diff --git a/demos/remote_attestation/azure_attestation/maa_attestation/azure_att/src/maa.rs b/demos/remote_attestation/azure_attestation/maa_attestation/azure_att/src/maa.rs
index 98558245..566d0775 100644
--- a/demos/remote_attestation/azure_attestation/maa_attestation/azure_att/src/maa.rs
+++ b/demos/remote_attestation/azure_attestation/maa_attestation/azure_att/src/maa.rs
@@ -7,8 +7,8 @@ use occlum_dcap::*;
 pub const MAX_REPORT_DATA_SIZE: usize = 64;
 
 fn maa_get_quote_base64(user_data: &[u8]) -> Result<String, &'static str> {
-    let mut dcap = DcapQuote::new();
-    let quote_size = dcap.get_quote_size();
+    let mut dcap = DcapQuote::new().unwrap();
+    let quote_size = dcap.get_quote_size().unwrap();
     let mut quote_buf: Vec<u8> = vec![0; quote_size as usize];
     let mut report_data = sgx_report_data_t::default();
 
@@ -25,10 +25,13 @@ fn maa_get_quote_base64(user_data: &[u8]) -> Result<String, &'static str> {
         report_data.d[i] = user_data[i];
     }
 
-    dcap.generate_quote(quote_buf.as_mut_ptr(), &mut report_data).unwrap();
+    let ret = dcap.generate_quote(quote_buf.as_mut_ptr(), &mut report_data).unwrap();
     dcap.close();
-    let quote = base64::encode(&quote_buf);
+    if ret < 0 {
+        return Err("DCAP generate quote failed");
+    }
 
+    let quote = base64::encode(&quote_buf);
     Ok(quote)
 }
 
diff --git a/demos/remote_attestation/azure_attestation/maa_init/init/src/maa.rs b/demos/remote_attestation/azure_attestation/maa_init/init/src/maa.rs
index 49d3f51a..c1d11be8 100644
--- a/demos/remote_attestation/azure_attestation/maa_init/init/src/maa.rs
+++ b/demos/remote_attestation/azure_attestation/maa_init/init/src/maa.rs
@@ -7,8 +7,8 @@ use occlum_dcap::*;
 pub const MAX_REPORT_DATA_SIZE: usize = 64;
 
 fn maa_get_quote_base64(user_data: &[u8]) -> Result<String, &'static str> {
-    let mut dcap = DcapQuote::new();
-    let quote_size = dcap.get_quote_size();
+    let mut dcap = DcapQuote::new().unwrap();
+    let quote_size = dcap.get_quote_size().unwrap();
     let mut quote_buf: Vec<u8> = vec![0; quote_size as usize];
     let mut report_data = sgx_report_data_t::default();
 
@@ -25,10 +25,13 @@ fn maa_get_quote_base64(user_data: &[u8]) -> Result<String, &'static str> {
         report_data.d[i] = user_data[i];
     }
 
-    dcap.generate_quote(quote_buf.as_mut_ptr(), &mut report_data).unwrap();
+    let ret = dcap.generate_quote(quote_buf.as_mut_ptr(), &mut report_data).unwrap();
     dcap.close();
-    let quote = base64::encode(&quote_buf);
+    if ret < 0 {
+        return Err("DCAP generate quote failed");
+    }
 
+    let quote = base64::encode(&quote_buf);
     Ok(quote)
 }
 
diff --git a/demos/remote_attestation/azure_attestation/maa_init/init/src/main.rs b/demos/remote_attestation/azure_attestation/maa_init/init/src/main.rs
index 6d9eb86c..22b64b38 100644
--- a/demos/remote_attestation/azure_attestation/maa_init/init/src/main.rs
+++ b/demos/remote_attestation/azure_attestation/maa_init/init/src/main.rs
@@ -18,14 +18,6 @@ fn main() -> Result<(), Box<dyn Error>> {
     const IMAGE_CONFIG_FILE: &str = "/etc/image_config.json";
     let image_config = load_config(IMAGE_CONFIG_FILE)?;
 
-    // Get the MAC of Occlum.json.protected file
-    let occlum_json_mac = {
-        let mut mac: sgx_aes_gcm_128bit_tag_t = Default::default();
-        parse_str_to_bytes(&image_config.occlum_json_mac, &mut mac)?;
-        mac
-    };
-    let occlum_json_mac_ptr = &occlum_json_mac as *const sgx_aes_gcm_128bit_tag_t;
-
     // Get the key of FS image if needed
     let key = match &image_config.image_type[..] {
         "encrypted" => {
@@ -65,8 +57,9 @@ fn main() -> Result<(), Box<dyn Error>> {
     const SYS_MOUNT_FS: i64 = 363;
     // User can provide valid path for runtime mount and boot
     // Otherwise, just pass null pointer to do general mount and boot
-    let rootfs_config: *const i8 = std::ptr::null();
-    let ret = unsafe { syscall(SYS_MOUNT_FS, key_ptr, rootfs_config) };
+    let root_config_path: *const i8 = std::ptr::null();
+    let ret = unsafe { syscall(
+        SYS_MOUNT_FS, key_ptr, root_config_path) };
     if ret < 0 {
         return Err(Box::new(std::io::Error::last_os_error()));
     }
@@ -82,13 +75,10 @@ fn main() -> Result<(), Box<dyn Error>> {
 
 #[allow(non_camel_case_types)]
 type sgx_key_128bit_t = [u8; 16];
-#[allow(non_camel_case_types)]
-type sgx_aes_gcm_128bit_tag_t = [u8; 16];
 
 #[derive(Deserialize, Debug)]
 #[serde(deny_unknown_fields)]
 struct ImageConfig {
-    occlum_json_mac: String,
     image_type: String,
 }
 
diff --git a/tools/toolchains/dcap_lib/examples/dcap_test.rs b/tools/toolchains/dcap_lib/examples/dcap_test.rs
index 74987361..34c21614 100644
--- a/tools/toolchains/dcap_lib/examples/dcap_test.rs
+++ b/tools/toolchains/dcap_lib/examples/dcap_test.rs
@@ -15,9 +15,9 @@ struct DcapDemo {
 
 impl DcapDemo {
     pub fn new(report_data: &str) -> Self {
-        let mut dcap = DcapQuote::new();
-        let quote_size = dcap.get_quote_size();
-        let supplemental_size = dcap.get_supplemental_data_size();
+        let mut dcap = DcapQuote::new().unwrap();
+        let quote_size = dcap.get_quote_size().unwrap();
+        let supplemental_size = dcap.get_supplemental_data_size().unwrap();
         let quote_buf: Vec<u8> = vec![0; quote_size as usize];
         let suppl_buf: Vec<u8> = vec![0; supplemental_size as usize];
         let mut req_data = sgx_report_data_t::default();
@@ -37,12 +37,15 @@ impl DcapDemo {
         }
     }
 
-    fn dcap_quote_gen(&mut self) -> Result<i32> {
-        self.dcap_quote.generate_quote(self.quote_buf.as_mut_ptr(), &mut self.req_data).unwrap();
+    fn dcap_quote_gen(&mut self) -> i32 {
+        let ret = self.dcap_quote.generate_quote(self.quote_buf.as_mut_ptr(), &mut self.req_data).unwrap();
+        if ret < 0 {
+            println!("DCAP generate quote failed");
+        } else {
+            println!("DCAP generate quote successfully");
+        }
 
-        println!("DCAP generate quote successfully");
-
-        Ok( 0 )
+        ret
     }
 
     // Quote has type `sgx_quote3_t` and is structured as
@@ -68,7 +71,7 @@ impl DcapDemo {
         Ok(report_data_ptr)
     }
 
-    fn dcap_quote_ver(&mut self) -> Result<sgx_ql_qv_result_t> {
+    fn dcap_quote_verify(&mut self) -> sgx_ql_qv_result_t {
         let mut quote_verification_result = sgx_ql_qv_result_t::SGX_QL_QV_RESULT_UNSPECIFIED;
         let mut status = 1;
 
@@ -81,10 +84,14 @@ impl DcapDemo {
             supplemental_data: self.suppl_buf.as_mut_ptr(),
         };
 
-        self.dcap_quote.verify_quote(&mut verify_arg).unwrap();
-        println!("DCAP verify quote successfully");
+        let ret = self.dcap_quote.verify_quote(&mut verify_arg).unwrap();
+        if ret < 0 {
+            println!("DCAP verify quote failed");
+        } else {
+            println!("DCAP verify quote successfully");
+        }
 
-        Ok( quote_verification_result )
+        quote_verification_result
     }
 
     fn dcap_dump_quote_info(&mut self) {
@@ -137,7 +144,7 @@ fn main() {
     let mut dcap_demo = DcapDemo::new(report_str);
 
     println!("Generate quote with report data : {}", report_str);
-    dcap_demo.dcap_quote_gen().unwrap();
+    dcap_demo.dcap_quote_gen();
 
     // compare the report data in quote buffer
     let report_data_ptr = dcap_demo.dcap_quote_get_report_data().unwrap();
@@ -151,7 +158,7 @@ fn main() {
 
     dcap_demo.dcap_dump_quote_info();
 
-    let result = dcap_demo.dcap_quote_ver().unwrap();
+    let result = dcap_demo.dcap_quote_verify();
     match result {
         sgx_ql_qv_result_t::SGX_QL_QV_RESULT_OK => {
             println!("Succeed to verify the quote!");
diff --git a/tools/toolchains/dcap_lib/src/lib.rs b/tools/toolchains/dcap_lib/src/lib.rs
index abb59c2e..a0616099 100644
--- a/tools/toolchains/dcap_lib/src/lib.rs
+++ b/tools/toolchains/dcap_lib/src/lib.rs
@@ -6,7 +6,11 @@ pub use crate::occlum_dcap::*;
 
 #[no_mangle]
 pub extern "C" fn dcap_quote_open() -> *mut c_void {
-    Box::into_raw(Box::new(DcapQuote::new())) as *mut c_void
+    if let Ok(fd) = DcapQuote::new() {
+        Box::into_raw(Box::new(fd)) as *mut c_void
+    } else {
+        std::ptr::null_mut::<u8>() as *mut c_void
+    }
 }
 
 #[no_mangle]
@@ -19,7 +23,7 @@ pub extern "C" fn dcap_get_quote_size(handle: *mut c_void) -> u32 {
         &mut *(handle as *mut DcapQuote)
     };
 
-    dcap.get_quote_size()
+    dcap.get_quote_size().unwrap_or(0)
 }
 
 #[no_mangle]
@@ -36,9 +40,7 @@ pub extern "C" fn dcap_generate_quote(
         &mut *(handle as *mut DcapQuote)
     };
 
-    dcap.generate_quote(quote_buf, report_data).unwrap();
-
-    0
+    dcap.generate_quote(quote_buf, report_data).unwrap_or(-1)
 }
 
 #[no_mangle]
@@ -51,7 +53,7 @@ pub extern "C" fn dcap_get_supplemental_data_size(handle: *mut c_void) -> u32 {
         &mut *(handle as *mut DcapQuote)
     };
 
-    dcap.get_supplemental_data_size()
+    dcap.get_supplemental_data_size().unwrap_or(0)
 }
 
 #[no_mangle]
@@ -81,9 +83,7 @@ pub extern "C" fn dcap_verify_quote(
         supplemental_data: supplemental_data,
     };
 
-    dcap.verify_quote(&mut verify_arg).unwrap();
-
-    0
+    dcap.verify_quote(&mut verify_arg).unwrap_or(-1)
 }
 
 
diff --git a/tools/toolchains/dcap_lib/src/occlum_dcap.rs b/tools/toolchains/dcap_lib/src/occlum_dcap.rs
index 22ba3158..61e1bf1e 100644
--- a/tools/toolchains/dcap_lib/src/occlum_dcap.rs
+++ b/tools/toolchains/dcap_lib/src/occlum_dcap.rs
@@ -20,7 +20,6 @@ cfg_if::cfg_if! {
     }
 }
 
-
 // Copy from occlum/src/libos/src/fs/dev_fs/dev_sgx/mod.rs
 //#[allow(dead_code)]
 #[repr(C)]
@@ -49,32 +48,36 @@ pub struct DcapQuote {
 }
 
 impl DcapQuote {
-    pub fn new() -> Self {
-        let path =  CString::new("/dev/sgx").unwrap();
+    pub fn new() -> Result<Self, Error> {
+        let path = CString::new("/dev/sgx").unwrap();
         let fd = unsafe { libc::open(path.as_ptr(), O_RDONLY) };
         if fd > 0 {
-            Self {
+            Ok(Self {
                 fd: fd,
                 quote_size: 0,
                 supplemental_size: 0,
-            }
+            })
         } else {
-            panic!("Open /dev/sgx failed")
+            let os_err = Error::last_os_error();
+            println!("OS error: {os_err:?}");
+            Err(os_err)
         }
     }
 
-    pub fn get_quote_size(&mut self) -> u32 {
+    pub fn get_quote_size(&mut self) -> Result<u32, Error> {
         let size: u32 = 0;
         let ret = unsafe { libc::ioctl(self.fd, IOCTL_GET_DCAP_QUOTE_SIZE, &size) };
         if ret < 0 {
-            panic!("IOCTRL IOCTL_GET_DCAP_QUOTE_SIZE failed");
+            let os_err = Error::last_os_error();
+            println!("OS error: {os_err:?}");
+            Err(os_err)
         } else {
             self.quote_size = size;
-            size
+            Ok(size)
         }
     }
 
-    pub fn generate_quote(&mut self, quote_buf: *mut u8,  report_data: *const sgx_report_data_t) -> Result<i32, &'static str> {
+    pub fn generate_quote(&mut self, quote_buf: *mut u8,  report_data: *const sgx_report_data_t) -> Result<i32, Error> {
         let quote_arg: IoctlGenDCAPQuoteArg = IoctlGenDCAPQuoteArg {
             report_data: report_data,
             quote_size: &mut self.quote_size,
@@ -83,30 +86,35 @@ impl DcapQuote {
 
         let ret = unsafe { libc::ioctl(self.fd, IOCTL_GEN_DCAP_QUOTE, &quote_arg) };
         if ret < 0 {
-            Err("IOCTRL IOCTL_GEN_DCAP_QUOTE failed")
+            let os_err = Error::last_os_error();
+            println!("OS error: {os_err:?}");
+            Err(os_err)
         } else {
-            Ok( 0 )
+            Ok(0)
         }
     }
 
-    pub fn get_supplemental_data_size(&mut self) -> u32 {
+    pub fn get_supplemental_data_size(&mut self) -> Result<u32, Error> {
         let size: u32 = 0;
         let ret = unsafe { libc::ioctl(self.fd, IOCTL_GET_DCAP_SUPPLEMENTAL_SIZE, &size) };
         if ret < 0 {
-            panic!("IOCTRL IOCTL_GET_DCAP_SUPPLEMENTAL_SIZE failed");
+            let os_err = Error::last_os_error();
+            println!("OS error: {os_err:?}");
+            Err(os_err)
         } else {
             self.supplemental_size = size;
-            size
+            Ok(size)
         }
     }
 
-    pub fn verify_quote(&mut self, verify_arg: *mut IoctlVerDCAPQuoteArg) -> Result<i32, &'static str> {
+    pub fn verify_quote(&mut self, verify_arg: *mut IoctlVerDCAPQuoteArg) -> Result<i32, Error> {
         let ret = unsafe { libc::ioctl(self.fd, IOCTL_VER_DCAP_QUOTE, verify_arg) };
         if ret < 0 {
-            println!("ret = {}", ret);
-            Err("IOCTRL IOCTL_VER_DCAP_QUOTE failed")
+            let os_err = Error::last_os_error();
+            println!("OS error: {os_err:?}");
+            Err(os_err)
         } else {
-            Ok( 0 )
+            Ok(0)
         }
     }
 
diff --git a/tools/toolchains/dcap_lib/src/prelude.rs b/tools/toolchains/dcap_lib/src/prelude.rs
index e2c828c3..5dac5871 100644
--- a/tools/toolchains/dcap_lib/src/prelude.rs
+++ b/tools/toolchains/dcap_lib/src/prelude.rs
@@ -1,4 +1,5 @@
 pub use std::boxed::Box;
+pub use std::io::Error;
 pub use libc::{open, ioctl, close, c_void, c_int, O_RDONLY};
 
 // Defined in "occlum/deps/rust-sgx-sdk/sgx_types"