解決済み: Re: Re:what is the relationship between report key and mrenclave?

riclee · ‎11-29-2022

I got an explation about EREPORT insturction , as following:

"This instruction generates a cryptographic structure, called REPORT, that binds mrenclave to the target enclave’s REPORT KEY."

I don't understand the meaning "that binds mrenclave to the target enclave’s REPORT KEY." . so what is the relationship between report key and mrenclave ?

Sahira_Intel · ‎12-07-2022

Hi,

Sorry we missed this post.

Given Enclave A and Enclave B which are on the same platform, and Enclave B is asking Enclave A to prove it is running on the same platform as Enclave B.

The EREPORT instruction is used to produce a report for Enclave B using Enclave B's MRENCLAVE. The report key is used by the EREPORT to sign all reports generated on that specific platform.

Sincerely,

Sahira

元の投稿で解決策を見る

Sahira_Intel · ‎12-07-2022

Hi,

Sorry we missed this post.

Given Enclave A and Enclave B which are on the same platform, and Enclave B is asking Enclave A to prove it is running on the same platform as Enclave B.

The EREPORT instruction is used to produce a report for Enclave B using Enclave B's MRENCLAVE. The report key is used by the EREPORT to sign all reports generated on that specific platform.

Sincerely,

Sahira

riclee · ‎12-07-2022

I don't understand, the EREPORT instruction generates A's report using B's mrenclave , why not use A's mrenclave.

riclee · ‎12-10-2022

Thank you , I make it by reading the attestation document. EnclaveB's MRENCLAVE is ralated to report key, so when EnclaveB verify the report can get the same report key by B's MRENCLAVE, which means A and B get the same report key by B's MRENCLAVE.