Skip to content

S
sgxwallet
Unverified Commit da0c0687 authored by Oleh Nikolaiev's avatar Oleh Nikolaiev
Browse files
Options

SKLAE-2794 fix memory leak

parent d6bb7ad3
Hide whitespace changes
Inline Side-by-side
Showing with 29 additions and 40 deletions
secure_enclave/secure_enclave.c
View file @ da0c0687
......@@ -42,8 +42,6 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <sgx_tgmp.h>
#include <sgx_trts.h>
#include "Point.h"
#include "DomainParameters.h"
......@@ -52,7 +50,6 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "DHDkg.h"
#include "AESUtils.h"
#include "EnclaveConstants.h"
#include "EnclaveCommon.h"
......@@ -156,11 +153,9 @@ void trustedGenerateEcdsaKey(int *errStatus, char *errString,
signature_extract_public_key(Pkey, skey, curve);
uint8_t base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2;
int len = mpz_sizeinbase(Pkey->x, ECDSA_SKEY_BASE) + 2;
char arr_x[len];
mpz_get_str(arr_x, base, Pkey->x);
mpz_get_str(arr_x, ECDSA_SKEY_BASE, Pkey->x);
int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0';
......@@ -168,8 +163,8 @@ void trustedGenerateEcdsaKey(int *errStatus, char *errString,
strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes);
char arr_y[mpz_sizeinbase(Pkey->y, base) + 2];
mpz_get_str(arr_y, base, Pkey->y);
char arr_y[mpz_sizeinbase(Pkey->y, ECDSA_SKEY_BASE) + 2];
mpz_get_str(arr_y, ECDSA_SKEY_BASE, Pkey->y);
n_zeroes = 64 - strlen(arr_y);
for (int i = 0; i < n_zeroes; i++) {
pub_key_y[i] = '0';
......@@ -201,7 +196,6 @@ void trustedGenerateEcdsaKey(int *errStatus, char *errString,
point_clear(Pkey);
}
void trustedGetPublicEcdsaKey(int *errStatus, char *errString,
uint8_t *encryptedPrivateKey, uint32_t dec_len, char *pub_key_x, char *pub_key_y) {
LOG_DEBUG (__FUNCTION__);
......@@ -255,11 +249,9 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *errString,
return;
}
int base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2;
int len = mpz_sizeinbase(Pkey->x, ECDSA_SKEY_BASE) + 2;
char arr_x[len];
mpz_get_str(arr_x, base, Pkey->x);
mpz_get_str(arr_x, ECDSA_SKEY_BASE, Pkey->x);
int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0';
......@@ -267,8 +259,8 @@ void trustedGetPublicEcdsaKey(int *errStatus, char *errString,
strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes);
char arr_y[mpz_sizeinbase(Pkey->y, base) + 2];
mpz_get_str(arr_y, base, Pkey->y);
char arr_y[mpz_sizeinbase(Pkey->y, ECDSA_SKEY_BASE) + 2];
mpz_get_str(arr_y, ECDSA_SKEY_BASE, Pkey->y);
n_zeroes = 64 - strlen(arr_y);
for (int i = 0; i < n_zeroes; i++) {
pub_key_y[i] = '0';
......@@ -391,7 +383,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
return;
}
void trustedEncryptKey(int *errStatus, char *errString, const char *key,
uint8_t *encryptedPrivateKey, uint32_t *enc_len) {
LOG_DEBUG (__FUNCTION__);
......@@ -465,7 +456,7 @@ void trustedDecryptKey(int *errStatus, char *errString, uint8_t *encryptedPrivat
}
if (decLen > MAX_KEY_LENGTH) {
snprintf(errString, BUF_LEN, "wrong decLen");//"decLen != MAX_KEY_LENGTH");
snprintf(errString, BUF_LEN, "wrong decLen");
return;
}
......@@ -482,7 +473,6 @@ void trustedDecryptKey(int *errStatus, char *errString, uint8_t *encryptedPrivat
return;
}
void trustedBlsSignMessage(int *errStatus, char *errString, uint8_t *encryptedPrivateKey,
uint32_t enc_len, char *_hashX,
char *_hashY, char *signature) {
......@@ -524,8 +514,7 @@ void trustedGenDkgSecret(int *errStatus, char *errString, uint8_t *encrypted_dkg
snprintf(errString, BUF_LEN, "poly is %s ", dkg_secret);
uint32_t sealedLen = sgx_calc_sealed_data_size(0,
DKG_BUFER_LENGTH);//sizeof(sgx_sealed_data_t) + sizeof(dkg_secret);
uint32_t sealedLen = sgx_calc_sealed_data_size(0, DKG_BUFER_LENGTH);
sgx_status_t status = sgx_seal_data(0, NULL, DKG_BUFER_LENGTH, (uint8_t *) dkg_secret, sealedLen,
(sgx_sealed_data_t *) encrypted_dkg_secret);
......@@ -586,6 +575,7 @@ void trustedGetPublicShares(int *errStatus, char *errString, uint8_t *encrypted_
trustedDecryptDkgSecret(errStatus, errString, (uint8_t *) encrypted_dkg_secret, (uint8_t *)decrypted_dkg_secret, &decr_len);
if (*errStatus != 0) {
snprintf(errString, BUF_LEN, "trustedDecryptDkgSecret failed with status %d", *errStatus);
free(decrypted_dkg_secret);
return;
}
......@@ -598,7 +588,6 @@ void trustedGetPublicShares(int *errStatus, char *errString, uint8_t *encrypted_
free(decrypted_dkg_secret);
}
void trustedSetEncryptedDkgPoly(int *errStatus, char *errString, uint8_t *encrypted_poly) {
LOG_DEBUG(__FUNCTION__);
......@@ -647,7 +636,6 @@ void trustedGetEncryptedSecretShare(int *errStatus, char *errString, uint8_t *en
gen_session_key(skey, pub_keyB, common_key);
char *s_share[ECDSA_SKEY_LEN]; ;
if (calc_secret_share(decryptedDkgPoly, s_share, _t, _n, ind) != 0) {
*errStatus = -1;
snprintf(errString, BUF_LEN, "\nt does not match poly degree\n");
......@@ -734,6 +722,7 @@ void trustedDkgVerify(int *errStatus, char *errString, const char *public_shares
}
*result = Verification(public_shares, s, _t, _ind);
mpz_clear(s);
snprintf(errString, BUF_LEN, "common_key in verification is %s", common_key);
}
......@@ -944,11 +933,9 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
signature_extract_public_key(Pkey, skey, curve);
uint8_t base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2;
int len = mpz_sizeinbase(Pkey->x, ECDSA_SKEY_BASE) + 2;
char arr_x[len];
mpz_get_str(arr_x, base, Pkey->x);
mpz_get_str(arr_x, ECDSA_SKEY_BASE, Pkey->x);
int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) {
pub_key_x[i] = '0';
......@@ -956,15 +943,14 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes);
char arr_y[mpz_sizeinbase(Pkey->y, base) + 2];
mpz_get_str(arr_y, base, Pkey->y);
char arr_y[mpz_sizeinbase(Pkey->y, ECDSA_SKEY_BASE) + 2];
mpz_get_str(arr_y, ECDSA_SKEY_BASE, Pkey->y);
n_zeroes = 64 - strlen(arr_y);
for (int i = 0; i < n_zeroes; i++) {
pub_key_y[i] = '0';
}
strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes);
char skey_str[ECDSA_SKEY_LEN];
//mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey);
char arr_skey_str[mpz_sizeinbase(skey, ECDSA_SKEY_BASE) + 2];
mpz_get_str(arr_skey_str, ECDSA_SKEY_BASE, skey);
n_zeroes = 64 - strlen(arr_skey_str);
......@@ -994,6 +980,11 @@ void trustedGenerateEcdsaKeyAES(int *errStatus, char *errString,
if (stat != 0) {
snprintf(errString + 19 + strlen(skey_str), BUF_LEN, "ecdsa private key decr failed with status %d", stat);
*errStatus = stat;
mpz_clear(skey);
domain_parameters_clear(curve);
point_clear(Pkey);
return;
}
......@@ -1053,16 +1044,15 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *errString,
mpz_clear(privateKeyMpz);
domain_parameters_clear(curve);
point_clear(Pkey);
point_clear(Pkey_test);
return;
}
int base = 16;
int len = mpz_sizeinbase(Pkey->x, base) + 2;
int len = mpz_sizeinbase(Pkey->x, ECDSA_SKEY_BASE) + 2;
char arr_x[len];
mpz_get_str(arr_x, base, Pkey->x);
mpz_get_str(arr_x, ECDSA_SKEY_BASE, Pkey->x);
int n_zeroes = 64 - strlen(arr_x);
for (int i = 0; i < n_zeroes; i++) {
......@@ -1071,8 +1061,8 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *errString,
strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes);
char arr_y[mpz_sizeinbase(Pkey->y, base) + 2];
mpz_get_str(arr_y, base, Pkey->y);
char arr_y[mpz_sizeinbase(Pkey->y, ECDSA_SKEY_BASE) + 2];
mpz_get_str(arr_y, ECDSA_SKEY_BASE, Pkey->y);
n_zeroes = 64 - strlen(arr_y);
for (int i = 0; i < n_zeroes; i++) {
pub_key_y[i] = '0';
......@@ -1082,6 +1072,7 @@ void trustedGetPublicEcdsaKeyAES(int *errStatus, char *errString,
mpz_clear(privateKeyMpz);
domain_parameters_clear(curve);
point_clear(Pkey);
point_clear(Pkey_test);
}
void trustedEcdsaSignAES(int *errStatus, char *errString, uint8_t *encryptedPrivateKey, uint32_t enc_len,
......@@ -1212,7 +1203,6 @@ void trustedEncryptKeyAES(int *errStatus, char *errString, const char *key,
return;
}
*errStatus = -8;
if (strncmp(key, decryptedKey, MAX_KEY_LENGTH) != 0) {
......@@ -1375,7 +1365,7 @@ void trustedGetEncryptedSecretShareAES(int *errStatus, char *errString, uint8_t
}
snprintf(errString, BUF_LEN, "unsealed random skey is %s\n", skey);
*dec_len = enc_len;// + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE;
*dec_len = enc_len;
char *common_key[ECDSA_SKEY_LEN];
gen_session_key(skey, pub_keyB, common_key);
......@@ -1484,6 +1474,7 @@ void trustedDkgVerifyAES(int *errStatus, char *errString, const char *public_sha
}
*result = Verification(public_shares, s, _t, _ind);
mpz_clear(s);
snprintf(errString, BUF_LEN, "secret share dec %s", public_shares);
}
......@@ -1570,8 +1561,6 @@ void trustedCreateBlsKeyAES(int *errStatus, char *errString, const char *s_share
mpz_mod(bls_key, sum, q);
// char key_share[mpz_sizeinbase(bls_key, 16) + 2];
// mpz_get_str(key_share, 16, bls_key);
char key_share[BLS_KEY_LENGTH];
char arr_skey_str[mpz_sizeinbase(bls_key, 16) + 2];
mpz_get_str(arr_skey_str, 16, bls_key);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment