Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1452 Discussions

Linux SDK does not export all crypto functionality

Urs_M_
Beginner
‎12-12-2016 10:57 PM
409 Views

Hey folks,

the cryptography functionality offered in the Linux SDK seems quite limited. Sadly, a lot of functionality available in the source code is not exported by the SDK. Another post (see https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/699503) mentions IPP. I do not really want to use it, however. Is there a way to compile the Linux SDK such that more functionality is exported?

0 Kudos

Link Copied

2 Replies
barratt__samathy
Beginner
‎12-19-2016 08:09 AM
409 Views

Hiya,

I'm working with the same issues here at a non-Intel company - utilising the lower level Diffie-Hellman key exchange functions in the SGX SDK is challenging to say the least, due to lacking documentation.
I've managed to get fairly far by reading the SDK source from the Github page and working out the API from there.

From my own research into the Linux SDK, I havent managed to find anything that looks like the IPP Crypto API.
There is /some/ of the same functionality, but the functions and data structures are named totally different things, with different parametres, and sizes.

I'd also be very intrested in seeing the answer too - would love to see the full crypto functionality offered with better docs & examples.

 

Samathy.

0 Kudos
Copy link
Juan_d_Intel
Employee
‎01-09-2017 01:13 PM
408 Views

I didn't answer before because Urs seems to be looking for an alternative to IPP crypto, which isn't available at this point.

Samathy, the Linux SDK includes the full IPP crypto API, however it's not exposed directly, i.e. you won't find the IPP crypto header files anywhere. The post mentioned above explains how to expose the IPP crypto API, for which you basically need the header files.

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.