Community
cancel
Showing results for 
Search instead for 
Did you mean: 
AArya2
New Contributor I
128 Views

Retain Diffie-Hellman Secret Derived During Remote Attestation

Jump to solution

How can this be done in a minimally invasive way?

I want to write an enclave that generates a symmetric session key from the DH secret derived during RA to be used for secret provisioning, as is recommended in all SGX references.

I conjecture one has to override some of the callback functions fed to sgx_ra_proc_msg2. Is that true? If so, and if not, how would you recommend I should go about it?

0 Kudos
1 Solution
AArya2
New Contributor I
128 Views

After reading the SDK Developer's Reference a bit, I realized that sgx_ra_init_ex should be used instead of sgx_ra_init.

Using the former function you can provide a callback function that customizes key derivation from the shared DH secret.

View solution in original post

1 Reply
AArya2
New Contributor I
129 Views

After reading the SDK Developer's Reference a bit, I realized that sgx_ra_init_ex should be used instead of sgx_ra_init.

Using the former function you can provide a callback function that customizes key derivation from the shared DH secret.

View solution in original post

Reply