Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Beginner
25 Views

Quote verification fails with 405 method not allowed

I'm trying to use the quote verification with the URL https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v1/report

When sending the string with curl as a POST request I receive a 405 Method not allowed back.

In the documentation https://software.intel.com/sites/default/files/managed/3d/c8/IAS_1_0_API_spec_1_1_Final.pdf ; this error is not even listed!?

Here is the part were the request is generated:

string WebService::createJSONforIAS(uint8_t *quote, uint8_t *pseManifest, uint8_t *nonce) {
 	Json::Value request;   

	string quoteStr = ByteArrayToString(quote, 1116);
	quoteStr = base64encode(quoteStr);
    request["isvEnclaveQuote"] = quoteStr;
//  request["pseManifest"] = "<encoded_SGX_Platform_Service_Security_Property_Descriptor><optional>";
//  request["nonce"] = "<custom_value_passed_by_caller><optional>";

	Json::FastWriter fastWriter;
	std::string output = fastWriter.write(request);

	return output;
}

void WebService::sendToIAS(string str) {
	CURL *curl;
  	CURLcode res = CURLE_OK;
 
	curl = curl_easy_init();
	if (curl) {
//		curl_easy_setopt(curl, CURLOPT_URL, "https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v1/sigrl/00000010");

		curl_easy_setopt(curl, CURLOPT_URL, "https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v1/report");

		curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
		curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
		curl_easy_setopt(curl, CURLOPT_SSLCERT, "./client.pem");
		curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);

		struct curl_slist *headers = NULL;
		headers = curl_slist_append(headers, "Accept: application/json");
		headers = curl_slist_append(headers, "Content-Type: application/json");
		headers = curl_slist_append(headers, "charsets: utf-8");
		res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);

		cout << str << endl;
		curl_easy_setopt(curl, CURLOPT_POSTFIELDS, str);
		curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, str.size());


		res = curl_easy_perform(curl);

		if (res != CURLE_OK)
			fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res));

		curl_easy_cleanup(curl);
	}
 
}

 

 

Here is the response I receive:

 

*   Trying 208.39.114.225...
* Connected to test-as.sgx.trustedservices.intel.com (208.39.114.225) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* NPN, negotiated HTTP1.1
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* 	 subject: C=US; ST=CA; L=Santa Clara; O=Intel Corporation; CN=test-as.sgx.trustedservices.intel.com
* 	 start date: Sep 14 17:24:30 2016 GMT
* 	 expire date: Sep  4 17:24:30 2018 GMT
* 	 subjectAltName: test-as.sgx.trustedservices.intel.com matched
* 	 issuer: C=US; ST=CA; L=Santa Clara; O=Intel Corporation; CN=Intel External Issuing CA 6A
* 	 SSL certificate verify ok.
> POST /attestation/sgx/v1/report HTTP/1.1
Host: test-as.sgx.trustedservices.intel.com
Accept: application/json
Content-Type: application/json
charsets: utf-8
Content-Length: 2999
Expect: 100-continue

< HTTP/1.1 100 Continue
* We are completely uploaded and fine
< HTTP/1.1 405 Method Not Allowed
< Request-ID: 61bc4e8be2c646ebbcb97ad52d005e18
< Date: Thu, 12 Jan 2017 14:54:30 GMT
< Connection: keep-alive
< Transfer-Encoding: chunked

 

0 Kudos
0 Replies