addPcr7data: use keysetname in path

Don't hardcode 'snakeoil' into filenames when creating a different keyset. Signed-off-by: Serge Hallyn <[email protected]>
project-machine · Aug 28, 2023 · 2eafacb · 2eafacb
1 parent ecb9127
commit 2eafacb
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/cmd/trust/utils.go b/cmd/trust/utils.go
@@ -540,15 +540,18 @@ func addPcr7data(keysetName string, pdata pcr7Data) error {
 	if err != nil {
 		return err
 	}
-	err = savePubkeytoFile(tpmpolAdminpubkey, filepath.Join(pcr7dataPubkeys, "tpmpass-snakeoil.pem"))
+	destpath := filepath.Join(pcr7dataPubkeys, fmt.Sprintf("tpmpass-%s.pem", keysetName))
+	err = savePubkeytoFile(tpmpolAdminpubkey, destpath)
 	if err != nil {
 		return err
 	}
 	tpmpolLukspubkey, err = extractPubkey(filepath.Join(keysetPath, "tpmpol-luks/cert.pem"))
 	if err != nil {
 		return err
 	}
-	err = savePubkeytoFile(tpmpolLukspubkey, filepath.Join(pcr7dataPubkeys, "luks-snakeoil.pem"))
+
+	destpath = filepath.Join(pcr7dataPubkeys, fmt.Sprintf("luks-%s.pem", keysetName))
+	err = savePubkeytoFile(tpmpolLukspubkey, destpath)
 	if err != nil {
 		return err
 	}