mirror of https://github.com/acidanthera/audk.git
SecurityPkg/FmpAuthLib: Add PublicKeyDataLength check
Add PublicKeyDataLength check to be multiple SHA256_DIGEST_SIZE to avoid caller make mistake, or platform mis-configuration. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Qin Long <qin.long@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Qin Long <qin.long@intel.com>
This commit is contained in:
parent
c9b78304b8
commit
492c05f599
|
@ -306,6 +306,11 @@ AuthenticateFmpImage (
|
||||||
return RETURN_UNSUPPORTED;
|
return RETURN_UNSUPPORTED;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ((PublicKeyDataLength % SHA256_DIGEST_SIZE) != 0) {
|
||||||
|
DEBUG ((DEBUG_ERROR, "PublicKeyDataLength is not multiple SHA256 size\n"));
|
||||||
|
return RETURN_UNSUPPORTED;
|
||||||
|
}
|
||||||
|
|
||||||
if (ImageSize < sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
|
if (ImageSize < sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
|
||||||
DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
|
DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
|
||||||
return RETURN_INVALID_PARAMETER;
|
return RETURN_INVALID_PARAMETER;
|
||||||
|
|
Loading…
Reference in New Issue