diff --git a/DeviceSecurityPkg/Include/Test/TestConfig.h b/DeviceSecurityPkg/Include/Test/TestConfig.h index f9002a7f9bf..4d90844cb45 100644 --- a/DeviceSecurityPkg/Include/Test/TestConfig.h +++ b/DeviceSecurityPkg/Include/Test/TestConfig.h @@ -32,5 +32,6 @@ #define TEST_CONFIG_MULTIPLE_CERT_IN_DB 21 #define TEST_CONFIG_DIFF_CERT_IN_DIFF_SLOT 22 #define TEST_CONFIG_NO_EFI_CERT_X509_GUID_IN_DB 23 +#define TEST_CONFIG_MAX_ROOT_CERT_SUPPORT_IN_DB 24 #endif diff --git a/DeviceSecurityPkg/Test/DeployCert/DeployCert.c b/DeviceSecurityPkg/Test/DeployCert/DeployCert.c index ee6934402a1..7fa0cd664fe 100644 --- a/DeviceSecurityPkg/Test/DeployCert/DeployCert.c +++ b/DeviceSecurityPkg/Test/DeployCert/DeployCert.c @@ -346,6 +346,7 @@ MainEntryPoint ( ShaHashAllFunc ShaHashAll; UINT8 *RootKey; UINTN RootKeySize; + UINTN CertCount; Status = ShellCommandLineParse (mParamList, &ParamPackage, NULL, TRUE); if (EFI_ERROR (Status)) { @@ -524,6 +525,19 @@ MainEntryPoint ( RootCert, RootCertSize ); + } else if (TestConfig == TEST_CONFIG_MAX_ROOT_CERT_SUPPORT_IN_DB) { + // The total number of RootCert in database exceed the LIBSPDM_MAX_ROOT_CERT_SUPPORT. + CertCount = LIBSPDM_MAX_ROOT_CERT_SUPPORT + 1; + SignatureHeaderSize = 0; + DbSize = sizeof (EFI_SIGNATURE_LIST) + SignatureHeaderSize + CertCount * sizeof(EFI_SIGNATURE_DATA); + DbList = AllocateZeroPool (DbSize); + SignatureList = DbList; + SignatureListSize = DbSize; + ASSERT (SignatureList != NULL); + CopyGuid (&SignatureList->SignatureType, &gEfiCertX509Guid); + SignatureList->SignatureListSize = (UINT32)SignatureListSize; + SignatureList->SignatureHeaderSize = (UINT32)SignatureHeaderSize; + SignatureList->SignatureSize = (UINT32)(sizeof(EFI_SIGNATURE_DATA)); } else { SignatureHeaderSize = 0; DbSize = sizeof (EFI_SIGNATURE_LIST) + SignatureHeaderSize + sizeof (EFI_GUID) + RootCertSize;