I have successfully managed to retrieve the SigRL from IAS but am now struggling with the Quote attestation.
I call the sgx_ra_proc_msg2 function like this:
ret = sgx_ra_proc_msg2(this->enclave->getContext(), this->enclave->getID(), sgx_ra_proc_msg2_trusted, sgx_ra_get_msg3_trusted, p_msg2, size, &p_msg3, &msg3_size);
which returns with SGX_SUCCESS.
Then I take the quote, convert it to a std::string and and encode it to Base64:
std::string quoteStr = ConvertToString(p_msg3->quote); quoteStr = EncodeToBase64(quoteStr);
This quote will then be put in JSON format as described here https://software.intel.com/sites/default/files/managed/3d/c8/IAS_1_0_API_spec_1_1_Final.pdf, which gives me
When I now send this as a payload to the IAS it always returns with a "400 Bad Request", which according to the API above, indicates an invalid payload!?
Am I doing something wrong here with the encoding?
Which version of intel SGX SDK are you using? if it version 1.1/1.5 means, it will not work.
Please refer the link for your reference: https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/698436
I'm using the latest version for Linux which is 1.7.
I don't see how the above mentioned format is not correct!?
Can I do anything else to locally check the correctness of the received Quote from the call to
Sample Remote attestation code available at https://software.intel.com/en-us/articles/intel-software-guard-extensions-remote-attestation-end-to-end-example. Please Check whether this sample is working well with your client on your machine. If it works well, please go through this sample to find the process of building the attestation verification evidence request message to IAS which is detailed in RasPRef/Msg4Builder.CS.
I am in a similar situation to the one described by Sam.
I use SGX SDK version 2.1 on Windows and I requested the SPID for a linkable self-signed certificate (with CA set to True) from the link https://software.intel.com/en-us/form/sgx-onboarding .
I am able to obtain the SIGRL from IAS, but when I try to send the quote to IAS, I obtain a 400 errror code with the message "Bad Request" (Invalid Payload).
I also tried to run the https://software.intel.com/en-us/articles/intel-software-guard-extensions-remote-attestation-end-to-end-example solution (with the service provider flag set to a linkable quote), but the result is the same.
Can there be a problem with my service provider's certicate or that certificate should be ok if IAS gave me the SIGRL? Or do you have any ideas how to debug this?