Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1485 Discussions

Sample Remote Attestation Code (sample_libcrypto.h) Query

Elephant
Beginner
1,011 Views

Hi,

I would like to clarify the sample_libcrypto.h header in the sample code for Remote Attestation.  Are the API's in that library working exactly the same as the ones in sgx_tcrypto library, e,g. sample_rijndael128GCM_encrypt the same as sgx_rijndael128GCM_encrypt?  The endianness of the API's are expected the same? The point is, can I put the functions that use sample_libcrypto.h inside an enclave and change the references to sample_XXX APIs to sgx_XXX?  Would there be issues in that?

Thanks a lot!

Kind Regards,
Elephant

 

0 Kudos
2 Replies
Francisco_C_Intel
1,011 Views

Please do NOT use the sample lib crypto in production code. Please see:

https://github.com/01org/linux-sgx/blob/master/sdk/sample_libcrypto/sample_libcrypto.cpp

And "find" __do_get_rand32 before deciding whether this is a suitable library for production.

0 Kudos
Elephant
Beginner
1,011 Views

Hi Francisco,

Thanks for taking time to answer my question.  I know that sample lib crypto is not meant for production, that's why I was asking if I can do all the work inside an enclave and use the SGX crypto API's instead of using the sample lib crypto.  I wanted to know if sample_xxxx_xxxx API's map directly with sgx_xxxx_xxxx API's.

Thanks a lot!

Kind Regards,
Elephant

0 Kudos
Reply