Merge pull request #183 from skalenetwork/develop

Create stable branch
skalenetwork · Sep 16, 2020 · 0f995bb · 0f995bb
2 parents bc33640 + a10c7a0
commit 0f995bb
Show file tree

Hide file tree

Showing 41 changed files with 1,118 additions and 747 deletions.
diff --git a/BLSCrypto.cpp b/BLSCrypto.cpp
@@ -22,47 +22,47 @@
 */
 
 #include <memory>
-
 #include "libff/algebra/curves/alt_bn128/alt_bn128_init.hpp"
+#include "leveldb/db.h"
+#include <jsonrpccpp/server/connectors/httpserver.h>
+
+#include "third_party/intel/create_enclave.h"
+
 
 #include "bls.h"
 #include <bls/BLSutils.h>
 
-#include "leveldb/db.h"
-#include <jsonrpccpp/server/connectors/httpserver.h>
 #include "BLSPrivateKeyShareSGX.h"
 
-#include "sgxwallet_common.h"
-#include "third_party/intel/create_enclave.h"
-#include "secure_enclave_u.h"
-#include "third_party/intel/sgx_detect.h"
-#include <gmp.h>
-#include <sgx_urts.h>
 
+#include "sgxwallet_common.h"
 #include "sgxwallet.h"
-
+#include "SGXException.h"
+#include "third_party/spdlog/spdlog.h"
+#include "common.h"
 #include "SGXWalletServer.h"
 
-#include "BLSCrypto.h"
+#include "SEKManager.h"
+#include "LevelDB.h"
 #include "ServerInit.h"
+#include "BLSCrypto.h"
 
-#include "SGXException.h"
 
-#include "third_party/spdlog/spdlog.h"
-#include "common.h"
+string *FqToString(libff::alt_bn128_Fq *_fq) {
+
+    CHECK_STATE(_fq);
 
-std::string *FqToString(libff::alt_bn128_Fq *_fq) {
     mpz_t t;
     mpz_init(t);
 
     _fq->as_bigint().to_mpz(t);
 
-    char arr[mpz_sizeinbase(t, 10) + 2];
+    SAFE_CHAR_BUF(arr, mpz_sizeinbase(t, 10) + 2);
 
     mpz_get_str(arr, 10, t);
     mpz_clear(t);
 
-    return new std::string(arr);
+    return new string(arr);
 }
 
 int char2int(char _input) {
@@ -75,50 +75,48 @@ int char2int(char _input) {
     return -1;
 }
 
-void carray2Hex(const unsigned char *d, int _len, char *_hexArray) {
+void carray2Hex(const unsigned char *d, uint64_t _len, char *_hexArray,
+                uint64_t _hexArrayLen) {
+
+    CHECK_STATE(d);
+    CHECK_STATE(_hexArray);
+
     char hexval[16] = {'0', '1', '2', '3', '4', '5', '6', '7',
                        '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
 
-    for (int j = 0; j < _len; j++) {
+    CHECK_STATE(_hexArrayLen > 2 * _len);
+
+    for (uint64_t j = 0; j < _len; j++) {
         _hexArray[j * 2] = hexval[((d[j] >> 4) & 0xF)];
         _hexArray[j * 2 + 1] = hexval[(d[j]) & 0x0F];
     }
 
     _hexArray[_len * 2] = 0;
 }
 
-bool hex2carray(const char *_hex, uint64_t *_bin_len, uint8_t *_bin) {
-    int len = strnlen(_hex, 2 * BUF_LEN);
 
-    if (len == 0 && len % 2 == 1)
-        return false;
+bool hex2carray(const char *_hex, uint64_t *_bin_len,
+                uint8_t *_bin, uint64_t _max_length) {
 
-    *_bin_len = len / 2;
 
-    for (int i = 0; i < len / 2; i++) {
-        int high = char2int((char) _hex[i * 2]);
-        int low = char2int((char) _hex[i * 2 + 1]);
+    CHECK_STATE(_hex);
+    CHECK_STATE(_bin);
+    CHECK_STATE(_bin_len)
 
-        if (high < 0 || low < 0) {
-            return false;
-        }
 
-        _bin[i] = (unsigned char) (high * 16 + low);
-    }
+    uint64_t len = strnlen(_hex, 2 * _max_length + 1);
 
-    return true;
-}
+    CHECK_STATE(len != 2 * _max_length + 1);
+
+    CHECK_STATE(len <= 2 * _max_length);
 
-bool hex2carray2(const char *_hex, uint64_t *_bin_len,
-                 uint8_t *_bin, const int _max_length) {
-    int len = strnlen(_hex, _max_length);
 
     if (len == 0 && len % 2 == 1)
         return false;
 
     *_bin_len = len / 2;
 
-    for (int i = 0; i < len / 2; i++) {
+    for (uint64_t i = 0; i < len / 2; i++) {
         int high = char2int((char) _hex[i * 2]);
         int low = char2int((char) _hex[i * 2 + 1]);
 
@@ -134,13 +132,20 @@ bool hex2carray2(const char *_hex, uint64_t *_bin_len,
 
 bool sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t _n, size_t _signerIndex,
           char *_sig) {
+
+
+    CHECK_STATE(_encryptedKeyHex);
+    CHECK_STATE(_hashHex);
+    CHECK_STATE(_sig);
+
     auto keyStr = make_shared<string>(_encryptedKeyHex);
 
-    auto hash = make_shared<array<uint8_t, 32>>();
+    auto hash = make_shared < array < uint8_t,
+    32 >> ();
 
     uint64_t binLen;
 
-    if (!hex2carray(_hashHex, &binLen, hash->data())) {
+    if (!hex2carray(_hashHex, &binLen, hash->data(), hash->size())) {
         throw SGXException(INVALID_HEX, "Invalid hash");
     }
 
@@ -156,43 +161,39 @@ bool sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t
 }
 
 bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t _n, char *_sig) {
-    auto hash = make_shared<array<uint8_t, 32>>();
+
+    CHECK_STATE(_encryptedKeyHex);
+    CHECK_STATE(_hashHex);
+    CHECK_STATE(_sig);
+
+    auto hash = make_shared < array < uint8_t,
+    32 >> ();
 
     uint64_t binLen;
 
-    if (!hex2carray(_hashHex, &binLen, hash->data())) {
+    if (!hex2carray(_hashHex, &binLen, hash->data(), hash->size())) {
         throw SGXException(INVALID_HEX, "Invalid hash");
     }
 
-    shared_ptr<signatures::Bls> obj;
+    shared_ptr <signatures::Bls> obj;
     obj = make_shared<signatures::Bls>(signatures::Bls(_t, _n));
 
-    std::pair<libff::alt_bn128_G1, std::string> hash_with_hint = obj->HashtoG1withHint(hash);
+    pair <libff::alt_bn128_G1, string> hash_with_hint = obj->HashtoG1withHint(hash);
 
     string *xStr = FqToString(&(hash_with_hint.first.X));
 
-    if (xStr == nullptr) {
-        std::cerr << "Null xStr" << std::endl;
-        BOOST_THROW_EXCEPTION(runtime_error("Null xStr"));
-    }
+    CHECK_STATE(xStr);
 
     string *yStr = FqToString(&(hash_with_hint.first.Y));
 
     if (yStr == nullptr) {
-        std::cerr << "Null yStr" << std::endl;
         delete xStr;
         BOOST_THROW_EXCEPTION(runtime_error("Null yStr"));
     }
 
-    char errMsg[BUF_LEN];
-    memset(errMsg, 0, BUF_LEN);
+    vector<char> errMsg(BUF_LEN, 0);
 
-    char xStrArg[BUF_LEN];
-    char yStrArg[BUF_LEN];
-    char signature[BUF_LEN];
-
-    memset(xStrArg, 0, BUF_LEN);
-    memset(yStrArg, 0, BUF_LEN);
+    SAFE_CHAR_BUF(xStrArg, BUF_LEN);SAFE_CHAR_BUF(yStrArg, BUF_LEN);SAFE_CHAR_BUF(signature, BUF_LEN);
 
     strncpy(xStrArg, xStr->c_str(), BUF_LEN);
     strncpy(yStrArg, yStr->c_str(), BUF_LEN);
@@ -202,34 +203,30 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
 
     size_t sz = 0;
 
-    uint8_t encryptedKey[BUF_LEN];
+    SAFE_UINT8_BUF(encryptedKey, BUF_LEN);
 
-    bool result = hex2carray(_encryptedKeyHex, &sz, encryptedKey);
+    bool result = hex2carray(_encryptedKeyHex, &sz, encryptedKey, BUF_LEN);
 
     if (!result) {
-        cerr << "Invalid hex encrypted key" << endl;
-        BOOST_THROW_EXCEPTION(std::invalid_argument("Invalid hex encrypted key"));
+        BOOST_THROW_EXCEPTION(invalid_argument("Invalid hex encrypted key"));
     }
 
     int errStatus = 0;
 
-    sgx_status_t status =
-            trustedBlsSignMessageAES(eid, &errStatus, errMsg, encryptedKey,
-                                 sz, xStrArg, yStrArg, signature);
 
-    if (status != SGX_SUCCESS) {
-        cerr << "SGX enclave call to trustedBlsSignMessage failed with status:" << status << std::endl;
-        BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
-    }
+    sgx_status_t status = SGX_SUCCESS;
 
-    if (errStatus != 0) {
-        cerr << "SGX enclave call to trustedBlsSignMessage failed with errStatus:" << errStatus << std::endl;
-        BOOST_THROW_EXCEPTION(runtime_error("SGX enclave call to trustedBlsSignMessage failed"));
-    }
+    RESTART_BEGIN
+            status = trustedBlsSignMessage(eid, &errStatus, errMsg.data(), encryptedKey,
+                                              sz, xStrArg, yStrArg, signature);
+    RESTART_END
 
-    std::string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" + hash_with_hint.second;
 
-    std::string sig = signature;
+    HANDLE_TRUSTED_FUNCTION_ERROR(status, errStatus, errMsg.data());
+
+    string hint = BLSutils::ConvertToString(hash_with_hint.first.Y) + ":" + hash_with_hint.second;
+
+    string sig = signature;
 
     sig.append(":");
     sig.append(hint);
@@ -240,36 +237,37 @@ bool sign_aes(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, siz
 }
 
 bool bls_sign(const char *_encryptedKeyHex, const char *_hashHex, size_t _t, size_t _n, char *_sig) {
+    CHECK_STATE(_encryptedKeyHex);
+    CHECK_STATE(_hashHex);
     return sign_aes(_encryptedKeyHex, _hashHex, _t, _n, _sig);
 }
 
-std::string encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key) {
-    auto keyArray = make_shared<vector<char>>(BUF_LEN, 0);
-    auto encryptedKey = make_shared<vector<uint8_t>>(BUF_LEN, 0);
-    auto errMsg = make_shared<vector<char>>(BUF_LEN, 0);
+string encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key) {
+    CHECK_STATE(errStatus);
+    CHECK_STATE(err_string);
+    CHECK_STATE(_key);
+    auto keyArray = make_shared < vector < char >> (BUF_LEN, 0);
+    auto encryptedKey = make_shared < vector < uint8_t >> (BUF_LEN, 0);
 
-    strncpy(keyArray->data(), _key, BUF_LEN);
-    *errStatus = -1;
+    vector<char> errMsg(BUF_LEN, 0);
 
-    unsigned int encryptedLen = 0;
+    strncpy(keyArray->data(), _key, BUF_LEN);
+    *errStatus = 0;
 
-    status = trustedEncryptKeyAES(eid, errStatus, errMsg->data(), keyArray->data(), encryptedKey->data(), &encryptedLen);
+    uint64_t encryptedLen = 0;
 
-    spdlog::debug("errStatus is {}", *errStatus);
-    spdlog::debug("errMsg is ", errMsg->data());
+    sgx_status_t status = SGX_SUCCESS;
 
-    if (*errStatus != 0) {
-        throw SGXException(-666, errMsg->data());
-    }
+    RESTART_BEGIN
+        status = trustedEncryptKey(eid, errStatus, errMsg.data(), keyArray->data(), encryptedKey->data(),
+                                      &encryptedLen);
+    RESTART_END_POINTER
 
-    if (status != SGX_SUCCESS) {
-        *errStatus = -1;
-        return "";
-    }
+    HANDLE_TRUSTED_FUNCTION_ERROR(status, *errStatus, errMsg.data());
 
-    std::string result(2 * BUF_LEN, '\0');
+    SAFE_CHAR_BUF(resultBuf, 2 * BUF_LEN + 1);
 
-    carray2Hex(encryptedKey->data(), encryptedLen, &result.front());
+    carray2Hex(encryptedKey->data(), encryptedLen, resultBuf, 2 * BUF_LEN + 1);
 
-    return result;
+    return string(resultBuf);
 }
diff --git a/BLSCrypto.h b/BLSCrypto.h
@@ -38,13 +38,10 @@ EXTERNC bool bls_sign(const char* encryptedKeyHex, const char* hashHex, size_t t
 
 EXTERNC int char2int(char _input);
 
-EXTERNC void  carray2Hex(const unsigned char *d, int _len, char* _hexArray);
+EXTERNC void  carray2Hex(const unsigned char *d, uint64_t , char* _hexArray,
+                         uint64_t _hexArrayLen);
 EXTERNC bool hex2carray(const char * _hex, uint64_t  *_bin_len,
-                        uint8_t* _bin );
-EXTERNC bool hex2carray2(const char * _hex, uint64_t  *_bin_len,
-                 uint8_t* _bin, const int _max_length );
-
-
+                 uint8_t* _bin, uint64_t _max_length );
 
 std::string encryptBLSKeyShare2Hex(int *errStatus, char *err_string, const char *_key);