Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Clarification for sgx_ecc256_* set of APIs

Fan
Beginner
‎11-18-2016 02:15 PM
685 Views

Hi,

I found the SGX SDK has a set of ECC crypto APIs but the User Guide is not clear (IMHO) regarding how to use them. So I'm asking for clarification.

  • All of the APIs seem to require a sgx_ecc_state_handle_t. But nowhere is stated how this handle should be created. Any idea?
  • Can I get to specify the EC curve? If not, what is the default curve?

Thanks!

Fan

0 Kudos

Link Copied

3 Replies
Surenthar_S_Intel
Employee
‎11-21-2016 02:11 AM
685 Views

Hi,

  • All of the APIs seem to require a sgx_ecc_state_handle_t. But nowhere is stated how this handle should be created. Any idea? - 
    sgx_ecc256_open_context:
    sgx_ecc256_open_context returns an allocated and initialized context for the elliptic curve cryptosystem over a prime finite field, GF(p). This context must be created prior to calling sgx_ecc256_create_key_pair or sgx_ecc256_compute_shared_dhkey. When the calling code has completed its set of ECC operations, sgx_ecc256_close_context should be called to cleanup and deallocate the ECC context.
  • Syntax: sgx_status_t sgx_ecc256_open_context( sgx_ecc_state_handle_t *p_ecc_handle );
  • Parameters: p_ecc_handle [out]
    This is a handle to the ECC GF(p) context state allocated and initialized used to perform elliptic curve cryptosystem standard functions. The algorithm stores the intermediate results of calculations performed using this context.

-Surenthar

0 Kudos
Copy link
Fan
Beginner
‎11-21-2016 09:25 AM
685 Views

Interesting. The documentation (https://software.intel.com/sites/products/sgx-sdk-users-guide-windows/Default.htm) I'm reading says the opposite ([in] v.s. [out]):

Screen Shot 2016-11-21 at 12.20.49 PM.png

I guess you're right and the documentation has a typo?

Surenthar Selvaraj. (Intel) wrote:

Hi,

  • All of the APIs seem to require a sgx_ecc_state_handle_t. But nowhere is stated how this handle should be created. Any idea? - 
    sgx_ecc256_open_context:
    sgx_ecc256_open_context returns an allocated and initialized context for the elliptic curve cryptosystem over a prime finite field, GF(p). This context must be created prior to calling sgx_ecc256_create_key_pair or sgx_ecc256_compute_shared_dhkey. When the calling code has completed its set of ECC operations, sgx_ecc256_close_context should be called to cleanup and deallocate the ECC context.
  • Syntax: sgx_status_t sgx_ecc256_open_context( sgx_ecc_state_handle_t *p_ecc_handle );
  • Parameters: p_ecc_handle [out]
    This is a handle to the ECC GF(p) context state allocated and initialized used to perform elliptic curve cryptosystem standard functions. The algorithm stores the intermediate results of calculations performed using this context.

-Surenthar

0 Kudos
Copy link
Juan_d_Intel
Employee
‎11-22-2016 10:06 AM
685 Views

Note that the HTML version of the User's Guide is out-of-date.

Please refer to the PDF document instead.

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.