Closed rw8896 closed 1 month ago
If possible the comparison should be exact.
If possible the comparison should be exact.
- Calculate the size of the entire certificate chain via x509 parsing.
- If the size in step 1 is not equal to the size reported by the SPDM message then validation fails, else it passes.
I think this commit already did exact checking:
Hence the total cert size can't exceed or be less than the whole cert chain length and must be exact the same as the cert chain length.
Resolve #2701