When I go through the "Intel® Software Guard Extensions - Developer Guide", I notice below words about "enclave signing key"
The enclave signing key is part of the enclave identity and it is critical to protect its secrets. An attacker who compromises the private signing key of an ISV might be able to: 1. Write a malicious enclave that successfully attests to the identity of legitimate enclaves, and/or 2. Write malware which uses the malicious enclave to compromise sealed data on individual platforms. Proper key management practice should be employed to safeguard the private signing key, for example: 1. Maintain minimum access to the private signing key. 2. Use another enclave or a Hardware Security Module (HSM) to store the private signing key and perform enclave signing. 3. Separate test signing from release signing using separate key pairs.
I understand that the signing key is critical to be protected. My question is that why does this signing key need to be involved into the enclave identity.
I suppose that the enclave code can be developed in a local trusted environment, after that the author can sign the enclave code using the signing key and send out it to the service provider environment. Is there any case that need this sign operation to be done on the service provider environment? Or the sign operation needs some service provider's platform information to complete this operation?
So I would like to know if I can keep the signing key in my trusted environment instead of using complex procedure to protect it in the service provider side such as using HSM or other enclave as mentioned above.
Maybe I miss something, please correct me.