Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1510 Discussions

Clarification About the Key Used in sgx_seal_data

Elephant
Beginner
‎07-11-2017 02:02 AM
847 Views

Hi, 

I am using and running my SGX sample codes in linux.  I've read from the Developer Reference that for sgx_seal_data, it uses the MRSIGNER policy.  However, the sample code's Makefiles for DEBUG/PRERELEASE mode use the 1-step process for signing enclaves, i.e. using the ISV-provided private key.  The confusion that I am having now is that, in DEBUG/PRERELEASE modes, there were no public keys provided when the signing happens, so how does the sgx_seal_data in MRSIGNER policy without the public key?  I understand that the MRSIGNER should be the hash of the public key?

Here's the experiment that I did:

  • I tried to sign my sealing/unsealing enclave with Enclave_private1.pem.  
  • I ran the sealing application and then generated a sealed file.
  • I then signed my sealing/unsealing enclave with Enclave_private2.pem.
  • I then ran the unsealing application using the previously saved sealed file
  • RESULT:  I CAN unseal the sealed file!  I was expecting otherwise.

What am I missing here?

Thanks a lot for your help!

Regards,

Elephant

0 Kudos

Link Copied

4 Replies
Shivananda_H_Intel
Employee
‎07-17-2017 05:36 AM
847 Views

Hi,

One clarification: Whether 2 keys Enclave_private1.pem and Enclave_private2 .pem are from different enclaves or the same Enclave ?

I did the same steps as you mentioned, but i used the key's from different enclave for the 2nd step , but couldn't unseal the application.

Regards

Shivananda

0 Kudos
Copy link
Elephant
Beginner
‎07-17-2017 11:11 PM
847 Views

Hi Shivananda,

Thanks for taking the time to test this out.  I have actually verified that we are using THE SAME private key file with different filenames on the SAME enclave.  It is a fault on my part because I was using a different filenames without verifying the contents.

Also, regarding the PRIVATE key on MRENCLAVE, the PEM file is actually a key-pair.  So I am guessing that SGX automatically extracts the public key and SHA256 hash it and saving it on the MRENCLAVE register/field, then use that information to derive the sealing key.  Is this a correct assumption? 

Thanks!

Kind Regards,

Elephant

Shivananda H. (Intel) wrote:

Hi,

One clarification: Whether 2 keys Enclave_private1.pem and Enclave_private2 .pem are from different enclaves or the same Enclave ?

I did the same steps as you mentioned, but i used the key's from different enclave for the 2nd step , but couldn't unseal the application.

Regards

Shivananda

0 Kudos
Copy link
Anusha_K_Intel
Employee
‎07-19-2017 05:50 AM
847 Views

Hi,

What you have assumed is correct. In the 1-step signing process the public key is extracted by the enclave.

Regards,

Anusha

0 Kudos
Copy link
you_w_
New Contributor III
‎07-20-2017 02:41 AM
847 Views

Hi: Shivananda HAnushaElephant

I think this topic  is helpful for understand the sealing key. Thank you. I am about to get more info from the SGX source code.

Regards 

you

0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.