I have some questions about Launch Enclave and EINITTOKEN.
I can't find detailed document about LE. So I learned a lot from some posts in this forum, but I still have some questions. Fistly, I know an attacker can tamper an enclave and regenerate the signature. I also know LE could prevent this situation. Before the enclave initialization, LE will verify if the developer's public key is in the whitelist signed by Intel.
The problem is coming, can a developer who's public key in the whitelist tampers with any enclave and run it?
In addition, I want to know how the information in EINITTOKEN is generated, such as EINITTOKEN.MRENCLAVE.
Related posts are as follows, hope for your reply.