Home Explore Help
Sign In
miti
/
linux-sgx-trts-modified
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: d686fb0543
Branches Tags
linux-sgx-tr...
/
Linux_SGXEclipsePlugin
/
build_directory
/
plugins
/
com.intel.sgx.userguide
/
html
/
Updating_SGX_Enclave_Signing_Key.htm

Updating_SGX_Enclave_Signing_Key.htm 2.6 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637 
  1. <!--------------------------------------------------------------------------->
    2. 

  2. <!-- Copyright (c) 2016 Intel Corporation.				   -->
    3. 

  3. <!-- 									   -->
    4. 

  4. <!-- All rights reserved. This program and the accompanying materials	   -->
    5. 

  5. <!-- are made available under the terms of the Eclipse Public License v1.0 -->
    6. 

  6. <!-- which accompanies this distribution, and is available at		   -->
    7. 

  7. <!-- http://www.eclipse.org/legal/epl-v10.html				   -->
    8. 

  8. <!-- 									   -->
    9. 

  9. <!-- Contributors:							   -->
    10. 

  10. <!--     Intel Corporation - initial implementation and documentation	   -->
    11. 

  11. <!--------------------------------------------------------------------------->
    12. 

  12. <?xml version="1.0" encoding="utf-8"?>
    13. 

  13. <html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="4" MadCap:lastHeight="1043" MadCap:lastWidth="652">
    14. 

  14.     <head><title>Updating SGX Enclave Signing Key</title>
    15. 

  15.         <link href="Resources/Stylesheets/intel_css_styles.css" rel="stylesheet" type="text/css" />
    16. 

  16.     </head>
    17. 

  17.     <body>
    18. 

  18.         <h2>Updating SGX Enclave Signing Key</h2>
    19. 

  19.         <p>All skeletons enclave samples produced by the plugin contain a sample signing key.  You might want to import another sign key that you already have, or generate a new one.   Use the command <b>Update SGX Enclave Signing Key</b> to complete this task.</p>
    20. 

  20.         <ol>
    21. 

  21.             <li>Choose  <b>Update SGX Enclave Signing Key</b> by right-click on the project in <b>Project Explorer -&gt; Software Guard Extension Tools</b> menu. The <b>Import or (Re)Generate Enclave Signing Key</b> dialog appears.</li>
    22. 

  22.             <li>In the <b>Import or (Re)Generate Enclave Signing Key</b> dialog, click <b>Select</b> to open a file dialog to select the output key.</li>
    23. 

  23.             <li>
    24. 

  24.                 <p>Click <b>Improt Key</b> to update a selected signing key by copying another existing key  or click <b>Generate Key</b> to update the selected signing key by generating a new key. In both cases, the new signature key is put into the file in text field <b>Enclave Signing Key</b>.</p>
    25. 

  25.                 <p>
    26. 

  26.                     <img src="Resources/Images/Import_or_Re_Generate_Enclave_Signing_Key.png" />
    27. 

  27.                 </p>
    28. 

  28.                 <p class="figcap">Import or (Re)Generate Enclave Signing Key</p>
    29. 

  29.             </li>
    30. 

  30.             <li>Click <b>OK</b> to update the enclave signing key.</li>
    31. 

  31.         </ol>
    32. 

  32.         <p>Under the hood, a new key is generated using openssl*, which needs to be installed on the machine:</p>
    33. 

  33.         <p><code>openssl genrsa -out ../../../encl1_private.pem.key.pem -3 3072</code>
    34. 

  34.         </p>
    35. 

  35.         <p><![CDATA[	]]></p>
    36. 

  36.     </body>
    37. 

  37. </html>
    38.