Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

Enclave NOT TRUSTED

makura
New Contributor I
9,099 Views

Hi,

When I run the remote attestation sample code.

I got this problem: Enclave NOT TRUSTED

---- Enclave Trust Status from Service Provider ----------------------------
Sep 14 2020 17:05:26 Enclave NOT TRUSTED
Sep 14 2020 17:05:26 +++ PIB: 00000800000f0f02040180070000000000000000000b00000b000000020000000000000bce79f799537a906078b593749a0f385b10839d8bff51e8a32967af61ac098103d90574e35023ff1b8e8f127dcb1da998381789dd7f0b94f4257152669e55c1fc18
Sep 14 2020 17:05:26 +++ sgx_report_attestation_status ret = 0x0000
----------------------------------------------------------------------------

Can anyone tell me what is going wrong?

Thanks,

LU

0 Kudos
1 Solution
JesusG_Intel
Moderator
9,008 Views

Hello Lu, that information was very helpful. Your results are very common. Here is all the relevant information.


 

  • INTEL-SA-00219 - Processor Graphics Update Advisory - Have to disable internal graphics, or use special memory handling techniques in your enclaves. But, even if you modify your enclaves, you will still always get this reply if Gfx enabled.

 

  • INTEL-SA-00289 - "Plundervolt" - Voltage Settings Modification Advisory - this requires a BIOS update and vendor enabling overclocking lock bit. There is a BIOS option that can control the bit - Overclocking Lock. For our customer reference boards, it’s under BIOS menu “advance ->power & performance -> CPU - Power Management Control -> CPU Lock configuration -> overclocking lock”. Can you enable the lock on your platform to mitigate SA-00289?

 

  • INTEL-SA-00334 - "LVI" - Load Value Injection - Deep dive -- Have to update SGX PSW and build your enclaves with the updated toolchain to fully mitigate. If a processor is affected by this security advisor (LVI), IAS will always reply with at least "SW_HARDENING_NEEDED"… there is no way for IAS to tell if a customer has built their enclaves with the mitigations in place. The relying party needs to look at its enclave's ISVSVN (enclave version) and decide if it's up to date or not.

 

Long story short, you need to disable HT, disable internal Gfx, get the BIOS updated for "Plundervolt" and enable the overclocking lock bit, and then build your enclaves with mitigations for LVI, though, again, you will still always get a “SW_HARDENING_NEEDED” reply back from IAS.

 

However, you may always get 161, 219, and 289. Here's why...

 

It’s by design. It is due to what you could do with some of these attacks. Basically, it’s possible that if you use one of the other attacks, you could make HT look like it is disabled when it really isn’t. So, the backend logic is basically this: You either get all issues possible on that particular processor, or you get none (they’ve all been mitigated). It’s up to the user to confirm that all the other manual mitigations can be fixed.

 

To summarize, if you disabled HT, internal Gfx, and the BIOS was fixed, those three SAs would go away… you either get all 3 SAs or none. If your BIOS does not allow you to enable the overclocking lock bit, you cannot fully implement the mitigation for SA-289. And, since 289 is there, so will the rest of them.

 

You will still always get INTEL-SA-00334 and SW_HARDENING_NEEDED, of course.


View solution in original post

0 Kudos
10 Replies
JesusG_Intel
Moderator
9,091 Views

Hello makura,


Run your client with the "-v" option so we can get a verbose output that shows the reason for your enclave not being trusted.


0 Kudos
makura
New Contributor I
9,084 Views

Hi Jesus Garcia,

Thank you for your reply. And there is the information when I run client with "-v".

./run-client 127.0.0.1:7777 -v

---- Msg0 Details ----------------------------------------------------------
Extended Epid Group ID: 00000000
----------------------------------------------------------------------------

---- Msg1 Details ----------------------------------------------------------
msg1.g_a.gx = b226c7bfd0b3afd2a5c72aa902ef7a22156d67d8a0188aa5a8c2ff1e89442a1c
msg1.g_a.gy = f482a35422abfc21034349512025d1917dd14cd0e32c193f25e8bae0ec93f26b
msg1.gid = ce0b0000
----------------------------------------------------------------------------

---- Copy/Paste Msg0||Msg1 Below to SP -------------------------------------
00000000b226c7bfd0b3afd2a5c72aa902ef7a22156d67d8a0188aa5a8c2ff1e89442a1cf482a35422abfc21034349512025d1917dd14cd0e32c193f25e8bae0ec93f26bce0b0000
----------------------------------------------------------------------------
Waiting for msg2

---- Msg2 Details ----------------------------------------------------------
msg2.g_b.gx = 6a90b8375958a860ad08e35ffee6736964a15f6758c70ce8e82a84b035d219ee
msg2.g_b.gy = 610a83a11a8e846534138f043c0dfb4ddce2b1de76882d1bd6a37713a687e104
msg2.spid = dd93fddb1c578e662ca45af1ad050862
msg2.quote_type = 0000
msg2.kdf_id = 0100
msg2.sign_ga_gb = 3fd187ed35b00b45ec0b0408f6359087f8b752341c414cd943de0074f591109e44690a4e3899eeb0a66fa5fcd469fd8b4946ba80ff2702a48bbe3fff3973c70e
msg2.mac = 6c8b7fbb91dabac4b7ecc10aca31cf8e
msg2.sig_rl_size = 00000000
msg2.sig_rl =
----------------------------------------------------------------------------

---- Msg3 Details ----------------------------------------------------------
msg3.mac = c93e0f23fb62f55232b01f3277f95b30
msg3.g_a.gx = b226c7bfd0b3afd2a5c72aa902ef7a22156d67d8a0188aa5a8c2ff1e89442a1c
msg3.g_a.gy = f482a35422abfc21034349512025d1917dd14cd0e32c193f25e8bae0ec93f26b
msg3.quote = 02000000ce0b00000b000a0000000000dd93fddb1c578e662ca45af1ad050862ddc522f1957db05db756d9057904b3691010ffff0180000000000000000000000000000000000000000000000000000000000000000000000000000000000000070000000000000007000000000000000e3c50efd9d8d861e142c3320d70492bb3928d5c0d9a0b05fdb1998ea3b593430000000000000000000000000000000000000000000000000000000000000000bd71c6380ef77c5417e8b2d1ce2d4b6504b9f418e5049342440cfff2443d95bd00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fa48df5c9743645a649d012830de46b2ae43f5a4acc4089eef2a0113598eec720000000000000000000000000000000000000000000000000000000000000000a80200005cb5e451c02bd8494fea55f2bcc6634d414cdb689ae63da90edc0997fd4d44b49de2ffb0a10a282e713ea0d09a6758ab1c0a8d8d6b5a80e5fb1e77ccd1dba7010bfdc76c4e04704739dfe3364e24f0145bd9d011fbcecea1bb9e5c27090f4b33f285e2653ec2d2841bcbd4404a807d017313f1fd1ef40321296f73d804335acc118a1f7a49e627f3a45435924812813bdb45a2d67a7dc6cbaaa07542ec4e6a32ee6e9d83d1cdda878ce0a2c9133b77aec1c234c41078f70bb2c2e9743c78297898417263df9def345801a413de5447d5e7ef6bbded5c9a83f855c737fc1a1bbf0c6f785f738ecdade00e21d773c0fe59cdcc3300b7b07babd5b55b35d2e33ab830a42732846bdea95387c536d23e36c2d2a95768fb631ea1cc20beea5a8a5e529f76548078e49f9709eebaee68010000d8d8ed4e75c10dd11e27a981972b96004ed277645392e62b14ddd466575a08b3fe84a45e57a24b91d69101c4c91e061456e986d4aff982401ceca820e233fd741d86b433b2aa03a7d7bfc990d5acf339ee6ac6d13705ebe0c71a333355a0b20251a2b44f9e011fe5e3799a2900c423c293170a201bbec57cea15469a1b62828418c43017328072a7574cfa6127112d2f56adc7e4d225fc780d1f0c5b945eb99a5dc2be9a510c0745061dcb72706d472cafd42da47375c4cd6c47465472f2c5dbda887ced31cc3367c85f3ca8f7787be054b762f37ca114919cf5e0156839d1de20a5eb033cfcfd8eb58ee00aaf944e3b285d3dc4734edc3957dcce4b3589a6de59ca7e0977b917b95587ba440685b2038a689372368c4544516235d5a13a692b983eff068dfd686d2311725929e6890b3a968fb64b59a9030db7149a363582ee2cc493e1d6335f45cc87f4bdad608fc92cbb26d2978fb72654850d77fc6c4029018ae3b923611892597e42cc882040adcc942186f1b52400
----------------------------------------------------------------------------

---- Copy/Paste Msg3 Below to SP -------------------------------------------
c93e0f23fb62f55232b01f3277f95b30b226c7bfd0b3afd2a5c72aa902ef7a22156d67d8a0188aa5a8c2ff1e89442a1cf482a35422abfc21034349512025d1917dd14cd0e32c193f25e8bae0ec93f26b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ce0b00000b000a0000000000dd93fddb1c578e662ca45af1ad050862ddc522f1957db05db756d9057904b3691010ffff0180000000000000000000000000000000000000000000000000000000000000000000000000000000000000070000000000000007000000000000000e3c50efd9d8d861e142c3320d70492bb3928d5c0d9a0b05fdb1998ea3b593430000000000000000000000000000000000000000000000000000000000000000bd71c6380ef77c5417e8b2d1ce2d4b6504b9f418e5049342440cfff2443d95bd00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fa48df5c9743645a649d012830de46b2ae43f5a4acc4089eef2a0113598eec720000000000000000000000000000000000000000000000000000000000000000a80200005cb5e451c02bd8494fea55f2bcc6634d414cdb689ae63da90edc0997fd4d44b49de2ffb0a10a282e713ea0d09a6758ab1c0a8d8d6b5a80e5fb1e77ccd1dba7010bfdc76c4e04704739dfe3364e24f0145bd9d011fbcecea1bb9e5c27090f4b33f285e2653ec2d2841bcbd4404a807d017313f1fd1ef40321296f73d804335acc118a1f7a49e627f3a45435924812813bdb45a2d67a7dc6cbaaa07542ec4e6a32ee6e9d83d1cdda878ce0a2c9133b77aec1c234c41078f70bb2c2e9743c78297898417263df9def345801a413de5447d5e7ef6bbded5c9a83f855c737fc1a1bbf0c6f785f738ecdade00e21d773c0fe59cdcc3300b7b07babd5b55b35d2e33ab830a42732846bdea95387c536d23e36c2d2a95768fb631ea1cc20beea5a8a5e529f76548078e49f9709eebaee68010000d8d8ed4e75c10dd11e27a981972b96004ed277645392e62b14ddd466575a08b3fe84a45e57a24b91d69101c4c91e061456e986d4aff982401ceca820e233fd741d86b433b2aa03a7d7bfc990d5acf339ee6ac6d13705ebe0c71a333355a0b20251a2b44f9e011fe5e3799a2900c423c293170a201bbec57cea15469a1b62828418c43017328072a7574cfa6127112d2f56adc7e4d225fc780d1f0c5b945eb99a5dc2be9a510c0745061dcb72706d472cafd42da47375c4cd6c47465472f2c5dbda887ced31cc3367c85f3ca8f7787be054b762f37ca114919cf5e0156839d1de20a5eb033cfcfd8eb58ee00aaf944e3b285d3dc4734edc3957dcce4b3589a6de59ca7e0977b917b95587ba440685b2038a689372368c4544516235d5a13a692b983eff068dfd686d2311725929e6890b3a968fb64b59a9030db7149a363582ee2cc493e1d6335f45cc87f4bdad608fc92cbb26d2978fb72654850d77fc6c4029018ae3b923611892597e42cc882040adcc942186f1b52400
----------------------------------------------------------------------------

---- Enclave Trust Status from Service Provider ----------------------------
Enclave NOT TRUSTED
A Platform Info Blob (PIB) was provided by the IAS

0 Kudos
JesusG_Intel
Moderator
9,062 Views

Hello Lu,


We can get better output from the server side. Please send us the IAS response from your run-server terminal.


0 Kudos
makura
New Contributor I
8,998 Views

When I  run "./run-server -d -v", I found this information: Enclave NOT TRUSTED - Reason: CONFIGURATION_AND_SW_HARDENING_NEEDED.

And I put all information in the following.


+++ IAS Primary Subscription Key set to '2b2d........................a0f3'
+++ IAS Secondary Subscription Key set to 'd9f3........................98a3'
+++ Using default CA bundle /etc/ssl/certs/ca-certificates.crt
Using default private key
+++ using private key:

+++ IAS Subscription Key[0]: '2b2d22283ca845da8a7aeb9ba422a0f3'
+++ IAS Subscription Key[0] (Hex): 3262326432323238336361383435646138613761656239626134323261306633
+++ One-time pad: 3571c3d324948129172c74caeb9c16ecf185b915dc99bf5e1f3767ea3df2ed23
+++ Encrypted Subscription Key[0]: 0713f1b716a6b311244f15f2dfa9728dc9e48e74b9fb863c7e0355d85cc28b10


+++ IAS Subscription Key[1]: 'd9f3987b682141b0b55fea1e308298a3'
+++ IAS Subscription Key[1] (Hex): 6439663339383762363832313431623062353566656131653330383239386133
+++ One-time pad: e848a0fb7cafbb6c863cbefe563abb17c89a9bb1c3289f7c8d06388f1aedf325
+++ Encrypted Subscription Key[1]: 8c71c6c845978c0eb0048ccf620bd927aaafaed7a649ae19be3600bd23d59216

Listening for connections on port 7777
Waiting for a client to connect...
Connection from 127.0.0.1
Waiting for msg0||msg1
+++ read 145 bytes from socket

---- read buffer -----------------------------------------------------------
0000000055e3ff50e65beb0f387912b5d4448abe6f117f2822a7f8f5cb7a4ba802c786570079333eba6c383762a8f167ded688989b2daf75ef2090bbd1efc8ea5b589d2fce0b0000
----------------------------------------------------------------------------

---- Msg0 Details (from Client) --------------------------------------------
msg0.extended_epid_group_id = 0
----------------------------------------------------------------------------

---- Msg1 Details (from Client) --------------------------------------------
msg1.g_a.gx = 55e3ff50e65beb0f387912b5d4448abe6f117f2822a7f8f5cb7a4ba802c78657
msg1.g_a.gy = 0079333eba6c383762a8f167ded688989b2daf75ef2090bbd1efc8ea5b589d2f
msg1.gid = ce0b0000
----------------------------------------------------------------------------
+++ generating session key Gb
+++ deriving KDK
+++ shared secret= a2cdd59f99b7c23a2135382ee3e5e1615e7f9badbca3b929ae30c8ec0e97baea
+++ reversed = eaba970eecc830ae29b9a3bcad9b7f5e61e1e5e32e3835213ac2b7999fd5cda2
+++ KDK = 6b72f32c142dc564f429630a4f0fdf71
+++ deriving SMK
+++ SMK = 68f32f2e36edeae738b08715bfaa27d7
+++ Trying agent_wget

---- IAS sigrl HTTP Request ------------------------------------------------
HTTP GET https://api.trustedservices.intel.com/sgx/dev/attestation/v4/sigrl/00000bce
----------------------------------------------------------------------------

+++ Reconstructed Subscription Key: '2b2d22283ca845da8a7aeb9ba422a0f3'
+++ IAS Subscription Key (Hex): 3262326432323238336361383435646138613761656239626134323261306633
+++ One-time pad: 3571c3d324948129172c74caeb9c16ecf185b915dc99bf5e1f3767ea3df2ed23
+++ Encrypted SubscriptionKey: 0713f1b716a6b311244f15f2dfa9728dc9e48e74b9fb863c7e0355d85cc28b10

+++ Exec: wget --output-document=- --save-headers --content-on-error --no-http-keep-alive --header=Ocp-Apim-Subscription-Key: 2b2d22283ca845da8a7aeb9ba422a0f3 https://api.trustedservices.intel.com/sgx/dev/attestation/v4/sigrl/00000bce
--2020-09-16 10:59:18-- https://api.trustedservices.intel.com/sgx/dev/attestation/v4/sigrl/00000bce
Resolving api.trustedservices.intel.com (api.trustedservices.intel.com)... 40.87.90.88
Connecting to api.trustedservices.intel.com (api.trustedservices.intel.com)|40.87.90.88|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 0
Saving to: ‘STDOUT’

- [ <=> ] 0 --.-KB/s in 0s

2020-09-16 10:59:19 (0.00 B/s) - written to stdout [0/0]


---- IAS sigrl HTTP Response -----------------------------------------------
HTTP/1.1 200 OK
Content-Length: 0
Request-ID: cc02dc1561b441169ab1a22c3b5931fb
Date: Wed, 16 Sep 2020 01:59:18 GMT
Connection: close


----------------------------------------------------------------------------
+++ RET = 93975942115464
, ret+++ SubscriptionKeyID = 0
+++ GbGa = 47d2d6b8504d337f0ff20e2c4fdd91648d52f44a080550b6784412da94e6362f45b2a0adf8393afe2851157ee0398e242cc7c92ffb5dfd4e1c56421e99e3e42055e3ff50e65beb0f387912b5d4448abe6f117f2822a7f8f5cb7a4ba802c786570079333eba6c383762a8f167ded688989b2daf75ef2090bbd1efc8ea5b589d2f
+++ sha256(GbGa) = 69b67f4fb55b42a7ca7afa0e654071950af22f40bfe150beb28f877748c7926c
+++ r = 26d4fdef62a847eddd6960d677e602ca4d28c591db30f06c262e47cebd71500d
+++ s = 54252ebb4a6fb2886fd1bb8a65a923f8f0da39cd28265018f04eedcbe9bb9d74

---- Msg2 Details ----------------------------------------------------------
msg2.g_b.gx = 47d2d6b8504d337f0ff20e2c4fdd91648d52f44a080550b6784412da94e6362f
msg2.g_b.gy = 45b2a0adf8393afe2851157ee0398e242cc7c92ffb5dfd4e1c56421e99e3e420
msg2.spid = dd93fddb1c578e662ca45af1ad050862
msg2.quote_type = 0000
msg2.kdf_id = 0100
msg2.sign_ga_gb = 0d5071bdce472e266cf030db91c5284dca02e677d66069dded47a862effdd426749dbbe9cbed4ef018502628cd39daf0f823a9658abbd16f88b26f4abb2e2554
msg2.mac = 4557a4161b028fdaf217dd3969acfded
msg2.sig_rl_size = 00000000
----------------------------------------------------------------------------

---- Copy/Paste Msg2 Below to Client ---------------------------------------
47d2d6b8504d337f0ff20e2c4fdd91648d52f44a080550b6784412da94e6362f45b2a0adf8393afe2851157ee0398e242cc7c92ffb5dfd4e1c56421e99e3e420dd93fddb1c578e662ca45af1ad050862000001000d5071bdce472e266cf030db91c5284dca02e677d66069dded47a862effdd426749dbbe9cbed4ef018502628cd39daf0f823a9658abbd16f88b26f4abb2e25544557a4161b028fdaf217dd3969acfded00000000
----------------------------------------------------------------------------
Waiting for msg3
+++ read 2905 bytes from socket

---- read buffer -----------------------------------------------------------
a0be37b0a2e88ba7086196eeed65e8ce55e3ff50e65beb0f387912b5d4448abe6f117f2822a7f8f5cb7a4ba802c786570079333eba6c383762a8f167ded688989b2daf75ef2090bbd1efc8ea5b589d2f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ce0b00000b000a0000000000dd93fddb1c578e662ca45af1ad0508622378fa296862c7d6778a6e6b8db2bb5a1010ffff0180000000000000000000000000000000000000000000000000000000000000000000000000000000000000070000000000000007000000000000000e3c50efd9d8d861e142c3320d70492bb3928d5c0d9a0b05fdb1998ea3b593430000000000000000000000000000000000000000000000000000000000000000bd71c6380ef77c5417e8b2d1ce2d4b6504b9f418e5049342440cfff2443d95bd000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008bb4ab215a54e332cf86b693a1591f5fc432ed5f90afddc1919186809618ec130000000000000000000000000000000000000000000000000000000000000000a80200009ed233856fcb21a398feced348cf894852b1baef33de1642ef8586a7a8f61363a90de25ee06b70e928d3c3c3a3c1d3050ea74c9fe98768d011d3a4dd40d4ae57e50e280ab70e2ded4f0cd605440b2da90e1bd9c06721071746a5a061f577d7fb31d7058e149adbf0cc34815d858e190c094da9c5688d1fcbdfe8a8011bf0c6c620edbcfca6bd6e293fde0dd8302874676b77aee42520fa0d6ac7af969cf7b417241f050fd78e72501516964e9133282214ca3f1543f58994c1db80a4da98d775c6d5803ed7f29173b4234bc42558f1b4109424966f15551d4a3be69ae704049a4f4d44675927abd38f50c635630c52fc5e163f40b0134503fca1be7be56747868e2d9b1856cf6732c8c56abe0c77a67d082fa357514baf8e6496db6e2b2bde94ae251f7f0c867586b4c449bb6801000065775ff4f27fe90896f12532448b171b3fb89d09bf49caa178e0c646ce8b4d336ed0ad607fdb89aaa577b7e8d8b3a4e4e79acbda3a5e9e298238fa43fd397ce40b81842b946b6a55bdd977599401f4c959aadbfab555f69534eaa9268570a4f8b31187daed61acaf40a191caaf6ec2bd669a8452819f84948c34b88410670fa773556ca5e76b6d1eb31d74030fd0809554b06b5a91586037e94ffbf61ec47f2adad43b2c6b54f74164977e854765d8423faf183993c5b89cfae9979656edd38df66a6e7f092d549a72ed2b154c51ed6eae89be8d75a6c7a4fa4fd27a9ec4e0312411eb146db08ab489f13c1cd561830e2f8c335ea337de421649a0570ae80339664544c763820e76ad1d67642586d45082d608d1c1ebc39c3741bd37b23e1145424eaf0a6a839d274f19a72a582cdb230efbfd8c2c27da8211ffe9ea2032266902effdd6aa8a9f9328f7d97ad5b742d44f00a0c5e32bf1639ffb8f5882ff19f4184e3ceb60f10abe69ce4d7dda840c501123e325bfe1ea04
----------------------------------------------------------------------------
+++ read 2904 bytes
+++ quote_sz= 1116 bytes
+++ Verifying msg3.g_a matches msg1.g_a
msg1.g_a.gx = 55e3ff50e65beb0f387912b5d4448abe6f117f2822a7f8f5cb7a4ba802c78657
msg1.g_a.gy = 0079333eba6c383762a8f167ded688989b2daf75ef2090bbd1efc8ea5b589d2f
msg3.g_a.gx = 55e3ff50e65beb0f387912b5d4448abe6f117f2822a7f8f5cb7a4ba802c78657
msg3.g_a.gy = 0079333eba6c383762a8f167ded688989b2daf75ef2090bbd1efc8ea5b589d2f
+++ Validating MACsmk(M)
msg3.mac = a0be37b0a2e88ba7086196eeed65e8ce
calculated = a0be37b0a2e88ba7086196eeed65e8ce

---- Msg3 Details (from Client) --------------------------------------------
msg3.mac = a0be37b0a2e88ba7086196eeed65e8ce
msg3.g_a.gx = 55e3ff50e65beb0f387912b5d4448abe6f117f2822a7f8f5cb7a4ba802c78657
msg3.g_a.gy = 0079333eba6c383762a8f167ded688989b2daf75ef2090bbd1efc8ea5b589d2f
msg3.ps_sec_prop = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
msg3.quote.version = 0200
msg3.quote.sign_type = 0000
msg3.quote.epid_group_id = ce0b0000
msg3.quote.qe_svn = 0b00
msg3.quote.pce_svn = 0a00
msg3.quote.xeid = 00000000
msg3.quote.basename = dd93fddb1c578e662ca45af1ad0508622378fa296862c7d6778a6e6b8db2bb5a
msg3.quote.report_body = 1010ffff0180000000000000000000000000000000000000000000000000000000000000000000000000000000000000070000000000000007000000000000000e3c50efd9d8d861e142c3320d70492bb3928d5c0d9a0b05fdb1998ea3b593430000000000000000000000000000000000000000000000000000000000000000bd71c6380ef77c5417e8b2d1ce2d4b6504b9f418e5049342440cfff2443d95bd000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008bb4ab215a54e332cf86b693a1591f5fc432ed5f90afddc1919186809618ec130000000000000000000000000000000000000000000000000000000000000000
msg3.quote.signature_len = a8020000
msg3.quote.signature = 9ed233856fcb21a398feced348cf894852b1baef33de1642ef8586a7a8f61363a90de25ee06b70e928d3c3c3a3c1d3050ea74c9fe98768d011d3a4dd40d4ae57e50e280ab70e2ded4f0cd605440b2da90e1bd9c06721071746a5a061f577d7fb31d7058e149adbf0cc34815d858e190c094da9c5688d1fcbdfe8a8011bf0c6c620edbcfca6bd6e293fde0dd8302874676b77aee42520fa0d6ac7af969cf7b417241f050fd78e72501516964e9133282214ca3f1543f58994c1db80a4da98d775c6d5803ed7f29173b4234bc42558f1b4109424966f15551d4a3be69ae704049a4f4d44675927abd38f50c635630c52fc5e163f40b0134503fca1be7be56747868e2d9b1856cf6732c8c56abe0c77a67d082fa357514baf8e6496db6e2b2bde94ae251f7f0c867586b4c449bb6801000065775ff4f27fe90896f12532448b171b3fb89d09bf49caa178e0c646ce8b4d336ed0ad607fdb89aaa577b7e8d8b3a4e4e79acbda3a5e9e298238fa43fd397ce40b81842b946b6a55bdd977599401f4c959aadbfab555f69534eaa9268570a4f8b31187daed61acaf40a191caaf6ec2bd669a8452819f84948c34b88410670fa773556ca5e76b6d1eb31d74030fd0809554b06b5a91586037e94ffbf61ec47f2adad43b2c6b54f74164977e854765d8423faf183993c5b89cfae9979656edd38df66a6e7f092d549a72ed2b154c51ed6eae89be8d75a6c7a4fa4fd27a9ec4e0312411eb146db08ab489f13c1cd561830e2f8c335ea337de421649a0570ae80339664544c763820e76ad1d67642586d45082d608d1c1ebc39c3741bd37b23e1145424eaf0a6a839d274f19a72a582cdb230efbfd8c2c27da8211ffe9ea2032266902effdd6aa8a9f9328f7d97ad5b742d44f00a0c5e32bf1639ffb8f5882ff19f4184e3ceb60f10abe69ce4d7dda840c501123e325bfe1ea04

---- Enclave Quote (base64) ==> Send to IAS --------------------------------
AgAAAM4LAAALAAoAAAAAAN2T/dscV45mLKRa8a0FCGIjePopaGLH1neKbmuNsrtaEBD//wGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwAAAAAAAAAHAAAAAAAAAA48UO/Z2Nhh4ULDMg1wSSuzko1cDZoLBf2xmY6jtZNDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC9ccY4Dvd8VBfostHOLUtlBLn0GOUEk0JEDP/yRD2VvQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACLtKshWlTjMs+GtpOhWR9fxDLtX5Cv3cGRkYaAlhjsEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqAIAAJ7SM4VvyyGjmP7O00jPiUhSsbrvM94WQu+Fhqeo9hNjqQ3iXuBrcOko08PDo8HTBQ6nTJ/ph2jQEdOk3UDUrlflDigKtw4t7U8M1gVECy2pDhvZwGchBxdGpaBh9XfX+zHXBY4UmtvwzDSBXYWOGQwJTanFaI0fy9/oqAEb8MbGIO28/Ka9bik/3g3YMCh0Z2t3ruQlIPoNasevlpz3tBckHwUP145yUBUWlk6RMygiFMo/FUP1iZTB24Ck2pjXdcbVgD7X8pFztCNLxCVY8bQQlCSWbxVVHUo75prnBASaT01EZ1knq9OPUMY1YwxS/F4WP0CwE0UD/KG+e+VnR4aOLZsYVs9nMsjFar4Md6Z9CC+jV1FLr45klttuKyvelK4lH38MhnWGtMRJu2gBAABld1/08n/pCJbxJTJEixcbP7idCb9JyqF44MZGzotNM27QrWB/24mqpXe36NizpOTnmsvaOl6eKYI4+kP9OXzkC4GEK5RralW92XdZlAH0yVmq2/q1VfaVNOqpJoVwpPizEYfa7WGsr0ChkcqvbsK9ZpqEUoGfhJSMNLiEEGcPp3NVbKXna20esx10Aw/QgJVUsGtakVhgN+lP+/YexH8q2tQ7LGtU90Fkl36FR2XYQj+vGDmTxbic+umXllbt0432am5/CS1UmnLtKxVMUe1urom+jXWmx6T6T9J6nsTgMSQR6xRtsIq0ifE8HNVhgw4vjDNeozfeQhZJoFcK6AM5ZkVEx2OCDnatHWdkJYbUUILWCNHB68OcN0G9N7I+EUVCTq8KaoOdJ08ZpypYLNsjDvv9jCwn2oIR/+nqIDImaQLv/daqip+TKPfZetW3QtRPAKDF4yvxY5/7j1iC/xn0GE4862DxCr5pzk192oQMUBEj4yW/4eoE
----------------------------------------------------------------------------
+++ Validating quote's epid_group_id against msg1
msg1.egid = ce0b0000
msg3.quote.epid_group_id = ce0b0000
+++ Trying agent_wget

---- IAS report HTTP Request -----------------------------------------------
HTTP POST https://api.trustedservices.intel.com/sgx/dev/attestation/v4/report
----------------------------------------------------------------------------
+++ POST data written to /tmp/wgetpostC7Obhg

+++ Reconstructed Subscription Key: '2b2d22283ca845da8a7aeb9ba422a0f3'
+++ IAS Subscription Key (Hex): 3262326432323238336361383435646138613761656239626134323261306633
+++ One-time pad: 3571c3d324948129172c74caeb9c16ecf185b915dc99bf5e1f3767ea3df2ed23
+++ Encrypted SubscriptionKey: 0713f1b716a6b311244f15f2dfa9728dc9e48e74b9fb863c7e0355d85cc28b10

+++ Exec: wget --output-document=- --save-headers --content-on-error --no-http-keep-alive --header=Ocp-Apim-Subscription-Key: 2b2d22283ca845da8a7aeb9ba422a0f3 --header=Content-Type: application/json --post-file=/tmp/wgetpostC7Obhg https://api.trustedservices.intel.com/sgx/dev/attestation/v4/report
--2020-09-16 10:59:19-- https://api.trustedservices.intel.com/sgx/dev/attestation/v4/report
Resolving api.trustedservices.intel.com (api.trustedservices.intel.com)... 40.87.90.88
Connecting to api.trustedservices.intel.com (api.trustedservices.intel.com)|40.87.90.88|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1132 (1.1K) [application/json]
Saving to: ‘STDOUT’

- 100%[===================>] 1.11K --.-KB/s in 0s

2020-09-16 10:59:20 (66.2 MB/s) - written to stdout [1132/1132]


---- IAS report HTTP Response ----------------------------------------------
HTTP/1.1 200 OK
Content-Length: 1132
Content-Type: application/json
Request-ID: 06af3dcfd3314cb3b98dd09309087755
X-IASReport-Signature: iQZa9xYy0Q772c35KDULsdWq7oJyKyVTLNIAy8K4+XceuJARwKnekXMqDqcAgfiDYYse77yEY1LCeJstf0ymzdqQjGBPQeYTy2XQvi8VWuqvqtdo9QFgkqyOtfTaZBXyBwFoQ4MmJy6NaNGoF+r/B95smd9uFb1Y36BhvfbFpDXc1I3qWBzD3EI2wzO5wFon9mJfCEclFOIcdp01lhlWxJIe35BpXpxDOuipNRgEfgNttBh2wxTC7vC7HHpK+jrBAUSwPHClzLzdrC/wx8bvWdDy0yc8hYcqYmE4+Pt2r/c2vXx/6lRdciaG+cOecFS4exj9RlQcUE7ogDYev6+ShA==
X-IASReport-Signing-Certificate: -----BEGIN%20CERTIFICATE-----%0AMIIEoTCCAwmgAwIBAgIJANEHdl0yo7CWMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwLU2FudGEgQ2xhcmExGjAYBgNV%0ABAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQDDCdJbnRlbCBTR1ggQXR0ZXN0%0AYXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwHhcNMTYxMTIyMDkzNjU4WhcNMjYxMTIw%0AMDkzNjU4WjB7MQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFDASBgNVBAcMC1Nh%0AbnRhIENsYXJhMRowGAYDVQQKDBFJbnRlbCBDb3Jwb3JhdGlvbjEtMCsGA1UEAwwk%0ASW50ZWwgU0dYIEF0dGVzdGF0aW9uIFJlcG9ydCBTaWduaW5nMIIBIjANBgkqhkiG%0A9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXot4OZuphR8nudFrAFiaGxxkgma/Es/BA%2Bt%0AbeCTUR106AL1ENcWA4FX3K%2BE9BBL0/7X5rj5nIgX/R/1ubhkKWw9gfqPG3KeAtId%0Acv/uTO1yXv50vqaPvE1CRChvzdS/ZEBqQ5oVvLTPZ3VEicQjlytKgN9cLnxbwtuv%0ALUK7eyRPfJW/ksddOzP8VBBniolYnRCD2jrMRZ8nBM2ZWYwnXnwYeOAHV%2BW9tOhA%0AImwRwKF/95yAsVwd21ryHMJBcGH70qLagZ7Ttyt%2B%2BqO/6%2BKAXJuKwZqjRlEtSEz8%0AgZQeFfVYgcwSfo96oSMAzVr7V0L6HSDLRnpb6xxmbPdqNol4tQIDAQABo4GkMIGh%0AMB8GA1UdIwQYMBaAFHhDe3amfrzQr35CN%2Bs1fDuHAVE8MA4GA1UdDwEB/wQEAwIG%0AwDAMBgNVHRMBAf8EAjAAMGAGA1UdHwRZMFcwVaBToFGGT2h0dHA6Ly90cnVzdGVk%0Ac2VydmljZXMuaW50ZWwuY29tL2NvbnRlbnQvQ1JML1NHWC9BdHRlc3RhdGlvblJl%0AcG9ydFNpZ25pbmdDQS5jcmwwDQYJKoZIhvcNAQELBQADggGBAGcIthtcK9IVRz4r%0ARq%2BZKE%2B7k50/OxUsmW8aavOzKb0iCx07YQ9rzi5nU73tME2yGRLzhSViFs/LpFa9%0AlpQL6JL1aQwmDR74TxYGBAIi5f4I5TJoCCEqRHz91kpG6Uvyn2tLmnIdJbPE4vYv%0AWLrtXXfFBSSPD4Afn7%2B3/XUggAlc7oCTizOfbbtOFlYA4g5KcYgS1J2ZAeMQqbUd%0AZseZCcaZZZn65tdqee8UXZlDvx0%2BNdO0LR%2B5pFy%2BjuM0wWbu59MvzcmTXbjsi7HY%0A6zd53Yq5K244fwFHRQ8eOB0IWB%2B4PfM7FeAApZvlfqlKOlLcZL2uyVmzRkyR5yW7%0A2uo9mehX44CiPJ2fse9Y6eQtcfEhMPkmHXI01sN%2BKwPbpA39%2BxOsStjhP9N1Y1a2%0AtQAVo%2ByVgLgV2Hws73Fc0o3wC78qPEA%2Bv2aRs/Be3ZFDgDyghc/1fgU%2B7C%2BP6kbq%0Ad4poyb6IW8KCJbxfMJvkordNOgOUUxndPHEi/tb/U7uLjLOgPA%3D%3D%0A-----END%20CERTIFICATE-----%0A-----BEGIN%20CERTIFICATE-----%0AMIIFSzCCA7OgAwIBAgIJANEHdl0yo7CUMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwLU2FudGEgQ2xhcmExGjAYBgNV%0ABAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQDDCdJbnRlbCBTR1ggQXR0ZXN0%0AYXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwIBcNMTYxMTE0MTUzNzMxWhgPMjA0OTEy%0AMzEyMzU5NTlaMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwL%0AU2FudGEgQ2xhcmExGjAYBgNVBAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQD%0ADCdJbnRlbCBTR1ggQXR0ZXN0YXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwggGiMA0G%0ACSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCfPGR%2BtXc8u1EtJzLA10Feu1Wg%2Bp7e%0ALmSRmeaCHbkQ1TF3Nwl3RmpqXkeGzNLd69QUnWovYyVSndEMyYc3sHecGgfinEeh%0ArgBJSEdsSJ9FpaFdesjsxqzGRa20PYdnnfWcCTvFoulpbFR4VBuXnnVLVzkUvlXT%0AL/TAnd8nIZk0zZkFJ7P5LtePvykkar7LcSQO85wtcQe0R1Raf/sQ6wYKaKmFgCGe%0ANpEJUmg4ktal4qgIAxk%2BQHUxQE42sxViN5mqglB0QJdUot/o9a/V/mMeH8KvOAiQ%0AbyinkNndn%2BBgk5sSV5DFgF0DffVqmVMblt5p3jPtImzBIH0QQrXJq39AT8cRwP5H%0AafuVeLHcDsRp6hol4P%2BZFIhu8mmbI1u0hH3W/0C2BuYXB5PC%2B5izFFh/nP0lc2Lf%0A6rELO9LZdnOhpL1ExFOq9H/B8tPQ84T3Sgb4nAifDabNt/zu6MmCGo5U8lwEFtGM%0ARoOaX4AS%2B909x00lYnmtwsDVWv9vBiJCXRsCAwEAAaOByTCBxjBgBgNVHR8EWTBX%0AMFWgU6BRhk9odHRwOi8vdHJ1c3RlZHNlcnZpY2VzLmludGVsLmNvbS9jb250ZW50%0AL0NSTC9TR1gvQXR0ZXN0YXRpb25SZXBvcnRTaWduaW5nQ0EuY3JsMB0GA1UdDgQW%0ABBR4Q3t2pn680K9%2BQjfrNXw7hwFRPDAfBgNVHSMEGDAWgBR4Q3t2pn680K9%2BQjfr%0ANXw7hwFRPDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkq%0AhkiG9w0BAQsFAAOCAYEAeF8tYMXICvQqeXYQITkV2oLJsp6J4JAqJabHWxYJHGir%0AIEqucRiJSSx%2BHjIJEUVaj8E0QjEud6Y5lNmXlcjqRXaCPOqK0eGRz6hi%2BripMtPZ%0AsFNaBwLQVV905SDjAzDzNIDnrcnXyB4gcDFCvwDFKKgLRjOB/WAqgscDUoGq5ZVi%0AzLUzTqiQPmULAQaB9c6Oti6snEFJiCQ67JLyW/E83/frzCmO5Ru6WjU4tmsmy8Ra%0AUd4APK0wZTGtfPXU7w%2BIBdG5Ez0kE1qzxGQaL4gINJ1zMyleDnbuS8UicjJijvqA%0A152Sq049ESDz%2B1rRGc2NVEqh1KaGXmtXvqxXcTB%2BLjy5Bw2ke0v8iGngFBPqCTVB%0A3op5KBG3RjbF6RRSzwzuWfL7QErNC8WEy5yDVARzTA5%2BxmBc388v9Dm21HGfcC8O%0ADD%2BgT9sSpssq0ascmvH49MOgjt1yoysLtdCtJW/9FZpoOypaHx0R%2BmJTLwPXVMrv%0ADaVzWh5aiEx%2BidkSGMnX%0A-----END%20CERTIFICATE-----%0A
Date: Wed, 16 Sep 2020 01:59:20 GMT
Connection: close

{"id":"319296195419679756312962120164987139813","timestamp":"2020-09-16T01:59:20.767445","version":4,"advisoryURL":"https://security-center.intel.com","advisoryIDs":["INTEL-SA-00334","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289"],"isvEnclaveQuoteStatus":"CONFIGURATION_AND_SW_HARDENING_NEEDED","platformInfoBlob":"1502006500000800000F0F02040180070000000000000000000B00000B000000020000000000000BCEF90960A5B19CC20A1E446B57F1BD718D5DC24B4EEFAB5E8FCE58BE98B43B384C9..."}
----------------------------------------------------------------------------

---- Certficate ------------------------------------------------------------
-----BEGIN CERTIFICATE-----
MIIEoTCCAwmgAwIBAgIJANEHdl0yo7CWMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNV
BAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwLU2FudGEgQ2xhcmExGjAYBgNV
BAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQDDCdJbnRlbCBTR1ggQXR0ZXN0
YXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwHhcNMTYxMTIyMDkzNjU4WhcNMjYxMTIw
MDkzNjU4WjB7MQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFDASBgNVBAcMC1Nh
bnRhIENsYXJhMRowGAYDVQQKDBFJbnRlbCBDb3Jwb3JhdGlvbjEtMCsGA1UEAwwk
SW50ZWwgU0dYIEF0dGVzdGF0aW9uIFJlcG9ydCBTaWduaW5nMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXot4OZuphR8nudFrAFiaGxxkgma/Es/BA+t
beCTUR106AL1ENcWA4FX3K+E9BBL0/7X5rj5nIgX/R/1ubhkKWw9gfqPG3KeAtId
cv/uTO1yXv50vqaPvE1CRChvzdS/ZEBqQ5oVvLTPZ3VEicQjlytKgN9cLnxbwtuv
LUK7eyRPfJW/ksddOzP8VBBniolYnRCD2jrMRZ8nBM2ZWYwnXnwYeOAHV+W9tOhA
ImwRwKF/95yAsVwd21ryHMJBcGH70qLagZ7Ttyt++qO/6+KAXJuKwZqjRlEtSEz8
gZQeFfVYgcwSfo96oSMAzVr7V0L6HSDLRnpb6xxmbPdqNol4tQIDAQABo4GkMIGh
MB8GA1UdIwQYMBaAFHhDe3amfrzQr35CN+s1fDuHAVE8MA4GA1UdDwEB/wQEAwIG
wDAMBgNVHRMBAf8EAjAAMGAGA1UdHwRZMFcwVaBToFGGT2h0dHA6Ly90cnVzdGVk
c2VydmljZXMuaW50ZWwuY29tL2NvbnRlbnQvQ1JML1NHWC9BdHRlc3RhdGlvblJl
cG9ydFNpZ25pbmdDQS5jcmwwDQYJKoZIhvcNAQELBQADggGBAGcIthtcK9IVRz4r
Rq+ZKE+7k50/OxUsmW8aavOzKb0iCx07YQ9rzi5nU73tME2yGRLzhSViFs/LpFa9
lpQL6JL1aQwmDR74TxYGBAIi5f4I5TJoCCEqRHz91kpG6Uvyn2tLmnIdJbPE4vYv
WLrtXXfFBSSPD4Afn7+3/XUggAlc7oCTizOfbbtOFlYA4g5KcYgS1J2ZAeMQqbUd
ZseZCcaZZZn65tdqee8UXZlDvx0+NdO0LR+5pFy+juM0wWbu59MvzcmTXbjsi7HY
6zd53Yq5K244fwFHRQ8eOB0IWB+4PfM7FeAApZvlfqlKOlLcZL2uyVmzRkyR5yW7
2uo9mehX44CiPJ2fse9Y6eQtcfEhMPkmHXI01sN+KwPbpA39+xOsStjhP9N1Y1a2
tQAVo+yVgLgV2Hws73Fc0o3wC78qPEA+v2aRs/Be3ZFDgDyghc/1fgU+7C+P6kbq
d4poyb6IW8KCJbxfMJvkordNOgOUUxndPHEi/tb/U7uLjLOgPA==
-----END CERTIFICATE-----

----------------------------------------------------------------------------

---- Certficate ------------------------------------------------------------
-----BEGIN CERTIFICATE-----
MIIFSzCCA7OgAwIBAgIJANEHdl0yo7CUMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNV
BAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwLU2FudGEgQ2xhcmExGjAYBgNV
BAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQDDCdJbnRlbCBTR1ggQXR0ZXN0
YXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwIBcNMTYxMTE0MTUzNzMxWhgPMjA0OTEy
MzEyMzU5NTlaMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwL
U2FudGEgQ2xhcmExGjAYBgNVBAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQD
DCdJbnRlbCBTR1ggQXR0ZXN0YXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwggGiMA0G
CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCfPGR+tXc8u1EtJzLA10Feu1Wg+p7e
LmSRmeaCHbkQ1TF3Nwl3RmpqXkeGzNLd69QUnWovYyVSndEMyYc3sHecGgfinEeh
rgBJSEdsSJ9FpaFdesjsxqzGRa20PYdnnfWcCTvFoulpbFR4VBuXnnVLVzkUvlXT
L/TAnd8nIZk0zZkFJ7P5LtePvykkar7LcSQO85wtcQe0R1Raf/sQ6wYKaKmFgCGe
NpEJUmg4ktal4qgIAxk+QHUxQE42sxViN5mqglB0QJdUot/o9a/V/mMeH8KvOAiQ
byinkNndn+Bgk5sSV5DFgF0DffVqmVMblt5p3jPtImzBIH0QQrXJq39AT8cRwP5H
afuVeLHcDsRp6hol4P+ZFIhu8mmbI1u0hH3W/0C2BuYXB5PC+5izFFh/nP0lc2Lf
6rELO9LZdnOhpL1ExFOq9H/B8tPQ84T3Sgb4nAifDabNt/zu6MmCGo5U8lwEFtGM
RoOaX4AS+909x00lYnmtwsDVWv9vBiJCXRsCAwEAAaOByTCBxjBgBgNVHR8EWTBX
MFWgU6BRhk9odHRwOi8vdHJ1c3RlZHNlcnZpY2VzLmludGVsLmNvbS9jb250ZW50
L0NSTC9TR1gvQXR0ZXN0YXRpb25SZXBvcnRTaWduaW5nQ0EuY3JsMB0GA1UdDgQW
BBR4Q3t2pn680K9+QjfrNXw7hwFRPDAfBgNVHSMEGDAWgBR4Q3t2pn680K9+Qjfr
NXw7hwFRPDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkq
hkiG9w0BAQsFAAOCAYEAeF8tYMXICvQqeXYQITkV2oLJsp6J4JAqJabHWxYJHGir
IEqucRiJSSx+HjIJEUVaj8E0QjEud6Y5lNmXlcjqRXaCPOqK0eGRz6hi+ripMtPZ
sFNaBwLQVV905SDjAzDzNIDnrcnXyB4gcDFCvwDFKKgLRjOB/WAqgscDUoGq5ZVi
zLUzTqiQPmULAQaB9c6Oti6snEFJiCQ67JLyW/E83/frzCmO5Ru6WjU4tmsmy8Ra
Ud4APK0wZTGtfPXU7w+IBdG5Ez0kE1qzxGQaL4gINJ1zMyleDnbuS8UicjJijvqA
152Sq049ESDz+1rRGc2NVEqh1KaGXmtXvqxXcTB+Ljy5Bw2ke0v8iGngFBPqCTVB
3op5KBG3RjbF6RRSzwzuWfL7QErNC8WEy5yDVARzTA5+xmBc388v9Dm21HGfcC8O
DD+gT9sSpssq0ascmvH49MOgjt1yoysLtdCtJW/9FZpoOypaHx0R+mJTLwPXVMrv
DaVzWh5aiEx+idkSGMnX
-----END CERTIFICATE-----


----------------------------------------------------------------------------
+++ Found 2 certificates in chain
+++ certificate chain verified

---- Report Signature ------------------------------------------------------
89065af71632d10efbd9cdf928350bb1d5aaee82722b25532cd200cbc2b8f9771eb89011c0a9de91732a0ea70081f883618b1eefbc846352c2789b2d7f4ca6cdda908c604f41e613cb65d0be2f155aeaafaad768f5016092ac8eb5f4da6415f2070168438326272e8d68d1a817eaff07de6c99df6e15bd58dfa061bdf6c5a435dcd48dea581cc3dc4236c333b9c05a27f6625f08472514e21c769d35961956c4921edf90695e9c433ae8a93518047e036db41876c314c2eef0bb1c7a4afa3ac10144b03c70a5ccbcddac2ff0c7c6ef59d0f2d3273c85872a626138f8fb76aff736bd7c7fea545d722686f9c39e7054b87b18fd46541c504ee880361ebfaf9284
----------------------------------------------------------------------------
+++ Extracting public key from signing cert
+++ Verifying signature over report body

---- Report ----------------------------------------------------------------
{"id":"319296195419679756312962120164987139813","timestamp":"2020-09-16T01:59:20.767445","version":4,"advisoryURL":"https://security-center.intel.com","advisoryIDs":["INTEL-SA-00334","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289"],"isvEnclaveQuoteStatus":"CONFIGURATION_AND_SW_HARDENING_NEEDED","platformInfoBlob":"1502006500000800000F0F02040180070000000000000000000B00000B000000020000000000000BCEF90960A5B19CC20A1E446B57F1BD718D5DC24B4EEFAB5E8FCE58BE98B43B384C9..."}
----------------------------------------------------------------------------
Content-length: 1132 bytes
----------------------------------------------------------------------------
+++ Signature verified

---- Report Body -----------------------------------------------------------
{"id":"319296195419679756312962120164987139813","timestamp":"2020-09-16T01:59:20.767445","version":4,"advisoryURL":"https://security-center.intel.com","advisoryIDs":["INTEL-SA-00334","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289"],"isvEnclaveQuoteStatus":"CONFIGURATION_AND_SW_HARDENING_NEEDED","platformInfoBlob":"1502006500000800000F0F02040180070000000000000000000B00000B000000020000000000000BCEF90960A5B19CC20A1E446B57F1BD718D5DC24B4EEFAB5E8FCE58BE98B43B384C9..."}
----------------------------------------------------------------------------

---- IAS Report - JSON - Required Fields -----------------------------------
version = 4
id: = 319296195419679756312962120164987139813
timestamp = 2020-09-16T01:59:20.767445
isvEnclaveQuoteStatus = CONFIGURATION_AND_SW_HARDENING_NEEDED
isvEnclaveQuoteBody = AgAAAM4LAAALAAoAAAAAAN2T/dscV45mLKRa8a0FCGIjePopaGLH1neKbmuNsrtaEBD//wGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwAAAAAAAAAHAAAAAAAAAA48UO/Z2Nhh4ULDMg1wSSuzko1cDZoLBf2xmY6jtZNDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC9ccY4Dvd8VBfostHOLUtlBLn0GOUEk0JEDP/yRD2VvQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACLtKshWlTjMs+GtpOhWR9fxDLtX5Cv3cGRkYaAlhjsEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

---- IAS Report - JSON - Optional Fields -----------------------------------
platformInfoBlob = 1502006500000800000F0F02040180070000000000000000000B00000B000000020000000000000BCEF90960A5B19CC20A1E446B57F1BD718D5DC24B4EEFAB5E8FCE58BE98B43B384C9DFAE14807CD0178172EC09A38E037B66273CD1EAF934D8DD0C8ABF96F8EF373
revocationReason =
pseManifestStatus =
pseManifestHash =
nonce =
epidPseudonym =
advisoryURL = https://security-center.intel.com
advisoryIDs = INTEL-SA-00334,INTEL-SA-00161,INTEL-SA-00219,INTEL-SA-00289
----------------------------------------------------------------------------
+++ Verifying report version against API version

---- ISV Enclave Trust Status ----------------------------------------------
Enclave NOT TRUSTED - Reason: CONFIGURATION_AND_SW_HARDENING_NEEDED
A Platform Info Blob (PIB) was provided by the IAS

---- Enclave Report Verification -------------------------------------------
VK = 1a19c46e4c44d00f04a1c17123ba539d
SHA256(Ga||Gb||VK) = 8bb4ab215a54e332cf86b693a1591f5fc432ed5f90afddc1919186809618ec13
report_data[64] = 8bb4ab215a54e332cf86b693a1591f5fc432ed5f90afddc1919186809618ec130000000000000000000000000000000000000000000000000000000000000000

---- Client enclave Identity -----------------------------------------------
Enclave MRSIGNER = bd71c6380ef77c5417e8b2d1ce2d4b6504b9f418e5049342440cfff2443d95bd
Enclave MRENCLAVE = 0e3c50efd9d8d861e142c3320d70492bb3928d5c0d9a0b05fdb1998ea3b59343
Enclave ISV Prod Id = 0
Enclave ISV SVN = 1
Enclave is debuggable = Yes
----------------------------------------------------------------------------

---- Enclave Report Details ------------------------------------------------
cpu_svn = 1010ffff018000000000000000000000
misc_select = 00000000
attributes = 07000000000000000700000000000000
mr_enclave = 0e3c50efd9d8d861e142c3320d70492bb3928d5c0d9a0b05fdb1998ea3b59343
mr_signer = bd71c6380ef77c5417e8b2d1ce2d4b6504b9f418e5049342440cfff2443d95bd
isv_prod_id = 0000
isv_svn = 0001
report_data = 8bb4ab215a54e332cf86b693a1591f5fc432ed5f90afddc1919186809618ec130000000000000000000000000000000000000000000000000000000000000000

---- Copy/Paste Msg4 Below to Client ---------------------------------------
0000000000000800000f0f02040180070000000000000000000b00000b000000020000000000000bcef90960a5b19cc20a1e446b57f1bd718d5dc24b4eefab5e8fce58be98b43b384c9dfae14807cd0178172ec09a38e037b66273cd1eaf934d8dd0c8abf96f8ef373
----------------------------------------------------------------------------

0 Kudos
makura
New Contributor I
9,034 Views

Hi Jesus,

When I run "./run-server -d -v", I found this message :

Enclave NOT TRUSTED - Reason: CONFIGURATION_AND_SW_HARDENING_NEEDED

 

---- IAS Report - JSON - Optional Fields -----------------------------------
platformInfoBlob  = 1502006500000800000F0F02040180070000000000000000000B00000B000000020000000000000BCEF90960A5B19CC20A1E446B57F1BD718D5DC24B4EEFAB5E8FCE58BE98B43B384C9DFAE14807CD0178172EC09A38E037B66273CD1EAF934D8DD0C8ABF96F8EF373
revocationReason  = 
pseManifestStatus = 
pseManifestHash   = 
nonce             = 
epidPseudonym     = 
advisoryURL       = https://security-center.intel.com
advisoryIDs       = INTEL-SA-00334,INTEL-SA-00161,INTEL-SA-00219,INTEL-SA-00289
----------------------------------------------------------------------------
+++ Verifying report version against API version

---- ISV Enclave Trust Status ----------------------------------------------
Enclave NOT TRUSTED - Reason: CONFIGURATION_AND_SW_HARDENING_NEEDED
A Platform Info Blob (PIB) was provided by the IAS

 

And I put full information in the following file.

--------------------------------------------------------------------

By the way, I put some auxiliary information about my PC.

OS:Ubuntu* 18.04 LTS Desktop 64bits

kernel: 5.4.0-47-generic

CPU:Intel® Core™ i7-9750H CPU @ 2.60GHz × 12 

SGX SDK Version: sgx_linux_x64_sdk_2.11.100.2

SGX PSW: 2.11.100.2-bionic1

UFEI BIOS version: N20ET47W(1.34)

UEFI BIOS Date: 2020-08-06

UEFI Secure Boot: ON

microcode:

dmesg| grep microcode
[ 3.371031] microcode: sig=0x906ea, pf=0x20, revision=0xd6
[ 3.371077] microcode: Microcode Update Driver: v2.2.

 

--------------------------------------------------------------------

And I have read the solution in issue https://community.intel.com/t5/Intel-Software-Guard-Extensions/Receiving-ISV-Enclave-Trust-Status-as-Enclave-NOT-TRUSTED/m-p/1193544

I turn off the integrated processor graphics and hyperthreading (HT) in BIOS. However, it seems nothing has been changed.

I still get the information  CONFIGURATION_AND_SW_HARDENING_NEEDED.

Is there anything else I can do for running the sample code?

--------------------------------------------------------------------

It is very appreciate that you can give me some help

Thanks,

LU

0 Kudos
JesusG_Intel
Moderator
9,009 Views

Hello Lu, that information was very helpful. Your results are very common. Here is all the relevant information.


 

  • INTEL-SA-00219 - Processor Graphics Update Advisory - Have to disable internal graphics, or use special memory handling techniques in your enclaves. But, even if you modify your enclaves, you will still always get this reply if Gfx enabled.

 

  • INTEL-SA-00289 - "Plundervolt" - Voltage Settings Modification Advisory - this requires a BIOS update and vendor enabling overclocking lock bit. There is a BIOS option that can control the bit - Overclocking Lock. For our customer reference boards, it’s under BIOS menu “advance ->power & performance -> CPU - Power Management Control -> CPU Lock configuration -> overclocking lock”. Can you enable the lock on your platform to mitigate SA-00289?

 

  • INTEL-SA-00334 - "LVI" - Load Value Injection - Deep dive -- Have to update SGX PSW and build your enclaves with the updated toolchain to fully mitigate. If a processor is affected by this security advisor (LVI), IAS will always reply with at least "SW_HARDENING_NEEDED"… there is no way for IAS to tell if a customer has built their enclaves with the mitigations in place. The relying party needs to look at its enclave's ISVSVN (enclave version) and decide if it's up to date or not.

 

Long story short, you need to disable HT, disable internal Gfx, get the BIOS updated for "Plundervolt" and enable the overclocking lock bit, and then build your enclaves with mitigations for LVI, though, again, you will still always get a “SW_HARDENING_NEEDED” reply back from IAS.

 

However, you may always get 161, 219, and 289. Here's why...

 

It’s by design. It is due to what you could do with some of these attacks. Basically, it’s possible that if you use one of the other attacks, you could make HT look like it is disabled when it really isn’t. So, the backend logic is basically this: You either get all issues possible on that particular processor, or you get none (they’ve all been mitigated). It’s up to the user to confirm that all the other manual mitigations can be fixed.

 

To summarize, if you disabled HT, internal Gfx, and the BIOS was fixed, those three SAs would go away… you either get all 3 SAs or none. If your BIOS does not allow you to enable the overclocking lock bit, you cannot fully implement the mitigation for SA-289. And, since 289 is there, so will the rest of them.

 

You will still always get INTEL-SA-00334 and SW_HARDENING_NEEDED, of course.


0 Kudos
makura
New Contributor I
8,980 Views

Hi, Jesus

Thank you for giving me so much information.

I didn't find overclocking lock in BIOS.  In fact, I just found enable/disable in CPU - Power Management Control. It seems that I can do nothing for this anymore...

And  I want to ask some questions.

What is the option "overclocking lock" means? To enable "overclocking lock" means close the overclocking of the CPU? To do remote attestation, should I buy a CPU that can do overclocking? Or, I need to go to contact Lenovo and ask them to implement the overclocking lock in my BIOS?

Please forgive me for my stupidity. I really need RA for my research. (crying)

Thanks, 

LU

0 Kudos
JesusG_Intel
Moderator
8,974 Views

Hello Lu,


Enabling the overclocking lock bit prevents overclocking or overvoltage settings. The overclocking lock bit can be exposed in the BIOS for a user to control or it can be set by the platform vendor under the hood.


If you purchase a system that supports overclocking you must first look in the BIOS documentation to check if the overclocking lock bit is exposed, since it is not guaranteed.


When you receive these SAs from IAS you must determine to what extent you want to trust the platform. If you think that you have mitigated most of the SAs to a satisfactory level and 00289 is the only one holding you back, it is up to you to set the policy to trust the platform or not.


0 Kudos
makura
New Contributor I
8,968 Views

Hello Jesus,

Thank you very much for your explanation. It was great help. 

Regards,

LU

0 Kudos
JesusG_Intel
Moderator
8,956 Views

Hello Lu, you are very welcome. Have a great day.


This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


0 Kudos
Reply