-
Notifications
You must be signed in to change notification settings - Fork 180
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[tests] Fix signature length calculation in sgx_sign tests #1864
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 1 of 1 files at r1, all commit messages.
Reviewable status: all files reviewed, all discussions resolved, not enough approvals from maintainers (1 more required)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 1 of 1 files at r1, all commit messages.
Reviewable status: all files reviewed, 2 unresolved discussions, not enough approvals from maintainers (1 more required) (waiting on @mkow)
-- commits
line 5 at r1:
What's the problem of a signature starting with a zero byte?
tests/test_sgx_sign.py
line 47 at r1 (raw file):
assert numbers.e == exponent assert numbers.n == modulus signature_bytes = signature.to_bytes((modulus.bit_length() + 7) // 8, byteorder='big')
I don't understand this change. Could you explain a bit? Why signature
length is wrong here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewable status: all files reviewed, 2 unresolved discussions, not enough approvals from maintainers (1 more required) (waiting on @dimakuv)
Previously, dimakuv (Dmitrii Kuvaiskii) wrote…
What's the problem of a signature starting with a zero byte?
See below.
tests/test_sgx_sign.py
line 47 at r1 (raw file):
Previously, dimakuv (Dmitrii Kuvaiskii) wrote…
I don't understand this change. Could you explain a bit? Why
signature
length is wrong here?
public_key.verify()
expects a specific byte sequence as a correct signature, not a number (and that's also what the original signing function returns, but our wrapper converts it to a number, because that's needed for SGX stuff: https://github.com/gramineproject/gramine/blob/master/python/graminelibos/sgx_sign.py#L666). Here we're trying to convert it back, but incorrectly.
The problem here is that this "serialization" here produces different lengths depending on the signature. If it happens to start with 0x00, then the resulting bytes
array is shorter than expected and the verification fails. Example: with the SGX signing parameters the key signature should always have 384 bytes (3072/8), regardless of it's specific value.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewable status: complete! all files reviewed, all discussions resolved
Incorrect signature length calculation could cause InvalidSignature exception if the signature happened to start with a 0x00 byte, resulting in random CI failures. Signed-off-by: Michał Kowalczyk <mkow@invisiblethingslab.com>
dcf60c5
to
bf46ba3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 1 of 1 files at r1.
Reviewable status: complete! all files reviewed, all discussions resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 1 of 1 files at r1, all commit messages.
Reviewable status: complete! all files reviewed, all discussions resolved
Description of the changes
Incorrect signature length calculation could cause an
InvalidSignature
exception if the signature happened to start with a 0x00 byte, resulting in random CI failures.Fixes #1689.
How to test this PR?
Run
while true; python3 -m pytest -v -k 'test_sign_from_pem_path' tests/; or break; end
in Gramine root and wait. Without this PR it fails after ~64 loop iterations with:This change is