DeviceSecurityPkg: test exceed LIBSPDM_MAX_ROOT_CERT_SUPPORT.

Zhiqiang520 · Zhiqiang520 · commit 4edf114035e0 · 2022-11-22T10:33:02.000+08:00
1. there is only one SignatureList in database.
2. The total number of RootCert in database exceed the
 LIBSPDM_MAX_ROOT_CERT_SUPPORT.
3. Then fail to set multiple root certificates as
 trust anchors in SPDM context.
4. Finally fail to create a connection with the SPDM device.

Signed-off-by: Zhao, Zhiqiang &lt;zhiqiang.zhao@intel.com&gt;
diff --git a/DeviceSecurityPkg/Include/Test/TestConfig.h b/DeviceSecurityPkg/Include/Test/TestConfig.h
@@ -32,5 +32,6 @@
 #define TEST_CONFIG_MULTIPLE_CERT_IN_DB               21
 #define TEST_CONFIG_DIFF_CERT_IN_DIFF_SLOT            22
 #define TEST_CONFIG_NO_EFI_CERT_X509_GUID_IN_DB       23
+#define TEST_CONFIG_MAX_ROOT_CERT_SUPPORT_IN_DB       24
 
 #endif
diff --git a/DeviceSecurityPkg/Test/DeployCert/DeployCert.c b/DeviceSecurityPkg/Test/DeployCert/DeployCert.c
@@ -346,6 +346,7 @@ MainEntryPoint (
   ShaHashAllFunc      ShaHashAll;
   UINT8               *RootKey;
   UINTN               RootKeySize;
+  UINTN               CertCount;
 
   Status = ShellCommandLineParse (mParamList, &ParamPackage, NULL, TRUE);
   if (EFI_ERROR (Status)) {
@@ -524,6 +525,19 @@ MainEntryPoint (
         RootCert,
         RootCertSize
         );
+    } else if (TestConfig == TEST_CONFIG_MAX_ROOT_CERT_SUPPORT_IN_DB) {
+      // The total number of RootCert in database exceed the LIBSPDM_MAX_ROOT_CERT_SUPPORT.
+      CertCount = LIBSPDM_MAX_ROOT_CERT_SUPPORT + 1;
+      SignatureHeaderSize = 0;
+      DbSize   = sizeof (EFI_SIGNATURE_LIST) + SignatureHeaderSize + CertCount * sizeof(EFI_SIGNATURE_DATA);
+      DbList   = AllocateZeroPool (DbSize);
+      SignatureList = DbList;
+      SignatureListSize = DbSize;
+      ASSERT (SignatureList != NULL);
+      CopyGuid (&SignatureList->SignatureType, &gEfiCertX509Guid);
+      SignatureList->SignatureListSize   = (UINT32)SignatureListSize;
+      SignatureList->SignatureHeaderSize = (UINT32)SignatureHeaderSize;
+      SignatureList->SignatureSize       = (UINT32)(sizeof(EFI_SIGNATURE_DATA));
     } else {
       SignatureHeaderSize = 0;
       DbSize   = sizeof (EFI_SIGNATURE_LIST) + SignatureHeaderSize + sizeof (EFI_GUID) + RootCertSize;
