hyjiang
commented
1 year ago Actually we have fixed certificate order, if you check the detail in quote buffer, you will see the order would always same as you list above. The response from Intel(R) PCS is a little different, intermediate and Root certs are in response header. You can details from PCS official website.
But you will see that TCB info and QE identity don't have leaf cert, and we don't want to use different function to verify the cert chain. In addition, we never guarantee the cert older officially, so the code logic includes some additional logic.
Nirusu
jcape
https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/c057b236790834cf7e547ebf90da91c53c7ed7f9/QuoteVerification/QVL/Src/AttestationLibrary/src/CertVerification/CertificateChain.cpp#L66-L87
Usually, most PEM certificate chains are defined to go:
Even most of the sample files of the attestation app use the same order, with a few exceptions.
My question here is, why is the order indeterministic in the first place? As you can see from the code example above, it makes parsing more annoying.
Can I expect the Trusted Services API to always return a proper chain from Leaf -> Intermediate -> Root CA? Or is the order really "dunno, you need to check"?
And if it really is designed to be non-deterministic, why is that?