Hello user14,

It is expected that trying to do a remote attestation with an enclave in simulation mode will fail.

You can find this note in the sgx-ra-sample, https://github.com/intel/sgx-ra-sample:

"Note that Remote Attestation will fail for clients running in simulation mode, as this mode has no hardware protection."

Hello user14,

Please double-check that you indeed have a linkable subscription and a linkable signature since your quote type is linkable.

You may also want to look at the section, Debugging a Remote Attestation Service Provider, in the Intel SGX Developer Reference Guide for Windows or Linux.

Hello user14,

Do you still need help with this issue?

Regards,

Jesus G.

Intel Customer Support

Hello user14,

The SGX Developer Reference gives this advice for helping debug your Remote Attestation Service Provider:

As an ISV writing the remote attestation service provider, you may want to debug the message flow. One way to do this would be to provide pre-generated messages that can be replayed and verified. However, not that S1 message = (GID || ga) includes the random component ga generated inside an enclave. Also, the remote attestation service provider generates a

random public+private key pair as part of its msg2 generation, but without any interaction with Intel® SGX. Finally, each of these has state or context that is associated with cryptographic operations and is used to ensure that certain calls being made are in the correct order and that the state is consistent. These characteristics help protect the remote attestation flow against attacks, but also make it more difficult to replay pre-generated messages.

To overcome these, the cryptographic library is modified and used (only) by the sample service provider. Any time that key generation, signing, or other operation requests a random number, the number 9 is returned. This means that the crypto functions from sample_libcrypto.lib are predictable and cryptographically weak. If we can replay msg1 send from the isv_app,

the sample service_provider.dll will always generate the exact same msg2. We now have a sufficient system to replay messages sent by the isv_app and have it verify that the responses sent by the remote service are the

expected ones.

To replay messages and exercise this verification flow, pass in 1 or 2 as a command-line argument when running the sample application isv_app. The isv_app will ignore errors generated by the built-in checks in the Intel SGX.

Developers wishing to debug their remote attestation service provider should be able to temporarily modify their cryptographic subsystem to behave in a similar manner as the sample_libcrypto.lib and replay the pre-computed messages stored in sample_messages.h. The responses from their own remote attestation service provider should match the ones generated by ours, which are also stored in sample_messages.h.

Hello user14,

Have you made any progress?

Regards,

Jesus G.

Intel Customer Support

Intel is no longer monitoring this thread. If you want a response from Intel in a follow-up question, please open a new thread.