From 49c7800d87d6df6eb92c501e0be6ad59f5592af0 Mon Sep 17 00:00:00 2001 From: Julien Maffre <42961061+jumaffre@users.noreply.github.com> Date: Thu, 12 Mar 2020 16:56:09 +0000 Subject: [PATCH] 0.8 install fixes (#945) --- CMakeLists.txt | 4 +--- cmake/ccf_app.cmake | 4 ---- cmake/common.cmake | 10 +++++----- src/node/networkencryption.h | 22 ++++------------------ src/node/nodestate.h | 19 ++++++++++++++----- 5 files changed, 24 insertions(+), 35 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 7050cd5e8862..8ae14da57b20 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -7,7 +7,7 @@ include(${CCF_DIR}/cmake/preproject.cmake) project( ccf - VERSION 0.8 + VERSION 0.8.1 LANGUAGES C CXX ) @@ -64,7 +64,6 @@ if("sgx" IN_LIST TARGET) $ $ $ - $ ) target_link_libraries(ccf.enclave PUBLIC libbyz.enclave) @@ -117,7 +116,6 @@ if("virtual" IN_LIST TARGET) $ $ $ - $ ) target_link_libraries(ccf.virtual PUBLIC libbyz.host) diff --git a/cmake/ccf_app.cmake b/cmake/ccf_app.cmake index f24cd26db8d6..1752c9c2625c 100644 --- a/cmake/ccf_app.cmake +++ b/cmake/ccf_app.cmake @@ -90,10 +90,6 @@ function(use_oe_mbedtls name) ) endfunction() -if(NOT CCF_GENERATED_DIR) - set(CCF_GENERATED_DIR ${CCF_DIR}/generated) -endif() - # Enclave library wrapper function(add_ccf_app name) diff --git a/cmake/common.cmake b/cmake/common.cmake index 45d9aa0eb1b5..23f31a3a2d4a 100644 --- a/cmake/common.cmake +++ b/cmake/common.cmake @@ -110,7 +110,7 @@ endif() enable_language(ASM) set(CCF_GENERATED_DIR ${CMAKE_CURRENT_BINARY_DIR}/generated) -include_directories(${CCF_DIR}/src ${CCF_GENERATED_DIR}) +include_directories(${CCF_DIR}/src) include_directories( SYSTEM ${CCF_DIR}/3rdparty ${CCF_DIR}/3rdparty/hacl-star @@ -247,7 +247,9 @@ if("sgx" IN_LIST TARGET) cchost ${CCF_DIR}/src/host/main.cpp ${CCF_GENERATED_DIR}/ccf_u.cpp ) use_client_mbedtls(cchost) - target_include_directories(cchost PRIVATE ${CMAKE_CURRENT_BINARY_DIR}) + target_include_directories( + cchost PRIVATE ${CMAKE_CURRENT_BINARY_DIR} ${CCF_GENERATED_DIR} + ) add_san(cchost) target_link_libraries( @@ -423,9 +425,7 @@ function(add_e2e_test) # Make python test client framework importable set_property( TEST ${PARSED_ARGS_NAME} APPEND - PROPERTY - ENVIRONMENT - "PYTHONPATH=${CCF_DIR}/tests:${CCF_GENERATED_DIR}:$ENV{PYTHONPATH}" + PROPERTY ENVIRONMENT "PYTHONPATH=${CCF_DIR}/tests:$ENV{PYTHONPATH}" ) if(${PARSED_ARGS_IS_SUITE}) set_property(TEST ${PARSED_ARGS_NAME} APPEND PROPERTY LABELS suite) diff --git a/src/node/networkencryption.h b/src/node/networkencryption.h index 30d2ea815d83..bd1ef812a2e4 100644 --- a/src/node/networkencryption.h +++ b/src/node/networkencryption.h @@ -2,7 +2,6 @@ // Licensed under the Apache 2.0 License. #pragma once -#include "crypto/cryptobox.h" #include "tls/25519.h" #include "tls/entropy.h" @@ -10,10 +9,6 @@ namespace ccf { struct NetworkEncryptionKey { - private: - static constexpr auto KEY_SIZE = crypto::BoxKey::KEY_SIZE; - - public: std::vector private_raw; bool operator==(const NetworkEncryptionKey& other) const @@ -21,19 +16,10 @@ namespace ccf return private_raw == other.private_raw; } - NetworkEncryptionKey(bool random = false) - { - if (random) - { - private_raw = tls::create_entropy()->random(crypto::BoxKey::KEY_SIZE); - } - } + NetworkEncryptionKey() = default; - std::vector get_public_pem() - { - return tls::PublicX25519::write( - crypto::BoxKey::public_from_private(private_raw)) - .raw(); - } + NetworkEncryptionKey(std::vector&& private_key_raw) : + private_raw(std::move(private_key_raw)) + {} }; } \ No newline at end of file diff --git a/src/node/nodestate.h b/src/node/nodestate.h index b055a9f18dac..74af9c2cb9ba 100644 --- a/src/node/nodestate.h +++ b/src/node/nodestate.h @@ -271,7 +271,8 @@ namespace ccf network.identity = std::make_unique("CN=CCF Network"); network.ledger_secrets = std::make_shared(seal); - network.encryption_key = std::make_unique(true); + network.encryption_key = std::make_unique( + tls::create_entropy()->random(crypto::BoxKey::KEY_SIZE)); self = 0; // The first node id is always 0 @@ -300,7 +301,7 @@ namespace ccf return Success( {node_cert, network.identity->cert, - network.encryption_key->get_public_pem()}); + get_network_encryption_key_public_pem()}); } case StartType::Join: { @@ -320,7 +321,8 @@ namespace ccf std::make_unique("CN=CCF Network"); // Create temporary network secrets but do not seal yet network.ledger_secrets = std::make_shared(seal, false); - network.encryption_key = std::make_unique(true); + network.encryption_key = std::make_unique( + tls::create_entropy()->random(crypto::BoxKey::KEY_SIZE)); setup_history(); setup_encryptor(network.consensus_type); @@ -336,7 +338,7 @@ namespace ccf return Success( {node_cert, network.identity->cert, - network.encryption_key->get_public_pem()}); + get_network_encryption_key_public_pem()}); } default: { @@ -408,7 +410,7 @@ namespace ccf network.ledger_secrets = std::make_shared( std::move(resp.network_info.ledger_secrets), seal); network.encryption_key = std::make_unique( - resp.network_info.encryption_key); + std::move(resp.network_info.encryption_key)); self = resp.node_id; @@ -1328,6 +1330,13 @@ namespace ccf } } + std::vector get_network_encryption_key_public_pem() + { + return tls::PublicX25519::write(crypto::BoxKey::public_from_private( + network.encryption_key->private_raw)) + .raw(); + } + void reset_quote() { quote.clear();