Skip to content

S
sgxwallet
Unverified Commit c6dfc661 authored by kladko's avatar kladko
Browse files
Options

SKALE-3067-cleanup-sgx

parent ec9ff9f4
Show whitespace changes
Inline Side-by-side
Showing with 1 addition and 374 deletions
BLSPrivateKeyShareSGX.cpp
View file @ c6dfc661
......@@ -151,7 +151,7 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
cerr << "Key is " + *encryptedKeyHex << endl;
sgx_status_t status =
trustedBlsSignMessage(eid, &errStatus, errMsg, encryptedKey,
trustedBlsSignMessageAES(eid, &errStatus, errMsg, encryptedKey,
encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);
printf("sig is: %s\n", signature);
......
secure_enclave/secure_enclave.edl
View file @ c6dfc661
......@@ -11,103 +11,6 @@ enclave {
public void trustedEnclaveInit(uint32_t _logLevel);
public void trustedGenerateEcdsaKey (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[out] uint32_t *enc_len,
[out, count = SMALL_BUF_SIZE] char * pub_key_x,
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void trustedGetPublicEcdsaKey (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t dec_len,
[out, count = SMALL_BUF_SIZE] char * pub_key_x,
[out, count = SMALL_BUF_SIZE] char * pub_key_y);
public void trustedEncryptKey (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] const char* key,
[out, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
[out] uint32_t *enc_len);
public void trustedDecryptKey (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[out, count = SMALL_BUF_SIZE] char* key );
public void trustedBlsSignMessage (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[in, string] char* hashX ,
[in, string] char* hashY ,
[out, count = SMALL_BUF_SIZE] char* signature);
public void trustedGenDkgSecret (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[out, count = 3050] uint8_t* encrypted_dkg_secret,
[out] uint32_t * enc_len,
size_t _t);
public void trustedDecryptDkgSecret (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[out, count = 2490] uint8_t* decrypted_dkg_secret,
[out] uint32_t* dec_len);
public void trustedGetSecretShares (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
[out] uint32_t* dec_len,
[out, count = 2490] char* secret_shares,
unsigned _t,
unsigned _n);
public void trustedGetPublicShares (
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
uint32_t enc_len,
[out, count = 10000] char* public_shares,
unsigned _t,
unsigned _n);
public void trustedEcdsaSign(
[out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint32_t enc_len,
[in, string] unsigned char* hash,
[out, count = SMALL_BUF_SIZE] char* sig_r,
[out, count = SMALL_BUF_SIZE] char* sig_s,
[out] uint8_t* sig_v,
int base);
public void trustedSetEncryptedDkgPoly( [out] int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = 3050] uint8_t* encrypted_poly);
public void trustedGetEncryptedSecretShare(
[out]int *errStatus,
[out, count = SMALL_BUF_SIZE] char *err_string,
[out, count = SMALL_BUF_SIZE] uint8_t *encrypted_skey,
[out] uint32_t* dec_len,
[out, count = 193] char* result_str,
[out, count = 320] char* s_shareG2,
[in, string] char* pub_keyB,
uint8_t _t,
uint8_t _n,
uint8_t ind);
public void trustedDkgVerify(
[out] int *errStatus,
......@@ -120,21 +23,7 @@ enclave {
int _ind,
[out] int* result);
public void trustedCreateBlsKey(
[out]int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, string] const char* s_shares,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
[out, count = SMALL_BUF_SIZE] uint8_t * encr_bls_key,
[out] uint32_t *enc_bls_key_len);
public void trustedGetBlsPubKey(
[out]int *errStatus,
[out, count = SMALL_BUF_SIZE] char* err_string,
[in, count = SMALL_BUF_SIZE] uint8_t* encrypted_key,
uint64_t key_len,
[out, count = 320] char* bls_pub_key);
public void trustedComplaintResponse(
[out] int *errStatus,
......
testw.cpp
View file @ c6dfc661
......@@ -95,40 +95,6 @@ public:
}
};
TEST_CASE_METHOD(TestFixture, "ECDSA keygen and signature test", "[ecdsa-key-sig-gen]") {
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
vector<uint8_t> encrPrivKey(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0;
PRINT_SRC_LINE
auto status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen, pubKeyX.data(),
pubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
string hex = SAMPLE_HEX_HASH;
vector<char> signatureR(BUF_LEN, 0);
vector<char> signatureS(BUF_LEN, 0);
uint8_t signatureV = 0;
for (int i = 0; i < 50; i++) {
status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encrPrivKey.data(), encLen,
(unsigned char *) hex.data(),
signatureR.data(),
signatureS.data(), &signatureV, 16);
}
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes-key-sig-gen]") {
vector<char> errMsg(BUF_LEN, 0);
......@@ -162,20 +128,6 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES keygen and signature test", "[ecdsa-aes
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "ECDSA key gen", "[ecdsa-key-gen]") {
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
vector<uint8_t> encrPrivKey(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0;
PRINT_SRC_LINE
auto status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encrPrivKey.data(), &encLen, pubKeyX.data(),
pubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "ECDSA AES key gen", "[ecdsa-aes-key-gen]") {
vector<char> errMsg(BUF_LEN, 0);
......@@ -193,30 +145,6 @@ TEST_CASE_METHOD(TestFixture, "ECDSA AES key gen", "[ecdsa-aes-key-gen]") {
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "ECDSA get public key", "[ecdsa-get-pub-key]") {
int errStatus = 0;
vector<char> errMsg(BUF_LEN, 0);
vector<uint8_t> encPrivKey(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0);
uint32_t encLen = 0;
PRINT_SRC_LINE
auto status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encPrivKey.data(), &encLen, pubKeyX.data(),
pubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<char> receivedPubKeyX(BUF_LEN, 0);
vector<char> receivedPubKeyY(BUF_LEN, 0);
PRINT_SRC_LINE
status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encPrivKey.data(), encLen, receivedPubKeyX.data(),
receivedPubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "ECDSA AES get public key", "[ecdsa-aes-get-pub-key]") {
int errStatus = 0;
......@@ -333,29 +261,6 @@ TEST_CASE_METHOD(TestFixture, "BLS key encrypt", "[bls-key-encrypt]") {
REQUIRE(key != nullptr);
}
TEST_CASE_METHOD(TestFixture, "DKG gen test", "[dkg-gen]") {
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
uint32_t encLen = 0;
PRINT_SRC_LINE
auto status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, 32);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<char> secret(BUF_LEN, 0);
vector<char> errMsg1(BUF_LEN, 0);
uint32_t dec_len;
PRINT_SRC_LINE
status = trustedDecryptDkgSecret(eid, &errStatus, errMsg1.data(), encryptedDKGSecret.data(),
(uint8_t *) secret.data(), &dec_len);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "DKG AES gen test", "[dkg-aes-gen]") {
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
......@@ -380,57 +285,7 @@ TEST_CASE_METHOD(TestFixture, "DKG AES gen test", "[dkg-aes-gen]") {
*/
}
TEST_CASE_METHOD(TestFixture, "DKG public shares test", "[dkg-pub-shares]") {
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
uint32_t encLen = 0;
unsigned t = 32, n = 32;
PRINT_SRC_LINE
auto status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, n);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<char> errMsg1(BUF_LEN, 0);
char colon = ':';
vector<char> pubShares(10000, 0);
PRINT_SRC_LINE
status = trustedGetPublicShares(eid, &errStatus, errMsg1.data(),
encryptedDKGSecret.data(), encLen, pubShares.data(), t, n);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<string> g2Strings = splitString(pubShares.data(), ',');
vector<libff::alt_bn128_G2> pubSharesG2;
for (u_int64_t i = 0; i < g2Strings.size(); i++) {
vector<string> coeffStr = splitString(g2Strings.at(i).c_str(), ':');
pubSharesG2.push_back(TestUtils::vectStringToG2(coeffStr));
}
vector<char> secret(BUF_LEN, 0);
PRINT_SRC_LINE
status = trustedDecryptDkgSecret(eid, &errStatus, errMsg1.data(), encryptedDKGSecret.data(),
(uint8_t *) secret.data(), &encLen);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
signatures::Dkg dkgObj(t, n);
vector<libff::alt_bn128_Fr> poly = TestUtils::splitStringToFr(secret.data(), colon);
vector<libff::alt_bn128_G2> pubSharesDkg = dkgObj.VerificationVector(poly);
for (uint32_t i = 0; i < pubSharesDkg.size(); i++) {
libff::alt_bn128_G2 el = pubSharesDkg.at(i);
el.to_affine_coordinates();
}
REQUIRE(pubSharesG2 == pubSharesDkg);
}
TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares]") {
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
......@@ -481,37 +336,6 @@ TEST_CASE_METHOD(TestFixture, "DKG AES public shares test", "[dkg-aes-pub-shares
REQUIRE(pubSharesG2 == pubSharesDkg);
}
TEST_CASE_METHOD(TestFixture, "DKG encrypted secret shares test", "[dkg-encr-sshares]") {
vector<char> errMsg(BUF_LEN, 0);
vector<char> result(BUF_LEN, 0);
int errStatus = 0;
uint32_t encLen = 0;
vector<uint8_t> encryptedDKGSecret(BUF_LEN, 0);
auto status = trustedGenDkgSecret(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data(), &encLen, 2);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
PRINT_SRC_LINE
status = trustedSetEncryptedDkgPoly(eid, &errStatus, errMsg.data(), encryptedDKGSecret.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
vector<uint8_t> encrPRDHKey(BUF_LEN, 0);
string pub_keyB = SAMPLE_PUBLIC_KEY_B;
vector<char> s_shareG2(BUF_LEN, 0);
PRINT_SRC_LINE
status = trustedGetEncryptedSecretShare(eid, &errStatus, errMsg.data(), encrPRDHKey.data(), &encLen, result.data(),
s_shareG2.data(),
(char *) pub_keyB.data(), 2, 2, 1);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
}
TEST_CASE_METHOD(TestFixture, "DKG AES encrypted secret shares test", "[dkg-aes-encr-sshares]") {
vector<char> errMsg(BUF_LEN, 0);
vector<char> result(BUF_LEN, 0);
......@@ -854,27 +678,6 @@ TEST_CASE_METHOD(TestFixture, "AES encrypt/decrypt", "[aes-encrypt-decrypt]") {
REQUIRE(key.compare(decr_key.data()) == 0);
}
TEST_CASE_METHOD(TestFixture, "SGX encrypt/decrypt", "[sgx-encrypt-decrypt]") {
int errStatus = -1;
vector<char> errMsg(BUF_LEN, 0);
uint32_t encLen;
string key = SAMPLE_AES_KEY;
vector<uint8_t> encrypted_key(BUF_LEN, 0);
PRINT_SRC_LINE
auto status = trustedEncryptKey(eid, &errStatus, errMsg.data(), key.c_str(), encrypted_key.data(), &encLen);
REQUIRE(status == 0);
REQUIRE(errStatus == 0);
vector<char> decr_key(BUF_LEN, 0);
PRINT_SRC_LINE
status = trustedDecryptKey(eid, &errStatus, errMsg.data(), encrypted_key.data(), encLen, decr_key.data());
REQUIRE(status == 0);
REQUIRE(errStatus == 0);
REQUIRE(key.compare(decr_key.data()) == 0);
}
TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypto]") {
vector<thread> threads;
......@@ -888,69 +691,4 @@ TEST_CASE_METHOD(TestFixture, "Many threads ecdsa dkg bls", "[many-threads-crypt
}
}
TEST_CASE_METHOD(TestFixture, "AES == NOT AES", "[aes-not-aes]") {
std::string key = SAMPLE_AES_KEY;
std::string hex = SAMPLE_HEX_HASH;
int errStatus = 0;
vector<char> errMsg(BUF_LEN, 0);
vector<uint8_t> encrPrivKey(BUF_LEN, 0);
uint32_t enc_len = 0;
PRINT_SRC_LINE
trustedEncryptKey(eid, &errStatus, errMsg.data(), key.c_str(), encrPrivKey.data(), &enc_len);
REQUIRE(errStatus == SGX_SUCCESS);
errMsg.clear();
vector<char> signatureR(BUF_LEN, 0);
vector<char> signatureS(BUF_LEN, 0);
uint8_t signatureV = 0;
PRINT_SRC_LINE
auto status = trustedEcdsaSign(eid, &errStatus, errMsg.data(), encrPrivKey.data(), enc_len,
(unsigned char *) hex.data(),
signatureR.data(),
signatureS.data(), &signatureV, 16);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
errMsg.clear();
vector<char> receivedPubKeyX(BUF_LEN, 0);
vector<char> receivedPubKeyY(BUF_LEN, 0);
status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encrPrivKey.data(), enc_len,
receivedPubKeyX.data(),
receivedPubKeyY.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatus == SGX_SUCCESS);
int errStatusAES = 0;
vector<char> errMsgAES(BUF_LEN, 0);
vector<uint8_t> encrPrivKeyAES(BUF_LEN, 0);
uint32_t enc_lenAES = 0;
PRINT_SRC_LINE
trustedEncryptKeyAES(eid, &errStatusAES, errMsgAES.data(), key.c_str(), encrPrivKeyAES.data(), &enc_lenAES);
REQUIRE(errStatusAES == SGX_SUCCESS);
errMsgAES.clear();
vector<char> signatureRAES(BUF_LEN, 0);
vector<char> signatureSAES(BUF_LEN, 0);
uint8_t signatureVAES = 0;
PRINT_SRC_LINE
status = trustedEcdsaSignAES(eid, &errStatusAES, errMsgAES.data(), encrPrivKeyAES.data(), enc_lenAES,
hex.data(),
signatureRAES.data(),
signatureSAES.data(), &signatureVAES, 16);
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatusAES == SGX_SUCCESS);
errMsgAES.clear();
vector<char> receivedPubKeyXAES(BUF_LEN, 0);
vector<char> receivedPubKeyYAES(BUF_LEN, 0);
PRINT_SRC_LINE
status = trustedGetPublicEcdsaKeyAES(eid, &errStatusAES, errMsgAES.data(), encrPrivKeyAES.data(), enc_lenAES,
receivedPubKeyXAES.data(),
receivedPubKeyYAES.data());
REQUIRE(status == SGX_SUCCESS);
REQUIRE(errStatusAES == SGX_SUCCESS);
REQUIRE(receivedPubKeyX == receivedPubKeyXAES);
REQUIRE(receivedPubKeyY == receivedPubKeyYAES);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment