SKALE-1887 Add flag not to use AES in ECDSA procedures

d7432fd5 · svetaro · c11762aa · d7432fd5 · d7432fd5 · d7432fd5
Unverified Commit d7432fd5 authored Jan 24, 2020 by svetaro
8 changed files
--- a/ECDSACrypto.cpp
+++ b/ECDSACrypto.cpp
@@ -51,8 +51,10 @@ std::vector<std::string> gen_ecdsa_key(){
  char *pub_key_y = (char *)calloc(1024, 1);
  uint32_t enc_len = 0;
-  //status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
+  if ( !is_aes)
-  status = generate_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
+     status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
+  else status = generate_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
  if ( err_status != 0 ){
    std::cerr << "RPCException thrown" << std::endl;
    throw RPCException(-666, errMsg) ;
@@ -65,7 +67,7 @@ std::vector<std::string> gen_ecdsa_key(){
 //    for(int i = 0 ; i < 1024; i++)
 //      std::cerr << (int)encr_pr_key[i] << " " ;
  }
-  char *hexEncrKey = (char *) calloc(BUF_LEN, 1);
+  char *hexEncrKey = (char *) calloc(BUF_LEN * 2, 1);
  carray2Hex(encr_pr_key, enc_len, hexEncrKey);
  keys.at(0) = hexEncrKey;
  keys.at(1) = std::string(pub_key_x) + std::string(pub_key_y);//concatPubKeyWith0x(pub_key_x, pub_key_y);//
@@ -119,8 +121,9 @@ std::string get_ecdsa_pubkey(const char* encryptedKeyHex){
    throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
  }
-  //status = get_public_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
+  if ( !is_aes)
-  status = get_public_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
+   status = get_public_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
+  else status = get_public_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
  if (err_status != 0){
    throw RPCException(-666, errMsg) ;
  }
@@ -164,8 +167,9 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
    spdlog::info("encrypted len: {}", dec_len);
  }
-  //status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
+  if (!is_aes)
-  status = ecdsa_sign_aes(eid, &err_status, errMsg, encr_key, dec_len, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
+   status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
+  else status = ecdsa_sign_aes(eid, &err_status, errMsg, encr_key, dec_len, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
  if ( err_status != 0){
    throw RPCException(-666, errMsg ) ;
  }

--- a/SGXRegistrationServer.cpp
+++ b/SGXRegistrationServer.cpp
@@ -47,6 +47,7 @@
 int DEBUG_PRINT = 0;
 int is_sgx_https = 1;
+int is_aes = 0;
 SGXRegistrationServer *regs = nullptr;
 HttpServer *hs2 = nullptr;

--- a/ServerInit.cpp
+++ b/ServerInit.cpp
@@ -153,6 +153,8 @@ void init_all(bool check_cert, bool sign_automatically) {
    if (sgxServerInited == 1)
        return;
+    init_daemon();
    sgxServerInited = 1;
    if (is_sgx_https) {
@@ -165,5 +167,5 @@ void init_all(bool check_cert, bool sign_automatically) {
    }
    init_enclave();
    //std::cerr << "enclave inited" << std::endl;
-    init_daemon();
 }
--- a/secure_enclave/secure_enclave.c
+++ b/secure_enclave/secure_enclave.c
@@ -1248,7 +1248,7 @@ void decrypt_key_aes(int *err_status, char *err_string, uint8_t *encrypted_key,
 }
-void bls_sign_message_aes(int *err_status, char *err_string, uint8_t *encrypted_key,
+void bls_sign_message_test(int *err_status, char *err_string, uint8_t *encrypted_key,
                      uint32_t enc_len, char *_hashX,
                      char *_hashY, char *signature) {

--- a/secure_enclave/secure_enclave.edl
+++ b/secure_enclave/secure_enclave.edl
@@ -213,14 +213,7 @@ enclave {
                                uint32_t enc_len,
                                [out, count = 1024] char* key );
-        public void bls_sign_message_aes (
-                                [user_check] int *err_status,
-                                [out, count = 1024] char* err_string,
-                                [in, count = 1024] uint8_t* encrypted_key,
-                                uint32_t enc_len,
-                                [in, count = 1024] char* hashX ,
-                                [in, count = 1024] char* hashY ,
-                                [out, count = 1024] char* signature);
 	};

--- a/sgxwallet.c
+++ b/sgxwallet.c
@@ -62,7 +62,7 @@ int main(int argc, char *argv[]) {
    exit(1);
  }
-  while ((opt = getopt(argc, argv, "cshd0")) != -1) {
+  while ((opt = getopt(argc, argv, "cshd0a")) != -1) {
    switch (opt) {
    case 'h':
      if (strlen(argv[1]) == 2 ) {
@@ -87,6 +87,8 @@ int main(int argc, char *argv[]) {
    case '0':
      is_sgx_https = 0;
     break;
+    case 'a':
+      is_aes = 1;
    case '?': // fprintf(stderr, "unknown flag\n");
      exit(1);
    default:

--- a/sgxwallet_common.h
+++ b/sgxwallet_common.h
@@ -37,6 +37,7 @@
 extern int DEBUG_PRINT;
 extern int is_sgx_https;
+extern int is_aes;
 #define BUF_LEN 1024

--- a/testw.cpp
+++ b/testw.cpp
@@ -763,7 +763,7 @@ TEST_CASE("BLS_DKG test", "[bls_dkg]") {
  reset_db();
-  int n = 4, t = 4;
+  int n = 16, t = 16;
  Json::Value EthKeys[n];
  Json::Value VerifVects[n];
  Json::Value pubEthKeys;
@@ -1071,6 +1071,7 @@ TEST_CASE("ManySimultaneousThreads", "[many_threads_test]") {
 TEST_CASE("ecdsa API test", "[ecdsa_api_test]") {
  DEBUG_PRINT = 1;
  is_sgx_https = 0;
+  is_aes = 0;
  cerr << "ecdsa_api_test started" << endl;
  init_all(false, false);