summaryrefslogtreecommitdiff
path: root/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe
diff options
context:
space:
mode:
Diffstat (limited to 'SecurityPkg/VariableAuthenticated/SecureBootConfigDxe')
-rw-r--r--SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
index 517d9d9904..5b8ae7e8d8 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
@@ -1073,6 +1073,8 @@ CalculateCertHash (
BOOLEAN Status;
VOID *HashCtx;
UINTN CtxSize;
+ UINT8 *TBSCert;
+ UINTN TBSCertSize;
HashCtx = NULL;
Status = FALSE;
@@ -1082,6 +1084,13 @@ CalculateCertHash (
}
//
+ // Retrieve the TBSCertificate for Hash Calculation.
+ //
+ if (!X509GetTBSCert (CertData, CertSize, &TBSCert, &TBSCertSize)) {
+ return FALSE;
+ }
+
+ //
// 1. Initialize context of hash.
//
CtxSize = mHash[HashAlg].GetContextSize ();
@@ -1099,7 +1108,7 @@ CalculateCertHash (
//
// 3. Calculate the hash.
//
- Status = mHash[HashAlg].HashUpdate (HashCtx, CertData, CertSize);
+ Status = mHash[HashAlg].HashUpdate (HashCtx, TBSCert, TBSCertSize);
if (!Status) {
goto Done;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 05:30:29 +0000