1. Add more error handling code to DxeImageVerificationLib and BaseCryptLib.

Signed-off-by: sfu5
Reviewed-by: qianouyang
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13109 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
sfu5 2012-03-19 05:10:46 +00:00
parent 5c0687ccc2
commit bd0de3963b
2 changed files with 11 additions and 2 deletions

View File

@ -1,7 +1,7 @@
/** @file /** @file
Implement image verification services for secure boot service in UEFI2.3.1. Implement image verification services for secure boot service in UEFI2.3.1.
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR> Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -486,7 +486,15 @@ HashPeImageByType (
// .... } // .... }
// The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
// This field has the fixed offset (+32) in final Authenticode ASN.1 data. // This field has the fixed offset (+32) in final Authenticode ASN.1 data.
// Fixed offset (+32) is calculated based on two bytes of length encoding.
// //
if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
//
// Only support two bytes of Long Form of Length Encoding.
//
continue;
}
if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) { if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {
break; break;
} }

View File

@ -2,7 +2,7 @@
The internal header file includes the common header files, defines The internal header file includes the common header files, defines
internal structure and functions used by ImageVerificationLib. internal structure and functions used by ImageVerificationLib.
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR> Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -40,6 +40,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256 #define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256
#define EFI_CERT_TYPE_RSA2048_SIZE 256 #define EFI_CERT_TYPE_RSA2048_SIZE 256
#define MAX_NOTIFY_STRING_LEN 64 #define MAX_NOTIFY_STRING_LEN 64
#define TWO_BYTE_ENCODE 0x82
// //
// Image type definitions // Image type definitions