SKALE-3039

skalenetwork · Sep 10, 2020 · 85590b1 · 85590b1
1 parent 28616a4
commit 85590b1
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 8 deletions.
diff --git a/secure_enclave/AESUtils.c b/secure_enclave/AESUtils.c
@@ -30,8 +30,7 @@
 
 #include "AESUtils.h"
 
-sgx_aes_gcm_128bit_key_t AES_key;
-sgx_aes_gcm_128bit_key_t AES_DH_key;
+uint8_t AES_key[2* BUF_LEN];
 
 
 #define SAFE_CHAR_BUF(__X__, __Y__)  ;char __X__ [ __Y__ ]; memset(__X__, 0, __Y__);
@@ -75,7 +74,7 @@ int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrBufLen, unsig
 
     sgx_read_rand(encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE);
 
-    sgx_status_t status = sgx_rijndael128GCM_encrypt(&AES_key, (uint8_t*)message, len,
+    sgx_status_t status = sgx_rijndael128GCM_encrypt(AES_key + BUF_LEN, (uint8_t*)message, len,
                                                      encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE,
                                                      encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,
                                                      NULL, 0,
@@ -124,7 +123,7 @@ int AES_decrypt(uint8_t *encr_message, uint64_t length, char *message, uint64_t
         return -2;
   }
 
-  sgx_status_t status = sgx_rijndael128GCM_decrypt(&AES_key,
+  sgx_status_t status = sgx_rijndael128GCM_decrypt(AES_key + BUF_LEN,
                                                    encr_message + SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE, len,
                                                    (unsigned char*) message,
                                                    encr_message + SGX_AESGCM_MAC_SIZE, SGX_AESGCM_IV_SIZE,

diff --git a/secure_enclave/AESUtils.h b/secure_enclave/AESUtils.h
@@ -24,7 +24,8 @@
 #ifndef SGXD_AESUTILS_H
 #define SGXD_AESUTILS_H
 
-extern sgx_aes_gcm_128bit_key_t AES_key;
+#define BUF_LEN 1024
+extern uint8_t AES_key[2* BUF_LEN] ;
 
 int AES_encrypt(char *message, uint8_t *encr_message, uint64_t encrLen,
                 unsigned char type, unsigned char exportable, uint64_t* resultLen);

diff --git a/secure_enclave/secure_enclave.c b/secure_enclave/secure_enclave.c
@@ -291,7 +291,7 @@ void trustedGenerateSEK(int *errStatus, char *errString,
     RANDOM_CHAR_BUF(SEK_raw, SGX_AESGCM_KEY_SIZE);
 
     carray2Hex((uint8_t*) SEK_raw, SGX_AESGCM_KEY_SIZE, sek_hex);
-    memcpy(AES_key, SEK_raw, SGX_AESGCM_KEY_SIZE);
+    memcpy(AES_key + BUF_LEN, SEK_raw, SGX_AESGCM_KEY_SIZE);
 
 
     sealHexSEK(errStatus, errString, encrypted_sek, enc_len, sek_hex);
@@ -331,7 +331,7 @@ void trustedSetSEK(int *errStatus, char *errString, uint8_t *encrypted_sek) {
     uint64_t len;
 
 
-    hex2carray(aes_key_hex, &len, (uint8_t *) AES_key);
+    hex2carray(aes_key_hex, &len, (uint8_t *) AES_key + BUF_LEN);
 
     SET_SUCCESS
     clean:
@@ -349,7 +349,7 @@ void trustedSetSEK_backup(int *errStatus, char *errString,
     CHECK_STATE(sek_hex);
 
     uint64_t len;
-    hex2carray(sek_hex, &len, (uint8_t *) AES_key);
+    hex2carray(sek_hex, &len, (uint8_t *) AES_key + BUF_LEN);
 
 
     sealHexSEK(errStatus, errString, encrypted_sek, enc_len, (char *)sek_hex);