Merge branch 'develop' into Fixed_Init_Order

BLSCrypto.cpp

@@ -185,10 +185,12 @@ char *encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key)
 
     unsigned int encryptedLen = 0;
 
-    status = encrypt_key(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
+    //status = encrypt_key(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
+    status = encrypt_key_aes(eid, errStatus, errMsg, keyArray, encryptedKey, &encryptedLen);
 
     if (DEBUG_PRINT) {
-      spdlog::info("errStatus is {}",*errStatus, " errMsg is ", errMsg );
+      spdlog::info("errStatus is {}",*errStatus);
+      spdlog::info(" errMsg is ", errMsg );
     }
 
     if (status != SGX_SUCCESS) {
@@ -224,7 +226,8 @@ char *decryptBLSKeyShareFromHex(int *errStatus, char *errMsg, const char *_encry
 
     char *plaintextKey = (char *) calloc(BUF_LEN, 1);
 
-    status = decrypt_key(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
+    //status = decrypt_key(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
+     status = decrypt_key_aes(eid, errStatus, errMsg, decoded, decodedLen, plaintextKey);
 
     if (status != SGX_SUCCESS) {
         return nullptr;

DKGCrypto.cpp

@@ -26,7 +26,6 @@
 #include "sgxwallet.h"
 #include <iostream>
 
-#include <memory>
 #include <memory>
 #include "SGXWalletServer.hpp"
 #include "RPCException.h"

ECDSACrypto.cpp

@@ -51,14 +51,21 @@ std::vector<std::string> gen_ecdsa_key(){
   char *pub_key_y = (char *)calloc(1024, 1);
   uint32_t enc_len = 0;
 
-  status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
+  //status = generate_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
+  status = generate_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, &enc_len, pub_key_x, pub_key_y );
   if ( err_status != 0 ){
     std::cerr << "RPCException thrown" << std::endl;
     throw RPCException(-666, errMsg) ;
   }
   std::vector<std::string> keys(3);
-  //std::cerr << "account key is " << errMsg << std::endl;
-  char *hexEncrKey = (char *) calloc(2*BUF_LEN, 1);
+  if (DEBUG_PRINT) {
+    std::cerr << "account key is " << errMsg << std::endl;
+    std::cerr << "enc_len is " << enc_len << std::endl;
+    std::cerr << "enc_key is "  << std::endl;
+//    for(int i = 0 ; i < 1024; i++)
+//      std::cerr << (int)encr_pr_key[i] << " " ;
+  }
+  char *hexEncrKey = (char *) calloc(BUF_LEN, 1);
   carray2Hex(encr_pr_key, enc_len, hexEncrKey);
   keys.at(0) = hexEncrKey;
   keys.at(1) = std::string(pub_key_x) + std::string(pub_key_y);//concatPubKeyWith0x(pub_key_x, pub_key_y);//
@@ -69,6 +76,7 @@ std::vector<std::string> gen_ecdsa_key(){
   unsigned long seed = rand_gen();
   if (DEBUG_PRINT) {
     spdlog::info("seed is {}", seed);
+    std::cerr << "strlen is " << strlen(hexEncrKey) << std::endl;
   }
   gmp_randstate_t state;
   gmp_randinit_default(state);
@@ -105,26 +113,31 @@ std::string get_ecdsa_pubkey(const char* encryptedKeyHex){
   char *pub_key_y = (char *)calloc(1024, 1);
   uint64_t enc_len = 0;
 
-  uint8_t encr_pr_key[BUF_LEN];
+  //uint8_t encr_pr_key[BUF_LEN];
+  uint8_t* encr_pr_key = (uint8_t*)calloc(1024, 1);
   if (!hex2carray(encryptedKeyHex, &enc_len, encr_pr_key)){
     throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
   }
 
-  status = get_public_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
+  //status = get_public_ecdsa_key(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
+  status = get_public_ecdsa_key_aes(eid, &err_status, errMsg, encr_pr_key, enc_len, pub_key_x, pub_key_y );
   if (err_status != 0){
     throw RPCException(-666, errMsg) ;
   }
   std::string pubKey = std::string(pub_key_x) + std::string(pub_key_y);//concatPubKeyWith0x(pub_key_x, pub_key_y);//
 
   if (DEBUG_PRINT) {
+    spdlog::info("enc_len is {}", enc_len);
     spdlog::info("pubkey is {}", pubKey);
     spdlog::info("pubkey length is {}", pubKey.length());
     spdlog::info("err str is {}", errMsg);
+    spdlog::info("err status is {}", err_status);
   }
 
   free(errMsg);
   free(pub_key_x);
   free(pub_key_y);
+  free(encr_pr_key);
 
   return pubKey;
 }
@@ -134,12 +147,13 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
 
   char *errMsg = (char *)calloc(1024, 1);
   int err_status = 0;
-  char* signature_r = (char*)malloc(1024);
-  char* signature_s = (char*)malloc(1024);
+  char* signature_r = (char *)calloc(1024, 1);
+  char* signature_s = (char *)calloc(1024, 1);
   uint8_t signature_v = 0;
   uint64_t dec_len = 0;
 
-  uint8_t encr_key[BUF_LEN];
+  //uint8_t encr_key[BUF_LEN];
+  uint8_t* encr_key = (uint8_t*)calloc(1024, 1);
   if (!hex2carray(encryptedKeyHex, &dec_len, encr_key)){
       throw RPCException(INVALID_HEX, "Invalid encryptedKeyHex");
   }
@@ -150,7 +164,8 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
     spdlog::info("encrypted len: {}", dec_len);
   }
 
-  status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
+  //status = ecdsa_sign1(eid, &err_status, errMsg, encr_key, ECDSA_ENCR_LEN, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
+  status = ecdsa_sign_aes(eid, &err_status, errMsg, encr_key, dec_len, (unsigned char*)hashHex, signature_r, signature_s, &signature_v, base );
   if ( err_status != 0){
     throw RPCException(-666, errMsg ) ;
   }
@@ -176,6 +191,7 @@ std::vector<std::string> ecdsa_sign_hash(const char* encryptedKeyHex, const char
   free(errMsg);
   free(signature_r);
   free(signature_s);
+  free(encr_key);
 
   return signature_vect;
 }
\ No newline at end of file

Makefile.am

@@ -67,7 +67,7 @@ COMMON_SRC = sgx_stub.c sgx_detect_linux.c create_enclave.c oc_alloc.c
 COMMON_ENCLAVE_SRC = secure_enclave_u.c secure_enclave_u.h
 
 sgxwallet_SOURCES = sgxwallet.c SGXWalletServer.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp RPCException.cpp  BLSCrypto.cpp ECDSACrypto.cpp \
-DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp $(COMMON_SRC)
+DKGCrypto.cpp ServerInit.cpp BLSPrivateKeyShareSGX.cpp LevelDB.cpp ServerDataChecker.cpp SEKManager.cpp $(COMMON_SRC)
 
 
 nodist_sgxwallet_SOURCES = $(COMMON_ENCLAVE_SRC)
@@ -102,7 +102,7 @@ sgxwallet_LDADD=-l$(SGX_URTS_LIB) -LlibBLS/deps/deps_inst/x86_or_x64/lib -Llevel
 
 
 testw_SOURCES=testw.cpp stubclient.cpp SGXWalletServer.cpp  RPCException.cpp BLSCrypto.cpp ServerInit.cpp LevelDB.cpp \
- DKGCrypto.cpp BLSPrivateKeyShareSGX.cpp ECDSACrypto.cpp ServerDataChecker.cpp  SGXRegistrationServer.cpp CSRManagerServer.cpp $(COMMON_SRC)
+ DKGCrypto.cpp BLSPrivateKeyShareSGX.cpp ECDSACrypto.cpp ServerDataChecker.cpp  SEKManager.cpp SGXRegistrationServer.cpp CSRManagerServer.cpp $(COMMON_SRC)
 nodist_testw_SOURCES=${nodist_sgxwallet_SOURCES}
 EXTRA_testw_DEPENDENCIES=${EXTRA_sgxwallet_DEPENDENCIES}
 testw_LDADD= ${sgxwallet_LDADD}

SEKManager.cpp

+/*
+    Copyright (C) 2019-Present SKALE Labs
+
+    This file is part of sgxwallet.
+
+    sgxwallet is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published
+    by the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    sgxwallet is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.
+
+    @file SEKManager.cpp
+    @author Stan Kladko
+    @date 2019
+*/
+
+#include "SEKManager.h"
+#include "RPCException.h"
+#include "BLSCrypto.h"
+#include "LevelDB.h"
+
+#include <iostream>
+
+#include "sgxwallet_common.h"
+#include "sgxwallet.h"
+
+void generate_SEK(){
+
+  char *errMsg = (char *)calloc(1024, 1);
+  int err_status = 0;
+  uint8_t* encr_SEK = (uint8_t *)calloc(1024, 1);
+  uint32_t enc_len = 0;
+
+  status = generate_SEK(eid, &err_status, errMsg, encr_SEK, &enc_len);
+  if ( err_status != 0 ){
+    std::cerr << "RPCException thrown" << std::endl;
+    throw RPCException(-666, errMsg) ;
+  }
+
+  char *hexEncrKey = (char *) calloc(2*enc_len + 1, 1);
+  carray2Hex(encr_SEK, enc_len, hexEncrKey);
+
+  std::cerr << "key is " << errMsg << std::endl;
+
+  levelDb->writeDataUnique("SEK", hexEncrKey);
+
+  free(errMsg);
+  free(encr_SEK);
+  free(hexEncrKey);
+}

SEKManager.h

+/*
+    Copyright (C) 2019-Present SKALE Labs
+
+    This file is part of sgxwallet.
+
+    sgxwallet is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published
+    by the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    sgxwallet is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.
+
+    @file SEKManager.h
+    @author Stan Kladko
+    @date 2019
+*/
+
+#ifndef SGXD_SEKMANAGER_H
+#define SGXD_SEKMANAGER_H
+
+void generate_SEK();
+
+#endif //SGXD_SEKMANAGER_H

SGXWalletServer.cpp

@@ -275,7 +275,6 @@ Json::Value generateECDSAKeyImpl() {
           spdlog::info("key name generated: {}", keyName);
         }
 
-        //writeECDSAKey(keyName, keys.at(0));
         writeDataToDB(keyName, keys.at(0));
 
         result["encryptedKey"] = keys.at(0);
@@ -705,6 +704,18 @@ Json::Value MultG2Impl(const std::string& x){
     return result;
 }
 
+Json::Value IsPolyExistsImpl(const std::string& polyName){
+    Json::Value result;
+
+    std::shared_ptr<std::string> poly_str_ptr = levelDb->readString(polyName);
+    result["IsExist"] = true;
+    if (poly_str_ptr == nullptr){
+        result["IsExist"] = false;
+    }
+
+    return result;
+}
+
 Json::Value getServerStatusImpl() {
 
   Json::Value result;
@@ -802,6 +813,11 @@ Json::Value SGXWalletServer::MultG2(const std::string& x){
     return MultG2Impl(x);
 }
 
+Json::Value SGXWalletServer::IsPolyExists(const std::string& polyName){
+    lock_guard<recursive_mutex> lock(m);
+    return IsPolyExistsImpl(polyName);
+}
+
 Json::Value SGXWalletServer::getServerStatus() {
   lock_guard<recursive_mutex> lock(m);
   return getServerStatusImpl();

SGXWalletServer.hpp

@@ -61,6 +61,8 @@ public:
     virtual Json::Value GetBLSPublicKeyShare(const std::string & BLSKeyName);
     virtual Json::Value ComplaintResponse(const std::string& polyName, int ind);
     virtual Json::Value MultG2(const std::string & x);
+    virtual Json::Value IsPolyExists(const std::string& polyName);
+
     virtual Json::Value getServerStatus();
 
 };
@@ -88,6 +90,8 @@ Json::Value CreateBLSPrivateKeyImpl(const std::string & BLSKeyName, const std::s
 Json::Value GetBLSPublicKeyShareImpl(const std::string & BLSKeyName);
 Json::Value ComplaintResponseImpl(const std::string& polyName, int ind);
 Json::Value MultG2Impl(const std::string & x);
+Json::Value IsPolyExistsImpl(const std::string& polyName);
+
 Json::Value getServerStatusImpl();
 
 #endif //SGXWALLET_SGXWALLETSERVER_HPP
\ No newline at end of file

ServerInit.cpp

@@ -52,6 +52,8 @@
 #include "BLSCrypto.h"
 #include "ServerInit.h"
 
+#include "SEKManager.h"
+
 #include <iostream>
 
 #include "spdlog/spdlog.h"
@@ -90,6 +92,7 @@ void init_daemon() {
     std::shared_ptr<std::string> encr_SEK_ptr = levelDb->readString("SEK");
     if (encr_SEK_ptr == nullptr){
       spdlog::info("SEK was not created yet");
+      generate_SEK();
     }
 }
 

abstractstubserver.h

@@ -29,6 +29,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
           this->bindAndAddMethod(jsonrpc::Procedure("GetBLSPublicKeyShare", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "BLSKeyName",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::GetBLSPublicKeyShareI);
           this->bindAndAddMethod(jsonrpc::Procedure("ComplaintResponse", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "polyName",jsonrpc::JSON_STRING,"ind",jsonrpc::JSON_INTEGER, NULL), &AbstractStubServer::ComplaintResponseI);
           this->bindAndAddMethod(jsonrpc::Procedure("MultG2", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "x",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::MultG2I);
+          this->bindAndAddMethod(jsonrpc::Procedure("IsPolyExists", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "polyName",jsonrpc::JSON_STRING, NULL), &AbstractStubServer::IsPolyExistsI);
 
           this->bindAndAddMethod(jsonrpc::Procedure("getServerStatus", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,  NULL), &AbstractStubServer::getServerStatusI);
         }
@@ -41,6 +42,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
         {
             response = this->blsSignMessageHash(request["keyShareName"].asString(), request["messageHash"].asString(), request["t"].asInt(), request["n"].asInt(), request["signerIndex"].asInt());
         }
+
         inline virtual void importECDSAKeyI(const Json::Value &request, Json::Value &response)
         {
             response = this->importECDSAKey(request["key"].asString(), request["keyName"].asString());
@@ -62,6 +64,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
         {
             response = this->ecdsaSignMessageHash(request["base"].asInt(), request["keyName"].asString(), request["messageHash"].asString());
         }
+
         inline virtual void generateDKGPolyI(const Json::Value &request, Json::Value &response)
         {
             response = this->generateDKGPoly(request["polyName"].asString(), request["t"].asInt());
@@ -94,6 +97,12 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
         {
             response = this->MultG2(request["x"].asString());
         }
+        inline virtual void IsPolyExistsI(const Json::Value &request, Json::Value &response)
+        {
+            response = this->IsPolyExists(request["polyName"].asString());
+        }
+
+
         inline virtual void getServerStatusI(const Json::Value &request, Json::Value &response)
         {
           (void)request;
@@ -116,6 +125,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
         virtual Json::Value GetBLSPublicKeyShare(const std::string & BLSKeyName) = 0;
         virtual Json::Value ComplaintResponse(const std::string& polyName, int ind) = 0;
         virtual Json::Value MultG2(const std::string & x) = 0;
+        virtual Json::Value IsPolyExists(const std::string& polyName) = 0;
 
         virtual Json::Value getServerStatus() = 0;
 };

secure_enclave/AESUtils.c

+//
+// Created by kladko on 1/22/20.
+//
+
+#include "sgx_trts.h"
+#include "sgx_tcrypto.h"
+#include "stdlib.h"
+#include <string.h>
+
+#include "AESUtils.h"
+
+int AES_encrypt(char *message, uint8_t *encr_message){
+
+    sgx_read_rand(encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE);
+    sgx_status_t status = sgx_rijndael128GCM_encrypt(&AES_key, (uint8_t*)message, strlen(message),
+                                                     encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE,
+                                                     encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
+                                                     NULL, 0,
+                                                     (sgx_aes_gcm_128bit_tag_t *) encr_message);
+
+
+    return status;
+}
+
+int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message){
+
+  uint64_t len = length - SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE;
+
+  sgx_status_t status = sgx_rijndael128GCM_decrypt(&AES_key,
+                                                   encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE, len,
+                                                   message,
+                                                   encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
+                                                   NULL, 0,
+                                                   (sgx_aes_gcm_128bit_tag_t *)encr_message);
+
+
+  return status;
+}
\ No newline at end of file

secure_enclave/AESUtils.h

+//
+// Created by kladko on 1/22/20.
+//
+
+#ifndef SGXD_AESUTILS_H
+#define SGXD_AESUTILS_H
+
+sgx_aes_gcm_128bit_key_t AES_key;
+
+int AES_encrypt(char *message, uint8_t *encr_message);
+
+int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message);
+
+#endif //SGXD_AESUTILS_H

secure_enclave/Makefile.am

@@ -85,7 +85,7 @@ CLEANFILES+= secure_enclave_t.c secure_enclave_t.h
 
 secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
 	secure_enclave.c \
-	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c \
+	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c AESUtils.c \
     DKGUtils.cpp   BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
                 ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
                 ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)

secure_enclave/Makefile.in

@@ -110,7 +110,7 @@ am_secure_enclave_OBJECTS = secure_enclave_t.$(OBJEXT) \
 	secure_enclave.$(OBJEXT) curves.$(OBJEXT) \
 	domain_parameters.$(OBJEXT) numbertheory.$(OBJEXT) \
 	point.$(OBJEXT) signature.$(OBJEXT) DH_dkg.$(OBJEXT) \
-	DKGUtils.$(OBJEXT) BLSEnclave.$(OBJEXT) \
+	AESUtils.$(OBJEXT) DKGUtils.$(OBJEXT) BLSEnclave.$(OBJEXT) \
 	alt_bn128_init.$(OBJEXT) alt_bn128_g2.$(OBJEXT) \
 	alt_bn128_g1.$(OBJEXT) $(am__objects_1) $(am__objects_1)
 secure_enclave_OBJECTS = $(am_secure_enclave_OBJECTS)
@@ -138,7 +138,8 @@ am__v_at_1 =
 DEFAULT_INCLUDES = -I.@am__isrc@
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__maybe_remake_depfiles = depfiles
-am__depfiles_remade = ./$(DEPDIR)/BLSEnclave.Po ./$(DEPDIR)/DH_dkg.Po \
+am__depfiles_remade = ./$(DEPDIR)/AESUtils.Po \
+	./$(DEPDIR)/BLSEnclave.Po ./$(DEPDIR)/DH_dkg.Po \
 	./$(DEPDIR)/DKGUtils.Po ./$(DEPDIR)/alt_bn128_g1.Po \
 	./$(DEPDIR)/alt_bn128_g2.Po ./$(DEPDIR)/alt_bn128_init.Po \
 	./$(DEPDIR)/curves.Po ./$(DEPDIR)/domain_parameters.Po \
@@ -346,7 +347,7 @@ ENCLAVE_CONFIG = $(ENCLAVE).config.xml
 ENCLAVE_KEY = test_insecure_private_key.pem       #$(ENCLAVE)_private.pem
 secure_enclave_SOURCES = secure_enclave_t.c secure_enclave_t.h \
 	secure_enclave.c \
-	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c \
+	curves.c domain_parameters.c numbertheory.c point.c signature.c DH_dkg.c AESUtils.c \
     DKGUtils.cpp   BLSEnclave.cpp ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_init.cpp \
                 ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g2.cpp \
                 ../trusted_libff/libff/algebra/curves/alt_bn128/alt_bn128_g1.cpp $(ENCLAVE_KEY) $(ENCLAVE_CONFIG)
@@ -440,6 +441,7 @@ mostlyclean-compile:
 distclean-compile:
 	-rm -f *.tab.c
 
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/AESUtils.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BLSEnclave.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DH_dkg.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DKGUtils.Po@am__quote@ # am--include-marker
@@ -660,7 +662,8 @@ clean: clean-am
 clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am
 
 distclean: distclean-am
-		-rm -f ./$(DEPDIR)/BLSEnclave.Po
+		-rm -f ./$(DEPDIR)/AESUtils.Po
+	-rm -f ./$(DEPDIR)/BLSEnclave.Po
 	-rm -f ./$(DEPDIR)/DH_dkg.Po
 	-rm -f ./$(DEPDIR)/DKGUtils.Po
 	-rm -f ./$(DEPDIR)/alt_bn128_g1.Po
@@ -720,7 +723,8 @@ install-ps-am:
 installcheck-am:
 
 maintainer-clean: maintainer-clean-am
-		-rm -f ./$(DEPDIR)/BLSEnclave.Po
+		-rm -f ./$(DEPDIR)/AESUtils.Po
+	-rm -f ./$(DEPDIR)/BLSEnclave.Po
 	-rm -f ./$(DEPDIR)/DH_dkg.Po
 	-rm -f ./$(DEPDIR)/DKGUtils.Po
 	-rm -f ./$(DEPDIR)/alt_bn128_g1.Po

secure_enclave/enclave_common.h

+//
+// Created by kladko on 1/24/20.
+//
+
+#ifndef SGXD_ENCLAVE_COMMON_H
+#define SGXD_ENCLAVE_COMMON_H
+
+#define BUF_LEN 1024
+
+#define  MAX_KEY_LENGTH 128
+#define  MAX_COMPONENT_LENGTH 80
+#define  MAX_COMPONENT_HEX_LENGTH MAX_COMPONENT_LENGTH * 2
+#define  MAX_ENCRYPTED_KEY_LENGTH 1024
+#define  MAX_SIG_LEN 1024
+#define  MAX_ERR_LEN 1024
+#define SHA_256_LEN 32
+
+#define ADD_ENTROPY_SIZE 32
+
+#define  DKG_BUFER_LENGTH 2490//3060
+#define  DKG_MAX_SEALED_LEN 3050
+
+#define SECRET_SHARE_NUM_BYTES 96
+
+#define ECDSA_SKEY_LEN 65
+#define ECDSA_SKEY_BASE 16
+#define ECDSA_ENCR_LEN 93
+#define ECDSA_BIN_LEN 33
+
+#define UNKNOWN_ERROR -1
+#define PLAINTEXT_KEY_TOO_LONG -2
+#define UNPADDED_KEY -3
+#define NULL_KEY -4
+#define INCORRECT_STRING_CONVERSION -5
+#define ENCRYPTED_KEY_TOO_LONG -6
+#define SEAL_KEY_FAILED -7
+
+#endif //SGXD_ENCLAVE_COMMON_H

secure_enclave/secure_enclave.edl

+
+#define ECDSA_SKEY_LEN 65
+#define ECDSA_SKEY_BASE 16
+#define ECDSA_ENCR_LEN 93
+#define ECDSA_BIN_LEN 33
+
 enclave {
 
 	trusted {
 		include "sgx_tgmp.h"
 
+
 		public void tgmp_init();
 
 		public void e_mpz_add(
@@ -52,20 +59,20 @@ enclave {
 		    [out, count = 1024] char* key );
 
 		public void bls_sign_message (
-            		    [user_check] int *err_status,
-            		    [out, count = 1024] char* err_string,
-            		    [in, count = 1024] uint8_t* encrypted_key,
-            		    uint32_t enc_len,
-            		    [in, count = 1024] char* hashX ,
-            		    [in, count = 1024] char* hashY ,
-            		    [out, count = 1024] char* signature);
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] uint8_t* encrypted_key,
+                                uint32_t enc_len,
+                                [in, count = 1024] char* hashX ,
+                                [in, count = 1024] char* hashY ,
+                                [out, count = 1024] char* signature);
 
         public void gen_dkg_secret (
-                    	[user_check] int *err_status,
-                    	[out, count = 1024] char* err_string,
-                    	[out, count = 3050] uint8_t* encrypted_dkg_secret,
-                    	[user_check] uint32_t * enc_len,
-                    	size_t _t);
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [out, count = 3050] uint8_t* encrypted_dkg_secret,
+                                [user_check] uint32_t * enc_len,
+                                size_t _t);
 
         public void decrypt_dkg_secret (
                             	[user_check] int *err_status,
@@ -163,6 +170,57 @@ enclave {
                                 [out, count = 1024] char *err_string,
                                 [in, count = 1024] uint8_t *encrypted_SEK,
                                 [user_check] uint32_t *enc_len);
+
+
+         public void generate_ecdsa_key_aes (
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [out, count = ECDSA_ENCR_LEN] uint8_t* encrypted_key,
+                                [user_check] uint32_t *enc_len,
+                                [out, count = 1024] char * pub_key_x,
+                                [out, count = 1024] char * pub_key_y);
+
+         public void get_public_ecdsa_key_aes(
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] uint8_t* encrypted_key,
+                                uint32_t dec_len,
+                                [out, count = 1024] char * pub_key_x,
+                                [out, count = 1024] char * pub_key_y);
+
+         public void ecdsa_sign_aes(
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] uint8_t* encrypted_key,
+                                uint32_t enc_len,
+                                [in, count = 1024] unsigned char* hash,
+                                [out, count = 1024] char* sig_r,
+                                [out, count = 1024] char* sig_s,
+                                [user_check] uint8_t* sig_v,
+                                int base);
+
+         public void encrypt_key_aes (
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] char* key,
+                                [out, count = 1024] uint8_t* encrypted_key,
+                                [user_check] uint32_t *enc_len);
+
+        public void decrypt_key_aes (
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] uint8_t* encrypted_key,
+                                uint32_t enc_len,
+                                [out, count = 1024] char* key );
+
+        public void bls_sign_message_aes (
+                                [user_check] int *err_status,
+                                [out, count = 1024] char* err_string,
+                                [in, count = 1024] uint8_t* encrypted_key,
+                                uint32_t enc_len,
+                                [in, count = 1024] char* hashX ,
+                                [in, count = 1024] char* hashY ,
+                                [out, count = 1024] char* signature);
 	};
 
 

sgxwallet_common.h

@@ -57,7 +57,7 @@ extern int is_sgx_https;
 
 #define ECDSA_SKEY_LEN 65
 #define ECDSA_SKEY_BASE 16
-#define ECDSA_ENCR_LEN 625
+#define ECDSA_ENCR_LEN 93
 #define ECDSA_BIN_LEN 33
 
 #define UNKNOWN_ERROR -1

stubclient.cpp

-/*
-    Copyright (C) 2019-Present SKALE Labs
-
-    This file is part of sgxwallet.
-
-    sgxwallet is free software: you can redistribute it and/or modify
-    it under the terms of the GNU Affero General Public License as published
-    by the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    sgxwallet is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU Affero General Public License for more details.
-
-    You should have received a copy of the GNU Affero General Public License
-    along with sgxwallet.  If not, see <https://www.gnu.org/licenses/>.
-
-    @file stubclient.cpp
-    @author Stan Kladko
-    @date 2019
-*/
+//
+// Created by kladko on 9/23/19.
+//
 
 #include <iostream>
 

stubclient.h

@@ -208,6 +208,18 @@ class StubClient : public jsonrpc::Client
                 throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
         }
 
+        Json::Value IsPolyExists(const std::string & polyName) throw (jsonrpc::JsonRpcException)
+        {
+            Json::Value p;
+            p["polyName"] = polyName;
+
+            Json::Value result = this->CallMethod("IsPolyExists",p);
+            if (result.isObject())
+                return result;
+            else
+                throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
+        }
+
 
     ////CSRManagerServer
 

testw.cpp

@@ -139,7 +139,8 @@ char* encryptTestKey() {
 
 TEST_CASE("BLS key encrypt", "[bls-key-encrypt]") {
 
-
+   DEBUG_PRINT = 1;
+   is_sgx_https = 0;
     init_all(false, false);
     char* key = encryptTestKey();
     REQUIRE(key != nullptr);
@@ -150,8 +151,11 @@ TEST_CASE("BLS key encrypt", "[bls-key-encrypt]") {
 TEST_CASE("BLS key encrypt/decrypt", "[bls-key-encrypt-decrypt]") {
     {
 
+      DEBUG_PRINT = 1;
+      is_sgx_https = 0;
 
-        init_all(false, false);
+      init_all(false, false);
+        //init_enclave();
 
         int errStatus =  -1;
         char* errMsg = (char*) calloc(BUF_LEN, 1);
@@ -171,6 +175,8 @@ TEST_CASE("BLS key encrypt/decrypt", "[bls-key-encrypt-decrypt]") {
         printf("Decrypted key len %d\n", (int) strlen(plaintextKey));
         printf("Decrypted key: %s\n", plaintextKey);
 
+      sgx_destroy_enclave(eid);
+
 
     }
 }
@@ -1076,32 +1082,37 @@ TEST_CASE("ecdsa API test", "[ecdsa_api_test]") {
   cerr << "Client inited" << endl;
 
   Json::Value genKey = c.generateECDSAKey();
-  REQUIRE(genKey["status"].asInt() == 0);
   cout << genKey << endl;
-  Json::Value ecdsaSign = c.ecdsaSignMessageHash(16, genKey["KeyName"].asString(), "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db");
-  REQUIRE(ecdsaSign["status"].asInt() == 0);
-  cout << ecdsaSign << std::endl;
+  REQUIRE(genKey["status"].asInt() == 0);
+
   Json::Value getPubKey = c.getPublicECDSAKey(genKey["KeyName"].asString());
-  REQUIRE(getPubKey["status"].asInt() == 0);
   cout << getPubKey << std::endl;
+  REQUIRE(getPubKey["status"].asInt() == 0);
+  REQUIRE(getPubKey["PublicKey"].asString() == genKey["PublicKey"].asString());
 
-  //wrong base
-  Json::Value ecdsaSignWrongBase = c.ecdsaSignMessageHash(0, genKey["KeyName"].asString(), "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db");
-  cout << ecdsaSignWrongBase << std::endl;
-  REQUIRE(ecdsaSignWrongBase["status"].asInt() != 0);
+  Json::Value ecdsaSign = c.ecdsaSignMessageHash(16, genKey["KeyName"].asString(), "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db");
+  cout << ecdsaSign << std::endl;
+  REQUIRE(ecdsaSign["status"].asInt() == 0);
 
-  //wrong keyName
-  Json::Value ecdsaSignWrongKeyName  = c.ecdsaSignMessageHash(0, "", "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db");
-  cout << ecdsaSignWrongKeyName << std::endl;
-  REQUIRE(ecdsaSignWrongKeyName["status"].asInt() != 0);
-  Json::Value getPubKeyWrongKeyName = c.getPublicECDSAKey("keyName");
-  REQUIRE(getPubKeyWrongKeyName["status"].asInt() != 0);
-  cout << getPubKeyWrongKeyName << std::endl;
 
-  //wrong hash
-  Json::Value ecdsaSignWrongHash = c.ecdsaSignMessageHash(16, genKey["KeyName"].asString(), "");
-  cout << ecdsaSignWrongHash << std::endl;
-  REQUIRE(ecdsaSignWrongHash["status"].asInt() != 0);
+
+//  //wrong base
+//  Json::Value ecdsaSignWrongBase = c.ecdsaSignMessageHash(0, genKey["KeyName"].asString(), "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db");
+//  cout << ecdsaSignWrongBase << std::endl;
+//  REQUIRE(ecdsaSignWrongBase["status"].asInt() != 0);
+//
+//  //wrong keyName
+//  Json::Value ecdsaSignWrongKeyName  = c.ecdsaSignMessageHash(0, "", "0x09c6137b97cdf159b9950f1492ee059d1e2b10eaf7d51f3a97d61f2eee2e81db");
+//  cout << ecdsaSignWrongKeyName << std::endl;
+//  REQUIRE(ecdsaSignWrongKeyName["status"].asInt() != 0);
+//  Json::Value getPubKeyWrongKeyName = c.getPublicECDSAKey("keyName");
+//  REQUIRE(getPubKeyWrongKeyName["status"].asInt() != 0);
+//  cout << getPubKeyWrongKeyName << std::endl;
+//
+//  //wrong hash
+//  Json::Value ecdsaSignWrongHash = c.ecdsaSignMessageHash(16, genKey["KeyName"].asString(), "");
+//  cout << ecdsaSignWrongHash << std::endl;
+//  REQUIRE(ecdsaSignWrongHash["status"].asInt() != 0);
 
   sgx_destroy_enclave(eid);
 }
@@ -1179,3 +1190,34 @@ TEST_CASE("dkg API test", "[dkg_api_test]") {
 
   sgx_destroy_enclave(eid);
 }
+
+TEST_CASE("IsPolyExists test", "[is_poly_test]") {
+  DEBUG_PRINT = 1;
+  is_sgx_https = 0;
+
+  cerr << "is_poly_test started" << endl;
+  init_all(false, false);
+
+  cerr << "Server inited" << endl;
+  HttpClient client("http://localhost:1029");
+  StubClient c(client, JSONRPC_CLIENT_V2);
+
+  cerr << "Client inited" << endl;
+
+  reset_db();
+
+  std::string polyName = "POLY:SCHAIN_ID:1:NODE_ID:1:DKG_ID:1";
+  Json::Value genPoly = c.generateDKGPoly(polyName, 2);
+  cout << genPoly << std::endl;
+  Json::Value polyExists = c.IsPolyExists(polyName);
+  cout << polyExists << std::endl;
+  REQUIRE(polyExists["IsExist"].asBool());
+
+  Json::Value polyDoesNotExist = c.IsPolyExists("Vasya");
+  cout << polyDoesNotExist << std::endl;
+  REQUIRE(!polyDoesNotExist["IsExist"].asBool());
+
+
+
+
+}