Community
cancel
Showing results for 
Search instead for 
Did you mean: 
gu_j_1
Beginner
166 Views

Is it possible to get debug launch key using Intel SGX windows sdk

Jump to solution

EGETKEY instruction can be able to get debug launch key of the SGX platform.
​However, current Intel SGX windows sdk relies on visual studio. It seems that visual studio does not support EGETKEY.

 

 

0 Kudos

Accepted Solutions
Derek_B_Intel
Employee
166 Views

The Intel SGX SDK can be downloaded from: https://software.intel.com/en-us/sgx-sdk

The SGX SDK includes sample applications demonstrating key SGX features.  The SampleEnclave project, file: App.cpp, function: initialize_enclave(void), includes handling of the launch token.

At this time Intel is only supporting ISV developers to use the REPORT and SEAL from their enclaves.

An SGX_INVALID_ATTRIBUTE error is returned by the EGETKEY instruction if keys other than these are requested by an ISV enclave. Refer to the Intel® Software Guard Extensions (Intel® SGX) Programming Reference for details on the EGETKEY Instruction.

View solution in original post

4 Replies
Derek_B_Intel
Employee
166 Views

A enclave launch token will be generated when an enclave is loaded successfully.  The launch token can be saved and provided by the application when the enclave is launched subsequently.  The SampleEnclave project provided with the SDK as well as the SGX Users Guide provide sample code to demonstrate this behavior.

The SGX SDK includes a trusted API function, “sgx_get_key”, which is a wrapper for the SGX EGETKEY instruction. Please refer to the SGX SDK User’s Guide for additional details on this API.

John_T_2
Beginner
166 Views

DEREK B. (Intel) wrote:

A enclave launch token will be generated when an enclave is loaded successfully.  The launch token can be saved and provided by the application when the enclave is launched subsequently.  The SampleEnclave project provided with the SDK as well as the SGX Users Guide provide sample code to demonstrate this behavior.

The SGX SDK includes a trusted API function, “sgx_get_key”, which is a wrapper for the SGX EGETKEY instruction. Please refer to the SGX SDK User’s Guide for additional details on this API.

 

Hi this answer is good but can you please advise a link to any blog post on this ?

So i can read this in detail ?

Thanks 

gu_j_1
Beginner
166 Views

DEREK B. (Intel) wrote:

A enclave launch token will be generated when an enclave is loaded successfully.  The launch token can be saved and provided by the application when the enclave is launched subsequently.  The SampleEnclave project provided with the SDK as well as the SGX Users Guide provide sample code to demonstrate this behavior.

The SGX SDK includes a trusted API function, “sgx_get_key”, which is a wrapper for the SGX EGETKEY instruction. Please refer to the SGX SDK User’s Guide for additional details on this API.

When I use "sgx_get_key" to get license key(I guess this maybe launch key), however, each time the result is different.

Derek_B_Intel
Employee
167 Views

The Intel SGX SDK can be downloaded from: https://software.intel.com/en-us/sgx-sdk

The SGX SDK includes sample applications demonstrating key SGX features.  The SampleEnclave project, file: App.cpp, function: initialize_enclave(void), includes handling of the launch token.

At this time Intel is only supporting ISV developers to use the REPORT and SEAL from their enclaves.

An SGX_INVALID_ATTRIBUTE error is returned by the EGETKEY instruction if keys other than these are requested by an ISV enclave. Refer to the Intel® Software Guard Extensions (Intel® SGX) Programming Reference for details on the EGETKEY Instruction.

View solution in original post