Use the "Enclave Signing Tool" to sign enclave files

It's one of the Intel SGX SDK tools, descibed by the official document: "Generates the enclave metadata, which includes the enclave signature, and adds such metadata to the enclave image.". Though the corresponding enclave file will be signed automatically at compling time, still developers can make use of this tool to manually sign corresponding files. Specifically, 2 methods are available to do this.

1. One-step signing process

Example command (in windows os) is as follows:

sgx_sign sign -enclave testEnclave.dll -config ../testEnclave/testEnclave.config.xml -out testEnclave_signed.dll -key ../testEnclave/testEnclave_private.pem

Note that the above command is typed under this directory: PathToYourEnclaveProject/encalveProject/Debug

The "testEnclave.config.xml" and "testEnclave_private.pem" files are generated simultaneously when the project was created while the "testEnclave.dll" and "testEnclave_signed.dll" file are generated right after compiling the project. 

*Note that in Linux distribution OS, the .dll file should be replaced by .so file.

2. Two-step signing process

I'll add it later on....