- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi folks!
TD;DR: can I generate the same key with sgx_get_key on different machines?
I've been trying out the PFS API's sgx_fopen for exporting a configuration file and later importing on a different machine but I don't think I quote understood cpu_svn and isv_svn... I tried generating a key without setting them with the following code and I got different keys on different machines, is it right? I'd really appreciate if anybody could point me in the right direction...
sgx_cpu_svn_t cpu_svn = {0}; sgx_isv_svn_t isv_svn = {0}; sgx_key_request_t request = { SGX_KEYSELECT_SEAL, SGX_KEYPOLICY_MRENCLAVE, isv_svn, 0, cpu_svn , NULL, 0, NULL, 0 }; sgx_status_t status = sgx_get_key(&request, key);
Thanks in advance,
Ricardo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Ricardo.
As mentioned in the post below, SGX keys are unique to each specific platform.
https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/705026
If you require sealing/unsealing data on multiple platforms, you would need to utilize SGX remote attestation to provision common sealing/unsealing keys securely to those platforms. For more info, see the white paper below:
Regards.
Scott
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Ricardo.
As mentioned in the post below, SGX keys are unique to each specific platform.
https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/705026
If you require sealing/unsealing data on multiple platforms, you would need to utilize SGX remote attestation to provision common sealing/unsealing keys securely to those platforms. For more info, see the white paper below:
Regards.
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you very much, Scott!
Ricardo
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page