Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

A problem about the sgx_sign key

pp__monkeyking
Beginner
251 Views

A problem about the sgx_sign key:

     we can use sgx sign tool (sgx_sign) to sign a sgx enclave.so to an enclave.signed.so by a asymmetric key:

     E.g "sgx_sign sign -key enclave_private.pem -enclave enclave1.so -out enclave1.signed.so -config config1.xml";

     but,  the asymmetric key must be a 3072 bites's RSA key ???

     Can I use one 2048 bites's RSA key to sign the encalve?

     or, Can I use one ECDSA(curve secp256k1) key to sign the encalve?

 

Thans you very mach for you replying.

    

0 Kudos
1 Reply
JesusG_Intel
Moderator
251 Views

Hello Monkeyking,

The PEM key file must be an RSA 3072-bit key with exponent 3.

Regards,

Jesus

Intel Customer Support

Reply