fix parser functions to return Result type

Signed-off-by: Jun Kimura <jun.kimura@datachain.jp>

Author: bluele

crates/pcs/src/client.rs

@@ -222,7 +222,7 @@ mod tests {
     #[test]
     fn test_get_collateral() {
         let qe_cert_data_bz = hex::decode("0500dc0d00002d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d4949456a544343424453674177494241674956414a34674a3835554b6b7a613873504a4847676e4f4b6d5451426e754d416f4743437147534d343942414d430a4d484578497a416842674e5642414d4d476b6c756447567349464e48574342515130736755484a765932567a6332397949454e424d526f77474159445651514b0a4442464a626e526c6243424462334a7762334a6864476c76626a45554d424947413155454277774c553246756447456751327868636d4578437a414a42674e560a4241674d416b4e424d517377435159445651514745774a56557a4165467730794e5441784d6a41784d444d7a4e4446614677307a4d6a41784d6a41784d444d7a0a4e4446614d484178496a416742674e5642414d4d47556c756447567349464e4857434251513073675132567964476c6d61574e6864475578476a415942674e560a42416f4d45556c756447567349454e76636e4276636d4630615739754d5251774567594456515148444174545957353059534244624746795954454c4d416b470a413155454341774351304578437a414a42674e5642415954416c56544d466b77457759484b6f5a497a6a3043415159494b6f5a497a6a304441516344516741450a516a537877644d662b2b3578645553717478343769335952633970504a475434304642774e306e5335557a43314233524b63544875514c3135796b357a4c766c0a5535707a7563552f2b6d674a4e6f55774b6e784942364f434171677767674b6b4d42384741315564497751594d426141464e446f71747031312f6b75535265590a504873555a644456386c6c4e4d477747413155644877526c4d474d77596142666f463247573268306448427a4f693876595842704c6e527964584e305a57527a0a5a584a3261574e6c63793570626e526c6243356a62323076633264344c324e6c636e52705a6d6c6a5958527062323476646a517663474e7259334a7350324e680a5058427962324e6c63334e7663695a6c626d4e765a476c755a7a316b5a584977485159445652304f42425945464f7632356e4f67634c754f693644424b3037470a4d4f5161315a53494d41344741315564447745422f775145417749477744414d42674e5648524d4241663845416a41414d4949423141594a4b6f5a496876684e0a415130424249494278544343416345774867594b4b6f5a496876684e41513042415151514459697469663748386e4277566732482b38504f476a4343415751470a43697147534962345451454e41514977676746554d42414743797147534962345451454e41514942416745564d42414743797147534962345451454e415149430a416745564d42414743797147534962345451454e41514944416745434d42414743797147534962345451454e41514945416745454d42414743797147534962340a5451454e41514946416745424d42454743797147534962345451454e41514947416749416744415142677371686b69472b4530424451454342774942446a41510a42677371686b69472b45304244514543434149424144415142677371686b69472b45304244514543435149424144415142677371686b69472b453042445145430a436749424144415142677371686b69472b45304244514543437749424144415142677371686b69472b45304244514543444149424144415142677371686b69470a2b45304244514543445149424144415142677371686b69472b45304244514543446749424144415142677371686b69472b4530424451454344774942414441510a42677371686b69472b45304244514543454149424144415142677371686b69472b45304244514543455149424454416642677371686b69472b453042445145430a4567515146525543424147414467414141414141414141414144415142676f71686b69472b45304244514544424149414144415542676f71686b69472b4530420a44514545424159416b473756414141774477594b4b6f5a496876684e4151304242516f424144414b42676771686b6a4f5051514441674e4841444245416942750a6846786c7379536f4a373479392f374665436c6679522b544d4a626c43696663364e577538637466424149674c524f6e50584138636d3864577061716f4679680a467559567237396f696f584e63395354677857573332633d0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a2d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d4949436d444343416a36674177494241674956414e446f71747031312f6b7553526559504873555a644456386c6c4e4d416f4743437147534d343942414d430a4d476778476a415942674e5642414d4d45556c756447567349464e48574342536232393049454e424d526f77474159445651514b4442464a626e526c624342440a62334a7762334a6864476c76626a45554d424947413155454277774c553246756447456751327868636d4578437a414a42674e564241674d416b4e424d5173770a435159445651514745774a56557a4165467730784f4441314d6a45784d4455774d5442614677307a4d7a41314d6a45784d4455774d5442614d484578497a41680a42674e5642414d4d476b6c756447567349464e48574342515130736755484a765932567a6332397949454e424d526f77474159445651514b4442464a626e526c0a6243424462334a7762334a6864476c76626a45554d424947413155454277774c553246756447456751327868636d4578437a414a42674e564241674d416b4e420a4d517377435159445651514745774a56557a425a4d424d4742797147534d34394167454743437147534d34394177454841304941424c39712b4e4d7032494f670a74646c31626b2f75575a352b5447516d38614369387a373866732b664b435133642b75447a586e56544154325a68444369667949754a77764e33774e427039690a484253534d4a4d4a72424f6a6762737767626777487759445652306a42426777466f4155496d554d316c71644e496e7a6737535655723951477a6b6e427177770a556759445652306642457377535442486f45576751345a426148523063484d364c79396a5a584a3061575a70593246305a584d7564484a316333526c5a484e6c0a636e5a705932567a4c6d6c75644756734c6d4e766253394a626e526c62464e4857464a76623352445153356b5a584977485159445652304f42425945464e446f0a71747031312f6b7553526559504873555a644456386c6c4e4d41344741315564447745422f77514541774942426a415342674e5648524d4241663845434441470a4151482f416745414d416f4743437147534d343942414d43413067414d4555434951434a6754627456714f795a316d336a716941584d365159613672357357530a34792f4737793875494a4778647749675271507642534b7a7a516167424c517135733541373070646f6961524a387a2f3075447a344e675639316b3d0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a2d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d4949436a7a4343416a53674177494241674955496d554d316c71644e496e7a6737535655723951477a6b6e42717777436759494b6f5a497a6a3045417749770a614445614d4267474131554541777752535735305a5777675530645949464a766233516751304578476a415942674e5642416f4d45556c756447567349454e760a636e4276636d4630615739754d5251774567594456515148444174545957353059534244624746795954454c4d416b47413155454341774351304578437a414a0a42674e5642415954416c56544d423458445445344d4455794d5445774e4455784d466f58445451354d54497a4d54497a4e546b314f566f77614445614d4267470a4131554541777752535735305a5777675530645949464a766233516751304578476a415942674e5642416f4d45556c756447567349454e76636e4276636d46300a615739754d5251774567594456515148444174545957353059534244624746795954454c4d416b47413155454341774351304578437a414a42674e56424159540a416c56544d466b77457759484b6f5a497a6a3043415159494b6f5a497a6a3044415163445167414543366e45774d4449595a4f6a2f69505773437a61454b69370a314f694f534c52466857476a626e42564a66566e6b59347533496a6b4459594c304d784f346d717379596a6c42616c54565978465032734a424b357a6c4b4f420a757a43427544416642674e5648534d4547444157674251695a517a575770303069664f44744a5653763141624f5363477244425342674e5648523845537a424a0a4d45656752614244686b466f64485277637a6f764c324e6c636e52705a6d6c6a5958526c63793530636e567a6447566b63325679646d6c6a5a584d75615735300a5a577775593239744c306c756447567355306459556d397664454e424c6d526c636a416442674e564851344546675155496d554d316c71644e496e7a673753560a55723951477a6b6e4271777744675944565230504151482f42415144416745474d42494741315564457745422f7751494d4159424166384341514577436759490a4b6f5a497a6a3045417749445351417752674968414f572f35516b522b533943695344634e6f6f774c7550524c735747662f59693747535839344267775477670a41694541344a306c72486f4d732b586f356f2f7358364f39515778485241765a55474f6452513763767152586171493d0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a00").unwrap();
-        let cert_data = CertData::from_bytes(&qe_cert_data_bz);
+        let cert_data = CertData::from_bytes(&qe_cert_data_bz).unwrap();
         let client = PCSClient::default();
         let res = client.get_collateral(&cert_data);
         assert!(res.is_ok(), "{:?}", res);

crates/types/src/quotes/mod.rs

@@ -33,7 +33,10 @@ pub struct QuoteHeader {
 
 impl QuoteHeader {
     /// Parse a QuoteHeader from a byte slice.
-    pub fn from_bytes(raw_bytes: &[u8]) -> Self {
+    pub fn from_bytes(raw_bytes: &[u8]) -> Result<Self> {
+        if raw_bytes.len() < 48 {
+            return Err(anyhow::anyhow!("QuoteHeader is too short"));
+        }
         let version = u16::from_le_bytes([raw_bytes[0], raw_bytes[1]]);
         let att_key_type = u16::from_le_bytes([raw_bytes[2], raw_bytes[3]]);
         let tee_type = u32::from_le_bytes([raw_bytes[4], raw_bytes[5], raw_bytes[6], raw_bytes[7]]);
@@ -46,15 +49,15 @@ impl QuoteHeader {
         let mut user_data = [0; 20];
         user_data.copy_from_slice(&raw_bytes[28..48]);
 
-        QuoteHeader {
+        Ok(QuoteHeader {
             version,
             att_key_type,
             tee_type,
             qe_svn,
             pce_svn,
             qe_vendor_id,
             user_data,
-        }
+        })
     }
 
     /// Serialize a QuoteHeader to a byte array.
@@ -86,10 +89,17 @@ pub struct QeAuthData {
 
 impl QeAuthData {
     /// Parse a QeAuthData from a byte slice.
-    pub fn from_bytes(raw_bytes: &[u8]) -> QeAuthData {
+    pub fn from_bytes(raw_bytes: &[u8]) -> Result<QeAuthData> {
+        let len = raw_bytes.len();
+        if len < 2 {
+            return Err(anyhow::anyhow!("QeAuthData is too short"));
+        }
         let size = u16::from_le_bytes([raw_bytes[0], raw_bytes[1]]);
+        if len < 2 + size as usize {
+            return Err(anyhow::anyhow!("QeAuthData is too short"));
+        }
         let data = raw_bytes[2..2 + size as usize].to_vec();
-        QeAuthData { size, data }
+        Ok(QeAuthData { size, data })
     }
 
     /// Serialize a QeAuthData to a byte vector.
@@ -130,17 +140,23 @@ pub struct CertData {
 
 impl CertData {
     /// Parse a CertData from a byte slice.
-    pub fn from_bytes(raw_bytes: &[u8]) -> Self {
+    pub fn from_bytes(raw_bytes: &[u8]) -> Result<Self> {
+        let len = raw_bytes.len();
+        if len < 6 {
+            return Err(anyhow::anyhow!("CertData is too short"));
+        }
         let cert_data_type = u16::from_le_bytes([raw_bytes[0], raw_bytes[1]]);
         let cert_data_size =
             u32::from_le_bytes([raw_bytes[2], raw_bytes[3], raw_bytes[4], raw_bytes[5]]);
+        if len < 6 + cert_data_size as usize {
+            return Err(anyhow::anyhow!("CertData is too short"));
+        }
         let cert_data = raw_bytes[6..6 + cert_data_size as usize].to_vec();
-
-        CertData {
+        Ok(CertData {
             cert_data_type,
             cert_data_size,
             cert_data,
-        }
+        })
     }
 
     /// Serialize a CertData to a byte vector.
@@ -198,12 +214,12 @@ impl QeReportCertData {
         let mut qe_report_signature = [0; 64];
         qe_report_signature.copy_from_slice(&raw_bytes[384..448]);
         // qe auth data is variable length, we'll pass remaining bytes to the from_bytes method
-        let qe_auth_data = QeAuthData::from_bytes(&raw_bytes[448..]);
+        let qe_auth_data = QeAuthData::from_bytes(&raw_bytes[448..])?;
         // get the length of qe_auth_data
         let qe_auth_data_size = 2 + qe_auth_data.size as usize;
         // finish off with the parsing of qe_cert_data
         let qe_cert_data_start = 448 + qe_auth_data_size;
-        let qe_cert_data = CertData::from_bytes(&raw_bytes[qe_cert_data_start..]);
+        let qe_cert_data = CertData::from_bytes(&raw_bytes[qe_cert_data_start..])?;
 
         Ok(QeReportCertData {
             qe_report,
@@ -259,7 +275,7 @@ pub(crate) mod tests {
         #[test]
         fn test_quote_header_roundtrip(quote_header in quote_header_strategy()) {
             let raw_bytes = quote_header.to_bytes();
-            let parsed_quote_header = QuoteHeader::from_bytes(&raw_bytes);
+            let parsed_quote_header = QuoteHeader::from_bytes(&raw_bytes).unwrap();
             prop_assert_eq!(quote_header, parsed_quote_header, "raw_bytes: {:?}", raw_bytes);
         }
 
@@ -273,14 +289,14 @@ pub(crate) mod tests {
         #[test]
         fn test_qe_auth_data_roundtrip(qe_auth_data in qe_auth_data_strategy(65535)) {
             let raw_bytes = qe_auth_data.to_bytes();
-            let parsed_qe_auth_data = QeAuthData::from_bytes(&raw_bytes);
+            let parsed_qe_auth_data = QeAuthData::from_bytes(&raw_bytes).unwrap();
             prop_assert_eq!(qe_auth_data, parsed_qe_auth_data, "raw_bytes: {:?}", raw_bytes);
         }
 
         #[test]
         fn test_cert_data_roundtrip(cert_data in cert_data_strategy(65535)) {
             let raw_bytes = cert_data.to_bytes();
-            let parsed_cert_data = CertData::from_bytes(&raw_bytes);
+            let parsed_cert_data = CertData::from_bytes(&raw_bytes).unwrap();
             prop_assert_eq!(cert_data, parsed_cert_data);
         }
     }

crates/types/src/quotes/version_3.rs

@@ -32,7 +32,7 @@ impl QuoteV3 {
         if raw_bytes.len() < 436 {
             return Err(anyhow!("QuoteV3 data is too short"));
         }
-        let header = QuoteHeader::from_bytes(&raw_bytes[0..48]);
+        let header = QuoteHeader::from_bytes(&raw_bytes[0..48])?;
         let isv_enclave_report = EnclaveReport::from_bytes(&raw_bytes[48..432])?;
         let signature_len = u32::from_le_bytes([
             raw_bytes[432],
@@ -90,6 +90,10 @@ pub struct QuoteSignatureDataV3 {
 impl QuoteSignatureDataV3 {
     /// Parse a QuoteSignatureDataV3 from a byte slice.
     pub fn from_bytes(raw_bytes: &[u8]) -> Result<QuoteSignatureDataV3> {
+        let len = raw_bytes.len();
+        if len < 576 {
+            return Err(anyhow!("QuoteSignatureDataV3 data is too short"));
+        }
         let mut isv_enclave_report_signature = [0u8; 64];
         let mut ecdsa_attestation_key = [0u8; 64];
         let mut qe_report_signature = [0u8; 64];
@@ -98,9 +102,9 @@ impl QuoteSignatureDataV3 {
         ecdsa_attestation_key.copy_from_slice(&raw_bytes[64..128]);
         let qe_report = EnclaveReport::from_bytes(&raw_bytes[128..512])?;
         qe_report_signature.copy_from_slice(&raw_bytes[512..576]);
-        let qe_auth_data = QeAuthData::from_bytes(&raw_bytes[576..]);
+        let qe_auth_data = QeAuthData::from_bytes(&raw_bytes[576..])?;
         let qe_cert_data_start = 576 + 2 + qe_auth_data.size as usize;
-        let qe_cert_data = CertData::from_bytes(&raw_bytes[qe_cert_data_start..]);
+        let qe_cert_data = CertData::from_bytes(&raw_bytes[qe_cert_data_start..])?;
 
         Ok(QuoteSignatureDataV3 {
             isv_enclave_report_signature,

crates/types/src/quotes/version_4.rs

@@ -19,7 +19,7 @@ pub struct QuoteV4 {
 impl QuoteV4 {
     /// Parse a byte slice into a `QuoteV4` structure.
     pub fn from_bytes(raw_bytes: &[u8]) -> Result<Self> {
-        let header = QuoteHeader::from_bytes(&raw_bytes[0..48]);
+        let header = QuoteHeader::from_bytes(&raw_bytes[0..48])?;
         let quote_body;
         let mut offset: usize = 48;
         match header.tee_type {
@@ -45,7 +45,7 @@ impl QuoteV4 {
         ]);
         offset += 4;
         let signature_slice = &raw_bytes[offset..offset + signature_len as usize];
-        let signature = QuoteSignatureDataV4::from_bytes(signature_slice);
+        let signature = QuoteSignatureDataV4::from_bytes(signature_slice)?;
 
         Ok(QuoteV4 {
             header,
@@ -69,17 +69,20 @@ pub struct QuoteSignatureDataV4 {
 
 impl QuoteSignatureDataV4 {
     /// Parse a byte slice into a `QuoteSignatureDataV4` structure.
-    pub fn from_bytes(raw_bytes: &[u8]) -> Self {
+    pub fn from_bytes(raw_bytes: &[u8]) -> Result<Self> {
+        if raw_bytes.len() < 128 {
+            bail!("Invalid QuoteSignatureDataV4 length");
+        }
         let mut quote_signature = [0; 64];
         quote_signature.copy_from_slice(&raw_bytes[0..64]);
         let mut ecdsa_attestation_key = [0; 64];
         ecdsa_attestation_key.copy_from_slice(&raw_bytes[64..128]);
-        let qe_cert_data = CertData::from_bytes(&raw_bytes[128..]);
+        let qe_cert_data = CertData::from_bytes(&raw_bytes[128..])?;
 
-        QuoteSignatureDataV4 {
+        Ok(QuoteSignatureDataV4 {
             quote_signature,
             ecdsa_attestation_key,
             qe_cert_data,
-        }
+        })
     }
 }

zkvm/risc0/artifacts/dcap-quote-verifier

@@ -1,4 +1,4 @@
 
-pub const DCAP_QUOTE_VERIFIER_ID: [u32; 8] = [4177890098, 1594649521, 2731694718, 760219322, 4165064678, 1942223903, 544906612, 2339054483];
-pub const DCAP_QUOTE_VERIFIER_ID_STR: &str = "328b05f9b16b0c5f7e5ad2a2ba06502de6d741f81ffcc373749d7a2093236b8b";
+pub const DCAP_QUOTE_VERIFIER_ID: [u32; 8] = [2407165753, 4083403065, 2399565761, 3167504320, 3563296222, 3022216826, 1356608703, 705428914];
+pub const DCAP_QUOTE_VERIFIER_ID_STR: &str = "396f7a8f39c963f3c177068fc047ccbcde9563d47a5e23b4bf34dc50b2fd0b2a";
 pub const DCAP_QUOTE_VERIFIER_ELF: &[u8] = include_bytes!("../artifacts/dcap-quote-verifier");