in src/local_gpu_verifier/src/verifier/cc_admin_utils.py [0:0]
def verify_gpu_certificate_chain(cert_chain, settings, attestation_report_fwid):
""" A static function to perform the GPU device certificate chain verification.
Args:
cert_chain (list): A list containing the certificate objects of the device certificate chain.
settings (config.HopperSettings): the object containing the various config info.
attestation_report_fwid (str): the hexadecimal string of the FWID in the attestation report.
Returns:
[bool]: True if the verification is successful, otherwise False.
"""
# Skipping the comparision of FWID in the attestation certificate if the Attestation report does not contains the FWID.
if attestation_report_fwid != '':
if attestation_report_fwid != CcAdminUtils.extract_fwid(cert_chain[0]):
info_log.error("\t\tThe firmware ID in the device certificate chain is not matching with the one in the attestation report.")
event_log.info(f"\t\tThe FWID read from the attestation report is : {attestation_report_fwid}")
return False
info_log.info("\t\tThe firmware ID in the device certificate chain is matching with the one in the attestation report.")
return CcAdminUtils.verify_certificate_chain(cert_chain, settings, BaseSettings.Certificate_Chain_Verification_Mode.GPU_ATTESTATION)