Closed imlk0 closed 1 year ago
https://github.com/CCC-Attestation/interoperable-ra-tls/blob/a2c2323377007aa27b5ceb453a741a860e0245a0/docs/Interoperable%20Attested%20TLS%5CInteroperable-RA-TLS-SGX-TDX-evidence-formats.md?plain=1#L43
In my understanding, the array in Endorsement Data Format and its mapping to fields in sgx_ql_qve_collateral_t are as follows:
CBOR array -> [ 0: CBOR uint (<VERSION-as-integer> -- equals to collateral.version), 1: CBOR bstr (<TCB_INFO> -- equals to collateral.tcb_info) 2: CBOR bstr (<TCB_ISSUER_CHAIN> -- equals to collateral.tcb_info_issuer_chain) 3: CBOR bstr (<CRL_PCK_CERT> -- equals to collateral.pck_crl) 4: CBOR bstr (<CRL_PCK_PROC_CA> -- equals to collateral.root_ca_crl) 5: CBOR bstr (<CRL_ISSUER_CHAIN_PCK_CERT> -- equals to collateral.pck_crl_issuer_chain) 6: CBOR bstr (<QE_ID_INFO> -- equals to collateral.qe_identity) 7: CBOR bstr (<QE_ID_ISSUER_CHAIN> -- equals to collateral.qe_identity_issuer_chain) 8: CBOR bstr (<CREATION_DATETIME>, opt -- the time when collateral is generated) ]
Is there any mistake here?
In addition, since collateral.version is uint32_t, I suggest clearly defining <VERSION-as-integer> as a CBOR 32 bit width unsigned integer.
collateral.version
uint32_t
<VERSION-as-integer>
Let's make the first entry an unsigned integer, as CBOR does not have a specific 32-bit uint type. Commit 5bc013a contains the edit for this change.
https://github.com/CCC-Attestation/interoperable-ra-tls/blob/a2c2323377007aa27b5ceb453a741a860e0245a0/docs/Interoperable%20Attested%20TLS%5CInteroperable-RA-TLS-SGX-TDX-evidence-formats.md?plain=1#L43
In my understanding, the array in Endorsement Data Format and its mapping to fields in sgx_ql_qve_collateral_t are as follows:
Is there any mistake here?
In addition, since
collateral.version
isuint32_t
, I suggest clearly defining<VERSION-as-integer>
as a CBOR 32 bit width unsigned integer.