The narrator from pw0rld

Creating enclave failed when running ServerEnclave

Hi, I have a problem when running ServerEnclave. I want to run NARRATOR with the following command:

~/Narrator$ ./ServerEnclave/build/host/attestation_host ./ServerEnclave/build/enclave/enclave_a.signed 8998 127.0.0.1
SeverEnclave Start time 1688280735035768
[+] Enclave1: ***/home/xrf/Narrator/ServerEnclave/common/crypto.cpp(112): OpenSsl RSA step init Successful!
[+] Enclave1: ***/home/xrf/Narrator/ServerEnclave/common/crypto.cpp(119): AES Key is D65EC97B4DC8A64718FCA734A355C80B
[+] Enclave1: ***/home/xrf/Narrator/ServerEnclave/common/crypto.cpp(126): OpenSsl AES step init Successful!
2023-07-02T06:52:15+0000.555723Z [(H)ERROR] tid(0x7ff66ff87100) | Backtrace:
2023-07-02T06:52:15+0000.563856Z [(H)ERROR] tid(0x7ff66ff87100) | _ZN6Crypto12init_opensslEv(): 0x7ff668055a68
2023-07-02T06:52:15+0000.563865Z [(H)ERROR] tid(0x7ff66ff87100) | _ZN6CryptoC1Ev(): 0x7ff6680541cd
2023-07-02T06:52:15+0000.563867Z [(H)ERROR] tid(0x7ff66ff87100) | _ZN16ecall_dispatcher10initializeEPKc(): 0x7ff66805c6df
2023-07-02T06:52:15+0000.563869Z [(H)ERROR] tid(0x7ff66ff87100) | _ZN16ecall_dispatcherC1EPKcP20_enclave_config_data(): 0x7ff66805c127
2023-07-02T06:52:15+0000.563871Z [(H)ERROR] tid(0x7ff66ff87100) | __cxx_global_var_init(): 0x7ff66805203b
2023-07-02T06:52:15+0000.563874Z [(H)ERROR] tid(0x7ff66ff87100) | _GLOBAL__sub_I_ecalls.cpp(): 0x7ff6680520b9
2023-07-02T06:52:15+0000.563877Z [(H)ERROR] tid(0x7ff66ff87100) | oe_call_init_functions(): 0x7ff6683e71ff
2023-07-02T06:52:15+0000.563880Z [(H)ERROR] tid(0x7ff66ff87100) | _handle_ecall(): 0x7ff6683dd7e9
2023-07-02T06:52:15+0000.563882Z [(H)ERROR] tid(0x7ff66ff87100) | oe_enter(): 0x7ff6683ddffe
2023-07-02T06:52:15+0000.563922Z [(H)ERROR] tid(0x7ff66ff87100) | Backtrace:
2023-07-02T06:52:15+0000.566933Z [(H)ERROR] tid(0x7ff66ff87100) | oe_abort_with_td(): 0x7ff6683dcccf
2023-07-02T06:52:15+0000.566940Z [(H)ERROR] tid(0x7ff66ff87100) | oe_abort(): 0x7ff6683dbb32
2023-07-02T06:52:15+0000.566942Z [(H)ERROR] tid(0x7ff66ff87100) | oe_real_exception_dispatcher(): 0x7ff6683dec08
2023-07-02T06:52:15+0000.566944Z [(H)ERROR] tid(0x7ff66ff87100) | _ZN6Crypto12init_opensslEv(): 0x7ff668055a68
2023-07-02T06:52:15+0000.566946Z [(H)ERROR] tid(0x7ff66ff87100) | _ZN6CryptoC1Ev(): 0x7ff6680541cd
2023-07-02T06:52:15+0000.566949Z [(H)ERROR] tid(0x7ff66ff87100) | _ZN16ecall_dispatcher10initializeEPKc(): 0x7ff66805c6df
2023-07-02T06:52:15+0000.566951Z [(H)ERROR] tid(0x7ff66ff87100) | _ZN16ecall_dispatcherC1EPKcP20_enclave_config_data(): 0x7ff66805c127
2023-07-02T06:52:15+0000.566953Z [(H)ERROR] tid(0x7ff66ff87100) | __cxx_global_var_init(): 0x7ff66805203b
2023-07-02T06:52:15+0000.566959Z [(H)ERROR] tid(0x7ff66ff87100) | _GLOBAL__sub_I_ecalls.cpp(): 0x7ff6680520b9
2023-07-02T06:52:15+0000.566961Z [(H)ERROR] tid(0x7ff66ff87100) | oe_call_init_functions(): 0x7ff6683e71ff
2023-07-02T06:52:15+0000.566963Z [(H)ERROR] tid(0x7ff66ff87100) | _handle_ecall(): 0x7ff6683dd7e9
2023-07-02T06:52:15+0000.566966Z [(H)ERROR] tid(0x7ff66ff87100) | oe_enter(): 0x7ff6683ddffe
2023-07-02T06:52:15+0000.566984Z [(H)ERROR] tid(0x7ff66ff87100) | :OE_ENCLAVE_ABORTING [/source/openenclave/host/sgx/create.c:_initialize_enclave:571]
2023-07-02T06:52:15+0000.566988Z [(H)ERROR] tid(0x7ff66ff87100) | :OE_ENCLAVE_ABORTING [/source/openenclave/host/sgx/create.c:oe_create_enclave:1393]
Error: Creating enclave failed. OE_ENCLAVE_ABORTING[+] Set configuration from ../host/_configuration
file_path../host/_configuration
[+] Local IP address is: 10.**.**.**
[+] Adding peers from 127.0.0.1
[+]Here is Peers:
[+]Here is Clients:0
[+] Adding IPs for connecting peers from ../host/network/_peer_ip_allowed
^C

It seems that create enclave failed. . I suspect that inconsistent PCCS service addresses are causing this error. But I'm not familiar with the sgx configuration, so can you help me ?

~/Narrator$ dmesg | grep -i sgx
[   14.613812] intel_sgx: loading out-of-tree module taints kernel.
[   14.614563] intel_sgx: EPC section 0x4000c00000-0x407f7fffff
[   14.628680] intel_sgx: EPC section 0x8000c00000-0x807fffffff
[   14.661896] intel_sgx: Intel SGX DCAP Driver v1.41

~/Narrator$ curl --noproxy "*" -v -k -G "https://127.0.0.1:8081/sgx/certification/v2/rootcacrl"
*   Trying 127.0.0.1:8081...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 8081 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: C=CN; ST=FU; L=XM; O=XMU; [email protected]
*  start date: Jul  2 06:45:01 2023 GMT
*  expire date: Jul  1 06:45:01 2024 GMT
*  issuer: C=CN; ST=FU; L=XM; O=XMU; [email protected]
*  SSL certificate verify result: self signed certificate (18), continuing anyway.
> GET /sgx/certification/v2/rootcacrl HTTP/1.1
> Host: 127.0.0.1:8081
> User-Agent: curl/7.68.0
> Accept: */*
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found
< X-Powered-By: Express
< Request-ID: 7e3fc9b02d334137a4e5b17953c56e3b
< Content-Security-Policy: default-src 'none'
< X-Content-Type-Options: nosniff
< Content-Type: text/html; charset=utf-8
< Content-Length: 169
< Date: Sun, 02 Jul 2023 07:02:36 GMT
< Connection: keep-alive
< Keep-Alive: timeout=5
< 
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /sgx/certification/v2/rootcacrl</pre>
</body>
</html>
* Connection #0 to host 127.0.0.1 left intact

I tried another PCCS address and it seems to be working. “https: //127.0.0.1:8081/sgx/certification/v4/rootcacrl"

~/Narrator$ curl --noproxy "*" -v -k -G "https://127.0.0.1:8081/sgx/certification/v4/rootcacrl"
*   Trying 127.0.0.1:8081...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 8081 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: C=CN; ST=FJ; L=XM; O=XMU; [email protected]
*  start date: Jul  2 06:45:01 2023 GMT
*  expire date: Jul  1 06:45:01 2024 GMT
*  issuer: C=CN; ST=FU; L=XM; O=XMU; [email protected]
*  SSL certificate verify result: self signed certificate (18), continuing anyway.
> GET /sgx/certification/v4/rootcacrl HTTP/1.1
> Host: 127.0.0.1:8081
> User-Agent: curl/7.68.0
> Accept: */*
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< X-Powered-By: Express
< Request-ID: c803b15ae27a42f7b16ed65124ff5d7d
< Content-Type: application/pkix-crl; charset=utf-8
< Content-Length: 586
< ETag: W/"24a-/NnkEyrz7GitRu9J3E31+ENl4wQ"
< Date: Sun, 02 Jul 2023 07:04:09 GMT
< Connection: keep-alive
< Keep-Alive: timeout=5
< 
* Connection #0 to host 127.0.0.1 left intact
308201213081c8020101300a06082a8648ce3d0403023068311a301806035504030c11496e74656c2053475820526f6f74204341311a3018060355040a0c11496e74656c20436f72706f726174696f6e3114301206035504070c0b53616e746120436c617261310b300906035504080c024341310b3009060355040613025553170d3233303430333130323235315a170d3234303430323130323235315aa02f302d300a0603551d140403020101301f0603551d2304183016801422650cd65a9d3489f383b49552bf501b392706ac300a06082a8648ce3d0403020348003045022051577d47d9fba157b65f1eb5f4657bbc5e56ccaf735a03f1b963d704805ab118022100939015ec1636e7eafa5f426c1e402647c673132b6850cabd68cef6bad7682a03

I have tried to reinstall the PCCS but I didn't find any config to change its address. So, Is this the problem, and how do I fix it?

makefile failed: ../enclave_b/enclave_a_pubkey.h: No such file or directory

When I compiled ServerEnclave, I used the following command
cd ServerEnclave & make
It turns out that the config.mk file cannot be found, so I copy a config.mk from /Narrator/openenclave17/3rdparty/optee/optee_client/config.mk
it seems to work out, so I go on, but two directories are specified in the makefile， enclave_a enclave_b, but we only have one enclave directory. It has bothered me for a long time. Can someone help me?

pw0rld / narrator Goto Github PK

narrator's Introduction

Keeeps Thinking, Keeeps Coding

Intro

narrator's People

Contributors

Stargazers

Watchers

narrator's Issues

Creating enclave failed when running ServerEnclave

makefile failed: ../enclave_b/enclave_a_pubkey.h: No such file or directory

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent

Jobs