The enclave signing key is part of the enclave identity and it is critical to protect its secrets. An attacker who compromises the private signing key of an ISV might be able to:
- Write a malicious enclave that successfully attests to the identity of legitimate enclaves, and/or
- Write malware which uses the malicious enclave to compromise sealed data on individual platforms.
Proper key management practice should be employed to safeguard the private signing key, for example:
- Maintain minimum access to the private signing key.
- Use another enclave or a Hardware Security Module (HSM) to store the private signing key and perform enclave signing.
- Separate test signing from release signing using separate key pairs.
ISVs are to be provided with a tool for signing enclaves, for example, a tool that takes an enclave file and adds it the enclave signature as required by the Intel SGX architecture. This tool should support test signing using a test signing private key configured on the local system, as well as a multi-step release signing process that involves a signing facility where the release signing private key is protected.