'SGX_UNEXPECTED_ERROR When encrypting with sgx_rsa_pub_encrypt
I am trying to use the tcrpyto API bundled with Intel SGX in order to generate Public/Private key pair and encrypt information with it. The public Key seems to be created correctly, by printing the information after exiting the enclave:
sgx_status_t init_RSA(void* rsa_pub, size_t key_size){
//Setup Pointers:
int n_size = RSA_KEY_SIZE;
int e_size = RSA_EXPONENT_SIZE;
unsigned char * p_n;
unsigned char * p_d;
unsigned char *p_p;
unsigned char *p_q;
unsigned char *p_dmp1;
unsigned char *p_dmq1;
unsigned char *p_iqmp;
p_n = (unsigned char*) malloc(n_size);
p_d = (unsigned char*) malloc(e_size);
uint8_t e[] = {0x01,0x00,0x01,0x00};
p_p = (unsigned char*)malloc(n_size);
p_q = (unsigned char*)malloc(n_size);
p_dmp1 = (unsigned char*)malloc(n_size);
p_dmq1 = (unsigned char*)malloc(n_size);
p_iqmp = (unsigned char*)malloc(n_size);
sgx_status_t rsa_status = SGX_SUCCESS;
//Function to create parameters;
rsa_status = sgx_create_rsa_key_pair(n_size,e_size,p_n,p_d,e,p_p,p_q,p_dmp1,p_dmq1,p_iqmp);
if(rsa_status != SGX_SUCCESS)
return rsa_status;
pub_key = (sgx_rsa3072_public_key_t*) malloc(sizeof(sgx_rsa3072_public_key_t));
//Store the generated values inside the structure:
memcpy(privateKey.d,p_d,n_size);
memcpy(privateKey.e,e,e_size);
memcpy(privateKey.mod,p_n,n_size);
memcpy(pub_key->exp,e,e_size);
memcpy(pub_key->mod,p_n,n_size);
//After creating the parameters, Keys need to be created;
//Private Key creation:
rsa_status = sgx_create_rsa_priv2_key(n_size,e_size,(unsigned char*)e,p_p,p_q,p_dmp1,p_dmq1,p_iqmp,&private_rsa);
if(rsa_status != SGX_SUCCESS)
return rsa_status;
//Public Key creation:
rsa_status = sgx_create_rsa_pub1_key(n_size,e_size,p_n, (unsigned char*)e, &public_rsa);
if(rsa_status != SGX_SUCCESS)
return rsa_status;
memcpy(rsa_pub,public_rsa,n_size);
free(p_n);
//free(p_d);
//free(p_p);
free(p_q);
free(p_dmp1);
free(p_dmq1);
free(p_iqmp);
return SGX_SUCCESS;
}
After creating these, I am attempting to create an AES key (Which the Enclave populates successfully) in order to encrypt it with the previously created public Key:
sgx_status_t get_symmetric_key(void *rsa_pub,size_t rsa_size, uint8_t *aes_key){
//Populate the key.
sgx_status_t ret = sgx_read_rand((unsigned char *)aes_key,SGX_AESGCM_KEY_SIZE);
size_t encryption_size = 0;
//Obtain Size of output:
ret = sgx_rsa_pub_encrypt_sha256(rsa_pub,NULL,&encryption_size,(unsigned char *) aes_key, SGX_AESGCM_KEY_SIZE);
uint8_t *out_data = (uint8_t*) malloc(encryption_size);
//Obtain the encryption:
ret = sgx_rsa_pub_encrypt_sha256(rsa_pub,out_data,&encryption_size, (const unsigned char*) aes_key,SGX_AESGCM_KEY_SIZE);
if(ret != SGX_SUCCESS)
return ret;
return SGX_SUCCESS;
}
However, both calls to the sgx_rsa_pub_encrypt function return a SGX_UNEXPECTED_ERROR, and I am at a loss as to why, the public Key seems to be ok, I have tried generating a new one right before encryption and the error persists, any idea as to why? Looking at the only available example of how to use this API, everything seems correct.
Thanks for your help
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|