cli: fix incorrect actual values for constellation verify on AWS (#2265)

* cli: fix aws pcr index

cli/internal/cmd/BUILD.bazel

@@ -56,6 +56,7 @@ go_library(
         "//internal/atls",
         "//internal/attestation/measurements",
         "//internal/attestation/variant",
+        "//internal/attestation/vtpm",
         "//internal/cloud/cloudprovider",
         "//internal/cloud/gcpshared",
         "//internal/compatibility",
@@ -82,6 +83,7 @@ go_library(
         "@com_github_golang_jwt_jwt_v5//:jwt",
         "@com_github_google_go_sev_guest//abi",
         "@com_github_google_go_sev_guest//kds",
+        "@com_github_google_go_tpm_tools//proto/tpm",
         "@com_github_google_uuid//:uuid",
         "@com_github_mattn_go_isatty//:go-isatty",
         "@com_github_rogpeppe_go_internal//diff",

cli/internal/cmd/verify.go

@@ -22,12 +22,15 @@ import (
 	"strconv"
 	"strings"
 
+	tpmProto "github.com/google/go-tpm-tools/proto/tpm"
+
 	"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
 	"github.com/edgelesssys/constellation/v2/cli/internal/clusterid"
 	"github.com/edgelesssys/constellation/v2/cli/internal/cmd/pathprefix"
 	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/atls"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
+	"github.com/edgelesssys/constellation/v2/internal/attestation/vtpm"
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/edgelesssys/constellation/v2/internal/crypto"
@@ -372,11 +375,19 @@ func (f *attestationDocFormatterImpl) parseCerts(b *strings.Builder, certTypeNam
 }
 
 // parseQuotes parses the base64-encoded quotes and writes their details to the output builder.
-func (f *attestationDocFormatterImpl) parseQuotes(b *strings.Builder, quotes []quote, expectedPCRs measurements.M) error {
+func (f *attestationDocFormatterImpl) parseQuotes(b *strings.Builder, quotes []*tpmProto.Quote, expectedPCRs measurements.M) error {
 	writeIndentfln(b, 1, "Quote:")
 	for pcrNum, expectedPCR := range expectedPCRs {
-		encPCR := quotes[1].Pcrs.Pcrs[fmt.Sprintf("%d", pcrNum)]
+		pcrIdx, err := vtpm.GetSHA256QuoteIndex(quotes)
-		actualPCR, err := base64.StdEncoding.DecodeString(encPCR)
+		if err != nil {
+			return fmt.Errorf("get SHA256 quote index: %w", err)
+		}
+
+		if quotes[pcrIdx] == nil {
+			return fmt.Errorf("quote %d is nil", pcrIdx)
+		}
+
+		actualPCR := quotes[pcrIdx].Pcrs.Pcrs[pcrNum]
 		if err != nil {
 			return fmt.Errorf("decode PCR %d: %w", pcrNum, err)
 		}
@@ -621,24 +632,15 @@ type maaTokenClaims struct {
 // attestationDoc is the attestation document returned by the verifier.
 type attestationDoc struct {
 	Attestation struct {
-		AkPub          string      `json:"ak_pub"`
+		AkPub          string            `json:"ak_pub"`
-		Quotes         []quote     `json:"quotes"`
+		Quotes         []*tpmProto.Quote `json:"quotes"`
-		EventLog       string      `json:"event_log"`
+		EventLog       string            `json:"event_log"`
-		TeeAttestation interface{} `json:"TeeAttestation"`
+		TeeAttestation interface{}       `json:"TeeAttestation"`
 	} `json:"Attestation"`
 	InstanceInfo string `json:"InstanceInfo"`
 	UserData     string `json:"UserData"`
 }
 
-type quote struct {
-	Quote  string `json:"quote"`
-	RawSig string `json:"raw_sig"`
-	Pcrs   struct {
-		Hash int               `json:"hash"`
-		Pcrs map[string]string `json:"pcrs"`
-	} `json:"pcrs"`
-}
-
 // azureInstanceInfo is the b64-decoded InstanceInfo field of the attestation document.
 // as of now (2023-04-03), it only contains interesting data on Azure.
 type azureInstanceInfo struct {