intel · arvind5 · Feb 7, 2025 · Feb 7, 2025 · Feb 7, 2025 · Feb 13, 2025
diff --git a/go-connector/attest.go b/go-connector/attest.go
@@ -1,5 +1,5 @@
 /*
- *   Copyright (c) 2022-2024 Intel Corporation
+ *   Copyright (c) 2022-2025 Intel Corporation
  *   All rights reserved.
  *   SPDX-License-Identifier: BSD-3-Clause
  */
@@ -24,12 +24,7 @@ func (connector *trustAuthorityConnector) Attest(args AttestArgs) (AttestRespons
 		return response, errors.Errorf("Failed to collect evidence from adapter: %s", err)
 	}
 
-	apiEndpoint := attestEndpoint
-	if evidence.Type == AzTdx {
-		apiEndpoint = attestAzureTdEndpoint
-	}
-
-	tokenResponse, err := connector.GetToken(GetTokenArgs{nonceResponse.Nonce, evidence, args.PolicyIds, args.RequestId, apiEndpoint, args.TokenSigningAlg, args.PolicyMustMatch})
+	tokenResponse, err := connector.GetToken(GetTokenArgs{nonceResponse.Nonce, evidence, args.PolicyIds, args.RequestId, args.TokenSigningAlg, args.PolicyMustMatch})
 	response.Token, response.Headers = tokenResponse.Token, tokenResponse.Headers
 	if err != nil {
 		return response, errors.Errorf("Failed to collect token from Trust Authority: %s", err)

diff --git a/go-connector/attest_evidence.go b/go-connector/attest_evidence.go
@@ -31,7 +31,7 @@ func (ctr *trustAuthorityConnector) AttestEvidence(evidence interface{}, cloudPr
 	if err != nil {
 		return response, errors.Wrap(err, "Failed to parse API URL")
 	}
-	url.Path = path.Join(url.Path, attestEndpoint)
+	url.Path = path.Join(url.Path, attestV2Endpoint)
 	url.Path = path.Join(url.Path, cloudProvider)
 
 	newRequest := func() (*http.Request, error) {

diff --git a/go-connector/attest_evidence_test.go b/go-connector/attest_evidence_test.go
@@ -15,7 +15,7 @@ func TestAttestEvidence(t *testing.T) {
 	connector, mux, _, teardown := setup()
 	defer teardown()
 
-	mux.HandleFunc(attestEndpoint, func(w http.ResponseWriter, r *http.Request) {
+	mux.HandleFunc(attestV2Endpoint, func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(http.StatusOK)
 		w.Write([]byte(`{"token":"` + token + `"}`))
 	})

diff --git a/go-connector/connector.go b/go-connector/connector.go
@@ -58,7 +58,6 @@ type GetTokenArgs struct {
 	Evidence        *Evidence
 	PolicyIds       []uuid.UUID
 	RequestId       string
-	attestEndpoint  string
 	TokenSigningAlg string
 	PolicyMustMatch bool
 }

diff --git a/go-connector/const.go b/go-connector/const.go
@@ -13,8 +13,9 @@ const (
 	HeaderTraceId     = "trace-id"
 
 	nonceEndpoint         = "/appraisal/v2/nonce"
-	attestEndpoint        = "/appraisal/v2/attest"
-	attestAzureTdEndpoint = "/appraisal/v2/attest/azure"
+	attestEndpoint        = "/appraisal/v1/attest"
+	attestAzureTdEndpoint = "/appraisal/v1/attest/azure/tdxvm"
+	attestV2Endpoint      = "/appraisal/v2/attest"
 
 	mimeApplicationJson        = "application/json"
 	AtsCertChainMaxLen         = 10

diff --git a/go-connector/token.go b/go-connector/token.go
@@ -1,5 +1,5 @@
 /*
- *   Copyright (c) 2022-2023 Intel Corporation
+ *   Copyright (c) 2022-2025 Intel Corporation
  *   All rights reserved.
  *   SPDX-License-Identifier: BSD-3-Clause
  */
@@ -44,7 +44,10 @@ type AttestationTokenResponse struct {
 
 // GetToken is used to get attestation token from Intel Trust Authority
 func (connector *trustAuthorityConnector) GetToken(args GetTokenArgs) (GetTokenResponse, error) {
-	url := connector.cfg.ApiUrl + args.attestEndpoint
+	url := connector.cfg.ApiUrl + attestEndpoint
+	if args.Evidence.Type == AzTdx {
+		url = connector.cfg.ApiUrl + attestAzureTdEndpoint
+	}
 
 	newRequest := func() (*http.Request, error) {
 		tr := tokenRequest{

diff --git a/go-connector/token_test.go b/go-connector/token_test.go
@@ -1,5 +1,5 @@
 /*
- *   Copyright (c) 2022-2023 Intel Corporation
+ *   Copyright (c) 2022-2025 Intel Corporation
  *   All rights reserved.
  *   SPDX-License-Identifier: BSD-3-Clause
  */
@@ -40,7 +40,7 @@ func TestGetToken(t *testing.T) {
 
 	nonce := &VerifierNonce{}
 	evidence := &Evidence{}
-	_, err := connector.GetToken(GetTokenArgs{nonce, evidence, nil, "req1", attestEndpoint, string(PS384), false})
+	_, err := connector.GetToken(GetTokenArgs{nonce, evidence, nil, "req1", string(PS384), false})
 	if err != nil {
 		t.Errorf("GetToken returned unexpected error: %v", err)
 	}
@@ -57,7 +57,7 @@ func TestGetToken_invalidToken(t *testing.T) {
 
 	nonce := &VerifierNonce{}
 	evidence := &Evidence{}
-	_, err := connector.GetToken(GetTokenArgs{nonce, evidence, nil, "req1", attestEndpoint, "", false})
+	_, err := connector.GetToken(GetTokenArgs{nonce, evidence, nil, "req1", "", false})
 	if err == nil {
 		t.Errorf("GetToken returned nil, expected error")
 	}

diff --git a/go-tdx/tdx_adapter.go b/go-tdx/tdx_adapter.go
@@ -1,5 +1,5 @@
 /*
- *   Copyright (c) 2022-2024 Intel Corporation
+ *   Copyright (c) 2022-2025 Intel Corporation
  *   All rights reserved.
  *   SPDX-License-Identifier: BSD-3-Clause
  */
@@ -27,6 +27,15 @@ type compositeTdxEvidence struct {
 	VerifierNonce *connector.VerifierNonce `json:"verifier_nonce,omitempty"`
 }
 
+// NewTdxAdapter returns a new TDX Adapter instance
+func NewTdxAdapter(udata []byte, withCcel bool) (connector.EvidenceAdapter, error) {
+	return &tdxAdapter{
+		uData:            udata,
+		withCcel:         withCcel,
+		cfsQuoteProvider: &cfsQuoteProviderImpl{},
+	}, nil
+}
+
 // CollectEvidence is used to get TDX quote using TDX Quote Generation service
 func (adapter *tdxAdapter) CollectEvidence(nonce []byte) (*connector.Evidence, error) {