Function sgx_tse::rsgx_get_key [−][src]
pub fn rsgx_get_key(
key_request: &sgx_key_request_t
) -> SgxResult<sgx_key_128bit_t>
The rsgx_get_key function generates a 128-bit secret key using the input information.
This function is a wrapper for the SGX EGETKEY instruction.
Description
The rsgx_get_key function generates a 128-bit secret key from the processor specific key hierarchy with the key_request information. If the function fails with an error code, the key buffer will be filled with random numbers. The key_request structure needs to be initialized properly to obtain the requested key type. See sgx_key_request_t for structure details.
Parameters
key_request
A pointer to a sgx_key_request_t object used for selecting the appropriate key and any additional parameters required in the derivation of that key. The pointer must be located within the enclave.
See details on the sgx_key_request_t to understand initializing this structure before calling this function.
Requirements
Library: libsgx_tservice.a
Return value
Cryptographic key
Errors
SGX_ERROR_INVALID_PARAMETER
Indicates an error that the input parameters are invalid.
SGX_ERROR_OUT_OF_MEMORY
Indicates an error that the enclave is out of memory.
SGX_ERROR_INVALID_ATTRIBUTE
Indicates the key_request requests a key for a KEYNAME which the enclave is not authorized.
SGX_ERROR_INVALID_CPUSVN
Indicates key_request->cpu_svn is beyond platform CPUSVN value
SGX_ERROR_INVALID_ISVSVN
Indicates key_request->isv_svn is greater than the enclave’s ISVSVN
SGX_ERROR_INVALID_KEYNAME
Indicates key_request->key_name is an unsupported value
SGX_ERROR_UNEXPECTED
Indicates an unexpected error occurs during the key generation process.