Check the binding of the server certificate with the sgx quote - Githubissues

apache / incubator-teaclave

Apache Teaclave (incubating) is an open source universal secure computing platform, making computation on privacy-sensitive data safe and simple.

https://teaclave.apache.org

Apache License 2.0

765 stars 158 forks source link

Check the binding of the server certificate with the sgx quote #679

Closed henrysun007 closed 1 year ago

henrysun007 commented 1 year ago

The fix is reported from https://github.com/mithril-security/poison-tea.

Description

Fix an attestation bypass attack reported from https://github.com/mithril-security/poison-tea.

Fixes # (issue)

Type of change (select or add applied and delete the others)

[X] Bug fix (non-breaking change which fixes an issue)
[ ] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
[ ] API change with a documentation update
[ ] Additional test coverage
[ ] Code cleanup or just sync with upstream third-party crates

How has this been tested?

Checklist

[X] Fork the repo and create your branch from master.
[ ] If you've added code that should be tested, add tests.
[ ] If you've changed APIs, update the documentation.
[X] Ensure the tests pass (see CI results).
[X] Make sure your code lints/format.