From bfabdb64ab0bae42668676179f284614b1af8368 Mon Sep 17 00:00:00 2001
From: jmxnzo <jakob.lammering@ruhr-uni-bochum.de>
Date: Thu, 19 Dec 2024 17:35:01 +0100
Subject: [PATCH] attestation.snp: reflect dependency of validators on
 productLine in verify.Options

---
 internal/manifest/manifest.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/internal/manifest/manifest.go b/internal/manifest/manifest.go
index 06b5f6280..81f7cb32c 100644
--- a/internal/manifest/manifest.go
+++ b/internal/manifest/manifest.go
@@ -214,6 +214,11 @@ func (m *Manifest) SNPValidateOpts(kdsGetter trust.HTTPSGetter) ([]ValidatorOpti
 		}
 
 		verifyOpts := verify.DefaultOptions()
+		// Setting the productLine explicitly, because of full dependence of trustedMeasurements and derivation of trustedRoots on productLine.
+		verifyOpts.Product, err = kds.ParseProductLine(string(refVal.ProductName))
+		if err != nil {
+			return nil, fmt.Errorf("SNP reference values: %w", err)
+		}
 		verifyOpts.TrustedRoots, err = trustedRoots(refVal.ProductName)
 		if err != nil {
 			return nil, fmt.Errorf("determine trusted roots: %w", err)