Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

sgx_ecc256_check_point - not valid

Joe63
Beginner
‎01-23-2017 04:41 AM
611 Views

Hey,

i have a problem with Ecc-crypto. I generate a public key, signature etc. with a TPM. The TPM can verify that signature, and everything works fine. In SGX i cant verify this signature. So i checked the output of the sgx_ecc256_check_point command and its saying "not valid". Anyone a idea it is not valid or whats the main error sources in the case. I read the public key px and py from a file in the untrusted app and transfer it to the enclave. The TPM uses the exactly same x and y internally and it works. Also a sample code for the ECDSA commands would be helpful!

 

Thanks

0 Kudos

Link Copied

4 Replies
Surenthar_S_Intel
Employee
‎01-23-2017 10:03 PM
611 Views

Hi,

sgx_ecc256_check_point validates whether the input point is a valid point on the ECC curve for the given cryptographic system. sgx_ecc256_open_ context must be called to allocate and initialize the ECC context prior to making this call. The typical validation result is one of the two values:

  • 1 - The input point is valid
  • 0 – The input point is not valid

So your input point is not valid on the ECC curve for the given cryptographic system. For more information please check the user guide Page-251 in https://software.intel.com/sites/default/files/managed/b4/cf/Intel-SGX-SDK-Developer-Reference-for-Windows-OS.pdf

-Surenthar

0 Kudos
Copy link
Joe63
Beginner
‎01-24-2017 12:59 AM
611 Views

Yes, i know the docu :) Have solved the problem on my own. TPM, saves some data as little endian and some data als big endian. Have to convert to big endian in little because SGX whats little endian.

0 Kudos
Copy link
Surenthar_S_Intel
Employee
‎01-25-2017 01:51 AM
611 Views

Hi,

I would suggest that check the endianness of the px and py retrieved from the TPM.  The sgx_ecc256_check_point expects the inputs in little endian.  If the TPM outputs as big endian, you need the byte order reversed:

 

    /** Checks whether the input point is a valid point on the given elliptic curve.

  • Parameters:

  • Return: sgx_status_t - SGX_SUCCESS or failure as defined sgx_error.h

  • Inputs: sgx_ecc_state_handle_t ecc_handle - Handle to ECC crypto system

  •          sgx_ec256_public_t *p_point - Pointer to perform validity check on - LITTLE ENDIAN

  • Output: int *p_valid - Return 0 if the point is an invalid point on ECC curve

     */

-Surenthar

0 Kudos
Copy link
Joe63
Beginner
‎01-26-2017 04:38 PM
611 Views

Selvaraj, Surenthar wrote:

Hi,

I would suggest that check the endianness of the px and py retrieved from the TPM.  The sgx_ecc256_check_point expects the inputs in little endian.  If the TPM outputs as big endian, you need the byte order reversed

 

Yes, right. Now p_public, p_private, p_data are the right values. I can sign something with that structs as input and verify it as valid (with sgx commands). But i wanna verify the TPMs signature and not sgx-generated. The problem is: if i import that signature and put it to the verify function, i get SGX_EC_INVALID_SIGNATURE. So i think my import mechanism from my signature-file to the sgx_ec256_signature_t (x, y)-array is not correct. The difference between something like p_public (respectively sgx_ec256_public_t) and p_signature (resp. sgx_ec256_signature_t) is that x and y (gx gy) are uint32_t on the signature struct (on p_public unit8_t)

 

 

So my question is: i have i big-endian coded file, how can i import it correct to that uint32_t type?

Here is a code example for p_signature:

sgx_ec256_signature_t *p_signature = (sgx_ec256_signature_t *) malloc(sizeof(sgx_ec256_signature_t));
data = fopen("/home/xxxxxxxxxxxxx/signature-X-big-endian.txt", "rb");
fseek(data, 0, SEEK_SET);
fread(signature.x, 32, 1, data);
fclose(data);

big_to_little_endian(signature.x) //32 bytes order reversed

//same for signature.y.....

//verify....

 

 

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.