Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Getting wrong gid in remote attestation

Hassan_A_
Beginner
‎07-18-2017 06:40 PM
555 Views

Hello,

I'm trying to perform remote attestation and for some reason, I'm getting a wrong gid reply. From the documentation, I gathered that a 404 means that the gid was wrong, however, checking the gid, I think I did the right one. I obtained the EPID and formatted correctly to transform it to a gid. Any ideas on what might be happening? Is it possible that I'm getting the wrong EPID from the SGX API? Thank you.

*   Trying 208.39.114.225...
* Connected to test-as.sgx.trustedservices.intel.com (208.39.114.225) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSL connection using ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
* subject: C=US; ST=CA; L=Santa Clara; O=Intel Corporation; CN=test-as.sgx.trustedservices.intel.com
* start date: 2016-09-14 17:24:30 GMT
* expire date: 2018-09-04 17:24:30 GMT
* subjectAltName: test-as.sgx.trustedservices.intel.com matched
* issuer: C=US; ST=CA; L=Santa Clara; O=Intel Corporation; CN=Intel External Issuing CA 6A
* SSL certificate verify ok.
> GET /attestation/sgx/v2/sigrl/0000000b HTTP/1.1
Host: test-as.sgx.trustedservices.intel.com
Accept: */*
 
< HTTP/1.1 404 Not Found
< content-length: 0
< request-id: 916191bf1a304b63aab2f06f2bd319a5
< date: Wed, 19 Jul 2017 01:32:45 GMT
< Connection: keep-alive
0 Kudos

Link Copied

1 Reply
you_w_
New Contributor III
‎07-18-2017 08:40 PM
555 Views

Hi:

Do you use SGX_MODE=SIM? If so, I think it's the reason. Because I see your gid is "0000000b". Actually, In Hardware mode it should be something else.

 

Regards you.w

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.