- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am new in Intel SGX and doing an academic project. I built an app with performing random number from ecall. Now, I need to perform a simple attestation thus it proves i am using enclave (Intel SGX). How to perform it?
enclave { /*.edl file */
from "sgx_tstdc.edl" i
mport *; trusted { public void foo([out] int *a);
};
};
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Golam.
We have a full end-to-end remote attestation whitepaper as well its associated sample available on GitHub.
https://github.com/intel/sgx-ra-sample
Regards.
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Scott,
Thanks for reply. But, I don't need to perform Remote Attestation. I just need to proof that I am using SGX. Can you please give a link or sample code that might be like this (A solution having 3 enclaves. encalve 1 and enclave 2 perform that user is using SGX and enclave3 is what i given above). I am working in Windows OS.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi again Golam.
My apologies that I misunderstood.
If I understand correctly now, and looking at some of your other questions, I think you should take a look at the LocalAttestation sample project included with the SGX SDK. In it, there are three enclaves, each of which attest to each other and then make secure calls to each other.
Hope this helps.
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Scott R. As you suggested, I am looking at the local attestation example provided in the SDK.
AFAIK to verify 2 enclaves locally, one enclave needs to generate a report on itself and provide the same to the other enclave. The other enclaves derives a key by calling some API and only then it can decrypt the report and check if the other enclave is genuine. But in this example I dont see any code doing that. Could you please point out where exactly in the code is it being done? The only code which was related to verification of the enclave was this -
//Function that is used to verify the trust of the other enclave //Each enclave can have its own way verifying the peer enclave identity extern "C" uint32_t verify_peer_enclave_trust(sgx_dh_session_enclave_identity_t* peer_enclave_identity) { if(!peer_enclave_identity) { return INVALID_PARAMETER_ERROR; } if(peer_enclave_identity->isv_prod_id != 0 || !(peer_enclave_identity->attributes.flags & SGX_FLAGS_INITTED)) // || peer_enclave_identity->attributes.xfrm !=3)// || peer_enclave_identity->mr_signer != xx //TODO: To be hardcoded with values to check { return ENCLAVE_TRUST_ERROR; } else { return SUCCESS; } }
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Scott R. (Intel) wrote:Hi again Golam.
My apologies that I misunderstood.
If I understand correctly now, and looking at some of your other questions, I think you should take a look at the LocalAttestation sample project included with the SGX SDK. In it, there are three enclaves, each of which attest to each other and then make secure calls to each other.
Hope this helps.
Scott
Dear Scott, could you please reply to my query in the previous post. It would be of great help as I am stuck with this from quite a long time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Naveen.
In this particular local attestation example, that's the exact function you need to be looking at. See the TODO at the end of commented out line #10...
peer_enclave_identity->mr_signer != xx //TODO: To be hardcoded with values to check
Your MRSIGNER needs to be hardcoded in there... that's the main check.
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Scott R. (Intel) wrote:Hi Naveen.
In this particular local attestation example, that's the exact function you need to be looking at. See the TODO at the end of commented out line #10...
peer_enclave_identity->mr_signer != xx //TODO: To be hardcoded with values to check
Your MRSIGNER needs to be hardcoded in there... that's the main check.
Scott
Thank you for the reply Scott. In the section LOCAL ATTESTATION, in Intel SGX Developer's Guide, it is written that a report will be sent to the target enclave. Then the target enclave needs to call EGETKEY to derive a key and open the report. But I dont see any of this happening in the code :(. So I am a little bit confused.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Can anyone explain what following function doing?
status = marshal_input_parameters_e2_foo1(target_fn_id, msg_type, var1, var2, &minp, &minp_len);
if(status != SUCCESS)
{
return status;
}
std::map<sgx_enclave_id_t, dh_session_t>::iterator it = g_src_session_info_map.find(dest_enclave_id);
if(it != g_src_session_info_map.end())
{
dh = &it->second;
}
else
{
SAFE_FREE(minp);
return INVALID_SESSION;
}
status = send_request_receive_response(src_enclave_id, dest_enclave_id, dh, minp, minp_len, max_op_size, &op, &op_len);
if(status != SUCCESS)
{
SAFE_FREE(minp);
SAFE_FREE(op);
return status;
}
status = unmarshal_retval_and_output_parameters_e2_foo1(op, &retval);
if(status != SUCCESS)
{
SAFE_FREE(minp);
SAFE_FREE(op);
return status;
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Bashar,
The code is marshalling, i.e filling a structure with data, and sending it over to the other enclave. The other enclave processes the data and sends over the results. The results will then be unmarshalled and verified.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page