Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Trusted Platform Service Functions need network connection?

peter_c_1
Beginner
‎08-15-2017 11:29 PM
764 Views

Hi,

In SGX Developer reference, it mentions "To run these functions in the hardware mode, you need to access to Internet. Configure the system network proxy settings if needed." I build the enclave into debug mode or prerelease mode, both can work without internet connection.

Can you confirm it really enforce to use network connection? if yes, it means SGX can't support offline mode, right?

If it needs network connection? which url and port are used for intel trusted platform service?

Thanks,

Peter

 

 

0 Kudos

Link Copied

2 Replies
Hoang_N_Intel
Employee
‎09-27-2017 11:04 PM
764 Views

If you run the SGX Functional Validation Tool on Windows, it shows you why some of the functions that it needs internet connection.

If you don't plan to work with EPID key provisioning and remote attestation, your application should be working fine in offline mode.

The proxy setting for your application will be same as the browser's. It is the standard HTTPS protocol.

 

SGXFunctionalValidationTool.exe /?

Intel(R) Software Guard Extensions Functional Validation Tool Version 0.7.2.0

Usage: SGXFunctionalValidationTool.exe [OPTION]

Example: SGXFunctionalValidationTool.exe /l

Options:
  /l                  - log output to the file "SgxFunctionalValidationToolOutput.txt" instead of the screen.
  /v                  - verbose output
  /svn filename       - read SVN test values from "filename"
  /prov_epid          - tries to EPID provision the platform.  (Internet/network connectivity required)
  /prov_pse           - tries to provision the PSE.  (Also EPID provisions the platform.  Internet/network connectivity required)
  /skip_data_wipe     - Skips deletion of the SGX data (provision data blobs, etc.) from the SGX "ProgramData" folder
  /final_keystroke    - requires enter to be pressed before exiting the program (for backward compatibility)
  /skip_power_tests   - skips all power S-state tests (S3, S4 and S5 tests)
  /skip_s3            - skip S3 test
  /skip_s4            - skip S4 test
  /skip_s5_reboot     - skip S5 reboot test
  /skip_s5_shutdown   - skip S5 shutdown test
  /be                 - if EPID provisioning fails with SGX_ERROR_UNEXPECTED, will switch backend servers (prod or pre-prod)
  /?                  - show command help
  /h                  - show command help
  /help               - show command help

 

 

0 Kudos
Copy link
Francisco_C_Intel
Employee
‎10-02-2017 07:30 AM
764 Views

We recently posted

"Trusted Time and Monotonic Counters with Intel® Software Guard Extensions Platform Services" to the resource library: https://software.intel.com/en-us/sgx/resource-library

Please see

https://software.intel.com/sites/default/files/managed/1b/a2/Intel-SGX-Platform-Services.pdf

for more details.

Thanks

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.