- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good morning!I have a doubt about the way in which the application and then the enclave discover the public key of the service provider it wants to communicate with during the remote attestation process. In the white paper of the remote attestation sample it is both said that the function sgx_ra_init takes in input the public key of the SP and the same public key of the SP must be hardcoded inside the enclave. So my doubt is, when is this key provided to the application? Along with the challenge at the very beginning of the Remote attestaion process?
Thank you so much
Alessia
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Alessia.
Which white paper are you speaking of? If you look at the SGX End-to-End Remote Attestation Code Sample article and it's associated code (links below), you will see the SP key is hard coded in the enclave (search for def_service_public_key) just as you mention, and is ultimately passed into sgx_ra_init. I'm not sure I understand your exact question, so if the links below don't answer it, please feel free to reply.
https://github.com/intel/sgx-ra-sample
https://software.intel.com/en-us/sgx-sdk-dev-reference-sgx-ra-init
Regards.
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes! This is what I was talking about! So how it is possible that the key is hardcoded inside the enclave? Does each machine contains a list of public key that are injected at manufacturing time?
Thank you
Alessia
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi again.
The public key is simply compiled into the enclave, as it is in the SGX RA sample I gave. When you build the enclave that is going to use attestation, you must already know the SP you plan to use and therefore know/have access to their public key. You can't decide at runtime which SP you are going to use, if that's what you're thinking.
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What i cannot understand is how the enclave at the moment of its creation knows the public key of the SP that is going to talk with.
Please,
Alessia
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Apologies for the back and forth, but I'm still obviously not understanding your misunderstanding.
You, as the developer, have to decide ahead of enclave build time who your RA SP will be. Most (all?) enclave developers who use RA run their own SP service, and therefore coordinated the creation of the SP key pair before they built their enclaves that use RA. Even if you planned to use "SP as a service" from some other entity, you would need to get their public key before you built your enclave and statically compile it in such that it is measured/signed with the enclave and therefore cannot be changed.
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am starting to learn to figure out how SGX works and googling def_service_public_key leads me here.
My question is, who is the entity that holds the private key associated with that particular public key, 0x72, 0x12, 0x8a, 0x7a ....
Is it the Intel's production ra server, the test server, or nobody holds the private key and developers should replace the above mentioned public key accordingly. In another word, is that particular key just a placeholder, or is it something for real?
Another question I am more interested in is, can you show me the precise code spot where the enclave obtains its private key and then proceed to sign the report used for attestation? Is the code in the sgx driver, in application enclave code, or some where else? I need to find that spot of the code to understand the logical flow under the hood. Thanks.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page