It's one of the Intel SGX SDK tools, descibed by the official document: "Generates the enclave metadata, which includes the enclave signature, and adds such metadata to the enclave image.". Though the corresponding enclave file will be signed automatically at compling time, still developers can make use of this tool to manually sign corresponding files. Specifically, 2 methods are available to do this.
1. One-step signing process
Example command (in windows os) is as follows:
sgx_sign sign -enclave testEnclave.dll -config ../testEnclave/testEnclave.config.xml -out testEnclave_signed.dll -key ../testEnclave/testEnclave_private.pem
Note that the above command is typed under this directory: PathToYourEnclaveProject/encalveProject/Debug
The "testEnclave.config.xml" and "testEnclave_private.pem" files are generated simultaneously when the project was created while the "testEnclave.dll" and "testEnclave_signed.dll" file are generated right after compiling the project.
*Note that in Linux distribution OS, the .dll file should be replaced by .so file.
2. Two-step signing process
I'll add it later on....
533
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
