Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1452 Discussions

A problem about the sgx_sign key

pp__monkeyking
Beginner
‎03-03-2020 12:59 AM
596 Views

A problem about the sgx_sign key:

     we can use sgx sign tool (sgx_sign) to sign a sgx enclave.so to an enclave.signed.so by a asymmetric key:

     E.g "sgx_sign sign -key enclave_private.pem -enclave enclave1.so -out enclave1.signed.so -config config1.xml";

     but,  the asymmetric key must be a 3072 bites's RSA key ???

     Can I use one 2048 bites's RSA key to sign the encalve?

     or, Can I use one ECDSA(curve secp256k1) key to sign the encalve?

 

Thans you very mach for you replying.

    

0 Kudos

Link Copied

1 Reply
JesusG_Intel
Moderator
‎03-03-2020 03:38 PM
596 Views

Hello Monkeyking,

The PEM key file must be an RSA 3072-bit key with exponent 3.

Regards,

Jesus

Intel Customer Support

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.