_LEN, 0);
vector<char> receivedPubKeyY(BUF_LEN, 0); vector<char> receivedPubKeyY(BUF_LEN, 0);
PRINT_SRC_LINE
status = trustedGetPublicEcdsaKeyAES(eid, &errStatus, errMsg.data(), encPrivKey.data(), encLen, status = trustedGetPublicEcdsaKeyAES(eid, &errStatus, errMsg.data(), encPrivKey.data(), encLen,
receivedPubKeyX.data(), receivedPubKeyX.data(),
receivedPubKeyY.data()); receivedPubKeyY.data());
...@@ -277,8 +219,9 @@ TEST_CASE_METHOD(TestFixture, "ECDSA key gen API", "[ecdsa-key-gen-api]") { ...@@ -277,8 +219,9 @@ TEST_CASE_METHOD(TestFixture, "ECDSA key gen API", "[ecdsa-key-gen-api]") {
for (int i = 0; i <= 20; i++) { for (int i = 0; i <= 20; i++) {
try { try {
PRINT_SRC_LINE
auto keyName = genECDSAKeyAPI(c); auto keyName = genECDSAKeyAPI(c);
PRINT_SRC_LINE
Json::Value sig = c.ecdsaSignMessageHash(16, keyName, SAMPLE_HASH); Json::Value sig = c.ecdsaSignMessageHash(16, keyName, SAMPLE_HASH);
REQUIRE(sig["status"].asInt() == 0); REQUIRE(sig["status"].asInt() == 0);
Json::Value getPubKey = c.getPublicECDSAKey(keyName); Json::Value getPubKey = c.getPublicECDSAKey(keyName);
...@@ -298,10 +241,12 @@ Json::Value sig = c.ecdsaSignMessageHash(10, keyName, SAMPLE_HASH); ...@@ -298,10 +241,12 @@ Json::Value sig = c.ecdsaSignMessageHash(10, keyName, SAMPLE_HASH);
for (int i = 0; i <= 20; i++) { for (int i = 0; i <= 20; i++) {
try { try {
PRINT_SRC_LINE
auto keyName = genECDSAKeyAPI(c); auto keyName = genECDSAKeyAPI(c);
PRINT_SRC_LINE
Json::Value sig = c.ecdsaSignMessageHash(10, keyName, SAMPLE_HASH); Json::Value sig = c.ecdsaSignMessageHash(10, keyName, SAMPLE_HASH);
REQUIRE(sig["status"].asInt() == 0); REQUIRE(sig["status"].asInt() == 0);
PRINT_SRC_LINE
Json::Value getPubKey = c.getPublicECDSAKey(keyName); Json::Value getPubKey = c.getPublicECDSAKey(keyName);
REQUIRE(getPubKey["status"].asInt() == 0); REQUIRE(getPubKey["status"].asInt() == 0);
} catch (JsonRpcException &e) { } catch (JsonRpcException &e) {
...@@ -316,27 +261,6 @@ TEST_CASE_METHOD(TestFixture, "BLS key encrypt", "[bls-key-encrypt]") { ...@@ -316,27 +261,6 @@ TEST_CASE_METHOD(TestFixture, "BLS key encrypt", "[bls-key-encrypt]") {
REQUIRE(key != nullptr); REQUIRE(key != nullptr);
} }
TEST_CASE_METHOD(TestFixture, "DKG gen test", "[dkg-gen]") {
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
uint32_t encLen = 0;
auto status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, 32);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<char> secret(BUF_LEN, 0);
vector<char> errMsg1(BUF_LEN, 0);
uint32_t dec_len;
status = trustedDecryptDkgSecret(eid, &errStatus, errMsg1.data(), encryptedDKGSecret.data(),
(uint8_t *) secret.data(), &dec_len);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "DKG AES gen test", "[dkg-aes-gen]") { TEST_CASE_METHOD(TestFixture, "DKG AES gen test", "[dkg-aes-gen]") {
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0); vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
...@@ -345,6 +269,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES gen test", "[dkg-aes-gen]") { ...@@ -345,6 +269,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES gen test", "[dkg-aes-gen]") {
int errStatus = 0; int errStatus = 0;
uint32_t encLen = 0; uint32_t encLen = 0;
PRINT_SRC_LINE
auto status = trustedGenDkgSecretAES(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, 32); auto status = trustedGenDkgSecretAES(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, 32);
REQUIRE(status == SGX_SUCCESS); REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS); REQUIRE(errStatus == SGX_SUCCESS);
...@@ -360,54 +285,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES gen test", "[dkg-aes-gen]") { ...@@ -360,54 +285,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES gen test", "[dkg-aes-gen]") {
*/ */
} }
TEST_CASE_METHOD(TestFixture, "DKG public shares test", "[dkg-pub-shares]") {
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
uint32_t encLen = 0;
unsigned t = 32, n = 32;
auto status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, n);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<char> errMsg1(BUF_LEN, 0);
char colon = ':';
vector<char> pubShares(10000, 0);
status = trustedGetPublicShares(eid, &errStatus, errMsg1.data(),
encryptedDKGSecret.data(), encLen, pubShares.data(), t, n);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<string> g2Strings = splitString(pubShares.data(), ',');
vector<libff::alt_bn128_G2> pubSharesG2;
for (u_int64_t i = 0; i < g2Strings.size(); i++) {
vector<string> coeffStr = splitString(g2Strings.at(i).c_str(), ':');
pubSharesG2.push_back(TestUtils::vectStringToG2(coeffStr));
}
vector<char> secret(BUF_LEN, 0);
status = trustedDecryptDkgSecret(eid, &errStatus, errMsg1.data(), encryptedDKGSecret.data(),
(uint8_t *) secret.data(), &encLen);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
signatures::Dkg dkgObj(t, n);
vector<libff::alt_bn128_Fr> poly = TestUtils::splitStringToFr(secret.data(), colon);
vector<libff::alt_bn128_G2> pubSharesDkg = dkgObj.VerificationVector(poly);
for (uint32_t i = 0; i < pubSharesDkg.size(); i++) {
libff::alt_bn128_G2 el = pubSharesDkg.at(i);
el.to_affine_coordinates();
}
REQUIRE(pubSharesG2 == pubSharesDkg);
}
TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares]") { TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares]") {
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0); vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
...@@ -417,7 +295,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares ...@@ -417,7 +295,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares
uint32_t encLen = 0; uint32_t encLen = 0;
unsigned t = 32, n = 32; unsigned t = 32, n = 32;
PRINT_SRC_LINE
auto status = trustedGenDkgSecretAES(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, n); auto status = trustedGenDkgSecretAES(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, n);
REQUIRE(status == SGX_SUCCESS); REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS); REQUIRE(errStatus == SGX_SUCCESS);
...@@ -426,7 +304,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares ...@@ -426,7 +304,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares
char colon = ':'; char colon = ':';
vector<char> pubShares(10000, 0); vector<char> pubShares(10000, 0);
PRINT_SRC_LINE
status = trustedGetPublicSharesAES(eid, &errStatus, errMsg1.data(), status = trustedGetPublicSharesAES(eid, &errStatus, errMsg1.data(),
encryptedDKGSecret.data(), encLen, pubShares.data(), t, n); encryptedDKGSecret.data(), encLen, pubShares.data(), t, n);
REQUIRE(status == SGX_SUCCESS); REQUIRE(status == SGX_SUCCESS);
...@@ -441,7 +319,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares ...@@ -441,7 +319,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares
} }
vector<char> secret(BUF_LEN, 0); vector<char> secret(BUF_LEN, 0);
PRINT_SRC_LINE
status = trustedDecryptDkgSecretAES(eid, &errStatus, errMsg1.data(), encryptedDKGSecret.data(), encLen, status = trustedDecryptDkgSecretAES(eid, &errStatus, errMsg1.data(), encryptedDKGSecret.data(), encLen,
(uint8_t *) secret.data()); (uint8_t *) secret.data());
REQUIRE(status == SGX_SUCCESS); REQUIRE(status == SGX_SUCCESS);
...@@ -458,35 +336,6 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares ...@@ -458,35 +336,6 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares
REQUIRE(pubSharesG2 == pubSharesDkg); REQUIRE(pubSharesG2 == pubSharesDkg);
} }
TEST_CASE_METHOD(TestFixture, "DKG encrypted secret shares test", "[dkg-encr-sshares]") {
vector<char> errMsg(BUF_LEN, 0);
vector<char> result(BUF_LEN, 0);
int errStatus = 0;
uint32_t encLen = 0;
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
auto status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, 2);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
status = trustedSetEncryptedDkgPoly(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<uint8_t> encrPRDHKey(BUF_LEN, 0);
string pub_keyB = SAMPLE_PUBLIC_KEY_B;
vector<char> s_shareG2(BUF_LEN, 0);
status = trustedGetEncryptedSecretShare(eid, &errStatus, errMsg.data(), encrPRDHKey.data(), &encLen, result.data(),
s_shareG2.data(),
(char *) pub_keyB.data(), 2, 2, 1);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "DKG AES encrypted secret shares test", "[dkg-aes-encr-sshares]") { TEST_CASE_METHOD(TestFixture, "DKG AES encrypted secret shares test", "[dkg-aes-encr-sshares]") {
vector<char> errMsg(BUF_LEN, 0); vector<char> errMsg(BUF_LEN, 0);
vector<char> result(BUF_LEN, 0); vector<char> result(BUF_LEN, 0);
...@@ -495,12 +344,14 @@ TEST_CASE_METHOD(TestFixture, "DKG AES encrypted secret shares test", "[dkg-aes- ...@@ -495,12 +344,14 @@ TEST_CASE_METHOD(TestFixture, "DKG AES encrypted secret shares test", "[dkg-aes-
uint32_t encLen = 0; uint32_t encLen = 0;
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0); vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
PRINT_SRC_LINE
auto status = trustedGenDkgSecretAES(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, 2); auto status = trustedGenDkgSecretAES(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, 2);
REQUIRE(status == SGX_SUCCESS); REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS); REQUIRE(errStatus == SGX_SUCCESS);
uint64_t enc_len = encLen; uint64_t enc_len = encLen;
PRINT_SRC_LINE
status = trustedSetEncryptedDkgPolyAES(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), enc_len); status = trustedSetEncryptedDkgPolyAES(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), enc_len);
REQUIRE(status == SGX_SUCCESS); REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS); REQUIRE(errStatus == SGX_SUCCESS);
...@@ -510,6 +361,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES encrypted secret shares test", "[dkg-aes- ...@@ -510,6 +361,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES encrypted secret shares test", "[dkg-aes-
string pub_keyB = SAMPLE_PUBLIC_KEY_B; string pub_keyB = SAMPLE_PUBLIC_KEY_B;
vector<char> s_shareG2(BUF_LEN, 0); vector<char> s_shareG2(BUF_LEN, 0);
PRINT_SRC_LINE
status = trustedGetEncryptedSecretShareAES(eid, &errStatus, errMsg.data(), encrPRDHKey.data(), &encLen, status = trustedGetEncryptedSecretShareAES(eid, &errStatus, errMsg.data(), encrPRDHKey.data(), &encLen,
result.data(), result.data(),
s_shareG2.data(), s_shareG2.data(),
...@@ -550,6 +402,7 @@ TEST_CASE_METHOD(TestFixture, "DKG_BLS test", "[dkg-bls]") { ...@@ -550,6 +402,7 @@ TEST_CASE_METHOD(TestFixture, "DKG_BLS test", "[dkg-bls]") {
int schainID = TestUtils::randGen(); int schainID = TestUtils::randGen();
int dkgID = TestUtils::randGen(); int dkgID = TestUtils::randGen();
PRINT_SRC_LINE
TestUtils::doDKG(c, 4, 1, ecdsaKeyNames, blsKeyNames, schainID, dkgID); TestUtils::doDKG(c, 4, 1, ecdsaKeyNames, blsKeyNames, schainID, dkgID);
REQUIRE(blsKeyNames.size() == 4); REQUIRE(blsKeyNames.size() == 4);
...@@ -566,8 +419,9 @@ TEST_CASE_METHOD(TestFixture, "Delete Bls Key", "[delete-bls-key]") { ...@@ -566,8 +419,9 @@ TEST_CASE_METHOD(TestFixture, "Delete Bls Key", "[delete-bls-key]") {
std::string name = "BLS_KEY:SCHAIN_ID:123456789:NODE_ID:0:DKG_ID:0"; std::string name = "BLS_KEY:SCHAIN_ID:123456789:NODE_ID:0:DKG_ID:0";
libff::alt_bn128_Fr key = libff::alt_bn128_Fr("6507625568967977077291849236396320012317305261598035438182864059942098934847"); libff::alt_bn128_Fr key = libff::alt_bn128_Fr("6507625568967977077291849236396320012317305261598035438182864059942098934847");
std::string key_str = TestUtils::stringFromFr(key); std::string key_str = TestUtils::stringFromFr(key);
PRINT_SRC_LINE
c.importBLSKeyShare(key_str, name, 1, 2, 1); c.importBLSKeyShare(key_str, name, 1, 2, 1);
PRINT_SRC_LINE
REQUIRE(c.deleteBlsKey(name)["deleted"] == true); REQUIRE(c.deleteBlsKey(name)["deleted"] == true);
} }
...@@ -609,7 +463,7 @@ TEST_CASE_METHOD(TestFixtureHTTPS, "Cert request sign", "[cert-sign]") { ...@@ -609,7 +463,7 @@ TEST_CASE_METHOD(TestFixtureHTTPS, "Cert request sign", "[cert-sign]") {
auto result = SGXRegistrationServer::getServer()->SignCertificate(ss.str()); auto result = SGXRegistrationServer::getServer()->SignCertificate(ss.str());
REQUIRE(result["status"] == 0); REQUIRE(result["status"] == 0);
PRINT_SRC_LINE
result = SGXRegistrationServer::getServer()->SignCertificate("Haha"); result = SGXRegistrationServer::getServer()->SignCertificate("Haha");
REQUIRE(result["status"] != 0); REQUIRE(result["status"] != 0);
...@@ -621,6 +475,7 @@ TEST_CASE_METHOD(TestFixture, "DKG API test", "[dkg-api]") { ...@@ -621,6 +475,7 @@ TEST_CASE_METHOD(TestFixture, "DKG API test", "[dkg-api]") {
string polyName = SAMPLE_POLY_NAME; string polyName = SAMPLE_POLY_NAME;
PRINT_SRC_LINE
Json::Value genPoly = c.generateDKGPoly(polyName, 2); Json::Value genPoly = c.generateDKGPoly(polyName, 2);
REQUIRE(genPoly["status"].asInt() == 0); REQUIRE(genPoly["status"].asInt() == 0);
...@@ -673,13 +528,16 @@ TEST_CASE_METHOD(TestFixture, "PolyExists test", "[dkg-poly-exists]") { ...@@ -673,13 +528,16 @@ TEST_CASE_METHOD(TestFixture, "PolyExists test", "[dkg-poly-exists]") {
StubClient c(client, JSONRPC_CLIENT_V2); StubClient c(client, JSONRPC_CLIENT_V2);
string polyName = SAMPLE_POLY_NAME; string polyName = SAMPLE_POLY_NAME;
PRINT_SRC_LINE
Json::Value genPoly = c.generateDKGPoly(polyName, 2); Json::Value genPoly = c.generateDKGPoly(polyName, 2);
REQUIRE(genPoly["status"] == 0); REQUIRE(genPoly["status"] == 0);
PRINT_SRC_LINE
Json::Value polyExists = c.isPolyExists(polyName); Json::Value polyExists = c.isPolyExists(polyName);
REQUIRE(polyExists["status"] == 0); REQUIRE(polyExists["status"] == 0);
REQUIRE(polyExists["IsExist"].asBool()); REQUIRE(polyExists["IsExist"].asBool());
PRINT_SRC_LINE
Json::Value polyDoesNotExist = c.isPolyExists("Vasya"); Json::Value polyDoesNotExist = c.isPolyExists("Vasya");
REQUIRE(!polyDoesNotExist["IsExist"].asBool()); REQUIRE(!polyDoesNotExist["IsExist"].asBool());
} }
...@@ -701,6 +559,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") { ...@@ -701,6 +559,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
int schainID = TestUtils::randGen(); int schainID = TestUtils::randGen();
int dkgID = TestUtils::randGen(); int dkgID = TestUtils::randGen();
for (uint8_t i = 0; i < n; i++) { for (uint8_t i = 0; i < n; i++) {
PRINT_SRC_LINE
ethKeys[i] = c.generateECDSAKey(); ethKeys[i] = c.generateECDSAKey();
REQUIRE(ethKeys[i]["status"] == 0); REQUIRE(ethKeys[i]["status"] == 0);
string polyName = string polyName =
...@@ -710,6 +569,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") { ...@@ -710,6 +569,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
REQUIRE(response["status"] == 0); REQUIRE(response["status"] == 0);
polyNames[i] = polyName; polyNames[i] = polyName;
PRINT_SRC_LINE
verifVects[i] = c.getVerificationVector(polyName, t, n); verifVects[i] = c.getVerificationVector(polyName, t, n);
REQUIRE(verifVects[i]["status"] == 0); REQUIRE(verifVects[i]["status"] == 0);
...@@ -717,6 +577,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") { ...@@ -717,6 +577,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
} }
for (uint8_t i = 0; i < n; i++) { for (uint8_t i = 0; i < n; i++) {
PRINT_SRC_LINE
secretShares[i] = c.getSecretShare(polyNames[i], pubEthKeys, t, n); secretShares[i] = c.getSecretShare(polyNames[i], pubEthKeys, t, n);
REQUIRE(secretShares[i]["status"] == 0); REQUIRE(secretShares[i]["status"] == 0);
...@@ -734,6 +595,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") { ...@@ -734,6 +595,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
for (int j = 0; j < n; j++) { for (int j = 0; j < n; j++) {
string secretShare = secretShares[i]["secretShare"].asString().substr(192 * j, 192); string secretShare = secretShares[i]["secretShare"].asString().substr(192 * j, 192);
secShares[i] += secretShares[j]["secretShare"].asString().substr(192 * i, 192); secShares[i] += secretShares[j]["secretShare"].asString().substr(192 * i, 192);
PRINT_SRC_LINE
Json::Value verif = c.dkgVerification(pubShares[i], ethKeys[j]["keyName"].asString(), secretShare, t, n, j); Json::Value verif = c.dkgVerification(pubShares[i], ethKeys[j]["keyName"].asString(), secretShare, t, n, j);
REQUIRE(verif["status"] == 0); REQUIRE(verif["status"] == 0);
bool res = verif["result"].asBool(); bool res = verif["result"].asBool();
...@@ -765,6 +627,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") { ...@@ -765,6 +627,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
n); n);
REQUIRE(response["status"] == 0); REQUIRE(response["status"] == 0);
PRINT_SRC_LINE
pubBLSKeys[i] = c.getBLSPublicKeyShare(blsName); pubBLSKeys[i] = c.getBLSPublicKeyShare(blsName);
REQUIRE(pubBLSKeys[i]["status"] == 0); REQUIRE(pubBLSKeys[i]["status"] == 0);
...@@ -781,6 +644,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") { ...@@ -781,6 +644,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
pubKey_vect.push_back(pubBLSKeys[i]["blsPublicKeyShare"][j].asString()); pubKey_vect.push_back(pubBLSKeys[i]["blsPublicKeyShare"][j].asString());
} }
BLSPublicKeyShare pubKey(make_shared<vector<string >>(pubKey_vect), t, n); BLSPublicKeyShare pubKey(make_shared<vector<string >>(pubKey_vect), t, n);
PRINT_SRC_LINE
REQUIRE(pubKey.VerifySigWithHelper(hash_arr, make_shared<BLSSigShare>(sig), t, n)); REQUIRE(pubKey.VerifySigWithHelper(hash_arr, make_shared<BLSSigShare>(sig), t, n));
coeffs_pkeys_map[i + 1] = make_shared<BLSPublicKeyShare>(pubKey); coeffs_pkeys_map[i + 1] = make_shared<BLSPublicKeyShare>(pubKey);
...@@ -799,12 +663,14 @@ TEST_CASE_METHOD(TestFixture, "AES encrypt/decrypt", "[aes-encrypt-decrypt]") { ...@@ -799,12 +663,14 @@ TEST_CASE_METHOD(TestFixture, "AES encrypt/decrypt", "[aes-encrypt-decrypt]") {
string key = SAMPLE_AES_KEY; string key = SAMPLE_AES_KEY;
vector<uint8_t> encrypted_key(BUF_LEN, 0); vector<uint8_t> encrypted_key(BUF_LEN, 0);
PRINT_SRC_LINE
auto status = trustedEncryptKeyAES(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key.data(), &encLen); auto status = trustedEncryptKeyAES(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key.data(), &encLen);
REQUIRE(status == 0); REQUIRE(status == 0);
REQUIRE(errStatus == 0); REQUIRE(errStatus == 0);
vector<char> decr_key(BUF_LEN, 0); vector<char> decr_key(BUF_LEN, 0);
PRINT_SRC_LINE
status = trustedDecryptKeyAES(eid, &errStatus, errMsg.data(), encrypted_key.data(), encLen, decr_key.data()); status = trustedDecryptKeyAES(eid, &errStatus, errMsg.data(), encrypted_key.data(), encLen, decr_key.data());
REQUIRE(status == 0); REQUIRE(status == 0);
...@@ -812,25 +678,6 @@ TEST_CASE_METHOD(TestFixture, "AES encrypt/decrypt", "[aes-encrypt-decrypt]") { ...@@ -812,25 +678,6 @@ TEST_CASE_METHOD(TestFixture, "AES encrypt/decrypt", "[aes-encrypt-decrypt]") {
REQUIRE(key.compare(decr_key.data()) == 0); REQUIRE(key.compare(decr_key.data()) == 0);
} }
TEST_CASE_METHOD(TestFixture, "SGX encrypt/decrypt", "[sgx-encrypt-decrypt]") {
int errStatus = -1;
vector<char> errMsg(BUF_LEN, 0);
uint32_t encLen;
string key = SAMPLE_AES_KEY;
vector<uint8_t> encrypted_key(BUF_LEN, 0);
auto status = trustedEncryptKey(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key.data(), &encLen);
REQUIRE(status == 0);
REQUIRE(errStatus == 0);
vector<char> decr_key(BUF_LEN, 0);
status = trustedDecryptKey(eid, &errStatus, errMsg.data(), encrypted_key.data(), encLen, decr_key.data());
REQUIRE(status == 0);
REQUIRE(errStatus == 0);
REQUIRE(key.compare(decr_key.data()) == 0);
}
TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypto]") { TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypto]") {
vector<thread> threads; vector<thread> threads;
...@@ -844,66 +691,4 @@ TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypt ...@@ -844,66 +691,4 @@ TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypt
} }
} }
TEST_CASE_METHOD(TestFixture, "AES == NOT AES", "[aes-not-aes]") {
std::string key = SAMPLE_AES_KEY;
std::string hex = SAMPLE_HEX_HASH;
int errStatus = 0;
vector<char> errMsg(BUF_LEN, 0);
vector<uint8_t> encrPrivKey(BUF_LEN, 0);
uint32_t enc_len = 0;
trustedEncryptKey(eid, &errStatus, errMsg.data(), key.c_str(), encrPrivKey.data(), &enc_len);
REQUIRE(errStatus == SGX_SUCCESS);
errMsg.clear();
vector<char> signatureR(BUF_LEN, 0);
vector<char> signatureS(BUF_LEN, 0);
uint8_t signatureV = 0;
auto status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encrPrivKey.data(), enc_len,
(unsigned char *) hex.data(),
signatureR.data(),
signatureS.data(), &signatureV, 16);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
errMsg.clear();
vector<char> receivedPubKeyX(BUF_LEN, 0);
vector<char> receivedPubKeyY(BUF_LEN, 0);
status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encrPrivKey.data(), enc_len,
receivedPubKeyX.data(),
receivedPubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
int errStatusAES = 0;
vector<char> errMsgAES(BUF_LEN, 0);
vector<uint8_t> encrPrivKeyAES(BUF_LEN, 0);
uint32_t enc_lenAES = 0;
trustedEncryptKeyAES(eid, &errStatusAES, errMsgAES.data(), key.c_str(), encrPrivKeyAES.data(), &enc_lenAES);
REQUIRE(errStatusAES == SGX_SUCCESS);
errMsgAES.clear();
vector<char> signatureRAES(BUF_LEN, 0);
vector<char> signatureSAES(BUF_LEN, 0);
uint8_t signatureVAES = 0;
status = trustedEcdsaSignAES(eid, &errStatusAES, errMsgAES.data(), encrPrivKeyAES.data(), enc_lenAES,
hex.data(),
signatureRAES.data(),
signatureSAES.data(), &signatureVAES, 16);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatusAES == SGX_SUCCESS);
errMsgAES.clear();
vector<char> receivedPubKeyXAES(BUF_LEN, 0);
vector<char> receivedPubKeyYAES(BUF_LEN, 0);
status = trustedGetPublicEcdsaKeyAES(eid, &errStatusAES, errMsgAES.data(), encrPrivKeyAES.data(), enc_lenAES,
receivedPubKeyXAES.data(),
receivedPubKeyYAES.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatusAES == SGX_SUCCESS);
REQUIRE(receivedPubKeyX == receivedPubKeyXAES);
REQUIRE(receivedPubKeyY == receivedPubKeyYAES);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment