- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I need to implement writing/retrieving of files to persistent storage. The files are sensitive in nature and has to be in encrypted form when saved. The files can also be big (can potentially be tens of MBs). I can think of two ways that this can be done:
1. use sgx_seal_data and then make an ocall to fopen/fwrite, or
2. use the protected file apis (sgx_fopen_auto_key, sgx_fwrite, etc).
Option #1 will have limitations on the file size that it can handle (i.e. limited by the enclave heap size, etc). How about option #2, will it have the same limitations? Which is a better option and what other issues should I consider?
Thanks.
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please take a look at the "limitation" and "non-objectives" section in this document at https://software.intel.com/sites/default/files/managed/76/8f/OverviewOfIntelProtectedFileSystemLibrary.pdf

- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page