Skip to content

S
sgxwallet
Unverified Commit cb024a2c authored by Oleh Nikolaiev's avatar Oleh Nikolaiev
Browse files
Options

SKALE-2002 fix bls key length

parent a1dfeb15
Show whitespace changes
Inline Side-by-side
Showing with 60 additions and 254 deletions
BLSPrivateKeyShareSGX.cpp
View file @ cb024a2c
...@@ -39,7 +39,6 @@ ...@@ -39,7 +39,6 @@
std::string *stringFromFq(libff::alt_bn128_Fq*_fq) { std::string *stringFromFq(libff::alt_bn128_Fq*_fq) {
mpz_t t; mpz_t t;
mpz_init(t); mpz_init(t);
...@@ -54,13 +53,10 @@ std::string *stringFromFq(libff::alt_bn128_Fq*_fq) { ...@@ -54,13 +53,10 @@ std::string *stringFromFq(libff::alt_bn128_Fq*_fq) {
} }
std::string *stringFromG1(libff::alt_bn128_G1 *_g1) { std::string *stringFromG1(libff::alt_bn128_G1 *_g1) {
auto sX = stringFromFq(&_g1->X); auto sX = stringFromFq(&_g1->X);
auto sY = stringFromFq(&_g1->Y); auto sY = stringFromFq(&_g1->Y);
auto sZ = stringFromFq(&_g1->Z); auto sZ = stringFromFq(&_g1->Z);
auto sG1 = new std::string(*sX + ":" + *sY + ":" + *sZ); auto sG1 = new std::string(*sX + ":" + *sY + ":" + *sZ);
delete(sX); delete(sX);
...@@ -68,7 +64,6 @@ std::string *stringFromG1(libff::alt_bn128_G1 *_g1) { ...@@ -68,7 +64,6 @@ std::string *stringFromG1(libff::alt_bn128_G1 *_g1) {
delete(sZ); delete(sZ);
return sG1; return sG1;
} }
...@@ -105,9 +100,6 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr( ...@@ -105,9 +100,6 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
size_t _signerIndex) { size_t _signerIndex) {
shared_ptr<signatures::Bls> obj; shared_ptr<signatures::Bls> obj;
// if (_signerIndex == 0) {
// BOOST_THROW_EXCEPTION(runtime_error("Zero signer index"));
// }
if (hash_byte_arr == nullptr) { if (hash_byte_arr == nullptr) {
std::cerr << "Hash is null" << std::endl; std::cerr << "Hash is null" << std::endl;
BOOST_THROW_EXCEPTION(runtime_error("Hash is null")); BOOST_THROW_EXCEPTION(runtime_error("Hash is null"));
...@@ -121,7 +113,6 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr( ...@@ -121,7 +113,6 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
int errStatus = 0; int errStatus = 0;
string* xStr = stringFromFq(&(hash_with_hint.first.X)); string* xStr = stringFromFq(&(hash_with_hint.first.X));
if (xStr == nullptr) { if (xStr == nullptr) {
...@@ -136,7 +127,6 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr( ...@@ -136,7 +127,6 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
BOOST_THROW_EXCEPTION(runtime_error("Null yStr")); BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
} }
char errMsg[BUF_LEN]; char errMsg[BUF_LEN];
memset(errMsg, 0, BUF_LEN); memset(errMsg, 0, BUF_LEN);
...@@ -152,7 +142,6 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr( ...@@ -152,7 +142,6 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
size_t sz = 0; size_t sz = 0;
uint8_t encryptedKey[BUF_LEN]; uint8_t encryptedKey[BUF_LEN];
bool result = hex2carray(encryptedKeyHex->c_str(), &sz, encryptedKey); bool result = hex2carray(encryptedKeyHex->c_str(), &sz, encryptedKey);
...@@ -168,17 +157,13 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr( ...@@ -168,17 +157,13 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
trustedBlsSignMessage(eid, &errStatus, errMsg, encryptedKey, trustedBlsSignMessage(eid, &errStatus, errMsg, encryptedKey,
encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature); encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);
// strncpy(signature, "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855", 1024);
printf("sig is: %s\n", signature); printf("sig is: %s\n", signature);
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
gmp_printf("SGX enclave call to trustedBlsSignMessage failed: 0x%04x\n", status); gmp_printf("SGX enclave call to trustedBlsSignMessage failed: 0x%04x\n", status);
BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed")); BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
} }
if (errStatus != 0) { if (errStatus != 0) {
BOOST_THROW_EXCEPTION(runtime_error("Enclave trustedBlsSignMessage failed:" + to_string(errStatus) + ":" + errMsg )); BOOST_THROW_EXCEPTION(runtime_error("Enclave trustedBlsSignMessage failed:" + to_string(errStatus) + ":" + errMsg ));
return nullptr; return nullptr;
...@@ -190,135 +175,24 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr( ...@@ -190,135 +175,24 @@ std::string BLSPrivateKeyShareSGX::signWithHelperSGXstr(
BOOST_THROW_EXCEPTION(runtime_error("Signature is too short:" + to_string(sigLen))); BOOST_THROW_EXCEPTION(runtime_error("Signature is too short:" + to_string(sigLen)));
} }
std::string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" + std::string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" +
hash_with_hint.second; hash_with_hint.second;
std::string sig = signature; std::string sig = signature;
sig.append(":"); sig.append(":");
sig.append(hint); sig.append(hint);
return sig; return sig;
} }
std::shared_ptr<BLSSigShare> BLSPrivateKeyShareSGX::signWithHelperSGX( std::shared_ptr<BLSSigShare> BLSPrivateKeyShareSGX::signWithHelperSGX(
std::shared_ptr<std::array<uint8_t, 32>> hash_byte_arr, std::shared_ptr<std::array<uint8_t, 32>> hash_byte_arr,
size_t _signerIndex) { size_t _signerIndex) {
/* shared_ptr<signatures::Bls> obj;
if (_signerIndex == 0) {
BOOST_THROW_EXCEPTION(runtime_error("Zero signer index"));
}
if (hash_byte_arr == nullptr) {
BOOST_THROW_EXCEPTION(runtime_error("Hash is null"));
}
obj = make_shared<signatures::Bls>(
signatures::Bls(requiredSigners, totalSigners));
std::pair<libff::alt_bn128_G1, std::string> hash_with_hint =
obj->HashtoG1withHint(hash_byte_arr);
int errStatus = 0;
string* xStr = stringFromFq(&(hash_with_hint.first.X));
if (xStr == nullptr) {
BOOST_THROW_EXCEPTION(runtime_error("Null xStr"));
}
string* yStr = stringFromFq(&(hash_with_hint.first.Y));
if (xStr == nullptr) {
BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
}
char errMsg[BUF_LEN];
memset(errMsg, 0, BUF_LEN);
char xStrArg[BUF_LEN];
char yStrArg[BUF_LEN];
char signature [BUF_LEN];
memset(xStrArg, 0, BUF_LEN);
memset(yStrArg, 0, BUF_LEN);
strncpy(xStrArg, xStr->c_str(), BUF_LEN);
strncpy(yStrArg, yStr->c_str(), BUF_LEN);
size_t sz = 0;
uint8_t encryptedKey[BUF_LEN];
bool result = hex2carray(encryptedKeyHex->c_str(), &sz, encryptedKey);
if (!result) {
BOOST_THROW_EXCEPTION(std::invalid_argument("Invalid hex encrypted key"));
}
cerr << "Key is " + *encryptedKeyHex << endl;
// sgx_status_t status =
// trustedBlsSignMessage(eid, &errStatus, errMsg, encryptedKey,
// encryptedKeyHex->size() / 2, xStrArg, yStrArg, signature);
strncpy(signature, "8175162913343900215959836578795929492705714455632345516427532159927644835012:15265825550804683171644566522808807137117748565649051208189914766494241035855", 1024);
printf("---: %s\n", signature);
// if (status != SGX_SUCCESS) {
// gmp_printf("SGX enclave call to trustedBlsSignMessage failed: 0x%04x\n", status);
// BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
// }
// if (errStatus != 0) {
// BOOST_THROW_EXCEPTION(runtime_error("Enclave trustedBlsSignMessage failed:" + to_string(errStatus) + ":" + errMsg ));
// return nullptr;
// }
int sigLen;
if ((sigLen = strnlen(signature, 10)) < 10) {
BOOST_THROW_EXCEPTION(runtime_error("Signature too short:" + to_string(sigLen)));
}
std::string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" +
hash_with_hint.second;
auto sig = make_shared<string>(signature);
sig->append(":");
sig->append(hint);*/
std::string signature = signWithHelperSGXstr(hash_byte_arr, _signerIndex); std::string signature = signWithHelperSGXstr(hash_byte_arr, _signerIndex);
auto sig = make_shared<string>(signature); auto sig = make_shared<string>(signature);
//BLSSigShare* sig_test = new BLSSigShare(sig, _signerIndex, requiredSigners, totalSigners);
//std::string hello = "hello";
//std::cout << "HINT " << *((void**)&(sig_test->hint)) << std::endl;
//std::shared_ptr<BLSSigShare> s; s.reset( sig_test );//(sig, _signerIndex, requiredSigners,
//totalSigners);
std::shared_ptr<BLSSigShare> s = std::make_shared<BLSSigShare>(sig, _signerIndex, requiredSigners, std::shared_ptr<BLSSigShare> s = std::make_shared<BLSSigShare>(sig, _signerIndex, requiredSigners,
totalSigners); totalSigners);
......
CSRManagerServer.cpp
View file @ cb024a2c
...@@ -47,7 +47,6 @@ shared_ptr<jsonrpc::HttpServer> CSRManagerServer::hs3 = nullptr; ...@@ -47,7 +47,6 @@ shared_ptr<jsonrpc::HttpServer> CSRManagerServer::hs3 = nullptr;
CSRManagerServer::CSRManagerServer(AbstractServerConnector &connector, CSRManagerServer::CSRManagerServer(AbstractServerConnector &connector,
serverVersion_t type) : abstractCSRManagerServer(connector, type) {} serverVersion_t type) : abstractCSRManagerServer(connector, type) {}
Json::Value getUnsignedCSRsImpl() { Json::Value getUnsignedCSRsImpl() {
spdlog::info(__FUNCTION__); spdlog::info(__FUNCTION__);
INIT_RESULT(result) INIT_RESULT(result)
......
CSRManagerServer.h
View file @ cb024a2c
...@@ -32,14 +32,10 @@ ...@@ -32,14 +32,10 @@
#include "abstractCSRManagerServer.h" #include "abstractCSRManagerServer.h"
#include "LevelDB.h" #include "LevelDB.h"
using namespace jsonrpc; using namespace jsonrpc;
using namespace std; using namespace std;
class CSRManagerServer : public abstractCSRManagerServer { class CSRManagerServer : public abstractCSRManagerServer {
recursive_mutex m; recursive_mutex m;
static shared_ptr<HttpServer> hs3; static shared_ptr<HttpServer> hs3;
......
ECDSACrypto.cpp
View file @ cb024a2c
...@@ -50,7 +50,6 @@ string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) { ...@@ -50,7 +50,6 @@ string concatPubKeyWith0x(char *pub_key_x, char *pub_key_y) {
return result; return result;
} }
void fillRandomBuffer(vector<unsigned char> &_buffer) { void fillRandomBuffer(vector<unsigned char> &_buffer) {
ifstream devRandom("/dev/urandom", ios::in | ios::binary); ifstream devRandom("/dev/urandom", ios::in | ios::binary);
devRandom.exceptions(ifstream::failbit | ifstream::badbit); devRandom.exceptions(ifstream::failbit | ifstream::badbit);
...@@ -97,7 +96,6 @@ vector <string> genECDSAKey() { ...@@ -97,7 +96,6 @@ vector <string> genECDSAKey() {
} }
string getECDSAPubKey(const char *_encryptedKeyHex) { string getECDSAPubKey(const char *_encryptedKeyHex) {
vector<char> errMsg(BUF_LEN, 0); vector<char> errMsg(BUF_LEN, 0);
vector<char> pubKeyX(BUF_LEN, 0); vector<char> pubKeyX(BUF_LEN, 0);
vector<char> pubKeyY(BUF_LEN, 0); vector<char> pubKeyY(BUF_LEN, 0);
...@@ -139,7 +137,6 @@ bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatur ...@@ -139,7 +137,6 @@ bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatur
domain_parameters_load_curve(curve, secp256k1); domain_parameters_load_curve(curve, secp256k1);
point publicKey = point_init(); point publicKey = point_init();
mpz_t msgMpz; mpz_t msgMpz;
mpz_init(msgMpz); mpz_init(msgMpz);
if (mpz_set_str(msgMpz, hashHex, 16) == -1) { if (mpz_set_str(msgMpz, hashHex, 16) == -1) {
...@@ -165,7 +162,6 @@ bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatur ...@@ -165,7 +162,6 @@ bool verifyECDSASig(string& pubKeyStr, const char *hashHex, const char *signatur
signature_free(sig); signature_free(sig);
return result; return result;
} }
vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, int base) { vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, int base) {
...@@ -200,7 +196,6 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, ...@@ -200,7 +196,6 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
goto clean; goto clean;
} }
if (status != SGX_SUCCESS) { if (status != SGX_SUCCESS) {
spdlog::error("failed to sign {}", status); spdlog::error("failed to sign {}", status);
exception = make_shared<SGXException>(666, "failed to sign"); exception = make_shared<SGXException>(666, "failed to sign");
...@@ -222,7 +217,6 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex, ...@@ -222,7 +217,6 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
goto clean; goto clean;
} }
clean: clean:
if (exception) if (exception)
......
Exception.cpp
View file @ cb024a2c
...@@ -29,7 +29,6 @@ void Exception::logNested(const std::exception &e, int level) ...@@ -29,7 +29,6 @@ void Exception::logNested(const std::exception &e, int level)
{ {
string prefix; string prefix;
if (level == 0) { if (level == 0) {
prefix = "!Exception:"; prefix = "!Exception:";
} else { } else {
......
LevelDB.cpp
View file @ cb024a2c
...@@ -39,19 +39,12 @@ ...@@ -39,19 +39,12 @@
#include "spdlog/spdlog.h" #include "spdlog/spdlog.h"
#include "common.h" #include "common.h"
using namespace leveldb; using namespace leveldb;
static WriteOptions writeOptions; static WriteOptions writeOptions;
static ReadOptions readOptions; static ReadOptions readOptions;
std::shared_ptr<string> LevelDB::readString(const string &_key) { std::shared_ptr<string> LevelDB::readString(const string &_key) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
auto result = std::make_shared<string>(); auto result = std::make_shared<string>();
...@@ -62,10 +55,7 @@ std::shared_ptr<string> LevelDB::readString(const string &_key) { ...@@ -62,10 +55,7 @@ std::shared_ptr<string> LevelDB::readString(const string &_key) {
auto status = db->Get(readOptions, _key, &*result); auto status = db->Get(readOptions, _key, &*result);
spdlog::debug("key to read from db: {}",_key ); spdlog::debug("key to read from db: {}",_key );
//std::cerr << "key to read from db: " << _key << std::endl;
throwExceptionOnError(status); throwExceptionOnError(status);
...@@ -76,22 +66,17 @@ std::shared_ptr<string> LevelDB::readString(const string &_key) { ...@@ -76,22 +66,17 @@ std::shared_ptr<string> LevelDB::readString(const string &_key) {
} }
void LevelDB::writeString(const string &_key, const string &_value) { void LevelDB::writeString(const string &_key, const string &_value) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
auto status = db->Put(writeOptions, Slice(_key), Slice(_value)); auto status = db->Put(writeOptions, Slice(_key), Slice(_value));
throwExceptionOnError(status); throwExceptionOnError(status);
spdlog::debug("written key: {}",_key ); spdlog::debug("written key: {}",_key );
// std::cerr << "written key " << _key << std::endl;
} }
void LevelDB::deleteDHDKGKey (const string &_key) { void LevelDB::deleteDHDKGKey (const string &_key) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
string full_key = "DKG_DH_KEY_" + _key; string full_key = "DKG_DH_KEY_" + _key;
...@@ -101,12 +86,9 @@ void LevelDB::deleteDHDKGKey (const string &_key) { ...@@ -101,12 +86,9 @@ void LevelDB::deleteDHDKGKey (const string &_key) {
throwExceptionOnError(status); throwExceptionOnError(status);
spdlog::debug("key deleted: {}",full_key ); spdlog::debug("key deleted: {}",full_key );
//std::cerr << "key deleted " << full_key << std::endl;
} }
void LevelDB::deleteTempNEK(const string &_key){ void LevelDB::deleteTempNEK(const string &_key) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
string prefix = _key.substr(0,8); string prefix = _key.substr(0,8);
...@@ -121,8 +103,7 @@ void LevelDB::deleteTempNEK(const string &_key){ ...@@ -121,8 +103,7 @@ void LevelDB::deleteTempNEK(const string &_key){
std::cerr << "key deleted " << _key << std::endl; std::cerr << "key deleted " << _key << std::endl;
} }
void LevelDB::deleteKey(const string &_key){ void LevelDB::deleteKey(const string &_key) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
auto status = db->Delete(writeOptions, Slice(_key)); auto status = db->Delete(writeOptions, Slice(_key));
...@@ -130,15 +111,12 @@ void LevelDB::deleteKey(const string &_key){ ...@@ -130,15 +111,12 @@ void LevelDB::deleteKey(const string &_key){
throwExceptionOnError(status); throwExceptionOnError(status);
spdlog::debug("key deleted: {}",_key ); spdlog::debug("key deleted: {}",_key );
// std::cerr << "key deleted " << _key << std::endl;
} }
void LevelDB::writeByteArray(const char *_key, size_t _keyLen, const char *value, void LevelDB::writeByteArray(const char *_key, size_t _keyLen, const char *value,
size_t _valueLen) { size_t _valueLen) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
auto status = db->Put(writeOptions, Slice(_key, _keyLen), Slice(value, _valueLen)); auto status = db->Put(writeOptions, Slice(_key, _keyLen), Slice(value, _valueLen));
...@@ -149,7 +127,6 @@ void LevelDB::writeByteArray(const char *_key, size_t _keyLen, const char *value ...@@ -149,7 +127,6 @@ void LevelDB::writeByteArray(const char *_key, size_t _keyLen, const char *value
void LevelDB::writeByteArray(string &_key, const char *value, void LevelDB::writeByteArray(string &_key, const char *value,
size_t _valueLen) { size_t _valueLen) {
std::lock_guard<std::recursive_mutex> lock(mutex); std::lock_guard<std::recursive_mutex> lock(mutex);
auto status = db->Put(writeOptions, Slice(_key), Slice(value, _valueLen)); auto status = db->Put(writeOptions, Slice(_key), Slice(value, _valueLen));
...@@ -158,18 +135,15 @@ void LevelDB::writeByteArray(string &_key, const char *value, ...@@ -158,18 +135,15 @@ void LevelDB::writeByteArray(string &_key, const char *value,
} }
void LevelDB::throwExceptionOnError(Status _status) { void LevelDB::throwExceptionOnError(Status _status) {
if (_status.IsNotFound()) if (_status.IsNotFound())
return; return;
if (!_status.ok()) { if (!_status.ok()) {
throw SGXException(COULD_NOT_ACCESS_DATABASE, ("Could not access database database:" + _status.ToString()).c_str()); throw SGXException(COULD_NOT_ACCESS_DATABASE, ("Could not access database database:" + _status.ToString()).c_str());
} }
} }
uint64_t LevelDB::visitKeys(LevelDB::KeyVisitor *_visitor, uint64_t _maxKeysToVisit) { uint64_t LevelDB::visitKeys(LevelDB::KeyVisitor *_visitor, uint64_t _maxKeysToVisit) {
uint64_t readCounter = 0; uint64_t readCounter = 0;
leveldb::Iterator *it = db->NewIterator(readOptions); leveldb::Iterator *it = db->NewIterator(readOptions);
...@@ -194,7 +168,6 @@ std::vector<string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){ ...@@ -194,7 +168,6 @@ std::vector<string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){
for (it->SeekToFirst(); it->Valid(); it->Next()) { for (it->SeekToFirst(); it->Valid(); it->Next()) {
string cur_key(it->key().data(), it->key().size()); string cur_key(it->key().data(), it->key().size());
keys.push_back(cur_key); keys.push_back(cur_key);
// keys.push_back(it->key().data());
readCounter++; readCounter++;
if (readCounter >= _maxKeysToVisit) { if (readCounter >= _maxKeysToVisit) {
break; break;
...@@ -207,25 +180,20 @@ std::vector<string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){ ...@@ -207,25 +180,20 @@ std::vector<string> LevelDB::writeKeysToVector1(uint64_t _maxKeysToVisit){
} }
void LevelDB::writeDataUnique(const string & Name, const string &value) { void LevelDB::writeDataUnique(const string & Name, const string &value) {
auto key = Name; auto key = Name;
if (readString(Name) != nullptr) { if (readString(Name) != nullptr) {
spdlog::debug("name {}",Name, " already exists"); spdlog::debug("name {}",Name, " already exists");
// std::cerr << "name " << Name << " already exists" << std::endl;
throw SGXException(KEY_SHARE_ALREADY_EXISTS, "Data with this name already exists"); throw SGXException(KEY_SHARE_ALREADY_EXISTS, "Data with this name already exists");
} }
writeString(key, value); writeString(key, value);
spdlog::debug("{}",Name, " is written to db"); spdlog::debug("{}",Name, " is written to db");
} }
LevelDB::LevelDB(string &filename) { LevelDB::LevelDB(string &filename) {
leveldb::Options options; leveldb::Options options;
options.create_if_missing = true; options.create_if_missing = true;
...@@ -236,7 +204,6 @@ LevelDB::LevelDB(string &filename) { ...@@ -236,7 +204,6 @@ LevelDB::LevelDB(string &filename) {
if (db == nullptr) { if (db == nullptr) {
throw std::runtime_error("Null levelDB object"); throw std::runtime_error("Null levelDB object");
} }
} }
LevelDB::~LevelDB() { LevelDB::~LevelDB() {
...@@ -269,16 +236,13 @@ string LevelDB::sgx_data_folder; ...@@ -269,16 +236,13 @@ string LevelDB::sgx_data_folder;
bool LevelDB::isInited = false; bool LevelDB::isInited = false;
void LevelDB::initDataFolderAndDBs() { void LevelDB::initDataFolderAndDBs() {
CHECK_STATE(!isInited) CHECK_STATE(!isInited)
isInited = true; isInited = true;
spdlog::info("Initing wallet database ... "); spdlog::info("Initing wallet database ... ");
char cwd[PATH_MAX]; char cwd[PATH_MAX];
if (getcwd(cwd, sizeof(cwd)) == NULL) { if (getcwd(cwd, sizeof(cwd)) == NULL) {
spdlog::error("could not get current workin directory"); spdlog::error("could not get current workin directory");
exit(-1); exit(-1);
...@@ -299,7 +263,6 @@ void LevelDB::initDataFolderAndDBs() { ...@@ -299,7 +263,6 @@ void LevelDB::initDataFolderAndDBs() {
} }
} }
spdlog::info("Opening wallet databases"); spdlog::info("Opening wallet databases");
auto dbName = sgx_data_folder + WALLETDB_NAME; auto dbName = sgx_data_folder + WALLETDB_NAME;
...@@ -312,7 +275,6 @@ void LevelDB::initDataFolderAndDBs() { ...@@ -312,7 +275,6 @@ void LevelDB::initDataFolderAndDBs() {
csrStatusDb = make_shared<LevelDB>(csr_status_dbname); csrStatusDb = make_shared<LevelDB>(csr_status_dbname);
spdlog::info("Successfully opened databases"); spdlog::info("Successfully opened databases");
} }
const string &LevelDB::getSgxDataFolder() { const string &LevelDB::getSgxDataFolder() {
......
Log.cpp
View file @ cb024a2c
...@@ -34,7 +34,6 @@ void Log::setGlobalLogLevel(string &_s) { ...@@ -34,7 +34,6 @@ void Log::setGlobalLogLevel(string &_s) {
} }
level_enum Log::logLevelFromString(string &_s) { level_enum Log::logLevelFromString(string &_s) {
level_enum result = trace; level_enum result = trace;
if (_s == "trace") if (_s == "trace")
......
SEKManager.cpp
View file @ cb024a2c
...@@ -59,8 +59,6 @@ void create_test_key(){ ...@@ -59,8 +59,6 @@ void create_test_key(){
throw SGXException(status, errMsg.data()) ; throw SGXException(status, errMsg.data()) ;
} }
//std::cerr << "enc len is " << enc_len << std::endl;
vector<char> hexEncrKey(2 * enc_len + 1, 0); vector<char> hexEncrKey(2 * enc_len + 1, 0);
carray2Hex(encrypted_key, enc_len, hexEncrKey.data()); carray2Hex(encrypted_key, enc_len, hexEncrKey.data());
...@@ -77,11 +75,6 @@ void create_test_key(){ ...@@ -77,11 +75,6 @@ void create_test_key(){
bool check_SEK(std::string SEK){ bool check_SEK(std::string SEK){
std::shared_ptr <std::string> test_key_ptr = LevelDB::getLevelDb() -> readString("TEST_KEY"); std::shared_ptr <std::string> test_key_ptr = LevelDB::getLevelDb() -> readString("TEST_KEY");
// if (test_key_ptr == nullptr){
// spdlog::error("empty db" );
// exit(-1);
// }
// else{
vector<uint8_t> encr_test_key(BUF_LEN, 0); vector<uint8_t> encr_test_key(BUF_LEN, 0);
uint64_t len; uint64_t len;
if ( !hex2carray(test_key_ptr->c_str(), &len, encr_test_key.data())){ if ( !hex2carray(test_key_ptr->c_str(), &len, encr_test_key.data())){
...@@ -96,7 +89,6 @@ bool check_SEK(std::string SEK){ ...@@ -96,7 +89,6 @@ bool check_SEK(std::string SEK){
vector<uint8_t> encr_SEK(1024,0); vector<uint8_t> encr_SEK(1024,0);
uint32_t l = len; uint32_t l = len;
std::cerr << " l is " << l << std::endl;
status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &l, SEK.c_str() ); status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &l, SEK.c_str() );
if (status != SGX_SUCCESS){ if (status != SGX_SUCCESS){
...@@ -111,15 +103,13 @@ bool check_SEK(std::string SEK){ ...@@ -111,15 +103,13 @@ bool check_SEK(std::string SEK){
exit(-1); exit(-1);
} }
std::string test_key = TEST_VALUE; std::string test_key = TEST_VALUE;
if (test_key.compare(decr_key.data())!= 0){ if (test_key.compare(decr_key.data()) != 0){
std::cerr << "decrypted key is " << decr_key.data() << std::endl; std::cerr << "decrypted key is " << decr_key.data() << std::endl;
spdlog::error("Invalid SEK" ); spdlog::error("Invalid SEK" );
return false; return false;
} }
return true; return true;
// }
} }
void gen_SEK(){ void gen_SEK(){
......
SGXRegistrationServer.cpp
View file @ cb024a2c
...@@ -66,7 +66,6 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) { ...@@ -66,7 +66,6 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
result["result"] = false; result["result"] = false;
try { try {
string hash = cryptlite::sha256::hash_hex(_csr); string hash = cryptlite::sha256::hash_hex(_csr);
if (system("ls " CERT_DIR "/" CERT_CREATE_COMMAND) != 0) { if (system("ls " CERT_DIR "/" CERT_CREATE_COMMAND) != 0) {
...@@ -74,7 +73,6 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) { ...@@ -74,7 +73,6 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED"); throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
} }
string csr_name = string(CERT_DIR) + "/" + hash + ".csr"; string csr_name = string(CERT_DIR) + "/" + hash + ".csr";
ofstream outfile(csr_name); ofstream outfile(csr_name);
outfile.exceptions(std::ifstream::failbit | std::ifstream::badbit); outfile.exceptions(std::ifstream::failbit | std::ifstream::badbit);
...@@ -91,21 +89,16 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) { ...@@ -91,21 +89,16 @@ Json::Value signCertificateImpl(const string &_csr, bool _autoSign = false) {
throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "Incorrect CSR format "); throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "Incorrect CSR format ");
} }
if (_autoSign) { if (_autoSign) {
string genCert = string("cd ") + CERT_DIR + "&& ./" string genCert = string("cd ") + CERT_DIR + "&& ./"
+ CERT_CREATE_COMMAND + " " + hash ; + CERT_CREATE_COMMAND + " " + hash ;
if (system(genCert.c_str()) == 0) { if (system(genCert.c_str()) == 0) {
spdlog::info("Client cert " + hash + " generated"); spdlog::info("Client cert " + hash + " generated");
string db_key = "CSR:HASH:" + hash + "STATUS:"; string db_key = "CSR:HASH:" + hash + "STATUS:";
string status = "0"; string status = "0";
LevelDB::getCsrStatusDb()->writeDataUnique(db_key, status); LevelDB::getCsrStatusDb()->writeDataUnique(db_key, status);
} else { } else {
spdlog::error("Client cert generation failed: {} ", genCert); spdlog::error("Client cert generation failed: {} ", genCert);
throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED"); throw SGXException(FAIL_TO_CREATE_CERTIFICATE, "CLIENT CERTIFICATE GENERATION FAILED");
} }
...@@ -172,7 +165,6 @@ Json::Value SGXRegistrationServer::GetCertificate(const string &hash) { ...@@ -172,7 +165,6 @@ Json::Value SGXRegistrationServer::GetCertificate(const string &hash) {
int SGXRegistrationServer::initRegistrationServer(bool _autoSign) { int SGXRegistrationServer::initRegistrationServer(bool _autoSign) {
httpServer = make_shared<HttpServer>(BASE_PORT + 1); httpServer = make_shared<HttpServer>(BASE_PORT + 1);
server = make_shared<SGXRegistrationServer>(*httpServer, server = make_shared<SGXRegistrationServer>(*httpServer,
JSONRPC_SERVER_V2, JSONRPC_SERVER_V2,
...@@ -185,7 +177,6 @@ int SGXRegistrationServer::initRegistrationServer(bool _autoSign) { ...@@ -185,7 +177,6 @@ int SGXRegistrationServer::initRegistrationServer(bool _autoSign) {
spdlog::info("Registration server started on port {}", BASE_PORT + 1); spdlog::info("Registration server started on port {}", BASE_PORT + 1);
} }
return 0; return 0;
} }
...@@ -194,4 +185,3 @@ shared_ptr<SGXRegistrationServer> SGXRegistrationServer::getServer() { ...@@ -194,4 +185,3 @@ shared_ptr<SGXRegistrationServer> SGXRegistrationServer::getServer() {
CHECK_STATE(server); CHECK_STATE(server);
return server; return server;
} }
SGXWalletServer.cpp
View file @ cb024a2c
...@@ -170,7 +170,6 @@ SGXWalletServer::importBLSKeyShareImpl(const string &_keyShare, const string &_k ...@@ -170,7 +170,6 @@ SGXWalletServer::importBLSKeyShareImpl(const string &_keyShare, const string &_k
char *encryptedKeyShareHex = nullptr; char *encryptedKeyShareHex = nullptr;
try { try {
encryptedKeyShareHex = encryptBLSKeyShare2Hex(&errStatus, errMsg, _keyShare.c_str()); encryptedKeyShareHex = encryptBLSKeyShare2Hex(&errStatus, errMsg, _keyShare.c_str());
if (encryptedKeyShareHex == nullptr) { if (encryptedKeyShareHex == nullptr) {
...@@ -184,7 +183,6 @@ SGXWalletServer::importBLSKeyShareImpl(const string &_keyShare, const string &_k ...@@ -184,7 +183,6 @@ SGXWalletServer::importBLSKeyShareImpl(const string &_keyShare, const string &_k
result["encryptedKeyShare"] = string(encryptedKeyShareHex); result["encryptedKeyShare"] = string(encryptedKeyShareHex);
writeKeyShare(_keyShareName, encryptedKeyShareHex, _index, n, t); writeKeyShare(_keyShareName, encryptedKeyShareHex, _index, n, t);
} catch (SGXException &_e) { } catch (SGXException &_e) {
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
...@@ -304,7 +302,6 @@ Json::Value SGXWalletServer::renameECDSAKeyImpl(const string &_keyName, const st ...@@ -304,7 +302,6 @@ Json::Value SGXWalletServer::renameECDSAKeyImpl(const string &_keyName, const st
result["encryptedKey"] = ""; result["encryptedKey"] = "";
try { try {
string prefix = _tempKeyName.substr(0, 8); string prefix = _tempKeyName.substr(0, 8);
if (prefix != "tmp_NEK:") { if (prefix != "tmp_NEK:") {
throw SGXException(UNKNOWN_ERROR, "invalid temp key name"); throw SGXException(UNKNOWN_ERROR, "invalid temp key name");
...@@ -446,7 +443,6 @@ Json::Value SGXWalletServer::getVerificationVectorImpl(const string &_polyName, ...@@ -446,7 +443,6 @@ Json::Value SGXWalletServer::getVerificationVectorImpl(const string &_polyName,
result["verificationVector"][i][j] = currentCoef.at(j); result["verificationVector"][i][j] = currentCoef.at(j);
} }
} }
} catch (SGXException &_e) { } catch (SGXException &_e) {
cerr << " err str " << _e.errString << endl; cerr << " err str " << _e.errString << endl;
result["status"] = _e.status; result["status"] = _e.status;
...@@ -485,7 +481,6 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J ...@@ -485,7 +481,6 @@ Json::Value SGXWalletServer::getSecretShareImpl(const string &_polyName, const J
string s = trustedGetSecretShares(_polyName, encrPoly->c_str(), pubKeysStrs, _t, _n); string s = trustedGetSecretShares(_polyName, encrPoly->c_str(), pubKeysStrs, _t, _n);
result["secretShare"] = s; result["secretShare"] = s;
} catch (SGXException &_e) { } catch (SGXException &_e) {
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
...@@ -522,7 +517,6 @@ Json::Value SGXWalletServer::dkgVerificationImpl(const string &_publicShares, co ...@@ -522,7 +517,6 @@ Json::Value SGXWalletServer::dkgVerificationImpl(const string &_publicShares, co
if (!verifyShares(_publicShares.c_str(), _secretShare.c_str(), encryptedKeyHex_ptr->c_str(), _t, _n, _index)) { if (!verifyShares(_publicShares.c_str(), _secretShare.c_str(), encryptedKeyHex_ptr->c_str(), _t, _n, _index)) {
result["result"] = false; result["result"] = false;
} }
} catch (SGXException &_e) { } catch (SGXException &_e) {
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
...@@ -787,7 +781,6 @@ shared_ptr <string> SGXWalletServer::readKeyShare(const string &_keyShareName) { ...@@ -787,7 +781,6 @@ shared_ptr <string> SGXWalletServer::readKeyShare(const string &_keyShareName) {
} }
return keyShareStr; return keyShareStr;
} }
void SGXWalletServer::writeKeyShare(const string &_keyShareName, const string &_value, int _index, int _n, int _t) { void SGXWalletServer::writeKeyShare(const string &_keyShareName, const string &_value, int _index, int _n, int _t) {
......
ServerDataChecker.cpp
View file @ cb024a2c
...@@ -73,7 +73,6 @@ bool checkECDSAKeyName(const string& keyName) { ...@@ -73,7 +73,6 @@ bool checkECDSAKeyName(const string& keyName) {
bool checkHex(const string& hex, const uint32_t sizeInBytes){ bool checkHex(const string& hex, const uint32_t sizeInBytes){
if ( hex.length() > sizeInBytes * 2 || hex.length() == 0){ if ( hex.length() > sizeInBytes * 2 || hex.length() == 0){
spdlog::error("key is too long or zero - ", hex.length()); spdlog::error("key is too long or zero - ", hex.length());
std::cerr << "key length is " << hex.length() << std::endl;
return false; return false;
} }
......
secure_enclave/EnclaveConstants.h
View file @ cb024a2c
...@@ -41,6 +41,8 @@ ...@@ -41,6 +41,8 @@
#define SECRET_SHARE_NUM_BYTES 96 #define SECRET_SHARE_NUM_BYTES 96
#define BLS_KEY_LENGTH 65
#define ECDSA_SKEY_LEN 65 #define ECDSA_SKEY_LEN 65
#define ECDSA_SKEY_BASE 16 #define ECDSA_SKEY_BASE 16
#define ECDSA_ENCR_LEN 93 #define ECDSA_ENCR_LEN 93
......
secure_enclave/secure_enclave.c
View file @ cb024a2c
...@@ -1576,8 +1576,17 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share ...@@ -1576,8 +1576,17 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share
mpz_mod(bls_key, sum, q); mpz_mod(bls_key, sum, q);
char key_share[mpz_sizeinbase(bls_key, 16) + 2]; // char key_share[mpz_sizeinbase(bls_key, 16) + 2];
mpz_get_str(key_share, 16, bls_key); // mpz_get_str(key_share, 16, bls_key);
char key_share[BLS_KEY_LENGTH];
char arr_skey_str[mpz_sizeinbase(bls_key, 16) + 2];
mpz_get_str(arr_skey_str, 16, bls_key);
int n_zeroes = 64 - strlen(arr_skey_str);
for (int i = 0; i < n_zeroes; i++) {
key_share[i] = '0';
}
strncpy(key_share + n_zeroes, arr_skey_str, 65 - n_zeroes);
key_share[BLS_KEY_LENGTH - 1] = 0;
snprintf(errString, BUF_LEN, " bls private key is %s", key_share); snprintf(errString, BUF_LEN, " bls private key is %s", key_share);
status = AES_encrypt(key_share, encr_bls_key); status = AES_encrypt(key_share, encr_bls_key);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment