Closed msanft closed 1 year ago
Thanks for the report and fix!
No fixed schedule. I've cut v0.7.1 for you.
On Thu, Aug 31, 2023 at 10:59 PM Moritz Sanft @.***> wrote:
Hey @deeglaze https://github.com/deeglaze, thank you so much for the quick approval. Is there a fixed schedule for releases? If not, is there any chance you could trigger a new release soon?
— Reply to this email directly, view it on GitHub https://github.com/google/go-sev-guest/pull/73#issuecomment-1702209138, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAFL4HCQLFXW7GVN4CUE4MDXYF2TXANCNFSM6AAAAAA4F5ATGY . You are receiving this because you were mentioned.Message ID: @.***>
Proposed Change
Use the ReportedTCB when querying the AMD KDS for the VCEK certificate, as per the specification:
Additional Info
I've added no tests regarding this, since I don't know how a test could look like without adding additional testdata. If you are fine with adding additional testdata, I can add a test for the case of an report with mismatching
CurrentTCB
andReportedTCB
, which should trigger the bug from the issue mentioned below.This fixes #72