On Wed, Sep 23, 2020 at 03:50:05PM +0200, Borislav Petkov wrote:
> > +This leaf function takes an RSA-3072 signature of the enclave measurement and an
> > +optional cryptographic token. Linux does not take advantage of launch tokens.
> > +The instruction checks that the signature is signed with the key defined in
> > +**IA32_SGXLEPUBKEYHASH?** MSRs and the measurement is correct. If so, the
>
> That '?' wants to be '[0123]' perhaps?
What do you think of this:
"The leaf instruction checks that the measurement is correct and
signature is signed with the key hashed to the four
+**IA32_SGXLEPUBKEYHASH{0, 1, 2, 3}** MSRs representing the SHA256 of a
public key."
I though that little more detail would make sense here (i.e. what do the
MSRs represent).
/Jarkko
