Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
New Contributor III
36 Views

What is the key format used by sgx_rsa3072_sign ?

Hi everyone:

I want to use the function sgx_rsa3072_sign and sgx_rsa3072_verify in my enclave, but how can I get a rsa key for these functions ?

I see the that key is defined as:

typedef struct _sgx_rsa3072_private_key_t
{
    uint8_t mod[SGX_RSA3072_KEY_SIZE];
    uint8_t exp[SGX_RSA3072_PRI_EXP_SIZE];
} sgx_rsa3072_private_key_t;

, but typically a rsa key seems like this:

RSAPrivateKey ::= SEQUENCE {
  version           Version,
  modulus           INTEGER,  -- n
  publicExponent    INTEGER,  -- e
  privateExponent   INTEGER,  -- d
  prime1            INTEGER,  -- p
  prime2            INTEGER,  -- q
  exponent1         INTEGER,  -- d mod (p-1)
  exponent2         INTEGER,  -- d mod (q-1)
  coefficient       INTEGER,  -- (inverse of q) mod p
  otherPrimeInfos   OtherPrimeInfos OPTIONAL
}

So I'm a little confused about this, any one who can tell me how to get a key that satisfied the request of 

sgx_rsa3072_private_key_t, 

thanks!

Regards 

you

 

 

0 Kudos
3 Replies
Highlighted
Employee
36 Views

Hi,

You can use openssl to Generate a 3072-bit RSA private key. Use the following command:

 openssl genrsa -out private_key.pem -3 3072

And more information is given in page 20 here

 

0 Kudos
Highlighted
New Contributor III
36 Views

Hi Anusha K:

Thanks. But I find that the length of modulus & privateExponent do not mach.

mod: 385

EXP: 384

So how can I use it ?

Kind regards

you

0 Kudos
Highlighted
New Contributor III
36 Views

Hi  Anusha

I find that the beginning Byte of mod is always 0x00, So is that means that I can use it from the second Byte? 

Thank you!

Regards

you

0 Kudos