packages/secGear
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
secGear/0018-update-sign_tool.doc.patch
chenmaodong 9e62fb9925 update some bugfixs and adaptations from openeuler secGear 
Signed-off-by: chenmaodong <chenmaodong@huawei.com>
2021-05-21 14:25:55 +08:00

51 lines
2.4 KiB
Diff
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

From 8a586fc5fa249ced59ae495357c64baa7c6201f0 Mon Sep 17 00:00:00 2001
From: yanlu <yanlu14@huawei.com>
Date: Thu, 25 Mar 2021 15:27:32 +0800
Subject: [PATCH 01/14] update sign_tool.doc
---
docs/sign_tool.md | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/docs/sign_tool.md b/docs/sign_tool.md
index 3a49d5b..26805bd 100644
--- a/docs/sign_tool.md
+++ b/docs/sign_tool.md
@@ -4,7 +4,7 @@ The sign_tool.sh helps to sign the enclave.
## The sign_tool.sh
-The sign_tool.sh uses the 'sgx_sign' tool in SGX SDK for signing the sgx enclave and the 'sign_too.py' for signing the trustzone enclave.
+The sign_tool.sh uses the 'sgx_sign' tool in SGX SDK for signing the sgx enclave and the 'sign_tool.py' for signing the trustzone enclave.
The tool supports the following two modes:
@@ -13,21 +13,21 @@ The tool supports the following two modes:
For example:
- `$ ./signtool.sh d sign x trustzone i test.enclave -m manifest.txt e device_pubkey.pem o signed.enclave `
+ `$ ./sign_tool.sh d sign x trustzone i test.enclave -m manifest.txt e device_pubkey.pem o signed.enclave `
- two-step method, it is used when the signature needs to be obtained from the signing organization or the private key is stored on another secure platform.
For example:
(1) generate the digest value.
- `$ ./signtool.sh d digest x trustzone i input -m manifest.txt e device_pubkey.pem o digest.data `
+ `$ ./sign_tool.sh d digest x trustzone i input -m manifest.txt e device_pubkey.pem o digest.data `
For trustzone, temporary files KeyInfo.enc, rawData.enc, and rawDataHash.bin are generated in the current directory. And for sgx, a temporary file signdata is generated in the current directory. The temporary file is required when generating the signed enclave in step 3 and is deleted after the signed enclave is generated.
(2) send the digest.data to the signing organization or platform and get the signature.
(3) use the signature to generate the signed enclave.
- `$ ./signtool.sh d sign x trustzone i input -m manifest.txt p pub.pem e device_pubkey.pem s signature o signed.enclave `
+ `$ ./sign_tool.sh d sign x trustzone i input -m manifest.txt p pub.pem e device_pubkey.pem s signature o signed.enclave `
## sign_tool.sh parameter
--
2.27.0
Reference in New Issue View Git Blame Copy Permalink