Skip to content

Commit

Permalink
attestation.snp: reflect dependency of validators on productLine in v…
Browse files Browse the repository at this point in the history 
…erify.Options
  • Loading branch information
@jmxnzo
jmxnzo committed Dec 20, 2024
1 parent a026c65 commit bfabdb6
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions internal/manifest/manifest.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -214,6 +214,11 @@ func (m *Manifest) SNPValidateOpts(kdsGetter trust.HTTPSGetter) ([]ValidatorOpti
}

verifyOpts := verify.DefaultOptions()
// Setting the productLine explicitly, because of full dependence of trustedMeasurements and derivation of trustedRoots on productLine.
verifyOpts.Product, err = kds.ParseProductLine(string(refVal.ProductName))
if err != nil {
return nil, fmt.Errorf("SNP reference values: %w", err)
}
verifyOpts.TrustedRoots, err = trustedRoots(refVal.ProductName)
if err != nil {
return nil, fmt.Errorf("determine trusted roots: %w", err)
Expand Down

0 comments on commit bfabdb6

Please sign in to comment.