From 18c2dbdab8888b926302648bc3a04b700d69a59f Mon Sep 17 00:00:00 2001 From: jmxnzo Date: Wed, 18 Dec 2024 15:04:31 +0100 Subject: [PATCH] attestation.snp: set productLine in verifyOpts bcs of reference values dependence --- internal/manifest/manifest.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/internal/manifest/manifest.go b/internal/manifest/manifest.go index 06b5f6280c..81f7cb32c9 100644 --- a/internal/manifest/manifest.go +++ b/internal/manifest/manifest.go @@ -214,6 +214,11 @@ func (m *Manifest) SNPValidateOpts(kdsGetter trust.HTTPSGetter) ([]ValidatorOpti } verifyOpts := verify.DefaultOptions() + // Setting the productLine explicitly, because of full dependence of trustedMeasurements and derivation of trustedRoots on productLine. + verifyOpts.Product, err = kds.ParseProductLine(string(refVal.ProductName)) + if err != nil { + return nil, fmt.Errorf("SNP reference values: %w", err) + } verifyOpts.TrustedRoots, err = trustedRoots(refVal.ProductName) if err != nil { return nil, fmt.Errorf("determine trusted roots: %w", err)