I'm trying to implement a key agreement between sgx enclave and golang client.
enclave logic
golang logic
I have noticed that in enclave gx and gy are little endian and in golang crypto/elliptic X, Y are big.Int in big endian form.
I have change gx, gy from small endian to little endian. And golang library provide an interface to reports whether the given (x,y) lies on the curve.
func (curve *CurveParams) IsOnCurve(x, y *big.Int) bool {
74 // y² = x³ - 3x + b
75 y2 := new(big.Int).Mul(y, y)
76 y2.Mod(y2, curve.P)
77
78 return curve.polynomial(x).Cmp(y2) == 0
79 }
And it seems that gx, gy from enclave lies on curve generate by golang.
But shared key computed by them is different, so is there an interface in linux sgx sdk to check if remote x,y is on it's curve ? Or does anyone have tried to implement a key agreement in different languages.
I have found what I want.
sgx_ecc256_check_point
This function can check remote point x, y are on local curve system.
By the way, sgx_ecc256_open_context choose this curve by default.
For golang client, select the corresponding curve parameters.(But notice big and litter endian in golang and sgx)
Just read souce code here.
https://github.com/intel/linux-sgx/blob/master/sdk/tlibcrypto/sgxssl/sgx_ecc256.cpp
Link Copied
I have found what I want.
sgx_ecc256_check_point
This function can check remote point x, y are on local curve system.
By the way, sgx_ecc256_open_context choose this curve by default.
For golang client, select the corresponding curve parameters.(But notice big and litter endian in golang and sgx)
Just read souce code here.
https://github.com/intel/linux-sgx/blob/master/sdk/tlibcrypto/sgxssl/sgx_ecc256.cpp
