- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
According to the developers reference,
P.23
the private key scheme for Enclave signing seems to be RSA 3072bit publicExponent=3. Are these algorithms and parameters specified in the SGX protocol?
For example, is it possible to specify a key algorithm other than RSA, bit, and publicExpornent value?
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Toshi_O,
Thanks for reaching out to us.
For your information, the example in Developer Reference Page 23 is based on OpenSSL. Referring to OpenSSL genrsa, the public exponent to use is either 65537 or 3. The default is 65537. We encourage you to try out specific use cases with your public or private exponent available.
On another note, if you would like to use another type of key algorithm, you can try the 265 bit ECC key which is equivalent to a 3072-bit RSA key, however the examples given in the Developer Reference only works in RSA key. Let us know if 265 bit ECC key is working for you
Regards,
Wan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Toshi_O,
Thanks for your information.
Let me check with the relevant team and I'll update here as soon as possible.
Regards,
Wan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Toshi_O,
Thanks for your patience. We've discussed with the development team.
According to the reference as shown below, there is only one allowed enclave signing key format: RSA 3072-bit key with a public exponent of 3.
On another note, regarding the license, we have forwarded your request to the Intel SGX team and they will contact you shortly via email.
Regards,
Wan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks.
I understand about the schema of keys available for signatures.
I appreciate your support.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Toshi_O,
Just wanted to follow up to ensure you have been contacted by our SGX team via email.
Regards,
Wan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Toshi_O,
Thanks for your question.
If you need any additional information from Intel, please submit a new question as this thread will no longer be monitored.
Regards,
Wan
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page