mirror of https://github.com/acidanthera/audk.git
BaseTools: Update sign tool to make MonotonicCount *after* Payload
The WIN_CERTIFICATE_UEFI_GUID AuthInfo defined in the UEFI spec mentioned that It is a signature across the image data and the Monotonic Count value. After clarification, we do the signature calculation, we put MonotonicCount after Payload. Cc: Liming Gao <liming.gao@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Tested-by: Jiewen Yao <jiewen.yao@intel.com>
This commit is contained in:
parent
4dd8787a20
commit
245cda6641
|
@ -197,8 +197,8 @@ if __name__ == '__main__':
|
||||||
print 'ERROR: test other public cert file %s missing' % (args.OtherPublicCertFileName)
|
print 'ERROR: test other public cert file %s missing' % (args.OtherPublicCertFileName)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
format = "Q%ds" % len(args.InputFileBuffer)
|
format = "%dsQ" % len(args.InputFileBuffer)
|
||||||
FullInputFileBuffer = struct.pack(format,args.MonotonicCountValue, args.InputFileBuffer)
|
FullInputFileBuffer = struct.pack(format, args.InputFileBuffer, args.MonotonicCountValue)
|
||||||
|
|
||||||
#
|
#
|
||||||
# Sign the input file using the specified private key and capture signature from STDOUT
|
# Sign the input file using the specified private key and capture signature from STDOUT
|
||||||
|
@ -261,8 +261,8 @@ if __name__ == '__main__':
|
||||||
args.SignatureBuffer = args.InputFileBuffer[0:SignatureSize]
|
args.SignatureBuffer = args.InputFileBuffer[0:SignatureSize]
|
||||||
args.InputFileBuffer = args.InputFileBuffer[SignatureSize:]
|
args.InputFileBuffer = args.InputFileBuffer[SignatureSize:]
|
||||||
|
|
||||||
format = "Q%ds" % len(args.InputFileBuffer)
|
format = "%dsQ" % len(args.InputFileBuffer)
|
||||||
FullInputFileBuffer = struct.pack(format,args.MonotonicCountValue, args.InputFileBuffer)
|
FullInputFileBuffer = struct.pack(format, args.InputFileBuffer, args.MonotonicCountValue)
|
||||||
|
|
||||||
#
|
#
|
||||||
# Save output file contents from input file
|
# Save output file contents from input file
|
||||||
|
|
|
@ -169,8 +169,8 @@ if __name__ == '__main__':
|
||||||
if args.Encode:
|
if args.Encode:
|
||||||
FullInputFileBuffer = args.InputFileBuffer
|
FullInputFileBuffer = args.InputFileBuffer
|
||||||
if args.MonotonicCountStr:
|
if args.MonotonicCountStr:
|
||||||
format = "Q%ds" % len(args.InputFileBuffer)
|
format = "%dsQ" % len(args.InputFileBuffer)
|
||||||
FullInputFileBuffer = struct.pack(format,args.MonotonicCountValue, args.InputFileBuffer)
|
FullInputFileBuffer = struct.pack(format, args.InputFileBuffer, args.MonotonicCountValue)
|
||||||
#
|
#
|
||||||
# Sign the input file using the specified private key and capture signature from STDOUT
|
# Sign the input file using the specified private key and capture signature from STDOUT
|
||||||
#
|
#
|
||||||
|
@ -212,8 +212,8 @@ if __name__ == '__main__':
|
||||||
|
|
||||||
FullInputFileBuffer = args.InputFileBuffer
|
FullInputFileBuffer = args.InputFileBuffer
|
||||||
if args.MonotonicCountStr:
|
if args.MonotonicCountStr:
|
||||||
format = "Q%ds" % len(args.InputFileBuffer)
|
format = "%dsQ" % len(args.InputFileBuffer)
|
||||||
FullInputFileBuffer = struct.pack(format,args.MonotonicCountValue, args.InputFileBuffer)
|
FullInputFileBuffer = struct.pack(format, args.InputFileBuffer, args.MonotonicCountValue)
|
||||||
|
|
||||||
#
|
#
|
||||||
# Write Signature to output file
|
# Write Signature to output file
|
||||||
|
|
Loading…
Reference in New Issue