add DifferentPCR0 logging

Turnalek · Turnalek · commit f304e3d56548 · 2025-07-01T16:21:36.000-07:00
this should be removed later
diff --git a/src/qos_core/src/protocol/services/key.rs b/src/qos_core/src/protocol/services/key.rs
@@ -873,7 +873,7 @@ mod test {
 					&manifest_envelope,
 					&att_doc
 				),
-				Err(ProtocolError::QosAttestError("DifferentPcr0".to_string()))
+				Err(ProtocolError::QosAttestError("DifferentPcr0(\"8080808080808080808080808080808080808080808080808080808080808080\", \"0404040404040404040404040404040404040404040404040404040404040404\")".to_string()))
 			);
 		}
 
diff --git a/src/qos_enclave/src/main.rs b/src/qos_enclave/src/main.rs
@@ -73,8 +73,6 @@ fn boot() -> String {
 	let memory_mib = std::env::var("MEMORY_MIB").unwrap_or("1024".to_string());
 	let cpu_count = std::env::var("CPU_COUNT").unwrap_or("2".to_string());
 	let debug_mode = std::env::var("DEBUG").unwrap_or("false".to_string());
-	let attach_console =
-		std::env::var("ATTACH_CONSOLE").unwrap_or("false".to_string());
 	let enclave_name =
 		std::env::var("ENCLAVE_NAME").unwrap_or("nitro".to_string());
 	let run_args = RunEnclavesArgs {
@@ -83,7 +81,7 @@ fn boot() -> String {
 		memory_mib: memory_mib.parse::<u64>().unwrap(),
 		cpu_ids: None,
 		debug_mode: debug_mode.parse::<bool>().unwrap(),
-		attach_console: attach_console.parse::<bool>().unwrap(), // TODO: I think we don't want this variable, remove once debug is done
+		attach_console: false,
 		cpu_count: Some(cpu_count.parse::<u32>().unwrap()),
 		enclave_name: Some(enclave_name.clone()),
 	};
diff --git a/src/qos_nsm/src/nitro/error.rs b/src/qos_nsm/src/nitro/error.rs
@@ -55,7 +55,7 @@ pub enum AttestError {
 	/// The attestation doc does not contain a pcr0.
 	MissingPcr0,
 	/// The pcr3 in the attestation doc does not match.
-	DifferentPcr0,
+	DifferentPcr0(String, String), // TODO: DEBUG: ales - remove later
 	/// The attestation doc does not have a pcr1.
 	MissingPcr1,
 	/// The attestation doc has a different pcr1.
diff --git a/src/qos_nsm/src/nitro/mod.rs b/src/qos_nsm/src/nitro/mod.rs
@@ -87,15 +87,17 @@ pub fn verify_attestation_doc_against_user_input(
 		return Err(AttestError::UnexpectedAttestationDocNonce);
 	}
 
-	if pcr0
-		!= attestation_doc
-			.pcrs
-			.get(&0)
-			.ok_or(AttestError::MissingPcr0)?
-			.clone()
-			.into_vec()
-	{
-		return Err(AttestError::DifferentPcr0);
+	let doc_pcr0 = attestation_doc
+		.pcrs
+		.get(&0)
+		.ok_or(AttestError::MissingPcr0)?
+		.clone()
+		.into_vec();
+	if pcr0 != doc_pcr0 {
+		return Err(AttestError::DifferentPcr0(
+			qos_hex::encode(pcr0),
+			qos_hex::encode(&doc_pcr0),
+		));
 	}
 
 	// pcr1 matches
@@ -707,7 +709,7 @@ mod test {
 		.unwrap_err();
 
 		match err {
-			AttestError::DifferentPcr0 => (),
+			AttestError::DifferentPcr0(_, _) => (),
 			_ => panic!(),
 		}
 	}

Original file line number	Diff line number	Diff line change
`@@ -873,7 +873,7 @@ mod test {`
`873`	`873`	`&manifest_envelope,`
`874`	`874`	`&att_doc`
`875`	`875`	`),`
`876`		`- Err(ProtocolError::QosAttestError("DifferentPcr0".to_string()))`
	`876`	`+ Err(ProtocolError::QosAttestError("DifferentPcr0(\"8080808080808080808080808080808080808080808080808080808080808080\", \"0404040404040404040404040404040404040404040404040404040404040404\")".to_string()))`
`877`	`877`	`);`
`878`	`878`	`}`
`879`	`879`