diff --git a/internal/api/attestationconfigapi/cli/e2e/test.sh.in b/internal/api/attestationconfigapi/cli/e2e/test.sh.in index 0663a93b7b2..7e152f13152 100755 --- a/internal/api/attestationconfigapi/cli/e2e/test.sh.in +++ b/internal/api/attestationconfigapi/cli/e2e/test.sh.in @@ -37,13 +37,12 @@ readonly report_path="${tmpdir}/attestationReport.json" readonly older_report_path="${tmpdir}/attestationReportOld.json" if [[ ${attestationVariant} == *-tdx ]]; then - # the high version numbers ensure that it's newer than the current latest value cat << EOF > "${current_report_path}" { "header": { "qe_svn": "AAA=", "pce_svn": "AAA=", - "qe_vendor_id": "k5pyM/ecTKmUCg2zlX8GBw==" + "qe_vendor_id": "KioqKioqKioqKioqKioqKg==" }, "td_quote_body": { "tee_tcb_svn": "AAAAAAAAAAAAAAAAAAAAAA==", @@ -57,11 +56,11 @@ EOF "header": { "qe_svn": "//8=", "pce_svn": "//8=", - "qe_vendor_id": "k5pyM/ecTKmUCg2zlX8GBw==" + "qe_vendor_id": "KioqKioqKioqKioqKioqKg==" }, "td_quote_body": { - "tee_tcb_svn": "BAEHAAAAAAAAAAAAAAAAAA==", - "xfam": "5xgGAAAAAAA=" + "tee_tcb_svn": "/////////////////////w==", + "xfam": "AQIDBAUGBwg=" } } EOF @@ -71,16 +70,15 @@ EOF "header": { "qe_svn": "//8=", "pce_svn": "/v8=", - "qe_vendor_id": "k5pyM/ecTKmUCg2zlX8GBw==" + "qe_vendor_id": "KioqKioqKioqKioqKioqKg==" }, "td_quote_body": { - "tee_tcb_svn": "BAEHAAAAAAAAAAAAAAAAAA==", - "xfam": "5xgGAAAAAAA=" + "tee_tcb_svn": "/////////////////////g==", + "xfam": "AQIDBAUGBwg=" } } EOF elif [[ ${attestationVariant} == *-sev-snp ]]; then - # the high version numbers ensure that it's newer than the current latest value cat << EOF > "${current_report_path}" { "snp_report": { @@ -178,18 +176,32 @@ if ! curl -fsSL "${baseurl}/${date_oldest}.json" > version.json; then echo "Checking for uploaded version file ${basepath}/${date_oldest}.json: request returned ${?}" exit 1 fi -# check that version values are equal to expected -if ! cmp -s <(echo -n '{"bootloader":255,"tee":255,"snp":255,"microcode":254}') version.json; then - echo "The version content:" - cat version.json - echo " is not equal to the expected version content:" - echo '{"bootloader":255,"tee":255,"snp":255,"microcode":254}' - exit 1 + +if [[ ${attestationVariant} == *-tdx ]]; then + # check that version values are equal to expected + if ! cmp -s <(echo -n '{"qeSVN":65535,"pceSVN":65534,"teeTCBSVN":[255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,254],"qeVendorID":[42,42,42,42,42,42,42,42,42,42,42,42,42,42,42,42],"xfam":[1,2,3,4,5,6,7,8]') version.json; then + echo "The version content:" + cat version.json + echo " is not equal to the expected version content:" + echo '{"qeSVN":65535,"pceSVN":65534,"teeTCBSVN":[255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,254],"qeVendorID":[42,42,42,42,42,42,42,42,42,42,42,42,42,42,42,42],"xfam":[1,2,3,4,5,6,7,8]}' + exit 1 + fi +elif [[ ${attestationVariant} == *-sev-snp ]]; then + # check that version values are equal to expected + if ! cmp -s <(echo -n '{"bootloader":255,"tee":255,"snp":255,"microcode":254}') version.json; then + echo "The version content:" + cat version.json + echo " is not equal to the expected version content:" + echo '{"bootloader":255,"tee":255,"snp":255,"microcode":254}' + exit 1 + fi fi + if ! curl -fsSL "${baseurl}/${date_oldest}.json.sig" > /dev/null; then echo "Checking for uploaded version signature file ${basepath}/${date_oldest}.json.sig: request returned ${?}" exit 1 fi + # check list endpoint if ! curl -fsSL "${baseurl}"/list > list.json; then echo "Checking for uploaded list file ${basepath}/list: request returned ${?}"