Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1481 Discussions

What do I need to do to be able to run the example code in release mode? How do I get a key that is white listed?

Ofir_W_
Beginner
2,476 Views

Hello,

I downloaded the SDK, and I'm trying to make the SampleEnclave example run in a real, non debug enclave.

I am building by using the command:

make SGX_MODE=HW

At the and of the build I get the message:

"""       .......

LINK =>  enclave.so

The project has been built in release hardware mode.Please sign the enclave.so first with your signing key before you run the app to launch and access the enclave. To sign the enclave use the command:

   /opt/intel/sgxsdk/bin/x64/sgx_sign sign -key <your key> -enclave enclave.so -out <enclave.signed.so> -config Enclave/Enclave.config.xml

You can also sign the enclave using an external signing tool. See User's Guide for more details. To build the project in simulation mode set SGX_MODE=SIM. To build the project in prerelease mode set SGX_PRERELEASE=1 and SGX_MODE=HW """

So I create a private key by running

openssl genrsa -out private_key.pem -3 3072

And then I signed the enclave:

$ /opt/intel/sgxsdk/bin/x64/sgx_sign sign -key private_key.pem -enclave enclave.so -out enclave.signed.so -config Enclave/Enclave.config.xml

<!-- Please refer to User's Guide for the explanation of each field -->

<EnclaveConfiguration>

    <ProdID>0</ProdID>

    <ISVSVN>0</ISVSVN>

    <StackMaxSize>0x40000</StackMaxSize>

    <HeapMaxSize>0x100000</HeapMaxSize>

    <TCSNum>10</TCSNum>

    <TCSPolicy>1</TCSPolicy>

    <DisableDebug>0</DisableDebug>

    <MiscSelect>0</MiscSelect>

    <MiscMask>0xFFFFFFFF</MiscMask>

</EnclaveConfiguration>

Succeed.

When I run the enclave I get: "Error: Unexpected error occurred." .Digging into it I figured that the error code is 0x4004 which is SGX_ERROR_SERVICE_INVALID_PRIVILEGE. Digging a bit more, reveals that my sigining key is not in the white list of the launch enclave. Which makes sense. This is also written in the SDK documentation for linux, page 11, under "Enclave Project Configuration", stating that when compiling in release mode

"Two-step method is the default signing method for the Release configuration. The enclave needs to be signed with a white-listed key." 

My question is: What do I need to do to be able to run the example in release mode? How do I get a key that is white listed?

 

Thanks for the help!

Ofir

0 Kudos
1 Solution
Surenthar_S_Intel
2,476 Views

Hi,

Enclave Signing Key Management:
2-step method using an external signing tool:
First step: At the end of the enclave build process, the signing tool generates the enclave signing material. The ISV takes the enclave signing material file to an external signing platform/facility where the private key is stored, signs the signing material file, and takes the resulting signature file back to the build platform.

Second step: The ISV runs the signing tool with the catsig command providing the necessary information at the command line to add the hash of the public key and signature to the enclave’s metadata section.

The 2-step signing process protects the signing key in a separate facility. Thus it is the default signing method for the Intel SGX project release profile. This means it is the only method for signing production enclave applications.

Enclave Signing Example:
Two-step signing process:
Signing an enclave using a private key stored in an HSM, for instance:
1. Generate the enclave signing material.
sgx_sign gendata -enclave enclave.so -config config.xml -out enclave_hash.hex

2. At the signing facility, sign the file containing the enclave signing material (enclave_hash.hex) and take the resulting signature file (signature.hex) back to the build platform.

3. Sign the enclave using the signature file and public key.
sgx_sign catsig -enclave enclave.so -config config.xml -out enclave_signed.so -key public.pem -sig signature.hex -unsigned enclave_hash.hex

Currently the evaluation SDK allows the developer to create and run enclaves using the Debug and Pre-release profiles. Enclaves compiled under the Release profile will not work until the developer completes the production licensing process. If you would like to deliver a production-quality application using SGX, please contact the SGX Program<sgx_program@intel.com> for more information about a production license.

-Surenthar

View solution in original post

0 Kudos
9 Replies
Surenthar_S_Intel
2,477 Views

Hi,

Enclave Signing Key Management:
2-step method using an external signing tool:
First step: At the end of the enclave build process, the signing tool generates the enclave signing material. The ISV takes the enclave signing material file to an external signing platform/facility where the private key is stored, signs the signing material file, and takes the resulting signature file back to the build platform.

Second step: The ISV runs the signing tool with the catsig command providing the necessary information at the command line to add the hash of the public key and signature to the enclave’s metadata section.

The 2-step signing process protects the signing key in a separate facility. Thus it is the default signing method for the Intel SGX project release profile. This means it is the only method for signing production enclave applications.

Enclave Signing Example:
Two-step signing process:
Signing an enclave using a private key stored in an HSM, for instance:
1. Generate the enclave signing material.
sgx_sign gendata -enclave enclave.so -config config.xml -out enclave_hash.hex

2. At the signing facility, sign the file containing the enclave signing material (enclave_hash.hex) and take the resulting signature file (signature.hex) back to the build platform.

3. Sign the enclave using the signature file and public key.
sgx_sign catsig -enclave enclave.so -config config.xml -out enclave_signed.so -key public.pem -sig signature.hex -unsigned enclave_hash.hex

Currently the evaluation SDK allows the developer to create and run enclaves using the Debug and Pre-release profiles. Enclaves compiled under the Release profile will not work until the developer completes the production licensing process. If you would like to deliver a production-quality application using SGX, please contact the SGX Program<sgx_program@intel.com> for more information about a production license.

-Surenthar

0 Kudos
Ofir_W_
Beginner
2,476 Views

Thank you for your reply Surenthar! It was very helpful.

I sent an email to sgx_program@intel.com a week ago, and haven't heard back. How many business days does it typically take to get a response?

Is there other email/website I should contact in order to get information on how to complete the production licensing process?

Thanks!

Ofir

0 Kudos
Esmond_L_
Beginner
2,476 Views

Hi Surenthar,

Can you please explain what you mean by "signing facility"? Is that something provided by Intel or something we have to manage?

Thanks,

Esmond

0 Kudos
Surenthar_S_Intel
2,476 Views

Signing facility/platform means, where the private key is stored platform (Given by Intel while getting the release mode License)

0 Kudos
Esmond_L_
Beginner
2,476 Views

Thanks for the clarification. To confirm, the key used to sign our code (for Release) is given to us by Intel after we sign up for the license. Is this a one time request for our SGX application? (e.g. can we use this key for other SGX enabled applications/enclaves)

Also, I read that this key must be stored securely in an HSM? Does that have to be a particular off the shelf device, or can it be any piece of hardware that we develop in house that stores the key?

0 Kudos
Surenthar_S_Intel
2,476 Views
0 Kudos
Garg__Shivam
Beginner
2,476 Views

Selvaraj, Surenthar (Intel) wrote:

Signing facility/platform means, where the private key is stored platform (Given by Intel while getting the release mode License)

Hi Surenthar,

Can you help me to understand how Intel will share the private key to me(for Release mode).

Ideally private key should be generated by owner and Intel should Signed that key with his key.

 

Thanks
Shivam

 

 

0 Kudos
murari__augustine
2,476 Views

Garg, Shivam wrote:

Quote:

Selvaraj, Surenthar (Intel) wrote:

 

Signing facility/platform means, where the private key is stored platform (Given by Intel while getting the release mode License)

 

 

Hi Surenthar,

Can you help me to understand how Intel will share the private key to me(for Release mode).

Ideally private key should be generated by owner and Intel should Signed that key with his key.

 

Thanks
Shivam

 

 

I agree with Grig. Maybe the enclave signing key is indeed generated by service providers. We are planning to apply for a commercial license; I guess it's the only way to know.

0 Kudos
Scott_R_Intel
Employee
2,476 Views

Hello all.

The enclave creator is the one that creates/stores the enclave signing keys, usually in a secure HSM.  MRSIGNER, which is a hash of the signer's public key, is one of the things shared with Intel during the commercial license application process and what is ultimately added to Intel's Launch Policy List.

More info can be found at this link:  https://software.intel.com/en-us/sgx/request-license

Regards.

Scott

0 Kudos
Reply