In the BootIntegrityValidator.validate function if the show platform integrity command includes a signature then the contents of the command output is check prior to the signature validation. Validation could/should be done prior to validating the contents of the output. Its not a security issue since the check is still performed but it is a normal security best practice to validate a signature first.
In the
BootIntegrityValidator.validate
function if theshow platform integrity
command includes a signature then the contents of the command output is check prior to the signature validation. Validation could/should be done prior to validating the contents of the output. Its not a security issue since the check is still performed but it is a normal security best practice to validate a signature first.