Unverified Commit eb8325c2 authored by svetaro's avatar svetaro

SKALE-1512 Merge

parent d92bb2eb
...@@ -65,7 +65,8 @@ bin_PROGRAMS = sgxwallet testw ...@@ -65,7 +65,8 @@ bin_PROGRAMS = sgxwallet testw
COMMON_SRC = sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c COMMON_SRC = sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c
COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h
sgxwallet_SOURCES = sgxwallet.c SGXWalletServer.cpp RPCException.cpp BLSCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp $(COMMON_SRC) sgxwallet_SOURCES = sgxwallet.c SGXWalletServer.cpp RPCException.cpp BLSCrypto.cpp ECDSACrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp $(COMMON_SRC)
nodist_sgxwallet_SOURCES = $(COMMON_ENCLAVE_SRC) nodist_sgxwallet_SOURCES = $(COMMON_ENCLAVE_SRC)
EXTRA_sgxwallet_DEPENDENCIES = secure_enclave.signed.so EXTRA_sgxwallet_DEPENDENCIES = secure_enclave.signed.so
...@@ -88,9 +89,16 @@ secure_enclave.signed.so: secure_enclave/secure_enclave.signed.so ...@@ -88,9 +89,16 @@ secure_enclave.signed.so: secure_enclave/secure_enclave.signed.so
## Use the variables, not the actual library names to ensure these ## Use the variables, not the actual library names to ensure these
## targets work on simulation builds. ## targets work on simulation builds.
sgxwallet_LDADD=-l$(SGX_URTS_LIB) -Lleveldb/build -LlibBLS/build -LlibBLS/build/libff/libff -l:libbls.a -l:libleveldb.a -l:libff.a -lgmp -ldl -l:libsgx_capable.a -l:libsgx_tprotected_fs.a -ljsonrpccpp-stub -lpthread -ljsonrpccpp-common -ljsonrpccpp-server -ljsoncpp -lprocps sgxwallet_LDADD=-l$(SGX_URTS_LIB) -Lleveldb/build -LlibBLS/build -LlibBLS/build/libff/libff -l:libbls.a -l:libleveldb.a \
-l:libff.a -lgmp -ldl -l:libsgx_capable.a -l:libsgx_tprotected_fs.a -ljsonrpccpp-stub -lpthread -ljsonrpccpp-common \
-ljsonrpccpp-server -ljsonrpccpp-client -ljsoncpp -lcurl -lprocps intel-sgx-ssl/Linux/package/lib64/libsgx_usgxssl.a \
intel-sgx-ssl/Linux/package/lib64/libsgx_tsgxssl_crypto.a
testw_SOURCES=testw.cpp SGXWalletServer.cpp RPCException.cpp BLSCrypto.cpp ServerInit.cpp LevelDB.cpp BLSPrivateKeyShareSGX.cpp $(COMMON_SRC)
testw_SOURCES=testw.cpp stubclient.cpp SGXWalletServer.cpp RPCException.cpp BLSCrypto.cpp ServerInit.cpp LevelDB.cpp \
BLSPrivateKeyShareSGX.cpp ECDSACrypto.cpp $(COMMON_SRC)
nodist_testw_SOURCES=${nodist_sgxwallet_SOURCES} nodist_testw_SOURCES=${nodist_sgxwallet_SOURCES}
EXTRA_testw_DEPENDENCIES=${EXTRA_sgxwallet_DEPENDENCIES} EXTRA_testw_DEPENDENCIES=${EXTRA_sgxwallet_DEPENDENCIES}
testw_LDADD= ${sgxwallet_LDADD} testw_LDADD= ${sgxwallet_LDADD}
...@@ -47,9 +47,10 @@ std::string ConvertToString(T field_elem) { ...@@ -47,9 +47,10 @@ std::string ConvertToString(T field_elem) {
return output; return output;
} }
std::vector<libff::alt_bn128_Fr> SplitStringToFr(const char* koefs, const char* symbol){ std::vector<libff::alt_bn128_Fr> SplitStringToFr(const char* koefs, const char symbol){
std::string str(koefs); std::string str(koefs);
std::string delim(symbol); std::string delim;
delim.push_back(symbol);
std::vector<libff::alt_bn128_Fr> tokens; std::vector<libff::alt_bn128_Fr> tokens;
size_t prev = 0, pos = 0; size_t prev = 0, pos = 0;
do do
...@@ -90,7 +91,7 @@ libff::alt_bn128_Fr PolynomialValue(const std::vector<libff::alt_bn128_Fr>& pol, ...@@ -90,7 +91,7 @@ libff::alt_bn128_Fr PolynomialValue(const std::vector<libff::alt_bn128_Fr>& pol,
libff::alt_bn128_Fr pow = libff::alt_bn128_Fr::one(); libff::alt_bn128_Fr pow = libff::alt_bn128_Fr::one();
for (size_t i = 0; i < _t; ++i) { for (size_t i = 0; i < _t; ++i) {
if (i == _t - 1 && pol[i] == libff::alt_bn128_Fr::zero()) { if (i == _t - 1 && pol[i] == libff::alt_bn128_Fr::zero()) {
throw std::runtime_error("Error, incorrect degree of a polynomial"); //snprintf(err_string, BUF_LEN,"sgx_unseal_data failed with status
} }
value += pol[i] * pow; value += pol[i] * pow;
pow *= point; pow *= point;
...@@ -104,13 +105,13 @@ void calc_secret_shares(const char* decrypted_koefs, char * secret_shares, ...@@ -104,13 +105,13 @@ void calc_secret_shares(const char* decrypted_koefs, char * secret_shares,
// calculate for each node a list of secret values that will be used for verification // calculate for each node a list of secret values that will be used for verification
std::string result; std::string result;
char symbol = ':'; char symbol = ':';
std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, &symbol); std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, symbol);
for (size_t i = 0; i < _n; ++i) { for (size_t i = 0; i < _n; ++i) {
libff::alt_bn128_Fr secret_share = PolynomialValue(poly, libff::alt_bn128_Fr(i + 1), _t); libff::alt_bn128_Fr secret_share = PolynomialValue(poly, libff::alt_bn128_Fr(i + 1), _t);
result += stringFromFr(secret_share); result += ConvertToString(secret_share);//stringFromFr(secret_share);
result += ":"; result += ":";
} }
strncpy(secret_shares, result.c_str(), result.length()); strncpy(secret_shares, result.c_str(), 2000);//result.length());
} }
void calc_public_shares(const char* decrypted_koefs, char * public_shares, void calc_public_shares(const char* decrypted_koefs, char * public_shares,
...@@ -118,9 +119,10 @@ void calc_public_shares(const char* decrypted_koefs, char * public_shares, ...@@ -118,9 +119,10 @@ void calc_public_shares(const char* decrypted_koefs, char * public_shares,
// calculate for each node a list of public shares // calculate for each node a list of public shares
std::string result; std::string result;
char symbol = ':'; char symbol = ':';
std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, &symbol); std::vector<libff::alt_bn128_Fr> poly = SplitStringToFr(decrypted_koefs, symbol);
libff::alt_bn128_Fr three = 3;
for (size_t i = 0; i < _t; ++i) { for (size_t i = 0; i < _t; ++i) {
libff::alt_bn128_G2 pub_share = poly.at(i) * libff::alt_bn128_G2::one(); libff::alt_bn128_G2 pub_share = poly.at(i) * libff::alt_bn128_G2::one() ;
pub_share.to_affine_coordinates(); pub_share.to_affine_coordinates();
result += ConvertToString(pub_share.X.c0); result += ConvertToString(pub_share.X.c0);
result += ":"; result += ":";
......
...@@ -85,7 +85,8 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h ...@@ -85,7 +85,8 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h
secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \ secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
secure_enclave.c \ secure_enclave.c \
DKGUtils.cpp BLSUtils.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \ curves.c domain_parameters.c numbertheory.c point.c signature.c drive_key_dkg.c \
DKGUtils.cpp BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \ ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG) ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
......
...@@ -107,7 +107,10 @@ am__installdirs = "$(DESTDIR)$(libexecdir)" ...@@ -107,7 +107,10 @@ am__installdirs = "$(DESTDIR)$(libexecdir)"
PROGRAMS = $(libexec_PROGRAMS) PROGRAMS = $(libexec_PROGRAMS)
am__objects_1 = am__objects_1 =
am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \ am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \
secure_enclave.$(OBJEXT) DKGUtils.$(OBJEXT) BLSUtils.$(OBJEXT) \ secure_enclave.$(OBJEXT) curves.$(OBJEXT) \
domain_parameters.$(OBJEXT) numbertheory.$(OBJEXT) \
point.$(OBJEXT) signature.$(OBJEXT) drive_key_dkg.$(OBJEXT) \
DKGUtils.$(OBJEXT) BLSEnclave.$(OBJEXT) \
alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \ alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \
alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1) alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1)
secure_enclave_OBJECTS = $(am_secure_enclave_OBJECTS) secure_enclave_OBJECTS = $(am_secure_enclave_OBJECTS)
...@@ -135,10 +138,13 @@ am__v_at_1 = ...@@ -135,10 +138,13 @@ am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp depcomp = $(SHELL) $(top_srcdir)/depcomp
am__maybe_remake_depfiles = depfiles am__maybe_remake_depfiles = depfiles
am__depfiles_remade = ./$(DEPDIR)/BLSUtils.Po ./$(DEPDIR)/DKGUtils.Po \ am__depfiles_remade = ./$(DEPDIR)/BLSEnclave.Po \
./$(DEPDIR)/alt_bn128_g1.Po ./$(DEPDIR)/alt_bn128_g2.Po \ ./$(DEPDIR)/DKGUtils.Po ./$(DEPDIR)/alt_bn128_g1.Po \
./$(DEPDIR)/alt_bn128_init.Po ./$(DEPDIR)/secure_enclave.Po \ ./$(DEPDIR)/alt_bn128_g2.Po ./$(DEPDIR)/alt_bn128_init.Po \
./$(DEPDIR)/secure_enclave_t.Po \ ./$(DEPDIR)/curves.Po ./$(DEPDIR)/domain_parameters.Po \
./$(DEPDIR)/drive_key_dkg.Po ./$(DEPDIR)/numbertheory.Po \
./$(DEPDIR)/point.Po ./$(DEPDIR)/secure_enclave.Po \
./$(DEPDIR)/secure_enclave_t.Po ./$(DEPDIR)/signature.Po \
./$(DEPDIR)/signed_enclave_debug.Po \ ./$(DEPDIR)/signed_enclave_debug.Po \
./$(DEPDIR)/signed_enclave_rel.Po ./$(DEPDIR)/signed_enclave_rel.Po
am__mv = mv -f am__mv = mv -f
...@@ -338,7 +344,8 @@ ENCLAVE_CONFIG = $(ENCLAVE).config.xml ...@@ -338,7 +344,8 @@ ENCLAVE_CONFIG = $(ENCLAVE).config.xml
ENCLAVE_KEY = $(ENCLAVE)_private.pem ENCLAVE_KEY = $(ENCLAVE)_private.pem
secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \ secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
secure_enclave.c \ secure_enclave.c \
DKGUtils.cpp BLSUtils.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \ curves.c domain_parameters.c numbertheory.c point.c signature.c drive_key_dkg.c \
DKGUtils.cpp BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \ ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG) ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
...@@ -431,13 +438,19 @@ mostlyclean-compile: ...@@ -431,13 +438,19 @@ mostlyclean-compile:
distclean-compile: distclean-compile:
-rm -f *.tab.c -rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSUtils.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g1.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_g2.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alt_bn128_init.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/curves.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domain_parameters.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/drive_key_dkg.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numbertheory.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/point.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secure_enclave_t.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signature.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_debug.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signed_enclave_rel.Po@am__quote@ # am--include-marker
...@@ -645,13 +658,19 @@ clean: clean-am ...@@ -645,13 +658,19 @@ clean: clean-am
clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am
distclean: distclean-am distclean: distclean-am
-rm -f ./$(DEPDIR)/BLSUtils.Po -rm -f ./$(DEPDIR)/BLSEnclave.Po
-rm -f ./$(DEPDIR)/DKGUtils.Po -rm -f ./$(DEPDIR)/DKGUtils.Po
-rm -f ./$(DEPDIR)/alt_bn128_g1.Po -rm -f ./$(DEPDIR)/alt_bn128_g1.Po
-rm -f ./$(DEPDIR)/alt_bn128_g2.Po -rm -f ./$(DEPDIR)/alt_bn128_g2.Po
-rm -f ./$(DEPDIR)/alt_bn128_init.Po -rm -f ./$(DEPDIR)/alt_bn128_init.Po
-rm -f ./$(DEPDIR)/curves.Po
-rm -f ./$(DEPDIR)/domain_parameters.Po
-rm -f ./$(DEPDIR)/drive_key_dkg.Po
-rm -f ./$(DEPDIR)/numbertheory.Po
-rm -f ./$(DEPDIR)/point.Po
-rm -f ./$(DEPDIR)/secure_enclave.Po -rm -f ./$(DEPDIR)/secure_enclave.Po
-rm -f ./$(DEPDIR)/secure_enclave_t.Po -rm -f ./$(DEPDIR)/secure_enclave_t.Po
-rm -f ./$(DEPDIR)/signature.Po
-rm -f ./$(DEPDIR)/signed_enclave_debug.Po -rm -f ./$(DEPDIR)/signed_enclave_debug.Po
-rm -f ./$(DEPDIR)/signed_enclave_rel.Po -rm -f ./$(DEPDIR)/signed_enclave_rel.Po
-rm -f Makefile -rm -f Makefile
...@@ -699,13 +718,19 @@ install-ps-am: ...@@ -699,13 +718,19 @@ install-ps-am:
installcheck-am: installcheck-am:
maintainer-clean: maintainer-clean-am maintainer-clean: maintainer-clean-am
-rm -f ./$(DEPDIR)/BLSUtils.Po -rm -f ./$(DEPDIR)/BLSEnclave.Po
-rm -f ./$(DEPDIR)/DKGUtils.Po -rm -f ./$(DEPDIR)/DKGUtils.Po
-rm -f ./$(DEPDIR)/alt_bn128_g1.Po -rm -f ./$(DEPDIR)/alt_bn128_g1.Po
-rm -f ./$(DEPDIR)/alt_bn128_g2.Po -rm -f ./$(DEPDIR)/alt_bn128_g2.Po
-rm -f ./$(DEPDIR)/alt_bn128_init.Po -rm -f ./$(DEPDIR)/alt_bn128_init.Po
-rm -f ./$(DEPDIR)/curves.Po
-rm -f ./$(DEPDIR)/domain_parameters.Po
-rm -f ./$(DEPDIR)/drive_key_dkg.Po
-rm -f ./$(DEPDIR)/numbertheory.Po
-rm -f ./$(DEPDIR)/point.Po
-rm -f ./$(DEPDIR)/secure_enclave.Po -rm -f ./$(DEPDIR)/secure_enclave.Po
-rm -f ./$(DEPDIR)/secure_enclave_t.Po -rm -f ./$(DEPDIR)/secure_enclave_t.Po
-rm -f ./$(DEPDIR)/signature.Po
-rm -f ./$(DEPDIR)/signed_enclave_debug.Po -rm -f ./$(DEPDIR)/signed_enclave_debug.Po
-rm -f ./$(DEPDIR)/signed_enclave_rel.Po -rm -f ./$(DEPDIR)/signed_enclave_rel.Po
-rm -f Makefile -rm -f Makefile
...@@ -745,7 +770,7 @@ uninstall-am: uninstall-libexecPROGRAMS ...@@ -745,7 +770,7 @@ uninstall-am: uninstall-libexecPROGRAMS
%_t.h %_t.c: %.edl %_t.h %_t.c: %.edl
$(SGX_EDGER8R) --search-path $(SGXSDK_INCDIR) $(SGX_EDGER8R_FLAGS) --trusted $< $(SGX_EDGER8R) --search-path $(SGXSDK_INCDIR):${PWD}/../intel-sgx-ssl/Linux/package/include $(SGX_EDGER8R_FLAGS) --trusted $<
@ENCLAVE_RELEASE_SIGN_TRUE@.PHONY: signed_enclave_rel @ENCLAVE_RELEASE_SIGN_TRUE@.PHONY: signed_enclave_rel
@ENCLAVE_RELEASE_SIGN_FALSE@.PHONY: signed_enclave_debug @ENCLAVE_RELEASE_SIGN_FALSE@.PHONY: signed_enclave_debug
......
//
// Created by kladko on 10/1/19.
//
#include <stdlib.h>
#include <../tgmp-build/include/sgx_tgmp.h>
#include <stdbool.h>
#include "domain_parameters.h"
#include "curves.h"
#include "point.h"
#include "numbertheory.h"
void gen_session_keys(mpz_t skey, char* pb_key){
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
unsigned char* rand_char = (unsigned char*)malloc(32);
sgx_read_rand( rand_char, 32);
mpz_t seed;
mpz_init(seed);
mpz_import(seed, 32, 1, sizeof(rand_char[0]), 0, 0, rand_char);
free(rand_char);
mpz_t skey_mpz;
mpz_init(skey_mpz);
mpz_mod(skey_mpz, seed, curve->p);
mpz_clear(seed);
char arr[mpz_sizeinbase (skey_mpz, 16) + 2];
char* sk = mpz_get_str(arr, 16, skey_mpz);
// memcpy(skey, arr, 32);
// strncpy(skey, arr, 1024);
mpz_set(skey, skey_mpz);
point pub_key = point_init();
point_multiplication(pub_key, skey, curve->G, curve);
mpz_clear(skey_mpz);
point_clear(pub_key);
domain_parameters_clear(curve);
}
\ No newline at end of file
//
// Created by kladko on 10/1/19.
//
#ifndef SGXD_DRIVE_KEY_DKG_H
#define SGXD_DRIVE_KEY_DKG_H
void gen_session_keys(mpz_t skey, char* pub_key);
#endif //SGXD_DRIVE_KEY_DKG_H
...@@ -31,6 +31,14 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ...@@ -31,6 +31,14 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
/*#include <openssl/ecdsa.h>
#include <openssl/ec.h>
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include "tSgxSSL_api.h"*/
#include "secure_enclave_t.h" #include "secure_enclave_t.h"
#include "sgx_tcrypto.h" #include "sgx_tcrypto.h"
#include "sgx_tseal.h" #include "sgx_tseal.h"
...@@ -41,12 +49,15 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ...@@ -41,12 +49,15 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <string.h> #include <string.h>
#include <stdio.h> #include <stdio.h>
#include <openssl/ec.h> #include <stdbool.h>
#include <openssl/bn.h> #include "domain_parameters.h"
#include <openssl/evp.h> #include "point.h"
#include <openssl/err.h> #include "signature.h"
#include <openssl/rand.h> #include "curves.h"
#include "tSgxSSL_api.h" #include "drive_key_dkg.h"
#include <string.h>
#include <sgx_tcrypto.h>
#include "../sgxwallet_common.h" #include "../sgxwallet_common.h"
...@@ -117,7 +128,141 @@ void e_mpf_div(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {} ...@@ -117,7 +128,141 @@ void e_mpf_div(mpf_t *c_un, mpf_t *a_un, mpf_t *b_un) {}
void generate_ecdsa_key(int *err_status, char *err_string, void generate_ecdsa_key(int *err_status, char *err_string,
uint8_t *encrypted_key, uint32_t *enc_len) { uint8_t *encrypted_key, uint32_t *enc_len, char * pub_key_x, char * pub_key_y) {
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
unsigned char* rand_char = (unsigned char*)malloc(32);
sgx_read_rand( rand_char, 32);
mpz_t seed;
mpz_init(seed);
mpz_import(seed, 32, 1, sizeof(rand_char[0]), 0, 0, rand_char);
free(rand_char);
mpz_t skey;
mpz_init(skey);
mpz_mod(skey, seed, curve->p);
mpz_clear(seed);
//mpz_set_str(skey, "4160780231445160889237664391382223604576", 10);
//mpz_set_str(skey, "4160780231445160889237664391382223604184857153814275770598791864649971919844", 10);
//mpz_set_str(skey, "1", 10);
//mpz_set_str(skey, "ebb2c082fd7727890a28ac82f6bdf97bad8de9f5d7c9028692de1a255cad3e0f", 16);
//mpz_set_str(skey, "D30519BCAE8D180DBFCC94FE0B8383DC310185B0BE97B4365083EBCECCD75759", 16);
//Public key
point Pkey = point_init();
signature_generate_key(Pkey, skey, curve);
uint8_t base = 16;
int len = mpz_sizeinbase (Pkey->x, base) + 2;
//snprintf(err_string, BUF_LEN, "len = %d\n", len);
char arr_x[len];
char* px = mpz_get_str(arr_x, base, Pkey->x);
//snprintf(err_string, BUF_LEN, "arr=%p px=%p\n", arr_x, px);
int n_zeroes = 64 - strlen(arr_x);
for ( int i = 0; i < n_zeroes; i++){
pub_key_x[i] = '0';
}
strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes);
char arr_y[mpz_sizeinbase (Pkey->y, base) + 2];
char* py = mpz_get_str(arr_y, base, Pkey->y);
n_zeroes = 64 - strlen(arr_y);
for ( int i = 0; i < n_zeroes; i++){
pub_key_y[i] = '0';
}
strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes);
char skey_str[mpz_sizeinbase (skey, ECDSA_SKEY_BASE) + 2];
char* s = mpz_get_str(skey_str, ECDSA_SKEY_BASE, skey);
snprintf(err_string, BUF_LEN, "skey is %s len %d\n", skey_str, strlen(skey_str));
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
sgx_status_t status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t *)skey_str, sealedLen,(sgx_sealed_data_t*)encrypted_key);
if( status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"seal ecsdsa private key failed");
return;
}
*enc_len = sealedLen;
mpz_clear(skey);
domain_parameters_clear(curve);
point_clear(Pkey);
}
void get_public_ecdsa_key(int *err_status, char *err_string,
uint8_t *encrypted_key, uint32_t dec_len, char * pub_key_x, char * pub_key_y) {
//uint32_t dec_len = 0;
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
char skey[ECDSA_SKEY_LEN];
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *)encrypted_key, NULL, 0, (uint8_t *)skey, &dec_len);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"sgx_unseal_data failed with status %d", status);
return;
}
//strncpy(err_string, skey, 1024);
mpz_t skey_mpz;
mpz_init(skey_mpz);
// mpz_import(skey_mpz, 32, 1, sizeof(skey[0]), 0, 0, skey);
if (mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE) == -1){
snprintf(err_string, BUF_LEN,"wrong string to init private key");
}
//Public key
point Pkey = point_init();
signature_generate_key(Pkey, skey_mpz, curve);
point Pkey_test = point_init();
point_multiplication(Pkey_test, skey_mpz, curve->G, curve);
if (!point_cmp(Pkey, Pkey_test)){
snprintf(err_string, BUF_LEN,"Points are not equal");
}
int base = 16;
int len = mpz_sizeinbase (Pkey->x, base) + 2;
//snprintf(err_string, BUF_LEN, "len = %d\n", len);
char arr_x[len];
char* px = mpz_get_str(arr_x, base, Pkey->x);
//snprintf(err_string, BUF_LEN, "arr=%p px=%p\n", arr_x, px);
int n_zeroes = 64 - strlen(arr_x);
for ( int i = 0; i < n_zeroes; i++){
pub_key_x[i] = '0';
}
strncpy(pub_key_x + n_zeroes, arr_x, 1024 - n_zeroes);
char arr_y[mpz_sizeinbase (Pkey->y, base) + 2];
char* py = mpz_get_str(arr_y, base, Pkey->y);
n_zeroes = 64 - strlen(arr_y);
for ( int i = 0; i < n_zeroes; i++){
pub_key_y[i] = '0';
}
strncpy(pub_key_y + n_zeroes, arr_y, 1024 - n_zeroes);
mpz_clear(skey_mpz);
domain_parameters_clear(curve);
point_clear(Pkey);
} }
...@@ -267,79 +412,6 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key, ...@@ -267,79 +412,6 @@ void bls_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
} }
void ecdsa_sign_message(int *err_status, char *err_string, uint8_t *encrypted_key,
uint32_t enc_len, uint8_t *message, char *signature) {
*err_status = -1;
char key[BUF_LEN];
decrypt_key(err_status, err_string, encrypted_key, enc_len, key);
if (err_status != 0) {
return;
}
//strncpy(signature, ecdsaSig, MAX_SIG_LEN);
unsigned char entropy_buf[ADD_ENTROPY_SIZE] = {0};
RAND_add(entropy_buf, sizeof(entropy_buf), ADD_ENTROPY_SIZE);
RAND_seed(entropy_buf, sizeof(entropy_buf));
// Initialize SGXSSL crypto
OPENSSL_init_crypto(0, NULL);
RAND_add(entropy_buf, sizeof(entropy_buf), ADD_ENTROPY_SIZE);
RAND_seed(entropy_buf, sizeof(entropy_buf));
EC_KEY *ec = NULL;
int eccgroup;
eccgroup = OBJ_txt2nid("secp384r1");
ec = EC_KEY_new_by_curve_name(eccgroup);
if (ec == NULL) {
return;
}
EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
int ret = EC_KEY_generate_key(ec);
if (!ret) {
return;
}
EVP_PKEY *ec_pkey = EVP_PKEY_new();
if (ec_pkey == NULL) {
return;
}
EVP_PKEY_assign_EC_KEY(ec_pkey, ec);
// DONE
char buffer[100];
unsigned char sig;
unsigned int siglen;
int i;
for (i = 0; i < 1000; i++) {
// Add context
EVP_MD_CTX *context = EVP_MD_CTX_new();
// Init, update, final
EVP_SignInit_ex(context, EVP_sha1(), NULL);
EVP_SignUpdate(context, &buffer, 100);
EVP_SignFinal(context, &sig, &siglen, ec_pkey);
}
*err_status = 0;
}
void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t* enc_len, size_t _t){ void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_secret, uint32_t* enc_len, size_t _t){
char* dkg_secret = (char*)malloc(DKG_BUFER_LENGTH); char* dkg_secret = (char*)malloc(DKG_BUFER_LENGTH);
...@@ -355,6 +427,7 @@ void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_s ...@@ -355,6 +427,7 @@ void gen_dkg_secret (int *err_status, char *err_string, uint8_t *encrypted_dkg_s
} }
*enc_len = sealedLen; *enc_len = sealedLen;
free(dkg_secret);
} }
void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len){ void decrypt_dkg_secret (int *err_status, char* err_string, uint8_t* encrypted_dkg_secret, uint8_t* decrypted_dkg_secret, uint32_t enc_len){
...@@ -381,5 +454,116 @@ void get_public_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg ...@@ -381,5 +454,116 @@ void get_public_shares(int *err_status, char* err_string, uint8_t* encrypted_dkg
unsigned _t, unsigned _n){ unsigned _t, unsigned _n){
char* decrypted_dkg_secret = (char*)malloc(DKG_MAX_SEALED_LEN); char* decrypted_dkg_secret = (char*)malloc(DKG_MAX_SEALED_LEN);
decrypt_dkg_secret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len); decrypt_dkg_secret(err_status, err_string, (uint8_t*)encrypted_dkg_secret, decrypted_dkg_secret, enc_len);
strncpy(err_string, decrypted_dkg_secret, 1024);
calc_public_shares(decrypted_dkg_secret, public_shares, _t); calc_public_shares(decrypted_dkg_secret, public_shares, _t);
} }
void ecdsa_sign1(int *err_status, char *err_string, uint8_t *encrypted_key, uint32_t dec_len,
unsigned char* hash, char * sig_r, char * sig_s, uint8_t* sig_v, int base) {
domain_parameters curve = domain_parameters_init();
domain_parameters_load_curve(curve, secp256k1);
char skey[ECDSA_SKEY_LEN];
sgx_status_t status = sgx_unseal_data(
(const sgx_sealed_data_t *)encrypted_key, NULL, 0, skey, &dec_len);
if (status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"sgx_unseal_data failed with status %d", status);
return;
}
snprintf(err_string, BUF_LEN,"pr key is %s length %d ", skey, strlen(skey));
mpz_t skey_mpz;
mpz_init(skey_mpz);
mpz_set_str(skey_mpz, skey, ECDSA_SKEY_BASE);
/*mpz_t test_skey;
mpz_init(test_skey);
mpz_set_str(test_skey, "4160780231445160889237664391382223604184857153814275770598791864649971919844", 10);
if(!mpz_cmp(skey,test_skey)){
snprintf(err_string, BUF_LEN,"keys are not equal ");
}*/
mpz_t msg_mpz;
mpz_init(msg_mpz);
mpz_set_str(msg_mpz, hash, 16);
//mpz_set_str(msg_mpz,"4b688df40bcedbe641ddb16ff0a1842d9c67ea1c3bf63f3e0471baa664531d1a", 16);
signature sign = signature_init();
signature_sign( sign, msg_mpz, skey_mpz, curve);
point Pkey = point_init();
signature_generate_key(Pkey, skey_mpz, curve);
if ( !signature_verify(msg_mpz, sign, Pkey, curve) ){
snprintf(err_string, BUF_LEN,"signature is not verified! ");
return;
}
//char arr_x[mpz_sizeinbase (Pkey->x, 16) + 2];
//char* px = mpz_get_str(arr_x, 16, Pkey->x);
//snprintf(err_string, BUF_LEN,"pub key x %s ", arr_x);
char arr_m[mpz_sizeinbase (msg_mpz, 16) + 2];
char* msg = mpz_get_str(arr_m, 16, msg_mpz);
snprintf(err_string, BUF_LEN,"message is %s ", arr_m);
char arr_r[mpz_sizeinbase (sign->r, base) + 2];
char* r = mpz_get_str(arr_r, base, sign->r);
strncpy(sig_r, arr_r, 1024);
char arr_s[mpz_sizeinbase (sign->s, base) + 2];
char* s = mpz_get_str(arr_s, base, sign->s);
strncpy(sig_s, arr_s, 1024);
*sig_v = sign->v;
mpz_clear(skey_mpz);
mpz_clear(msg_mpz);
domain_parameters_clear(curve);
signature_clear(sign);
point_clear(Pkey);
}
void drive_key(int *err_status, char *err_string, uint8_t *encrypted_skey, uint32_t* enc_len, char* result_str, char* pub_keyB ){
//char* skey = (char*)malloc(1024);
char* pub_key = (char*)malloc(1024);
mpz_t skey;
mpz_init(skey);
gen_session_keys(skey, pub_key);
char arr_sk[mpz_sizeinbase (skey, 16) + 2];
char* sk = mpz_get_str(arr_sk, 16, skey);
snprintf(err_string, BUF_LEN,"skey is %s length %d", arr_sk, strlen(arr_sk));
uint32_t sealedLen = sgx_calc_sealed_data_size(0, ECDSA_SKEY_LEN);
sgx_status_t status = sgx_seal_data(0, NULL, ECDSA_SKEY_LEN, (uint8_t*)arr_sk, sealedLen,(sgx_sealed_data_t*)encrypted_skey);
if( status != SGX_SUCCESS) {
snprintf(err_string, BUF_LEN,"SGX seal data failed");
}
/* char arr_r[mpz_sizeinbase (sign->r, base) + 2];
char* r = mpz_get_str(arr_r, base, sign->r);
strncpy(sig_r, arr_r, 1024);
char arr_s[mpz_sizeinbase (sign->s, base) + 2];
char* s = mpz_get_str(arr_s, base, sign->s);
strncpy(sig_s, arr_s, 1024);*/
mpz_clear(skey);
//free(skey);
free(pub_key);
}
enclave { enclave {
from "sgx_tsgxssl.edl" import *;
trusted { trusted {
include "sgx_tgmp.h" include "sgx_tgmp.h"
...@@ -24,8 +26,18 @@ enclave { ...@@ -24,8 +26,18 @@ enclave {
public void generate_ecdsa_key ( public void generate_ecdsa_key (
[user_check] int *err_status, [user_check] int *err_status,
[out, count = 1024] char* err_string, [out, count = 1024] char* err_string,
[out, count = 1024] uint8_t* encrypted_key, [user_check] uint32_t *enc_len); [out, count = 1024] uint8_t* encrypted_key,
[user_check] uint32_t *enc_len,
[out, count = 1024] char * pub_key_x,
[out, count = 1024] char * pub_key_y);
public void get_public_ecdsa_key (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
uint32_t dec_len,
[out, count = 1024] char * pub_key_x,
[out, count = 1024] char * pub_key_y);
public void encrypt_key ( public void encrypt_key (
[user_check] int *err_status, [user_check] int *err_status,
...@@ -49,14 +61,6 @@ enclave { ...@@ -49,14 +61,6 @@ enclave {
[in, count = 1024] char* hashY , [in, count = 1024] char* hashY ,
[out, count = 1024] char* signature); [out, count = 1024] char* signature);
public void ecdsa_sign_message (
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
uint32_t enc_len,
[in, count = 1024] uint8_t* hash,
[out, count = 1024] char* signature);
public void gen_dkg_secret ( public void gen_dkg_secret (
[user_check] int *err_status, [user_check] int *err_status,
[out, count = 1024] char* err_string, [out, count = 1024] char* err_string,
...@@ -74,7 +78,7 @@ enclave { ...@@ -74,7 +78,7 @@ enclave {
public void get_secret_shares ( public void get_secret_shares (
[user_check] int *err_status, [user_check] int *err_status,
[out, count = 1024] char* err_string, [out, count = 1024] char* err_string,
[in, count = 2000] uint8_t* decrypted_dkg_secret, [in, count = 2000] uint8_t* encrypted_dkg_secret,
uint32_t enc_len, uint32_t enc_len,
[out, count = 2000] char* secret_shares, [out, count = 2000] char* secret_shares,
unsigned _t, unsigned _t,
...@@ -88,6 +92,25 @@ enclave { ...@@ -88,6 +92,25 @@ enclave {
[out, count = 4000] char* public_shares, [out, count = 4000] char* public_shares,
unsigned _t, unsigned _t,
unsigned _n); unsigned _n);
public void ecdsa_sign1(
[user_check] int *err_status,
[out, count = 1024] char* err_string,
[in, count = 1024] uint8_t* encrypted_key,
uint32_t enc_len,
[in, count = 1024] unsigned char* hash,
[out, count = 1024] char* sig_r,
[out, count = 1024] char* sig_s,
[user_check] uint8_t* sig_v,
int base);
public void drive_key(
[user_check]int *err_status,
[out, count = 1024] char *err_string,
[out, count = 1024] uint8_t *encrypted_skey,
[user_check]uint32_t* enc_len,
[out, count = 1024] char* result_str,
[out, count = 1024] char* pub_keyB );
}; };
......
#include <stdlib.h>
#include <stdio.h>
#include <../tgmp-build/include/sgx_tgmp.h>
#include <stdbool.h>
#include <assert.h>
#include "domain_parameters.h"
#include "point.h"
#include "signature.h"
#include "numbertheory.h"
/*Initialize a signature*/
signature signature_init()
{
signature sig;
sig = malloc(sizeof(struct signature_s));
mpz_init(sig->r);
mpz_init(sig->s);
sig->v = 0;
return sig;
}
/*Print signature to standart output stream*/
void signature_print(signature sig)
{
/*printf("\nSignature (r,s): \n\t(");
mpz_out_str(stdout, 10, sig->r);
printf(",\n\t");
mpz_out_str(stdout, 10, sig->s);
printf(")\n");*/
}
/*Set signature from strings of a base from 2-62*/
void signature_set_str(signature sig, char *r, char *s, int base)
{
mpz_set_str(sig->r, r, base);
mpz_set_str(sig->s, s, base);
}
/*Set signature from hexadecimal strings*/
void signature_set_hex(signature sig, char *r, char *s)
{
signature_set_str(sig,r,s,16);
}
/*Set signature from decimal unsigned long ints*/
void signature_set_ui(signature sig, unsigned long int r, unsigned long int s)
{
mpz_set_ui(sig->r, r);
mpz_set_ui(sig->s, s);
}
/*Make R a copy of P*/
void signature_copy(signature R, signature sig)
{
mpz_set(R->r, sig->r);
mpz_set(R->s, sig->s);
}
/*Compare two signatures return 1 if not the same, returns 0 if they are the same*/
bool signature_cmp(signature sig1, signature sig2)
{
return !mpz_cmp(sig1->r,sig2->r) && !mpz_cmp(sig1->s,sig2->s);
}
/*Generates a public key for a private key*/
void signature_generate_key(point public_key, mpz_t private_key, domain_parameters curve)
{
point_multiplication(public_key, private_key, curve->G, curve);
}
/*Generate signature for a message*/
void signature_sign(signature sig, mpz_t message, mpz_t private_key, domain_parameters curve)
{
//message must not have a bit length longer than that of n
//see: Guide to Elliptic Curve Cryptography, section 4.4.1.
assert(mpz_sizeinbase(message, 2) <= mpz_sizeinbase(curve->n, 2));
//Initializing variables
mpz_t k;mpz_init(k);
mpz_t x;mpz_init(x);
point Q = point_init();
mpz_t r;mpz_init(r);
mpz_t t1;mpz_init(t1);
mpz_t t2;mpz_init(t2);
mpz_t t3;mpz_init(t3);
mpz_t s;mpz_init(s);
unsigned char* rand_char = (unsigned char*)malloc(32);
sgx_read_rand( rand_char, 32);
gmp_randstate_t r_state;
signature_sign_start:
//Set k
sgx_read_rand( rand_char, 32);
mpz_t seed;
mpz_init(seed);
mpz_import(seed, 32, 1, sizeof(rand_char[0]), 0, 0, rand_char);
free(rand_char);
mpz_mod(k, seed, curve->p);
mpz_clear(seed);
//mpz_set_str(k, "49a0d7b786ec9cde0d0721d72804befd06571c974b191efb42ecf322ba9ddd9a", 16);
// mpz_set_str(k, "DC87789C4C1A09C97FF4DE72C0D0351F261F10A2B9009C80AEE70DDEC77201A0", 16);
//mpz_set_str(k,"29932781130098090011281004827843485745127563886526054275935615017309884975795",10);
//Calculate x
point_multiplication(Q, k, curve->G, curve);
mpz_set(x, Q->x);
//Calculate r
mpz_mod(r, x, curve->n);
if(!mpz_sgn(r)) //Start over if r=0, note haven't been tested memory might die :)
goto signature_sign_start;
mpz_clear(x);
//Calculate s
//s = k¯¹(e+d*r) mod n = (k¯¹ mod n) * ((e+d*r) mod n) mod n
//number_theory_inverse(t1, k, curve->n);//t1 = k¯¹ mod n
mpz_invert(t1, k, curve->n);
mpz_mul(t2, private_key, r); //t2 = d*r
mpz_add(t3, message, t2); //t3 = e+t2
mpz_clear(t2);
mpz_init(t2);
mpz_mod(t2, t3, curve->n); //t2 = t3 mod n
mpz_clear(t3);
mpz_init(t3);
mpz_mul(t3, t2, t1); //t3 = t2 * t1
mpz_mod(s, t3, curve->n); //s = t3 mod n
//Calculate v
mpz_t rem;
mpz_init(rem);
mpz_mod_ui(rem, Q->y, 2);
mpz_t s_mul_2;
mpz_init(s_mul_2);
mpz_mul_ui(s_mul_2, s, 2);
unsigned b = 0;
if (mpz_cmp(s_mul_2, curve->n) > 0) {
b = 1;
}
sig->v = mpz_get_ui(rem) ^ b ;
point_clear(Q);
mpz_clear(rem);
mpz_clear(s_mul_2);
mpz_t n_div_2;
mpz_init(n_div_2);
mpz_cdiv_q_ui(n_div_2, curve->n , 2);
if (mpz_cmp(s, n_div_2) > 0) {
mpz_t neg;
mpz_init(neg);
mpz_sub(neg, curve->n, s);
mpz_clear(s);
mpz_init(s);
mpz_set(s, neg);
mpz_clear(neg);
}
mpz_clear(n_div_2);
mpz_clear(t1);
mpz_clear(t2);
mpz_clear(t3);
//Set signature
mpz_set(sig->r, r);
mpz_set(sig->s, s);
//Release k,r and s
mpz_clear(k);
mpz_clear(r);
mpz_clear(s);
}
/*Verify the integrity of a message using it's signature*/
bool signature_verify(mpz_t message, signature sig, point public_key, domain_parameters curve)
{
//verify r and s are within [1, n-1]
mpz_t one;mpz_init(one);
mpz_set_ui(one, 1);
if( mpz_cmp(sig->r,one) < 0 &&
mpz_cmp(curve->n,sig->r) <= 0 &&
mpz_cmp(sig->s,one) < 0 &&
mpz_cmp(curve->n,sig->s) <= 0)
{
mpz_clear(one);
return false;
}
mpz_clear(one);
//Initialize variables
mpz_t w;mpz_init(w);
mpz_t u1;mpz_init(u1);
mpz_t u2;mpz_init(u2);
mpz_t t;mpz_init(t);
mpz_t tt2;mpz_init(tt2);
point x = point_init();
point t1 = point_init();
point t2 = point_init();
//w = s¯¹ mod n
number_theory_inverse(w, sig->s, curve->n);
//u1 = message * w mod n
mpz_mod(tt2, message, curve->n);
mpz_mul(t, tt2, w);
mpz_mod(u1, t, curve->n);
//u2 = r*w mod n
mpz_mul(t, sig->r, w);
mpz_mod(u2, t, curve->n);
//x = u1*G+u2*Q
point_multiplication(t1, u1, curve->G, curve);
point_multiplication(t2, u2, public_key, curve);
point_addition(x, t1, t2, curve);
//Get the result, by comparing x value with r and verifying that x is NOT at infinity
bool result = mpz_cmp(sig->r, x->x) == 0 && !x->infinity;
//release memory
point_clear(x);
point_clear(t1);
point_clear(t2);
mpz_clear(w);
mpz_clear(u1);
mpz_clear(u2);
mpz_clear(t);
mpz_clear(tt2);
//Return result
return result;
}
/*Release signature*/
void signature_clear(signature sig)
{
mpz_clear(sig->r);
mpz_clear(sig->s);
free(sig);
}
...@@ -30,10 +30,21 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS ...@@ -30,10 +30,21 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
#include <libff/algebra/fields/fp.hpp>
#include <dkg/dkg.h>
#include <jsonrpccpp/server/connectors/httpserver.h> #include <jsonrpccpp/server/connectors/httpserver.h>
#include <libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp>
#include <libff/algebra/exponentiation/exponentiation.hpp>
#include <libff/algebra/fields/fp.hpp>
#include <dkg/dkg.h>
#include "sgxwallet_common.h" #include "sgxwallet_common.h"
#include "create_enclave.h" #include "create_enclave.h"
#include "secure_enclave_u.h" #include "secure_enclave_u.h"
...@@ -51,10 +62,14 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ...@@ -51,10 +62,14 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "SGXWalletServer.hpp" #include "SGXWalletServer.hpp"
#include <sgx_tcrypto.h>
#define CATCH_CONFIG_MAIN // This tells Catch to provide a main() - only do this in one cpp file #define CATCH_CONFIG_MAIN // This tells Catch to provide a main() - only do this in one cpp file
#include "catch.hpp" #include "catch.hpp"
#include "stubclient.h"
std::string stringFromFr(libff::alt_bn128_Fr& el) { std::string stringFromFr(libff::alt_bn128_Fr& el) {
mpz_t t; mpz_t t;
...@@ -178,17 +193,12 @@ TEST_CASE("BLS sign test", "[bls-sign]") { ...@@ -178,17 +193,12 @@ TEST_CASE("BLS sign test", "[bls-sign]") {
strncpy(hexHashBuf, hexHash, BUF_LEN); strncpy(hexHashBuf, hexHash, BUF_LEN);
char sig[BUF_LEN]; char sig[BUF_LEN];
REQUIRE(sign(encryptedKeyHex, hexHashBuf, 2, 2, 1, sig)); REQUIRE(sign(encryptedKeyHex, hexHashBuf, 2, 2, 1, sig));
printf("Signature is: %s \n", sig ); printf("Signature is: %s \n", sig );
} }
TEST_CASE("Server BLS sign test", "[bls-server-sign]") { TEST_CASE("Server BLS sign test", "[bls-server-sign]") {
...@@ -203,10 +213,8 @@ TEST_CASE("Server BLS sign test", "[bls-server-sign]") { ...@@ -203,10 +213,8 @@ TEST_CASE("Server BLS sign test", "[bls-server-sign]") {
REQUIRE(result["encryptedKeyShare"] != ""); REQUIRE(result["encryptedKeyShare"] != "");
const char *hexHash = "001122334455667788" "001122334455667788" "001122334455667788" "001122334455667788"; const char *hexHash = "001122334455667788" "001122334455667788" "001122334455667788" "001122334455667788";
REQUIRE_NOTHROW(result = blsSignMessageHashImpl(TEST_BLS_KEY_NAME, hexHash)); REQUIRE_NOTHROW(result = blsSignMessageHashImpl(TEST_BLS_KEY_NAME, hexHash));
if (result["status"] != 0) { if (result["status"] != 0) {
...@@ -277,11 +285,14 @@ TEST_CASE( "DKG gen test", "[dkg-gen]" ) { ...@@ -277,11 +285,14 @@ TEST_CASE( "DKG gen test", "[dkg-gen]" ) {
free(errMsg1); free(errMsg1);
free(encrypted_dkg_secret); free(encrypted_dkg_secret);
free(secret); free(secret);
sgx_destroy_enclave(eid);
} }
std::vector<libff::alt_bn128_Fr> SplitStringToFr(const char* koefs, const char* symbol){ std::vector<libff::alt_bn128_Fr> SplitStringToFr(const char* koefs, const char symbol){
std::string str(koefs); std::string str(koefs);
std::string delim(symbol); std::string delim;
delim.push_back(symbol);
std::vector<libff::alt_bn128_Fr> tokens; std::vector<libff::alt_bn128_Fr> tokens;
size_t prev = 0, pos = 0; size_t prev = 0, pos = 0;
do do
...@@ -300,10 +311,48 @@ std::vector<libff::alt_bn128_Fr> SplitStringToFr(const char* koefs, const char* ...@@ -300,10 +311,48 @@ std::vector<libff::alt_bn128_Fr> SplitStringToFr(const char* koefs, const char*
return tokens; return tokens;
} }
TEST_CASE( "DKG auto secret shares test", "[dkg-s_shares]" ) { std::vector<std::string> SplitString(const char* koefs, const char symbol){
libff::init_alt_bn128_params();
std::string str(koefs);
std::string delim;
delim.push_back(symbol);
std::vector<std::string> G2_strings;
size_t prev = 0, pos = 0;
do
{
pos = str.find(delim, prev);
if (pos == std::string::npos) pos = str.length();
std::string token = str.substr(prev, pos-prev);
if (!token.empty()) {
std::string koef(token.c_str());
G2_strings.push_back(koef);
}
prev = pos + delim.length();
}
while (pos < str.length() && prev < str.length());
init_all(); return G2_strings;
}
libff::alt_bn128_G2 VectStringToG2(const std::vector<std::string>& G2_str_vect){
libff::init_alt_bn128_params();
libff::alt_bn128_G2 koef = libff::alt_bn128_G2::zero();
koef.X.c0 = libff::alt_bn128_Fq(G2_str_vect.at(0).c_str());
koef.X.c1 = libff::alt_bn128_Fq(G2_str_vect.at(1).c_str());
koef.Y.c0 = libff::alt_bn128_Fq(G2_str_vect.at(2).c_str());
koef.Y.c1 = libff::alt_bn128_Fq(G2_str_vect.at(3).c_str());
koef.Z.c0 = libff::alt_bn128_Fq::one();
koef.Z.c1 = libff::alt_bn128_Fq::zero();
return koef;
}
TEST_CASE( "DKG secret shares test", "[dkg-s_shares]" ) {
libff::init_alt_bn128_params();
//init_all();
init_enclave();
uint8_t* encrypted_dkg_secret = (uint8_t*) calloc(DKG_MAX_SEALED_LEN, 1); uint8_t* encrypted_dkg_secret = (uint8_t*) calloc(DKG_MAX_SEALED_LEN, 1);
char* errMsg = (char*) calloc(1024,1); char* errMsg = (char*) calloc(1024,1);
...@@ -312,33 +361,43 @@ TEST_CASE( "DKG auto secret shares test", "[dkg-s_shares]" ) { ...@@ -312,33 +361,43 @@ TEST_CASE( "DKG auto secret shares test", "[dkg-s_shares]" ) {
unsigned t = 3, n = 4; unsigned t = 3, n = 4;
status = gen_dkg_secret (eid, &err_status, errMsg, encrypted_dkg_secret, &enc_len, 3); status = gen_dkg_secret (eid, &err_status, errMsg, encrypted_dkg_secret, &enc_len, n);
REQUIRE(status == SGX_SUCCESS); REQUIRE(status == SGX_SUCCESS);
printf("gen_dkg_secret completed with status: %d %s \n", err_status, errMsg); printf("gen_dkg_secret completed with status: %d %s \n", err_status, errMsg);
printf("\n Length: %d \n", enc_len); printf("\n Length: %d \n", enc_len);
char* errMsg1 = (char*) calloc(1024,1); char* errMsg1 = (char*) calloc(1024,1);
char colon = ':'; char colon = ':';
char* secret_shares = (char*)calloc(DKG_MAX_SEALED_LEN, sizeof(char)); char* secret_shares = (char*)calloc(DKG_MAX_SEALED_LEN, 1);
status = get_secret_shares(eid, &err_status, errMsg1, encrypted_dkg_secret, enc_len, secret_shares, t, n); status = get_secret_shares(eid, &err_status, errMsg1, encrypted_dkg_secret, enc_len, secret_shares, t, n);
REQUIRE(status == SGX_SUCCESS); REQUIRE(status == SGX_SUCCESS);
printf("\nget_secret_shares: %d %s \n", err_status, errMsg1); printf("\nget_secret_shares status: %d %s \n", err_status, errMsg1);
printf("secret shares %s \n\n", secret_shares); printf("secret shares %s \n\n", secret_shares);
std::vector <libff::alt_bn128_Fr> s_shares = SplitStringToFr( secret_shares, &colon); std::vector <libff::alt_bn128_Fr> s_shares = SplitStringToFr( secret_shares, colon);
char* secret = (char*)calloc(DKG_MAX_SEALED_LEN, sizeof(char)); char* secret = (char*)calloc(DKG_MAX_SEALED_LEN, sizeof(char));
status = decrypt_dkg_secret(eid, &err_status, errMsg1, encrypted_dkg_secret, (uint8_t*)secret, enc_len); status = decrypt_dkg_secret(eid, &err_status, errMsg1, encrypted_dkg_secret, (uint8_t*)secret, enc_len);
REQUIRE(status == SGX_SUCCESS); REQUIRE(status == SGX_SUCCESS);
printf("\ndecrypt_dkg_secret completed with status: %d %s \n", err_status, errMsg1); // printf("\ndecrypt_dkg_secret completed with status: %d %s \n", err_status, errMsg1);
printf("decrypted secret %s \n\n", secret);
signatures::Dkg dkg_obj(t,n); signatures::Dkg dkg_obj(t,n);
std::vector < libff::alt_bn128_Fr> poly = SplitStringToFr((char*)secret, &colon); std::vector < libff::alt_bn128_Fr> poly = SplitStringToFr((char*)secret, colon);
std::vector < libff::alt_bn128_Fr> s_shares_dkg = dkg_obj.SecretKeyContribution(SplitStringToFr((char*)secret, &colon)); std::vector < libff::alt_bn128_Fr> s_shares_dkg = dkg_obj.SecretKeyContribution(SplitStringToFr((char*)secret, colon));
/*printf("calculated secret: \n");
for ( int i = 0; i < s_shares_dkg.size(); i++){
libff::alt_bn128_Fr cur_share = s_shares_dkg.at(i);
mpz_t(sshare);
mpz_init(sshare);
cur_share.as_bigint().to_mpz(sshare);
char arr[mpz_sizeinbase (sshare, 10) + 2];
char* share_str = mpz_get_str(arr, 10, sshare);
printf(" %s \n", share_str);
mpz_clear(sshare);
}*/
REQUIRE(s_shares == s_shares_dkg); REQUIRE(s_shares == s_shares_dkg);
...@@ -347,4 +406,240 @@ TEST_CASE( "DKG auto secret shares test", "[dkg-s_shares]" ) { ...@@ -347,4 +406,240 @@ TEST_CASE( "DKG auto secret shares test", "[dkg-s_shares]" ) {
free(encrypted_dkg_secret); free(encrypted_dkg_secret);
free(secret_shares); free(secret_shares);
sgx_destroy_enclave(eid);
}
TEST_CASE( "DKG public shares test", "[dkg-pub_shares]" ) {
//init_all();
init_enclave();
uint8_t* encrypted_dkg_secret = (uint8_t*) calloc(DKG_MAX_SEALED_LEN, 1);
char* errMsg = (char*) calloc(1024,1);
int err_status = 0;
uint32_t enc_len = 0;
unsigned t = 3, n = 4;
status = gen_dkg_secret (eid, &err_status, errMsg, encrypted_dkg_secret, &enc_len, n);
REQUIRE(status == SGX_SUCCESS);
// printf("gen_dkg_public completed with status: %d %s \n", err_status, errMsg);
char* errMsg1 = (char*) calloc(1024,1);
char colon = ':';
char* public_shares = (char*)calloc(4000, 1);
status = get_public_shares(eid, &err_status, errMsg1, encrypted_dkg_secret, enc_len, public_shares, t, n);
REQUIRE(status == SGX_SUCCESS);
//printf("\nget_public_shares status: %d error %s \n\n", err_status, errMsg1);
std::vector <std::string> G2_strings = SplitString( public_shares, ',');
std::vector <libff::alt_bn128_G2> pub_shares_G2;
for ( int i = 0; i < G2_strings.size(); i++){
std::vector <std::string> koef_str = SplitString(G2_strings.at(i).c_str(), ':');
libff::alt_bn128_G2 el = VectStringToG2(koef_str);
// std::cerr << "pub_share G2 " << i+1 << " : " << std::endl;
// el.print_coordinates();
pub_shares_G2.push_back(VectStringToG2(koef_str));
}
char* secret = (char*)calloc(DKG_MAX_SEALED_LEN, sizeof(char));
status = decrypt_dkg_secret(eid, &err_status, errMsg1, encrypted_dkg_secret, (uint8_t*)secret, enc_len);
REQUIRE(status == SGX_SUCCESS);
//printf("\ndecrypt_dkg_secret completed with status: %d %s \n", err_status, errMsg1);
signatures::Dkg dkg_obj(t,n);
std::vector < libff::alt_bn128_Fr> poly = SplitStringToFr((char*)secret, colon);
std::vector < libff::alt_bn128_G2> pub_shares_dkg = dkg_obj.VerificationVector(poly);
/*printf("calculated public shares (X.c0): \n");
for ( int i = 0; i < pub_shares_dkg.size(); i++){
libff::alt_bn128_G2 el = pub_shares_dkg.at(i);
el.to_affine_coordinates();
libff::alt_bn128_Fq x_c0_el = el.X.c0;
mpz_t x_c0;
mpz_init(x_c0);
x_c0_el.as_bigint().to_mpz(x_c0);
char arr[mpz_sizeinbase (x_c0, 10) + 2];
char* share_str = mpz_get_str(arr, 10, x_c0);
printf(" %s \n", share_str);
mpz_clear(x_c0);
}*/
bool res = (pub_shares_G2 == pub_shares_dkg);
REQUIRE( res == true);
free(errMsg);
free(errMsg1);
free(encrypted_dkg_secret);
free(public_shares);
sgx_destroy_enclave(eid);
}
TEST_CASE( "DKG drive key test", "[dkg-drive-key]" ) {
// init_all();
init_enclave();
uint8_t *encrypted_key = (uint8_t *) calloc(BUF_LEN, 1);
char *errMsg = (char *)calloc(1024, 1);
char *result = (char *)calloc(1024, 1);
char *pub_key = (char *)calloc(1024, 1);
int err_status = 0;
uint32_t enc_len = 0;
unsigned t = 3, n = 4;
status = drive_key(eid, &err_status, errMsg, encrypted_key, &enc_len, result,
pub_key);
REQUIRE(status == SGX_SUCCESS);
printf(" drive_key completed with status: %d %s \n", err_status, errMsg);
}
TEST_CASE("ECDSA keygen and signature test", "[ecdsa_test]") {
init_enclave();
char *errMsg = (char *)calloc(1024, 1);
int err_status = 0;
uint8_t *encr_pr_key = (uint8_t *)calloc(1024, 1);
char *pub_key_x = (char *)calloc(1024, 1);
char *pub_key_y = (char *)calloc(1024, 1);
uint32_t enc_len = 0;
//printf("before %p\n", pub_key_x);
status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
printf("\nerrMsg %s\n", errMsg );
REQUIRE(status == SGX_SUCCESS);
printf("\nwas pub_key_x %s: \n", pub_key_x);
printf("\nwas pub_key_y %s: \n", pub_key_y);
/*printf("\nencr priv_key : \n");
for ( int i = 0; i < 1024 ; i++)
printf("%u ", encr_pr_key[i]);*/
// char* hex = "4b688df40bcedbe641ddb16ff0a1842d9c67ea1c3bf63f3e0471baa664531d1a";
char* hex = "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db";
printf("hash length %d ", strlen(hex));
char* signature_r = (char *)calloc(1024, 1);
char* signature_s = (char *)calloc(1024, 1);
uint8_t signature_v = 0;
status = ecdsa_sign1(eid, &err_status, errMsg, encr_pr_key, enc_len, (unsigned char*)hex, signature_r, signature_s, &signature_v, 16);
REQUIRE(status == SGX_SUCCESS);
printf("\nsignature r : %s ", signature_r);
printf("\nsignature s: %s ", signature_s);
printf("\nsignature v: %u ", signature_v);
printf("\n %s \n", errMsg);
free(errMsg);
sgx_destroy_enclave(eid);
printf("the end of ecdsa test\n");
}
TEST_CASE("Test test", "[test_test]") {
init_enclave();
char *errMsg = (char *)calloc(1024, 1);
int err_status = 0;
uint8_t *encr_pr_key = (uint8_t *)calloc(1024, 1);
char *pub_key_x = (char *)calloc(1024, 1);
char *pub_key_y = (char *)calloc(1024, 1);
uint32_t enc_len = 0;
status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
//printf("\nerrMsg %s\n", errMsg );
REQUIRE(status == SGX_SUCCESS);
//printf("\nwas pub_key_x %s: \n", pub_key_x);
//printf("\nwas pub_key_y %s: \n", pub_key_y);
//printf("\nencr priv_key %s: \n");
//for ( int i = 0; i < 1024 ; i++)
// printf("%u ", encr_pr_key[i]);
//printf( "haha");
//free(errMsg);
sgx_destroy_enclave(eid);
}
TEST_CASE("get public ECDSA key", "[get_pub_ecdsa_key_test]") {
//init_all();
init_enclave();
char *errMsg = (char *)calloc(1024, 1);
int err_status = 0;
uint8_t *encr_pr_key = (uint8_t *)calloc(1024, 1);
char *pub_key_x = (char *)calloc(1024, 1);
char *pub_key_y = (char *)calloc(1024, 1);
uint32_t enc_len = 0;
//printf("before %p\n", pub_key_x);
status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
printf("\nerrMsg %s\n", errMsg );
REQUIRE(status == SGX_SUCCESS);
printf("\nwas pub_key_x %s length %d: \n", pub_key_x, strlen(pub_key_x));
printf("\nwas pub_key_y %s length %d: \n", pub_key_y, strlen(pub_key_y));
/*printf("\nencr priv_key %s: \n");
for ( int i = 0; i < 1024 ; i++)
printf("%u ", encr_pr_key[i]);*/
char *got_pub_key_x = (char *)calloc(1024, 1);
char *got_pub_key_y = (char *)calloc(1024, 1);
status = get_public_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, enc_len, got_pub_key_x, got_pub_key_y);
REQUIRE(status == SGX_SUCCESS);
printf("\nnow pub_key_x %s: \n", got_pub_key_x);
printf("\nnow pub_key_y %s: \n", got_pub_key_y);
printf("\n pr key %s \n", errMsg);
free(errMsg);
sgx_destroy_enclave(eid);
}
#include "stubclient.h"
#include <jsonrpccpp/client/connectors/httpclient.h>
using namespace jsonrpc;
using namespace std;
TEST_CASE("API test", "[api_test]") {
cerr << "API test started" << endl;
init_all();
//HttpServer httpserver(1025);
//SGXWalletServer s(httpserver,
// JSONRPC_SERVER_V1); // hybrid server (json-rpc 1.0 & 2.0)
// s.StartListening();
cerr << "Server inited" << endl;
HttpClient client("http://localhost:1025");
StubClient c(client, JSONRPC_CLIENT_V2);
cerr << "Client inited" << endl;
try {
// cout << c.generateECDSAKey("known_key1") << endl;
//cout<<c.getPublicECDSAKey("test_key");
cout << c.ecdsaSignMessageHash(16, "known_key1","0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db" );
} catch (JsonRpcException &e) {
cerr << e.what() << endl;
}
} }
...@@ -6,6 +6,7 @@ ...@@ -6,6 +6,7 @@
*****************************************************************************/ *****************************************************************************/
#include <libff/algebra/curves/alt_bn128/alt_bn128_g1.hpp> #include <libff/algebra/curves/alt_bn128/alt_bn128_g1.hpp>
#include <libff/algebra/curves/alt_bn128/alt_bn128_g2.hpp>
#include <libff/algebra/curves/alt_bn128/alt_bn128_init.hpp> #include <libff/algebra/curves/alt_bn128/alt_bn128_init.hpp>
namespace libff { namespace libff {
...@@ -166,6 +167,16 @@ void init_alt_bn128_params() ...@@ -166,6 +167,16 @@ void init_alt_bn128_params()
// window 22 is unbeaten in [34552892.20, inf] // window 22 is unbeaten in [34552892.20, inf]
alt_bn128_G1::fixed_base_exp_window_table.push_back(34552892); alt_bn128_G1::fixed_base_exp_window_table.push_back(34552892);
alt_bn128_G2::G2_zero = alt_bn128_G2(alt_bn128_Fq2::zero(),
alt_bn128_Fq2::one(),
alt_bn128_Fq2::zero());
alt_bn128_G2::G2_one = alt_bn128_G2(alt_bn128_Fq2(alt_bn128_Fq("10857046999023057135944570762232829481370756359578518086990519993285655852781"),
alt_bn128_Fq("11559732032986387107991004021392285783925812861821192530917403151452391805634")),
alt_bn128_Fq2(alt_bn128_Fq("8495653923123431417604973247489272438418190587263600148770280649306958101930"),
alt_bn128_Fq("4082367875863433681332203403145435568316851327593401208105741076214120093531")),
alt_bn128_Fq2::one());
/* pairing parameters */ /* pairing parameters */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment