ego icon indicating copy to clipboard operation
ego copied to clipboard

Published 20 hours ago verified publisher icon edgelesssys

Sample - azure_attestation

Open YurkoWasHere opened this issue 1 year ago • 1 comments

Issue description

When running the Azure Attestation server, the server never starts up insead crashes with an error (error attached at the bottom)

From my trace:

  • Certificate is created
  • Crash occurs on CreateAzureAttestationToken
    • In this function gash is calculated on the certificate
    • Errors out on GetRemoteReport(hash[:])

I also tried to establish my own AZURE attestation service and replacing the url in the example with the same result.

To reproduce

Steps to reproduce the behavior:

  1. Run server as per the readme
  2. Wait for error

Expected behavior

  1. Run server
  2. Server starts listening on 8080

Additional info

ERROR: dcap_quoteprov: [ERROR]: [QCNL] Encountered CURL error: (7) Couldn't connect to server

ERROR: dcap_quoteprov: [ERROR]: [QPL] Failed to get quote config. Error code is 0xb006

[get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe019
ERROR: _sgx_qe_get_target_info failed with quote3_error_t=SGX_QL_NETWORK_ERROR
 (oe_result_t=OE_UNEXPECTED) [openenclave-src/host/sgx/sgxquote.c:oe_sgx_qe_get_target_info:852]
ERROR: SGX Plugin _get_report(): failed to get ecdsa report. OE_UNEXPECTED (oe_result_t=OE_UNEXPECTED) [openenclave-src/enclave/sgx/attester.c:_get_report:324]
[]
report
[get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe019
ERROR: dcap_quoteprov: [ERROR]: [QCNL] Encountered CURL error: (7) Couldn't connect to server

ERROR: dcap_quoteprov: [ERROR]: [QPL] Failed to get quote config. Error code is 0xb006

ERROR: _sgx_qe_get_target_info failed with quote3_error_t=SGX_QL_NETWORK_ERROR
 (oe_result_t=OE_UNEXPECTED) [openenclave-src/host/sgx/sgxquote.c:oe_sgx_qe_get_target_info:852]
ERROR: SGX Plugin _get_report(): failed to get ecdsa report. OE_UNEXPECTED (oe_result_t=OE_UNEXPECTED) [openenclave-src/enclave/sgx/attester.c:_get_report:324]
Token start.
panic: OE_UNEXPECTED

goroutine 1 [running]:
main.main()
        /home/user/test-sgx2/ego/samples/azure_attestation/server.go:48

YurkoWasHere avatar Aug 03 '23 15:08 YurkoWasHere

Hi, you need to set "pccs_url" in /etc/sgx_default_qcnl.conf to "https://global.acccache.azure.net/sgx/certification/v4/"

thomasten avatar Aug 03 '23 21:08 thomasten