Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
S
sgxwallet
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
董子豪
sgxwallet
Commits
da0c0687
Unverified
Commit
da0c0687
authored
Jun 24, 2020
by
Oleh Nikolaiev
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
SKLAE-2794 fix memory leak
parent
d6bb7ad3
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
29 additions
and
40 deletions
+29
-40
secure_enclave.c
secure_enclave/secure_enclave.c
+29
-40
No files found.
secure_enclave/secure_enclave.c
View file @
da0c0687
...
...
@@ -42,8 +42,6 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <sgx_tgmp.h>
#include <sgx_trts.h>
#include "Point.h"
#include "DomainParameters.h"
...
...
@@ -52,7 +50,6 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "DHDkg.h"
#include "AESUtils.h"
#include "EnclaveConstants.h"
#include "EnclaveCommon.h"
...
...
@@ -156,11 +153,9 @@ void trustedGenerateEcdsaKey(int *errStatus, char *errString,
signature_extract_public_key
(
Pkey
,
skey
,
curve
);
uint8_t
base
=
16
;
int
len
=
mpz_sizeinbase
(
Pkey
->
x
,
base
)
+
2
;
int
len
=
mpz_sizeinbase
(
Pkey
->
x
,
ECDSA_SKEY_BASE
)
+
2
;
char
arr_x
[
len
];
mpz_get_str
(
arr_x
,
base
,
Pkey
->
x
);
mpz_get_str
(
arr_x
,
ECDSA_SKEY_BASE
,
Pkey
->
x
);
int
n_zeroes
=
64
-
strlen
(
arr_x
);
for
(
int
i
=
0
;
i
<
n_zeroes
;
i
++
)
{
pub_key_x
[
i
]
=
'0'
;
...
...
@@ -168,8 +163,8 @@ void trustedGenerateEcdsaKey(int *errStatus, char *errString,
strncpy
(
pub_key_x
+
n_zeroes
,
arr_x
,
1024
-
n_zeroes
);
char
arr_y
[
mpz_sizeinbase
(
Pkey
->
y
,
base
)
+
2
];
mpz_get_str
(
arr_y
,
base
,
Pkey
->
y
);
char
arr_y
[
mpz_sizeinbase
(
Pkey
->
y
,
ECDSA_SKEY_BASE
)
+
2
];
mpz_get_str
(
arr_y
,
ECDSA_SKEY_BASE
,
Pkey
->
y
);
n_zeroes
=
64
-
strlen
(
arr_y
);
for
(
int
i
=
0
;
i
<
n_zeroes
;
i
++
)
{
pub_key_y
[
i
]
=
'0'
;
...
...
@@ -201,7 +196,6 @@ void trustedGenerateEcdsaKey(int *errStatus, char *errString,
point_clear
(
Pkey
);
}
void
trustedGetPublicEcdsaKey
(
int
*
errStatus
,
char
*
errString
,
uint8_t
*
encryptedPrivateKey
,
uint32_t
dec_len
,
char
*
pub_key_x
,
char
*
pub_key_y
)
{
LOG_DEBUG
(
__FUNCTION__
);
...
...
@@ -255,11 +249,9 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *errString,
return
;
}
int
base
=
16
;
int
len
=
mpz_sizeinbase
(
Pkey
->
x
,
base
)
+
2
;
int
len
=
mpz_sizeinbase
(
Pkey
->
x
,
ECDSA_SKEY_BASE
)
+
2
;
char
arr_x
[
len
];
mpz_get_str
(
arr_x
,
base
,
Pkey
->
x
);
mpz_get_str
(
arr_x
,
ECDSA_SKEY_BASE
,
Pkey
->
x
);
int
n_zeroes
=
64
-
strlen
(
arr_x
);
for
(
int
i
=
0
;
i
<
n_zeroes
;
i
++
)
{
pub_key_x
[
i
]
=
'0'
;
...
...
@@ -267,8 +259,8 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *errString,
strncpy
(
pub_key_x
+
n_zeroes
,
arr_x
,
1024
-
n_zeroes
);
char
arr_y
[
mpz_sizeinbase
(
Pkey
->
y
,
base
)
+
2
];
mpz_get_str
(
arr_y
,
base
,
Pkey
->
y
);
char
arr_y
[
mpz_sizeinbase
(
Pkey
->
y
,
ECDSA_SKEY_BASE
)
+
2
];
mpz_get_str
(
arr_y
,
ECDSA_SKEY_BASE
,
Pkey
->
y
);
n_zeroes
=
64
-
strlen
(
arr_y
);
for
(
int
i
=
0
;
i
<
n_zeroes
;
i
++
)
{
pub_key_y
[
i
]
=
'0'
;
...
...
@@ -391,7 +383,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
return
;
}
void
trustedEncryptKey
(
int
*
errStatus
,
char
*
errString
,
const
char
*
key
,
uint8_t
*
encryptedPrivateKey
,
uint32_t
*
enc_len
)
{
LOG_DEBUG
(
__FUNCTION__
);
...
...
@@ -465,7 +456,7 @@ void trustedDecryptKey(int *errStatus, char *errString, uint8_t *encryptedPrivat
}
if
(
decLen
>
MAX_KEY_LENGTH
)
{
snprintf
(
errString
,
BUF_LEN
,
"wrong decLen"
);
//"decLen != MAX_KEY_LENGTH");
snprintf
(
errString
,
BUF_LEN
,
"wrong decLen"
);
return
;
}
...
...
@@ -482,7 +473,6 @@ void trustedDecryptKey(int *errStatus, char *errString, uint8_t *encryptedPrivat
return
;
}
void
trustedBlsSignMessage
(
int
*
errStatus
,
char
*
errString
,
uint8_t
*
encryptedPrivateKey
,
uint32_t
enc_len
,
char
*
_hashX
,
char
*
_hashY
,
char
*
signature
)
{
...
...
@@ -524,8 +514,7 @@ void trustedGenDkgSecret(int *errStatus, char *errString, uint8_t *encrypted_dkg
snprintf
(
errString
,
BUF_LEN
,
"poly is %s "
,
dkg_secret
);
uint32_t
sealedLen
=
sgx_calc_sealed_data_size
(
0
,
DKG_BUFER_LENGTH
);
//sizeof(sgx_sealed_data_t) + sizeof(dkg_secret);
uint32_t
sealedLen
=
sgx_calc_sealed_data_size
(
0
,
DKG_BUFER_LENGTH
);
sgx_status_t
status
=
sgx_seal_data
(
0
,
NULL
,
DKG_BUFER_LENGTH
,
(
uint8_t
*
)
dkg_secret
,
sealedLen
,
(
sgx_sealed_data_t
*
)
encrypted_dkg_secret
);
...
...
@@ -586,6 +575,7 @@ void trustedGetPublicShares(int *errStatus, char *errString, uint8_t *encrypted_
trustedDecryptDkgSecret
(
errStatus
,
errString
,
(
uint8_t
*
)
encrypted_dkg_secret
,
(
uint8_t
*
)
decrypted_dkg_secret
,
&
decr_len
);
if
(
*
errStatus
!=
0
)
{
snprintf
(
errString
,
BUF_LEN
,
"trustedDecryptDkgSecret failed with status %d"
,
*
errStatus
);
free
(
decrypted_dkg_secret
);
return
;
}
...
...
@@ -598,7 +588,6 @@ void trustedGetPublicShares(int *errStatus, char *errString, uint8_t *encrypted_
free
(
decrypted_dkg_secret
);
}
void
trustedSetEncryptedDkgPoly
(
int
*
errStatus
,
char
*
errString
,
uint8_t
*
encrypted_poly
)
{
LOG_DEBUG
(
__FUNCTION__
);
...
...
@@ -647,7 +636,6 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *errString, uint8_t *en
gen_session_key
(
skey
,
pub_keyB
,
common_key
);
char
*
s_share
[
ECDSA_SKEY_LEN
];
;
if
(
calc_secret_share
(
decryptedDkgPoly
,
s_share
,
_t
,
_n
,
ind
)
!=
0
)
{
*
errStatus
=
-
1
;
snprintf
(
errString
,
BUF_LEN
,
"
\n
t does not match poly degree
\n
"
);
...
...
@@ -734,6 +722,7 @@ void trustedDkgVerify(int *errStatus, char *errString, const char *public_shares
}
*
result
=
Verification
(
public_shares
,
s
,
_t
,
_ind
);
mpz_clear
(
s
);
snprintf
(
errString
,
BUF_LEN
,
"common_key in verification is %s"
,
common_key
);
}
...
...
@@ -944,11 +933,9 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
signature_extract_public_key
(
Pkey
,
skey
,
curve
);
uint8_t
base
=
16
;
int
len
=
mpz_sizeinbase
(
Pkey
->
x
,
base
)
+
2
;
int
len
=
mpz_sizeinbase
(
Pkey
->
x
,
ECDSA_SKEY_BASE
)
+
2
;
char
arr_x
[
len
];
mpz_get_str
(
arr_x
,
base
,
Pkey
->
x
);
mpz_get_str
(
arr_x
,
ECDSA_SKEY_BASE
,
Pkey
->
x
);
int
n_zeroes
=
64
-
strlen
(
arr_x
);
for
(
int
i
=
0
;
i
<
n_zeroes
;
i
++
)
{
pub_key_x
[
i
]
=
'0'
;
...
...
@@ -956,15 +943,14 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
strncpy
(
pub_key_x
+
n_zeroes
,
arr_x
,
1024
-
n_zeroes
);
char
arr_y
[
mpz_sizeinbase
(
Pkey
->
y
,
base
)
+
2
];
mpz_get_str
(
arr_y
,
base
,
Pkey
->
y
);
char
arr_y
[
mpz_sizeinbase
(
Pkey
->
y
,
ECDSA_SKEY_BASE
)
+
2
];
mpz_get_str
(
arr_y
,
ECDSA_SKEY_BASE
,
Pkey
->
y
);
n_zeroes
=
64
-
strlen
(
arr_y
);
for
(
int
i
=
0
;
i
<
n_zeroes
;
i
++
)
{
pub_key_y
[
i
]
=
'0'
;
}
strncpy
(
pub_key_y
+
n_zeroes
,
arr_y
,
1024
-
n_zeroes
);
char
skey_str
[
ECDSA_SKEY_LEN
];
//mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey);
char
arr_skey_str
[
mpz_sizeinbase
(
skey
,
ECDSA_SKEY_BASE
)
+
2
];
mpz_get_str
(
arr_skey_str
,
ECDSA_SKEY_BASE
,
skey
);
n_zeroes
=
64
-
strlen
(
arr_skey_str
);
...
...
@@ -994,6 +980,11 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
if
(
stat
!=
0
)
{
snprintf
(
errString
+
19
+
strlen
(
skey_str
),
BUF_LEN
,
"ecdsa private key decr failed with status %d"
,
stat
);
*
errStatus
=
stat
;
mpz_clear
(
skey
);
domain_parameters_clear
(
curve
);
point_clear
(
Pkey
);
return
;
}
...
...
@@ -1053,16 +1044,15 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *errString,
mpz_clear
(
privateKeyMpz
);
domain_parameters_clear
(
curve
);
point_clear
(
Pkey
);
point_clear
(
Pkey_test
);
return
;
}
int
base
=
16
;
int
len
=
mpz_sizeinbase
(
Pkey
->
x
,
base
)
+
2
;
int
len
=
mpz_sizeinbase
(
Pkey
->
x
,
ECDSA_SKEY_BASE
)
+
2
;
char
arr_x
[
len
];
mpz_get_str
(
arr_x
,
base
,
Pkey
->
x
);
mpz_get_str
(
arr_x
,
ECDSA_SKEY_BASE
,
Pkey
->
x
);
int
n_zeroes
=
64
-
strlen
(
arr_x
);
for
(
int
i
=
0
;
i
<
n_zeroes
;
i
++
)
{
...
...
@@ -1071,8 +1061,8 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *errString,
strncpy
(
pub_key_x
+
n_zeroes
,
arr_x
,
1024
-
n_zeroes
);
char
arr_y
[
mpz_sizeinbase
(
Pkey
->
y
,
base
)
+
2
];
mpz_get_str
(
arr_y
,
base
,
Pkey
->
y
);
char
arr_y
[
mpz_sizeinbase
(
Pkey
->
y
,
ECDSA_SKEY_BASE
)
+
2
];
mpz_get_str
(
arr_y
,
ECDSA_SKEY_BASE
,
Pkey
->
y
);
n_zeroes
=
64
-
strlen
(
arr_y
);
for
(
int
i
=
0
;
i
<
n_zeroes
;
i
++
)
{
pub_key_y
[
i
]
=
'0'
;
...
...
@@ -1082,6 +1072,7 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *errString,
mpz_clear
(
privateKeyMpz
);
domain_parameters_clear
(
curve
);
point_clear
(
Pkey
);
point_clear
(
Pkey_test
);
}
void
trustedEcdsaSignAES
(
int
*
errStatus
,
char
*
errString
,
uint8_t
*
encryptedPrivateKey
,
uint32_t
enc_len
,
...
...
@@ -1212,7 +1203,6 @@ void trustedEncryptKeyAES(int *errStatus, char *errString, const char *key,
return
;
}
*
errStatus
=
-
8
;
if
(
strncmp
(
key
,
decryptedKey
,
MAX_KEY_LENGTH
)
!=
0
)
{
...
...
@@ -1375,7 +1365,7 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *errString, uint8_t
}
snprintf
(
errString
,
BUF_LEN
,
"unsealed random skey is %s
\n
"
,
skey
);
*
dec_len
=
enc_len
;
// + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE;
*
dec_len
=
enc_len
;
char
*
common_key
[
ECDSA_SKEY_LEN
];
gen_session_key
(
skey
,
pub_keyB
,
common_key
);
...
...
@@ -1484,6 +1474,7 @@ void trustedDkgVerifyAES(int *errStatus, char *errString, const char *public_sha
}
*
result
=
Verification
(
public_shares
,
s
,
_t
,
_ind
);
mpz_clear
(
s
);
snprintf
(
errString
,
BUF_LEN
,
"secret share dec %s"
,
public_shares
);
}
...
...
@@ -1570,8 +1561,6 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share
mpz_mod
(
bls_key
,
sum
,
q
);
// char key_share[mpz_sizeinbase(bls_key, 16) + 2];
// mpz_get_str(key_share, 16, bls_key);
char
key_share
[
BLS_KEY_LENGTH
];
char
arr_skey_str
[
mpz_sizeinbase
(
bls_key
,
16
)
+
2
];
mpz_get_str
(
arr_skey_str
,
16
,
bls_key
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment