From 855609196d82ad854205d012eccd2f0b9e4f6e32 Mon Sep 17 00:00:00 2001 From: sfu5 Date: Fri, 9 Dec 2011 07:22:59 +0000 Subject: 1. Fix a bug when verify the CertType GUID in authentication variable data payload. Signed-off-by: sfu5 Reviewed-by: tye1 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12831 6f19259b-4bc3-4df7-8a09-765794883524 --- SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c | 6 +++--- SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf | 2 +- SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) (limited to 'SecurityPkg/VariableAuthenticated/RuntimeDxe') diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c index ea5e973a31..982c1a3a68 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c @@ -416,7 +416,7 @@ AddPubKeyInStore ( } /** - Verify data payload with AuthInfo in EFI_CERT_TYPE_RSA2048_SHA256 type. + Verify data payload with AuthInfo in EFI_CERT_TYPE_RSA2048_SHA256_GUID type. Follow the steps in UEFI2.2. @param[in] Data Pointer to data with AuthInfo. @@ -454,10 +454,10 @@ VerifyCounterBasedPayload ( // // wCertificateType should be WIN_CERT_TYPE_EFI_GUID. - // Cert type should be EFI_CERT_TYPE_RSA2048_SHA256. + // Cert type should be EFI_CERT_TYPE_RSA2048_SHA256_GUID. // if ((CertData->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) || - !CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertRsa2048Sha256Guid) + !CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertTypeRsa2048Sha256Guid) ) { // // Invalid AuthInfo type, return EFI_SECURITY_VIOLATION. diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf index 5e741d204a..7fcb640de0 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf @@ -67,7 +67,7 @@ gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid gEfiEventVirtualAddressChangeGuid ## PRODUCES ## Event - gEfiCertRsa2048Sha256Guid + gEfiCertTypeRsa2048Sha256Guid gEfiImageSecurityDatabaseGuid gEfiCertX509Guid gEfiCertPkcs7Guid diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf index c43cf2d619..628c9829fd 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf @@ -72,7 +72,7 @@ gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid gSmmVariableWriteGuid ## PRODUCES ## SMM Variable Write Guid - gEfiCertRsa2048Sha256Guid + gEfiCertTypeRsa2048Sha256Guid gEfiImageSecurityDatabaseGuid gEfiCertX509Guid gEfiCertPkcs7Guid -- cgit v1.2.3