Community
cancel
Showing results for 
Search instead for 
Did you mean: 
jamason
Beginner
181 Views

How does an enclave get its own MRENCLAVE

Jump to solution

the intel sgx devleopper guide mentions that there are two methods the application can use to retrieve the MRENCLAVE meas-urement for the enclave, either:

1)The application B retrieves the MRENCLAVE value from the enclave certificate for enclave B.

2) Enclave B supports an interface to export this value which is retrieved by creating a report with a random MRENCLAVE target measurement.

my question is concerning the second method. if enclave B makes an EREPORT call with a random MRENCLAVE as a target measuremnent, what would be in the return value that would allow it to know its own MRENCLAVE.

this also brings me to another question, which is: if any enclave on a platform is allowed to call the EREPORT with any target MRENCLAVE value, isnt that already more data leaked that would be desired. wouldnt it be a form of prompting the platform to confirm/deny the presence of a certain enclave?

 

Thank you

0 Kudos
1 Solution
Juan_d_Intel
Employee
181 Views

In an enclave calls EREPORT with a random MRENCLAVE in the TARGETINFO structure, the REPORT structure will contain such MRENCLAVE. However, this REPORT will be useless.

In addition, calling EREPORT with a random MRENCLAVE doesn't mean that an enclave with such measurement is running on the platform at all.

View solution in original post

1 Reply
Juan_d_Intel
Employee
182 Views

In an enclave calls EREPORT with a random MRENCLAVE in the TARGETINFO structure, the REPORT structure will contain such MRENCLAVE. However, this REPORT will be useless.

In addition, calling EREPORT with a random MRENCLAVE doesn't mean that an enclave with such measurement is running on the platform at all.

View solution in original post

Reply