From 5dfa0520ce98855c39bc7e3521e20f128513e7a7 Mon Sep 17 00:00:00 2001
From: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Date: Fri, 4 Aug 2023 14:26:05 +0200
Subject: [PATCH] attestation: print pcr value of mismatch

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
---
 internal/attestation/vtpm/attestation.go | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/internal/attestation/vtpm/attestation.go b/internal/attestation/vtpm/attestation.go
index 686f2cf81..e689e9c43 100644
--- a/internal/attestation/vtpm/attestation.go
+++ b/internal/attestation/vtpm/attestation.go
@@ -222,9 +222,17 @@ func (v *Validator) Validate(ctx context.Context, attDocRaw []byte, nonce []byte
 	for idx, pcr := range v.expected {
 		if !bytes.Equal(pcr.Expected[:], attDoc.Attestation.Quotes[quoteIdx].Pcrs.Pcrs[idx]) {
 			if pcr.ValidationOpt == measurements.Enforce {
-				return nil, fmt.Errorf("untrusted PCR value at PCR index %d", idx)
+				return nil, fmt.Errorf(
+					"untrusted PCR value %x at index %d",
+					attDoc.Attestation.Quotes[quoteIdx].Pcrs.Pcrs[idx],
+					idx,
+				)
 			}
-			v.log.Warnf("Encountered untrusted PCR value at index %d", idx)
+			v.log.Warnf(
+				"Encountered untrusted PCR value %x at index %d",
+				attDoc.Attestation.Quotes[quoteIdx].Pcrs.Pcrs[idx],
+				idx,
+			)
 		}
 	}