ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2024-12-20 05:28:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

AKPublic.VerifyAll: Additionally validate input parameters (#263)

Browse Source
This commit is contained in:
Tom D 2022-01-31 09:32:19 -08:00 committed by GitHub
parent 82f2c9c2c7
commit 277c40ca1d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
attest/attest.go
View File

@ -325,7 +325,17 @@ func (a *AKPublic) Verify(quote Quote, pcrs []PCR, nonce []byte) error {
// VerifyAll uses multiple quotes to verify the authenticity of all PCR // VerifyAll uses multiple quotes to verify the authenticity of all PCR
// measurements. See documentation on Verify() for semantics. // measurements. See documentation on Verify() for semantics.
//
// An error is returned if any PCRs provided were not covered by a quote,
// or if no quote/nonce was provided.
func (a *AKPublic) VerifyAll(quotes []Quote, pcrs []PCR, nonce []byte) error { func (a *AKPublic) VerifyAll(quotes []Quote, pcrs []PCR, nonce []byte) error {
if len(quotes) == 0 {
return errors.New("no quotes were provided")
}
if len(nonce) == 0 {
return errors.New("no nonce was provided")
}
for i, quote := range quotes { for i, quote := range quotes {
if err := a.Verify(quote, pcrs, nonce); err != nil { if err := a.Verify(quote, pcrs, nonce); err != nil {
return fmt.Errorf("quote %d: %v", i, err) return fmt.Errorf("quote %d: %v", i, err)