Fix verify authority and integrity logic

Fix the issue: #2689 The verify authority and integrity should be in the same logic. Signed-off-by: Wenxing Hou <[email protected]>
DMTF · May 10, 2024 · 347dd25 · 347dd25
1 parent 908994f
commit 347dd25
Showing 1 changed file with 8 additions and 8 deletions.
diff --git a/library/spdm_requester_lib/libspdm_req_get_certificate.c b/library/spdm_requester_lib/libspdm_req_get_certificate.c
@@ -1,6 +1,6 @@
 /**
  *  Copyright Notice:
- *  Copyright 2021-2022 DMTF. All rights reserved.
+ *  Copyright 2021-2024 DMTF. All rights reserved.
  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
  **/
 
@@ -368,14 +368,14 @@ static libspdm_return_t libspdm_try_get_certificate(libspdm_context_t *spdm_cont
             status = LIBSPDM_STATUS_VERIF_FAIL;
             goto done;
         }
-    }
 
-    /*verify peer cert chain authority*/
-    result = libspdm_verify_peer_cert_chain_buffer_authority(
-        spdm_context, cert_chain,cert_chain_size_internal,
-        trust_anchor, trust_anchor_size);
-    if (!result) {
-        status = LIBSPDM_STATUS_VERIF_NO_AUTHORITY;
+        /*verify peer cert chain authority*/
+        result = libspdm_verify_peer_cert_chain_buffer_authority(
+            spdm_context, cert_chain,cert_chain_size_internal,
+            trust_anchor, trust_anchor_size);
+        if (!result) {
+            status = LIBSPDM_STATUS_VERIF_NO_AUTHORITY;
+        }
     }
 
     spdm_context->connection_info.peer_used_cert_chain_slot_id = slot_id;