Skip to content

Commit

Permalink
Fix Intel EK certificate URLs on Linux
Browse files Browse the repository at this point in the history
  • Loading branch information
@hslatman @brandonweeks
hslatman authored and brandonweeks committed Sep 8, 2023
1 parent 42c11fc commit 365c7b5
Showing 1 changed file with 16 additions and 5 deletions.
21 changes: 16 additions & 5 deletions attest/wrapped_tpm20.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -212,13 +212,24 @@ func (t *wrappedTPM20) eks() ([]EK, error) {
if pub.RSAParameters == nil {
return nil, errors.New("ECC EK not yet supported")
}

i, err := t.info()
if err != nil {
return nil, fmt.Errorf("Retrieving TPM info failed: %v", err)
}
ekPub := &rsa.PublicKey{
E: int(pub.RSAParameters.Exponent()),
N: pub.RSAParameters.Modulus(),
}
var certificateURL string
if i.Manufacturer.String() == manufacturerIntel {
certificateURL = intelEKURL(ekPub)
}
return []EK{
{
Public: &rsa.PublicKey{
E: int(pub.RSAParameters.Exponent()),
N: pub.RSAParameters.Modulus(),
},
handle: commonRSAEkEquivalentHandle,
Public: ekPub,
CertificateURL: certificateURL,
handle: commonRSAEkEquivalentHandle,
},
}, nil
}
Expand Down

0 comments on commit 365c7b5

Please sign in to comment.