Skip to content

Commit ef433ce

Browse files
achamayoumaxtropets
achamayou
and
maxtropets
authored
Correctly set author_key_digest and report_id fields in js_verify_snp_attestation (#7004)
Co-authored-by: Max <[email protected]>
1 parent dcd75b2 commit ef433ce

File tree

1 file changed

+138
-92
lines changed

1 file changed

+138
-92
lines changed

src/js/extensions/snp_attestation.cpp

Lines changed: 138 additions & 92 deletions
Original file line numberDiff line numberDiff line change
@@ -138,94 +138,126 @@ namespace ccf::js::extensions
138138

139139
JS_CHECK_SET(a.set("policy", std::move(policy)));
140140

141-
auto family_id = jsctx.new_array_buffer_copy(attestation.family_id);
142-
JS_CHECK_EXC(family_id);
143-
JS_CHECK_SET(a.set("family_id", std::move(family_id)));
141+
{
142+
auto family_id = jsctx.new_array_buffer_copy(attestation.family_id);
143+
JS_CHECK_EXC(family_id);
144+
JS_CHECK_SET(a.set("family_id", std::move(family_id)));
145+
}
144146

145-
auto image_id = jsctx.new_array_buffer_copy(attestation.image_id);
146-
JS_CHECK_EXC(image_id);
147-
JS_CHECK_SET(a.set("image_id", std::move(image_id)));
147+
{
148+
auto image_id = jsctx.new_array_buffer_copy(attestation.image_id);
149+
JS_CHECK_EXC(image_id);
150+
JS_CHECK_SET(a.set("image_id", std::move(image_id)));
151+
}
148152

149153
JS_CHECK_SET(a.set_uint32("vmpl", attestation.vmpl));
150154
JS_CHECK_SET(a.set_uint32(
151155
"signature_algo", static_cast<uint32_t>(attestation.signature_algo)));
152156

153-
auto platform_version =
154-
jsctx.wrap(make_js_tcb_version(jsctx, attestation.platform_version));
155-
JS_CHECK_EXC(platform_version);
156-
JS_CHECK_SET(a.set("platform_version", std::move(platform_version)));
157+
{
158+
auto platform_version =
159+
jsctx.wrap(make_js_tcb_version(jsctx, attestation.platform_version));
160+
JS_CHECK_EXC(platform_version);
161+
JS_CHECK_SET(a.set("platform_version", std::move(platform_version)));
162+
}
157163

158-
auto platform_info = jsctx.new_obj();
159-
JS_CHECK_EXC(platform_info);
160-
JS_CHECK_SET(
161-
platform_info.set_uint32("smt_en", attestation.platform_info.smt_en));
162-
JS_CHECK_SET(
163-
platform_info.set_uint32("tsme_en", attestation.platform_info.tsme_en));
164-
JS_CHECK_SET(a.set("plaform_info", std::move(platform_info)));
164+
{
165+
auto platform_info = jsctx.new_obj();
166+
JS_CHECK_EXC(platform_info);
167+
JS_CHECK_SET(
168+
platform_info.set_uint32("smt_en", attestation.platform_info.smt_en));
169+
JS_CHECK_SET(
170+
platform_info.set_uint32("tsme_en", attestation.platform_info.tsme_en));
171+
JS_CHECK_SET(a.set("plaform_info", std::move(platform_info)));
172+
}
165173

166-
auto flags = jsctx.new_obj();
167-
JS_CHECK_EXC(flags);
168-
JS_CHECK_SET(
169-
flags.set_uint32("author_key_en", attestation.flags.author_key_en));
170-
JS_CHECK_SET(
171-
flags.set_uint32("mask_chip_key", attestation.flags.mask_chip_key));
172-
JS_CHECK_SET(
173-
flags.set_uint32("signing_key", attestation.flags.signing_key));
174-
JS_CHECK_SET(a.set("flags", std::move(flags)));
175-
176-
auto attestation_report_data =
177-
jsctx.new_array_buffer_copy(attestation.report_data);
178-
JS_CHECK_EXC(attestation_report_data);
179-
JS_CHECK_SET(a.set("report_data", std::move(attestation_report_data)));
180-
181-
auto attestation_measurement =
182-
jsctx.new_array_buffer_copy(attestation.measurement);
183-
JS_CHECK_EXC(attestation_measurement);
184-
JS_CHECK_SET(a.set("measurement", std::move(attestation_measurement)));
185-
186-
auto attestation_host_data =
187-
jsctx.new_array_buffer_copy(attestation.host_data);
188-
JS_CHECK_EXC(attestation_host_data);
189-
JS_CHECK_SET(a.set("host_data", std::move(attestation_host_data)));
190-
191-
auto attestation_id_key_digest =
192-
jsctx.new_array_buffer_copy(attestation.id_key_digest);
193-
JS_CHECK_EXC(attestation_id_key_digest);
194-
JS_CHECK_SET(a.set("id_key_digest", std::move(attestation_id_key_digest)));
195-
196-
auto attestation_author_key_digest =
197-
jsctx.new_array_buffer_copy(attestation.author_key_digest);
198-
JS_CHECK_EXC(attestation_author_key_digest);
199-
JS_CHECK_SET(
200-
a.set("author_key_digest", std::move(attestation_id_key_digest)));
174+
{
175+
auto flags = jsctx.new_obj();
176+
JS_CHECK_EXC(flags);
177+
JS_CHECK_SET(
178+
flags.set_uint32("author_key_en", attestation.flags.author_key_en));
179+
JS_CHECK_SET(
180+
flags.set_uint32("mask_chip_key", attestation.flags.mask_chip_key));
181+
JS_CHECK_SET(
182+
flags.set_uint32("signing_key", attestation.flags.signing_key));
183+
JS_CHECK_SET(a.set("flags", std::move(flags)));
184+
}
201185

202-
auto attestation_report_id =
203-
jsctx.new_array_buffer_copy(attestation.report_id);
204-
JS_CHECK_EXC(attestation_report_id);
205-
JS_CHECK_SET(a.set("report_id", std::move(attestation_id_key_digest)));
186+
{
187+
auto attestation_report_data =
188+
jsctx.new_array_buffer_copy(attestation.report_data);
189+
JS_CHECK_EXC(attestation_report_data);
190+
JS_CHECK_SET(a.set("report_data", std::move(attestation_report_data)));
191+
}
206192

207-
auto attestation_report_id_ma =
208-
jsctx.new_array_buffer_copy(attestation.report_id_ma);
209-
JS_CHECK_EXC(attestation_report_id_ma);
210-
JS_CHECK_SET(a.set("report_id_ma", std::move(attestation_report_id_ma)));
193+
{
194+
auto attestation_measurement =
195+
jsctx.new_array_buffer_copy(attestation.measurement);
196+
JS_CHECK_EXC(attestation_measurement);
197+
JS_CHECK_SET(a.set("measurement", std::move(attestation_measurement)));
198+
}
211199

212-
auto reported_tcb =
213-
jsctx.wrap(make_js_tcb_version(jsctx, attestation.reported_tcb));
214-
JS_CHECK_EXC(reported_tcb);
215-
JS_CHECK_SET(a.set("reported_tcb", std::move(reported_tcb)));
200+
{
201+
auto attestation_host_data =
202+
jsctx.new_array_buffer_copy(attestation.host_data);
203+
JS_CHECK_EXC(attestation_host_data);
204+
JS_CHECK_SET(a.set("host_data", std::move(attestation_host_data)));
205+
}
206+
207+
{
208+
auto attestation_id_key_digest =
209+
jsctx.new_array_buffer_copy(attestation.id_key_digest);
210+
JS_CHECK_EXC(attestation_id_key_digest);
211+
JS_CHECK_SET(
212+
a.set("id_key_digest", std::move(attestation_id_key_digest)));
213+
}
214+
215+
{
216+
auto attestation_author_key_digest =
217+
jsctx.new_array_buffer_copy(attestation.author_key_digest);
218+
JS_CHECK_EXC(attestation_author_key_digest);
219+
JS_CHECK_SET(
220+
a.set("author_key_digest", std::move(attestation_author_key_digest)));
221+
}
222+
223+
{
224+
auto attestation_report_id =
225+
jsctx.new_array_buffer_copy(attestation.report_id);
226+
JS_CHECK_EXC(attestation_report_id);
227+
JS_CHECK_SET(a.set("report_id", std::move(attestation_report_id)));
228+
}
229+
230+
{
231+
auto attestation_report_id_ma =
232+
jsctx.new_array_buffer_copy(attestation.report_id_ma);
233+
JS_CHECK_EXC(attestation_report_id_ma);
234+
JS_CHECK_SET(a.set("report_id_ma", std::move(attestation_report_id_ma)));
235+
}
236+
237+
{
238+
auto reported_tcb =
239+
jsctx.wrap(make_js_tcb_version(jsctx, attestation.reported_tcb));
240+
JS_CHECK_EXC(reported_tcb);
241+
JS_CHECK_SET(a.set("reported_tcb", std::move(reported_tcb)));
242+
}
216243

217244
JS_CHECK_SET(a.set_uint32("cpuid_fam_id", attestation.cpuid_fam_id));
218245
JS_CHECK_SET(a.set_uint32("cpuid_mod_id", attestation.cpuid_mod_id));
219246
JS_CHECK_SET(a.set_uint32("cpuid_step", attestation.cpuid_step));
220247

221-
auto attestation_chip_id = jsctx.new_array_buffer_copy(attestation.chip_id);
222-
JS_CHECK_EXC(attestation_chip_id);
223-
JS_CHECK_SET(a.set("chip_id", std::move(attestation_chip_id)));
248+
{
249+
auto attestation_chip_id =
250+
jsctx.new_array_buffer_copy(attestation.chip_id);
251+
JS_CHECK_EXC(attestation_chip_id);
252+
JS_CHECK_SET(a.set("chip_id", std::move(attestation_chip_id)));
253+
}
224254

225-
auto committed_tcb =
226-
jsctx.wrap(make_js_tcb_version(jsctx, attestation.committed_tcb));
227-
JS_CHECK_EXC(committed_tcb);
228-
JS_CHECK_SET(a.set("committed_tcb", std::move(committed_tcb)));
255+
{
256+
auto committed_tcb =
257+
jsctx.wrap(make_js_tcb_version(jsctx, attestation.committed_tcb));
258+
JS_CHECK_EXC(committed_tcb);
259+
JS_CHECK_SET(a.set("committed_tcb", std::move(committed_tcb)));
260+
}
229261

230262
JS_CHECK_SET(a.set_uint32("current_minor", attestation.current_minor));
231263
JS_CHECK_SET(a.set_uint32("current_build", attestation.current_build));
@@ -234,21 +266,27 @@ namespace ccf::js::extensions
234266
JS_CHECK_SET(a.set_uint32("committed_minor", attestation.committed_minor));
235267
JS_CHECK_SET(a.set_uint32("committed_major", attestation.committed_major));
236268

237-
auto launch_tcb =
238-
jsctx.wrap(make_js_tcb_version(jsctx, attestation.launch_tcb));
239-
JS_CHECK_EXC(launch_tcb);
240-
JS_CHECK_SET(a.set("launch_tcb", std::move(launch_tcb)));
269+
{
270+
auto launch_tcb =
271+
jsctx.wrap(make_js_tcb_version(jsctx, attestation.launch_tcb));
272+
JS_CHECK_EXC(launch_tcb);
273+
JS_CHECK_SET(a.set("launch_tcb", std::move(launch_tcb)));
274+
}
241275

242276
auto signature = jsctx.new_obj();
243277
JS_CHECK_EXC(signature);
244278

245-
auto signature_r = jsctx.new_array_buffer_copy(attestation.signature.r);
246-
JS_CHECK_EXC(signature_r);
247-
JS_CHECK_SET(signature.set("r", std::move(signature_r)));
279+
{
280+
auto signature_r = jsctx.new_array_buffer_copy(attestation.signature.r);
281+
JS_CHECK_EXC(signature_r);
282+
JS_CHECK_SET(signature.set("r", std::move(signature_r)));
283+
}
248284

249-
auto signature_s = jsctx.new_array_buffer_copy(attestation.signature.s);
250-
JS_CHECK_EXC(signature_s);
251-
JS_CHECK_SET(signature.set("s", std::move(signature_s)));
285+
{
286+
auto signature_s = jsctx.new_array_buffer_copy(attestation.signature.s);
287+
JS_CHECK_EXC(signature_s);
288+
JS_CHECK_SET(signature.set("s", std::move(signature_s)));
289+
}
252290

253291
JS_CHECK_SET(a.set("signature", std::move(signature)));
254292
JS_CHECK_SET(r.set("attestation", std::move(a)));
@@ -258,19 +296,27 @@ namespace ccf::js::extensions
258296
auto u = jsctx.new_obj();
259297
JS_CHECK_EXC(u);
260298

261-
auto did = jsctx.new_string(parsed_uvm_endorsements.value().did.c_str());
262-
JS_CHECK_EXC(did);
263-
JS_CHECK_SET(u.set("did", std::move(did)));
299+
{
300+
auto did =
301+
jsctx.new_string(parsed_uvm_endorsements.value().did.c_str());
302+
JS_CHECK_EXC(did);
303+
JS_CHECK_SET(u.set("did", std::move(did)));
304+
}
264305

265-
auto feed =
266-
jsctx.new_string(parsed_uvm_endorsements.value().feed.c_str());
267-
JS_CHECK_EXC(feed);
268-
JS_CHECK_SET(u.set("feed", std::move(feed)));
306+
{
307+
auto feed =
308+
jsctx.new_string(parsed_uvm_endorsements.value().feed.c_str());
309+
JS_CHECK_EXC(feed);
310+
JS_CHECK_SET(u.set("feed", std::move(feed)));
311+
}
269312

270-
auto svn = jsctx.new_string(parsed_uvm_endorsements.value().svn.c_str());
271-
JS_CHECK_EXC(svn);
272-
JS_CHECK_SET(u.set("svn", std::move(svn)));
273-
JS_CHECK_SET(r.set("uvm_endorsements", std::move(u)));
313+
{
314+
auto svn =
315+
jsctx.new_string(parsed_uvm_endorsements.value().svn.c_str());
316+
JS_CHECK_EXC(svn);
317+
JS_CHECK_SET(u.set("svn", std::move(svn)));
318+
JS_CHECK_SET(r.set("uvm_endorsements", std::move(u)));
319+
}
274320
}
275321

276322
return r.take();

0 commit comments

Comments
 (0)