Updating the return code for windows in case curl errors out and addi…

…ng test cases for the same. (#159)

* Updating the return code for windows in case curl errors out and adding test cases for the same.

* Resolving comments from last iteration.

* Running root command for initial setup of oeapkman tests before sample tests run.

* updating return code range mapping between http return code and Azure Dcap.

.jenkins/Jenkinsfile

@@ -120,6 +120,7 @@ def ACCTestOeRelease(String label, String version) {
                         sudo dpkg -i ${WORKSPACE}/src/az-dcap-client_*_amd64.deb
                         sudo apt-get update
                         sudo apt-get install -y open-enclave
+                        /opt/openenclave/bin/oeapkman root
                         . /opt/openenclave/share/openenclave/openenclaverc
                         cp -r /opt/openenclave/share/openenclave/samples/ ~/samples
                         for DIR in \$(find ~/samples/* -maxdepth 0 -type d); do
@@ -135,7 +136,7 @@ def ACCTestOeRelease(String label, String version) {
                 else
                 {
                     dcap.ContainerRun("${DOCKER_REGISTRY}/dcapdockerciregistry-ubuntu${version}:latest", "clang-10", task, "--cap-add=SYS_PTRACE --device /dev/sgx:/dev/sgx --volume /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket")
-                } 			
+                }
 			}
         }
     }

.jenkins/JenkinsfileTestLinuxRelease

@@ -87,6 +87,7 @@ def ACCTestOeRelease(String label, String version) {
                     sudo apt-get upgrade -y az-dcap-client
                     sudo apt-get update
                     sudo apt-get install -y open-enclave
+                    /opt/openenclave/bin/oeapkman root
                     . /opt/openenclave/share/openenclave/openenclaverc
                     cp -r /opt/openenclave/share/openenclave/samples/ ~/samples
                     for DIR in \$(find ~/samples/* -maxdepth 0 -type d); do

src/UnitTest/test_quote_prov.cpp

@@ -114,6 +114,9 @@ const uint16_t custom_param_length = 45;
 const char *custom_param = "tcbEvaluationDataNumber=11;region=us central";
 std::string tcbEvaluationDataNumber = "11";
 
+const uint16_t incorrect_custom_param_length = 24;
+const char* incorrect_custom_param = "tcbEvaluationDataNum=11";
+
 // Test input (choose an arbitrary Azure server)
 static uint8_t qe_id[16] = {
     0x00,
@@ -598,6 +601,25 @@ static void GetVerificationCollateralTestWithParams()
     VerifyCollateral(collateral);
 }
 
+//
+// Validates the return code if curl request to the THIM service failed.
+//
+static void GetVerificationCollateralTestWithIncorrectParams()
+{
+    // Test input (choose an arbitrary Azure server)
+
+    sgx_ql_qve_collateral_t* collateral = nullptr;
+    nlohmann::json json_body;
+    quote3_error_t result = sgx_ql_get_quote_verification_collateral_with_params(
+            TEST_FMSPC,
+            sizeof(TEST_FMSPC),
+            "processor",
+            incorrect_custom_param,
+            incorrect_custom_param_length,
+            &collateral);
+    ASSERT_TRUE(SGX_QL_NO_QUOTE_COLLATERAL_DATA == result);
+}
+
 //
 // Fetches and validates verification APIs of QPL
 //
@@ -645,6 +667,22 @@ static void GetVerificationCollateralTestICXV3WithParams()
     VerifyCollateral(collateral);
 }
 
+//
+// Validates the return code if curl request to the THIM service failed.
+//
+static void GetVerificationCollateralTestICXV3WithIncorrectParams()
+{
+    sgx_ql_qve_collateral_t* collateral = nullptr;
+    quote3_error_t result = sgx_ql_get_quote_verification_collateral_with_params(
+            ICX_TEST_FMSPC,
+            sizeof(ICX_TEST_FMSPC),
+            "platform",
+            incorrect_custom_param,
+            incorrect_custom_param_length,
+            &collateral);
+    ASSERT_TRUE(SGX_QL_NO_QUOTE_COLLATERAL_DATA == result);
+}
+
 static boolean GetQveIdentityTest()
 {
     boolean TEST_SUCCESS = false;
@@ -1153,6 +1191,7 @@ TEST(testQuoteProv, quoteProviderTestsV2DataFromService)
     SetupEnvironment("v2");
     SetupEnvironmentToReachSecondary();
     ASSERT_TRUE(RunQuoteProviderTests());
+    ASSERT_TRUE(RunQuoteProviderTestsWithCustomParams());
     ASSERT_TRUE(GetQveIdentityTest());
 
 #if defined __LINUX__
@@ -1172,6 +1211,7 @@ TEST(testQuoteProv, quoteProviderTestsV2Data)
     //
     SetupEnvironment("v2");
     ASSERT_TRUE(RunQuoteProviderTests());
+    ASSERT_TRUE(RunQuoteProviderTestsWithCustomParams());
     ASSERT_TRUE(GetQveIdentityTest());
 
 #if defined __LINUX__
@@ -1224,6 +1264,25 @@ TEST(testQuoteProv, quoteProviderTestsV3Data)
 #endif
 }
 
+TEST(testQuoteProv, quoteProviderTestsWithIncorrectCustomParam)
+{
+    libary_type_t library = LoadFunctions();
+    ASSERT_TRUE(SGX_PLAT_ERROR_OK == sgx_ql_set_logging_function(Log));
+
+    //
+    // Get the data from the service
+    //
+    SetupEnvironment("v2");
+    GetVerificationCollateralTestWithIncorrectParams();
+    SetupEnvironment("v3");
+    GetVerificationCollateralTestICXV3WithIncorrectParams();
+
+#if defined __LINUX__
+    dlclose(library);
+#else
+    FreeLibrary(library);
+#endif
+}
 TEST(testQuoteProv, testWithoutLogging)
 {
     libary_type_t library = LoadFunctions();

src/Windows/curl_easy.cpp

@@ -309,8 +309,7 @@ void curl_easy::perform() const
         }
 
         DWORD response_code = get_response_code();
-        if (response_code >= HTTP_STATUS_BAD_REQUEST &&
-            response_code <= HTTP_STATUS_SERVER_ERROR)
+        if (response_code >= HTTP_STATUS_BAD_REQUEST)
         {
             log(SGX_QL_LOG_INFO,
                 "HTTP Error (%d) on curl->perform() request",

src/dcap_provider.cpp

@@ -1255,9 +1255,15 @@ static quote3_error_t get_collateral(
             "curl error thrown, error code: %x: %s",
             error.code,
             error.what());
-        return error.code == CURLE_HTTP_RETURNED_ERROR
+        #ifdef __LINUX__
+            return error.code == CURLE_HTTP_RETURNED_ERROR
+                   ? SGX_QL_NO_QUOTE_COLLATERAL_DATA
+                   : SGX_QL_NETWORK_ERROR;
+        #else
+            return error.code == WINHTTP_ERROR_BASE
                    ? SGX_QL_NO_QUOTE_COLLATERAL_DATA
                    : SGX_QL_NETWORK_ERROR;
+        #endif
     }
 }