Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check application configuration hash when requesting application configuration #11

Merged
merged 15 commits into from
Nov 29, 2024
Merged

Check application configuration hash when requesting application configuration #11

merged 15 commits into from
Nov 29, 2024

Conversation

nshyrei
Copy link
Contributor

@nshyrei nshyrei commented Sep 3, 2024
edited
Loading

This PR returns back functionality to check if the application configuration struct from CCM is indeed the one that we expect to see when starting a user application inside Salmiac. The verification process involves comparing the SHA256 hash value of the application configuration structure with the SHA256 hash value passed by the user through ENCLAVEOS_APPCONFIG_ID or APPCONFIG_ID env var when starting Salmiac itself.

This hash check prevents malicious application configurations from being used when running a user application. Failure to pass the hash check results in no user application being run and Salmiac exiting with error code -1

@nshyrei nshyrei added the enhancement New feature or request label Sep 3, 2024
@nshyrei nshyrei self-assigned this Sep 3, 2024
@nshyrei nshyrei requested a review from raoulstrackx September 6, 2024 10:41
@nshyrei nshyrei requested a review from aditijannu October 11, 2024 14:31
@nshyrei nshyrei requested a review from raoulstrackx October 14, 2024 14:08
@nshyrei nshyrei closed this Nov 28, 2024
@nshyrei nshyrei deleted the ns/RTE-147 branch November 28, 2024 10:11
@nshyrei nshyrei restored the ns/RTE-147 branch November 28, 2024 10:15
@nshyrei nshyrei reopened this Nov 28, 2024
@nshyrei nshyrei requested a review from aditijannu November 28, 2024 14:44
@nshyrei nshyrei requested a review from raoulstrackx November 29, 2024 12:44
@nshyrei nshyrei added this pull request to the merge queue Nov 29, 2024
Merged via the queue into master with commit fee4db7 Nov 29, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@raoulstrackx raoulstrackx raoulstrackx approved these changes

@Taowyoo Taowyoo Awaiting requested review from Taowyoo

@aditijannu aditijannu Awaiting requested review from aditijannu

Assignees

@nshyrei nshyrei

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nshyrei @aditijannu @raoulstrackx