Skip to content

S
sgxwallet
Unverified Commit c1002f5f authored by Stan Kladko's avatar Stan Kladko Committed by GitHub
Browse files
Options

Merge pull request #173 from skalenetwork/SKALE-3228-fix-sgx 

Skale 3228 fix sgx
parents 0588fd88 7d36d45c
Hide whitespace changes
Inline Side-by-side
Showing with 275 additions and 91 deletions
CMakeLists.txt
View file @ c1002f5f
......@@ -20,7 +20,7 @@ add_executable(sgxwallet
secure_enclave/DHDkg.h
secure_enclave/DKGUtils.cpp
secure_enclave/DKGUtils.h
secure_enclave/DomainParameters.c
secure_enclave/DomainParameters.cpp
secure_enclave/DomainParameters.h
secure_enclave/EnclaveConstants.h
secure_enclave/NumberTheory.c
......
ECDSAImpl.c
View file @ c1002f5f
#include "secure_enclave/Point.c"
#include "secure_enclave/DomainParameters.c"
#include "secure_enclave/DomainParameters.cpp"
#include "secure_enclave/NumberTheory.c"
#include "secure_enclave/Signature.c"
#include "secure_enclave/Curves.c"
LevelDB.cpp
View file @ c1002f5f
......@@ -154,17 +154,16 @@ std::vector<string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){
return keys;
}
void LevelDB::writeDataUnique(const string & Name, const string &value) {
auto key = Name;
void LevelDB::writeDataUnique(const string & name, const string &value) {
auto key = name;
if (readString(Name) != nullptr) {
spdlog::debug("name {}",Name, " already exists");
if (readString(name)) {
spdlog::debug("Name {} already exists", name);
throw SGXException(KEY_SHARE_ALREADY_EXISTS, "Data with this name already exists");
}
writeString(key, value);
}
......
Makefile.am
View file @ c1002f5f
......@@ -64,6 +64,7 @@ bin_PROGRAMS = sgxwallet testw cert_util
## You can't use $(wildcard ...) with automake so all source files
## have to be explicitly listed.
## have to be explicitly listed
COMMON_SRC = InvalidStateException.cpp Exception.cpp InvalidArgumentException.cpp Log.cpp \
SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp BLSCrypto.cpp \
......
SEKManager.cpp
View file @ c1002f5f
......@@ -70,10 +70,15 @@ void create_test_key() {
}
shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {
void validate_SEK() {
shared_ptr <string> test_key_ptr = LevelDB::getLevelDb()->readString("TEST_KEY");
vector <uint8_t> encr_test_key(BUF_LEN, 0);
uint64_t len;
vector<char> decr_key(BUF_LEN, 0);
uint64_t len = 0;
vector<char> errMsg(BUF_LEN, 0);
int err_status = 0;
if (!hex2carray(test_key_ptr->c_str(), &len, encr_test_key.data(),
BUF_LEN)) {
......@@ -81,19 +86,7 @@ shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {
exit(-1);
}
vector<char> decr_key(1024, 0);
vector<char> errMsg(1024, 0);
int err_status = 0;
auto encrypted_SEK = make_shared < vector < uint8_t >> (1024, 0);
uint32_t l = len;
sgx_status_t status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encrypted_SEK->data(), &l, SEK.c_str());
HANDLE_TRUSTED_FUNCTION_ERROR(status, err_status, errMsg.data());
status = trustedDecryptKeyAES(eid, &err_status, errMsg.data(), encr_test_key.data(), len, decr_key.data());
sgx_status_t status = trustedDecryptKeyAES(eid, &err_status, errMsg.data(), encr_test_key.data(), len, decr_key.data());
HANDLE_TRUSTED_FUNCTION_ERROR(status, err_status, errMsg.data());
......@@ -105,9 +98,28 @@ shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {
spdlog::error("Then run sgxwallet using backup flag");
exit(-1);
}
}
shared_ptr <vector<uint8_t>> check_and_set_SEK(const string &SEK) {
vector<char> decr_key(BUF_LEN, 0);
vector<char> errMsg(BUF_LEN, 0);
int err_status = 0;
auto encrypted_SEK = make_shared < vector < uint8_t >> (BUF_LEN, 0);
uint32_t l = 0;
sgx_status_t status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encrypted_SEK->data(), &l,
SEK.c_str());
encrypted_SEK->resize(l);
HANDLE_TRUSTED_FUNCTION_ERROR(status, err_status, errMsg.data());
validate_SEK();
return encrypted_SEK;
}
......@@ -134,6 +146,8 @@ void gen_SEK() {
carray2Hex(encrypted_SEK.data(), enc_len, hexEncrKey.data(), 2 * enc_len + 1);
spdlog::info(string("Encrypted storage encryption key:") + hexEncrKey.data());
ofstream sek_file(BACKUP_PATH);
sek_file.clear();
......@@ -159,6 +173,15 @@ void gen_SEK() {
LevelDB::getLevelDb()->writeDataUnique("SEK", hexEncrKey.data());
create_test_key();
validate_SEK();
shared_ptr <string> encrypted_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
setSEK(encrypted_SEK_ptr);
validate_SEK();
}
void setSEK(shared_ptr <string> hex_encrypted_SEK) {
......@@ -181,6 +204,10 @@ void setSEK(shared_ptr <string> hex_encrypted_SEK) {
HANDLE_TRUSTED_FUNCTION_ERROR(status, err_status, errMsg.data());
validate_SEK();
}
#include "experimental/filesystem"
......
SGXWalletServer.cpp
View file @ c1002f5f
......@@ -243,6 +243,7 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin
}
value = readFromDb(_keyShareName);
if (!bls_sign(value->c_str(), _messageHash.c_str(), t, n, signature.data())) {
throw SGXException(-1, "Could not sign data ");
}
......
ServerDataChecker.cpp
View file @ c1002f5f
......@@ -72,7 +72,7 @@ bool checkECDSAKeyName(const string& keyName) {
bool checkHex(const string& hex, const uint32_t sizeInBytes){
if ( hex.length() > sizeInBytes * 2 || hex.length() == 0){
spdlog::error("key is too long or zero - ", hex.length());
spdlog::error("key is too long or zero {} ", hex.length());
return false;
}
......
ServerInit.cpp
View file @ c1002f5f
......@@ -137,12 +137,15 @@ void initAll(uint32_t _logLevel, bool _checkCert, bool _autoSign) {
sgxServerInited = true;
} catch (SGXException &_e) {
spdlog::error(_e.getMessage());
exit(-1);
} catch (exception &_e) {
spdlog::error(_e.what());
exit(-1);
}
catch (...) {
exception_ptr p = current_exception();
printf("Exception %s \n", p.__cxa_exception_type()->name());
spdlog::error("Unknown exception");
exit (-1);
}
};
secure_enclave/AESUtils.c
View file @ c1002f5f
......@@ -29,6 +29,9 @@
#include "AESUtils.h"
sgx_aes_gcm_128bit_key_t AES_key;
sgx_aes_gcm_128bit_key_t AES_DH_key;
int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrLen) {
if (!message) {
......@@ -41,7 +44,7 @@ int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrLen) {
return -2;
}
uint64_t len = strlen(message);
uint64_t len = strlen(message) + 1;
if (len + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE > encrLen ) {
LOG_ERROR("Output buffer too small");
......@@ -95,3 +98,84 @@ int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t
return status;
}
int AES_encrypt_DH(char *message, uint8_t *encr_message, uint64_t encrLen) {
if (!message) {
LOG_ERROR("Null message in AES_encrypt_DH");
return -1;
}
if (!encr_message) {
LOG_ERROR("Null encr message in AES_encrypt_DH");
return -2;
}
uint64_t len = strlen(message) + 1;
if (len + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE > encrLen ) {
LOG_ERROR("Output buffer too small");
return -3;
}
sgx_read_rand(encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE);
sgx_status_t status = sgx_rijndael128GCM_encrypt(&AES_DH_key, (uint8_t*)message, strlen(message),
encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE,
encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
NULL, 0,
(sgx_aes_gcm_128bit_tag_t *) encr_message);
return status;
}
int AES_decrypt_DH(uint8_t *encr_message, uint64_t length, char *message, uint64_t msgLen) {
if (!message) {
LOG_ERROR("Null message in AES_encrypt_DH");
return -1;
}
if (!encr_message) {
LOG_ERROR("Null encr message in AES_encrypt_DH");
return -2;
}
if (length < SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE) {
LOG_ERROR("length < SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE");
return -1;
}
uint64_t len = length - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE;
if (msgLen < len) {
LOG_ERROR("Output buffer not large enough");
return -2;
}
sgx_status_t status = sgx_rijndael128GCM_decrypt(&AES_DH_key,
encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE, len,
(unsigned char*) message,
encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
NULL, 0,
(sgx_aes_gcm_128bit_tag_t *)encr_message);
return status;
}
void derive_DH_Key() {
memcpy(AES_DH_key, AES_key, SGX_AESGCM_KEY_SIZE );
/*AES_DH_key[1] = 1;AES_DH_key[2] = 2;*/
}
secure_enclave/AESUtils.h
View file @ c1002f5f
......@@ -24,10 +24,16 @@
#ifndef SGXD_AESUTILS_H
#define SGXD_AESUTILS_H
sgx_aes_gcm_128bit_key_t AES_key;
extern sgx_aes_gcm_128bit_key_t AES_key;
extern sgx_aes_gcm_128bit_key_t AES_DH_key;
int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrLen);
int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t msgLen) ;
int AES_encrypt_DH(char *message, uint8_t *encr_message, uint64_t encrLen);
int AES_decrypt_DH(uint8_t *encr_message, uint64_t length, char *message, uint64_t msgLen) ;
void derive_DH_Key();
#endif //SGXD_AESUTILS_H
secure_enclave/DomainParameters.c secure_enclave/DomainParameters.cpp
View file @ c1002f5f
......@@ -31,10 +31,13 @@
#include <../tgmp-build/include/sgx_tgmp.h>
#endif
#include <stdint.h>
#include <stdlib.h>
#include <stdbool.h>
#include <string.h>
#include "EnclaveCommon.h"
#include "Point.h"
#include "DomainParameters.h"
#define CHECK_ARG_ABORT(_EXPRESSION_) \
......@@ -46,16 +49,27 @@
/*Initialize a curve*/
domain_parameters domain_parameters_init()
{
domain_parameters curve;
curve = calloc(sizeof(struct domain_parameters_s),1);
curve = (domain_parameters) calloc(sizeof(struct domain_parameters_s),1);
CHECK_ARG_ABORT(curve);
//Initialize all members
mpz_init(curve->p);
mpz_init(curve->a);
mpz_init(curve->b);
mpz_init(curve->n);
mpz_init(curve->h);
curve->G = point_init();
mpz_init(curve->n);
mpz_init(curve->h);
CHECK_ARG_ABORT(curve->G);
return curve;
}
......
secure_enclave/EnclaveCommon.cpp
View file @ c1002f5f
......@@ -173,14 +173,25 @@ void enclave_init() {
return;
inited = 1;
LOG_INFO("Initing libff");
try {
LOG_INFO("Initing params");
libff::init_alt_bn128_params();
LOG_INFO("Initing curve");
curve = domain_parameters_init();
LOG_INFO("Initing curve domain");
domain_parameters_load_curve(curve, secp256k1);
} catch (exception& e) {
LOG_ERROR("Exception in libff init");
LOG_ERROR(e.what());
abort();
} catch (...) {
LOG_ERROR("Unknown exception in libff");
abort();
}
LOG_INFO("Inited libff");
}
......@@ -345,19 +356,19 @@ void logMsg(log_level _level, const char *_msg) {
}
EXTERNC void LOG_INFO(const char *_msg) {
void LOG_INFO(const char *_msg) {
logMsg(L_INFO, _msg);
};
EXTERNC void LOG_WARN(const char *_msg) {
void LOG_WARN(const char *_msg) {
logMsg(L_WARNING, _msg);
};
EXTERNC void LOG_ERROR(const char *_msg) {
void LOG_ERROR(const char *_msg) {
logMsg(L_ERROR, _msg);
};
EXTERNC void LOG_DEBUG(const char *_msg) {
void LOG_DEBUG(const char *_msg) {
logMsg(L_DEBUG, _msg);
};
EXTERNC void LOG_TRACE(const char *_msg) {
void LOG_TRACE(const char *_msg) {
logMsg(L_TRACE, _msg);
};
secure_enclave/Makefile.am
View file @ c1002f5f
......@@ -83,8 +83,8 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h
secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
secure_enclave.c \
Curves.c DomainParameters.c NumberTheory.c Point.c Signature.c DHDkg.c AESUtils.c \
DKGUtils.cpp EnclaveCommon.cpp ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
Curves.c NumberTheory.c Point.c Signature.c DHDkg.c AESUtils.c \
DKGUtils.cpp EnclaveCommon.cpp DomainParameters.cpp ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
......
secure_enclave/Makefile.in
View file @ c1002f5f
......@@ -108,9 +108,9 @@ PROGRAMS = $(libexec_PROGRAMS)
am__objects_1 =
am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \
secure_enclave.$(OBJEXT) Curves.$(OBJEXT) \
DomainParameters.$(OBJEXT) NumberTheory.$(OBJEXT) \
Point.$(OBJEXT) Signature.$(OBJEXT) DHDkg.$(OBJEXT) \
AESUtils.$(OBJEXT) DKGUtils.$(OBJEXT) EnclaveCommon.$(OBJEXT) \
NumberTheory.$(OBJEXT) Point.$(OBJEXT) Signature.$(OBJEXT) \
DHDkg.$(OBJEXT) AESUtils.$(OBJEXT) DKGUtils.$(OBJEXT) \
EnclaveCommon.$(OBJEXT) DomainParameters.$(OBJEXT) \
alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \
alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1)
secure_enclave_OBJECTS = $(am_secure_enclave_OBJECTS)
......@@ -337,8 +337,8 @@ ENCLAVE_CONFIG = $(ENCLAVE).config.xml
ENCLAVE_KEY = test_insecure_private_key.pem #$(ENCLAVE)_private.pem
secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
secure_enclave.c \
Curves.c DomainParameters.c NumberTheory.c Point.c Signature.c DHDkg.c AESUtils.c \
DKGUtils.cpp EnclaveCommon.cpp ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
Curves.c NumberTheory.c Point.c Signature.c DHDkg.c AESUtils.c \
DKGUtils.cpp EnclaveCommon.cpp DomainParameters.cpp ../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
../third_party/SCIPR/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
......
secure_enclave/secure_enclave.c
View file @ c1002f5f
......@@ -136,8 +136,13 @@ void trustedEnclaveInit(uint32_t _logLevel) {
mp_get_memory_functions(NULL, &gmp_realloc_func, &gmp_free_func);
mp_set_memory_functions(NULL, oc_realloc_func, oc_free_func);
LOG_INFO("Reading random");
LOG_INFO("Calling enclave init");
enclave_init();
LOG_INFO("Reading random");
globalRandom = calloc(32,1);
......@@ -149,11 +154,6 @@ void trustedEnclaveInit(uint32_t _logLevel) {
abort();
}
LOG_INFO("Calling enclave init");
enclave_init();
LOG_INFO("Successfully inited enclave. Signed enclave version:" SIGNED_ENCLAVE_VERSION );
#ifndef SGX_DEBUG
LOG_INFO("SECURITY WARNING: sgxwallet is running in INSECURE DEBUG MODE! NEVER USE IN PRODUCTION!");
......@@ -242,7 +242,7 @@ void sealHexSEK(int *errStatus, char *errString,
CHECK_STATE(strnlen(sek_hex, 33) == 32)
uint64_t plaintextLen = strlen(sek_hex + 1);
uint64_t plaintextLen = strlen(sek_hex) + 1;
uint64_t sealedLen = sgx_calc_sealed_data_size(0, plaintextLen);
......@@ -292,6 +292,7 @@ void trustedGenerateSEK(int *errStatus, char *errString,
carray2Hex((uint8_t*) SEK_raw, SGX_AESGCM_KEY_SIZE, sek_hex);
memcpy(AES_key, SEK_raw, SGX_AESGCM_KEY_SIZE);
derive_DH_Key();
sealHexSEK(errStatus, errString, encrypted_sek, enc_len, sek_hex);
......@@ -331,6 +332,7 @@ void trustedSetSEK(int *errStatus, char *errString, uint8_t *encrypted_sek) {
hex2carray(aes_key_hex, &len, (uint8_t *) AES_key);
derive_DH_Key();
SET_SUCCESS
clean:
......@@ -349,6 +351,7 @@ void trustedSetSEK_backup(int *errStatus, char *errString,
uint64_t len;
hex2carray(sek_hex, &len, (uint8_t *) AES_key);
derive_DH_Key();
sealHexSEK(errStatus, errString, encrypted_sek, enc_len, (char *)sek_hex);
......@@ -607,7 +610,7 @@ void trustedDecryptKeyAES(int *errStatus, char *errString, uint8_t *encryptedPri
*errStatus = -9;
int status = AES_decrypt(encryptedPrivateKey, enc_len, key, 3072);
int status = AES_decrypt_DH(encryptedPrivateKey, enc_len, key, 3072);
if (status != 0) {
*errStatus = status;
......@@ -644,7 +647,7 @@ void trustedEncryptKeyAES(int *errStatus, char *errString, const char *key,
*errStatus = UNKNOWN_ERROR;
int status = AES_encrypt((char *)key, encryptedPrivateKey, BUF_LEN);
int status = AES_encrypt_DH((char *)key, encryptedPrivateKey, BUF_LEN);
CHECK_STATUS2("AES encrypt failed with status %d");
......@@ -652,7 +655,7 @@ void trustedEncryptKeyAES(int *errStatus, char *errString, const char *key,
SAFE_CHAR_BUF(decryptedKey, BUF_LEN);
status = AES_decrypt(encryptedPrivateKey, *enc_len, decryptedKey, BUF_LEN);
status = AES_decrypt_DH(encryptedPrivateKey, *enc_len, decryptedKey, BUF_LEN);
CHECK_STATUS2("trustedDecryptKey failed with status %d");
......
secure_enclave/secure_enclave.config.xml.sim
View file @ c1002f5f
......@@ -2,10 +2,10 @@
<ProdID>0</ProdID>
<ISVSVN>0</ISVSVN>
<StackMaxSize>0x1000000</StackMaxSize>
<HeapMaxSize>0x10000000</HeapMaxSize>
<TCSNum>32</TCSNum>
<TCSMaxNum>32</TCSMaxNum>
<TCSMinPool>32</TCSMinPool>
<HeapMaxSize>0x1000000</HeapMaxSize>
<TCSNum>16</TCSNum>
<TCSMaxNum>16</TCSMaxNum>
<TCSMinPool>16</TCSMinPool>
<TCSPolicy>0</TCSPolicy>
<!-- Recommend changing 'DisableDebug' to 1 to make the enclave undebuggable for enclave release -->
<DisableDebug>0</DisableDebug>
......
sgxwallet.c
View file @ c1002f5f
......@@ -36,5 +36,5 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "sgxwallet.h"
sgx_launch_token_t token = {0};
sgx_enclave_id_t eid;
int updated;
sgx_enclave_id_t eid = 0;
int updated = 0;
testw.cpp
View file @ c1002f5f
......@@ -98,7 +98,7 @@ public:
class TestFixtureNoResetFromBackup {
public:
TestFixtureNoResetFromBackup() {
setFullOptions(L_INFO, false, true, true );
setFullOptions(L_INFO, false, true, true);
initAll(L_INFO, false, true);
}
......@@ -123,7 +123,7 @@ public:
TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes-key-sig-gen]") {
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
vector<uint8_t> encrPrivKey(BUF_LEN, 0);
vector <uint8_t> encrPrivKey(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0);
......@@ -141,7 +141,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes
uint8_t signatureV = 0;
for (int i=0; i < 50; i++) {
for (int i = 0; i < 50; i++) {
PRINT_SRC_LINE
status = trustedEcdsaSignAES(eid, &errStatus, errMsg.data(), encrPrivKey.data(), encLen,
hex.data(),
......@@ -157,7 +157,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes
TEST_CASE_METHOD(TestFixture, "ECDSA AES key gen", "[ecdsa-aes-key-gen]") {
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
vector<uint8_t> encrPrivKey(BUF_LEN, 0);
vector <uint8_t> encrPrivKey(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0;
......@@ -174,7 +174,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES key gen", "[ecdsa-aes-key-gen]") {
TEST_CASE_METHOD(TestFixture, "ECDSA AES get public key", "[ecdsa-aes-get-pub-key]") {
int errStatus = 0;
vector<char> errMsg(BUF_LEN, 0);
vector<uint8_t> encPrivKey(BUF_LEN, 0);
vector <uint8_t> encPrivKey(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0;
......@@ -260,8 +260,7 @@ TEST_CASE_METHOD(TestFixture, "ECDSA key gen API", "[ecdsa-key-gen-api]") {
auto keyName = genECDSAKeyAPI(c);
Json::Value sig = c.ecdsaSignMessageHash(10, keyName, SAMPLE_HASH);
Json::Value sig = c.ecdsaSignMessageHash(10, keyName, SAMPLE_HASH);
for (int i = 0; i <= 20; i++) {
......@@ -288,7 +287,7 @@ TEST_CASE_METHOD(TestFixture, "BLS key encrypt", "[bls-key-encrypt]") {
TEST_CASE_METHOD(TestFixture, "DKG AES gen test", "[dkg-aes-gen]") {
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
vector <uint8_t> encryptedDKGSecret(BUF_LEN, 0);
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
......@@ -310,9 +309,8 @@ TEST_CASE_METHOD(TestFixture, "DKG AES gen test", "[dkg-aes-gen]") {
}
TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares]") {
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
vector <uint8_t> encryptedDKGSecret(BUF_LEN, 0);
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
......@@ -334,10 +332,10 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<string> g2Strings = splitString(pubShares.data(), ',');
vector<libff::alt_bn128_G2> pubSharesG2;
vector <string> g2Strings = splitString(pubShares.data(), ',');
vector <libff::alt_bn128_G2> pubSharesG2;
for (u_int64_t i = 0; i < g2Strings.size(); i++) {
vector<string> coeffStr = splitString(g2Strings.at(i).c_str(), ':');
vector <string> coeffStr = splitString(g2Strings.at(i).c_str(), ':');
pubSharesG2.push_back(TestUtils::vectStringToG2(coeffStr));
}
......@@ -351,8 +349,8 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares
signatures::Dkg dkgObj(t, n);
vector<libff::alt_bn128_Fr> poly = TestUtils::splitStringToFr(secret.data(), colon);
vector<libff::alt_bn128_G2> pubSharesDkg = dkgObj.VerificationVector(poly);
vector <libff::alt_bn128_Fr> poly = TestUtils::splitStringToFr(secret.data(), colon);
vector <libff::alt_bn128_G2> pubSharesDkg = dkgObj.VerificationVector(poly);
for (uint32_t i = 0; i < pubSharesDkg.size(); i++) {
libff::alt_bn128_G2 el = pubSharesDkg.at(i);
el.to_affine_coordinates();
......@@ -367,7 +365,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES encrypted secret shares test", "[dkg-aes-
int errStatus = 0;
uint32_t encLen = 0;
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
vector <uint8_t> encryptedDKGSecret(BUF_LEN, 0);
PRINT_SRC_LINE
auto status = trustedGenDkgSecretAES(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, 2);
REQUIRE(status == SGX_SUCCESS);
......@@ -380,7 +378,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES encrypted secret shares test", "[dkg-aes-
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<uint8_t> encrPRDHKey(BUF_LEN, 0);
vector <uint8_t> encrPRDHKey(BUF_LEN, 0);
string pub_keyB = SAMPLE_PUBLIC_KEY_B;
......@@ -420,8 +418,8 @@ TEST_CASE_METHOD(TestFixture, "DKG_BLS test", "[dkg-bls]") {
HttpClient client(RPC_ENDPOINT);
StubClient c(client, JSONRPC_CLIENT_V2);
vector<string> ecdsaKeyNames;
vector<string> blsKeyNames;
vector <string> ecdsaKeyNames;
vector <string> blsKeyNames;
int schainID = TestUtils::randGen();
int dkgID = TestUtils::randGen();
......@@ -441,7 +439,8 @@ TEST_CASE_METHOD(TestFixture, "Delete Bls Key", "[delete-bls-key]") {
HttpClient client(RPC_ENDPOINT);
StubClient c(client, JSONRPC_CLIENT_V2);
std::string name = "BLS_KEY:SCHAIN_ID:123456789:NODE_ID:0:DKG_ID:0";
libff::alt_bn128_Fr key = libff::alt_bn128_Fr("6507625568967977077291849236396320012317305261598035438182864059942098934847");
libff::alt_bn128_Fr key = libff::alt_bn128_Fr(
"6507625568967977077291849236396320012317305261598035438182864059942098934847");
std::string key_str = TestUtils::stringFromFr(key);
PRINT_SRC_LINE
c.importBLSKeyShare(key_str, name);
......@@ -474,7 +473,6 @@ TEST_CASE_METHOD(TestFixture, "Get ServerVersion", "[get-server-version]") {
}
TEST_CASE_METHOD(TestFixtureHTTPS, "Cert request sign", "[cert-sign]") {
PRINT_SRC_LINE
......@@ -588,8 +586,8 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
Json::Value secretShares[n];
Json::Value pubBLSKeys[n];
Json::Value blsSigShares[n];
vector<string> pubShares(n);
vector<string> polyNames(n);
vector <string> pubShares(n);
vector <string> polyNames(n);
int schainID = TestUtils::randGen();
int dkgID = TestUtils::randGen();
......@@ -624,7 +622,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
}
int k = 0;
vector<string> secShares(n);
vector <string> secShares(n);
for (int i = 0; i < n; i++)
for (int j = 0; j < n; j++) {
......@@ -645,7 +643,8 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
string hash = SAMPLE_HASH;
auto hash_arr = make_shared<array<uint8_t, 32 >>();
auto hash_arr = make_shared < array < uint8_t,
32 >> ();
uint64_t binLen;
......@@ -653,7 +652,7 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
throw SGXException(INVALID_HEX, "Invalid hash");
}
map<size_t, shared_ptr<BLSPublicKeyShare>> coeffs_pkeys_map;
map <size_t, shared_ptr<BLSPublicKeyShare>> coeffs_pkeys_map;
for (int i = 0; i < t; i++) {
string endName = polyNames[i].substr(4);
......@@ -670,24 +669,25 @@ TEST_CASE_METHOD(TestFixture, "AES_DKG test", "[aes-dkg]") {
blsSigShares[i] = c.blsSignMessageHash(blsName, hash, t, n);
REQUIRE(blsSigShares[i]["status"] == 0);
shared_ptr<string> sig_share_ptr = make_shared<string>(blsSigShares[i]["signatureShare"].asString());
shared_ptr <string> sig_share_ptr = make_shared<string>(blsSigShares[i]["signatureShare"].asString());
BLSSigShare sig(sig_share_ptr, i + 1, t, n);
sigShareSet.addSigShare(make_shared<BLSSigShare>(sig));
vector<string> pubKey_vect;
vector <string> pubKey_vect;
for (uint8_t j = 0; j < 4; j++) {
pubKey_vect.push_back(pubBLSKeys[i]["blsPublicKeyShare"][j].asString());
}
BLSPublicKeyShare pubKey(make_shared<vector<string >>(pubKey_vect), t, n);
BLSPublicKeyShare pubKey(make_shared < vector < string >> (pubKey_vect), t, n);
PRINT_SRC_LINE
REQUIRE(pubKey.VerifySigWithHelper(hash_arr, make_shared<BLSSigShare>(sig), t, n));
coeffs_pkeys_map[i + 1] = make_shared<BLSPublicKeyShare>(pubKey);
}
shared_ptr<BLSSignature> commonSig = sigShareSet.merge();
BLSPublicKey common_public(make_shared<map<size_t, shared_ptr<BLSPublicKeyShare >>>(coeffs_pkeys_map), t,
n);
shared_ptr <BLSSignature> commonSig = sigShareSet.merge();
BLSPublicKey
common_public(make_shared < map < size_t, shared_ptr < BLSPublicKeyShare >>>(coeffs_pkeys_map), t,
n);
REQUIRE(common_public.VerifySigWithHelper(hash_arr, commonSig, t, n));
}
......@@ -696,7 +696,7 @@ TEST_CASE_METHOD(TestFixture, "AES encrypt/decrypt", "[aes-encrypt-decrypt]") {
vector<char> errMsg(BUF_LEN, 0);
uint32_t encLen;
string key = SAMPLE_AES_KEY;
vector<uint8_t> encrypted_key(BUF_LEN, 0);
vector <uint8_t> encrypted_key(BUF_LEN, 0);
PRINT_SRC_LINE
auto status = trustedEncryptKeyAES(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key.data(), &encLen);
......@@ -715,7 +715,7 @@ TEST_CASE_METHOD(TestFixture, "AES encrypt/decrypt", "[aes-encrypt-decrypt]") {
TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypto]") {
vector<thread> threads;
vector <thread> threads;
int num_threads = 4;
for (int i = 0; i < num_threads; i++) {
threads.push_back(thread(TestUtils::sendRPCRequest));
......@@ -727,10 +727,45 @@ TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypt
}
TEST_CASE_METHOD(TestFixture, "First run", "[first-run]") {
HttpClient client(RPC_ENDPOINT);
StubClient c(client, JSONRPC_CLIENT_V2);
try {
PRINT_SRC_LINE
auto keyName = genECDSAKeyAPI(c);
ofstream namefile("/tmp/keyname");
namefile << keyName;
PRINT_SRC_LINE
} catch (JsonRpcException & e)
{
cerr << e.what() << endl;
throw;
}
}
TEST_CASE_METHOD(TestFixtureNoReset, "Second run", "[second-run]") {
HttpClient client(RPC_ENDPOINT);
StubClient c(client, JSONRPC_CLIENT_V2);
try {
PRINT_SRC_LINE
string keyName;
ifstream namefile("/tmp/keyname");
getline(namefile, keyName);
Json::Value sig = c.ecdsaSignMessageHash(16, keyName, SAMPLE_HASH);
REQUIRE(sig["status"].asInt() == 0);
Json::Value getPubKey = c.getPublicECDSAKey(keyName);
REQUIRE(getPubKey["status"].asInt() == 0);
} catch (JsonRpcException &e) {
cerr << e.what() << endl;
throw;
}
}
TEST_CASE_METHOD(TestFixtureNoResetFromBackup, "Backup restore", "[backup-restore]") {
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment