You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After some investigation, following is the root cause
The quote function in dcap-ql which generate quote contains following two steps
get_quote_size, to get an ESTIMATED size of the quote, and it is the application's (which is our) responsibility to allocate a buffer that is AT LEAST this big, and pass to get_quote function. Since this is just estimation, it has some default value if PCCS return empty data / failed to return data at the moment
get_quote
The erroneous signature that trigger the error above is actually still valid, just that there are four trailing '\x00' at the end of the quote, which should be caused by a larger estimated quote size
get quote function looks like this, and the let mut quote = vec![0; quote_size as _]; should be the root cause of those trailing '\x00'
And when parsing the signature in fortanix's library, it requires the input buffer (which is vec![0; quote_size as _] to match the exact content (which is represented by format [length_of_following_bytes, byte_1, byte_2, ...], e.g. [0x5, 0xab, 0xcd, 0xef, 0x01, 0x23])
And the fix is simple, instead of failing when the expected quote length and actual quote length mismatch, we just keep parsing, and discard any trailing data (so effectively accepting longer quote, but will still reject quote that is shorter than expected)
To Reproduce:
Steps to reproduce the behavior:
Append several random bytes after getting quote from dcap_ql::quote
Parse the quote using dcap_ql crate
Expected behavior:
Extra bytes are ignored, and parsing passed
Reproducibility:
Always
Environment:
Ubuntu 22.04 LTS
Possible Solution:
Parse the quote as normal, but instead of failing directly after detecting extra trailing bytes, simply discard them
Severity:
Critical
Major
Normal
Minor
The text was updated successfully, but these errors were encountered:
I don't think this is a bug as described. It is correct that a validation function errors out when extraneous data is passed in. The bug is that fn quote returns data that is longer than the quote.
Describe the bug:
we've recently receive following error, which is generated in this line (https://github.com/fortanix/rust-sgx/blob/master/intel-sgx/dcap-ql/src/quote.rs#L240)
Invalid signature length, expected 4164, got 4168
After some investigation, following is the root cause
The quote function in dcap-ql which generate quote contains following two steps
The erroneous signature that trigger the error above is actually still valid, just that there are four trailing '\x00' at the end of the quote, which should be caused by a larger estimated quote size
get quote function looks like this, and the
let mut quote = vec![0; quote_size as _];
should be the root cause of those trailing '\x00'And when parsing the signature in fortanix's library, it requires the input buffer (which is vec![0; quote_size as _] to match the exact content (which is represented by format [length_of_following_bytes, byte_1, byte_2, ...], e.g. [0x5, 0xab, 0xcd, 0xef, 0x01, 0x23])
And the fix is simple, instead of failing when the expected quote length and actual quote length mismatch, we just keep parsing, and discard any trailing data (so effectively accepting longer quote, but will still reject quote that is shorter than expected)
To Reproduce:
Steps to reproduce the behavior:
dcap_ql::quote
dcap_ql
crateExpected behavior:
Extra bytes are ignored, and parsing passed
Reproducibility:
Environment:
Possible Solution:
Parse the quote as normal, but instead of failing directly after detecting extra trailing bytes, simply discard them
Severity:
The text was updated successfully, but these errors were encountered: