i have a problem with Ecc-crypto. I generate a public key, signature etc. with a TPM. The TPM can verify that signature, and everything works fine. In SGX i cant verify this signature. So i checked the output of the sgx_ecc256_check_point command and its saying "not valid". Anyone a idea it is not valid or whats the main error sources in the case. I read the public key px and py from a file in the untrusted app and transfer it to the enclave. The TPM uses the exactly same x and y internally and it works. Also a sample code for the ECDSA commands would be helpful!
sgx_ecc256_check_point validates whether the input point is a valid point on the ECC curve for the given cryptographic system. sgx_ecc256_open_ context must be called to allocate and initialize the ECC context prior to making this call. The typical validation result is one of the two values:
- 1 - The input point is valid
- 0 – The input point is not valid
So your input point is not valid on the ECC curve for the given cryptographic system. For more information please check the user guide Page-251 in https://software.intel.com/sites/default/files/managed/b4/cf/Intel-SGX-SDK-Developer-Reference-for-W...
Yes, i know the docu :) Have solved the problem on my own. TPM, saves some data as little endian and some data als big endian. Have to convert to big endian in little because SGX whats little endian.
Selvaraj, Surenthar wrote:
I would suggest that check the endianness of the px and py retrieved from the TPM. The sgx_ecc256_check_point expects the inputs in little endian. If the TPM outputs as big endian, you need the byte order reversed
Yes, right. Now p_public, p_private, p_data are the right values. I can sign something with that structs as input and verify it as valid (with sgx commands). But i wanna verify the TPMs signature and not sgx-generated. The problem is: if i import that signature and put it to the verify function, i get SGX_EC_INVALID_SIGNATURE. So i think my import mechanism from my signature-file to the sgx_ec256_signature_t (x, y)-array is not correct. The difference between something like p_public (respectively sgx_ec256_public_t) and p_signature (resp. sgx_ec256_signature_t) is that x and y (gx gy) are uint32_t on the signature struct (on p_public unit8_t)
So my question is: i have i big-endian coded file, how can i import it correct to that uint32_t type?
Here is a code example for p_signature:
sgx_ec256_signature_t *p_signature = (sgx_ec256_signature_t *) malloc(sizeof(sgx_ec256_signature_t)); data = fopen("/home/xxxxxxxxxxxxx/signature-X-big-endian.txt", "rb"); fseek(data, 0, SEEK_SET); fread(signature.x, 32, 1, data); fclose(data); big_to_little_endian(signature.x) //32 bytes order reversed //same for signature.y..... //verify....