SKALE-2454-add-logs-to-enclave

c27a793d · kladko · d5725597 · c27a793d · c27a793d · c27a793d
Unverified Commit c27a793d authored 5 years ago by kladko
5 changed files
--- a/BLSCrypto.cpp
+++ b/BLSCrypto.cpp
@@ -320,7 +320,7 @@ char *encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key)

    unsigned int encryptedLen = 0;

-    //status = encrypt_key(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
+    //status = trustedEncryptKey(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
    status = trustedEncryptKeyAES(eid, errStatus, errMsg->data(), keyArray->data(), encryptedKey->data(), &encryptedLen);

    spdlog::debug("errStatus is {}", *errStatus);
@@ -360,7 +360,7 @@ char *decryptBLSKeyShareFromHex(int *errStatus, char *errMsg, const char *_encry

    char *plaintextKey = (char *) calloc(BUF_LEN, 1);

-    //status = decrypt_key(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
+    //status = trustedDecryptKey(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
    status = trustedDecryptKeyAES(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);

    if (status != SGX_SUCCESS) {

--- a/DKGCrypto.cpp
+++ b/DKGCrypto.cpp
@@ -378,7 +378,7 @@ string decryptDHKey(const string &polyName, int ind) {
    char DHKey[ECDSA_SKEY_LEN];

    if (!encryptKeys)
-        decrypt_key(eid, &errStatus, errMsg1.data(), encryptedDHKey, dhEncLen, DHKey);
+        trustedDecryptKey(eid, &errStatus, errMsg1.data(), encryptedDHKey, dhEncLen, DHKey);
    else
        trustedDecryptKeyAES(eid, &errStatus, errMsg1.data(), encryptedDHKey, dhEncLen, DHKey);
    if (errStatus != 0) {

--- a/secure_enclave/secure_enclave.c
+++ b/secure_enclave/secure_enclave.c
@@ -371,7 +371,7 @@ void trustedEcdsaSign(int *errStatus, char *err_string, uint8_t *encrypted_key,
 }


-void encrypt_key(int *errStatus, char *err_string, char *key,
+void trustedEncryptKey(int *errStatus, char *err_string, char *key,
                 uint8_t *encrypted_key, uint32_t *enc_len) {

    //init();
@@ -412,10 +412,10 @@ void encrypt_key(int *errStatus, char *err_string, char *key,
    char decryptedKey[BUF_LEN];
    memset(decryptedKey, 0, BUF_LEN);

-    decrypt_key(errStatus, err_string, encrypted_key, sealedLen, decryptedKey);
+    trustedDecryptKey(errStatus, err_string, encrypted_key, sealedLen, decryptedKey);

    if (*errStatus != 0) {
-        snprintf(err_string + strlen(err_string), BUF_LEN, ":decrypt_key failed");
+        snprintf(err_string + strlen(err_string), BUF_LEN, ":trustedDecryptKey failed");
        return;
    }

@@ -437,7 +437,7 @@ void encrypt_key(int *errStatus, char *err_string, char *key,
    *errStatus = 0;
 }

-void decrypt_key(int *errStatus, char *err_string, uint8_t *encrypted_key,
+void trustedDecryptKey(int *errStatus, char *err_string, uint8_t *encrypted_key,
                 uint32_t enc_len, char *key) {

    init();
@@ -502,7 +502,7 @@ void trustedBlsSignMessage(int *errStatus, char *err_string, uint8_t *encrypted_
    init();


-    decrypt_key(errStatus, err_string, encrypted_key, enc_len, key);
+    trustedDecryptKey(errStatus, err_string, encrypted_key, enc_len, key);

    if (*errStatus != 0) {
        strncpy(signature, err_string, BUF_LEN);
@@ -1252,7 +1252,7 @@ void trustedEncryptKeyAES(int *errStatus, char *err_string, const char *key,

    if (stat != 0) {
        *errStatus = stat;
-        snprintf(err_string, BUF_LEN, ":decrypt_key failed with status %d", stat);
+        snprintf(err_string, BUF_LEN, ":trustedDecryptKey failed with status %d", stat);
        return;
    }


--- a/secure_enclave/secure_enclave.edl
+++ b/secure_enclave/secure_enclave.edl
@@ -44,14 +44,14 @@ enclave {
                                [out, count = SMALL_BUF_SIZE] char * pub_key_x,
                                [out, count = SMALL_BUF_SIZE] char * pub_key_y);

-		public void encrypt_key (
+		public void trustedEncryptKey (
                                [user_check] int *errStatus,
                                [out, count = SMALL_BUF_SIZE] char* err_string,
                                [in, count = SMALL_BUF_SIZE] char* key,
                                [out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
                                [user_check] uint32_t *enc_len);

-                public void decrypt_key (
+		public void trustedDecryptKey (
                                [user_check] int *errStatus,
                                [out, count = SMALL_BUF_SIZE] char* err_string,
                                [in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,

--- a/secure_enclave/secure_enclave.i
+++ b/secure_enclave/secure_enclave.i
@@ -5469,8 +5469,8 @@ void trustedEMpzMul(mpz_t* c, mpz_t* a, mpz_t* b);
 void trustedEMpzDiv(mpz_t* c, mpz_t* a, mpz_t* b);
 void trustedEMpfDiv(mpf_t* c, mpf_t* a, mpf_t* b);
 void trustedGenerateEcdsaKey(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t* enc_len, char* pub_key_x, char* pub_key_y);
-void encrypt_key(int* err_status, char* err_string, char* key, uint8_t* encrypted_key, uint32_t* enc_len);
-void decrypt_key(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* key);
+void trustedEncryptKey(int* err_status, char* err_string, char* key, uint8_t* encrypted_key, uint32_t* enc_len);
+void trustedDecryptKey(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* key);
 void trustedBlsSignMessage(int* err_status, char* err_string, uint8_t* encrypted_key, uint32_t enc_len, char* hashX, char* hashY, char* signature);
 void trustedGenDkgSecret(int* err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t* enc_len, size_t _t);
 void trustedDecryptDkgSecret(int* err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len);
@@ -6741,7 +6741,7 @@ void trustedGenerateEcdsaKey(int *err_status, char *err_string,
 }


-void encrypt_key(int *err_status, char *err_string, char *key,
+void trustedEncryptKey(int *err_status, char *err_string, char *key,
                 uint8_t *encrypted_key, uint32_t *enc_len) {

    init();
@@ -6782,10 +6782,10 @@ void encrypt_key(int *err_status, char *err_string, char *key,
    char decryptedKey[1024];
    memset(decryptedKey, 0, 1024);

-    decrypt_key(err_status, err_string, encrypted_key, sealedLen, decryptedKey);
+    trustedDecryptKey(err_status, err_string, encrypted_key, sealedLen, decryptedKey);

    if (*err_status != 0) {
-        snprintf(err_string + strlen(err_string), 1024, ":decrypt_key failed");
+        snprintf(err_string + strlen(err_string), 1024, ":trustedDecryptKey failed");
        return;
    }

@@ -6807,7 +6807,7 @@ void encrypt_key(int *err_status, char *err_string, char *key,
    *err_status = 0;
 }

-void decrypt_key(int *err_status, char *err_string, uint8_t *encrypted_key,
+void trustedDecryptKey(int *err_status, char *err_string, uint8_t *encrypted_key,
                 uint32_t enc_len, char *key) {

    init();
@@ -6869,7 +6869,7 @@ void trustedBlsSignMessage(int *err_status, char *err_string, uint8_t *encrypted
    init();


-    decrypt_key(err_status, err_string, encrypted_key, enc_len, key);
+    trustedDecryptKey(err_status, err_string, encrypted_key, enc_len, key);

    if (*err_status != 0) {
        return;