I am trying to modify the Platform Service Enclave (PSE) code inside the Platform Software (PSW) of Linux SDK.

I noticed that the compilation process of intel SGX linux SDK and PSW does not compile the individual source code of architectural enclaves (AE) like pse, le, qe etc. Instead the makefile downloads prebuilt binaries signed by Intel and copy them to the "/opt/intel/psw" path upon installation.

When I tried to compile the code changes using "USE_OPT_LIBS = 0" option, it still did not compile the AEs source code at "psw/ae/..". So I manually changed the makefiles such that that it no longer looks for prebuilt binaries for AEs, instead it compiles the source code of AEs at "psw/ae" path and install the generated binaries to /opt/intel. I only made changes to "psw/ae/pse/pse_op" enclave, compiled and made sure that the generated binary (pse_op.so file) is actually installed. But when I tried to run a very simple API like "sgx_create_pse_session", which makes use of pse_op AE, it failed with the error code (0x4001) which is SGX_ERROR_SERVICE_UNAVAILABLE (aesm didn't respond or the requested service is not supported). I know for sure that the service is supported, so I am assuming that aesm didn't respond to the request. What I am assuming that my generated binary (pse_op.so) was not signed by Intel, hence aesm is rejecting it. Correct me if I am wrong in my analysis. Kindly guide me if it is possible to,

1. change an AE code like pse_op code, and test it? If so, what changes do we have to make so that aesm does not reject it. Can we sign our modified AE code by own key and then make the aesm accept it for development purposes?

2. If we can make changes to code for an AE (pse_op in my  case), and compile it but cannot test it, what is the point of having the code and its makefile in Linux SDK?

I really need this for my development and testing, and looking forward to a response from the Intel community.