master

分支 (22)

标签 (15)

管理

管理

master

my-2403

openEuler-22.03-LTS-SP4

openEuler-22.03-LTS-SP3

openEuler-24.03-LTS

sync-pr168-openEuler-24.03-LTS-to-master

sync-pr168-openEuler-24.03-LTS-to-openEuler-24.03-LTS-Next

openEuler-22.03-LTS-SP1

openEuler-20.03-LTS-SP4

openEuler-22.03-LTS

openEuler-20.03-LTS-SP3

openEuler-20.03-LTS-SP1

openEuler-22.03-LTS-Next

openEuler-24.03-LTS-Next

openEuler-23.09

openEuler-22.03-LTS-SP2

openEuler-23.03

openEuler-22.09

openEuler-20.03-LTS-Next

openEuler-21.09

openEuler-24.03-LTS-release

openEuler-22.03-LTS-SP3-release

openEuler-23.09-rc5

openEuler-22.03-LTS-SP1-release

openEuler-22.09-release

openEuler-22.09-rc5

openEuler-22.09-20220829

openEuler-22.03-LTS-20220331

openEuler-22.03-LTS-round5

openEuler-22.03-LTS-round3

openEuler-22.03-LTS-round2

openEuler-22.03-LTS-round1

openEuler-20.03-LTS-SP3-release

openEuler-20.03-LTS-SP2-20210624

openEuler-21.03-20210330

secGear
/
0018-update-sign_tool.doc.patch

From 8a586fc5fa249ced59ae495357c64baa7c6201f0 Mon Sep 17 00:00:00 2001
From: yanlu <yanlu14@huawei.com>
Date: Thu, 25 Mar 2021 15:27:32 +0800
Subject: [PATCH 01/14] update sign_tool.doc

---
 docs/sign_tool.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/sign_tool.md b/docs/sign_tool.md
index 3a49d5b..26805bd 100644
--- a/docs/sign_tool.md
+++ b/docs/sign_tool.md
@@ -4,7 +4,7 @@ The sign_tool.sh helps to sign the enclave.

 ## The sign_tool.sh

-The sign_tool.sh uses the 'sgx_sign' tool in SGX SDK for signing the sgx enclave and the 'sign_too.py' for signing the trustzone enclave.
+The sign_tool.sh uses the 'sgx_sign' tool in SGX SDK for signing the sgx enclave and the 'sign_tool.py' for signing the trustzone enclave.

 The tool supports the following two modes:

@@ -13,21 +13,21 @@ The tool supports the following two modes:

     For example:

-    `$ ./signtool.sh –d sign –x trustzone –i test.enclave -m manifest.txt –e device_pubkey.pem –o signed.enclave `
+    `$ ./sign_tool.sh –d sign –x trustzone –i test.enclave -m manifest.txt –e device_pubkey.pem –o signed.enclave `


 - two-step method, it is used when the signature needs to be obtained from the signing organization or the private key is stored on another secure platform.

     For example:
     (1) generate the digest value.
-    `$ ./signtool.sh –d digest –x trustzone –i input -m manifest.txt –e device_pubkey.pem –o digest.data `
+    `$ ./sign_tool.sh –d digest –x trustzone –i input -m manifest.txt –e device_pubkey.pem –o digest.data `

     For trustzone, temporary files KeyInfo.enc, rawData.enc, and rawDataHash.bin are generated in the current directory. And for sgx, a temporary file signdata is generated in the current directory. The temporary file is required when generating the signed enclave in step 3 and is deleted after the signed enclave is generated.

     (2) send the digest.data to the signing organization or platform and get the signature.

     (3) use the signature to generate the signed enclave.
-    `$ ./signtool.sh –d sign –x trustzone –i input -m manifest.txt –p pub.pem –e device_pubkey.pem –s signature –o signed.enclave `
+    `$ ./sign_tool.sh –d sign –x trustzone –i input -m manifest.txt –p pub.pem –e device_pubkey.pem –s signature –o signed.enclave `

 ## sign_tool.sh parameter

--
2.27.0