Address review comments.

google · Dec 27, 2023 · 1a97b02 · 1a97b02
1 parent 3b7c3cf
commit 1a97b02
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 5 deletions.
diff --git a/cmd/attest_test.go b/cmd/attest_test.go
@@ -379,7 +379,7 @@ func TestHardwareAttestationPass(t *testing.T) {
 		teetech string
 		wanterr string
 	}{
-		{"TdxPass", "1234", "tdx", "failed to open tdx device"},
+		{"TdxPass", "1234", "tdx", "failed to create tdx quote provider"},
 		{"SevSnpPass", "1234", "sev-snp", "failed to open sev-snp device"},
 	}
 	for _, op := range tests {

diff --git a/cmd/verify_test.go b/cmd/verify_test.go
@@ -123,7 +123,7 @@ func TestHwAttestationPass(t *testing.T) {
 		teetech string
 		wanterr string
 	}{
-		{"TdxPass", "1234", "tdx", "failed to open tdx device"},
+		{"TdxPass", "1234", "tdx", "failed to create tdx quote provider"},
 		{"SevSnpPass", "1234", "sev-snp", "failed to open sev-snp device"},
 	}
 	for _, op := range tests {

diff --git a/server/verify_tdx.go b/server/verify_tdx.go
@@ -17,8 +17,11 @@ func TdxDefaultOptions() *VerifyTdxOpts {
 	}
 }
 
-// VerifyTdxAttestation checks that the TDX attestation quote is valid
-func VerifyTdxAttestation(attestation any, opts *VerifyTdxOpts) error {
+// VerifyTdxAttestation checks that the TDX attestation quote is valid. The TEE-specific attestation
+// quote is extracted from the Attestation protobuf. At a granular level, this quote is fetched via
+// go-tdx-guest's GetQuote client API.
+// Supported quote formats - QuoteV4.
+func VerifyTdxAttestation(tdxAttestationQuote any, opts *VerifyTdxOpts) error {
 	// Check that the quote contains valid signature and certificates. Do not check revocations.
-	return tv.TdxQuote(attestation, opts.Verification)
+	return tv.TdxQuote(tdxAttestationQuote, opts.Verification)
 }