Skip to content

S
sgxwallet
Unverified Commit df5efe3b authored by kladkogex's avatar kladkogex
Browse files
Options

Fixing

parent 901b8103
Show whitespace changes
Inline Side-by-side
Showing with 24 additions and 17 deletions
secure_enclave/secure_enclave.c
View file @ df5efe3b
...@@ -126,14 +126,10 @@ void encrypt_key(int *err_status, char *err_string, char *key, ...@@ -126,14 +126,10 @@ void encrypt_key(int *err_status, char *err_string, char *key,
init(); init();
*err_status = -1; *err_status = UNKNOWN_ERROR;
memset(err_string, 0, BUF_LEN); memset(err_string, 0, BUF_LEN);
*err_status = -3;
check_key(err_status, err_string, key); check_key(err_status, err_string, key);
if (*err_status != 0) { if (*err_status != 0) {
...@@ -143,50 +139,50 @@ void encrypt_key(int *err_status, char *err_string, char *key, ...@@ -143,50 +139,50 @@ void encrypt_key(int *err_status, char *err_string, char *key,
uint32_t sealedLen = sgx_calc_sealed_data_size(0, MAX_KEY_LENGTH); uint32_t sealedLen = sgx_calc_sealed_data_size(0, MAX_KEY_LENGTH);
*err_status = -4;
if (sealedLen > BUF_LEN) { if (sealedLen > BUF_LEN) {
*err_status = ENCRYPTED_KEY_TOO_LONG;
snprintf(err_string, BUF_LEN, "sealedLen > MAX_ENCRYPTED_KEY_LENGTH"); snprintf(err_string, BUF_LEN, "sealedLen > MAX_ENCRYPTED_KEY_LENGTH");
return; return;
} }
*err_status = -5;
memset(encrypted_key, 0, BUF_LEN); memset(encrypted_key, 0, BUF_LEN);
if (sgx_seal_data(0, NULL, MAX_KEY_LENGTH, (uint8_t *) key, sealedLen, (sgx_sealed_data_t *) encrypted_key) != if (sgx_seal_data(0, NULL, MAX_KEY_LENGTH, (uint8_t *) key, sealedLen, (sgx_sealed_data_t *) encrypted_key) !=
SGX_SUCCESS) { SGX_SUCCESS) {
*err_status = SEAL_KEY_FAILED;
snprintf(err_string, BUF_LEN, "SGX seal data failed"); snprintf(err_string, BUF_LEN, "SGX seal data failed");
return; return;
} }
*enc_len = sealedLen; *enc_len = sealedLen;
char decryptedKey[BUF_LEN];
memset(decryptedKey, 0, BUF_LEN);
char key2[BUF_LEN]; decrypt_key(err_status, err_string, encrypted_key, sealedLen, decryptedKey);
memset(key2, 0, BUF_LEN);
decrypt_key(err_status, err_string, encrypted_key, sealedLen, key2);
if (*err_status != 0) { if (*err_status != 0) {
snprintf(err_string + strlen(err_string), BUF_LEN, ":decrypt_key failed"); snprintf(err_string + strlen(err_string), BUF_LEN, ":decrypt_key failed");
return; return;
} }
uint64_t decryptedKeyLen = strnlen(decryptedKey, MAX_KEY_LENGTH);
uint64_t key2Len = strnlen(key2, MAX_KEY_LENGTH); if (decryptedKeyLen == MAX_KEY_LENGTH) {
snprintf(err_string, BUF_LEN, "Decrypted key is not null terminated");
if (key2Len == MAX_KEY_LENGTH) {
snprintf(err_string, MAX_ERR_LEN, "Key2 is not null terminated");
return; return;
} }
*err_status = -8; *err_status = -8;
if (strncmp(key, key2, MAX_KEY_LENGTH) != 0) if (strncmp(key, decryptedKey, MAX_KEY_LENGTH) != 0) {
snprintf(err_string, BUF_LEN, "Decrypted key does not match original key");
return; return;
}
*err_status = 0; *err_status = 0;
} }
......
sgxwallet_common.h
View file @ df5efe3b
...@@ -27,5 +27,16 @@ ...@@ -27,5 +27,16 @@
#define ADD_ENTROPY_SIZE 32 #define ADD_ENTROPY_SIZE 32
#define UNKNOWN_ERROR -1
#define PLAINTEXT_KEY_TOO_LONG -2
#define UNPADDED_KEY -3
#define NULL_KEY -4
#define INCORRECT_STRING_CONVERSION -5
#define ENCRYPTED_KEY_TOO_LONG -6
#define SEAL_KEY_FAILED -7
#endif //SGXWALLET_SGXWALLET_COMMON_H #endif //SGXWALLET_SGXWALLET_COMMON_H
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment