41-38 Vol. 3D

SGX INSTRUCTION REFERENCES

IF ( (DS:RCX.ATTRIBUTES & TMP_SIG.ATTRIBUTEMASK) ≠ (TMP_SIG.ATTRIBUTE & TMP_SIG.ATTRIBUTEMASK) )

RFLAG.ZF  1;
RAX  SGX_INVALID_ATTRIBUTE;
GOTO EXIT;

FI;

( *Verify SIGSTRUCT.MISCSELECT requirements are met *)
IF ( (DS:RCX.MISCSELECT & TMP_SIG.MISCMASK) ≠ (TMP_SIG.MISCSELECT & TMP_SIG.MISCMASK) )

THEN

RFLAGS.ZF  1;
RAX  SGX_INVALID_ATTRIBUTE;

GOTO EXIT

FI;

(* if EINITTOKEN.VALID[0] is 0, verify the enclave is signed by an authorized key *)
IF (TMP_TOKEN.VALID[0] = 0)

IF (TMP_MRSIGNER ≠ IA32_SGXLEPUBKEYHASH)

RFLAG.ZF  1;
RAX  SGX_INVALID_EINITTOKEN;
GOTO EXIT;

FI;
GOTO COMMIT;

FI;

(* Debug Launch Enclave cannot launch Production Enclaves *)
IF ( (DS:RDX.MASKEDATTRIBUTESLE.DEBUG = 1) and (DS:RCX.ATTRIBUTES.DEBUG = 0) )

RFLAG.ZF  1;
RAX  SGX_INVALID_EINITTOKEN;
GOTO EXIT;

FI;

(* Check reserve space in EINIT token includes reserved regions and upper bits in valid field *)
IF (TMP_TOKEN reserved space is not clear)

RFLAG.ZF  1;
RAX  SGX_INVALID_EINITTOKEN;
GOTO EXIT;

FI;

(* EINIT token must be ≤ CR_CPUSVN *)
IF (TMP_TOKEN.CPUSVN > CR_CPUSVN)

RFLAG.ZF  1;
RAX  SGX_INVALID_CPUSVN;
GOTO EXIT;

FI;

(* Derive Launch key used to calculate EINITTOKEN.MAC *)
HARDCODED_PKCS1_5_PADDING[15:0]  0100H;
HARDCODED_PKCS1_5_PADDING[2655:16]  SignExtend330Byte(-1); // 330 bytes of 0FFH
HARDCODED_PKCS1_5_PADDING[2815:2656]  2004000501020403650148866009060D30313000H;

TMP_KEYDEPENDENCIES.KEYNAME  EINITTOKEN_KEY;
TMP_KEYDEPENDENCIES.ISVPRODID  TMP_TOKEN.ISVPRODIDLE;
TMP_KEYDEPENDENCIES.ISVSVN  TMP_TOKEN.ISVSVN;
TMP_KEYDEPENDENCIES.OWNEREPOCH  CSR_SGXOWNEREPOCH;