summaryrefslogtreecommitdiff
path: root/SecurityPkg
diff options
context:
space:
mode:
authorJiewen Yao <jiewen.yao@intel.com>2016-12-22 12:36:39 +0800
committerJiewen Yao <jiewen.yao@intel.com>2016-12-23 10:01:36 +0800
commit492c05f599f550bc9926ffd18c045916cd0ce604 (patch)
tree2467623b28315321d13c9fdcf35c2d9ca5666595 /SecurityPkg
parentc9b78304b86f924230d570ae548ac6a511a2efae (diff)
downloadedk2-platforms-492c05f599f550bc9926ffd18c045916cd0ce604.tar.xz
SecurityPkg/FmpAuthLib: Add PublicKeyDataLength check
Add PublicKeyDataLength check to be multiple SHA256_DIGEST_SIZE to avoid caller make mistake, or platform mis-configuration. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Qin Long <qin.long@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Qin Long <qin.long@intel.com>
Diffstat (limited to 'SecurityPkg')
-rw-r--r--SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c
index d113d58103..4b2556cc90 100644
--- a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c
+++ b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c
@@ -306,6 +306,11 @@ AuthenticateFmpImage (
return RETURN_UNSUPPORTED;
}
+ if ((PublicKeyDataLength % SHA256_DIGEST_SIZE) != 0) {
+ DEBUG ((DEBUG_ERROR, "PublicKeyDataLength is not multiple SHA256 size\n"));
+ return RETURN_UNSUPPORTED;
+ }
+
if (ImageSize < sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
return RETURN_INVALID_PARAMETER;