1. Fix a bug when verify the CertType GUID in authentication variable data payload.

Signed-off-by: sfu5
Reviewed-by: tye1
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12831 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
sfu5 2011-12-09 07:22:59 +00:00
parent da38df1d09
commit 855609196d
4 changed files with 6 additions and 6 deletions

View File

@ -139,7 +139,7 @@ typedef struct {
/// ///
/// AuthInfo is a WIN_CERTIFICATE using the wCertificateType /// AuthInfo is a WIN_CERTIFICATE using the wCertificateType
/// WIN_CERTIFICATE_UEFI_GUID and the CertType /// WIN_CERTIFICATE_UEFI_GUID and the CertType
/// EFI_CERT_TYPE_RSA2048_SHA256. If the attribute specifies /// EFI_CERT_TYPE_RSA2048_SHA256_GUID. If the attribute specifies
/// authenticated access, then the Data buffer should begin with an /// authenticated access, then the Data buffer should begin with an
/// authentication descriptor prior to the data payload and DataSize /// authentication descriptor prior to the data payload and DataSize
/// should reflect the the data.and descriptor size. The caller /// should reflect the the data.and descriptor size. The caller

View File

@ -416,7 +416,7 @@ AddPubKeyInStore (
} }
/** /**
Verify data payload with AuthInfo in EFI_CERT_TYPE_RSA2048_SHA256 type. Verify data payload with AuthInfo in EFI_CERT_TYPE_RSA2048_SHA256_GUID type.
Follow the steps in UEFI2.2. Follow the steps in UEFI2.2.
@param[in] Data Pointer to data with AuthInfo. @param[in] Data Pointer to data with AuthInfo.
@ -454,10 +454,10 @@ VerifyCounterBasedPayload (
// //
// wCertificateType should be WIN_CERT_TYPE_EFI_GUID. // wCertificateType should be WIN_CERT_TYPE_EFI_GUID.
// Cert type should be EFI_CERT_TYPE_RSA2048_SHA256. // Cert type should be EFI_CERT_TYPE_RSA2048_SHA256_GUID.
// //
if ((CertData->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) || if ((CertData->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) ||
!CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertRsa2048Sha256Guid) !CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertTypeRsa2048Sha256Guid)
) { ) {
// //
// Invalid AuthInfo type, return EFI_SECURITY_VIOLATION. // Invalid AuthInfo type, return EFI_SECURITY_VIOLATION.

View File

@ -67,7 +67,7 @@
gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid
gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid
gEfiEventVirtualAddressChangeGuid ## PRODUCES ## Event gEfiEventVirtualAddressChangeGuid ## PRODUCES ## Event
gEfiCertRsa2048Sha256Guid gEfiCertTypeRsa2048Sha256Guid
gEfiImageSecurityDatabaseGuid gEfiImageSecurityDatabaseGuid
gEfiCertX509Guid gEfiCertX509Guid
gEfiCertPkcs7Guid gEfiCertPkcs7Guid

View File

@ -72,7 +72,7 @@
gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid
gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid
gSmmVariableWriteGuid ## PRODUCES ## SMM Variable Write Guid gSmmVariableWriteGuid ## PRODUCES ## SMM Variable Write Guid
gEfiCertRsa2048Sha256Guid gEfiCertTypeRsa2048Sha256Guid
gEfiImageSecurityDatabaseGuid gEfiImageSecurityDatabaseGuid
gEfiCertX509Guid gEfiCertX509Guid
gEfiCertPkcs7Guid gEfiCertPkcs7Guid