Summary

The current Intel EK certificate parser uses a hard-coded pointer offset with a typo that changes the offset length. Despite this, the integration test currently passes, seemingly due to accidental alignment rather than correct parsing.

Details

The pointer is currently advanced by the length of certficate\" : (note the missing 'i' in "certificate"). See the code quoted the previous section.

This offset length differs from what the code intends (a JSON prefix based on "certificate"). Nevertheless, the integration test passes today, apparently due to coincidence (i.e., the incorrect offset happens to land at a workable position).

Why this matters

• The parsing is fragile and appears to rely on undefined/accidental behavior.
• Fixing the typo to the "correct" string changes behavior and causes the integration test to fail, indicating the parsing is not robust and likely not actually parsing the intended structure.
• Depending on response formatting (whitespace/newlines) or service changes, this could break unexpectedly.

Suggested fix

• Stop using hard-coded strlen()-based pointer offsets.
• Parse a JSON response explicitly, and extract the certificate payload using proper delimiters:
  • JSON: locate the "certificate" field and parse the value without fixed offsets
• Add NULL checks/error handling when expected fields are missing.