问题描述
如何证明某些数据是在Enclave(Intel SGX)内部计算(或生成)的?
How to prove that certain data is calculated(or generated) inside Enclave(Intel SGX)?
我试图在安全区内生成非对称密钥对(私钥可能对外部不可见),并且
I tried to generate asymmetric key pair inside enclave(private key might be invisible to outside), and
然后使用证据(我想引用或与远程证明相关的东西)公开公钥.
then expose public key with evidence(i guess quote or remote attestation related things).
我了解了远程认证的进展情况,但是我无法提出将远程认证应用于验证飞地生成的数据的方法.
I got how remote attestation goes but, i cannot come up with applying remote attestation to verifying enclave-generated data.
英特尔SGX是否可能出现这种情况?
Is this possible scenario with Intel SGX?
推荐答案
您可以通过将公钥放置在报告证明期间生成的报价的report_data
字段中来证明公钥的起源.
You can prove the origin of the public key by placing it in the report_data
field of a Quote generated during report attestation.
_quote_t.report_data
可用于证明任意数据:
_quote_t.report_data
can be used to attest arbitrary data:
通过跟踪以下结构可以找到report_data
字段:
The report_data
field can be found by tracking the following structures:
typedef struct _ra_msg3_t {
sgx_mac_t mac
sgx_ec256_public_t g_a;
sgx_ps_sec_prop_desc_t ps_sec_prop;
uint8_t quote[]; // <- Here!
} sgx_ra_msg3_t;
typedef struct _quote_t
{
uint16_t version;
uint16_t sign_type;
sgx_epid_group_id_t epid_group_id;
sgx_isv_svn_t qe_svn;
sgx_isv_svn_t pce_svn;
uint32_t xeid;
sgx_basename_t basename;
sgx_report_body_t report_body; // <- Here!
uint32_t signature_len;
uint8_t signature[];
} sgx_quote_t;
报价是远程证明协议的Msg3(客户端到服务器)的一部分.您可以在此官方代码示例和 intel/sgx-ra-sample RA示例.
The Quote is part of the Msg3 (client-to-server) of remote attestation protocol. You can review the details of Msg3 creation in this official Code Sample and in the intel/sgx-ra-sample RA example.
在后者中,您可以找到如何使用sgx_create_report
生成报告:
In the latter, you can find out how the report is generated using sgx_create_report
:
sgx_status_t get_report(sgx_report_t *report, sgx_target_info_t *target_info)
{
#ifdef SGX_HW_SIM
return sgx_create_report(NULL, NULL, report);
#else
return sgx_create_report(target_info, NULL, report);
#endif
}
在两种情况下,第二个参数 sgx_report_data_t *report_data
是NULL
,可以用指向任意输入的指针替换.您要在此处放置公钥或任何其他数据.
In both cases, second argument sgx_report_data_t *report_data
is NULL
and can be replaced by pointer to arbitrary input. This is where you want to put your public key or any other data.
这篇关于如何证明某些数据是在Enclave(Intel SGX)内部计算(或生成)的?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!