41-88 Vol. 3D
SGX INSTRUCTION REFERENCES
//Determine values key is based on
TMP_KEYDEPENDENCIES.KEYNAME REPORT_KEY;
TMP_KEYDEPENDENCIES.ISVPRODID 0;
TMP_KEYDEPENDENCIES.ISVSVN 0;
TMP_KEYDEPENDENCIES.OWNEREPOCH CSR_SEOWNEREPOCH;
TMP_KEYDEPENDENCIES.ATTRIBUTES TMP_CURRENTSECS.ATTRIBUTES;
TMP_KEYDEPENDENCIES.ATTRIBUTESMASK 0;
TMP_KEYDEPENDENCIES.MRENCLAVE TMP_CURRENTSECS.MRENCLAVE;
TMP_KEYDEPENDENCIES.MRSIGNER 0;
TMP_KEYDEPENDENCIES.KEYID DS:RBX.KEYID;
TMP_KEYDEPENDENCIES.SEAL_KEY_FUSES CR_SEAL_FUSES;
TMP_KEYDEPENDENCIES.CPUSVN CR_CPUSVN;
TMP_KEYDEPENDENCIES.PADDING HARDCODED_PKCS1_5_PADDING;
TMP_KEYDEPENDENCIES.MISCSELECT TMP_CURRENTSECS.MISCSELECT;
TMP_KEYDEPENDENCIES.MISCMASK 0;
BREAK;
EINITTOKEN_KEY:
(* Check ENCLAVE has LAUNCH capability *)
IF (TMP_CURRENTSECS.ATTRIBUTES.LAUNCHKEY = 0)
THEN
RFLAGS.ZF 1;
RAX SGX_INVALID_ATTRIBUTE;
GOTO EXIT;
FI;
IF (DS:RBX.CPUSVN is beyond current CPU configuration)
THEN
RFLAGS.ZF 1;
RAX SGX_INVALID_CPUSVN;
GOTO EXIT;
FI;
IF (DS:RBX.ISVSVN > TMP_CURRENTSECS.ISVSVN)
THEN
RFLAGS.ZF 1;
RAX SGX_INVALID_ISVSVN;
GOTO EXIT;
FI;
(* Determine values key is based on *)
TMP_KEYDEPENDENCIES.KEYNAME EINITTOKEN_KEY;
TMP_KEYDEPENDENCIES.ISVPRODID TMP_CURRENTSECS.ISVPRODID
TMP_KEYDEPENDENCIES.ISVSVN DS:RBX.ISVSVN;
TMP_KEYDEPENDENCIES.OWNEREPOCH CSR_SEOWNEREPOCH;
TMP_KEYDEPENDENCIES.ATTRIBUTES TMP_ATTRIBUTES;
TMP_KEYDEPENDENCIES.ATTRIBUTESMASK 0;
TMP_KEYDEPENDENCIES.MRENCLAVE 0;
TMP_KEYDEPENDENCIES.MRSIGNER TMP_CURRENTSECS.MRSIGNER;
TMP_KEYDEPENDENCIES.KEYID DS:RBX.KEYID;
TMP_KEYDEPENDENCIES.SEAL_KEY_FUSES CR_SEAL_FUSES;
TMP_KEYDEPENDENCIES.CPUSVN DS:RBX.CPUSVN;
TMP_KEYDEPENDENCIES.PADDING TMP_CURRENTSECS.PADDING;
TMP_KEYDEPENDENCIES.MISCSELECT TMP_MISCSELECT;
TMP_KEYDEPENDENCIES.MISCMASK 0;
BREAK;
PROVISION_KEY:
(* Check ENCLAVE has PROVISIONING capability *)