- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the intel sgx devleopper guide mentions that there are two methods the application can use to retrieve the MRENCLAVE meas-urement for the enclave, either:
1)The application B retrieves the MRENCLAVE value from the enclave certificate for enclave B.
2) Enclave B supports an interface to export this value which is retrieved by creating a report with a random MRENCLAVE target measurement.
my question is concerning the second method. if enclave B makes an EREPORT call with a random MRENCLAVE as a target measuremnent, what would be in the return value that would allow it to know its own MRENCLAVE.
this also brings me to another question, which is: if any enclave on a platform is allowed to call the EREPORT with any target MRENCLAVE value, isnt that already more data leaked that would be desired. wouldnt it be a form of prompting the platform to confirm/deny the presence of a certain enclave?
Thank you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In an enclave calls EREPORT with a random MRENCLAVE in the TARGETINFO structure, the REPORT structure will contain such MRENCLAVE. However, this REPORT will be useless.
In addition, calling EREPORT with a random MRENCLAVE doesn't mean that an enclave with such measurement is running on the platform at all.
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In an enclave calls EREPORT with a random MRENCLAVE in the TARGETINFO structure, the REPORT structure will contain such MRENCLAVE. However, this REPORT will be useless.
In addition, calling EREPORT with a random MRENCLAVE doesn't mean that an enclave with such measurement is running on the platform at all.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page