Good evening, I am building a java project in which it communicates with an Intel SGX Enclave via JNI, and sees information it sends sealed by the enclave.
However, decrypting information returns information I cannot understand, and at this point, I believe it to be due to size differences,but I dont exactly understand it.
So, I know that Sizeof(char*)
is equivalent to 1 byte, just like sizeof(jbyte)
. However, sizeof(jchar)
is equivalent to 2 bytes.
After acquiring this knowledge, I decided to implement the Sealing (Or encryption) function by having it take a JByteArray in order to circumvent this problem. Should this byte[] be given in UTF-8 or UTF-16? Does it affect the function overall?
Here is an example of what I do:
JNIEXPORT jbyteArray JNICALL Java_sgxUtils_SgxFunctions_jni_1sgx_1seal_1info
(JNIEnv * env, jobject, jbyteArray jArray){
//Create a char* from the given byte array.
jbyte *b = env->GetByteArrayElements(jArray,NULL);
int StringSize = env->GetArrayLength(jArray);
char* c = (char*)malloc(sizeof(char) * StringSize);
memcpy(c,b,StringSize);
//Calculate the size of the encryption.
size_t sealed_size = sizeof(sgx_sealed_data_t) + StringSize;
//Create a uint8_t pointer to store the sealed information
uint8_t* sealed_data = (uint8_t*)malloc(sealed_size);
sgx_status_t ecall_status; //Store the status of the ecall.
seal(global_eid, &ecall_status,(uint8_t*)&c,StringSize, sgx_sealed_data_t*)sealed_data,sealed_size);
//Produce the jbyteArray to return:
jbyte* jresult = (jbyte*)calloc(sizeof(jbyte),sealed_size);
for(int i = 0 ; i < sealed_size ;i++){
jresult[i] = (jbyte)sealed_data[i];
}
jbyteArray jArray2 = env->NewByteArray(sealed_size+1);
env->SetByteArrayRegion(jArray2,0,sealed_size,jresult);
return jArray2;
Does using uint8_t affect the sealing? I am at a loss of what it might be. The way I receive this byte[] in java is as follows:
byte[] c = sgx.jni_sgx_seal_info("toEncrypt".getBytes(Charset.forName("UTF-8")));
String sealed = new String(c,StandardCharsets.UTF_8);
Does anyone know what could be affecting this? The output after unsealing (decryption) currently stands as �|(�
You can't convert random bytes (such as produced by encryption) into UTF-8
(or many multi-byte encodings, 8-bit single byte encodings are fine). The String will most likely become corrupted, as there are byte sequences describing illegal characters, they will be replaced with 0xFFFE
or �
i.e. he unicode replacement character.
So you will need to keep the byte[]
around and not convert that to a String until you've decrypted the byte array, not a String.