sgx_key.h 3.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788
  1. /*
  2. * Copyright (C) 2011-2017 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. /*
  32. * This file is to define Enclave's keys
  33. */
  34. #ifndef _SGX_KEY_H_
  35. #define _SGX_KEY_H_
  36. #include <stdint.h>
  37. #include "sgx_attributes.h"
  38. /* Key Name */
  39. #define SGX_KEYSELECT_EINITTOKEN 0x0000
  40. #define SGX_KEYSELECT_PROVISION 0x0001
  41. #define SGX_KEYSELECT_PROVISION_SEAL 0x0002
  42. #define SGX_KEYSELECT_REPORT 0x0003
  43. #define SGX_KEYSELECT_SEAL 0x0004
  44. /* Key Policy */
  45. #define SGX_KEYPOLICY_MRENCLAVE 0x0001 /* Derive key using the enclave's ENCLAVE measurement register */
  46. #define SGX_KEYPOLICY_MRSIGNER 0x0002 /* Derive key using the enclave's SINGER measurement register */
  47. #define SGX_KEYID_SIZE 32
  48. #define SGX_CPUSVN_SIZE 16
  49. typedef uint8_t sgx_key_128bit_t[16];
  50. typedef uint16_t sgx_isv_svn_t;
  51. typedef struct _sgx_cpu_svn_t
  52. {
  53. uint8_t svn[SGX_CPUSVN_SIZE];
  54. } sgx_cpu_svn_t;
  55. typedef struct _sgx_key_id_t
  56. {
  57. uint8_t id[SGX_KEYID_SIZE];
  58. } sgx_key_id_t;
  59. #define SGX_KEY_REQUEST_RESERVED2_BYTES 436
  60. typedef struct _key_request_t
  61. {
  62. uint16_t key_name; /* Identifies the key required */
  63. uint16_t key_policy; /* Identifies which inputs should be used in the key derivation */
  64. sgx_isv_svn_t isv_svn; /* Security Version of the Enclave */
  65. uint16_t reserved1; /* Must be 0 */
  66. sgx_cpu_svn_t cpu_svn; /* Security Version of the CPU */
  67. sgx_attributes_t attribute_mask; /* Mask which ATTRIBUTES Seal keys should be bound to */
  68. sgx_key_id_t key_id; /* Value for key wear-out protection */
  69. sgx_misc_select_t misc_mask; /* Mask what MISCSELECT Seal keys bound to */
  70. uint8_t reserved2[SGX_KEY_REQUEST_RESERVED2_BYTES]; /* Struct size is 512 bytes */
  71. } sgx_key_request_t;
  72. #endif