topic Re:sgx_rijndael128GCM_encrypt does not encrypt in Intel® Software Guard Extensions (Intel® SGX)

sgx_rijndael128GCM_encrypt does not encrypt

Ziidev — Thu, 02 Jun 2022 22:34:41 GMT

I am trying to use sgx_rijndael128GCM_encrypt to encrypt some data but the buffer remains empaty. I dont know why or what i am doing wrong. This is the code I am using, if there is any errors please mention them. As far as I think, there will be some changes in line 2, where i am calculating aesgcm_len or maybe i am using the wrong key. But if the key is wrong then it should show some errors. Please guide me. Thank you in advance.

uint8_t *plaintext = (uint8_t *)item->certificate;
size_t aesgcm_len =4 + ((((double)sizee)/16))*16 +16;
item->encrypteee = (uint8_t*)malloc(aesgcm_len);
sgx_aes_gcm_128bit_tag_t mac;
const sgx_aes_gcm_128bit_key_t aes_key= { 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xa, 0xb, 0xc, 0xd, 0xe, 0xf };
 //sgx_read_rand((unsigned char *) &aes_key, sizeof(sgx_aes_gcm_128bit_key_t));
uint8_t iv[12];
memset(iv,0,12);
 ((int*)item->encrypteee)[0]=sizee;
 
sgx_status_t res;
 res= sgx_rijndael128GCM_encrypt(&aes_key, plaintext, sizee, (uint8_t*)item->encrypteee+4,iv,12 ,NULL,0,&mac);
if (res != SGX_SUCCESS) {
 //printf("encryption error");
free(wallet);
return ERR_FAIL_UNSEAL;
 }

Re:sgx_rijndael128GCM_encrypt does not encrypt

Sahira_Intel — Thu, 02 Jun 2022 23:23:47 GMT

Hi,

Let me look into this for you.

In the meantime, I suggest opening a new issue in the SGX Github too: https://github.com/intel/linux-sgx/issues

Sincerely,

Sahira

Re: Re:sgx_rijndael128GCM_encrypt does not encrypt

Ziidev — Sat, 04 Jun 2022 14:15:34 GMT

Hi Sahira,

I posted there as well and trying every solution but no success. Even I tried this solution but segmentaion fault occurs at sgx_rijndael128GCM_encrypt function. I dont know why? is there any explanation. Please guide me.

uint8_t *bout; //item->encrypteee = (uint8_t*)malloc(aesgcm_len); uint32_t boutlen = *(&bout +1)-bout; //uint32_t boutlen = sizeof(item->encrypteee); uint32_t aes128gcm_ciphertext_size = SGX_AESGCM_IV_SIZE + SGX_AESGCM_MAC_SIZE + sizee; if(boutlen < aes128gcm_ciphertext_size) { return 0Xffffffff; } if(sgx_read_rand(bout, SGX_AESGCM_IV_SIZE) != SGX_SUCCESS) { return ERR_FAIL_UNSEAL; } const sgx_aes_gcm_128bit_key_t aes_key= { 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xa, 0xb, 0xc, 0xd, 0xe, 0xf }; uint8_t *plaintext = (uint8_t *)item->certificate; sgx_status_t res; res=sgx_rijndael128GCM_encrypt(&aes_key, plaintext, sizee, // plaintext bout + SGX_AESGCM_IV_SIZE + SGX_AESGCM_MAC_SIZE, // ciphertext bout, SGX_AESGCM_IV_SIZE, // iv NULL, 0, // aad (sgx_aes_gcm_128bit_tag_t*) (bout + SGX_AESGCM_IV_SIZE)); // mac if (res != SGX_SUCCESS) { //printf("encryption error"); free(wallet); return ERR_FAIL_UNSEAL; }

Re:sgx_rijndael128GCM_encrypt does not encrypt

Sahira_Intel — Wed, 06 Jul 2022 22:29:31 GMT

Hi Ziidev,

I see someone has replied to your post on Github so I will close this issue and we can work on your issue there.

Sincerely,

Sahira