Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Intel Community
- Software
- Software Development Technologies
- Intel® ISA Extensions
- Currently at this time we do
Option
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
gu_j_1
Beginner
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
12-23-2015
02:46 AM
185 Views
How to generate the SIGSTRUCT and EINITTOKEN for Intel SGX EINIT instruction?
To be specific, the Intel manual only says the ENCLAVEHASH in SIGSTRUCT is the hash of enclave which includes attributes and data. However, it does not mention more details.
Besides, the SIGNATURE in SIGSTRUCT is the signature over Header and Body. Does it mean that use a private key to sign the SIGSTRUCT's header and body together?
I want to construct an enclave in Linux. Thanks!
1 Solution
Simon_J_Intel
Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
12-23-2015
10:05 AM
185 Views
Currently at this time we do not support Linux. We will have more to say about that in 2016.
For reference the Software Developers Manual Ch.38 (http://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-... identifies the fields in SIGSTRUCT and EINITTOKEN that have integrity over them. The instruction references should also give you the order in which they're calculated over.
However, EINITTOKEN can only be produced by an Intel Signed Enclave (this is not yet available for Linux).
Link Copied
3 Replies
Simon_J_Intel
Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
12-23-2015
10:05 AM
186 Views
Currently at this time we do not support Linux. We will have more to say about that in 2016.
For reference the Software Developers Manual Ch.38 (http://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-... identifies the fields in SIGSTRUCT and EINITTOKEN that have integrity over them. The instruction references should also give you the order in which they're calculated over.
However, EINITTOKEN can only be produced by an Intel Signed Enclave (this is not yet available for Linux).
gu_j_1
Beginner
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
12-23-2015
05:21 PM
185 Views
Thank you!
So far, we can only generate a SIGSTRUCT using our own RSA key pair in Linux. Is this true?
Few days ago, Intel has published SGX SDK for windows. Is it possible that I can use the EINITTOKEN generated by windows SDK for Linux?
Simon_J_Intel
Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
01-04-2016
01:34 PM
185 Views
We have not designed the Enclaves that Intel provides to be Operating System agnostic; they are only validated for Windows. Building and using them in another OS is an unsupported configuration and we cannot predict the result.
Please also review the SGX SDK End-User Licensing Agreement for restrictions.
Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
For more complete information about compiler optimizations, see our Optimization Notice.