rillian
commented
1 year ago As far as enforcement goes, there doesn't seem to be a check on the individual field lengths, but this module, the python version, and the /dev/nsm kernel driver all impose an overall 4k limit on requests and 12k on responses. This seems consistent with the larger sizes for the optional fields in an attestation request.
docs/attestation_process.mdis inconsistent about the size of the optionalprivate_key,user_data, andnoncefields. The Attribution Document Specification gives a range of 0..1024 bytes for each field, in agreement with this doc page. But later on, the "Check Content" section of Syntactic Validation gives 1..1024 forpublic_keyand 0..512 foruser_dataandnonce.Can we clarify with values are correct?