From 347dd253763b21773d654ff28f55cd57894e3b44 Mon Sep 17 00:00:00 2001
From: Wenxing Hou <wenxing.hou@intel.com>
Date: Wed, 8 May 2024 14:37:18 +0800
Subject: [PATCH] Fix verify authority and integrity logic

Fix the issue: #2689

The verify authority and integrity should be in the
same logic.

Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
---
 .../libspdm_req_get_certificate.c                | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/library/spdm_requester_lib/libspdm_req_get_certificate.c b/library/spdm_requester_lib/libspdm_req_get_certificate.c
index e8e347a7b2b..ef432ca0f69 100644
--- a/library/spdm_requester_lib/libspdm_req_get_certificate.c
+++ b/library/spdm_requester_lib/libspdm_req_get_certificate.c
@@ -1,6 +1,6 @@
 /**
  *  Copyright Notice:
- *  Copyright 2021-2022 DMTF. All rights reserved.
+ *  Copyright 2021-2024 DMTF. All rights reserved.
  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
  **/
 
@@ -368,14 +368,14 @@ static libspdm_return_t libspdm_try_get_certificate(libspdm_context_t *spdm_cont
             status = LIBSPDM_STATUS_VERIF_FAIL;
             goto done;
         }
-    }
 
-    /*verify peer cert chain authority*/
-    result = libspdm_verify_peer_cert_chain_buffer_authority(
-        spdm_context, cert_chain,cert_chain_size_internal,
-        trust_anchor, trust_anchor_size);
-    if (!result) {
-        status = LIBSPDM_STATUS_VERIF_NO_AUTHORITY;
+        /*verify peer cert chain authority*/
+        result = libspdm_verify_peer_cert_chain_buffer_authority(
+            spdm_context, cert_chain,cert_chain_size_internal,
+            trust_anchor, trust_anchor_size);
+        if (!result) {
+            status = LIBSPDM_STATUS_VERIF_NO_AUTHORITY;
+        }
     }
 
     spdm_context->connection_info.peer_used_cert_chain_slot_id = slot_id;