Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unit tests don't test non-debug attestation validation #73

Open
rjzak opened this issue Oct 10, 2022 · 0 comments
Open

Unit tests don't test non-debug attestation validation #73

rjzak opened this issue Oct 10, 2022 · 0 comments
Labels
attestation Issues related to attestation

Comments

@rjzak
Copy link
Member

rjzak commented Oct 10, 2022

When debug mode is disabled, such when the certificate isn't self-signed, SGX and SNP have additional checks. Both add an additional check there the hash of the public key from the Certificate Request is expected to be in the body of the attestation report. Additionally, the stored test data for SGX & SNP have bogus data in the respective fields:

  • SGX: report.reportdata = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
  • SNP: report.body.report_data = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f

We'll need the saved public key data, and new saved attestation reports for unit tests to pass when not in debug mode.
@rjzak rjzak mentioned this issue Oct 10, 2022
Open
@dpal dpal added the attestation Issues related to attestation label Dec 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
attestation Issues related to attestation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rjzak @dpal