From 7fb790441814087dea5d6468c5c37c6e9971567f Mon Sep 17 00:00:00 2001
From: ghe0 <gheorghe@gheo.tech>
Date: Fri, 4 Apr 2025 17:29:19 +0000
Subject: [PATCH] fix bug on TCB change for installing VMs

---
 scripts/detee-cli_injector.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/detee-cli_injector.sh b/scripts/detee-cli_injector.sh
index ade77f8..87866a1 100755
--- a/scripts/detee-cli_injector.sh
+++ b/scripts/detee-cli_injector.sh
@@ -103,9 +103,9 @@ echo_blue "Verifying AMD signature in attestation report..."
 chip_id_hash=$( snpguest display report "$server_report" \
   | grep "Chip ID:" -A 4 | tail -3 | tr '\n' ' ' | sed 's/\s//g' \
   | md5sum | awk '{ print $1 }')
-microcode=$( snpguest display report "$server_report" |
-    grep "Launch TCB:" -A 6 | grep "Microcode:" | awk '{ print $2 }' )
-vcek_path="${cert_dir}/${chip_id_hash}-${microcode}.vcek.pem"
+tcb_hash=$(grep -e "Committed TCB" -e "Reported TCB" -A 10 "$server_report" |
+  md5sum | awk '{ print $1 }')
+vcek_path="${cert_dir}/${chip_id_hash}-${tcb_hash}.vcek.pem"
 amd_certs_dir="${cert_dir}/amd_certs_${server}"
 mkdir -p "$amd_certs_dir"