Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

SGX Internal CREGs

gu_j_1
Beginner
244 Views

How to get the value of SGX Internal CREGs? 

When enclave A makes a report to enclave B, in enclave B I want to get the same report key which is used during enclave making the report.

So, it seems that I must know some CREGs' value such as CR_SEAL_FUSES.

Thanks. 

0 Kudos
1 Solution
Surenthar_S_Intel
245 Views

Hi Gu,

There is an SDK API, sgx_verify_report(report), to perform this function.  An enclave can also generate the report key using the API, sgx_get_key(key_request, &key), which is a wrapper for SGX's EGETKEY instruction.  The report's MAC is generated using AES128_CMAC.

CREG's are internal registers to the part. The programmer is not supposed to have access to them.

Thanks and Regards,
Surenthar Selvaraj

View solution in original post

1 Reply
Surenthar_S_Intel
246 Views

Hi Gu,

There is an SDK API, sgx_verify_report(report), to perform this function.  An enclave can also generate the report key using the API, sgx_get_key(key_request, &key), which is a wrapper for SGX's EGETKEY instruction.  The report's MAC is generated using AES128_CMAC.

CREG's are internal registers to the part. The programmer is not supposed to have access to them.

Thanks and Regards,
Surenthar Selvaraj

Reply