From ab6c7bf8f271bc7967219c803bdc5cbd69ef1959 Mon Sep 17 00:00:00 2001
From: vlad <vlad@scrtlabs.com>
Date: Thu, 12 Dec 2024 13:31:32 +0000
Subject: [PATCH] key_manager: added encrypt_hash

---
 cosmwasm/enclaves/Cargo.lock                      |  1 +
 cosmwasm/enclaves/shared/utils/Cargo.toml         |  1 +
 cosmwasm/enclaves/shared/utils/src/key_manager.rs | 11 +++++++++++
 3 files changed, 13 insertions(+)

diff --git a/cosmwasm/enclaves/Cargo.lock b/cosmwasm/enclaves/Cargo.lock
index 4cccdd44f..fc6a974ce 100644
--- a/cosmwasm/enclaves/Cargo.lock
+++ b/cosmwasm/enclaves/Cargo.lock
@@ -817,6 +817,7 @@ dependencies = [
  "sgx_trts",
  "sgx_tstd",
  "sgx_types",
+ "sha2 0.10.8",
 ]
 
 [[package]]
diff --git a/cosmwasm/enclaves/shared/utils/Cargo.toml b/cosmwasm/enclaves/shared/utils/Cargo.toml
index fab84dd40..58bcb0808 100644
--- a/cosmwasm/enclaves/shared/utils/Cargo.toml
+++ b/cosmwasm/enclaves/shared/utils/Cargo.toml
@@ -27,6 +27,7 @@ enclave-ffi-types = { path = "../../ffi-types" }
 log = "0.4.17"
 hex = "0.4.2"
 lazy_static = "1.4"
+sha2 = "0.10"
 serde = { git = "https://github.com/mesalock-linux/serde-sgx", features = [
   "derive"
 ] }
diff --git a/cosmwasm/enclaves/shared/utils/src/key_manager.rs b/cosmwasm/enclaves/shared/utils/src/key_manager.rs
index f98e0d0d6..0fb89d7fa 100644
--- a/cosmwasm/enclaves/shared/utils/src/key_manager.rs
+++ b/cosmwasm/enclaves/shared/utils/src/key_manager.rs
@@ -10,6 +10,7 @@ use enclave_ffi_types::EnclaveError;
 use lazy_static::lazy_static;
 use log::*;
 use sgx_types::{sgx_key_128bit_t, sgx_measurement_t};
+use sha2::{Digest, Sha256};
 use std::io::{Read, Write};
 use std::sgxfs::SgxFile;
 // For phase 1 of the seed rotation, all consensus secrets come in two parts:
@@ -181,6 +182,16 @@ impl Keychain {
         }
     }
 
+    pub fn encrypt_hash(&self, hv: [u8; 32]) -> [u8; 32] {
+        let mut hasher = Sha256::new();
+        hasher.update(self.consensus_seed.unwrap().current.as_slice());
+        hasher.update(hv);
+
+        let mut ret: [u8; 32] = [0_u8; 32];
+        ret.copy_from_slice(&hasher.finalize());
+        ret
+    }
+
     pub fn get_migration_keys() -> KeyPair {
         let mut sk = Ed25519PrivateKey::default();
         sk.get_mut()[..16].copy_from_slice(&get_key_from_seed("migrate.0.kdk".as_bytes()));