-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Creating enclave failed when running ServerEnclave #2
Comments
It appears that there is no issue with the attestation step. Can you confirm if your openenclave sample is running successfully? It is possible that there might be a problem with your SDK environment. |
Hello, thanks for your reply. ~/mysamples/attestation/build$ make run
[ 19%] Built target attestation_host
[ 23%] Built target public_key_a
[ 47%] Built target common
[ 61%] Built target enclave_b
[ 71%] Built target enclave_b_signed
[ 76%] Built target public_key_b
[ 90%] Built target enclave_a
[100%] Built target enclave_a_signed
[100%] Built target sign
Scanning dependencies of target runsgxremote
Host: Creating two enclaves
Host: Enclave library /home/xrf/mysamples/attestation/build/enclave_a/enclave_a.signed
Enclave1: ***/home/xrf/mysamples/attestation/common/crypto.cpp(80): mbedtls initialized.
Host: Enclave successfully created.
Host: Enclave library /home/xrf/mysamples/attestation/build/enclave_b/enclave_b.signed
Enclave2: ***/home/xrf/mysamples/attestation/common/crypto.cpp(80): mbedtls initialized.
Host: Enclave successfully created.
Host: environment variable SGX_AESM_ADDR is not set
Host: ********** Attest enclave_a to enclave_b **********
Host: Requesting enclave_b format settings
Enclave2: ***/home/xrf/mysamples/attestation/common/dispatcher.cpp(79): get_enclave_format_settings
Host: Requesting enclave_a to generate a targeted evidence with an encryption key
Enclave1: ***/home/xrf/mysamples/attestation/common/dispatcher.cpp(133): get_evidence_with_public_key
Enclave1: ***/home/xrf/mysamples/attestation/common/attestation.cpp(94): oe_serialize_custom_claims
Enclave1: ***/home/xrf/mysamples/attestation/common/attestation.cpp(105): serialized custom claims buffer size: 121
Enclave1: ***/home/xrf/mysamples/attestation/common/attestation.cpp(126): generate_attestation_evidence succeeded.
Enclave1: ***/home/xrf/mysamples/attestation/common/dispatcher.cpp(179): get_evidence_with_public_key succeeded
Host: enclave_a's public key:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCIjYJ/8lf7Vb592iVJW
QdDr6AwcajZspLXSLp0y1psCDZhGo31q4jEyyN89ebDKI1gYSCYhwb+kLYe/+yKX
J/mGNl++oYtpG8Sn3lzpfCAZWsmuu1oFGY8WvVl/vPJGdrNbVYEoLFAqMD/3QBh/
ErpCmNrD58RHjjbk6UsjWOSchry15JBC04rrQ9duSoVH5url/29FDKLNT9jZ+7XN
gxgm24IGrL1qlH4jP9XLLg5e+soC2YIf3v45K62L7k/dE7b5MWgTyT4f7uHvTJOv
BuUd+QM7tVuyr/GSY0JViJGPCU/xNL/jBV+ScjwhJU5pPmuhYfGKPM/YpHvygm5T
2QIDAQAB
-----END PUBLIC KEY-----
Host: verify_evidence_and_set_public_key in enclave_b
Enclave2: ***/home/xrf/mysamples/attestation/common/attestation.cpp(201): oe_verify_evidence failed (OE_TCB_LEVEL_INVALID).
Enclave2: ***/home/xrf/mysamples/attestation/common/dispatcher.cpp(221): verify_evidence_and_set_public_key failed.
Host: verify_evidence_and_set_public_key failed. OE_OK
Host: attestation failed with 1
Host: Terminating enclaves
Enclave1: ***/home/xrf/mysamples/attestation/common/crypto.cpp(94): mbedtls cleaned up.
Host: Enclave successfully terminated.
Enclave2: ***/home/xrf/mysamples/attestation/common/crypto.cpp(94): mbedtls cleaned up.
Host: Enclave successfully terminated.
Host: failed
make[3]: *** [CMakeFiles/runsgxremote.dir/build.make:57: CMakeFiles/runsgxremote] Error 1
make[2]: *** [CMakeFiles/Makefile2:107: CMakeFiles/runsgxremote.dir/all] Error 2
make[1]: *** [CMakeFiles/Makefile2:185: CMakeFiles/run.dir/rule] Error 2
make: *** [Makefile:157: run] Error 2
|
Maybe you can try to rebuild the openenclave sdk, Narrator use this version openenclave |
Hi, I have a problem when running ServerEnclave. I want to run NARRATOR with the following command:
It seems that create enclave failed. . I suspect that inconsistent PCCS service addresses are causing this error. But I'm not familiar with the sgx configuration, so can you help me ?
I tried another PCCS address and it seems to be working. “https: //127.0.0.1:8081/sgx/certification/v4/rootcacrl"
I have tried to reinstall the PCCS but I didn't find any config to change its address. So, Is this the problem, and how do I fix it?
The text was updated successfully, but these errors were encountered: