Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.
1304 Discussions

[IAS] retrieve SigRL returns 404 for simulation GID 0B000000

Fredrik_T_
Beginner
558 Views

The IAS endpoint

 /attestation/sgx/v1/sigrl/{gid}

throws a HTTP 404 Not Found for a simulation mode gid (returned by sgx_get_quote for an enclave running in simulation mode).

Q1: Should the development endpoint support simulation mode GIDs or is it expected to throw 404s?

Q2: The examples in [1] all throw a 404 (e.g. 3.1.1.2 with gid=00000010 which should be a 200). Should the example GIDs be valid?

Further info:

[1] Intel® Software Guard Extensions: Intel® Attestation Service API  

0 Kudos
1 Solution
Kuppusamy_R_Intel
558 Views

 

Yes, simulation mode libraries are  not considered valid for the development endpoint and also no plan on providing IAS development endpoint. you need valid SGX hardware to run the remote attestation. Server doesn’t need to have the SGX support.

View solution in original post

3 Replies
Derek_B_Intel
Employee
558 Views

IAS only supports valid GIDs.  

404 Not Found is the expected error when the GID specified is not a valid EPID GroupID.

Please refer to the IAS API specification for additional details:
 https://software.intel.com/sites/default/files/managed/3d/c8/IAS_1_0_API_spec_1_1_Final.pdf

 

 

Fredrik_T_
Beginner
558 Views

So the GIDs returned by the SDK's simulation mode libraries are not considered valid for the development endpoint?

Are there plans on providing an IAS development endpoint that supports simulation mode GIDs? This seems like a common scenario, as CI servers are likely not have the same hardware (no SGX) as the target machines.

Kuppusamy_R_Intel
559 Views

 

Yes, simulation mode libraries are  not considered valid for the development endpoint and also no plan on providing IAS development endpoint. you need valid SGX hardware to run the remote attestation. Server doesn’t need to have the SGX support.

Reply