Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

IPPAESInit in Enclave

Maan_Haj_Rachid
Beginner
‎11-15-2017 01:25 AM
429 Views

Hi,

I am just wondering if IPPAESInit works the same way in the enclave (compiled with sgx_tcrypto) as with the traditional IPP library? I am using this function to initialize the context pointer in order to do AES-CBC encryption (using ippsAESEncryptCBC). Both Enclave and the client program share a key. It seems it is not working properly on the enclave side.

I tried to print the content of the pCtx as an integer in both sides. On the client side (traditional IPP), it gives me a long integer (which is reasonable) and on the enclave it is giving me always 0. I am suspecting that it is not working properly. 

I tried to set the key again using  ippsAESSetKey, but pCtx (context)  is still giving 0.

The project is compiled successfully and IPPAESInit is returning ippStsNoErr on both sides. This is a linux project.

Thank you

Maan

 

0 Kudos

Link Copied

1 Reply
Maan_Haj_Rachid
Beginner
‎11-21-2017 03:43 AM
429 Views

There is nothing wrong with the IPPAESInit function inside and outside the enclave. If you have a problem like mine, please make sure that you don't by accident, for any reason, change the encrypted buffer when passed to the enclave (like my situation). It is working fine. 

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.