Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Rong_Z_
Beginner
72 Views

Question on Remote Attestation Sample Code shipped in SDK

Jump to solution

Hi all,

I'm trying to make attestation on IAS, and I can receive the quote structure from enclaves successfully, however I always got response with status code 400. I think that due to the improper encoding of the quote. Then I looked into the remote attestation sample code, and found the following function:

p_quote = (sample_quote_t *)p_msg3->quote
ret = ias_verify_attestation_evidence(p_quote, NULL, &attestation_report);

Where the p_quote is the quote structure extract from msg3, and then the sample code directly used it in the above function without any encoding. According to the comments in the sample code, this function will submit the quote to IAS, and create attestation report on IAS. I'm confused about that, does that mean we can directly send quote to IAS?

 

Best,

Rong

0 Kudos
1 Solution
72 Views

Hi Rong,

In the sample code provided for remote attestation, the ISV is written as an application running locally.  They have used the "ias_verify_attestation_evidence()" function to verify the quote  that is sent from the ISV APP to ISV. Here Quote are sent without any encryption. But in real scenario , ISV will send the encrypted quote across the network using the network call to IAS server for verification.

Thanks and Regards,
Surenthar Selvaraj

View solution in original post

3 Replies
73 Views

Hi Rong,

In the sample code provided for remote attestation, the ISV is written as an application running locally.  They have used the "ias_verify_attestation_evidence()" function to verify the quote  that is sent from the ISV APP to ISV. Here Quote are sent without any encryption. But in real scenario , ISV will send the encrypted quote across the network using the network call to IAS server for verification.

Thanks and Regards,
Surenthar Selvaraj

View solution in original post

Rong_Z_
Beginner
72 Views

Hi Surenthar,

Thanks for replying. Actually, I'm trying to request IAS and always fails by receiving status code 400, I think that may due to improper encoding. Since we will build a remote attestation platform based on our own channel, thus I have to know how the quote been encoded, could you please tell me some details on how to encode that? 

Also I dumped the quote in memory and find that the spid in quote contains only 16bytes, however I received a 32 byte string from Intel denoted as spid and I do input all 32bytes into the function sgx_get_quote(). I want to know that, does that affect the attestation result?

 

Untitled_0.png

72 Views
Reply