Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Facing MAC_MISMATCH during unseal data

Yan__Yudao
Beginner
179 Views

We try to seal a private key in encalve for future use:

    sealed_len = sgx_calc_sealed_data_size(0,sizeof(priv_key));

    sgx_status_t ret_priKey = sgx_seal_data(0, NULL, sizeof(priv_key), (uint8_t*)&priv_key, sealed_len, &tmpbuf); // tmpbuf will send out the sealed data

 

In the future, we do unseal in encalve as following:

    uint32_t decLen = sgx_get_encrypt_txt_len(&fix_data->enc_ec256_private_key);   // fix_data contained sealed data

    uint8_t *priv_tmp = (uint8_t*)malloc(decLen);

    memset(&sealed_data_tmp, 0, sizeof(tmpbuf));

    memcpy(&sealed_data_tmp, &fix_data->enc_ec256_private_key, sizeof(tmpbuf));

    sgx_status_t retUnseal = sgx_unseal_data(&sealed_data_tmp, NULL, 0, priv_tmp, &decLen);

 

But it shows MAC_MISMATCH during the unsealing.

Can anyone help on this?

 

0 Kudos
3 Replies
Scott_R_Intel
Employee
179 Views

Hi Yudao.

You didn't show how tmpbuf nor sealed_data_tmp are allocated...  Are you sure they are large enough to hold the data?

Regards.

Scott

Tom__Jimmy
Beginner
179 Views

Hi,YuDao.Yan,  your problem is solve? 

I also encountered this problem, ask how to solve it.

Tom__Jimmy
Beginner
179 Views

Hi,Have you solved this problem, I also encountered this problem, ask how to solve it.

Reply