Fix signature verification error in sgx_report_attestation_status and a make dependency problem #359
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In 2.4.0, sgx_report_attestation_status always returns SGX_ERROR_INVALID_PARAMETER due to oal_map_result returns AESM_PLATFORM_INFO_BLOB_INVALID_SIG. The problem is caused by a change in u_certificate_provisioning.cpp, removing essential endian conversion. This commit aims at reverting this change and making sgx_report_attestation_status works again. One test case on my testbed: 1502006500000800000202020401800000000000000000000007000006000000020000000000000B0D292FE7F0F37C075567E227A454318D29A3E94F035693794FADECD6C31606DE989858BF7FB718A096B52A90EFCD50270C9A0A2F4500CFAC159DD44EAA2C014179 Signed-off-by: Yu Ding <dingelish@gmail.com>
Signed-off-by: Yu Ding <dingelish@gmail.com>
dingelish
changed the title
|
Hi there, is this a valid patch or not? If not, what is the better way to resolve the signature verification error? Thanks! |
|
This is a bug and your patch works. We are applying validations before merge your PR. |
|
Thanks @llly ! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
4baa19d
In 2.4.0, sgx_report_attestation_status always returns
SGX_ERROR_INVALID_PARAMETERdue to oal_map_result returnsAESM_PLATFORM_INFO_BLOB_INVALID_SIG. The problem is caused by a change in u_certificate_provisioning.cpp, removing essential endian conversion. This commit aims at reverting this change and making sgx_report_attestation_status works again.One test case on my testbed, which accepted by 2.3.1 but denied by 2.4.0: 1502006500000800000202020401800000000000000000000007000006000000020000000000000B0D292FE7F0F37C075567E227A454318D29A3E94F035693794FADECD6C31606DE989858BF7FB718A096B52A90EFCD50270C9A0A2F4500CFAC159DD44EAA2C014179
This case is accepted by aesm_service with the given patch.
dd54bf1
make -jthe entire SDK always results in an error message aboutcannot find utilityfrom sgx_random_buffers.h when compiling trts_ecall.cpp. I found that this is caused by doingmakeinsdk/trts/linuxbeforesdk/trts. This patch fixes the problem by an additional dependency.Signed-off-by: Yu Ding dingelish@gmail.com