Skip to content

S
sgxwallet
Unverified Commit c6e00aaf authored by Stan Kladko's avatar Stan Kladko Committed by GitHub
Browse files
Options

Merge pull request #48 from skalenetwork/bug/SKALE-2074-SIGILL-in-SGX-server2 

Bug/skale 2074 sigill in sgx server2
parents dd9fc46e aa427319
Hide whitespace changes
Inline Side-by-side
Showing with 312 additions and 164 deletions
DKGCrypto.cpp
View file @ c6e00aaf
...@@ -78,6 +78,7 @@ string ConvertToString(T field_elem, int base = 10) { ...@@ -78,6 +78,7 @@ string ConvertToString(T field_elem, int base = 10) {
string gen_dkg_poly( int _t){ string gen_dkg_poly( int _t){
vector<char> errMsg(1024, 0); vector<char> errMsg(1024, 0);
int err_status = 0; int err_status = 0;
vector<uint8_t> encrypted_dkg_secret(DKG_MAX_SEALED_LEN, 0); vector<uint8_t> encrypted_dkg_secret(DKG_MAX_SEALED_LEN, 0);
uint32_t enc_len = 0; uint32_t enc_len = 0;
...@@ -97,6 +98,7 @@ string gen_dkg_poly( int _t){ ...@@ -97,6 +98,7 @@ string gen_dkg_poly( int _t){
vector<char> hexEncrPoly(DKG_MAX_SEALED_LEN * 2 + 1, 0);//(4*BUF_LEN, 1); vector<char> hexEncrPoly(DKG_MAX_SEALED_LEN * 2 + 1, 0);//(4*BUF_LEN, 1);
carray2Hex(encrypted_dkg_secret.data(), DKG_MAX_SEALED_LEN, hexEncrPoly.data()); carray2Hex(encrypted_dkg_secret.data(), DKG_MAX_SEALED_LEN, hexEncrPoly.data());
string result(hexEncrPoly.data()); string result(hexEncrPoly.data());
...@@ -106,6 +108,7 @@ string gen_dkg_poly( int _t){ ...@@ -106,6 +108,7 @@ string gen_dkg_poly( int _t){
vector <vector<string>> get_verif_vect(const char* encryptedPolyHex, int t, int n){ vector <vector<string>> get_verif_vect(const char* encryptedPolyHex, int t, int n){
char* errMsg1 = (char*) calloc(1024,1); char* errMsg1 = (char*) calloc(1024,1);
//char errMsg1[BUF_LEN];
int err_status = 0; int err_status = 0;
if (DEBUG_PRINT) { if (DEBUG_PRINT) {
...@@ -114,10 +117,13 @@ vector <vector<string>> get_verif_vect(const char* encryptedPolyHex, int t, int ...@@ -114,10 +117,13 @@ vector <vector<string>> get_verif_vect(const char* encryptedPolyHex, int t, int
} }
char* public_shares = (char*)calloc(10000, 1); char* public_shares = (char*)calloc(10000, 1);
// char public_shares[10000];
uint64_t enc_len = 0; uint64_t enc_len = 0;
uint8_t* encr_dkg_poly = (uint8_t*) calloc(DKG_MAX_SEALED_LEN, 1); uint8_t* encr_dkg_poly = (uint8_t*) calloc(DKG_MAX_SEALED_LEN * 2, 1);
//uint8_t encr_dkg_poly[DKG_MAX_SEALED_LEN];
if (!hex2carray2(encryptedPolyHex, &enc_len, encr_dkg_poly, 6100)){ if (!hex2carray2(encryptedPolyHex, &enc_len, encr_dkg_poly, 6100)){
throw RPCException(INVALID_HEX, "Invalid encryptedPolyHex"); throw RPCException(INVALID_HEX, "Invalid encryptedPolyHex");
} }
...@@ -129,8 +135,12 @@ vector <vector<string>> get_verif_vect(const char* encryptedPolyHex, int t, int ...@@ -129,8 +135,12 @@ vector <vector<string>> get_verif_vect(const char* encryptedPolyHex, int t, int
printf(" %d ", encr_dkg_poly[i] );*/ printf(" %d ", encr_dkg_poly[i] );*/
} }
uint32_t len = 0; uint32_t len;
status = get_public_shares(eid, &err_status, errMsg1, encr_dkg_poly, len, public_shares, t, n); if (!is_aes)
status = get_public_shares(eid, &err_status, errMsg1, encr_dkg_poly, len, public_shares, t, n);
else {
status = get_public_shares_aes(eid, &err_status, errMsg1, encr_dkg_poly, enc_len, public_shares, t, n);
}
if ( err_status != 0){ if ( err_status != 0){
throw RPCException(-666, errMsg1 ); throw RPCException(-666, errMsg1 );
} }
...@@ -161,12 +171,14 @@ vector <vector<string>> get_verif_vect(const char* encryptedPolyHex, int t, int ...@@ -161,12 +171,14 @@ vector <vector<string>> get_verif_vect(const char* encryptedPolyHex, int t, int
} }
string get_secret_shares(const string& polyName, const char* encryptedPolyHex, const vector<string>& publicKeys, int t, int n){ string get_secret_shares(const string& polyName, const char* encryptedPolyHex, const vector<string>& publicKeys, int t, int n){
char* errMsg1 = (char*) calloc(1024,1); //char* errMsg1 = (char*) calloc(1024,1);
char errMsg1[BUF_LEN];
int err_status = 0; int err_status = 0;
uint64_t enc_len = 0; uint64_t enc_len = 0;
uint8_t* encr_dkg_poly = (uint8_t*) calloc(DKG_MAX_SEALED_LEN, 1); // uint8_t* encr_dkg_poly = (uint8_t*) calloc(DKG_MAX_SEALED_LEN, 1);
uint8_t encr_dkg_poly[DKG_MAX_SEALED_LEN];
if(!hex2carray2(encryptedPolyHex, &enc_len, encr_dkg_poly, 6100)){ if(!hex2carray2(encryptedPolyHex, &enc_len, encr_dkg_poly, 6100)){
throw RPCException(INVALID_HEX, "Invalid encryptedPolyHex"); throw RPCException(INVALID_HEX, "Invalid encryptedPolyHex");
} }
...@@ -181,7 +193,8 @@ string get_secret_shares(const string& polyName, const char* encryptedPolyHex, c ...@@ -181,7 +193,8 @@ string get_secret_shares(const string& polyName, const char* encryptedPolyHex, c
} }
string result; string result;
char *hexEncrKey = (char *) calloc(2 * BUF_LEN, 1); //char *hexEncrKey = (char *) calloc(2 * BUF_LEN, 1);
char hexEncrKey[2 * BUF_LEN];
for ( int i = 0; i < n; i++){ for ( int i = 0; i < n; i++){
uint8_t encrypted_skey[BUF_LEN]; uint8_t encrypted_skey[BUF_LEN];
...@@ -196,11 +209,22 @@ string get_secret_shares(const string& polyName, const char* encryptedPolyHex, c ...@@ -196,11 +209,22 @@ string get_secret_shares(const string& polyName, const char* encryptedPolyHex, c
char pubKeyB[129]; char pubKeyB[129];
strncpy(pubKeyB, pub_keyB.c_str(), 128); strncpy(pubKeyB, pub_keyB.c_str(), 128);
pubKeyB[128] = 0; pubKeyB[128] = 0;
get_encr_sshare(eid, &err_status, errMsg1, encrypted_skey, &dec_len, if (DEBUG_PRINT) {
spdlog::info("pubKeyB is {}", pub_keyB);
}
if (!is_aes)
get_encr_sshare(eid, &err_status, errMsg1, encrypted_skey, &dec_len,
cur_share, s_shareG2, pubKeyB, t, n, i + 1 ); cur_share, s_shareG2, pubKeyB, t, n, i + 1 );
else
get_encr_sshare_aes(eid, &err_status, errMsg1, encrypted_skey, &dec_len,
cur_share, s_shareG2, pubKeyB, t, n, i + 1 );
if (err_status != 0){ if (err_status != 0){
throw RPCException(-666, errMsg1); throw RPCException(-666, errMsg1);
} }
if (DEBUG_PRINT) {
spdlog::info("cur_share is {}", cur_share);
}
result += cur_share; result += cur_share;
...@@ -232,15 +256,16 @@ string get_secret_shares(const string& polyName, const char* encryptedPolyHex, c ...@@ -232,15 +256,16 @@ string get_secret_shares(const string& polyName, const char* encryptedPolyHex, c
} }
//result += '\0'; //result += '\0';
free(encr_dkg_poly); //free(encr_dkg_poly);
free(errMsg1); // free(errMsg1);
free(hexEncrKey); //free(hexEncrKey);
return result; return result;
} }
bool VerifyShares(const char* publicShares, const char* encr_sshare, const char * encryptedKeyHex, int t, int n, int ind ){ bool VerifyShares(const char* publicShares, const char* encr_sshare, const char * encryptedKeyHex, int t, int n, int ind ){
char* errMsg1 = (char*) calloc(1024,1); //char* errMsg1 = (char*) calloc(1024,1);
char errMsg1[BUF_LEN];
int err_status = 0; int err_status = 0;
uint64_t dec_key_len ; uint64_t dec_key_len ;
...@@ -263,6 +288,7 @@ bool VerifyShares(const char* publicShares, const char* encr_sshare, const char ...@@ -263,6 +288,7 @@ bool VerifyShares(const char* publicShares, const char* encr_sshare, const char
dkg_verification(eid, &err_status, errMsg1, pshares, encr_sshare, encr_key, dec_key_len, t, ind, &result); dkg_verification(eid, &err_status, errMsg1, pshares, encr_sshare, encr_key, dec_key_len, t, ind, &result);
if (result == 2){ if (result == 2){
throw RPCException(INVALID_HEX, "Invalid public shares"); throw RPCException(INVALID_HEX, "Invalid public shares");
} }
...@@ -272,7 +298,7 @@ bool VerifyShares(const char* publicShares, const char* encr_sshare, const char ...@@ -272,7 +298,7 @@ bool VerifyShares(const char* publicShares, const char* encr_sshare, const char
spdlog::info("result is: {}", result); spdlog::info("result is: {}", result);
} }
free(errMsg1); //free(errMsg1);
return result; return result;
} }
...@@ -281,7 +307,8 @@ bool CreateBLSShare( const string& blsKeyName, const char * s_shares, const char ...@@ -281,7 +307,8 @@ bool CreateBLSShare( const string& blsKeyName, const char * s_shares, const char
if (DEBUG_PRINT) { if (DEBUG_PRINT) {
spdlog::info("ENTER CreateBLSShare"); spdlog::info("ENTER CreateBLSShare");
} }
char* errMsg1 = (char*) calloc(1024,1); // char* errMsg1 = (char*) calloc(1024,1);
char errMsg1[BUF_LEN];
int err_status = 0; int err_status = 0;
uint64_t dec_key_len ; uint64_t dec_key_len ;
...@@ -301,7 +328,9 @@ bool CreateBLSShare( const string& blsKeyName, const char * s_shares, const char ...@@ -301,7 +328,9 @@ bool CreateBLSShare( const string& blsKeyName, const char * s_shares, const char
throw RPCException(ERROR_IN_ENCLAVE, "Create BLS private key failed in enclave"); throw RPCException(ERROR_IN_ENCLAVE, "Create BLS private key failed in enclave");
} }
else { else {
char *hexBLSKey = (char *) calloc(2 * BUF_LEN, 1); //char *hexBLSKey = (char *) calloc(2 * BUF_LEN, 1);
char hexBLSKey[2 * BUF_LEN];
//cerr << "BEFORE carray2Hex" << endl; //cerr << "BEFORE carray2Hex" << endl;
//cerr << "enc_bls_len " << enc_bls_len << endl; //cerr << "enc_bls_len " << enc_bls_len << endl;
carray2Hex(encr_bls_key, enc_bls_len, hexBLSKey); carray2Hex(encr_bls_key, enc_bls_len, hexBLSKey);
...@@ -311,14 +340,16 @@ bool CreateBLSShare( const string& blsKeyName, const char * s_shares, const char ...@@ -311,14 +340,16 @@ bool CreateBLSShare( const string& blsKeyName, const char * s_shares, const char
spdlog::info("hexBLSKey length is {}", char_traits<char>::length(hexBLSKey)); spdlog::info("hexBLSKey length is {}", char_traits<char>::length(hexBLSKey));
spdlog::info("bls key {}", blsKeyName, " is ", hexBLSKey ); spdlog::info("bls key {}", blsKeyName, " is ", hexBLSKey );
} }
free(hexBLSKey); //free(hexBLSKey);
return true; return true;
} }
} }
vector<string> GetBLSPubKey(const char * encryptedKeyHex){ vector<string> GetBLSPubKey(const char * encryptedKeyHex){
char* errMsg1 = (char*) calloc(1024,1); //char* errMsg1 = (char*) calloc(1024,1);
char errMsg1[BUF_LEN];
int err_status = 0; int err_status = 0;
uint64_t dec_key_len ; uint64_t dec_key_len ;
......
SGXWalletServer.cpp
View file @ c6e00aaf
...@@ -114,7 +114,7 @@ int init_https_server(bool check_certs) { ...@@ -114,7 +114,7 @@ int init_https_server(bool check_certs) {
} }
} }
hs = new HttpServer(BASE_PORT, certPath, keyPath, rootCAPath, check_certs, 10); hs = new HttpServer(BASE_PORT, certPath, keyPath, rootCAPath, check_certs, 64);
s = new SGXWalletServer(*hs, s = new SGXWalletServer(*hs,
JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0) JSONRPC_SERVER_V2); // hybrid server (json-rpc 1.0 & 2.0)
......
ServerDataChecker.cpp
View file @ c6e00aaf
...@@ -72,6 +72,8 @@ bool checkECDSAKeyName(const string& keyName) { ...@@ -72,6 +72,8 @@ bool checkECDSAKeyName(const string& keyName) {
bool checkHex(const string& hex, const uint32_t sizeInBytes){ bool checkHex(const string& hex, const uint32_t sizeInBytes){
if ( hex.length() > sizeInBytes * 2 || hex.length() == 0){ if ( hex.length() > sizeInBytes * 2 || hex.length() == 0){
spdlog::error("public key is too long or zero - ", hex.length());
std::cerr << "public key length is " << hex.length() << std::endl;
return false; return false;
} }
...@@ -79,6 +81,7 @@ bool checkHex(const string& hex, const uint32_t sizeInBytes){ ...@@ -79,6 +81,7 @@ bool checkHex(const string& hex, const uint32_t sizeInBytes){
mpz_init(num); mpz_init(num);
if ( mpz_set_str(num, hex.c_str(), 16) == -1){ if ( mpz_set_str(num, hex.c_str(), 16) == -1){
spdlog::error("public key is not hex {}", hex);
mpz_clear(num); mpz_clear(num);
return false; return false;
} }
......
secure_enclave/secure_enclave.c
View file @ c6e00aaf
...@@ -131,7 +131,7 @@ void generate_ecdsa_key(int *err_status, char *err_string, ...@@ -131,7 +131,7 @@ void generate_ecdsa_key(int *err_status, char *err_string,
domain_parameters curve = domain_parameters_init(); domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1); domain_parameters_load_curve(curve, secp256k1);
unsigned char* rand_char = (unsigned char*)malloc(32); unsigned char* rand_char= (unsigned char*)malloc(32);
sgx_read_rand( rand_char, 32); sgx_read_rand( rand_char, 32);
mpz_t seed; mpz_t seed;
...@@ -484,6 +484,7 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key, ...@@ -484,6 +484,7 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
char key[BUF_LEN]; char key[BUF_LEN];
char* sig = (char*) calloc(BUF_LEN, 1); char* sig = (char*) calloc(BUF_LEN, 1);
// char sig[2 * BUF_LEN];
init(); init();
...@@ -504,12 +505,12 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key, ...@@ -504,12 +505,12 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
return; return;
} }
free(sig);
} }
void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t* enc_len, size_t _t){ void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t* enc_len, size_t _t){
char* dkg_secret = (char*)malloc(DKG_BUFER_LENGTH); char dkg_secret[DKG_BUFER_LENGTH]; //= (char*)malloc(DKG_BUFER_LENGTH);
if (gen_dkg_poly(dkg_secret, _t) != 0 ){ if (gen_dkg_poly(dkg_secret, _t) != 0 ){
*err_status = - 1; *err_status = - 1;
...@@ -529,7 +530,7 @@ void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_s ...@@ -529,7 +530,7 @@ void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_s
} }
*enc_len = sealedLen; *enc_len = sealedLen;
free(dkg_secret); //free(dkg_secret);
} }
void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t* dec_len){ void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t* dec_len){
...@@ -551,7 +552,7 @@ void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_d ...@@ -551,7 +552,7 @@ void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_d
void get_secret_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t* dec_len, char* secret_shares, void get_secret_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t* dec_len, char* secret_shares,
unsigned _t, unsigned _n){ unsigned _t, unsigned _n){
char* decrypted_dkg_secret = (char*)malloc(DKG_BUFER_LENGTH); char decrypted_dkg_secret[DKG_BUFER_LENGTH]; //= (char*)malloc(DKG_BUFER_LENGTH);
//char decrypted_dkg_secret[DKG_MAX_SEALED_LEN]; //char decrypted_dkg_secret[DKG_MAX_SEALED_LEN];
uint32_t decr_len ; uint32_t decr_len ;
...@@ -569,11 +570,13 @@ void get_secret_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg ...@@ -569,11 +570,13 @@ void get_secret_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg
// strncpy(err_string, decrypted_dkg_secret, 1024); // strncpy(err_string, decrypted_dkg_secret, 1024);
calc_secret_shares(decrypted_dkg_secret, secret_shares, _t, _n); calc_secret_shares(decrypted_dkg_secret, secret_shares, _t, _n);
free(decrypted_dkg_secret); //free(decrypted_dkg_secret);
} }
void get_public_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* public_shares, void get_public_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* public_shares,
unsigned _t, unsigned _n){ unsigned _t, unsigned _n){
//char decrypted_dkg_secret[DKG_MAX_SEALED_LEN * 2]; //= (char*)malloc(DKG_MAX_SEALED_LEN);
char* decrypted_dkg_secret = (char*)malloc(DKG_MAX_SEALED_LEN); char* decrypted_dkg_secret = (char*)malloc(DKG_MAX_SEALED_LEN);
uint32_t decr_len ; uint32_t decr_len ;
decrypt_dkg_secret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, &decr_len); decrypt_dkg_secret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, &decr_len);
...@@ -588,6 +591,7 @@ void get_public_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg ...@@ -588,6 +591,7 @@ void get_public_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg
snprintf(err_string, BUF_LEN,"t does not match polynomial in db"); snprintf(err_string, BUF_LEN,"t does not match polynomial in db");
return; return;
} }
free(decrypted_dkg_secret);
} }
...@@ -609,8 +613,12 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey, ...@@ -609,8 +613,12 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey,
char* result_str, char * s_shareG2, char* pub_keyB, uint8_t _t, uint8_t _n, uint8_t ind ){ char* result_str, char * s_shareG2, char* pub_keyB, uint8_t _t, uint8_t _n, uint8_t ind ){
char skey[ECDSA_SKEY_LEN]; char skey[ECDSA_SKEY_LEN];
char *pub_key_x = (char *)calloc(1024, 1); char pub_key_x[BUF_LEN];
char *pub_key_y = (char *)calloc(1024, 1); memset(pub_key_x, 0, BUF_LEN);
char pub_key_y[BUF_LEN];
memset(pub_key_y, 0, BUF_LEN);
//char *pub_key_x = (char *)calloc(1024, 1);
// char *pub_key_y = (char *)calloc(1024, 1);
uint32_t enc_len; uint32_t enc_len;
...@@ -632,12 +640,12 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey, ...@@ -632,12 +640,12 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey,
} }
snprintf(err_string, BUF_LEN,"unsealed random skey is %s\n", skey); snprintf(err_string, BUF_LEN,"unsealed random skey is %s\n", skey);
char * common_key = (char *)malloc(65); char * common_key[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
gen_session_key(skey, pub_keyB, common_key); gen_session_key(skey, pub_keyB, common_key);
//snprintf(err_string + 81, BUF_LEN,"pub_key_B is %s length is %d", pub_keyB, strlen(pub_keyB)); //snprintf(err_string + 81, BUF_LEN,"pub_key_B is %s length is %d", pub_keyB, strlen(pub_keyB));
//snprintf(err_string + 88, BUF_LEN - 88,"\ncommon key is %s", common_key); //snprintf(err_string + 88, BUF_LEN - 88,"\ncommon key is %s", common_key);
char* s_share = (char *)malloc(65); char* s_share[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
//char s_share[65]; //char s_share[65];
if (calc_secret_share(Decrypted_dkg_poly, s_share, _t, _n, ind) != 0){ if (calc_secret_share(Decrypted_dkg_poly, s_share, _t, _n, ind) != 0){
...@@ -653,7 +661,7 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey, ...@@ -653,7 +661,7 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey,
return; return;
} }
char* cypher = (char *)malloc(65); char* cypher[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
xor_encrypt(common_key, s_share, cypher); xor_encrypt(common_key, s_share, cypher);
if (cypher == NULL){ if (cypher == NULL){
*err_status = 1; *err_status = 1;
...@@ -670,11 +678,11 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey, ...@@ -670,11 +678,11 @@ void get_encr_sshare(int *err_status, char *err_string, uint8_t *encrypted_skey,
//mpz_clear(skey); //mpz_clear(skey);
//free(skey); //free(skey);
free(common_key); //free(common_key);
free(pub_key_x); //free(pub_key_x);
free(pub_key_y); //free(pub_key_y);
free(s_share); //free(s_share);
free(cypher); //free(cypher);
} }
void complaint_response(int *err_status, char *err_string, uint8_t *encrypted_DHkey, uint8_t *encrypted_dkg_secret, uint32_t* dec_len, void complaint_response(int *err_status, char *err_string, uint8_t *encrypted_DHkey, uint8_t *encrypted_dkg_secret, uint32_t* dec_len,
...@@ -689,7 +697,7 @@ void complaint_response(int *err_status, char *err_string, uint8_t *encrypted_DH ...@@ -689,7 +697,7 @@ void complaint_response(int *err_status, char *err_string, uint8_t *encrypted_DH
// return; // return;
// } // }
char* decrypted_dkg_secret = (char*)malloc(DKG_BUFER_LENGTH); char decrypted_dkg_secret[DKG_BUFER_LENGTH]; //= (char*)malloc(DKG_BUFER_LENGTH);
uint32_t decr_len; uint32_t decr_len;
decrypt_dkg_secret(err_status, err_string, encrypted_dkg_secret, (uint8_t*)decrypted_dkg_secret, &decr_len); decrypt_dkg_secret(err_status, err_string, encrypted_dkg_secret, (uint8_t*)decrypted_dkg_secret, &decr_len);
if (*err_status != 0) { if (*err_status != 0) {
...@@ -703,7 +711,7 @@ void complaint_response(int *err_status, char *err_string, uint8_t *encrypted_DH ...@@ -703,7 +711,7 @@ void complaint_response(int *err_status, char *err_string, uint8_t *encrypted_DH
// snprintf(err_string, BUF_LEN,"what the ..."); // snprintf(err_string, BUF_LEN,"what the ...");
//snprintf(err_string, BUF_LEN,"s_shareG2:%s", s_shareG2); //snprintf(err_string, BUF_LEN,"s_shareG2:%s", s_shareG2);
free(decrypted_dkg_secret); // free(decrypted_dkg_secret);
} }
void dkg_verification(int *err_status, char* err_string, const char * public_shares, const char* s_share, void dkg_verification(int *err_status, char* err_string, const char * public_shares, const char* s_share,
...@@ -719,14 +727,14 @@ void dkg_verification(int *err_status, char* err_string, const char * public_sha ...@@ -719,14 +727,14 @@ void dkg_verification(int *err_status, char* err_string, const char * public_sha
return; return;
} }
char encr_sshare[65]; char encr_sshare[ECDSA_SKEY_LEN];
strncpy(encr_sshare, s_share, 64); strncpy(encr_sshare, s_share, ECDSA_SKEY_LEN - 1);
encr_sshare[64] = 0; encr_sshare[64] = 0;
char common_key[65]; char common_key[ECDSA_SKEY_LEN];
char decr_sshare[65]; char decr_sshare[ECDSA_SKEY_LEN];
session_key_recover(skey, s_share, common_key); session_key_recover(skey, s_share, common_key);
common_key[64] = 0; common_key[ECDSA_SKEY_LEN - 1] = 0;
if (common_key == NULL){ if (common_key == NULL){
*err_status = 1; *err_status = 1;
snprintf(err_string, BUF_LEN ,"invalid common_key"); snprintf(err_string, BUF_LEN ,"invalid common_key");
...@@ -1165,11 +1173,8 @@ void encrypt_key_aes(int *err_status, char *err_string, char *key, ...@@ -1165,11 +1173,8 @@ void encrypt_key_aes(int *err_status, char *err_string, char *key,
return; return;
} }
memset(encrypted_key, 0, BUF_LEN); memset(encrypted_key, 0, BUF_LEN);
int stat = AES_encrypt(key, encrypted_key); int stat = AES_encrypt(key, encrypted_key);
if ( stat != 0) { if ( stat != 0) {
*err_status = stat; *err_status = stat;
...@@ -1256,7 +1261,8 @@ void bls_sign_message_test(int *err_status, char *err_string, uint8_t *encrypted ...@@ -1256,7 +1261,8 @@ void bls_sign_message_test(int *err_status, char *err_string, uint8_t *encrypted
char key[BUF_LEN]; char key[BUF_LEN];
char* sig = (char*) calloc(BUF_LEN, 1); char sig[BUF_LEN];
//char* sig = (char*) calloc(BUF_LEN, 1);
init(); init();
...@@ -1277,11 +1283,12 @@ void bls_sign_message_test(int *err_status, char *err_string, uint8_t *encrypted ...@@ -1277,11 +1283,12 @@ void bls_sign_message_test(int *err_status, char *err_string, uint8_t *encrypted
*err_status = -1; *err_status = -1;
return; return;
} }
//free(sig);
} }
void gen_dkg_secret_aes (int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t* enc_len, size_t _t){ void gen_dkg_secret_aes (int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t* enc_len, size_t _t){
char* dkg_secret = (char*)calloc(DKG_BUFER_LENGTH, 1); char dkg_secret[DKG_BUFER_LENGTH];// = (char*)calloc(DKG_BUFER_LENGTH, 1);
if (gen_dkg_poly(dkg_secret, _t) != 0 ){ if (gen_dkg_poly(dkg_secret, _t) != 0 ){
*err_status = - 1; *err_status = - 1;
...@@ -1299,7 +1306,7 @@ void gen_dkg_secret_aes (int *err_status, char *err_string, uint8_t *encrypted_d ...@@ -1299,7 +1306,7 @@ void gen_dkg_secret_aes (int *err_status, char *err_string, uint8_t *encrypted_d
} }
*enc_len = strlen(dkg_secret) + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE; *enc_len = strlen(dkg_secret) + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE;
free(dkg_secret); // free(dkg_secret);
} }
void decrypt_dkg_secret_aes (int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t* dec_len){ void decrypt_dkg_secret_aes (int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t* dec_len){
...@@ -1325,6 +1332,100 @@ void set_encrypted_dkg_poly_aes(int *err_status, char *err_string, uint8_t* encr ...@@ -1325,6 +1332,100 @@ void set_encrypted_dkg_poly_aes(int *err_status, char *err_string, uint8_t* encr
snprintf(err_string, BUF_LEN,"sgx_unseal_data - encrypted_poly failed with status %d", status); snprintf(err_string, BUF_LEN,"sgx_unseal_data - encrypted_poly failed with status %d", status);
return; return;
} }
}
void get_encr_sshare_aes(int *err_status, char *err_string, uint8_t *encrypted_skey, uint32_t* dec_len,
char* result_str, char * s_shareG2, char* pub_keyB, uint8_t _t, uint8_t _n, uint8_t ind ){
char skey[ECDSA_SKEY_LEN];
char pub_key_x[BUF_LEN];
memset(pub_key_x, 0, BUF_LEN);
char pub_key_y[BUF_LEN];
memset(pub_key_y, 0, BUF_LEN);
//char *pub_key_x = (char *)calloc(1024, 1);
// char *pub_key_y = (char *)calloc(1024, 1);
uint32_t enc_len;
generate_ecdsa_key_aes(err_status, err_string, encrypted_skey, &enc_len, pub_key_x, pub_key_y);
if ( *err_status != 0){
return;
}
// snprintf(err_string, BUF_LEN,"pub_key_x is %s", pub_key_x);
int status = AES_decrypt(encrypted_skey, enc_len, skey);
skey[ECDSA_SKEY_LEN -1] = 0;
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"AES_decrypt failed (in get_encr_sshare_aes) with status %d", status);
*err_status = status;
return;
}
snprintf(err_string, BUF_LEN,"unsealed random skey is %s\n", skey);
char * common_key[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
gen_session_key(skey, pub_keyB, common_key);
//snprintf(err_string + 81, BUF_LEN,"pub_key_B is %s length is %d", pub_keyB, strlen(pub_keyB));
//snprintf(err_string + 88, BUF_LEN - 88,"\ncommon key is %s", common_key);
char* s_share[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
//char s_share[65];
if (calc_secret_share(Decrypted_dkg_poly, s_share, _t, _n, ind) != 0){
*err_status = -1;
snprintf(err_string, BUF_LEN,"\nt does not match poly degree\n");
return;
}
snprintf(err_string + 88, BUF_LEN,"\nsecret share is %s", s_share);
if (calc_secret_shareG2(s_share, s_shareG2) != 0){
*err_status = -1;
snprintf(err_string, BUF_LEN,"invalid decr secret share\n");
return;
}
char* cypher[ECDSA_SKEY_LEN]; //= (char *)malloc(65);
xor_encrypt(common_key, s_share, cypher);
if (cypher == NULL){
*err_status = 1;
snprintf(err_string, BUF_LEN ,"invalid common_key");
return;
}
//snprintf(err_string, BUF_LEN ,"cypher is %s length is %d", cypher, strlen(cypher));
strncpy(result_str, cypher, strlen(cypher));
strncpy(result_str + strlen(cypher), pub_key_x, strlen(pub_key_x));
strncpy(result_str + strlen(pub_key_x) + strlen(pub_key_y), pub_key_y, strlen(pub_key_y));
// snprintf(err_string, BUF_LEN,"s_share is %s length is %d", result_str, strlen(result_str));
//mpz_clear(skey);
//free(skey);
//free(common_key);
//free(pub_key_x);
//free(pub_key_y);
//free(s_share);
//free(cypher);
} }
void get_public_shares_aes(int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint32_t enc_len, char* public_shares,
unsigned _t, unsigned _n){
char decrypted_dkg_secret[DKG_MAX_SEALED_LEN]; //= (char*)malloc(DKG_MAX_SEALED_LEN);
decrypt_dkg_secret_aes(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len);
if( *err_status != 0 ){
snprintf(err_string, BUF_LEN,"decrypt_dkg_secret failed with status %d", *err_status);
return;
}
//strncpy(err_string, decrypted_dkg_secret, 1024);
// strncpy(err_string, "before calc_public_shares ", 1024);
if ( calc_public_shares(decrypted_dkg_secret, public_shares, _t) != 0 ){
*err_status = -1;
snprintf(err_string, BUF_LEN,"t does not match polynomial in db");
return;
}
}
secure_enclave/secure_enclave.edl
View file @ c6e00aaf
...@@ -233,6 +233,26 @@ enclave { ...@@ -233,6 +233,26 @@ enclave {
[in, count = 3050] uint8_t* encrypted_poly, [in, count = 3050] uint8_t* encrypted_poly,
[user_check] uint64_t* enc_len); [user_check] uint64_t* enc_len);
public void get_encr_sshare_aes(
[user_check]int *err_status,
[out, count = 1024] char *err_string,
[out, count = 1024] uint8_t *encrypted_skey,
[user_check] uint32_t* dec_len,
[out, count = 193] char* result_str,
[out, count = 320] char* s_shareG2,
[in, count = 129] char* pub_keyB,
uint8_t _t,
uint8_t _n,
uint8_t ind);
public void get_public_shares_aes (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 3050] uint8_t* encrypted_dkg_secret,
uint32_t enc_len,
[out, count = 10000] char* public_shares,
unsigned _t,
unsigned _n);
......
stubclient.h
View file @ c6e00aaf
...@@ -165,7 +165,7 @@ class StubClient : public jsonrpc::Client ...@@ -165,7 +165,7 @@ class StubClient : public jsonrpc::Client
p["secretShare"] = SecretShare; p["secretShare"] = SecretShare;
p["n"] = n; p["n"] = n;
p["t"] = t; p["t"] = t;
Json::Value result = this->CallMethod("reateBLSPrivateKey",p); Json::Value result = this->CallMethod("createBLSPrivateKey",p);
if (result.isObject()) if (result.isObject())
return result; return result;
else else
......
testw.cpp
View file @ c6e00aaf
...@@ -81,7 +81,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ...@@ -81,7 +81,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <thread> #include <thread>
#include "common.h" #include "common.h"
default_random_engine rand_gen((unsigned int) time(0));
string stringFromFr(libff::alt_bn128_Fr& el) { string stringFromFr(libff::alt_bn128_Fr& el) {
...@@ -182,21 +182,19 @@ TEST_CASE("BLS key encrypt/decrypt", "[bls-key-encrypt-decrypt]") { ...@@ -182,21 +182,19 @@ TEST_CASE("BLS key encrypt/decrypt", "[bls-key-encrypt-decrypt]") {
} }
} }
TEST_CASE("BLS key import", "[bls-key-import]") { //TEST_CASE("BLS key import", "[bls-key-import]") {
reset_db(); // reset_db();
init_all(false, false); // init_all(false, false);
//
//
//
auto result = importBLSKeyShareImpl(TEST_BLS_KEY_SHARE, TEST_BLS_KEY_NAME, 2, 2, 1); // auto result = importBLSKeyShareImpl(TEST_BLS_KEY_SHARE, TEST_BLS_KEY_NAME, 2, 2, 1);
//
REQUIRE(result["status"] == 0); // REQUIRE(result["status"] == 0);
//
REQUIRE(result["encryptedKeyShare"] != ""); // REQUIRE(result["encryptedKeyShare"] != "");
//
} //
//TEST_CASE("BLS sign test", "[bls-sign]") { //TEST_CASE("BLS sign test", "[bls-sign]") {
// //
// //init_all(); // //init_all();
...@@ -372,74 +370,6 @@ libff::alt_bn128_G2 VectStringToG2(const vector<string>& G2_str_vect){ ...@@ -372,74 +370,6 @@ libff::alt_bn128_G2 VectStringToG2(const vector<string>& G2_str_vect){
return koef; return koef;
} }
TEST_CASE( "DKG secret shares test", "[dkg-s_shares]" ) {
//init_all();
init_enclave();
libff::init_alt_bn128_params();
uint8_t* encrypted_dkg_secret = (uint8_t*) calloc(DKG_MAX_SEALED_LEN, 1);
char* errMsg = (char*) calloc(1024,1);
int err_status = 0;
uint32_t enc_len = 0;
unsigned t = 32, n = 32;
status = gen_dkg_secret (eid, &err_status, errMsg, encrypted_dkg_secret, &enc_len, n);
REQUIRE(status == SGX_SUCCESS);
printf("gen_dkg_secret completed with status: %d %s \n", err_status, errMsg);
printf("\n Length: %d \n", enc_len);
/* printf("encr_dkg_secret: \n");
for ( int i = 0 ; i < enc_len; i++)
printf(" %d ", encrypted_dkg_secret[i]);*/
char* errMsg1 = (char*) calloc(1024,1);
char colon = ':';
char* secret_shares = (char*)calloc(DKG_BUFER_LENGTH, sizeof(char));
uint32_t dec_len = enc_len;
// status = decrypt_dkg_secret(eid, &err_status, errMsg1, encrypted_dkg_secret, (uint8_t*)secret_shares, &dec_len);
status = get_secret_shares(eid, &err_status, errMsg1, encrypted_dkg_secret, &dec_len, secret_shares, t, n);
REQUIRE(status == SGX_SUCCESS);
printf("\nget_secret_shares status: %d %s \n", err_status, errMsg1);
printf("secret shares %s \n\n", secret_shares);
vector <libff::alt_bn128_Fr> s_shares = SplitStringToFr( secret_shares, colon);
char* secret = (char*)calloc(DKG_BUFER_LENGTH, sizeof(char));
status = decrypt_dkg_secret(eid, &err_status, errMsg1, encrypted_dkg_secret, (uint8_t*)secret, &dec_len);
REQUIRE(status == SGX_SUCCESS);
//printf("\ndecrypt_dkg_secret completed with status: %d %s \n", err_status, errMsg1);
signatures::Dkg dkg_obj(t,n);
vector < libff::alt_bn128_Fr> poly = SplitStringToFr((char*)secret, colon);
vector < libff::alt_bn128_Fr> s_shares_dkg = dkg_obj.SecretKeyContribution(SplitStringToFr((char*)secret, colon));
printf("calculated secret length %d : \n", s_shares_dkg.size());
for ( int i = 0; i < s_shares_dkg.size(); i++){
libff::alt_bn128_Fr cur_share = s_shares_dkg.at(i);
mpz_t(sshare);
mpz_init(sshare);
cur_share.as_bigint().to_mpz(sshare);
char arr[mpz_sizeinbase (sshare, 10) + 2];
char* share_str = mpz_get_str(arr, 10, sshare);
printf(" %s \n", share_str);
mpz_clear(sshare);
}
REQUIRE(s_shares == s_shares_dkg);
free(errMsg);
free(errMsg1);
free(encrypted_dkg_secret);
free(secret_shares);
sgx_destroy_enclave(eid);
}
TEST_CASE( "DKG public shares test", "[dkg-pub_shares]" ) { TEST_CASE( "DKG public shares test", "[dkg-pub_shares]" ) {
//init_all(); //init_all();
...@@ -548,6 +478,8 @@ TEST_CASE( "DKG encrypted secret shares test", "[dkg-encr_sshares]" ) { ...@@ -548,6 +478,8 @@ TEST_CASE( "DKG encrypted secret shares test", "[dkg-encr_sshares]" ) {
printf(" get_encr_sshare completed with status: %d %s \n", err_status, errMsg); printf(" get_encr_sshare completed with status: %d %s \n", err_status, errMsg);
cerr << "secret share is " << result << endl; cerr << "secret share is " << result << endl;
sgx_destroy_enclave(eid);
} }
TEST_CASE( "DKG verification test", "[dkg-verify]" ) { TEST_CASE( "DKG verification test", "[dkg-verify]" ) {
...@@ -587,6 +519,9 @@ TEST_CASE( "DKG verification test", "[dkg-verify]" ) { ...@@ -587,6 +519,9 @@ TEST_CASE( "DKG verification test", "[dkg-verify]" ) {
printf(" get_encr_sshare completed with status: %d %s \n", err_status, errMsg); printf(" get_encr_sshare completed with status: %d %s \n", err_status, errMsg);
cerr << "secret share is " << result << endl; cerr << "secret share is " << result << endl;
sgx_destroy_enclave(eid);
} }
...@@ -718,17 +653,6 @@ TEST_CASE("get public ECDSA key", "[get_pub_ecdsa_key_test]") { ...@@ -718,17 +653,6 @@ TEST_CASE("get public ECDSA key", "[get_pub_ecdsa_key_test]") {
}*/ }*/
TEST_CASE( "pub_bls_key", "[pub_bls]" ) {
init_daemon();
init_enclave();
char *encryptedKeyHex =
"04000200000000000406ffffff02000000000000000000000b000000000000ff0000000000000000813f8390f6228a568e181a4dadb6508e3e66f5247175d65dbd0d8c7fbfa4df45000000f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000008000000000000000000000000000000000dc044ae0cd79faaf41e8a7abb412790476738a98b5b6ce95fa1a32db5551b0a0d867305f4de558c64fee730a1f62394633c7d4ca65e3a40b7883e89c2801c61918b01c5de8624a52963df6f4de8581bcbdd2f9b69720d4cc764e03a04c7a99314bfdb5d2d55deda2ca40cd691f093fb2ecbae24cdacdd4d5de93189c6dfd6792d7b95bd5e330aec3538e7a85d15793"; // encryptTestKey();
//writeDataToDB("test_bls_key0", encryptedKeyHex);
vector<string> result = GetBLSPubKey(encryptedKeyHex);
//cerr << "pub key " << result << endl;
sgx_destroy_enclave(eid);
}
#include "stubclient.h" #include "stubclient.h"
#include <jsonrpccpp/client/connectors/httpclient.h> #include <jsonrpccpp/client/connectors/httpclient.h>
...@@ -774,12 +698,16 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") { ...@@ -774,12 +698,16 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") {
vector<string> pubShares(n); vector<string> pubShares(n);
vector<string> poly_names(n); vector<string> poly_names(n);
int schain_id = rand_gen();
int dkg_id = rand_gen();
for ( uint8_t i = 0; i < n; i++){ for ( uint8_t i = 0; i < n; i++){
EthKeys[i] = c.generateECDSAKey(); EthKeys[i] = c.generateECDSAKey();
string polyName = "POLY:SCHAIN_ID:1:NODE_ID:" + to_string(i) + ":DKG_ID:0"; string polyName = "POLY:SCHAIN_ID:" + to_string(schain_id) + ":NODE_ID:" + to_string(i) + ":DKG_ID:" + to_string(dkg_id);
c.generateDKGPoly(polyName, t); c.generateDKGPoly(polyName, t);
poly_names[i] = polyName; poly_names[i] = polyName;
VerifVects[i] = c.getVerificationVector(polyName, t, n); VerifVects[i] = c.getVerificationVector(polyName, t, n);
REQUIRE(VerifVects[i]["status"] == 0);
cout << "VV " << i << " " << VerifVects[i] << endl; cout << "VV " << i << " " << VerifVects[i] << endl;
pubEthKeys.append(EthKeys[i]["publicKey"]); pubEthKeys.append(EthKeys[i]["publicKey"]);
} }
...@@ -787,9 +715,12 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") { ...@@ -787,9 +715,12 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") {
for ( uint8_t i = 0; i < n; i++){ for ( uint8_t i = 0; i < n; i++){
secretShares[i] = c.getSecretShare(poly_names[i], pubEthKeys, t, n); secretShares[i] = c.getSecretShare(poly_names[i], pubEthKeys, t, n);
cout << secretShares[i] << std::endl;
REQUIRE(secretShares[i]["status"] == 0);
for ( uint8_t k = 0; k < t; k++ ) { for ( uint8_t k = 0; k < t; k++ ) {
for (uint8_t j = 0; j < 4; j++) { for (uint8_t j = 0; j < 4; j++) {
string pubShare = VerifVects[i]["verificationVector"][k][j].asString(); string pubShare = VerifVects[i]["verificationVector"][k][j].asString();
REQUIRE(pubShare.length() > 60 );
pubShares[i] += ConvertDecToHex(pubShare); pubShares[i] += ConvertDecToHex(pubShare);
} }
} }
...@@ -797,9 +728,9 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") { ...@@ -797,9 +728,9 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") {
// cerr << "length is" << pubShares[i].length() << endl; // cerr << "length is" << pubShares[i].length() << endl;
} }
Json::Value complaintResponse = c.complaintResponse(poly_names[1], 0); // Json::Value complaintResponse = c.complaintResponse(poly_names[1], 0);
cerr << "share * G2 is " << complaintResponse["share*G2"].asString(); // cerr << "share * G2 is " << complaintResponse["share*G2"].asString();
cerr << "DHKey is " << complaintResponse["dhKey"].asString(); // cerr << "DHKey is " << complaintResponse["dhKey"].asString();
int k = 0; int k = 0;
...@@ -813,6 +744,7 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") { ...@@ -813,6 +744,7 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") {
cerr << "secretShare length is " << secretShares[i]["secretShare"].asString().length() << endl; cerr << "secretShare length is " << secretShares[i]["secretShare"].asString().length() << endl;
string secretShare = secretShares[i]["secretShare"].asString().substr(192*j, 192); string secretShare = secretShares[i]["secretShare"].asString().substr(192*j, 192);
secShares_vect[i] += secretShares[j]["secretShare"].asString().substr(192*i, 192); secShares_vect[i] += secretShares[j]["secretShare"].asString().substr(192*i, 192);
cerr << "pubShare is " << pubShares[i] << std::endl;
bool res = c.dkgVerification(pubShares[i], EthKeys[j]["keyName"].asString(), secretShare, t, n, j)["result"].asBool(); bool res = c.dkgVerification(pubShares[i], EthKeys[j]["keyName"].asString(), secretShare, t, n, j)["result"].asBool();
k++; k++;
cerr << "NOW K IS " << k << " i is " << i << " j is " << j << endl; cerr << "NOW K IS " << k << " i is " << i << " j is " << j << endl;
...@@ -871,8 +803,6 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") { ...@@ -871,8 +803,6 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") {
cout << "try to get bls public key" << endl; cout << "try to get bls public key" << endl;
cout << c.getBLSPublicKeyShare("BLS_KEY:SCHAIN_ID:1:NODE_ID:1:DKG_ID:0"); cout << c.getBLSPublicKeyShare("BLS_KEY:SCHAIN_ID:1:NODE_ID:1:DKG_ID:0");
} }
TEST_CASE("API test", "[api_test]") { TEST_CASE("API test", "[api_test]") {
...@@ -987,16 +917,16 @@ TEST_CASE("getServerStatus test", "[getServerStatus_test]") { ...@@ -987,16 +917,16 @@ TEST_CASE("getServerStatus test", "[getServerStatus_test]") {
sgx_destroy_enclave(eid); sgx_destroy_enclave(eid);
} }
default_random_engine rand_gen((unsigned int) time(0));
void SendRPCRequest(){ void SendRPCRequest(){
cout << "Hello from thread " << this_thread::get_id() << endl; cout << "Hello from thread " << this_thread::get_id() << endl;
HttpClient client("http://localhost:1029"); HttpClient client("http://localhost:1029");
StubClient c(client, JSONRPC_CLIENT_V2); StubClient c(client, JSONRPC_CLIENT_V2);
reset_db(); reset_db();
int n = 2, t = 2; int n = 16, t = 16;
Json::Value EthKeys[n]; Json::Value EthKeys[n];
Json::Value VerifVects[n]; Json::Value VerifVects[n];
Json::Value pubEthKeys; Json::Value pubEthKeys;
...@@ -1014,6 +944,7 @@ void SendRPCRequest(){ ...@@ -1014,6 +944,7 @@ void SendRPCRequest(){
c.generateDKGPoly(polyName, t); c.generateDKGPoly(polyName, t);
poly_names[i] = polyName; poly_names[i] = polyName;
VerifVects[i] = c.getVerificationVector(polyName, t, n); VerifVects[i] = c.getVerificationVector(polyName, t, n);
REQUIRE( VerifVects[i]["status"] == 0);
cout << "VV " << i << " " << VerifVects[i] << endl; cout << "VV " << i << " " << VerifVects[i] << endl;
pubEthKeys.append(EthKeys[i]["publicKey"]); pubEthKeys.append(EthKeys[i]["publicKey"]);
} }
...@@ -1022,7 +953,7 @@ void SendRPCRequest(){ ...@@ -1022,7 +953,7 @@ void SendRPCRequest(){
secretShares[i] = c.getSecretShare(poly_names[i], pubEthKeys, t, n); secretShares[i] = c.getSecretShare(poly_names[i], pubEthKeys, t, n);
for ( uint8_t k = 0; k < t; k++ ) { for ( uint8_t k = 0; k < t; k++ ) {
for (uint8_t j = 0; j < 4; j++) { for (uint8_t j = 0; j < 4; j++) {
string pubShare = VerifVects[i]["verificationVector"][k][j].asString(); string pubShare = VerifVects[i]["Verification Vector"][k][j].asString();
pubShares[i] += ConvertDecToHex(pubShare); pubShares[i] += ConvertDecToHex(pubShare);
} }
} }
...@@ -1030,9 +961,6 @@ void SendRPCRequest(){ ...@@ -1030,9 +961,6 @@ void SendRPCRequest(){
// cerr << "length is" << pubShares[i].length() << endl; // cerr << "length is" << pubShares[i].length() << endl;
} }
// Json::Value complaintResponse = c.complaintResponse(poly_names[1], 0);
// cerr << "share * G2 is " << complaintResponse["share*G2"].asString();
// cerr << "DHKey is " << complaintResponse["DHKey"].asString();
int k = 0; int k = 0;
...@@ -1040,24 +968,76 @@ void SendRPCRequest(){ ...@@ -1040,24 +968,76 @@ void SendRPCRequest(){
for ( int i = 0; i < n; i++) for ( int i = 0; i < n; i++)
for ( int j = 0; j < n; j++){ for ( int j = 0; j < n; j++){
if ( i != j ){ // if ( i != j ){
cerr << "SecretShare length is " << secretShares[i]["secretShare"].asString().length() << endl; cerr << "SecretShare length is " << secretShares[i]["secretShare"].asString().length() << endl;
string secretShare = secretShares[i]["secretShare"].asString().substr(192*j, 192 ); string secretShare = secretShares[i]["secretShare"].asString().substr(192*j, 192 );
secShares_vect[i] += secretShares[j]["secretShare"].asString().substr(192*i, 192 ); secShares_vect[i] += secretShares[j]["secretShare"].asString().substr(192*i, 192 );
bool res = c.dkgVerification(pubShares[i], EthKeys[j]["keyName"].asString(), secretShare, t, n, j)["result"].asBool(); Json::Value verif = c.dkgVerification(pubShares[i], EthKeys[j]["keyName"].asString(), secretShare, t, n, j);
cout << verif;
bool res = verif["result"].asBool();
k++; k++;
cerr << "NOW K IS " << k << " i is " << i << " j is " << j << endl; cerr << "NOW K IS " << k << " i is " << i << " j is " << j << endl;
REQUIRE( res ); // REQUIRE( res );
} // }
} }
BLSSigShareSet sigShareSet(t, n);
string hash = "09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db";
auto hash_arr = make_shared<array<uint8_t, 32>>();
uint64_t binLen;
if (!hex2carray(hash.c_str(), &binLen, hash_arr->data())){
throw RPCException(INVALID_HEX, "Invalid hash");
}
map<size_t, shared_ptr<BLSPublicKeyShare>> koefs_pkeys_map;
for ( int i = 0; i < t ; i++){
string endName = poly_names[i].substr(4);
string blsName = "BLS_KEY" + poly_names[i].substr(4);
string secretShare = secretShares[i]["secretShare"].asString();
//cout << c.createBLSPrivateKey(blsName, EthKeys[i]["keyName"].asString(), poly_names[i], secretShare, t, n);
cout << c.createBLSPrivateKey(blsName, EthKeys[i]["keyName"].asString(), poly_names[i], secShares_vect[i], t, n);
pubBLSKeys[i] = c.getBLSPublicKeyShare(blsName);
cerr << "BLS KEY SHARE NAME IS " << blsName << endl;
string hash = "09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db";
BLSSigShares[i] = c.blsSignMessageHash(blsName, hash, t, n, i + 1);
REQUIRE(BLSSigShares[i]["status"] == 0);
cerr << i << " sig share is created " << endl;
shared_ptr<string> sig_share_ptr = make_shared<string>(BLSSigShares[i]["signatureShare"].asString());
BLSSigShare sig(sig_share_ptr, i + 1, t, n);
sigShareSet.addSigShare(make_shared<BLSSigShare>(sig));
// vector<string> pubKey_vect;
// for ( uint8_t j = 0; j < 4; j++){
// pubKey_vect.push_back(pubBLSKeys[i]["blsPublicKeyShare"][j].asString());
// }
// BLSPublicKeyShare pubKey(make_shared<vector<string>>(pubKey_vect), t, n);
// REQUIRE( pubKey.VerifySigWithHelper(hash_arr, make_shared<BLSSigShare>(sig) , t, n));
//koefs_pkeys_map[i+1] = make_shared<BLSPublicKeyShare>(pubKey);
}
shared_ptr<BLSSignature> commonSig = sigShareSet.merge();
// BLSPublicKey common_public(make_shared<map<size_t, shared_ptr<BLSPublicKeyShare>>>(koefs_pkeys_map), t, n);
// REQUIRE( common_public.VerifySigWithHelper(hash_arr, commonSig, t, n) );
} }
TEST_CASE("ManySimultaneousThreads", "[many_threads_test]") { TEST_CASE("ManySimultaneousThreads", "[many_threads_test]") {
is_sgx_https = 0; is_sgx_https = 0;
DEBUG_PRINT = 1;
init_all( false, false ); init_all( false, false );
vector<thread> threads; vector<thread> threads;
int num_threads = 16; int num_threads = 4;
for (int i = 0; i < num_threads; i++){ for (int i = 0; i < num_threads; i++){
threads.push_back(thread(SendRPCRequest)); threads.push_back(thread(SendRPCRequest));
} }
...@@ -1247,13 +1227,26 @@ TEST_CASE("AES_DKG test", "[aes_dkg]") { ...@@ -1247,13 +1227,26 @@ TEST_CASE("AES_DKG test", "[aes_dkg]") {
for (uint8_t i = 0; i < n; i++) { for (uint8_t i = 0; i < n; i++) {
EthKeys[i] = c.generateECDSAKey(); EthKeys[i] = c.generateECDSAKey();
REQUIRE(EthKeys[i]["status"] == 0);
std::string polyName = std::string polyName =
"POLY:SCHAIN_ID:1:NODE_ID:" + std::to_string(i) + ":DKG_ID:0"; "POLY:SCHAIN_ID:1:NODE_ID:" + std::to_string(i) + ":DKG_ID:0";
cout << c.generateDKGPoly(polyName, t); cout << c.generateDKGPoly(polyName, t);
// poly_names[i] = polyName;
// VerifVects[i] = c.getVerificationVector(polyName, t, n); poly_names[i] = polyName;
// cout << "VV " << i << " " << VerifVects[i] << std::endl; VerifVects[i] = c.getVerificationVector(polyName, t, n);
// pubEthKeys.append(EthKeys[i]["PublicKey"]); cout << "VV " << i << " " << VerifVects[i] << std::endl;
pubEthKeys.append(EthKeys[i]["PublicKey"]);
} }
// for ( uint8_t i = 0; i < n; i++){
// secretShares[i] = c.getSecretShare(poly_names[i], pubEthKeys, t, n);
// cout << secretShares[i] << std::endl;
// REQUIRE(secretShares[i]["status"] == 0);
// for ( uint8_t k = 0; k < t; k++ ) {
// for (uint8_t j = 0; j < 4; j++) {
// string pubShare = VerifVects[i]["verificationVector"][k][j].asString();
// pubShares[i] += ConvertDecToHex(pubShare);
// }
// }
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment