Skip to content

S
sgxwallet
Unverified Commit d6bb7ad3 authored by Oleh Nikolaiev's avatar Oleh Nikolaiev
Browse files
Options

SKALE-2794 add extra checks

parent 8bd21997
Hide whitespace changes
Inline Side-by-side
Showing with 43 additions and 43 deletions
DKGCrypto.cpp
View file @ d6bb7ad3
......@@ -30,13 +30,12 @@
#include "SGXWalletServer.hpp"
#include "SGXException.h"
//#include <libBLS/libff/libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp>
#include <libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp>
#include "spdlog/spdlog.h"
#include "common.h"
#define DKG_MAX_SEALED_LEN 3100
#define DKG_MAX_SEALED_LEN 3100
vector<string> splitString(const char *coeffs, const char symbol) {
string str(coeffs);
......@@ -58,8 +57,7 @@ vector<string> splitString(const char *coeffs, const char symbol) {
return G2_strings;
}
template<class T>
string ConvertToString(T field_elem, int base = 10) {
template<class T> string ConvertToString(T field_elem, int base = 10) {
mpz_t t;
mpz_init(t);
......@@ -86,11 +84,16 @@ string gen_dkg_poly(int _t) {
status = trustedGenDkgSecretAES(eid, &errStatus, errMsg.data(), encrypted_dkg_secret.data(), &enc_len, _t);
if (errStatus != 0) {
spdlog::debug("trustedGenDkgSecret, status {}", errStatus, " err msg ", errMsg.data());
spdlog::debug("in DKGCrypto encr len is {}", enc_len);
throw SGXException(-666, errMsg.data());
}
spdlog::debug("trustedGenDkgSecret, status {}", errStatus, " err msg ", errMsg.data());
spdlog::debug("in DKGCrypto encr len is {}", enc_len);
if (status != 0) {
spdlog::debug("trustedGenDkgSecret, status {}", status, " err msg ", errMsg.data());
spdlog::debug("in DKGCrypto encr len is {}", enc_len);
throw SGXException(-666, errMsg.data());
}
uint64_t length = DKG_MAX_SEALED_LEN;
length = enc_len;
......@@ -104,7 +107,7 @@ string gen_dkg_poly(int _t) {
}
vector<vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n) {
vector<char> errMsg1(BUF_LEN, 0);
vector<char> errMsg(BUF_LEN, 0);
int errStatus = 0;
......@@ -123,14 +126,18 @@ vector<vector<string>> get_verif_vect(const char *encryptedPolyHex, int t, int n
spdlog::debug("hex_encr_poly length is {}", strlen(encryptedPolyHex));
spdlog::debug("enc len {}", encLen);
status = trustedGetPublicSharesAES(eid, &errStatus, errMsg1.data(), encrDKGPoly.data(), encLen,
status = trustedGetPublicSharesAES(eid, &errStatus, errMsg.data(), encrDKGPoly.data(), encLen,
pubShares.data(), t, n);
if (errStatus != 0) {
throw SGXException(-666, errMsg1.data());
throw SGXException(-666, errMsg.data());
}
spdlog::debug("err msg is {}", errMsg1.data());
if (status != 0) {
throw SGXException(-666, errMsg.data());
}
spdlog::debug("err msg is {}", errMsg.data());
spdlog::debug("public_shares:");
spdlog::debug("{}", pubShares.data());;
......@@ -208,7 +215,6 @@ string trustedGetSecretShares(const string &_polyName, const char *_encryptedPol
SGXWalletServer::writeDataToDB(shareG2_name, sShareG2.data());
spdlog::debug("errMsg: {}", errMsg1.data());
}
return result;
......@@ -235,6 +241,10 @@ verifyShares(const char *publicShares, const char *encr_sshare, const char *encr
trustedDkgVerifyAES(eid, &errStatus, errMsg, pshares, encr_sshare, encr_key, decKeyLen, t, ind, &result);
if (errStatus != 0) {
throw SGXException(-666, errMsg1.data());
}
if (result == 2) {
throw SGXException(INVALID_HEX, "Invalid public shares");
}
......@@ -333,7 +343,7 @@ string decryptDHKey(const string &polyName, int ind) {
trustedDecryptKeyAES(eid, &errStatus, errMsg1.data(), encryptedDHKey, dhEncLen, DHKey);
if (errStatus != 0) {
throw SGXException(/*ERROR_IN_ENCLAVE*/ errStatus, "decrypt key failed in enclave");
throw SGXException(errStatus, "decrypt key failed in enclave");
}
return DHKey;
......
Log.cpp
View file @ d6bb7ad3
......@@ -51,12 +51,8 @@ level_enum Log::logLevelFromString(string &_s) {
return result;
}
void Log::handleSGXException(Json::Value& _result, SGXException& _e ) {
spdlog::error("Responding with JSON error:" + _e.errString);
_result["status"] = _e.status;
_result["errorMessage"] = _e.errString;
}
SGXWalletServer.cpp
View file @ d6bb7ad3
......@@ -198,7 +198,6 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin
result["errorMessage"] = "Unknown server error";
result["signatureShare"] = "";
// char *signature = (char *) calloc(BUF_LEN, 1); // remove
string signature(BUF_LEN, '\0');
shared_ptr <string> value = nullptr;
......@@ -244,9 +243,10 @@ SGXWalletServer::blsSignMessageHashImpl(const string &_keyShareName, const strin
return result;
}
auto it = std::find(signature.begin(), signature.end(), '\0');
result["status"] = 0;
result["errorMessage"] = "";
result["signatureShare"] = signature;
result["signatureShare"] = std::string(signature.begin(), it);
return result;
}
......
cert_util.cpp
View file @ d6bb7ad3
......@@ -21,7 +21,6 @@
@date 2019
*/
#include <iostream>
#include <cstring>
#include <jsonrpccpp/client/connectors/httpclient.h>
......@@ -46,7 +45,6 @@ void sign_by_hash(std::string & hash, int status){
}
int main(int argc, char *argv[]) {
int opt;
if (argc > 1 && strlen(argv[1]) == 1) {
......@@ -61,23 +59,21 @@ int main(int argc, char *argv[]) {
std::cout << " -r [hash] reject csr by hash" << std::endl;
exit(0);
}
std::string hash;
while ((opt = getopt(argc, argv, "ps:r:")) != -1) {
switch (opt) {
case 'p': print_hashes();
break;
case 's': hash = optarg;
sign_by_hash(hash, 0);
break;
case 'r': hash = optarg;
sign_by_hash(hash, 2);
break;
case '?': // fprintf(stderr, "unknown flag\n");
exit(1);
}
std::string hash;
while ((opt = getopt(argc, argv, "ps:r:")) != -1) {
switch (opt) {
case 'p': print_hashes();
break;
case 's': hash = optarg;
sign_by_hash(hash, 0);
break;
case 'r': hash = optarg;
sign_by_hash(hash, 2);
break;
case '?': // fprintf(stderr, "unknown flag\n");
exit(1);
}
}
return 0;
}
......
secure_enclave/DHDkg.c
View file @ d6bb7ad3
......@@ -38,7 +38,7 @@
#include "EnclaveCommon.h"
#include <string.h>
void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
void gen_session_key(char *skey_str, char* pb_keyB, char* common_key) {
char* pb_keyB_x = (char*)calloc(65, 1);
strncpy(pb_keyB_x, pb_keyB, 64);
pb_keyB_x[64] = 0;
......@@ -76,7 +76,7 @@ void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
free(pb_keyB_y);
}
void session_key_recover(const char *skey_str, const char* sshare, char* common_key){
void session_key_recover(const char *skey_str, const char* sshare, char* common_key) {
char* pb_keyB_x = (char*)calloc(65, 1);
strncpy(pb_keyB_x, sshare + 64, 64);
pb_keyB_x[64] = 0;
......@@ -123,7 +123,7 @@ void session_key_recover(const char *skey_str, const char* sshare, char* common_
free(pb_keyB_y);
}
void xor_encrypt(char* key, char* message, char* cypher){
void xor_encrypt(char* key, char* message, char* cypher) {
uint8_t cypher_bin[33];
uint8_t* key_bin = (uint8_t*)calloc(33,1);
......@@ -135,14 +135,13 @@ void xor_encrypt(char* key, char* message, char* cypher){
}
uint64_t msg_length;
uint8_t msg_bin[33];//[ECDSA_BIN_LEN];
uint8_t msg_bin[33];
if (!hex2carray(message, &msg_length, msg_bin)){
cypher = NULL;
free(key_bin);
return;
}
for (int i = 0; i < 32; i++){
cypher_bin[i] = msg_bin[i] ^ key_bin[i];
}
......@@ -152,7 +151,7 @@ void xor_encrypt(char* key, char* message, char* cypher){
free(key_bin);
}
void xor_decrypt(char* key, char* cypher, char* message){
void xor_decrypt(char* key, char* cypher, char* message) {
uint8_t msg_bin[33];
uint8_t* key_bin = (uint8_t*)calloc(33,1);
......@@ -171,7 +170,6 @@ void xor_decrypt(char* key, char* cypher, char* message){
return;
}
for (int i = 0; i < 32; i++){
msg_bin[i] = cypher_bin[i] ^ key_bin[i];
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment