Comments (6)
uploadQuotePolicy resp:
{"code":200,"message":"Upload quote policy success.","result":{"policyId":"f83f8acf-de50-4c74-8ab4-1dc332ca4b84"}}
from ehsm.
==================== test_Verify_Quote_with_file_and_policy=======================
/home/hlassus/venv/lib/python3.9/site-packages/urllib3/connectionpool.py:1043: InsecureRequestWarning: Unverified HTTPS request is being made to host 'proxy-chain.intel.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
warnings.warn(
verify_quote req:
OrderedDict([('appid', '3a41f220-ab79-4572-8818-9cc306c2d6ad'), ('payload', OrderedDict([('quote', 'AwACAAAAAAAHAAwAk5pyM/ecTKmUCg2zlX8GB2Bmg9zGbSyHM/cvjNVyxLgAAAAABQkICf//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwAAAAAAAADnAAAAAAAAAOfITK2YVxO9iNsw1OEF0fZTTvxhvtOAPtSuSrQQi19FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDBEa0vpuvD2lyhCPqYT74GmPnKs90OfoFSQAf1UgoNQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxRAAAJ9/VZ8cxzRaaNx0SN1x7K0+TlubKPYV/4vU0NT8VBdhlp2KToerb3TRpUCmtvUcWIs9IQLDoClaI9ATKPm+Wmo7+uZtg9p+bGasm32WVmgVXe2b+33wpqU44A3bu8gi7bpBuPJocUCHtKWrJIk4otWba7yjwIRv986kq1NXCAmOBQkICf//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFQAAAAAAAADnAAAAAAAAAK4SPL+pbCaFYN/V3/5IVM5EPeTg+lHSgRhMlCjXo0D7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMT1d115ZQPpYTf3fGioKaAFasje1wFAsIGwlEkMV7/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEABwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHUCjIDssPogt/Yt4vmyGDGriOe3aebxRo8OUoIrcpagAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0wZ6XiVFZw//xzdlHTUUXtRKraY/zTn3NkvM3lPTXuir4/23R/EN8HaRRi5EXokoDojEzsAlYOW0EdTEQDIEbSAAAAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8FAF0OAAAtLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJRThUQ0NCSmlnQXdJQkFnSVVkYi82aDhtRzFUWko1RUNjYndSeFBjTFJ2NGt3Q2dZSUtvWkl6ajBFQXdJdwpjREVpTUNBR0ExVUVBd3daU1c1MFpXd2dVMGRZSUZCRFN5QlFiR0YwWm05eWJTQkRRVEVhTUJnR0ExVUVDZ3dSClNXNTBaV3dnUTI5eWNHOXlZWFJwYjI0eEZEQVNCZ05WQkFjTUMxTmhiblJoSUVOc1lYSmhNUXN3Q1FZRFZRUUkKREFKRFFURUxNQWtHQTFVRUJoTUNWVk13SGhjTk1qSXhNVEl5TVRjeU9UUTNXaGNOTWpreE1USXlNVGN5T1RRMwpXakJ3TVNJd0lBWURWUVFEREJsSmJuUmxiQ0JUUjFnZ1VFTkxJRU5sY25ScFptbGpZWFJsTVJvd0dBWURWUVFLCkRCRkpiblJsYkNCRGIzSndiM0poZEdsdmJqRVVNQklHQTFVRUJ3d0xVMkZ1ZEdFZ1EyeGhjbUV4Q3pBSkJnTlYKQkFnTUFrTkJNUXN3Q1FZRFZRUUdFd0pWVXpCWk1CTUdCeXFHU000OUFnRUdDQ3FHU000OUF3RUhBMElBQk1XMgoyckhoZm95SUozNU5WcDYzbU9YYkRpS0J2K2J3M1Nma0Z3amlKN0tXS2FpL2lhUGh1QzVTMFh2UXNaczhhUXdoCmlxRGZZc1VDa0lnUVpYNG9uK0dqZ2dNT01JSURDakFmQmdOVkhTTUVHREFXZ0JTVmIxM052UnZoNlVCSnlkVDAKTTg0QlZ3dmVWREJyQmdOVkhSOEVaREJpTUdDZ1hxQmNobHBvZEhSd2N6b3ZMMkZ3YVM1MGNuVnpkR1ZrYzJWeQpkbWxqWlhNdWFXNTBaV3d1WTI5dEwzTm5lQzlqWlhKMGFXWnBZMkYwYVc5dUwzWXpMM0JqYTJOeWJEOWpZVDF3CmJHRjBabTl5YlNabGJtTnZaR2x1Wnoxa1pYSXdIUVlEVlIwT0JCWUVGQ21ZNGZQQjM5U203TVhrU3lwaFlraVQKNzFSeU1BNEdBMVVkRHdFQi93UUVBd0lHd0RBTUJnTlZIUk1CQWY4RUFqQUFNSUlDT3dZSktvWklodmhOQVEwQgpCSUlDTERDQ0FpZ3dIZ1lLS29aSWh2aE5BUTBCQVFRUVlCZEN6NFpoWFRJOTYvNHlPK2JDSERDQ0FXVUdDaXFHClNJYjRUUUVOQVFJd2dnRlZNQkFHQ3lxR1NJYjRUUUVOQVFJQkFnRUVNQkFHQ3lxR1NJYjRUUUVOQVFJQ0FnRUUKTUJBR0N5cUdTSWI0VFFFTkFRSURBZ0VETUJBR0N5cUdTSWI0VFFFTkFRSUVBZ0VETUJFR0N5cUdTSWI0VFFFTgpBUUlGQWdJQS96QVJCZ3NxaGtpRytFMEJEUUVDQmdJQ0FQOHdFQVlMS29aSWh2aE5BUTBCQWdjQ0FRQXdFQVlMCktvWklodmhOQVEwQkFnZ0NBUUF3RUFZTEtvWklodmhOQVEwQkFna0NBUUF3RUFZTEtvWklodmhOQVEwQkFnb0MKQVFBd0VBWUxLb1pJaHZoTkFRMEJBZ3NDQVFBd0VBWUxLb1pJaHZoTkFRMEJBZ3dDQVFBd0VBWUxLb1pJaHZoTgpBUTBCQWcwQ0FRQXdFQVlMS29aSWh2aE5BUTBCQWc0Q0FRQXdFQVlMS29aSWh2aE5BUTBCQWc4Q0FRQXdFQVlMCktvWklodmhOQVEwQkFoQUNBUUF3RUFZTEtvWklodmhOQVEwQkFoRUNBUXN3SHdZTEtvWklodmhOQVEwQkFoSUUKRUFRRUF3UC8vd0FBQUFBQUFBQUFBQUF3RUFZS0tvWklodmhOQVEwQkF3UUNBQUF3RkFZS0tvWklodmhOQVEwQgpCQVFHQUdCcUFBQUFNQThHQ2lxR1NJYjRUUUVOQVFVS0FRRXdIZ1lLS29aSWh2aE5BUTBCQmdRUXNwM2hpZWNYCi9uUWc3azhaeU5tZEpEQkVCZ29xaGtpRytFMEJEUUVITURZd0VBWUxLb1pJaHZoTkFRMEJCd0VCQWY4d0VBWUwKS29aSWh2aE5BUTBCQndJQkFmOHdFQVlMS29aSWh2aE5BUTBCQndNQkFmOHdDZ1lJS29aSXpqMEVBd0lEUndBdwpSQUlnWitSMXZmdDBPczk2dGNkYjFpeXN5TjFUbW1vNlhqbWFYK0tRWDlQWW8vUUNJR2tiaDRETlVhQWgwWVZqCkxjY1JUWk04aGcyTEFIemJ5WUFUMFdjSUM1VVIKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJQ2xqQ0NBajJnQXdJQkFnSVZBSlZ2WGMyOUcrSHBRRW5KMVBRenpnRlhDOTVVTUFvR0NDcUdTTTQ5QkFNQwpNR2d4R2pBWUJnTlZCQU1NRVVsdWRHVnNJRk5IV0NCU2IyOTBJRU5CTVJvd0dBWURWUVFLREJGSmJuUmxiQ0JECmIzSndiM0poZEdsdmJqRVVNQklHQTFVRUJ3d0xVMkZ1ZEdFZ1EyeGhjbUV4Q3pBSkJnTlZCQWdNQWtOQk1Rc3cKQ1FZRFZRUUdFd0pWVXpBZUZ3MHhPREExTWpFeE1EVXdNVEJhRncwek16QTFNakV4TURVd01UQmFNSEF4SWpBZwpCZ05WQkFNTUdVbHVkR1ZzSUZOSFdDQlFRMHNnVUd4aGRHWnZjbTBnUTBFeEdqQVlCZ05WQkFvTUVVbHVkR1ZzCklFTnZjbkJ2Y21GMGFXOXVNUlF3RWdZRFZRUUhEQXRUWVc1MFlTQkRiR0Z5WVRFTE1Ba0dBMVVFQ0F3Q1EwRXgKQ3pBSkJnTlZCQVlUQWxWVE1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERBUWNEUWdBRU5TQi83dDIxbFhTTwoyQ3V6cHh3NzRlSkI3MkV5REdnVzVyWEN0eDJ0VlRMcTZoS2s2eitVaVJaQ25xUjdwc092Z3FGZVN4bG1UbEpsCmVUbWkyV1l6M3FPQnV6Q0J1REFmQmdOVkhTTUVHREFXZ0JRaVpReldXcDAwaWZPRHRKVlN2MUFiT1NjR3JEQlMKQmdOVkhSOEVTekJKTUVlZ1JhQkRoa0ZvZEhSd2N6b3ZMMk5sY25ScFptbGpZWFJsY3k1MGNuVnpkR1ZrYzJWeQpkbWxqWlhNdWFXNTBaV3d1WTI5dEwwbHVkR1ZzVTBkWVVtOXZkRU5CTG1SbGNqQWRCZ05WSFE0RUZnUVVsVzlkCnpiMGI0ZWxBU2NuVTlEUE9BVmNMM2xRd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUIKQWY4Q0FRQXdDZ1lJS29aSXpqMEVBd0lEUndBd1JBSWdYc1ZraTB3K2k2VllHVzNVRi8yMnVhWGUwWUpEajFVZQpuQStUakQxYWk1Y0NJQ1liMVNBbUQ1eGtmVFZwdm80VW95aVNZeHJEV0xtVVI0Q0k5Tkt5ZlBOKwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlDanpDQ0FqU2dBd0lCQWdJVUltVU0xbHFkTkluemc3U1ZVcjlRR3prbkJxd3dDZ1lJS29aSXpqMEVBd0l3CmFERWFNQmdHQTFVRUF3d1JTVzUwWld3Z1UwZFlJRkp2YjNRZ1EwRXhHakFZQmdOVkJBb01FVWx1ZEdWc0lFTnYKY25CdmNtRjBhVzl1TVJRd0VnWURWUVFIREF0VFlXNTBZU0JEYkdGeVlURUxNQWtHQTFVRUNBd0NRMEV4Q3pBSgpCZ05WQkFZVEFsVlRNQjRYRFRFNE1EVXlNVEV3TkRVeE1Gb1hEVFE1TVRJek1USXpOVGsxT1Zvd2FERWFNQmdHCkExVUVBd3dSU1c1MFpXd2dVMGRZSUZKdmIzUWdRMEV4R2pBWUJnTlZCQW9NRVVsdWRHVnNJRU52Y25CdmNtRjAKYVc5dU1SUXdFZ1lEVlFRSERBdFRZVzUwWVNCRGJHRnlZVEVMTUFrR0ExVUVDQXdDUTBFeEN6QUpCZ05WQkFZVApBbFZUTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFQzZuRXdNRElZWk9qL2lQV3NDemFFS2k3CjFPaU9TTFJGaFdHamJuQlZKZlZua1k0dTNJamtEWVlMME14TzRtcXN5WWpsQmFsVFZZeEZQMnNKQks1emxLT0IKdXpDQnVEQWZCZ05WSFNNRUdEQVdnQlFpWlF6V1dwMDBpZk9EdEpWU3YxQWJPU2NHckRCU0JnTlZIUjhFU3pCSgpNRWVnUmFCRGhrRm9kSFJ3Y3pvdkwyTmxjblJwWm1sallYUmxjeTUwY25WemRHVmtjMlZ5ZG1salpYTXVhVzUwClpXd3VZMjl0TDBsdWRHVnNVMGRZVW05dmRFTkJMbVJsY2pBZEJnTlZIUTRFRmdRVUltVU0xbHFkTkluemc3U1YKVXI5UUd6a25CcXd3RGdZRFZSMFBBUUgvQkFRREFnRUdNQklHQTFVZEV3RUIvd1FJTUFZQkFmOENBUUV3Q2dZSQpLb1pJemowRUF3SURTUUF3UmdJaEFPVy81UWtSK1M5Q2lTRGNOb293THVQUkxzV0dmL1lpN0dTWDk0Qmd3VHdnCkFpRUE0SjBsckhvTXMrWG81by9zWDZPOVFXeEhSQXZaVUdPZFJRN2N2cVJYYXFJPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg=='), ('nonce', 'bm9uY2UxMjM0NQ=='), ('policyId', '9579bd0b-989b-4707-bca1-e7323bf7cae4')])), ('timestamp', '1669158781595'), ('sign', '7I9AZkaUA96+MCkaOVcN/eH5yibo2K+8X2cjOUZX8L0=')])
VerifyQuote failed, error message: Server exception.
====================test_GenerateQuote_and_VerifyQuote end========================
from ehsm.
More traces (printf added by me in the code)
c_ehsm_all | INFO [App/ehsm_napi.cpp(1558) -> NAPI_VerifyQuote]: NAPI_VerifyQuote
c_ehsm_all |
c_ehsm_all | INFO [App/ehsm_napi.cpp(1579) -> NAPI_VerifyQuote]: NAPI_VerifyQuote call VerifyQuote
c_ehsm_all |
c_ehsm_all | INFO [App/ehsm_provider.cpp(960) -> VerifyQuote]: core/App/ehsm_provider.cpp VerifyQuote
c_ehsm_all |
c_ehsm_all | INFO [App/ehsm_provider.cpp(997) -> VerifyQuote]: core/App/ehsm_provider.cpp VerifyQuote call enclave_get_target_info()
c_ehsm_all |
c_ehsm_all | INFO [App/ehsm_provider.cpp(1006) -> VerifyQuote]: get target info successfully returned.
c_ehsm_all |
c_ehsm_all | INFO [App/ehsm_provider.cpp(1009) -> VerifyQuote]: core/App/ehsm_provider.cpp VerifyQuote call sgx_qv_set_enclave_load_policy()
c_ehsm_all |
c_ehsm_all | INFO [App/ehsm_provider.cpp(1016) -> VerifyQuote]: sgx_qv_set_enclave_load_policy successfully returned.
c_ehsm_all |
c_ehsm_all | INFO [App/ehsm_provider.cpp(1019) -> VerifyQuote]: core/App/ehsm_provider.cpp VerifyQuote call sgx_qv_get_quote_supplemental_data_size()
c_ehsm_all |
c_ehsm_all | INFO [App/ehsm_provider.cpp(1026) -> VerifyQuote]: sgx_qv_get_quote_supplemental_data_size successfully returned.
c_ehsm_all |
c_ehsm_all | INFO [App/ehsm_provider.cpp(1036) -> VerifyQuote]: core/App/ehsm_provider.cpp VerifyQuote #1 call enclave_verify_quote_policy()
c_ehsm_all |
c_ehsm_all | INFO [App/ehsm_provider.cpp(1039) -> VerifyQuote]: core/App/ehsm_provider.cpp VerifyQuote #2 call enclave_verify_quote_policy()
c_ehsm_all |
c_ehsm_all | mr_signer or mr_enclave is invalid!
c_ehsm_all | ERROR [App/ehsm_provider.cpp(1048) -> VerifyQuote]: core/App/ehsm_provider.cpp VerifyQuote #3 enclave_verify_quote_policy() return NOT_SGX_SUCCESS
from ehsm.
For verify_quote_with_file_and_policyId, mr_signer and/or mr_enclave are invalid.
For verify_quote_with_file, mr_signer and mr_enclave were valid.
from ehsm.
After adding more traces I figured out that mr_signer is valid but mr_enclave is invalid.
mr_enclave is invalid! 62305561dc6cbf05cb4fddead7a78f5d4cb74fbda395c07f4d5b537a511b25f3
from ehsm.
The fix was merged several days ago.
Please sync the latest code and try again.
Thanks.
from ehsm.
Related Issues (20)
- Bug: RSA key can't work
- Bug: memory leak HOT 1
- support CMK rotation HOT 2
- Support Intel Trust Authority Attestation
- Support SM9 (cryptography standard) HOT 5
- Bugs found in ehsm HOT 23
- Upgrade to Openssl 3
- Trouble with setting environment of quick start HOT 16
- move the HMAC verification into core enclave
- support restful request with attestation token
- support cmk rotation
- unify the input params of digest for sign operation
- support client sdk for popular programming language(go, rust, python, java, scala, etc)
- Feature Request: Support WebKMS standard HOT 2
- ehsm_ksm_service application running on single mode stop during the generateQuote operation HOT 2
- Is there some bytes limit in Encrypt or AsymmetricEncrypt? HOT 4
- Bug: padding is returned as part of plaintext in the SM4_CBC decryption HOT 2
- Bug: Internal server exception when listing secrets with empty description
- ehsm_base
- [eHSM-KMS] How is the remote attestation realized? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ehsm.