You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@teaclave.apache.org by ChuanDou2021 <no...@github.com.INVALID> on 2021/12/16 12:44:27 UTC
[apache/incubator-teaclave] builtin_echo.py exception (Issue #594)
<!--
We're glad to anwser any questions related to Teaclave.
To help people quickly understand the issue, please also
include some background and context of the question.
We have documented many useful information on the homepage,
please check them out first: https://teaclave.apache.org/docs/.
-->
I follow the guide of *my-first-function.md* to run *builtin_echo.py*, got exception, and found **signing_cert** is empty.
The details are as follows:
First, start up services
```bash
·> (cd docker && ./run-teaclave-services.sh)
/dev/isgx device detected.
aesmd-socket volume detected.
COMMAND: docker-compose -f docker-compose-ubuntu-1804.yml -f docker-compose-isgx-dev.override.yml -f docker-compose-aesm-vol.override.yml up
Starting teaclave-storage-service ... done
Starting teaclave-access-control-service ... done
Starting teaclave-authentication-service ... done
Starting teaclave-file-service ... done
Starting teaclave-scheduler-service ... done
Starting teaclave-management-service ... done
Starting teaclave-execution-service ... done
Starting teaclave-frontend-service ... done
Attaching to teaclave-storage-service, teaclave-file-service, teaclave-access-control-service, teaclave-scheduler-service, teaclave-authentication-service, teaclave-management-service, teaclave-execution-service, teaclave-frontend-service
```
Second, run the "builtin_echo.py"
```bash
·> cd examples/python
·> PYTHONPATH=../../sdk/python python3 builtin_echo.py 'Hello, Teaclave!'
Traceback (most recent call last):
File "builtin_echo.py", line 74, in <module>
main()
File "builtin_echo.py", line 66, in main
rt = example.echo(message)
File "builtin_echo.py", line 31, in echo
with connect_authentication_service() as client:
File "/home/douchuan/work/incubator-teaclave/examples/python/utils.py", line 56, in connect_authentication_service
return AuthenticationService(AUTHENTICATION_SERVICE_ADDRESS,
File "/home/douchuan/work/incubator-teaclave/sdk/python/teaclave.py", line 98, in connect
_verify_report(self._as_root_ca_cert_path, self._enclave_info_path,
File "/home/douchuan/work/incubator-teaclave/sdk/python/teaclave.py", line 638, in _verify_report
signing_cert = load_certificate(FILETYPE_ASN1, signing_cert)
File "/home/douchuan/.local/lib/python3.8/site-packages/OpenSSL/crypto.py", line 1973, in load_certificate
_raise_current_error()
File "/home/douchuan/.local/lib/python3.8/site-packages/OpenSSL/_util.py", line 57, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.crypto.Error: [('asn1 encoding routines', 'ASN1_get_object', 'header too long')]
```
I add print in teaclave.py _verify_report, found **signing_cert** is empty
```bash
·> PYTHONPATH=../../sdk/python python3 builtin_echo.py 'Hello, Teaclave!'
ext= {'report': [], 'signature': [], 'signing_cert': []}
Traceback (most recent call last):
File "builtin_echo.py", line 74, in <module>
main()
File "builtin_echo.py", line 66, in main
rt = example.echo(message)
File "builtin_echo.py", line 31, in echo
with connect_authentication_service() as client:
File "/home/douchuan/work/incubator-teaclave/examples/python/utils.py", line 56, in connect_authentication_service
return AuthenticationService(AUTHENTICATION_SERVICE_ADDRESS,
File "/home/douchuan/work/incubator-teaclave/sdk/python/teaclave.py", line 98, in connect
_verify_report(self._as_root_ca_cert_path, self._enclave_info_path,
File "/home/douchuan/work/incubator-teaclave/sdk/python/teaclave.py", line 638, in _verify_report
signing_cert = load_certificate(FILETYPE_ASN1, signing_cert)
File "/home/douchuan/.local/lib/python3.8/site-packages/OpenSSL/crypto.py", line 1973, in load_certificate
_raise_current_error()
File "/home/douchuan/.local/lib/python3.8/site-packages/OpenSSL/_util.py", line 57, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.crypto.Error: [('asn1 encoding routines', 'ASN1_get_object', 'header too long')]
```
My compile env is:
```bash
-- Submodule update
SGX_SDK=/opt/sgxsdk
SGX_MODE=HW
RUSTUP_TOOLCHAIN=nightly-2020-10-25
DCAP=OFF
BUILD_TYPE=debug
TEACLAVE_SYMLINKS=/tmp/teaclave_symlinks.7cstwtqIGo8Q
EXECUTOR_BUILTIN=ON
EXECUTOR_MESAPY=ON
EXECUTOR_WAMR=ON
-- ====== /teaclave/build/environment GENERATED ======
-- Configuring done
-- Generating done
-- Build files have been written to: /teaclave/build
```
sgx driver:
```bash
·> modinfo isgx
filename: /lib/modules/5.4.0-42-generic/kernel/drivers/intel/sgx/isgx.ko
license: Dual BSD/GPL
version: 2.11.0
author: Jarkko Sakkinen <ja...@linux.intel.com>
description: Intel SGX Driver
srcversion: 87784B58E0AACD186EEF5B6
alias: acpi*:INT0E0C:*
depends:
retpoline: Y
name: isgx
vermagic: 5.4.0-42-generic SMP mod_unload
```
Thanks, looking forward to answer.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/594
Re: [apache/incubator-teaclave] builtin_echo.py exception (Issue #594)
Posted by Hitesh Patel <no...@github.com.INVALID>.
> builtin_echo.py can work now.
>
> I took over an old machine, check and found:
>
> * _aesm_ not work
> * export AS_SPID="00000000000000000000000000000000" should not use
>
> Yes, _teaclave_sgx_tool attestation_ can also work.
>
> Thank you for your reply.
Hi ChuanDou,
I am facing similar problem, you mentioned above. Trying my hands with teaclve on azure sgx platform.
Please explain the solution mentioned above to resolve the "builtin_echo.py" error.
Thanks in advance..
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/594#issuecomment-1080787400
You are receiving this because you are subscribed to this thread.
Message ID: <ap...@github.com>
Re: [apache/incubator-teaclave] builtin_echo.py exception (Issue #594)
Posted by Mingshen Sun <no...@github.com.INVALID>.
Thanks! Issue closed.
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/594#issuecomment-998306435
You are receiving this because you are subscribed to this thread.
Message ID: <ap...@github.com>
Re: [apache/incubator-teaclave] builtin_echo.py exception (Issue #594)
Posted by Mingshen Sun <no...@github.com.INVALID>.
Can you try to use the `teaclave_sgx_tool attestation` and see if you can get the attestation report?
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/594#issuecomment-997088397
You are receiving this because you are subscribed to this thread.
Message ID: <ap...@github.com>
Re: [apache/incubator-teaclave] builtin_echo.py exception (Issue #594)
Posted by Mingshen Sun <no...@github.com.INVALID>.
Closed #594.
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/594#event-5795485291
You are receiving this because you are subscribed to this thread.
Message ID: <ap...@github.com>
Re: [apache/incubator-teaclave] builtin_echo.py exception (Issue #594)
Posted by ChuanDou2021 <no...@github.com.INVALID>.
> > builtin_echo.py can work now.
> > I took over an old machine, check and found:
> >
> > * _aesm_ not work
> > * export AS_SPID="00000000000000000000000000000000" should not use
> >
> > Yes, _teaclave_sgx_tool attestation_ can also work.
> > Thank you for your reply.
>
> Hi [ChuanDou2021](https://github.com/ChuanDou2021) I am facing similar problem, you mentioned above. Trying my hands with teaclve on azure sgx platform. Please explain the solution mentioned above to resolve the "builtin_echo.py" error.
>
> Thanks in advance..
1. Confirm aesm service work well
```sh
$ sudo systemctl status aesmd.service
```
2. You should obtain valid `SPID`
The [sgx-ra-sample](https://github.com/intel/sgx-ra-sample) may be helpful.
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/594#issuecomment-1081315278
You are receiving this because you are subscribed to this thread.
Message ID: <ap...@github.com>
Re: [apache/incubator-teaclave] builtin_echo.py exception (Issue #594)
Posted by ChuanDou2021 <no...@github.com.INVALID>.
builtin_echo.py can work now.
I took over an old machine, check and found:
- *aesm* not work
- export AS_SPID="00000000000000000000000000000000" should not use
Thank you for your reply.
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/594#issuecomment-997551555
You are receiving this because you are subscribed to this thread.
Message ID: <ap...@github.com>