From 8e4a5ce7628a34f39e6ab718562081427e55ae3d Mon Sep 17 00:00:00 2001
From: Tom D <40675700+twitchy-jsonp@users.noreply.github.com>
Date: Thu, 2 May 2019 13:43:50 -0700
Subject: [PATCH] Ignore slightly malformed EKs so attestation can continue.
 (#24)

---
 attest/pcp_windows.go | 2 +-
 attest/tpm_windows.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/attest/pcp_windows.go b/attest/pcp_windows.go
index 6fed3c1..b6c4f35 100644
--- a/attest/pcp_windows.go
+++ b/attest/pcp_windows.go
@@ -206,7 +206,7 @@ func (h *winPCP) EKCerts() ([]*x509.Certificate, error) {
 	var out []*x509.Certificate
 	for _, der := range c {
 		cert, err := x509.ParseCertificate(der)
-		if err != nil {
+		if err != nil && x509.IsFatal(err) {
 			return nil, err
 		}
 		out = append(out, cert)
diff --git a/attest/tpm_windows.go b/attest/tpm_windows.go
index fb6026c..898c4a8 100644
--- a/attest/tpm_windows.go
+++ b/attest/tpm_windows.go
@@ -181,7 +181,7 @@ func (t *TPM) readEKCert12() ([]*x509.Certificate, error) {
 		return nil, err
 	}
 	cert, err := x509.ParseCertificate(ekcert)
-	if err != nil {
+	if err != nil && x509.IsFatal(err) {
 		return nil, err
 	}
 	return []*x509.Certificate{cert}, nil