Skip to content

S
sgxwallet
Unverified Commit ba1019c1 authored by Sveta Rogova's avatar Sveta Rogova Committed by GitHub
Browse files
Options

Merge pull request #25 from skalenetwork/enhancement/SKALE-1795-Fix-SIGILL-in-SGX 

Enhancement/skale 1795 fix sigill in sgx
parents 959991a2 9150b644
Show whitespace changes
Inline Side-by-side
Showing with 695 additions and 289 deletions
BLSCrypto.cpp
View file @ ba1019c1
......@@ -135,7 +135,7 @@ bool hex2carray2(const char * _hex, uint64_t *_bin_len,
bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t _n, size_t _signerIndex,
char* _sig) {
std::cerr << "ENTER SIGN" << std::endl;
//std::cerr << "ENTER SIGN" << std::endl;
auto keyStr = std::make_shared<std::string>(_encryptedKeyHex);
......@@ -152,7 +152,7 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t
auto keyShare = std::make_shared<BLSPrivateKeyShareSGX>(keyStr, _t, _n);
std::cerr << "keyShare created" << std::endl;
//std::cerr << "keyShare created" << std::endl;
// {
auto sigShare = keyShare->signWithHelperSGX(hash, _signerIndex);
// }
......@@ -168,7 +168,7 @@ bool sign(const char* _encryptedKeyHex, const char* _hashHex, size_t _t, size_t
// auto sig_ptr = std::make_shared<std::string>(test_sig);
// strncpy(_sig, sig_ptr->c_str(), BUF_LEN);
std::cerr<< "sig " << _sig <<std::endl;
//std::cerr<< "sig " << _sig <<std::endl;
return true;
......
DKGCrypto.cpp
View file @ ba1019c1
......@@ -81,20 +81,26 @@ std::string gen_dkg_poly( int _t){
uint32_t enc_len = 0;
status = gen_dkg_secret (eid, &err_status, errMsg, encrypted_dkg_secret, &enc_len, _t);
if ( err_status != 0){
throw RPCException(-666, errMsg ) ;
}
if (DEBUG_PRINT) {
std::cerr << "gen_dkg_secret, status " << err_status << " err msg " << errMsg << std::endl;
/* std::cerr << "encr raw poly: " << std::endl;
for ( int i = 0 ; i < 3050; i++)
printf(" %d ", encrypted_dkg_secret[i] );*/
std::cerr << "in DKGCrypto encr len is " << enc_len << std::endl;
}
char *hexEncrPoly = (char *) calloc(DKG_MAX_SEALED_LEN * 2 + 1, 1);//(4*BUF_LEN, 1);
carray2Hex(encrypted_dkg_secret, DKG_MAX_SEALED_LEN, hexEncrPoly);
std::string result(hexEncrPoly);
std::cerr << "in DKGCrypto encr len is " << enc_len << std::endl;
free(errMsg);
free(encrypted_dkg_secret);
......@@ -108,8 +114,11 @@ std::vector <std::vector<std::string>> get_verif_vect(const char* encryptedPolyH
char* errMsg1 = (char*) calloc(1024,1);
int err_status = 0;
if (DEBUG_PRINT) {
// std::cerr << "got encr poly " << encryptedPolyHex << std::endl;
std::cerr << "got encr poly size " << strlen(encryptedPolyHex) << std::endl;
}
char* public_shares = (char*)calloc(10000, 1);
uint64_t enc_len = 0;
......@@ -118,22 +127,28 @@ std::vector <std::vector<std::string>> get_verif_vect(const char* encryptedPolyH
if (!hex2carray2(encryptedPolyHex, &enc_len, encr_dkg_poly, 6100)){
throw RPCException(INVALID_HEX, "Invalid encryptedPolyHex");
}
if (DEBUG_PRINT) {
std::cerr << "enc len " << enc_len << std::endl;
/*std::cerr << "encr raw poly: " << std::endl;
for ( int i = 0 ; i < 3050; i++)
printf(" %d ", encr_dkg_poly[i] );*/
}
uint32_t len;
status = get_public_shares(eid, &err_status, errMsg1, encr_dkg_poly, len, public_shares, t, n);
if ( status != 0){
if ( err_status != 0){
throw RPCException(-666, errMsg1 );
}
if (DEBUG_PRINT) {
std::cerr << "err msg " << errMsg1 << std::endl;
std::cerr << "public_shares:" << std::endl;
std::cerr << public_shares << std::endl;
printf("\nget_public_shares status: %d error %s \n\n", err_status, errMsg1);
}
std::vector <std::string> G2_strings = SplitString( public_shares, ',');
std::vector <std::vector <std::string>> pub_shares_vect;
......@@ -161,6 +176,9 @@ std::string get_secret_shares(const std::string& polyName, const char* encrypted
}
status = set_encrypted_dkg_poly(eid, &err_status, errMsg1, encr_dkg_poly);
if ( status != SGX_SUCCESS || err_status!=0){
throw RPCException(-666, errMsg1 );
}
std::string result;
char *hexEncrKey = (char *) calloc(2 * BUF_LEN, 1);
......@@ -172,17 +190,24 @@ std::string get_secret_shares(const std::string& polyName, const char* encrypted
char cur_share[193];
char s_shareG2[320];
std::string pub_keyB = publicKeys.at(i);//publicKeys.substr(128*i, 128*i + 128);
if (DEBUG_PRINT) {
std::cerr << "pub_keyB is " << pub_keyB << std::endl;
}
char pubKeyB[129];
strncpy(pubKeyB, pub_keyB.c_str(), 128);
pubKeyB[128] = 0;
get_encr_sshare(eid, &err_status, errMsg1, encrypted_skey, &dec_len,
cur_share, s_shareG2, pubKeyB, t, n, i + 1 );
if (err_status != 0){
throw RPCException(-666, errMsg1);
}
result += cur_share;
//uint32_t enc_len = BUF_LEN;
if (DEBUG_PRINT) {
std::cerr << "dec len is " << dec_len << std::endl;
}
carray2Hex(encrypted_skey, dec_len, hexEncrKey);
std::string DHKey_name = "DKG_DH_KEY_" + polyName + "_" + std::to_string(i) + ":";
......@@ -191,14 +216,18 @@ std::string get_secret_shares(const std::string& polyName, const char* encrypted
writeDataToDB(DHKey_name, hexEncrKey);
std::string shareG2_name = "shareG2_" + polyName + "_" + std::to_string(i) + ":";
if (DEBUG_PRINT) {
std::cerr << "name to write to db is " << shareG2_name << std::endl;
std::cerr << "s_shareG2: " << s_shareG2 << std::endl;
}
writeDataToDB(shareG2_name, s_shareG2);
if (DEBUG_PRINT) {
std::cerr << errMsg1 << std::endl << std::endl;
//std::cerr << "iteration " << i <<" result length is " << result.length() << std::endl ;
//std::cerr << "iteration " << i <<" share length is " << strlen(cur_share) << std::endl;
//std::cerr << "iteration " << i <<" share is " << cur_share << std::endl;
// std::cerr << "iteration " << i <<" result length is " << result.length() << std::endl ;
// std::cerr << "iteration " << i <<" share length is " << strlen(cur_share) << std::endl;
// std::cerr << "iteration " << i <<" share is " << cur_share << std::endl;
}
}
//result += '\0';
......@@ -218,31 +247,39 @@ bool VerifyShares(const char* publicShares, const char* encr_sshare, const char
if (!hex2carray(encryptedKeyHex, &dec_key_len, encr_key)){
throw RPCException(INVALID_HEX, "Invalid encryptedPolyHex");
}
//std::cerr << "encryptedKeyHex " << encryptedKeyHex << std::endl;
//std::cerr << "dec_key_len " << dec_key_len << std::endl;
int result;
if (DEBUG_PRINT) {
// std::cerr << "encryptedKeyHex " << encryptedKeyHex << std::endl;
// std::cerr << "dec_key_len " << dec_key_len << std::endl;
int result ;
//std::cerr << "encr_sshare length is " << strlen(encr_sshare) << std::endl;
//std::cerr << "public shares " << publicShares << std::endl;
std::cerr << "publicShares length is " << strlen(publicShares) << std::endl;
// std::cerr << "encr_sshare length is " << strlen(encr_sshare) << std::endl; std::cerr << "public shares " << publicShares << std::endl;
std::cerr << "publicShares length is " << std::char_traits<char>::length(publicShares)<<std::endl; //strlen(publicShares)<< std::endl;
}
char pshares[8193];
strncpy(pshares, publicShares, strlen(publicShares) + 1);
//std::cerr << "pshares " << pshares << std::endl;
dkg_verification(eid, &err_status, errMsg1, pshares, encr_sshare, encr_key, dec_key_len, t, ind, &result);
if (result == 2){
throw RPCException(INVALID_HEX, "Invalid public shares");
}
if (DEBUG_PRINT) {
std::cerr << "errMsg1: " << errMsg1 << std::endl;
std::cerr << "result is " << result << std::endl;
}
free(errMsg1);
std::cerr << "result is " << result << std::endl;
return result;
}
bool CreateBLSShare( const std::string& BLSKeyName, const char * s_shares, const char * encryptedKeyHex){
if (DEBUG_PRINT) {
std::cerr << "ENTER CreateBLSShare" << std::endl;
}
char* errMsg1 = (char*) calloc(1024,1);
int err_status = 0;
......@@ -255,24 +292,24 @@ bool CreateBLSShare( const std::string& BLSKeyName, const char * s_shares, const
uint32_t enc_bls_len = 0;
std::cerr << "BEFORE create_bls_key IN ENCLAVE " << std::endl;
//std::cerr << "BEFORE create_bls_key IN ENCLAVE " << std::endl;
create_bls_key(eid, &err_status, errMsg1, s_shares, encr_key, dec_key_len, encr_bls_key, &enc_bls_len);
std::cerr << "AFTER create_bls_key IN ENCLAVE er msg is " << errMsg1 << std::endl;
//std::cerr << "AFTER create_bls_key IN ENCLAVE er msg is " << errMsg1 << std::endl;
if ( err_status != 0){
std::cerr << "ERROR IN ENCLAVE" << std::endl;
throw RPCException(ERROR_IN_ENCLAVE, "Something failed in enclave");
return false;
throw RPCException(ERROR_IN_ENCLAVE, "Create BLS private key failed in enclave");
}
else {
char *hexBLSKey = (char *) calloc(2 * BUF_LEN, 1);
std::cerr << "BEFORE carray2Hex" << std::endl;
//std::cerr << "BEFORE carray2Hex" << std::endl;
//std::cerr << "enc_bls_len " << enc_bls_len << std::endl;
carray2Hex(encr_bls_key, enc_bls_len, hexBLSKey);
std::cerr << "BEFORE WRITE BLS KEY TO DB" << std::endl;
// std::cerr << "BEFORE WRITE BLS KEY TO DB" << std::endl;
writeDataToDB(BLSKeyName, hexBLSKey);
if (DEBUG_PRINT) {
std::cerr << "hexBLSKey length is " << strlen(hexBLSKey) << std::endl;
std::cerr << "bls key " << BLSKeyName << " is " << hexBLSKey << std::endl;
}
free(hexBLSKey);
return true;
}
......@@ -293,13 +330,21 @@ std::vector<std::string> GetBLSPubKey(const char * encryptedKeyHex){
// std::cerr << encr_key[i] << " ";
char pub_key[320];
if (DEBUG_PRINT) {
std::cerr << "dec_key_len is " << dec_key_len << std::endl;
}
get_bls_pub_key(eid, &err_status, errMsg1, encr_key, dec_key_len, pub_key);
std::cerr << "errMsg1 is " << errMsg1 << std::endl;
if ( err_status != 0){
throw RPCException(ERROR_IN_ENCLAVE, "Failed to get BLS public key in enclave");
}
std::vector<std::string> pub_key_vect = SplitString(pub_key, ':');
if (DEBUG_PRINT) {
std::cerr << "errMsg1 is " << errMsg1 << std::endl;
std::cerr << "pub key is" << std::endl;
for ( int i = 0; i < 4; i++)
for (int i = 0; i < 4; i++)
std::cerr << pub_key_vect.at(i) << std::endl;
}
return pub_key_vect;
}
......@@ -310,7 +355,9 @@ std::string decrypt_DHKey(const std::string& polyName, int ind){
std::string DH_key_name = polyName + "_" + std::to_string(ind) + ":";
std::shared_ptr<std::string> hexEncrKey_ptr = readFromDb(DH_key_name, "DKG_DH_KEY_");
if (DEBUG_PRINT) {
std::cerr << "encr DH key is " << hexEncrKey_ptr << std::endl;
}
char *hexEncrKey = (char *) calloc(2 * BUF_LEN, 1);
......@@ -323,7 +370,10 @@ std::string decrypt_DHKey(const std::string& polyName, int ind){
char DHKey[ECDSA_SKEY_LEN];
decrypt_key(eid, &err_status, errMsg1, encrypted_DHkey, DH_enc_len, DHKey);
if (err_status != 0){
free(hexEncrKey);
throw RPCException(ERROR_IN_ENCLAVE, "decrypt key failed in enclave");
}
free(errMsg1);
free(hexEncrKey);
......
ECDSACrypto.cpp
View file @ ba1019c1
......@@ -31,6 +31,7 @@
#include <gmp.h>
#include <random>
static std::default_random_engine rand_gen((unsigned int) time(0));
std::string concatPubKeyWith0x(char* pub_key_x, char* pub_key_y){
......@@ -54,7 +55,7 @@ std::vector<std::string> gen_ecdsa_key(){
throw RPCException(-666, errMsg) ;
}
std::vector<std::string> keys(3);
std::cerr << "account key is " << errMsg << std::endl;
//std::cerr << "account key is " << errMsg << std::endl;
char *hexEncrKey = (char *) calloc(2*BUF_LEN, 1);
carray2Hex(encr_pr_key, enc_len, hexEncrKey);
keys.at(0) = hexEncrKey;
......@@ -64,7 +65,9 @@ std::vector<std::string> gen_ecdsa_key(){
unsigned long seed = rand_gen();
if (DEBUG_PRINT) {
std::cerr << "seed is " << seed << std::endl;
}
gmp_randstate_t state;
gmp_randinit_default(state);
......@@ -79,7 +82,7 @@ std::vector<std::string> gen_ecdsa_key(){
keys.at(2) = rand_str;
std::cerr << "rand_str length is " << strlen(rand_str) << std::endl;
//std::cerr << "rand_str length is " << strlen(rand_str) << std::endl;
gmp_randclear(state);
mpz_clear(rand32);
......@@ -106,15 +109,16 @@ std::string get_ecdsa_pubkey(const char* encryptedKeyHex){
}
status = get_public_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
if ( err_status != 0){
if (err_status != 0){
throw RPCException(-666, errMsg) ;
}
std::string pubKey = std::string(pub_key_x) + std::string(pub_key_y);//concatPubKeyWith0x(pub_key_x, pub_key_y);//
std:: cerr << "pubkey is " << pubKey << std::endl;
std:: cerr << "pubkey length is " << pubKey.length() << std::endl;
if (DEBUG_PRINT) {
std::cerr << "pubkey is " << pubKey << std::endl;
std::cerr << "pubkey length is " << pubKey.length() << std::endl;
std::cerr << "err str " << errMsg << std::endl;
}
free(errMsg);
free(pub_key_x);
......@@ -138,19 +142,21 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
}
std::cerr << "encryptedKeyHex: "<< encryptedKeyHex << std::endl;
std::cerr << "HASH: "<< hashHex << std::endl;
if (DEBUG_PRINT) {
std::cerr << "encryptedKeyHex: " << encryptedKeyHex << std::endl;
std::cerr << "HASH: " << hashHex << std::endl;
std::cerr << "encrypted len" << dec_len << std::endl;
}
status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
if ( err_status != 0){
throw RPCException(-666, errMsg ) ;
}
std::cerr << "signature r in ecdsa_sign_hash "<< signature_r << std::endl;
std::cerr << "signature s in ecdsa_sign_hash "<< signature_s << std::endl;
if (DEBUG_PRINT) {
std::cerr << "signature r in ecdsa_sign_hash " << signature_r << std::endl;
std::cerr << "signature s in ecdsa_sign_hash " << signature_s << std::endl;
}
if ( status != SGX_SUCCESS){
std::cerr << "failed to sign " << std::endl;
......
LevelDB.cpp
View file @ ba1019c1
......@@ -34,6 +34,8 @@
#include "RPCException.h"
#include "LevelDB.h"
#include "ServerInit.h"
using namespace leveldb;
......@@ -61,8 +63,9 @@ std::shared_ptr<std::string> LevelDB::readString(const std::string &_key) {
// if (result == nullptr) {
// throw RPCException(KEY_SHARE_DOES_NOT_EXIST, "Data with this name does not exist");
// }
std::cerr << "key to read from db: " << _key <<std::endl;
if (DEBUG_PRINT) {
std::cerr << "key to read from db: " << _key << std::endl;
}
throwExceptionOnError(status);
......@@ -80,7 +83,9 @@ void LevelDB::writeString(const std::string &_key, const std::string &_value) {
throwExceptionOnError(status);
std::cerr << "written key " << _key << std::endl;//<< " value " << _value << std::endl;
if (DEBUG_PRINT) {
std::cerr << "written key " << _key << std::endl;
}
}
......@@ -134,7 +139,9 @@ void LevelDB::deleteKey(const std::string &_key){
throwExceptionOnError(status);
if (DEBUG_PRINT) {
std::cerr << "key deleted " << _key << std::endl;
}
}
......
SGXRegistrationServer.cpp
View file @ ba1019c1
......@@ -43,6 +43,9 @@
#include "SGXRegistrationServer.h"
#include "LevelDB.h"
int DEBUG_PRINT = 0;
int is_sgx_https = 1;
SGXRegistrationServer *regs = nullptr;
HttpServer *hs2 = nullptr;
......@@ -139,8 +142,13 @@ Json::Value GetSertificateImpl(const std::string& hash){
cert = ss.str();
infile.close();
std::string remove_crt = "cd cert && rm -rf" + hash + ".crt && rm -rf " + hash + ".csr";
system(remove_crt.c_str());
std::string remove_crt = "cd cert && rm -rf " + hash + ".crt && rm -rf " + hash + ".csr";
if(system(remove_crt.c_str()) == 0){
std::cerr << "cert removed" << std::endl;
}
else{
std::cerr << "cert was not removed" << std::endl;
}
}
}
......
SGXWalletServer.cpp
View file @ ba1019c1
......@@ -22,6 +22,7 @@
#include "sgxwallet_common.h"
#include "RPCException.h"
#include "LevelDB.h"
#include "BLSCrypto.h"
......@@ -38,6 +39,7 @@
#include <unistd.h>
#include "ServerInit.h"
//#if __cplusplus < 201412L
//#error expecting C++17 standard
......@@ -46,6 +48,7 @@
//#include <boost/filesystem.hpp>
bool isStringDec( std::string & str){
auto res = std::find_if_not(str.begin(), str.end(), [](char c)->bool{
return std::isdigit(c);
......@@ -75,7 +78,7 @@ void debug_print(){
levelDb->visitKeys(&v, 100000000);
}
int init_server(bool check_certs) {
int init_https_server(bool check_certs) {
std::string rootCAPath = "cert/rootCA.pem";
std::string keyCAPath = "cert/rootCA.key";
......@@ -127,17 +130,17 @@ int init_server(bool check_certs) {
}
//int init_server(bool check_certs) { //without ssl
//
// hs = new HttpServer(1026);
// s = new SGXWalletServer(*hs,
// JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
// if (!s->StartListening()) {
// cerr << "Server could not start listening" << endl;
// exit(-1);
// }
// return 0;
//}
int init_http_server() { //without ssl
hs = new HttpServer(BASE_PORT + 3);
s = new SGXWalletServer(*hs,
JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
if (!s->StartListening()) {
cerr << "Server could not start listening" << endl;
exit(-1);
}
return 0;
}
Json::Value
importBLSKeyShareImpl(const std::string &_keyShare, const std::string &_keyShareName, int t, int n, int index) {
......@@ -182,8 +185,6 @@ Json::Value blsSignMessageHashImpl(const std::string &keyShareName, const std::s
result["errorMessage"] = "Unknown server error";
result["signatureShare"] = "";
//int errStatus = UNKNOWN_ERROR;
//char *errMsg = (char *) calloc(BUF_LEN, 1);
char *signature = (char *) calloc(BUF_LEN, 1);
shared_ptr <std::string> value = nullptr;
......@@ -192,6 +193,17 @@ Json::Value blsSignMessageHashImpl(const std::string &keyShareName, const std::s
if ( !checkName(keyShareName, "BLS_KEY")){
throw RPCException(INVALID_POLY_NAME, "Invalid BLSKey name");
}
std::string cutHash = messageHash;
if (cutHash[0] == '0' && (cutHash[1] == 'x'||cutHash[1] == 'X')){
cutHash.erase(cutHash.begin(), cutHash.begin() + 2);
}
while (cutHash[0] == '0'){
cutHash.erase(cutHash.begin(), cutHash.begin() + 1);
}
if ( !checkHex(cutHash)){
throw RPCException(INVALID_HEX, "Invalid hash");
}
value = readFromDb(keyShareName);
} catch (RPCException _e) {
......@@ -218,7 +230,6 @@ Json::Value blsSignMessageHashImpl(const std::string &keyShareName, const std::s
return result;
}
result["status"] = 0;
result["errorMessage"] = "";
result["signatureShare"] = signature;
......@@ -252,12 +263,15 @@ Json::Value generateECDSAKeyImpl() {
if (keys.size() == 0 ) {
throw RPCException(UNKNOWN_ERROR, "key was not generated");
}
// std::cerr << "write encr key" << keys.at(0) << std::endl;
std::string keyName = "NEK:" + keys.at(2);
if (DEBUG_PRINT) {
std::cerr << "write encr key" << keys.at(0) << std::endl;
std::cerr << "keyname length is " << keyName.length() << std::endl;
std::cerr <<"key name generated: " << keyName << std::endl;
std::cerr << "key name generated: " << keyName << std::endl;
}
//writeECDSAKey(keyName, keys.at(0));
writeDataToDB(keyName, keys.at(0));
......@@ -270,7 +284,6 @@ Json::Value generateECDSAKeyImpl() {
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
}
//std::cerr << "in SGXWalletServer encr key x " << keys.at(0) << std::endl;
return result;
}
......@@ -320,16 +333,26 @@ Json::Value ecdsaSignMessageHashImpl(int base, const std::string &_keyName, cons
result["signature_s"] = "";
std::vector<std::string> sign_vect(3);
std::cerr << "entered ecdsaSignMessageHashImpl" << messageHash << "length " << messageHash.length() << std::endl;
if (DEBUG_PRINT) {
std::cerr << "entered ecdsaSignMessageHashImpl" << messageHash
<< "length " << messageHash.length() << std::endl;
}
try {
std::string cutHash = messageHash;
if (cutHash[0] == '0' && (cutHash[1] == 'x'||cutHash[1] == 'X')){
cutHash.erase(cutHash.begin(), cutHash.begin()+2);
cutHash.erase(cutHash.begin(), cutHash.begin() + 2);
}
while (cutHash[0] == '0'){
cutHash.erase(cutHash.begin(), cutHash.begin()+1);
cutHash.erase(cutHash.begin(), cutHash.begin() + 1);
}
if (DEBUG_PRINT) {
std::cerr << "Hash handled " << cutHash << std::endl;
try {
}
if ( !checkECDSAKeyName(_keyName)){
throw RPCException(INVALID_ECDSA_KEY_NAME, "Invalid ECDSA key name");
}
......@@ -340,12 +363,17 @@ Json::Value ecdsaSignMessageHashImpl(int base, const std::string &_keyName, cons
throw RPCException(-22, "Invalid base");
}
std::shared_ptr<std::string> key_ptr = readFromDb(_keyName,"");
// std::cerr << "read encr key" << *key_ptr << std::endl;
sign_vect = ecdsa_sign_hash(key_ptr->c_str(),cutHash.c_str(), base);
sign_vect = ecdsa_sign_hash(key_ptr->c_str(), cutHash.c_str(), base);
if (sign_vect.size() != 3 ){
throw RPCException(INVALID_ECSDA_SIGNATURE, "Invalid ecdsa signature");
}
if (DEBUG_PRINT) {
std::cerr << "got signature_s " << sign_vect.at(2) << std::endl;
}
result["signature_v"] = sign_vect.at(0);
result["signature_r"] = sign_vect.at(1);
result["signature_s"] = sign_vect.at(2);
......@@ -356,7 +384,6 @@ Json::Value ecdsaSignMessageHashImpl(int base, const std::string &_keyName, cons
result["errorMessage"] = _e.errString;
}
return result;
}
......@@ -368,7 +395,6 @@ Json::Value getPublicECDSAKeyImpl(const std::string& keyName){
cerr << "Calling method getPublicECDSAKey" << endl;
std::string Pkey;
try {
......@@ -377,8 +403,10 @@ Json::Value getPublicECDSAKeyImpl(const std::string& keyName){
}
std::shared_ptr<std::string> key_ptr = readFromDb(keyName);
Pkey = get_ecdsa_pubkey( key_ptr->c_str());
if (DEBUG_PRINT) {
std::cerr << "PublicKey " << Pkey << std::endl;
std::cerr << "PublicKey length" << Pkey.length() << std::endl;
}
result["PublicKey"] = Pkey;
} catch (RPCException &_e) {
......@@ -386,13 +414,11 @@ Json::Value getPublicECDSAKeyImpl(const std::string& keyName){
result["errorMessage"] = _e.errString;
}
//std::cerr << "in SGXWalletServer encr key x " << keys.at(0) << std::endl;
return result;
}
Json::Value generateDKGPolyImpl(const std::string& polyName, int t) {
std::cerr << " enter generateDKGPolyImpl" << std::endl;
Json::Value result;
result["status"] = 0;
result["errorMessage"] = "";
......@@ -402,14 +428,14 @@ Json::Value generateDKGPolyImpl(const std::string& polyName, int t) {
try {
if ( !checkName(polyName, "POLY")){
throw RPCException(INVALID_POLY_NAME, "Invalid polynomial name");
throw RPCException(INVALID_POLY_NAME, "Invalid polynomial name, it should be like POLY:SCHAIN_ID:1:NODE_ID:1:DKG_ID:1");
}
if ( t <= 0){
throw RPCException(INVALID_DKG_PARAMS, "Invalid parameters: n or t ");
if ( t <= 0 || t > 32){
throw RPCException(INVALID_DKG_PARAMS, "Invalid parameter t ");
}
encrPolyHex = gen_dkg_poly(t);
writeDataToDB(polyName, encrPolyHex);
//writeDKGPoly(polyName, encrPolyHex);
//result["encryptedPoly"] = encrPolyHex;
} catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl;
......@@ -417,8 +443,6 @@ Json::Value generateDKGPolyImpl(const std::string& polyName, int t) {
result["errorMessage"] = _e.errString;
}
return result;
}
......@@ -467,8 +491,7 @@ Json::Value getSecretShareImpl(const std::string& polyName, const Json::Value& p
try {
if (publicKeys.size() != n){
result["errorMessage"] = "wrong number of public keys";
return result;
throw RPCException(INVALID_DKG_PARAMS, "wrong number of public keys");
}
if ( !checkName(polyName, "POLY")){
throw RPCException(INVALID_POLY_NAME, "Invalid polynomial name");
......@@ -492,7 +515,7 @@ Json::Value getSecretShareImpl(const std::string& polyName, const Json::Value& p
result["SecretShare"] = s;
} catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl;
//std::cerr << " err str " << _e.errString << std::endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
result["SecretShare"] = "";
......@@ -519,22 +542,21 @@ Json::Value DKGVerificationImpl(const std::string& publicShares, const std::stri
if( !check_n_t(t, n) || ind > n || ind < 0){
throw RPCException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
}
// if ( !checkHex(SecretShare, SECRET_SHARE_NUM_BYTES)){
// throw RPCException(INVALID_HEX, "Invalid Secret share");
// }
if ( !checkHex(SecretShare, SECRET_SHARE_NUM_BYTES)){
throw RPCException(INVALID_HEX, "Invalid Secret share");
}
if (publicShares.length() != 256 * t){
throw RPCException(INVALID_DKG_PARAMS, "Invalid length of public shares");
}
//std::string keyName = polyName + "_" + std::to_string(ind);
//std::shared_ptr<std::string> encryptedKeyHex_ptr = readFromDb(EthKeyName, "");
std::shared_ptr<std::string> encryptedKeyHex_ptr = readFromDb(EthKeyName);
if ( !VerifyShares(publicShares.c_str(), SecretShare.c_str(), encryptedKeyHex_ptr->c_str(), t, n, ind )){
result["result"] = false;
}
} catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl;
//std::cerr << " err str " << _e.errString << std::endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
result["result"] = false;
......@@ -547,7 +569,6 @@ Json::Value CreateBLSPrivateKeyImpl(const std::string & BLSKeyName, const std::s
std::cerr << "CreateBLSPrivateKeyImpl entered" << std::endl;
Json::Value result;
result["status"] = 0;
result["errorMessage"] = "";
......@@ -557,8 +578,6 @@ Json::Value CreateBLSPrivateKeyImpl(const std::string & BLSKeyName, const std::s
if (SecretShare.length() != n * 192){
std::cerr << "wrong length of secret shares - " << SecretShare.length() << std::endl;
std::cerr << "secret shares - " << SecretShare << std::endl;
//result["errorMessage"] = "wrong length of secret shares";
//return result;
throw RPCException(INVALID_SECRET_SHARES_LENGTH, "Invalid secret share length");
}
if ( !checkECDSAKeyName(EthKeyName)){
......@@ -570,9 +589,13 @@ Json::Value CreateBLSPrivateKeyImpl(const std::string & BLSKeyName, const std::s
if ( !checkName(BLSKeyName, "BLS_KEY")){
throw RPCException(INVALID_POLY_NAME, "Invalid BLS key name");
}
if( !check_n_t(t, n)){
throw RPCException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
}
std::vector<std::string> sshares_vect;
if (DEBUG_PRINT) {
std::cerr << "sshares from json are " << SecretShare << std::endl;
}
std::shared_ptr<std::string> encryptedKeyHex_ptr = readFromDb(EthKeyName);
......@@ -591,7 +614,7 @@ Json::Value CreateBLSPrivateKeyImpl(const std::string & BLSKeyName, const std::s
}
} catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl;
//std::cerr << " err str " << _e.errString << std::endl;
result["status"] = _e.status;
result["errorMessage"] = _e.errString;
......@@ -611,8 +634,10 @@ Json::Value GetBLSPublicKeyShareImpl(const std::string & BLSKeyName){
throw RPCException(INVALID_POLY_NAME, "Invalid BLSKey name");
}
std::shared_ptr<std::string> encryptedKeyHex_ptr = readFromDb(BLSKeyName);
if (DEBUG_PRINT) {
std::cerr << "encr_bls_key_share is " << *encryptedKeyHex_ptr << std::endl;
std::cerr << "length is " << encryptedKeyHex_ptr->length()<< std::endl;
std::cerr << "length is " << encryptedKeyHex_ptr->length() << std::endl;
}
std::vector<std::string> public_key_vect = GetBLSPubKey(encryptedKeyHex_ptr->c_str());
for ( uint8_t i = 0; i < 4; i++) {
result["BLSPublicKeyShare"][i] = public_key_vect.at(i);
......@@ -737,7 +762,9 @@ Json::Value SGXWalletServer::getPublicECDSAKey(const std::string &_keyName) {
Json::Value SGXWalletServer::ecdsaSignMessageHash(int base, const std::string &_keyName, const std::string &messageHash ) {
lock_guard<recursive_mutex> lock(m);
std::cerr << "entered ecdsaSignMessageHash" << std::endl;
if (DEBUG_PRINT) {
std::cerr << "MessageHash first " << messageHash << std::endl;
}
return ecdsaSignMessageHashImpl(base,_keyName, messageHash);
}
......@@ -834,6 +861,8 @@ void writeDataToDB(const string & Name, const string &value) {
}
levelDb->writeString(key, value);
if (DEBUG_PRINT) {
std::cerr << Name << " is written to db " << std::endl;
}
}
SGXWalletServer.h
View file @ ba1019c1
......@@ -31,7 +31,8 @@
#endif
EXTERNC int init_server(bool check_certs );
EXTERNC int init_https_server(bool check_certs );
EXTERNC int init_http_server();
......
SGXWalletServer.hpp
View file @ ba1019c1
......@@ -31,6 +31,7 @@
#include <mutex>
using namespace jsonrpc;
using namespace std;
......
ServerDataChecker.cpp
View file @ ba1019c1
......@@ -158,6 +158,10 @@ bool check_n_t ( const int t, const int n){
return false;
}
if (n > 32){
return false;
}
if ( t < 0 || n < 0){
return false;
}
......
ServerInit.cpp
View file @ ba1019c1
......@@ -55,9 +55,6 @@
#include <iostream>
void init_daemon() {
libff::init_alt_bn128_params();
......@@ -126,9 +123,14 @@ void init_all(bool check_cert, bool sign_automatically) {
sgxServerInited = 1;
init_server(check_cert);
if (is_sgx_https) {
init_https_server(check_cert);
init_registration_server(sign_automatically);
init_csrmanager_server();
}
else {
init_http_server();
}
init_enclave();
std::cerr << "enclave inited" << std::endl;
init_daemon();
......
secure_enclave/DKGUtils.cpp
View file @ ba1019c1
......@@ -107,7 +107,7 @@ std::vector<libff::alt_bn128_Fr> SplitStringToFr(const char* koefs, const char s
return tokens;
}
void gen_dkg_poly( char* secret, unsigned _t ){
int gen_dkg_poly( char* secret, unsigned _t ){
libff::init_alt_bn128_params();
std::string result;
for (size_t i = 0; i < _t; ++i) {
......@@ -121,9 +121,11 @@ void gen_dkg_poly( char* secret, unsigned _t ){
}
strncpy(secret, result.c_str(), result.length() + 1);
if (strlen(secret) == 0){
throw std::exception();
if (strlen(secret) == 0) {
return 1;
}
return 0;
}
libff::alt_bn128_Fr PolynomialValue(const std::vector<libff::alt_bn128_Fr>& pol, libff::alt_bn128_Fr point, unsigned _t) {
......@@ -149,6 +151,7 @@ void calc_secret_shares(const char* decrypted_koefs, char * secret_shares,
std::string result;
char symbol = ':';
std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, symbol);
for (size_t i = 0; i < _n; ++i) {
libff::alt_bn128_Fr secret_share = PolynomialValue(poly, libff::alt_bn128_Fr(i + 1), _t);
result += ConvertToString(secret_share);//stringFromFr(secret_share);
......@@ -158,12 +161,15 @@ void calc_secret_shares(const char* decrypted_koefs, char * secret_shares,
//strncpy(secret_shares, decrypted_koefs, 3650);
}
void calc_secret_share(const char* decrypted_koefs, char * s_share,
int calc_secret_share(const char* decrypted_koefs, char * s_share,
unsigned _t, unsigned _n, unsigned ind) {
libff::init_alt_bn128_params();
char symbol = ':';
std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, symbol);
if ( poly.size() != _t){
return 1;
}
libff::alt_bn128_Fr secret_share = PolynomialValue(poly, libff::alt_bn128_Fr(ind), _t);
std::string cur_share = ConvertToString(secret_share, 16);//stringFromFr(secret_share);
......@@ -171,6 +177,7 @@ void calc_secret_share(const char* decrypted_koefs, char * s_share,
cur_share.insert(0, n_zeroes, '0');
strncpy(s_share, cur_share.c_str(), cur_share.length() + 1);
return 0;
}
......@@ -195,12 +202,15 @@ void calc_secret_shareG2_old(const char* decrypted_koefs, char * s_shareG2,
//strncpy(s_shareG2, decrypted_koefs, 320);
}
void calc_secret_shareG2(const char* s_share, char * s_shareG2){
int calc_secret_shareG2(const char* s_share, char * s_shareG2){
libff::init_alt_bn128_params();
mpz_t share;
mpz_init(share);
mpz_set_str(share, s_share, 16);
if (mpz_set_str(share, s_share, 16) == -1){
mpz_clear(share);
return 1;
}
char arr[mpz_sizeinbase (share, 10) + 2];
char * share_str = mpz_get_str(arr, 10, share);
......@@ -214,15 +224,20 @@ void calc_secret_shareG2(const char* s_share, char * s_shareG2){
std::string secret_shareG2_str = ConvertG2ToString(secret_shareG2);
strncpy(s_shareG2, secret_shareG2_str.c_str(), secret_shareG2_str.length() + 1);
return 0;
}
void calc_public_shares(const char* decrypted_koefs, char * public_shares,
int calc_public_shares(const char* decrypted_koefs, char * public_shares,
unsigned _t) {
libff::init_alt_bn128_params();
// calculate for each node a list of public shares
std::string result;
char symbol = ':';
std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, symbol);
if (poly.size() != _t){
return 1;
}
for (size_t i = 0; i < _t; ++i) {
libff::alt_bn128_G2 pub_share = poly.at(i) * libff::alt_bn128_G2::one() ;
pub_share.to_affine_coordinates();
......@@ -230,6 +245,7 @@ void calc_public_shares(const char* decrypted_koefs, char * public_shares,
result += pub_share_str + ",";
}
strncpy(public_shares, result.c_str(), result.length());
return 0;
}
//extern "C" int __gmpz_set_str (mpz_ptr, const char *, int);
......@@ -237,7 +253,10 @@ std::string ConvertHexToDec(std::string hex_str){
mpz_t dec;
mpz_init(dec);
mpz_set_str(dec, hex_str.c_str(), 16);
if (mpz_set_str(dec, hex_str.c_str(), 16) == -1){
mpz_clear(dec);
return "false";
}
char arr[mpz_sizeinbase (dec, 10) + 2];
char * result = mpz_get_str(arr, 10, dec);
......@@ -260,11 +279,17 @@ int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int in
libff::alt_bn128_G2 pub_share;
uint64_t pos0 = share_length * i;
pub_share.X.c0 = libff::alt_bn128_Fq(ConvertHexToDec(pub_shares_str.substr(pos0, coord_length)).c_str());
pub_share.X.c1 = libff::alt_bn128_Fq(ConvertHexToDec(pub_shares_str.substr(pos0 + coord_length, coord_length)).c_str());
pub_share.Y.c0 = libff::alt_bn128_Fq(ConvertHexToDec(pub_shares_str.substr(pos0 + 2 * coord_length, coord_length)).c_str());
pub_share.Y.c1 = libff::alt_bn128_Fq(ConvertHexToDec(pub_shares_str.substr(pos0 + 3 * coord_length, coord_length)).c_str());
std::string x_c0_str = ConvertHexToDec(pub_shares_str.substr(pos0, coord_length));
std::string x_c1_str = ConvertHexToDec(pub_shares_str.substr(pos0 + coord_length, coord_length));
std::string y_c0_str = ConvertHexToDec(pub_shares_str.substr(pos0 + 2 * coord_length, coord_length));
std::string y_c1_str = ConvertHexToDec(pub_shares_str.substr(pos0 + 3 * coord_length, coord_length));
if (x_c0_str == "false" || x_c1_str == "false" || y_c0_str == "false" || y_c1_str == "false"){
return 2;
}
pub_share.X.c0 = libff::alt_bn128_Fq(x_c0_str.c_str());
pub_share.X.c1 = libff::alt_bn128_Fq(x_c1_str.c_str());
pub_share.Y.c0 = libff::alt_bn128_Fq(y_c0_str.c_str());
pub_share.Y.c1 = libff::alt_bn128_Fq(y_c1_str.c_str());
pub_share.Z = libff::alt_bn128_Fq2::one();
......@@ -320,17 +345,18 @@ int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int in
}
void calc_bls_public_key(char* skey_hex, char* pub_key){
int calc_bls_public_key(char* skey_hex, char* pub_key){
libff::init_alt_bn128_params();
mpz_t skey;
mpz_init(skey);
mpz_set_str(skey, skey_hex, 16);
if (mpz_set_str(skey, skey_hex, 16) == -1){
return 1;
}
char skey_dec[mpz_sizeinbase (skey, 10) + 2];
char * skey_str = mpz_get_str(skey_dec, 10, skey);
libff::alt_bn128_Fr bls_skey(skey_dec);
libff::alt_bn128_G2 public_key = bls_skey * libff::alt_bn128_G2::one();
......@@ -339,6 +365,10 @@ void calc_bls_public_key(char* skey_hex, char* pub_key){
std::string result = ConvertG2ToString(public_key);
strncpy(pub_key, result.c_str(), result.length());
mpz_clear(skey);
return 0;
}
......
secure_enclave/DKGUtils.h
View file @ ba1019c1
......@@ -32,24 +32,24 @@
#include <sgx_tgmp.h>
EXTERNC void gen_dkg_poly( char* secret, unsigned _t);
EXTERNC int gen_dkg_poly( char* secret, unsigned _t);
EXTERNC void calc_secret_shares(const char* decrypted_koefs, char * secret_shares,
unsigned _t, unsigned _n);
EXTERNC void calc_secret_share(const char* decrypted_koefs, char * s_share,
EXTERNC int calc_secret_share(const char* decrypted_koefs, char * s_share,
unsigned _t, unsigned _n, unsigned ind);
EXTERNC void calc_public_shares(const char* decrypted_koefs, char * public_shares,
EXTERNC int calc_public_shares(const char* decrypted_koefs, char * public_shares,
unsigned _t);
EXTERNC int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int ind);
EXTERNC void calc_bls_public_key(char* skey, char* pub_key);
EXTERNC int calc_bls_public_key(char* skey, char* pub_key);
EXTERNC void calc_secret_shareG2_old(const char* public_shares, char * s_shareG2,
unsigned _t, unsigned ind);
EXTERNC void calc_secret_shareG2(const char* s_share, char * s_shareG2);
EXTERNC int calc_secret_shareG2(const char* s_share, char * s_shareG2);
#endif //SGXD_DKGUTILS_H
secure_enclave/Makefile.am
View file @ ba1019c1
......@@ -65,7 +65,7 @@ ENCLAVE_KEY=$(ENCLAVE)_private.pem
AM_CPPFLAGS += -Wall -Wno-implicit-function-declaration $(TGMP_CPPFLAGS) -I./trusted_libff -I../trusted_libff -I../sgx-sdk-build/sgxsdk/include/libcxx \
-I../intel-sgx-ssl/Linux/package/include
AM_CXXFLAGS += -fno-builtin
AM_CXXFLAGS += -fno-builtin -fstack-protector-strong
## Additional files to remove with 'make clean'. This list needs
......
secure_enclave/Makefile.in
View file @ ba1019c1
......@@ -333,7 +333,8 @@ AM_CPPFLAGS = @SGX_ENCLAVE_CPPFLAGS@ -Wall \
-I./trusted_libff -I../trusted_libff \
-I../sgx-sdk-build/sgxsdk/include/libcxx \
-I../intel-sgx-ssl/Linux/package/include
AM_CXXFLAGS = @SGX_ENCLAVE_CXXFLAGS@ @SGX_ENCLAVE_CFLAGS@ -fno-builtin
AM_CXXFLAGS = @SGX_ENCLAVE_CXXFLAGS@ @SGX_ENCLAVE_CFLAGS@ -fno-builtin \
-fstack-protector-strong
AM_LDFLAGS = @SGX_ENCLAVE_LDFLAGS@ $(TGMP_LDFLAGS) -L./tgmp-build/lib \
-L../tgmp-build/lib
CLEANFILES = $(ENCLAVE).signed.so secure_enclave_t.c \
......
secure_enclave/secure_enclave.c
View file @ ba1019c1
......@@ -237,6 +237,7 @@ void get_public_ecdsa_key(int *err_status, char *err_string,
if (!point_cmp(Pkey, Pkey_test)){
snprintf(err_string, BUF_LEN,"Points are not equal");
*err_status = -11;
return;
}
int base = 16;
......@@ -266,6 +267,91 @@ void get_public_ecdsa_key(int *err_status, char *err_string,
point_clear(Pkey);
}
void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint32_t dec_len,
unsigned char* hash, char * sig_r, char * sig_s, uint8_t* sig_v, int base) {
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
char skey[ECDSA_SKEY_LEN];
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *)encrypted_key, NULL, 0, skey, &dec_len);
if (status != SGX_SUCCESS) {
*err_status = status;
snprintf(err_string, BUF_LEN,"sgx_unseal_data failed - encrypted_key with status %d", status);
return;
}
snprintf(err_string, BUF_LEN,"pr key is %s length %d ", skey, strlen(skey));
mpz_t skey_mpz;
mpz_init(skey_mpz);
if (mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE) == -1){
*err_status = -1;
snprintf(err_string, BUF_LEN ,"invalid secret key");
mpz_clear(skey_mpz);
return;
}
/*mpz_t test_skey;
mpz_init(test_skey);
mpz_set_str(test_skey, "4160780231445160889237664391382223604184857153814275770598791864649971919844", 10);
if(!mpz_cmp(skey,test_skey)){
snprintf(err_string, BUF_LEN,"keys are not equal ");
}*/
mpz_t msg_mpz;
mpz_init(msg_mpz);
if (mpz_set_str(msg_mpz, hash, 16) == -1){
*err_status = -1;
snprintf(err_string, BUF_LEN ,"invalid message hash");
mpz_clear(msg_mpz);
return;
}
//mpz_set_str(msg_mpz,"4b688df40bcedbe641ddb16ff0a1842d9c67ea1c3bf63f3e0471baa664531d1a", 16);
signature sign = signature_init();
signature_sign( sign, msg_mpz, skey_mpz, curve);
point Pkey = point_init();
signature_generate_key(Pkey, skey_mpz, curve);
if ( !signature_verify(msg_mpz, sign, Pkey, curve) ){
*err_status = -2;
snprintf(err_string, BUF_LEN,"signature is not verified! ");
return;
}
//char arr_x[mpz_sizeinbase (Pkey->x, 16) + 2];
//char* px = mpz_get_str(arr_x, 16, Pkey->x);
//snprintf(err_string, BUF_LEN,"pub key x %s ", arr_x);
char arr_m[mpz_sizeinbase (msg_mpz, 16) + 2];
char* msg = mpz_get_str(arr_m, 16, msg_mpz);
snprintf(err_string, BUF_LEN,"message is %s ", arr_m);
char arr_r[mpz_sizeinbase (sign->r, base) + 2];
char* r = mpz_get_str(arr_r, base, sign->r);
strncpy(sig_r, arr_r, 1024);
char arr_s[mpz_sizeinbase (sign->s, base) + 2];
char* s = mpz_get_str(arr_s, base, sign->s);
strncpy(sig_s, arr_s, 1024);
*sig_v = sign->v;
mpz_clear(skey_mpz);
mpz_clear(msg_mpz);
domain_parameters_clear(curve);
signature_clear(sign);
point_clear(Pkey);
}
void encrypt_key(int *err_status, char *err_string, char *key,
uint8_t *encrypted_key, uint32_t *enc_len) {
......@@ -346,6 +432,7 @@ void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
(const sgx_sealed_data_t *) encrypted_key, NULL, 0, (uint8_t *) key, &decLen);
if (status != SGX_SUCCESS) {
*err_status = status;
snprintf(err_string, BUF_LEN, "sgx_unseal_data failed with status %d", status);
return;
}
......@@ -420,7 +507,10 @@ void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_s
char* dkg_secret = (char*)malloc(DKG_BUFER_LENGTH);
gen_dkg_poly(dkg_secret, _t);
if (gen_dkg_poly(dkg_secret, _t) != 0 ){
*err_status = - 1;
return;
}
snprintf(err_string, BUF_LEN,"poly is %s ", dkg_secret);
......@@ -428,8 +518,10 @@ void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_s
sgx_status_t status = sgx_seal_data(0, NULL, DKG_BUFER_LENGTH, (uint8_t*)dkg_secret, sealedLen,(sgx_sealed_data_t*)encrypted_dkg_secret);
if( status != SGX_SUCCESS) {
if(status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"SGX seal data failed");
*err_status = status;
return;
}
*enc_len = sealedLen;
......@@ -445,6 +537,7 @@ void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_d
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"sgx_unseal_data - encrypted_dkg_secret failed with status %d", status);
*err_status = status;
return;
}
......@@ -486,92 +579,14 @@ void get_public_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg
}
//strncpy(err_string, decrypted_dkg_secret, 1024);
// strncpy(err_string, "before calc_public_shares ", 1024);
calc_public_shares(decrypted_dkg_secret, public_shares, _t);
free(decrypted_dkg_secret);
}
void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint32_t dec_len,
unsigned char* hash, char * sig_r, char * sig_s, uint8_t* sig_v, int base) {
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
char skey[ECDSA_SKEY_LEN];
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *)encrypted_key, NULL, 0, skey, &dec_len);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"sgx_unseal_data failed - encrypted_key with status %d", status);
return;
}
snprintf(err_string, BUF_LEN,"pr key is %s length %d ", skey, strlen(skey));
mpz_t skey_mpz;
mpz_init(skey_mpz);
if (mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE) == -1){
*err_status = 1;
snprintf(err_string, BUF_LEN ,"invalid secret key");
mpz_clear(skey_mpz);
return;
}
/*mpz_t test_skey;
mpz_init(test_skey);
mpz_set_str(test_skey, "4160780231445160889237664391382223604184857153814275770598791864649971919844", 10);
if(!mpz_cmp(skey,test_skey)){
snprintf(err_string, BUF_LEN,"keys are not equal ");
}*/
mpz_t msg_mpz;
mpz_init(msg_mpz);
if (mpz_set_str(msg_mpz, hash, 16) == -1){
*err_status = 1;
snprintf(err_string, BUF_LEN ,"invalid message hash");
mpz_clear(msg_mpz);
return;
}
//mpz_set_str(msg_mpz,"4b688df40bcedbe641ddb16ff0a1842d9c67ea1c3bf63f3e0471baa664531d1a", 16);
signature sign = signature_init();
signature_sign( sign, msg_mpz, skey_mpz, curve);
point Pkey = point_init();
signature_generate_key(Pkey, skey_mpz, curve);
if ( !signature_verify(msg_mpz, sign, Pkey, curve) ){
snprintf(err_string, BUF_LEN,"signature is not verified! ");
if ( calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0 ){
*err_status = -1;
snprintf(err_string, BUF_LEN,"t does not match polynomial in db");
return;
}
}
//char arr_x[mpz_sizeinbase (Pkey->x, 16) + 2];
//char* px = mpz_get_str(arr_x, 16, Pkey->x);
//snprintf(err_string, BUF_LEN,"pub key x %s ", arr_x);
char arr_m[mpz_sizeinbase (msg_mpz, 16) + 2];
char* msg = mpz_get_str(arr_m, 16, msg_mpz);
snprintf(err_string, BUF_LEN,"message is %s ", arr_m);
char arr_r[mpz_sizeinbase (sign->r, base) + 2];
char* r = mpz_get_str(arr_r, base, sign->r);
strncpy(sig_r, arr_r, 1024);
char arr_s[mpz_sizeinbase (sign->s, base) + 2];
char* s = mpz_get_str(arr_s, base, sign->s);
strncpy(sig_s, arr_s, 1024);
*sig_v = sign->v;
mpz_clear(skey_mpz);
mpz_clear(msg_mpz);
domain_parameters_clear(curve);
signature_clear(sign);
point_clear(Pkey);
}
void set_encrypted_dkg_poly(int *err_status, char *err_string, uint8_t* encrypted_poly){
......@@ -596,6 +611,9 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey,
uint32_t enc_len;
generate_ecdsa_key(err_status, err_string, encrypted_skey, &enc_len, pub_key_x, pub_key_y);
if ( *err_status != 0){
return;
}
// snprintf(err_string, BUF_LEN,"pub_key_x is %s", pub_key_x);
*dec_len = enc_len;
......@@ -605,6 +623,7 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey,
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"sgx_unseal_data failed - encrypted_skey with status %d", status);
*err_status = status;
return;
}
snprintf(err_string, BUF_LEN,"unsealed random skey is %s\n", skey);
......@@ -617,10 +636,18 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey,
char* s_share = (char *)malloc(65);
//char s_share[65];
calc_secret_share(Decrypted_dkg_poly, s_share, _t, _n, ind);
if (calc_secret_share(Decrypted_dkg_poly, s_share, _t, _n, ind) != 0){
*err_status = -1;
snprintf(err_string, BUF_LEN,"\nt does not match poly degree\n");
return;
}
snprintf(err_string + 88, BUF_LEN,"\nsecret share is %s", s_share);
calc_secret_shareG2(s_share, s_shareG2);
if (calc_secret_shareG2(s_share, s_shareG2) != 0){
*err_status = -1;
snprintf(err_string, BUF_LEN,"invalid decr secret share\n");
return;
}
char* cypher = (char *)malloc(65);
xor_encrypt(common_key, s_share, cypher);
......@@ -683,6 +710,7 @@ void dkg_verification(int *err_status, char* err_string, const char * public_sha
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *)encrypted_key, NULL, 0, (uint8_t*)skey, &key_len);
if (status != SGX_SUCCESS) {
*err_status = status;
snprintf(err_string, BUF_LEN,"sgx_unseal_key failed with status %d", status);
return;
}
......@@ -770,6 +798,7 @@ void create_bls_key(int *err_status, char* err_string, const char* s_shares,
if (common_key == NULL){
*err_status = 1;
snprintf(err_string, BUF_LEN ,"invalid common_key");
mpz_clear(sum);
return;
}
......@@ -782,6 +811,7 @@ void create_bls_key(int *err_status, char* err_string, const char* s_shares,
if (decr_sshare == NULL){
*err_status = 1;
snprintf(err_string, BUF_LEN ,"invalid common_key");
mpz_clear(sum);
return;
}
//decr_sshare[64] = 0;
......@@ -790,13 +820,12 @@ void create_bls_key(int *err_status, char* err_string, const char* s_shares,
//snprintf(err_string + 158 * i + 79, BUF_LEN," common_key is %s", common_key);
mpz_t decr_secret_share;
mpz_init(decr_secret_share);
if (mpz_set_str(decr_secret_share, decr_sshare, 16) == -1){
*err_status = 1;
snprintf(err_string, BUF_LEN ,"invalid decrypted secret share");
mpz_clear(decr_secret_share);
return;
}
......@@ -823,6 +852,9 @@ void create_bls_key(int *err_status, char* err_string, const char* s_shares,
if( status != SGX_SUCCESS) {
*err_status= -1;
snprintf(err_string, BUF_LEN,"seal bls private key failed with status %d ", status);
mpz_clear(bls_key);
mpz_clear(sum);
mpz_clear(q);
return;
}
*enc_bls_key_len = sealedLen;
......@@ -850,11 +882,16 @@ void get_bls_pub_key(int *err_status, char* err_string, uint8_t* encrypted_key,
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *)encrypted_key, NULL, 0, (uint8_t *)skey_hex, &len);
if (status != SGX_SUCCESS) {
*err_status = 1;
snprintf(err_string, BUF_LEN,"sgx_unseal_data failed with status %d", status);
return;
}
calc_bls_public_key(skey_hex, bls_pub_key);
if (calc_bls_public_key(skey_hex, bls_pub_key) != 0){
*err_status = -1;
snprintf(err_string, BUF_LEN,"could not calculate bls public key");
return;
}
}
......
sgxwallet.c
View file @ ba1019c1
......@@ -40,6 +40,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <stdbool.h>
void usage() {
fprintf(stderr, "usage: sgxwallet\n");
exit(1);
......@@ -61,12 +62,14 @@ int main(int argc, char *argv[]) {
exit(1);
}
while ((opt = getopt(argc, argv, "csh")) != -1) {
while ((opt = getopt(argc, argv, "cshd0")) != -1) {
switch (opt) {
case 'h':
if (strlen(argv[1]) == 2 ) {
fprintf(stderr, "-c client certificate will not be checked\n");
fprintf(stderr, "-s client certificate will be signed automatically\n");
printf(stderr, "-d turn on debug output\n");
printf(stderr, "-0 SGXWalletServer will be launched on http (not https)\n");
exit(0);
} else {
fprintf(stderr, "unknown flag %s\n", argv[1]);
......@@ -78,6 +81,12 @@ int main(int argc, char *argv[]) {
case 's':
sign_automatically = true;
break;
case 'd':
DEBUG_PRINT = 1;
break;
case '0':
is_sgx_https = 0;
break;
case '?': // fprintf(stderr, "unknown flag\n");
exit(1);
default:
......
sgxwallet.h
View file @ ba1019c1
......@@ -39,6 +39,4 @@ extern sgx_status_t status;
#define ENCLAVE_NAME "secure_enclave.signed.so"
#endif //SGXWALLET_SGXWALLET_H
sgxwallet_common.h
View file @ ba1019c1
......@@ -33,6 +33,9 @@
#include <stdbool.h>
extern int DEBUG_PRINT;
extern int is_sgx_https;
#define BUF_LEN 1024
#define MAX_KEY_LENGTH 128
......@@ -73,6 +76,7 @@
#define INVALID_ECDSA_KEY_NAME -20
#define INVALID_HEX -21
#define INVALID_ECSDA_SIGNATURE -22
#define ERROR_IN_ENCLAVE -33
......
testw.cpp
View file @ ba1019c1
......@@ -78,6 +78,10 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "BLSPublicKeyShare.h"
#include "BLSPublicKey.h"
#include <thread>
std::string stringFromFr(libff::alt_bn128_Fr& el) {
mpz_t t;
......@@ -741,17 +745,18 @@ std::string ConvertDecToHex(std::string dec, int numBytes = 32){
TEST_CASE("BLS_DKG test", "[bls_dkg]") {
is_sgx_https = 0;
std::cerr<< "test started" << std::endl;
init_all(false, false);
cerr << "Server inited" << endl;
HttpClient client("http://localhost:1028");
HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2);
cerr << "Client inited" << endl;
reset_db();
int n = 32, t = 32;
int n = 4, t = 4;
Json::Value EthKeys[n];
Json::Value VerifVects[n];
Json::Value pubEthKeys;
......@@ -792,16 +797,24 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") {
std::vector < std::string> secShares_vect(n);
std::vector <std::string> pSharesBad(pubShares);
for ( int i = 0; i < n; i++)
for ( int j = 0; j < n; j++){
// if ( i != j ){
std::cerr << "SecretShare length is " << secretShares[i]["SecretShare"].asString().length() << std::endl;
std::string secretShare = secretShares[i]["SecretShare"].asString().substr(192*j, 192 * (j+1));
secShares_vect[i] += secretShares[j]["SecretShare"].asString().substr(192*i, 192 * (i+1));
std::string secretShare = secretShares[i]["SecretShare"].asString().substr(192*j, 192);
secShares_vect[i] += secretShares[j]["SecretShare"].asString().substr(192*i, 192);
bool res = c.DKGVerification(pubShares[i], EthKeys[j]["KeyName"].asString(), secretShare, t, n, j)["result"].asBool();
k++;
std::cerr << "NOW K IS " << k << " i is " << i << " j is " << j << std::endl;
REQUIRE( res );
REQUIRE(res);
pSharesBad[i][0] = 'q';
Json::Value wrongVerif = c.DKGVerification(pSharesBad[i], EthKeys[j]["KeyName"].asString(), secretShare, t, n, j);
res = wrongVerif["result"].asBool();
REQUIRE(!res);
std::cerr << "wrong verification " << wrongVerif << std::endl;
// }
}
......@@ -855,7 +868,8 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") {
}
TEST_CASE("API test", "[api_test]") {
//DEBUG_PRINT = 1;
is_sgx_https = 0;
//std::cerr << __GNUC__ << std::endl;
cerr << "API test started" << endl;
init_all(false, false);
......@@ -864,7 +878,7 @@ TEST_CASE("API test", "[api_test]") {
// JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
// s.StartListening();
cerr << "Server inited" << endl;
HttpClient client("http://localhost:1027");
HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2);
cerr << "Client inited" << endl;
......@@ -884,7 +898,11 @@ TEST_CASE("API test", "[api_test]") {
//cout << c.importBLSKeyShare("4160780231445160889237664391382223604184857153814275770598791864649971919844","BLS_KEY:SCHAIN_ID:2660016693368503500803087136248943520694587309641817:NODE_ID:33909:DKG_ID:3522960548719023733985054069487289468077787284706573", 4, 3,1);
// cout << c.generateECDSAKey() << endl;
Json::Value genKey = c.generateECDSAKey();
cout << genKey << endl;
cout << c.ecdsaSignMessageHash(16, genKey["KeyName"].asString(),"0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db" );
Json::Value getPubKey = c.getPublicECDSAKey(genKey["KeyName"].asString());
cout << getPubKey << std::endl;
// cout << c.renameESDSAKey("NODE_1CHAIN_1","tmp_NEK:bcacde0d26c0ea2c7e649992e7f791e1fba2492f5b7ae63dadb799075167c7fc");
// cout<<c.getPublicECDSAKey("NEK:7ca98cf32fd1edba26ea685820719fd2201b068a10c1264d382abbde13802a0e");
//cout << c.ecdsaSignMessageHash(16, "NEK:697fadfc597bdbfae9ffb7412b80939e848c9c2fec2657bb2122b6d0d4a0dca8","0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db" );
......@@ -948,7 +966,7 @@ TEST_CASE("API test", "[api_test]") {
// cout << c.GetBLSPublicKeyShare("BLS_KEY:SCHAIN_ID:1:NODE_ID:1:DKG_ID:0");
// cout << c.getPublicECDSAKey("NEK:91573248d6b0ebd5b1bd313ab35163361b423c0f9f01bad085d166650b8b2c1f");
cout << c.MultG2("4160780231445160889237664391382223604184857153814275770598791864649971919844");
//cout << c.MultG2("4160780231445160889237664391382223604184857153814275770598791864649971919844");
} catch (JsonRpcException &e) {
cerr << e.what() << endl;
......@@ -957,9 +975,210 @@ TEST_CASE("API test", "[api_test]") {
}
TEST_CASE("getServerStatus test", "[getServerStatus_test]") {
is_sgx_https = 0;
init_all( false, false );
HttpClient client("http://localhost:1026");
HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2);
REQUIRE(c.getServerStatus()["status"] == 0);
sgx_destroy_enclave(eid);
}
std::default_random_engine rand_gen((unsigned int) time(0));
void SendRPCRequest(){
std::cout << "Hello from thread " << std::this_thread::get_id() << std::endl;
HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2);
reset_db();
int n = 2, t = 2;
Json::Value EthKeys[n];
Json::Value VerifVects[n];
Json::Value pubEthKeys;
Json::Value secretShares[n];
Json::Value pubBLSKeys[n];
Json::Value BLSSigShares[n];
std::vector<std::string> pubShares(n);
std::vector<std::string> poly_names(n);
int schain_id = rand_gen();
int dkg_id = rand_gen();
for ( uint8_t i = 0; i < n; i++){
EthKeys[i] = c.generateECDSAKey();
std::string polyName = "POLY:SCHAIN_ID:" + std::to_string(schain_id) + ":NODE_ID:" + std::to_string(i) + ":DKG_ID:" + std::to_string(dkg_id);
c.generateDKGPoly(polyName, t);
poly_names[i] = polyName;
VerifVects[i] = c.getVerificationVector(polyName, t, n);
cout << "VV " << i << " " << VerifVects[i] << std::endl;
pubEthKeys.append(EthKeys[i]["PublicKey"]);
}
for ( uint8_t i = 0; i < n; i++){
secretShares[i] = c.getSecretShare(poly_names[i], pubEthKeys, t, n);
for ( uint8_t k = 0; k < t; k++ ) {
for (uint8_t j = 0; j < 4; j++) {
std::string pubShare = VerifVects[i]["Verification Vector"][k][j].asString();
pubShares[i] += ConvertDecToHex(pubShare);
}
}
// std::cerr << "i is " << i << " pubShares[i] = " << pubShares[i] << std::endl;
// std::cerr << "length is" << pubShares[i].length() << std::endl;
}
// Json::Value ComplaintResponse = c.ComplaintResponse(poly_names[1], 0);
// std::cerr << "share * G2 is " << ComplaintResponse["share*G2"].asString();
// std::cerr << "DHKey is " << ComplaintResponse["DHKey"].asString();
int k = 0;
std::vector <std::string> secShares_vect(n);
for ( int i = 0; i < n; i++)
for ( int j = 0; j < n; j++){
if ( i != j ){
std::cerr << "SecretShare length is " << secretShares[i]["SecretShare"].asString().length() << std::endl;
std::string secretShare = secretShares[i]["SecretShare"].asString().substr(192*j, 192 );
secShares_vect[i] += secretShares[j]["SecretShare"].asString().substr(192*i, 192 );
bool res = c.DKGVerification(pubShares[i], EthKeys[j]["KeyName"].asString(), secretShare, t, n, j)["result"].asBool();
k++;
std::cerr << "NOW K IS " << k << " i is " << i << " j is " << j << std::endl;
REQUIRE( res );
}
}
}
TEST_CASE("ManySimultaneousThreads", "[many_threads_test]") {
is_sgx_https = 0;
init_all( false, false );
std::vector<std::thread> threads;
int num_threads = 16;
for (int i = 0; i < num_threads; i++){
threads.push_back(std::thread(SendRPCRequest));
}
for(auto& thread : threads){
thread.join();
}
sgx_destroy_enclave(eid);
}
TEST_CASE("ecdsa API test", "[ecdsa_api_test]") {
//DEBUG_PRINT = 1;
is_sgx_https = 0;
cerr << "ecdsa_api_test started" << endl;
init_all(false, false);
cerr << "Server inited" << endl;
HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2);
cerr << "Client inited" << endl;
Json::Value genKey = c.generateECDSAKey();
REQUIRE(genKey["status"].asInt() == 0);
cout << genKey << endl;
Json::Value ecdsaSign = c.ecdsaSignMessageHash(16, genKey["KeyName"].asString(), "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db");
REQUIRE(ecdsaSign["status"].asInt() == 0);
cout << ecdsaSign << std::endl;
Json::Value getPubKey = c.getPublicECDSAKey(genKey["KeyName"].asString());
REQUIRE(getPubKey["status"].asInt() == 0);
cout << getPubKey << std::endl;
//wrong base
Json::Value ecdsaSignWrongBase = c.ecdsaSignMessageHash(0, genKey["KeyName"].asString(), "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db");
cout << ecdsaSignWrongBase << std::endl;
REQUIRE(ecdsaSignWrongBase["status"].asInt() != 0);
//wrong keyName
Json::Value ecdsaSignWrongKeyName = c.ecdsaSignMessageHash(0, "", "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db");
cout << ecdsaSignWrongKeyName << std::endl;
REQUIRE(ecdsaSignWrongKeyName["status"].asInt() != 0);
Json::Value getPubKeyWrongKeyName = c.getPublicECDSAKey("keyName");
REQUIRE(getPubKeyWrongKeyName["status"].asInt() != 0);
cout << getPubKeyWrongKeyName << std::endl;
//wrong hash
Json::Value ecdsaSignWrongHash = c.ecdsaSignMessageHash(16, genKey["KeyName"].asString(), "");
cout << ecdsaSignWrongHash << std::endl;
REQUIRE(ecdsaSignWrongHash["status"].asInt() != 0);
sgx_destroy_enclave(eid);
}
TEST_CASE("dkg API test", "[dkg_api_test]") {
// DEBUG_PRINT = 1;
is_sgx_https = 0;
cerr << "dkg_api_test started" << endl;
init_all(false, false);
cerr << "Server inited" << endl;
HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2);
cerr << "Client inited" << endl;
reset_db();
std::string polyName = "POLY:SCHAIN_ID:1:NODE_ID:1:DKG_ID:1";
Json::Value genPoly = c.generateDKGPoly(polyName, 2);
Json::Value publicKeys;
publicKeys.append("505f55a38f9c064da744f217d1cb993a17705e9839801958cda7c884e08ab4dad7fd8d22953d3ac7f0913de24fd67d7ed36741141b8a3da152d7ba954b0f14e2");
publicKeys.append("378b3e6fdfe2633256ae1662fcd23466d02ead907b5d4366136341cea5e46f5a7bb67d897d6e35f619810238aa143c416f61c640ed214eb9c67a34c4a31b7d25");
// wrongName
Json::Value genPolyWrongName = c.generateDKGPoly("poly", 2);
REQUIRE(genPolyWrongName["status"].asInt() != 0);
cout << genPolyWrongName << endl;
Json::Value verifVectWrongName = c.getVerificationVector("poly", 2, 2);
REQUIRE(verifVectWrongName["status"].asInt() != 0);
cout << verifVectWrongName << endl;
Json::Value secretSharesWrongName = c.getSecretShare("poly", publicKeys, 2, 2);
REQUIRE(secretSharesWrongName["status"].asInt() != 0);
cout << secretSharesWrongName << endl;
// wrong_t
Json::Value genPolyWrong_t = c.generateDKGPoly(polyName, 33);
REQUIRE(genPolyWrong_t["status"].asInt() != 0);
cout << genPolyWrong_t << endl;
Json::Value verifVectWrong_t = c.getVerificationVector(polyName, 1, 2);
REQUIRE(verifVectWrong_t["status"].asInt() != 0);
cout << verifVectWrong_t << endl;
Json::Value secretSharesWrong_t = c.getSecretShare(polyName, publicKeys, 3, 3);
REQUIRE(secretSharesWrong_t["status"].asInt() != 0);
cout << secretSharesWrong_t << endl;
// wrong_n
Json::Value verifVectWrong_n = c.getVerificationVector(polyName, 2, 1);
REQUIRE(verifVectWrong_n["status"].asInt() != 0);
cout << verifVectWrong_n << endl;
Json::Value publicKeys1;
publicKeys1.append("505f55a38f9c064da744f217d1cb993a17705e9839801958cda7c884e08ab4dad7fd8d22953d3ac7f0913de24fd67d7ed36741141b8a3da152d7ba954b0f14e2");
Json::Value secretSharesWrong_n = c.getSecretShare(polyName, publicKeys1, 2, 1);
REQUIRE(secretSharesWrong_n["status"].asInt() != 0);
cout << secretSharesWrong_n << endl;
//wrong number of publicKeys
Json::Value secretSharesWrongPkeys = c.getSecretShare(polyName, publicKeys, 2, 3);
REQUIRE(secretSharesWrongPkeys["status"].asInt() != 0);
cout << secretSharesWrongPkeys << endl;
//wrong verif
Json::Value Skeys = c.getSecretShare(polyName, publicKeys, 2, 2);
Json::Value verifVect = c.getVerificationVector(polyName, 2, 2);
Json::Value verificationWrongSkeys = c.DKGVerification("","","",2, 2, 1);
REQUIRE(verificationWrongSkeys["status"].asInt() != 0);
cout << verificationWrongSkeys << endl;
sgx_destroy_enclave(eid);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment