You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Use the information found in the Intel SGX Developer Reference to document in the output of the demo what some key functions do.
For example, what does sgx_create_report() do? What is the difference between a report and a quote? The terminology may appear to be confusing but perhaps it is precise enough to clarify the process of remote attestation.
Another interesting detail to document is whether an instruction is performed in the enclave (via an ECALL) or outside. In other words, there's a distinction between trusted execution of code and untrusted execution of code. The sgx_create_report() is invoked in the enclave code, and therefore could be said to be a trusted execution. On the other hand, sgx_init_quote() and sgx_get_quote() are executed in the untrusted layer. Is this okay? If yes, why is it okay? Does sgx_get_quote() invoke the quoting enclave aka QE? Could the report, generated by the enclave code, be tampered with before it is passed over to sgx_get_quote()?
See the developer reference, which covers the trusted and untrusted library functions.
Here's an excerpt of the documentation on the function sgx_create_report():
Tries to use the information of the target enclave and other information to create a cryptographic report of the enclave. This function is a wrapper for the Intel® Software Guard Extensions (Intel® SGX) EREPORT instruction.
The text was updated successfully, but these errors were encountered:
Use the information found in the Intel SGX Developer Reference to document in the output of the demo what some key functions do.
For example, what does
sgx_create_report()do? What is the difference between a report and a quote? The terminology may appear to be confusing but perhaps it is precise enough to clarify the process of remote attestation.Another interesting detail to document is whether an instruction is performed in the enclave (via an ECALL) or outside. In other words, there's a distinction between trusted execution of code and untrusted execution of code. The
sgx_create_report()is invoked in the enclave code, and therefore could be said to be a trusted execution. On the other hand,sgx_init_quote()andsgx_get_quote()are executed in the untrusted layer. Is this okay? If yes, why is it okay? Doessgx_get_quote()invoke the quoting enclave aka QE? Could the report, generated by the enclave code, be tampered with before it is passed over tosgx_get_quote()?See the developer reference, which covers the trusted and untrusted library functions.
Here's an excerpt of the documentation on the function
sgx_create_report():The text was updated successfully, but these errors were encountered: