I've been looking at a variety of things with SGX, and while looking into the EGETKEY description, I think I've found an inconsistency in the October 2014 spec. Specifically:
- Table 5-43 says that the Provisioning Key and the Provisioning Seal Key both derive from the owner epoch; however, the algorithmic description of both says that the owner epoch is 0 for derivation purposes. White papers on provisioning make it sound like the owner epoch can be changed to make provisioned secrets inaccessible, so I expected the owner epoch to be used, at least for the provisioning seal key (which is sealed to the fuses in the machine). I could see it not being used for the provisioning key, however, since that's not dependent on the machine itself. Is there an errata for the document that clarifies this?
- For clarify, it might help to add to table 5-43 that the provisioning key isn't derived from the fuses but the provisioning seal key is, since this seems to be the main difference between them.