From 5a4fb25c30a75f50c7b197f97a80431f66ae137c Mon Sep 17 00:00:00 2001
From: Larry Dewey <larry.dewey@amd.com>
Date: Fri, 16 Feb 2024 15:37:35 -0600
Subject: [PATCH] 152: Fixing cert identifier bug

There was a bug where we were comparing the whole
byte stream instead of the first 27 bytes of data.

Signed-off-by: Larry Dewey <larry.dewey@amd.com>
---
 src/certs/snp/cert.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/certs/snp/cert.rs b/src/certs/snp/cert.rs
index c1a77237..a944036a 100644
--- a/src/certs/snp/cert.rs
+++ b/src/certs/snp/cert.rs
@@ -107,11 +107,11 @@ impl Certificate {
         Ok(self.0.public_key()?)
     }
 
-    /// Identifies the format of a certificate based upon the first twenty-eight
+    /// Identifies the format of a certificate based upon the first twenty-seven
     /// bytes of a byte stream. A non-PEM format assumes DER format.
     fn identify_format(bytes: &[u8]) -> CertFormat {
         const PEM_START: &[u8] = b"-----BEGIN CERTIFICATE-----";
-        match bytes {
+        match &bytes[0..27] {
             PEM_START => CertFormat::Pem,
             _ => CertFormat::Der,
         }