Dont sign quotes including added OE header

Signed-off-by: Daniel Weiße <[email protected]>
edgelesssys · Sep 2, 2024 · 93a13aa · 93a13aa
1 parent e831965
commit 93a13aa
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/coordinator/clientapi/clientapi.go b/coordinator/clientapi/clientapi.go
@@ -785,12 +785,13 @@ func (a *ClientAPI) verifyAndSignQuote(
 ) (signature []byte, tcbStatus string, err error) {
 	// Add OE quote header if it is not present
 	// e.g. we are dealing with a raw SGX quote generated by Gramine or Occlum
+	oeQuote := quote
 	if util.IsRawSGXQuote(quote) {
-		quote = util.AddOEQuoteHeader(quote)
+		oeQuote = util.AddOEQuoteHeader(quote)
 	}
 
 	// Verify the quote
-	report, err := verify(quote)
+	report, err := verify(oeQuote)
 	if err != nil && !errors.Is(err, attestation.ErrTCBLevelInvalid) {
 		return nil, "", &QuoteVerifyError{err}
 	}