Skip to content

Commit

Permalink
SecurityPkg: get the valid CertChain and CertChainSize
Browse files Browse the repository at this point in the history 
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
  • Loading branch information
@Wenxing-hou @jyao1
Wenxing-hou authored and jyao1 committed Aug 30, 2023
1 parent f4fdf9c commit 6fa3d85
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmAuthentication.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -591,6 +591,14 @@ DoDeviceAuthentication (
}

DEBUG ((DEBUG_INFO, "SpdmGetCertificateEx - SpdmReturn %p, TrustAnchorSize 0x%x, RootCertMatch %d\n", SpdmReturn, TrustAnchorSize, RootCertMatch));

//get the valid CertChain
CertChainSize = sizeof (CertChain);
ZeroMem (CertChain, sizeof (CertChain));
SpdmReturn = SpdmGetCertificateEx (SpdmContext, NULL, *ValidSlotId, &CertChainSize, CertChain, (CONST VOID **)&TrustAnchor, &TrustAnchorSize);
if ((!LIBSPDM_STATUS_IS_SUCCESS (SpdmReturn)) && (!(SpdmReturn == LIBSPDM_STATUS_VERIF_NO_AUTHORITY))) {
return EFI_DEVICE_ERROR;
}
}

if ((CapabilityFlags & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP) == 0) {
Expand Down

0 comments on commit 6fa3d85

Please sign in to comment.