Vol. 3D 41-89

SGX INSTRUCTION REFERENCES

IF (TMP_CURRENTSECS.ATTRIBUTES.PROVISIONKEY = 0) 

THEN

RFLAGS.ZF  1;
RAX  SGX_INVALID_ATTRIBUTE;
GOTO EXIT;

FI;
IF (DS:RBX.CPUSVN is beyond current CPU configuration)

THEN

RFLAGS.ZF  1;
RAX  SGX_INVALID_CPUSVN;
GOTO EXIT;

FI;
IF (DS:RBX.ISVSVN > TMP_CURRENTSECS.ISVSVN)

THEN

RFLAGS.ZF  1;
RAX  SGX_INVALID_ISVSVN;
GOTO EXIT;

FI;
(* Determine values key is based on *)
TMP_KEYDEPENDENCIES.KEYNAME  PROVISION_KEY;
TMP_KEYDEPENDENCIES.ISVPRODID  TMP_CURRENTSECS.ISVPRODID;
TMP_KEYDEPENDENCIES.ISVSVN  DS:RBX.ISVSVN;
TMP_KEYDEPENDENCIES.OWNEREPOCH  0;
TMP_KEYDEPENDENCIES.ATTRIBUTES  TMP_ATTRIBUTES;
TMP_KEYDEPENDENCIES.ATTRIBUTESMASK  DS:RBX.ATTRIBUTEMASK;
TMP_KEYDEPENDENCIES.MRENCLAVE  0;
TMP_KEYDEPENDENCIES.MRSIGNER  TMP_CURRENTSECS.MRSIGNER;
TMP_KEYDEPENDENCIES.KEYID  0;
TMP_KEYDEPENDENCIES.SEAL_KEY_FUSES  0;
TMP_KEYDEPENDENCIES.CPUSVN  DS:RBX.CPUSVN;
TMP_KEYDEPENDENCIES.PADDING  TMP_CURRENTSECS.PADDING;
TMP_KEYDEPENDENCIES.MISCSELECT  TMP_MISCSELECT;
TMP_KEYDEPENDENCIES.MISCMASK  ~DS:RBX.MISCMASK;
BREAK;

PROVISION_SEAL_KEY:

(* Check ENCLAVE has PROVISIONING capability *)
IF (TMP_CURRENTSECS.ATTRIBUTES.PROVISIONKEY = 0) 

THEN

RFLAGS.ZF  1;
RAX  SGX_INVALID_ATTRIBUTE;
GOTO EXIT;

FI;
IF (DS:RBX.CPUSVN is beyond current CPU configuration)

THEN

RFLAGS.ZF  1;
RAX  SGX_INVALID_CPUSVN;
GOTO EXIT;

FI;
IF (DS:RBX.ISVSVN > TMP_CURRENTSECS.ISVSVN)

THEN

RFLAGS.ZF  1;
RAX  SGX_INVALID_ISVSVN;
GOTO EXIT;

FI;