revise enclave parsing and review feedback

Wraith2 · Wraith2 · commit 439c8c0dba51 · 2023-03-11T01:37:52.000Z
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNIPhysicalHandle.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNIPhysicalHandle.cs
@@ -87,12 +87,9 @@ private string GetStackParts()
             // trims off most of the bottom of the stack because when running under xunit there's a lot of spam
             string[] parts = Environment.StackTrace.Split(new string[] { Environment.NewLine }, StringSplitOptions.None);
             List<string> take = new List<string>(7);
-            for (int index = 0; take.Count < 7 && index < parts.Length; index++)
+            for (int index = 3; take.Count < 7 && index < parts.Length; index++)
             {
-                if (index > 2)
-                {
-                    take.Add(parts[index]);
-                }
+                take.Add(parts[index]);
             }
 
             return string.Join(Environment.NewLine, take.ToArray());
diff --git a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/AlwaysEncryptedEnclaveProviderUtils.cs b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/AlwaysEncryptedEnclaveProviderUtils.cs
@@ -18,23 +18,21 @@ public EnclavePublicKey(byte[] payload)
 
     internal class EnclaveDiffieHellmanInfo
     {
-        public int Size { get; private set; }
+        public int Size => sizeof(int) + sizeof(int) + PublicKey?.Length ?? 0 + PublicKeySignature?.Length ?? 0;
 
         public byte[] PublicKey { get; private set; }
 
         public byte[] PublicKeySignature { get; private set; }
 
-        public EnclaveDiffieHellmanInfo(byte[] payload)
+        public EnclaveDiffieHellmanInfo(byte[] payload, int offset)
         {
-            Size = payload.Length;
-
-            int publicKeySize = BitConverter.ToInt32(payload, 0);
-            int publicKeySignatureSize = BitConverter.ToInt32(payload, 4);
+            int publicKeySize = BitConverter.ToInt32(payload, offset + 0);
+            int publicKeySignatureSize = BitConverter.ToInt32(payload, offset + 4);
 
             PublicKey = new byte[publicKeySize];
             PublicKeySignature = new byte[publicKeySignatureSize];
-            Buffer.BlockCopy(payload, 8, PublicKey, 0, publicKeySize);
-            Buffer.BlockCopy(payload, 8 + publicKeySize, PublicKeySignature, 0, publicKeySignatureSize);
+            Buffer.BlockCopy(payload, offset + 8, PublicKey, 0, publicKeySize);
+            Buffer.BlockCopy(payload, offset + 8 + publicKeySize, PublicKeySignature, 0, publicKeySignatureSize);
         }
     }
 
diff --git a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/AzureAttestationBasedEnclaveProvider.cs b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/AzureAttestationBasedEnclaveProvider.cs
@@ -4,6 +4,7 @@
 
 using System;
 using System.Collections.Generic;
+using System.Diagnostics;
 using System.IdentityModel.Tokens.Jwt;
 using System.Runtime.Caching;
 using System.Security.Claims;
@@ -203,9 +204,10 @@ public AzureAttestationInfo(byte[] attestationInfo)
                     SessionId = BitConverter.ToInt64(attestationInfo, offset);
                     offset += sizeof(long);
 
-                    int secureSessionBufferSize = Convert.ToInt32(secureSessionInfoResponseSize) - sizeof(uint);
-                    byte[] secureSessionBuffer = EnclaveHelpers.TakeBytesAndAdvance(attestationInfo, ref offset, secureSessionBufferSize);
-                    EnclaveDHInfo = new EnclaveDiffieHellmanInfo(secureSessionBuffer);
+                    EnclaveDHInfo = new EnclaveDiffieHellmanInfo(attestationInfo, offset);
+                    offset += EnclaveDHInfo.Size;
+
+                    Debug.Assert(offset == attestationInfo.Length);
                 }
                 catch (Exception exception)
                 {
diff --git a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/VirtualSecureModeEnclaveProvider.cs b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/VirtualSecureModeEnclaveProvider.cs
@@ -4,6 +4,8 @@
 
 using System;
 using System.Collections.Generic;
+using System.Diagnostics;
+using System.IdentityModel.Tokens.Jwt;
 using System.IO;
 using System.Net.Http;
 using System.Runtime.Serialization.Json;
@@ -150,11 +152,10 @@ public AttestationInfo(byte[] attestationInfo)
             SessionId = BitConverter.ToInt64(attestationInfo, offset);
             offset += sizeof(long);
 
-            int secureSessionBufferSize = Convert.ToInt32(secureSessionInfoResponseSize) - sizeof(uint);
-            byte[] secureSessionBuffer = EnclaveHelpers.TakeBytesAndAdvance(attestationInfo, ref offset, secureSessionBufferSize);
-
-            EnclaveDHInfo = new EnclaveDiffieHellmanInfo(secureSessionBuffer);
+            EnclaveDHInfo = new EnclaveDiffieHellmanInfo(attestationInfo, offset);
             offset += Convert.ToInt32(EnclaveDHInfo.Size);
+
+            Debug.Assert(offset == attestationInfo.Length);
         }
     }
 

Original file line number	Diff line number	Diff line change
`@@ -87,12 +87,9 @@ private string GetStackParts()`
`87`	`87`	`// trims off most of the bottom of the stack because when running under xunit there's a lot of spam`
`88`	`88`	`string[] parts = Environment.StackTrace.Split(new string[] { Environment.NewLine }, StringSplitOptions.None);`
`89`	`89`	`List<string> take = new List<string>(7);`
`90`		`- for (int index = 0; take.Count < 7 && index < parts.Length; index++)`
	`90`	`+ for (int index = 3; take.Count < 7 && index < parts.Length; index++)`
`91`	`91`	`{`
`92`		`- if (index > 2)`
`93`		`- {`
`94`		`- take.Add(parts[index]);`
`95`		`- }`
	`92`	`+ take.Add(parts[index]);`
`96`	`93`	`}`
`97`	`94`
`98`	`95`	`return string.Join(Environment.NewLine, take.ToArray());`
Original file line number	Diff line number	Diff line change
`@@ -18,23 +18,21 @@ public EnclavePublicKey(byte[] payload)`
`18`	`18`
`19`	`19`	`internal class EnclaveDiffieHellmanInfo`
`20`	`20`	`{`
`21`		`- public int Size { get; private set; }`
	`21`	`+ public int Size => sizeof(int) + sizeof(int) + PublicKey?.Length ?? 0 + PublicKeySignature?.Length ?? 0;`
`22`	`22`
`23`	`23`	`public byte[] PublicKey { get; private set; }`
`24`	`24`
`25`	`25`	`public byte[] PublicKeySignature { get; private set; }`
`26`	`26`
`27`		`- public EnclaveDiffieHellmanInfo(byte[] payload)`
	`27`	`+ public EnclaveDiffieHellmanInfo(byte[] payload, int offset)`
`28`	`28`	`{`
`29`		`- Size = payload.Length;`
`30`		`-`
`31`		`- int publicKeySize = BitConverter.ToInt32(payload, 0);`
`32`		`- int publicKeySignatureSize = BitConverter.ToInt32(payload, 4);`
	`29`	`+ int publicKeySize = BitConverter.ToInt32(payload, offset + 0);`
	`30`	`+ int publicKeySignatureSize = BitConverter.ToInt32(payload, offset + 4);`
`33`	`31`
`34`	`32`	`PublicKey = new byte[publicKeySize];`
`35`	`33`	`PublicKeySignature = new byte[publicKeySignatureSize];`
`36`		`- Buffer.BlockCopy(payload, 8, PublicKey, 0, publicKeySize);`
`37`		`- Buffer.BlockCopy(payload, 8 + publicKeySize, PublicKeySignature, 0, publicKeySignatureSize);`
	`34`	`+ Buffer.BlockCopy(payload, offset + 8, PublicKey, 0, publicKeySize);`
	`35`	`+ Buffer.BlockCopy(payload, offset + 8 + publicKeySize, PublicKeySignature, 0, publicKeySignatureSize);`
`38`	`36`	`}`
`39`	`37`	`}`
`40`	`38`