Update handling of empty format settings for SGX ECDSA evidence

Signed-off-by: Shanwei Cen <[email protected]>
BRMcLaren · Dec 14, 2020 · 71ee700 · 71ee700
1 parent 15113e0
commit 71ee700
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 13 deletions.
diff --git a/host/sgx/sgxquote.c b/host/sgx/sgxquote.c
@@ -708,8 +708,8 @@ oe_result_t oe_sgx_qe_get_quote(
         }
         else // ECDSA
         {
-            // For EPID, opt_params_size should be zero.
-            if (opt_params_size)
+            // For ECDSA, opt_params_size should be zero.
+            if (opt_params || opt_params_size)
                 OE_RAISE(OE_INVALID_PARAMETER);
         }
 
@@ -734,6 +734,10 @@ oe_result_t oe_sgx_qe_get_quote(
     }
     else
     {
+        // Only ECDSA is supported, opt_params_size should be zero.
+        if (opt_params || opt_params_size)
+            OE_RAISE(OE_INVALID_PARAMETER);
+
         if (quote_size > OE_MAX_UINT32)
             OE_RAISE(OE_INVALID_PARAMETER);
 

diff --git a/samples/attestation/common/dispatcher.cpp b/samples/attestation/common/dispatcher.cpp
@@ -85,19 +85,28 @@ int ecall_dispatcher::get_enclave_format_settings(
         goto exit;
     }
 
-    // Allocate memory on the host and copy the format settings over.
-    // TODO: the following code is not TEE-agnostic, as it assumes the
-    // enclave can directly write into host memory
-    *format_settings_buffer = (uint8_t*)oe_host_malloc(format_settings_size);
-    if (*format_settings_buffer == nullptr)
+    if (format_settings && format_settings_size)
     {
-        ret = OE_OUT_OF_MEMORY;
-        TRACE_ENCLAVE("copying format_settings failed, out of memory");
-        goto exit;
+        // Allocate memory on the host and copy the format settings over.
+        // TODO: the following code is not TEE-agnostic, as it assumes the
+        // enclave can directly write into host memory
+        *format_settings_buffer =
+            (uint8_t*)oe_host_malloc(format_settings_size);
+        if (*format_settings_buffer == nullptr)
+        {
+            ret = OE_OUT_OF_MEMORY;
+            TRACE_ENCLAVE("copying format_settings failed, out of memory");
+            goto exit;
+        }
+        memcpy(*format_settings_buffer, format_settings, format_settings_size);
+        *format_settings_buffer_size = format_settings_size;
+        oe_verifier_free_format_settings(format_settings);
+    }
+    else
+    {
+        *format_settings_buffer = nullptr;
+        *format_settings_buffer_size = 0;
     }
-    memcpy(*format_settings_buffer, format_settings, format_settings_size);
-    *format_settings_buffer_size = format_settings_size;
-    oe_verifier_free_format_settings(format_settings);
     ret = 0;
 
 exit: