- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi All,
Documentation of sgx_aes_ctr_decrypt ( https://software.intel.com/en-us/node/696625 ) says "It is recommended that the source, destination and counter data buffers are allocated within the enclave."
So is it recommended or necessary? What happens if we pass pointer to buffer allocated outside of enclave to sgx_aes_ctr_decrypt? ie pointer passed as an user_check attribute to ECall.
Regards,
Himanshu
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It's a recommendation. I'm sure you understand why.
sgx_aes_ctr_decrypt won't give you an error if the buffers are outside the enclave.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Buffers do not need to be inside the enclave. But there are obvious security consequences for doing so. For decrypt you most likely want your destination buffer inside the enclave. Leaving the source outside the enclave can prevents a copy being required. Vice versa for the encrypt operation.
-Surenthar
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page