Improve retrieval of TcgAtTpm values

author: Matthew Miller <matthew@millerti.me> 2020-09-08 23:21:29 -0700
committer: Matthew Miller <matthew@millerti.me> 2020-09-08 23:21:29 -0700
commit: 805d33e63eb9f85ea43616407d932ec4c09217a9 (patch)
tree: 94575b5fd5d9300227155dc5aa9a04150439fb14 /packages/server/src
parent: 924b93acbe45e85cd8dc91a38b3e6ca31a57bc3a (diff)
1 files changed, 22 insertions, 11 deletions
diff --git a/packages/server/src/attestation/verifications/tpm/verifyTPM.ts b/packages/server/src/attestation/verifications/tpm/verifyTPM.ts
index c731af0..cc6eba5 100644
--- a/packages/server/src/attestation/verifications/tpm/verifyTPM.ts
+++ b/packages/server/src/attestation/verifications/tpm/verifyTPM.ts
@@ -5,7 +5,7 @@ import {
   SubjectAlternativeName,
   id_ce_extKeyUsage,
   ExtendedKeyUsage,
-  RelativeDistinguishedName,
+  Name,
 } from '@peculiar/asn1-x509';
 
 import type { AttestationStatement } from '../../../helpers/decodeAttestationObject';
@@ -238,7 +238,7 @@ export default async function verifyTPM(options: Options): Promise<boolean> {
   }
 
   const { tcgAtTpmManufacturer, tcgAtTpmModel, tcgAtTpmVersion } = getTcgAtTpmValues(
-    subjectAltNamePresent[0].directoryName[0],
+    subjectAltNamePresent[0].directoryName,
   );
 
   if (!tcgAtTpmManufacturer || !tcgAtTpmModel || !tcgAtTpmVersion) {
@@ -282,7 +282,7 @@ export default async function verifyTPM(options: Options): Promise<boolean> {
  * Contain logic for pulling TPM-specific values out of subjectAlternativeName extension
  */
 function getTcgAtTpmValues(
-  root: RelativeDistinguishedName,
+  root: Name,
 ): {
   tcgAtTpmManufacturer?: string;
   tcgAtTpmModel?: string;
@@ -296,14 +296,25 @@ function getTcgAtTpmValues(
   let tcgAtTpmModel: string | undefined;
   let tcgAtTpmVersion: string | undefined;
 
-  root.forEach(attr => {
-    if (attr.type === oidManufacturer) {
-      tcgAtTpmManufacturer = attr.value.toString();
-    } else if (attr.type === oidModel) {
-      tcgAtTpmModel = attr.value.toString();
-    } else if (attr.type === oidVersion) {
-      tcgAtTpmVersion = attr.value.toString();
-    }
+  /**
+   * Iterate through the following structure:
+   *
+   * Name [
+   *   RelativeDistinguishedName [
+   *     AttributeTypeAndValue { type, value }
+   *   ]
+   * ]
+   */
+  root.forEach(relName => {
+    relName.forEach(attr => {
+      if (attr.type === oidManufacturer) {
+        tcgAtTpmManufacturer = attr.value.toString();
+      } else if (attr.type === oidModel) {
+        tcgAtTpmModel = attr.value.toString();
+      } else if (attr.type === oidVersion) {
+        tcgAtTpmVersion = attr.value.toString();
+      }
+    });
   });
 
   return {
author	Matthew Miller <matthew@millerti.me>	2020-09-08 23:21:29 -0700
committer	Matthew Miller <matthew@millerti.me>	2020-09-08 23:21:29 -0700
commit	805d33e63eb9f85ea43616407d932ec4c09217a9 (patch)
tree	94575b5fd5d9300227155dc5aa9a04150439fb14 /packages/server/src
parent	924b93acbe45e85cd8dc91a38b3e6ca31a57bc3a (diff)