Skip to content

Sealing and Unsealing using _sgx_mrenclave (different platform) #1842

Answered by kailun-qin
tiagorvmartins asked this question in Q&A
Discussion options

You must be logged in to vote

then even if the same enclave code (same MRENCLAVE measurement) tries to use (unseal) that encrypted file A but on different machine (so different CPU -> different SGX Platform), it won't actually work right?

Right, it won't be able to unseal the data on another platform.

Unless we assume we always use the same CPU and SGX Platform (which is unrealistic ant not future proof), then we will need the process described on A), correct?

Yes, a migration process (e.g., unseal-transfer-reseal) is needed.

Replies: 1 comment 1 reply

Comment options

You must be logged in to vote
1 reply
@tiagorvmartins
Comment options

Answer selected by tiagorvmartins
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants