Merge pull request #98 from skalenetwork/feature/SKALE-2002-backup

enhancement/SKALE-2002 clean up and small fixes

.github/workflows/dockerimagesim.yml

@@ -47,14 +47,10 @@ jobs:
       id: create_release
       uses: actions/create-release@latest
       env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       with:
         tag_name: ${{ env.VERSION }}
-        release_name: Release ${{ env.VERSION }}
-        body: |
-          Changes in this Release
-          - First Change
-          - Second Change
+        release_name: ${{ env.VERSION }}
         draft: false
         prerelease: true
 

.gitignore

@@ -46,3 +46,7 @@
 /m4
 /.testw.py.swp
 /cert_util
+/secure_enclave/*.o
+/*.user
+/cert/*.csr
+/cert/*.crt

ECDSACrypto.cpp

@@ -67,6 +67,10 @@ vector <string> genECDSAKey() {
 
     uint32_t enc_len = 0;
 
+//    status = trustedGenerateEcdsaKeyAES(eid, &errStatus,
+//                                        errMsg.data(), encr_pr_key.data(), &enc_len,
+//                                        pub_key_x.data(), pub_key_y.data());
+
     if (!encryptKeys)
         status = trustedGenerateEcdsaKey(eid, &errStatus, errMsg.data(), encr_pr_key.data(),
                                          &enc_len, pub_key_x.data(), pub_key_y.data());
@@ -115,6 +119,9 @@ string getECDSAPubKey(const char *_encryptedKeyHex) {
         throw SGXException(INVALID_HEX, "Invalid encryptedKeyHex");
     }
 
+//    status = trustedGetPublicEcdsaKeyAES(eid, &errStatus,
+//                                         errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(), pubKeyY.data());
+
     if (!encryptKeys)
         status = trustedGetPublicEcdsaKey(eid, &errStatus, errMsg.data(), encrPrKey.data(), enc_len, pubKeyX.data(),
                                           pubKeyY.data());
@@ -201,6 +208,11 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
 
     pubKeyStr = getECDSAPubKey(encryptedKeyHex);
 
+//    status = trustedEcdsaSignAES(eid, &errStatus,
+//            errMsg.data(), encryptedKey.data(), decLen, (unsigned char *) hashHex,
+//                                 signatureR.data(),
+//                                 signatureS.data(), &signatureV, base);
+
 
     if (!encryptKeys) {
         status = trustedEcdsaSign(eid, &errStatus, errMsg.data(),
@@ -248,4 +260,4 @@ vector <string> ecdsaSignHash(const char *encryptedKeyHex, const char *hashHex,
         throw *exception;
 
     return signatureVector;
-}
+}

SEKManager.cpp

@@ -129,12 +129,11 @@ void gen_SEK(){
   vector<uint8_t> encr_SEK(1024, 0);
   uint32_t enc_len = 0;
 
-  //vector<char> SEK(65, 0);
   char SEK[65];
   memset(SEK, 0, 65);
 
   status = trustedGenerateSEK(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK);
-  if (status != SGX_SUCCESS ||  err_status != 0  ){
+  if ( status != SGX_SUCCESS || err_status != 0  ) {
     throw SGXException(status, errMsg.data()) ;
   }
 
@@ -143,7 +142,7 @@ void gen_SEK(){
   carray2Hex(encr_SEK.data(), enc_len, hexEncrKey.data());
 
   cout << "ATTENTION! THIS IS YOUR KEY FOR BACK UP. PLEASE COPY IT TO THE SAFE PLACE" << endl;
-  cout << "key is " << SEK << endl;
+  cout << "YOUR KEY IS " << SEK << endl;
 
   if (!autoconfirm) {
     std::string confirm_str = "I confirm";
@@ -155,10 +154,6 @@ void gen_SEK(){
     } while (case_insensitive_match(confirm_str, buffer)); //(strcmp(confirm_str.c_str(), buffer.c_str()) != 0);
   }
 
-  if (system("reset") != 0) {
-      cerr << "Could not execute reset" << endl;
-  }
-
   LevelDB::getLevelDb()->writeDataUnique("SEK", hexEncrKey.data());
 
   create_test_key();
@@ -167,7 +162,6 @@ void gen_SEK(){
 void trustedSetSEK(std::shared_ptr<std::string> hex_encr_SEK){
   vector<char> errMsg(1024,0);
   int err_status = 0;
-  //vector<uint8_t> encr_SEK(1024, 0);
 
   uint8_t encr_SEK[BUF_LEN];
   memset(encr_SEK, 0, BUF_LEN);
@@ -183,7 +177,6 @@ void trustedSetSEK(std::shared_ptr<std::string> hex_encr_SEK){
     cerr << "RPCException thrown" << endl;
     throw SGXException(status, errMsg.data()) ;
   }
-
 }
 
 void enter_SEK(){
@@ -206,11 +199,8 @@ void enter_SEK(){
     SEK = "";
     std::cin >> SEK;
   }
-//  if (DEBUG_PRINT)
-//   std::cerr << "your key is " << SEK << std::endl;
 
-
-  status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK.c_str() );
+  status = trustedSetSEK_backup(eid, &err_status, errMsg.data(), encr_SEK.data(), &enc_len, SEK.c_str());
   if (status != SGX_SUCCESS){
     cerr << "RPCException thrown with status " << status << endl;
     throw SGXException(status, errMsg.data());
@@ -226,13 +216,16 @@ void enter_SEK(){
 
 void initSEK(){
   std::shared_ptr<std::string> encr_SEK_ptr = LevelDB::getLevelDb()->readString("SEK");
-  if (encr_SEK_ptr == nullptr){
-    spdlog::error("SEK was not created yet. Going to create SEK");
-    gen_SEK();
-  }
-  else{
-    trustedSetSEK(encr_SEK_ptr);
+  if (encryptKeys) {
+    enter_SEK();
+  } else {
+      if (encr_SEK_ptr == nullptr) {
+          spdlog::warn("SEK was not created yet. Going to create SEK");
+          gen_SEK();
+      } else {
+          trustedSetSEK(encr_SEK_ptr);
+      }
   }
 }
 
-//a002e7ca685d46a32771d16fe2518e58
+//a002e7ca685d46a32771d16fe2518e58

ServerInit.cpp

@@ -76,7 +76,7 @@ void initEnclave(uint32_t _logLevel) {
     }
 #endif
 
-        spdlog::debug("SGX_DEBUG_FLAG = {}", SGX_DEBUG_FLAG);
+    spdlog::debug("SGX_DEBUG_FLAG = {}", SGX_DEBUG_FLAG);
 
 
     status = sgx_create_enclave_search(ENCLAVE_NAME, SGX_DEBUG_FLAG, &token,

secure_enclave/DHDkg.c

@@ -39,7 +39,6 @@
 #include <string.h>
 
 void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
-
     char* pb_keyB_x = (char*)calloc(65, 1);
     strncpy(pb_keyB_x, pb_keyB, 64);
     pb_keyB_x[64] = 0;
@@ -62,8 +61,7 @@ void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
     point_multiplication(session_key, skey, pub_keyB, curve);
 
     char arr_x[mpz_sizeinbase (session_key->x, 16) + 2];
-    char* x = mpz_get_str(arr_x, 16, session_key->x);
-    //strncpy(common_key, arr_x, 64);
+    mpz_get_str(arr_x, 16, session_key->x);
     int n_zeroes = 64 - strlen(arr_x);
     for ( int i = 0; i < n_zeroes; i++){
       common_key[i] = '0';
@@ -79,7 +77,6 @@ void gen_session_key(char *skey_str, char* pb_keyB, char* common_key){
 }
 
 void session_key_recover(const char *skey_str, const char* sshare, char* common_key){
-
     char* pb_keyB_x = (char*)calloc(65, 1);
     strncpy(pb_keyB_x, sshare + 64, 64);
     pb_keyB_x[64] = 0;
@@ -95,6 +92,12 @@ void session_key_recover(const char *skey_str, const char* sshare, char* common_
     mpz_init(skey);
     if (mpz_set_str(skey, skey_str, 16) == -1){
         common_key = NULL;
+
+        mpz_clear(skey);
+        domain_parameters_clear(curve);
+        free(pb_keyB_x);
+        free(pb_keyB_y);
+
         return;
     }
 
@@ -105,14 +108,12 @@ void session_key_recover(const char *skey_str, const char* sshare, char* common_
     point_multiplication(session_key, skey, pub_keyB, curve);
 
     char arr_x[mpz_sizeinbase (session_key->x, 16) + 2];
-    char* x = mpz_get_str(arr_x, 16, session_key->x);
-    //strncpy(common_key, arr_x, 64);
+    mpz_get_str(arr_x, 16, session_key->x);
     int n_zeroes = 64 - strlen(arr_x);
     for ( int i = 0; i < n_zeroes; i++){
         common_key[i] = '0';
     }
     strncpy(common_key + n_zeroes, arr_x, strlen(arr_x));
-    //strncpy(common_key , sshare, 64);
 
     mpz_clear(skey);
     point_clear(pub_keyB);
@@ -123,21 +124,21 @@ void session_key_recover(const char *skey_str, const char* sshare, char* common_
 }
 
 void xor_encrypt(char* key, char* message, char* cypher){
-
    uint8_t cypher_bin[33];
 
-   //uint8_t key_bin[33];
    uint8_t* key_bin = (uint8_t*)calloc(33,1);
    uint64_t key_length;
    if (!hex2carray(key, &key_length, key_bin)){
      cypher = NULL;
+     free(key_bin);
      return;
    }
 
    uint64_t msg_length;
    uint8_t msg_bin[33];//[ECDSA_BIN_LEN];
    if (!hex2carray(message, &msg_length, msg_bin)){
      cypher = NULL;
+     free(key_bin);
      return;
    }
 
@@ -152,21 +153,21 @@ void xor_encrypt(char* key, char* message, char* cypher){
 }
 
 void xor_decrypt(char* key, char* cypher, char* message){
-
     uint8_t msg_bin[33];
 
-    //uint8_t key_bin[33];
     uint8_t* key_bin = (uint8_t*)calloc(33,1);
     uint64_t key_length;
     if (!hex2carray(key, &key_length, key_bin)){
       message = NULL;
+      free(key_bin);
       return;
     }
 
     uint64_t cypher_length;
-    uint8_t cypher_bin[33];//[ECDSA_BIN_LEN];
+    uint8_t cypher_bin[33];
     if (!hex2carray(cypher, &cypher_length, cypher_bin)){
       message = NULL;
+      free(key_bin);
       return;
     }
 

secure_enclave/DKGUtils.cpp

@@ -194,10 +194,6 @@ void calc_secret_shareG2_old(const char* decrypted_coeffs, char * s_shareG2,
   libff::init_alt_bn128_params();
   char symbol = ':';
   vector<libff::alt_bn128_Fr> poly =  SplitStringToFr(decrypted_coeffs, symbol);
-//  if ( poly.size() != _t){
-//    //"t != poly.size()" +
-//    //strncpy(s_shareG2, to_string(poly.size()).c_str(), 18);
-//  }
 
   libff::alt_bn128_Fr secret_share = PolynomialValue(poly, libff::alt_bn128_Fr(ind), _t);
 
@@ -232,6 +228,8 @@ int calc_secret_shareG2(const char* s_share, char * s_shareG2){
 
   strncpy(s_shareG2, secret_shareG2_str.c_str(), secret_shareG2_str.length() + 1);
 
+  mpz_clear(share);
+
   return 0;
 }
 
@@ -299,17 +297,6 @@ int Verification ( char * public_shares, mpz_t decr_secret_share, int _t, int in
     pub_share.Y.c1 = libff::alt_bn128_Fq(y_c1_str.c_str());
     pub_share.Z = libff::alt_bn128_Fq2::one();
 
-
-    //for ( int j = 0; j < 4; j++) {
-      //uint64_t pos0 = share_length * j;
-      //string coord = ConvertHexToDec(pub_shares_str.substr(pos0 + j * coord_length, coord_length));
-//      if ( i == 0) {
-//        memset(public_shares, 0, strlen(public_shares));
-//    string coord = ConvertToString(pub_share.Y.c1);
-//    strncpy(public_shares, coord.c_str(), coord.length());
-//  }
-    //}
-
     pub_shares.push_back(pub_share);
   }
 
@@ -361,7 +348,8 @@ int calc_bls_public_key(char* skey_hex, char* pub_key){
 
   mpz_t skey;
   mpz_init(skey);
-  if (mpz_set_str(skey, skey_hex, 16) == -1){
+  if (mpz_set_str(skey, skey_hex, 16) == -1) {
+    mpz_clear(skey);
     return 1;
   }