41-88 Vol. 3D

SGX INSTRUCTION REFERENCES

//Determine values key is based on
TMP_KEYDEPENDENCIES.KEYNAME  REPORT_KEY;
TMP_KEYDEPENDENCIES.ISVPRODID  0;
TMP_KEYDEPENDENCIES.ISVSVN  0;
TMP_KEYDEPENDENCIES.OWNEREPOCH  CSR_SEOWNEREPOCH;
TMP_KEYDEPENDENCIES.ATTRIBUTES  TMP_CURRENTSECS.ATTRIBUTES;
TMP_KEYDEPENDENCIES.ATTRIBUTESMASK  0;
TMP_KEYDEPENDENCIES.MRENCLAVE  TMP_CURRENTSECS.MRENCLAVE;
TMP_KEYDEPENDENCIES.MRSIGNER  0;
TMP_KEYDEPENDENCIES.KEYID  DS:RBX.KEYID;
TMP_KEYDEPENDENCIES.SEAL_KEY_FUSES  CR_SEAL_FUSES;
TMP_KEYDEPENDENCIES.CPUSVN  CR_CPUSVN;
TMP_KEYDEPENDENCIES.PADDING  HARDCODED_PKCS1_5_PADDING;
TMP_KEYDEPENDENCIES.MISCSELECT  TMP_CURRENTSECS.MISCSELECT;
TMP_KEYDEPENDENCIES.MISCMASK  0;
BREAK;

EINITTOKEN_KEY:

(* Check ENCLAVE has LAUNCH capability *)
IF (TMP_CURRENTSECS.ATTRIBUTES.LAUNCHKEY = 0)

THEN 

RFLAGS.ZF  1;
RAX  SGX_INVALID_ATTRIBUTE;
GOTO EXIT;

FI;
IF (DS:RBX.CPUSVN is beyond current CPU configuration)

THEN 

RFLAGS.ZF  1;
RAX  SGX_INVALID_CPUSVN;
GOTO EXIT;

FI;
IF (DS:RBX.ISVSVN > TMP_CURRENTSECS.ISVSVN)

THEN

RFLAGS.ZF  1;
RAX  SGX_INVALID_ISVSVN;
GOTO EXIT;

FI;
(* Determine values key is based on *)
TMP_KEYDEPENDENCIES.KEYNAME  EINITTOKEN_KEY;
TMP_KEYDEPENDENCIES.ISVPRODID  TMP_CURRENTSECS.ISVPRODID
TMP_KEYDEPENDENCIES.ISVSVN  DS:RBX.ISVSVN;
TMP_KEYDEPENDENCIES.OWNEREPOCH  CSR_SEOWNEREPOCH;
TMP_KEYDEPENDENCIES.ATTRIBUTES  TMP_ATTRIBUTES;
TMP_KEYDEPENDENCIES.ATTRIBUTESMASK  0;
TMP_KEYDEPENDENCIES.MRENCLAVE  0;
TMP_KEYDEPENDENCIES.MRSIGNER  TMP_CURRENTSECS.MRSIGNER;
TMP_KEYDEPENDENCIES.KEYID  DS:RBX.KEYID; 
TMP_KEYDEPENDENCIES.SEAL_KEY_FUSES  CR_SEAL_FUSES;
TMP_KEYDEPENDENCIES.CPUSVN  DS:RBX.CPUSVN;
TMP_KEYDEPENDENCIES.PADDING  TMP_CURRENTSECS.PADDING;
TMP_KEYDEPENDENCIES.MISCSELECT  TMP_MISCSELECT;
TMP_KEYDEPENDENCIES.MISCMASK  0;
BREAK;

PROVISION_KEY: 
(* Check ENCLAVE has PROVISIONING capability *)