Skip to content

S
sgxwallet
Unverified Commit e69460f5 authored by svetaro's avatar svetaro
Browse files
Options

SKALE-1594 Fix wrong parameters while signing

parent 1212dd03
Hide whitespace changes
Inline Side-by-side
Showing with 84 additions and 28 deletions
ECDSACrypto.cpp
View file @ e69460f5
...@@ -18,11 +18,12 @@ std::vector<std::string> gen_ecdsa_key(){ ...@@ -18,11 +18,12 @@ std::vector<std::string> gen_ecdsa_key(){
status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y ); status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
std::vector<std::string> keys(2); std::vector<std::string> keys(2);
char *hexEncrKey = (char *) calloc(2 * BUF_LEN, 1); char *hexEncrKey = (char *) calloc(2*BUF_LEN, 1);
carray2Hex(encr_pr_key, enc_len, hexEncrKey); carray2Hex(encr_pr_key, enc_len, hexEncrKey);
keys.at(0) = hexEncrKey; keys.at(0) = hexEncrKey;
keys.at(1) = std::string(pub_key_x) + std::string(pub_key_y); keys.at(1) = std::string(pub_key_x) + std::string(pub_key_y);
//std::cerr << "in ECDSACrypto encr key x " << keys.at(0) << std::endl; //std::cerr << "in ECDSACrypto encr key x " << keys.at(0) << std::endl;
std::cerr << "in ECDSACrypto encr_len %d " << enc_len << std::endl;
free(errMsg); free(errMsg);
free(pub_key_x); free(pub_key_x);
...@@ -67,7 +68,15 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char ...@@ -67,7 +68,15 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
uint8_t encr_key[BUF_LEN]; uint8_t encr_key[BUF_LEN];
hex2carray(encryptedKeyHex, &dec_len, encr_key); hex2carray(encryptedKeyHex, &dec_len, encr_key);
status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, dec_len, (unsigned char*)hashHex, signature_r, signature_s, signature_v, base ); std::cerr << "encryptedKeyHex: "<< encryptedKeyHex << std::endl;
std::cerr << "encrypted len" << dec_len << std::endl;
status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, 625, (unsigned char*)hashHex, signature_r, signature_s, signature_v, base );
std::cerr << "signature r in ecdsa_sign_hash "<< signature_r << std::endl;
std::cerr << "signature s in ecdsa_sign_hash "<< signature_s << std::endl;
if ( status != SGX_SUCCESS){ if ( status != SGX_SUCCESS){
std::cerr << "failed to sign " << std::endl; std::cerr << "failed to sign " << std::endl;
} }
......
SGXWalletServer.cpp
View file @ e69460f5
...@@ -158,7 +158,7 @@ Json::Value generateECDSAKeyImpl(const std::string &_keyName) { ...@@ -158,7 +158,7 @@ Json::Value generateECDSAKeyImpl(const std::string &_keyName) {
if (keys.size() == 0 ) { if (keys.size() == 0 ) {
throw RPCException(UNKNOWN_ERROR, ""); throw RPCException(UNKNOWN_ERROR, "");
} }
// std::cerr << "write encr key" << keys.at(0) << std::endl;
writeECDSAKey(_keyName, keys.at(0)); writeECDSAKey(_keyName, keys.at(0));
} catch (RPCException &_e) { } catch (RPCException &_e) {
std::cerr << " err str " << _e.errString << std::endl; std::cerr << " err str " << _e.errString << std::endl;
...@@ -188,14 +188,14 @@ Json::Value ecdsaSignMessageHashImpl(int base, const std::string &_keyName, cons ...@@ -188,14 +188,14 @@ Json::Value ecdsaSignMessageHashImpl(int base, const std::string &_keyName, cons
std::cerr << "entered ecdsaSignMessageHashImpl" << std::endl; std::cerr << "entered ecdsaSignMessageHashImpl" << std::endl;
try { try {
std::shared_ptr<std::string> key_ptr = readECDSAKey(_keyName); std::shared_ptr<std::string> key_ptr = readECDSAKey(_keyName);
std::cerr << "read encr key" << *key_ptr << std::endl; // std::cerr << "read encr key" << *key_ptr << std::endl;
sign_vect = ecdsa_sign_hash(key_ptr->c_str(), messageHash.c_str(), base); sign_vect = ecdsa_sign_hash(key_ptr->c_str(), messageHash.c_str(), base);
} catch (RPCException &_e) { } catch (RPCException &_e) {
std::cerr << "err str " << _e.errString << std::endl; std::cerr << "err str " << _e.errString << std::endl;
result["status"] = _e.status; result["status"] = _e.status;
result["errorMessage"] = _e.errString; result["errorMessage"] = _e.errString;
} }
std::cerr << "got signature_r" << sign_vect.at(1) << std::endl; std::cerr << "got signature_s " << sign_vect.at(2) << std::endl;
result["signature_v"] = sign_vect.at(0); result["signature_v"] = sign_vect.at(0);
result["signature_r"] = sign_vect.at(1); result["signature_r"] = sign_vect.at(1);
result["signature_s"] = sign_vect.at(2); result["signature_s"] = sign_vect.at(2);
......
secure_enclave/secure_enclave.c
View file @ e69460f5
...@@ -149,7 +149,9 @@ void generate_ecdsa_key(int *err_status, char *err_string, ...@@ -149,7 +149,9 @@ void generate_ecdsa_key(int *err_status, char *err_string,
//mpz_set_str(skey, "4160780231445160889237664391382223604576", 10); //mpz_set_str(skey, "4160780231445160889237664391382223604576", 10);
//mpz_set_str(skey, "4160780231445160889237664391382223604184857153814275770598791864649971919844", 10); //mpz_set_str(skey, "4160780231445160889237664391382223604184857153814275770598791864649971919844", 10);
// mpz_set_str(skey, "1234567890", 10); //mpz_set_str(skey, "1", 10);
//mpz_set_str(skey, "ebb2c082fd7727890a28ac82f6bdf97bad8de9f5d7c9028692de1a255cad3e0f", 16);
//mpz_set_str(skey, "D30519BCAE8D180DBFCC94FE0B8383DC310185B0BE97B4365083EBCECCD75759", 16);
//Public key //Public key
point Pkey = point_init(); point Pkey = point_init();
...@@ -170,18 +172,13 @@ void generate_ecdsa_key(int *err_status, char *err_string, ...@@ -170,18 +172,13 @@ void generate_ecdsa_key(int *err_status, char *err_string,
char* py = mpz_get_str(arr_y, base, Pkey->y); char* py = mpz_get_str(arr_y, base, Pkey->y);
strncpy(pub_key_y, arr_y, 1024); strncpy(pub_key_y, arr_y, 1024);
int skey_base = 62; char skey_str[mpz_sizeinbase (skey, ECDSA_SKEY_BASE) + 2];
char skey_str[mpz_sizeinbase (skey, skey_base) + 2]; char* s = mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey);
char* s = mpz_get_str(skey_str, skey_base, skey);
snprintf(err_string, BUF_LEN, "skey is %s len %d\n", skey_str, strlen(skey_str)); snprintf(err_string, BUF_LEN, "skey is %s len %d\n", skey_str, strlen(skey_str));
uint8_t LEN = 62; uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
uint8_t * test_buf = (uint8_t *)malloc(LEN);
memcpy(test_buf,skey_str,LEN);
uint32_t sealedLen = sgx_calc_sealed_data_size(0, 45); sgx_status_t status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t *)skey_str, sealedLen,(sgx_sealed_data_t*)encrypted_key);
sgx_status_t status = sgx_seal_data(0, NULL, 45, (uint8_t *)test_buf/*skey_str*/, sealedLen,(sgx_sealed_data_t*)encrypted_key);
if( status != SGX_SUCCESS) { if( status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"seal ecsdsa private key failed"); snprintf(err_string, BUF_LEN,"seal ecsdsa private key failed");
return; return;
...@@ -203,8 +200,7 @@ void get_public_ecdsa_key(int *err_status, char *err_string, ...@@ -203,8 +200,7 @@ void get_public_ecdsa_key(int *err_status, char *err_string,
domain_parameters curve = domain_parameters_init(); domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1); domain_parameters_load_curve(curve, secp256k1);
char skey[SGX_ECP256_KEY_SIZE]; char skey[ECDSA_SKEY_LEN];
//uint8_t decr_bytes[SGX_ECP256_KEY_SIZE];
sgx_status_t status = sgx_unseal_data( sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *)encrypted_key, NULL, 0, (uint8_t *)skey, &dec_len); (const sgx_sealed_data_t *)encrypted_key, NULL, 0, (uint8_t *)skey, &dec_len);
...@@ -219,7 +215,7 @@ void get_public_ecdsa_key(int *err_status, char *err_string, ...@@ -219,7 +215,7 @@ void get_public_ecdsa_key(int *err_status, char *err_string,
mpz_t skey_mpz; mpz_t skey_mpz;
mpz_init(skey_mpz); mpz_init(skey_mpz);
// mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey); // mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
if (mpz_set_str(skey_mpz, skey, 10) == -1){ if (mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE) == -1){
snprintf(err_string, BUF_LEN,"wrong string to init private key"); snprintf(err_string, BUF_LEN,"wrong string to init private key");
} }
...@@ -451,7 +447,7 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint ...@@ -451,7 +447,7 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint
domain_parameters curve = domain_parameters_init(); domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1); domain_parameters_load_curve(curve, secp256k1);
char skey[64]; char skey[ECDSA_SKEY_LEN];
sgx_status_t status = sgx_unseal_data( sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *)encrypted_key, NULL, 0, skey, &dec_len); (const sgx_sealed_data_t *)encrypted_key, NULL, 0, skey, &dec_len);
...@@ -464,7 +460,7 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint ...@@ -464,7 +460,7 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint
snprintf(err_string, BUF_LEN,"pr key is %s length %d ", skey, strlen(skey)); snprintf(err_string, BUF_LEN,"pr key is %s length %d ", skey, strlen(skey));
mpz_t skey_mpz; mpz_t skey_mpz;
mpz_init(skey_mpz); mpz_init(skey_mpz);
mpz_set_str(skey_mpz, skey, 62); mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE);
/*mpz_t test_skey; /*mpz_t test_skey;
mpz_init(test_skey); mpz_init(test_skey);
...@@ -476,7 +472,8 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint ...@@ -476,7 +472,8 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint
mpz_t msg_mpz; mpz_t msg_mpz;
mpz_init(msg_mpz); mpz_init(msg_mpz);
mpz_set_str(msg_mpz, skey, base); mpz_set_str(msg_mpz, hash, 16);
//mpz_set_str(msg_mpz,"4b688df40bcedbe641ddb16ff0a1842d9c67ea1c3bf63f3e0471baa664531d1a", 16);
signature sign = signature_init(); signature sign = signature_init();
...@@ -491,6 +488,14 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint ...@@ -491,6 +488,14 @@ void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint
return; return;
} }
//char arr_x[mpz_sizeinbase (Pkey->x, 16) + 2];
//char* px = mpz_get_str(arr_x, 16, Pkey->x);
//snprintf(err_string, BUF_LEN,"pub key x %s ", arr_x);
char arr_m[mpz_sizeinbase (msg_mpz, 16) + 2];
char* msg = mpz_get_str(arr_m, 16, msg_mpz);
snprintf(err_string, BUF_LEN,"message is %s ", arr_m);
char arr_r[mpz_sizeinbase (sign->r, base) + 2]; char arr_r[mpz_sizeinbase (sign->r, base) + 2];
char* r = mpz_get_str(arr_r, base, sign->r); char* r = mpz_get_str(arr_r, base, sign->r);
strncpy(sig_r, arr_r, 1024); strncpy(sig_r, arr_r, 1024);
......
secure_enclave/signature.c
View file @ e69460f5
...@@ -100,9 +100,13 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para ...@@ -100,9 +100,13 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para
mpz_import(seed, 32, 1, sizeof(rand_char[0]), 0, 0, rand_char); mpz_import(seed, 32, 1, sizeof(rand_char[0]), 0, 0, rand_char);
free(rand_char); free(rand_char);
mpz_mod(k, seed, curve->p); mpz_mod(k, seed, curve->p);
mpz_clear(seed); mpz_clear(seed);
//mpz_set_str(k, "49a0d7b786ec9cde0d0721d72804befd06571c974b191efb42ecf322ba9ddd9a", 16);
// mpz_set_str(k, "DC87789C4C1A09C97FF4DE72C0D0351F261F10A2B9009C80AEE70DDEC77201A0", 16);
//Calculate x //Calculate x
point_multiplication(Q, k, curve->G, curve); point_multiplication(Q, k, curve->G, curve);
mpz_set(x, Q->x); mpz_set(x, Q->x);
...@@ -116,12 +120,36 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para ...@@ -116,12 +120,36 @@ void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_para
//Calculate s //Calculate s
//s = k¯¹(e+d*r) mod n = (k¯¹ mod n) * ((e+d*r) mod n) mod n //s = k¯¹(e+d*r) mod n = (k¯¹ mod n) * ((e+d*r) mod n) mod n
number_theory_inverse(t1, k, curve->n);//t1 = k¯¹ mod n //number_theory_inverse(t1, k, curve->n);//t1 = k¯¹ mod n
mpz_mul(t2, private_key, r);//t2 = d*r mpz_invert(t1, k, curve->n);
mpz_mul(t2, private_key, r); //t2 = d*r
mpz_add(t3, message, t2); //t3 = e+t2 mpz_add(t3, message, t2); //t3 = e+t2
mpz_clear(t2);
mpz_init(t2);
mpz_mod(t2, t3, curve->n); //t2 = t3 mod n mpz_mod(t2, t3, curve->n); //t2 = t3 mod n
mpz_clear(t3);
mpz_init(t3);
mpz_mul(t3, t2, t1); //t3 = t2 * t1 mpz_mul(t3, t2, t1); //t3 = t2 * t1
mpz_mod(s, t3, curve->n); //s = t3 mod n mpz_mod(s, t3, curve->n); //s = t3 mod n
/*
mpz_t n_div_2;
mpz_init(n_div_2);
mpz_cdiv_q_ui(n_div_2, curve->n + 1, 2);
if (mpz_cmp(s, n_div_2) > 0) {
mpz_t neg;
mpz_init(neg);
mpz_sub(neg, curve->n, s);
mpz_clear(s);
mpz_init(s);
mpz_set(s, neg);
mpz_clear(neg);
}
mpz_clear(n_div_2);*/
mpz_clear(t1); mpz_clear(t1);
mpz_clear(t2); mpz_clear(t2);
mpz_clear(t3); mpz_clear(t3);
......
sgxwallet_common.h
View file @ e69460f5
...@@ -29,6 +29,9 @@ ...@@ -29,6 +29,9 @@
#define DKG_BUFER_LENGTH 1250 #define DKG_BUFER_LENGTH 1250
#define DKG_MAX_SEALED_LEN 2000 #define DKG_MAX_SEALED_LEN 2000
#define ECDSA_SKEY_LEN 65
#define ECDSA_SKEY_BASE 16
#define UNKNOWN_ERROR -1 #define UNKNOWN_ERROR -1
#define PLAINTEXT_KEY_TOO_LONG -2 #define PLAINTEXT_KEY_TOO_LONG -2
#define UNPADDED_KEY -3 #define UNPADDED_KEY -3
......
testw.cpp
View file @ e69460f5
...@@ -405,12 +405,13 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa_test]") { ...@@ -405,12 +405,13 @@ TEST_CASE("ECDSA keygen and signature test", "[ecdsa_test]") {
for ( int i = 0; i < 1024 ; i++) for ( int i = 0; i < 1024 ; i++)
printf("%u ", encr_pr_key[i]);*/ printf("%u ", encr_pr_key[i]);*/
char* hex = "38433e5ce087dcc1be82fcc834eae83c256b3db87d34f84440d0b708daa0c6f7"; // char* hex = "4b688df40bcedbe641ddb16ff0a1842d9c67ea1c3bf63f3e0471baa664531d1a";
char* hex = "3F891FDA3704F0368DAB65FA81EBE616F4AA2A0854995DA4DC0B59D2CADBD64F";
char* signature_r = (char *)calloc(1024, 1); char* signature_r = (char *)calloc(1024, 1);
char* signature_s = (char *)calloc(1024, 1); char* signature_s = (char *)calloc(1024, 1);
uint8_t signature_v = 0; uint8_t signature_v = 0;
status = ecdsa_sign1(eid, &err_status, errMsg, encr_pr_key, enc_len, (unsigned char*)hex, signature_r, signature_s, signature_v, 10); status = ecdsa_sign1(eid, &err_status, errMsg, encr_pr_key, enc_len, (unsigned char*)hex, signature_r, signature_s, signature_v, 16);
REQUIRE(status == SGX_SUCCESS); REQUIRE(status == SGX_SUCCESS);
printf("\nsignature r : %s ", signature_r); printf("\nsignature r : %s ", signature_r);
printf("\nsignature s: %s ", signature_s); printf("\nsignature s: %s ", signature_s);
...@@ -520,13 +521,23 @@ TEST_CASE("API test", "[api_test]") { ...@@ -520,13 +521,23 @@ TEST_CASE("API test", "[api_test]") {
cerr << "Client inited" << endl; cerr << "Client inited" << endl;
try { try {
//cout << c.generateECDSAKey("new_key1") << endl; // cout << c.generateECDSAKey("known_key1") << endl;
//cout<<c.getPublicECDSAKey("test_key"); //cout<<c.getPublicECDSAKey("test_key");
cout << c.ecdsaSignMessageHash(16, "new_key1","38433e5ce087dcc1be82fcc834eae83c256b3db87d34f84440d0b708daa0c6f7" ); cout << c.ecdsaSignMessageHash(10, "known_key1","3F891FDA3704F0368DAB65FA81EBE616F4AA2A0854995DA4DC0B59D2CADBD64F" );
} catch (JsonRpcException &e) { } catch (JsonRpcException &e) {
cerr << e.what() << endl; cerr << e.what() << endl;
} }
} }
TEST_CASE("bytes to hex test", "[bytes_to_hex_test]") {
char kavun[] = {'a','b','c','d'};
uint8_t raw_kavun[3];
uint64_t n = 0;
hex2carray(kavun, &n, raw_kavun);
char new_kavun[10];
carray2Hex(raw_kavun, 5, new_kavun);
std::cerr << " got kavun " << new_kavun << std::endl;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment