Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1448 Discussions

There is no advisoryIDs in the Get TCB Info API's Response

Toshi_O
Beginner
1,058 Views

For example, when using Remote Attestation with DCAP for Quote verification, TCBInfo is obtained from the following URL.
https://api.trustedservices.intel.com/sgx/certification/v3/tcb?fmspc=00906ed50000

The tcbStatus in the response returned by this API has a ConfirmationAndSWHardeningNeeded
status. But why is there no AdvisoryId associated with this Status in the response?

https://api.portal.trustedservices.intel.com/documentation#pcs-tcb-info-v3
The advisoryId is present in this reference.
If there is a vulnerability related to tcbLevel, I would expect the advisoryId to be included in the API response, but is this understanding incorrect?

Also, if the advisoryId is not currently included in the API response, what is the best way for a verifier to know the relationship between a particular TCBLevel and the advisoryId?

Labels (3)
0 Kudos
1 Solution
Sahira_Intel
Moderator
939 Views

Hi,

Your understanding is correct, and this feature will actually be released soon.


Sincerely,

Sahira


View solution in original post

0 Kudos
4 Replies
Toshi_O
Beginner
997 Views

Additional information.

Attestation Report issued by Intel's IAS when the EPID verification was performed on the same machine.

 

{"id":"...","timestamp":"2022-07-07T08:29:08.930675","version":4,"advisoryURL":"https://security-center.intel.com","advisoryIDs":["INTEL-SA-00334"],"isvEnclaveQuoteStatus":"SW_HARDENING_NEEDED","isvEnclaveQuoteBody":"..."}

 

I think AdvisoryId is a common problem independent of either IAS or DCAP.

Then I am wondering why IAS returns AdvisoryId and Intel's PCS does not return AdvisoryId

 

0 Kudos
Sahira_Intel
Moderator
957 Views

Hi Toshi,

Apologies for not responding sooner. I am looking into this and will let you know when I have more information

 

Sincerely,

Sahira 

0 Kudos
Sahira_Intel
Moderator
940 Views

Hi,

Your understanding is correct, and this feature will actually be released soon.


Sincerely,

Sahira


0 Kudos
Toshi_O
Beginner
920 Views

thanks!

We look forward to your correction.

0 Kudos
Reply