Skip to content

fix(enclave): reject malformed attestation quotes safely#203

Draft
Alicepoltora wants to merge 1 commit into
SeismicSystems:seismicfrom
Alicepoltora:agent/fix-attestation-quote-panic
Draft

fix(enclave): reject malformed attestation quotes safely#203
Alicepoltora wants to merge 1 commit into
SeismicSystems:seismicfrom
Alicepoltora:agent/fix-attestation-quote-panic

Conversation

@Alicepoltora

Copy link
Copy Markdown

Summary

The public evalAttestationEvidence JSON-RPC method passed attacker-controlled quote bytes directly to dcap-rs::QuoteV4::from_bytes. That parser is infallible and indexes variable-length fields directly, so malformed input could panic the enclave server and make attestation unavailable.

This change:

  • validates the quote header, supported TEE type, body length, signature length, and truncation before parsing;
  • catches malformed nested certification data from the current dcap-rs parser and returns a JSON-RPC error instead of panicking;
  • adds regression tests for truncated, unsupported, undersized, and malformed quotes.

Verification

  • cargo fmt --all --check
  • cargo test -p seismic-enclave-server server::tests (6 passed)

The parser boundary is intentionally defensive because dcap-rs does not currently expose a fallible quote parser.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant