Updating SGX Enclave Signing Key

All skeletons enclave samples produced by the plugin contain a sample signing key. You might want to import another sign key that you already have, or generate a new one. Use the command Update SGX Enclave Signing Key to complete this task.

1. Choose Update SGX Enclave Signing Key by right-click on the project in Project Explorer -> Software Guard Extension Tools menu. The Import or (Re)Generate Enclave Signing Key dialog appears.
2. In the Import or (Re)Generate Enclave Signing Key dialog, click Select to open a file dialog to select the output key.

3. Click Improt Key to update a selected signing key by copying another existing key or click Generate Key to update the selected signing key by generating a new key. In both cases, the new signature key is put into the file in text field Enclave Signing Key.

   

   Import or (Re)Generate Enclave Signing Key

4. Click OK to update the enclave signing key.

Under the hood, a new key is generated using openssl*, which needs to be installed on the machine:

openssl genrsa -out ../../../encl1_private.pem.key.pem -3 3072