Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verification completed with Non-terminal result: a003 #367

Open
sjrrr13 opened this issue Jan 24, 2024 · 1 comment
Open

Verification completed with Non-terminal result: a003 #367

sjrrr13 opened this issue Jan 24, 2024 · 1 comment

Comments

@sjrrr13
Copy link

sjrrr13 commented Jan 24, 2024

When I build SGXDataCenterAttestationPrimitives/SampleCode/QuoteVerificationSample and run app, I got a Warning with code a003 in the verification:

Trusted quote verification:
        Info: get target info successfully returned.
        Info: sgx_qv_set_enclave_load_policy successfully returned.
        Info: tee_get_quote_supplemental_data_version_and_size successfully returned.
        Info: latest supplemental data major version: 3, minor version: 3, size: 536
        Info: App: tee_verify_quote successfully returned.
        Info: Ecall: Verify QvE report and identity successfully returned.
        Warning: App: Verification completed with Non-terminal result: a003
        Info: Supplemental data Major Version: 3
        Info: Supplemental data Minor Version: 3

===========================================

Untrusted quote verification:
        Info: tee_get_quote_supplemental_data_version_and_size successfully returned.
        Info: latest supplemental data major version: 3, minor version: 3, size: 536
        Info: App: tee_verify_quote successfully returned.
        Warning: App: Verification completed with Non-terminal result: a003
        Info: Supplemental data Major Version: 3
        Info: Supplemental data Minor Version: 3

I referred to /opt/intel/sgxsdk/include/sgx_qve_header.h for the code a003 and found:

SGX_QL_QV_RESULT_OUT_OF_DATE_CONFIG_NEEDED = SGX_QL_QV_MK_ERROR(0x0003), 
///< The Quote is good but the TCB level of the platform is out 
///< date and additional configuration of the SGX Platform at it
///< current patching level may be needed. The platform needs
///< patching to be at the latest TCB level

The experiment was done on Ubuntu 20.04 on a SGX server. I've updated SGX SDK, Intel PCCS and SGX SSL Library and got code a002. Then I updated BIOS and got code a003. This problem made me fail to finish remote attestation with librats. I wonder how can I fix it.
@ScottR-Intel
Copy link

Can you please provide your PCCS log?

cat /opt/intel/sgx-dcap-pccs/logs/pccs_server.log

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ScottR-Intel @sjrrr13