Skip to content

Commit

Permalink
refactor(sev): cleanup SNP-SEV product type identifier
Browse files Browse the repository at this point in the history
  • Loading branch information
@natesales
natesales committed Jan 27, 2025
1 parent 2e70f76 commit 3f26c12
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 6 deletions.
11 changes: 7 additions & 4 deletions pkg/attestation/sev.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,9 @@ import (
"fmt"

"github.com/google/go-sev-guest/abi"
sevpb "github.com/google/go-sev-guest/proto/sevsnp"
"github.com/google/go-sev-guest/verify"
"google.golang.org/protobuf/types/known/wrapperspb"

"github.com/tinfoilanalytics/verifier/pkg/util"
)
Expand All @@ -19,10 +21,11 @@ func verifySevAttestation(attestationDoc string) (*Measurement, []byte, error) {

opts := verify.DefaultOptions()
opts.Getter = util.NewFetcher()
familyID := uint32(0x19) // zen3zen4Family
model := uint32((1 << 4) | 1) // genoaModel = 0x11
cpuID := abi.FmsToCpuid1Eax(byte(familyID), byte(model), 0) & abi.CpuidProductMask
opts.Product = abi.SevProductFromCpuid1Eax(cpuID)
opts.Product = &sevpb.SevProduct{
Name: sevpb.SevProduct_SEV_PRODUCT_GENOA,
MachineStepping: &wrapperspb.UInt32Value{Value: uint32(0)},
}

if err := verify.RawSnpReport(attDocBytes, opts); err != nil {
return nil, nil, err
}
Expand Down
6 changes: 4 additions & 2 deletions pkg/attestation/sev_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,10 @@ import (
)

func TestSevVerify(t *testing.T) {
att := `{"format":"https://tinfoil.sh/predicate/snp-sev-guest/v1","body":"AgAAAAAAAAAAAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAEAAAAHAAAAAAAOSAEAAAAAAAAAAAAAAAAAAAA2NTA4M2U1OTA0YzAyNzNiNjQ0YWQ5MGU1MWUxMmE4ZDc2ZmUwN2YyYWI4YWIxNGQ3NjAxMWIzZTljN2RjYWE3/xjwoozRULthI6omat8HtO2sit6UIIXxtSg9N3UO6SSsFhmcK/7H1Cpqs5ZDVGhfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdBxIi99geB/i1RZESMaqxQ16ZvxamaRZFtfTvS1Lxyv//////////////////////////////////////////BwAAAAAADkgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyerBPBb0BVIg1GpCjfyjOa7GVEfbmBlI2UlOv2mBy2PUlhAoxzCPRyGlUox+FWyw/5T1fgVISjEAzuoWzsKeXBwAAAAAADkgVNwEAFTcBAAcAAAAAAA5IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhZYloXhwZZb828qeGleqZN4eGkiOvEyJUM482aIEIgityc5bRqJSr6aRTOBRL4AuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMXv4mBcfDUnlLzSpArjSFiBY/exLh+FuPJ5LI5ieVp6eGvUCXEZ5maXMpMck33YMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}`

att := `{
"format":"https://tinfoil.sh/predicate/snp-sev-guest/v1",
"body":"AgAAAAAAAAAAAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAEAAAAHAAAAAAAOSAEAAAAAAAAAAAAAAAAAAAA2NTA4M2U1OTA0YzAyNzNiNjQ0YWQ5MGU1MWUxMmE4ZDc2ZmUwN2YyYWI4YWIxNGQ3NjAxMWIzZTljN2RjYWE3/xjwoozRULthI6omat8HtO2sit6UIIXxtSg9N3UO6SSsFhmcK/7H1Cpqs5ZDVGhfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdBxIi99geB/i1RZESMaqxQ16ZvxamaRZFtfTvS1Lxyv//////////////////////////////////////////BwAAAAAADkgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyerBPBb0BVIg1GpCjfyjOa7GVEfbmBlI2UlOv2mBy2PUlhAoxzCPRyGlUox+FWyw/5T1fgVISjEAzuoWzsKeXBwAAAAAADkgVNwEAFTcBAAcAAAAAAA5IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhZYloXhwZZb828qeGleqZN4eGkiOvEyJUM482aIEIgityc5bRqJSr6aRTOBRL4AuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMXv4mBcfDUnlLzSpArjSFiBY/exLh+FuPJ5LI5ieVp6eGvUCXEZ5maXMpMck33YMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="
}`
measurements, certFP, err := VerifyAttestationJSON([]byte(att))
assert.Nil(t, err)

Expand Down

0 comments on commit 3f26c12

Please sign in to comment.