- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
In order to finish a remote attestation, the client (that is checking whether server runs a genuine enclave or not) needs to verify a QUOTE that contains an MRENCAVE value. But in order to do this, the client needs to create such value in advance (an MRENCLAVE value to check against the value in the QUOTE).
So the question is: Which tools from the SGX SDK can client use to create MRENCLAVE ?
Regards,
Ivan
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Ivan.
See the "Enclave Signing Tool" section in the latest Linux Dev Reference:
This tool adds all the metadata to the enclave, including MRENCLAVE. After building and signing an enclave, the signtool "dump" argument will allow you to dump all the enclave metadata, including MRENCLAVE (metadata->enclave_css.body.enclave_hash).
More info available here also: https://software.intel.com/en-us/node/702979
Regards.
Scott
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page