Pop up error message when user tries to enroll an invalid certificate file into KEK/DB/DBX.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14373 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
sfu5 2013-05-17 07:03:49 +00:00
parent ff8438477f
commit ee79ac8d0e
1 changed files with 33 additions and 6 deletions

View File

@ -2632,14 +2632,41 @@ SecureBootCallback (
case KEY_VALUE_SAVE_AND_EXIT_KEK: case KEY_VALUE_SAVE_AND_EXIT_KEK:
Status = EnrollKeyExchangeKey (Private); Status = EnrollKeyExchangeKey (Private);
if (EFI_ERROR (Status)) {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
L"ERROR: Unsupported file type!",
L"Only supports DER-encoded X509 certificate",
NULL
);
}
break; break;
case KEY_VALUE_SAVE_AND_EXIT_DB: case KEY_VALUE_SAVE_AND_EXIT_DB:
Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE); Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE);
if (EFI_ERROR (Status)) {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
L"ERROR: Unsupported file type!",
L"Only supports DER-encoded X509 certificate and executable EFI image",
NULL
);
}
break; break;
case KEY_VALUE_SAVE_AND_EXIT_DBX: case KEY_VALUE_SAVE_AND_EXIT_DBX:
Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE1); Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE1);
if (EFI_ERROR (Status)) {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
L"ERROR: Unsupported file type!",
L"Only supports DER-encoded X509 certificate and executable EFI image",
NULL
);
}
break; break;
default: default:
@ -2680,13 +2707,13 @@ SecureBootCallback (
break; break;
case KEY_VALUE_SAVE_AND_EXIT_PK: case KEY_VALUE_SAVE_AND_EXIT_PK:
Status = EnrollPlatformKey (Private); Status = EnrollPlatformKey (Private);
if (EFI_ERROR (Status)) {
UnicodeSPrint ( UnicodeSPrint (
PromptString, PromptString,
sizeof (PromptString), sizeof (PromptString),
L"Only DER encoded certificate file (%s) is supported.", L"Only DER encoded certificate file (%s) is supported.",
mSupportX509Suffix mSupportX509Suffix
); );
if (EFI_ERROR (Status)) {
CreatePopUp ( CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key, &Key,