Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.
1301 Discussions

How do I fill in the sgx_rsa3072_key_t and sgx_rsa3072_public_key correctly?

lap
Beginner
531 Views

I generated a pair of RSA 3072 public and private keys with OpenSSL. Now I read them into my program through the API and save them in RSA. Then I passed BN_ bn2bin() converts e, d and mod of RSA to uint8_ t array and fill it into e,d and mod of sgx_ rsa3072_ key_ t , then I signed and verified a piece of data, but I didn't pass the verification. Is there a problem with my filling method?

This is a part of my code :

   RSA *openssl_pubkey,*openssl_prikey;
    openssl_pubkey=arpv2_init_RSA_public_key_file("./Resource/rsa3072_public.pem");
    openssl_prikey=arpv2_init_RSA_private_key_file("./Resource/rsa3072_private.pem");
    sgx_rsa3072_key_t sgx_prikey,*p_sgx_prikey;
    sgx_rsa3072_public_key_t sgx_pubkey,*p_sgx_pubkey;
    p_sgx_prikey = &sgx_prikey;
    p_sgx_pubkey = &sgx_pubkey;

    int len_n = BN_bn2bin(openssl_pubkey->n,sgx_pubkey.mod);
    int len_e = BN_bn2bin(openssl_pubkey->e,sgx_pubkey.exp);
    int len_d = BN_bn2bin(openssl_prikey->d,sgx_prikey.d);
    BN_bn2bin(openssl_prikey->e,sgx_prikey.e);
    BN_bn2bin(openssl_prikey->n,sgx_prikey.mod);

    reverse_str(384,sgx_pubkey.mod);
    reverse_str(4,sgx_pubkey.exp);
    reverse_str(384,sgx_prikey.mod);
    reverse_str(384,sgx_prikey.d);
    reverse_str(4,sgx_prikey.e);

void reverse_str(int len,uint8_t *str)
{
    uint8_t tmp;
    for(int i=0;i<len/2;i++)
    {
        tmp = str[i];
        str[i] = str[len-i-1];
        str[len-i-1] = tmp;
    }
}

 How can I correctly write this part of code?

Labels (2)
0 Kudos
1 Solution
lap
Beginner
475 Views

Hi JesusG_Intel

I have already solve my problem, thank you for your concern.

Sincerely,

lap

View solution in original post

3 Replies
JesusG_Intel
Moderator
501 Views

Hello lap,

 

Show us how you use the rest of the API to sign and verify the data with sgx_status_t sgx_rsa3072_sign and 
 sgx_status_t sgx_rsa3072_verify, and the error code or result you receive.

 

Sincerely,

Jesus G.

Intel Customer Support

 

 

lap
Beginner
476 Views

Hi JesusG_Intel

I have already solve my problem, thank you for your concern.

Sincerely,

lap

JesusG_Intel
Moderator
457 Views

This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


Reply