Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

[IAS] retrieve SigRL returns 404 for simulation GID 0B000000

Fredrik_T_
Beginner
‎05-31-2016 07:01 AM
1,525 Views
Solved Jump to solution

The IAS endpoint

 /attestation/sgx/v1/sigrl/{gid}

throws a HTTP 404 Not Found for a simulation mode gid (returned by sgx_get_quote for an enclave running in simulation mode).

Q1: Should the development endpoint support simulation mode GIDs or is it expected to throw 404s?

Q2: The examples in [1] all throw a 404 (e.g. 3.1.1.2 with gid=00000010 which should be a 200). Should the example GIDs be valid?

Further info:

[1] Intel® Software Guard Extensions: Intel® Attestation Service API  

0 Kudos
1 Solution
Kuppusamy_R_Intel
Employee
‎06-05-2016 11:09 PM
1,525 Views
Solved Jump to solution

 

Yes, simulation mode libraries are  not considered valid for the development endpoint and also no plan on providing IAS development endpoint. you need valid SGX hardware to run the remote attestation. Server doesn’t need to have the SGX support.

View solution in original post

0 Kudos
Copy link

Link Copied

3 Replies
Derek_B_Intel
Employee
‎05-31-2016 10:01 AM
1,525 Views
Solved Jump to solution

IAS only supports valid GIDs.  

404 Not Found is the expected error when the GID specified is not a valid EPID GroupID.

Please refer to the IAS API specification for additional details:
 https://software.intel.com/sites/default/files/managed/3d/c8/IAS_1_0_API_spec_1_1_Final.pdf

 

 

0 Kudos
Copy link
Fredrik_T_
Beginner
‎05-31-2016 10:30 AM
1,525 Views
Solved Jump to solution

So the GIDs returned by the SDK's simulation mode libraries are not considered valid for the development endpoint?

Are there plans on providing an IAS development endpoint that supports simulation mode GIDs? This seems like a common scenario, as CI servers are likely not have the same hardware (no SGX) as the target machines.

0 Kudos
Copy link
Kuppusamy_R_Intel
Employee
‎06-05-2016 11:09 PM
1,526 Views
Solved Jump to solution

 

Yes, simulation mode libraries are  not considered valid for the development endpoint and also no plan on providing IAS development endpoint. you need valid SGX hardware to run the remote attestation. Server doesn’t need to have the SGX support.

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.