diff options
| author | sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524> | 2011-12-09 07:22:59 +0000 |
|---|---|---|
| committer | sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524> | 2011-12-09 07:22:59 +0000 |
| commit | 855609196d82ad854205d012eccd2f0b9e4f6e32 (patch) | |
| tree | 5823d6b72f03113d152183aecbb71349816b2b2b | |
| parent | da38df1d09d62f000c083871d6e25928ae949797 (diff) | |
| download | edk2-platforms-855609196d82ad854205d012eccd2f0b9e4f6e32.tar.xz | |
1. Fix a bug when verify the CertType GUID in authentication variable data payload.
Signed-off-by: sfu5
Reviewed-by: tye1
Reviewed-by: gdong1
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12831 6f19259b-4bc3-4df7-8a09-765794883524
4 files changed, 6 insertions, 6 deletions
diff --git a/MdePkg/Include/Uefi/UefiMultiPhase.h b/MdePkg/Include/Uefi/UefiMultiPhase.h index 510c841c47..e0142710ef 100644 --- a/MdePkg/Include/Uefi/UefiMultiPhase.h +++ b/MdePkg/Include/Uefi/UefiMultiPhase.h @@ -139,7 +139,7 @@ typedef struct { ///
/// AuthInfo is a WIN_CERTIFICATE using the wCertificateType
/// WIN_CERTIFICATE_UEFI_GUID and the CertType
-/// EFI_CERT_TYPE_RSA2048_SHA256. If the attribute specifies
+/// EFI_CERT_TYPE_RSA2048_SHA256_GUID. If the attribute specifies
/// authenticated access, then the Data buffer should begin with an
/// authentication descriptor prior to the data payload and DataSize
/// should reflect the the data.and descriptor size. The caller
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c index ea5e973a31..982c1a3a68 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c @@ -416,7 +416,7 @@ AddPubKeyInStore ( }
/**
- Verify data payload with AuthInfo in EFI_CERT_TYPE_RSA2048_SHA256 type.
+ Verify data payload with AuthInfo in EFI_CERT_TYPE_RSA2048_SHA256_GUID type.
Follow the steps in UEFI2.2.
@param[in] Data Pointer to data with AuthInfo.
@@ -454,10 +454,10 @@ VerifyCounterBasedPayload ( //
// wCertificateType should be WIN_CERT_TYPE_EFI_GUID.
- // Cert type should be EFI_CERT_TYPE_RSA2048_SHA256.
+ // Cert type should be EFI_CERT_TYPE_RSA2048_SHA256_GUID.
//
if ((CertData->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) ||
- !CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertRsa2048Sha256Guid)
+ !CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertTypeRsa2048Sha256Guid)
) {
//
// Invalid AuthInfo type, return EFI_SECURITY_VIOLATION.
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf index 5e741d204a..7fcb640de0 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf @@ -67,7 +67,7 @@ gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid
gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid
gEfiEventVirtualAddressChangeGuid ## PRODUCES ## Event
- gEfiCertRsa2048Sha256Guid
+ gEfiCertTypeRsa2048Sha256Guid
gEfiImageSecurityDatabaseGuid
gEfiCertX509Guid
gEfiCertPkcs7Guid
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf index c43cf2d619..628c9829fd 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf @@ -72,7 +72,7 @@ gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid
gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid
gSmmVariableWriteGuid ## PRODUCES ## SMM Variable Write Guid
- gEfiCertRsa2048Sha256Guid
+ gEfiCertTypeRsa2048Sha256Guid
gEfiImageSecurityDatabaseGuid
gEfiCertX509Guid
gEfiCertPkcs7Guid
|