- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi all,
In my research I have to install a software that uses SGX inside of a docker container. This software also uses the remote attestation protocol used by intel SGX.
I have seen that it is possible to compile and run SGX program inside of a SGX container with this docker image: https://hub.docker.com/r/sebvaucher/sgx-base/dockerfile
But when it comes to the remote attestation inside of a container I can not find any resources related to that and when I tried it always failed.
Indeed, when I am in the container, the command "service aesmd status" returns that aesmd is not register as a service. I have also seen people saying that it was not possible because you can not run processes as deamon in a docker container: https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/707196
Does someone have explanation about that? It is possible to fix it and use remote attestation inside of a container?
Thanks for your help,
Eric
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Eric.
There is at least the project below on GitHub that shows how you can get the aesmd service running in a container. Hopefully it will help.
https://github.com/tozd/docker-sgx
Regards.
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, Eric.
The docker image that you mentioned should work just fine for remote attestation. Even though aesm doesn't run as a service, it is executed as a regular process in that container.
I have a slightly modified image (based on sebvaucher's) that you could use for remote attestation purposes. The modification addresses a current issue in the sgx_uae_service.h file.
See execution example below:
<badejo>:~ $ docker run -it --rm --device=/dev/isgx --device=/dev/mei0 rodolfoams/sgx-base:sgx_2.5 /bin/bash jhi[7]: --> jhi start jhi[7]: <-- jhi start aesm_service[10]: [ADMIN]White List update requested jhi[7]: JHI service release prints are enabled aesm_service[10]: The server sock is 0x55784572d5c0 aesm_service[10]: [ADMIN]Sigma 1.1 session will be established. aesm_service[10]: Sigma 1.1 session will be established. root@651be0ece9d9:/usr/src/app# aesm_service[10]: [ADMIN]White list update request successful for Version: 53 root@651be0ece9d9:/usr/src/app# ps aux | grep aesm root 10 0.5 0.1 481108 14212 ? Ssl 13:47 0:00 /opt/intel/sgxpsw/aesm/aesm_service root 34 0.0 0.0 11464 904 pts/0 S+ 13:47 0:00 grep --color=auto aesm root@651be0ece9d9:/usr/src/app# cd /opt/intel/sgxsdk/SampleCode/RemoteAttestation/ root@651be0ece9d9:/opt/intel/sgxsdk/SampleCode/RemoteAttestation# make SGX_MODE=HW SGX_DEBUG=0 SGX_PRERELEASE=1 make[1]: Entering directory '/opt/intel/sgxsdk/SampleCode/RemoteAttestation' service_provider/ecp.cpp:159:60: note: #pragma message: Default key derivation function is used. #pragma message ("Default key derivation function is used.") ^ CXX <= service_provider/ecp.cpp CXX <= service_provider/network_ra.cpp CXX <= service_provider/service_provider.cpp CXX <= service_provider/ias_ra.cpp LINK => libservice_provider.so GEN => isv_app/isv_enclave_u.h CC <= isv_app/isv_enclave_u.c CXX <= isv_app/isv_app.cpp LINK => app GEN => isv_enclave/isv_enclave_t.h CC <= isv_enclave/isv_enclave_t.c isv_enclave/isv_enclave.cpp:197:60: note: #pragma message: Default key derivation function is used. #pragma message ("Default key derivation function is used.") ^ CXX <= isv_enclave/isv_enclave.cpp LINK => isv_enclave.so <EnclaveConfiguration> <ProdID>0</ProdID> <ISVSVN>0</ISVSVN> <StackMaxSize>0x40000</StackMaxSize> <HeapMaxSize>0x100000</HeapMaxSize> <TCSNum>1</TCSNum> <TCSPolicy>1</TCSPolicy> <!-- Recommend changing 'DisableDebug' to 1 to make the enclave undebuggable for enclave release --> <DisableDebug>0</DisableDebug> <MiscSelect>0</MiscSelect> <MiscMask>0xFFFFFFFF</MiscMask> </EnclaveConfiguration> tcs_num 1, tcs_max_num 1, tcs_min_pool 1 The required memory is 1998848B. Succeed. SIGN => isv_enclave.signed.so The project has been built in pre-release hardware mode. make[1]: Leaving directory '/opt/intel/sgxsdk/SampleCode/RemoteAttestation' root@651be0ece9d9:/opt/intel/sgxsdk/SampleCode/RemoteAttestation# LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/opt/intel/sgxsdk/SampleCode/RemoteAttestation/sample_libcrypto/ ./app Call sgx_get_extended_epid_group_id success. MSG0 body generated - 4 bytes: { 0x0, 0x0, 0x0, 0x0 } Sending msg0 to remote attestation service provider. Sent MSG0 to remote attestation service. Call sgx_create_enclave success. aesm_service[10]: [ADMIN]EPID Provisioning initiated aesm_service[10]: [ADMIN]EPID Provisioning successful Call enclave_init_ra success. Call sgx_ra_get_msg1 success. MSG1 body generated - 68 bytes: { 0xf0, 0x4a, 0x94, 0x64, 0x52, 0x41, 0x9b, 0xf4, 0xba, 0x1f, 0x1d, 0x55, 0xdc, 0x8d, 0x2d, 0x7c, 0x3e, 0x40, 0x2, 0x7c, 0xa4, 0xb9, 0x50, 0xd, 0x3f, 0x9e, 0x3d, 0xbe, 0x7b, 0x16, 0x9c, 0x6d, 0x55, 0xd1, 0x92, 0xb6, 0x56, 0x87, 0x50, 0xf8, 0x20, 0x8b, 0x6f, 0xcb, 0xf9, 0x25, 0xd9, 0x8b, 0xd5, 0x65, 0x1c, 0x44, 0x7, 0xeb, 0xdc, 0x2e, 0xa8, 0x8d, 0xcd, 0x26, 0x3e, 0x4c, 0xf, 0x8e, 0x43, 0xb, 0x0, 0x0 } Sending msg1 to remote attestation service provider.Expecting msg2 back. Sent MSG1 to remote attestation service provider. Received the following MSG2: 176 bytes: { 0x2, 0x0, 0x0, 0xa8, 0x0, 0x0, 0x0, 0x0, 0x6a, 0x83, 0xdc, 0x84, 0xd4, 0x4c, 0x8a, 0xbb, 0x5e, 0x42, 0xaf, 0xee, 0x8d, 0xe9, 0xf4, 0x57, 0x71, 0xfd, 0x73, 0x66, 0xd7, 0xfa, 0xad, 0xfa, 0xf2, 0x17, 0x14, 0xdd, 0x5a, 0xb9, 0x9e, 0x97, 0x79, 0xa7, 0x38, 0x72, 0xf2, 0xb8, 0xd6, 0xbe, 0x18, 0x91, 0x7f, 0xf7, 0xb5, 0xd3, 0xe5, 0x64, 0x9b, 0x12, 0x18, 0xaf, 0x39, 0x29, 0x6c, 0x24, 0x19, 0x38, 0x29, 0xb, 0xc6, 0xac, 0xc, 0x62, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x20, 0x58, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x6a, 0x83, 0xdc, 0x84, 0xd4, 0x4c, 0x8a, 0xbb, 0x5e, 0x42, 0xaf, 0xee, 0x8d, 0xe9, 0xf4, 0x57, 0x71, 0xfd, 0x73, 0x66, 0xd7, 0xfa, 0xad, 0xfa, 0xf2, 0x17, 0x14, 0xdd, 0x5a, 0xb9, 0x9e, 0x97, 0x7a, 0x7d, 0x67, 0x6e, 0xb, 0x8, 0x63, 0x6e, 0x27, 0x5a, 0x6f, 0xa1, 0x4d, 0x2b, 0xa1, 0xee, 0x76, 0xcb, 0x78, 0x77, 0x66, 0xa0, 0x1d, 0x3d, 0x7, 0xac, 0x64, 0x20, 0x18, 0xb1, 0x44, 0x51, 0xf7, 0xbd, 0x64, 0xb4, 0x6f, 0xc0, 0x7d, 0x82, 0xb, 0xf3, 0xaa, 0xd2, 0x23, 0x45, 0x25, 0x69, 0x0, 0x0, 0x0, 0x0 } A more descriptive representation of MSG2: RESPONSE TYPE: 0x2 RESPONSE STATUS: 0x0 0x0 RESPONSE BODY SIZE: 168 MSG2 gb - 64 bytes: { 0x6a, 0x83, 0xdc, 0x84, 0xd4, 0x4c, 0x8a, 0xbb, 0x5e, 0x42, 0xaf, 0xee, 0x8d, 0xe9, 0xf4, 0x57, 0x71, 0xfd, 0x73, 0x66, 0xd7, 0xfa, 0xad, 0xfa, 0xf2, 0x17, 0x14, 0xdd, 0x5a, 0xb9, 0x9e, 0x97, 0x79, 0xa7, 0x38, 0x72, 0xf2, 0xb8, 0xd6, 0xbe, 0x18, 0x91, 0x7f, 0xf7, 0xb5, 0xd3, 0xe5, 0x64, 0x9b, 0x12, 0x18, 0xaf, 0x39, 0x29, 0x6c, 0x24, 0x19, 0x38, 0x29, 0xb, 0xc6, 0xac, 0xc, 0x62 } MSG2 spid - 16 bytes: { 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x20, 0x58, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 } MSG2 quote_type : 1 MSG2 kdf_id : 1 MSG2 sign_gb_ga - 64 bytes: { 0x6a, 0x83, 0xdc, 0x84, 0xd4, 0x4c, 0x8a, 0xbb, 0x5e, 0x42, 0xaf, 0xee, 0x8d, 0xe9, 0xf4, 0x57, 0x71, 0xfd, 0x73, 0x66, 0xd7, 0xfa, 0xad, 0xfa, 0xf2, 0x17, 0x14, 0xdd, 0x5a, 0xb9, 0x9e, 0x97, 0x7a, 0x7d, 0x67, 0x6e, 0xb, 0x8, 0x63, 0x6e, 0x27, 0x5a, 0x6f, 0xa1, 0x4d, 0x2b, 0xa1, 0xee, 0x76, 0xcb, 0x78, 0x77, 0x66, 0xa0, 0x1d, 0x3d, 0x7, 0xac, 0x64, 0x20, 0x18, 0xb1, 0x44, 0x51 } MSG2 mac - 16 bytes: { 0xf7, 0xbd, 0x64, 0xb4, 0x6f, 0xc0, 0x7d, 0x82, 0xb, 0xf3, 0xaa, 0xd2, 0x23, 0x45, 0x25, 0x69 } MSG2 sig_rl - ( null ) Call sgx_ra_proc_msg2 success. MSG3 - 1452 bytes: { 0x2e, 0x69, 0x77, 0x8c, 0xfb, 0xb8, 0x4f, 0x42, 0xb6, 0x87, 0x6a, 0xc4, 0x4c, 0xee, 0x93, 0x16, 0xf0, 0x4a, 0x94, 0x64, 0x52, 0x41, 0x9b, 0xf4, 0xba, 0x1f, 0x1d, 0x55, 0xdc, 0x8d, 0x2d, 0x7c, 0x3e, 0x40, 0x2, 0x7c, 0xa4, 0xb9, 0x50, 0xd, 0x3f, 0x9e, 0x3d, 0xbe, 0x7b, 0x16, 0x9c, 0x6d, 0x55, 0xd1, 0x92, 0xb6, 0x56, 0x87, 0x50, 0xf8, 0x20, 0x8b, 0x6f, 0xcb, 0xf9, 0x25, 0xd9, 0x8b, 0xd5, 0x65, 0x1c, 0x44, 0x7, 0xeb, 0xdc, 0x2e, 0xa8, 0x8d, 0xcd, 0x26, 0x3e, 0x4c, 0xf, 0x8e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x43, 0xb, 0x0, 0x0, 0x8, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x20, 0x58, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x9, 0x2, 0x4, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x85, 0xe1, 0x95, 0xf0, 0x28, 0x99, 0x95, 0x9f, 0x9f, 0xc, 0x79, 0x9f, 0x7f, 0xca, 0x8b, 0x4b, 0x7c, 0x5c, 0x47, 0x6b, 0x3d, 0xb3, 0xdd, 0xfe, 0xae, 0xa, 0xa4, 0xd9, 0x12, 0x63, 0x35, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x27, 0x7a, 0xd2, 0xfd, 0xfc, 0x57, 0xe9, 0x80, 0xe8, 0x76, 0xe7, 0xf8, 0x78, 0xac, 0x19, 0x9, 0x88, 0xe, 0xa5, 0x38, 0x7, 0x95, 0xa7, 0xe8, 0xea, 0x98, 0xb1, 0x57, 0x84, 0x1f, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, 0x11, 0xa5, 0xf3, 0x86, 0xea, 0x27, 0x22, 0xa7, 0xdf, 0x93, 0xde, 0x53, 0xd8, 0x78, 0x4c, 0x15, 0x71, 0xcf, 0xf7, 0x76, 0xcf, 0xb2, 0x1b, 0x76, 0x53, 0xf6, 0x53, 0x3d, 0xdc, 0xe, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa8, 0x2, 0x0, 0x0, 0x85, 0x89, 0xf4, 0x0, 0xa4, 0xeb, 0xdc, 0xb7, 0xf8, 0x58, 0x77, 0x8c, 0xe, 0x1, 0x41, 0xa9, 0xd4, 0x63, 0xb2, 0xb5, 0xc9, 0x78, 0x4, 0x36, 0x36, 0x4d, 0xbc, 0xeb, 0x4c, 0x7b, 0x84, 0x53, 0xcf, 0x56, 0x5e, 0x2e, 0xf0, 0x38, 0xc8, 0x4c, 0x5a, 0x23, 0x8f, 0x93, 0x91, 0x5d, 0x21, 0x21, 0x2d, 0xcf, 0x83, 0x9a, 0x9a, 0x15, 0x18, 0xa8, 0xec, 0xea, 0xb7, 0x73, 0xe8, 0x5a, 0xf0, 0xf1, 0xf9, 0xe6, 0x8e, 0xcf, 0xe5, 0xed, 0xd9, 0xb8, 0xaa, 0xc5, 0xfd, 0x75, 0x7c, 0x7f, 0x64, 0x9f, 0xc6, 0x52, 0x24, 0xb2, 0xb8, 0x8a, 0xd2, 0x55, 0xd0, 0x30, 0xe2, 0xd3, 0xe9, 0x43, 0xa6, 0xa3, 0xec, 0xc8, 0xc9, 0xe7, 0x44, 0xbc, 0x59, 0x49, 0x3, 0x29, 0x7f, 0x51, 0x72, 0x29, 0xaa, 0x72, 0x46, 0x39, 0xc4, 0xc9, 0xbe, 0x15, 0x5e, 0xff, 0x45, 0x29, 0xd2, 0xdf, 0x84, 0x33, 0xbd, 0xd9, 0x82, 0x6a, 0x6f, 0xd4, 0x4f, 0x4a, 0x1d, 0xa7, 0x5b, 0x40, 0x64, 0xf0, 0xba, 0x4e, 0xa, 0xf0, 0xc8, 0xce, 0x13, 0x4e, 0x3d, 0xc3, 0xe9, 0xaa, 0xbf, 0x3f, 0xac, 0x62, 0xe3, 0x28, 0xa7, 0x99, 0x37, 0x76, 0xd1, 0x47, 0x40, 0x86, 0xd5, 0xbb, 0xe0, 0x8b, 0xcb, 0x43, 0xe9, 0xc2, 0xed, 0x8e, 0x78, 0xe2, 0x4b, 0xfa, 0x42, 0x51, 0x78, 0xb0, 0xe9, 0x55, 0x1f, 0x7d, 0xf2, 0xb, 0x16, 0xa4, 0x55, 0xfa, 0x6, 0xe2, 0x24, 0xa8, 0x78, 0xb1, 0x6e, 0xb7, 0xd9, 0xb1, 0x8d, 0x5b, 0xc9, 0x6f, 0x24, 0x65, 0x20, 0xb2, 0xc4, 0x57, 0xc3, 0xce, 0x8b, 0xf1, 0xc4, 0x8e, 0xca, 0x68, 0x9c, 0x9d, 0x8c, 0x28, 0x8d, 0xe2, 0xd4, 0x6c, 0xa5, 0x80, 0xcb, 0x1d, 0xa7, 0xc4, 0xb9, 0x75, 0x0, 0xd5, 0x1a, 0xe7, 0x64, 0x2e, 0x31, 0xaf, 0xa3, 0x12, 0xcf, 0x3a, 0xac, 0x71, 0x37, 0x7a, 0x55, 0x3, 0x47, 0xfc, 0x26, 0x46, 0xf4, 0x78, 0x12, 0x89, 0xd3, 0xfc, 0x27, 0x83, 0xdc, 0x18, 0xa5, 0x3f, 0xe3, 0x28, 0xab, 0x19, 0x25, 0x51, 0xca, 0x27, 0x2f, 0x35, 0x6a, 0x90, 0x5a, 0x9e, 0xb0, 0x82, 0xd7, 0x79, 0xb0, 0xab, 0xa5, 0xf8, 0x2c, 0x88, 0x80, 0x0, 0x47, 0xb2, 0x68, 0x1, 0x0, 0x0, 0x46, 0xd0, 0x53, 0x72, 0xf6, 0xf7, 0x91, 0xc2, 0x11, 0x2, 0x67, 0x1f, 0xe8, 0xb8, 0x29, 0xde, 0xf8, 0x54, 0x78, 0x35, 0x93, 0x48, 0x7f, 0xd7, 0x9, 0x55, 0x2f, 0x45, 0x38, 0xea, 0x58, 0x9, 0x26, 0x65, 0x8b, 0x13, 0x1d, 0x61, 0x3c, 0x2b, 0x81, 0x91, 0x7a, 0x4c, 0xf3, 0x2c, 0x38, 0x27, 0x1a, 0xbd, 0x50, 0xd8, 0xd, 0xa3, 0x40, 0x7f, 0xf2, 0x3f, 0xcf, 0xc7, 0x30, 0x70, 0xc4, 0xc5, 0x22, 0x95, 0x1f, 0x3b, 0xcc, 0x63, 0x33, 0x5d, 0x19, 0x68, 0x4f, 0xbd, 0xcd, 0x7c, 0x45, 0x38, 0x7c, 0xfa, 0x7a, 0x7a, 0x52, 0xc, 0x9a, 0x2f, 0x78, 0x99, 0x67, 0xb, 0x3a, 0xc2, 0x88, 0xe8, 0xb9, 0x98, 0x1e, 0x15, 0x94, 0x88, 0xcc, 0xea, 0xa6, 0x2b, 0xd9, 0x39, 0x66, 0x2f, 0x44, 0xd, 0x7f, 0x4f, 0x5a, 0x45, 0x63, 0x7d, 0x8c, 0xf6, 0xfa, 0x21, 0x1a, 0x78, 0x31, 0x74, 0xee, 0x65, 0xf3, 0x64, 0xd8, 0xa9, 0xc8, 0xd3, 0x41, 0xa2, 0x1b, 0xba, 0x77, 0x8b, 0xb3, 0x3d, 0xf5, 0x6b, 0x6e, 0x4a, 0x11, 0x22, 0x5f, 0xa2, 0xe4, 0x6e, 0x8, 0x8f, 0x79, 0x17, 0x2b, 0x58, 0xd6, 0xa5, 0x3c, 0xe9, 0xa2, 0x5, 0x29, 0x96, 0xf1, 0x76, 0x26, 0x1f, 0xcb, 0xb8, 0x88, 0x20, 0x38, 0xdb, 0xdc, 0x70, 0xf, 0x5e, 0x10, 0x9f, 0xf4, 0x4a, 0xf8, 0xad, 0x4a, 0xad, 0x4b, 0x6b, 0xdd, 0x61, 0x88, 0xc6, 0xab, 0x76, 0xac, 0xbb, 0xc4, 0xba, 0xb8, 0x24, 0x81, 0x38, 0xab, 0xf3, 0xb0, 0xc5, 0xbf, 0x15, 0x3b, 0xad, 0xc1, 0xe5, 0x53, 0x46, 0x53, 0x26, 0x5a, 0x69, 0xb8, 0x49, 0x25, 0xfa, 0x9e, 0x6, 0x42, 0x8c, 0x28, 0x68, 0xac, 0xfa, 0xdd, 0x50, 0x19, 0xd, 0x4a, 0x76, 0x9d, 0x13, 0x34, 0x19, 0xaa, 0x38, 0xe0, 0x95, 0xe2, 0xad, 0x8b, 0xd3, 0xcd, 0xbe, 0x6b, 0xff, 0x69, 0xf8, 0x73, 0x14, 0x26, 0xb2, 0xe4, 0x8d, 0xc7, 0x9d, 0x18, 0x8, 0xd1, 0xc8, 0x19, 0xd, 0x5e, 0x7b, 0xa2, 0xfd, 0x94, 0xee, 0x6b, 0x2c, 0x63, 0x6c, 0xf, 0xe1, 0x18, 0x8f, 0x2, 0x4d, 0x10, 0x41, 0xa, 0xe6, 0x3b, 0x30, 0xdb, 0xb, 0x91, 0xbb, 0x41, 0x48, 0x96, 0xd1, 0xa4, 0x72, 0xef, 0x85, 0x4b, 0x97, 0xb5, 0x18, 0x1d, 0x2f, 0xf7, 0x25, 0x22, 0x15, 0x2, 0x1d, 0x2a, 0xd4, 0x8e, 0x2a, 0x75, 0x20, 0x7a, 0x77, 0x1c, 0xcd, 0xa8, 0xf1, 0xb1, 0x98, 0x73, 0xbb, 0x44, 0xca, 0xc4, 0x61, 0xb, 0x17, 0x58, 0xfe, 0xe1, 0xcb, 0xb5, 0x7, 0x28, 0xed, 0xc3, 0x14, 0xde, 0xba, 0x9e, 0x4e, 0x16, 0x65, 0x5e, 0xe8, 0xc6, 0xea, 0xec, 0xa1, 0x93, 0x6e, 0x37, 0x33, 0x5c, 0x4d, 0xf1, 0x28, 0x7, 0x78, 0x78, 0xed, 0x50, 0xab, 0x87, 0xc0 } Attestation Report: id: 0x12345678. status: 0. revocation_reason: 0. pse_status: 0. Enclave Report: Signature Type: 0x1 Signature Basename: Service X attributes.flags: 0x7 attributes.xfrm: 0x7 mr_enclave: 85e195f02899959f9f0c799f7fca8b4b7c5c476b3db3ddfeae0aa4d91263350b mr_signer: 60277ad2fdfc57e980e876e7f878ac1909880ea5380795a7e8ea98b157841f85 isv_prod_id: 0x0 isv_svn: 0x0 Sent MSG3 successfully. Received an attestation result message back . ATTESTATION RESULT RECEIVED - 145 bytes: { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x97, 0x9e, 0xb9, 0x5a, 0xdd, 0x14, 0x17, 0xf2, 0xfa, 0xad, 0xfa, 0xd7, 0x66, 0x73, 0xfd, 0x71, 0x57, 0xf4, 0xe9, 0x8d, 0xee, 0xaf, 0x42, 0x5e, 0xbb, 0x8a, 0x4c, 0xd4, 0x84, 0xdc, 0x83, 0x6a, 0x8, 0x70, 0xd, 0xf2, 0x42, 0x8b, 0x2b, 0xee, 0x42, 0xb0, 0x85, 0xe5, 0xbf, 0x99, 0xc5, 0x22, 0xf8, 0x37, 0xf7, 0xee, 0xb6, 0x2c, 0xd5, 0x8c, 0x37, 0xa2, 0xd2, 0x51, 0xed, 0x45, 0xf9, 0x65, 0x97, 0x45, 0xd9, 0x1, 0xd7, 0x97, 0x38, 0xe9, 0xe8, 0x9a, 0x5d, 0x33, 0x1e, 0x7b, 0xc2, 0x5d, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b, 0x7f, 0xd0, 0xfe, 0x53, 0x33, 0xf0, 0xe6, 0x98, 0xdd, 0xac, 0xbc, 0xc4, 0x49, 0x4f, 0x31 } Secret successfully received from server. Remote attestation success! Call enclave_ra_close success. Enter a character before exit ...
root@651be0ece9d9:/opt/intel/sgxsdk/SampleCode/RemoteAttestation#
Regards,
Rodolfo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I forgot to mention.. it is important to note that if you need to use the Platform Services (e.g.: to get a trusted time), currently only one container per host works properly. I'm trying to identify the cause and a possible solution to this issue.
Regards,
Rodolfo
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page