Reserved fields in sealed data

liu__simon · ‎06-15-2018

Hello, I have a question about the "reserved" fields in the struct sgx_key_request_t as follow:

typedef struct _key_request_t {
uint16_t key_name;
uint16_t key_policy;
sgx_isv_svn_t isv_svn;
uint16_t reserved1;
sgx_cpu_svn_t cpu_svn;
sgx_attributes_t attribute_mask;
sgx_key_id_t key_id;
sgx_misc_select_t misc_mask;
uint8_t reserved2[436];
} sgx_key_request_t

In the developer reference, reserved fields are defined for future use and must be set to zero. More precisely, what is the future use and why are the sizes of the two fields fixed as 2 and 436 bytes ?

So the seal and unseal is not very appropriate for data with small size ( int, double.....) because the size of struct sgx_sealed_data_t is huge due to these fields. Are they here for some security purpose ?

I don't know if it's possible to define my own version of seal and unseal by deleting them in the source code. Or if there is a better solution. Thank you in advance.

Simon

liu__simon · ‎06-19-2018

edit: The reserved2 field is supposed to keep the data alignment of the sgx_key_request_t of 512 bytes. So a new question comes to me: why should we use data alignment here and can we change the size of alignment? Thank you!